diff options
| -rw-r--r-- | net-analyzer/ipac-ng/ChangeLog | 7 | ||||
| -rw-r--r-- | net-analyzer/ipac-ng/Manifest | 16 | ||||
| -rw-r--r-- | net-analyzer/ipac-ng/files/ipac-ng.cron.1.30 | 8 | ||||
| -rw-r--r-- | net-analyzer/ipac-ng/files/ipac-ng.rc.1.27_p1-r2 | 4 | ||||
| -rw-r--r-- | net-analyzer/ipac-ng/files/ipac-ng.rc.1.30 | 42 | ||||
| -rw-r--r-- | net-analyzer/ipac-ng/files/ipac.conf.1.30 | 51 | ||||
| -rw-r--r-- | net-analyzer/ipac-ng/files/rules.conf.1.30 | 195 | ||||
| -rw-r--r-- | net-analyzer/ipac-ng/ipac-ng-1.30.ebuild | 4 |
8 files changed, 316 insertions, 11 deletions
diff --git a/net-analyzer/ipac-ng/ChangeLog b/net-analyzer/ipac-ng/ChangeLog index 975c377b73b4..add946c1d67f 100644 --- a/net-analyzer/ipac-ng/ChangeLog +++ b/net-analyzer/ipac-ng/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for net-analyzer/ipac-ng # Copyright 2000-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ipac-ng/ChangeLog,v 1.8 2004/07/25 15:00:52 eldad Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ipac-ng/ChangeLog,v 1.9 2004/07/27 08:50:13 eldad Exp $ + + 27 Jul 2004; Eldad Zack <eldad@gentoo.org> +files/ipac-ng.cron.1.30, + files/ipac-ng.rc.1.27_p1-r2, +files/ipac-ng.rc.1.30, +files/ipac.conf.1.30, + +files/rules.conf.1.30, ipac-ng-1.30.ebuild: + Fixed missing files in install. Closes #58437. *ipac-ng-1.30 (25 Jul 2004) diff --git a/net-analyzer/ipac-ng/Manifest b/net-analyzer/ipac-ng/Manifest index 8226e83f47f1..c55a539eec3c 100644 --- a/net-analyzer/ipac-ng/Manifest +++ b/net-analyzer/ipac-ng/Manifest @@ -2,25 +2,29 @@ Hash: SHA1 MD5 fdb9f48256d3c23cb85c9ecc714313ef ipac-ng-1.27_p1-r1.ebuild 1858 -MD5 4a96a0a22b8e2b878f95bb77e459cbb2 ipac-ng-1.30.ebuild 2449 +MD5 677914aafb96baa0a37da653c89460f8 ipac-ng-1.30.ebuild 2439 MD5 1464b4d70477fe8b0e77a41beb31470e ipac-ng-1.27_p1-r2.ebuild 2235 -MD5 38bfbfe76e8c5c7378e1f45cec7b4e3f ChangeLog 1556 +MD5 84b28a6d5d4ece207aeb468b4b619b0c ChangeLog 1802 MD5 1fc63e9415d3d2828252746b7bde3144 metadata.xml 426 MD5 6cf010319bfd4122f663973e2cfa7d12 files/ipac-ng.cron 217 MD5 6329656330d06c7467a8d624b6b251ed files/ipac.conf.1.27_p1-r2 1817 MD5 6329656330d06c7467a8d624b6b251ed files/ipac.conf 1817 +MD5 6329656330d06c7467a8d624b6b251ed files/ipac.conf.1.30 1817 MD5 ac210e9fd37f1a10dc14dd5e32df8170 files/digest-ipac-ng-1.27_p1-r1 68 MD5 ac210e9fd37f1a10dc14dd5e32df8170 files/digest-ipac-ng-1.27_p1-r2 68 MD5 86c93e1db547d4504d6dd3557c776d97 files/rules.conf 1812 MD5 7162c7dc1c32393afef0e407b670497f files/ipac-ng.rc 826 MD5 30eede3787938f83e39fde04bc1f1e68 files/ipac-ng.cron.1.27_p1-r2 228 MD5 c6fde5842858e98a063e78223644e191 files/digest-ipac-ng-1.30 65 -MD5 0a8be2604f4c00ae679eb98928dfe126 files/ipac-ng.rc.1.27_p1-r2 907 +MD5 ab5c80151c9f64ea83835a906ead314d files/ipac-ng.rc.1.27_p1-r2 903 +MD5 72162ed7957cc82168b4870d26cf66fe files/ipac-ng.cron.1.30 216 +MD5 3b1a7de81326927d709b5691ec799683 files/rules.conf.1.30 7074 +MD5 983ee78164ba492b7bc558418adb0739 files/ipac-ng.rc.1.30 897 MD5 3b1a7de81326927d709b5691ec799683 files/rules.conf.1.27_p1-r2 7074 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) -iD8DBQFBA8ppT+MN7JbqCpMRAsaaAJwJ4LaO7a4hApoSlp6hDEshmJWscwCdHuPu -dAvqopwu7tQiPmw0/PUhzQk= -=wR9P +iD8DBQFBBhZaT+MN7JbqCpMRAgRkAJsGZCRntz4AfImM4cEMNf/aeCKg2ACghUmr +cd3QZ5uXxmdEm1pTrwijWMo= +=lg47 -----END PGP SIGNATURE----- diff --git a/net-analyzer/ipac-ng/files/ipac-ng.cron.1.30 b/net-analyzer/ipac-ng/files/ipac-ng.cron.1.30 new file mode 100644 index 000000000000..da94fbd3782b --- /dev/null +++ b/net-analyzer/ipac-ng/files/ipac-ng.cron.1.30 @@ -0,0 +1,8 @@ +#!