Update to 0.20.

From: Dan Weeks <danimal@danimal.org>
2002-10-17 15:37:41 +00:00 · 2002-10-17 15:37:41 +00:00 · 0bbd987993
commit 0bbd987993
parent bcfcf6b800
6 changed files with 50 additions and 150 deletions
--- a/net/tcpflow/Makefile
+++ b/net/tcpflow/Makefile
@ -1,8 +1,8 @@
-# $OpenBSD: Makefile,v 1.9 2002/10/16 21:30:04 pvalchev Exp $
+# $OpenBSD: Makefile,v 1.10 2002/10/17 15:37:41 naddy Exp $

 COMMENT=	"tool for capturing data from TCP connections"

-DISTNAME=	tcpflow-0.12
+DISTNAME=	tcpflow-0.20
 CATEGORIES=	net
 MASTER_SITES=	ftp://ftp.circlemud.org/pub/jelson/tcpflow/

--- a/net/tcpflow/distinfo
+++ b/net/tcpflow/distinfo
@ -1,3 +1,3 @@
-MD5 (tcpflow-0.12.tar.gz) = 39e4d753cb2b04962e03a6b7ce7ef729
-RMD160 (tcpflow-0.12.tar.gz) = d63af46bf17ccc28e98ffecdab3a403ddf7c342e
-SHA1 (tcpflow-0.12.tar.gz) = 3fe305baaf314c93c66d8d8670235c29025c297e
+MD5 (tcpflow-0.20.tar.gz) = cce28bfb13fa7a9eea17af9ff50b6580
+RMD160 (tcpflow-0.20.tar.gz) = ca0b92dfb8b6b0a32cf087f007df62c48d3d5d7a
+SHA1 (tcpflow-0.20.tar.gz) = 833d369e36828fa132106df93c604cc1c42c23c7
--- a/net/tcpflow/patches/patch-main_c
+++ b/net/tcpflow/patches/patch-main_c
@ -1,102 +1,12 @@
-$OpenBSD: patch-main_c,v 1.2 2002/10/16 21:28:54 pvalchev Exp $
--- main.c.orig	Tue Apr 20 19:40:14 1999
-+++ main.c	Wed Oct 16 15:23:52 2002
-@@ -63,7 +63,7 @@ void print_usage(char *progname)
+$OpenBSD: patch-main_c,v 1.3 2002/10/17 15:37:41 naddy Exp $
+--- main.c.orig	Wed Oct 16 20:38:45 2002
+++ main.c	Wed Oct 16 20:38:59 2002
+@@ -66,7 +66,7 @@ void print_usage(char *progname)
   fprintf(stderr, "%s version %s by Jeremy Elson <jelson@circlemud.org>\n\n",
 		 PACKAGE, VERSION);
   fprintf(stderr, "usage: %s [-chpsv] [-b max_bytes] [-d debug_level] [-f max_fds]\n", progname);
-  fprintf(stderr, "          [-i iface] [expression]\n\n");
+-  fprintf(stderr, "          [-i iface] [-w file] [expression]\n\n");
 +  fprintf(stderr, "          [-i iface] [-r file] [expression]\n\n");
   fprintf(stderr, "        -b: max number of bytes per flow to save\n");
   fprintf(stderr, "        -c: console print only (don't create files)\n");
   fprintf(stderr, "        -d: debug level; default is %d\n", DEFAULT_DEBUG_LEVEL);
-@@ -72,6 +72,7 @@ void print_usage(char *progname)
-   fprintf(stderr, "        -i: network interface on which to listen\n");
-   fprintf(stderr, "            (type \"ifconfig -a\" for a list of interfaces)\n");
-   fprintf(stderr, "        -p: don't use promiscuous mode\n");
-+  fprintf(stderr, "        -r: read packets from file\n");
-   fprintf(stderr, "        -s: strip non-printable characters (change to '.')\n");
-   fprintf(stderr, "        -v: verbose operation equivalent to -d 10\n");
-   fprintf(stderr, "expression: tcpdump-like filtering expression\n");
-@@ -89,6 +90,7 @@ int main(int argc, char *argv[])
-   int need_usage = 0;
- 
-   char *device = NULL;
-+  char *infile = NULL;
-   char *expression = NULL;
-   pcap_t *pd;
-   struct bpf_program fcode;
-@@ -98,7 +100,7 @@ int main(int argc, char *argv[])
- 
-   opterr = 0;
- 
-  while ((arg = getopt(argc, argv, "b:cd:f:hi:psv")) != EOF) {
-+  while ((arg = getopt(argc, argv, "b:cd:f:hi:pr:sv")) != -1) {
-     switch (arg) {
-     case 'b':
-       if ((bytes_per_flow = atoi(optarg)) < 0) {
