net/flow-extract: new port

	This tool complements existing net/flow-tools port.

PR:		ports/50005
Submitted by:	Marcin Cieslak <saper@system.pl>

15 files changed, 327 insertions, 0 deletions

diff --git a/net-mgmt/flow-extract/Makefile b/net-mgmt/flow-extract/Makefile
new file mode 100644
index 000000000000..d0f3a3d02be9
--- /dev/null
+++ b/net-mgmt/flow-extract/Makefile
@@ -0,0 +1,35 @@
+# New ports collection makefile for:	flow-extract
+# Date created:				2003 Mar 14
+# Whom:					Marcin Cieslak <saper@system.pl>
+#
+# $FreeBSD$
+#
+
+PORTNAME=	flow-extract
+PORTVERSION=	2.4
+CATEGORIES=	net
+MASTER_SITES=	http://security.uchicago.edu/tools/net-forensics/files/
+DISTNAME=	flowextract-${PORTVERSION}
+EXTRACT_SUFX=	.cpio.gz
+
+MAINTAINER=	saper@system.pl
+COMMENT=	Cisco NetFlow awk-like extracting tool
+
+BUILD_DEPENDS=	flow-cat:${PORTSDIR}/net/flow-tools
+
+USE_REINPLACE=	yes
+EXTRACT_AFTER_ARGS=	| cpio -idmu
+
+post-patch:	patch-makefile
+
+patch-makefile:
+		@${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|g' \
+			${WRKSRC}/Makefile
+
+do-install:
+		@${INSTALL_PROGRAM}	${WRKSRC}/flow-extract ${PREFIX}/bin
+		@${INSTALL_MAN}		${WRKSRC}/flow-extract.1 ${PREFIX}/man/man1
+
+MAN1=	flow-extract.1
+
+.include <bsd.port.mk>
diff --git a/net-mgmt/flow-extract/distinfo b/net-mgmt/flow-extract/distinfo
new file mode 100644
index 000000000000..c13acf51f3bf
--- /dev/null
+++ b/net-mgmt/flow-extract/distinfo
@@ -0,0 +1 @@
+MD5 (flowextract-2.4.cpio.gz) = b1fdb245df78a5804e42b47c18275aaa
diff --git a/net-mgmt/flow-extract/files/patch-Makefile b/net-mgmt/flow-extract/files/patch-Makefile
new file mode 100644
index 000000000000..66d25454ca67
--- /dev/null
+++ b/net-mgmt/flow-extract/files/patch-Makefile
@@ -0,0 +1,25 @@
+--- Makefile.original	Fri Mar 14 13:20:42 2003
++++ Makefile	Fri Mar 14 13:21:33 2003
+@@ -10,10 +10,9 @@
+ #
+ # For SunOS 5, use LIBS=-lsocket -lnsl
+ #
+-CC=gcc
+-FLAGS=-ggdb3 -gstabs
+-LIBS=-L/opt/lib -R/opt/lib /opt/lib/libft.a -lsocket -lnsl -lz
+-INCLUDES=-I/opt/include
++CC ?= cc
++LIBS = -L%%PREFIX%%/lib -lft -lz
++INCLUDES = -I%%PREFIX%%/include
+ #
+ # For Linux
+ #
+@@ -30,7 +29,7 @@
+ 
+ #CC = cc
+ LIB=$(LIBS)
+-CFLAGS=-O $(FLAGS) $(INCLUDES) 
++CFLAGS+=$(INCLUDES) 
+ 
+ all: flow-extract
+ 
diff --git a/net-mgmt/flow-extract/files/patch-includes b/net-mgmt/flow-extract/files/patch-includes
new file mode 100644
index 000000000000..b5145272ce2b
--- /dev/null
+++ b/net-mgmt/flow-extract/files/patch-includes
@@ -0,0 +1,70 @@
+--- extract.c.orig	Mon Jun 17 16:59:16 2002
++++ extract.c	Fri Mar 14 13:01:27 2003
+@@ -13,7 +13,6 @@
+ #include <sys/stat.h>
+ #include <netdb.h>
+ #include <errno.h>
+-#include <malloc.h>
+ #include <unistd.h>
+ #include <netinet/in.h>
