summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobin H. Johnson <robbat2@gentoo.org>2015-08-08 13:49:04 -0700
committerRobin H. Johnson <robbat2@gentoo.org>2015-08-08 17:38:18 -0700
commit56bd759df1d0c750a065b8c845e93d5dfa6b549d (patch)
tree3f91093cdb475e565ae857f1c5a7fd339e2d781e /app-admin/ulogd/files
downloadgentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.gz
gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.bz2
gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.zip
proj/gentoo: Initial commit
This commit represents a new era for Gentoo: Storing the gentoo-x86 tree in Git, as converted from CVS. This commit is the start of the NEW history. Any historical data is intended to be grafted onto this point. Creation process: 1. Take final CVS checkout snapshot 2. Remove ALL ChangeLog* files 3. Transform all Manifests to thin 4. Remove empty Manifests 5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$ 5.1. Do not touch files with -kb/-ko keyword flags. Signed-off-by: Robin H. Johnson <robbat2@gentoo.org> X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed
Diffstat (limited to 'app-admin/ulogd/files')
-rw-r--r--app-admin/ulogd/files/ulogd-2.0.4-linux-headers-3.17-ipt_ulog.patch100
-rw-r--r--app-admin/ulogd/files/ulogd-2.0.5-remove-db-automagic.patch45
-rw-r--r--app-admin/ulogd/files/ulogd.init41
-rw-r--r--app-admin/ulogd/files/ulogd.logrotate9
-rw-r--r--app-admin/ulogd/files/ulogd.service13
5 files changed, 208 insertions, 0 deletions
diff --git a/app-admin/ulogd/files/ulogd-2.0.4-linux-headers-3.17-ipt_ulog.patch b/app-admin/ulogd/files/ulogd-2.0.4-linux-headers-3.17-ipt_ulog.patch
new file mode 100644
index 000000000000..f8c10622e229
--- /dev/null
+++ b/app-admin/ulogd/files/ulogd-2.0.4-linux-headers-3.17-ipt_ulog.patch
@@ -0,0 +1,100 @@
+From 30e24dbfc7a8644e29664070e8c16e5c3997f87e Mon Sep 17 00:00:00 2001
+From: Pablo Neira Ayuso <pablo@netfilter.org>
+Date: Fri, 7 Nov 2014 18:33:01 +0100
+Subject: [PATCH] include: keep a copy of linux/netfilter_ipv4/ipt_ULOG.h
+
+This fixes compilation if you use a Linux kernel >= 3.17. This problem
+occurs since ULOG was removed from mainstream:
+
+http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7200135bc1e61f1437dc326ae2ef2f310c50b4eb
+
+Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=986
+Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+
+diff --git a/configure.ac b/configure.ac
+index 522c345..c5f573c 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -142,7 +142,7 @@ dnl AM_CONDITIONAL(HAVE_PGSQL, test x$pgsqldir != x)
+
+ AC_CONFIG_FILES(include/Makefile include/ulogd/Makefile include/libipulog/Makefile \
+ include/linux/Makefile include/linux/netfilter/Makefile \
+- libipulog/Makefile \
++ include/linux/netfilter_ipv4/Makefile libipulog/Makefile \
