From 7257596e98858c33b6ef25a362542765eca1eef7 Mon Sep 17 00:00:00 2001 From: Yaroslav Tykhiy Date: Sat, 11 Aug 2001 17:38:05 +0000 Subject: New port: net/ehnt - A simple Cisco NetFlow data collector This is a lightweight but well-featured tool for collecting NetFlow version 5 packets from Cisco routers. The implementation includes a simple UDP-to-TCP converting server, which may be used to replicate NetFlow data to multiple clients. WWW: http://ehnt.sourceforge.net/ PR: ports/29459 Submitted by: Dmitry Morozovsky --- net-mgmt/ehnt/Makefile | 32 ++++++++++ net-mgmt/ehnt/distinfo | 2 + net-mgmt/ehnt/files/ehnt.1 | 111 +++++++++++++++++++++++++++++++++ net-mgmt/ehnt/files/ehntserv.8 | 72 +++++++++++++++++++++ net-mgmt/ehnt/files/ehntserv.sh.sample | 25 ++++++++ net-mgmt/ehnt/files/patch-Makefile | 50 +++++++++++++++ net-mgmt/ehnt/files/patch-config-h | 11 ++++ net-mgmt/ehnt/files/patch-ehnt-lookup | 11 ++++ net-mgmt/ehnt/pkg-comment | 1 + net-mgmt/ehnt/pkg-descr | 10 +++ net-mgmt/ehnt/pkg-plist | 7 +++ 11 files changed, 332 insertions(+) create mode 100644 net-mgmt/ehnt/Makefile create mode 100644 net-mgmt/ehnt/distinfo create mode 100644 net-mgmt/ehnt/files/ehnt.1 create mode 100644 net-mgmt/ehnt/files/ehntserv.8 create mode 100644 net-mgmt/ehnt/files/ehntserv.sh.sample create mode 100644 net-mgmt/ehnt/files/patch-Makefile create mode 100644 net-mgmt/ehnt/files/patch-config-h create mode 100644 net-mgmt/ehnt/files/patch-ehnt-lookup create mode 100644 net-mgmt/ehnt/pkg-comment create mode 100644 net-mgmt/ehnt/pkg-descr create mode 100644 net-mgmt/ehnt/pkg-plist (limited to 'net-mgmt') diff --git a/net-mgmt/ehnt/Makefile b/net-mgmt/ehnt/Makefile new file mode 100644 index 000000000000..e8d40aa8285b --- /dev/null +++ b/net-mgmt/ehnt/Makefile @@ -0,0 +1,32 @@ +# New ports collection makefile for: ehnt +# Date created: 2 August 2001 +# Whom: marck@rinet.ru +# +# $FreeBSD$ +# + +PORTNAME= ehnt +PORTVERSION= 0.2.3 +CATEGORIES= net +MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} +MASTER_SITE_SUBDIR= ${PORTNAME} +DISTFILES= ${PORTNAME}-${PORTVERSION}${EXTRACT_SUFX} \ + ${PORTNAME}_data-${PORTVERSION}${EXTRACT_SUFX} + +MAINTAINER= marck@rinet.ru + +MAN1= ehnt.1 +MAN8= ehntserv.8 + +do-install: + ${MKDIR} ${PREFIX}/share/ehnt + ${MKDIR} ${PREFIX}/share/doc/ehnt + ${INSTALL_PROGRAM} ${WRKSRC}/ehnt ${PREFIX}/bin/ + ${INSTALL_PROGRAM} ${WRKSRC}/ehntserv ${PREFIX}/sbin/ + ${INSTALL_SCRIPT} ${FILESDIR}/ehntserv.sh.sample ${PREFIX}/etc/rc.d/ + ${INSTALL_DATA} ${WRKSRC}/asnc.txt ${PREFIX}/share/ehnt/ + ${INSTALL_DATA} ${WRKSRC}/README ${PREFIX}/share/doc/ehnt/ + ${INSTALL_MAN} ${FILESDIR}/ehnt.1 ${PREFIX}/man/man1/ + ${INSTALL_MAN} ${FILESDIR}/ehntserv.8 ${PREFIX}/man/man8/ + +.include diff --git