NETwork MONitoring Dealer - IP network monitoring daemon. Can check hosts availability (via ICMP ping), collect SNMP counters, check simple TCP/UDP services (with internal chat), handle SNMP traps. For a full documentation look at WWW: http://soft.risp.ru/netmond/ (sorry, russian only)
State Changed From-To: open->feedback You cannot use an arbitrary user-id. Either register it (cf. http://www.freebsd.org/doc/en_US.ISO8859-1/books/porters-handbook/dads-uid.html ) or make it configurable. -- Volker
Responsible Changed From-To: freebsd-ports-bugs->sem Grab.
# This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # netmond # netmond/Makefile # netmond/distinfo # netmond/pkg-deinstall # netmond/pkg-descr # netmond/pkg-install # netmond/pkg-message # netmond/files # netmond/files/README.eng # netmond/files/README.port.eng # netmond/files/README.port.ru # netmond/files/netmond.sh # netmond/files/netmond_watchdog # netmond/files/netmondctl # netmond/files/patch-AA # echo c - netmond mkdir -p netmond > /dev/null 2>&1 echo x - netmond/Makefile sed 's/^X//' >netmond/Makefile << 'END-of-netmond/Makefile' X# New ports collection makefile for: netmond X# Date created: 2004 Mar 30 X# Whom: vfom@narod.ru X# X# $FreeBSD$ X# X XPORTNAME= netmond XPORTVERSION= 2.2b6 XCATEGORIES= net-mgmt XMASTER_SITES= ftp://ftp.risp.ru/pub/RinetSoftware/ XDISTNAME= netmond-2.2-b6 XEXTRACT_SUFX= .tgz X XMAINTAINER= vfom@narod.ru XCOMMENT= Netmond - IP network monitoring daemon X X#MK_IFGRAPH= yes X X.if defined(MK_IFGRAPH) XLIB_DEPENDS= gd.4:${PORTSDIR}/graphics/gd X.else XCONFIGURE_ARGS= --without-ifgraph X.endif X XGNU_CONFIGURE= yes X XBINOWN= root XBINGRP= netmon XBINMODE= 0550 X XPLIST_FILES= sbin/netmond sbin/netmondctl sbin/netmond_watchdog \ X etc/netmon.conf.sample etc/rc.d/netmond.sh X.if defined(MK_IFGRAPH) XPLIST_FILES+= sbin/ifgraph X.endif X XPORTDOCS= README README.ru CHANGES README.port README.port.ru X XPKGMESSAGE=${WRKDIR}/pkg-message X Xdo-install: X @if pw user show netmon 2>/dev/null ; then \ X ${ECHO} "User 'netmon' exists." ; \ X else \ X pw useradd -n netmon -g wheel -c 'Network monitor account' -m ; \ X fi X @if pw group show ${BINGRP} 2>/dev/null ; then \ X ${ECHO} "Group '${BINGRP}' exists." ; \ X else \ X pw groupadd ${BINGRP} -M root,netmon ; \ X fi X ${INSTALL_PROGRAM} ${WRKSRC}/netmond ${PREFIX}/sbin/netmond X.if defined(MK_IFGRAPH) X ${INSTALL_PROGRAM} ${WRKSRC}/ifgraph ${PREFIX}/sbin/ifgraph X.endif X ${INSTALL_SCRIPT} ${FILESDIR}/netmondctl ${PREFIX}/sbin/netmondctl X ${INSTALL_SCRIPT} ${FILESDIR}/netmond_watchdog ${PREFIX}/sbin/netmond_watchdog X ${INSTALL_SCRIPT} ${FILESDIR}/netmond.sh ${PREFIX}/etc/rc.d/netmond.sh X ${INSTALL_DATA} ${WRKSRC}/netmon.conf.sample ${PREFIX}/etc X ${CHMOD} u+s ${PREFIX}/sbin/netmond X.if !defined(NOPORTDOCS) X ${MKDIR} ${DOCSDIR} X ${CHMOD} 555 ${DOCSDIR} X ${INSTALL_DATA} ${WRKSRC}/README ${DOCSDIR}/README.ru X ${INSTALL_DATA} ${WRKSRC}/CHANGES ${DOCSDIR}/ X ${INSTALL_DATA} ${FILESDIR}/README.port.ru ${DOCSDIR}/ X ${INSTALL_DATA} ${FILESDIR}/README.port.eng ${DOCSDIR}/README.port X ${INSTALL_DATA} ${FILESDIR}/README.eng ${DOCSDIR}/README X.endif X Xpost-install: X @${SED} "s#%%PREFIX%%#${PREFIX}#" ${MASTERDIR}/pkg-message > ${PKGMESSAGE}; \ X ${CAT} ${PKGMESSAGE} X X.include <bsd.port.mk> END-of-netmond/Makefile echo x - netmond/distinfo sed 's/^X//' >netmond/distinfo << 'END-of-netmond/distinfo' XMD5 (netmond-2.2-b6.tgz) = 87e324702e60d1c4e1a83ae3649c1488 XSIZE (netmond-2.2-b6.tgz) = 264500 END-of-netmond/distinfo echo x - netmond/pkg-deinstall sed 's/^X//' >netmond/pkg-deinstall << 'END-of-netmond/pkg-deinstall' X#!/bin/sh X# XPKGNAME=$1 X# Xcase $2 in X DEINSTALL) X ;; X POST-DEINSTALL) X echo "" X echo "If you do not need user 'netmon' or group 'netmon' you can" X echo "manually remove them." X echo "" X ;; X *) X echo "Unexpected Argument $2!!!" X exit 1 X ;; Xesac Xexit 0 END-of-netmond/pkg-deinstall echo x - netmond/pkg-descr sed 's/^X//' >netmond/pkg-descr << 'END-of-netmond/pkg-descr' XNETwork MONitoring Dealer - IP network monitoring daemon. XCan check hosts availability (via ICMP ping), collect SNMP counters, Xcheck simple TCP/UDP services (with internal chat), handle SNMP traps. X XGUI frontends exist for netmond: X - ftp://ftp.risp.ru/RinetSoft/netmond-spyboat-0.5.tgz ( with QT ) X - http://vfom.narod.ru/TkNetmon/ ( Tcl/Tk ) X XWWW: http://soft.risp.ru/netmond/ END-of-netmond/pkg-descr echo x - netmond/pkg-install sed 's/^X//' >netmond/pkg-install << 'END-of-netmond/pkg-install' X#!/bin/sh X# XPKGNAME=$1 XDATADIR=/var/netmon X# Xcase $2 in X PRE-INSTALL) X if pw user show netmon 2>/dev/null ; then X echo "User 'netmon' exists." ; X else X pw useradd -n netmon -g wheel -c 'Network monitor account' -m ; X fi X if pw group show netmon 2>/dev/null ; then X echo "Group 'netmon' exists." ; X else X pw groupadd netmon -M root,netmon ; X fi X if [ ! -d ${DATADIR} ] ; then X mkdir ${DATADIR} X chown root:netmon ${DATADIR} X chmod 750 ${DATADIR} X fi X ;; X POST-INSTALL) X ;; X *) X echo "Unexpected Argument $2!!!" X exit 1 X ;; Xesac Xexit 0 END-of-netmond/pkg-install echo x - netmond/pkg-message sed 's/^X//' >netmond/pkg-message << 'END-of-netmond/pkg-message' X###################################################################### X X Attention! X X You need to create a configuration file netmon.conf X in directory %%PREFIX%%/etc prior to launch netmond. X X Look at http://soft.risp.ru/netmond/ for the configuration guide X or try to use TkNetmon to create configuration semiautomatically. X X###################################################################### END-of-netmond/pkg-message echo c - netmond/files mkdir -p netmond/files > /dev/null 2>&1 echo x - netmond/files/README.eng sed 's/^X//' >netmond/files/README.eng << 'END-of-netmond/files/README.eng' XNetwork Monitoring Dealer http://soft.risp.ru/netmond/ X------------------------------------------------------ X XNetmond is an essential and flexible tool for network administrators. XNetmond is a daemon providing an interface between low level network Xstack and a GUI monitoring program or a database. X XNetmond accumulates network neighborhood data, periodicaly polling network Xobjects by several methods and collecting SNMP traps. Gathered information Xis parsed so that client programs can comfortably request it via unified Xinterface. X XNetmond can be used as primary data source and as a notification subsystem Xin a network monitoring framework. X XNetmond have a modular architecture. Modules work indepependently but use Xcommon task scheduler, session multiplexor, topology correlator, variables Xpool and output channels. The unique asynchronous polling algorithm Xdoes not limit a number of simultaneously controlled objects. X XCollected data can be saved by variuos methods periodically or conditionally. XAlso, a client program can request the data dynamically via network. X XNetmond considers the network as a collection of objects. All objects to be Xmonitored have to be described preliminary in a configuration file. Objects Xpolling works in parallel, not