+ #include <netinet/in_systm.h>
+@@ -22,7 +21,6 @@
+ 
+ 
+ #include <ftlib.h>
+-#include <fmt.h>
+ #include "extract.h"
+ #include "chario.h"
+ #include "parser.h"
+--- chario.c.orig	Mon Jun 17 16:59:16 2002
++++ chario.c	Fri Mar 14 13:01:27 2003
+@@ -11,7 +11,7 @@
+ #include <stdio.h>
+ #include <sys/stat.h>
+ #include <string.h>
+-#include <malloc.h>
++#include <stdlib.h>
+ #include "stdunix.h"
+ 
+ #include "chario.h"
+--- grammar.y.orig	Mon Jun 17 16:59:16 2002
++++ grammar.y	Fri Mar 14 13:01:27 2003
+@@ -13,7 +13,7 @@
+ #include <netdb.h>
+ #include <sys/types.h>
+ #include <netinet/in.h>
+-#include <malloc.h>
++#include <stdlib.h>
+ #include "lex.h"
+ #include "chario.h"
+ #include "parser.h"
+--- lex.c.orig	Mon Jun 17 16:59:16 2002
++++ lex.c	Fri Mar 14 13:01:27 2003
+@@ -9,15 +9,13 @@
+ */
+ #include <stdio.h>
+ #include <ctype.h>
+-#include <malloc.h>
++#include <stdlib.h>
+ #include "y.tab.h"
+ #include "lex.h"
+ #include "chario.h"
+ 
+ #define TRUE 1
+ #define FALSE 0
+-
+-extern int atoi(char *);
+ 
+ static int buflen = 0;
+ static int bufptr = 0;
+--- builder.c.orig	Fri Mar 14 13:03:45 2003
++++ builder.c	Fri Mar 14 13:03:55 2003
+@@ -8,7 +8,7 @@
+ 
+ */
+ #include <stdio.h>
+-#include <malloc.h>
++#include <stdlib.h>
+ #include "stdunix.h"
+ 
+ #include "parser.h"
diff --git a/net-mgmt/flow-extract/files/patch-proto b/net-mgmt/flow-extract/files/patch-proto
new file mode 100644
index 000000000000..58af65f5d633
--- /dev/null
+++ b/net-mgmt/flow-extract/files/patch-proto
@@ -0,0 +1,12 @@
+--- hosts.c.orig	Fri Mar 14 13:06:31 2003
++++ hosts.c	Fri Mar 14 13:06:13 2003
+@@ -24,7 +24,8 @@
+ static int hnc_init = 0;
+ static unsigned long hit = 0, miss = 0, coll = 0;
+ 
+-sigusr1()
++void
++sigusr1(int ignore)
+ {
+      printf("Hit/Miss: %lu/%lu, Collisions: %lu\n",
+ 	    hit, miss,coll);
diff --git a/net-mgmt/flow-extract/pkg-descr b/net-mgmt/flow-extract/pkg-descr
new file mode 100644
index 000000000000..1cc74926810b
--- /dev/null
+++ b/net-mgmt/flow-extract/pkg-descr
@@ -0,0 +1,19 @@
+A copy of this package can be found at: 
+WWW: http://security.uchicago.edu/tools/net-forensics
+
+This package is a port of TAMU's extract program from NetLogger to look
+at flow data instead of netlogger data. Blame Larry for it's faults, not
+TAMU. Blame me for the FreeBSD port, not Larry :-)
+
+If you don't already have a good guess what this program does and what
+data it is looking for, the odds are that it isn't going to be of much
+help to you. This program only works on Cisco flow data as captured
+with Mark Fullmer's flowtools package. If you don't have that, get that
+first, then look at this program.
+
+In order for this to compile you will need flowtools from Mark
+Fullmer's (net/flow-tools port).
