pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/net/tcpflow Update net/tcpflow to 1.4.5.



details:   https://anonhg.NetBSD.org/pkgsrc/rev/3c046dfaf1c9
branches:  trunk
changeset: 364783:3c046dfaf1c9
user:      jperkin <jperkin%pkgsrc.org@localhost>
date:      Tue Jul 04 13:50:41 2017 +0000

description:
Update net/tcpflow to 1.4.5.

This package was last updated in 2004, since then it has changed maintainers
and looks quite different.  An incomplete changelog is as follows:

Version 1.3.1 NOV ??

        Complete rewrite of the TCP state machine, now handles flows larger
        than 4GiB.

Version 1.3.0 SEP 30 2012

        Release for end of FY2012, includes bug fixes, better support for
        autoconf, DFXML standardizations, and the ability to compile under
        mingw for Windows (that was a LOT of work).

Version 1.2.7 May 24 2012 (GIT)

        Version 1.2.7 offers two significant features over previous versions
        relating to the processing of the -r and the new -R options.

          -r file1.pcap - This option specifies a pcap file to be read.
                          New with version 1.2.7, the -r flag may be
                          repeated any number of times.

          -R file0.pcap - This option, new with version 1.2.7, allows a file
                          to be specified that was captured in time *before*
                          the file specified with -r. This option allows TCP
                          sessions that started in file0.pcap and which
                          continued into file1.pcap to be properly
                          started. This option is useful when some external
                          process makes packet capture files at regular
                          intervals and then the files are reassembled
                          later. Typically these files result from tcpdump run
                          with the -w or -C options.

Version 1.2 March 15 2012 (SVN )

        Version 1.2 is the first to include post-processing of TCP connections
        integrated directly into the tcpflow program itself. post-processing
        is optional and is performed on a per-connection basis when the
        connection is closed.

        The following post-processing method methods are currently defined.

         -FM - Compute the MD5 hash value of every stream on close. Currently
               MD5 hashes are only computed for TCP streams that contain
               packets transmitted contigiously. -FM processing can happen
               even when output is suppressed. The MD5 is written into the
               DFXML file.

         -AH - Detect Email/HTTP responses and separate headers from
               body. This requires that the output files be captured.

               If the output file is
                  208.111.153.175.00080-192.168.001.064.37314,

               Then the post-processing will create the files:
                  208.111.153.175.00080-192.168.001.064.37314-HTTP
                  208.111.153.175.00080-192.168.001.064.37314-HTTPBODY

               If the HTTPBODY was compressed with GZIP, you may get a
               third file as well:

                  208.111.153.175.00080-192.168.001.064.37314-HTTPBODY-GZIP

               Additional information about these streams, such as their MD5
               hash value, is also written to the DFXML file

Version 1.1.0 19 January 2012 (SVN 8118)

        Version 1.1 represents a significant rewrite of tcpflow. All users are
        encouraged to upgrade.

        Significant changes include:

        * Entire code base migrated to C++ ; code generally
          improved. tcpflow's original hash table has been replaced with a
          tr1::unordered_map which should offer significantly more
          scalability.

        * tcpflow now automatically expires out old connections. This finally
          end the program's memory-hogging problem. (You can disable this
          behavior with -P, which makes tcpflow run faster because it never
          cleans up after itself. That's fine if you are working with less
          than a million connections.)

        * Multiple connections with the same (source/destination) are now
          detected and stored in different files. This is significant, as the
          previous implementation would make a single file 1-2GB in length if
          you the same host/port pairs with two different flows. Additional
          files have the same filename and a "c0001", "c0002" appended.

        * Filenames may now be prefixed with either the ISO8601 time or a Unix
          timestamp  indicating the time that the connection was first seen.

        * tcpflow will now save a DFXML file containing information for each
          flow that it reconstructs.

        * The following new options are now implemented:

          -o outdir --- now works (previously was not implemented)
          -X xmfile --- now reports execution results in a DFXML
                        file. (Version 1.1 will include complete notion in the
                        XML file of every TCP connection as a DFXML <fileobject>
          -Fc       --- Every file has the 'cXXXX' postfix, rather than just
                        the files with duplicate source/destination.
          -Ft       --- Every file has the <time_t>T prefix.
          -FT       --- Every file has an ISO8601 time prefix,
                        e.g. 2012-01-01T09:45:15Z
          -mNNNN    --- Specifies the minimum number of bytes that need to be
                        skipped in a TCP connection before a new
          -Lname    --- use the named semaphore 'name' to prevent multiple
                        tcpflow processes printing to standard output from
                        overprinting each other.
          -P        --- do not prune the tcp connection table.

