diff options
Diffstat (limited to 'openwrt/package/osiris/patches/mod_if.patch')
-rw-r--r-- | openwrt/package/osiris/patches/mod_if.patch | 392 |
1 files changed, 0 insertions, 392 deletions
diff --git a/openwrt/package/osiris/patches/mod_if.patch b/openwrt/package/osiris/patches/mod_if.patch deleted file mode 100644 index 6d18010de..000000000 --- a/openwrt/package/osiris/patches/mod_if.patch +++ /dev/null @@ -1,392 +0,0 @@ -Description: The mod_if module monitors various aspects of network - interfaces for change, including IP, Hardware Address, - broadcast, MTU, metric, and promiscuous mode. -Version: 0.2 - -diff -ruN osiris-4.1.9-old/src/osirisd/modules/mod_if/Makefile osiris-4.1.9-new/src/osirisd/modules/mod_if/Makefile ---- osiris-4.1.9-old/src/osirisd/modules/mod_if/Makefile 1970-01-01 01:00:00.000000000 +0100 -+++ osiris-4.1.9-new/src/osirisd/modules/mod_if/Makefile 2005-10-07 02:19:17.000000000 +0200 -@@ -0,0 +1,16 @@ -+ -+include ../Makefile -+ -+SRCS=mod_if.c -+OBJS=$(SRCS:.c=.o) -+ -+module: ${SRCS} ${OBJS} -+ -+INCS=-I../.. -I../../../libosiris -I../../../libfileapi -I../../../.. -+ -+# meta-rule for compiling any "C" source file. -+$(OBJS): $(SRCS) -+ $(CC) $(DEFS) $(DEFAULT_INCLUDES) ${INCLUDES} ${INCS} $(AM_CPPFLAGS) \ -+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c $(SRCS) -+ cp $@ .. -+ -diff -ruN osiris-4.1.9-old/src/osirisd/modules/mod_if/README osiris-4.1.9-new/src/osirisd/modules/mod_if/README ---- osiris-4.1.9-old/src/osirisd/modules/mod_if/README 1970-01-01 01:00:00.000000000 +0100 -+++ osiris-4.1.9-new/src/osirisd/modules/mod_if/README 2005-10-07 02:19:17.000000000 +0200 -@@ -0,0 +1,42 @@ -+ -+Module: mod_if -+Author: Brian Wotring (brian@hostintegrity.com) -+ -+ -+ -+DESCRIPTION: -+ -+The mod_if module is designed originally to monitor the promisc flag -+on network interfaces, but quickly turned into being able to monitor -+various aspects of network interfaces including hardware address, -+IP address, broadcast, MTU, and metric. -+ -+This module is somewhat different in that each record is an element -+about a network interface as opposed to one record per interface. This -+will make it easier to add more elements to be monitored, easier to -+filter, and easier to understand alerts. -+ -+USE: -+ -+To use this module, all that is needed is to include it in the Modules -+block of a scan configuration, e.g.: -+ -+ <Modules> -+ ... -+ Include mod_if -+ ... -+ </Modules> -+ -+ -+PARAMETERS: -+ -+There are no parameters for this module. -+ -+PLATFORMS: -+ -+Currently, this module is only implemented for Linux. -+ -+NOTES: -+ -+ -+ -diff -ruN osiris-4.1.9-old/src/osirisd/modules/mod_if/mod_if.c osiris-4.1.9-new/src/osirisd/modules/mod_if/mod_if.c ---- osiris-4.1.9-old/src/osirisd/modules/mod_if/mod_if.c 1970-01-01 01:00:00.000000000 +0100 -+++ osiris-4.1.9-new/src/osirisd/modules/mod_if/mod_if.c 2005-10-07 02:19:17.000000000 +0200 -@@ -0,0 +1,317 @@ -+
-+/******************************************************************************
-+**
-+** Copyright (C) 2005 Brian Wotring.
-+**
-+** This program is free software; you can redistribute it and/or
-+** modify it, however, you cannot sell it.
-+**
-+** This program is distributed in the hope that it will be useful,
-+** but WITHOUT ANY WARRANTY; without even the implied warranty of
-+** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
-+**
-+** You should have received a copy of the license attached to the
-+** use of this software. If not, view a current copy of the license
-+** file here:
-+**
-+** http://www.hostintegrity.com/osiris/LICENSE
-+**
-+******************************************************************************/
-+
-+/*****************************************************************************
-+**
-+** File: mod_if.c
-+** Date: September 23, 2005
-+**
-+** Author: Brian Wotring
-+** Purpose: platform specific methods for monitoring network devices.
