diff options
author | wjv <wjv@FreeBSD.org> | 2002-06-24 14:51:21 +0000 |
---|---|---|
committer | wjv <wjv@FreeBSD.org> | 2002-06-24 14:51:21 +0000 |
commit | 6b041ef06c9425e7bc61cbd65409de7f535f1d5f (patch) | |
tree | cfb30b72801f69a884deb016a4f0a93b8811f8cc | |
parent | 4b9fd9d1ba3656ab091c58e4b1fa410c0a6b2b7d (diff) | |
download | FreeBSD-ports-6b041ef06c9425e7bc61cbd65409de7f535f1d5f.zip FreeBSD-ports-6b041ef06c9425e7bc61cbd65409de7f535f1d5f.tar.gz |
- Update to version 2.0.99.r2 which is only a release candidate, but there
has been a "massive public demand" that this port be unFORBIDDEN.
- Remove FORBIDDEN.
- Add a PKGMESSAGE to explain new post-install procedure, and to warn the
user that this port/package is likely to have future security issues.
- Install startup script mode 444, forcing the user to change this explicitly
to run ntop at system startup. Document this in PKGMESSAGE.
-rw-r--r-- | net/ntop/Makefile | 42 | ||||
-rw-r--r-- | net/ntop/distinfo | 2 | ||||
-rw-r--r-- | net/ntop/files/ntop.sh | 4 | ||||
-rw-r--r-- | net/ntop/files/patch-Makefile.am | 19 | ||||
-rw-r--r-- | net/ntop/files/patch-configure.in | 26 | ||||
-rw-r--r-- | net/ntop/files/patch-main.c | 11 | ||||
-rw-r--r-- | net/ntop/pkg-message | 29 | ||||
-rw-r--r-- | net/ntop/pkg-plist | 41 |
8 files changed, 110 insertions, 64 deletions
diff --git a/net/ntop/Makefile b/net/ntop/Makefile index d1d6380..6d100e1 100644 --- a/net/ntop/Makefile +++ b/net/ntop/Makefile @@ -6,36 +6,36 @@ # PORTNAME= ntop -PORTVERSION= 2.0 -PORTREVISION= 2 +PORTVERSION= 2.0.99.r2 CATEGORIES= net -MASTER_SITES= ftp://ftp.ntop.org/pub/local/ntop/source/ \ - ftp://ftp.us.ntop.org/pub/ntop/source/ \ - ftp://ftp.au.ntop.org/pub/ntop/source/ \ - ftp://ftp.de.ntop.org/pub/ntop/source/ \ - ftp://ftp.fr.ntop.org/mirrors/networking/ntop/source/ \ - ftp://ftp.jp.ntop.org/pub/ntop/source/ -DISTNAME= ${PORTNAME}-${PORTVERSION}-src +MASTER_SITES= http://luca.ntop.org/ \ + ${MASTER_SITE_SOURCEFORGE} +MASTER_SITE_SUBDIR= ${PORTNAME} +DISTNAME= ${PORTNAME}-${PORTVERSION:S|.r|-rc|} EXTRACT_SUFX= .tgz MAINTAINER= wjv@FreeBSD.org -FORBIDDEN= Remote exploit published and no official patch available - # Besides the required dependencies listed here, this port can optionally # make use of sysutils/lsof and security/nmap if installed. BUILD_DEPENDS= ${LOCALBASE}/lib/libgdchart.a:${PORTSDIR}/graphics/gdchart RUN_DEPENDS= ${LOCALBASE}/lib/libgdchart.a:${PORTSDIR}/graphics/gdchart LIB_DEPENDS= gdbm.2:${PORTSDIR}/databases/gdbm -# ntop will store its database files in ${DBDIR}/ntop/ +# ntop will store its runtime database files in ${DBDIR}/ntop/ DBDIR?