        Other improvements include:

        * Support for IPv6

        * Support for VLANs

        * The default filter which was causing problems under MacOS has been
          removed.

Version 1.0.4 November 24, 2011
        * Default fitler changed to ""; previous default filter was causing
          problems on macs.

Version 1.0.2 September 30, 2011
        * IPv6 code added

Version 1.0.0 January 2011
        * Updated to support VLANs. VLAN packets are marked by hex 0x8100
          following the destination and source mac addresses, followed by the
          16-bit VLAN address, followed by 0x0800 marking the beginning of the
          traditional IP header.

Version 0.30 October 2007
        * Simson Garfinkel <simsong%acm.org@localhost> is now the maintainer of this
          package
        * Modified to set the time of each tcpflow with the time of the first
          packet.
        * Created a regression test, so "make check" and "make distcheck" now
          work.
        * Updated to modern autoconf tools.

diffstat:

 net/tcpflow/Makefile                              |  20 +++-
 net/tcpflow/distinfo                              |  18 ++--
 net/tcpflow/options.mk                            |  12 +++
 net/tcpflow/patches/patch-aa                      |  12 ---
 net/tcpflow/patches/patch-ab                      |  60 ---------------
 net/tcpflow/patches/patch-ac                      |  13 ---
 net/tcpflow/patches/patch-ad                      |  92 -----------------------
 net/tcpflow/patches/patch-ae                      |  29 -------
 net/tcpflow/patches/patch-configure               |  42 ++++++++++
 net/tcpflow/patches/patch-src_tcpip.cpp           |  16 ++++
 net/tcpflow/patches/patch-tests_test-multifile.sh |  15 +++
 11 files changed, 108 insertions(+), 221 deletions(-)

diffs (truncated from 385 to 300 lines):

diff -r f5736e3178ee -r 3c046dfaf1c9 net/tcpflow/Makefile
--- a/net/tcpflow/Makefile      Tue Jul 04 13:38:17 2017 +0000
+++ b/net/tcpflow/Makefile      Tue Jul 04 13:50:41 2017 +0000
@@ -1,16 +1,26 @@
-# $NetBSD: Makefile,v 1.11 2013/02/06 19:31:01 jperkin Exp $
+# $NetBSD: Makefile,v 1.12 2017/07/04 13:50:41 jperkin Exp $
 #
 
-DISTNAME=      tcpflow-0.21
-PKGREVISION=   2
+DISTNAME=      tcpflow-1.4.5
 CATEGORIES=    net security
-MASTER_SITES=  http://www.circlemud.org/pub/jelson/tcpflow/
+MASTER_SITES=  http://downloads.digitalcorpora.org/downloads/tcpflow/
 
 MAINTAINER=    pkgsrc-users%NetBSD.org@localhost
-HOMEPAGE=      http://www.circlemud.org/~jelson/software/tcpflow/
+HOMEPAGE=      https://github.com/simsong/tcpflow
 COMMENT=       Captures data transmitted as part of TCP connections
+LICENSE=       gnu-gpl-v3
+
+USE_LANGUAGES= c c++
 
 GNU_CONFIGURE= YES
 
+CPPFLAGS.SunOS+=       -Du_int8_t=uint8_t -Du_int16_t=uint16_t -DMAP_FILE=0
+CPPFLAGS.SunOS+=       -Du_int32_t=uint32_t -Du_int64_t=uint64_t
+
+.include "options.mk"
+
+.include "../../devel/boost-libs/buildlink3.mk"
+.include "../../devel/zlib/buildlink3.mk"
 .include "../../net/libpcap/buildlink3.mk"
+.include "../../security/openssl/buildlink3.mk"
 .include "../../mk/bsd.pkg.mk"
diff -r f5736e3178ee -r 3c046dfaf1c9 net/tcpflow/distinfo
--- a/net/tcpflow/distinfo      Tue Jul 04 13:38:17 2017 +0000
+++ b/net/tcpflow/distinfo      Tue Jul 04 13:50:41 2017 +0000
@@ -1,11 +1,9 @@
-$NetBSD: distinfo,v 1.7 2015/11/04 00:35:39 agc Exp $
+$NetBSD: distinfo,v 1.8 2017/07/04 13:50:41 jperkin Exp $
 
