Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/net-analyzer/p0f
diff options
context:
space:
mode:
Diffstat (limited to 'net-analyzer/p0f')
-rw-r--r--net-analyzer/p0f/Manifest3
-rw-r--r--net-analyzer/p0f/files/p0f.confd3
-rwxr-xr-xnet-analyzer/p0f/files/p0f.initd342
-rw-r--r--net-analyzer/p0f/metadata.xml6
-rw-r--r--net-analyzer/p0f/p0f-2.0.8-r2.ebuild65
-rw-r--r--net-analyzer/p0f/p0f-3.06_beta.ebuild53
-rw-r--r--net-analyzer/p0f/p0f-3.07_beta.ebuild53
7 files changed, 225 insertions, 0 deletions
diff --git a/net-analyzer/p0f/Manifest b/net-analyzer/p0f/Manifest
new file mode 100644
index 000000000000..df4c919b4dce
--- /dev/null
+++ b/net-analyzer/p0f/Manifest
@@ -0,0 +1,3 @@
+DIST p0f-2.0.8.tgz 136877 SHA256 6c4d8745f04e59f2ba68d56fd1554551592f08a0497c9fc21b84498f47d1aee0 SHA512 ccfc512a79df7acfad007c6d67398c5c0745be165095adc9dc4ba62cf165c962f98d92e038b3be4eb23cd13e3a9231827c4bd8a0a3bf0cdf68a38286188cde4f WHIRLPOOL 4e813f799e6fdec2728a72a720a5538eff637d8089bacc485c922fce1b64a58018e1dcff51c79e5551fd01d7647e681db507574873ffc020c3c710ea7398ffdd
+DIST p0f-3.06b.tgz 92054 SHA256 d151931be2557ac45f9baa0a9384b8643979f4227c391ed395792874f2c6cde7 SHA512 2fe9ed6049c8680ec994b071761f8351ad2f771a0ef2a423b007878c4a3b900d3c6a1a638fe4d72e4c300ce383ad19a7b4a1bf72e65acfa0bd11453a43cd46cc WHIRLPOOL c281f072af04ba8ba4ebcab87c0ed381d91cbd38eb306a43fa2d9a47083d642f539096282d218604ad6bba1800cd34962432bf5697996c930a5e7a2c4e425dc0
+DIST p0f-3.07b.tgz 92414 SHA256 5cfc9a4b32e0e789d6ae3240e22c531e7dfb7906d833a026e45a5504379f0ba2 SHA512 79dd0637015055a5bf1f017ea3ae9d5b916c4299df0b364450ffb4a9d736c95a27a2874ac537cfcaec5e588fd507891ee7012d6d41459c6dd68638efc1a708da WHIRLPOOL 68b11ebde6ab356bd1c82173c6c2c8b4a840e251e60931c16b1989781b12a14b4f6a592050c729c17afbab2965390d21c0e4a18bac6c915ffd93ab9d0fd51079
diff --git a/net-analyzer/p0f/files/p0f.confd b/net-analyzer/p0f/files/p0f.confd
new file mode 100644
index 000000000000..01c02896ec01
--- /dev/null
+++ b/net-analyzer/p0f/files/p0f.confd
@@ -0,0 +1,3 @@
+P0FLOGFILE=/var/log/p0f-audit.log
+P0FDEVICE=eth0
+P0FOPTIONS="-tl"
diff --git a/net-analyzer/p0f/files/p0f.initd3 b/net-analyzer/p0f/files/p0f.initd3
new file mode 100755
index 000000000000..05fef018283f
--- /dev/null
+++ b/net-analyzer/p0f/files/p0f.initd3
@@ -0,0 +1,42 @@
+#!/sbin/runscript
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+start() {
+ ebegin "Starting p0f"
+ # The 'tcp and tcp[13] & 2 = 2' requires at least syn set.
+ # An alternative would be 'tcp and tcp[13] & 0x3f = 2', which
+ # is syn and no other major flags (but ECN enabled packets are OK)
+ if [ -z "$BpfFilter" ]; then
+ BpfFilter='tcp and tcp[13] & 2 = 2'
+ else
+ BpfFilter="$BpfFilter and tcp and tcp[13] & 2 = 2"
+ fi
+
+ # The command in backticks returns all the local IP addresses on this machine.