-@@ -140,6 +142,9 @@ int main(int argc, char *argv[])
-       no_promisc = 1;
-       DEBUG(10) ("NOT turning on promiscuous mode");
-       break;
-+    case 'r':
-+      infile = optarg;
-+      break;
-     case 'v':
-       debug_level = 10;
-       break;
-@@ -160,23 +165,32 @@ int main(int argc, char *argv[])
-   DEBUG(10) ("%s version %s by Jeremy Elson <jelson@circlemud.org>",
- 	     PACKAGE, VERSION);
- 
-  /* if the user didn't specify a device, try to find a reasonable one */
-  if (device == NULL)
-    if ((device = pcap_lookupdev(error)) == NULL)
-+  if (infile != NULL) {
-+    /* Since we don't need network access, drop root privileges */
-+    setuid(getuid());
-+
-+    /* open the capture file */
-+    if ((pd = pcap_open_offline(infile, error)) == NULL)
-       die(error);
- 
-  /* make sure we can open the device */
-  if ((pd = pcap_open_live(device, SNAPLEN, !no_promisc, 1000, error)) == NULL)
-    die(error);
-+    /* get the handler for this kind of packets */
-+    handler = find_handler(pcap_datalink(pd), infile);
-+  } else {
-+    /* if the user didn't specify a device, try to find a reasonable one */
-+    if (device == NULL)
-+      if ((device = pcap_lookupdev(error)) == NULL)
-+	die(error);
- 
-  /* drop root privileges - we don't need them any more */
-  setuid(getuid());
-+    /* make sure we can open the device */
-+    if ((pd = pcap_open_live(device, SNAPLEN, !no_promisc, 1000, error)) == NULL)
-+      die(error);
- 
-  /* remember what datalink type the selected network interface is */
-  dlt = pcap_datalink(pd);
-+    /* drop root privileges - we don't need them any more */
-+    setuid(getuid());
- 
-  /* get the handler for this network interface */
-  handler = find_handler(dlt, device);
-+    /* get the handler for this kind of packets */
-+    handler = find_handler(pcap_datalink(pd), device);
-+  }
- 
-   /* get the user's expression out of argv */
-   expression = copy_argv(&argv[optind]);
-@@ -223,7 +237,8 @@ int main(int argc, char *argv[])
-   init_flow_state();
- 
-   /* start listening! */
-  DEBUG(1) ("listening on %s", device);
-+  if (infile == NULL)
-+    DEBUG(1) ("listening on %s", device);
-   if (pcap_loop(pd, -1, handler, NULL) < 0)
-     die(pcap_geterr(pd));
- 
--- a/net/tcpflow/patches/patch-tcpflow_1_in
+++ b/net/tcpflow/patches/patch-tcpflow_1_in
@ -1,54 +1,36 @@
-$OpenBSD: patch-tcpflow_1_in,v 1.1 2002/10/16 21:27:50 pvalchev Exp $
--- tcpflow.1.in.orig	Wed Apr 21 02:57:20 1999
-+++ tcpflow.1.in	Wed Oct 16 15:19:23 2002
-@@ -21,6 +21,9 @@ tcpflow \- TCP flow recorder 
- .BI \-i \ iface\fR\c
- ]
- [\c
-+.BI \-r \ file\fR\c
-+]
-+[\c
- .BI expression\fR\c
- ]
- .SH DESCRIPTION
-@@ -29,7 +32,7 @@ tcpflow \- TCP flow recorder 
+$OpenBSD: patch-tcpflow_1_in,v 1.2 2002/10/17 15:37:41 naddy Exp $
+--- tcpflow.1.in.orig	Wed Oct 16 20:37:43 2002
+++ tcpflow.1.in	Wed Oct 16 20:41:41 2002
+@@ -32,7 +32,7 @@ tcpflow \- TCP flow recorder 
 is a program that captures data transmitted as part of TCP connections
- (flows), and stores it in a way that is convenient for protocol
+ (flows), and stores the data in a way that is convenient for protocol
 analysis or debugging.  A program like
-.IR tcpdump (4)
-+.IR tcpdump (1)
- only shows a summary of packets seen on the wire, but usually doesn't
