rpms/unicornscan/F-12 unicornscan-0.4.7-config.patch, NONE, 1.1 unicornscan-0.4.7-geoip.patch, NONE, 1.1 unicornscan-0.4.7-lib64.patch, NONE, 1.1 unicornscan-README.fedora, NONE, 1.1 unicornscan-web-README.fedora, NONE, 1.1 unicornscan.conf, NONE, 1.1 unicornscan.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
Robert Scheck
robert at fedoraproject.org
Tue Dec 8 08:27:02 UTC 2009
- Previous message (by thread): rpms/unicornscan/F-11 unicornscan-0.4.7-config.patch, NONE, 1.1 unicornscan-0.4.7-geoip.patch, NONE, 1.1 unicornscan-0.4.7-lib64.patch, NONE, 1.1 unicornscan-README.fedora, NONE, 1.1 unicornscan-web-README.fedora, NONE, 1.1 unicornscan.conf, NONE, 1.1 unicornscan.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message (by thread): rpms/unicornscan/devel unicornscan-0.4.7-config.patch, NONE, 1.1 unicornscan-README.fedora, NONE, 1.1 unicornscan-web-README.fedora, NONE, 1.1 unicornscan.conf, NONE, 1.1 unicornscan-0.4.7-lib64.patch, 1.1, 1.2 unicornscan.spec, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: robert
Update of /cvs/pkgs/rpms/unicornscan/F-12
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv9375/F-12
Modified Files:
.cvsignore sources
Added Files:
unicornscan-0.4.7-config.patch unicornscan-0.4.7-geoip.patch
unicornscan-0.4.7-lib64.patch unicornscan-README.fedora
unicornscan-web-README.fedora unicornscan.conf
unicornscan.spec
Log Message:
- Added unicornscan-web subpackage (#538190 #c3, Robert E. Lee)
- Updated the patch for 64 bit support in configure (#538190 #c6)
unicornscan-0.4.7-config.patch:
etc/modules.conf | 9 +--------
www-front-end/config.php | 17 ++++++++++-------
2 files changed, 11 insertions(+), 15 deletions(-)
--- NEW FILE unicornscan-0.4.7-config.patch ---
--- unicornscan-0.4.7/etc/modules.conf 2006-10-18 18:57:05.000000000 +0200
+++ unicornscan-0.4.7/etc/modules.conf.config 2009-12-05 20:34:31.000000000 +0100
@@ -1,16 +1,9 @@
module "pgsqldb" {
- dbconf: "user=scan password=scanit! host=localhost dbname=scan";
+ dbconf: "user=unicornscan password=scanit! host=localhost dbname=unicornscan";
logpacket: "true";
};
-module "mysqldb" {
- username: "scan";
- password: "scanit!";
- hostname: "localhost";
- dbname: "foo";
-};
-
module "osdetect" {
/* Stim TCPFLG TTL DF WS TOS Misc */
/* tcpopts type desc */
--- unicornscan-0.4.7/www-front-end/config.php 2007-11-27 11:23:35.000000000 +0100
+++ unicornscan-0.4.7/www-front-end/config.php.config 2009-12-05 20:35:13.000000000 +0100
@@ -4,16 +4,16 @@
define("config_master_include", 1);
// Web Server location stuff
- $PHPLIB["uri_base"]="http://localhost/unicornscan/"; // http://vhost.domain.tld/something/
+ $PHPLIB["uri_base"]="/unicornscan/"; // http://vhost.domain.tld/something/
- $PHPLIB["filesystem_base"]="/var/www/htdocs/unicornscan/"; // Base directory content is in
- $PHPLIB["filesystem_phplib"]="/var/www/htdocs/unicornscan/lib/"; // Where phplib is
- $PHPLIB["filesystem_temporary"]="/tmp/"; // Where can i write files to?
