Like I said, I haven't tested these (beyond compiling them on a system
WITH ipv6). They may not work at all
These are simple code diffs. To apply cd into the ossec-hids-2.6/src
directory and run "patch -p0 < os_net.diff" and "patch -p0 <
client-agent.diff"
It should look something like:
[ddp@ix] :; patch -p0 < /tmp/os_net.diff
Hmm... Looks like a unified diff to me...
The text leading up to this was:
--------------------------
|diff -u ../../2/ossec-hids-2.6/src/os_net/os_net.c ./os_net/os_net.c
|--- ../../2/ossec-hids-2.6/src/os_net/os_net.c Mon Jul 11 15:36:59 2011
|+++ ./os_net/os_net.c Tue Sep 6 16:04:09 2011
--------------------------
Patching file ./os_net/os_net.c using Plan A...
Hunk #1 succeeded at 41.
Hunk #2 succeeded at 83.
Hunk #3 succeeded at 103.
Hunk #4 succeeded at 112.
Hunk #5 succeeded at 137.
Hunk #6 succeeded at 163.
Hunk #7 succeeded at 302.
Hunk #8 succeeded at 356.
Hunk #9 succeeded at 380.
Hunk #10 succeeded at 404.
Hmm... The next patch looks like a unified diff to me...
The text leading up to this was:
--------------------------
|diff -u ../../2/ossec-hids-2.6/src/os_net/os_net.h ./os_net/os_net.h
|--- ../../2/ossec-hids-2.6/src/os_net/os_net.h Mon Jul 11 15:36:59 2011
|+++ ./os_net/os_net.h Tue Sep 6 16:00:05 2011
--------------------------
Patching file ./os_net/os_net.h using Plan A...
Hunk #1 succeeded at 23.
Hunk #2 succeeded at 43.
and
[ddp@ix] :; patch -p0 < /tmp/client-agent.diff
Hmm... Looks like a unified diff to me...
The text leading up to this was:
--------------------------
|diff -u ../../2/ossec-hids-2.6/src/client-agent/start_agent.c
./client-agent/start_agent.c
|--- ../../2/ossec-hids-2.6/src/client-agent/start_agent.c Mon Jul
11 15:36:58 2011
|+++ ./client-agent/start_agent.c Tue Sep 6 16:11:03 2011
--------------------------
Patching file ./client-agent/start_agent.c using Plan A...
Hunk #1 succeeded at 101.
done
Good luck!
dan
On Tue, Sep 06, 2011 at 01:29:36PM -0700, Alisha Kloc wrote:
> Daniel,
>
> Is that something that can be added as a switch to an official
> release? We are absolutely forbidden from modifying source code, so we
> wouldn't be able to do it ourselves.
>
> Dan,
>
> I'd offer to test those when our HP-UX systems become available again,
> but I have no idea what they're telling me - I'm not a programmer and
> we don't do code on this project. Sorry!
>
>
>
>
>
>
> On Sep 6, 1:16?pm, dan <ddp...@gmail.com> wrote:
> > I don't have an ipv6-less system to test this, but these MAY work
> > on an agent.
> >
> >
> >
> >
> >
> >
> >
> > On Tue, Sep 06, 2011 at 11:32:02AM -0700, Alisha Kloc wrote:
> > > Well, crud. We need HP-UX support and if we can't compile the agents
> > > because of IPv6, I guess that means we won't be upgrading past OSSEC
> > > 2.5.
> >
> > > Does OSSEC still have that bug tracker/feature request site? I don't
> > > know if we're a corner case or what, but if it's not too difficult to
> > > add, I really would like to file it as a feature request.
> >
> > > On Sep 5, 11:41?am, "dan (ddp)" <ddp...@gmail.com> wrote:
> > > > There isn't currently a way to disable ipv6 like that.
> >
> >
> >
> > ?os_net.diff
> > 6KViewDownload
> >
> > ?client-agent.diff
> > < 1KViewDownload
diff -u ../../2/ossec-hids-2.6/src/os_net/os_net.c ./os_net/os_net.c
--- ../../2/ossec-hids-2.6/src/os_net/os_net.c Mon Jul 11 15:36:59 2011
+++ ./os_net/os_net.c Tue Sep 6 16:04:09 2011
@@ -41,25 +41,41 @@
#endif /* WIN32*/
+/* Trying to remove inet6 */
+#ifdef OS_NOINET6
+struct sockaddr_in _c; /* Client socket */
+socklen_t _cl; /* Client socket length */
+#endif
+
/* OS_Bindport v 0.2, 2005/02/11
* Bind a specific port
* v0.2: Added REUSEADDR.