-SHA1 (tcpflow-0.21.tar.gz) = 08eeb8532e1f713db2587580d759ebad813a0b49
-RMD160 (tcpflow-0.21.tar.gz) = 250ed27f1a49f4eda4b274857c11762be8261209
-SHA512 (tcpflow-0.21.tar.gz) = aec7978e88c67671523187eadcf28ba4ef09394a461a7b65a5f5f23af5e87501567f9a3467be824b67ef7b31c554c91d82f25ba0f928308a32e701792095d8d1
-Size (tcpflow-0.21.tar.gz) = 79369 bytes
-SHA1 (patch-aa) = afea3a5b0fb01ac9af87f63881fdf502dc082899
-SHA1 (patch-ab) = f506c51be721f5dcd484028edc3cd0fa56b795fa
-SHA1 (patch-ac) = 78a92e7e6407810e77799c00d2b3b42ba2522a32
-SHA1 (patch-ad) = d0162fab2dcc226c3bf8a5e0d1daec58faa378f7
-SHA1 (patch-ae) = d858f06b73cbe04001fd9a4a65742df45a157a37
+SHA1 (tcpflow-1.4.5.tar.gz) = a86ca927ec68e7a05cdc0da436e365504fdab27b
+RMD160 (tcpflow-1.4.5.tar.gz) = 2f30ea47f301fb4737fc3911c1d94f8c53e5db0f
+SHA512 (tcpflow-1.4.5.tar.gz) = e31b278b8f4e97b6d1ffb6f8f145a56806963271ab96204ba555ab88049dedc5a13adf78b7775e96e92fe48bbf5116781810cef0d3374231764af059fc09dd97
+Size (tcpflow-1.4.5.tar.gz) = 450450 bytes
+SHA1 (patch-configure) = 1cd65ab0ae845d908813773bcc6bc5f3fbd135d0
+SHA1 (patch-src_tcpip.cpp) = 0ff720b2192ba879c390bb5f82d0e0e240e26078
+SHA1 (patch-tests_test-multifile.sh) = 7c614f53a6664b74540ee54f7cb61dfa3934d978
diff -r f5736e3178ee -r 3c046dfaf1c9 net/tcpflow/options.mk
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/tcpflow/options.mk    Tue Jul 04 13:50:41 2017 +0000
@@ -0,0 +1,12 @@
+# $NetBSD: options.mk,v 1.1 2017/07/04 13:50:41 jperkin Exp $
+
+PKG_OPTIONS_VAR=       PKG_OPTIONS.tcpflow
+PKG_SUPPORTED_OPTIONS= cairo
+
+.include "../../mk/bsd.options.mk"
+
+.if !empty(PKG_OPTIONS:Mcairo)
+.include "../../graphics/cairo/buildlink3.mk"
+.else
+CONFIGURE_ARGS+=        --enable-cairo=false
+.endif
diff -r f5736e3178ee -r 3c046dfaf1c9 net/tcpflow/patches/patch-aa
--- a/net/tcpflow/patches/patch-aa      Tue Jul 04 13:38:17 2017 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,12 +0,0 @@
-$NetBSD: patch-aa,v 1.3 2004/12/29 11:51:39 adrianp Exp $
-
---- src/datalink.c.orig        1999-04-21 10:40:13.000000000 +0900
-+++ src/datalink.c     2004-08-20 16:02:02.000000000 +0900
-@@ -64,7 +64,6 @@
- #ifndef DLT_NULL_BROKEN
-   /* make sure this is AF_INET */
-   memcpy((char *)&family, (char *)p, sizeof(family));
--  family = ntohl(family);
-   if (family != AF_INET) {
-     DEBUG(6) ("warning: received non-AF_INET null frame (type %d)", family);
-     return;
diff -r f5736e3178ee -r 3c046dfaf1c9 net/tcpflow/patches/patch-ab
--- a/net/tcpflow/patches/patch-ab      Tue Jul 04 13:38:17 2017 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,60 +0,0 @@
-$NetBSD: patch-ab,v 1.1 2006/01/02 19:23:40 adrianp Exp $
-
---- src/main.c.orig    2003-08-07 08:35:24.000000000 +0100
-+++ src/main.c
-@@ -70,7 +70,9 @@ int bytes_per_flow = 0;
- int max_flows = 0;
- int max_desired_fds = 0;
- int console_only = 0;
-+int supress_header = 0;
- int strip_nonprint = 0;
-+int use_colour = 0;
- 
- char error[PCAP_ERRBUF_SIZE];
- 
-@@ -79,11 +81,13 @@ void print_usage(char *progname)
- {
-   fprintf(stderr, "%s version %s by Jeremy Elson <jelson%circlemud.org@localhost>\n\n",
-                PACKAGE, VERSION);
--  fprintf(stderr, "usage: %s [-chpsv] [-b max_bytes] [-d debug_level] [-f max_fds]\n", progname);