+ $PHPLIB["filesystem_base"]="/usr/share/unicornscan/"; // Base directory content is in
+ $PHPLIB["filesystem_phplib"]="/usr/share/unicornscan/lib/"; // Where phplib is
+ $PHPLIB["filesystem_temporary"]="/var/lib/unicornscan/web/"; // Where can i write files to?
// DataBase Variables
- $PHPLIB["database_name"]="scan"; // change this for sure , its the database name
- $PHPLIB["database_type"]="pgsql"; // pgsql, mysql, youll need the right class though
- $PHPLIB["database_username"]="scan";
+ $PHPLIB["database_name"]="unicornscan"; // change this for sure , its the database name
+ $PHPLIB["database_type"]="pgsql"; // and something else isn't supported right now
+ $PHPLIB["database_username"]="unicornscan";
$PHPLIB["database_password"]="scanit!";
$PHPLIB["database_host"]="127.0.0.1";
$PHPLIB["database_db"]["default"]="";
@@ -24,6 +24,9 @@
// formclass2.php stuff
$PHPLIB["formclass_warnimage"]="exl.gif"; // warning image for invalid forms
+ // No PHP error reporting
+ error_reporting(0);
+
} // Double Inclusion detection
require("./lib/connect_todb.php");
unicornscan-0.4.7-geoip.patch:
report.c | 15 ++++++++++++---
1 file changed, 12 insertions(+), 3 deletions(-)
--- NEW FILE unicornscan-0.4.7-geoip.patch ---
Patch by Robert Scheck <robert at fedoraproject.org> for unicornscan >= 0.4.7, which adds the
standard location of GeoIP data at Fedora in front of the original opening try. Unicornscan
upstream is expecting /etc/unicornscan/GeoIP.dat instead of /usr/share/GeoIP/GeoIP.dat by
default. This patch is looking for the existence of /usr/share/GeoIP/GeoIP.dat, otherwise
/etc/unicornscan/GeoIP.dat will be used to not break the standards from upstream, if patch
gets applied for a future unicornscan release.
--- unicornscan-0.4.7/src/scan_progs/report.c 2006-10-18 18:57:05.000000000 +0200
+++ unicornscan-0.4.7/src/scan_progs/report.c.geoip 2009-11-17 13:16:04.000000000 +0100
@@ -68,9 +68,18 @@
report_t=rbinit(123);
#ifdef HAVE_LIBGEOIP
- gi=GeoIP_open(CONF_DIR "/GeoIP.dat", GEOIP_MEMORY_CACHE);
- if (gi == NULL) {
- ERR("error opening geoip database `%s/%s': %s", CONF_DIR, "/GeoIP.dat", strerror(errno));
+
+ if (access("/usr/share/GeoIP/GeoIP.dat", F_OK) == 0) {
+ gi=GeoIP_open("/usr/share/GeoIP/GeoIP.dat", GEOIP_MEMORY_CACHE);
+ if (gi == NULL) {
+ ERR("error opening geoip standard database `/usr/share/GeoIP/GeoIP.dat': %s", strerror(errno));
+ }
+ }
+ else {
+ gi=GeoIP_open(CONF_DIR "/GeoIP.dat", GEOIP_MEMORY_CACHE);
+ if (gi == NULL) {
+ ERR("error opening geoip database `%s/%s': %s", CONF_DIR, "/GeoIP.dat", strerror(errno));
+ }
}
#endif
unicornscan-0.4.7-lib64.patch:
configure | 4 ++--
configure.ac | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
--- NEW FILE unicornscan-0.4.7-lib64.patch ---
Patch by Robert Scheck <robert at fedoraproject.org> for unicornscan >= 0.4.7, which
adds support for x86_64, ppc64 or other 64 bit architectures using /usr/lib64 for
their libraries. Having lib64 in front of lib is mandatory, as 64 bit systems are
likely to run with multi-lib, that means 32 bit libraries are parallel in use. If
you apply this patch, don't run autoconf > 2.6.3, as it will break, because whole
autotools stuff from upstream is unfortunately a bit broken.