/bin/sh +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ipac-ng/files/ipac-ng.cron.1.30,v 1.1 2004/07/27 08:50:13 eldad Exp $ + +FI=/usr/sbin/fetchipac + +if [ -x ${FI} ] && [ -f /var/run/ipac.rules ]; then + ${FI} +fi diff --git a/net-analyzer/ipac-ng/files/ipac-ng.rc.1.27_p1-r2 b/net-analyzer/ipac-ng/files/ipac-ng.rc.1.27_p1-r2 index 49aed3e52fab..79f2a3773439 100644 --- a/net-analyzer/ipac-ng/files/ipac-ng.rc.1.27_p1-r2 +++ b/net-analyzer/ipac-ng/files/ipac-ng.rc.1.27_p1-r2 @@ -1,7 +1,7 @@ #!/sbin/runscript # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ipac-ng/files/ipac-ng.rc.1.27_p1-r2,v 1.3 2004/07/14 23:02:05 agriffis Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ipac-ng/files/ipac-ng.rc.1.27_p1-r2,v 1.4 2004/07/27 08:50:13 eldad Exp $ depend() { need net logger @@ -15,7 +15,7 @@ start() { } stop() { - ## fetch so we dont loose data + ## fetch so we dont lose data /usr/sbin/fetchipac IPT=/sbin/iptables diff --git a/net-analyzer/ipac-ng/files/ipac-ng.rc.1.30 b/net-analyzer/ipac-ng/files/ipac-ng.rc.1.30 new file mode 100644 index 000000000000..47fdb598304f --- /dev/null +++ b/net-analyzer/ipac-ng/files/ipac-ng.rc.1.30 @@ -0,0 +1,42 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ipac-ng/files/ipac-ng.rc.1.30,v 1.1 2004/07/27 08:50:13 eldad Exp $ + +depend() { + need net logger +} + +start() { + ebegin "Setting up ipac-ng iptables chains" + /usr/sbin/fetchipac -S + /usr/sbin/fetchipac + eend $? +} + +stop() { + ## fetch so we dont lose data + /usr/sbin/fetchipac + + IPT=/sbin/iptables + ebegin "Removing ipac-ng iptables settings" + + ${IPT} -D INPUT -s 0/0 -d 0/0 -j ipac~o + ${IPT} -D OUTPUT -s 0/0 -d 0/0 -j ipac~i + ${IPT} -D FORWARD -s 0/0 -d 0/0 -j ipac~fi + ${IPT} -D FORWARD -s 0/0 -d 0/0 -j ipac~fo + + ${IPT} -F ipac~i + ${IPT} -F ipac~o + ${IPT} -F ipac~fi + ${IPT} -F ipac~fo + + ${IPT} -X ipac~i + ${IPT} -X ipac~o + ${IPT} -X ipac~fi + ${IPT} -X ipac~fo + + rm -f /var/run/ipac.rules /var/run/ipac.status + + eend $? +} diff --git a/net-analyzer/ipac-ng/files/ipac.conf.1.30 b/net-analyzer/ipac-ng/files/ipac.conf.1.30 new file mode 100644 index 000000000000..e7d7c591a7a0 --- /dev/null +++ b/net-analyzer/ipac-ng/files/ipac.conf.1.30 @@ -0,0 +1,51 @@ +# This is the main ipac-ng configuration file. It contains the +# configuration directives that give the ipac-ng its instructions. + +## mode of operations: operate only like old ipac or not +## please note: you *should* specify YES, unless you are kaiser13 :) +## note2: you are trying to use 'ugly flawed experimental dangerous mode' +## if you are using 'no', don't set it to no. +classic mode = yes + +## specify access agent. supported are: files, postgre. files works with classic mode only +# did you specify 'no' above? ok, here should be 'files' for you. +access