Added scanlogd, thanks to Stephen Rose for his work
authorFlorian Fainelli <florian@openwrt.org>
Tue, 7 Feb 2006 23:00:19 +0000 (23:00 +0000)
committerFlorian Fainelli <florian@openwrt.org>
Tue, 7 Feb 2006 23:00:19 +0000 (23:00 +0000)
SVN-Revision: 3186

openwrt/package/Config.in
openwrt/package/Makefile
openwrt/package/scanlogd/Config.in [new file with mode: 0644]
openwrt/package/scanlogd/Makefile [new file with mode: 0644]
openwrt/package/scanlogd/files/scanlogd.init [new file with mode: 0755]
openwrt/package/scanlogd/ipkg/scanlogd.control [new file with mode: 0644]
openwrt/package/scanlogd/ipkg/scanlogd.postinst [new file with mode: 0644]

index 4fcac3b..016013e 100644 (file)
@@ -122,6 +122,7 @@ source "package/rp-pppoe/Config.in"
 source "package/rrs/Config.in"
 source "package/rsync/Config.in"
 source "package/samba/Config.in"
+source "package/scanlogd/Config.in"
 source "package/scdp/Config.in"
 source "package/shat/Config.in"
 source "package/siproxd/Config.in"
index 5e29f88..b1e8bdd 100644 (file)
@@ -192,6 +192,7 @@ package-$(BR2_PACKAGE_SABLEVM) += sablevm
 package-$(BR2_COMPILE_SABLEVM_CLASSPATH) += sablevm-classpath
 package-$(BR2_COMPILE_SAMBA) += samba
 package-$(BR2_PACKAGE_SANE_BACKENDS) += sane-backends
+package-$(BR2_PACKAGE_SCANLOGD) += scanlogd
 package-$(BR2_PACKAGE_SCDP) += scdp
 package-$(BR2_PACKAGE_SCREEN) += screen
 package-$(BR2_PACKAGE_SDK) += sdk
@@ -342,6 +343,7 @@ endif
 rrdtool-compile: cgilib-compile freetype-compile libart-compile libpng-compile
 rrdtool1-compile: zlib-compile
 rsync-compile: popt-compile
+scanlogd-compite: libpcap-compile libnids-compile libnet-compile
 scdp-compile: libnet-compile
 screen-compile: ncurses-compile
 siproxd-compile: libosip2-compile
diff --git a/openwrt/package/scanlogd/Config.in b/openwrt/package/scanlogd/Config.in
new file mode 100644 (file)
index 0000000..024308e
--- /dev/null
@@ -0,0 +1,14 @@
+config BR2_PACKAGE_SCANLOGD
+       prompt "scanlogd.......................... a port scan detection tool"
+       tristate
+       select BR2_PACKAGE_LIBPCAP
+       select BR2_PACKAGE_LIBNET
+       select BR2_PACKAGE_LIBNIDS
+       default m if CONFIG_DEVEL
+       help
+         Scanlogd is a TCP port scan detection tool, originally designed 
+         to illustrate various attacks an IDS developer has to deal with.  
+         Thus, unlike some of the other port scan detection tools out there, 
+         scanlogd is designed to be totally safe to use.
