ports/84530: [New Port] net-mgmt/ourmon: Network Monitoring and Anomaly Detection System

Charlie Schluting charlie at schluting.com
Wed Aug 3 20:10:23 UTC 2005 

>Number:         84530
>Category:       ports
>Synopsis:       [New Port] net-mgmt/ourmon: Network Monitoring and Anomaly Detection System
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Wed Aug 03 20:10:17 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator:     Charlie Schluting
>Release:        FreeBSD 5.4-RELEASE i386
>Organization:
Portland State University
>Environment:
System: FreeBSD schluting.com 5.4-RELEASE FreeBSD 5.4-RELEASE #0: Thu May 12 23:39:29 PDT 2005 charlie at schluting.com:/usr/obj/usr/src/sys/BLOATED_FW_Q i386


--- ourmon25.shar begins here ---
# This is a shell archive.  Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file".  Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
#	ourmon25/
#	ourmon25/Makefile
#	ourmon25/distinfo
#	ourmon25/pkg-descr
#	ourmon25/pkg-message
#
echo c - ourmon25/
mkdir -p ourmon25/ > /dev/null 2>&1
echo x - ourmon25/Makefile
sed 's/^X//' >ourmon25/Makefile << 'END-of-ourmon25/Makefile'
X# New ports collection makefile for:    ourmon
X# Date created: 01 May 2005
X# Whom:         Charlie Schluting <manos at cs.pdx.edu>
X#
X# $FreeBSD$
X
XPORTNAME=       ourmon
XPORTVERSION=    2.5
XCATEGORIES=     net-mgmt
XMASTER_SITES=   http://ourmon.cat.pdx.edu/ourmon/
XDISTNAME=       ourmon25
X
XMAINTAINER=     ports at freebsd.org
XCOMMENT=        A libpcap-based network monitoring and anomaly detection system
X
XBUILD_DEPENDS=  ${LOCALBASE}/lib/libpcap.a:${PORTSDIR}/net/libpcap
XLIB_DEPENDS=    pcap:${PORTSDIR}/net/libpcap
XLIB_DEPENDS+=   gd:$(PORTSDIR)/graphics/gd
XRUN_DEPENDS=    rrdtool:$(PORTSDIR)/net/rrdtool
X#RUN_DEPENDS+=   wget:$(PORTSDIR)/ftp/wget
X
XPLIST_DIRS=
X
XIS_INTERACTIVE= yes
XUSE_PERL5=
X#USE_APACHE=
XWRKSRC=         ${WRKDIR}/mrourmon
XNO_INSTALL_MANPAGES=
XNO_PACKAGE=
X# where to install ourmon and also
X# where we build the ourmon runtime-script with configure.pl
X# note: we use the work directory simply for unpacking
X
X# make simply states assumptions, unpacks the system, and puts it in PREFIX
Xpre-build:
X	@${ECHO_MSG} "install dir is PREFIX=\"${PREFIX}/mrourmon\""
X	@${ECHO_MSG} "We do not install apache or some other web server for you.
X	@${ECHO_MSG} "You should know where your apache docs directory is before make install."
X	@${ECHO_MSG} "You should also know which network interface you want ourmon to use."
X	@${ECHO_MSG}
X	@${ECHO_MSG} "Ourmon may be installed on one CPU or two.  If you"
X	@${ECHO_MSG} "are only installing the front-end probe, you do"
X	@${ECHO_MSG} "not need Apache, hence we do not install it."
X	@${ECHO_MSG} "If you are installing the back-end graphics engine"
X	@${ECHO_MSG} "(which needs a web server) do install Apache first, and note"
X	@${ECHO_MSG} "where the htdocs web directory lives.  You will need"
X	@${ECHO_MSG} "that for ourmon configuration.  If you simply"
X	@${ECHO_MSG} "want to install ourmon with both front-end and back-end"
X	@${ECHO_MSG} "on one CPU, then install Apache first on that machine."
X	@${ECHO_MSG}
X
Xpost-patch: patch-startup-files
X
Xpatch-startup-files:
X
Xdo-build:
X.if exists(${PREFIX}/etc/ourmon.conf)
X    ${MV} ${PREFIX}/etc/ourmon.conf ${PREFIX}/etc/ourmon.conf.old
X.endif
X	$(CP) -R ${WRKSRC} ${PREFIX}
X
X# make install compiles and configures the system installing
X# all binaries in the local PREFIX/bin as well as asking
X# the user if he/she wants to install system start scripts
X# and modify /etc/crontab
X
Xpre-install:
Xdo-install:
X	cd ${PREFIX}/mrourmon && ${PERL5} configure.pl ${PREFIX}
X
Xpost-install: display-message
X
Xdisplay-message:
X	@${ECHO_MSG} "Ourmon is installed in ${PREFIX}"
X	@${ECHO_MSG}
X	@${CAT} ${PKGMESSAGE}
X	@${ECHO_MSG}
X
X.include <bsd.port.mk>
END-of-ourmon25/Makefile
echo x - ourmon25/distinfo
sed 's/^X//' >ourmon25/distinfo << 'END-of-ourmon25/distinfo'
XMD5 (ourmon25.tar.gz) = 23353c42d2432793345b19ac0a77dfdb
XSIZE (ourmon25.tar.gz) =330622
END-of-ourmon25/distinfo
echo x - ourmon25/pkg-descr
sed 's/^X//' >ourmon25/pkg-descr << 'END-of-ourmon25/pkg-descr'
XOurmon is a network management and anomaly detection system for
Xperforming various SNMP RMON-like network analysis tasks.  It uses
Xthe BSD bpf in combination with RRDTOOL as well as various "top
Xtalker" style tuples including:  top-N flows which include IP, TCP,
XUDP, and ICMP flows, top SYN senders, top TCP/UDP ports, top single
XIP src to many IP dst senders, top single IP src to L4 (TCP/UDP),
Xtop ICMP errors which includes UDP creators of ICMP errors and other
Xtools for both network management and anomaly detection.  RRDTOOL
Xgraphs include a year of baselined information.  New RRDTOOL graphs
Xmay be designed with user-configured BPF expressions a la tcpdump.
XReports and logging for top talkers are also included.
X
XWWW: http://ourmon.cat.pdx.edu/ourmon/
X
XCreated by: Jim Binkley <jrb at cs.pdx.edu>
XFreeBSD Port by: Charlie Schluting <charlie at schluting.com>
END-of-ourmon25/pkg-descr
echo x - ourmon25/pkg-message
sed 's/^X//' >ourmon25/pkg-message << 'END-of-ourmon25/pkg-message'
XFor the FreeBSD port, we assume 
X
X/usr/local/mrourmon 
X
Xis the base directory, although that can be overridden with
Xthe port Makefile.
X
XRead the INSTALL file in the ourmon base directory.
X**************************************************
X
XIf you want to uninstall ourmon, read "uninstall.txt" in
Xthe base directory. 
X
XBe sure and inspect and modify the basic config file,
Xat /usr/local/mrourmon/etc/ourmon.conf.  In particular
Xset the notion of topn_syn home IP in the config file
X
Xtopn_syn_homeip  10.1.0.0       255.255.0.0
X
Xto your home subnet and netmask.  
X
XAfter setting the config file up properly,
Xin order to start the front-end probe process,
Xnamed "ourmon", you must cd to the base directory  
Xand run the ourmon probe from the start shellscript.
X
X# cd /usr/local/mrourmon/bin
X# ./ourmon.sh start
END-of-ourmon25/pkg-message
exit
--- ourmon25.shar ends here ---


>Description:
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list