-+**
-+******************************************************************************/
-+
-+
-+/* CODE USED IN THIS MODULE WAS ORIGINALLY TAKEN FROM:
-+*
-+* http://mail.nl.linux.org/kernelnewbies/2003-05/msg00090.html
-+*/
-+
-+static const char *MODULE_NAME = "mod_if";
-+
-+
-+#ifndef WIN32
-+#include "config.h"
-+#endif
-+
-+#include <stdio.h>
-+#include <stdlib.h>
-+
-+#ifndef WIN32
-+#include <unistd.h>
-+#include <string.h>
-+#include <errno.h>
-+
-+#include <sys/socket.h>
-+#include <sys/types.h>
-+#include <net/if.h>
-+#endif
-+
-+#include <sys/ioctl.h>
-+#include <net/if_arp.h>
-+#include <arpa/inet.h>
-+
-+
-+#include "libosiris.h"
-+#include "libfileapi.h"
-+#include "rootpriv.h"
-+#include "common.h"
-+#include "version.h"
-+
-+#include "scanner.h"
-+#include "logging.h"
-+
-+
-+#define inaddrr(x) (*(struct in_addr *) &ifr->x[sizeof sa.sin_port])
-+#define IFRSIZE ((int)(size * sizeof (struct ifreq)))
-+
-+void process_if_unix( SCANNER *scanner )
-+{
-+ unsigned char*u;
-+ int sockfd, size = 1;
-+ struct ifreq *ifr;
-+ struct ifconf ifc;
-+ struct sockaddr_in sa;
-+
-+ SCAN_RECORD_TEXT_1 record;
-+
-+ /* Make sure we are able to create sockets */
-+
-+ if ( (sockfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_IP)) < 0 )
-+ {
-+ log_error( "mod_if unable to create socket!" );
-+ return;
-+ }
-+
-+ ifc.ifc_len = IFRSIZE;
-+ ifc.ifc_req = NULL;
-+
-+ do
-+ {
-+ ++size;
-+
-+ /* realloc buffer size until no overflow occurs */
-+
-+ if ((ifc.ifc_req = realloc(ifc.ifc_req, IFRSIZE)) == NULL )
-+ {
-+ log_error( "out of memory!!!" );
-+ return;
-+ }
-+
-+ ifc.ifc_len = IFRSIZE;
-+
-+ if (ioctl(sockfd, SIOCGIFCONF, &ifc))
-+ {
-+ log_error("ioctl failure: SIOCFIFCONF");
-+ return;
-+ }
-+
-+ } while (IFRSIZE <= ifc.ifc_len);
-+
-+ ifr = ifc.ifc_req;
-+
-+ for (;(char *) ifr < (char *) ifc.ifc_req + ifc.ifc_len; ++ifr)
-+ {
-+ if (ifr->ifr_addr.sa_data == (ifr+1)->ifr_addr.sa_data)
-+ {
-+ continue; /* duplicate, skip it */
-+ }
-+
-+ if (ioctl(sockfd, SIOCGIFFLAGS, ifr))
-+ {
-+ continue; /* failed to get flags, skip it */
-+ }
-+
-+ initialize_scan_record( (SCAN_RECORD *)&record,
-+ SCAN_RECORD_TYPE_TEXT_1 );
-+
-+ osi_strlcpy( record.module_name, MODULE_NAME,
-+ sizeof( record.module_name ) );
-+
-+ osi_snprintf( record.name, sizeof( record.name ),
-+ "if:%s:IP", ifr->ifr_name );
-+
-+ osi_snprintf( record.data, sizeof( record.data ),
-+ "%s", inet_ntoa(inaddrr(ifr_addr.sa_data)));
-+
-+ send_scan_data( scanner, (SCAN_RECORD *)&record );
-+
-+ /*
-+ * This won't work on HP-UX 10.20 as there's no SIOCGIFHWADDR ioctl. You'll
-+ * need to use DLPI or the NETSTAT ioctl on /dev/lan0, etc (and you'll need
-+ * to be root to use the NETSTAT ioctl. Also this is deprecated and doesn't
-+ * work on 11.00).
-+ *
-+ * On Digital Unix you can use the SIOCRPHYSADDR ioctl according to an old
-+ * utility I have. Also on SGI I think you need to use a raw socket, e.g. s
-+ * = socket(PF_RAW, SOCK_RAW, RAWPROTO_SNOOP)
-+ *
-+ * Dave
-+ *
-+ * From: David Peter <dave.peter@eu.citrix.com>
-+ **/
-+
-+ if ( ioctl(sockfd, SIOCGIFHWADDR, ifr) == 0 )
-+ {
-+ /* Select which hardware types to process.
-+ **
-+ ** See list in system include file included from
-+ ** /usr/include/net/if_arp.h (For example, on
-+ ** Linux see file /usr/include/linux/if_arp.h to
-+ ** get the list.)
