OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /e/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 17-Dec-2004 19:54:39
Branch: HEAD Handle: 2004121718543800
Added files:
openpkg-src/flowtools rc.flowtools
Modified files:
openpkg-src/flowtools flowtools.patch flowtools.spec
Log:
add optional support for automatically running the flow-capture tool
Summary:
Revision Changes Path
1.3 +29 -4 openpkg-src/flowtools/flowtools.patch
1.4 +45 -5 openpkg-src/flowtools/flowtools.spec
1.1 +66 -0 openpkg-src/flowtools/rc.flowtools
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/flowtools/flowtools.patch
============================================================================
$ cvs diff -u -r1.2 -r1.3 flowtools.patch
--- openpkg-src/flowtools/flowtools.patch 17 Dec 2004 16:02:20 -0000
1.2
+++ openpkg-src/flowtools/flowtools.patch 17 Dec 2004 18:54:38 -0000
1.3
@@ -1,6 +1,31 @@
+Index: flow-tools-0.67/docs/flow-capture.1.in
+--- flow-tools-0.67/docs/flow-capture.1.in.orig 2003-11-29 07:41:31
+0100
++++ flow-tools-0.67/docs/flow-capture.1.in 2004-12-17 19:48:35 +0100
+@@ -123,7 +123,7 @@
+ Configure the number of times flow-capture will create a new file per day\&.
+ The default is 95, or every 15 minutes\&.
+ .IP "-N\fI nesting_level\fP" 10
+-Configure the nesting level for storing flow files\&. The default is 0\&.
++Configure the nesting level for storing flow files\&. The default is 3\&.
+ -3 YYYY/YYYY-MM/YYYY-MM-DD/flow-file
+ -2 YYYY-MM/YYYY-MM-DD/flow-file
+ -1 YYYY-MM-DD/flow-file
+@@ -184,10 +184,9 @@
+ .SH "EXAMPLES"
+ .PP
+ Receive flows from the exporter at 10\&.0\&.0\&.1 port 9800\&. Maintain 5
Gigabytes
+-of flow files in /flows/krc4\&. Mask the source and destination IP
addresses
+-contained in the flow exports with 255\&.255\&.248\&.0\&.
++of flow files in /flows/krc4\&.
+ .PP
+- \fBflow-capture -w /flows/krc4 -m 255\&.255\&.248\&.0 -E5G
0/10\&.0\&.0\&.1/9800\fP
++ \fBflow-capture -w /flows/krc4 -E5G 0/10\&.0\&.0\&.1/9800\fP
+ .PP
+ Receive flows from any exporter on port 9800\&. Do not perform any flow
+ file space management\&. Store the exports in /flows/krc4\&. Emit a stat
Index: flow-tools-0.67/src/flow-cat.c
--- flow-tools-0.67/src/flow-cat.c.orig 2003-04-02 20:03:01 +0200
-+++ flow-tools-0.67/src/flow-cat.c 2004-12-17 16:37:33 +0100
++++ flow-tools-0.67/src/flow-cat.c 2004-12-17 17:46:49 +0100
@@ -550,7 +550,7 @@
if (done)
break;
@@ -12,7 +37,7 @@
Index: flow-tools-0.67/src/flow-dscan.c
--- flow-tools-0.67/src/flow-dscan.c.orig 2003-11-25 11:14:27 +0100
-+++ flow-tools-0.67/src/flow-dscan.c 2004-12-17 16:37:33 +0100
++++ flow-tools-0.67/src/flow-dscan.c 2004-12-17 17:46:49 +0100
@@ -559,7 +559,7 @@
if (ds.ager_timeout && (!(total_flows % 1000)))
ager(&ds, total_flows32);
@@ -33,7 +58,7 @@
Index: flow-tools-0.67/src/flow-fanout.c
--- flow-tools-0.67/src/flow-fanout.c.orig 2003-12-01 00:38:37 +0100
-+++ flow-tools-0.67/src/flow-fanout.c 2004-12-17 16:37:33 +0100
++++ flow-tools-0.67/src/flow-fanout.c 2004-12-17 17:46:49 +0100
@@ -839,7 +839,7 @@
} /* fte.buf_size */
@@ -45,7 +70,7 @@
Index: flow-tools-0.67/src/flow-receive.c