agent = files + +## accouting agent. iptables and ipchains available now. +# (ipchains is not supported in nonclassic mode). does anybody still uses them? +account agent = iptables + +## storage. gdbm, postgre and files supported. (files is not recommended) +# postgre is the best & fastest method now. +storage = gdbm + + +# set the hostname, used to store\fetch\another work with database +# get from hostname() if not specified here +hostname = sibinet + + +## rules file for classic mode +rules file = /etc/ipac-ng/rules.conf + +## login all users at startup (specific only for nonclassic mode) (only those who has enough cash) +# note: forget about this. +#login at start = no + +## support for traffic passing to\from auth host (specific only for nonclassic mode) +## name or ip of the auth host +## disable support if not specified, +# forget about this, too +#auth host = sibinet.com + +# dont store lines contains only zeroes to speedup processing and to save space +drop zero lines = yes + +# This parameters controls database location +# left blank 'db host', 'db port' for local database +# as now, both databasess (access and storage) configured by these parameters +db host = localhost +db name = ipac +db user = root +db port = 5432 +db pass = "" diff --git a/net-analyzer/ipac-ng/files/rules.conf.1.30 b/net-analyzer/ipac-ng/files/rules.conf.1.30 new file mode 100644 index 000000000000..7c4da7de00ac --- /dev/null +++ b/net-analyzer/ipac-ng/files/rules.conf.1.30 @@ -0,0 +1,195 @@ +# Example config file with accounting rules +# Install as /etc/ipac-ng/rules.conf.iptables +# +# Format: +# Name of rule|direction|interface|protocol|source|destination +# WARNING!!!! spaces are not allowed before and after '|'. +# +# where +# Name of rule Any string to identify this rule +# direction ipac~fi - forward in +# ipac~fo - forward out +# ipac~i - outgoing from machine with ipac-ng to other host(/net) +# (or incoming to otherhost) +# ipac~o - incoming to machine with ipac-ng +# (or outgoing from otherhost) +# +# interface interface name, '+' means all interfaces (dont try to use ip numbers here!) +# protocol tcp | udp | icmp | all +# source \ +# destination both as described in ipfwadm(8), or empty +# +# incoming: + + +### +### W A R N I N G ! ! ! +### +### Don't use symbols other than '0-9A-z[space]' in rules names. You may encounter +### some strange troubles. + +# lets demonstrate this by following rules. +# Example 1: +# there are some hosts in our net 192.168.0.0/24 +# our ipac-ng host has two interfaces - eth0 connected to local net +# and eth1 to internet + + +# lets count all traffic incoming to our net + +# forwarded from inet (0/0) to localnet (192.168.0.0/24) +#incoming all to my net|ipac~fi||all||192.168.0.0/24 + +# incoming to localnet from ipac-ng host (specify ipac-ng ip's here, to avoid +# doubling forwarded traffic when using NAT) +#incoming all to my net|ipac~i||all|192.168.0.1|192.168.0.0/24 + + +# same for outgoing: +#outgoing all from my net|ipac~fo||all|192.168.0.0/24| +#outgoing all from my net|ipac~o||all|192.168.0.0/24|192.168.0.1 + + + +# and now we want to know, how much there is traffic to our ipac host