From 411a2782aaa756b3a8f3988763ac592cff1257b3 Mon Sep 17 00:00:00 2001 From: Francesco Colista Date: Mon, 8 Jul 2013 11:33:58 +0000 Subject: main/arpwatch: added several patches for improving options and security --- .../arpwatch/01_all_arpwatch-2.1a15-manpages.patch | 69 +++ main/arpwatch/02_all_arpwatch-2.1a15-srcdir.patch | 250 ++++++++++ main/arpwatch/03_all_arpwatch-2.1a15-getopt.patch | 150 ++++++ ..._all_arpwatch-2.1a15-sendmail-cmdline-opt.patch | 159 +++++++ .../05_all_arpwatch-2.1a15-promiscuous-mode.patch | 89 ++++ .../06_all_arpwatch-2.1a15-bogons-report.patch | 507 +++++++++++++++++++++ .../07_all_arpwatch-2.1a15-specify-mail.patch | 168 +++++++ .../08_all_arpwatch-2.1a15-drop-priveleges.patch | 147 ++++++ .../09_all_arpwatch-2.1a15-quite-mail.patch | 90 ++++ .../10_all_arpwatch-2.1a15-ignore-net.patch | 97 ++++ .../11_all_arpwatch-2.1a15-secure-tmp.patch | 26 ++ ...ll_arpwatch-2.1a15-defalt-dir-in-manpages.patch | 24 + .../13_all_arpwatch-2.1a15-scripts-awk.patch | 31 ++ .../14_all_arpwatch-2.1a15-paths-fix.patch | 35 ++ .../15_all_arpwatch-2.1a15-fix-dead-lock.patch | 32 ++ ...watch-2.1a15-additional-manpages-cleanups.patch | 98 ++++ main/arpwatch/17_all_arpwatch-2.1a15-restart.patch | 162 +++++++ main/arpwatch/18_all_arpwatch-2.1a15-nofork.patch | 94 ++++ .../19_all_arpwatch-2.1a15-nonewstation.patch | 100 ++++ ..._all_arpwatch-2.1a15-noreversedns-resolve.patch | 99 ++++ .../21_all_arpwatch-2.1a15-pid-filename.patch | 108 +++++ main/arpwatch/APKBUILD | 104 ++++- main/arpwatch/arpwatch.pre-install | 4 + 23 files changed, 2637 insertions(+), 6 deletions(-) create mode 100644 main/arpwatch/01_all_arpwatch-2.1a15-manpages.patch create mode 100644 main/arpwatch/02_all_arpwatch-2.1a15-srcdir.patch create mode 100644 main/arpwatch/03_all_arpwatch-2.1a15-getopt.patch create mode 100644 main/arpwatch/04_all_arpwatch-2.1a15-sendmail-cmdline-opt.patch create mode 100644 main/arpwatch/05_all_arpwatch-2.1a15-promiscuous-mode.patch create mode 100644 main/arpwatch/06_all_arpwatch-2.1a15-bogons-report.patch create mode 100644 main/arpwatch/07_all_arpwatch-2.1a15-specify-mail.patch create mode 100644 main/arpwatch/08_all_arpwatch-2.1a15-drop-priveleges.patch create mode 100644 main/arpwatch/09_all_arpwatch-2.1a15-quite-mail.patch create mode 100644 main/arpwatch/10_all_arpwatch-2.1a15-ignore-net.patch create mode 100644 main/arpwatch/11_all_arpwatch-2.1a15-secure-tmp.patch create mode 100644 main/arpwatch/12_all_arpwatch-2.1a15-defalt-dir-in-manpages.patch create mode 100644 main/arpwatch/13_all_arpwatch-2.1a15-scripts-awk.patch create mode 100644 main/arpwatch/14_all_arpwatch-2.1a15-paths-fix.patch create mode 100644 main/arpwatch/15_all_arpwatch-2.1a15-fix-dead-lock.patch create mode 100644 main/arpwatch/16_all_arpwatch-2.1a15-additional-manpages-cleanups.patch create mode 100644 main/arpwatch/17_all_arpwatch-2.1a15-restart.patch create mode 100644 main/arpwatch/18_all_arpwatch-2.1a15-nofork.patch create mode 100644 main/arpwatch/19_all_arpwatch-2.1a15-nonewstation.patch create mode 100644 main/arpwatch/20_all_arpwatch-2.1a15-noreversedns-resolve.patch create mode 100644 main/arpwatch/21_all_arpwatch-2.1a15-pid-filename.patch create mode 100644 main/arpwatch/arpwatch.pre-install (limited to 'main/arpwatch') diff --git a/main/arpwatch/01_all_arpwatch-2.1a15-manpages.patch b/main/arpwatch/01_all_arpwatch-2.1a15-manpages.patch new file mode 100644 index 0000000000..987f16e462 --- /dev/null +++ b/main/arpwatch/01_all_arpwatch-2.1a15-manpages.patch @@ -0,0 +1,69 @@ +Taken from tcpdump-3.8.2-14.FC4.src.rpm with some similar fixes for arpwatch.8 +and and fixes unescaped hyphen in arpwatch and arpsnmp man pages. + +diff -Naru arpwatch-2.1a15.orig/arpsnmp.8 arpwatch-2.1a15/arpsnmp.8 +--- arpwatch-2.1a15.orig/arpsnmp.8 2000-09-18 00:34:48.000000000 +0400 ++++ arpwatch-2.1a15/arpsnmp.8 2006-09-22 19:21:55.000000000 +0400 +@@ -22,7 +22,7 @@ + .TH ARPSNMP 8 "17 September 2000" + .UC 4 + .SH NAME +-arpsnmp - keep track of ethernet/ip address pairings ++arpsnmp \- keep track of ethernet/ip address pairings + .SH SYNOPSIS + .B arpsnmp + [ +@@ -41,7 +41,7 @@ + and reports certain changes via email. + .B Arpsnmp + reads information from a file (usually generated by +-.BR snmpwalk (8)). ++.BR snmpwalk (1)). + .LP + The + .B -d +@@ -62,9 +62,9 @@ + .LP + .SH "REPORT MESSAGES" + (See the +-.BR arpwatch (1) ++.BR arpwatch (8) + man page for details on the report messages generated by +-.BR arpsnmp (1).) ++.BR arpsnmp (8).) + .SH FILES + .na + .nh +@@ -79,7 +79,7 @@ + .na + .nh + .BR arpwatch (8), +-.BR snmpwalk (8), ++.BR snmpwalk (1), + .BR arp (8) + .ad + .hy +diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8 +--- arpwatch-2.1a15.orig/arpwatch.8 2000-10-09 00:31:28.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.8 2006-09-22 19:22:07.000000000 +0400 +@@ -22,7 +22,7 @@ + .TH ARPWATCH 8 "8 October 2000" + .UC 4 + .SH NAME +-arpwatch - keep track of ethernet/ip address pairings ++arpwatch \- keep track of ethernet/ip address pairings + .SH SYNOPSIS + .na + .B arpwatch +@@ -101,9 +101,9 @@ + .LP + .SH "REPORT MESSAGES" + Here's a quick list of the report messages generated by +-.BR arpwatch (1) ++.BR arpwatch (8) + (and +-.BR arpsnmp (1)): ++.BR arpsnmp (8)): + .TP + .B "new activity" + This ethernet/ip address pair has been used for the first time six diff --git a/main/arpwatch/02_all_arpwatch-2.1a15-srcdir.patch b/main/arpwatch/02_all_arpwatch-2.1a15-srcdir.patch new file mode 100644 index 0000000000..3ab59fcb2a --- /dev/null +++ b/main/arpwatch/02_all_arpwatch-2.1a15-srcdir.patch @@ -0,0 +1,250 @@ +Patch for aclocal, Makefile.in, configure.in to handle srcdir correctly. + +diff -Naru arpwatch-2.1a15.orig/aclocal.m4 arpwatch-2.1a15/aclocal.m4 +--- arpwatch-2.1a15.orig/aclocal.m4 2006-03-28 11:55:40.000000000 +0400 ++++ arpwatch-2.1a15/aclocal.m4 2006-09-22 16:16:24.000000000 +0400 +@@ -50,7 +50,7 @@ + $1="-O" + $2="" + if test "${srcdir}" != "." ; then +- $2="-I\$\(srcdir\)" ++ $2="-I\$(srcdir)" + fi + if test "${CFLAGS+set}" = set; then + LBL_CFLAGS="$CFLAGS" +diff -Naru arpwatch-2.1a15.orig/configure.in arpwatch-2.1a15/configure.in +--- arpwatch-2.1a15.orig/configure.in 2006-06-22 00:34:29.000000000 +0400 ++++ arpwatch-2.1a15/configure.in 2006-09-22 16:16:24.000000000 +0400 +@@ -143,17 +143,17 @@ + AC_DEFINE(HAVE_DN_SKIPNAME) + fi + +-if test -f .devel ; then ++if test -f $srcdir/.devel ; then + AC_DEFINE(LBL) + fi + +-if test -r lbl/gnuc.h ; then +- rm -f gnuc.h +- ln -s lbl/gnuc.h gnuc.h ++if test -r $srcdir/lbl/gnuc.h ; then ++ rm -f $srcdir/gnuc.h ++ ln -s lbl/gnuc.h $srcdir/gnuc.h + fi + +-if test ! -r addresses.h ; then +- cp addresses.h.in addresses.h ++if test ! -r $srcdir/addresses.h ; then ++ cp $srcdir/addresses.h.in $srcdir/addresses.h + fi + + AC_SUBST(V_CCOPT) +@@ -166,12 +166,12 @@ + + AC_OUTPUT(Makefile) + +-if test ! -f arp.dat ; then ++if test ! -f $srcdir/arp.dat ; then + echo 'creating empty arp.dat file' +- touch arp.dat ++ touch $srcdir/arp.dat + fi + +-if test -f .devel ; then ++if test -f $srcdir/.devel ; then + make depend + fi + exit 0 +diff -Naru arpwatch-2.1a15.orig/configure.in.orig arpwatch-2.1a15/configure.in.orig +--- arpwatch-2.1a15.orig/configure.in.orig 1970-01-01 03:00:00.000000000 +0300 ++++ arpwatch-2.1a15/configure.in.orig 2006-06-22 00:34:29.000000000 +0400 +@@ -0,0 +1,177 @@ ++dnl @(#) $Header: /usr/src/local/sbin/arpwatch/RCS/configure.in,v 1.35 2006/06/21 20:34:27 leres Exp $ (LBL) ++dnl ++dnl Copyright (c) 1994, 1995, 1996, 1997, 1998, 2000, 2006 ++dnl The Regents of the University of California. All rights reserved. ++dnl ++dnl Process this file with autoconf to produce a configure script. ++dnl ++ ++AC_INIT(arpwatch.c) ++ ++AC_CANONICAL_SYSTEM ++ ++umask 002 ++ ++if test -z "$PWD" ; then ++ PWD=`pwd` ++fi ++ ++AC_LBL_C_INIT(V_CCOPT, V_INCLS) ++ ++AC_CHECK_HEADERS(fcntl.h memory.h) ++AC_HEADER_TIME ++ ++AC_REPLACE_FUNCS(bcopy strerror) ++ ++dnl The following generates a warning from autoconf... ++AC_C_BIGENDIAN ++ ++AC_LBL_TYPE_SIGNAL ++AC_LBL_UNION_WAIT ++ ++AC_CHECK_LIB(resolv, res_query) ++AC_LBL_LIBPCAP(V_PCAPDEP, V_INCLS) ++ ++AC_PATH_PROG(V_SENDMAIL, sendmail, /usr/lib/sendmail, ++ $PATH:/usr/sbin:/usr/lib:/usr/bin:/usr/ucblib:/usr/local/etc) ++ ++case "$target_os" in ++ ++linux*) ++ V_INCLS="$V_INCLS -Ilinux-include" ++ ;; ++ ++osf3*) ++ # workaround around ip_hl vs. ip_vhl problem in netinet/ip.h ++ AC_DEFINE(__STDC__,2) ++ ;; ++esac ++ ++AC_LBL_CHECK_TYPE ++ ++AC_LBL_DEVEL(V_CCOPT) ++ ++AC_MSG_CHECKING(if ether_header uses ether_addr structs) ++AC_CACHE_VAL(ac_cv_ether_header_has_ea, ++ LBL_SAVE_CFLAGS="$CFLAGS" ++ CFLAGS="$CFLAGS $V_INCLS" ++ AC_TRY_COMPILE([ ++# include ++# if __STDC__ ++ /* osf3 has REALLY good prototyes */ ++ struct mbuf; ++ struct rtentry; ++# endif ++# include ++# include ++# include ++# include ], ++ [u_int i = ++ sizeof(((struct ether_header *)0)->ether_dhost.ether_addr_octet)], ++ ac_cv_ether_header_has_ea=yes, ++ ac_cv_ether_header_has_ea=no) ++ CFLAGS="$LBL_SAVE_CFLAGS") ++AC_MSG_RESULT($ac_cv_ether_header_has_ea) ++if test $ac_cv_ether_header_has_ea = yes ; then ++ AC_DEFINE(ETHER_HEADER_HAS_EA) ++fi ++ ++AC_MSG_CHECKING(if ether_arp uses ether_addr structs) ++AC_CACHE_VAL(ac_cv_ether_arp_has_ea, ++ LBL_SAVE_CFLAGS="$CFLAGS" ++ CFLAGS="$CFLAGS $V_INCLS" ++ AC_TRY_COMPILE([ ++# include ++# if __STDC__ ++ /* osf3 has REALLY good prototyes */ ++ struct mbuf; ++ struct rtentry; ++# endif ++# include ++# include ++# include ++# include ], ++ [u_int i = ++ sizeof(((struct ether_arp *)0)->arp_sha.ether_addr_octet)], ++ ac_cv_ether_arp_has_ea=yes, ++ ac_cv_ether_arp_has_ea=no) ++ CFLAGS="$LBL_SAVE_CFLAGS") ++AC_MSG_RESULT($ac_cv_ether_arp_has_ea) ++if test $ac_cv_ether_arp_has_ea = yes ; then ++ AC_DEFINE(ETHER_ARP_HAS_EA) ++fi ++ ++AC_MSG_CHECKING(if ether_arp uses erp_xsha member) ++AC_CACHE_VAL(ac_cv_struct_ether_arp_x, ++ LBL_SAVE_CFLAGS="$CFLAGS" ++ CFLAGS="$CFLAGS $V_INCLS" ++ AC_TRY_COMPILE([ ++# include ++# include ++# if __STDC__ ++ /* osf3 has REALLY good prototyes */ ++ struct mbuf; ++ struct rtentry; ++# endif ++# include ++# include ++# include ], ++ [u_int i = sizeof( ((struct ether_arp *)0)->arp_xsha)], ++ ac_cv_struct_ether_arp_x=yes, ++ ac_cv_struct_ether_arp_x=no) ++ CFLAGS="$LBL_SAVE_CFLAGS") ++AC_MSG_RESULT($ac_cv_struct_ether_arp_x) ++if test $ac_cv_struct_ether_arp_x = yes ; then ++ AC_DEFINE(ETHER_ARP_HAS_X) ++fi ++ ++dnl ++dnl bind 8 does some routine name renaming so we must test specially ++dnl ++AC_MSG_CHECKING(for dn_skipname) ++AC_CACHE_VAL(ac_cv_have_dn_skipname, ++ AC_TRY_LINK([ ++# include ++# include ++# include ++# include ], ++ [(void)dn_skipname(0, 0);], ++ ac_cv_have_dn_skipname=yes, ++ ac_cv_have_dn_skipname=no)) ++AC_MSG_RESULT($ac_cv_have_dn_skipname) ++if test $ac_cv_have_dn_skipname = yes ; then ++ AC_DEFINE(HAVE_DN_SKIPNAME) ++fi ++ ++if test -f .devel ; then ++ AC_DEFINE(LBL) ++fi ++ ++if test -r lbl/gnuc.h ; then ++ rm -f gnuc.h ++ ln -s lbl/gnuc.h gnuc.h ++fi ++ ++if test ! -r addresses.h ; then ++ cp addresses.h.in addresses.h ++fi ++ ++AC_SUBST(V_CCOPT) ++AC_SUBST(V_INCLS) ++AC_SUBST(V_PCAPDEP) ++AC_SUBST(V_SENDMAIL) ++AC_SUBST(LBL_LIBS) ++ ++AC_PROG_INSTALL ++ ++AC_OUTPUT(Makefile) ++ ++if test ! -f arp.dat ; then ++ echo 'creating empty arp.dat file' ++ touch arp.dat ++fi ++ ++if test -f .devel ; then ++ make depend ++fi ++exit 0 +diff -Naru arpwatch-2.1a15.orig/Makefile.in arpwatch-2.1a15/Makefile.in +--- arpwatch-2.1a15.orig/Makefile.in 2000-06-15 04:39:55.000000000 +0400 ++++ arpwatch-2.1a15/Makefile.in 2006-09-22 16:16:24.000000000 +0400 +@@ -104,7 +104,7 @@ + version.o: version.c + version.c: $(srcdir)/VERSION + @rm -f $@ +- sed -e 's/.