a/net-mgmt/ehnt/distinfo b/net-mgmt/ehnt/distinfo new file mode 100644 index 000000000000..eb6962d8489f --- /dev/null +++ b/net-mgmt/ehnt/distinfo @@ -0,0 +1,2 @@ +MD5 (ehnt-0.2.3.tar.gz) = 4fb3af5046fb9943ea6bb93a56cb89cb +MD5 (ehnt_data-0.2.3.tar.gz) = ddba92084c78138bdd9af23ac25f5ee9 diff --git a/net-mgmt/ehnt/files/ehnt.1 b/net-mgmt/ehnt/files/ehnt.1 new file mode 100644 index 000000000000..dfc44d7914e3 --- /dev/null +++ b/net-mgmt/ehnt/files/ehnt.1 @@ -0,0 +1,111 @@ +.\" Copyright (c) 2000-2001 Nik Weidenbacher nikw@martnet.com +.\" Portions Copyright (c) 2001 Dmitry Morozovsky marck@rinet.ru +.\" +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by the University of +.\" California, Berkeley and its contributors. +.\" 4. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ +.\" +.Dd Aug 04, 2001 +.Dt EHNT 1 +.\" .Os BSD 4.4 +.Sh NAME +.Nm ehnt +.Nd Extreme Happy Netflow Tool. Client part +.Sh SYNOPSIS +.Nm +.Op Fl 0 Ar ASN +.Op Fl a Ar ASN +.Op Fl b +.Op Fl c Ar count +.Op Fl i Ar mins +.Op Fl m Ar mode +.Op Fl n Ar intidx +.Op Fl p Ar port +.Op Fl P Ar proto +.Op Fl r Ar addr +.Op Fl s Ar server:port +.Op Fl x Ar prefix +.Sh DESCRIPTION +The +.Nm +command starts +.Xr ehnt 1 +client which connects to +.Xr ehntserv 8 +server and converts raw flow of NetFlow version 5 packets into +somewhat human-readable (or machine-readable) form. +.Pp +The options are as follows: +.Bl -tag -width ".Fl n Ar intidx" +.It Fl 0 Ar ASN +Replace AS number 0 occurences with this AS number +.It Fl a Ar ASN +Only display flows to/from this AS number +.It Fl b +Display big flows (only shows flows with the most bytes +or packets received so far) +.It Fl c Ar count +Exit after flows are received +.It Fl i Ar mins +How long to wait between report generations (in minutes) +.It Fl m Ar mode +The name of the mode of operation to use: +.Cm dump +displays flow detail; +.Cm shortdump +shows flow details in a more compact fashion; +.Cm top +generates reports of top average utilization +.It Fl n Ar intidx +Specify the interface by SNMP ifIndex number +.It Fl p Ar port +Only display flows to/from this tcp or udp port number +.It Fl P Ar proto +Only display flows using this IP protocol number +.It Fl r Ar addr +Only display flows reported by this router IP address +.It Fl s Ar server:port +The hostname or IP address and port number of the +.Xr ehntserv 8 +.It Fl x Ar prefix +Only display flows to/from this IP prefix. The format for +is 'address/length', for example 1.2.3.4/30 or 127.0.0.0/8. +.El +.Sh FILES +.Bl -tag -width /usr/local/share/ehnt/asnc.txt -compact +.It Pa /usr/local/share/ehnt/asnc.txt +Autonomous Systems Number-to-Name Convertion table +.El +.Sh SEE ALSO +.Xr ehntserv 8 +.Sh AUTHORS +.An Nik Weidenbacher Aq nikw@martnet.com +.An Dmitry Morozovsky Aq marck@rinet.ru + diff --git a/net-mgmt/ehnt/files/ehntserv.8 b/net-mgmt/ehnt/files/ehntserv.8 new file mode 100644 index 000000000000..d43849e049e4 --- /dev/null +++ b/net-mgmt/ehnt/files/ehntserv.8 @@ -0,0 +1,72 @@ +.