ports/67838: [MAINTAINER] net-mgmt/arpwatch-devel: add support for interface labels

Matthew George mdg at secureworks.net
Fri Jun 11 17:00:44 UTC 2004 

>Number:         67838
>Category:       ports
>Synopsis:       [MAINTAINER] net-mgmt/arpwatch-devel: add support for interface labels
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Fri Jun 11 17:00:43 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator:     Matthew George
>Release:        FreeBSD 5.2-CURRENT i386
>Organization:
SecureWorks
>Environment:
System: FreeBSD mdg.secureworks.net 5.2-CURRENT FreeBSD 5.2-CURRENT #2: Mon Mar 29 12:02:58 EST 2004 mdg at mdg.secureworks.net:/usr/obj/usr/src/sys/GENERIC i386


>Description:

	This adds support for labeling interfaces in arpwatch reports.
Labels are created by making a symlink in the arpwatch data directory that
points at the textual description (e.g. ln -s "Internal Network" dc0).

>How-To-Repeat:
>Fix:

--- Makefile.orig	Fri Jun 11 12:44:09 2004
+++ Makefile	Fri Jun 11 12:44:42 2004
@@ -7,7 +7,7 @@

 PORTNAME=	arpwatch
 PORTVERSION=	2.1.a11
-PORTREVISION=	2
+PORTREVISION=	3
 CATEGORIES=	net-mgmt
 MASTER_SITES=	http://www.Awfulhak.org/arpwatch/ \
 		ftp://ftp.ee.lbl.gov/