*/char version[] = "&";/' $(srcdir)/VERSION > $@ ++ sed -e 's/.*/char version[] = "&";/' $(srcdir)/VERSION > $(srcdir)/$@ + + zap: zap.o intoa.o + $(CC) $(CFLAGS) -o $@ zap.o intoa.o -lutil diff --git a/main/arpwatch/03_all_arpwatch-2.1a15-getopt.patch b/main/arpwatch/03_all_arpwatch-2.1a15-getopt.patch new file mode 100644 index 0000000000..269adc8ea6 --- /dev/null +++ b/main/arpwatch/03_all_arpwatch-2.1a15-getopt.patch @@ -0,0 +1,150 @@ +Patch from debian. Just reorders usage output and getopt options to ease adding new features. + + +diff -Naru arpwatch-2.1a15.orig/arpsnmp.8 arpwatch-2.1a15/arpsnmp.8 +--- arpwatch-2.1a15.orig/arpsnmp.8 2006-09-22 17:18:02.000000000 +0400 ++++ arpwatch-2.1a15/arpsnmp.8 2006-09-22 18:17:44.000000000 +0400 +@@ -27,10 +27,15 @@ + .B arpsnmp + [ + .B -d +-] [ ++] ++.br ++.ti +8 ++[ + .B -f + .I datafile + ] ++.br ++.ti +8 + .I file + [ + .I ... +diff -Naru arpwatch-2.1a15.orig/arpsnmp.c arpwatch-2.1a15/arpsnmp.c +--- arpwatch-2.1a15.orig/arpsnmp.c 2004-01-23 01:25:17.000000000 +0300 ++++ arpwatch-2.1a15/arpsnmp.c 2006-09-22 18:17:15.000000000 +0400 +@@ -78,6 +78,10 @@ + register char *cp; + register int op, i; + char errbuf[256]; ++ char options[] = ++ "d" ++ "f:" ++ ; + + if ((cp = strrchr(argv[0], '/')) != NULL) + prog = cp + 1; +@@ -90,7 +94,7 @@ + } + + opterr = 0; +- while ((op = getopt(argc, argv, "df:")) != EOF) ++ while ((op = getopt(argc, argv, options)) != EOF) + switch (op) { + + case 'd': +@@ -182,9 +186,14 @@ + usage(void) + { + extern char version[]; ++ char usage[] = ++ "[-d] " ++ "[-f datafile] " ++ "file [...]\n" ++ ; + + (void)fprintf(stderr, "Version %s\n", version); + (void)fprintf(stderr, +- "usage: %s [-d] [-f datafile] file [...]\n", prog); ++ "usage: %s %s", prog, usage); + exit(1); + } +diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8 +--- arpwatch-2.1a15.orig/arpwatch.8 2006-09-22 17:18:02.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.8 2006-09-22 18:19:20.000000000 +0400 +@@ -28,10 +28,16 @@ + .B arpwatch + [ + .B -dN +-] [ ++] ++.br ++.ti +8 ++[ + .B -f + .I datafile +-] [ ++] ++.br ++.ti +8 ++[ + .B -i + .I interface + ] +@@ -40,7 +46,10 @@ + [ + .B -n + .IR net [/ width +-]] [ ++]] ++.br ++.ti +8 ++[ + .B -r + .I file + ] +diff -Naru arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c +--- arpwatch-2.1a15.orig/arpwatch.c 2004-01-23 01:18:20.000000000 +0300 ++++ arpwatch-2.1a15/arpwatch.c 2006-09-22 18:22:35.000000000 +0400 +@@ -153,6 +153,14 @@ + register char *interface, *rfilename; + struct bpf_program code; + char errbuf[PCAP_ERRBUF_SIZE]; ++ char options[] = ++ "d" ++ "f:" ++ "i:" ++ "n:" ++ "N" ++ "r:" ++ ; + + if (argv[0] == NULL) + prog = "arpwatch"; +@@ -170,7 +178,7 @@ + interface = NULL; + rfilename = NULL; + pd = NULL; +- while ((op = getopt(argc, argv, "df:i:n:Nr:")) != EOF) ++ while ((op = getopt(argc, argv, options)) != EOF) + switch (op) { + + case 'd': +@@ -201,7 +209,6 @@ + case 'r': + rfilename = optarg; + break; +- + default: + usage(); + } +@@ -748,9 +755,16 @@ + usage(void) + { + extern char version[]; ++ char usage[] = ++ "[-dN] " ++ "[-f datafile] " ++ "[-i interface] " ++ "[-n net[/width]] " ++ "[-r file] " ++ "\n" ++ ; + + (void)fprintf(stderr, "Version %s\n", version); +- (void)fprintf(stderr, "usage: %s [-dN] [-f datafile] [-i interface]" +- " [-n net[/width]] [-r file]\n", prog); ++ (void)fprintf(stderr, "usage: %s %s", prog, usage); + exit(1); + } diff --git a/main/arpwatch/04_all_arpwatch-2.1a15-sendmail-cmdline-opt.patch b/main/arpwatch/04_all_arpwatch-2.1a15-sendmail-cmdline-opt.patch new file mode 100644 index 0000000000..3b2ec7f4cd --- /dev/null +++ b/main/arpwatch/04_all_arpwatch-2.1a15-sendmail-cmdline-opt.patch @@ -0,0 +1,159 @@ +This patch from debian adds possibility to specify sendmail program. + +diff -Naru arpwatch-2.1a15.orig/arpsnmp.8 arpwatch-2.1a15/arpsnmp.8 +--- arpwatch-2.1a15.orig/arpsnmp.8 2006-09-22 19:26:53.000000000 +0400 ++++ arpwatch-2.1a15/arpsnmp.8 2006-09-22 19:31:59.000000000 +0400 +@@ -36,6 +36,12 @@ + ] + .br + .ti +8 ++[ ++.B -s ++.I sendmail_path ++] ++.br ++.ti +8 + .I file + [ + .I ... +@@ -60,6 +66,13 @@ + The default is + .IR arp.dat . + .LP ++The ++.B -s ++flag is used to specify the path to the sendmail program. Any program that ++takes the option -odi and then text from stdin can be substituted. This is ++useful for redirecting reports to log files instead of mail. (This feature ++comes from Debian). ++.LP + Note that an empty + .I arp.dat + file must be created before the first time you run +diff -Naru arpwatch-2.1a15.orig/arpsnmp.c arpwatch-2.1a15/arpsnmp.c +--- arpwatch-2.1a15.orig/arpsnmp.c 2006-09-22 19:26:53.000000000 +0400 ++++ arpwatch-2.1a15/arpsnmp.c 2006-09-22 19:26:23.000000000 +0400 +@@ -67,6 +67,7 @@ + __dead void usage(void) __attribute__((volatile)); + + char *prog; ++char *path_sendmail = PATH_SENDMAIL; + + extern int optind; + extern int opterr; +@@ -81,6 +82,7 @@ + char options[] = + "d" + "f:" ++ "s:" + ; + + if ((cp = strrchr(argv[0], '/')) != NULL) +@@ -109,6 +111,10 @@ + arpfile = optarg; + break; + ++ case 's': ++ path_sendmail = optarg; ++ break; ++ + default: + usage(); + } +@@ -189,6 +195,7 @@ + char usage[] = + "[-d] " + "[-f datafile] " ++ "[-s sendmail_path] " + "file [...]\n" + ; + +diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8 +--- arpwatch-2.1a15.orig/arpwatch.8 2006-09-22 19:26:53.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.8 2006-09-22 19:28:02.000000000 +0400 +@@ -53,6 +53,12 @@ + .B -r + .I file + ] ++.br ++.ti +8 ++[ ++.B -s ++.I sendmail_path ++] + .ad + .SH DESCRIPTION + .B Arpwatch +@@ -103,6 +109,13 @@ + .B arpwatch + does not fork. + .LP ++The ++.B -s ++flag is used to specify the path to the sendmail program. Any program that ++takes the option -odi and then text from stdin can be substituted. This is ++useful for redirecting reports to log files instead of mail. (This feature ++comes from Debian). ++.LP + Note that an empty + .I arp.dat + file must be created before the first time you run +diff -Naru arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c +--- arpwatch-2.1a15.orig/arpwatch.c 2006-09-22 19:26:53.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.c 2006-09-22 19:26:23.000000000 +0400 +@@ -106,6 +106,7 @@ + #endif + + char *prog; ++char *path_sendmail = PATH_SENDMAIL; + + int can_checkpoint; + int swapped; +@@ -160,6 +161,7 @@ + "n:" + "N" + "r:" ++ "s:" + ; + + if (argv[0] == NULL) +@@ -209,6 +211,11 @@ + case 'r': + rfilename = optarg; + break; ++ ++ case 's': ++ path_sendmail = optarg; ++ break; ++ + default: + usage(); + } +@@ -761,6 +768,7 @@ + "[-i interface] " + "[-n net[/width]] " + "[-r file] " ++ "[-s sendmail_path] " + "\n" + ; + +diff -Naru arpwatch-2.1a15.orig/report.c arpwatch-2.1a15/report.c +--- arpwatch-2.1a15.orig/report.c 2000-10-01 03:41:10.000000000 +0400 ++++ arpwatch-2.1a15/report.c 2006-09-22 19:26:23.000000000 +0400 +@@ -235,6 +235,7 @@ + report(register char *title, register u_int32_t a, register u_char *e1, + register u_char *e2, register time_t *t1p, register time_t *t2p) + { ++ extern char *path_sendmail; + register char *cp, *hn; + register int fd, pid; + register FILE *f; +@@ -242,7 +243,7 @@ + char *fmt = "%20s: %s\n"; + char *watcher = WATCHER; + char *watchee = WATCHEE; +- char *sendmail = PATH_SENDMAIL; ++ char *sendmail = path_sendmail; + char *unknown = ""; + char buf[132]; + static int init = 0; diff --git a/main/arpwatch/05_all_arpwatch-2.1a15-promiscuous-mode.patch b/main/arpwatch/05_all_arpwatch-2.1a15-promiscuous-mode.patch new file mode 100644 index 0000000000..3f4c679dd6 --- /dev/null +++ b/main/arpwatch/05_all_arpwatch-2.1a15-promiscuous-mode.patch @@ -0,0 +1,89 @@ +diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8 +--- arpwatch-2.1a15.orig/arpwatch.8 2006-09-22 19:33:49.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.8 2006-09-22 19:34:52.000000000 +0400 +@@ -59,6 +59,11 @@ + .B -s + .I sendmail_path + ] ++.br ++.ti +8 ++[ ++.B -p ++] + .ad + .SH DESCRIPTION + .B Arpwatch +@@ -116,6 +121,15 @@ + useful for redirecting reports to log files instead of mail. (This feature + comes from Debian). + .LP ++The ++.B -p ++flag disables promiscuous operation. ARP broadcasts get through hubs without ++having the interface in promiscuous mode, while saving considerable resources ++that would be wasted on processing gigabytes of non-broadcast traffic. OTOH, ++setting promiscuous mode does not mean getting 100% traffic that would concern ++.B arpwatch. ++YMMV. (This feature comes from Debian). ++.LP + Note that an empty + .I arp.dat + file must be created before the first time you run +diff -Naru arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c +--- arpwatch-2.1a15.orig/arpwatch.c 2006-09-22 19:33:49.