############################################################################### # This file is part of the IPCop Firewall. # # # # IPCop is free software; you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # # the Free Software Foundation; either version 2 of the License, or # # (at your option) any later version. # # # # IPCop is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty of # # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # # GNU General Public License for more details. # # # # You should have received a copy of the GNU General Public License # # along with IPCop; if not, write to the Free Software # # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # # # # Makefiles are based on LFSMake, which is # # Copyright (C) 2002 Rod Roard # # # # Modifications by: # # ??-12-2003 Mark Wormgoor < mark@wormgoor.com> # # - Modified Makefile for IPCop build # # # # $Id: logwatch,v 1.8.2.10 2005/10/18 21:30:32 gespinasse Exp $ # # ############################################################################### ############################################################################### # Definitions ############################################################################### include Config VER = 6.1.2 THISAPP = logwatch-$(VER) DL_FILE = $(THISAPP).tar.gz DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) ############################################################################### # Top-level Rules ############################################################################### objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) $(DL_FILE)_MD5 = a764bf80a31ab04ca788ac1303cba297 install : $(TARGET) check : $(patsubst %,$(DIR_CHK)/%,$(objects)) download :$(patsubst %,$(DIR_DL)/%,$(objects)) md5 : $(subst %,%_MD5,$(objects)) ############################################################################### # Downloading, checking, md5sum ############################################################################### $(patsubst %,$(DIR_CHK)/%,$(objects)) : @$(CHECK) $(patsubst %,$(DIR_DL)/%,$(objects)) : @$(LOAD) $(subst %,%_MD5,$(objects)) : @$(MD5) ############################################################################### # Installation Details ############################################################################### $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) -mkdir -p /etc/log.d /var/log/logwatch chown logwatch:nobody /var/log/logwatch cd $(DIR_APP) && cp -Rf conf scripts lib /etc/log.d cd $(DIR_APP) && install -m 0755 scripts/logwatch.pl /etc/log.d/scripts/logwatch.pl cd $(DIR_APP) && install -m 0644 logwatch.8 /usr/share/man/man8 sed -i 's/^Print = .*$$/Print = Yes/' /etc/log.d/conf/logwatch.conf # comment out line with unused example sed -i '/-zz-network/s/Service/#Service/' /etc/log.d/conf/logwatch.conf # fix typo in output sed -i '/MB transfered/s/transfered/transferred/' /etc/log.d/scripts/services/http # Strip out some filters for services we don't run - no point wasting log keeping them # cron filter don't support fcron # final selection for remaining files is in rootfile UNNEEDED="afpd amavis arpwatch audit automount autorpm cisco clamav clamav-milter \ clam-update courier cron emerge exim extreme-networks ftpd-messages ftpd-xferlog \ imapd identd in.qpopper ipop3d maillog mailscanner mountd named netopia netscreen \ oidentd pam pam_pwdb pop3 portsentry postfix pound proftpd-messages pureftp \ pureftpd qmail rt314 saslauthd samba sendmail sendmail-largeboxes shaperd smartd \ sonicwall stunnel sudo tac_acc up2date vpopmail vsftpd xferlog yum zz-fortune" && \ for i in $$UNNEEDED ; do \ rm -f /etc/log.d/{conf,scripts}/services/$$i{,.conf} /etc/log.d/conf/logfiles/$$i.conf; \ done rm -rf /etc/log.d/scripts/logfiles sed -i 's/df -h/df -h -x rootfs/' /etc/log.d/scripts/services/zz-disk_space for i in `find /etc/log.d -type f`; do \ sed -i 's/perl -w/perl/' $$i; \ done # The httpd log checker script considers any request containing the word # null to be an exploit attempt, reverse this behaviour as we have a # null.gif sed -i -e "/ 'null',/d" /etc/log.d/scripts/services/http chmod -R 755 /etc/log.d @rm -rf $(DIR_APP) @$(POSTBUILD)