\" Copyright (c) 2000-2001 Nik Weidenbacher nikw@martnet.com +.\" Portions Copyright (c) 2001 Dmitry Morozovsky marck@rinet.ru +.\" +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by the University of +.\" California, Berkeley and its contributors. +.\" 4. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ +.\" +.Dd Aug 04, 2001 +.Dt EHNTSERV 8 +.\" .Os BSD 4.4 +.Sh NAME +.Nm ehntserv +.Nd Extreme Happy Netflow Tool. Server part +.Sh SYNOPSIS +.Nm +.Op Fl u Ar udp-port +.Op Fl t Ar tcp-port +.Op Fl m Ar maxdata +.Op Fl d +.Sh DESCRIPTION +The +.Nm +command starts +.Xr ehnt 1 +server (udp to tcp translator) which listens to NetFlow version 5 +packets from Routers and translates them into TCP stream for +.Xr ehnt 1 +clients. +.Pp +The options are as follows: +.Bl -tag -width ".Fl u Ar udp-port" +.It Fl d +Debug. Don't become a daemon, displays all messages on stdout, +displays lots of extra information +.It Fl t Ar tcp-port +Listen on given TCP port (client connections) instead of the default 4444. +.It Fl u Ar udp-port +Listen on given UDP port (NetFlow packets from routers) instead of the default 4444. +.El +.Sh SEE ALSO +.Xr ehnt 1 +.Sh AUTHORS +.An Nik Weidenbacher Aq nikw@martnet.com +.An Dmitry Morozovsky Aq marck@rinet.ru + diff --git a/net-mgmt/ehnt/files/ehntserv.sh.sample b/net-mgmt/ehnt/files/ehntserv.sh.sample new file mode 100644 index 000000000000..a9db95ed60c9 --- /dev/null +++ b/net-mgmt/ehnt/files/ehntserv.sh.sample @@ -0,0 +1,25 @@ +#!/bin/sh + +if ! PREFIX=$(expr $0 : "\(/.*\)/etc/rc\.d/$(basename $0)\$"); then + echo "$0: Cannot determine the PREFIX" >&2 + exit 1 +fi + +case "$1" in +start) + if [ -x ${PREFIX}/sbin/ehntserv ]; then + echo -n ' ehntserv' + ${PREFIX}/sbin/ehntserv + fi + ;; +stop) + echo -n ' ehntserv' + killall ehntserv + ;; +*) + echo "Usage: `basename $0` {start|stop}" >&2 + exit 2 + ;; +esac + +exit 0 diff --git a/net-mgmt/ehnt/files/patch-Makefile b/net-mgmt/ehnt/files/patch-Makefile new file mode 100644 index 000000000000..fd1bdfd279de --- /dev/null +++ b/net-mgmt/ehnt/files/patch-Makefile @@ -0,0 +1,50 @@ +--- Makefile.orig Thu Aug 9 12:55:44 2001 ++++ Makefile Thu Aug 9 13:04:50 2001 +@@ -1,19 +1,12 @@ +-PLATFORM = LINUX ++#PLATFORM = LINUX + #PLATFORM = SOLARIS +-#PLATFORM = FreeBSD +-CC = gcc ++PLATFORM = FreeBSD ++#CC = gcc + #DEBUG = yes + #CFLAGS = -g + #CFLAGS = -O6 + LIBS = -lm +- +-ifeq ($(PLATFORM),SOLARIS) +- LIBS += -lsocket -lnsl -lresolv +-endif +- +-ifeq ($(DEBUG),yes) +- CFLAGS += -g +-endif ++CFLAGS+= -DASNCDIR=\"${PREFIX}/share/ehnt\" + + + all: ehntserv ehnt asnc.txt +@@ -37,11 +30,6 @@ + + ehnt : ehnt_client.o ehnt_lookup.o ehnt_display.o ehnt_processflow.o ehnt_main.o + $(CC) -o ehnt ehnt_client.o ehnt_lookup.o ehnt_display.o ehnt_processflow.o ehnt_main.o $(LIBS) $(CFLAGS) +-ifeq ($(DEBUG),yes) +- @echo Debug mode - ehnt not stripped +-else +- strip ehnt +-endif + + + ehntserv.o : ehntserv.c ehnt.h netflowv5.h config.h +@@ -49,11 +37,6 @@ + + ehntserv : ehntserv.o + $(CC) $(CFLAGS) -o ehntserv ehntserv.o $(LIBS) $(CFLAGS) +-ifeq ($(DEBUG),yes) +- @echo Debug mode - ehnt not stripped +-else +- strip ehntserv +-endif + + asnc.txt : + perl ./ProcessASN.pl diff --git a/net-mgmt/ehnt/files/patch-config-h b/net-mgmt/ehnt/files/patch-config-h new file mode 100644 index 000000000000..28d975604eb3 --- /dev/null +++ b/net-mgmt/ehnt/files/patch-config-h @@ -0,0 +1,11 @@ +--- config.h.orig Wed Jul 18 00:47:37 2001 ++++ config.h Fri Aug 3 19:57:51 2001 +@@ -27,3 +27,8 @@ + #define DEFAULT_UDP_PORT 4444 + /* The default mode of the client. Can be either EM_REPORT or EM_DUMP.*/ + #define EM_DEFAULT EM_REPORT ++ ++#ifndef ASNCDIR ++#define ASNCDIR "." ++#endif ++ diff --git a/net-mgmt/ehnt/files/patch-ehnt-lookup b/net-mgmt/ehnt/files/patch-ehnt-lookup new file mode 100644 index 000000000000..d6f6d655ef11 --- /dev/null +++ b/net-mgmt/ehnt/files/patch-ehnt-lookup @@ -0,0 +1,11 @@ +--- ehnt_lookup.c.orig Wed Jul 18 00:47:37 2001 ++++ ehnt_lookup.c Fri Aug 3 19:54:34 2001 +@@ -36,7 +36,7 @@ + + memset(ASNs,0,sizeof(ASNs)); + +- if ( ! (f=fopen ("asnc.txt","r")) ) { ++ if ( ! (f=fopen (ASNCDIR "/asnc.txt","r")) ) { + perror("fopen"); + } else { + for ( ; ; ) { diff --git a/net-mgmt/ehnt/pkg-comment b/net-mgmt/ehnt/pkg-comment new file mode 100644 index 000000000000..8c8cd854c6b2 --- /dev/null +++ b/net-mgmt/ehnt/pkg-comment @@ -0,0 +1 @@ +A simple Cisco NetFlow data collector diff --git a/net-mgmt/ehnt/pkg-descr b/net-mgmt/ehnt/pkg-descr new file mode 100644 index 000000000000..1e2898290a60 --- /dev/null +++ b/net-mgmt/ehnt/pkg-descr @@ -0,0 +1,10 @@ +This is a lightweight but well-featured tool for collecting +NetFlow version 5 packets from Cisco routers. + +The implementation includes a simple UDP-to-TCP converting server, +which may be used to replicate NetFlow data to multiple clients. + +WWW: http://ehnt.sourceforge.net/ + +- Dmitry Morozovsky +marck@rinet.ru diff --git a/net-mgmt/ehnt/pkg-plist b/net-mgmt/ehnt/pkg-plist new file mode 100644 index 000000000000..aa933284a56a --- /dev/null +++ b/net-mgmt/ehnt/pkg-plist @@ -0,0 +1,7 @@ +bin/ehnt +sbin/ehntserv +etc/rc.d/ehntserv.sh.sample +share/ehnt/asnc.txt +@dirrm share/ehnt +share/doc/ehnt/README +@dirrm share/doc/ehnt -- cgit v1.2.3