+
+---
+E. Larry Lidz, ellidz@uchicago.edu
+Brought to FreeBSD by Marcin Cieslak, saper@system.pl
diff --git a/net-mgmt/flow-extract/pkg-plist b/net-mgmt/flow-extract/pkg-plist
new file mode 100644
index 000000000000..538a271e7dba
--- /dev/null
+++ b/net-mgmt/flow-extract/pkg-plist
@@ -0,0 +1 @@
+bin/flow-extract
diff --git a/net/Makefile b/net/Makefile
index c5c0e21e8f22..e96565657148 100644
--- a/net/Makefile
+++ b/net/Makefile
@@ -145,6 +145,7 @@
     SUBDIR += fidelio
     SUBDIR += firedns
     SUBDIR += firetalk
+    SUBDIR += flow-extract
     SUBDIR += flow-tools
     SUBDIR += flowscan
     SUBDIR += forg
diff --git a/net/flow-extract/Makefile b/net/flow-extract/Makefile
new file mode 100644
index 000000000000..d0f3a3d02be9
--- /dev/null
+++ b/net/flow-extract/Makefile
@@ -0,0 +1,35 @@
+# New ports collection makefile for:	flow-extract
+# Date created:				2003 Mar 14
+# Whom:					Marcin Cieslak <saper@system.pl>
+#
+# $FreeBSD$
+#
+
+PORTNAME=	flow-extract
+PORTVERSION=	2.4
+CATEGORIES=	net
+MASTER_SITES=	http://security.uchicago.edu/tools/net-forensics/files/
+DISTNAME=	flowextract-${PORTVERSION}
+EXTRACT_SUFX=	.cpio.gz
+
+MAINTAINER=	saper@system.pl
+COMMENT=	Cisco NetFlow awk-like extracting tool
+
+BUILD_DEPENDS=	flow-cat:${PORTSDIR}/net/flow-tools
+
+USE_REINPLACE=	yes
+EXTRACT_AFTER_ARGS=	| cpio -idmu
+
+post-patch:	patch-makefile
+
+patch-makefile:
+		@${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|g' \
+			${WRKSRC}/Makefile
+
+do-install:
+		@${INSTALL_PROGRAM}	${WRKSRC}/flow-extract ${PREFIX}/bin
+		@${INSTALL_MAN}		${WRKSRC}/flow-extract.1 ${PREFIX}/man/man1
+
+MAN1=	flow-extract.1
+
+.include <bsd.port.mk>
diff --git a/net/flow-extract/distinfo b/net/flow-extract/distinfo
new file mode 100644
index 000000000000..c13acf51f3bf
--- /dev/null
+++ b/net/flow-extract/distinfo
@@ -0,0 +1 @@
+MD5 (flowextract-2.4.cpio.gz) = b1fdb245df78a5804e42b47c18275aaa
diff --git a/net/flow-extract/files/patch-Makefile b/net/flow-extract/files/patch-Makefile
new file mode 100644
index 000000000000..66d25454ca67
--- /dev/null
+++ b/net/flow-extract/files/patch-Makefile
@@ -0,0 +1,25 @@
+--- Makefile.original	Fri Mar 14 13:20:42 2003
++++ Makefile	Fri Mar 14 13:21:33 2003
+@@ -10,10 +10,9 @@
+ #
+ # For SunOS 5, use LIBS=-lsocket -lnsl
+ #
+-CC=gcc
+-FLAGS=-ggdb3 -gstabs
+-LIBS=-L/opt/lib -R/opt/lib /opt/lib/libft.a -lsocket -lnsl -lz
+-INCLUDES=-I/opt/include
++CC ?= cc
++LIBS = -L%%PREFIX%%/lib -lft -lz
++INCLUDES = -I%%PREFIX%%/include
+ #
+ # For Linux
+ #
+@@ -30,7 +29,7 @@
+ 
+ #CC = cc
+ LIB=$(LIBS)
+-CFLAGS=-O $(FLAGS) $(INCLUDES) 
++CFLAGS+=$(INCLUDES) 
+ 
+ all: flow-extract
+ 
diff --git a/net/flow-extract/files/patch-includes b/net/flow-extract/files/patch-includes
new file mode 100644
index 000000000000..b5145272ce2b
--- /dev/null
+++ b/net/flow-extract/files/patch-includes
@@ -0,0 +1,70 @@
+--- extract.c.orig	Mon Jun 17 16:59:16 2002
++++ extract.c	Fri Mar 14 13:01:27 2003
+@@ -13,7 +13,6 @@
+ #include <sys/stat.h>
+ #include <netdb.h>
+ #include <errno.h>
+-#include <malloc.h>
