webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 10:35:53 +02:00
Code Issues Packages Projects Releases Wiki Activity

arpwatch: add arpwatch as common package

Browse Source 
Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
This commit is contained in:
Vincent Li
2025-09-25 21:36:38 +00:00
parent ca64eb8761
commit a81b1f8f2b
8 changed files with 248 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
config/rootfiles/common/arpwatch Normal file
View File

@@ -0,0 +1,8 @@
etc/rc.d/init.d/arpwatch
etc/sysconfig/arpwatch
usr/sbin/arpsnmp
usr/sbin/arpwatch
#usr/share/man/man8/arpsnmp.8
#usr/share/man/man8/arpwatch.8
#var/lib/arpwatch
var/lib/arpwatch/ethercodes.dat

5
config/rootfiles/common/x86_64/initscripts
View File

@@ -10,6 +10,7 @@ etc/rc.d/helper/oci-setup
#etc/rc.d/init.d
etc/rc.d/init.d/acpid
etc/rc.d/init.d/apache
etc/rc.d/init.d/arpwatch
etc/rc.d/init.d/beep
etc/rc.d/init.d/checkfs
etc/rc.d/init.d/cleanfs
@@ -107,6 +108,7 @@ etc/rc.d/init.d/kdump-vars.sh
#etc/rc.d/rc0.d/K01vdradmin
#etc/rc.d/rc0.d/K02sslh
etc/rc.d/rc0.d/K08fcron
etc/rc.d/rc0.d/K12arpwatch
etc/rc.d/rc0.d/K28apache
etc/rc.d/rc0.d/K30sshd
etc/rc.d/rc0.d/K47setclock
@@ -145,6 +147,7 @@ etc/rc.d/rc3.d/S30sshd
etc/rc.d/rc3.d/S32apache
etc/rc.d/rc3.d/S40fcron
etc/rc.d/rc3.d/S50wireguard
etc/rc.d/rc3.d/S64arpwatch
etc/rc.d/rc3.d/S98rc.local
#etc/rc.d/rc3.d/S98sslh
#etc/rc.d/rc3.d/S99imspetor
@@ -156,6 +159,7 @@ etc/rc.d/rc3.d/S98rc.local
#etc/rc.d/rc6.d/K01vdradmin
#etc/rc.d/rc6.d/K02sslh
etc/rc.d/rc6.d/K08fcron
etc/rc.d/rc6.d/K12arpwatch
etc/rc.d/rc6.d/K28apache
etc/rc.d/rc6.d/K30sshd
etc/rc.d/rc6.d/K47setclock
@@ -205,3 +209,4 @@ etc/sysconfig/modules
etc/sysconfig/ramdisk
etc/sysconfig/rc
etc/sysconfig/rc.local
etc/sysconfig/arpwatch

117
lfs/arpwatch Normal file
View File

@@ -0,0 +1,117 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2007-2025 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation, either version 3 of the License, or #
# (at your option) any later version. #
# #
# This program is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with this program. If not, see <http://www.gnu.org/licenses/>. #
# #
###############################################################################
###############################################################################
# Definitions
###############################################################################
include Config
SUMMARY = Monitoring tool for ARP traffic on a network
VER = 3.8
ETHERCODES_DATE = 20200628
# From: https://ee.lbl.gov/downloads/arpwatch/
THISAPP = arpwatch-$(VER)
DL_FILE = $(THISAPP).tar.gz
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = arpwatch
PAK_VER = 1
DEPS =
SERVICES = arpwatch
# Enable debugging code
CFLAGS += -DDEBUG=1
###############################################################################
# Top-level Rules
###############################################################################
objects = $(DL_FILE) ethercodes.dat-$(ETHERCODES_DATE).xz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
ethercodes.dat-$(ETHERCODES_DATE).xz = $(DL_FROM)/ethercodes.dat-$(ETHERCODES_DATE).xz
$(DL_FILE)_BLAKE2 = a43a2ad007da266f58b5c5fd617c8955940cffc88233c16455b553aea4c9ddad8cf744996b342f156c879aab29ce6c5ae85b93abdb0fbf5dd674d39e851de273
ethercodes.dat-$(ETHERCODES_DATE).xz_BLAKE2 = e702b9109ef3ccce73e2637f96126bf19e7dfa533774c0bd623042b3609f147981263b84397ec155a65ae12fa57247c32644e1e7e57c2c749ef768156d853027
install : $(TARGET)
check : $(patsubst %,$(DIR_CHK)/%,$(objects))
download :$(patsubst %,$(DIR_DL)/%,$(objects))
b2 : $(subst %,%_BLAKE2,$(objects))
dist:
@$(PAK)
###############################################################################
# Downloading, checking, b2sum
###############################################################################
$(patsubst %,$(DIR_CHK)/%,$(objects)) :
@$(CHECK)
$(patsubst %,$(DIR_DL)/%,$(objects)) :
@$(LOAD)
$(subst %,%_BLAKE2,$(objects)) :
@$(B2SUM)
###############################################################################
# Installation Details
###############################################################################
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
# Fix compilation issues
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/arpwatch/53_stop-using-_getshort.patch
cd $(DIR_APP) && sed -i '1i#include <time.h>' report.c
# Don't install the initscript
cd $(DIR_APP) && sed -i '/@HAVE_FREEBSD_TRUE@/d' Makefile.in
# Build!
cd $(DIR_APP) && ./configure --prefix=/usr
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
# Install initscripts
# $(call INSTALL_INITSCRIPTS,$(SERVICES))
# Install the data directory
-mkdir -pv /var/lib/arpwatch
# Install ethercodes.dat
xz -dvv \
< $(DIR_DL)/ethercodes.dat-$(ETHERCODES_DATE).xz \
> /var/lib/arpwatch/ethercodes.dat
@rm -rf $(DIR_APP)
@$(POSTBUILD)

