commit: 76c5fd7710225259504c969ece5978dc87c33240
Author: Quentin Retornaz <gentoo <AT> retornaz <DOT> com>
AuthorDate: Sun Jan 17 18:43:51 2021 +0000
Commit: Quentin Retornaz <gentoo <AT> retornaz <DOT> com>
CommitDate: Tue Jan 26 00:21:42 2021 +0000
URL: https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=76c5fd77
net-analyzer/flow-tools: new package
Package-Manager: Portage-3.0.12, Repoman-3.0.2
Signed-off-by: Quentin Retornaz <gentoo <AT> retornaz.com>
net-analyzer/flow-tools/Manifest | 2 +
.../files/flow-tools-0.68.5.1-fno-common.patch | 42 ++++++++++++
.../files/flow-tools-0.68.5.1-openssl11.patch | 46 +++++++++++++
.../flow-tools/files/flow-tools-0.68.5.1-run.patch | 22 ++++++
.../files/flow-tools-0.68.5.1-syslog.patch | 47 +++++++++++++
.../flow-tools/files/flow-tools-0.68.6-mysql.patch | 15 ++++
net-analyzer/flow-tools/files/flowcapture.confd | 51 ++++++++++++++
net-analyzer/flow-tools/files/flowcapture.initd | 30 ++++++++
net-analyzer/flow-tools/files/linkme | 15 ++++
.../flow-tools/flow-tools-0.68.5.1-r11.ebuild | 68 +++++++++++++++++++
.../flow-tools/flow-tools-0.68.6-r1.ebuild | 79 ++++++++++++++++++++++
net-analyzer/flow-tools/metadata.xml | 18 +++++
12 files changed, 435 insertions(+)
diff --git a/net-analyzer/flow-tools/Manifest b/net-analyzer/flow-tools/Manifest
new file mode 100644
index 0000000..11214dc
--- /dev/null
+++ b/net-analyzer/flow-tools/Manifest
@@ -0,0 +1,2 @@
+DIST flow-tools-0.68.5.1.tar.bz2 914062 BLAKE2B
8a987c1aac53a1370045ab118888c51ce2de7b8db4074432e86e701153469163870cf1cf9da9e2267ed934d240de4b4bf2391b4681012b82db7e4205207b7fa4
SHA512
ae17ba39854daa8ef3deecd3a554bb6d1fa47648cb791d8225a40bec13f65bf0692871660b2c3490d133b1251875c323d066bb0c0483eceb0707cec9b7714c57
+DIST flow-tools-0.68.6.tar.gz 1078778 BLAKE2B
8a6179e44f2efa90bb2c3ace73bfbb8a928c1d7aabc8f47a778ca7361a92c13f2df168194bdd9c489c175079c1bd977f6ad9852711a62d99649d1f44609d746b
SHA512
fc3d0650ace93ec2180340624648b5967fd7f094900f8409e751b439eb659c9623e2ee55effeb74164ec6b15f0a1edd8ed7735ccfacfd72af08e9c5c0d65b740
diff --git a/net-analyzer/flow-tools/files/flow-tools-0.68.5.1-fno-common.patch
b/net-analyzer/flow-tools/files/flow-tools-0.68.5.1-fno-common.patch
new file mode 100644
index 0000000..1f74649
--- /dev/null
+++ b/net-analyzer/flow-tools/files/flow-tools-0.68.5.1-fno-common.patch
@@ -0,0 +1,42 @@
+--- a/src/acl2.h
++++ b/src/acl2.h
+@@ -48,7 +48,7 @@
+ #define ACL_TYPE_STD 1
+ #define ACL_TYPE_EXT 2
+
+-struct acl_list {
++typedef struct acl_list {
+ int num; /* number of entries */
+ int num_std; /* number of standard acl entries */
+ int num_ext; /* number of extended acl entries */
+@@ -59,6 +59,8 @@
+ /* num_ext of these */
+ };
+
++extern struct acl_list acl_list;
++
+ struct acl_names {
+ int num; /* index into standard or extended list */
+ char *name; /* name of this acl */
+--- a/src/aclyacc.y
++++ b/src/aclyacc.y
+@@ -7,8 +7,6 @@
+ unsigned char fmt_buf[32];
+ unsigned char fmt_buf2[32];
+
+-extern struct acl_list acl_list;
+-
+ int x;
+
+ %}