+
+         http://www.openwall.com/scanlogd
diff --git a/openwrt/package/scanlogd/Makefile b/openwrt/package/scanlogd/Makefile
new file mode 100644 (file)
index 0000000..8f9175a
--- /dev/null
@@ -0,0 +1,42 @@
+# $Id: Makefile,v 1.1 2005/06/11 11:40:04 wbx Exp $
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=scanlogd
+PKG_VERSION:=2.2.5
+PKG_RELEASE:=1
+PKG_MD5SUM:=6b53ad390a51f0835e66b1efa84d710a
+
+PKG_SOURCE_URL:=http://www.openwall.com/scanlogd/
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_CAT:=zcat
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
+PKG_INSTALL_DIR:=$(PKG_BUILD_DIR)/ipkg-install
+
+include $(TOPDIR)/package/rules.mk
+
+$(eval $(call PKG_template,SCANLOGD,scanlogd,$(PKG_VERSION)-$(PKG_RELEASE),$(ARCH)))
+
+$(PKG_BUILD_DIR)/.configured:
+       $(SED) "s,/var/empty,/tmp/.scanlogd," $(PKG_BUILD_DIR)/params.h
+       touch $@
+
+$(PKG_BUILD_DIR)/.built:
+       $(MAKE) -C $(PKG_BUILD_DIR) \
+               $(TARGET_CONFIGURE_OPTS) \
+               CC=$(TARGET_CC) LD=$(TARGET_CC) CFLAGS="-c $(TARGET_CFLAGS)" \
+               LDFLAGS= \
+               PCAP_H="-I$(STAGING_DIR)/usr/include" \
+               NIDS_H="-I$(STAGING_DIR)/usr/include" \
+               NIDS_L="-L$(STAGING_DIR)/usr/lib -lnids -lnet -lpcap" \
+               libnids
+       touch $@
+
+$(IPKG_SCANLOGD):
+       install -d -m0755 $(IDIR_SCANLOGD)/etc/init.d
+       install -m0755 ./files/scanlogd.init $(IDIR_SCANLOGD)/etc/init.d/S60scanlogd
+       install -d -m0755 $(IDIR_SCANLOGD)/usr/sbin
+       install -m0755 $(PKG_BUILD_DIR)/$(PKG_NAME) $(IDIR_SCANLOGD)/usr/sbin/
+       $(RSTRIP) $(IDIR_SCANLOGD)
+       $(IPKG_BUILD) $(IDIR_SCANLOGD) $(PACKAGE_DIR)
diff --git a/openwrt/package/scanlogd/files/scanlogd.init b/openwrt/package/scanlogd/files/scanlogd.init
new file mode 100755 (executable)
index 0000000..762d55e
--- /dev/null
@@ -0,0 +1,3 @@
+#!/bin/sh
+mkdir -p `grep "^scanlogd:" /etc/passwd | cut -d: -f6`
+/usr/sbin/scanlogd
diff --git a/openwrt/package/scanlogd/ipkg/scanlogd.control b/openwrt/package/scanlogd/ipkg/scanlogd.control
new file mode 100644 (file)
index 0000000..307a8dd
--- /dev/null
@@ -0,0 +1,9 @@
+Package: scanlogd
+Priority: optional
+Section: net
+Version: [TBDL]
+Architecture: [TBDL]
+Maintainer: OpenWrt Developer <bugs@openwrt.org>
+Description: Port scan logger.
+Source: http://www.openwall.com/scanlogd/
+Depends: libpcap, libnet, libnids
diff --git a/openwrt/package/scanlogd/ipkg/scanlogd.postinst b/openwrt/package/scanlogd/ipkg/scanlogd.postinst
new file mode 100644 (file)
index 0000000..ab72009
--- /dev/null
@@ -0,0 +1,33 @@
+#!/bin/sh
+
+name=scanlogd
+id=53
+
+# do not change below
+# check if we are on real system
+if [ -z "${IPKG_INSTROOT}" ]; then
+       # create copies of passwd and group, if we use squashfs
+       rootfs=`mount |awk '/root/ { print $5 }'`
+       if [ "$rootfs" = "squashfs" ]; then
+               if [ -h /etc/group ]; then
+                       rm /etc/group
+                       cp /rom/etc/group /etc/group
+               fi
+               if [ -h /etc/passwd ]; then
+                       rm /etc/passwd
+                       cp /rom/etc/passwd /etc/passwd
+               fi
+       fi
+fi
+
+echo ""
+if [ -z "$(grep ^\\${name}: ${IPKG_INSTROOT}/etc/group)" ]; then 
+       echo "adding group $name to /etc/group"
+       echo "${name}:x:${id}:" >> ${IPKG_INSTROOT}/etc/group  
+fi
+
+if [ -z "$(grep ^\\${name}: ${IPKG_INSTROOT}/etc/passwd)" ]; then 
+       echo "adding user $name to /etc/passwd"
+       echo "${name}:x:${id}:${id}:${name}:/tmp/.${name}:/bin/false" >> ${IPKG_INSTROOT}/etc/passwd
+fi
+