diff options
| author |   Robin H. Johnson <robbat2@gentoo.org> | 2015-08-08 13:49:04 -0700 |
|---|---|---|
| committer | Robin H. Johnson <robbat2@gentoo.org> | 2015-08-08 17:38:18 -0700 |
| commit | 56bd759df1d0c750a065b8c845e93d5dfa6b549d (patch) | |
| tree | 3f91093cdb475e565ae857f1c5a7fd339e2d781e /net-analyzer/sancp | |
| download | gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.gz gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.bz2 gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.zip | |
proj/gentoo: Initial commit
This commit represents a new era for Gentoo:
Storing the gentoo-x86 tree in Git, as converted from CVS.
This commit is the start of the NEW history.
Any historical data is intended to be grafted onto this point.
Creation process:
1. Take final CVS checkout snapshot
2. Remove ALL ChangeLog* files
3. Transform all Manifests to thin
4. Remove empty Manifests
5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$
5.1. Do not touch files with -kb/-ko keyword flags.
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests
X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project
X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration
X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn
X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts
X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration
X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging
X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed
Diffstat (limited to 'net-analyzer/sancp')
| -rw-r--r-- | net-analyzer/sancp/Manifest | 5 | ||||
| -rw-r--r-- | net-analyzer/sancp/files/sancp-1.6.1-compiler.patch | 45 | ||||
| -rw-r--r-- | net-analyzer/sancp/files/sancp.confd | 15 | ||||
| -rw-r--r-- | net-analyzer/sancp/files/sancp.rc1 | 43 | ||||
| -rw-r--r-- | net-analyzer/sancp/files/sguil_sancp.conf | 69 | ||||
| -rw-r--r-- | net-analyzer/sancp/metadata.xml | 6 | ||||
| -rw-r--r-- | net-analyzer/sancp/sancp-1.6.1-r4.ebuild | 69 |
7 files changed, 252 insertions, 0 deletions
diff --git a/net-analyzer/sancp/Manifest b/net-analyzer/sancp/Manifest new file mode 100644 index 000000000000..bf4a4e7d4621 --- /dev/null +++ b/net-analyzer/sancp/Manifest @@ -0,0 +1,5 @@ +DIST sancp-1.6.1.fix200511.a.patch 662 SHA256 f80ea77873f03de40399c2c9247590829f02421d68758425cd139c48151eb13c SHA512 87662d9ea863a3a2468b7b64c81a191d34c81348eab9374245a73d3ed63cf2f25df54561f092f3713d516d9cc4eb553d4d7286fd920676a301e61669a023142e WHIRLPOOL b5881305d4dc85410fe00c23f5a923e4a41aaf570e0085035a6e9208ab55eb2cd3d99df0dff8a475c772ee332ea5ba1b3600d441f6914f4ceccb82d4b6f0def8 +DIST sancp-1.6.1.fix200511.b.patch 870 SHA256 0bbcf2797d689f9eaa46933262edc3badd644636fb8821832264bab454a870c0 SHA512 a54bbec1ce3799f83c006f7375297bafee85b12a90361f1f5dbbf46c936193c7e0f1196483a2bdf560019e93ceffe9129b3c01322eedc397e5dfa3a1a6b76b81 WHIRLPOOL d312e54489cfa9c073c6c499e56d1e24daa65d7d09558b291bc1de3b12249ca285c0ccb8c39eff03afe268f9f28db5427633f93df81c6c50f0f782cd7e04a352 +DIST sancp-1.6.1.fix200601.c.patch 3578 SHA256 