--- flow-tools-0.67/src/flow-receive.c.orig 2003-11-25 06:37:04 +0100
-+++ flow-tools-0.67/src/flow-receive.c 2004-12-17 16:37:33 +0100
++++ flow-tools-0.67/src/flow-receive.c 2004-12-17 17:46:49 +0100
@@ -732,7 +732,7 @@
} /* for */
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/flowtools/flowtools.spec
============================================================================
$ cvs diff -u -r1.3 -r1.4 flowtools.spec
--- openpkg-src/flowtools/flowtools.spec 17 Dec 2004 16:02:20 -0000
1.3
+++ openpkg-src/flowtools/flowtools.spec 17 Dec 2004 18:54:38 -0000
1.4
@@ -48,6 +48,7 @@
Source0:
ftp://ftp.eng.oar.net/pub/flow-tools/flow-tools-%{V_flowtools}.tar.gz
Source1:
http://security.uchicago.edu/tools/net-forensics/files/flowextract-%{V_flowextract}.cpio.gz
Source2: http://net.doit.wisc.edu/~plonka/Cflow/Cflow-%{V_cflow}.tar.gz
+Source3: rc.flowtools
Patch0: flowtools.patch
# build information
@@ -98,6 +99,7 @@
%patch -p0
%build
+ # build flow-tools
( cd flow-tools-%{V_flowtools}
CC="%{l_cc}" \
CFLAGS="%{l_cflags -O}" \
@@ -109,6 +111,8 @@
--localstatedir=%{l_prefix}/var/flowtools
%{l_make} %{l_mflags -O}
) || exit $?
+
+ # build flow-extract addon
( cd flowextract-%{V_flowextract}
%{l_make} %{l_mflags} \
CC="%{l_cc}" \
@@ -117,7 +121,9 @@
LIBS="-L../flow-tools-%{V_flowtools}/lib %{l_ldflags} -lft -lz" \
YACC="bison -y"
) || exit $?
+
%if "%{with_perl}" == "yes"
+ # build Perl API
%{l_prefix}/bin/perl-openpkg prepare
%{l_prefix}/bin/perl-openpkg \
-d Cflow-%{V_cflow} \
@@ -128,15 +134,21 @@
%install
rm -rf $RPM_BUILD_ROOT
+
+ # install flow-tools
( cd flow-tools-%{version}
%{l_make} %{l_mflags} install AM_MAKEFLAGS="DESTDIR=$RPM_BUILD_ROOT"
) || exit $?
+
+ # install flow-extract addon
( cd flowextract-%{V_flowextract}
%{l_shtool} install -c -s -m 755 \
flow-extract $RPM_BUILD_ROOT%{l_prefix}/bin/
%{l_shtool} install -c -m 644 \
flow-extract.1 $RPM_BUILD_ROOT%{l_prefix}/man/man1/
) || exit $?
+
+ # install Perl API
%if "%{with_perl}" == "yes"
%{l_prefix}/bin/perl-openpkg -d Cflow-%{V_cflow} install
%{l_prefix}/bin/perl-openpkg -F perl-openpkg-files fixate cleanup
@@ -148,16 +160,44 @@
%else
>perl-openpkg-files
%endif
+
+ # install run-command script
+ %{l_shtool} mkdir -f -p -m 755 \
+ $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d
+ %{l_shtool} install -c -m 755 %{l_value -s -a} \
+ %{SOURCE rc.flowtools} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/
+
+ # strip down installation
strip $RPM_BUILD_ROOT%{l_prefix}/bin/* >/dev/null 2>&1 || true
+
+ # create additional directories
+ %{l_shtool} mkdir -f -p -m 755 \
+ $RPM_BUILD_ROOT%{l_prefix}/var/flowtools/run \
+ $RPM_BUILD_ROOT%{l_prefix}/var/flowtools/db
+
+ # determine installation files
%{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
-%if "%{with_perl}" == "yes"
- %{l_files_std} `cat perl-openpkg-files`
-%else
- %{l_files_std}
-%endif
+ %{l_files_std} `cat perl-openpkg-files` \
+ '%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/flowtools/db' \
+ '%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/flowtools/run'
%files -f files