--- patch-ad.orig	Fri Jun 11 12:37:24 2004
+++ patch-ad	Fri Jun 11 12:37:30 2004
@@ -1,5 +1,11 @@
---- ../arpwatch-2.1a11/arpwatch.8	Sun Oct  8 16:31:28 2000
-+++ ./arpwatch.8	Mon Sep 15 17:30:45 2003
+--- arpwatch.8.orig	Sun Oct  8 16:31:28 2000
++++ arpwatch.8	Fri Jun 11 12:35:32 2004
+@@ -1,4 +1,4 @@
+-.\" @(#) $Id: arpwatch.8,v 1.13 2000/10/08 20:31:25 leres Exp $ (LBL)
++.\" @(#) $Id: arpwatch.8,v 1.5 2004/06/11 16:26:22 mdg Exp $ (LBL)
+ .\"
+ .\" Copyright (c) 1992, 1994, 1996, 1997, 2000
+ .\"	The Regents of the University of California.  All rights reserved.
 @@ -30,7 +30,10 @@
  .B -dN
  ] [
@@ -57,7 +63,7 @@
  .LP
  The
  .B -r
-@@ -96,6 +120,8 @@
+@@ -96,21 +120,31 @@
  .LP
  Note that an empty
  .I arp.dat
@@ -66,17 +72,22 @@
  file must be created before the first time you run
  .BR arpwatch .
  .LP
-@@ -105,12 +131,19 @@
+ .SH "REPORT MESSAGES"
+ Here's a quick list of the report messages generated by
+-.BR arpwatch (1)
++.BR arpwatch
  (and
- .BR arpsnmp (1)):
- .TP
+-.BR arpsnmp (1)):
++.BR arpsnmp
++):
++.TP
 +.B "new ethernet device"
 +The ethernet address has not been seen before.
 +.TP
 +.B "ethernet device changed interfaces"
 +An ethernet address associated with one interface has moved to a
 +different interface.
-+.TP
+ .TP
  .B "new activity"
  This ethernet/ip address pair has been used for the first time six
  months or more.
@@ -88,7 +99,23 @@
  .TP
  .B "flip flop"
  The ethernet address has changed from the most recently seen address to
-@@ -152,8 +185,9 @@
+@@ -148,12 +182,25 @@
+ .B "suppressed DECnet flip flop"
+ A "flip flop" report was suppressed because one of the two
+ addresses was a DECnet address.
++.SH "INTERFACE LABELS"
++Interfaces can be assigned labels that are displayed in reports
++next to the interface name.  This is useful for identifying connected
++networks.  In order to assign a label, create a symbolic link in
++the arpwatch data directory.  The link should have the same name
++as the interface, and should point to the textual label.  For example:
++.LP
++ln -s "Internal Network" dc0
++.LP
++Labels are read when
++.BR arpwatch
++initializes.  The process must be restarted for label changes to take effect.
+ .SH FILES
  .na
  .nh
  .nf
--- patch-an.orig	Fri Jun 11 12:39:54 2004
+++ patch-an	Fri Jun 11 12:36:33 2004
@@ -1,7 +1,16 @@
 --- report.c.orig	Sat Sep 30 19:41:10 2000
-+++ report.c	Tue Apr 13 14:39:50 2004
++++ report.c	Fri Jun 11 12:35:32 2004
+@@ -20,7 +20,7 @@
+  */
+ #ifndef lint
+ static const char rcsid[] =
+-    "@(#) $Id: report.c,v 1.46 2000/09/30 23:41:04 leres Exp $ (LBL)";
++    "@(#) $Id: report.c,v 1.8 2004/06/10 19:56:57 mdg Exp $ (LBL)";
+ #endif
+
+ /*
 @@ -45,6 +45,8 @@
-
+
  #include <ctype.h>
  #include <errno.h>
 +#include <fcntl.h>
@@ -10,17 +19,26 @@
  #include <stdio.h>
  #include <stdlib.h>
 @@ -70,6 +72,8 @@
-
+
  #define PLURAL(n) ((n) == 1 || (n) == -1 ? "" : "s")
-
+
 +extern char *Watcher;
 +
  static int cdepth;	/* number of outstanding children */
-
+
  static char *fmtdate(time_t);
-@@ -232,15 +236,16 @@
+@@ -77,6 +81,8 @@
+ RETSIGTYPE reaper(int);
+ static int32_t gmt2local(void);
+
++extern struct ifdesc *if_desc;
++
+ static char *
+ fmtdelta(register time_t t)
+ {
+@@ -232,28 +238,37 @@
  }
-
+
  void
 -report(register char *title, register u_int32_t a, register u_char *e1,
 -    register u_char *e2, register time_t *t1p, register time_t *t2p)