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.c 2006-09-22 19:34:07.000000000 +0400 +@@ -162,6 +162,7 @@ + "N" + "r:" + "s:" ++ "p" + ; + + if (argv[0] == NULL) +@@ -216,6 +217,10 @@ + path_sendmail = optarg; + break; + ++ case 'p': ++ ++nopromisc; ++ break; ++ + default: + usage(); + } +@@ -283,7 +288,7 @@ + snaplen = max(sizeof(struct ether_header), + sizeof(struct fddi_header)) + sizeof(struct ether_arp); + timeout = 1000; +- pd = pcap_open_live(interface, snaplen, 1, timeout, errbuf); ++ pd = pcap_open_live(interface, snaplen, !nopromisc, timeout, errbuf); + if (pd == NULL) { + syslog(LOG_ERR, "pcap open %s: %s", interface, errbuf); + exit(1); +@@ -769,6 +774,7 @@ + "[-n net[/width]] " + "[-r file] " + "[-s sendmail_path] " ++ "[-p] " + "\n" + ; + +diff -Naru arpwatch-2.1a15.orig/util.c arpwatch-2.1a15/util.c +--- arpwatch-2.1a15.orig/util.c 2004-01-23 01:25:39.000000000 +0300 ++++ arpwatch-2.1a15/util.c 2006-09-22 19:35:15.000000000 +0400 +@@ -61,6 +61,7 @@ + + int debug = 0; + int initializing = 1; /* true if initializing */ ++int nopromisc = 0; /* don't activate promisc mode by default */ + + /* syslog() helper routine */ + void +diff -Naru arpwatch-2.1a15.orig/util.h arpwatch-2.1a15/util.h +--- arpwatch-2.1a15.orig/util.h 1996-10-06 14:22:14.000000000 +0400 ++++ arpwatch-2.1a15/util.h 2006-09-22 19:34:07.000000000 +0400 +@@ -17,3 +17,4 @@ + + extern int debug; + extern int initializing; ++extern int nopromisc; diff --git a/main/arpwatch/06_all_arpwatch-2.1a15-bogons-report.patch b/main/arpwatch/06_all_arpwatch-2.1a15-bogons-report.patch new file mode 100644 index 0000000000..a6bdaefd77 --- /dev/null +++ b/main/arpwatch/06_all_arpwatch-2.1a15-bogons-report.patch @@ -0,0 +1,507 @@ +diff -Naru arpwatch-2.1a15.orig/arpsnmp.c arpwatch-2.1a15/arpsnmp.c +--- arpwatch-2.1a15.orig/arpsnmp.c 2006-09-22 19:44:44.000000000 +0400 ++++ arpwatch-2.1a15/arpsnmp.c 2006-09-22 19:41:19.000000000 +0400 +@@ -63,7 +63,7 @@ + /* Forwards */ + int main(int, char **); + int readsnmp(char *); +-int snmp_add(u_int32_t, u_char *, time_t, char *); ++int snmp_add(u_int32_t, u_char *, time_t, char *, char *); + __dead void usage(void) __attribute__((volatile)); + + char *prog; +@@ -149,22 +149,24 @@ + static time_t now; + + int +-snmp_add(register u_int32_t a, register u_char *e, time_t t, register char *h) ++snmp_add(register u_int32_t a, register u_char *e, time_t t, register char *h, ++ char *interface) + { + /* Watch for ethernet broadcast */ + if (MEMCMP(e, zero, 6) == 0 || MEMCMP(e, allones, 6) == 0) { +- dosyslog(LOG_INFO, "ethernet broadcast", a, e, NULL); ++ dosyslog(LOG_INFO, "ethernet broadcast", a, e, NULL, ++ interface); + return (1); + } + + /* Watch for some ip broadcast addresses */ + if (a == 0 || a == 1) { +- dosyslog(LOG_INFO, "ip broadcast", a, e, NULL); ++ dosyslog(LOG_INFO, "ip broadcast", a, e, NULL, interface); + return (1); + } + + /* Use current time (although it would be nice to subtract idle time) */ +- return (ent_add(a, e, now, h)); ++ return (ent_add(a, e, now, h, interface)); + } + + /* Process an snmp file */ +diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8 +--- arpwatch-2.1a15.orig/arpwatch.8 2006-09-22 19:44:53.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.8 2006-09-22 19:41:19.000000000 +0400 +@@ -64,6 +64,11 @@ + [ + .B -p + ] ++.br ++.ti +8 ++[ ++.B -a ++] + .ad + .SH DESCRIPTION + .B Arpwatch +@@ -130,6 +135,17 @@ + .B arpwatch. + YMMV. (This feature comes from Debian). + .LP ++The ++.B -a ++flag tells ++.B arpwatch ++to report bogons about every IP address. By default, ++.B arpwatch ++reports bogons for IP addresses that are in the same subnet with the first IP ++address of the default interface (unless ++.B -N ++is given). (This feature comes from Debian). ++.LP + Note that an empty + .I arp.dat + file must be created before the first time you run +diff -Naru arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c +--- arpwatch-2.1a15.orig/arpwatch.c 2006-09-22 19:44:53.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.c 2006-09-22 19:41:19.000000000 +0400 +@@ -142,6 +142,8 @@ + int sanity_fddi(struct fddi_header *, struct ether_arp *, int); + __dead void usage(void) __attribute__((volatile)); + ++static char *interface; ++ + int + main(int argc, char **argv) + { +@@ -151,7 +153,7 @@ + register int fd; + #endif + register pcap_t *pd; +- register char *interface, *rfilename; ++ register char *rfilename; + struct bpf_program code; + char errbuf[PCAP_ERRBUF_SIZE]; + char options[] = +@@ -163,6 +165,7 @@ + "r:" + "s:" + "p" ++ "a" + ; + + if (argv[0] == NULL) +@@ -221,6 +224,10 @@ + ++nopromisc; + break; + ++ case 'a': ++ ++allsubnets; ++ break; ++ + default: + usage(); + } +@@ -399,29 +406,31 @@ + + /* Watch for bogons */ + if (isbogon(sia)) { +- dosyslog(LOG_INFO, "bogon", sia, sea, sha); +- return; ++ dosyslog(LOG_INFO, "bogon", sia, sea, sha, interface); ++ if (!allsubnets) return; + } + + /* Watch for ethernet broadcast */ + if (MEMCMP(sea, zero, 6) == 0 || MEMCMP(sea, allones, 6) == 0 || + MEMCMP(sha, zero, 6) == 0 || MEMCMP(sha, allones, 6) == 0) { +- dosyslog(LOG_INFO, "ethernet broadcast", sia, sea, sha); ++ dosyslog(LOG_INFO, "ethernet broadcast", sia, sea, sha, ++ interface); + return; + } + + /* Double check ethernet addresses */ + if (MEMCMP(sea, sha, 6) != 0) { +- dosyslog(LOG_INFO, "ethernet mismatch", sia, sea, sha); ++ dosyslog(LOG_INFO, "ethernet mismatch", sia, sea, sha, ++ interface); + return; + } + + /* Got a live one */ + t = h->ts.tv_sec; + can_checkpoint = 0; +- if (!ent_add(sia, sea, t, NULL)) +- syslog(LOG_ERR, "ent_add(%s, %s, %ld) failed", +- intoa(sia), e2str(sea), t); ++ if (!ent_add(sia, sea, t, NULL, interface)) ++ syslog(LOG_ERR, "ent_add(%s, %s, %ld, %s) failed", ++ intoa(sia), e2str(sea), t, interface); + can_checkpoint = 1; + } + +@@ -548,29 +557,31 @@ + + /* Watch for bogons */ + if (isbogon(sia)) { +- dosyslog(LOG_INFO, "bogon", sia, sea, sha); +- return; ++ dosyslog(LOG_INFO, "bogon", sia, sea, sha, interface); ++ if (!allsubnets) return; + } + + /* Watch for ethernet broadcast */ + if (MEMCMP(sea, zero, 6) == 0 || MEMCMP(sea, allones, 6) == 0 || + MEMCMP(sha, zero, 6) == 0 || MEMCMP(sha, allones, 6) == 0) { +- dosyslog(LOG_INFO, "ethernet broadcast", sia, sea, sha); ++ dosyslog(LOG_INFO, "ethernet broadcast", sia, sea, sha, ++ interface); + return; + } + + /* Double check ethernet addresses */ + if (MEMCMP(sea, sha, 6) != 0) { +- dosyslog(LOG_INFO, "ethernet mismatch", sia, sea, sha); ++ dosyslog(LOG_INFO, "ethernet mismatch", sia, sea, sha, ++ interface); + return; + } + + /* Got a live one */ + t = h->ts.tv_sec; + can_checkpoint = 0; +- if (!ent_add(sia, sea, t, NULL)) +- syslog(LOG_ERR, "ent_add(%s, %s, %ld) failed", +- intoa(sia), e2str(sea), t); ++ if (!ent_add(sia, sea, t, NULL, interface)) ++ syslog(LOG_ERR, "ent_add(%s, %s, %ld, %s) failed", ++ intoa(sia), e2str(sea), t, interface); + can_checkpoint = 1; + } + +@@ -775,6 +786,7 @@ + "[-r file] " + "[-s sendmail_path] " + "[-p] " ++ "[-a] " + "\n" + ; + +diff -Naru arpwatch-2.1a15.orig/db.c arpwatch-2.1a15/db.c +--- arpwatch-2.1a15.orig/db.c 2000-10-01 03:39:58.000000000 +0400 ++++ arpwatch-2.1a15/db.c 2006-09-22 19:43:35.000000000 +0400 +@@ -64,6 +64,7 @@ + u_char e[6]; /* ether address */ + char h[34]; /* simple hostname */ + time_t t; /* timestamp */ ++ char i[16]; /* interface */ + }; + + /* Address info */ +@@ -80,13 +81,14 @@ + + static void alist_alloc(struct ainfo *); + int cmpeinfo(const void *, const void *); +-static struct einfo *elist_alloc(u_int32_t, u_char *, time_t, char *); ++static struct einfo *elist_alloc(u_int32_t, u_char *, time_t, char *, char *); + static struct ainfo *ainfo_find(u_int32_t); + static void check_hname(struct ainfo *); + struct ainfo *newainfo(void); + + int +-ent_add(register u_int32_t a, register u_char *e, time_t t, register char *h) ++ent_add(register u_int32_t a, register u_char *e, time_t t, register char *h, ++ char *interface) + { + register struct ainfo *ap; + register struct einfo *ep; +@@ -103,7 +105,8 @@ + ep = ap->elist[0]; + if (MEMCMP(e, ep->e, 6) == 0) { + if (t - ep->t > NEWACTIVITY_DELTA) { +- report("new activity", a, e, NULL, &t, &ep->t); ++ report("new activity", a, e, NULL, &t, &ep->t, ++ interface); + check_hname(ap); + } + ep->t = t; +@@ -114,8 +117,8 @@ + /* Check for a virgin ainfo record */ + if (ap->ecount == 0) { + ap->ecount = 1; +- ap->elist[0] = elist_alloc(a, e, t, h); +- report("new station", a, e, NULL, &t, NULL); ++ ap->elist[0] = elist_alloc(a, e, t, h, interface); ++ report("new station", a, e, NULL, &t, NULL, interface); + return (1); + } + +@@ -133,9 +136,11 @@ + if (t - t2 < FLIPFLIP_DELTA && + (isdecnet(e) || isdecnet(e2))) + dosyslog(LOG_INFO, +- "suppressed DECnet flip flop", a, e, e2); ++ "suppressed DECnet flip flop", a, e, e2, ++ interface); + else +- report("flip flop", a, e, e2, &t, &t2); ++ report("flip flop", a, e, e2, &t, &t2, ++ interface); + ap->elist[1] = ap->elist[0]; + ap->elist[0] = ep; + ep->t = t; +@@ -151,7 +156,7 @@ + e2 = ap->elist[0]->e; + t2 = ap->elist[0]->t; + dosyslog(LOG_NOTICE, "reused old ethernet address", +- a, e, e2); ++ a, e, e2, interface); + /* Shift entries down */ + len = i * sizeof(ap->elist[0]); + BCOPY(&ap->elist[0], &ap->elist[1], len); +@@ -165,12 +170,12 @@ + /* New ether address */ + e2 = ap->elist[0]->e; + t2 = ap->elist[0]->t; +- report("changed ethernet address", a, e, e2, &t, &t2); ++ report("changed ethernet address", a, e, e2, &t, &t2, interface); + /* Make room at head of list */ + alist_alloc(ap); + len = ap->ecount * sizeof(ap->elist[0]); + BCOPY(&ap->elist[0], &ap->elist[1], len); +- ap->elist[0] = elist_alloc(a, e, t, h); ++ ap->elist[0] = elist_alloc(a, e, t, h, interface); + ++ap->ecount; + return (1); + } +@@ -227,7 +232,7 @@ + for (ap = &ainfo_table[i]; ap != NULL; ap = ap->next) + for (j = 0; j < ap->ecount; ++j) { + ep = ap->elist[j]; +- (*fn)(ap->a, ep->e, ep->t, ep->h); ++ (*fn)(ap->a, ep->e, ep->t, ep->h, ep->i); + ++n; + } + return (n); +@@ -259,7 +264,7 @@ + /* Allocate and initialize a elist struct */ + static struct einfo * + elist_alloc(register u_int32_t a, register u_char *e, register time_t t, +- register char *h) ++ register char *h, char *interface) + { + register struct einfo *ep; + register