%clean
rm -rf $RPM_BUILD_ROOT
+%post
+ # after upgrade, restart service
+ [ $1 -eq 2 ] || exit 0
+ eval `%{l_rc} flowtools status 2>/dev/null`
+ [ ".$flowtools_active" = .yes ] && %{l_rc} flowtools restart
+ exit 0
+
+%preun
+ # before erase, stop service and remove log files
+ [ $1 -eq 0 ] || exit 0
+ %{l_rc} flowtools stop 2>/dev/null
+ rm -rf $RPM_INSTALL_PREFIX/var/flowtools/db/* >/dev/null 2>&1 || true
+ rm -f $RPM_INSTALL_PREFIX/var/flowtools/run/* >/dev/null 2>&1 || true
+ exit 0
+
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/flowtools/rc.flowtools
============================================================================
$ cvs diff -u -r0 -r1.1 rc.flowtools
--- /dev/null 2004-12-17 19:54:39 +0100
+++ rc.flowtools 2004-12-17 19:54:39 +0100
@@ -0,0 +1,66 @@
[EMAIL PROTECTED]@/lib/openpkg/bash @l_prefix@/etc/rc
+##
+## rc.flowtools -- Run-Commands
+##
+
+%config
+ flowtools_enable="$openpkg_rc_def"
+ flowtools_capture="no"
+ flowtools_capture_flags="-V5 -N-1 -n95 -E10M -z4"
+ flowtools_capture_workdir="@l_prefix@/var/flowtools/db"
+ flowtools_capture_listen="127.0.0.1/0/4432"
+ flowtools_capture_log_prolog="true"
+ flowtools_capture_log_epilog="true"
+ flowtools_capture_log_numfiles="10"
+ flowtools_capture_log_minsize="1M"
+ flowtools_capture_log_complevel="9"
+
+%common
+ flowtools_capture_logfile="@l_prefix@/var/flowtools/run/flow-capture.log"
+ flowtools_capture_pidfile="@l_prefix@/var/flowtools/run/flow-capture.pid"
+ flowtools_capture_signal () {
+ [ -f $flowtools_capture_pidfile ] && kill -$1 `cat
$flowtools_capture_pidfile`
+ }
+
+%status -u @l_rusr@ -o
+ flowtools_usable="unknown"
+ flowtools_active="no"
+ rcService flowtools enable yes && rcVarIsYes flowtools_capture && \
+ flowtools_capture_signal 0 && flowtools_active="yes"
+ echo "flowtools_enable=\"$flowtools_enable\""
+ echo "flowtools_usable=\"$flowtools_usable\""
+ echo "flowtools_active=\"$flowtools_active\""
+
+%start -u @l_rusr@
+ rcService flowtools enable yes || exit 0
+ rcService flowtools active yes && exit 0
+ rcVarIsYes flowtools_capture || exit 0
+ eval @l_prefix@/bin/flow-capture \
+ $flowtools_capture_flags \
+ -p "$flowtools_capture_pidfile" \
+ -w "$flowtools_capture_workdir" \
+ "$flowtools_capture_listen"
+
+%stop -u @l_rusr@
+ rcService flowtools enable yes || exit 0
+ rcService flowtools active no && exit 0
+ rcVarIsYes flowtools_capture || exit 0
+ flowtools_capture_signal TERM
+ sleep 2
+
+%restart -u @l_rusr@
+ rcService flowtools enable yes || exit 0
+ rcService flowtools active no && exit 0
+ rcVarIsYes flowtools_capture || exit 0
+ rc flowtools stop start
+
+%daily -u @l_rusr@
+ rcService flowtools enable yes || exit 0
+ rcVarIsYes flowtools_capture || exit 0
+ shtool rotate -f \
+ -n ${flowtools_capture_log_numfiles} -s
${flowtools_capture_log_minsize} -d \
+ -z ${flowtools_capture_log_complevel} -m 644 -o @l_rusr@ -g @l_rgrp@
\
+ -P "${flowtools_capture_log_prolog}" \
+ -E "${flowtools_capture_log_epilog}; rc flowtools restart" \
+ $flowtools_capture_logfile
+
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [EMAIL PROTECTED]