--- unicornscan-0.4.7/configure.ac 2007-11-29 15:51:20.000000000 +0100
+++ unicornscan-0.4.7/configure.ac.lib64 2009-11-16 23:32:27.000000000 +0100
@@ -269,7 +269,7 @@
AC_MSG_RESULT(no)
fi
else
- for i in lib lib/mysql; do
+ for i in lib64 lib lib64/mysql lib/mysql; do
str="$MYSQL_DIR/$i/libmysqlclient.*"
for j in `echo $str`; do
if test -r $j; then
@@ -331,7 +331,7 @@
AC_MSG_RESULT(no)
fi
else
- for i in lib lib/postgresql; do
+ for i in lib64 lib lib64/postgresql lib/postgresql; do
str="$PGSQL_DIR/$i/libpq.*"
for j in `echo $str`; do
if test -r $j; then
--- unicornscan-0.4.7/configure 2007-12-18 16:26:12.000000000 +0100
+++ unicornscan-0.4.7/configure.lib64 2009-12-05 12:04:32.000000000 +0100
@@ -26275,7 +26275,7 @@
echo "${ECHO_T}no" >&6; }
fi
else
- for i in lib lib/mysql; do
+ for i in lib64 lib lib64/mysql lib/mysql; do
str="$MYSQL_DIR/$i/libmysqlclient.*"
for j in `echo $str`; do
if test -r $j; then
@@ -26438,7 +26438,7 @@
echo "${ECHO_T}no" >&6; }
fi
else
- for i in lib lib/postgresql; do
+ for i in lib64 lib lib64/postgresql lib/postgresql; do
str="$PGSQL_DIR/$i/libpq.*"
for j in `echo $str`; do
if test -r $j; then
--- NEW FILE unicornscan-README.fedora ---
Unicornscan and PostgreSQL
--------------------------
1. The PostgreSQL service has to be up and running. Depending on the exact
version of Fedora or Red Hat Enterprise Linux, on the first PostgreSQL
startup, a "service postgresql initdb" is maybe required for initializing.
[root at tux ~]# service postgresql start
Starting postgresql service: [ OK ]
[root at tux ~]#
2. Switch to the PostgreSQL user.
[root at tux ~]# su - postgres
-bash-4.0$
3. Create an own PostgreSQL database user for unicornscan. Don't forget to set
a password, e.g. "scanit!" as it is used in all examples.
-bash-4.0$ createuser --no-superuser --no-createrole --no-createdb --pwprompt unicornscan
Enter password for new role:
Enter it again:
-bash-4.0$
4. Create an own PostgreSQL database for unicornscan linked with the previous
generated database user for unicornscan.
-bash-4.0$ createdb --owner unicornscan unicornscan
-bash-4.0$
5. Switch back to the root user.
-bash-4.0$ exit
exit
[root at tux ~]#
6. Edit PostgreSQL client authentication file /var/lib/pgsql/data/pg_hba.conf
file with a text editor, insert the following lines before the other already
existing rules.
# TYPE DATABASE USER CIDR-ADDRESS METHOD
local unicornscan unicornscan md5
host unicornscan unicornscan 127.0.0.1/32 md5
host unicornscan unicornscan ::1/128 md5
7. Edit PostgreSQL server configuration in /var/lib/pgsql/data/postgresql.conf
and set the configuration variable as follows:
escape_string_warning = off
8. Restart the PostgreSQL service to enable the previous performed changes.
[root at tux ~]# service postgresql restart
Stopping postgresql service: [ OK ]
Starting postgresql service: [ OK ]
[root at tux ~]#
9. Create the required tables for unicornscan inside of PostgreSQL database,
there will be some error messages displayed after entering the password for
psql. These error messages are normal and expected, because the SQL dump
contains a SQL DROP of all tables before the SQL CREATE is performed.
[root at tux ~]# psql --username unicornscan --password unicornscan < /usr/share/doc/unicornscan-0.*/pgsql_schema.sql
Password for user unicornscan:
[...]