*/
+#ifndef OS_NOINET6
int OS_Bindport(unsigned int _port, unsigned int _proto, char *_ip, int ipv6)
+#else
+int OS_Bindport(unsigned int _port, unsigned int _proto, char *_ip)
+#endif
{
int ossock;
struct sockaddr_in server;
+ #ifndef OS_NOINET6
#ifndef WIN32
struct sockaddr_in6 server6;
#else
ipv6 = 0;
#endif
+ #endif
if(_proto == IPPROTO_UDP)
{
+ #ifndef OS_NOINET6
if((ossock = socket(ipv6 == 1?PF_INET6:PF_INET, SOCK_DGRAM,
IPPROTO_UDP)) < 0)
+ #else
+ if((ossock = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0)
+ #endif
{
return OS_SOCKTERR;
}
@@ -67,7 +83,11 @@
else if(_proto == IPPROTO_TCP)
{
int flag = 1;
+ #ifndef OS_NOINET6
if((ossock = socket(ipv6 == 1?PF_INET6:PF_INET, SOCK_STREAM,
IPPROTO_TCP)) < 0)
+ #else
+ if((ossock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) < 0)
+ #endif
{
return(int)(OS_SOCKTERR);
}
@@ -83,6 +103,7 @@
return(OS_INVALID);
}
+ #ifndef OS_NOINET6
if(ipv6)
{
#ifndef WIN32
@@ -91,7 +112,6 @@
server6.sin6_port = htons( _port );
server6.sin6_addr = in6addr_any;
-
if(bind(ossock, (struct sockaddr *) &server6, sizeof(server6)) < 0)
{
return(OS_SOCKTERR);
@@ -117,8 +137,16 @@
}
}
+ #else
+ memset(&server, 0, sizeof(server));
+ server.sin_family = AF_INET;
+ server.sin_port = htons( _port );
+ if((_ip == NULL)||(_ip[0] == '\0'))
+ server.sin_addr.s_addr = htonl(INADDR_ANY);
+ #endif
+
if(_proto == IPPROTO_TCP)
{
if(listen(ossock, 32) < 0)
@@ -135,18 +163,34 @@
/* OS_Bindporttcp v 0.1
* Bind a TCP port, using the OS_Bindport
*/
+#ifndef OS_NOINET6
int OS_Bindporttcp(unsigned int _port, char *_ip, int ipv6)
+#else
+int OS_Bindporttcp(unsigned int _port, char *_ip)
+#endif
{
+ #ifndef OS_NOINET6
return(OS_Bindport(_port, IPPROTO_TCP, _ip, ipv6));
+ #else
+ return(OS_Bindport(_port, IPPROTO_TCP, _ip));
+ #endif
}
/* OS_Bindportudp v 0.1
* Bind a UDP port, using the OS_Bindport
*/
+#ifndef OS_NOINET6
int OS_Bindportudp(unsigned int _port, char *_ip, int ipv6)
+#else
+int OS_Bindportudp(unsigned int _port, char *_ip)
+#endif
{
+ #ifndef OS_NOINET6
return(OS_Bindport(_port, IPPROTO_UDP, _ip, ipv6));
+ #else
+ return(OS_Bindport(_port, IPPROTO_TCP, _ip));
+ #endif
}
#ifndef WIN32
@@ -258,25 +302,40 @@
/* OS_Connect v 0.1, 2004/07/21
* Open a TCP/UDP client socket
*/
+#ifndef OS_NOINET6
int OS_Connect(unsigned int _port, unsigned int protocol, char *_ip, int ipv6)
+#else
+int OS_Connect(unsigned int _port, unsigned int protocol, char *_ip)
+#endif
{
int ossock;
struct sockaddr_in server;
+ #ifndef OS_NOINET6
#ifndef WIN32
struct sockaddr_in6 server6;
#else
ipv6 = 0;
#endif
+ #endif
+
if(protocol == IPPROTO_TCP)
{
+ #ifndef OS_NOINET6
if((ossock = socket(ipv6 ==
1?PF_INET6:PF_INET,SOCK_STREAM,IPPROTO_TCP)) < 0)
+ #else
+ if((ossock = socket(PF_INET,SOCK_STREAM,IPPROTO_TCP)) < 0)
+ #endif
return(OS_SOCKTERR);
}
else if(protocol == IPPROTO_UDP)
{
+ #ifndef OS_NOINET6
if((ossock = socket(ipv6 ==
1?PF_INET6:PF_INET,SOCK_DGRAM,IPPROTO_UDP)) < 0)
+ #else
+ if((ossock = socket(PF_INET,SOCK_DGRAM,IPPROTO_UDP)) < 0)
+ #endif
