diff options
Diffstat (limited to 'app-admin/ulogd')
| -rw-r--r-- | app-admin/ulogd/Manifest | 2 | ||||
| -rw-r--r-- | app-admin/ulogd/files/ulogd-2.0.4-linux-headers-3.17-ipt_ulog.patch | 100 | ||||
| -rw-r--r-- | app-admin/ulogd/files/ulogd-2.0.5-remove-db-automagic.patch | 45 | ||||
| -rw-r--r-- | app-admin/ulogd/files/ulogd.init | 41 | ||||
| -rw-r--r-- | app-admin/ulogd/files/ulogd.logrotate | 9 | ||||
| -rw-r--r-- | app-admin/ulogd/files/ulogd.service | 13 | ||||
| -rw-r--r-- | app-admin/ulogd/metadata.xml | 19 | ||||
| -rw-r--r-- | app-admin/ulogd/ulogd-2.0.4-r1.ebuild | 140 | ||||
| -rw-r--r-- | app-admin/ulogd/ulogd-2.0.5.ebuild | 141 |
9 files changed, 510 insertions, 0 deletions
diff --git a/app-admin/ulogd/Manifest b/app-admin/ulogd/Manifest new file mode 100644 index 000000000000..8392508578e9 --- /dev/null +++ b/app-admin/ulogd/Manifest @@ -0,0 +1,2 @@ +DIST ulogd-2.0.4.tar.bz2 452234 SHA256 56b30a13a8832e97178f39b7bb173a0b1dfe173dbb60d99a1a386c0962a2effd SHA512 08e88661fcfbcfd327b03b7a883dc239991f47d5a4e4561f3ada5f6acc8f2349f3bd38c1c67f28e42bbccf4cad63b2b7c3b732c23bf24b7c5f05320d27977773 WHIRLPOOL 94ee731cee8b95295d1c675bb3904be1a5b27a1e901d462f248116c865e79d52703b5330882110d7212bda1bb964fc0c97c3e704589071f47fab4475e1c91161 +DIST ulogd-2.0.5.tar.bz2 456258 SHA256 a221cb9f77347c0ca00d0937e27c1b90e3291a553cc62a4139b788e2e420e8c0 SHA512 bf00b8adaad7bd04077a83521b0d7accc26e644c8f3386819e7f91476178b6733f1c6554fb82dd0d3913398c83a61d65f61dc973f199f610bfaadc6251504819 WHIRLPOOL fe499ac7b4070581439a05f4f2245f7a42fe5630da5dc32b9b069511ed1faa15fe482eee08d50477d3fb1d0bf0d3855a69fc82fb0f3e8eecdf082fb642519f91 diff --git a/app-admin/ulogd/files/ulogd-2.0.4-linux-headers-3.17-ipt_ulog.patch b/app-admin/ulogd/files/ulogd-2.0.4-linux-headers-3.17-ipt_ulog.patch new file mode 100644 index 000000000000..f8c10622e229 --- /dev/null +++ b/app-admin/ulogd/files/ulogd-2.0.4-linux-headers-3.17-ipt_ulog.patch @@ -0,0 +1,100 @@ +From 30e24dbfc7a8644e29664070e8c16e5c3997f87e Mon Sep 17 00:00:00 2001 +From: Pablo Neira Ayuso <pablo@netfilter.org> +Date: Fri, 7 Nov 2014 18:33:01 +0100 +Subject: [PATCH] include: keep a copy of linux/netfilter_ipv4/ipt_ULOG.h + +This fixes compilation if you use a Linux kernel >= 3.17. This problem +occurs since ULOG was removed from mainstream: + +http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7200135bc1e61f1437dc326ae2ef2f310c50b4eb + +Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=986 +Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> + +diff --git a/configure.ac b/configure.ac +index 522c345..c5f573c 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -142,7 +142,7 @@ dnl AM_CONDITIONAL(HAVE_PGSQL, test x$pgsqldir != x) + + AC_CONFIG_FILES(include/Makefile include/ulogd/Makefile include/libipulog/Makefile \ + include/linux/Makefile include/linux/netfilter/Makefile \ +- libipulog/Makefile \ ++ include/linux/netfilter_ipv4/Makefile