u_int size; +@@ -286,6 +291,8 @@ + if (h != NULL && !isdigit((int)*h)) + strcpy(ep->h, h); + ep->t = t; ++ if (interface != NULL) ++ strncpy(ep->i, interface, 16); + return (ep); + } + +diff -Naru arpwatch-2.1a15.orig/db.h arpwatch-2.1a15/db.h +--- arpwatch-2.1a15.orig/db.h 1996-06-05 09:39:30.000000000 +0400 ++++ arpwatch-2.1a15/db.h 2006-09-22 19:41:19.000000000 +0400 +@@ -1,10 +1,10 @@ + /* @(#) $Header: db.h,v 1.8 96/06/04 22:39:29 leres Exp $ (LBL) */ + +-typedef void (*ent_process)(u_int32_t, u_char *, time_t, char *); ++typedef void (*ent_process)(u_int32_t, u_char *, time_t, char *, char *); + + #ifdef DEBUG + void debugdump(void); + #endif +-int ent_add(u_int32_t, u_char *, time_t, char *); ++int ent_add(u_int32_t, u_char *, time_t, char *, char *); + int ent_loop(ent_process); + void sorteinfo(void); +diff -Naru arpwatch-2.1a15.orig/file.c arpwatch-2.1a15/file.c +--- arpwatch-2.1a15.orig/file.c 2000-10-14 02:29:43.000000000 +0400 ++++ arpwatch-2.1a15/file.c 2006-09-22 19:41:19.000000000 +0400 +@@ -69,6 +69,7 @@ + u_int32_t a; + register time_t t; + register struct hostent *hp; ++ char *interface; + char line[1024]; + u_char e[6]; + +@@ -117,6 +118,7 @@ + if (cp2 == NULL) { + t = 0; + h = NULL; ++ interface = NULL; + } else { + t = atoi(cp2); + h = strchr(cp2, '\t'); +@@ -126,11 +128,18 @@ + while (*cp2 != '\n' && *cp2 != '\t' && + *cp2 != '\0') + ++cp2; ++ if (*cp2 == '\t') { ++ *cp2++ = '\0'; ++ while (*cp2 != '\n' && *cp2 != '\t' && ++ *cp2 != '\0') ++cp2; ++ } else { ++ interface = NULL; ++ } + *cp2 = '\0'; + } + } + +- if (!(*fn)(a, e, t, h)) ++ if (!(*fn)(a, e, t, h, interface)) + return(0); + } + +diff -Naru arpwatch-2.1a15.orig/file.h arpwatch-2.1a15/file.h +--- arpwatch-2.1a15.orig/file.h 1999-01-18 04:46:04.000000000 +0300 ++++ arpwatch-2.1a15/file.h 2006-09-22 19:41:19.000000000 +0400 +@@ -1,5 +1,5 @@ + /* @(#) $Header: file.h,v 1.4 99/01/17 17:46:03 leres Exp $ (LBL) */ + +-typedef int (*file_process)(u_int32_t, u_char *, time_t, char *); ++typedef int (*file_process)(u_int32_t, u_char *, time_t, char *, char *); + + int file_loop(FILE *, file_process, const char *); +diff -Naru arpwatch-2.1a15.orig/report.c arpwatch-2.1a15/report.c +--- arpwatch-2.1a15.orig/report.c 2006-09-22 19:44:44.000000000 +0400 ++++ arpwatch-2.1a15/report.c 2006-09-22 19:41:19.000000000 +0400 +@@ -233,7 +233,8 @@ + + void + report(register char *title, register u_int32_t a, register u_char *e1, +- register u_char *e2, register time_t *t1p, register time_t *t2p) ++ register u_char *e2, register time_t *t1p, register time_t *t2p, ++ char *interface) + { + extern char *path_sendmail; + register char *cp, *hn; +@@ -254,7 +255,7 @@ + + if (debug) { + if (debug > 1) { +- dosyslog(LOG_NOTICE, title, a, e1, e2); ++ dosyslog(LOG_NOTICE, title, a, e1, e2, interface); + return; + } + f = stdout; +@@ -271,7 +272,7 @@ + } + + /* Syslog this event too */ +- dosyslog(LOG_NOTICE, title, a, e1, e2); ++ dosyslog(LOG_NOTICE, title, a, e1, e2, interface); + + /* Update child depth */ + ++cdepth; +@@ -303,16 +304,19 @@ + + (void)fprintf(f, "From: %s\n", watchee); + (void)fprintf(f, "To: %s\n", watcher); ++ if (interface == NULL) interface = ""; /* shouldn't happen */ + hn = gethname(a); + if (!isdigit(*hn)) +- (void)fprintf(f, "Subject: %s (%s)\n", title, hn); ++ (void)fprintf(f, "Subject: %s (%s) %s\n", title, hn, ++ interface); + else { +- (void)fprintf(f, "Subject: %s\n", title); ++ (void)fprintf(f, "Subject: %s %s\n", title, interface); + hn = unknown; + } + (void)putc('\n', f); + (void)fprintf(f, fmt, "hostname", hn); + (void)fprintf(f, fmt, "ip address", intoa(a)); ++ (void)fprintf(f, fmt, "interface", interface); + (void)fprintf(f, fmt, "ethernet address", e2str(e1)); + if ((cp = ec_find(e1)) == NULL) + cp = unknown; +diff -Naru arpwatch-2.1a15.orig/report.h arpwatch-2.1a15/report.h +--- arpwatch-2.1a15.orig/report.h 1996-06-05 09:40:54.000000000 +0400 ++++ arpwatch-2.1a15/report.h 2006-09-22 19:41:19.000000000 +0400 +@@ -1,3 +1,3 @@ + /* @(#) $Header: report.h,v 1.3 96/06/04 22:40:53 leres Exp $ (LBL) */ + +-void report(char *, u_int32_t, u_char *, u_char *, time_t *, time_t *); ++void report(char *, u_int32_t, u_char *, u_char *, time_t *, time_t *, char *); +diff -Naru arpwatch-2.1a15.orig/util.c arpwatch-2.1a15/util.c +--- arpwatch-2.1a15.orig/util.c 2006-09-22 19:44:53.000000000 +0400 ++++ arpwatch-2.1a15/util.c 2006-09-22 19:41:19.000000000 +0400 +@@ -62,11 +62,12 @@ + int debug = 0; + int initializing = 1; /* true if initializing */ + int nopromisc = 0; /* don't activate promisc mode by default */ ++int allsubnets = 0; /* watch all attached subnets */ + + /* syslog() helper routine */ + void + dosyslog(register int p, register char *s, register u_int32_t a, +- register u_char *ea, register u_char *ha) ++ register u_char *ea, register u_char *ha, char *interface) + { + char xbuf[64]; + +@@ -83,23 +84,21 @@ + } + + if (debug) +- fprintf(stderr, "%s: %s %s %s\n", prog, s, intoa(a), xbuf); ++ fprintf(stderr, "%s: %s %s %s %s\n", prog, s, intoa(a), ++ xbuf, interface); + else +- syslog(p, "%s %s %s", s, intoa(a), xbuf); ++ syslog(p, "%s %s %s %s", s, intoa(a), xbuf, interface); + } + + static FILE *dumpf; + + void + dumpone(register u_int32_t a, register u_char *e, register time_t t, +- register char *h) ++ register char *h, char *interface) + { +- (void)fprintf(dumpf, "%s\t%s", e2str(e), intoa(a)); +- if (t != 0 || h != NULL) +- (void)fprintf(dumpf, "\t%u", (u_int32_t)t); +- if (h != NULL && *h != '\0') +- (void)fprintf(dumpf, "\t%s", h); +- (void)putc('\n', dumpf); ++ (void)fprintf(dumpf, "%s\t%s\t%u\t%s\t%s\n", e2str(e), intoa(a), ++ (u_int32_t)t, ((h != NULL)?h:""), ++ ((interface != NULL)?interface:"")); + } + + int +diff -Naru arpwatch-2.1a15.orig/util.h arpwatch-2.1a15/util.h +--- arpwatch-2.1a15.orig/util.h 2006-09-22 19:44:53.000000000 +0400 ++++ arpwatch-2.1a15/util.h 2006-09-22 19:41:19.000000000 +0400 +@@ -1,8 +1,8 @@ + /* @(#) $Header: util.h,v 1.2 96/10/06 03:22:13 leres Exp $ (LBL) */ + +-void dosyslog(int, char *, u_int32_t, u_char *, u_char *); ++void dosyslog(int, char *, u_int32_t, u_char *, u_char *, char *); + int dump(void); +-void dumpone(u_int32_t, u_char *, time_t, char *); ++void dumpone(u_int32_t, u_char *, time_t, char *, char *); + int readdata(void); + char *savestr(const char *); + +@@ -18,3 +18,4 @@ + extern int debug; + extern int initializing; + extern int nopromisc; ++extern int allsubnets; diff --git a/main/arpwatch/07_all_arpwatch-2.1a15-specify-mail.patch b/main/arpwatch/07_all_arpwatch-2.1a15-specify-mail.patch new file mode 100644 index 0000000000..b3b34b1246 --- /dev/null +++ b/main/arpwatch/07_all_arpwatch-2.1a15-specify-mail.patch @@ -0,0 +1,168 @@ +diff -Naru arpwatch-2.1a15.orig/arpsnmp.8 arpwatch-2.1a15/arpsnmp.8 +--- arpwatch-2.1a15.orig/arpsnmp.8 2006-09-22 19:44:44.000000000 +0400 ++++ arpwatch-2.1a15/arpsnmp.8 2006-09-22 19:57:15.000000000 +0400 +@@ -42,6 +42,12 @@ + ] + .br + .ti +8 ++[ ++.B -m ++.I addr ++] ++.br ++.ti +8 + .I file + [ + .I ... +@@ -55,6 +61,13 @@ + .BR snmpwalk (1)). + .LP + The ++.B -m ++option is used to specify the e-mail address to which reports will be ++sent. By default, reports are sent to ++.I root ++on the local machine. (This feature comes from Debian). ++.LP ++The + .B -d + flag is used enable debugging. This also inhibits mailing the reports. + Instead, they are sent to +diff -Naru arpwatch-2.1a15.orig/arpsnmp.c arpwatch-2.1a15/arpsnmp.c +--- arpwatch-2.1a15.orig/arpsnmp.c 2006-09-22 19:46:34.000000000 +0400 ++++ arpwatch-2.1a15/arpsnmp.c 2006-09-22 19:57:55.000000000 +0400 +@@ -82,6 +82,7 @@ + char options[] = + "d" + "f:" ++ "m:" + "s:" + ; + +@@ -111,6 +112,10 @@ + arpfile = optarg; + break; + ++ case 'm': ++ mailaddress = optarg; ++ break; ++ + case 's': + path_sendmail = optarg; + break; +@@ -197,6 +202,7 @@ + char usage[] = + "[-d] " + "[-f datafile] " ++ "[-m e-mail ] " + "[-s sendmail_path] " + "file [...]\n" + ; +diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8 +--- arpwatch-2.1a15.orig/arpwatch.8 2006-09-22 19:46:34.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.8 2006-09-22 19:53:35.000000000 +0400 +@@ -46,7 +46,7 @@ + [ + .B -n + .IR net [/ width +-]] ++] ] + .br + .ti +8 + [ +@@ -56,6 +56,12 @@ + .br + .ti +8 + [ ++.B -m ++.I e-mail ++] ++.br ++.ti +8 ++[ + .B -s + .I sendmail_path + ] +@@ -120,6 +126,13 @@ + does not fork. + .LP + The ++.B -m ++option is used to specify the e-mail address to which reports will be ++sent. By default, reports are sent to ++.I root ++on the local machine. (This feature comes from Debian). ++.LP ++The + .B -s + flag is used to specify the path to the sendmail program. Any program that + takes the option -odi and then text from stdin can be substituted. This is +diff -Naru arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c +--- arpwatch-2.1a15.orig/arpwatch.c 2006-09-22 19:46:34.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.c 2006-09-22 19:58:46.000000000 +0400 +@@ -163,6 +163,7 @@ + "n:" + "N" + "r:" ++ "m:" + "s:" + "p" + "a" +@@ -216,6 +217,10 @@ + rfilename = optarg; + break; + ++ case 'm': ++ mailaddress = optarg; ++ break; ++ + case 's': + path_sendmail = optarg; + break; +@@ -784,6 +789,7 @@ + "[-i interface] " + "[-n net[/width]] " + "[-r file] " ++ "[-m e-mail] " + "[-s sendmail_path] " + "[-p] " + "[-a] " +diff -Naru arpwatch-2.1a15.orig/report.c arpwatch-2.1a15/report.c +--- arpwatch-2.1a15.orig/report.c 2006-09-22 19:46:34.000000000 +0400 ++++ arpwatch-2.1a15/report.c 2006-09-22 19:59:18.000000000 +0400 +@@ -242,7 +242,7 @@ + register FILE *f; + char tempfile[64], cpu[64], os[64]; + char *fmt = "%20s: %s\n"; +- char *watcher = WATCHER; ++ char *watcher = mailaddress; + char *watchee = WATCHEE; + char *sendmail = path_sendmail; + char *unknown = ""; +diff -Naru arpwatch-2.1a15.orig/util.c arpwatch-2.1a15/util.c +--- arpwatch-2.1a15.orig/util.c 2006-09-22 19:46:34.000000000 +0400 ++++ arpwatch-2.1a15/util.c 2006-09-22 20:00:25.000000000 +0400 +@@ -50,6 +50,7 @@ + #include "ec.h" + #include "file.h" + #include "util.h" ++#include "addresses.h" + + char *arpdir = ARPDIR; + char *arpfile = ARPFILE; +@@ -63,6 +64,7 @@ + int initializing = 1; /* true if initializing */ + int nopromisc = 0; /* don't activate promisc mode by default */ + int allsubnets = 0; /* watch all attached subnets */ ++char *mailaddress = WATCHER; + + /* syslog() helper routine */ + void +diff -Naru arpwatch-2.1a15.orig/util.h arpwatch-2.1a15/util.h +--- arpwatch-2.1a15.orig/util.h 2006-09-22 19:46:34.000000000 +0400 ++++ arpwatch-2.1a15/util.h 2006-09-22 20:00:39.000000000 +0400 +@@ -19,3 +19,4 @@ + extern int initializing; + extern int nopromisc; + extern int allsubnets; ++extern char *mailaddress; diff --git a/main/arpwatch/08_all_arpwatch-2.1a15-drop-priveleges.patch b/main/arpwatch/08_all_arpwatch-2.1a15-drop-priveleges.patch new file mode 100644 index 0000000000..b0283e6a65 --- /dev/null +++ b/main/arpwatch/08_all_arpwatch-2.1a15-drop-priveleges.patch @@ -0,0 +1,147 @@ +diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8 +--- arpwatch-2.1a15.orig/arpwatch.8 2006-09-23 22:13:55.