[root at tux ~]#
10. Edit the unicornscan configuration file /etc/unicornscan/modules.conf and
check or correct the PostgreSQL database connection settings.
module "pgsqldb" {
dbconf: "user=unicornscan password=scanit! host=localhost dbname=unicornscan";
logpacket: "true";
};
11. Perform a small sample scan and write the output to PostgreSQL database.
[root at tux ~]# unicornscan www.google.com -e pgsqldb
TCP open http[ 80] from 209.85.129.104 ttl 52
TCP open https[ 443] from 209.85.129.104 ttl 52
[root at tux ~]#
--- NEW FILE unicornscan-web-README.fedora ---
Unicornscan and PostgreSQL
--------------------------
1. Follow the /usr/share/doc/unicornscan-0.*/README.fedora file, so that the
PostgreSQL service is up and running already.
2. Start (or restart) the Apache HTTP webserver, to ensure that configuration
file for Apache gets active.
[root at tux ~]# service httpd start
Starting httpd: [ OK ]
[root at tux ~]#
3. Create the required tables for unicornscan inside of PostgreSQL database,
there will be some error messages displayed after entering the password for
psql. These error messages are normal and expected, because the SQL dump
contains a SQL DROP of all tables before the SQL CREATE is performed.
[root at tux ~]# psql --username unicornscan --password unicornscan < /usr/share/doc/unicornscan-web-0.*/session.sql
Password for user unicornscan:
[...]
[root at tux ~]#
4. If you've got SELinux enabled, make sure, that SELinux allows Apache/PHP to
connect to the PostgreSQL database. If you don't have SELinux enabled, just
skip this step.
setsebool -P httpd_can_network_connect_db=1
5. Edit the unicornscan configuration file /etc/unicornscan/web.php and check
or correct the PostgreSQL database connection settings.
$PHPLIB["database_name"]="unicornscan";
$PHPLIB["database_username"]="unicornscan";
$PHPLIB["database_password"]="scanit!";
$PHPLIB["database_host"]="127.0.0.1";
6. Perform a small sample scan and write the output to PostgreSQL database.
[root at tux ~]# unicornscan www.google.com -e pgsqldb
TCP open http[ 80] from 209.85.129.104 ttl 52
TCP open https[ 443] from 209.85.129.104 ttl 52
[root at tux ~]#
7. Open a webbrowser and switch to: http://localhost/unicornscan/
--- NEW FILE unicornscan.conf ---
#
# Scalable, accurate, flexible and efficient network probing
#
Alias /unicornscan /usr/share/unicornscan
--- NEW FILE unicornscan.spec ---
Summary: Scalable, accurate, flexible and efficient network probing
Name: unicornscan
Version: 0.4.7
Release: 2%{?dist}
License: GPLv2+
Group: Applications/Internet
URL: http://www.unicornscan.org/
Source0: http://www.unicornscan.org/releases/%{name}-%{version}-2.tar.bz2
Source1: unicornscan.conf
Source2: unicornscan-README.fedora
Source3: unicornscan-web-README.fedora
Patch0: unicornscan-0.4.7-lib64.patch
Patch1: unicornscan-0.4.7-geoip.patch
Patch2: unicornscan-0.4.7-config.patch
Requires(pre): shadow-utils
BuildRequires: flex, bison, %{_includedir}/pcap.h, %{_includedir}/ltdl.h
BuildRequires: libdnet-devel, GeoIP-devel, postgresql-devel
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
%description
Unicornscan is an attempt at a user-land distributed TCP/IP stack. It is
intended to provide a researcher a superior interface for introducing a
stimulus into and measuring a response from a TCP/IP enabled device or
network. Although it currently has hundreds of individual features, a main
set of abilities include: Asynchronous stateless TCP scanning with all
variations of TCP flags, asynchronous stateless TCP banner grabbing,
asynchronous protocol specific UDP scanning (sending enough of a signature
to elicit a response), active and passive remote OS, application and
component identification by analyzing responses, PCAP file logging and
filtering, relational database output, custom module support, customized
data-set views.