-+  fprintf(stderr, "usage: %s [-cCehpsv] [-b max_bytes] [-d debug_level] [-f max_fds]\n", progname);
-   fprintf(stderr, "          [-i iface] [-w file] [expression]\n\n");
-   fprintf(stderr, "        -b: max number of bytes per flow to save\n");
-   fprintf(stderr, "        -c: console print only (don't create files)\n");
-+  fprintf(stderr, "        -C: console print only, but without the display of source/dest header\n");
-   fprintf(stderr, "        -d: debug level; default is %d\n", DEFAULT_DEBUG_LEVEL);
-+  fprintf(stderr, "        -e: use colours when printing to console\n");
-   fprintf(stderr, "        -f: maximum number of file descriptors to use\n");
-   fprintf(stderr, "        -h: print this help message\n");
-   fprintf(stderr, "        -i: network interface on which to listen\n");
-@@ -124,7 +128,7 @@ int main(int argc, char *argv[])
- 
-   opterr = 0;
- 
--  while ((arg = getopt(argc, argv, "b:cd:f:hi:pr:sv")) != EOF) {
-+  while ((arg = getopt(argc, argv, "b:cCd:ef:hi:pr:sv")) != EOF) {
-     switch (arg) {
-     case 'b':
-       if ((bytes_per_flow = atoi(optarg)) < 0) {
-@@ -134,6 +138,10 @@ int main(int argc, char *argv[])
-       DEBUG(10) ("capturing max of %d bytes per flow", bytes_per_flow);
-       }
-       break;
-+    case 'C':
-+      supress_header = 1;
-+      DEBUG(10) ("packet header dump suppressed");
-+      /* fall through */
-     case 'c':
-       console_only = 1;
-       DEBUG(10) ("printing packets to console only");
-@@ -148,6 +156,10 @@ int main(int argc, char *argv[])
-       DEBUG(1) ("warning: -d flag with 0 debug level '%s'", optarg);
-       }
-       break;
-+    case 'e':
-+      use_colour  = 1;
-+      DEBUG(10) ("Using colours");
-+      break;
-     case 'f':
-       if ((max_desired_fds = atoi(optarg)) < (NUM_RESERVED_FDS + 2)) {
-       DEBUG(1) ("warning: -f flag must be used with argument >= %d",
diff -r f5736e3178ee -r 3c046dfaf1c9 net/tcpflow/patches/patch-ac
--- a/net/tcpflow/patches/patch-ac      Tue Jul 04 13:38:17 2017 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,13 +0,0 @@
-$NetBSD: patch-ac,v 1.1 2006/01/02 19:23:40 adrianp Exp $
-
---- src/tcpflow.h.orig 2001-08-08 20:39:40.000000000 +0100
-+++ src/tcpflow.h
-@@ -133,7 +133,7 @@ void process_tcp(const u_char *data, u_i
-                u_int32_t dst);
- void print_packet(flow_t flow, const u_char *data, u_int32_t length);
- void store_packet(flow_t flow, const u_char *data, u_int32_t length,
--                u_int32_t seq);
-+                u_int32_t seq, int syn_set);
- u_char *do_strip_nonprint(const u_char *data, u_int32_t length);
- 
- /* flow.c */
diff -r f5736e3178ee -r 3c046dfaf1c9 net/tcpflow/patches/patch-ad
--- a/net/tcpflow/patches/patch-ad      Tue Jul 04 13:38:17 2017 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,92 +0,0 @@
-$NetBSD: patch-ad,v 1.1 2006/01/02 19:23:40 adrianp Exp $
-
---- src/tcpip.c.orig   2001-08-24 06:36:14.000000000 +0100
-+++ src/tcpip.c
-@@ -55,8 +55,11 @@ static char *cvsid = "$Id: tcpip.c,v 1.1
- #include "tcpflow.h"
- 
- extern int console_only;
-+extern int supress_header;
- extern int bytes_per_flow;
- extern int strip_nonprint;
-+extern int use_colour;
-+
- 
- /*************************************************************************/
- 