libipulog/Makefile \ + input/Makefile input/packet/Makefile input/flow/Makefile \ + input/sum/Makefile \ + filter/Makefile filter/raw2packet/Makefile filter/packet2flow/Makefile \ +diff --git a/include/linux/Makefile.am b/include/linux/Makefile.am +index ca80d0d..18af1c2 100644 +--- a/include/linux/Makefile.am ++++ b/include/linux/Makefile.am +@@ -1,2 +1,2 @@ +- +-SUBDIRS = netfilter ++SUBDIRS = netfilter \ ++ netfilter_ipv4 +diff --git a/include/linux/netfilter_ipv4/Makefile.am b/include/linux/netfilter_ipv4/Makefile.am +new file mode 100644 +index 0000000..41819a3 +--- /dev/null ++++ b/include/linux/netfilter_ipv4/Makefile.am +@@ -0,0 +1 @@ ++noinst_HEADERS = ipt_ULOG.h +diff --git a/include/linux/netfilter_ipv4/ipt_ULOG.h b/include/linux/netfilter_ipv4/ipt_ULOG.h +new file mode 100644 +index 0000000..417aad2 +--- /dev/null ++++ b/include/linux/netfilter_ipv4/ipt_ULOG.h +@@ -0,0 +1,49 @@ ++/* Header file for IP tables userspace logging, Version 1.8 ++ * ++ * (C) 2000-2002 by Harald Welte <laforge@gnumonks.org> ++ * ++ * Distributed under the terms of GNU GPL */ ++ ++#ifndef _IPT_ULOG_H ++#define _IPT_ULOG_H ++ ++#ifndef NETLINK_NFLOG ++#define NETLINK_NFLOG 5 ++#endif ++ ++#define ULOG_DEFAULT_NLGROUP 1 ++#define ULOG_DEFAULT_QTHRESHOLD 1 ++ ++#define ULOG_MAC_LEN 80 ++#define ULOG_PREFIX_LEN 32 ++ ++#define ULOG_MAX_QLEN 50 ++/* Why 50? Well... there is a limit imposed by the slab cache 131000 ++ * bytes. So the multipart netlink-message has to be < 131000 bytes. ++ * Assuming a standard ethernet-mtu of 1500, we could define this up ++ * to 80... but even 50 seems to be big enough. */ ++ ++/* private data structure for each rule with a ULOG target */ ++struct ipt_ulog_info { ++ unsigned int nl_group; ++ size_t copy_range; ++ size_t qthreshold; ++ char prefix[ULOG_PREFIX_LEN]; ++}; ++ ++/* Format of the ULOG packets passed through netlink */ ++typedef struct ulog_packet_msg { ++ unsigned long mark; ++ long timestamp_sec; ++ long timestamp_usec; ++ unsigned int hook; ++ char indev_name[IFNAMSIZ]; ++ char outdev_name[IFNAMSIZ]; ++ size_t data_len; ++ char prefix[ULOG_PREFIX_LEN]; ++ unsigned char mac_len; ++ unsigned char mac[ULOG_MAC_LEN]; ++ unsigned char payload[0]; ++} ulog_packet_msg_t; ++ ++#endif /*_IPT_ULOG_H*/ +-- +2.0.4 + diff --git a/app-admin/ulogd/files/ulogd-2.0.5-remove-db-automagic.patch b/app-admin/ulogd/files/ulogd-2.0.5-remove-db-automagic.patch new file mode 100644 index 000000000000..dfa51112e063 --- /dev/null +++ b/app-admin/ulogd/files/ulogd-2.0.5-remove-db-automagic.patch @@ -0,0 +1,45 @@ +commit c61c05c2d050410c24346d42b013d7cb39149949 +Author: Harald Welte <laforge@gnumonks.org> +Date: Sun May 3 11:08:54 2015 +0200 + + configure.ac: Add --without-{mysql,pgsql} + + In some cases you may not want to build a certain output plugin, even + if the headers/libraries actually exist on the build host. + +diff --git a/configure.ac b/configure.ac +index