- store the data that's actually being transmitted.  In contrast,
- tcpflow reconstructs the actual data streams and stores each flow in a
-@@ -93,6 +96,13 @@ named \fIiface\fP.  If no interface is s
- .B \-i
- , a reasonable default will be used by libpcap automatically.
- .TP
-+.B \-r
-+Read packets from \fIfile\fP, which was created using the
-+.B \-w
-+option of
-+.IR tcpdump (1).
-+Standard input is used if \fIfile\fP is ``-''.
-+.TP
- .B \-p
- No promiscuous mode.  Normally, tcpflow attempts to put the network
- interface into promiscuous mode before capturing packets.  The
-@@ -118,7 +128,7 @@ The
+-.IR tcpdump(4)
+.IR tcpdump(8)
+ shows a summary of packets seen on the wire, but usually doesn't store
+ the data that's actually being transmitted.  In contrast, tcpflow
+ reconstructs the actual data streams and stores each flow in a
+@@ -109,7 +109,7 @@ already be in promiscuous mode for some 
+ Read from file.  Read packets from \fIfile\fP, which was created using the
+ .B \-w
+ option of
+-.IR tcpdump (1).
+.IR tcpdump (8).
+ Standard input is used if \fIfile\fP is ``-''.
+ Note that for this option to be useful, tcpdump's
+ .B \-s
+@@ -132,7 +132,7 @@ The
 specified on the command-line specifies which packets should be
 captured.  Because tcpflow uses the the libpcap library, tcpflow has
 the same powerful filtering language available as programs such as
-.IR tcpdump (4).
-+.IR tcpdump (1).
+-.IR tcpdump (1).
+.IR tcpdump (8).
 .LP
 .B The following part of the man page is excerpted from the tcpdump man page.
 .LP
-@@ -259,7 +269,7 @@ which can be used with either names or n
- .IP "\fBdst net \fInet\fR"
- True if the IP destination address of the packet has a network
- number of \fInet\fP. \fINet\fP may be either a name from /etc/networks
-or a network number (see \fInetworks(4)\fP for details).
-+or a network number (see \fInetworks(5)\fP for details).
- .IP "\fBsrc net \fInet\fR"
- True if the IP source address of the packet has a network
- number of \fInet\fP.
+@@ -539,4 +539,4 @@ The current version of this software is 
+ .I http://www.circlemud.org/~jelson/software/tcpflow
+ .RE
+ .SH "SEE ALSO"
+-tcpdump(1), nit(4P), bpf(4), pcap(3)
+tcpdump(8), nit(4P), bpf(4), pcap(3)
--- a/net/tcpflow/patches/patch-util_c
+++ b/net/tcpflow/patches/patch-util_c
@ -0,0 +1,12 @@
+$OpenBSD: patch-util_c,v 1.1 2002/10/17 15:37:41 naddy Exp $
+--- util.c.orig	Wed Oct 16 22:02:06 2002
+++ util.c	Wed Oct 16 22:02:34 2002
+@@ -133,7 +133,7 @@ char *flow_filename(flow_t flow)
+ 
+   ring_pos = (ring_pos + 1) % RING_SIZE;
+ 
+-  sprintf(ring_buffer[ring_pos],
+  snprintf(ring_buffer[ring_pos], sizeof(ring_buffer[ring_pos]),
+ 	  "%03d.%03d.%03d.%03d.%05d-%03d.%03d.%03d.%03d.%05d",
+ 	  (u_int8_t) ((flow.src & 0xff000000) >> 24),
+ 	  (u_int8_t) ((flow.src & 0x00ff0000) >> 16),
--- a/net/tcpflow/pkg/DESCR
+++ b/net/tcpflow/pkg/DESCR
@ -11,8 +11,4 @@ data streams regardless of retransmissions or out-of-order delivery.
 However, it currently does not understand IP fragments; flows
 containing IP fragments will not be recorded properly.

-Note: this port includes a small patch that adds the capability of
-      reading the packets from a tcpdump(1) capture file, using
-      a new option (-r).
-
 WWW: ${HOMEPAGE}