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.8 2006-09-23 22:15:30.000000000 +0400 +@@ -75,6 +75,18 @@ + [ + .B -a + ] ++.br ++.ti +8 ++[ ++.B -u ++.I username ++] ++.br ++.ti +8 ++[ ++.B -R ++.I seconds ++] + .ad + .SH DESCRIPTION + .B Arpwatch +@@ -159,6 +171,32 @@ + .B -N + is given). (This feature comes from Debian). + .LP ++The ++.B -u ++flag instructs ++.B arpwatch ++to drop root privileges and change the UID to ++.I username ++and GID to the primary group of ++.IR username . ++This is recommended for security reasons, but ++.I username ++has to have write access to the default directory. (This feature comes from Debian). ++.LP ++The ++.B -R ++flag instructs ++.B arpwatch ++to restart in ++.I seconds ++seconds after the interface went down. By default, in such cases ++arpwatch would print an error message and exit. This option is ++ignored if either the ++.B -r ++or ++.B -u ++flags are used. (This feature comes from Debian). ++.LP + Note that an empty + .I arp.dat + file must be created before the first time you run +diff -Naru arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c +--- arpwatch-2.1a15.orig/arpwatch.c 2006-09-23 22:13:55.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.c 2006-09-23 22:11:41.000000000 +0400 +@@ -62,7 +62,8 @@ + #include + #include + #include +- ++#include ++#include + #include + + #include "gnuc.h" +@@ -144,6 +145,24 @@ + + static char *interface; + ++void dropprivileges(const char* user) ++{ ++ struct passwd* pw; ++ pw = getpwnam( user ); ++ if ( pw ) { ++ if ( initgroups(pw->pw_name, 0) != 0 || setgid(pw->pw_gid) != 0 || ++ setuid(pw->pw_uid) != 0 ) { ++ syslog(LOG_ERR, "Couldn't change to '%.32s' uid=%d gid=%d", user,pw->pw_uid, pw->pw_gid); ++ exit(1); ++ } ++ } ++ else { ++ syslog(LOG_ERR, "Couldn't find user '%.32s' in /etc/passwd", user); ++ exit(1); ++ } ++ syslog(LOG_INFO, "Running as uid=%d gid=%d", getuid(), getgid()); ++} ++ + int + main(int argc, char **argv) + { +@@ -156,6 +175,7 @@ + register char *rfilename; + struct bpf_program code; + char errbuf[PCAP_ERRBUF_SIZE]; ++ char* username = NULL; + char options[] = + "d" + "f:" +@@ -167,6 +187,7 @@ + "s:" + "p" + "a" ++ "u:" + ; + + if (argv[0] == NULL) +@@ -233,6 +254,10 @@ + ++allsubnets; + break; + ++ case 'u': ++ username = optarg; ++ break; ++ + default: + usage(); + } +@@ -310,12 +335,16 @@ + #endif + } + ++ if ( username ) { ++ dropprivileges( username ); ++ } else { + /* + * Revert to non-privileged user after opening sockets + * (not needed on most systems). + */ +- setgid(getgid()); +- setuid(getuid()); ++ setgid(getgid()); ++ setuid(getuid()); ++ } + + /* Must be ethernet or fddi */ + linktype = pcap_datalink(pd); +@@ -793,6 +822,7 @@ + "[-s sendmail_path] " + "[-p] " + "[-a] " ++ "[-u username] " + "\n" + ; + diff --git a/main/arpwatch/09_all_arpwatch-2.1a15-quite-mail.patch b/main/arpwatch/09_all_arpwatch-2.1a15-quite-mail.patch new file mode 100644 index 0000000000..ce5c4b244b --- /dev/null +++ b/main/arpwatch/09_all_arpwatch-2.1a15-quite-mail.patch @@ -0,0 +1,90 @@ +diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8 +--- arpwatch-2.1a15.orig/arpwatch.8 2006-09-23 22:16:05.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.8 2006-09-23 22:17:15.000000000 +0400 +@@ -87,6 +87,11 @@ + .B -R + .I seconds + ] ++.br ++.ti +8 ++[ ++.B -Q ++] + .ad + .SH DESCRIPTION + .B Arpwatch +@@ -197,6 +202,10 @@ + .B -u + flags are used. (This feature comes from Debian). + .LP ++The ++.B -Q ++flags prevents arpwatch from sending reports by mail. (This feature comes from Debian). ++.LP + Note that an empty + .I arp.dat + file must be created before the first time you run +diff -Naru arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c +--- arpwatch-2.1a15.orig/arpwatch.c 2006-09-23 22:16:05.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.c 2006-09-23 22:18:10.000000000 +0400 +@@ -188,6 +188,7 @@ + "p" + "a" + "u:" ++ "Q" + ; + + if (argv[0] == NULL) +@@ -258,6 +259,11 @@ + username = optarg; + break; + ++ case 'Q': ++ ++quiet; ++ break; ++ ++ + default: + usage(); + } +@@ -823,6 +829,7 @@ + "[-p] " + "[-a] " + "[-u username] " ++ "[-Q ] " + "\n" + ; + +diff -Naru arpwatch-2.1a15.orig/report.c arpwatch-2.1a15/report.c +--- arpwatch-2.1a15.orig/report.c 2006-09-23 22:13:55.000000000 +0400 ++++ arpwatch-2.1a15/report.c 2006-09-23 22:17:15.000000000 +0400 +@@ -274,6 +274,10 @@ + /* Syslog this event too */ + dosyslog(LOG_NOTICE, title, a, e1, e2, interface); + ++ /* return if watcher is an empty string */ ++ if ( quiet ) ++ return; ++ + /* Update child depth */ + ++cdepth; + +diff -Naru arpwatch-2.1a15.orig/util.c arpwatch-2.1a15/util.c +--- arpwatch-2.1a15.orig/util.c 2006-09-23 22:13:55.000000000 +0400 ++++ arpwatch-2.1a15/util.c 2006-09-23 22:17:15.000000000 +0400 +@@ -65,6 +65,7 @@ + int nopromisc = 0; /* don't activate promisc mode by default */ + int allsubnets = 0; /* watch all attached subnets */ + char *mailaddress = WATCHER; ++int quiet = 0; /* send mail by default */ + + /* syslog() helper routine */ + void +diff -Naru arpwatch-2.1a15.orig/util.h arpwatch-2.1a15/util.h +--- arpwatch-2.1a15.orig/util.h 2006-09-23 22:13:55.000000000 +0400 ++++ arpwatch-2.1a15/util.h 2006-09-23 22:17:15.000000000 +0400 +@@ -20,3 +20,4 @@ + extern int nopromisc; + extern int allsubnets; + extern char *mailaddress; ++extern int quiet; diff --git a/main/arpwatch/10_all_arpwatch-2.1a15-ignore-net.patch b/main/arpwatch/10_all_arpwatch-2.1a15-ignore-net.patch new file mode 100644 index 0000000000..2b9405d81e --- /dev/null +++ b/main/arpwatch/10_all_arpwatch-2.1a15-ignore-net.patch @@ -0,0 +1,97 @@ +diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8 +--- arpwatch-2.1a15.orig/arpwatch.8 2006-09-23 22:19:29.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.8 2006-09-23 22:19:55.000000000 +0400 +@@ -92,6 +92,12 @@ + [ + .B -Q + ] ++.br ++.ti +8 ++[ ++.B -z ++.I ignorenet/ignoremask ++] + .ad + .SH DESCRIPTION + .B Arpwatch +@@ -206,6 +212,11 @@ + .B -Q + flags prevents arpwatch from sending reports by mail. (This feature comes from Debian). + .LP ++The ++.B -z ++flag is used to set a range of ip addresses to ignore (such as a DHCP ++range). Netmask is specified as 255.255.128.0. (This feature comes from Debian). ++.LP + Note that an empty + .I arp.dat + file must be created before the first time you run +diff -Naru arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c +--- arpwatch-2.1a15.orig/arpwatch.c 2006-09-23 22:19:29.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.c 2006-09-23 22:19:55.000000000 +0400 +@@ -125,6 +125,9 @@ + static int nets_ind; + static int nets_size; + ++static struct in_addr ignore_net; ++static struct in_addr ignore_netmask; ++ + extern int optind; + extern int opterr; + extern char *optarg; +@@ -189,7 +192,9 @@ + "a" + "u:" + "Q" ++ "z:" + ; ++ char *tmpptr; + + if (argv[0] == NULL) + prog = "arpwatch"; +@@ -207,6 +212,9 @@ + interface = NULL; + rfilename = NULL; + pd = NULL; ++ ++ inet_aton("0.0.0.0", &ignore_netmask); ++ inet_aton("255.255.255.255", &ignore_netmask); + while ((op = getopt(argc, argv, options)) != EOF) + switch (op) { + +@@ -263,6 +271,12 @@ + ++quiet; + break; + ++ case 'z': ++ tmpptr = strtok(optarg, "/"); ++ inet_aton(tmpptr, &ignore_net); ++ tmpptr = strtok(NULL, "/"); ++ inet_aton(tmpptr, &ignore_netmask); ++ break; + + default: + usage(); +@@ -465,6 +479,14 @@ + return; + } + ++ /* Ignores the specified netmask/metwork */ ++ if ((sia & ignore_netmask.s_addr) == ignore_net.s_addr) { ++ if (debug) { ++ dosyslog(LOG_INFO, "ignored", sia, sea, sha, interface); ++ } ++ return; ++ } ++ + /* Got a live one */ + t = h->ts.tv_sec; + can_checkpoint = 0; +@@ -830,6 +852,7 @@ + "[-a] " + "[-u username] " + "[-Q ] " ++ "[-z ignorenet/ignoremask] " + "\n" + ; + diff --git a/main/arpwatch/11_all_arpwatch-2.1a15-secure-tmp.patch b/main/arpwatch/11_all_arpwatch-2.1a15-secure-tmp.patch new file mode 100644 index 0000000000..4e9cd88b8a --- /dev/null +++ b/main/arpwatch/11_all_arpwatch-2.1a15-secure-tmp.patch @@ -0,0 +1,26 @@ +diff -Naru arpwatch-2.1a15.orig/bihourly.sh arpwatch-2.1a15/bihourly.sh +--- arpwatch-2.1a15.orig/bihourly.sh 2006-07-28 22:19:45.000000000 +0400 ++++ arpwatch-2.1a15/bihourly.sh 2006-09-22 21:29:38.000000000 +0400 +@@ -10,8 +10,8 @@ + # + list="`cat list`" + cname="`cat cname`" +-temp1=/tmp/bihourly.1.$$ +-temp2=/tmp/bihourly.2.$$ ++temp1=$(mktemp) ++temp2=$(mktemp) + d=/tmp/errs + + # imperfect hack +diff -Naru arpwatch-2.1a15.orig/mkdep arpwatch-2.1a15/mkdep +--- arpwatch-2.1a15.orig/mkdep 1996-06-23 13:25:24.000000000 +0400 ++++ arpwatch-2.1a15/mkdep 2006-09-22 21:30:04.000000000 +0400 +@@ -51,7 +51,7 @@ + exit 1 + fi + +-TMP=/tmp/mkdep$$ ++TMP=$(mktemp) + + trap 'rm -f $TMP ; exit 1' 1 2 3 13 15 + diff --git a/main/arpwatch/12_all_arpwatch-2.1a15-defalt-dir-in-manpages.patch b/main/arpwatch/12_all_arpwatch-2.1a15-defalt-dir-in-manpages.patch new file mode 100644 index 0000000000..de4db37b68 --- /dev/null +++ b/main/arpwatch/12_all_arpwatch-2.1a15-defalt-dir-in-manpages.patch @@ -0,0 +1,24 @@ +diff -Naru arpwatch-2.1a15.orig/arpsnmp.8 arpwatch-2.1a15/arpsnmp.8 +--- arpwatch-2.1a15.orig/arpsnmp.8 2006-09-22 20:02:04.000000000 +0400 ++++ arpwatch-2.1a15/arpsnmp.8 2006-09-22 21:35:52.000000000 +0400 +@@ -100,7 +100,7 @@ + .na + .nh + .nf +-/usr/operator/arpwatch - default directory ++/usr/lib/arpwatch - default directory + arp.dat - ethernet/ip address database + ethercodes.dat - vendor ethernet block list + .ad +diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8 +--- arpwatch-2.1a15.orig/arpwatch.8 2006-09-22 20:32:56.