3
lfs/initscripts
View File

@@ -96,6 +96,7 @@ $(TARGET) :
ln -sf ../init.d/vdradmin /etc/rc.d/rc0.d/K01vdradmin
ln -sf ../init.d/sslh /etc/rc.d/rc0.d/K02sslh
ln -sf ../init.d/fcron /etc/rc.d/rc0.d/K08fcron
ln -sf ../init.d/arpwatch /etc/rc.d/rc0.d/K12arpwatch
ln -sf ../init.d/apache /etc/rc.d/rc0.d/K28apache
ln -sf ../init.d/sshd /etc/rc.d/rc0.d/K30sshd
ln -sf ../init.d/setclock /etc/rc.d/rc0.d/K47setclock
@@ -133,6 +134,7 @@ $(TARGET) :
ln -sf ../init.d/haproxy /etc/rc.d/rc3.d/S35haproxy
ln -sf ../init.d/fcron /etc/rc.d/rc3.d/S40fcron
ln -sf ../init.d/wireguard /etc/rc.d/rc3.d/S50wireguard
ln -sf ../init.d/arpwatch /etc/rc.d/rc3.d/S64arpwatch
ln -sf ../../sysconfig/rc.local /etc/rc.d/rc3.d/S98rc.local
ln -sf ../init.d/sslh /etc/rc.d/rc3.d/S98sslh
ln -sf ../init.d/imspetor /etc/rc.d/rc3.d/S99imspetor
@@ -150,6 +152,7 @@ $(TARGET) :
ln -sf ../init.d/vdradmin /etc/rc.d/rc6.d/K01vdradmin
ln -sf ../init.d/sslh /etc/rc.d/rc6.d/K02sslh
ln -sf ../init.d/fcron /etc/rc.d/rc6.d/K08fcron
ln -sf ../init.d/arpwatch /etc/rc.d/rc6.d/K12arpwatch
ln -sf ../init.d/apache /etc/rc.d/rc6.d/K28apache
ln -sf ../init.d/sshd /etc/rc.d/rc6.d/K30sshd
ln -sf ../init.d/setclock /etc/rc.d/rc6.d/K47setclock

1
make.sh
View File

@@ -1727,6 +1727,7 @@ buildipfire() {
lfsmake2 wireguard-tools
lfsmake2 kexec-tools
lfsmake2 makedumpfile
lfsmake2 arpwatch
# Kernelbuild ... current we have no platform that need

8
src/initscripts/sysconfig/arpwatch Normal file
View File

@@ -0,0 +1,8 @@
# Interface to monitor
INTERFACES="green0 blue0"
# Email address to send alerts to
WATCHER=hostmaster@somewhere.example.com
# Sender email address
WATCHEE=hostmaster@somewhere.example.com

81
src/initscripts/system/arpwatch Normal file
View File

@@ -0,0 +1,81 @@
#!/bin/sh
###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2007-2022 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation, either version 3 of the License, or #
# (at your option) any later version. #
# #
# This program is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with this program. If not, see <http://www.gnu.org/licenses/>. #
# #
###############################################################################
. /etc/sysconfig/rc
. ${rc_functions}
# Optionally load the configuration file
if [ -r "/etc/sysconfig/arpwatch" ]; then
. /etc/sysconfig/arpwatch
fi
case "${1}" in
start)
args=(
-D /var/lib/arpwatch
)
# Add the watcher
if [ -n "${WATCHER}" ]; then
args+=( "-w" "${WATCHER}" )
fi
# Add the watchee
if [ -n "${WATCHEE}" ]; then
args+=( "-W" "${WATCHEE}" )
fi
for intf in ${INTERFACES}; do
boot_mesg "Starting ARP Watch on ${intf}..."
# Create the data file for this interface
if [ ! -e "/var/lib/arpwatch/${intf}.dat" ]; then
: > "/var/lib/arpwatch/${intf}.dat"
fi
PIDFILE="/var/run/arpwatch-${intf}.pid" \
loadproc -f \
/usr/sbin/arpwatch "${args[@]}" \
-P "/var/run/arpwatch-${intf}.pid" \
-f "/var/lib/arpwatch/${intf}.dat" \
-i "${intf}"
done
;;
stop)
for intf in ${INTERFACES}; do
boot_mesg "Stopping ARP Watch on ${intf}..."
PIDFILE="/var/run/arpwatch-${intf}.pid" \
killproc /usr/sbin/arpwatch
done
;;
restart)
${0} stop
sleep 1
${0} start
;;
*)
echo "Usage: ${0} {start|stop|restart}"
exit 1
;;
esac

25
src/patches/arpwatch/53_stop-using-_getshort.patch Normal file
View File

@@ -0,0 +1,25 @@
Description: replace private function _getshort with ns_get16
_getshort is a private function, triggers a build log warning because it's
not present in any header file. We switch to the functionally equivalent
ns_get16.
Author: Lukas Schwaighofer <lukas@schwaighofer.name>
---
dns.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
--- a/dns.c
+++ b/dns.c
@@ -115,10 +115,10 @@
(u_char *)cp, (char *)bp, buflen)) < 0)
break;
cp += n;
- type = _getshort(cp);
+ type = ns_get16(cp);
cp += sizeof(u_short); /* class */
cp += sizeof(u_short) + sizeof(u_int32_t);
- n = _getshort(cp);
+ n = ns_get16(cp);
cp += sizeof(u_short);
if (type == T_HINFO) {
/* Unpack */