From a033ff55aae75af974e6a57d4d1742dc9d132de5 Mon Sep 17 00:00:00 2001 From: florian Date: Tue, 7 Feb 2006 23:00:19 +0000 Subject: [PATCH] Added scanlogd, thanks to Stephen Rose for his work git-svn-id: svn://svn.openwrt.org/openwrt/trunk/openwrt@3186 3c298f89-4303-0410-b956-a3cf2f4a3e73 --- package/Config.in | 1 + package/Makefile | 2 ++ package/scanlogd/Config.in | 14 +++++++++ package/scanlogd/Makefile | 42 +++++++++++++++++++++++++ package/scanlogd/files/scanlogd.init | 3 ++ package/scanlogd/ipkg/scanlogd.control | 9 ++++++ package/scanlogd/ipkg/scanlogd.postinst | 33 +++++++++++++++++++ 7 files changed, 104 insertions(+) create mode 100644 package/scanlogd/Config.in create mode 100644 package/scanlogd/Makefile create mode 100755 package/scanlogd/files/scanlogd.init create mode 100644 package/scanlogd/ipkg/scanlogd.control create mode 100644 package/scanlogd/ipkg/scanlogd.postinst diff --git a/package/Config.in b/package/Config.in index 4fcac3b04..016013e15 100644 --- a/package/Config.in +++ b/package/Config.in @@ -122,6 +122,7 @@ source "package/rp-pppoe/Config.in" source "package/rrs/Config.in" source "package/rsync/Config.in" source "package/samba/Config.in" +source "package/scanlogd/Config.in" source "package/scdp/Config.in" source "package/shat/Config.in" source "package/siproxd/Config.in" diff --git a/package/Makefile b/package/Makefile index 5e29f8807..b1e8bddd0 100644 --- a/package/Makefile +++ b/package/Makefile @@ -192,6 +192,7 @@ package-$(BR2_PACKAGE_SABLEVM) += sablevm package-$(BR2_COMPILE_SABLEVM_CLASSPATH) += sablevm-classpath package-$(BR2_COMPILE_SAMBA) += samba package-$(BR2_PACKAGE_SANE_BACKENDS) += sane-backends +package-$(BR2_PACKAGE_SCANLOGD) += scanlogd package-$(BR2_PACKAGE_SCDP) += scdp package-$(BR2_PACKAGE_SCREEN) += screen package-$(BR2_PACKAGE_SDK) += sdk @@ -342,6 +343,7 @@ endif rrdtool-compile: cgilib-compile freetype-compile libart-compile libpng-compile rrdtool1-compile: zlib-compile rsync-compile: popt-compile +scanlogd-compite: libpcap-compile libnids-compile libnet-compile scdp-compile: libnet-compile screen-compile: ncurses-compile siproxd-compile: libosip2-compile diff --git a/package/scanlogd/Config.in b/package/scanlogd/Config.in new file mode 100644 index 000000000..024308edc --- /dev/null +++ b/package/scanlogd/Config.in @@ -0,0 +1,14 @@ +config BR2_PACKAGE_SCANLOGD + prompt "scanlogd.......................... a port scan detection tool" + tristate + select BR2_PACKAGE_LIBPCAP + select BR2_PACKAGE_LIBNET + select BR2_PACKAGE_LIBNIDS + default m if CONFIG_DEVEL + help + Scanlogd is a TCP port scan detection tool, originally designed + to illustrate various attacks an IDS developer has to deal with. + Thus, unlike some of the other port scan detection tools out there, + scanlogd is designed to be totally safe to use. + + http://www.openwall.com/scanlogd diff --git a/package/scanlogd/Makefile b/package/scanlogd/Makefile new file mode 100644 index 000000000..8f9175a4b --- /dev/null +++ b/package/scanlogd/Makefile @@ -0,0 +1,42 @@ +# $Id: Makefile,v 1.1 2005/06/11 11:40:04 wbx