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.8 2006-09-22 21:36:16.000000000 +0400 +@@ -275,7 +275,7 @@ + .na + .nh + .nf +-/usr/operator/arpwatch - default directory ++/usr/lib/arpwatch - default directory + arp.dat - ethernet/ip address database + ethercodes.dat - vendor ethernet block list + .ad diff --git a/main/arpwatch/13_all_arpwatch-2.1a15-scripts-awk.patch b/main/arpwatch/13_all_arpwatch-2.1a15-scripts-awk.patch new file mode 100644 index 0000000000..227fd328de --- /dev/null +++ b/main/arpwatch/13_all_arpwatch-2.1a15-scripts-awk.patch @@ -0,0 +1,31 @@ +diff -Naru arpwatch-2.1a15.orig/arp2ethers arpwatch-2.1a15/arp2ethers +--- arpwatch-2.1a15.orig/arp2ethers 2002-01-05 22:40:48.000000000 +0300 ++++ arpwatch-2.1a15/arp2ethers 2006-09-23 22:47:02.000000000 +0400 +@@ -13,11 +13,10 @@ + # - sort + # + +-sort +2rn arp.dat | \ +- awk 'NF == 4 { print }' | \ ++export AWKPATH="$AWKPATH:/usr/share/arpwatch/awk" ++ ++sort -k 3rn ${1:-/var/lib/arpwatch/arp.dat} | \ + awk -f p.awk | \ +- egrep -v '\.[0-9][0-9]*$' | \ +- sed -e 's/ .* / /' | \ + awk -f d.awk | \ + awk -f e.awk | \ + sort +diff -Naru arpwatch-2.1a15.orig/massagevendor arpwatch-2.1a15/massagevendor +--- arpwatch-2.1a15.orig/massagevendor 2004-01-28 22:32:43.000000000 +0300 ++++ arpwatch-2.1a15/massagevendor 2006-09-23 22:49:42.000000000 +0400 +@@ -9,6 +9,9 @@ + # + # - Deal with duplicates in oui.txt (concatenate company names) + # ++ ++export AWKPATH="$AWKPATH:/usr/share/arpwatch/awk" ++ + (sed -n \ + -e 's/^\([0-9A-F][0-9A-F]\)-\([0-9A-F][0-9A-F]\)-\([0-9A-F][0-9A-F]\) *(hex)[ ]*\(..*\)/\1\2\3 \4/p' \ + $* | \ diff --git a/main/arpwatch/14_all_arpwatch-2.1a15-paths-fix.patch b/main/arpwatch/14_all_arpwatch-2.1a15-paths-fix.patch new file mode 100644 index 0000000000..6162aeebfc --- /dev/null +++ b/main/arpwatch/14_all_arpwatch-2.1a15-paths-fix.patch @@ -0,0 +1,35 @@ +diff -Naru arpwatch-2.1a15.orig/arpwatch.h arpwatch-2.1a15/arpwatch.h +--- arpwatch-2.1a15.orig/arpwatch.h 2000-10-01 03:40:55.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.h 2006-09-22 22:48:13.000000000 +0400 +@@ -1,7 +1,7 @@ + /* @(#) $Id: arpwatch.h,v 1.29 2000/09/30 23:40:49 leres Exp $ (LBL) */ + + #define ARPFILE "arp.dat" +-#define ETHERCODES "ethercodes.dat" ++/*#define ETHERCODES "ethercodes.dat" */ + #define CHECKPOINT (15*60) /* Checkpoint time in seconds */ + + #define MEMCMP(a, b, n) memcmp((char *)a, (char *)b, n) +diff -Naru arpwatch-2.1a15.orig/Makefile.in arpwatch-2.1a15/Makefile.in +--- arpwatch-2.1a15.orig/Makefile.in 2006-09-22 22:48:59.000000000 +0400 ++++ arpwatch-2.1a15/Makefile.in 2006-09-22 22:49:23.000000000 +0400 +@@ -31,7 +31,8 @@ + # Pathname of directory to install the man page + MANDEST = @mandir@ + # Pathname of directory to install database file +-ARPDIR = $(prefix)/arpwatch ++ARPDIR = /var/lib/arpwatch ++ETHERCODES = /usr/share/arpwatch/ethercodes.dat + + # VPATH + srcdir = @srcdir@ +@@ -45,7 +46,8 @@ + PROG = arpwatch + CCOPT = @V_CCOPT@ + INCLS = -I. @V_INCLS@ +-DEFS = -DDEBUG @DEFS@ -DARPDIR=\"$(ARPDIR)\" -DPATH_SENDMAIL=\"$(SENDMAIL)\" ++DEFS = -DDEBUG @DEFS@ -DARPDIR=\"$(ARPDIR)\" -DPATH_SENDMAIL=\"$(SENDMAIL)\" \ ++ -DETHERCODES=\"$(ETHERCODES)\" + + # Standard CFLAGS + CFLAGS = $(CCOPT) $(DEFS) $(INCLS) diff --git a/main/arpwatch/15_all_arpwatch-2.1a15-fix-dead-lock.patch b/main/arpwatch/15_all_arpwatch-2.1a15-fix-dead-lock.patch new file mode 100644 index 0000000000..9e94c7dd0c --- /dev/null +++ b/main/arpwatch/15_all_arpwatch-2.1a15-fix-dead-lock.patch @@ -0,0 +1,32 @@ +diff -Naru arpwatch-2.1a15.orig/report.c arpwatch-2.1a15/report.c +--- arpwatch-2.1a15.orig/report.c 2006-09-23 19:31:47.000000000 +0400 ++++ arpwatch-2.1a15/report.c 2006-09-23 19:38:54.000000000 +0400 +@@ -217,7 +217,12 @@ + continue; + /* ECHILD means no one left */ + if (errno != ECHILD) +- syslog(LOG_ERR, "reaper: %m"); ++ /* It is dangerous to call non reentrant */ ++ /* functions from callback (POSIX) */ ++ /* Next line effectively disables this as */ ++ /* we never get here in debug */ ++ if (debug) ++ syslog(LOG_ERR, "reaper: %m"); + break; + } + /* Already got everyone who was done */ +@@ -225,8 +230,13 @@ + break; + --cdepth; + if (WEXITSTATUS(status)) ++ /* It is dangerous to call non-reentrant */ ++ /* functions from callback (POSIX) */ ++ /* Next line effectively disables this as */ ++ /* we never get here in debug */ ++ if (debug) + syslog(LOG_DEBUG, "reaper: pid %d, exit status %d", +- pid, WEXITSTATUS(status)); ++ pid, WEXITSTATUS(status)); + } + return RETSIGVAL; + } diff --git a/main/arpwatch/16_all_arpwatch-2.1a15-additional-manpages-cleanups.patch b/main/arpwatch/16_all_arpwatch-2.1a15-additional-manpages-cleanups.patch new file mode 100644 index 0000000000..c026fcfc48 --- /dev/null +++ b/main/arpwatch/16_all_arpwatch-2.1a15-additional-manpages-cleanups.patch @@ -0,0 +1,98 @@ +diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8 +--- arpwatch-2.1a15.orig/arpwatch.8 2006-09-23 22:23:03.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.8 2006-09-23 22:22:15.000000000 +0400 +@@ -30,70 +30,70 @@ + .B -dN + ] + .br +-.ti +8 ++.ti +9 + [ + .B -f + .I datafile + ] + .br +-.ti +8 ++.ti +9 + [ + .B -i + .I interface + ] + .br +-.ti +8 ++.ti +9 + [ + .B -n + .IR net [/ width + ] ] + .br +-.ti +8 ++.ti +9 + [ + .B -r + .I file + ] + .br +-.ti +8 ++.ti +9 + [ + .B -m + .I e-mail + ] + .br +-.ti +8 ++.ti +9 + [ + .B -s + .I sendmail_path + ] + .br +-.ti +8 ++.ti +9 + [ + .B -p + ] + .br +-.ti +8 ++.ti +9 + [ + .B -a + ] + .br +-.ti +8 ++.ti +9 + [ + .B -u + .I username + ] + .br +-.ti +8 ++.ti +9 + [ + .B -R + .I seconds + ] + .br +-.ti +8 ++.ti +9 + [ + .B -Q + ] + .br +-.ti +8 ++.ti +9 + [ + .B -z + .I ignorenet/ignoremask +@@ -175,9 +175,9 @@ + .B -a + flag tells + .B arpwatch +-to report bogons about every IP address. By default, ++to record bogons about every IP address. By default, + .B arpwatch +-reports bogons for IP addresses that are in the same subnet with the first IP ++records bogons for IP addresses that are in the same subnet with the first IP + address of the default interface (unless + .B -N + is given). (This feature comes from Debian). diff --git a/main/arpwatch/17_all_arpwatch-2.1a15-restart.patch b/main/arpwatch/17_all_arpwatch-2.1a15-restart.patch new file mode 100644 index 0000000000..9c7f119df4 --- /dev/null +++ b/main/arpwatch/17_all_arpwatch-2.1a15-restart.patch @@ -0,0 +1,162 @@ +diff -Naru arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c +--- arpwatch-2.1a15.orig/arpwatch.c 2006-09-23 22:20:51.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.c 2006-09-23 22:24:49.000000000 +0400 +@@ -179,6 +179,8 @@ + struct bpf_program code; + char errbuf[PCAP_ERRBUF_SIZE]; + char* username = NULL; ++ int restart = 0; ++ int restarting_loop = 0; + char options[] = + "d" + "f:" +@@ -191,6 +193,7 @@ + "p" + "a" + "u:" ++ "R:" + "Q" + "z:" + ; +@@ -267,6 +270,10 @@ + username = optarg; + break; + ++ case 'R': ++ restart = atoi(optarg); ++ break; ++ + case 'Q': + ++quiet; + break; +@@ -285,6 +292,12 @@ + if (optind != argc) + usage(); + ++ if ( username && restart ) { ++ syslog(LOG_ERR, "Please, specify either -u or -R"); ++ (void)fprintf(stderr,"Please, specify either -u or -R. See arpwatch.8\n"); ++ exit(1); ++ } ++ + if (rfilename != NULL) { + net = 0; + netmask = 0; +@@ -334,6 +347,7 @@ + syslog(LOG_ERR, "(using current working directory)"); + } + ++label_restart: + if (rfilename != NULL) { + pd = pcap_open_offline(rfilename, errbuf); + if (pd == NULL) { +@@ -348,22 +362,30 @@ + pd = pcap_open_live(interface, snaplen, !nopromisc, timeout, errbuf); + if (pd == NULL) { + syslog(LOG_ERR, "pcap open %s: %s", interface, errbuf); +- exit(1); ++ if (restart) { ++ syslog(LOG_ERR, "restart in %d secs", restart); ++ } else { ++ exit(1); ++ } ++ sleep(restart); ++ goto label_restart; + } + #ifdef WORDS_BIGENDIAN + swapped = 1; + #endif + } + +- if ( username ) { +- dropprivileges( username ); +- } else { +- /* +- * Revert to non-privileged user after opening sockets +- * (not needed on most systems). +- */ +- setgid(getgid()); +- setuid(getuid()); ++ if (!restarting_loop) { ++ if ( username && !restart ) { ++ dropprivileges( username ); ++ } else { ++ /* ++ * Revert to non-privileged user after opening sockets ++ * (not needed on most systems). ++ */ ++ setgid(getgid()); ++ setuid(getuid()); ++ } + } + + /* Must be ethernet or fddi */ +@@ -386,26 +408,30 @@ + if (rfilename == NULL) + syslog(LOG_INFO, "listening on %s", interface); + +- /* Read in database */ +- initializing = 1; +- if (!readdata()) +- exit(1); +- sorteinfo(); ++ if (!restarting_loop) { ++ /* Read in database */ ++ initializing = 1; ++ if (!readdata()) ++ exit(1); ++ sorteinfo(); ++ } + #ifdef DEBUG + if (debug > 2) { + debugdump(); + exit(0); + } + #endif +- initializing = 0; ++ if (!restarting_loop) { ++ initializing = 0; + +- (void)setsignal(SIGINT, die); +- (void)setsignal(SIGTERM, die); +- (void)setsignal(SIGHUP, die); +- if (rfilename == NULL) { +- (void)setsignal(SIGQUIT, checkpoint); +- (void)setsignal(SIGALRM, checkpoint); +- (void)alarm(CHECKPOINT); ++ (void)setsignal(SIGINT, die); ++ (void)setsignal(SIGTERM, die); ++ (void)setsignal(SIGHUP, die); ++ if (rfilename == NULL) { ++ (void)setsignal(SIGQUIT, checkpoint); ++ (void)setsignal(SIGALRM, checkpoint); ++ (void)alarm(CHECKPOINT); ++ } + } + + switch (linktype) { +@@ -424,7 +450,15 @@ + } + if (status < 0) { + syslog(LOG_ERR, "pcap_loop: %s", pcap_geterr(pd)); +- exit(1); ++ if (restart && rfilename == NULL) { ++ syslog(LOG_ERR, "restart in %d secs", restart); ++ ++restarting_loop; ++ pcap_close(pd); ++ } else { ++ exit(1); ++ } ++ sleep(restart); ++ goto label_restart; + } + pcap_close(pd); + if (!dump()) +@@ -851,6 +885,7 @@ + "[-p] " + "[-a] " + "[-u username] " ++ "[-R seconds ] " + "[-Q ] " + "[-z ignorenet/ignoremask] " + "\n" diff --git a/main/arpwatch/18_all_arpwatch-2.1a15-nofork.patch b/main/arpwatch/18_all_arpwatch-2.1a15-nofork.patch new file mode 100644 index 0000000000..83447f794f --- /dev/null +++ b/main/arpwatch/18_all_arpwatch-2.1a15-nofork.patch @@ -0,0 +1,94 @@ +Origianl idea comes from Matthias Andree. + +diff -Naru arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8 +--- arpwatch-2.1a15.orig/arpwatch.8 2006-09-24 09:34:36.