summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorwjv <wjv@FreeBSD.org>2002-06-24 14:51:21 +0000
committerwjv <wjv@FreeBSD.org>2002-06-24 14:51:21 +0000
commit6b041ef06c9425e7bc61cbd65409de7f535f1d5f (patch)
treecfb30b72801f69a884deb016a4f0a93b8811f8cc
parent4b9fd9d1ba3656ab091c58e4b1fa410c0a6b2b7d (diff)
downloadFreeBSD-ports-6b041ef06c9425e7bc61cbd65409de7f535f1d5f.zip
FreeBSD-ports-6b041ef06c9425e7bc61cbd65409de7f535f1d5f.tar.gz
- Update to version 2.0.99.r2 which is only a release candidate, but there
has been a "massive public demand" that this port be unFORBIDDEN. - Remove FORBIDDEN. - Add a PKGMESSAGE to explain new post-install procedure, and to warn the user that this port/package is likely to have future security issues. - Install startup script mode 444, forcing the user to change this explicitly to run ntop at system startup. Document this in PKGMESSAGE.
-rw-r--r--net/ntop/Makefile42
-rw-r--r--net/ntop/distinfo2
-rw-r--r--net/ntop/files/ntop.sh4
-rw-r--r--net/ntop/files/patch-Makefile.am19
-rw-r--r--net/ntop/files/patch-configure.in26
-rw-r--r--net/ntop/files/patch-main.c11
-rw-r--r--net/ntop/pkg-message29
-rw-r--r--net/ntop/pkg-plist41
8 files changed, 110 insertions, 64 deletions
diff --git a/net/ntop/Makefile b/net/ntop/Makefile
index d1d6380..6d100e1 100644
--- a/net/ntop/Makefile
+++ b/net/ntop/Makefile
@@ -6,36 +6,36 @@
#
PORTNAME= ntop
-PORTVERSION= 2.0
-PORTREVISION= 2
+PORTVERSION= 2.0.99.r2
CATEGORIES= net
-MASTER_SITES= ftp://ftp.ntop.org/pub/local/ntop/source/ \
- ftp://ftp.us.ntop.org/pub/ntop/source/ \
- ftp://ftp.au.ntop.org/pub/ntop/source/ \
- ftp://ftp.de.ntop.org/pub/ntop/source/ \
- ftp://ftp.fr.ntop.org/mirrors/networking/ntop/source/ \
- ftp://ftp.jp.ntop.org/pub/ntop/source/
-DISTNAME= ${PORTNAME}-${PORTVERSION}-src
+MASTER_SITES= http://luca.ntop.org/ \
+ ${MASTER_SITE_SOURCEFORGE}
+MASTER_SITE_SUBDIR= ${PORTNAME}
+DISTNAME= ${PORTNAME}-${PORTVERSION:S|.r|-rc|}
EXTRACT_SUFX= .tgz
MAINTAINER= wjv@FreeBSD.org
-FORBIDDEN= Remote exploit published and no official patch available
-
# Besides the required dependencies listed here, this port can optionally
# make use of sysutils/lsof and security/nmap if installed.
BUILD_DEPENDS= ${LOCALBASE}/lib/libgdchart.a:${PORTSDIR}/graphics/gdchart
RUN_DEPENDS= ${LOCALBASE}/lib/libgdchart.a:${PORTSDIR}/graphics/gdchart
LIB_DEPENDS= gdbm.2:${PORTSDIR}/databases/gdbm
-# ntop will store its database files in ${DBDIR}/ntop/
+# ntop will store its runtime database files in ${DBDIR}/ntop/
DBDIR?= /var/db
-WRKSRC= ${WRKDIR}/${PORTNAME}
+# The default startup script in ${LOCALBASE}/etc/rc.d will invoke