@@ -38,10 +56,15 @@
  	char *watchee = WATCHEE;
  	char *sendmail = PATH_SENDMAIL;
  	char *unknown = "<unknown>";
-@@ -251,9 +256,15 @@
+ 	char buf[132];
++	char *newif, *newif_old;
+ 	static int init = 0;
++	struct ifdesc *idp = if_desc;
+
+ 	/* No report until we're initialized */
  	if (initializing)
  		return;
-
+
 +	/* these types are sent to syslog instead of reported on.
 +	 * only continue if there are other events as well
 +	 */
@@ -55,16 +78,44 @@
  			return;
  		}
  		f = stdout;
-@@ -270,7 +281,7 @@
+@@ -270,7 +285,7 @@
  		}
-
+
  		/* Syslog this event too */
 -		dosyslog(LOG_NOTICE, title, a, e1, e2);
 +		dosyslog(LOG_NOTICE, "event", a, e1, e2);
-
+
  		/* Update child depth */
  		++cdepth;
-@@ -303,13 +314,32 @@
+@@ -286,6 +301,7 @@
+
+ 		/* Child */
+ 		closelog();
++
+ 		(void)strcpy(tempfile, "/tmp/arpwatch.XXXXXX");
+ 		if ((fd = mkstemp(tempfile)) < 0) {
+ 			syslog(LOG_ERR, "mkstemp(%s) %m", tempfile);
+@@ -300,16 +316,52 @@
+ 			syslog(LOG_ERR, "unlink(%s): %m", tempfile);
+ 	}
+
++	newif = newif_old = NULL;
++	if (interface != NULL)
++	  for (idp = if_desc; idp != NULL; idp = idp->next)
++	    if (strcmp(idp->name, interface) == 0)
++	      asprintf(&newif, "%s (%s)", interface, idp->desc);
++
++	if (newif == NULL && interface != NULL)
++	  asprintf(&newif, "%s", interface);
++
++	if (old_interface != NULL)
++	  for (idp = if_desc; idp != NULL; idp = idp->next)
++	    if (strcmp(idp->name, old_interface) == 0)
++	      asprintf(&newif_old, "%s (%s)", old_interface, idp->desc);
++
++	if (newif_old == NULL && old_interface != NULL)
++	  asprintf(&newif_old, "%s", old_interface);
++
  	(void)fprintf(f, "From: %s\n", watchee);
  	(void)fprintf(f, "To: %s\n", watcher);
  	hn = gethname(a);
@@ -92,15 +143,27 @@
 +	if (event & FLIPFLOP)
 +	  (void)fprintf(f, fmt, "event", "flip flop");
 +
-+	(void)fprintf(f, fmt, "interface", interface);
++	(void)fprintf(f, fmt, "interface", newif);
 +
 +	if (old_interface != NULL)
-+	  (void)fprintf(f, fmt, "old interface", old_interface);
++	  (void)fprintf(f, fmt, "old interface", newif_old);
 +
  	(void)fprintf(f, fmt, "hostname", hn);
  	(void)fprintf(f, fmt, "ip address", intoa(a));
  	(void)fprintf(f, fmt, "ethernet address", e2str(e1));
-@@ -344,6 +374,25 @@
+@@ -339,11 +391,37 @@
+ 	}
+
+ 	(void)rewind(f);
++
++	if (newif != NULL)
++	  free(newif);
++
++	if (newif_old != NULL)
++	  free(newif_old);
++
+ 	if (dup2(fileno(f), fileno(stdin)) < 0) {
+ 		syslog(LOG_ERR, "dup2: %m");
  		exit(1);
  	}
  	/* XXX Need to freopen()? */
--- patch-ap.orig	Fri Jun 11 12:41:18 2004
+++ patch-ap	Fri Jun 11 12:36:33 2004
@@ -1,23 +1,44 @@
---- ../arpwatch.orig/util.c	Fri Oct 13 18:49:03 2000
-+++ ./util.c	Wed Sep 10 13:03:27 2003
-@@ -53,6 +53,7 @@
-
+--- util.c.orig	Fri Oct 13 18:49:03 2000
++++ util.c	Fri Jun 11 12:35:32 2004
+@@ -20,7 +20,7 @@
+  */
+ #ifndef lint
+ static const char rcsid[] =
+-    "@(#) $Id: util.c,v 1.9 2000/10/13 22:48:55 leres Exp $ (LBL)";
++    "@(#) $Id: util.c,v 1.5 2004/06/10 19:48:37 mdg Exp $ (LBL)";
+ #endif
+
+ /*
+@@ -39,6 +39,7 @@
+ #include <stdlib.h>
+ #include <string.h>
+ #include <syslog.h>
++#include <dirent.h>
+
+ #include "gnuc.h"
+ #ifdef HAVE_OS_PROTO_H
+@@ -53,8 +54,11 @@
+
  char *arpdir = ARPDIR;
  char *arpfile = ARPFILE;
 +char *etherfile = ETHERFILE;
  char *ethercodes = ETHERCODES;