from inet +#incoming inet to ipac host|ipac~o|eth1|all|| + +# same for outgoing for this host +#outgoing inet from ipac host|ipac~i|eth1|all|| + +# please note, that chains 'ipac~i' and 'ipac~o' are reversed for the host with ipac + +# wanna count traffic to squid that resides on the host with ipac-ng? here you are :) +#incoming to squid|ipac~o|eth1|all|0/0 80 81 82 83 8080| +# sure, this rule is only valid in the case when you don't eat traffic from these ports +# by hopping on the web from ipac-ng host (maybe you like to use links :) + +# our net is using squid heavily, let's count them all together: +#outgoing from squid to mynet|ipac~i||all|192.168.0.1 squid|192.168.0.0/24 + + +# now lets count traffic for hosts mary (192.168.0.12) and fred (192.168.0.13) + +# incoming: +#incoming all to mary|ipac~fi||all||192.168.0.12 +#incoming all to mary|ipac~i||all|192.168.0.1|192.168.0.12 + +# and outgoing: +#outgoing all from mary|ipac~fo||all|192.168.0.12| +#outgoing all from mary|ipac~o||all|192.168.0.12|192.168.0.1 + + +# same for fred +# incoming: +#incoming all to mary|ipac~fi||all||192.168.0.13 +#incoming all to mary|ipac~i||all|192.168.0.1|192.168.0.13 + +# and outgoing: +#outgoing all from fred|ipac~fo||all|192.168.0.13| +#outgoing all from fred|ipac~o||all|192.168.0.13|192.168.0.1 + + +# we also wants http and ssh traffic statistics + +# http incoming +#incoming http to my net|ipac~fi||all|0/0 http squid 8080|192.168.0.0/24 +#incoming http to my net|ipac~i||all|192.168.0.1 http squid|192.168.0.0/24 +# please note, that the last rule includes rule 'outgoing from squid to mynet' + + +# outgoing: +#outgoing http from my net|ipac~fo||all|192.168.0.0/24|0/0 http squid 8080 +#outgoing http from my net|ipac~o||all|192.168.0.0/24|192.168.0.1 http squid + + +# ssh incoming +#incoming ssh to my net|ipac~fi||all|0/0 ssh|192.168.0.0/24 +#incoming ssh to my net|ipac~i||all|192.168.0.1 ssh|192.168.0.0/24 + +# outgoing: +#outgoing ssh from my net|ipac~fo||all|192.168.0.0/24|0/0 ssh +#outgoing ssh from my net|ipac~o||all|192.168.0.0/24|192.168.0.1 ssh + + +# there is somenet of our friend. we wanna know how much traffic it generates +# note: that net cidrs is contained in CONFIGDIR (/etc/ipac-ng by default) +# 'friendnet' file + +#incoming from somenet to mynet|ipac~fi||all||@/friendnet@in_some_to_my~fi +# first field here ('incoming from somenet to mynet') contains rule name. +# you'll see all statistics under this name +# other fields are same as above but now we are interested in the last one - +# @/frendnet@in_some_to_my~fi +# 'friendnet' represents file with cidr's of that net, one in a line +# 'in_some_to_my' represents chains name that will be created. there is no sense +# for ipac-ng of that name. but it may be usefull for you to give +# "speaking" name to that chain + +# same for outgoing +#outgoing to somenet from mynet|ipac~fo||all|@/friendnet@out_some_to_my~fo| + +# denote absense of rules targetted to 'ipac~i' and 'ipac~o' +# we just don't want to count traffic from\to our ipac-ng host to\from friendnet + +# and now we want to count traffic to our other net 192.168.1.0/24 for every host +# lets separate /24 subnet to some