return(OS_SOCKTERR);
}
else
@@ -297,7 +356,7 @@
if((_ip == NULL)||(_ip[0] == '\0'))
return(OS_INVALID);
-
+ #ifndef OS_NOINET6
if(ipv6 == 1)
{
#ifndef WIN32
@@ -321,8 +380,23 @@
if(connect(ossock,(struct sockaddr *)&server, sizeof(server)) < 0)
return(OS_SOCKTERR);
}
+ #else
+ _cl = sizeof(server);
+ memset(&server, 0, _cl);
+ server.sin_family = AF_INET;
+ server.sin_port = htons( _port );
+ if((_ip == NULL)||(_ip[0] == '\0'))
+ return(OS_INVALID);
+
+ server.sin_addr.s_addr = inet_addr(_ip);
+
+ if(connect(ossock,(struct sockaddr *)&server, _cl) < 0)
+ return(OS_SOCKTERR);
+ #endif
+
+
return(ossock);
}
@@ -330,19 +404,33 @@
/* OS_ConnectTCP, v0.1
* Open a TCP socket
*/
+#ifndef OS_NOINET6
int OS_ConnectTCP(unsigned int _port, char *_ip, int ipv6)
{
return(OS_Connect(_port, IPPROTO_TCP, _ip, ipv6));
}
+#else
+int OS_ConnectTCP(unsigned int _port, char *_ip)
+{
+ return(OS_Connect(_port, IPPROTO_TCP,_ip));
+}
+#endif
/* OS_ConnectUDP, v0.1
* Open a UDP socket
*/
+#ifndef OS_NOINET6
int OS_ConnectUDP(unsigned int _port, char *_ip, int ipv6)
{
return(OS_Connect(_port, IPPROTO_UDP, _ip, ipv6));
}
+#else
+int OS_ConnectUDP(unsigned int _port, char *_ip)
+{
+ return(OS_Connect(_port, IPPROTO_UDP,_ip));
+}
+#endif
/* OS_SendTCP v0.1, 2004/07/21
* Send a TCP packet (in a open socket)
diff -u ../../2/ossec-hids-2.6/src/os_net/os_net.h ./os_net/os_net.h
--- ../../2/ossec-hids-2.6/src/os_net/os_net.h Mon Jul 11 15:36:59 2011
+++ ./os_net/os_net.h Tue Sep 6 16:00:05 2011
@@ -23,8 +23,13 @@
* If the IP is not set, it is going to use ADDR_ANY
* Return the socket.
*/
+#ifndef OS_NOINET6
int OS_Bindporttcp(unsigned int _port, char *_ip, int ipv6);
int OS_Bindportudp(unsigned int _port, char *_ip, int ipv6);
+#else
+int OS_Bindporttcp(unsigned int _port, char *_ip);
+int OS_Bindportudp(unsigned int _port, char *_ip);
+#endif
/* OS_BindUnixDomain
* Bind to a specific file, using the "mode" permissions in
@@ -38,8 +43,13 @@
/* OS_Connect
* Connect to a TCP/UDP socket
*/
+#ifndef OS_NOINET6
int OS_ConnectTCP(unsigned int _port, char *_ip, int ipv6);
int OS_ConnectUDP(unsigned int _port, char *_ip, int ipv6);
+#else
+int OS_ConnectTCP(unsigned int _port, char *_ip);
+int OS_ConnectUDP(unsigned int _port, char *_ip);
+#endif
/* OS_RecvUDP
* Receive a UDP packet. Return NULL if failed
diff -u ../../2/ossec-hids-2.6/src/client-agent/start_agent.c
./client-agent/start_agent.c
--- ../../2/ossec-hids-2.6/src/client-agent/start_agent.c Mon Jul 11
15:36:58 2011
+++ ./client-agent/start_agent.c Tue Sep 6 16:11:03 2011
@@ -101,12 +101,20 @@
if(strchr(tmp_str,':') != NULL)
{
verbose("%s: INFO: Using IPv6 for: %s .", ARGV0, tmp_str);
+ #ifndef OS_NOINET6
logr->sock = OS_ConnectUDP(logr->port, tmp_str, 1);
+ #else
+ logr->sock = OS_ConnectUDP(logr->port, tmp_str);
+ #endif
}
else
{
verbose("%s: INFO: Using IPv4 for: %s .", ARGV0, tmp_str);
+ #ifndef OS_NOINET6
logr->sock = OS_ConnectUDP(logr->port, tmp_str, 0);
+ #else
+ logr->sock = OS_ConnectUDP(logr->port, tmp_str);
+ #endif
}
if(logr->sock < 0)