+# with a flag to force it to log to ${LOGDIR}
+LOGDIR?= /var/log
+
+WRKSRC= ${WRKDIR}/RC2/${PORTNAME}
USE_AUTOMAKE= yes
USE_GMAKE= yes
USE_LIBTOOL= yes
INSTALLS_SHLIB= yes
+PLIST_SUB+= DBDIR=${DBDIR}
+PKGMESSAGE= ${WRKDIR}/pkg-message
CONFIGURE_ARGS= --localstatedir=${DBDIR} \
--with-gdbm-root=${LOCALBASE} \
--with-gdchart-root=${LOCALBASE}
@@ -51,18 +51,26 @@ CONFIGURE_ARGS+= --with-ossl-root=${LOCALBASE}
.endif
MAN1= intop.1
-MAN8= ntop.8 ntop-rules.8
+MAN8= ntop.8
# Remove included dependencies as a precaution against polluting the
# configuration. Not strictly necessary.
pre-configure:
- @ ${RM} -rf ${WRKDIR}/gdchart*
+ @ ${RM} -rf ${WRKDIR}/RC2/gdchart*
+
+post-configure:
+ @ ${SED} -e 's#%%LOCALBASE%%#${LOCALBASE}#g' \
+ pkg-message > ${PKGMESSAGE}
post-install:
@ ${MKDIR} ${DBDIR}/ntop
@ ${MKDIR} ${PREFIX}/etc/rc.d
- @ ${SED} -e "s#%%PREFIX%%#${PREFIX}#g" ${FILESDIR}/ntop.sh > \
+ @ ${SED} -e "s#%%PREFIX%%#${PREFIX}#g" \
+ -e "s#%%LOGDIR%%#${LOGDIR}#g" ${FILESDIR}/ntop.sh > \
${WRKDIR}/ntop.sh
- @ ${INSTALL_SCRIPT} ${WRKDIR}/ntop.sh ${PREFIX}/etc/rc.d
+ @ ${INSTALL_DATA} ${WRKDIR}/ntop.sh ${PREFIX}/etc/rc.d
+.if !defined(BATCH)
+ @ ${CAT} ${PKGMESSAGE}
+.endif
.include <bsd.port.post.mk>
diff --git a/net/ntop/distinfo b/net/ntop/distinfo
index 4ffae4a..d7c94bc 100644
--- a/net/ntop/distinfo
+++ b/net/ntop/distinfo
@@ -1 +1 @@
-MD5 (ntop-2.0-src.tgz) = e528f29de05924852ff4222509e2f9a4
+MD5 (ntop-2.0.99-rc2.tgz) = d2eebe53b21c954abd44f8b96483bf8c
diff --git a/net/ntop/files/ntop.sh b/net/ntop/files/ntop.sh
index e620e48..0bb75a6 100644
--- a/net/ntop/files/ntop.sh
+++ b/net/ntop/files/ntop.sh
@@ -19,7 +19,7 @@ http_port='3000'
https_port='3001'
# Directory for ntop.access.log
-logdir='/var/log'
+logdir='%%LOGDIR%%/ntop.access.log'
# Specify any additional arguments here - see ntop(8)
additional_args='-E'
@@ -42,7 +42,7 @@ start)
[ -d $logdir ] && touch ${logdir}/ntop.access.log \
&& chown $userid ${logdir}/ntop.access.log
[ -d %%PREFIX%%/share/ntop ] && cd %%PREFIX%%/share/ntop
- [ -x %%PREFIX%%/bin/ntop ] && %%PREFIX%%/bin/ntop $args \
+ [ -x %%PREFIX%%/bin/ntop ] && %%PREFIX%%/bin/ntop $args >/dev/null 2>&1 \
&& echo -n ' ntop'
;;
stop)
diff --git a/net/ntop/files/patch-Makefile.am b/net/ntop/files/patch-Makefile.am
index 72ef818..b25b6e5 100644
--- a/net/ntop/files/patch-Makefile.am
+++ b/net/ntop/files/patch-Makefile.am
@@ -1,23 +1,14 @@
---- Makefile.am.orig Thu Dec 27 18:00:25 2001
-+++ Makefile.am Tue Jan 8 14:31:14 2002
-@@ -145,7 +145,7 @@
- libntopreport_la_LIBADD = $(MORELIBS)
