From 940a967a620ffb0e02fb5cb8350bc049000334cd Mon Sep 17 00:00:00 2001
From: dugsong <dugsong@openbsd.org>
Date: Wed, 23 Jun 1999 04:16:21 +0000
Subject: [PATCH] new ngrep port

---
 net/ngrep/Makefile         | 22 ++++++++++++++++
 net/ngrep/files/md5        |  3 +++
 net/ngrep/patches/patch-aa | 20 ++++++++++++++
 net/ngrep/patches/patch-ab | 13 ++++++++++
 net/ngrep/pkg/COMMENT      |  1 +
 net/ngrep/pkg/DESCR        | 53 ++++++++++++++++++++++++++++++++++++++
 net/ngrep/pkg/PLIST        |  1 +
 7 files changed, 113 insertions(+)
 create mode 100644 net/ngrep/Makefile
 create mode 100644 net/ngrep/files/md5
 create mode 100644 net/ngrep/patches/patch-aa
 create mode 100644 net/ngrep/patches/patch-ab
 create mode 100644 net/ngrep/pkg/COMMENT
 create mode 100644 net/ngrep/pkg/DESCR
 create mode 100644 net/ngrep/pkg/PLIST

diff --git a/net/ngrep/Makefile b/net/ngrep/Makefile
new file mode 100644
index 00000000000..ab573210982
--- /dev/null
+++ b/net/ngrep/Makefile
@@ -0,0 +1,22 @@
+# OpenBSD makefile for: ngrep
+# Version required:     1.26
+# Date created:         1999-Jun-23
+# Whom:                 dugsong@monkey.org
+#
+# $OpenBSD: Makefile,v 1.1.1.1 1999/06/23 04:16:21 dugsong Exp $
+
+DISTNAME=	ngrep-1.26
+
+CATEGORIES=     net
+
+MASTER_SITES=	http://www.packetfactory.net/ngrep/
+
+MAINTAINER=	dugsong@monkey.org
+
+GNU_CONFIGURE=	yes
+
+WRKSRC=		${WRKDIR}/ngrep
+
+ALL_TARGET=	ngrep
+
+.include <bsd.port.mk>
diff --git a/net/ngrep/files/md5 b/net/ngrep/files/md5
new file mode 100644
index 00000000000..e748bbcda49
--- /dev/null
+++ b/net/ngrep/files/md5
@@ -0,0 +1,3 @@
+SHA1 (ngrep-1.26.tar.gz) = 5b983d9df63f1b6d7f5ad7376648f6734efcbd8a
+RMD160 (ngrep-1.26.tar.gz) = 22d7c1015fb6d8d08fdd1b60580f1e6245206803
+MD5 (ngrep-1.26.tar.gz) = d51f49b5a0094ee098b3ecc2587ef75d
diff --git a/net/ngrep/patches/patch-aa b/net/ngrep/patches/patch-aa
new file mode 100644
index 00000000000..33e9ecbdfe6
--- /dev/null
+++ b/net/ngrep/patches/patch-aa
@@ -0,0 +1,20 @@
+--- Makefile.in-orig	Wed Jun 23 00:01:15 1999
++++ Makefile.in	Wed Jun 23 00:02:35 1999
+@@ -5,7 +5,7 @@
+ CC=@CC@
+ 
+ INCLUDES=-I@srcdir@ @PCAP_INCLUDE@
+-CFLAGS=-O2 @DEFS@ 
++CFLAGS= @CFLAGS@ @DEFS@ 
+ LIBS=-lpcap @EXTRA_LIBS@
+ 
+ SRC=ngrep.c regex.c
+@@ -13,7 +13,7 @@
+ TARGET=ngrep
+ 
+ INSTALL=./install-sh
+-DEST=/usr/local/bin
++DEST=@prefix@/bin
+ 
+ $(TARGET): $(OBJS)
+ 	$(CC) $(CFLAGS) -s -o $(TARGET) $(OBJS) $(LIBS) 
diff --git a/net/ngrep/patches/patch-ab b/net/ngrep/patches/patch-ab
new file mode 100644
index 00000000000..e7b135dd4ec
--- /dev/null
+++ b/net/ngrep/patches/patch-ab
@@ -0,0 +1,13 @@
+--- ngrep.c-orig	Tue Jun 22 23:58:26 1999
++++ ngrep.c	Tue Jun 22 23:58:42 1999
+@@ -176,10 +176,6 @@
+     ip_offset = PPPHDR_SIZE;
+     break;
+ 
+-  case DLT_RAW: 
+-    ip_offset = RAWHDR_SIZE;
+-    break;
+-
+   default:
+     fprintf(stderr,"fatal: unsupported interface type\n");
+     exit(-1);
diff --git a/net/ngrep/pkg/COMMENT b/net/ngrep/pkg/COMMENT
new file mode 100644
index 00000000000..47455098047
--- /dev/null
+++ b/net/ngrep/pkg/COMMENT
@@ -0,0 +1 @@
+network grep
diff --git a/net/ngrep/pkg/DESCR b/net/ngrep/pkg/DESCR
new file mode 100644
index 00000000000..963b83abb74
--- /dev/null
+++ b/net/ngrep/pkg/DESCR
@@ -0,0 +1,53 @@
+
+Program: ngrep 
+Author: nocarrier <jpr5@darkridge.com>
+
+Goal: 
+
+  A program that mimicks as much functionality in GNU grep as
+  possible, applied at the network layer.
+
+Description:
+
+  ngrep stands for network grep, and is a pcap-aware tool that will
+  allow you to specify extended regular expressions to match against
+  the data payloads of packets, and currently recognizes TCP and UDP,
+  and works on ethernet, ppp and slip interfaces.  Blank regexes
+  assume '.*'.
+
+Usage:
+
+  ngrep <-hiwq> <-d dev> [regex] <filter>
+
+  -h  is help/usage
+  -i  is ignore case
+  -w  is word-regex (expression must match as a word)
+  -q  is be quiet
+  -d  is use a device different from the default (pcap)
+
+  [regex]   is any extended regular expression (metachars are
+            significant and don't have to be escaped)
+  <filter>  is any pcap filter statement 
+
+Examples:
+
+  o ngrep  -qd eth1  'HTTP'  tcp port 80
+
+    Be quiet, look only at tcp packets with either source or dest port
+    80 on interface eth1, look for anything matching 'HTTP'. 
+
+  o ngrep  '(USER|PASS)'  tcp port 21
+
+    Look only at tcp packets with either source or dest port 21, look
+    for anything resembling an FTP login.
+
+  o ngrep  -wi  '(user|pass)'  tcp port 21
+  
+    Look at tcp packets with either source or dest port 21, that match
+    either 'user' or 'pass' (case insensitively) as a word. 
+
+  o ngrep  -qd le0  in-addr  port 53
+
+    Look at all packets with either source or dest port 53 on
+    interface le0, that match match 'in-addr'.  Be quiet.
+
diff --git a/net/ngrep/pkg/PLIST b/net/ngrep/pkg/PLIST
new file mode 100644
index 00000000000..048b5356008
--- /dev/null
+++ b/net/ngrep/pkg/PLIST
@@ -0,0 +1 @@
+bin/ngrep