sequentially, like in other systems. Polling Xrequests are distributed over the poll interval as optimally as possible. XWhile executing, Netmond can dynamically determine topological dependences Xof objects and interfaces and correct polling modes or even block polling for Xsubordinate objects. X XThe Netmond deal the with following object types: X X* OBJECT - primary monitoring target, an object with IP address; X* INTERFACE - network interface, subobject of OBJECT; X* BGPAS - autonomous system number, subobject of OBJECT; X* BGPPEER - BGP peer for autonomous system, subobject of BGPAS; X* ENVTEMP - environment temperature (Cisco only), subobject of OBJECT; X* SERVICE - arbitrary network service, subobject of OBJECT; X XFor any OBJECT type instance operator can define: X X* METHOD - list of polling methods; X* TRAP - list of traps methods; X* POLLING - polling interval (the time between METHOD calls); X* VARIABLE - list of variables, optional; X* SAVE - list of data saving methods, optional; X* SAVING - data saving interval (the time between SAVE methods calls); X* INTERFACE - list of network interfaces, optional; X* BGPAS - list of autonomous systems, optional; X* ENVTEMP - list of thermal sensors, optional; X* SERVICE - list of arbitrary services, optional; X XIf BGPPEER list is not defined for a BGPAS instance, Netmond builds Xthis list automatically. X XThe state of OBJECT is a result of execution of all associated methods from XMETHOD and/or TRAP lists. Methods are evaluated sequentially until the first Xerror. The order of execution is defined by operator. X XVARIABLE values and state of subobjects INTERFACE, BGPPEER, ENVTEMP and SERVICE Xare also evaluated during execution of METHODs and TRAPs. All subobjects have Xtheir own SAVE list. X XInside a METHOD definition the following protocols can be used: X X* PING - ICMP echo õ IP with Route Record option for topology discovery; X* SNMP - simple SNMP v1 request for specified VARIABLE OID; X* ROUTER - multiple SNMP v1 requests, indexing of certain tables, X extracting internal VARIABLEs values; X* TCP - simple TCP session with text chat capabilities, extracting X VARIABLEs values from answers; X* UDP - simple UDP sequence with arbitrary chat, extracting X VARIABLEs values from answers; X* DNS - DNS service check; X* RADIUS - RADIUS service check; X* TACACS - TACACS+ service check; X XTRAP collector expects SNMP v1 traps, with BGP Enterprise (RFC1657), XCisco Private Enterprise or an arbitrary Enterprise defined by operator. X XThe protocols are implemented as separate independent modules. New modules Xcould be added in the future. X XA VARIABLE instance is reffered to by an unique alphanumeric name. The name Xcan be used in the configuration file and for dynamic data request Xvia NetState service. Typically, the list and the names of VARIABLEs are Xdefined by operator. Several predefined VARIABLEs exist for some METHODs. X XA VARIABLE can be of any of the following types: X X* integer X* float X* IP address X* string X* SNMP OID X XThe actual variable type is automatically determined on value assignment. XDuring Netmond execution the number of associated values for every XVARIABLE is maintained - the current value, previous value as well as Xminimal, maximal, average and delta during the SAVING time interval, Xif applicable. X XNetmod provides three SAVE methods to output VARIABLE values: X X* writing to a file; X* pushing to a pipe; X* passing as an argument for external program. X XSAVE methods are evaluated - X X* periodically, with SAVING interval X* on change of VARIABLE value; X* by condition - when a logical or expression with VARIABLE value become TRUE X XNetState service is an independent module of Netmond providing asynchronous Xnetwork access to current VARIABLE values for client programs. The whole Xvariables pool is presented as a hierarchy of variables and their owners in Xformat: "object!subobject!variable = value". The request could contain an Xoptional regular expression to filter the required output. This feature was Xintroduced for flexible dynamic data transmission to operator's GUI. X XPlease, address all questions, proposals and complains regarding Netmond to Xnetmon@service.risp.ru mail list. To subscribe send a message with body text X'subscribe netmon' to majordomo@service.risp.ru. END-of-netmond/files/README.eng echo x - netmond/files/README.port.eng sed 's/^X//' >netmond/files/README.port.eng << 'END-of-netmond/files/README.port.eng' X X netmond-2.2-b6-port X XThis document describe additions & changes relatively original Xnetmon-2.2-b6 source code. X X################################################################## X XSrcAddress patch X X################################################################## X XSometimes you need explisitly set source IP address for packets Xejected to some host from multihoming (or multialiasing) host. X XFor example: X X- you need to check host accessability via predefined route, not X matching default route for this host. X X- remote host can have "strange" configured packet filters so only X specific IP addresses accepted. X X- traffic priority settings exits somethere on trace to host. X This may impact network managenment traffic while X some channels overloaded. X XAdded directive "SrcAddress" in global context and in object contest. X XIn global context this directive explisitly set source IP address for all Xobjects when source IP not defined inside this object definition. XIf no directive specified, default source address 0.0.0.0 assigned. X XInside object definition this directive set source IP address for this Xobject only. All IP packets ejected to this host have this source address. X XWhen nowhere directive specified, the programm behave like before Xpatch applying. X XExample: X X SrcAddress "192.168.2.1" X X Object "somehost" { X Address "192.168.1.2" X SrcAddress "192.168.1.1" X .................... X } X XFlaws: X No preliminary IP address validity check applied. So until first packet processed Xyou can't to know IP address mistaken. X NetState server can't report source IP addresses for objects. X X################################################################## X XUID-GID-ChRoot Patch X X################################################################## XFor save methods PIPE or FILE in some cases need to fork daugther process. XUsally, "netmond" working under "root" privrleges, so daugther processes Xwill have "root" privrleges too. This is unsecure. X XDirectives "UserName" "GroupName" "ChrootDir" added in global context. XWhen used this directives, before daugther process launching X(after 'fork' but before 'exec') "chroot" syscall performed for specified Xdirectory ( if no direcive - no "chroot") and process GID, UID changes. X XBy default, no chroot performed, UserName = netmon, GroupName = netmon. X XExample: X X UserName "nobody" X GroupName "nogroup" X ChRootDir "/var/netmon" X XHowever you can set UserName=root GroupName=wheel if needed. X X################################################################## X XNetState BindAddress Patch X X################################################################## XSometimes you need explicitly set IP address to bind for NetState Xserver. X XDirective "BindAddress" added in "Port" context. X XExample: X X Port 3333 { X BindAddress "192.168.1.1" X ............ X } XOr: X XNetState { X Port 3333 X BindAddress "192.168.1.1" X} X XBy default, NetState expect incoming TCP connection on all local Xaddresses. X X################################################################## X XTrap Patch X X################################################################## XSometimes you need explicitly set IP Address to accept incoming SNMP Xtraps on. X X XDirecive "TrapBindAddress" added in global context. X XExample: X TrapBindAddress "192.168.1.1" X XBy default, trap collector expect incoming SNMP traps on all local Xaddresses. X X X################################################################## X XPID-file all the time is written to /var/run/netmond.pid X X################################################################## X XPossibility added to use russian letters in NetState requests and Xregular expressions. END-of-netmond/files/README.port.eng echo x - netmond/files/README.port.ru sed 's/^X//' >netmond/files/README.port.ru << 'END-of-netmond/files/README.port.ru' X X netmond-2.2-b6-port X XÞ äâïïðî äðìèîåïæå ðòêõâïý êÿîåïåïêó ê äð÷âþíåïêó ðæïðõêæåíûïð Xðôêúêïâíûïýé êõéðäïýé æåìõæôðþ netmond-2.2-b6. X X################################################################## X XSrcAddress patch X X################################################################## X Þ ïåìðæðôýé õêæèâçêóé ïåð÷éðäêîð óþïð ÿâäâæû IP âäôåõ Xêõæðàïêìâ äíó òâìåæðþ, ðæòôâþíóåîýé ïâ ðòôåäåíåïïýë éðõæ Xþ õíèàâå, åõíê õåôþåô êîååæ ïåõìðíûìð êïæåôöåëõðþ ê\êíê Xâíêâõðþ. X XÏâòôêîåô: X X- Ïèãïð æåõæêôðþâæû äðõæèòïðõæû éðõæâ òð ðòôåäåíïïðîè îâôùôèæè, X ïå õðþòâäâáüåîè õ îâôùôèæðî òð èîðíàâïêá äíó øæðúð éðõæâ. X X- Èäâíåïïýë éðõæ îðãåæ êîåæû "õæôâïïð" õìðïöêúèôêôðþâïïýë X òâìåæïýë öêíûæô, æâì, àæð ôåâúêôèåæ ïâ òâìåæý æðíûìð õ X ðòôåäåíåïïýé IP âäôåõðþ. X X- Òð îâôùôèæè äð èäâíåïïðúð éðõæâ õèüåõæþèáæ èàâõæìê, úäå X òâìåæý õ ðòôåäåíåïïýé IP âäôåõðþ êîåáæ òôêðôêæåæ, àæð X ÷ýþâåæ þâãïð òôê àâõæðë òåôåúôèÿìå (øæêé) ìâïâíðþ. X XÄð÷âþíåïâ äêôåìæêþâ "SrcAddress" X X Þ úíð÷âíûïðî ìðïæåìõæå øæâ äêôåìæêþâ ÿâäâåæ IP âäôåõ êõæðàïêìâ Xäíó þõåé ð÷ñåìæðþ, äíó ìðæðôýé IP âäôåõ êõæðàïêìâ óþïð ïå ÿâäâï. XÅõíê äêôåìæêþâ ïå èìâÿâïâ - øæðæ âäôåõ = 0.0.0.0 X X Þ ìðïæåìõæå ð÷ñåìæâ, øæâ äêôåìæêþâ ÿâäâåæ IP âäôåõ êõæðàïêìâ äíó Xòðõýíìê íá÷ýé òâìåæðþ ïâ øæðæ éðõæ. X XÅõíê äêôåìæêþâ ÏÊÚÄÅ ïå èìâÿâïâ - õåôþåô þåäåæ õå÷ó æâì, ìâì äð Xòôêîåïåïêó òâæàâ. X XÒôêîåô: X X SrcAddress "192.168.2.1" X X Object "somehost" { X Address "192.168.1.2" X SrcAddress "192.168.1.1" X .................... X } X XÏåäðõæâæìê: X X Ïå ôåâíêÿðþâïâ òôåäþâôêæåíûïâó òôðþåôìâ þâíêäïðõæê IP âäôåõâ Xêõæðàïêìâ òôê àæåïêê öâëíâ ìðïöêúèôâçêê. Øæð ÿïâàêæ, àæð äð Xòðõýíìê òåôþðúð òâìåæâ ïâ éðõæ Þý ïå èÿïâåæå, àæð ïåòôâþêíûïð Xèìâÿâíê IP âäôåõ êõæðàïêìâ. X IP âäôåõ êõæðàïêìâ ïåþðÿîðãïð èÿïâæû è NetState õåôþåôâ. X X################################################################## X XUID-GID-ChRoot Patch X X################################################################## X X Åõíê èìâÿâï îåæðä õðéôâïåïêó PIPE êíê FILE, æð, þ ïåìðæðôýé Xõíèàâóé, ÿâòèõìâåæõó äðàåôïêë òôðçåõõ, ìðæðôðîè òåôåäâáæõó äâïïýå. X Ð÷ýàïð "Netmod" ôâ÷ðæâåæ ðæ êîåïê òðíûÿðþâæåíó "root". XÕíåäðþâæåíûïð äðàåôïêå òôðçåõõý æâì-ãå ÿâòèõìâáæõó ðæ êîåïê X"root". Þðð÷üå úðþðôó, øæð ÏÅ×ÅßÐÒÂÕÏÐ, æåî ÷ðíåå, àæð äíó Xêõòðíïåïêó øæêé òôðúôâîî ð÷ýàïð òôâþâ "root" ïå ïèãïý. X X Äð÷âþíåïý úíð÷âíûïýå äêôåìæêþý "UserName" "GroupName" "ChrootDir" XÅõíê èìâÿâïý øæê äêôåìæêþý, æð òåôåä ÿâòèõìðî äðàåôïåúð òôðçåõõâ, X( òðõíå fork, ïð ôâïûùå exec ) äåíâåæõó chroot þ èìâÿâïïýë ìâæâíðú X(åõíê ìâæâíðú ïå èìâÿâï - ïå äåíâåæõó), ê êÿîåïóåæõó GID,UID òôðçåõõâ. X XÒð èîðíàâïêá, chroot ïå äåíâåæõó, UserName = netmon, GroupName= netmon. X XÒôêîåô: X UserName "nobody" X GroupName "nogroup" X ChRootDir "/var/netmon" X XÞòôðàåî, Þý îðãåæå óþïð èìâÿâæû, àæð õìôêòæý ïèãïð ÿâòèõìâæû ðæ "root". X X################################################################## X XNetState BindAddress Patch X X################################################################## X X Êïðúäâ ÷ýþâåæ èäð÷ïð óþïð ÿâäâþâæû IP âäôåõ, ïâ ìðæðôðî NetState Xõåôþåô ðãêäâåæ þéðäóüåúð TCP õðåäêïåïêó. X XÄð÷âþíåïâ äêôåìæêþâ "BindAddress" þ ìðïæåìõæå "Port". X XÒôêîåô: X Port 3333 { X BindAddress "192.168.1.1" X ............ X } XÊíê X XNetState { X Port 3333 X BindAddress "192.168.1.1" X} X X XÒð èîðíàâïêá, ãäåî þéðäóüåúð TCP õðåäêïåïêó ïâ þõåé íðìâíûïýé âäôåõâé. X X################################################################## X XTrap Patch X X################################################################## X X Êïðúäâ ÷ýþâåæ èäð÷ïð óþïð ÿâäâþâæû IP âäôåõ, ïâ ìðæðôðî Xõåôþåô ðãêäâåæ þéðäóüêë SNMP Trap. X XÄð÷âþíåïâ äêôåìæêþâ "TrapBindAddress" þ úíð÷âíûïðî ìðïæåìõæå. X XÒôêîåô: X TrapBindAddress "192.168.1.1" X XÒð èîðíàâïêá, ãäåî þéðäóüêë SNMP Trap ïâ þõåé íðìâíûïýé âäôåõâé. X X################################################################## X X XPID-öâëí þõåúäâ ÿâòêõýþâåæõó þ /var/run/netmond.pid X X X################################################################## X XÄð÷âþíåïâ þðÿîðãïðõæû êõòðíûÿðþâæû þ ôåúèíóôïýé þýôâãåïêóé NetState Xôèõõìêå ÷èìþý. X X X X X END-of-netmond/files/README.port.ru echo x - netmond/files/netmond.sh sed 's/^X//' >netmond/files/netmond.sh << 'END-of-netmond/files/netmond.sh' X#!/bin/sh X Xif ! PREFIX=$(expr $0 : "\(/.*\)/etc/rc\.d/$(basename $0)\$"); then X echo "$0: Cannot determine the PREFIX" >&2 X exit 1 Xfi X Xcase "$1" in Xstart) X [ -x ${PREFIX}/sbin/netmond ] && [ -r ${PREFIX}/etc/netmon.conf ] && ${PREFIX}/sbin/netmond && echo -n ' netmond' X ;; Xstop) X killall netmond && echo -n ' netmond' X ;; X*) X echo "Usage: `basename $0` {start|stop}" >&2 X ;; Xesac X Xexit 0 END-of-netmond/files/netmond.sh echo x - netmond/files/netmond_watchdog sed 's/^X//' >netmond/files/netmond_watchdog << 'END-of-netmond/files/netmond_watchdog' X#!/bin/sh X# Xprefix=/usr/local Xexec_prefix=${prefix} XPATH=/bin:/usr/bin Xexport PATH Xpidfile=/var/run/netmond.pid X#config=/usr/home/netmon/netmon.conf Xconfig=/usr/local/etc/netmon.conf X Xwhile : ; do X if [ -r $pidfile ] && kill -0 `cat $pidfile` >/dev/null 2>&1 ; then X # echo "Netmond Running" X else X # echo "Netmond failed" X logger -p daemon.err -t nemond_watchdog "Netmond failed. Restarting..." X rm -f ${pidfile} X ${exec_prefix}/sbin/netmond -c ${config} X fi X sleep 10 Xdone END-of-netmond/files/netmond_watchdog echo x - netmond/files/netmondctl sed 's/^X//' >netmond/files/netmondctl << 'END-of-netmond/files/netmondctl' X#!