From 4ba5ce853fd7f77b738102235f2449a38f7ad089 Mon Sep 17 00:00:00 2001 From: Erik Kapfer Date: Mon, 5 Feb 2018 17:05:26 +0100 Subject: [PATCH] NFsen: Including dependencies and additionals Included are. Nfsen: NfSen is a graphical web based front end for the nfdump netflow tools. Nfdump: A collecion of tools to process netflow data on the command line. Softflowd: A flow-based network traffic analyse. --- config/nfdump/netflow.init | 109 +++++++++ config/nfsen/nfsen-vhost.conf | 33 +++ config/nfsen/nfsen.conf | 308 +++++++++++++++++++++++++ config/nfsen/nfsen.init | 85 +++++++ config/rootfiles/packages/nfdump | 20 ++ config/rootfiles/packages/nfsen | 116 ++++++++++ config/rootfiles/packages/perl-Socket6 | 5 + config/rootfiles/packages/softflowd | 5 + config/softflowd/softflowd.init | 84 +++++++ lfs/nfdump | 105 +++++++++ lfs/nfsen | 104 +++++++++ lfs/perl-Socket6 | 83 +++++++ lfs/softflowd | 93 ++++++++ src/paks/nfdump/install.sh | 62 +++++ src/paks/nfdump/uninstall.sh | 59 +++++ src/paks/nfdump/update.sh | 26 +++ src/paks/nfsen/install.sh | 54 +++++ src/paks/nfsen/uninstall.sh | 47 ++++ src/paks/nfsen/update.sh | 26 +++ src/paks/softflowd/install.sh | 49 ++++ src/paks/softflowd/uninstall.sh | 41 ++++ src/paks/softflowd/update.sh | 26 +++ 22 files changed, 1540 insertions(+) create mode 100644 config/nfdump/netflow.init create mode 100644 config/nfsen/nfsen-vhost.conf create mode 100644 config/nfsen/nfsen.conf create mode 100644 config/nfsen/nfsen.init create mode 100644 config/rootfiles/packages/nfdump create mode 100644 config/rootfiles/packages/nfsen create mode 100644 config/rootfiles/packages/perl-Socket6 create mode 100644 config/rootfiles/packages/softflowd create mode 100644 config/softflowd/softflowd.init create mode 100644 lfs/nfdump create mode 100644 lfs/nfsen create mode 100644 lfs/perl-Socket6 create mode 100644 lfs/softflowd create mode 100644 src/paks/nfdump/install.sh create mode 100644 src/paks/nfdump/uninstall.sh create mode 100644 src/paks/nfdump/update.sh create mode 100644 src/paks/nfsen/install.sh create mode 100644 src/paks/nfsen/uninstall.sh create mode 100644 src/paks/nfsen/update.sh create mode 100644 src/paks/softflowd/install.sh create mode 100644 src/paks/softflowd/uninstall.sh create mode 100644 src/paks/softflowd/update.sh diff --git a/config/nfdump/netflow.init b/config/nfdump/netflow.init new file mode 100644 index 0000000000..bef012c443 --- /dev/null +++ b/config/nfdump/netflow.init @@ -0,0 +1,109 @@ +#!/bin/sh +############################################################################## +# Begin $rc_base/init.d/netflow +# +# Description: Starts fprobe flow collector and netflow capture daemon nfcapd +# +# +# Author : Erik Kapfer ; $date: 25.06.2017 +# +############################################################################## + +PATH=/sbin:/usr/sbin:/bin:/usr/bin + +# Port where fprobe and nfcapd communicates +PORT="23456"; + +# fprobe vars +DESCF="fprobe flow collector"; +NAMEF="fprobe"; +IFACE="any"; +ARGSF="-i ${IFACE} 127.0.0.1:${PORT} -p -c /var/empty"; +DAEMONF=$(which ${NAMEF}); + +# nfcap vars +DESCN="nfcapd capture daemon"; +NAMEN="nfcapd"; +ARGSN="-w -D -p ${PORT} -B 200000 -S 1 -z -I ipfire-server-any -l /var/netflow -u netflow -g netflow"; +DAEMONN=$(which ${NAMEN}); +PIDFILEN="/var/run/${NAMEN}.pid"; + +# Formatting and Colors +COLUMNS="$(tput cols)"; +R=$(tput setaf 1); +G=$(tput setaf 2); +B=$(tput setaf 6); +N=$(tput sgr0); +seperator(){ printf '%*s\n' "${COLUMNS:-$(tput cols)}" '' | tr ' ' -; }; + +. /etc/sysconfig/rc +. ${rc_functions} + +case "${1}" in + start) + boot_mesg "Starting ${DESCF}... "; + ${DAEMONF} ${ARGSF}; + evaluate_retval; + boot_mesg "Starting ${DESCN}... "; + ${DAEMONN} ${ARGSN}; + evaluate_retval; + ;; + + stop) + boot_mesg "Stopping ${DESCN}..."; + killproc ${DAEMONN}; + evaluate_retval; + boot_mesg "Stopping ${DESCF}"; + killproc ${DAEMONF}; + evaluate_retval; + ;; + + restart) + ${0} stop + sleep 1 + ${0} start + ;; + + status) + statusproc ${DAEMON} ${NAME} + ;; + + state) + if ps aux | grep -v grep | grep ${NAMEF} > /dev/null; then + seperator; + echo; + echo "${B}${NAMEF} ${G}${b}is running with:${N}"; + echo; + ps aux | grep -v grep | grep ${NAMEF}; + echo; + seperator; + else + seperator; + echo; + echo "${R}${b}${NAMEF} is NOT running... ${N}"; + echo; + seperator; + fi + + if ps aux | grep -v grep | grep ${NAMEN} > /dev/null; then + echo; + echo "${B}${NAMEN} ${G}${b}is running with:${N}"; + echo; + ps aux | grep -v grep | grep ${NAMEN}; + seperator; + else + echo; + echo "${R}${b}${NAMEN} is NOT running... ${N}"; + echo; + seperator; + fi + ;; + + *) + echo "Usage: ${0} {start|stop|restart|status|state}" + exit 1 + ;; +esac + +# End $rc_base/init.d/netflow + diff --git a/config/nfsen/nfsen-vhost.conf b/config/nfsen/nfsen-vhost.conf new file mode 100644 index 0000000000..40168053a7 --- /dev/null +++ b/config/nfsen/nfsen-vhost.conf @@ -0,0 +1,33 @@ +Listen 23456 + + SSLEngine on + SSLProtocol all -SSLv2 + SSLCipherSuite ALL:!ADH:!EXPORT56:!eNULL:!SSLv2:!RC4+RSA:+HIGH:+MEDIUM + SSLCertificateFile /etc/httpd/server.crt + SSLCertificateKeyFile /etc/httpd/server.key + + DocumentRoot "/srv/web/nfsen" + Include /etc/httpd/conf/conf.d/php*.conf + ErrorLog "/var/log/httpd/nfsen-error.log" + CustomLog "/var/log/httpd/nfsen-access.log" combined + + + Options +FollowSymlinks +Indexes + AllowOverride All + Order Allow,Deny + Allow from 192.168.0.1 + + + + + Order allow,deny + + Allow from 192.168.0.1 + + Satisfy All + + + + + + diff --git a/config/nfsen/nfsen.conf b/config/nfsen/nfsen.conf new file mode 100644 index 0000000000..32b0d79d90 --- /dev/null +++ b/config/nfsen/nfsen.conf @@ -0,0 +1,308 @@ +############################## +# +# NfSen master config file +# +# $Id: nfsen-dist.conf 22 2007-11-20 12:27:38Z phaag $ +# +# Configuration of NfSen: +# Set all the values to fit your NfSen setup and run the 'install.pl' +# script from the nfsen distribution directory. +# +# The syntax must conform to Perl syntax. +# +############################## +# +# NfSen default layout: +# Any scripts, modules or profiles are installed by default under $BASEDIR. +# However, you may change any of these settings to fit your requested layout. + +# +# Required for default layout +$BASEDIR = "/var/nfsen"; + +# +# Where to install the NfSen binaries +$BINDIR="${BASEDIR}/bin"; + +# +# Where to install the NfSen Perl modules +$LIBEXECDIR="${BASEDIR}/libexec"; + +# +# Where to install the config files +$CONFDIR="${BASEDIR}/etc"; + +# +# NfSen html pages directory: +# All php scripts will be installed here. +# URL: Entry point for nfsen: http:///nfsen/nfsen.php +$HTMLDIR = "/srv/web/nfsen/"; + +# +# Where to install the docs +$DOCDIR="${HTMLDIR}/doc"; + +# +# Var space for NfSen +$VARDIR="${BASEDIR}/var"; + +# directory for all pid files +# $PIDDIR="$VARDIR/run"; +# +# Filter directory +# FILTERDIR="${VARDIR}/filters"; +# + +# FORMATDIR for custom printing formats +# FORMATDIR="${VARDIR}/fmt"; +# + +# +# The Profiles stat directory, where all profile information +# RRD DBs and png pictures of the profile are stored +$PROFILESTATDIR="${BASEDIR}/profiles-stat"; + +# +# The Profiles directory, where all netflow data is stored +$PROFILEDATADIR="${BASEDIR}/profiles-data"; + +# +# Where go all the backend plugins +$BACKEND_PLUGINDIR="${BASEDIR}/plugins"; + +# +# Where go all the frontend plugins +$FRONTEND_PLUGINDIR="${HTMLDIR}/plugins"; + +# +# nfdump tools path +$PREFIX = '/usr/bin'; + +# +# nfsend communication socket +# $COMMSOCKET = "$PIDDIR/nfsen.comm"; + +# BASEDIR unrelated vars: +# +# Run nfcapd as this user +# This may be a different or the same uid than your web server. +# Note: This user must be in group $WWWGROUP, otherwise nfcapd +# is not able to write data files! +$USER = "netflow"; + +# user and group of the web server process +# All netflow processing will be done with this user +$WWWUSER = "nobody"; +$WWWGROUP = "nobody"; + +# Receive buffer size for nfcapd - see man page nfcapd(1) +$BUFFLEN = 200000; + +# list of extensions for each collector. See argument -T +# for nfcapd(1) for more detailes. +# defaults to empty -> compatible to nfdump-1.5.8 +# $EXTENSIONS = ''; +# Example: +# $EXTENSIONS = 'all'; +# $EXTENSIONS = '+3,+4'; +# +# Directory sub hierarchy layout: +# Possible layouts: +# +# 0 default no hierachy levels - flat layout - compatible with pre NfSen versions +# 1 %Y/%m/%d year/month/day +# 2 %Y/%m/%d/%H year/month/day/hour +# 3 %Y/%W/%u year/week_of_year/day_of_week +# 4 %Y/%W/%u/%H year/week_of_year/day_of_week/hour +# 5 %Y/%j year/day-of-year +# 6 %Y/%j/%H year/day-of-year/hour +# 7 %Y-%m-%d year-month-day +# 8 %Y-%m-%d/%H year-month-day/hour +$SUBDIRLAYOUT = 1; + +# Compress flows while collecting 0 or 1 +$ZIPcollected = 1; + +# Compress flows in profiles 0 or 1 +$ZIPprofiles = 1; + +# Interrupt expire -- not yet enabled as not yet fully tested +#$InterruptExpire = 0; + +# number of nfprofile processes to spawn during the profiling phase +# depends on how busy your system is and how many CPUs you have +# on very busy systems increase it to a higher value +#$PROFILERS = 2; + +# if the PROFILEDATADIR is filled up to this percentage, a warning message will be printed. +# set