- libntopreport_la_LDFLAGS = -version-info @NTOP_VERSION_INFO@ -release @NTOP_RELEASE@ -export-dynamic @DYN_FLAGS@
-
--man_MANS = ntop.8 intop/intop.1
-+man_MANS = ntop.8 ntop-rules.8
-
- .PHONY: snapshot
-
-@@ -219,10 +219,10 @@
+--- Makefile.am.orig Tue May 14 20:12:55 2002
++++ Makefile.am Mon Jun 24 14:42:42 2002
+@@ -218,10 +218,10 @@
/bin/rm -f privkey.pem cert.pem
install-data-local:
-- @cp -p ntop-cert.pem $(bindir)/ntop-cert.pem
+- @cp -p ntop-cert.pem $(DESTDIR)$(bindir)/ntop-cert.pem
@$(top_srcdir)/mkinstalldirs $(DESTDIR)/$(libdir)/plugins;
@$(top_srcdir)/mkinstalldirs $(DESTDIR)/$(datadir)/ntop;
@$(top_srcdir)/mkinstalldirs $(DESTDIR)/$(datadir)/ntop/html;
-+ @cp -p ntop-cert.pem $(datadir)/ntop/ntop-cert.pem
++ @cp -p ntop-cert.pem $(DESTDIR)/$(datadir)/ntop/ntop-cert.pem
@for file in $(NTOPHTML); do \
if test -d $$file; then \
$(top_srcdir)/mkinstalldirs $(DESTDIR)/$(datadir)/ntop/$$file; \
diff --git a/net/ntop/files/patch-configure.in b/net/ntop/files/patch-configure.in
index e800253..4986baf 100644
--- a/net/ntop/files/patch-configure.in
+++ b/net/ntop/files/patch-configure.in
@@ -1,6 +1,6 @@
---- configure.in.orig Thu Dec 27 19:40:55 2001
-+++ configure.in Thu Jan 24 11:02:57 2002
-@@ -799,12 +799,10 @@
+--- configure.in.orig Fri May 31 12:09:35 2002
++++ configure.in Mon Jun 24 14:25:15 2002
+@@ -826,12 +826,10 @@
if test ".${GDBM_ROOT}" != .; then
AC_MSG_CHECKING([for the GNU Database Manager Library gdbm (required package)])
@@ -11,12 +11,12 @@
GDBM_ROOT=`cd ${GDBM_ROOT} && pwd`
- CORELIBS="${CORELIBS} -L$GDBM_ROOT -lgdbm"
- INCS="${INCS} -I$GDBM_ROOT"
-+ CORELIBS="${CORELIBS} -L$GDBM_ROOT/lib -lgdbm"
-+ INCS="${INCS} -I$GDBM_ROOT/include"
++ CORELIBS="${CORELIBS} -L${GDBM_ROOT}/lib -lgdbm"
++ INCS="${INCS} -I${GDBM_ROOT}/include"
AC_DEFINE(HAVE_GDBM_H)
AC_MSG_RESULT([found in $GDBM_ROOT])
else
-@@ -873,16 +871,11 @@
+@@ -907,16 +905,11 @@
dnl>
dnl> user defined directory passed as option at configuration time
dnl>
@@ -26,18 +26,18 @@
- test -r $GDCHART_ROOT/gdc.h &&
- test -r $GDCHART_ROOT/gd-1.8.3/libgd.a &&
- test -r $GDCHART_ROOT/gd-1.8.3/gd.h &&
-- test -r $GDCHART_ROOT/zlib-1.1.3/libz.a; then
+- test -r $GDCHART_ROOT/zlib-1.1.4/libz.a; then
+ if test 1; then
+ if test -d $GDCHART_ROOT; then
GDCHART_ROOT=`cd ${GDCHART_ROOT} && pwd`
-- MORELIBS="${MORELIBS} -L$GDCHART_ROOT -lgdchart -L$GDCHART_ROOT/gd-1.8.3 -lgd -L$GDCHART_ROOT/gd-1.8.3/libpng-1.0.8 -lpng -L$GDCHART_ROOT/zlib-1.1.3 -lz"
-- INCS="${INCS} -I$GDCHART_ROOT"
+- MORELIBS="${MORELIBS} -L$GDCHART_ROOT -lgdchart -L$GDCHART_ROOT/gd-1.8.3 -lgd -L$GDCHART_ROOT/gd-1.8.3/libpng-1.2.1 -lpng -L$GDCHART_ROOT/zlib-1.1.4 -lz"