c814bec..1a7f8de 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -85,7 +85,10 @@ if [! test "x$enable_nfacct" = "xyes"]; then + enable_nfacct="no" + fi + +-CT_CHECK_POSTGRES_DB() ++AC_ARG_WITH([pgsql], AS_HELP_STRING([--without-pgsql], [Build without postgresql output plugin [default=test]])) ++AS_IF([test "x$with_pgsql" != "xno"], [ ++ CT_CHECK_POSTGRES_DB() ++]) + AM_CONDITIONAL(HAVE_PGSQL, test "x$PQLIBPATH" != "x") + if test "x$PQLIBPATH" != "x"; then + enable_pgsql="yes" +@@ -93,7 +96,10 @@ else + enable_pgsql="no" + fi + +-CT_CHECK_MYSQL_DB() ++AC_ARG_WITH([mysql], AS_HELP_STRING([--without-mysql], [Build without mysql output plugin [default=test]])) ++AS_IF([test "x$with_mysql" != "xno"], [ ++ CT_CHECK_MYSQL_DB() ++]) + AM_CONDITIONAL(HAVE_MYSQL, test "x$MYSQL_LIB" != "x") + if test "x$MYSQL_LIB" != "x"; then + enable_mysql="yes" +@@ -101,6 +107,7 @@ else + enable_mysql="no" + fi + ++ + AC_ARG_WITH([sqlite], AS_HELP_STRING([--without-sqlite], [Build without SQLITE3 output plugin [default=test]])) + AS_IF([test "x$with_sqlite" != "xno"], [ + PKG_CHECK_MODULES([libsqlite3], [sqlite3], [], [:]) diff --git a/app-admin/ulogd/files/ulogd.init b/app-admin/ulogd/files/ulogd.init new file mode 100644 index 000000000000..ace6e8b51c91 --- /dev/null +++ b/app-admin/ulogd/files/ulogd.init @@ -0,0 +1,41 @@ +#!/sbin/runscript +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +extra_started_commands="reload reopen" + +: ${ULOGD_BINARY:=/usr/sbin/ulogd} +: ${ULOGD_PIDFILE:=/run/${SVCNAME}.pid} +: ${ULOGD_OPTS:=--daemon --uid ulogd --pidfile ${ULOGD_PIDFILE}} + +depend() { + before iptables ip6tables ebtables firewall + after mysql postgresql +} + +start() { + ebegin "Starting ${SVCNAME}" + start-stop-daemon --start \ + --exec ${ULOGD_BINARY} --pidfile ${ULOGD_PIDFILE} \ + -- ${ULOGD_OPTS} + eend $? +} + +stop() { + ebegin "Stopping ${SVCNAME}" + start-stop-daemon --stop --pidfile ${ULOGD_PIDFILE} + eend $? +} + +reload() { + ebegin "Reloading ${SVCNAME} configuration" + start-stop-daemon --signal USR1 --pidfile ${ULOGD_PIDFILE} + eend $? +} + +reopen() { + ebegin "Reopening ${SVCNAME} logfiles" + start-stop-daemon --signal HUP --pidfile ${ULOGD_PIDFILE} + eend $? +} diff --git a/app-admin/ulogd/files/ulogd.logrotate b/app-admin/ulogd/files/ulogd.logrotate new file mode 100644 index 000000000000..777e40097a5e --- /dev/null +++ b/app-admin/ulogd/files/ulogd.logrotate @@ -0,0 +1,9 @@ +/var/log/ulogd/*.log { + sharedscripts + missingok + notifempty + create 0640 ulogd + postrotate + [ -f /run/ulogd.pid ] && /bin/kill -HUP $(cat /run/ulogd.pid) + endscript +} diff --git a/app-admin/ulogd/files/ulogd.service b/app-admin/ulogd/files/ulogd.service new file mode 100644 index 000000000000..ec22db0ad663 --- /dev/null +++ b/app-admin/ulogd/files/ulogd.service @@ -0,0 +1,13 @@ +[Unit] +Description=A userspace logging daemon for netfilter/iptables related logging +Before=iptables.service ip6tables.service +After=mysql.service postgresql.service + +[Service] +Type=forking +PIDFile=/run/ulogd.pid +ExecStart=/usr/sbin/ulogd --daemon --uid ulogd --pidfile /run/ulogd.pid +ExecReload=/bin/kill -USR1 $MAINPID + +[Install] +WantedBy=network.target diff --git a/app-admin/ulogd/metadata.xml b/app-admin/ulogd/metadata.xml new file mode 100644 index 000000000000..0a868141b02f --- /dev/null +++ b/app-admin/ulogd/metadata.