From patchwork Tue Jul 29 14:34:28 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Tremer X-Patchwork-Id: 8958 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4bryXq3Fzdz3wb0 for ; Tue, 29 Jul 2025 14:34:35 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "E6" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4bryXp0Yq5z6FY for ; Tue, 29 Jul 2025 14:34:34 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4bryXn6x4hz2ywH for ; Tue, 29 Jul 2025 14:34:33 +0000 (UTC) X-Original-To: development@lists.ipfire.org Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4bryXk6yPBz2xXb for ; Tue, 29 Jul 2025 14:34:30 +0000 (UTC) Received: from michael.haj.ipfire.org (michael.haj.ipfire.org [172.28.1.242]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "michael.haj.ipfire.org", Issuer "E5" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4bryXj6c1ZznL; Tue, 29 Jul 2025 14:34:29 +0000 (UTC) Received: by michael.haj.ipfire.org (Postfix, from userid 0) id 4bryXj55Y1zTgjc; Tue, 29 Jul 2025 14:34:29 +0000 (UTC) From: Michael Tremer To: development@lists.ipfire.org Cc: Michael Tremer Subject: [PATCH] arpwatch: New package Date: Tue, 29 Jul 2025 14:34:28 +0000 Message-ID: <20250729143428.1330959-1-michael.tremer@ipfire.org> X-Mailer: git-send-email 2.47.2 Precedence: list List-Id: List-Subscribe: , List-Unsubscribe: , List-Post: List-Help: Sender: Mail-Followup-To: MIME-Version: 1.0 This allows to receive an email notification if a new host is detected on a network. Signed-off-by: Michael Tremer --- config/backup/includes/arpwatch | 2 + config/rootfiles/packages/arpwatch | 5 + lfs/arpwatch | 116 ++++++++++++++++++ make.sh | 1 + src/initscripts/packages/arpwatch | 81 ++++++++++++ src/paks/arpwatch/install.sh | 33 +++++ src/paks/arpwatch/uninstall.sh | 28 +++++ src/paks/arpwatch/update.sh | 27 ++++ .../arpwatch/53_stop-using-_getshort.patch | 25 ++++ 9 files changed, 318 insertions(+) create mode 100644 config/backup/includes/arpwatch create mode 100644 config/rootfiles/packages/arpwatch create mode 100644 lfs/arpwatch create mode 100644 src/initscripts/packages/arpwatch create mode 100644 src/paks/arpwatch/install.sh create mode 100644 src/paks/arpwatch/uninstall.sh create mode 100644 src/paks/arpwatch/update.sh create mode 100644 src/patches/arpwatch/53_stop-using-_getshort.patch diff --git a/config/backup/includes/arpwatch b/config/backup/includes/arpwatch new file mode 100644 index 000000000..331647530 --- /dev/null +++ b/config/backup/includes/arpwatch @@ -0,0 +1,2 @@ +/etc/sysconfig/arpwatch +/var/lib/arpwatch diff --git a/config/rootfiles/packages/arpwatch b/config/rootfiles/packages/arpwatch new file mode 100644 index 000000000..d173da269 --- /dev/null +++ b/config/rootfiles/packages/arpwatch @@ -0,0 +1,5 @@ +etc/rc.d/init.d/arpwatch +usr/sbin/arpsnmp +usr/sbin/arpwatch +#var/lib/arpwatch +var/lib/arpwatch/ethercodes.dat diff --git a/lfs/arpwatch b/lfs/arpwatch new file mode 100644 index 000000000..0ccfa66a2 --- /dev/null +++ b/lfs/arpwatch @@ -0,0 +1,116 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007-2025 IPFire Team # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +SUMMARY = Monitoring tool for ARP traffic on a network + +VER = 3.8 +ETHERCODES_DATE = 20200628 + +# From: https://ee.lbl.gov/downloads/arpwatch/ + +THISAPP = arpwatch-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) +PROG = arpwatch +PAK_VER = 1 + +DEPS = + +SERVICES = arpwatch + +# Enable debugging code +CFLAGS += -DDEBUG=1 + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) ethercodes.dat-$(ETHERCODES_DATE).xz + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_BLAKE2 = 2ec0360ed12722e09cfccd06a1ab48ed77ea017d9ebf182cf2792dac53b61b1f0d6b5895fe30ec4d6b9e05d78aa75762775e548573f7bd5b2918ce8ca775eed3 +ethercodes.dat-$(ETHERCODES_DATE).xz_BLAKE2 = e702b9109ef3ccce73e2637f96126bf19e7dfa533774c0bd623042b3609f147981263b84397ec155a65ae12fa57247c32644e1e7e57c2c749ef768156d853027 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +b2 : $(subst %,%_BLAKE2,$(objects)) + +dist: + @$(PAK) + +############################################################################### +# Downloading, checking, b2sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_BLAKE2,$(objects)) : + @$(B2SUM) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) + + # Fix compilation issues + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/arpwatch/53_stop-using-_getshort.patch + cd $(DIR_APP) && sed -i '1i#include ' report.c + + # Don't