to 0 to disable the test +$DISKLIMIT = 98; + +# number of nfprofile processes to spawn during the profiling phase +$PROFILERS = 6; + +# Some Perl Versions/Builds have memory leaks for unknown reason. +# Therefore nfsend will increase its memory footprint over time. +# In order to reset nfsend, it automatically reloads after 1 day +# if PERL_HAS_MEMLEAK is set to 1 +# $PERL_HAS_MEMLEAK=0; + +# Netflow sources +# Define an ident string, port and colour per netflow source +# +# Required parameters: +# ident identifies this netflow source. e.g. the router name, +# Upstream provider name etc. +# port nfcapd listens on this port for netflow data for this source +# set port to '0' if you do not want a collector to be started +# col colour in nfsen graphs for this source +# +# Optional parameters +# type Collector type needed for this source. Can be 'netflow' or 'sflow'. Default is netflow +# optarg Optional args to the collector at startup +# +# Syntax: +# 'ident' => { 'port' => '', 'col' => '', 'type' => '' } +# Ident strings must be 1 to 19 characters long only, containing characters [a-zA-Z0-9_]. + +%sources = ( + 'ipfire' => { 'port' => '65432', 'IP' => '127.0.0.1', 'col' => '#0000ff', 'type' => 'netflow' }, +); + +# +# Low water mark: When expiring files, delete files until +# size = $low_water % of max_size +# typically 90 +$low_water = 90; + +# +# syslog facility for periodic jobs +# nfsen uses level 'debug', 'info', 'warning' and 'err' +# Note: nfsen is very chatty for level 'debug' and 'info' +# For normal operation, you may set the logging level in syslog.conf +# to warning or error unless you want to debug NfSen +$syslog_facility = 'local3'; + +# +# SYSLOG mess +# Log socket type: Most *NIX such as LINUX and *BSD are fine with 'unix' +# which is the default. You need to change that to 'stream' or 'inet' for +# some Solaris version 8/9, AIX and others .. +# You may set it to undef to prevent calling Sys::Syslog::setlogsock at all +# ( works for Solaris 10 and newer Sys::Syslog module +# +# If not defined at all, 'unix' is assumed unless for Solaris, which defaults to 'stream' +# $LogSocket = 'unix'; + +# +# Plugins +# Plugins extend NfSen for the purpose of: +# Periodic data processing, alerting-condition and alerting-action +# For data processing a plugin may run for any profile or for a specific profile only. +# Syntax: [ 'profile list', 'module' ] +# profile list: ',' separated list of profiles ( 'profilegroup/profilename' ), +# or '*' for any profile, '!' for no profile +# module: Perl Module name, equal to plugin name +# The profile list '!' make sense for plugins, which only provide alerting functions +# +# The module follows the standard Perl module conventions, with at least one +# function: Init(). See demoplugin.pm for a simple template. +# +# A file with the same name in the FRONTEND_PLUGINDIR and .php extension is automatically +# recongized as frontend plugin. +# +# Plugins are installed under +# $BACKEND_PLUGINDIR and $FRONTEND_PLUGINDIR + +@plugins = ( + # profile # module + # [ '*', 'demoplugin' ], +); + +%PluginConf = ( + # For plugin demoplugin + demoplugin => { + # scalar + param2 => 42, + # hash + param1 => { 'key' => 'value' }, + }, + # for plugin otherplugin + otherplugin => [ + # array + 'mary had a little lamb' + ], +); + +# +# Alert module: email alerting: +# Use this from address +$MAIL_FROM = 'your@from.example.net'; + +# Use this SMTP server +$SMTP_SERVER = 'localhost'; + +# Use this email body: +# You may have multiple lines of text. +# Var substitution: +# @alert@ replaced by alert name +# @timeslot@ replaced by timeslot alert triggered +$MAIL_BODY = q{ +Alert '@alert@' triggered at timeslot @timeslot@ +}; + +###################################################### +# +# For the NfSen simulator include the section below. +# +###################################################### +# +# Nfsen Simulator +# The simulator requires, that you have already installed +# and configured NfSen. The simulation is based on already +# pre-colleted data, which you may get from another live +# NfSen system. +# +# Steps to setup the NfSen simulator: +# 1. Configure the sources of the live profile with the +# same names of the NfSen system, you take netflow data +# for the simulation. Set the port for each netflow source +# to 0 to prevent a collector to be started. +# Install NfSen with this config in a seperate directory +# 2. Copy the pre-collected data into the appropriate +# netflow directory of the live profile. +# 3. Configure the simulator using the parameters below +# Enable Simulation mode => $SIMmode = 1 +# Configure the time window of the pre-collected data. +# tstart => Start of time window. yyyymmddhhmm +# tbegin => Optional parameter. Start of simulation +# profile exists already between tstart - tbegin +# tend => End of time window. yyyymmddhhmm +# cycletime => simulation time in seconds of a 5min slot +# Setting cycletime = 0 processes the cycles as fast as +# possible. Please note, if you test plugings, your +# cycletime needs to be at least the time required to +# process all plugins. +# 4. Start nfsen: ../nfsen start +# Simulation starts +# +# The simulator runs from tstart to tend and stops when tend +# is reached. You may stop the simulation at any given time +# using ./nfsen stop. To continue the simulation start NfSen +# again: ./nfsen start. You may reset the simulator at any +# given time using ./nfsen abort-reset. This stops the sumulation +# and rolls back to tstart. All profiles/alerts are deleted, +# so you may start from scratch again. +# +# Configure simulator parameters +# +# $SIMmode = 1; +# %sim = ( +# 'tstart' => '200707100000', # Simulation data available from July 10th 2007 00:00 +# 'tbegin' => '200707110000', # Simulation begins at July 11th 2007 00:00 +# 'tend' => '200707112355', # Simulation ends at July 11th 2007 23:55 +# 'cycletime' => '30', # 30s per 5min slot +# ); + +1; + diff --git a/config/nfsen/nfsen.init b/config/nfsen/nfsen.init new file mode 100644 index 0000000000..22b4a57bdf --- /dev/null +++ b/config/nfsen/nfsen.init @@ -0,0 +1,85 @@ +#!/bin/sh +############################################################################## +# Begin $rc_base/init.d/nfsen +# +# Description: Collects, orders and displays data collected from nfcapd +# and printed via nfdump +# +# +# Author : Erik Kapfer ; $date: 25.06.2017 +# +############################################################################## + +# fprobe vars +DESC="NFsen grafical web based frontend for nfdump netflow tools"; +NAME="nfsen"; +BIN="/var/${NAME}/bin/${NAME}"; +CONF="/var/${NAME}/etc/nfsen.conf"; + +# Check for dependencies +#Check if fprobe is running +if ! pgrep fprobe > /dev/null; then + echo "Fprobe is not running, won´t get results. Will Quit now"; + exit 1; +fi +# Check that fprobs port is equal to NFsens nfcapd configuration +FPROBEPORTCHECK=$(ps aux | grep -v grep | grep fprobe | awk -F":" '{ print $4 }' | grep -o '[0-9]*'); +NFSENPORT=$(awk -F"'" '/ipfire/ { print $6 }' ${CONF}); +if [ "${FPROBEPORTCHECK}" != "${NFSENPORT}" ]; then + sed -i "s/PORT=\".*/PORT=\"${NFSENPORT}\"/" /etc/rc.d/init.d/fprobe; + echo "Have changed fprobes port to NFsens nfcapd port. Will restart fprobe now... "; + sleep 3; + /etc/init.d/fprobe restart; +fi + + +. /etc/sysconfig/rc +. ${rc_functions} + +case "${1}" in + start) + boot_mesg "Starting ${DESC}... "; + ${BIN} start; + ;; + + stop) + boot_mesg "Stopping ${DESC}"; + ${BIN} stop; + ;; + + restart) + ${0} stop + sleep 1 + ${0} start + ;; + + reconfigure) + ${BIN} reconfig; + ;; + + status) + ${BIN} status; + ;; + + state) + if ps aux | grep -v grep | grep -v state | grep ${NAME} > /dev/null; then + echo; + echo "${NAME} is running with:"; + echo; + ps aux | grep -v grep | grep -v state | grep ${NAME}; + echo; + else + echo; + echo "${NAME} is NOT running..."; + echo; + fi + ;; + + *) + echo "Usage: ${0} {start|stop|restart|status|state|reconfigure}" + exit 1 + ;; +esac + +# End $rc_base/init.d/nfsen + diff --git a/config/rootfiles/packages/nfdump b/config/rootfiles/packages/nfdump new file mode 100644 index 0000000000..4078389a75 --- /dev/null +++ b/config/rootfiles/packages/nfdump @@ -0,0 +1,20 @@ +#etc/rc.d/init.d/netflow +usr/bin/ft2nfdump +usr/bin/nfanon +usr/bin/nfcapd +usr/bin/nfdump +usr/bin/nfexpire +usr/bin/nfpcapd +usr/bin/nfprofile +usr/bin/nfreplay +usr/bin/nftrack +usr/bin/sfcapd +#usr/share/man/man1/ft2nfdump.1 +#usr/share/man/man1/nfanon.1 +#usr/share/man/man1/nfcapd.1 +#usr/share/man/man1/nfdump.1 +#usr/share/man/man1/nfexpire.1 +#usr/share/man/man1/nfprofile.1 +#usr/share/man/man1/nfreplay.1 +#usr/share/man/man1/sfcapd.1 +var/netflow diff --git a/config/rootfiles/packages/nfsen b/config/rootfiles/packages/nfsen new file mode 100644 index 0000000000..c8a84d484c --- /dev/null +++ b/config/rootfiles/packages/nfsen @@ -0,0 +1,116 @@ +etc/httpd/conf/vhosts.d/nfsen.conf +etc/rc.d/init.d/nfsen +#srv/web/nfsen +srv/web/nfsen/alerting.php +srv/web/nfsen/colour_palette.html +srv/web/nfsen/colour_picker.html +srv/web/nfsen/conf.php +#srv/web/nfsen/css +srv/web/nfsen/css/alerting.css +srv/web/nfsen/css/detail.css +srv/web/nfsen/css/lookup.css +srv/web/nfsen/css/nfsen.css +srv/web/nfsen/css/profileadmin.css +srv/web/nfsen/details.php +#srv/web/nfsen/icons +srv/web/nfsen/icons/EmptyGraph.png +srv/web/nfsen/icons/Error.png +srv/web/nfsen/icons/ErrorGraph.png +srv/web/nfsen/icons/arrow.blue.down.png +srv/web/nfsen/icons/arrow.blue.right.png +srv/web/nfsen/icons/arrow.yellow.down.png +srv/web/nfsen/icons/arrow.yellow.right.png +srv/web/nfsen/icons/cancel.png +srv/web/nfsen/icons/close.png +srv/web/nfsen/icons/cursor-line.png +srv/web/nfsen/icons/cursor-start.png +srv/web/nfsen/icons/cursor-stop.png +srv/web/nfsen/icons/edit.png +srv/web/nfsen/icons/help.png +srv/web/nfsen/icons/invisible.png +srv/web/nfsen/icons/minus.png +srv/web/nfsen/icons/ok.png +srv/web/nfsen/icons/plus.png +srv/web/nfsen/icons/progress.png +srv/web/nfsen/icons/save.png +srv/web/nfsen/icons/shade.gif +srv/web/nfsen/icons/shade.png +srv/web/nfsen/icons/shadeactive.png +srv/web/nfsen/icons/space.png +srv/web/nfsen/icons/spyglas.png +srv/web/nfsen/icons/trash.png +srv/web/nfsen/icons/trigger.png +#srv/web/nfsen/js +srv/web/nfsen/js/ColorPicker2.js +srv/web/nfsen/js/alerting.js +srv/web/nfsen/js/detail.js +srv/web/nfsen/js/global.js +srv/web/nfsen/js/menu.js +srv/web/nfsen/js/profileadmin.js +srv/web/nfsen/lookup.php +srv/web/nfsen/navigator.php +srv/web/nfsen/nfsen.php +srv/web/nfsen/nfsenutil.php +srv/web/nfsen/overview.php +srv/web/nfsen/pic.php +#srv/web/nfsen/plugins +srv/web/nfsen/plugins/demoplugin.php +srv/web/nfsen/process.php +srv/web/nfsen/profileadmin.php +srv/web/nfsen/rrdgraph.php +#var/cache/fontconfig/0251a5afa6ac727a1e32b7d4d4aa7cf0-le32d4.cache-7 +#var/cache/fontconfig/2f090052c98d24fe2fea1808cf349b60-le32d4.cache-7 +#var/cache/fontconfig/3830d5c3ddfd5cd38a049b759396e72e-le32d4.cache-7 +var/nfsen +var/nfsen/bin +var/nfsen/bin/RebuildHierarchy.pl +var/nfsen/bin/nfsen +var/nfsen/bin/nfsend +var/nfsen/bin/testPlugin +#var/nfsen/etc +var/nfsen/etc/nfsen-dist.conf +var/nfsen/etc/nfsen.conf +#var/nfsen/libexec +var/nfsen/libexec/AbuseWhois.pm +var/nfsen/libexec/Log.pm +var/nfsen/libexec/Lookup.pm +var/nfsen/libexec/NfAlert.pm +var/nfsen/libexec/NfConf.pm +var/nfsen/libexec/NfProfile.pm +var/nfsen/libexec/NfSen.pm +var/nfsen/libexec/NfSenRC.pm +var/nfsen/libexec/NfSenRRD.pm +var/nfsen/libexec/NfSenSim.pm +var/nfsen/libexec/Nfcomm.pm +var/nfsen/libexec/Nfsources.pm +var/nfsen/libexec/Nfsync.pm +var/nfsen/libexec/Notification.pm +#var/nfsen/plugins +var/nfsen/plugins/demoplugin.pm +var/nfsen/plugins/smily.jpg +#var/nfsen/profiles-data +#var/nfsen/profiles-data/live +#var/nfsen/profiles-data/live/ipfire +var/nfsen/profiles-data/live/ipfire/.nfstat +#var/nfsen/profiles-stat +var/nfsen/profiles-stat/hints +#var/nfsen/profiles-stat/live +var/nfsen/profiles-stat/live/flows-day.png +var/nfsen/profiles-stat/live/flows-month.png +var/nfsen/profiles-stat/live/flows-week.png +var/nfsen/profiles-stat/live/flows-year.png +var/nfsen/profiles-stat/live/ipfire.rrd +var/nfsen/profiles-stat/live/packets-day.png +var/nfsen/profiles-stat/live/packets-month.png +var/nfsen/profiles-stat/live/packets-week.png +var/nfsen/profiles-stat/live/packets-year.png +var/nfsen/profiles-stat/live/profile.dat +var/nfsen/profiles-stat/live/traffic-day.png +var/nfsen/profiles-stat/live/traffic-month.png +var/nfsen/profiles-stat/live/traffic-week.png +var/nfsen/profiles-stat/live/traffic-year.png +var/nfsen/var +var/nfsen/var/filters +var/nfsen/var/fmt +var/nfsen/var/run +var/nfsen/var/tmp diff --git a/config/rootfiles/packages/perl-Socket6 b/config/rootfiles/packages/perl-Socket6 new file mode 100644 index 0000000000..6f10a9bf1b --- /dev/null +++ b/config/rootfiles/packages/perl-Socket6 @@ -0,0 +1,5 @@ +usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/Socket6.pm +#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Socket6 +#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Socket6/.packlist +#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Socket6/Socket6.bs +usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Socket6/Socket6.so diff --git a/config/rootfiles/packages/softflowd b/config/rootfiles/packages/softflowd new file mode 100644 index 0000000000..d9960d8c00 --- /dev/null +++ b/config/rootfiles/packages/softflowd @@ -0,0 +1,5 @@ +etc/rc.d/init.d/softflowd +usr/sbin/softflowctl +usr/sbin/softflowd +#usr/share/man/man8/softflowctl.8 +#usr/share/man/man8/softflowd.8 diff --git a/config/softflowd/softflowd.init b/config/softflowd/softflowd.init new file mode 100644 index 0000000000..22ec6e4049 --- /dev/null +++ b/config/softflowd/softflowd.init @@ -0,0 +1,84 @@ +#!