-+ **/
-+
-+ switch (ifr->ifr_hwaddr.sa_family)
-+ {
-+ default:
-+ continue;
-+
-+ case ARPHRD_NETROM:
-+ case ARPHRD_ETHER:
-+ case ARPHRD_PPP:
-+ case ARPHRD_EETHER:
-+ case ARPHRD_IEEE802:
-+ break;
-+ }
-+
-+ u = (unsigned char *) &ifr->ifr_addr.sa_data;
-+
-+ /* send record for MAC for this interface */
-+
-+ if (u[0] + u[1] + u[2] + u[3] + u[4] + u[5])
-+ {
-+ initialize_scan_record( (SCAN_RECORD *)&record,
-+ SCAN_RECORD_TYPE_TEXT_1 );
-+
-+ osi_strlcpy( record.module_name, MODULE_NAME,
-+ sizeof( record.module_name ) );
-+
-+ osi_snprintf( record.name, sizeof( record.name ),
-+ "if:%s:MAC", ifr->ifr_name );
-+
-+ osi_snprintf( record.data, sizeof( record.data ),
-+ "%2.2x.%2.2x.%2.2x.%2.2x.%2.2x.%2.2x",
-+ u[0], u[1], u[2], u[3], u[4], u[5]);
-+
-+ send_scan_data( scanner, (SCAN_RECORD *)&record );
-+ }
-+ }
-+
-+ if ( ioctl(sockfd, SIOCGIFNETMASK, ifr) == 0 &&
-+ strcmp("255.255.255.255", inet_ntoa(inaddrr(ifr_addr.sa_data))))
-+ {
-+ initialize_scan_record( (SCAN_RECORD *)&record,
-+ SCAN_RECORD_TYPE_TEXT_1 );
-+
-+ osi_strlcpy( record.module_name, MODULE_NAME,
-+ sizeof( record.module_name ) );
-+
-+ osi_snprintf( record.name, sizeof( record.name ),
-+ "if:%s:NETMASK", ifr->ifr_name );
-+
-+ osi_snprintf( record.data, sizeof( record.data ),
-+ "%s", inet_ntoa(inaddrr(ifr_addr.sa_data)));
-+
-+ send_scan_data( scanner, (SCAN_RECORD *)&record );
-+ }
-+
-+ if (ifr->ifr_flags & IFF_BROADCAST)
-+ {
-+ if ( ioctl(sockfd, SIOCGIFBRDADDR, ifr) == 0 &&
-+ strcmp("0.0.0.0", inet_ntoa(inaddrr(ifr_addr.sa_data))))
-+ {
-+
-+ initialize_scan_record( (SCAN_RECORD *)&record,
-+ SCAN_RECORD_TYPE_TEXT_1 );
-+
-+ osi_strlcpy( record.module_name, MODULE_NAME,
-+ sizeof( record.module_name ) );
-+
-+ osi_snprintf( record.name, sizeof( record.name ),
-+ "if:%s:BROADCAST", ifr->ifr_name );
-+
-+ osi_snprintf( record.data, sizeof( record.data ),
-+ "%s",inet_ntoa(inaddrr(ifr_addr.sa_data)));
-+
-+ send_scan_data( scanner, (SCAN_RECORD *)&record );
-+ }
-+ }
-+
-+ /* Added by David Vasil to check for Promiscuous mode */
-+
-+ initialize_scan_record( (SCAN_RECORD *)&record,
-+ SCAN_RECORD_TYPE_TEXT_1 );
-+
-+ osi_strlcpy( record.module_name, MODULE_NAME,
-+ sizeof( record.module_name ) );
-+
-+
-+ osi_snprintf( record.name, sizeof( record.name ),
-+ "if:%s:PROMISC", ifr->ifr_name );
-+
-+ if ( ioctl(sockfd, SIOCGIFFLAGS, ifr) == 0 &&
-+ ifr->ifr_flags & IFF_PROMISC)
-+ {
-+ osi_strlcpy( record.data, "ENABLED", sizeof( record.data ) );
-+ }
-+
-+ else
-+ {
-+ osi_strlcpy( record.data, "DISABLED", sizeof( record.data ) );
-+ }
-+
-+ send_scan_data( scanner, (SCAN_RECORD *)&record );
-+
-+
-+ if ( ioctl(sockfd, SIOCGIFMTU, ifr) == 0 )
-+ {
-+ initialize_scan_record( (SCAN_RECORD *)&record,
-+ SCAN_RECORD_TYPE_TEXT_1 );
-+
-+ osi_strlcpy( record.module_name, MODULE_NAME,
-+ sizeof( record.module_name ) );
-+
-+ osi_snprintf( record.name, sizeof( record.name ),
-+ "if:%s:MTU", ifr->ifr_name );
-+
-+ osi_snprintf( record.data, sizeof( record.data ),
-+ "%u", ifr->ifr_mtu );
-+
-+ send_scan_data( scanner, (SCAN_RECORD *)&record );
-+ }
-+
-+ if ( ioctl(sockfd, SIOCGIFMETRIC, ifr) == 0 )
-+ {
-+ initialize_scan_record( (SCAN_RECORD *)&record,
-+ SCAN_RECORD_TYPE_TEXT_1 );
-+
-+ osi_strlcpy( record.module_name, MODULE_NAME,
-+ sizeof( record.module_name ) );
-+
-+ osi_snprintf( record.name, sizeof( record.name ),
-+ "if:%s:METRIC", ifr->ifr_name );
-+
-+ osi_snprintf( record.data, sizeof( record.data ),
-+ "%u", ifr->ifr_metric );
-+
-+ send_scan_data( scanner, (SCAN_RECORD *)&record );
-+ }
-+ }
-+
-+ close(sockfd);
-+}
-+
-+void mod_if( SCANNER *scanner )
-+{
-+#if defined(SYSTEM_LINUX)
-+ process_if_unix( scanner );
-+#endif
-+
-+}
|