+- INCS="${INCS} -I$GDCHART_ROOT -I$GDCHART_ROOT/zlib-1.1.4"
+ MORELIBS="${MORELIBS} -L${prefix}/lib -lgdchart -lgd -lpng -lz"
+ INCS="${INCS} -I${prefix}/include/gd"
AC_DEFINE(HAVE_GDCHART)
+ AC_DEFINE(HAVE_ZLIB)
AC_MSG_RESULT([found in $GDCHART_ROOT])
- else
-@@ -936,12 +929,10 @@
+@@ -971,12 +964,10 @@
if test ".$ac_disable_openssl" = ".no"; then
AC_MSG_CHECKING([for OpenSSL Library by Open SLL Project (optional package)])
if test ".${OSSL_ROOT}" != .; then
@@ -48,8 +48,8 @@
OSSL_ROOT=`cd ${OSSL_ROOT} && pwd`
- MORELIBS="${MORELIBS} -L$OSSL_ROOT -lssl"
- INCS="${INCS} -I$OSSL_ROOT"
-+ MORELIBS="${MORELIBS} -L$OSSL_ROOT/crypto -lssl"
-+ INCS="${INCS} -I$OSSL_ROOT/include"
++ MORELIBS="${MORELIBS} -L${OSSL_ROOT}/crypto -lssl"
++ INCS="${INCS} -I${OSSL_ROOT}/include"
AC_DEFINE(HAVE_OPENSSL)
AC_MSG_RESULT([found in $OSSL_ROOT])
elif test -d $OSSL_ROOT &&
diff --git a/net/ntop/files/patch-main.c b/net/ntop/files/patch-main.c
deleted file mode 100644
index 42e0529..0000000
--- a/net/ntop/files/patch-main.c
+++ /dev/null
@@ -1,11 +0,0 @@
---- main.c.orig Tue Nov 13 13:44:26 2001
-+++ main.c Tue Dec 4 17:00:15 2001
-@@ -400,7 +400,7 @@
- }
-
- snprintf(accessLogPath, sizeof(accessLogPath), "%s/%s",
-- dbPath, DETAIL_ACCESS_LOG_FILE_PATH);
-+ accessLogPath, DETAIL_ACCESS_LOG_FILE_PATH);
-
- initLogger(); /* Do not call this function before dbPath
- is initialized */
diff --git a/net/ntop/pkg-message b/net/ntop/pkg-message
new file mode 100644
index 0000000..7f03e9e
--- /dev/null
+++ b/net/ntop/pkg-message
@@ -0,0 +1,29 @@
+----------------------------------------------------------------------------
+ntop has been installed, but is not quite ready to be used yet!
+
+You need to set an administrator password for ntop before it may be used.
+As root, execute the following command to set this password:
+
+ # ntop -A
+
+ntop may now be started. The recommended method to do so is via the
+installed startup script. As root, execute the following command:
+
+ # sh %%LOCALBASE%%/etc/rc.d/ntop.sh
+
+The recommended way to change startup flags for ntop is to edit this
+startup script.
+
+Note that the installed startup script will NOT be execute at system
+startup by default. If you wish ntop to start when your system boots,
+you should make this script executable:
+
+ # chmod 555 %%LOCALBASE%%/etc/rc/ntop.sh
+
+ NB!! NB!! NB!!
+In the past, ntop has been the subject of repeated security vulner-
+abilities, particularly relating to its web interface. It is strongly
+suggested that you protect your ntop web interface via packet filters
+or TCP wrappers.