+ #include <unistd.h>
+ #include <netinet/in.h>
+ #include <netinet/in_systm.h>
+@@ -22,7 +21,6 @@
+ 
+ 
+ #include <ftlib.h>
+-#include <fmt.h>
+ #include "extract.h"
+ #include "chario.h"
+ #include "parser.h"
+--- chario.c.orig	Mon Jun 17 16:59:16 2002
++++ chario.c	Fri Mar 14 13:01:27 2003
+@@ -11,7 +11,7 @@
+ #include <stdio.h>
+ #include <sys/stat.h>
+ #include <string.h>
+-#include <malloc.h>
++#include <stdlib.h>
+ #include "stdunix.h"
+ 
+ #include "chario.h"
+--- grammar.y.orig	Mon Jun 17 16:59:16 2002
++++ grammar.y	Fri Mar 14 13:01:27 2003
+@@ -13,7 +13,7 @@
+ #include <netdb.h>
+ #include <sys/types.h>
+ #include <netinet/in.h>
+-#include <malloc.h>
++#include <stdlib.h>
+ #include "lex.h"
+ #include "chario.h"
+ #include "parser.h"
+--- lex.c.orig	Mon Jun 17 16:59:16 2002
++++ lex.c	Fri Mar 14 13:01:27 2003
+@@ -9,15 +9,13 @@
+ */
+ #include <stdio.h>
+ #include <ctype.h>
+-#include <malloc.h>
++#include <stdlib.h>
+ #include "y.tab.h"
+ #include "lex.h"
+ #include "chario.h"
+ 
+ #define TRUE 1
+ #define FALSE 0
+-
+-extern int atoi(char *);
+ 
+ static int buflen = 0;
+ static int bufptr = 0;
+--- builder.c.orig	Fri Mar 14 13:03:45 2003
++++ builder.c	Fri Mar 14 13:03:55 2003
+@@ -8,7 +8,7 @@
+ 
+ */
+ #include <stdio.h>
+-#include <malloc.h>
++#include <stdlib.h>
+ #include "stdunix.h"
+ 
+ #include "parser.h"
diff --git a/net/flow-extract/files/patch-proto b/net/flow-extract/files/patch-proto
new file mode 100644
index 000000000000..58af65f5d633
--- /dev/null
+++ b/net/flow-extract/files/patch-proto
@@ -0,0 +1,12 @@
+--- hosts.c.orig	Fri Mar 14 13:06:31 2003
++++ hosts.c	Fri Mar 14 13:06:13 2003
+@@ -24,7 +24,8 @@
+ static int hnc_init = 0;
+ static unsigned long hit = 0, miss = 0, coll = 0;
+ 
+-sigusr1()
++void
++sigusr1(int ignore)
+ {
+      printf("Hit/Miss: %lu/%lu, Collisions: %lu\n",
+ 	    hit, miss,coll);
diff --git a/net/flow-extract/pkg-descr b/net/flow-extract/pkg-descr
new file mode 100644
index 000000000000..1cc74926810b
--- /dev/null
+++ b/net/flow-extract/pkg-descr
@@ -0,0 +1,19 @@
+A copy of this package can be found at: 
+WWW: http://security.uchicago.edu/tools/net-forensics
+
+This package is a port of TAMU's extract program from NetLogger to look
+at flow data instead of netlogger data. Blame Larry for it's faults, not
+TAMU. Blame me for the FreeBSD port, not Larry :-)
+
+If you don't already have a good guess what this program does and what
+data it is looking for, the odds are that it isn't going to be of much
+help to you. This program only works on Cisco flow data as captured
+with Mark Fullmer's flowtools package. If you don't have that, get that
+first, then look at this program.
+
+In order for this to compile you will need flowtools from Mark
+Fullmer's (net/flow-tools port).
+
+---
+E. Larry Lidz, ellidz@uchicago.edu
+Brought to FreeBSD by Marcin Cieslak, saper@system.pl
diff --git a/net/flow-extract/pkg-plist b/net/flow-extract/pkg-plist
new file mode 100644
index 000000000000..538a271e7dba
--- /dev/null
+++ b/net/flow-extract/pkg-plist
@@ -0,0 +1 @@
+bin/flow-extract