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>proxy-maintainers</herd> + <maintainer> + <email>itumaykin@gmail.com</email> + </maintainer> + <use> + <flag name='json'>Build JSON output plugin to save packets in JSON file format.</flag> + <flag name='pcap'>Build PCAP output plugin to save packets in libpcap file format.</flag> + <flag name='mysql'>Build MySQL output plugin to save packets in a mysql database.</flag> + <flag name='postgres'>Build PGSQL output plugin to save packets in a postgres database.</flag> + <flag name='sqlite'>Build SQLITE3 output plugin to save packets in a sqlite database.</flag> + <flag name='nflog'>Build NFLOG input plugin to support stateless packet-based logging via nfnetlink_queue.</flag> + <flag name='nfct'>Build NFCT input plugin to support stateful flow-based logging via nf_conntrack_netlink.</flag> + <flag name='nfacct'>Build NFACCT input plugin to support traffic accounting via nfnetlink_acct.</flag> + <flag name='ulog'>Build ULOG input plugin to support deprecated packet-based logging via ULOG target.</flag> + </use> +</pkgmetadata> diff --git a/app-admin/ulogd/ulogd-2.0.4-r1.ebuild b/app-admin/ulogd/ulogd-2.0.4-r1.ebuild new file mode 100644 index 000000000000..a49fa0235214 --- /dev/null +++ b/app-admin/ulogd/ulogd-2.0.4-r1.ebuild @@ -0,0 +1,140 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +AUTOTOOLS_AUTORECONF=1 +AUTOTOOLS_IN_SOURCE_BUILD=1 +inherit autotools-utils eutils linux-info readme.gentoo systemd user + +DESCRIPTION="A userspace logging daemon for netfilter/iptables related logging" +HOMEPAGE="http://netfilter.org/projects/ulogd/index.html" +SRC_URI="ftp://ftp.netfilter.org/pub/${PN}/${P}.tar.bz2 + http://www.netfilter.org/projects/${PN}/files/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 ~ia64 ppc x86" +IUSE="dbi doc json mysql nfacct +nfct +nflog pcap postgres sqlite" + +RDEPEND="net-firewall/iptables + >=net-libs/libnfnetlink-1.0.1 + dbi? ( dev-db/libdbi ) + json? ( dev-libs/jansson ) + nfacct? ( + >=net-libs/libmnl-1.0.3 + >=net-libs/libnetfilter_acct-1.0.1 + ) + nfct? ( >=net-libs/libnetfilter_conntrack-1.0.2 ) + nflog? ( >=net-libs/libnetfilter_log-1.0.0 ) + mysql? ( virtual/mysql ) + pcap? ( net-libs/libpcap ) + postgres? ( dev-db/postgresql:= ) + sqlite? ( dev-db/sqlite:3 )" + +DEPEND="${RDEPEND} + doc? ( + app-text/linuxdoc-tools + app-text/texlive-core + virtual/latex-base + )" + +PATCHES=( "${FILESDIR}/${P}-linux-headers-3.17-ipt_ulog.patch" ) + +DOCS=( AUTHORS README