+ input/Makefile input/packet/Makefile input/flow/Makefile \
+ input/sum/Makefile \
+ filter/Makefile filter/raw2packet/Makefile filter/packet2flow/Makefile \
+diff --git a/include/linux/Makefile.am b/include/linux/Makefile.am
+index ca80d0d..18af1c2 100644
+--- a/include/linux/Makefile.am
++++ b/include/linux/Makefile.am
+@@ -1,2 +1,2 @@
+-
+-SUBDIRS = netfilter
++SUBDIRS = netfilter \
++ netfilter_ipv4
+diff --git a/include/linux/netfilter_ipv4/Makefile.am b/include/linux/netfilter_ipv4/Makefile.am
+new file mode 100644
+index 0000000..41819a3
+--- /dev/null
++++ b/include/linux/netfilter_ipv4/Makefile.am
+@@ -0,0 +1 @@
++noinst_HEADERS = ipt_ULOG.h
+diff --git a/include/linux/netfilter_ipv4/ipt_ULOG.h b/include/linux/netfilter_ipv4/ipt_ULOG.h
+new file mode 100644
+index 0000000..417aad2
+--- /dev/null
++++ b/include/linux/netfilter_ipv4/ipt_ULOG.h
+@@ -0,0 +1,49 @@
++/* Header file for IP tables userspace logging, Version 1.8
++ *
++ * (C) 2000-2002 by Harald Welte <laforge@gnumonks.org>
++ *
++ * Distributed under the terms of GNU GPL */
++
++#ifndef _IPT_ULOG_H
++#define _IPT_ULOG_H
++
++#ifndef NETLINK_NFLOG
++#define NETLINK_NFLOG 5
++#endif
++
++#define ULOG_DEFAULT_NLGROUP 1
++#define ULOG_DEFAULT_QTHRESHOLD 1
++
++#define ULOG_MAC_LEN 80
++#define ULOG_PREFIX_LEN 32
++
++#define ULOG_MAX_QLEN 50
++/* Why 50? Well... there is a limit imposed by the slab cache 131000
++ * bytes. So the multipart netlink-message has to be < 131000 bytes.
++ * Assuming a standard ethernet-mtu of 1500, we could define this up
++ * to 80... but even 50 seems to be big enough. */
++
++/* private data structure for each rule with a ULOG target */
++struct ipt_ulog_info {
++ unsigned int nl_group;
++ size_t copy_range;
++ size_t qthreshold;
++ char prefix[ULOG_PREFIX_LEN];
++};
++
++/* Format of the ULOG packets passed through netlink */
++typedef struct ulog_packet_msg {
++ unsigned long mark;
++ long timestamp_sec;
++ long timestamp_usec;
++ unsigned int hook;
++ char indev_name[IFNAMSIZ];
++ char outdev_name[IFNAMSIZ];
++ size_t data_len;
++ char prefix[ULOG_PREFIX_LEN];
++ unsigned char mac_len;
++ unsigned char mac[ULOG_MAC_LEN];
++ unsigned char payload[0];
++} ulog_packet_msg_t;
++
++#endif /*_IPT_ULOG_H*/
+--
+2.0.4
+
diff --git a/app-admin/ulogd/files/ulogd-2.0.5-remove-db-automagic.patch b/app-admin/ulogd/files/ulogd-2.0.5-remove-db-automagic.patch
new file mode 100644
index 000000000000..dfa51112e063
--- /dev/null
+++ b/app-admin/ulogd/files/ulogd-2.0.5-remove-db-automagic.patch
@@ -0,0 +1,45 @@
+commit c61c05c2d050410c24346d42b013d7cb39149949
+Author: Harald Welte <laforge@gnumonks.org>
+Date: Sun May 3 11:08:54 2015 +0200
+
+ configure.ac: Add --without-{mysql,pgsql}
+
+ In some cases you may not want to build a certain output plugin, even
+ if the headers/libraries actually exist on the build host.