+--- a/src/flow-filter.c
++++ b/src/flow-filter.c
+@@ -56,8 +56,6 @@
+ int debug;
+ int ip_net_only;
+
+-struct acl_list acl_list;
+-
+ int yyparse (void);
+ void usage(void);
+ void yyerror(const char *msg);
diff --git a/net-analyzer/flow-tools/files/flow-tools-0.68.5.1-openssl11.patch
b/net-analyzer/flow-tools/files/flow-tools-0.68.5.1-openssl11.patch
new file mode 100644
index 0000000..686d40a
--- /dev/null
+++ b/net-analyzer/flow-tools/files/flow-tools-0.68.5.1-openssl11.patch
@@ -0,0 +1,46 @@
+--- a/lib/ftxlate.c
++++ b/lib/ftxlate.c
+@@ -34,6 +34,14 @@
+ #include <openssl/ssl.h>
+ #include <openssl/evp.h>
+ #undef free_func
++
++/* fixup LibreSSL OpenSSL version numbering */
++#include <openssl/opensslv.h>
++#if (defined LIBRESSL_VERSION_NUMBER && OPENSSL_VERSION_NUMBER == 0x20000000L)
++#undef OPENSSL_VERSION_NUMBER
++#define OPENSSL_VERSION_NUMBER 0x1000107fL
++#endif
++
+ #endif /* HAVE_OPENSSL */
+
+ #include <sys/time.h>
+@@ -2040,11 +2048,13 @@
+
+
+ /* init crypto */
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ if (!(cp->cipher_ctx = (EVP_CIPHER_CTX*) malloc(sizeof(EVP_CIPHER_CTX)))) {
+ return -1;
+ }
+
+ EVP_CIPHER_CTX_init(cp->cipher_ctx);
++#endif
+
+ /* disable padding */
+ if (!(EVP_CIPHER_CTX_set_padding(cp->cipher_ctx, 0))) {
+@@ -2083,10 +2093,14 @@
+ {
+
+ #ifdef HAVE_OPENSSL
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ EVP_CIPHER_CTX_cleanup(cp->cipher_ctx);
+
+ if (cp->cipher_ctx)
+ free (cp->cipher_ctx);
++#else
++ EVP_CIPHER_CTX_free(cp->cipher_ctx);
++#endif
+ #endif /* HAVE_OPENSSL */
+
+ return 0;
diff --git a/net-analyzer/flow-tools/files/flow-tools-0.68.5.1-run.patch
b/net-analyzer/flow-tools/files/flow-tools-0.68.5.1-run.patch
new file mode 100644
index 0000000..e1b06ee
--- /dev/null
+++ b/net-analyzer/flow-tools/files/flow-tools-0.68.5.1-run.patch
@@ -0,0 +1,22 @@
+--- a/src/flow-fanout.c
++++ b/src/flow-fanout.c
+@@ -57,7 +57,7 @@
+ #endif
+
+
+-#define FANOUT_PIDFILE "/var/run/flow-fanout.pid"
++#define FANOUT_PIDFILE "/run/flow-fanout.pid"
+
+ #define SELECT_TIMEOUT 5 /* 5 seconds */
+
+--- a/src/flow-capture.c
++++ b/src/flow-capture.c
+@@ -61,7 +61,7 @@
+
+ void fterr_exit_handler(int code);
+
+-#define CAPTURE_PIDFILE "/var/run/flow-capture.pid"
++#define CAPTURE_PIDFILE "/run/flow-capture.pid"
+
+ #define SELECT_TIMEOUT 1 /* 1 second */
+
diff --git a/net-analyzer/flow-tools/files/flow-tools-0.68.5.1-syslog.patch
b/net-analyzer/flow-tools/files/flow-tools-0.68.5.1-syslog.patch
new file mode 100644
index 0000000..cb17471
--- /dev/null
+++ b/net-analyzer/flow-tools/files/flow-tools-0.68.5.1-syslog.patch
@@ -0,0 +1,47 @@
+--- a/lib/fterr.c
++++ b/lib/fterr.c
+@@ -112,7 +112,7 @@
+ fprintf(((fterr_file) ? fterr_file : stderr), "%s\n", buf2);
+
+ if (fterr_flags & FTERR_SYSLOG)
+- syslog(LOG_INFO, buf);
++ syslog(LOG_INFO, "%s", buf);
+
+ } /* fterr_info */
+
+@@ -134,7 +134,7 @@
+
+ if (fterr_flags & FTERR_SYSLOG) {
+ snprintf(buf2, 1024, "%s: %s", buf, strerror(errno));
+- syslog(LOG_INFO, buf2);