install the initscript + cd $(DIR_APP) && sed -i '/@HAVE_FREEBSD_TRUE@/d' Makefile.in + + # Build! + cd $(DIR_APP) && ./configure --prefix=/usr + cd $(DIR_APP) && make $(MAKETUNING) + cd $(DIR_APP) && make install + + # Install initscripts + $(call INSTALL_INITSCRIPTS,$(SERVICES)) + + # Install the data directory + -mkdir -pv /var/lib/arpwatch + + # Install ethercodes.dat + xz -dvv \ + < $(DIR_DL)/ethercodes.dat-$(ETHERCODES_DATE).xz \ + > /var/lib/arpwatch/ethercodes.dat + + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/make.sh b/make.sh index 56fd9be22..c3de610b9 100755 --- a/make.sh +++ b/make.sh @@ -2089,6 +2089,7 @@ build_system() { lfsmake2 inotify-tools lfsmake2 grub-btrfs lfsmake2 fort-validator + lfsmake2 arpwatch lfsmake2 linux lfsmake2 rtl8812au diff --git a/src/initscripts/packages/arpwatch b/src/initscripts/packages/arpwatch new file mode 100644 index 000000000..09dcdf1ba --- /dev/null +++ b/src/initscripts/packages/arpwatch @@ -0,0 +1,81 @@ +#!/bin/sh +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007-2022 IPFire Team # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + +. /etc/sysconfig/rc +. ${rc_functions} + +# Optionally load the configuration file +if [ -r "/etc/sysconfig/arpwatch" ]; then + . /etc/sysconfig/arpwatch +fi + +case "${1}" in + start) + args=( + -D /var/lib/arpwatch + ) + + # Add the watcher + if [ -n "${WATCHER}" ]; then + args+=( "-w" "${WATCHER}" ) + fi + + # Add the watchee + if [ -n "${WATCHEE}" ]; then + args+=( "-W" "${WATCHEE}" ) + fi + + for intf in ${INTERFACES}; do + boot_mesg "Starting ARP Watch on ${intf}..." + + # Create the data file for this interface + if [ ! -e "/var/lib/arpwatch/${intf}.dat" ]; then + : > "/var/lib/arpwatch/${intf}.dat" + fi + + PIDFILE="/var/run/arpwatch-${intf}.pid" \ + loadproc -f \ + /usr/sbin/arpwatch "${args[@]}" \ + -P "/var/run/arpwatch-${intf}.pid" \ + -f "/var/lib/arpwatch/${intf}.dat" \ + -i "${intf}" + done + ;; + + stop) + for intf in ${INTERFACES}; do + boot_mesg "Stopping ARP Watch on ${intf}..." + PIDFILE="/var/run/arpwatch-${intf}.pid" \ + killproc /usr/sbin/arpwatch + done + ;; + + restart) + ${0} stop + sleep 1 + ${0} start + ;; + + *) + echo "Usage: ${0} {start|stop|restart}" + exit 1 + ;; +esac diff --git a/src/paks/arpwatch/install.sh b/src/paks/arpwatch/install.sh new file mode 100644 index 000000000..12ff2ab36 --- /dev/null +++ b/src/paks/arpwatch/install.sh @@ -0,0 +1,33 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2007 IPFire-Team . # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +extract_files +restore_backup ${NAME} + +start_service ${NAME} + +# Enable autostart +ln -vsf ../init.d/arpwatch /etc/rc.d/rc0.d/K12arpwatch +ln -vsf ../init.d/arpwatch /etc/rc.d/rc3.d/S64arpwatch +ln -vsf ../init.d/arpwatch /etc/rc.d/rc6.d/K12arpwatch diff --git a/src/paks/arpwatch/uninstall.sh b/src/paks/arpwatch/uninstall.sh new file mode 100644 index 000000000..e27cc1345 --- /dev/null +++ b/src/paks/arpwatch/uninstall.sh @@ -0,0 +1,28 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2007 IPFire-Team . # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +stop_service ${NAME} +make_backup ${NAME} +remove_files +rm -rfv /etc/rc.d/rc*.d/*arpwatch diff --git a/src/paks/arpwatch/update.sh b/src/paks/arpwatch/update.sh new file mode 100644 index 000000000..99776659c --- /dev/null +++ b/src/paks/arpwatch/update.sh @@ -0,0 +1,27 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2007-2020 IPFire-Team . # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +extract_backup_includes +./uninstall.sh +./install.sh diff --git a/src/patches/arpwatch/53_stop-using-_getshort.patch b/src/patches/arpwatch/53_stop-using-_getshort.patch new file mode 100644 index 000000000..da83f4b43 --- /dev/null +++ b/src/patches/arpwatch/53_stop-using-_getshort.patch @@ -0,0 +1,25 @@ +Description: replace private function _getshort with ns_get16 + _getshort is a private function, triggers a build log warning because it's + not present in any header file. We switch to the functionally equivalent + ns_get16. +Author: Lukas Schwaighofer + +--- + dns.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +--- a/dns.c ++++ b/dns.c +@@ -115,10 +115,10 @@ + (u_char *)cp, (char *)bp, buflen)) < 0) + break; + cp += n; +- type = _getshort(cp); ++ type = ns_get16(cp); + cp += sizeof(u_short); /* class */ + cp += sizeof(u_short) + sizeof(u_int32_t); +- n = _getshort(cp); ++ n = ns_get16(cp); + cp += sizeof(u_short); + if (type == T_HINFO) { + /* Unpack */