/bin/sh X# X# The exit codes returned are: X# 0 - operation completed successfully X# 1 - some error X# 2 - usage error X# X# X# the path to your NETMOND binary, including options if necessary XNETMOND=/usr/local/sbin/netmond XPIDFILE=/var/run/netmond.pid X# X# config file (default is "/usr/local/etc/netmon.conf") X# XTTT=X$2 Xif [ $TTT = "X" ] Xthen X CONFIG="" Xelse X CONFIG="-c $2" X CFILE=$2 Xfi X X XERROR=0 X Xcase $1 in Xstart) X if [ -r $PIDFILE ] ; then X PID=`cat $PIDFILE` X if kill -0 $PID ;then X echo "$0 $1: netmond (pid $PID) already running." X exit 0; X fi X fi X if $NETMOND -C $CONFIG >/dev/null 2>&1 ; then X if $NETMOND $CONFIG ; then X echo "$0 $1: netmond started" X else X echo "$0 $1: netmond could not be started" X ERROR=1 X fi X else X echo "$0 $1: configuration broken, ignoring start" X echo "$0 $1: (run 'netmond -C' for details)" X ERROR=1 X fi X ;; Xstop) X if [ ! -r $PIDFILE ] ; then X exit 0 X fi X PID=`cat $PIDFILE` X if kill $PID ; then X echo "$0 $1: netmond stopped" X else X echo "$0 $1: netmond could not be stopped" X ERROR=1 X fi X ;; Xrestart) X if [ ! -r $PIDFILE ] ; then X echo "$0 $1: netmond not running, trying to start" X if $NETMOND $CONFIG ; then X echo "$0 $ARG: netmond started" X else X echo "$0 $ARG: netmond could not be started" X ERROR=1 X fi X else X PID=`cat $PIDFILE` X if $NETMOND -C $CONFIG >/dev/null 2>&1 ; then X if kill -HUP $PID ; then X echo "$0 $1: netmond restarted" X else X echo "$0 $1: netmond could not be restarted" X ERROR=1 X fi X else X echo "$0 $1: configuration broken, ignoring restart" X echo "$0 $1: (run 'netmond -C' for details)" X ERROR=1 X fi X fi X ;; X *) X echo "usage: $0 start|stop|restart" X cat <<EOF X Xstart - start netmond (or do nothing if running) Xstop - stop netmond Xrestart - restart netmond if running by sending a SIGHUP or start if X not running X X XEOF X ERROR= X ;; Xesac X Xexit $ERROR X END-of-netmond/files/netmondctl echo x - netmond/files/patch-AA sed 's/^X//' >netmond/files/patch-AA << 'END-of-netmond/files/patch-AA' X--- dns.c.orig Mon Aug 25 18:19:04 2003 X+++ dns.c Tue Sep 16 23:43:05 2003 X@@ -149,6 +149,8 @@ X { X SESSION *sd = method->sd; X int reqid; X+ struct sockaddr_in *from; X+ char ipaddr[20]; X X /* sanity check */ X if (!sd) return; X@@ -161,6 +163,14 @@ X return; X } X X+ /* bind socket to local source address */ X+ X+ from = (struct sockaddr_in *)&sd->me; X+ if ( from->sin_addr.s_addr != INADDR_ANY ) { X+ if( bind(sd->sock, &sd->me, sizeof(struct sockaddr) ) == -1 ) X+ report(LOG_WARNING, "dns_start : bind failed for %s: %s", X+ intoa(ipaddr,from->sin_addr), strerror(*(__error())) ); X+ } X /* turn on non-blocking I/O */ X if (set_socket_async(sd->sock, TRUE) < 0) { X dns_reply(errno, sd, 0); X@@ -288,7 +298,7 @@ X METHOD *method; X { X SESSION template; X- struct sockaddr_in *to; X+ struct sockaddr_in *to, *from; X X dprintf(("dns_init(%s/%s)\n", target->name, method->name)); X X@@ -303,6 +313,10 @@ X to->sin_family = AF_INET; X to->sin_port = htons(method->rport); X to->sin_addr = method->address ? method->ip_addr : target->ip_addr; X+ from = (struct sockaddr_in *)&template.me; X+ bzero((char *)from, sizeof(struct sockaddr_in)); X+ from->sin_family = AF_INET; X+ from->sin_addr = target->ip_srcaddr; X template.timeout = method->timeout * 1000000L; /* make microseconds */ X template.retries = method->retries; X template.send = dns_send; X--- netmon.h.orig Tue Aug 26 10:00:38 2003 X+++ netmon.h Wed Sep 17 00:39:11 2003 X@@ -14,6 +14,9 @@ X #include <sys/socket.h> X #include <sys/time.h> X #include <netinet/in.h> X+#include <pwd.h> X+#include <grp.h> X+#include <time.h> X #ifdef DEBUG_MEMORY X #include <assert.h> X #endif X@@ -77,7 +80,10 @@ X #endif X X #define NETMON "netmon" X-#define DEFAULT_CONFIG "/etc/netmon.conf" X+#define DEFAULT_CONFIG "/usr/local/etc/netmon.conf" X+#define USERNAME "netmon" X+#define GROUPNAME "netmon" X+#define PIDFILE_PATH "/var/run" X #define DEFAULT_WATCHDOG 600 /* 10 min */ X X #define POLLING_MIN 30 /* 30 sec */ X@@ -385,6 +391,7 @@ X struct method_ent *method; /* session method */ X int sock; /* socket file descriptor */ X struct sockaddr peer; /* address of peer */ X+ struct sockaddr me; /* my source address */ X long timeout; /* number of microseconds until first timeout */ X int retries; /* number of retries before timeout */ X int (*connect) __P((struct session_ent *)); X@@ -530,7 +537,9 @@ X char *descr; /* object description */ X char *datadir; /* directory where store data */ X char *address; /* domain name or dotted IP address */ X+ char *srcaddress; /* domain name or dotted source IP address */ X struct in_addr ip_addr; /* ip address of peer */ X+ struct in_addr ip_srcaddr; /* source ip address */ X int polling; /* polling period in seconds */ X int saving; /* saving period in seconds */ X int sync; /* polling counter to synchronize saving */ X@@ -574,7 +583,14 @@ X X typedef struct config_ent { X char *rootdir; /* default work directory */ X+ char *chrootdir; /* chroot directory for EXEC children */ X+ char *username; /* username for EXEC children */ X+ uid_t uid; /* UID for EXEC children */ X+ char *groupname; /* groupname for EXEC children */ X+ gid_t gid; /* GID for EXEC children */ X char *timefmt; /* strftime format of currtime for logging */ X+ char *srcaddress; /* my default source domain name or dotted IP address */ X+ struct in_addr ip_srcaddr; /* my default sorce ip address */ X int polling; /* default polling interval in seconds */ X int saving; /* default saving interval in seconds */ X int timeout; /* default timeout in seconds */ X@@ -582,9 +598,13 @@ X X int enable_traps; /* enable SNMP traps */ X int source_traps; /* match src-addr and agent-addr of traps */ X+ char *trap_address; /* Trap bind address */ X+ struct in_addr trap_ip_addr; /* */ X X /* netstate server */ X int ns_port; /* server port number */ X+ char *ns_address; /* NetState bind address */ X+ struct in_addr ns_ip_addr; /* */ X int ns_timo; /* client timeout in seconds */ X GROUP_REF *ns_acl; /* netstate client access list */ X X--- netmond.c.orig Fri Aug 22 15:49:23 2003 X+++ netmond.c Tue Sep 16 23:43:05 2003 X@@ -79,7 +79,6 @@ X static int reconfig_pending; X static int watchdog_timeout; X static int watchdog_pending; X- X static struct sighandler_ent { X int sig; X int flags; X@@ -254,8 +253,7 @@ X /* X * Make pid file. X */ X- (void)strcpy(buf, program_name); X- (void)strcat(buf, ".pid"); X+ snprintf(buf, sizeof(buf), "%s/%s.pid", PIDFILE_PATH, program_name); X if ((fp = fopen(buf, "w")) != NULL) { X fprintf(fp, "%d\n", (int)mypid); X fclose(fp); X@@ -831,6 +829,20 @@ X /* make session leader to be able killpg() latter */ X setsid(); X X+ if ( cf->chrootdir) { X+ if ( chroot( cf->chrootdir ) < 0 ) { X+ report(LOG_ERR, "chroot %s: %s", cf->chrootdir,strerror(*(__error())) ); X+ _exit(127); X+ } X+ } X+ if ( setgid(cf->gid) < 0 ) { X+ report(LOG_ERR, "setgid %s[%d]: %s", cf->groupname, cf->gid, strerror(*(__error())) ); X+ _exit(127); X+ } X+ if ( (cf->uid != 0) & (setuid(cf->uid) < 0) ) { X+ report(LOG_ERR, "setuid %s[%d]: %s", cf->username, cf->uid, strerror(*(__error())) ); X+ _exit(127); X+ } X execve(file, av, environ); X report(LOG_ERR, "execve %s: %m", file); X _exit(127); X@@ -928,8 +940,7 @@ X #endif X { X char pidfile[100]; X- (void)strcpy(pidfile, program_name); X- (void)strcat(pidfile, ".pid"); X+ snprintf(pidfile, sizeof(pidfile), "%s/%s.pid", PIDFILE_PATH, program_name); X (void)unlink(pidfile); X report(LOG_CRIT, "aborted by signal %d", sig); X } else report(LOG_INFO, "interrupted by signal %d", sig); X--- netstate.c.orig Tue Aug 26 10:54:09 2003 X+++ netstate.c Thu Sep 25 15:21:39 2003 X@@ -128,7 +128,7 @@ X memset(&sin, 0, sizeof(sin)); X sin.sin_family = AF_INET; X sin.sin_port = htons(cf->ns_port); X- sin.sin_addr.s_addr = INADDR_ANY; X+ sin.sin_addr = cf->ns_ip_addr; X if (bind(netstate_sock, (struct sockaddr *)&sin, sizeof(sin)) < 0) { X report(LOG_ERR, "bind port %d: %m", ntohs(sin.sin_port)); X close(netstate_sock); X@@ -405,6 +405,14 @@ X _exit(1); X } X #endif X+int X+iskoi8(unsigned char ch) X+{ X+ if ( ch == 163 ) return 1; X+ if ( ch == 179 ) return 1; X+ if ( ch >= 192 ) return 1; X+ return 0; X+} X X void * X netstate_serve(arg) X@@ -505,9 +513,9 @@ X set_timer(0, interrupt); X #endif X if (!cp) break; X- while (isprint(*cp)) cp++; X+ while ( iskoi8(*cp) || isprint(*cp) ) cp++; X *cp = '\0'; X- X+ X next = input; X if ((cp = my_strsep(&next, " ")) == NULL) { X bad_input++; X--- parseconf.y.orig Tue Aug 26 10:53:30 2003 X+++ parseconf.y Wed Sep 17 00:22:40 2003 X@@ -197,11 +197,36 @@ X BGP_AS *bgp; X ENV_MON *env; X char *cp, buf[1024]; X+ struct passwd *pwentry; X+ struct group *grentry; X X if (!config.rootdir) { X report(LOG_ERR, "%s: rootdir unspecified", config_file); X return NULL; X } X+ if (!config.srcaddress) X+ bzero(&config.ip_srcaddr, sizeof(struct in_addr)); X+ if (!config.ns_address) X+ bzero(&config.ns_ip_addr, sizeof(struct in_addr)); X+ if (!config.trap_address) X+ bzero(&config.trap_ip_addr, sizeof(struct in_addr)); X+ X+ if(!config.username) { X+ config.username = strdup(USERNAME); X+ if ((pwentry = getpwnam(USERNAME)) == (struct passwd *) NULL) { X+ report(LOG_ERR, "Bad default username: %s.",config.username); X+ return NULL; X+ } X+ config.uid = pwentry->pw_uid; X+ } X+ if(!config.groupname) { X+ config.groupname = strdup(GROUPNAME); X+ if ((grentry = getgrnam(GROUPNAME)) == (struct group *) NULL) { X+ report(LOG_ERR, "Bad default groupname: %s.",config.groupname); X+ return NULL; X+ } X+ config.gid = (gid_t)grentry->gr_gid; X+ } X if (config.polling) { X if (!config.timeout) X config.timeout = TIMEOUT_DEFAULT; X@@ -273,6 +298,7 @@ X X for (service = target->service; service; service = service->next) { X service->ip_addr = target->ip_addr; X+ service->ip_srcaddr = target->ip_srcaddr; X service->parent = target; X X (void)strcpy(cp, "/"); X@@ -1342,6 +1368,9 @@ X X /* Lexical analyzer return values */ X %token TOKEN_ROOTDIR X+%token TOKEN_CHROOTDIR X+%token TOKEN_USERNAME X+%token TOKEN_GROUPNAME X %token TOKEN_TIMEFMT X %token TOKEN_POLLING X %token TOKEN_SAVING X@@ -1354,6 +1383,7 @@ X X %token TOKEN_NETSTATE X %token TOKEN_PORT X+%token TOKEN_BINDADDRESS X X %token TOKEN_SAVE X %token TOKEN_FILE X@@ -1365,6 +1395,7 @@ X X %token TOKEN_OBJECT X %token TOKEN_ADDRESS X+%token TOKEN_SRCADDRESS X %token TOKEN_DESCRIPTION X %token TOKEN_SERVICE X %token TOKEN_INTERFACE X@@ -1398,6 +1429,7 @@ X %token TOKEN_V2 X X %token TOKEN_TRAP X+%token TOKEN_TRAPBINDADDRESS X %token TOKEN_SOURCECHECK X %token TOKEN_COMMUNITY X %token TOKEN_ENTERPRISE X@@ -1442,6 +1474,60 @@ X YYABORT; X } X } X+ | TOKEN_CHROOTDIR quoted_string X+ { X+ if (config.chrootdir) { X+ yyerror("ChRootDir statement duplicated"); X+ YYABORT; X+ } X+ config.chrootdir = $2; X+ } X+ | TOKEN_USERNAME quoted_string X+ { X+ struct passwd *pwentry; X+ X+ if (config.username) { X+ yyerror("UserName statement duplicated"); X+ YYABORT; X+ } X+ if ((pwentry = getpwnam($2)) == (struct passwd *)NULL) { X+ yyerror("UserName %s unknown.", $2); X+ YYABORT; X+ } X+ config.uid = pwentry->pw_uid; X+ config.username = $2; X+ } X+ X+ | TOKEN_GROUPNAME quoted_string X+ { X+ struct group *grentry; X+ X+ if (config.groupname) { X+ yyerror("GroupName statement duplicated"); X+ YYABORT; X+ } X+ if ((grentry = getgrnam($2)) == (struct group *)NULL) { X+ yyerror("GroupName %s unknown.", $2); X+ YYABORT; X+ } X+ config.gid = grentry->gr_gid; X+ config.groupname = $2; X+ } X+ X+ | TOKEN_SRCADDRESS quoted_string X+ { X+ struct in_addr ip_srcaddr; X+ X+ if (config.srcaddress) { X+ yyerror("config source address duplicated"); X+ YYABORT; X+ } X+ if (!gethostaddr(&ip_srcaddr, $2)) { X+ YYABORT; X+ } X+ config.srcaddress = $2; X+ memcpy(&config.ip_srcaddr, &ip_srcaddr, sizeof(struct in_addr)); X+ } X | TOKEN_TIMEFMT quoted_string X { X if (config.timefmt) { X@@ -1531,6 +1617,17 @@ X { X config.source_traps = 1; X } X+ | TOKEN_TRAPBINDADDRESS quoted_string X+ { X+ if (config.trap_address) { X+ yyerror("bindaddress duplicated"); X+ YYABORT; X+ } X+ if (!gethostaddr(&config.trap_ip_addr, $2)) { X+ YYABORT; X+ } X+ config.trap_address = $2; X+ } X | TOKEN_TRAP legal_string '{' trap_config '}' X { X trap.name = $2; X@@ -1556,6 +1653,13 @@ X yyerror("object address unspecified"); X YYABORT; X } X+ if (!object.srcaddress) { X+ if (!config.srcaddress) { X+ bzero(&object.ip_srcaddr, sizeof(struct in_addr)); X+ } else { X+ memcpy(&object.ip_srcaddr, &config.ip_srcaddr, sizeof(struct in_addr)); X+ } X+ } X /* if ((object.interface || object.ifgroup || X object.bgp || object.env) && X !find_method(object.method_list, "ROUTER")) { X@@ -1637,6 +1741,17 @@ X YYABORT; X } X } X+ | TOKEN_BINDADDRESS quoted_string X+ { X+ if (config.ns_address) { X+ yyerror("bindaddress duplicated"); X+ YYABORT; X+ } X+ if (!gethostaddr(&config.ns_ip_addr, $2)) { X+ YYABORT; X+ } X+ config.ns_address = $2; X+ } X | TOKEN_PERMIT quoted_string X { X /* for backward compatibility */ X@@ -2095,6 +2210,18 @@ X } X object.address = $2; X } X+ | TOKEN_SRCADDRESS quoted_string X+ { X+ if (object.srcaddress) { X+ yyerror("object source address duplicated"); X+ YYABORT; X+ } X+ if (!gethostaddr(&object.ip_srcaddr, $2)) { X+ YYABORT; X+ } X+ object.srcaddress = $2; X+ } X+ X | TOKEN_POLLING TOKEN_NUMBER X { X if (object.polling) { X--- ping.c.orig Fri Aug 22 11:07:53 2003 X+++ ping.c Tue Sep 16 23:43:05 2003 X@@ -368,6 +368,7 @@ X u_char buf[MAX_PACKETSZ]; X struct ip *ip; X struct icmp *icmp; X+ struct sockaddr_in *from = (struct sockaddr_in *)&sd->me; X struct sockaddr_in *to = (struct sockaddr_in *)&sd->peer; X int header_len = sizeof(struct ip); X int total_len = method->rport ? method->rport : MIN_PACKETSZ; X@@ -400,7 +401,7 @@ X #endif X ip->ip_ttl = IPDEFTTL; X ip->ip_p = IPPROTO_ICMP; X- /* ip->ip_src <-- filled by kernel (hopefulness) */ X+ ip->ip_src = from->sin_addr; /* replaced by kernel if=INADDR_ANY (hopefulness) */ X ip->ip_dst = to->sin_addr; X X if (rr_opt) { /* IP Option: Record Route */ X@@ -423,6 +424,7 @@ X memcpy(icmp->icmp_data, &sd->buf, sizeof(TIMEVAL *)); X X icmp->icmp_cksum = in_cksum((u_short *)icmp, total_len - header_len); X+ X #ifdef NO_ICMP_ERRORS X total_len = send(sd->sock, (char *)buf, total_len, 0); X #else X@@ -600,6 +602,8 @@ X { X SESSION *sd = method->sd; X int tmpval; X+ char ipaddr[20]; X+ struct sockaddr_in *from; X X /* sanity check */ X if (!sd) return; X@@ -616,6 +620,13 @@ X echo_reply(errno, sd, 