+ for OneIP in `/sbin/ifconfig 2>/dev/null | grep 'inet addr' | sed -e 's/.*addr://' -e 's/ .*//'` ; do
+ BpfFilter="$BpfFilter and not src host $OneIP"
+ done
+
+
+ # Create a lock file.
+ mkdir -p /var/lock/subsys
+ touch /var/lock/subsys/p0f
+
+ # Start up p0f and filter out all packets originating from any of this machines IP's.
+ if [ -z "${P0FLOGFILE}" ]; then
+ P0FLOGFILE="/var/log/p0f"
+ fi
+ einfo "Logfile: ${P0FLOGFILE}"
+ start-stop-daemon --start --quiet --pidfile /var/run/p0f.pid --exec /usr/sbin/p0f -- -i "${P0FDEVICE}" \
+ ${P0FOPTIONS} -o "${P0FLOGFILE}" -d "${BpfFilter}" 2>/dev/null
+ eend ${?}
+}
+
+stop() {
+ ebegin "Stopping p0f"
+ start-stop-daemon --stop --quiet --pidfile /var/run/p0f.pid
+ rm -f /var/lock/subsys/p0f
+ eend ${?}
+}
diff --git a/net-analyzer/p0f/metadata.xml b/net-analyzer/p0f/metadata.xml
new file mode 100644
index 000000000000..44b3cbf45583
--- /dev/null
+++ b/net-analyzer/p0f/metadata.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<herd>netmon</herd>
+<longdescription>p0f performs passive OS detection based on SYN packets.</longdescription>
+</pkgmetadata>
diff --git a/net-analyzer/p0f/p0f-2.0.8-r2.ebuild b/net-analyzer/p0f/p0f-2.0.8-r2.ebuild
new file mode 100644
index 000000000000..c03dc56480d0
--- /dev/null
+++ b/net-analyzer/p0f/p0f-2.0.8-r2.ebuild
@@ -0,0 +1,65 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="3"
+
+inherit eutils toolchain-funcs
+
+DESCRIPTION="p0f performs passive OS detection based on SYN packets"
+HOMEPAGE="http://lcamtuf.coredump.cx/p0f.shtml"
+SRC_URI="http://lcamtuf.coredump.cx/p0f/${P}.tgz"
+
+LICENSE="LGPL-2.1"
+SLOT="0"
+KEYWORDS="amd64 ppc sparc x86 ~amd64-linux ~x86-linux ~ppc-macos"
+IUSE="static"
+
+DEPEND="net-libs/libpcap"
+
+S="${WORKDIR}/${PN}"
+
+src_prepare() {
+ sed -i p0f.c -e 's;#include <net/bpf.h>;;' || die "sed p0f.c"
+
+ # The first script ensures only p0f is built
+ sed -i mk/* \
+ -e 's|^\(all: $(FILE)\).*$|\1|' \
+ -e 's|^CFLAGS.*=.*|CFLAGS += \\|g' \
+ -e '/$(CC).* -o /s|$(CFLAGS)|& $(LDFLAGS)|g' \
+ || die "sed makefiles"
+
+ sed -i Build -e "s|\"/usr/|\"${EPREFIX}/usr/|g" || die "sed Build"
+
+ sed -i config.h \
+ -e "s|\"/etc/|\"${EPREFIX}/etc/|g" \
+ -e "s|\"/var/|\"${EPREFIX}/var/|g" \
+ || die "sed config.h"
+}
+
+src_compile() {
+ # Set -j1 to supress a warning that would not be useful in this case
+ emake -j1 CC=$(tc-getCC) \
+ $(use static && echo static || echo all) p0fq \
+ || die "emake failed"
+}
+
+src_install () {
+ use static && mv p0f-static p0f
+ dosbin p0f p0frep test/p0fq || die
+
+ insinto /etc/p0f
+ doins p0f.fp p0fa.fp p0fr.fp
+
+ doman p0f.1 || die
+ cd doc
+ dodoc ChangeLog CREDITS KNOWN_BUGS README TODO
+
+ newconfd "${FILESDIR}"/${PN}.confd ${PN} || die "newconfd failed"
+ newinitd "${FILESDIR}"/${PN}.initd3 ${PN} || die "newinitd failed"
+}
+
+pkg_postinst(){
+ elog "Adjust /etc/conf.d/p0f to your liking before using the"
+ elog "init script. For more information on options, read man p0f."
