Added scanlogd, thanks to Stephen Rose for his work

SVN-Revision: 3186
2006-02-07 23:00:19 +00:00 · 2006-02-07 23:00:19 +00:00 · 36edc78288
commit 36edc78288
parent 592c60778f
7 changed files with 104 additions and 0 deletions
--- a/openwrt/package/Config.in
+++ b/openwrt/package/Config.in
@ -122,6 +122,7 @@ source "package/rp-pppoe/Config.in"
 source "package/rrs/Config.in"
 source "package/rsync/Config.in"
 source "package/samba/Config.in"
+source "package/scanlogd/Config.in"
 source "package/scdp/Config.in"
 source "package/shat/Config.in"
 source "package/siproxd/Config.in"
--- a/openwrt/package/Makefile
+++ b/openwrt/package/Makefile
@ -192,6 +192,7 @@ package-$(BR2_PACKAGE_SABLEVM) += sablevm
 package-$(BR2_COMPILE_SABLEVM_CLASSPATH) += sablevm-classpath
 package-$(BR2_COMPILE_SAMBA) += samba
 package-$(BR2_PACKAGE_SANE_BACKENDS) += sane-backends
+package-$(BR2_PACKAGE_SCANLOGD) += scanlogd
 package-$(BR2_PACKAGE_SCDP) += scdp
 package-$(BR2_PACKAGE_SCREEN) += screen
 package-$(BR2_PACKAGE_SDK) += sdk
@ -342,6 +343,7 @@ endif
 rrdtool-compile: cgilib-compile freetype-compile libart-compile libpng-compile
 rrdtool1-compile: zlib-compile
 rsync-compile: popt-compile
+scanlogd-compite: libpcap-compile libnids-compile libnet-compile
 scdp-compile: libnet-compile
 screen-compile: ncurses-compile
 siproxd-compile: libosip2-compile
--- a/openwrt/package/scanlogd/Config.in
+++ b/openwrt/package/scanlogd/Config.in
@ -0,0 +1,14 @@
+config BR2_PACKAGE_SCANLOGD
+	prompt "scanlogd.......................... a port scan detection tool"
+	tristate
+	select BR2_PACKAGE_LIBPCAP
+	select BR2_PACKAGE_LIBNET
+	select BR2_PACKAGE_LIBNIDS
+	default m if CONFIG_DEVEL
+	help
+	  Scanlogd is a TCP port scan detection tool, originally designed 
+	  to illustrate various attacks an IDS developer has to deal with.  
+	  Thus, unlike some of the other port scan detection tools out there, 
+	  scanlogd is designed to be totally safe to use.
+
+	  http://www.openwall.com/scanlogd
--- a/openwrt/package/scanlogd/Makefile
+++ b/openwrt/package/scanlogd/Makefile
@ -0,0 +1,42 @@
+# $Id: Makefile,v 1.1 2005/06/11 11:40:04 wbx Exp $
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=scanlogd
+PKG_VERSION:=2.2.5
+PKG_RELEASE:=1
+PKG_MD5SUM:=6b53ad390a51f0835e66b1efa84d710a
+
+PKG_SOURCE_URL:=http://www.openwall.com/scanlogd/
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_CAT:=zcat
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
+PKG_INSTALL_DIR:=$(PKG_BUILD_DIR)/ipkg-install
+
+include $(TOPDIR)/package/rules.mk
+
+$(eval $(call PKG_template,SCANLOGD,scanlogd,$(PKG_VERSION)-$(PKG_RELEASE),$(ARCH)))
+
+$(PKG_BUILD_DIR)/.configured:
+	$(SED) "s,/var/empty,/tmp/.scanlogd," $(PKG_BUILD_DIR)/params.h
+	touch $@
+
+$(PKG_BUILD_DIR)/.built:
+	$(MAKE) -C $(PKG_BUILD_DIR) \
+		$(TARGET_CONFIGURE_OPTS) \
+		CC=$(TARGET_CC) LD=$(TARGET_CC) CFLAGS="-c $(TARGET_CFLAGS)" \
+		LDFLAGS= \
+		PCAP_H="-I$(STAGING_DIR)/usr/include" \
+		NIDS_H="-I$(STAGING_DIR)/usr/include" \
+		NIDS_L="-L$(STAGING_DIR)/usr/lib -lnids -lnet -lpcap" \
+		libnids
+	touch $@
+
+$(IPKG_SCANLOGD):
+	install -d -m0755 $(IDIR_SCANLOGD)/etc/init.d
+	install -m0755 ./files/scanlogd.init $(IDIR_SCANLOGD)/etc/init.d/S60scanlogd
+	install -d -m0755 $(IDIR_SCANLOGD)/usr/sbin
+	install -m0755 $(PKG_BUILD_DIR)/$(PKG_NAME) $(IDIR_SCANLOGD)/usr/sbin/
+	$(RSTRIP) $(IDIR_SCANLOGD)
+	$(IPKG_BUILD) $(IDIR_SCANLOGD) $(PACKAGE_DIR)
--- a/openwrt/package/scanlogd/files/scanlogd.init
+++ b/openwrt/package/scanlogd/files/scanlogd.init
@ -0,0 +1,3 @@
+#!/bin/sh
+mkdir -p `grep "^scanlogd:" /etc/passwd | cut -d: -f6`
+/usr/sbin/scanlogd
--- a/openwrt/package/scanlogd/ipkg/scanlogd.control
+++ b/openwrt/package/scanlogd/ipkg/scanlogd.control
@ -0,0 +1,9 @@
+Package: scanlogd
+Priority: optional
+Section: net
+Version: [TBDL]
+Architecture: [TBDL]
+Maintainer: OpenWrt Developer <bugs@openwrt.org>
+Description: Port scan logger.
+Source: http://www.openwall.com/scanlogd/
+Depends: libpcap, libnet, libnids
--- a/openwrt/package/scanlogd/ipkg/scanlogd.postinst
+++ b/openwrt/package/scanlogd/ipkg/scanlogd.postinst
@ -0,0 +1,33 @@
+#!/bin/sh
+
+name=scanlogd
+id=53
+
+# do not change below
+# check if we are on real system
+if [ -z "${IPKG_INSTROOT}" ]; then
+	# create copies of passwd and group, if we use squashfs
+	rootfs=`mount |awk '/root/ { print $5 }'`
+	if [ "$rootfs" = "squashfs" ]; then
+		if [ -h /etc/group ]; then
+			rm /etc/group
+			cp /rom/etc/group /etc/group
+		fi
+		if [ -h /etc/passwd ]; then
+			rm /etc/passwd
+			cp /rom/etc/passwd /etc/passwd
+		fi
+	fi
+fi
+
+echo ""
+if [ -z "$(grep ^\\${name}: ${IPKG_INSTROOT}/etc/group)" ]; then 
+	echo "adding group $name to /etc/group"
+	echo "${name}:x:${id}:" >> ${IPKG_INSTROOT}/etc/group  
+fi
+
+if [ -z "$(grep ^\\${name}: ${IPKG_INSTROOT}/etc/passwd)" ]; then 
+	echo "adding user $name to /etc/passwd"
+	echo "${name}:x:${id}:${id}:${name}:/tmp/.${name}:/bin/false" >> ${IPKG_INSTROOT}/etc/passwd
+fi
+