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.8 2006-09-24 10:06:24.000000000 +0400 +@@ -27,7 +27,12 @@ + .na + .B arpwatch + [ +-.B -dN ++.B -d ++] ++.br ++.ti +9 ++[ ++.B -F + ] + .br + .ti +9 +@@ -50,6 +55,11 @@ + .br + .ti +9 + [ ++.B -N ++] ++.br ++.ti +9 ++[ + .B -r + .I file + ] +@@ -115,6 +125,14 @@ + .IR stderr . + .LP + The ++.B -F ++flag is used to prevent ++.I arpwatch ++from forking. This is allows to run ++.I arpwatch ++from daemon tools. ++.LP ++The + .B -f + flag is used to set the ethernet/ip address database filename. + The default is +diff -Naru arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c +--- arpwatch-2.1a15.orig/arpwatch.c 2006-09-24 09:34:36.000000000 +0400 ++++ arpwatch-2.1a15/arpwatch.c 2006-09-24 10:10:17.000000000 +0400 +@@ -179,10 +179,12 @@ + struct bpf_program code; + char errbuf[PCAP_ERRBUF_SIZE]; + char* username = NULL; ++ int nofork = 0; + int restart = 0; + int restarting_loop = 0; + char options[] = + "d" ++ "F" + "f:" + "i:" + "n:" +@@ -229,6 +231,10 @@ + #endif + break; + ++ case 'F': ++ ++nofork; ++ break; ++ + case 'f': + arpfile = optarg; + break; +@@ -319,12 +325,14 @@ + + /* Drop into the background if not debugging */ + if (!debug) { +- pid = fork(); +- if (pid < 0) { +- syslog(LOG_ERR, "main fork(): %m"); +- exit(1); +- } else if (pid != 0) +- exit(0); ++ if (!nofork) { ++ pid = fork(); ++ if (pid < 0) { ++ syslog(LOG_ERR, "main fork(): %m"); ++ exit(1); ++ } else if (pid != 0) ++ exit(0); ++ } + (void)close(fileno(stdin)); + (void)close(fileno(stdout)); + (void)close(fileno(stderr)); diff --git a/main/arpwatch/19_all_arpwatch-2.1a15-nonewstation.patch b/main/arpwatch/19_all_arpwatch-2.1a15-nonewstation.patch new file mode 100644 index 0000000000..521d31ae1b --- /dev/null +++ b/main/arpwatch/19_all_arpwatch-2.1a15-nonewstation.patch @@ -0,0 +1,100 @@ +diff -Naur arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8 +--- arpwatch-2.1a15.orig/arpwatch.8 2006-12-11 12:56:18.000000000 +0300 ++++ arpwatch-2.1a15/arpwatch.8 2006-12-11 12:56:53.000000000 +0300 +@@ -60,6 +60,11 @@ + .br + .ti +9 + [ ++.B -S ++] ++.br ++.ti +9 ++[ + .B -r + .I file + ] +@@ -155,6 +160,10 @@ + flag disables reporting any bogons. + .LP + The ++.B -S ++flag disables reporting of new stations. ++.LP ++The + .B -r + flag is used to specify a savefile + (perhaps created by +diff -Naur arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c +--- arpwatch-2.1a15.orig/arpwatch.c 2006-12-11 12:56:18.000000000 +0300 ++++ arpwatch-2.1a15/arpwatch.c 2006-12-11 12:56:53.000000000 +0300 +@@ -189,6 +189,7 @@ + "i:" + "n:" + "N" ++ "S" + "r:" + "m:" + "s:" +@@ -252,6 +253,10 @@ + ++nobogons; + break; + ++ case 'S': ++ ++nonewstations; ++ break; ++ + case 'r': + rfilename = optarg; + break; +@@ -883,7 +888,7 @@ + { + extern char version[]; + char usage[] = +- "[-dN] " ++ "[-dNS] " + "[-f datafile] " + "[-i interface] " + "[-n net[/width]] " +@@ -894,7 +899,7 @@ + "[-a] " + "[-u username] " + "[-R seconds ] " +- "[-Q ] " ++ "[-Q] " + "[-z ignorenet/ignoremask] " + "\n" + ; +diff -Naur arpwatch-2.1a15.orig/arpwatch.h arpwatch-2.1a15/arpwatch.h +--- arpwatch-2.1a15.orig/arpwatch.h 2006-12-11 12:56:18.000000000 +0300 ++++ arpwatch-2.1a15/arpwatch.h 2006-12-11 12:57:13.000000000 +0300 +@@ -16,6 +16,8 @@ + + extern char *prog; + ++extern int nonewstations; /* Turns off new-station reporting. */ ++ + #ifdef ETHER_HEADER_HAS_EA + #define ESRC(ep) ((ep)->ether_shost.ether_addr_octet) + #define EDST(ep) ((ep)->ether_dhost.ether_addr_octet) +diff -Naur arpwatch-2.1a15.orig/db.c arpwatch-2.1a15/db.c +--- arpwatch-2.1a15.orig/db.c 2006-12-11 12:56:18.000000000 +0300 ++++ arpwatch-2.1a15/db.c 2006-12-11 12:57:34.000000000 +0300 +@@ -86,6 +86,8 @@ + static void check_hname(struct ainfo *); + struct ainfo *newainfo(void); + ++int nonewstations = 0; ++ + int + ent_add(register u_int32_t a, register u_char *e, time_t t, register char *h, + char *interface) +@@ -118,7 +120,8 @@ + if (ap->ecount == 0) { + ap->ecount = 1; + ap->elist[0] = elist_alloc(a, e, t, h, interface); +- report("new station", a, e, NULL, &t, NULL, interface); ++ if (!nonewstations) ++ report("new station", a, e, NULL, &t, NULL, interface); + return (1); + } + diff --git a/main/arpwatch/20_all_arpwatch-2.1a15-noreversedns-resolve.patch b/main/arpwatch/20_all_arpwatch-2.1a15-noreversedns-resolve.patch new file mode 100644 index 0000000000..b2d523d491 --- /dev/null +++ b/main/arpwatch/20_all_arpwatch-2.1a15-noreversedns-resolve.patch @@ -0,0 +1,99 @@ +diff -Naur arpwatch-2.1a15.orig/arpwatch.8 arpwatch-2.1a15/arpwatch.8 +--- arpwatch-2.1a15.orig/arpwatch.8 2006-12-11 13:00:39.000000000 +0300 ++++ arpwatch-2.1a15/arpwatch.8 2006-12-11 13:00:55.000000000 +0300 +@@ -110,6 +110,11 @@ + .br + .ti +9 + [ ++.B -D ++] ++.br ++.ti +9 ++[ + .B -z + .I ignorenet/ignoremask + ] +@@ -240,6 +245,10 @@ + flags prevents arpwatch from sending reports by mail. (This feature comes from Debian). + .LP + The ++.B -D ++flag turns off reverse-DNS queries. This can speed up operations significantly. ++.LP ++The + .B -z + flag is used to set a range of ip addresses to ignore (such as a DHCP + range). Netmask is specified as 255.255.128.0. (This feature comes from Debian). +diff -Naur arpwatch-2.1a15.orig/arpwatch.c arpwatch-2.1a15/arpwatch.c +--- arpwatch-2.1a15.orig/arpwatch.c 2006-12-11 13:00:39.000000000 +0300 ++++ arpwatch-2.1a15/arpwatch.c 2006-12-11 13:00:55.000000000 +0300 +@@ -198,6 +198,7 @@ + "u:" + "R:" + "Q" ++ "D" + "z:" + ; + char *tmpptr; +@@ -289,6 +290,10 @@ + ++quiet; + break; + ++ case 'D': ++ ++noreversedns; ++ break; ++ + case 'z': + tmpptr = strtok(optarg, "/"); + inet_aton(tmpptr, &ignore_net); +@@ -900,6 +905,7 @@ + "[-u username] " + "[-R seconds ] " + "[-Q] " ++ "[-D] " + "[-z ignorenet/ignoremask] " + "\n" + ; +diff -Naur arpwatch-2.1a15.orig/arpwatch.h arpwatch-2.1a15/arpwatch.h +--- arpwatch-2.1a15.orig/arpwatch.h 2006-12-11 13:00:39.000000000 +0300 ++++ arpwatch-2.1a15/arpwatch.h 2006-12-11 13:00:55.000000000 +0300 +@@ -17,6 +17,7 @@ + extern char *prog; + + extern int nonewstations; /* Turns off new-station reporting. */ ++extern int noreversedns; /* Turns off reverse-dns. */ + + #ifdef ETHER_HEADER_HAS_EA + #define ESRC(ep) ((ep)->ether_shost.ether_addr_octet) +diff -Naur arpwatch-2.1a15.orig/dns.c arpwatch-2.1a15/dns.c +--- arpwatch-2.1a15.orig/dns.c 2000-10-14 05:50:52.000000000 +0400 ++++ arpwatch-2.1a15/dns.c 2006-12-11 13:01:07.000000000 +0300 +@@ -71,6 +71,8 @@ + } querybuf; + #endif + ++int noreversedns = 0; ++ + int + gethinfo(register char *hostname, register char *cpu, register int cpulen, + register char *os, register int oslen) +@@ -84,6 +86,9 @@ + register int type, class, buflen, ancount, qdcount; + querybuf qbuf; + ++ if (noreversedns) ++ return (0); ++ + qb = &qbuf; + n = res_query(hostname, C_IN, T_HINFO, qb->buf, sizeof(qb->buf)); + if (n < 0) +@@ -144,6 +149,9 @@ + register int32_t options; + register struct hostent *hp; + ++ if (noreversedns) ++ return (intoa(a)); ++ + options = _res.options; + _res.options |= RES_AAONLY; + _res.options &= ~(RES_DEFNAMES | RES_DNSRCH); diff --git a/main/arpwatch/21_all_arpwatch-2.1a15-pid-filename.patch b/main/arpwatch/21_all_arpwatch-2.1a15-pid-filename.patch new file mode 100644 index 0000000000..af4d6ca51c --- /dev/null +++ b/main/arpwatch/21_all_arpwatch-2.1a15-pid-filename.patch @@ -0,0 +1,108 @@ +--- ./arpwatch.8.orig 2007-03-27 22:06:16.000000000 +0400 ++++ ./arpwatch.8 2007-03-27 22:08:41.000000000 +0400 +@@ -88,6 +88,12 @@ + .br + .ti +9 + [ ++.B -P ++.I pid_path ++] ++.br ++.ti +9 ++[ + .B -a + ] + .br +@@ -204,6 +210,10 @@ + YMMV. (This feature comes from Debian). + .LP + The ++.B -P ++flag is used to specify pid filename. Default is set to /var/run/arpwatch.pid. ++.LP ++The + .B -a + flag tells + .B arpwatch +--- ./arpwatch.h.orig 2007-03-27 21:36:50.000000000 +0400 ++++ ./arpwatch.h 2007-03-27 21:37:17.000000000 +0400 +@@ -1,6 +1,7 @@ + /* @(#) $Id: arpwatch.h,v 1.29 2000/09/30 23:40:49 leres Exp $ (LBL) */ + + #define ARPFILE "arp.dat" ++#define PIDFILENAME "/var/run/arpwatch.pid" + /*#define ETHERCODES "ethercodes.dat" */ + #define CHECKPOINT (15*60) /* Checkpoint time in seconds */ + +--- ./arpwatch.c.orig 2007-03-27 21:31:18.000000000 +0400 ++++ ./arpwatch.c 2007-03-27 22:04:15.000000000 +0400 +@@ -108,6 +108,8 @@ + + char *prog; + char *path_sendmail = PATH_SENDMAIL; ++char *pidname = PIDFILENAME; ++int nofork = 0; + + int can_checkpoint; + int swapped; +@@ -179,7 +181,6 @@ + struct bpf_program code; + char errbuf[PCAP_ERRBUF_SIZE]; + char* username = NULL; +- int nofork = 0; + int restart = 0; + int restarting_loop = 0; + char options[] = +@@ -194,6 +195,7 @@ + "m:" + "s:" + "p" ++ "P:" + "a" + "u:" + "R:" +@@ -202,6 +204,7 @@ + "z:" + ; + char *tmpptr; ++ FILE *pidfile; + + if (argv[0] == NULL) + prog = "arpwatch"; +@@ -274,6 +277,10 @@ + ++nopromisc; + break; + ++ case 'P': ++ pidname = optarg; ++ break; ++ + case 'a': + ++allsubnets; + break; +@@ -342,6 +349,15 @@ + exit(1); + } else if (pid != 0) + exit(0); ++ pidfile = fopen(pidname, "w"); ++ if(pidfile) { ++ int pid = (int)getpid(); ++ fprintf(pidfile, "%d\n", pid); ++ fclose(pidfile); ++ syslog(LOG_INFO, "Wrote pid %d to %s", pid, pidname); ++ } ++ else ++ fprintf(stderr, "Couldn't write pid file\n"); + } + (void)close(fileno(stdin)); + (void)close(fileno(stdout)); +@@ -870,6 +886,9 @@ + { + + syslog(LOG_DEBUG, "exiting"); ++ if (!debug && !nofork) ++ if(!unlink(pidname)) ++ syslog(LOG_DEBUG, "unable to remove pid file %s", pidname); + checkpoint(0); + exit(1); + } diff --git a/main/arpwatch/APKBUILD b/main/arpwatch/APKBUILD index 662d958059..94c269db7f 100644 --- a/main/arpwatch/APKBUILD +++ b/main/arpwatch/APKBUILD @@ -2,18 +2,40 @@ # Maintainer: Natanael Copa pkgname=arpwatch pkgver=2.1a15 -pkgrel=5 +pkgrel=6 pkgdesc="Ethernet monitoring program" url="http://www-nrg.ee.lbl.gov/" arch="all" license="GPL" depends= +pkguser=arpwatch