/bin/sh +################################################################################################### +# Begin $rc_base/init.d/softflowd +# +# Description: starts|stops|restarts|states softflowd flow collector as a netflow capture daemon +# +# +# Author : Erik Kapfer ; $date: 05.07.2017 +# +#################################################################################################### + +# fprobe vars +DESC="softflowd flow collector"; +NAME="softflowd"; +DAEMON=$(which ${NAME}); + +## Set 1 start +PORT1="65432"; +HOST1="127.0.0.1"; +IFACE1="any"; +MLIFEMINUTE1="5"; +MLIFE1="maxlife=${MLIFEMINUTE1}m" +VER1="9"; +ARGS1="-n ${HOST1}:${PORT1} -i ${IFACE1} -t ${MLIFE1} -v ${VER1}"; +## Set 1 stop + +## Set 2 start +PORT2=""; +HOST2=""; +IFACE2=""; +MLIFEMINUTE2=""; +MLIFE2="maxlife=${MLIFEMINUTE1}m" +VER2=""; +ARGS2="-n ${HOST2}:${PORT2} -i ${IFACE2} -t ${MLIFE2} -v ${VER2}"; +## Set 2 stop + +. /etc/sysconfig/rc +. ${rc_functions} + +case "${1}" in + start) + boot_mesg "Starting ${DESC}... "; + ${DAEMON} ${ARGS1}; + evaluate_retval; + ;; + + stop) + boot_mesg "Stopping ${DESC}"; + killproc ${DAEMON}; + evaluate_retval; + ;; + + restart) + ${0} stop + sleep 1 + ${0} start + ;; + + status) + statusproc ${DAEMON} ${NAME} + ;; + + state) + if ps aux | grep -v grep | grep -v state | grep ${NAME} > /dev/null; then + echo; + echo "${NAME} is running with:"; + echo; + ps aux | grep -v grep | grep -v state | grep ${NAME}; + echo; + else + echo; + echo "${NAME} is NOT running... "; + echo; + fi + ;; + + *) + echo "Usage: ${0} {start|stop|restart|status|state}" + exit 1 + ;; +esac + +# End $rc_base/init.d/softflowd + diff --git a/lfs/nfdump b/lfs/nfdump new file mode 100644 index 0000000000..cd8043eca6 --- /dev/null +++ b/lfs/nfdump @@ -0,0 +1,105 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2017 IPFire Team # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 1.6.13 + +THISAPP = nfdump-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) +PROG = nfdump +PAK_VER = 1 + +DEPS = "fprobe" + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = f5e916049aec1b531c63303b92270d42 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +dist: + @$(PAK) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && ./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --localstatedir=/var/netflow \ + --enable-nftrack \ + --enable-sflow \ + --enable-nfpcapd \ + --enable-nsel \ + --enable-ftconv \ + --with-ftpath=/usr \ + --enable-nfprofile + + # Add data dir + -mkdir -v /var/netflow + chmod 750 /var/netflow + + # Initscript + cp -vf $(DIR_CONF)/nfdump/netflow.init /etc/rc.d/init.d/netflow + chmod 754 /etc/rc.d/init.d/netflow + chown root:root /etc/rc.d/init.d/netflow + + cd $(DIR_APP) && make $(MAKETUNING) + cd $(DIR_APP) && make install + + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/lfs/nfsen b/lfs/nfsen new file mode 100644 index 0000000000..2531207fe6 --- /dev/null +++ b/lfs/nfsen @@ -0,0 +1,104 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2017 IPFire Team # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 1.3.8 + +THISAPP = nfsen-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) +PROG = nfsen +PAK_VER = 1 + +DEPS = "fprobe nfdump" + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = fc45b3f44a66c2ed65d1269e479c2414 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +dist: + @$(PAK) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + + # Add NFsen directory + -mkdir -v /var/nfsen + chown root:root /var/nfsen + chmod 750 /var/nfsen + # Add -T switch patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/nfsen-1.3.8_t_switch-Hash_ref.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/nfsen-1.3.8_HASH_ref.patch + # Integrate IPFire specific nfsen config + cp -vf $(DIR_CONF)/nfsen/nfsen.conf $(DIR_APP)/etc + # Integrate vhost + cp -vf $(DIR_CONF)/nfsen/nfsen-vhost.conf /etc/httpd/conf/vhosts.d/nfsen.conf + chown root:root /etc/httpd/conf/vhosts.d/nfsen.conf + chmod 644 /etc/httpd/conf/vhosts.d/nfsen.conf + # Integrate initscript + cp $(DIR_CONF)/nfsen/nfsen.init /etc/rc.d/init.d/nfsen + chmod 754 /etc/rc.d/init.d/nfsen + chown root:root /etc/rc.d/init.d/nfsen + # Add user + #useradd -M -s /bin/false -G nobody netflow; + # Install NFsen + cd $(DIR_APP) && yes "" | ./install.pl etc/nfsen.conf + + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/lfs/perl-Socket6 b/lfs/perl-Socket6 new file mode 100644 index 0000000000..7e9b564cd1 --- /dev/null +++ b/lfs/perl-Socket6 @@ -0,0 +1,83 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2017 IPFire Team # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 0.19 + +THISAPP = Socket6-$(VER) +DL_FILE = ${THISAPP}.tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) +PROG = perl-Socket6 +DEPS = "" +PAK_VER = 1 + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = 35e4bb7e09ca3154a44bcaa8959780a2 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +dist: + @$(PAK) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && perl Makefile.PL + cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE) + cd $(DIR_APP) && make install + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/lfs/softflowd b/lfs/softflowd new file mode 100644 index 0000000000..9f7f52e88b --- /dev/null +++ b/lfs/softflowd @@ -0,0 +1,93 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2017 IPFire Team # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 0.9.9 + +THISAPP = softflowd-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) +PROG = softflowd +PAK_VER = 1 + +DEPS = "" + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = ba83e2715e6250e6645ebcaa9ae1009d + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +dist: + @$(PAK) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && ./configure \ + --prefix=/usr \ + --with-chrootdir=/var/empty + + # Initscript + cp -vf $(DIR_CONF)/softflowd/softflowd.init /etc/rc.d/init.d/softflowd + chmod 754 /etc/rc.d/init.d/softflowd + chown root:root /etc/rc.d/init.d/softflowd + + cd $(DIR_APP) && make $(MAKETUNING) + cd $(DIR_APP) && make install + + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/src/paks/nfdump/install.sh b/src/paks/nfdump/install.sh new file mode 100644 index 0000000000..1978705466 --- /dev/null +++ b/src/paks/nfdump/install.sh @@ -0,0 +1,62 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2007 IPFire-Team . # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +BIN="netflow"; +extract_files +restore_backup ${NAME} + +# Check for existing symlinks delete them if presant and create new one +symlinkadd_funct() { + # Possible runlevel ranges + SO="[7-9][0-9]"; + SA="[3-5][0-9]"; + RE="[7-9][0-9]"; + # Search free runlevel + STOP=$(ls /etc/rc.d/rc0.d/ | sed -e 's/[^0-9]//g' | awk '$1!=p+1{print p+1" "$1-1}{p=$1}' | sed -e '1d' | tr ' ' '\n' | grep -E "${SO}" | head -1); + START=$(ls /etc/rc.d/rc3.d/ | sed -e 's/[^0-9]//g' | awk '$1!=p+1{print p+1" "$1-1}{p=$1}' | sed -e '1d' | tr ' ' '\n' | grep -E "${SA}" | head -1); + REBOOT=$(ls /etc/rc.d/rc6.d/ | sed -e 's/[^0-9]//g' | awk '$1!=p+1{print p+1" "$1-1}{p=$1}' | sed -e '1d' | tr ' ' '\n' | grep -E "${RE}" | head -1); + ## Add symlinks + ln -s ../init.d/${BIN} /etc/rc.d/rc0.d/K${STOP}${BIN}; + ln -s ../init.d/${BIN} /etc/rc.d/rc3.d/S${START}${BIN}; + ln -s ../init.d/${BIN} /etc/rc.d/rc6.d/K${REBOOT}${BIN}; +} + +# Add data dir if no already there +if [ ! -e /var/netflow ]; then + mkdir /var/netflow; +fi + +# Add user if not already presant +if ! grep -q 'netflow' /etc/passwd; then + useradd -M -s /bin/false -G nobody netflow; +fi + +# Change permissions +chown -R netflow:netflow /var/netflow; + +# Add symlinks but only without NFsen +symlinkadd_funct; + +# EOF + diff --git a/src/paks/nfdump/uninstall.sh b/src/paks/nfdump/uninstall.sh new file mode 100644 index 0000000000..0bbeb92de7 --- /dev/null +++ b/src/paks/nfdump/uninstall.sh @@ -0,0 +1,59 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2007 IPFire-Team . # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +/etc/init.d/netflow stop +extract_backup_includes +make_backup ${NAME} + +# Delet symlinks function +symlinkdel_funct(){ + ls /etc/rc.d/rc?.d | grep 'nfdump' > /dev/null 2>&1 + if [ "$?" = "0" ]; then + rm -rfv /etc/rc.d/rc?.d/*nfdump; + fi +} + +# Delete files +rm -rfv \ +/usr/bin/nfanon \ +/usr/bin/nfcapd \ +/usr/bin/nfdump \ +/usr/bin/nfexpire \ +/usr/bin/nfpcapd \ +/usr/bin/nfprofile \ +/usr/bin/nfreplay \ +/usr/bin/nftrack \ +/usr/bin/sfcapd \ +/var/netflow +/etc/rc.d/init.d/netflow + +# Delet symlinks if presant +symlinkdel_funct; + +# Delete user and group if presant +if grep -q 'netflow' /etc/passwd; then + userdel netflow; +fi + +# EOF diff --git a/src/paks/nfdump/update.sh b/src/paks/nfdump/update.sh new file mode 100644 index 0000000000..89c40d0d7c --- /dev/null +++ b/src/paks/nfdump/update.sh @@ -0,0 +1,26 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2007 IPFire-Team . # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +./uninstall.sh +./install.sh diff --git a/src/paks/nfsen/install.sh b/src/paks/nfsen/install.sh new file mode 100644 index 0000000000..5eca3830c8 --- /dev/null +++ b/src/paks/nfsen/install.sh @@ -0,0 +1,54 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2007 IPFire-Team . # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh + +# Prepare the permissions +# Add data dir if no already there +if [ ! -e /var/nfsen ]; then mkdir /var/nfsen; fi +# Add user if not already presant +if ! grep -q 'netflow' /etc/passwd; then useradd -M -s /bin/false -G nobody netflow; fi +# Check if user is member of nobody +if ! grep 'nobody:x:99:netflow' /etc/group > /dev/null; then usermod -a -G nobody netflow; fi + +extract_files +restore_backup ${NAME} +BIN="nfsen"; + +# Check for existing symlinks delete them if presant and create new one +symlinkadd_funct() { + # Possible runlevel ranges + SO="[7-9][0-9]"; + SA="[1-8][0-9]"; + RE="[7-9][0-9]"; + # Search free runlevel + STOP=$(ls /etc/rc.d/rc0.d/ | sed -e 's/[^0-9]//g' | awk '$1!