From faf78a47d2d11396bb2db87860ccccd2a4abaf7c Mon Sep 17 00:00:00 2001 From: agc Date: Thu, 11 Oct 2001 15:13:49 +0000 Subject: Initial import of firewalk-gtk-1.0 into the NetBSD Packages Collection. Firewalking is a technique developed by Mike D. Schiffman and David E. Goldsmith that employs traceroute-like techniques to analyze IP packet responses to determine gateway ACL filters and map networks. Firewalk the tool employs the technique to determine the filter rules in place on a packet forwarding device. This package was provided in PR 14020 by xs@nitric.net. I split it into two separate packages, firewalk-gtk and firewalk, and modified it to use buildlink functionality. --- net/firewalk-gtk/Makefile | 25 +++++++++ net/firewalk-gtk/distinfo | 8 +++ net/firewalk-gtk/patches/patch-aa | 106 ++++++++++++++++++++++++++++++++++++++ net/firewalk-gtk/patches/patch-ab | 45 ++++++++++++++++ net/firewalk-gtk/patches/patch-ac | 24 +++++++++ net/firewalk-gtk/patches/patch-ad | 25 +++++++++ net/firewalk-gtk/pkg/DESCR | 5 ++ net/firewalk-gtk/pkg/PLIST | 3 ++ 8 files changed, 241 insertions(+) create mode 100644 net/firewalk-gtk/Makefile create mode 100644 net/firewalk-gtk/distinfo create mode 100644 net/firewalk-gtk/patches/patch-aa create mode 100644 net/firewalk-gtk/patches/patch-ab create mode 100644 net/firewalk-gtk/patches/patch-ac create mode 100644 net/firewalk-gtk/patches/patch-ad create mode 100644 net/firewalk-gtk/pkg/DESCR create mode 100644 net/firewalk-gtk/pkg/PLIST diff --git a/net/firewalk-gtk/Makefile b/net/firewalk-gtk/Makefile new file mode 100644 index 00000000000..0cef6dbed5e --- /dev/null +++ b/net/firewalk-gtk/Makefile @@ -0,0 +1,25 @@ +# $NetBSD: Makefile,v 1.1.1.1 2001/10/11 15:13:49 agc Exp $ + +DISTNAME= firewalk-1.0 +PKGNAME= firewalk-gtk-1.0 +CATEGORIES= net security +MASTER_SITES= http://www.packetfactory.net/Projects/firewalk/ + +MAINTAINER= xs@nitric.net +HOMEPAGE= http://www.packetfactory.net/Projects/firewalk/ +COMMENT= Firewalk determines the filter rules on a packet forwarding device + +WRKSRC= ${WRKDIR}/${DISTNAME:C/f/F/} + +GNU_CONFIGURE= #defined +CONFIGURE_ENV+= CFLAGS="-I${LOCALBASE}/include `gtk-config --cflags`" +CONFIGURE_ENV+= GTK_CFLAGS="`gtk-config --cflags`" + +MAKE_ENV+= LIBS="-L${LOCALBASE}/lib" FIREWALK_LOC=${LOCALBASE} + +pre-install: + ${MV} ${WRKSRC}/firewalk.1 ${WRKSRC}/firewalk-gtk.1 + +.include "../../x11/gtk/buildlink.mk" +.include "../../devel/libnet/buildlink.mk" +.include "../../mk/bsd.pkg.mk" diff --git a/net/firewalk-gtk/distinfo b/net/firewalk-gtk/distinfo new file mode 100644 index 00000000000..ba0caacaa0a --- /dev/null +++ b/net/firewalk-gtk/distinfo @@ -0,0 +1,8 @@ +$NetBSD: distinfo,v 1.1.1.1 2001/10/11 15:13:49 agc Exp $ + +SHA1 (firewalk-1.0.tar.gz) = c8ade2a59b1e20e3e7800e6ac7702628773e24ad +Size (firewalk-1.0.tar.gz) = 75573 bytes +SHA1 (patch-aa) = a2fb24de0713e650f651dfd0e733d9b83462457e +SHA1 (patch-ab) = f3846f1e4d1fe63641967e1fc18b07405bf8cc59 +SHA1 (patch-ac) = 6ac2733b0a3bb2e7ae27c9b6b220381d0b9ee282 +SHA1 (patch-ad) = 4c49be6af143237a2b4f3839caa00b439d781ae6 diff --git a/net/firewalk-gtk/patches/patch-aa b/net/firewalk-gtk/patches/patch-aa new file mode 100644 index 00000000000..657bc0acaff --- /dev/null +++ b/net/firewalk-gtk/patches/patch-aa @@ -0,0 +1,106 @@ +$NetBSD: patch-aa,v 1.1.1.1 2001/10/11 15:13:49 agc Exp $ + +--- packet.c.orig Sat Sep 8 22:43:44 2001 ++++ packet.c Sat Sep 8 22:44:45 2001 +@@ -42,24 +42,24 @@ + int + icmp_verify(u_char *packet, struct firepack *fp) + { +- struct ip *ip_hdr; +- struct icmphdr *icmp_hdr; +- struct ip *origip_hdr; +- struct udphdr *origudp_hdr; ++ struct libnet_ip_hdr *ip_hdr; ++ struct libnet_icmp_hdr *icmp_hdr; ++ struct libnet_ip_hdr *origip_hdr; ++ struct libnet_udp_hdr *origudp_hdr; + +- ip_hdr = (struct ip *)(packet + fp->packet_offset); +- icmp_hdr = (struct icmphdr *)(packet + fp->packet_offset + IP_H); ++ ip_hdr = (struct libnet_ip_hdr *)(packet + fp->packet_offset); ++ icmp_hdr = (struct libnet_icmp_hdr *)(packet + fp->packet_offset + IP_H); + +- switch (icmp_hdr->type) ++ switch (icmp_hdr->icmp_type) + { +- case ICMP_DEST_UNREACH: +- case ICMP_TIME_EXCEEDED: ++ case ICMP_UNREACH: ++ case ICMP_TIMXCEED: + /* + * The ICMP error message contains the IP header and first 8 + * bytes of data of datagram that caused the error. + */ + origip_hdr = +- (struct ip *)(packet + fp->packet_offset + IP_H + ICMP_H + 4); ++ (struct libnet_ip_hdr *)(packet + fp->packet_offset + IP_H + ICMP_H + 4); + + /* + * Was this a UDP or TCP packet that caused the problem? If not, +@@ -78,7 +78,7 @@ + * having a UDP header. + */ + origudp_hdr = +- (struct udphdr *) ++ (struct libnet_udp_hdr *) + (packet + fp->packet_offset + 2 * IP_H + ICMP_H + 4); + + /* +@@ -92,22 +92,22 @@ + */ + if (ip_hdr->ip_src.s_addr == fp->gateway) + { +- return (icmp_hdr->type == ICMP_DEST_UNREACH ? ++ return (icmp_hdr->icmp_type == ICMP_UNREACH ? + UNREACH_GW_REPLY : EXPIRED_GW_REPLY); + } + /* + * This is a response from the destination host. + */ +- if (icmp_hdr->type == ICMP_DEST_UNREACH && ++ if (icmp_hdr->icmp_type == ICMP_UNREACH && + ip_hdr->ip_src.s_addr == fp->destination) + { +- return (icmp_hdr->type == ICMP_DEST_UNREACH ? ++ return (icmp_hdr->icmp_type == ICMP_UNREACH ? + UNREACH_DEST_REPLY : EXPIRED_DEST_REPLY); + } + /* + * This is just a standard TTL expired reply. + */ +- return (icmp_hdr->type == ICMP_DEST_UNREACH ? UNREACH_REPLY : ++ return (icmp_hdr->icmp_type == ICMP_UNREACH ? UNREACH_REPLY : + EXPIRED_REPLY); + } + default: +@@ -249,9 +249,9 @@ + void + print_ip(u_char *packet) + { +- struct ip *ip_hdr; ++ struct libnet_ip_hdr *ip_hdr; + +- ip_hdr = (struct ip *)(packet + fp->packet_offset); ++ ip_hdr = (struct libnet_ip_hdr *)(packet + fp->packet_offset); + fire_write("[%s]", libnet_host_lookup(ip_hdr->ip_src.s_addr, fp->use_name)); + } + +@@ -259,14 +259,14 @@ + u_char * + print_unreach_code(u_char *packet) + { +- struct icmphdr *icmp_hdr; ++ struct libnet_icmp_hdr *icmp_hdr; + +- icmp_hdr = (struct icmphdr *)(packet + fp->packet_offset + IP_H); +- if (icmp_hdr->code > 15) ++ icmp_hdr = (struct libnet_icmp_hdr *)(packet + fp->packet_offset + IP_H); ++ if (icmp_hdr->icmp_code > 15) + { + return ("Unkown unreachable code"); + } +- return (unreachables[icmp_hdr->code]); ++ return (unreachables[icmp_hdr->icmp_code]); + } + + diff --git a/net/firewalk-gtk/patches/patch-ab b/net/firewalk-gtk/patches/patch-ab new file mode 100644 index 00000000000..72bf104757f --- /dev/null +++ b/net/firewalk-gtk/patches/patch-ab @@ -0,0 +1,45 @@ +$NetBSD: patch-ab,v 1.1.1.1 2001/10/11 15:13:49 agc Exp $ + +--- Makefile.in.orig Sat Feb 3 20:24:09 2001 ++++ Makefile.in Thu Oct 11 15:58:01 2001 +@@ -6,23 +6,23 @@ + # + # @configure_input@ + +-FIREWALK = firewalk +-FIREWALK_LOC= /usr/local ++FIREWALK = firewalk-gtk ++FIREWALK_LOC?