+
+diff --git a/configure.ac b/configure.ac
+index c814bec..1a7f8de 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -85,7 +85,10 @@ if [! test "x$enable_nfacct" = "xyes"]; then
+ enable_nfacct="no"
+ fi
+
+-CT_CHECK_POSTGRES_DB()
++AC_ARG_WITH([pgsql], AS_HELP_STRING([--without-pgsql], [Build without postgresql output plugin [default=test]]))
++AS_IF([test "x$with_pgsql" != "xno"], [
++ CT_CHECK_POSTGRES_DB()
++])
+ AM_CONDITIONAL(HAVE_PGSQL, test "x$PQLIBPATH" != "x")
+ if test "x$PQLIBPATH" != "x"; then
+ enable_pgsql="yes"
+@@ -93,7 +96,10 @@ else
+ enable_pgsql="no"
+ fi
+
+-CT_CHECK_MYSQL_DB()
++AC_ARG_WITH([mysql], AS_HELP_STRING([--without-mysql], [Build without mysql output plugin [default=test]]))
++AS_IF([test "x$with_mysql" != "xno"], [
++ CT_CHECK_MYSQL_DB()
++])
+ AM_CONDITIONAL(HAVE_MYSQL, test "x$MYSQL_LIB" != "x")
+ if test "x$MYSQL_LIB" != "x"; then
+ enable_mysql="yes"
+@@ -101,6 +107,7 @@ else
+ enable_mysql="no"
+ fi
+
++
+ AC_ARG_WITH([sqlite], AS_HELP_STRING([--without-sqlite], [Build without SQLITE3 output plugin [default=test]]))
+ AS_IF([test "x$with_sqlite" != "xno"], [
+ PKG_CHECK_MODULES([libsqlite3], [sqlite3], [], [:])
diff --git a/app-admin/ulogd/files/ulogd.init b/app-admin/ulogd/files/ulogd.init
new file mode 100644
index 000000000000..ace6e8b51c91
--- /dev/null
+++ b/app-admin/ulogd/files/ulogd.init
@@ -0,0 +1,41 @@
+#!/sbin/runscript
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+extra_started_commands="reload reopen"
+
+: ${ULOGD_BINARY:=/usr/sbin/ulogd}
+: ${ULOGD_PIDFILE:=/run/${SVCNAME}.pid}
+: ${ULOGD_OPTS:=--daemon --uid ulogd --pidfile ${ULOGD_PIDFILE}}
+
+depend() {
+ before iptables ip6tables ebtables firewall
+ after mysql postgresql
+}
+
+start() {
+ ebegin "Starting ${SVCNAME}"
+ start-stop-daemon --start \
+ --exec ${ULOGD_BINARY} --pidfile ${ULOGD_PIDFILE} \
+ -- ${ULOGD_OPTS}
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping ${SVCNAME}"
+ start-stop-daemon --stop --pidfile ${ULOGD_PIDFILE}
+ eend $?
+}
+
+reload() {
+ ebegin "Reloading ${SVCNAME} configuration"
+ start-stop-daemon --signal USR1 --pidfile ${ULOGD_PIDFILE}
+ eend $?
+}
+
+reopen() {
+ ebegin "Reopening ${SVCNAME} logfiles"
+ start-stop-daemon --signal HUP --pidfile ${ULOGD_PIDFILE}
+ eend $?
+}
diff --git a/app-admin/ulogd/files/ulogd.logrotate b/app-admin/ulogd/files/ulogd.logrotate
new file mode 100644
index 000000000000..777e40097a5e
--- /dev/null
+++ b/app-admin/ulogd/files/ulogd.logrotate
@@ -0,0 +1,9 @@
+/var/log/ulogd/*.log {
+ sharedscripts
+ missingok
+ notifempty
+ create 0640 ulogd
+ postrotate
+ [ -f /run/ulogd.pid ] && /bin/kill -HUP $(cat /run/ulogd.pid)
+ endscript
+}
diff --git a/app-admin/ulogd/files/ulogd.service b/app-admin/ulogd/files/ulogd.service
new file mode 100644
index 000000000000..ec22db0ad663
--- /dev/null
+++ b/app-admin/ulogd/files/ulogd.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=A userspace logging daemon for netfilter/iptables related logging
+Before=iptables.service ip6tables.service
+After=mysql.service postgresql.service
+
+[Service]
+Type=forking
+PIDFile=/run/ulogd.pid
+ExecStart=/usr/sbin/ulogd --daemon --uid ulogd --pidfile /run/ulogd.pid
+ExecReload=/bin/kill -USR1 $MAINPID
+
+[Install]
+WantedBy=network.target