0); X return; X } X+ /* bind RAW socket to local source address */ X+ from = (struct sockaddr_in *)&sd->me; X+ if ( from->sin_addr.s_addr != INADDR_ANY ) { X+ if( bind(sd->sock, &sd->me, sizeof(struct sockaddr) ) == -1 ) X+ report(LOG_WARNING, "echo_start : bind failed for %s: %s", X+ intoa(ipaddr,from->sin_addr), strerror(*(__error())) ); X+ } X #ifdef SO_BSDCOMPAT X /* The following option is only necessary on Linux machines because X * they have the unusual behavior of returning some ICMP errors to X@@ -701,7 +712,12 @@ X if (sd->pkt_recv > 1) msec /= (double)sd->pkt_recv; X sprintf(buf, "%g", msec); X diag = buf; X- } else diag = "0.000"; X+ if ( msec >= 10 ) { X+ sprintf(buf, "%d", (int)msec); X+ } else { X+ sprintf(buf, "%g", msec); X+ } X+ } else diag = "0.0"; X } else { X op = -1; X diag = icmp_error(sd->data_int); X@@ -740,8 +756,9 @@ X METHOD *method; X { X SESSION template; X- struct sockaddr_in *to; X+ struct sockaddr_in *to, *from; X char varname[100]; X+ char ipaddr[20]; X X dprintf(("echo_init(%s/%s)\n", target->name, method->name)); X X@@ -758,6 +775,9 @@ X to = (struct sockaddr_in *)&template.peer; X to->sin_family = AF_INET; X to->sin_addr = method->address ? method->ip_addr : target->ip_addr; X+ from = (struct sockaddr_in *)&template.me; X+ from->sin_family = AF_INET; X+ from->sin_addr = target->ip_srcaddr; X template.timeout = method->timeout * 1000000L; /* make microseconds */ X template.retries = method->retries; X template.send = echo_send; X--- radius.c.orig Mon Aug 25 18:20:03 2003 X+++ radius.c Tue Sep 16 23:43:05 2003 X@@ -208,6 +208,8 @@ X { X SESSION *sd = method->sd; X int reqid; X+ struct sockaddr_in *from; X+ char ipaddr[20]; X X /* sanity check */ X if (!sd) return; X@@ -220,6 +222,13 @@ X return; X } X X+ /* bind socket to local source address */ X+ from = (struct sockaddr_in *)&sd->me; X+ if ( from->sin_addr.s_addr != INADDR_ANY ) { X+ if( bind(sd->sock, &sd->me, sizeof(struct sockaddr) ) == -1 ) X+ report(LOG_WARNING, "radius_start : bind failed for %s: %s", X+ intoa(ipaddr,from->sin_addr), strerror(*(__error())) ); X+ } X /* turn on non-blocking I/O */ X if (set_socket_async(sd->sock, TRUE) < 0) { X radius_reply(errno, sd, 0); X@@ -311,7 +320,7 @@ X METHOD *method; X { X SESSION template; X- struct sockaddr_in *to; X+ struct sockaddr_in *to, *from; X X dprintf(("radius_init(%s/%s)\n", target->name, method->name)); X X@@ -326,6 +335,10 @@ X to->sin_family = AF_INET; X to->sin_port = htons(method->rport); X to->sin_addr = method->address ? method->ip_addr : target->ip_addr; X+ from = (struct sockaddr_in *)&template.me; X+ bzero((char *)from, sizeof(struct sockaddr_in)); X+ from->sin_family = AF_INET; X+ from->sin_addr = target->ip_srcaddr; X template.timeout = method->timeout * 1000000L; /* make microseconds */ X template.retries = method->retries; X template.send = radius_send; X--- reconfig.c.orig Tue Aug 26 10:54:37 2003 X+++ reconfig.c Wed Sep 17 00:26:06 2003 X@@ -395,7 +395,7 @@ X OBJECT *parent; X OBJECT *old, *new; X { X- void *ip_addr; X+ void *ip_addr, *ip_srcaddr; X OBJECT *service; X X object_stop(old); X@@ -403,9 +403,13 @@ X ptrswap(&old->descr, &new->descr); X ptrswap(&old->datadir, &new->datadir); X ptrswap(&old->address, &new->address); X- if (parent) X+ if (parent) { X ip_addr = &parent->ip_addr; X- else ip_addr = &new->ip_addr; X+ ip_srcaddr = &parent->ip_srcaddr; X+ } else { X+ ip_addr = &new->ip_addr; X+ ip_srcaddr = &new->ip_srcaddr; X+ } X old->parent = parent; X X if (memcmp(&old->ip_addr, ip_addr, sizeof(old->ip_addr))) { X@@ -418,6 +422,8 @@ X memset(old->snmpdata, 0, sizeof(SNMP_DATA)); X } X } X+ if (memcmp(&old->ip_srcaddr, ip_srcaddr, sizeof(old->ip_srcaddr))) X+ memcpy(&old->ip_srcaddr, ip_srcaddr, sizeof(old->ip_srcaddr)); X X old->polling = new->polling; X old->saving = new->saving; X@@ -450,6 +456,7 @@ X service = splice_object_list(old, &old->service, &new->service); X for (; service; service = service->next) { X service->ip_addr = old->ip_addr; X+ service->ip_srcaddr = old->ip_srcaddr; X service->parent = old; X object_init(service); X } X@@ -516,21 +523,41 @@ X } X if (cf_new->rootdir) free(cf_new->rootdir); X X+ ptrswap(&cf->chrootdir, &cf_new->chrootdir); X+ if (cf_new->chrootdir) free(cf_new->chrootdir); X+ X+ ptrswap(&cf->username, &cf_new->username); X+ if (cf_new->username) free(cf_new->username); X+ cf->uid = cf_new->uid; X+ X+ ptrswap(&cf->groupname, &cf_new->groupname); X+ if (cf_new->groupname) free(cf_new->groupname); X+ cf->gid = cf_new->gid; X+ X ptrswap(&cf->timefmt, &cf_new->timefmt); X if (cf_new->timefmt) free(cf_new->timefmt); X X+ ptrswap(&cf->srcaddress, &cf_new->srcaddress); X+ if (cf_new->srcaddress) free(cf_new->srcaddress); X+ memcpy( &cf->ip_srcaddr, &cf_new->ip_srcaddr, sizeof(struct in_addr)); X cf->polling = cf_new->polling; X cf->saving = cf_new->saving; X cf->timeout = cf_new->timeout; X cf->retries = cf_new->retries; X X- if (cf->enable_traps != cf_new->enable_traps) { X+ if ((cf->enable_traps != cf_new->enable_traps) || memcmp(&cf->trap_ip_addr, &cf_new->trap_ip_addr, sizeof(struct in_addr)) ) { X+ ptrswap(&cf->trap_address, &cf_new->trap_address); X+ if (cf_new->trap_address) free(cf_new->trap_address); X+ memcpy( &cf->trap_ip_addr, &cf_new->trap_ip_addr, sizeof(struct in_addr)); X cf->enable_traps = cf_new->enable_traps; X trap_init(cf->enable_traps > 0); X } X cf->source_traps = cf_new->source_traps; X X- if (cf->ns_port != cf_new->ns_port) { X+ if ((cf->ns_port != cf_new->ns_port) || memcmp(&cf->ns_ip_addr, &cf_new->ns_ip_addr, sizeof(struct in_addr))) { X+ ptrswap(&cf->ns_address, &cf_new->ns_address); X+ if (cf_new->ns_address) free(cf_new->ns_address); X+ memcpy( &cf->ns_ip_addr, &cf_new->ns_ip_addr, sizeof(struct in_addr)); X cf->ns_port = cf_new->ns_port; X netstate_init(cf->ns_port); X } X@@ -576,6 +603,12 @@ X free_object_list(cf_cur->target); X X if (cf_cur->rootdir) free(cf_cur->rootdir); X+ if (cf_cur->chrootdir) free(cf_cur->chrootdir); X+ if (cf_cur->username) free(cf_cur->username); X+ if (cf_cur->groupname) free(cf_cur->groupname); X+ if (cf_cur->srcaddress) free(cf_cur->srcaddress); X+ if (cf_cur->ns_address) free(cf_cur->ns_address); X+ if (cf_cur->trap_address) free(cf_cur->trap_address); X if (cf_cur->timefmt) free(cf_cur->timefmt); X X trap_init(cf_cur->enable_traps > 0); X@@ -649,6 +682,7 @@ X if (obj->descr) free(obj->descr); X if (obj->datadir) free(obj->datadir); X if (obj->address) free(obj->address); X+ if (obj->srcaddress) free(obj->srcaddress); X free_trap_list(obj->trap_list); X free_var_list(obj->var_list); X free_save_list(obj->save_list); X--- router.c.orig Mon Aug 25 16:07:07 2003 X+++ router.c Tue Sep 16 23:43:05 2003 X@@ -2214,6 +2214,8 @@ X METHOD *method; X { X SESSION *sd = method->sd; X+ struct sockaddr_in *from; X+ char ipaddr[20]; X X /* sanity check */ X if (!sd) { X@@ -2229,7 +2231,13 @@ X router_reply(errno, sd, 0); X return; X } X- X+ /* bind socket to local source address */ X+ from = (struct sockaddr_in *)&sd->me; X+ if ( from->sin_addr.s_addr != INADDR_ANY ) { X+ if( bind(sd->sock, &sd->me, sizeof(struct