= /usr/local + FIREWALK_MAN= $(FIREWALK).1 + INSTALL = ./install-sh + DEFINES += @DEFS@ `libnet-config --defines` + CFLAGS = @CFLAGS@ + CPPFLAGS = @CPPFLAGS@ +-LIBS = -lnet -lpcap @FW_GTK_CONFIG@ `libnet-config --libs` ++LIBS += -lnet -lpcap @FW_GTK_CONFIG@ `libnet-config --libs` + OBJECTS = main.o firewalk.o watcher.o p_cap.o signal.o \ + packet.o udptcpwalk.o port_list.o util.o @FW_GTK_OBJS@ + + .c.o: + $(CC) $(CFLAGS) $(CPPFLAGS) $(DEFINES) -c $< -o $@ + +-all: firewalk ++all: ${FIREWALK} + +-firewalk: version.h $(OBJECTS) ++${FIREWALK}: version.h $(OBJECTS) + $(CC) $(CFLAGS) $(OBJECTS) -o $(FIREWALK) $(LIBS) + + version.o: version.h +@@ -30,8 +30,9 @@ + @rm -f $@ + sed -e 's/.*/static char version[] = "&";/' ./VERSION > $@ + +-install: firewalk +- $(INSTALL) -c -m 0700 $(FIREWALK) $(FIREWALK_LOC)/bin ++install: ${FIREWALK} ++ $(INSTALL) -d -m 0755 $(FIREWALK_LOC)/bin $(FIREWALK_LOC)/man/man1 ++ $(INSTALL) -c -m 0700 $(FIREWALK) $(FIREWALK_LOC)/bin/ + $(INSTALL) -c -m 0644 $(FIREWALK_MAN) $(FIREWALK_LOC)/man/man1 + + clean: diff --git a/net/firewalk-gtk/patches/patch-ac b/net/firewalk-gtk/patches/patch-ac new file mode 100644 index 00000000000..67ed7f297b7 --- /dev/null +++ b/net/firewalk-gtk/patches/patch-ac @@ -0,0 +1,24 @@ +$NetBSD: patch-ac,v 1.1.1.1 2001/10/11 15:13:49 agc Exp $ + +--- gtk_main.c.orig Tue Sep 11 19:34:13 2001 ++++ gtk_main.c Tue Sep 11 19:34:45 2001 +@@ -35,15 +35,15 @@ + #if (HAVE_CONFIG_H) + #include "./config.h" + #endif ++#include "./main.h" ++#include "./packet.h" ++#include "./firewalk.h" + #include "./gtk_main.h" + #include "./gtk_util.h" + #include "./gtk_cb.h" + #include "./gtk_pack.h" +-#include "./main.h" +-#include "./packet.h" +-#include "./gtk_itemfactory.h" +-#include "./firewalk.h" + #include "./version.h" ++#include "./gtk_itemfactory.h" + + /* + * This code is heavily commented for the benefit of the programmer who diff --git a/net/firewalk-gtk/patches/patch-ad b/net/firewalk-gtk/patches/patch-ad new file mode 100644 index 00000000000..b11bafb7f55 --- /dev/null +++ b/net/firewalk-gtk/patches/patch-ad @@ -0,0 +1,25 @@ +$NetBSD: patch-ad,v 1.1.1.1 2001/10/11 15:13:49 agc Exp $ + +--- gtk_cp.c.orig Tue Sep 11 19:50:58 2001 ++++ gtk_cp.c Tue Sep 11 19:51:48 2001 +@@ -35,16 +35,16 @@ + #if (HAVE_CONFIG_H) + #include "./config.h" + #endif ++#include "./main.h" ++#include "./packet.h" ++#include "./firewalk.h" ++#include "./version.h" + #include "./gtk_main.h" + #include "./gtk_util.h" + #include "./gtk_cb.h" + #include "./gtk_cp.h" + #include "./gtk_pack.h" +-#include "./main.h" +-#include "./packet.h" + #include "./gtk_itemfactory.h" +-#include "./firewalk.h" +-#include "./version.h" + + /* + * This code is heavily commented for the benefit of the programmer who diff --git a/net/firewalk-gtk/pkg/DESCR b/net/firewalk-gtk/pkg/DESCR new file mode 100644 index 00000000000..7ec3d69847a --- /dev/null +++ b/net/firewalk-gtk/pkg/DESCR @@ -0,0 +1,5 @@ +Firewalking is a technique developed by Mike D. Schiffman and David E. +Goldsmith that employs traceroute-like techniques to analyze IP packet +responses to determine gateway ACL filters and map networks. +Firewalk the tool employs the technique to determine the filter rules +in place on a packet forwarding device. diff --git a/net/firewalk-gtk/pkg/PLIST b/net/firewalk-gtk/pkg/PLIST new file mode 100644 index 00000000000..3ecaddbf7dd --- /dev/null +++ b/net/firewalk-gtk/pkg/PLIST @@ -0,0 +1,3 @@ +@comment $NetBSD: PLIST,v 1.1.1.1 2001/10/11 15:13:49 agc Exp $ +bin/firewalk-gtk +man/man1/firewalk-gtk.1 -- cgit v1.2.3