Exp $ + +include $(TOPDIR)/rules.mk + +PKG_NAME:=scanlogd +PKG_VERSION:=2.2.5 +PKG_RELEASE:=1 +PKG_MD5SUM:=6b53ad390a51f0835e66b1efa84d710a + +PKG_SOURCE_URL:=http://www.openwall.com/scanlogd/ +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_CAT:=zcat + +PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) +PKG_INSTALL_DIR:=$(PKG_BUILD_DIR)/ipkg-install + +include $(TOPDIR)/package/rules.mk + +$(eval $(call PKG_template,SCANLOGD,scanlogd,$(PKG_VERSION)-$(PKG_RELEASE),$(ARCH))) + +$(PKG_BUILD_DIR)/.configured: + $(SED) "s,/var/empty,/tmp/.scanlogd," $(PKG_BUILD_DIR)/params.h + touch $@ + +$(PKG_BUILD_DIR)/.built: + $(MAKE) -C $(PKG_BUILD_DIR) \ + $(TARGET_CONFIGURE_OPTS) \ + CC=$(TARGET_CC) LD=$(TARGET_CC) CFLAGS="-c $(TARGET_CFLAGS)" \ + LDFLAGS= \ + PCAP_H="-I$(STAGING_DIR)/usr/include" \ + NIDS_H="-I$(STAGING_DIR)/usr/include" \ + NIDS_L="-L$(STAGING_DIR)/usr/lib -lnids -lnet -lpcap" \ + libnids + touch $@ + +$(IPKG_SCANLOGD): + install -d -m0755 $(IDIR_SCANLOGD)/etc/init.d + install -m0755 ./files/scanlogd.init $(IDIR_SCANLOGD)/etc/init.d/S60scanlogd + install -d -m0755 $(IDIR_SCANLOGD)/usr/sbin + install -m0755 $(PKG_BUILD_DIR)/$(PKG_NAME) $(IDIR_SCANLOGD)/usr/sbin/ + $(RSTRIP) $(IDIR_SCANLOGD) + $(IPKG_BUILD) $(IDIR_SCANLOGD) $(PACKAGE_DIR) diff --git a/package/scanlogd/files/scanlogd.init b/package/scanlogd/files/scanlogd.init new file mode 100755 index 000000000..762d55e8c --- /dev/null +++ b/package/scanlogd/files/scanlogd.init @@ -0,0 +1,3 @@ +#!/bin/sh +mkdir -p `grep "^scanlogd:" /etc/passwd | cut -d: -f6` +/usr/sbin/scanlogd diff --git a/package/scanlogd/ipkg/scanlogd.control b/package/scanlogd/ipkg/scanlogd.control new file mode 100644 index 000000000..307a8dd57 --- /dev/null +++ b/package/scanlogd/ipkg/scanlogd.control @@ -0,0 +1,9 @@ +Package: scanlogd +Priority: optional +Section: net +Version: [TBDL] +Architecture: [TBDL] +Maintainer: OpenWrt Developer +Description: Port scan logger. +Source: http://www.openwall.com/scanlogd/ +Depends: libpcap, libnet, libnids diff --git a/package/scanlogd/ipkg/scanlogd.postinst b/package/scanlogd/ipkg/scanlogd.postinst new file mode 100644 index 000000000..ab720092c --- /dev/null +++ b/package/scanlogd/ipkg/scanlogd.postinst @@ -0,0 +1,33 @@ +#!/bin/sh + +name=scanlogd +id=53 + +# do not change below +# check if we are on real system +if [ -z "${IPKG_INSTROOT}" ]; then + # create copies of passwd and group, if we use squashfs + rootfs=`mount |awk '/root/ { print $5 }'` + if [ "$rootfs" = "squashfs" ]; then + if [ -h /etc/group ]; then + rm /etc/group + cp /rom/etc/group /etc/group + fi + if [ -h /etc/passwd ]; then + rm /etc/passwd + cp /rom/etc/passwd /etc/passwd + fi + fi +fi + +echo "" +if [ -z "$(grep ^\\${name}: ${IPKG_INSTROOT}/etc/group)" ]; then + echo "adding group $name to /etc/group" + echo "${name}:x:${id}:" >> ${IPKG_INSTROOT}/etc/group +fi + +if [ -z "$(grep ^\\${name}: ${IPKG_INSTROOT}/etc/passwd)" ]; then + echo "adding user $name to /etc/passwd" + echo "${name}:x:${id}:${id}:${name}:/tmp/.${name}:/bin/false" >> ${IPKG_INSTROOT}/etc/passwd +fi +