=p+1{print p+1" "$1-1}{p=$1}' | sed -e '1d' | tr ' ' '\n' | grep -E "${SO}" | head -1); + START=$(ls /etc/rc.d/rc3.d/ | sed -e 's/[^0-9]//g' | awk '$1!=p+1{print p+1" "$1-1}{p=$1}' | sed -e '1d' | tr ' ' '\n' | grep -E "${SA}" | head -1); + REBOOT=$(ls /etc/rc.d/rc6.d/ | sed -e 's/[^0-9]//g' | awk '$1!=p+1{print p+1" "$1-1}{p=$1}' | sed -e '1d' | tr ' ' '\n' | grep -E "${RE}" | head -1); + ## Add symlinks + ln -s ../init.d/${BIN} /etc/rc.d/rc0.d/K${STOP}${BIN}; + ln -s ../init.d/${BIN} /etc/rc.d/rc3.d/S${START}${BIN}; + ln -s ../init.d/${BIN} /etc/rc.d/rc6.d/K${REBOOT}${BIN}; +} + +# EOF diff --git a/src/paks/nfsen/uninstall.sh b/src/paks/nfsen/uninstall.sh new file mode 100644 index 0000000000..dc74c7c777 --- /dev/null +++ b/src/paks/nfsen/uninstall.sh @@ -0,0 +1,47 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2007 IPFire-Team . # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +stop_service ${NAME} +extract_backup_includes +make_backup ${NAME} +remove_files + +# Delet symlinks function +symlinkdel_funct(){ + ls /etc/rc.d/rc?.d | grep 'nfsen' > /dev/null 2>&1 + if [ "$?" = "0" ]; then + rm -rfv /etc/rc.d/rc?.d/*nfsen*; + fi +} + +# Delete files +rm -rfv \ +/srv/web/nfsen \ +/etc/rc.d/init.d/nfsen \ +/var/nfsen + +# Delet symlinks if presant +symlinkdel_funct; + +# EOF diff --git a/src/paks/nfsen/update.sh b/src/paks/nfsen/update.sh new file mode 100644 index 0000000000..89c40d0d7c --- /dev/null +++ b/src/paks/nfsen/update.sh @@ -0,0 +1,26 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2007 IPFire-Team . # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +./uninstall.sh +./install.sh diff --git a/src/paks/softflowd/install.sh b/src/paks/softflowd/install.sh new file mode 100644 index 0000000000..0fa9fdf93d --- /dev/null +++ b/src/paks/softflowd/install.sh @@ -0,0 +1,49 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2007 IPFire-Team . # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +extract_files +restore_backup ${NAME} + +BIN="softflowd"; + +# Check for existing symlinks delete them if presant and create new one +symlinkadd_funct() { + # Possible runlevel ranges + SO="[8-9][0-9]"; + SA="[5-7][0-9]"; + RE="[8-9][0-9]"; + # Search free runlevel + STOP=$(ls /etc/rc.d/rc0.d/ | sed -e 's/[^0-9]//g' | awk '$1!=p+1{print p+1" "$1-1}{p=$1}' | sed -e '1d' | tr ' ' '\n' | grep -E "${SO}" | head -1); + START=$(ls /etc/rc.d/rc3.d/ | sed -e 's/[^0-9]//g' | awk '$1!=p+1{print p+1" "$1-1}{p=$1}' | sed -e '1d' | tr ' ' '\n' | grep -E "${SA}" | head -1); + REBOOT=$(ls /etc/rc.d/rc6.d/ | sed -e 's/[^0-9]//g' | awk '$1!=p+1{print p+1" "$1-1}{p=$1}' | sed -e '1d' | tr ' ' '\n' | grep -E "${RE}" | head -1); +# ## Add symlinks + ln -s ../init.d/${BIN} /etc/rc.d/rc0.d/K${STOP}${BIN}; + ln -s ../init.d/${BIN} /etc/rc.d/rc3.d/S${START}${BIN}; + ln -s ../init.d/${BIN} /etc/rc.d/rc6.d/K${REBOOT}${BIN}; +} + +symlinkadd_funct; + + +# EOF diff --git a/src/paks/softflowd/uninstall.sh b/src/paks/softflowd/uninstall.sh new file mode 100644 index 0000000000..738b4e47b9 --- /dev/null +++ b/src/paks/softflowd/uninstall.sh @@ -0,0 +1,41 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2007 IPFire-Team . # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +stop_service ${NAME} +extract_backup_includes +make_backup ${NAME} +remove_files + +# Delet symlinks function +symlinkdel_funct(){ + ls /etc/rc.d/rc?.d | grep 'softflowd' > /dev/null 2>&1 + if [ "$?" = "0" ]; then + rm -rfv /etc/rc.d/rc?.d/*softflowd; + fi +} + +rm -rvf /usr/sbin/softflowctl /usr/sbin/softflowd /etc/rc.d/init.d/softflowd; +symlinkdel_funct; + +# EOF diff --git a/src/paks/softflowd/update.sh b/src/paks/softflowd/update.sh new file mode 100644 index 0000000000..89c40d0d7c --- /dev/null +++ b/src/paks/softflowd/update.sh @@ -0,0 +1,26 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2007 IPFire-Team . # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +./uninstall.sh +./install.sh -- 2.47.2