%package web
Summary: Web-based front-end for unicornscan database results
Group: Applications/Internet
Requires: %{name} = %{version}-%{release}, php-pgsql, httpd
%if 0%{?fedora}%{?rhel} >= 6
BuildArch: noarch
%endif
%description web
Unicornscan provides support to write results into a database. And with the
web-based front-end for unicornscan, which is written in PHP, these results
can be easily interpreted and visualized.
%prep
%setup -q
%patch0 -p1 -b .lib64
%patch1 -p1 -b .geoip
%patch2 -p1 -b .config
cp -pf %{SOURCE2} README.fedora
cp -pf %{SOURCE3} www-front-end/README.fedora
%build
# - _GNU_SOURCE is required for "ucred" from <bits/socket.h> via <sys/socket.h>
# - Use classical non-SELinux permission schema once SELinux Reference Policy is
# including unicornscan support directly, maybe with Fedora 13 and/or RHEL 6
# - MySQL support is only available in ./configure as inside broken and disabled
export CFLAGS="$RPM_OPT_FLAGS -D_GNU_SOURCE"
%configure --localstatedir=%{_localstatedir}/lib --with-pgsql --with-listen-user=%{name}
make %{?_smp_mflags}
%install
rm -rf $RPM_BUILD_ROOT
make DESTDIR=$RPM_BUILD_ROOT INSTALL="install -p" install
# Remove the static library files
rm -f $RPM_BUILD_ROOT%{_libdir}/%{name}/modules/*.a
# Correct permissions and timestamps
chmod 644 $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/*
touch -c -r etc/modules.conf.config $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/modules.conf
# Install web files into destination
cp -af www-front-end $RPM_BUILD_ROOT%{_datadir}/%{name}/
rm -rf $RPM_BUILD_ROOT%{_datadir}/%{name}/attic
rm -f $RPM_BUILD_ROOT%{_datadir}/%{name}/{config.php.config,README.fedora,TODO}
rm -f $RPM_BUILD_ROOT%{_datadir}/%{name}/lib/{session.sql,.htaccess}
# Move configuration file to its place
mv -f $RPM_BUILD_ROOT%{_datadir}/%{name}/config.php $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/web.php
touch -c -r www-front-end/config.php.config $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/web.php
ln -sf ../../..%{_sysconfdir}/%{name}/web.php $RPM_BUILD_ROOT%{_datadir}/%{name}/config.php
# Install the apache configuration file
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/
install -p -m 644 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/%{name}.conf
# Create temporary directory for packaging
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lib/%{name}/web/
%pre
getent group %{name} > /dev/null || %{_sbindir}/groupadd -r %{name}
getent passwd %{name} > /dev/null || %{_sbindir}/useradd -r -g %{name} -d %{_localstatedir}/lib/%{name} -s /sbin/nologin -c "Unicornscan User" %{name}
exit 0
%clean
rm -rf $RPM_BUILD_ROOT
%files
%defattr(-,root,root,-)
%doc AUTHORS LICENSE README README.database README.fedora README.security
%doc THANKS TODO UDP_PAYLOADS_NEEDED docs/Unicornscan-Getting_Started.pdf
%doc src/output_modules/database/sql/pgsql_schema.sql src/parse/example_confs
%dir %{_sysconfdir}/%{name}
%config(noreplace) %attr(0640,%{name},%{name}) %{_sysconfdir}/%{name}/modules.conf
%config(noreplace) %{_sysconfdir}/%{name}/oui.txt