smaller ones to lower latence. /26 for e.g. +#%chain% incoming to othernet0~fi|ipac~fi||all||192.168.1.0/26 +#%chain% incoming to othernet1~fi|ipac~fi||all||192.168.1.64/26 +#%chain% incoming to othernet2~fi|ipac~fi||all||192.168.1.128/26 +#%chain% incoming to othernet3~fi|ipac~fi||all||192.168.1.192/26 + +#%chain% outgoing from othernet0~fo|ipac~fo||all|192.168.1.0/26| +#%chain% outgoing from othernet1~fo|ipac~fo||all|192.168.1.64/26| +#%chain% outgoing from othernet2~fo|ipac~fo||all|192.168.1.128/26| +#%chain% outgoing from othernet3~fo|ipac~fo||all|192.168.1.192/26| + +# and every single host follows +#incoming to 192.168.1.2|incoming to othernet0~fi||all||192.168.1.2 +#incoming to 192.168.1.3|incoming to othernet0~fi||all||192.168.1.3 +#incoming to 192.168.1.4|incoming to othernet0~fi||all||192.168.1.4 +# +# and so on :) +#incoming to 192.168.1.63|incoming to othernet0~fi||all||192.168.1.63 + +# same for outgoing +#outgoing from 192.168.1.2|outgoing from othernet0~fo||all|192.168.1.2| +#outgoing from 192.168.1.3|outgoing from othernet0~fo||all|192.168.1.3| +#outgoing from 192.168.1.4|outgoing from othernet0~fo||all|192.168.1.4| + +# and the last +#outgoing from 192.168.1.63|outgoing from othernet0~fo||all|192.168.1.63| + +# repeat for other chains and hosts + +#incoming to 192.168.1.64|incoming to othernet1~fi||all||192.168.1.64 +#incoming to 192.168.1.65|incoming to othernet1~fi||all||192.168.1.65 +#incoming to 192.168.1.66|incoming to othernet1~fi||all||192.168.1.66 + +# and so on :) +#incoming to 192.168.1.127|incoming to othernet1~fi||all||192.168.1.127 + +# same for outgoing +#outgoing from 192.168.1.64|outgoing from othernet1~fo||all|192.168.1.64| +#outgoing from 192.168.1.65|outgoing from othernet1~fo||all|192.168.1.65| +#outgoing from 192.168.1.66|outgoing from othernet1~fo||all|192.168.1.66| + +# and the last +#outgoing from 192.168.1.127|outgoing from othernet1~fo||all|192.168.1.127| + +# and so on :) + +# please note that chain names must ends with one of: '~i', '~o', '~fi' or '~fo' +# which one is necessary is defined by the parent chain. + + +############################## +#just a simple example +#note that outgoing from this host is ipac~i +#and incoming is ipac~o + +outgoing eth0|ipac~i|eth0|all|| +incoming eth0|ipac~o|eth0|all|| +traffic eth0|ipac~i|eth0|all|| +traffic eth0|ipac~o|eth0|all|| + + diff --git a/net-analyzer/ipac-ng/ipac-ng-1.30.ebuild b/net-analyzer/ipac-ng/ipac-ng-1.30.ebuild index 1b8833d614a0..44dcbbac3e67 100644 --- a/net-analyzer/ipac-ng/ipac-ng-1.30.ebuild +++ b/net-analyzer/ipac-ng/ipac-ng-1.30.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ipac-ng/ipac-ng-1.30.ebuild,v 1.1 2004/07/25 15:00:52 eldad Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ipac-ng/ipac-ng-1.30.ebuild,v 1.2 2004/07/27 08:50:13 eldad Exp $ DESCRIPTION="ip accounting suite for 2.4 and 2.6 series kernels with text and PNG image output like mrtg" HOMEPAGE="http://sourceforge.net/projects/ipac-ng/" @@ -60,7 +60,7 @@ src_install() { exeinto /etc/cron.hourly newexe ${FILESDIR}/ipac-ng.cron.${PVR} ipac-ng - dodoc COPYING README* TODO UPDATE* CHANGES + dodoc README TODO doc/* CHANGELOG } pkg_postinst() { |