+}
diff --git a/net-analyzer/p0f/p0f-3.06_beta.ebuild b/net-analyzer/p0f/p0f-3.06_beta.ebuild
new file mode 100644
index 000000000000..4aec2ec96275
--- /dev/null
+++ b/net-analyzer/p0f/p0f-3.06_beta.ebuild
@@ -0,0 +1,53 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+inherit toolchain-funcs
+
+MY_P=${P/_beta/b}
+
+DESCRIPTION="A tool to perform passive OS detection based on SYN packets"
+HOMEPAGE="http://lcamtuf.coredump.cx/p0f3/"
+SRC_URI="http://lcamtuf.coredump.cx/p0f3/releases/${MY_P}.tgz"
+
+LICENSE="LGPL-2.1"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~sparc ~x86 ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos"
+IUSE="debug ipv6"
+
+RDEPEND="net-libs/libpcap"
+DEPEND="${RDEPEND}"
+
+S=${WORKDIR}/${MY_P}
+
+src_prepare() {
+ sed -i \
+ -e 's:-g -ggdb::' \
+ -e 's:-O3::' \
+ -e '/^CC/s:=:?=:' \
+ -e '/^CFLAGS/s:=:+=:' \
+ -e '/^LDFLAGS/s:=:+=:' \
+ build.sh tools/Makefile || die
+
+ sed -i -e "/FP_FILE/s:p0f.fp:${EPREFIX}/etc/&:" config.h || die
+}
+
+src_compile() {
+ tc-export CC
+ ./build.sh $(use debug && echo debug) || die
+ emake -C tools p0f-client p0f-sendsyn $(use ipv6 && echo p0f-sendsyn6)
+}
+
+src_install() {
+ dosbin p0f tools/p0f-{client,sendsyn}
+ use ipv6 && dosbin tools/p0f-sendsyn6
+
+ insinto /etc
+ doins p0f.fp
+
+ #newconfd "${FILESDIR}"/${PN}.confd ${PN}
+ #newinitd "${FILESDIR}"/${PN}.initd3 ${PN}
+
+ dodoc docs/{ChangeLog,README,TODO,*.txt} tools/README-TOOLS
+}
diff --git a/net-analyzer/p0f/p0f-3.07_beta.ebuild b/net-analyzer/p0f/p0f-3.07_beta.ebuild
new file mode 100644
index 000000000000..8a45eedbc128
--- /dev/null
+++ b/net-analyzer/p0f/p0f-3.07_beta.ebuild
@@ -0,0 +1,53 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+inherit toolchain-funcs
+
+MY_P=${P/_beta/b}
+
+DESCRIPTION="A tool to perform passive OS detection based on SYN packets"
+HOMEPAGE="http://lcamtuf.coredump.cx/p0f3/"
+SRC_URI="http://lcamtuf.coredump.cx/p0f3/releases/${MY_P}.tgz"
+
+LICENSE="LGPL-2.1"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~sparc ~x86 ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos"
+IUSE="debug ipv6"
+
+RDEPEND="net-libs/libpcap"
+DEPEND="${RDEPEND}"
+
+S=${WORKDIR}/${MY_P}
+
+src_prepare() {
+ sed -i \
+ -e 's:-g -ggdb::' \
+ -e 's:-O3::' \
+ -e '/^CC/s:=:?=:' \
+ -e '/^CFLAGS/s:=:+=:' \
+ -e '/^LDFLAGS/s:=:+=:' \
+ build.sh tools/Makefile || die
+
+ sed -i -e "/FP_FILE/s:p0f.fp:${EPREFIX}/etc/&:" config.h || die
+}
+
+src_compile() {
+ tc-export CC
+ ./build.sh $(use debug && echo debug) || die
+ emake -C tools p0f-client p0f-sendsyn $(use ipv6 && echo p0f-sendsyn6)
+}
+
+src_install() {
+ dosbin p0f tools/p0f-{client,sendsyn}
+ use ipv6 && dosbin tools/p0f-sendsyn6
+
+ insinto /etc
+ doins p0f.fp
+
+ #newconfd "${FILESDIR}"/${PN}.confd ${PN}
+ #newinitd "${FILESDIR}"/${PN}.initd3 ${PN}
+
+ dodoc docs/{ChangeLog,README,TODO,*.txt} tools/README-TOOLS
+}