++ syslog(LOG_INFO, "%s", buf2);
+ }
+
+ if (fterr_exit)
+@@ -159,7 +159,7 @@
+ }
+
+ if (fterr_flags & FTERR_SYSLOG)
+- syslog(LOG_INFO, buf);
++ syslog(LOG_INFO, "%s", buf);
+
+ if (fterr_exit)
+ fterr_exit(code);
+@@ -183,7 +183,7 @@
+ }
+
+ if (fterr_flags & FTERR_SYSLOG)
+- syslog(LOG_INFO, buf);
++ syslog(LOG_INFO, "%s", buf);
+
+ } /* fterr_warnx */
+
+@@ -205,7 +205,7 @@
+
+ if (fterr_flags & FTERR_SYSLOG) {
+ snprintf(buf2, 1024, "%s: %s", buf, strerror(errno));
+- syslog(LOG_INFO, buf2);
++ syslog(LOG_INFO, "%s", buf2);
+ }
+
+ } /* fterr_warn */
diff --git a/net-analyzer/flow-tools/files/flow-tools-0.68.6-mysql.patch
b/net-analyzer/flow-tools/files/flow-tools-0.68.6-mysql.patch
new file mode 100644
index 0000000..a270567
--- /dev/null
+++ b/net-analyzer/flow-tools/files/flow-tools-0.68.6-mysql.patch
@@ -0,0 +1,15 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -62,11 +62,9 @@
+ if test "x$WHERE_MYSQL" != "x"; then
+ old_LIBS="$LIBS"
+ old_LDFLAGS="$LDFLAGS"
+- LDFLAGS="$LDFLAGS -L$WHERE_MYSQL/lib/mysql"
+- AC_CHECK_LIB(mysqlclient, my_init,
++ AC_CHECK_LIB(mysqlclient, mysql_init,
+ [
+ MYSQLCFLAGS="-I$WHERE_MYSQL/include/mysql"
+- MYSQLLDFLAGS="-L$WHERE_MYSQL/lib/mysql"
+ MYSQLLIB="-lmysqlclient"
+ AC_DEFINE(HAVE_MYSQL, 1, [Do we have to build MySQL support])
+ ]
diff --git a/net-analyzer/flow-tools/files/flowcapture.confd
b/net-analyzer/flow-tools/files/flowcapture.confd
new file mode 100644
index 0000000..df363de
--- /dev/null
+++ b/net-analyzer/flow-tools/files/flowcapture.confd
@@ -0,0 +1,51 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+# Config file for /etc/init.d/flowcap
+
+# This is the default and should be left unless you know what you are doing
+FLOW_VER=5
+
+# local ip. if configured flow-capture will only ps flows sent to this ip.
+LOCALIP=0
+
+# You probably don't want to change this, but in case you do - nest level
+NEST=0
+
+# port to listen on
+PORT=2055
+
+# remote ip. If this is configured only flows from this exporter will be
accepted
+# by default we will accept any flows sent to us
+REMOTEIP=0
+
+# program used to rotate
+ROTATE_PROG="/var/lib/flows/bin/linkme"
+
+# number of rotations per day
+ROTATIONS=287
+
+# Retain the maximum number of files so that the total storage is less than
SIZE
+# The letters b,K,M,G can be used as multipliers, ie 16 Megabytes is 16M.
+SIZE=1G
+
+# interval in mins at which flowscan will print out stats in logs
+#STAT_INT=5
+# NOTE: with versions of flow-tools >=0.67 there is a bug that will cause a
loop if you specify the STAT_INT
+# Only use that variable if you using an older flow-tools (and consequently a
custom built ebuild as this config file is not in our older ebuilds)
+
+# dir we will be saving flows and working in
+WORKDIR=/var/lib/flows/ft
+
+# user to run as
+USER=flows
+
+# Pidfile base
+# The daemon takes the pidfile argument and APPENDS .$PORT itself in writing.
+# It may have multiple children by original design, but this is not recommended
+# for Gentoo at this time.