%config(noreplace) %{_sysconfdir}/%{name}/payloads.conf
%config(noreplace) %{_sysconfdir}/%{name}/ports.txt
%config(noreplace) %{_sysconfdir}/%{name}/unicorn.conf
%{_bindir}/fantaip
%{_bindir}/unibrow
%{_bindir}/unicfgtst
%{_bindir}/%{name}
%{_bindir}/us
%dir %{_libdir}/%{name}
%dir %{_libdir}/%{name}/modules
# *.la files are referenced by the shared objects and required
%{_libdir}/%{name}/modules/httpexp.la
%{_libdir}/%{name}/modules/httpexp.so
%{_libdir}/%{name}/modules/http.la
%{_libdir}/%{name}/modules/http.so
%{_libdir}/%{name}/modules/ntalk.la
%{_libdir}/%{name}/modules/ntalk.so
%{_libdir}/%{name}/modules/osdetect.la
%{_libdir}/%{name}/modules/osdetect.so
%{_libdir}/%{name}/modules/pgsqldb.la
%{_libdir}/%{name}/modules/pgsqldb.so
%{_libdir}/%{name}/modules/rdns.la
%{_libdir}/%{name}/modules/rdns.so
%{_libdir}/%{name}/modules/sip.la
%{_libdir}/%{name}/modules/sip.so
%{_libdir}/%{name}/modules/upnp.la
%{_libdir}/%{name}/modules/upnp.so
%dir %{_libexecdir}/%{name}
%{_libexecdir}/%{name}/unilisten
%{_libexecdir}/%{name}/unisend
%{_mandir}/man1/%{name}.1*
%dir %{_localstatedir}/lib/%{name}
%files web
%defattr(-,root,root,-)
%doc www-front-end/README.fedora www-front-end/lib/session.sql
%config(noreplace) %{_sysconfdir}/httpd/conf.d/%{name}.conf
%config(noreplace) %attr(640,apache,apache) %{_sysconfdir}/%{name}/web.php
%{_datadir}/%{name}
%attr(-,apache,apache) %dir %{_localstatedir}/lib/%{name}/web
%changelog
* Sat Dec 05 2009 Robert Scheck <robert at fedoraproject.org> 0.4.7-2
- Added unicornscan-web subpackage (#538190 #c3, Robert E. Lee)
- Updated the patch for 64 bit support in configure (#538190 #c6)
* Tue Nov 17 2009 Robert Scheck <robert at fedoraproject.org> 0.4.7-1
- Upgrade to 0.4.7
- Initial spec file for Fedora and Red Hat Enterprise Linux (spec
file is based on a try by Robert E. Lee and Manuel Wolfshant)
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/unicornscan/F-12/.cvsignore,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -p -r1.1 -r1.2
--- .cvsignore 6 Dec 2009 23:27:24 -0000 1.1
+++ .cvsignore 8 Dec 2009 08:27:02 -0000 1.2
@@ -0,0 +1 @@
+unicornscan-0.4.7-2.tar.bz2
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/unicornscan/F-12/sources,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -p -r1.1 -r1.2
--- sources 6 Dec 2009 23:27:25 -0000 1.1
+++ sources 8 Dec 2009 08:27:02 -0000 1.2
@@ -0,0 +1 @@
+4c5f272eb38c333c0094c32317edf758 unicornscan-0.4.7-2.tar.bz2
- Previous message (by thread): rpms/unicornscan/F-11 unicornscan-0.4.7-config.patch, NONE, 1.1 unicornscan-0.4.7-geoip.patch, NONE, 1.1 unicornscan-0.4.7-lib64.patch, NONE, 1.1 unicornscan-README.fedora, NONE, 1.1 unicornscan-web-README.fedora, NONE, 1.1 unicornscan.conf, NONE, 1.1 unicornscan.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message (by thread): rpms/unicornscan/devel unicornscan-0.4.7-config.patch, NONE, 1.1 unicornscan-README.fedora, NONE, 1.1 unicornscan-web-README.fedora, NONE, 1.1 unicornscan.conf, NONE, 1.1 unicornscan-0.4.7-lib64.patch, 1.1, 1.2 unicornscan.spec, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list