= /var/db -WRKSRC= ${WRKDIR}/${PORTNAME} +# The default startup script in ${LOCALBASE}/etc/rc.d will invoke +# with a flag to force it to log to ${LOGDIR} +LOGDIR?= /var/log + +WRKSRC= ${WRKDIR}/RC2/${PORTNAME} USE_AUTOMAKE= yes USE_GMAKE= yes USE_LIBTOOL= yes INSTALLS_SHLIB= yes +PLIST_SUB+= DBDIR=${DBDIR} +PKGMESSAGE= ${WRKDIR}/pkg-message CONFIGURE_ARGS= --localstatedir=${DBDIR} \ --with-gdbm-root=${LOCALBASE} \ --with-gdchart-root=${LOCALBASE} @@ -51,18 +51,26 @@ CONFIGURE_ARGS+= --with-ossl-root=${LOCALBASE} .endif MAN1= intop.1 -MAN8= ntop.8 ntop-rules.8 +MAN8= ntop.8 # Remove included dependencies as a precaution against polluting the # configuration. Not strictly necessary. pre-configure: - @ ${RM} -rf ${WRKDIR}/gdchart* + @ ${RM} -rf ${WRKDIR}/RC2/gdchart* + +post-configure: + @ ${SED} -e 's#%%LOCALBASE%%#${LOCALBASE}#g' \ + pkg-message > ${PKGMESSAGE} post-install: @ ${MKDIR} ${DBDIR}/ntop @ ${MKDIR} ${PREFIX}/etc/rc.d - @ ${SED} -e "s#%%PREFIX%%#${PREFIX}#g" ${FILESDIR}/ntop.sh > \ + @ ${SED} -e "s#%%PREFIX%%#${PREFIX}#g" \ + -e "s#%%LOGDIR%%#${LOGDIR}#g" ${FILESDIR}/ntop.sh > \ ${WRKDIR}/ntop.sh - @ ${INSTALL_SCRIPT} ${WRKDIR}/ntop.sh ${PREFIX}/etc/rc.d + @ ${INSTALL_DATA} ${WRKDIR}/ntop.sh ${PREFIX}/etc/rc.d +.if !defined(BATCH) + @ ${CAT} ${PKGMESSAGE} +.endif .include <bsd.port.post.mk> diff --git a/net/ntop/distinfo b/net/ntop/distinfo index 4ffae4a..d7c94bc 100644 --- a/net/ntop/distinfo +++ b/net/ntop/distinfo @@ -1 +1 @@ -MD5 (ntop-2.0-src.tgz) = e528f29de05924852ff4222509e2f9a4 +MD5 (ntop-2.0.99-rc2.tgz) = d2eebe53b21c954abd44f8b96483bf8c diff --git a/net/ntop/files/ntop.sh b/net/ntop/files/ntop.sh index e620e48..0bb75a6 100644 --- a/net/ntop/files/ntop.sh +++ b/net/ntop/files/ntop.sh @@ -19,7 +19,7 @@ http_port='3000' https_port='3001' # Directory for ntop.access.log -logdir='/var/log' +logdir='%%LOGDIR%%/ntop.access.log' # Specify any additional arguments here - see ntop(8) additional_args='-E' @@ -42,7 +42,7 @@ start) [ -d $logdir ] && touch ${logdir}/ntop.access.log \ && chown $userid ${logdir}/ntop.access.log [ -d %%PREFIX%%/share/ntop ] && cd %%PREFIX%%/share/ntop - [ -x %%PREFIX%%/bin/ntop ] && %%PREFIX%%/bin/ntop $args \ + [ -x %%PREFIX%%/bin/ntop ] && %%PREFIX%%/bin/ntop $args >/dev/null 2>&1 \ && echo -n ' ntop' ;; stop) diff --git a/net/ntop/files/patch-Makefile.am b/net/ntop/files/patch-Makefile.am index 72ef818..b25b6e5 100644 --- a/net/ntop/files/patch-Makefile.am +++ b/net/ntop/files/patch-Makefile.am @@ -1,23 +1,14 @@ ---- Makefile.am.orig Thu Dec 27 18:00:25 2001 -+++ Makefile.am Tue Jan 8 14:31:14 2002 -@@ -145,7 +145,7 @@ - libntopreport_la_LIBADD = $(MORELIBS) - libntopreport_la_LDFLAGS = -version-info @NTOP_VERSION_INFO@ -release @NTOP_RELEASE@ -export-dynamic @DYN_FLAGS@ - --man_MANS = ntop.8 intop/intop.1 -+man_MANS = ntop.8 ntop-rules.8 - - .PHONY: snapshot - -@@ -219,10 +219,10 @@ +--- Makefile.am.orig Tue May 14 20:12:55 2002 ++++ Makefile.am Mon Jun 24 14:42:42 2002 +@@ -218,10 +218,10 @@ /bin/rm -f privkey.pem cert.pem install-data-local: -- @cp -p ntop-cert.pem $(bindir)/ntop-cert.pem +- @cp -p ntop-cert.pem $(DESTDIR)$(bindir)/ntop-cert.pem @$(top_srcdir)/mkinstalldirs $(DESTDIR)/$(libdir)/plugins; @$(top_srcdir)/mkinstalldirs $(DESTDIR)/$(datadir)/ntop; @$(top_srcdir)/mkinstalldirs $(DESTDIR)/$(datadir)/ntop/html; -+ @cp -p ntop-cert.pem $(datadir)/ntop/ntop-cert.pem ++ @cp -p ntop-cert.pem $(DESTDIR)/$(datadir)/ntop/ntop-cert.pem @for file in $(NTOPHTML); do \ if test -d $$file; then \ $(top_srcdir)/mkinstalldirs $(DESTDIR)/$(datadir)/ntop/$$file; \ diff --git a/net/ntop/files/patch-configure.in b/net/ntop/files/patch-configure.in index e800253..4986baf 100644 --- a/net/ntop/files/patch-configure.in +++ b/net/ntop/files/patch-configure.in @@ -1,6 +1,6 @@ ---- configure.in.orig Thu Dec 27 19:40:55 2001 -+++ configure.in Thu Jan 24 11:02:57 2002 -@@ -799,12 +799,10 @@ +--- configure.in.orig Fri May 31 12:09:35 2002 ++++ configure.in Mon Jun 24 14:25:15 2002 +@@ -826,12 +826,10 @@ if test ".${GDBM_ROOT}" != .; then AC_MSG_CHECKING([for the GNU Database Manager Library gdbm (required package)]) @@ -11,12 +11,12 @@ GDBM_ROOT=`cd ${GDBM_ROOT} && pwd` - CORELIBS="${CORELIBS} -L$GDBM_ROOT -lgdbm" - INCS="${INCS} -I$GDBM_ROOT" -+ CORELIBS="${CORELIBS} -L$GDBM_ROOT/lib -lgdbm" -+ INCS="${INCS} -I$GDBM_ROOT/include" ++ CORELIBS="${CORELIBS} -L${GDBM_ROOT}/lib -lgdbm" ++ INCS="${INCS} -I${GDBM_ROOT}/include" AC_DEFINE(HAVE_GDBM_H) AC_MSG_RESULT([found in $GDBM_ROOT]) else -@@ -873,16 +871,11 @@ +@@ -907,16 +905,11 @@ dnl> dnl> user defined directory passed as option at configuration time dnl> @@ -26,18 +26,18 @@ - test -r $GDCHART_ROOT/gdc.h && - test -r $GDCHART_ROOT/gd-1.8.3/libgd.a && - test -r $GDCHART_ROOT/gd-1.8.3/gd.h && -- test -r $GDCHART_ROOT/zlib-1.1.3/libz.a; then +- test -r $GDCHART_ROOT/zlib-1.1.4/libz.a; then + if test 1; then + if test -d $GDCHART_ROOT; then GDCHART_ROOT=`cd ${GDCHART_ROOT} && pwd` -- MORELIBS="${MORELIBS} -L$GDCHART_ROOT -lgdchart -L$GDCHART_ROOT/gd-1.8.3 -lgd -L$GDCHART_ROOT/gd-1.8.3/libpng-1.0.8 -lpng -L$GDCHART_ROOT/zlib-1.1.3 -lz" -- INCS="${INCS} -I$GDCHART_ROOT" +- MORELIBS="${MORELIBS} -L$GDCHART_ROOT -lgdchart -L$GDCHART_ROOT/gd-1.8.3 -lgd -L$GDCHART_ROOT/gd-1.8.3/libpng-1.2.1 -lpng -L$GDCHART_ROOT/zlib-1.1.4 -lz" +- INCS="${INCS} -I$GDCHART_ROOT -I$GDCHART_ROOT/zlib-1.1.4" + MORELIBS="${MORELIBS} -L${prefix}/lib -lgdchart -lgd -lpng -lz" + INCS="${INCS} -I${prefix}/include/gd" AC_DEFINE(HAVE_GDCHART) + AC_DEFINE(HAVE_ZLIB) AC_MSG_RESULT([found in $GDCHART_ROOT]) - else -@@ -936,12 +929,10 @@ +@@ -971,12 +964,10 @@ if test ".