+PIDFILE_BASE=${PIDFILE_BASE:=/run/flows/flowcapture.pid}
+
+# This pulls in the options above
+FLOW_OPTS="-p $PIDFILE_BASE -w $WORKDIR $LOCALIP/$REMOTEIP/$PORT -V $FLOW_VER
-E $SIZE -n $ROTATIONS -N $NEST -R $ROTATE_PROG"
+# Use below only if you have sorted out the STAT_INT problem
+#FLOW_OPTS="-p /run/flows/flowcapture.pid.$PORT -w $WORKDIR
$LOCALIP/$REMOTEIP/$PORT -S $STAT_INT -V $FLOW_VER -E $SIZE -n $ROTATIONS -N
$NEST -R $ROTATE_PROG"
diff --git a/net-analyzer/flow-tools/files/flowcapture.initd
b/net-analyzer/flow-tools/files/flowcapture.initd
new file mode 100644
index 0000000..bc34be7
--- /dev/null
+++ b/net-analyzer/flow-tools/files/flowcapture.initd
@@ -0,0 +1,30 @@
+#!/sbin/openrc-run
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+PORT=${PORT:=2055}
+# The daemon takes the pidfile argument and APPENDS .$PORT itself in writing.
+# It may have multiple children by original design, but this is not recommended
+# for Gentoo at this time.
+PIDFILE_BASE=${PIDFILE_BASE:=/run/flows/flowcapture.pid}
+PIDFILE=${PIDFILE:=${PIDFILE_BASE}.${PORT}}
+
+depend() {
+ use net
+}
+
+start() {
+ ebegin "Starting flow-capture"
+ checkpath -d -o flows /run/flows
+ start-stop-daemon --start --user ${USER} --exec /usr/bin/flow-capture \
+ --pidfile ${PIDFILE} \
+ -- ${FLOW_OPTS} >/dev/null 2>&1
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping flow-capture"
+ start-stop-daemon --stop --quiet --exec /usr/bin/flow-capture \
+ --pidfile ${PIDFILE}
+ eend $?
+}
diff --git a/net-analyzer/flow-tools/files/linkme
b/net-analyzer/flow-tools/files/linkme
new file mode 100644
index 0000000..4f666d9
--- /dev/null
+++ b/net-analyzer/flow-tools/files/linkme
@@ -0,0 +1,15 @@
+#!/usr/bin/perl
+
+$base = "/var/lib/flows";
+if ($ARGV[0] =~ /.*[\/]*(ft-v05[^\/]*$)/) {
+$fileName = $1;
+} else {
+print "Must specify file\n";
+exit 1;
+}
+
+unless ( symlink("$base/ft/$fileName","$base/$fileName") ) {
+print "Unable to create symbolic link: $base/$fileName\n";
+exit 1;
+}
+
diff --git a/net-analyzer/flow-tools/flow-tools-0.68.5.1-r11.ebuild
b/net-analyzer/flow-tools/flow-tools-0.68.5.1-r11.ebuild
new file mode 100644
index 0000000..bcd9c0f
--- /dev/null
+++ b/net-analyzer/flow-tools/flow-tools-0.68.5.1-r11.ebuild
@@ -0,0 +1,68 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+DESCRIPTION="library and programs to process reports from NetFlow data"
+HOMEPAGE="https://code.google.com/p/flow-tools/";
+SRC_URI="https://${PN}.googlecode.com/files/${P}.tar.bz2";
+
+LICENSE="BSD GPL-2"
+SLOT="0"
+KEYWORDS="amd64 ppc x86"
+IUSE="debug libressl mysql postgres ssl static-libs"
+
+RDEPEND="
+ acct-group/flows
+ acct-user/flows
+ sys-apps/tcp-wrappers
+ sys-libs/zlib
+ mysql? ( dev-db/mysql-connector-c:0= )
+ postgres? ( dev-db/postgresql:* )
+ ssl? (
+ !libressl? ( dev-libs/openssl:0= )
+ libressl? ( dev-libs/libressl:0= )
+ )"
+DEPEND="${RDEPEND}"
+BDEPEND="
+ sys-devel/flex
+ sys-devel/bison"
+
+DOCS=( ChangeLog README SECURITY TODO )
+
+PATCHES=(
+ "${FILESDIR}"/${P}-run.patch
+ "${FILESDIR}"/${P}-syslog.patch
+ "${FILESDIR}"/${P}-openssl11.patch
+ "${FILESDIR}"/${P}-fno-common.patch
+)
+
+src_configure() {
+ econf \
+ $(use_enable static-libs static) \
+ $(usex mysql --with-mysql '') \
+ $(usex postgres --with-postgresql=yes --with-postgresql=no) \
+ $(usex ssl --with-openssl '') \
+ --sysconfdir=/etc/flow-tools
+}
+
+src_install() {
+ default
+
+ find "${D}" -name '*.la' -delete || die
+
+ exeinto /var/lib/flows/bin
+ doexe "${FILESDIR}"/linkme