+
+----------------------------------------------------------------------------
diff --git a/net/ntop/pkg-plist b/net/ntop/pkg-plist
index 457b636..357a4ba 100644
--- a/net/ntop/pkg-plist
+++ b/net/ntop/pkg-plist
@@ -1,25 +1,38 @@
+@exec mkdir -p %%DBDIR%%/ntop
bin/intop
bin/ntop
bin/ntop-config
etc/rc.d/ntop.sh
lib/libicmpPlugin.a
lib/libicmpPlugin.so
-lib/libicmpPlugin.so.0
+lib/libicmpPlugin.so.99
lib/liblastSeenPlugin.a
lib/liblastSeenPlugin.so
-lib/liblastSeenPlugin.so.0
+lib/liblastSeenPlugin.so.99
+lib/libnetflowPlugin.a
+lib/libnetflowPlugin.so
+lib/libnetflowPlugin.so.99
lib/libnfsPlugin.a
lib/libnfsPlugin.so
-lib/libnfsPlugin.so.0
-lib/libntop-2.0.so.0
+lib/libnfsPlugin.so.99
+lib/libntop-2.0.so.99
lib/libntop.a
lib/libntop.so
-lib/libntopreport-2.0.so.0
+lib/libntopreport-2.0.so.99
lib/libntopreport.a
lib/libntopreport.so
+lib/libpdaPlugin.a
+lib/libpdaPlugin.so
+lib/libpdaPlugin.so.99
+lib/libsflowPlugin.a
+lib/libsflowPlugin.so
+lib/libsflowPlugin.so.99
lib/ntop/plugins/icmpPlugin.so
lib/ntop/plugins/lastSeenPlugin.so
+lib/ntop/plugins/netflowPlugin.so
lib/ntop/plugins/nfsPlugin.so
+lib/ntop/plugins/pdaPlugin.so
+lib/ntop/plugins/sflowPlugin.so
share/ntop/html/About.html
share/ntop/html/Admin.html
share/ntop/html/Copyright.html
@@ -33,8 +46,10 @@ share/ntop/html/Risk_low.gif
share/ntop/html/Risk_medium.gif
share/ntop/html/Risk_unknown.gif
share/ntop/html/Stats.html
+share/ntop/html/antenna.gif
share/ntop/html/arrow_down.gif
share/ntop/html/arrow_up.gif
+share/ntop/html/back.gif
share/ntop/html/bar.gif
share/ntop/html/bg_line.gif
share/ntop/html/black.gif
@@ -45,22 +60,37 @@ share/ntop/html/child.gif
share/ntop/html/clear.gif
share/ntop/html/collapsed.gif
share/ntop/html/copyright.gif
+share/ntop/html/corner.gif
share/ntop/html/deleteURL.gif
share/ntop/html/deleteUser.gif
share/ntop/html/dns.gif
share/ntop/html/error.gif
share/ntop/html/expanded.gif
+share/ntop/html/favicon.ico
+share/ntop/html/fback.gif
+share/ntop/html/fforward.gif
+share/ntop/html/forward.gif
share/ntop/html/gauge.jpg
share/ntop/html/gray_bg.gif
share/ntop/html/help.html
share/ntop/html/index.html
share/ntop/html/index_inner.html
+share/ntop/html/index_inner_w3c.html
share/ntop/html/index_left.html
+share/ntop/html/index_left_w3c.html
share/ntop/html/index_top.html
+share/ntop/html/index_top_w3c.html
+share/ntop/html/index_w3c.html
share/ntop/html/info.gif
+share/ntop/html/j_DataRcvd.html
+share/ntop/html/j_DataSent.html
+share/ntop/html/j_Stats.html
+share/ntop/html/j_home.html
+share/ntop/html/j_index_top.html
share/ntop/html/mail.gif
share/ntop/html/major.gif
share/ntop/html/menubar.png
+share/ntop/html/menubar_j.png
share/ntop/html/menuline.png
share/ntop/html/minor.gif
share/ntop/html/modifyUser.gif
@@ -307,6 +337,5 @@ share/ntop/ntop-cert.pem
@dirrm share/ntop/html/statsicons
@dirrm share/ntop/html
@dirrm share/ntop
-@dirrm lib/plugins
@dirrm lib/ntop/plugins
@dirrm lib/ntop
OpenPOWER on IntegriCloud