-
+
++struct ifdesc *if_desc = NULL;
++
  /* Broadcast ethernet addresses */
-@@ -105,7 +106,7 @@
+ u_char zero[6] = { 0, 0, 0, 0, 0, 0 };
+ u_char allones[6] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
+@@ -105,7 +109,7 @@
  dump(void)
  {
  	register int fd;
 -	char oldarpfile[256], newarpfile[256];
 +	char oldarpfile[256], newarpfile[256], *oldetherfile, *newetherfile;
-
+
  	(void)sprintf(oldarpfile, "%s-", arpfile);
  	(void)sprintf(newarpfile, "%s.new", arpfile);
-@@ -130,6 +131,32 @@
+@@ -130,6 +134,32 @@
  		syslog(LOG_ERR, "rename %s -> %s: %m", newarpfile, arpfile);
  		return(0);
  	}
@@ -49,18 +70,73 @@
 +
  	return(1);
  }
-
-@@ -138,7 +165,9 @@
+
+@@ -138,7 +168,64 @@
  readdata(void)
  {
  	register FILE *f;
 +	char line[1024];
-
++	char buf[MAXNAMLEN];
++	char path[MAXNAMLEN + 1];
++	int len, i;
++	DIR *dirp;
++	struct dirent *dp;
++	struct ifdesc *idp;
++
++	/* interface descriptions */
++	if ((dirp = opendir(arpdir)) == NULL)
++	  {
++	    syslog(LOG_ERR, "opendir(%s)", arpdir);
++	    return(0);
++	  }
++
++	idp = if_desc = (struct ifdesc *) malloc(sizeof(struct ifdesc));
++	idp->name = idp->desc = NULL;
++	idp->next = NULL;
++
++	while ((dp = readdir(dirp)) != NULL)
++	  {
++	    if (dp->d_type == DT_LNK)
++	      {
++		for (i=0; i < dp->d_namlen; i++)
++		  path[i] = dp->d_name[i];
++
++		path[dp->d_namlen] = '\0';
++
++		if ((len = readlink(path, buf, MAXNAMLEN)) == -1)
++		  {
++		    syslog(LOG_ERR, "readlink(path) failed");
++		    return(0);
++		  }
++
++		buf[len] = '\0';
++
++		idp->next = (struct ifdesc *) malloc(sizeof(struct ifdesc));
++		idp = idp->next;
++		idp->next = NULL;
++		asprintf(&idp->name, "%s", path);
++		asprintf(&idp->desc, "%s", buf);
++	      }
++	  }
++
++	if (if_desc->next == NULL)
++	  {
++	    free(if_desc);
++	    idp = if_desc = NULL;
++	  }
++	else
++	  {
++	    idp = if_desc;
++	    if_desc = if_desc->next;
++	    free(idp);
++	    idp = NULL;
++	  }
+
 +	/* arp.dat */
  	if ((f = fopen(arpfile, "r")) == NULL) {
  		syslog(LOG_ERR, "fopen(%s): %m", arpfile);
  		return(0);
-@@ -147,6 +176,15 @@
+@@ -147,6 +234,15 @@
  		(void)fclose(f);
  		return(0);
  	}
@@ -74,5 +150,5 @@
 +
 +	et_cnt = fread(einfo_table, sizeof(struct einfo), HASHSIZE, f);
  	(void)fclose(f);
-
+
  	/* It's not fatal if we can't open the ethercodes file */
--- patch-aq.orig	Fri Jun 11 12:43:15 2004
+++ patch-aq	Fri Jun 11 12:36:33 2004
@@ -1,12 +1,28 @@
---- ../arpwatch.orig/util.h	Sun Oct  6 06:22:14 1996
-+++ ./util.h	Wed Sep 10 13:03:27 2003
-@@ -11,6 +11,9 @@
+--- util.h.orig	Sun Oct  6 06:22:14 1996
++++ util.h	Fri Jun 11 12:35:32 2004
+@@ -1,4 +1,4 @@
+-/* @(#) $Header: util.h,v 1.2 96/10/06 03:22:13 leres Exp $ (LBL) */
++/* @(#) $Header: /src/arpwatch/util.h,v 1.4 2004/06/10 19:19:38 mdg Exp $ (LBL) */
+
+ void	dosyslog(int, char *, u_int32_t, u_char *, u_char *);
+ int	dump(void);
+@@ -11,9 +11,19 @@
  extern char *arpfile;
  extern char *oldarpfile;
  extern char *ethercodes;
 +extern char *etherfile;
 +extern struct einfo einfo_table[];
 +extern int et_cnt;
-
+
  extern u_char zero[6];
  extern u_char allones[6];
+
+ extern int debug;
+ extern int initializing;
++
++struct ifdesc
++{
++  char *name;
++  char *desc;
++  struct ifdesc *next;
++};


-- 
Matthew George
SecureWorks Technical Operations

>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list