diff options
| author |   Robin H. Johnson <robbat2@gentoo.org> | 2021-06-25 12:37:30 -0700 |
|---|---|---|
| committer | Robin H. Johnson <robbat2@gentoo.org> | 2021-06-25 12:39:00 -0700 |
| commit | d91c0ed83a72211fdd90b0db9f19d77cca2110e0 (patch) | |
| tree | e2512c989f36c4320b3d1cd4155768dfb27297f3 /net-analyzer | |
| parent | www-client/links: Stabilize 2.23 ppc64, #798720 (diff) | |
| download | gentoo-d91c0ed83a72211fdd90b0db9f19d77cca2110e0.tar.gz gentoo-d91c0ed83a72211fdd90b0db9f19d77cca2110e0.tar.bz2 gentoo-d91c0ed83a72211fdd90b0db9f19d77cca2110e0.zip | |
net-analyzer/fprobe: ensure pcap filter is always set
Closes: https://bugs.gentoo.org/301110
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
Diffstat (limited to 'net-analyzer')
| -rw-r--r-- | net-analyzer/fprobe/files/conf.d-fprobe-r1 | 72 | ||||
| -rw-r--r-- | net-analyzer/fprobe/files/init.d-fprobe-r1 | 40 | ||||
| -rw-r--r-- | net-analyzer/fprobe/fprobe-1.1-r4.ebuild | 43 |
3 files changed, 155 insertions, 0 deletions
diff --git a/net-analyzer/fprobe/files/conf.d-fprobe-r1 b/net-analyzer/fprobe/files/conf.d-fprobe-r1 new file mode 100644 index 000000000000..ca7aff4e4341 --- /dev/null +++ b/net-analyzer/fprobe/files/conf.d-fprobe-r1 @@ -0,0 +1,72 @@ +# Config file for /etc/init.d/fprobe + +# Do we want the interface in promiscous mode [yes/no] +#PROMISC=no + +# Interface +IFACE=eth0 + +# required: only capture packets matching this tcpdump expression +# default is all IP + IPv6 +FILTER="ip or ip6" + +# Flow state timers +#TIMER_EXPIRED=5 +#TIMER_FRAGMENTED=30 +#TIMER_IDLE=60 +#TIMER_ACTIVE=300 + +# This is the default and should be left unless you know what you are doing +#FLOW_VER=5 + +# local ip. if configured fprobe will use this as the source IP for sending ALL flow data +# If you want to specify a specific source address per collecter, customize it below +#LOCALIP= + +# SNMP iface id +SNMP_IFACE="${IFACE#eth}" + +# Maximum number of concurrent flows to track +# using a specified amount of memory +#MEMBULK=10000 +#MEMLIMIT= + +# Pending queue +#PENDING=100 + +# Kernel capture buffer size (kB) +#KERNBUF=1024 + +# Realtime priority [0=disabled, 1..99] +#RTPRIO=0 + +# Delay N nanoseconds after each B bytes +#DELAY="0:0" + +# How much of the start of each packet to grab +#SNAPLEN=256 + +# chroot() to this location after startup +CHROOT="/var/empty" + +# User to run as. must have perms to the pidfile directory /var/run/fprobe/ +USER=nobody + +# logging level for syslog (0=EMERG, ..., 6=INFO, 7=DEBUG) +#LOGLEVEL=6 + +# If you want to run multiple instances of fprobe, +# You MUST set this variable to a unique INTEGER for each one! +PIDFILE_ID='' + +# remote ip. this is where we send flows +REMOTEIP=127.0.0.1 +# port to listen on +PORT=2055 +# Collector type, see the manpage for valid types +TYPE='' + +# If you want multiple collectors, just specify each one here +COLLECTORS="${REMOTEIP}:${PORT}/${LOCALIP}/${TYPE}" + +# vim:ft=gentoo-conf-d: diff --git a/net-analyzer/fprobe/files/init.d-fprobe-r1 b/net-analyzer/fprobe/files/init.d-fprobe-r1 new file mode 100644 index 000000000000..2dc84b8bfbe9 --- /dev/null +++ b/net-analyzer/fprobe/files/init.d-fprobe-r1 @@ -0,0 +1,40 @@ +#!/sbin/openrc-run +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +depend() { + need net +} + +BIN=/usr/sbin/fprobe +PIDFILE_EXTRA="" +[ -n "$PIDFILE_ID" ] && PIDFILE_EXTRA="[$PIDFILE_ID]" +PIDFILE="/var/run/fprobe$PIDFILE_EXTRA.pid" + +start() { + ebegin "Starting fprobe" + local OPTS="" + [ "${PROMISC}" = "yes" ] || OPTS="${OPTS} -p" + for optname in i:IFACE s:TIMER_EXPIRED g:TIME_FRAGMENTED d:TIMER_IDLE \ + e:TIMER_ACTIVE n:FLOW_VER a:LOCALIP x:SNMP_IFACE b:MEMBULK \ + m:MEMLIMIT q:PENDING B:KERNBUF r:RTPRIO t:DELAY S:SNAPLEN \ + c:CHROOT u:USER v:LOGLEVEL ; do + opt="${optname%:*}" optvar="${optname#*:}" + eval optvalue='$'$optvar + [ -n "$optvalue" ] && OPTS="${OPTS} -${opt} ${optvalue}" + done + OPTS="${OPTS} -l 1:${PIDFILE_ID} ${COLLECTORS}" + start-stop-daemon --start --exec $BIN \ + --pidfile ${PIDFILE} \ + -- -f "${FILTER}" ${OPTS} + eend $? +} + +stop() { + ebegin "Stopping fprobe" + start-stop-daemon --stop --quiet --exec $BIN \ + --pidfile ${PIDFILE} + eend $? +} + +# vim:ft=gentoo-init-d: diff --git a/net-analyzer/fprobe/fprobe-1.1-r4.ebuild b/net-analyzer/fprobe/fprobe-1.1-r4.ebuild new file mode 100644 index 000000000000..4b72538e6d56 --- /dev/null +++ b/net-analyzer/fprobe/fprobe-1.1-r4.ebuild @@ -0,0 +1,43 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +DESCRIPTION="libpcap-based tool to collect network traffic data and emit it as NetFlow flows" +HOMEPAGE="http://fprobe.sourceforge.net" +LICENSE="GPL-2" + +SRC_URI="mirror://sourceforge/fprobe/${P}.tar.bz2" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~x86" + +IUSE="debug messages" + +DEPEND=" + net-libs/libpcap +" +RDEPEND=" + ${DEPEND} +" +PATCHES=( + "${FILESDIR}"/fprobe-1.1-pidfile-sanity.patch + "${FILESDIR}"/fprobe-1.1-setgroups.patch +) + +src_configure() { + econf \ + $(use_enable debug) \ + $(use_enable messages) +} + +DOCS=( AUTHORS NEWS README TODO ) + +src_install() { + default + + docinto contrib + dodoc contrib/tg.sh + + newinitd "${FILESDIR}"/init.d-fprobe-r1 fprobe + newconfd "${FILESDIR}"/conf.d-fprobe-r1 fprobe +} |