38fe2e2db7419fb79c57b1e0505dbfda9958f56ab85259a84485111eb644880f SHA512 3d15028d33e7dbddc74d8c6eefac6d66e357f024dca15afdfb8156b0cf969ab093c26baa43ebf7c1ac88f4275ef4bdc91c1cc69c5aa7b439a042ed966edea30f WHIRLPOOL 20333f0f26a26ade0afc5f5fc332274e6522c2f4d36f0ea6579220349f3104c7eb3153b68ce79378e1fcd16c8c35ac927dfa29f619ac7fb7599a5400b8891747 +DIST sancp-1.6.1.fix200606.d.patch 6847 SHA256 1c62a44d75f3cd8b07445b02d9535f3eede3a60329bda111dd855c674e2745a9 SHA512 474a69052a2b9642fdc59e28c0237852d49b7b05445f0ffbbd2ea3f01b70a44e10ee49fba6294b413a53afe50271aaf88f979f8c479fb4b464b3ba5a70534276 WHIRLPOOL 9593161b57e153b3f25de9d958e57364a5fcdfa99bbdea183be3c25033a818de4724df2b5271d51fc64c78d17683c227afb691e871cd4804881e54921ab76107 +DIST sancp-1.6.1.tar.gz 69986 SHA256 58e487a4bd83716e90ff19d0d7fab352e28bbe143be60f4ee61c34d5fa6380a3 SHA512 41c6b35a2e7295d3b8185b9cc556c56b285cae7542c7ace78e663e54cef8d470bfa2ee083d9837fa34cf5ad1e7c325fb838b00e4f776f5662cade7d61e07145c WHIRLPOOL 8c0058ec1878e23cf3787fef318bfdc22bc301f9a898cccb7533954a7a587dab89147ca841f708d1bf27e986842ea5856c451678d76e4b0f1ee5ee507c726621 diff --git a/net-analyzer/sancp/files/sancp-1.6.1-compiler.patch b/net-analyzer/sancp/files/sancp-1.6.1-compiler.patch new file mode 100644 index 000000000000..d7816cbdd5de --- /dev/null +++ b/net-analyzer/sancp/files/sancp-1.6.1-compiler.patch @@ -0,0 +1,45 @@ +--- a/Makefile 2004-01-19 23:04:56.000000000 +0100 ++++ b/Makefile 2010-09-15 02:02:26.000000000 +0200 +@@ -1,26 +1,26 @@ + + # !!! Uncomment this CFLAGS for a small binary !!! +-CFLAGS = -O3 -s -I/usr/include/pcap -L/usr/lib/libpcap.so.0.6.2 ++CFLAGS += -I/usr/include/pcap -L/usr/lib/libpcap.so.0.6.2 + + # !!! or uncomment this CFLAGS for a large binary with symbols; use for debugging !!! + #CFLAGS = -O0 -g -I/usr/include/pcap -L/usr/lib/libpcap.so.0.6.2 + + final : sancp.cc Makefile +- if [ ! -f build_acl.o -o build_acl.cc -nt build_acl.o ]; then g++ -Wall $(CFLAGS) -c build_acl.cc -o build_acl.o; fi +- if [ ! -f misc_functs.o -o misc_functs.cc -nt misc_functs.o ]; then g++ -Wall $(CFLAGS) -c misc_functs.cc -o misc_functs.o; fi +- if [ ! -f outputFileHandle.o -o outputFileHandle.cc -nt outputFileHandle.o ]; then g++ -Wall $(CFLAGS) -c outputFileHandle.cc -o outputFileHandle.o; fi +- if [ ! -f apply_rule.o -o apply_rule.cc -nt apply_rule.o ]; then g++ -Wall $(CFLAGS) -c apply_rule.cc -o apply_rule.o; fi +- if [ ! -f decode.o -o decode.cc -nt decode.o ]; then g++ -Wall $(CFLAGS) -c decode.cc -o decode.o; fi +- if [ ! -f fileHandle.o -o fileHandle.cc -nt fileHandle.o ]; then g++ -Wall $(CFLAGS) -c fileHandle.cc -o fileHandle.o; fi +- if [ ! -f MemoryPool.o -o MemoryPool.cc -nt MemoryPool.o ]; then g++ -Wall $(CFLAGS) -c MemoryPool.cc -o MemoryPool.o; fi +- if [ ! -f pcapFileHandle.o -o pcapFileHandle.cc -nt pcapFileHandle.o ]; then g++ -Wall $(CFLAGS) -c pcapFileHandle.cc -o pcapFileHandle.o; fi +- if [ ! -f sancp.o -o sancp.cc -nt sancp.o ]; then g++ -Wall $(CFLAGS) -c sancp.cc -o sancp.o; fi +- if [ ! -f pcap_functions.o -o pcap_functions.c -nt pcap_functions.o ]; then gcc -Wall $(CFLAGS) -c pcap_functions.c -o pcap_functions.o; fi +- if [ ! -f help.o -o help.cc -nt help.o ]; then g++ -Wall $(CFLAGS) -c help.cc -o help.o ; fi +- if [ ! -f permissions.o -o permissions.cc -nt permissions.o ]; then g++ -Wall $(CFLAGS) -c permissions.cc -o permissions.o ; fi +- if [ ! -f check_packet.o -o check_packet.cc -nt check_packet.o ]; then g++ -Wall $(CFLAGS) -c check_packet.cc -o check_packet.o; fi +- if [ ! -f statefull_logging.o -o statefull_logging.cc -nt statefull_logging.o ]; then g++ -Wall $(CFLAGS) -c statefull_logging.cc -o statefull_logging.o ; fi +- g++ -Wall $(CFLAGS) -o sancp sancp.o misc_functs.o check_packet.o statefull_logging.o build_acl.o apply_rule.o decode.o pcap_functions.o pcapFileHandle.o fileHandle.o MemoryPool.o help.o permissions.o outputFileHandle.o -lpcap ++ if [ ! -f build_acl.o -o build_acl.cc -nt build_acl.o ]; then $(CXX) -Wall $(CFLAGS) -c build_acl.cc -o build_acl.o; fi ++ if [ ! -f misc_functs.o -o misc_functs.cc -nt misc_functs.o ]; then $(CXX) -Wall $(CFLAGS) -c misc_functs.cc -o misc_functs.o; fi ++ if [ ! -f outputFileHandle.o -o outputFileHandle.cc -nt outputFileHandle.o ]; then $(CXX) -Wall $(CFLAGS) -c outputFileHandle.cc -o outputFileHandle.o; fi ++ if [ ! -f apply_rule.o -o apply_rule.cc -nt apply_rule.o ]; then $(CXX) -Wall $(CFLAGS) -c apply_rule.cc -o apply_rule.o; fi ++ if [ ! -f decode.o -o decode.cc -nt decode.o ]; then $(CXX) -Wall $(CFLAGS) -c decode.cc -o decode.o; fi ++ if [ ! -f fileHandle.o -o fileHandle.cc -nt fileHandle.o ]; then $(CXX) -Wall $(CFLAGS) -c fileHandle.cc -o fileHandle.o; fi ++ if [ ! -f MemoryPool.o -o MemoryPool.cc -nt MemoryPool.o ]; then $(CXX) -Wall $(CFLAGS) -c MemoryPool.cc -o MemoryPool.o; fi ++ if [ ! -f pcapFileHandle.o -o pcapFileHandle.cc -nt pcapFileHandle.o ]; then $(CXX) -Wall $(CFLAGS) -c pcapFileHandle.cc -o pcapFileHandle.o; fi ++ if [ ! -f sancp.o -o sancp.cc -nt sancp.o ]; then $(CXX) -Wall $(CFLAGS) -c sancp.cc -o sancp.o; fi ++ if [ ! -f pcap_functions.o -o pcap_functions.c -nt pcap_functions.o ]; then $(CC) -Wall $(CFLAGS) -c pcap_functions.c -o pcap_functions.o; fi ++ if [ ! -f help.o -o help.cc -nt help.o ]; then $(CXX) -Wall $(CFLAGS) -c help.cc -o help.o ; fi ++ if [ ! -f permissions.o -o permissions.cc -nt permissions.o ]; then $(CXX) -Wall $(CFLAGS) -c permissions.cc -o permissions.o ; fi ++ if [ ! -f check_packet.o -o check_packet.cc -nt check_packet.o ]; then $(CXX) -Wall $(CFLAGS) -c check_packet.cc -o check_packet.o; fi ++ if [ ! -f statefull_logging.o -o statefull_logging.cc -nt statefull_logging.o ]; then $(CXX) -Wall $(CFLAGS) -c statefull_logging.cc -o statefull_logging.o ; fi ++ $(CXX) -Wall $(CFLAGS) $(LDFLAGS) -o sancp sancp.o misc_functs.o check_packet.o statefull_logging.o build_acl.o apply_rule.o decode.o pcap_functions.o pcapFileHandle.o fileHandle.o MemoryPool.o help.o permissions.o outputFileHandle.o -lpcap + + clean : + rm -f *.o sancp diff --git a/net-analyzer/sancp/files/sancp.confd b/net-analyzer/sancp/files/sancp.confd new file mode 100644 index 000000000000..31cbef82ec1b --- /dev/null +++ b/net-analyzer/sancp/files/sancp.confd @@ -0,0 +1,15 @@ +# Config file for /etc/init.d/sancp +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +# Interface to listen on +IFACE="eth0" + +# Directory to log in +LOGDIR="/var/log/sancp" + +# Default config file +CONF="/etc/sancp/sancp.conf" + +# You could add more options :) +SANCP_OPTS="-d $LOGDIR/today -i $IFACE -c $CONF -u sancp -g sancp" diff --git a/net-analyzer/sancp/files/sancp.rc1 b/net-analyzer/sancp/files/sancp.rc1 new file mode 100644 index 000000000000..569947c660bf --- /dev/null +++ b/net-analyzer/sancp/files/sancp.rc1 @@ -0,0 +1,43 @@ +#!/sbin/runscript +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +today=$(date '+%Y-%m-%d') + +depend() { + need net +} +checkconfig() { + if [ ! -e /etc/sancp/sancp.conf ] ; then + eerror "You need an /etc/sancp/sancp.conf to run sancp" + return 1 + fi +} + +start() { + checkconfig || return 1 + + # Today's log directory + if [ ! -d $LOGDIR/$today ]; then + /bin/mkdir $LOGDIR/$today + /bin/rm -f $LOGDIR/today + fi + + # today/ directory :) + if [ ! -d $LOGDIR/today ]; then + /bin/ln -s $LOGDIR/$today $LOGDIR/today + fi + + ebegin "Starting sancp" + start-stop-daemon --start --quiet -m --pidfile /var/run/sancp.pid \ + --exec /usr/bin/sancp \ + -- ${SANCP_OPTS} > /var/log/sancp.log 2>&1 & + eend $? +} + +stop() { + ebegin "Stopping sancp" + start-stop-daemon --stop --quiet --pidfile /var/run/sancp.pid + eend $? +} diff --git a/net-analyzer/sancp/files/sguil_sancp.conf b/net-analyzer/sancp/files/sguil_sancp.conf new file mode 100644 index 000000000000..84e558e709fe --- /dev/null +++ b/net-analyzer/sancp/files/sguil_sancp.conf @@ -0,0 +1,69 @@ +# $Id$ +# +# This sancp.conf is distributed as part of sguil (http://sguil.sf.net). +# It's purpose is to define a default output that is compatible with table +# schema defined by sguil. Please read the README.sancp for more information +# +# sancp is copyrighted by John Curry and can be downloaded at: +# www.metre.net/sancp.html +# + +# SANCP VERSION 1.5.3 + +# Currently, sguil only supports the 'stats' output and we want it in +# timestamped fields +default stats tsfilename stats + +# Time in seconds we write a new file if expired cnxs are available +default flush_interval=30 +# This tells sancp to open new file handle, write, and close in one step +default burst_mode=enable + +# Default timeout: how many secs to wait after the last packet till we consider the cnx closed +default timeout=120 + +# Conforms with out sguil sancp table schema +format stats sancp_id,start_time_gmt,stop_time_gmt,duration,ip_proto,src_ip_decimal,src_port,dst_ip_decimal,dst_port,src_pkts,src_bytes,dst_pkts,dst_bytes,sflags,dflags + +# From here on you define what stats/cnxs/sessions/flows (whatever you +# want to call it) get logged. Please read the sancp documention for +# more information. Most of the below are examples of setting +# variables for complex rules. + +var ip 8 # ether proto 0x0800 # ip traffic + +# define some ip protocols + +var icmp 1 +var tcp 6 +var