$ac_disable_openssl" = ".no"; then AC_MSG_CHECKING([for OpenSSL Library by Open SLL Project (optional package)]) if test ".${OSSL_ROOT}" != .; then @@ -48,8 +48,8 @@ OSSL_ROOT=`cd ${OSSL_ROOT} && pwd` - MORELIBS="${MORELIBS} -L$OSSL_ROOT -lssl" - INCS="${INCS} -I$OSSL_ROOT" -+ MORELIBS="${MORELIBS} -L$OSSL_ROOT/crypto -lssl" -+ INCS="${INCS} -I$OSSL_ROOT/include" ++ MORELIBS="${MORELIBS} -L${OSSL_ROOT}/crypto -lssl" ++ INCS="${INCS} -I${OSSL_ROOT}/include" AC_DEFINE(HAVE_OPENSSL) AC_MSG_RESULT([found in $OSSL_ROOT]) elif test -d $OSSL_ROOT && diff --git a/net/ntop/files/patch-main.c b/net/ntop/files/patch-main.c deleted file mode 100644 index 42e0529..0000000 --- a/net/ntop/files/patch-main.c +++ /dev/null @@ -1,11 +0,0 @@ ---- main.c.orig Tue Nov 13 13:44:26 2001 -+++ main.c Tue Dec 4 17:00:15 2001 -@@ -400,7 +400,7 @@ - } - - snprintf(accessLogPath, sizeof(accessLogPath), "%s/%s", -- dbPath, DETAIL_ACCESS_LOG_FILE_PATH); -+ accessLogPath, DETAIL_ACCESS_LOG_FILE_PATH); - - initLogger(); /* Do not call this function before dbPath - is initialized */ diff --git a/net/ntop/pkg-message b/net/ntop/pkg-message new file mode 100644 index 0000000..7f03e9e --- /dev/null +++ b/net/ntop/pkg-message @@ -0,0 +1,29 @@ +---------------------------------------------------------------------------- +ntop has been installed, but is not quite ready to be used yet! + +You need to set an administrator password for ntop before it may be used. +As root, execute the following command to set this password: + + # ntop -A + +ntop may now be started. The recommended method to do so is via the +installed startup script. As root, execute the following command: + + # sh %%LOCALBASE%%/etc/rc.d/ntop.sh + +The recommended way to change startup flags for ntop is to edit this +startup script. + +Note that the installed startup script will NOT be execute at system +startup by default. If you wish ntop to start when your system boots, +you should make this script executable: + + # chmod 555 %%LOCALBASE%%/etc/rc/ntop.sh + + NB!! NB!! NB!! +In the past, ntop has been the subject of repeated security vulner- +abilities, particularly relating to its web interface. It is strongly +suggested that you protect your ntop web interface via packet filters +or TCP wrappers. + +---------------------------------------------------------------------------- diff --git a/net/ntop/pkg-plist b/net/ntop/pkg-plist index 457b636..357a4ba 100644 --- a/net/ntop/pkg-plist +++ b/net/ntop/pkg-plist @@ -1,25 +1,38 @@ +@exec mkdir -p %%DBDIR%%/ntop bin/intop bin/ntop bin/ntop-config etc/rc.d/ntop.sh lib/libicmpPlugin.a lib/libicmpPlugin.so -lib/libicmpPlugin.so.0 +lib/libicmpPlugin.so.99 lib/liblastSeenPlugin.a lib/liblastSeenPlugin.so -lib/liblastSeenPlugin.so.0 +lib/liblastSeenPlugin.so.99 +lib/libnetflowPlugin.a +lib/libnetflowPlugin.so +lib/libnetflowPlugin.so.99 lib/libnfsPlugin.a lib/libnfsPlugin.so -lib/libnfsPlugin.so.0 -lib/libntop-2.0.so.0 +lib/libnfsPlugin.so.99 +lib/libntop-2.0.so.99 lib/libntop.a lib/libntop.so -lib/libntopreport-2.0.so.0 +lib/libntopreport-2.0.so.99 lib/libntopreport.a lib/libntopreport.so +lib/libpdaPlugin.a +lib/libpdaPlugin.so +lib/libpdaPlugin.so.99 +lib/libsflowPlugin.a +lib/libsflowPlugin.so +lib/libsflowPlugin.so.99 lib/ntop/plugins/icmpPlugin.so lib/ntop/plugins/lastSeenPlugin.so +lib/ntop/plugins/netflowPlugin.so lib/ntop/plugins/nfsPlugin.so +lib/ntop/plugins/pdaPlugin.so +lib/ntop/plugins/sflowPlugin.so share/ntop/html/About.html share/ntop/html/Admin.html share/ntop/html/Copyright.html @@ -33,8 +46,10 @@ share/ntop/html/Risk_low.gif share/ntop/html/Risk_medium.gif share/ntop/html/Risk_unknown.gif share/ntop/html/Stats.html +share/ntop/html/antenna.gif share/ntop/html/arrow_down.gif share/ntop/html/arrow_up.gif +share/ntop/html/back.gif share/ntop/html/bar.gif share/ntop/html/bg_line.gif share/ntop/html/black.gif @@ -45,22 +60,37 @@ share/ntop/html/child.gif share/ntop/html/clear.gif share/ntop/html/collapsed.gif share/ntop/html/copyright.gif +share/ntop/html/corner.gif share/ntop/html/deleteURL.gif share/ntop/html/deleteUser.gif share/ntop/html/dns.gif share/ntop/html/error.gif share/ntop/html/expanded.gif +share/ntop/html/favicon.ico +share/ntop/html/fback.gif +share/ntop/html/fforward.gif +share/ntop/html/forward.gif share/ntop/html/gauge.jpg share/ntop/html/gray_bg.gif share/ntop/html/help.html share/ntop/html/index.html share/ntop/html/index_inner.html +share/ntop/html/index_inner_w3c.html share/ntop/html/index_left.html +share/ntop/html/index_left_w3c.html share/ntop/html/index_top.html +share/ntop/html/index_top_w3c.html +share/ntop/html/index_w3c.html share/ntop/html/info.gif +share/ntop/html/j_DataRcvd.html +share/ntop/html/j_DataSent.html +share/ntop/html/j_Stats.html +share/ntop/html/j_home.html +share/ntop/html/j_index_top.html share/ntop/html/mail.gif share/ntop/html/major.gif share/ntop/html/menubar.png +share/ntop/html/menubar_j.png share/ntop/html/menuline.png share/ntop/html/minor.gif share/ntop/html/modifyUser.gif @@ -307,6 +337,5 @@ share/ntop/ntop-cert.pem @dirrm share/ntop/html/statsicons @dirrm share/ntop/html @dirrm share/ntop -@dirrm lib/plugins @dirrm lib/ntop/plugins @dirrm lib/ntop |