+
+ keepdir /var/lib/flows/ft
+
+ newinitd "${FILESDIR}/flowcapture.initd" flowcapture
+ newconfd "${FILESDIR}/flowcapture.confd" flowcapture
+
+ fowners flows:flows /var/lib/flows
+ fowners flows:flows /var/lib/flows/bin
+ fowners flows:flows /var/lib/flows/ft
+
+ fperms 0755 /var/lib/flows
+ fperms 0755 /var/lib/flows/bin
+}
diff --git a/net-analyzer/flow-tools/flow-tools-0.68.6-r1.ebuild
b/net-analyzer/flow-tools/flow-tools-0.68.6-r1.ebuild
new file mode 100644
index 0000000..777ca96
--- /dev/null
+++ b/net-analyzer/flow-tools/flow-tools-0.68.6-r1.ebuild
@@ -0,0 +1,79 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools
+
+DESCRIPTION="library and programs to process reports from NetFlow data"
+HOMEPAGE="https://github.com/5u623l20/flow-tools/";
+SRC_URI="https://github.com/5u623l20/${PN}/archive/v${PV}.tar.gz ->
${P}.tar.gz"
+
+LICENSE="BSD GPL-3"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~x86"
+IUSE="debug libressl mysql postgres ssl static-libs"
+
+RDEPEND="
+ acct-group/flows
+ acct-user/flows
+ sys-apps/tcp-wrappers
+ sys-libs/zlib
+ mysql? ( dev-db/mysql-connector-c:0= )
+ postgres? ( dev-db/postgresql:* )
+ ssl? (
+ !libressl? ( dev-libs/openssl:0= )
+ libressl? ( dev-libs/libressl:0= )
+ )
+"
+DEPEND="
+ ${RDEPEND}
+"
+BDEPEND="
+ app-text/docbook-sgml-utils
+ sys-devel/bison
+ sys-devel/flex
+"
+DOCS=( ChangeLog.old README README.fork SECURITY TODO TODO.old )
+PATCHES=(
+ "${FILESDIR}"/${PN}-0.68.5.1-run.patch
+ "${FILESDIR}"/${PN}-0.68.5.1-openssl11.patch
+ "${FILESDIR}"/${PN}-0.68.5.1-fno-common.patch
+ "${FILESDIR}"/${PN}-0.68.6-mysql.patch
+)
+
+src_prepare() {
+ default
+ sed -i -e 's|docbook-to-man|docbook2man|g' docs/Makefile.am || die
+ eautoreconf
+}
+
+src_configure() {
+ econf \
+ $(use_enable static-libs static) \
+ $(usex mysql --with-mysql '') \
+ $(usex postgres --with-postgresql=yes --with-postgresql=no) \
+ $(usex ssl --with-openssl '') \
+ --sysconfdir=/etc/flow-tools
+}
+
+src_install() {
+ default
+
+ exeinto /var/lib/flows/bin
+ doexe "${FILESDIR}"/linkme
+
+ keepdir /var/lib/flows/ft
+
+ newinitd "${FILESDIR}/flowcapture.initd" flowcapture
+ newconfd "${FILESDIR}/flowcapture.confd" flowcapture
+
+ fowners flows:flows /var/lib/flows
+ fowners flows:flows /var/lib/flows/bin
+ fowners flows:flows /var/lib/flows/ft
+
+ fperms 0755 /var/lib/flows
+ fperms 0755 /var/lib/flows/bin
+
+ find "${ED}" -name '*.la' -delete || die
+}
diff --git a/net-analyzer/flow-tools/metadata.xml
b/net-analyzer/flow-tools/metadata.xml
new file mode 100644
index 0000000..e2ec7ef
--- /dev/null
+++ b/net-analyzer/flow-tools/metadata.xml
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd";>
+<pkgmetadata>
+ <maintainer type="project">
+ <email>[email protected]</email>
+ <name>Gentoo network monitoring and analysis project</name>
+ </maintainer>
+ <longdescription lang="en">Flow-tools is library and a collection of
programs used to collect,
+ send, process, and generate reports from NetFlow data. The
tools can be
+ used together on a single server or distributed to multiple
servers for
+ large deployments. The flow-toools library provides an API for
+ development of custom applications for NetFlow export versions
1,5,6 and
+ the 14 currently defined version 8 subversions. A Perl and
Python
+ interface have been contributed and are included in the
distribution.</longdescription>
+ <upstream>
+ <remote-id type="google-code">flow-tools</remote-id>
+ </upstream>
+</pkgmetadata>
