diff options
| author | hubertf <hubertf@pkgsrc.org> | 2003-04-06 11:06:04 +0000 |
|---|---|---|
| committer | hubertf <hubertf@pkgsrc.org> | 2003-04-06 11:06:04 +0000 |
| commit | 344fc0b4e93a958ec28e964ed9ec669bec9c065d (patch) | |
| tree | 02a3414915f487d2e005353a557fb0d86f2997dc /net/iplog | |
| parent | 863bfbfd2168b4b2a2d8e2cf3676c5a4f97b905a (diff) | |
| download | pkgsrc-344fc0b4e93a958ec28e964ed9ec669bec9c065d.tar.gz | |
Import iplog-2.2.3: Iplog is a tool using pcap to log ip traffic
iplog is a TCP/IP traffic logger. Currently, it is capable of logging
TCP, UDP and ICMP traffic. Adding support for other protocols
should be relatively easy.
iplog's capabilities include the ability to detect TCP port
scans, TCP null scans, FIN scans, UDP and ICMP "smurf" attacks,
bogus TCP flags (used by scanners to detect the operating system in use),
TCP SYN scans, TCP "Xmas" scans, ICMP ping floods, UDP scans, and IP
fragment attacks.
iplog is able to run in promiscuous mode and monitor traffic to all hosts
on a network.
iplog uses libpcap to read data from the network and can be ported
to any system that supports pthreads and on which libpcap will function.
Submitted by Martin Mersberger <gremlin@portal-to-web.de> in PR 20887
Diffstat (limited to 'net/iplog')
| -rw-r--r-- | net/iplog/DESCR | 15 | ||||
| -rw-r--r-- | net/iplog/Makefile | 44 | ||||
| -rw-r--r-- | net/iplog/PLIST | 6 | ||||
| -rw-r--r-- | net/iplog/distinfo | 5 | ||||
| -rwxr-xr-x | net/iplog/files/iplog | 17 | ||||
| -rw-r--r-- | net/iplog/patches/patch-aa | 13 |
6 files changed, 100 insertions, 0 deletions
diff --git a/net/iplog/DESCR b/net/iplog/DESCR new file mode 100644 index 00000000000..dc5caa7328f --- /dev/null +++ b/net/iplog/DESCR @@ -0,0 +1,15 @@ +iplog is a TCP/IP traffic logger. Currently, it is capable of logging +TCP, UDP and ICMP traffic. Adding support for other protocols +should be relatively easy. + +iplog's capabilities include the ability to detect TCP port +scans, TCP null scans, FIN scans, UDP and ICMP "smurf" attacks, +bogus TCP flags (used by scanners to detect the operating system in use), +TCP SYN scans, TCP "Xmas" scans, ICMP ping floods, UDP scans, and IP +fragment attacks. + +iplog is able to run in promiscuous mode and monitor traffic to all hosts +on a network. + +iplog uses libpcap to read data from the network and can be ported +to any system that supports pthreads and on which libpcap will function. diff --git a/net/iplog/Makefile b/net/iplog/Makefile new file mode 100644 index 00000000000..a8256586397 --- /dev/null +++ b/net/iplog/Makefile @@ -0,0 +1,44 @@ +# $NetBSD: Makefile,v 1.1.1.1 2003/04/06 11:06:04 hubertf Exp $ +# + +DISTNAME= iplog-2.2.3 +CATEGORIES= net +MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=ojnk/} + +MAINTAINER= gremlin@portal-to-web.de +HOMEPAGE= http://ojnl.sourceforge.net +COMMENT= Iplog is a tool using pcap to log ip traffic + +USE_BUILDLINK2= YES +GNU_CONFIGURE= YES + +CFLAGSTMP="-I${PREFIX}/include -Wall" +LDFLAGSTMP="-L${PREFIX}/lib -Wl,-R${PREFIX}/lib" +LIBSTMP="-lpthread" + +USE_GMAKE= YES + +post-patch: + cd ${WRKSRC}/src && ${SED} s,%PREFIX%/etc,${PKG_SYSCONFBASE},g < iplog.h > iplog.h.patched && ${MV} iplog.h.patched iplog.h + +do-configure: + cd ${WRKSRC} && CFLAGS=${CFLAGSTMP} \ + LDFLAGS=${LDFLAGSTMP} \ + LIBS=${LIBSTMP} \ + MAKE=${GMAKE} \ + ${SH} ./configure --prefix=${PREFIX} --prefix=${GNU_CONFIGURE_PREFIX} + +do-build: + cd ${WRKSRC} && ${GMAKE} all + +post-build: + ${SED} \ + -e 's|%PREFIX%|${PREFIX}|' \ + <${FILESDIR}/iplog >${WRKDIR}/iplog + +post-install: + ${INSTALL_SCRIPT} ${WRKDIR}/iplog ${PREFIX}/etc/rc.d/iplog + ${INSTALL_DATA} ${WRKSRC}/example-iplog.conf ${PREFIX}/etc/iplog.conf.sample + +.include "../../mk/pthread.buildlink2.mk" +.include "../../mk/bsd.pkg.mk" diff --git a/net/iplog/PLIST b/net/iplog/PLIST new file mode 100644 index 00000000000..6e7bf06afaf --- /dev/null +++ b/net/iplog/PLIST @@ -0,0 +1,6 @@ +@comment $NetBSD: PLIST,v 1.1.1.1 2003/04/06 11:06:04 hubertf Exp $ +man/man5/iplog.conf.5 +man/man8/iplog.8 +sbin/iplog +etc/rc.d/iplog +etc/iplog.conf.sample diff --git a/net/iplog/distinfo b/net/iplog/distinfo new file mode 100644 index 00000000000..97392a4f43d --- /dev/null +++ b/net/iplog/distinfo @@ -0,0 +1,5 @@ +$NetBSD: distinfo,v 1.1.1.1 2003/04/06 11:06:04 hubertf Exp $ + +SHA1 (iplog-2.2.3.tar.gz) = ce257d13ceb54bacb5cfe97570603868c7463cb2 +Size (iplog-2.2.3.tar.gz) = 133639 bytes +SHA1 (patch-aa) = 0b8d6e27d40315ee1ee5e07d582c94652a918b9e diff --git a/net/iplog/files/iplog b/net/iplog/files/iplog new file mode 100755 index 00000000000..5f081e3b48a --- /dev/null +++ b/net/iplog/files/iplog @@ -0,0 +1,17 @@ +#!/bin/sh +# +# $NetBSD: iplog,v 1.1.1.1 2003/04/06 11:06:04 hubertf Exp $ +# +# PROVIDE: iplog +# REQUIRE: SERVERS + +. /etc/rc.subr + +name="iplog" +rcvar=${name} +command="%PREFIX%/sbin/${name}" +pidfile="/var/run/${name}.pid" + +load_rc_config ${name} + +run_rc_command "$1" diff --git a/net/iplog/patches/patch-aa b/net/iplog/patches/patch-aa new file mode 100644 index 00000000000..181430c09ba --- /dev/null +++ b/net/iplog/patches/patch-aa @@ -0,0 +1,13 @@ +$NetBSD: patch-aa,v 1.1.1.1 2003/04/06 11:06:04 hubertf Exp $ + +--- src/iplog.h.orig Mon Jan 1 17:02:14 2001 ++++ src/iplog.h +@@ -48,7 +48,7 @@ + ** Path of the iplog configuration file. + */ + +-#define CONFFILE "/etc/iplog.conf" ++#define CONFFILE "%PREFIX%/etc/iplog.conf" + + /* + ** Making these smaller will probably do bad things. |