makedepends="libpcap-dev" -install= +install="$pkgname.pre-install" subpackages="" source="ftp://ftp.ee.lbl.gov/$pkgname.tar.gz arpwatch.confd - arpwatch.initd" + arpwatch.initd + 01_all_arpwatch-2.1a15-manpages.patch + 02_all_arpwatch-2.1a15-srcdir.patch + 03_all_arpwatch-2.1a15-getopt.patch + 04_all_arpwatch-2.1a15-sendmail-cmdline-opt.patch + 05_all_arpwatch-2.1a15-promiscuous-mode.patch + 06_all_arpwatch-2.1a15-bogons-report.patch + 07_all_arpwatch-2.1a15-specify-mail.patch + 08_all_arpwatch-2.1a15-drop-priveleges.patch + 09_all_arpwatch-2.1a15-quite-mail.patch + 10_all_arpwatch-2.1a15-ignore-net.patch + 11_all_arpwatch-2.1a15-secure-tmp.patch + 12_all_arpwatch-2.1a15-defalt-dir-in-manpages.patch + 13_all_arpwatch-2.1a15-scripts-awk.patch + 14_all_arpwatch-2.1a15-paths-fix.patch + 15_all_arpwatch-2.1a15-fix-dead-lock.patch + 16_all_arpwatch-2.1a15-additional-manpages-cleanups.patch + 17_all_arpwatch-2.1a15-restart.patch + 18_all_arpwatch-2.1a15-nofork.patch + 19_all_arpwatch-2.1a15-nonewstation.patch + 20_all_arpwatch-2.1a15-noreversedns-resolve.patch + 21_all_arpwatch-2.1a15-pid-filename.patch" prepare() { cd "$srcdir/$pkgname-$pkgver" @@ -39,12 +61,82 @@ package() { #install command wouldn't create directory ? mkdir -p "$pkgdir"/usr/sbin/ make -j1 DESTDIR="$pkgdir" install - + mkdir -p "$pkgdir"/var/lib/arpwatch + mkdir -p "$pkgdir"/var/run/arpwatch + chown arpuser "$pkgdir"/var/run/arpwatch install -m755 -D "$srcdir"/$pkgname.initd "$pkgdir"/etc/init.d/$pkgname install -m644 -D "$srcdir"/$pkgname.confd "$pkgdir"/etc/conf.d/$pkgname - } md5sums="cebfeb99c4a7c2a6cee2564770415fe7 arpwatch.tar.gz dc8300ce5f02d6be95899a2982397064 arpwatch.confd -51ecada198c4f954ac4d5f5903198ebb arpwatch.initd" +51ecada198c4f954ac4d5f5903198ebb arpwatch.initd +05c30c8d960d6b87b2ffc9e414bb9e2d 01_all_arpwatch-2.1a15-manpages.patch +7097d5d57a4a5897099230b5eb576dfd 02_all_arpwatch-2.1a15-srcdir.patch +0fa77a4adc8421a95a6bcf424252efca 03_all_arpwatch-2.1a15-getopt.patch +2ea549bd6b57994eb8564980f2c19eb4 04_all_arpwatch-2.1a15-sendmail-cmdline-opt.patch +d5730ced07035ad493df64bedac59e4c 05_all_arpwatch-2.1a15-promiscuous-mode.patch +fe051d4b54f7c6cd831bb2aadec445a7 06_all_arpwatch-2.1a15-bogons-report.patch +c5b855635a9a6d0a484b70dbdc3448bc 07_all_arpwatch-2.1a15-specify-mail.patch +93fa41c3efa98eb65c5a6f03b4185635 08_all_arpwatch-2.1a15-drop-priveleges.patch +7fb44f7711cbbbdb32f9258675bb6845 09_all_arpwatch-2.1a15-quite-mail.patch +b12be2993e6bf7944f8c313464827c3e 10_all_arpwatch-2.1a15-ignore-net.patch +ea0755f853879d7807417d298cf16ca2 11_all_arpwatch-2.1a15-secure-tmp.patch +c052ebf34654337fb71d3a7534e9eeac 12_all_arpwatch-2.1a15-defalt-dir-in-manpages.patch +59e995e8897089276719eaf504121f6d 13_all_arpwatch-2.1a15-scripts-awk.patch +da5e87b06bb5a12edc605f2cb6ef86f3 14_all_arpwatch-2.1a15-paths-fix.patch +0aa0a10b9158101a56471397e5c0ab60 15_all_arpwatch-2.1a15-fix-dead-lock.patch +9e033a8e9908974af9ed992bcacd4ea9 16_all_arpwatch-2.1a15-additional-manpages-cleanups.patch +152e16f44a419782b54c4d737098386b 17_all_arpwatch-2.1a15-restart.patch +5adc4ee0193b99261be84105860a0771 18_all_arpwatch-2.1a15-nofork.patch +132e80dadf4bc130df69930a691323dd 19_all_arpwatch-2.1a15-nonewstation.patch +6214671686599ba7102371a2754a691f 20_all_arpwatch-2.1a15-noreversedns-resolve.patch +4fae1ab6cb45dd81d50e9e7f474a1ad7 21_all_arpwatch-2.1a15-pid-filename.patch" +sha256sums="c1df9737e208a96a61fa92ddad83f4b4d9be66f8992f3c917e9edf4b05ff5898 arpwatch.tar.gz +8acc2840b75c2da57b8f2a99de83e21b908c94acec77485554c801e88b62cb66 arpwatch.confd +a19419228b46da292947cc1a045c0fd57f3826b805c0ee35f3ff62725076acb4 arpwatch.initd +ee2aad981f402321960e297ce84df2ca06dbc1e58b63e3d0b62678030efef26c 01_all_arpwatch-2.1a15-manpages.patch +2053a486c2e2cb50ebaea1a3f677c0939ee80ae899e944940ea7ec8fbed67877 02_all_arpwatch-2.1a15-srcdir.patch +33c5c469e0e3b2cd135f2246c1b1c558a01dbf8ccaa9120220177c2cda314b87 03_all_arpwatch-2.1a15-getopt.patch +c35817ecfbfe3bb0a6f08f453a100435a8cc8ae3d9e8c59a613d39253281717b 04_all_arpwatch-2.1a15-sendmail-cmdline-opt.patch +bd048ce3113b724d9384786002e218a221361d57c9484742348bb2c9219e5518 05_all_arpwatch-2.1a15-promiscuous-mode.patch +c0cfe555a90e915e7d50a165a93cf27ab7f3a831eb912e9a40ead83f1b321595 06_all_arpwatch-2.1a15-bogons-report.patch +1e59bd9dd872fb0fcfa1d95e00adbf9ac98848cb0b78d6ed3263b73ec088c61c 07_all_arpwatch-2.1a15-specify-mail.patch +059c73eb408baa587854e1496bfb9c6ba2268950e9d1af787fe1527a7c3b99c6 08_all_arpwatch-2.1a15-drop-priveleges.patch +eb5717eb4073bb236ad3cc5821b22036a5998382478b4a2c442867a5a9ab9e14 09_all_arpwatch-2.1a15-quite-mail.patch +35da615a4e830bac2d7588b3d39968d7521424013e726d4c5a79aba0e1a7d152 10_all_arpwatch-2.1a15-ignore-net.patch +319855bbaa23fc1b5312f766f2bcbc5edb69d156f5a77ab83cffe22b84e44d3e 11_all_arpwatch-2.1a15-secure-tmp.patch +6e718eb5b98db216b21d630531fd3c574a0a6e4eebe160593cc8924cb0c686d9 12_all_arpwatch-2.1a15-defalt-dir-in-manpages.patch +901442740ede2701b240bd25a1b7afbacf5cb8afd77b5c59fa0b4fd9d225a54c 13_all_arpwatch-2.1a15-scripts-awk.patch +d7abb5df788b4d86fa8a92ac5c2a9495af0d17c343faa8bf7452957c5e19ae30 14_all_arpwatch-2.1a15-paths-fix.patch +3996632264b656b7dce0bd4fb8ac9f8e25a3ecbc148a16cc00dced4b6e24d53e 15_all_arpwatch-2.1a15-fix-dead-lock.patch +64520f39285838decddde166999763e2e0a53098d0f89f026629474f9bd902bc 16_all_arpwatch-2.1a15-additional-manpages-cleanups.patch +833bf93899bc236551679df149adc31e31c4338250dab8bbf98f13c479f316d6 17_all_arpwatch-2.1a15-restart.patch +84537f795ed6f5766ee1a552d1e49ee2b5cf13668e64afa0ac11fef76b97ed08 18_all_arpwatch-2.1a15-nofork.patch +f88728dbcf0adcc2104b294bd7bc8a52fceabf93baa4d7f1a7b63e28ac2dfad3 19_all_arpwatch-2.1a15-nonewstation.patch +5c62aa5508da7bf061aa9629a9dab68ce945e68bafb24ab30c3cdea56f50c3a5 20_all_arpwatch-2.1a15-noreversedns-resolve.patch +54811b365f379522306a36eabc89c3c83cd9ddaa9fc8acd2fea84cff442807b9 21_all_arpwatch-2.1a15-pid-filename.patch" +sha512sums="f770b5b7954afe910dafb016e6e886a4e785564bcdc0ea0de9d7b1ca6a9a0b219a9d1b50b6f42a67afc2f836e782e8ff85ba5780583015d62c9694ac53f0bf90 arpwatch.tar.gz +e1251f8aa860fc5e27c012d7abe7b879018f8d68eb75a71bdf2b6ac22b0c7697ee23a4dc17692394b07bb98a037bacaa24933acaa0d75d3d654e0c45e13cc996 arpwatch.confd +8bb9818d72d1330220631c54a1802d8553a3c43e715ede6c88d44993cbae7c9d95585551a3d97f0fcf5f19ef2e93fb654ac756849b9d0783c19d91773e7f9dce arpwatch.initd +969e956c4fd192d35ce4f23a1f1461eb94a28a8d1e18845d3b099f8833dece003105b415af0a51b4d50221ded4d7434a49bba0ef7f3cac71fda9317b5edeaac3 01_all_arpwatch-2.1a15-manpages.patch +427a55b7599b8c897f1eae1b8f70b9eaa8e692636b666bf2a3a8703d8227c96e29cdcde8186ebcdcff63d902a919cde660ed6d02f9b5dc650ea9fe23afa44a5f 02_all_arpwatch-2.1a15-srcdir.patch +04ab5ed5e1097901e80d70925936a2ecdb7e1d815b627cbfa246a15a4fb7cbca59b9be04840c694f71c0ff8e2f3201a6047b4fbbb9e62687e7d95ea29c5e6ae4 03_all_arpwatch-2.1a15-getopt.patch +7b23ff5f15b98c7d4a2cca39597d2481d072a935f5021dea09be9735aaf54f9378957bf4548cbe004af13a340f0b0ee6c7db44d44cb3605b3d16fd3c08c06897 04_all_arpwatch-2.1a15-sendmail-cmdline-opt.patch +b4b4ce55ec8b2dba7ce9f49eb77874d8ada26322174a9032176ce28f52edd11edf0fbf16f2a48d974b145fa3e8a10fbf7f1ae72169336d4ed219d41da18007eb 05_all_arpwatch-2.1a15-promiscuous-mode.patch +3b637cbb8a969a43d737ce3a60c4213ed48db7c279cc4776632239d1bd70e150f88e3fee5f14367b1b9fc26a77f512fd5a6d361ce4303a9099ee3b2fb7cca28e 06_all_arpwatch-2.1a15-bogons-report.patch +0a36a7dcb10870735065b50c5979933217f479c91c6749d4ebabacb666a6dd25c4a767094f215c72cbd9fffd5568a0d2dd16ab36446d2bb2d55595801854e0cd 07_all_arpwatch-2.1a15-specify-mail.patch +254ac6d166014a49878bea82db26a61a944348633c81b361b2ab54cd959d7540695c2e96b97c666a2af654b0c30dc2eec56749da5cad8558be6d3cc813f76d31 08_all_arpwatch-2.1a15-drop-priveleges.patch +87bac2fe654e51940d0a8f6ce4131aef8c2c5db10ec73c92c6a4384bb797666beb8d3180895712a2e602fa513daded362cb20f35815563da7ad9a4a6f053d19d 09_all_arpwatch-2.1a15-quite-mail.patch +9f626f5d824c8706af7d5e53f0e5743a606c0ed0ef903f5f721457da6139a19bc39a3546d750d70f90f506d6f03ea7a37b1ff48aca35f49a9ffa702e16e8b6d3 10_all_arpwatch-2.1a15-ignore-net.patch +1c9250346896353857904b43e867ffa5de21bfbe3aa03d8678b2844bb6ad8746ad587884c6b8abe479ddc0bc5fdcfee26c746932c947877862c08f532c1608ee 11_all_arpwatch-2.1a15-secure-tmp.patch +5be13ab5b03ae5ffc1edc8b8657b6f903921c3ffe608ca9bd86a8b0c85f54e3114781bf2ef759b5bcf6e93a50cae55584c5054cb1f510423e7a9b052792829b2 12_all_arpwatch-2.1a15-defalt-dir-in-manpages.patch +cc573ea3f4170be7ff711ad0d63d79802111828d7e913c2eca2e9276fc5f6958f55e2c39b61d885084558bf59f2d95a7c6e3f92f65ac0310ff66505ba4229a57 13_all_arpwatch-2.1a15-scripts-awk.patch +456f3e42f64022cc9999efeaf4b8b7a759a9745e88ff059785ece43a85e2edc8bf56cee1b03c79f90fa9cbda6957cfec61eb40d1db4e03e214c03dcacf749103 14_all_arpwatch-2.1a15-paths-fix.patch +e5145f3f8d7c921148af25844d354bdc83dc8a8fe2e392155147dea6c168000c2e30a69dce902002c82746d918757e107ac2a9389e52ef4b550fb4f26b285155 15_all_arpwatch-2.1a15-fix-dead-lock.patch +e6f5571f8d4823c56f68ea13267f217cc60a9481cf08dfe632124593f8e3a49d3c7fb57c118490b126e2e37eed893470c6b92a079e680b0a03b6d0ffbb10e896 16_all_arpwatch-2.1a15-additional-manpages-cleanups.patch +76c971bd8ce3aec9a6e72f6192ff7f77a5a4b054fad9db4ed29344b0a9b76e07b188ac78b3de654e82de7276ddc877a7f9bbd4f90dd74454a08fd7a5fd2f379c 17_all_arpwatch-2.1a15-restart.patch +91f01db73b7979464db9e0616cfc2a19c950c65f1409342220e1c6e7b22716827b681cb03ede88644e67d81efc38af32a1fd372151474e9b917abb9e13cdafdd 18_all_arpwatch-2.1a15-nofork.patch +5322d2ea02f300d2be2cd17fdf7154cfd6e775376d56c9ad4bdc520196b533060d6602ebb7a02bb1b4088afccb6c843ead3d01b9e0928125fadcdd4d1efadc88 19_all_arpwatch-2.1a15-nonewstation.patch +fd7231744f8025dbcc0bec65ffc02933e0d14717a824187a955a55509316f8667b11bcc4efe847a5002519337b3cc8e778e216ebbb5ad2af504021ea61df4380 20_all_arpwatch-2.1a15-noreversedns-resolve.patch +11da1ec9cce70f2f9fb0657e3bbc2ca9cbad68a292205dfb01effd15643f0aeb693f544f2f8d308b7c3a4901de0a0f91e33676e40cb39dda2314e11097c1eae3 21_all_arpwatch-2.1a15-pid-filename.patch" diff --git a/main/arpwatch/arpwatch.pre-install b/main/arpwatch/arpwatch.pre-install new file mode 100644 index 0000000000..2326b23b4e --- /dev/null +++ b/main/arpwatch/arpwatch.pre-install @@ -0,0 +1,4 @@ +#!/bin/sh +adduser -S -H -s /bin/false -D arpwatch 2>/dev/null +exit 0 + -- cgit v1.2.3