udp 17 + +# define some tcp protocols + +var http 80 +var https 443 +var smtp 25 +var dns 53 + +var HOME_NET 127.0.0.1 +#var WWW_NET 192.168.1.0/24 +#var MAIL_SERVER 192.168.1.2 +#var MAIL_SERVER2 192.168.1.3 + + +# Default output logging for each connection +# We don't use realtime or pcap logging at this point so we pass them +default realtime=pass +default pcap=pass + +# Here is where our "rules" start. We log all stats by default +# so this is defining exceptions. +# +# first six fields are required before rule options can be used +# +# eth_proto src_ip dst_ip ip_proto src_port dst_port +# + +# Here is an example if ignoring outbound HTTP stats. +#ip HOME_NET any tcp any http, stats pass +#ip HOME_NET any tcp any https, stats pass diff --git a/net-analyzer/sancp/metadata.xml b/net-analyzer/sancp/metadata.xml new file mode 100644 index 000000000000..6252f401e616 --- /dev/null +++ b/net-analyzer/sancp/metadata.xml @@ -0,0 +1,6 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<herd>netmon</herd> +<use><flag name='sguil'>Enable sguil (The Analyst Console for Network Security Monitoring) support</flag></use> +</pkgmetadata> diff --git a/net-analyzer/sancp/sancp-1.6.1-r4.ebuild b/net-analyzer/sancp/sancp-1.6.1-r4.ebuild new file mode 100644 index 000000000000..ccb3f7ab4485 --- /dev/null +++ b/net-analyzer/sancp/sancp-1.6.1-r4.ebuild @@ -0,0 +1,69 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit eutils toolchain-funcs user + +DESCRIPTION="collect statistical information regarding network traffic and collect it in pcap format" +HOMEPAGE="http://www.metre.net/sancp.html" +SRC_URI=" + http://www.metre.net/files/${P}.tar.gz + http://sancp.sourceforge.net/${PN}-1.6.1.fix200511.a.patch + http://sancp.sourceforge.net/${PN}-1.6.1.fix200511.b.patch + http://sancp.sourceforge.net/${PN}-1.6.1.fix200601.c.patch + http://sancp.sourceforge.net/${PN}-1.6.1.fix200606.d.patch +" + +LICENSE="QPL GPL-2" + +SLOT="0" +KEYWORDS="~amd64 ~x86" + +IUSE="sguil" + +RDEPEND="net-libs/libpcap" +DEPEND="${RDEPEND}" + +pkg_setup() { + enewgroup sancp + enewuser sancp -1 -1 /dev/null sancp +} + +src_prepare() { + epatch "${DISTDIR}"/${PN}-1.6.1.fix200511.a.patch + epatch "${DISTDIR}"/${PN}-1.6.1.fix200511.b.patch + # bug 138337 + epatch "${DISTDIR}"/${PN}-1.6.1.fix200601.c.patch + epatch "${DISTDIR}"/${PN}-1.6.1.fix200606.d.patch + epatch "${FILESDIR}"/${P}-compiler.patch + + tc-export CXX CC +} + +src_install() { + keepdir /var/log/sancp/ + dodoc docs/CHANGES docs/fields.LIST docs/README docs/SETUP \ + "${FILESDIR}"/sguil_sancp.conf etc/sancp/sancp.conf + + insinto /etc/sancp + if use sguil ; then + newins "${FILESDIR}"/sguil_sancp.conf sancp.conf + else + doins etc/sancp/sancp.conf + fi + + dobin sancp + + newinitd "${FILESDIR}"/sancp.rc1 sancp + newconfd "${FILESDIR}"/sancp.confd sancp + if use sguil ; then + sed -i -e /^SANCP_OPTS/s:'sancp':"sguil":g \ + -e s:'-d $LOGDIR/today':"-d /var/lib/sguil/$(hostname)/sancp": \ + "${D}/etc/conf.d/sancp" + fi + + fowners sancp:sancp /var/log/sancp + fperms 0770 /var/log/sancp +} |