sockaddr) ) == -1 ) X+ report(LOG_WARNING, "router_start : bind failed for %s: %s", X+ intoa(ipaddr,from->sin_addr), strerror(*(__error())) ); X+ } X /* turn on non-blocking I/O */ X if (set_socket_async(sd->sock, TRUE) < 0) { X router_reply(errno, sd, 0); X@@ -2306,7 +2314,7 @@ X METHOD *method; X { X SESSION template; X- struct sockaddr_in *to; X+ struct sockaddr_in *to, *from; X X dprintf(("router_init(%s/%s)\n", target->name, method->name)); X X@@ -2321,6 +2329,10 @@ X to->sin_family = AF_INET; X to->sin_port = htons(method->rport); X to->sin_addr = method->address ? method->ip_addr : target->ip_addr; X+ from = (struct sockaddr_in *)&template.me; X+ bzero((char *)from, sizeof (struct sockaddr_in)); X+ from->sin_family = AF_INET; X+ from->sin_addr = target->ip_srcaddr; X template.timeout = method->timeout * 1000000L; /* make microseconds */ X template.retries = method->retries; X template.send = snmp_send; X--- scanconf.l.orig Fri Aug 22 16:37:41 2003 X+++ scanconf.l Wed Sep 17 00:28:19 2003 X@@ -88,6 +88,9 @@ X X /* token names */ X ROOTDIR [Rr]oot[Dd]ir X+CHROOTDIR [Cc]h[Rr]oot[Dd]ir X+USERNAME [Uu]ser[Nn]ame X+GROUPNAME [Gg]roup[Nn]ame X TIMEFMT [Tt]ime[Ff]mt X POLLING [Pp]olling X SAVING [Ss]aving X@@ -111,6 +114,8 @@ X X OBJECT [Oo]bject X ADDRESS [Aa]ddress X+SRCADDRESS [Ss]rc[Aa]ddress X+BINDADDRESS [Bb]ind[Aa]ddress X DESCRIPTION [Dd]escription|[Cc]omment X SERVICE [Ss]ervice X INTERFACE [Ii]nterface X@@ -144,6 +149,7 @@ X V2 [Vv]2 X X TRAP [Tt]rap X+TRAPBINDADDRESS [Tt]rap[Bb]ind[Aa]ddress X SOURCECHECK [Ss]ource[Cc]heck X COMMUNITY [Cc]ommunity X ENTERPRISE [Ee]nterprise X@@ -186,6 +192,12 @@ X X {ROOTDIR} { return TOKEN_ROOTDIR; } X X+{USERNAME} { return TOKEN_USERNAME; } X+ X+{GROUPNAME} { return TOKEN_GROUPNAME; } X+ X+{CHROOTDIR} { return TOKEN_CHROOTDIR; } X+ X {TIMEFMT} { return TOKEN_TIMEFMT; } X X {POLLING} { return TOKEN_POLLING; } X@@ -224,6 +236,10 @@ X X {ADDRESS} { return TOKEN_ADDRESS; } X X+{SRCADDRESS} { return TOKEN_SRCADDRESS; } X+ X+{BINDADDRESS} { return TOKEN_BINDADDRESS; } X+ X {DESCRIPTION} { return TOKEN_DESCRIPTION; } X X {SERVICE} { return TOKEN_SERVICE; } X@@ -285,6 +301,8 @@ X {V2} { return TOKEN_V2; } X X {TRAP} { return TOKEN_TRAP; } X+ X+{TRAPBINDADDRESS} { return TOKEN_TRAPBINDADDRESS; } X X {SOURCECHECK} { return TOKEN_SOURCECHECK; } X X--- session.c.orig Sat Aug 2 11:26:38 2003 X+++ session.c Tue Sep 16 23:43:05 2003 X@@ -59,6 +59,7 @@ X curr_session->method = template->method; X curr_session->sock = template->sock; X curr_session->peer = template->peer; X+ curr_session->me = template->me; X curr_session->timeout = template->timeout; X curr_session->retries = template->retries; X curr_session->connect = template->connect; X--- snmp.c.orig Tue Jul 20 17:51:25 2004 X+++ snmp.c Thu Aug 12 16:57:35 2004 X@@ -1214,6 +1214,8 @@ X { X SESSION *sd = method->sd; X int reqid; X+ struct sockaddr_in *from; X+ char ipaddr[20]; X X /* sanity check */ X if (!sd) return; X@@ -1225,7 +1227,13 @@ X snmp_reply(errno, sd, 0); X return; X } X- X+ /* bind datagram socket to local source address */ X+ from = (struct sockaddr_in *)&sd->me; X+ if ( from->sin_addr.s_addr != INADDR_ANY ) { X+ if( bind(sd->sock, &sd->me, sizeof(struct sockaddr) ) == -1 ) X+ report(LOG_WARNING, "snmp_start : bind failed for %s: %s", X+ intoa(ipaddr,from->sin_addr), strerror(*(__error())) ); X+ } X /* turn on non-blocking I/O */ X if (set_socket_async(sd->sock, TRUE) < 0) { X snmp_reply(errno, sd, 0); X@@ -1290,7 +1298,7 @@ X METHOD *method; X { X SESSION template; X- struct sockaddr_in *to; X+ struct sockaddr_in *to, *from; X X dprintf(("snmp_init(%s/%s)\n", target->name, method->name)); X X@@ -1305,6 +1313,10 @@ X to->sin_family = AF_INET; X to->sin_port = htons(method->rport); X to->sin_addr = method->address ? method->ip_addr : target->ip_addr; X+ from = (struct sockaddr_in *)&template.me; X+ bzero((char *)from, sizeof(struct sockaddr_in )); X+ from->sin_family = AF_INET; X+ from->sin_addr = target->ip_srcaddr; X template.timeout = method->timeout * 1000000L; /* make microseconds */ X template.retries = method->retries; X template.send = snmp_send; X--- tacacs.c.orig Mon Aug 25 18:20:41 2003 X+++ tacacs.c Tue Sep 16 23:43:05 2003 X@@ -302,6 +302,8 @@ X { X SESSION *sd = method->sd; X int reqid; X+ struct sockaddr_in *from; X+ char ipaddr[20]; X X /* sanity check */ X if (!sd) return; X@@ -314,6 +316,13 @@ X return; X } X X+ /* bind socket to local source address */ X+ from = (struct sockaddr_in *)&sd->me; X+ if ( from->sin_addr.s_addr != INADDR_ANY ) { X+ if( bind(sd->sock, &sd->me, sizeof(struct sockaddr) ) == -1 ) X+ report(LOG_WARNING, "tacacs_start : bind failed for %s: %s", X+ intoa(ipaddr,from->sin_addr), strerror(*(__error())) ); X+ } X /* turn on non-blocking I/O before connecting */ X if (set_socket_async(sd->sock, TRUE) < 0) { X tacacs_reply(errno, sd, 0); X@@ -415,7 +424,7 @@ X METHOD *method; X { X SESSION template; X- struct sockaddr_in *to; X+ struct sockaddr_in *to, *from; X X dprintf(("tacacs_init(%s/%s)\n", target->name, method->name)); X X@@ -430,6 +439,10 @@ X to->sin_family = AF_INET; X to->sin_port = htons(method->rport); X to->sin_addr = method->address ? method->ip_addr : target->ip_addr; X+ from = (struct sockaddr_in *)&template.me; X+ bzero((char *)from, sizeof(struct sockaddr_in)); X+ from->sin_family = AF_INET; X+ from->sin_addr = target->ip_srcaddr; X template.timeout = method->timeout * 1000000L; /* make microseconds */ X template.retries = method->retries; X template.connect = tacacs_connect; X--- tcp.c.orig Thu Mar 20 16:16:38 2003 X+++ tcp.c Tue Sep 16 23:43:05 2003 X@@ -319,6 +319,8 @@ X { X SESSION *sd = method->sd; X int tmpval; X+ struct sockaddr_in *from; X+ char ipaddr[20]; X X /* sanity check */ X if (!sd) return; X@@ -330,17 +332,13 @@ X tcp_close(errno, sd, 0); X return; X } X- X+ from = (struct sockaddr_in *)&sd->me; X /* allocate local port if required */ X if (method->lport_min) { X- struct sockaddr_in sin; X- X- sin.sin_family = AF_INET; X- sin.sin_addr.s_addr = htonl(INADDR_ANY); X tmpval = method->lport_min; X do { X- sin.sin_port = htons((u_short)tmpval); X- if (!bind(sd->sock, (struct sockaddr *)&sin, sizeof(sin))) { X+ from->sin_port = htons((u_short)tmpval); X+ if (!bind(sd->sock, &sd->me, sizeof(struct sockaddr))) { X tmpval = 0; X break; X } X@@ -354,6 +352,13 @@ X tcp_close(EAGAIN, sd, 0); X return; X } X+ } else { X+ /* bind socket to local source address */ X+ if ( from->sin_addr.s_addr != INADDR_ANY ) { X+ if( bind(sd->sock, &sd->me, sizeof(struct sockaddr) ) == -1 ) X+ report(LOG_WARNING, "tcp_start : bind failed for %s: %s", X+ intoa(ipaddr,from->sin_addr), strerror(*(__error())) ); X+ } X } X X /* turn on non-blocking I/O before connecting */ X@@ -424,7 +429,7 @@ X METHOD *method; X { X SESSION template; X- struct sockaddr_in *to; X+ struct sockaddr_in *to, *from; X X dprintf(("tcp_init(%s/%s)\n", target->name, method->name)); X X@@ -439,6 +444,10 @@ X to->sin_family = AF_INET; X to->sin_port = htons(method->rport); X to->sin_addr = method->address ? method->ip_addr : target->ip_addr; X+ from = (struct sockaddr_in *)&template.me; X+ bzero((char *)from, sizeof(struct sockaddr_in)); X+ from->sin_family = AF_INET; X+ from->sin_addr = target->ip_srcaddr; X template.timeout = method->timeout * 1000000L; /* make microseconds */ X template.retries = method->retries; X template.connect = tcp_connect; X--- trap.c.orig Wed Sep 17 00:00:56 2003 X+++ trap.c Wed Sep 17 00:35:21 2003 X@@ -40,9 +40,10 @@ X { X static struct sockaddr_in sin; X X+ if (trap_sock != -1) /* already enabled */ X+ close(trap_sock); X+ X if (enable) { X- if (trap_sock != -1) /* already enabled */ X- return 0; X X if ((trap_sock = socket(AF_INET, SOCK_DGRAM, 0)) < 0) { X report(LOG_ERR, "socket: %m"); X@@ -51,17 +52,15 @@ X memset(&sin, 0, sizeof(sin)); X sin.sin_family = AF_INET; X sin.sin_port = htons(SNMPTRAP_PORT); X- sin.sin_addr.s_addr = INADDR_ANY; X+ sin.sin_addr = cf->trap_ip_addr; X if (bind(trap_sock, (struct sockaddr *)&sin, sizeof(sin)) < 0) { X report(LOG_ERR, "bind port %d: %m", ntohs(sin.sin_port)); X close(trap_sock); X trap_sock = -1; X return -1; X } X- } else if (trap_sock != -1) { X- close(trap_sock); X+ } else X trap_sock = -1; X- } X return 0; X } X X--- udp.c.orig Sat Aug 2 11:40:56 2003 X+++ udp.c Tue Sep 16 23:43:05 2003 X@@ -197,6 +197,8 @@ X { X SESSION *sd = method->sd; X int tmpval; X+ struct sockaddr_in *from; X+ char ipaddr[20]; X X /* sanity check */ X if (!sd) return; X@@ -208,17 +210,13 @@ X udp_close(errno, sd, 0); X return; X } X- X+ from = (struct sockaddr_in *)&sd->me; X /* allocate local port if required */ X if (method->lport_min) { X- struct sockaddr_in sin; X- X- sin.sin_family = AF_INET; X- sin.sin_addr.s_addr = htonl(INADDR_ANY); X tmpval = method->lport_min; X do { X- sin.sin_port = htons((u_short)tmpval); X- if (!bind(sd->sock, (struct sockaddr *)&sin, sizeof(sin))) { X+ from->sin_port = htons((u_short)tmpval); X+ if (!bind(sd->sock, &sd->me, sizeof(struct sockaddr))) { X tmpval = 0; X break; X } X@@ -232,6 +230,13 @@ X udp_close(EAGAIN, sd, 0); X return; X } X+ } else { X+ /* bind socket to local source address */ X+ if ( from->sin_addr.s_addr != INADDR_ANY ) { X+ if( bind(sd->sock, &sd->me, sizeof(struct sockaddr) ) == -1 ) X+ report(LOG_WARNING, "udp_start : bind failed for %s: %s", X+ intoa(ipaddr,from->sin_addr), strerror(*(__error())) ); X+ } X } X X /* turn on non-blocking I/O */ X@@ -298,7 +303,7 @@ X METHOD *method; X { X SESSION template; X- struct sockaddr_in *to; X+ struct sockaddr_in *to, *from; X X dprintf(("udp_init(%s/%s)\n", target->name, method->name)); X X@@ -313,6 +318,10 @@ X to->sin_family = AF_INET; X to->sin_port = htons(method->rport); X to->sin_addr = method->address ? method->ip_addr : target->ip_addr; X+ from = (struct sockaddr_in *)&template.me; X+ bzero((char *)from, sizeof(struct sockaddr_in)); X+ from->sin_family = AF_INET; X+ from->sin_addr = target->ip_srcaddr; X template.timeout = method->timeout * 1000000L; /* make microseconds */ X template.retries = method->retries; X template.send = udp_send; X--- util.c.orig Tue Aug 26 10:53:17 2003 X+++ util.c Wed Sep 17 00:36:47 2003 X@@ -1415,16 +1415,27 @@ X printf("NetState %s\n", cf->ns_port ? "enabled" : "disabled"); X if (cf->ns_port) { X printf("\tPort = %d\n", cf->ns_port); X+ if (cf->ns_address) X+ printf("\tBindAddress = \"%s\" [%s]\n", cf->ns_address, intoa(ipaddr, cf->ns_ip_addr)); X #ifndef HAVE_PTHREAD X printf("\tTimeout = %d sec.\n", cf->ns_timo); X #endif X print_group_ref("\t", cf->ns_acl); X } X+ printf("SrcAddress = \"%s\" [%s]\n", (cf->srcaddress!=NULL ) ? cf->srcaddress : "default", X+ intoa(ipaddr, cf->ip_srcaddr)); X X+ printf("UserName = \"%s\" [%d]\n", cf->username, cf->uid); X+ printf("GroupName = \"%s\" [%d]\n", cf->groupname, cf->gid); X+ X+ if (cf->chrootdir) X+ printf("ChRootDir = \"%s\"\n", cf->chrootdir ); X printf("Traps "); X if (cf->enable_traps > 0) { X printf("enabled"); X if (cf->source_traps > 0) printf(" (sourcecheck)"); X+ if (cf->trap_address) X+ printf("\n\tTrapBindAddress = \"%s\" [%s]", cf->trap_address, intoa(ipaddr, cf->trap_ip_addr)); X } else printf("disabled"); X printf("\n"); X X@@ -1434,6 +1445,8 @@ X printf("\tDescription = \"%s\"\n", target->descr); X printf("\tAddress = \"%s\" [%s]\n", target->address, X intoa(ipaddr, target->ip_addr)); X+ printf("\tSrcAddress = \"%s\" [%s]\n", (target->srcaddress!=NULL) ? target->srcaddress : "default", X+ intoa(ipaddr, target->ip_srcaddr)); X if (target->polling > 0) X printf("\tPolling = %d sec.\n", target->polling); X else printf("\tPolling disabled\n"); X--- regex.h.orig Wed Sep 24 17:22:56 2003 X+++ regex.h Wed Sep 24 17:37:09 2003 X@@ -21,12 +21,12 @@ X */ X #define MAXDFA 1024 X #define MAXTAG 10 X-#define MAXCHR 128 X+#define MAXCHR 256 X #define CHRBIT 8 X #define BITBLK MAXCHR/CHRBIT X #define BLKIND 0170 X #define BITIND 07 X-#define ASCIIB 0177 X+#define ASCIIB 0255 X X typedef /*unsigned*/ char CHAR; X X--- regex.c.orig Wed Sep 24 17:09:07 2003 X+++ regex.c Thu Sep 25 15:26:47 2003 X@@ -554,12 +554,12 @@ X * the bitset form, since we may wish to extend it X * in the future for other character classifications. X * X- * TRUE for 0-9 A-Z a-z _ X+ * TRUE for 0-9 A-Z a-z _ â-ó Â-Ó X */ X static char chrtyp[MAXCHR] = { X- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, X- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, X- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, X+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, X+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, X+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, X 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, X 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, X 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, X@@ -569,10 +569,23 @@ X 1, 0, 0, 0, 0, 1, 0, 1, 1, 1, X 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, X 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, X- 1, 1, 1, 0, 0, 0, 0, 0 X+ 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, // 120-129 X+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 130-139 X+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 140-149 X+ 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, // 160-169 163=_ X+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, // 170-179 179=_ X+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 180-189 X+ 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, // 190-199 X+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, // 200-209 X+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, // 210-219 X+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, // 220-229 X+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, // 230-239 X+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, // 240-249 X+ 1, 1, 1, 1, 1, 1 // 250-255 X }; X X-#define inascii(x) (0177&(x)) X+//#define inascii(x) (0177&(x)) X+#define inascii(x) (0255&(x)) X #define iswordc(x) chrtyp[inascii(x)] X #define isinset(x, y) ((x)[((y)&BLKIND)>>3] & (1<<((y)&BITIND))) X END-of-netmond/files/patch-AA exit
State Changed From-To: feedback->closed Committed, thanks!