TODO ) +DOC_CONTENTS="You must have at least one logging stack enabled to make ulogd work. +Please edit example configuration located at /etc/ulogd.conf" + +pkg_setup() { + enewgroup ulogd + enewuser ulogd -1 -1 /var/log/ulogd ulogd + + linux-info_pkg_setup + + if kernel_is lt 2 6 14; then + die "ulogd2 requires kernel newer than 2.6.14" + fi + + if kernel_is lt 2 6 18; then + ewarn + ewarn "You are using kernel older than 2.6.18" + ewarn "Some ulogd2 features may be unavailable" + ewarn + fi + + if use nfacct && kernel_is lt 3 3 0; then + ewarn "NFACCT input plugin requires kernel newer than 3.3.0" + fi + + if ! use nfacct && ! use nfct && ! use nflog && kernel_is gt 3 17 0; then + ewarn "ULOG target was removed since 3.17.0 kernel release" + ewarn "Consider enabling NFACCT, NFCT or NFLOG support" + fi +} + +src_prepare() { + # - make all logs to be kept in a single dir /var/log/ulogd + # - place sockets in /run instead of /tmp + sed -i \ + -e 's:var/log:var/log/ulogd:g' \ + -e 's:tmp:run:g' \ + ulogd.conf.in || die 'sed on ulogd.conf.in failed' + + autotools-utils_src_prepare +} + +src_configure() { + local myeconfargs=( + $(use_with dbi) + $(use_with json jansson) + $(use_enable nfacct) + $(use_enable nfct) + $(use_enable nflog) + $(use_with mysql) + $(use_with pcap) + $(use_with postgres pgsql) + $(use_with sqlite) + ) + autotools-utils_src_configure +} + +src_compile() { + autotools-utils_src_compile + + if use doc; then + # prevent access violations from generation of bitmap font files + export VARTEXFONTS="${T}"/fonts + emake -C doc + fi +} + +src_install() { + autotools-utils_src_install + readme.gentoo_create_doc + prune_libtool_files --modules + + if use doc; then + dohtml doc/${PN}.html + dodoc doc/${PN}.dvi doc/${PN}.txt doc/${PN}.ps + fi + + use sqlite && dodoc doc/sqlite3.table + use mysql && dodoc doc/mysql-*.sql + use postgres && dodoc doc/pgsql-*.sql + doman ${PN}.8 + + insinto /etc + doins ${PN}.conf + fowners root:ulogd /etc/ulogd.conf + fperms 640 /etc/ulogd.conf + + newinitd "${FILESDIR}/${PN}.init" ${PN} + systemd_dounit "${FILESDIR}/${PN}.service" + + insinto /etc/logrotate.d + newins "${FILESDIR}/${PN}.logrotate" ${PN} + + diropts -o ulogd -g ulogd + keepdir /var/log/ulogd +} diff --git a/app-admin/ulogd/ulogd-2.0.5.ebuild b/app-admin/ulogd/ulogd-2.0.5.ebuild new file mode 100644 index 000000000000..0822bd77efb7 --- /dev/null +++ b/app-admin/ulogd/ulogd-2.0.5.ebuild @@ -0,0 +1,141 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +AUTOTOOLS_AUTORECONF=1 +AUTOTOOLS_IN_SOURCE_BUILD=1 + +inherit autotools-utils eutils linux-info readme.gentoo systemd user + +DESCRIPTION="A userspace logging daemon for netfilter/iptables related logging" +HOMEPAGE="http://netfilter.org/projects/ulogd/index.html" +SRC_URI="ftp://ftp.netfilter.org/pub/${PN}/${P}.tar.bz2 + http://www.netfilter.org/projects/${PN}/files/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~ia64 ~ppc ~x86" +IUSE="dbi doc json mysql nfacct +nfct +nflog pcap postgres sqlite -ulog" + +RDEPEND=" + net-firewall/iptables + >=net-libs/libnfnetlink-1.0.1 + dbi? ( dev-db/libdbi ) + json? ( dev-libs/jansson ) + nfacct? ( + >=net-libs/libmnl-1.0.3 + >=net-libs/libnetfilter_acct-1.0.1 + ) + nfct? ( >=net-libs/libnetfilter_conntrack-1.0.2 ) + nflog? ( >=net-libs/libnetfilter_log-1.0.0 ) + mysql? ( virtual/mysql ) + pcap? ( net-libs/libpcap ) + postgres? ( dev-db/postgresql:= ) + sqlite? ( dev-db/sqlite:3 )" + +DEPEND="${RDEPEND} + doc? ( + app-text/linuxdoc-tools + app-text/texlive-core + virtual/latex-base + )" + +PATCHES=( "${FILESDIR}/${P}-remove-db-automagic.patch" ) + +DOCS=( AUTHORS README TODO ) +DOC_CONTENTS="You must have at least one logging stack enabled to make ulogd work. +Please edit example configuration located at /etc/ulogd.conf" + +pkg_setup() { + enewgroup ulogd + enewuser ulogd -1 -1 /var/log/ulogd ulogd + + linux-info_pkg_setup + + if kernel_is lt 2 6 14; then + die "ulogd2 requires kernel newer than 2.6.14" + fi + + if kernel_is lt 2 6 18; then + ewarn "You are using kernel older than 2.6.18" + ewarn "Some ulogd2 features may be unavailable" + fi + + if use nfacct && kernel_is lt 3 3 0; then + ewarn "NFACCT input plugin requires kernel newer than 3.3.0" + fi + + if use ulog && kernel_is gt 3 17 0; then + ewarn "ULOG target was removed since 3.17.0 kernel release" + ewarn "Consider enabling NFACCT, NFCT or NFLOG support" + fi +} + +src_prepare() { + # - make all logs to be kept in a single dir /var/log/ulogd + # - place sockets in /run instead of /tmp + sed -i \ + -e 's:var/log:var/log/ulogd:g' \ + -e 's:tmp:run:g' \ + ulogd.conf.in || die 'sed on ulogd.conf.in failed' + + autotools-utils_src_prepare +} + +src_configure() { + local myeconfargs=( + $(use_with dbi) + $(use_with json jansson) + $(use_enable nfacct) + $(use_enable nfct) + $(use_enable nflog) + $(use_with mysql) + $(use_with pcap) + $(use_with postgres pgsql) + $(use_with sqlite) + $(use_enable ulog) + ) + autotools-utils_src_configure +} + +src_compile() { + autotools-utils_src_compile + + if use doc; then + # prevent access violations from generation of bitmap font files + export VARTEXFONTS="${T}"/fonts + emake -C doc + fi +} + +src_install() { + autotools-utils_src_install + readme.gentoo_create_doc + prune_libtool_files --modules + + if use doc; then + dohtml doc/${PN}.html + dodoc doc/${PN}.dvi doc/${PN}.txt doc/${PN}.ps + fi + + use sqlite && dodoc doc/sqlite3.table + use mysql && dodoc doc/mysql-*.sql + use postgres && dodoc doc/pgsql-*.sql + doman ${PN}.8 + + insinto /etc + doins ${PN}.conf + fowners root:ulogd /etc/ulogd.conf + fperms 640 /etc/ulogd.conf + + newinitd "${FILESDIR}/${PN}.init" ${PN} + systemd_dounit "${FILESDIR}/${PN}.service" + + insinto /etc/logrotate.d + newins "${FILESDIR}/${PN}.logrotate" ${PN} + + diropts -o ulogd -g ulogd + keepdir /var/log/ulogd +} |