-@@ -133,7 +136,7 @@ void process_tcp(const u_char *data, u_i
-   tcp_header_len = tcp_header->th_off * 4;
- 
-   /* return if this packet doesn't have any data (e.g., just an ACK) */
--  if (length <= tcp_header_len) {
-+  if (length <= tcp_header_len  && tcp_header->th_flags != TH_SYN ) {
-     DEBUG(50) ("got TCP segment with no data");
-     return;
-   }
-@@ -158,7 +161,7 @@ void process_tcp(const u_char *data, u_i
-   if (console_only) {
-     print_packet(this_flow, data, length);
-   } else {
--    store_packet(this_flow, data, length, seq);
-+    store_packet(this_flow, data, length, seq, IS_SET(tcp_header->th_flags, TH_SYN));
-   }
- }
- 
-@@ -188,8 +191,34 @@ u_char *do_strip_nonprint(const u_char *
- /* print the contents of this packet to the console */
- void print_packet(flow_t flow, const u_char *data, u_int32_t length)
- {
--  printf("%s: ", flow_filename(flow));
-+  static int current_colour = 0;
-+  char *colour[2]            = { "\033[0;34m",   // blue
-+                                 "\033[0;31m" }; // red
-+
-+  if ( use_colour )
-+  {
-+    printf( "%s", colour[ current_colour ] );
-+    if ( current_colour == 1 ) 
-+    { 
-+      current_colour = 0; 
-+    }
-+    else
-+    {
-+      current_colour = 1;
-+    }
-+  }
-+
-+  if ( supress_header == 0 )
-+  {
-+      printf("%s: ", flow_filename(flow));
-+  }
-+
-   fwrite(data, length, 1, stdout);
-+
-+  if ( use_colour ) 
-+  {
-+    printf("\033[0m");
-+  }
-   putchar('\n');
-   fflush(stdout);
- }
-@@ -197,7 +226,7 @@ void print_packet(flow_t flow, const u_c
- 
- /* store the contents of this packet to its place in its file */
- void store_packet(flow_t flow, const u_char *data, u_int32_t length,
--                u_int32_t seq)
-+                u_int32_t seq, int syn_set)
- {
-   flow_state_t *state;
-   tcp_seq offset;
-@@ -208,6 +237,12 @@ void store_packet(flow_t flow, const u_c
-     state = create_flow_state(flow, seq);
-   }
- 
-+  /* If we got a SYN reset the sequence number */
-+  if (syn_set) 
-+  {
-+    state->isn = seq - state->pos +1;
-+  }
-+
-   /* if we're done collecting for this flow, return now */
-   if (IS_SET(state->flags, FLOW_FINISHED))
-     return;
diff -r f5736e3178ee -r 3c046dfaf1c9 net/tcpflow/patches/patch-ae
--- a/net/tcpflow/patches/patch-ae      Tue Jul 04 13:38:17 2017 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,29 +0,0 @@
-$NetBSD: patch-ae,v 1.1 2006/01/02 19:23:40 adrianp Exp $
-
---- doc/tcpflow.1.in.orig      2001-02-26 23:01:30.000000000 +0000
-+++ doc/tcpflow.1.in
-@@ -6,7 +6,7 @@ tcpflow \- TCP flow recorder 
- .na
- .B tcpflow
- [\c
--.BI \-chpsv\fR\c
-+.BI \-cCehpsv\fR\c
- ]
- [\c
- .BI \-b \ max_bytes\fR\c
-@@ -62,6 +62,15 @@ are received, without storing any captur
- .B -s
- ).
- .TP
-+.B \-C
-+Console print without the packet source and destination details being printed.  Print the contents of packets to stdout as they
-+are received, without storing any captured data to files (implies
-+.B -s
-+).
-+.TP
-+.B \-e
-+When outputting to the console each flow will be output in alternating colours.
-+.TP
- .B \-d
- Debug level.  Set the level of debugging messages printed to stderr to
- \fIdebug_level\fP.  Higher numbers produce more messages.



Home | Main Index | Thread Index | Old Index