From owner-freebsd-ports@FreeBSD.ORG Tue Feb 18 15:34:07 2014 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B7A6ED45; Tue, 18 Feb 2014 15:34:07 +0000 (UTC) Received: from mail-qa0-x22a.google.com (mail-qa0-x22a.google.com [IPv6:2607:f8b0:400d:c00::22a]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 665FE12EE; Tue, 18 Feb 2014 15:34:07 +0000 (UTC) Received: by mail-qa0-f42.google.com with SMTP id k4so24075586qaq.29 for ; Tue, 18 Feb 2014 07:34:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:from:date:message-id:subject:to:cc:content-type; bh=QCN9Rg+GrzDLymmka1e3rXIUK3zYa3ZZh2VfWba0PHA=; b=XZVofBaPHXvUo0QvUr/mcbbLSP4RO1B72A03mQEYChPPGaTkatlczC3w/vKWWLqthQ vn6haK6U5dRJSQ13wJMOUBryB/iINkg0keRaGqKdjvOLSAkzMssneS2fsf6rojjyXIP2 sK4g4jojTDhy8vuC9i2ZCivBUv8aWvfomMwpRHPb3g6LhNVBN4Yk39Xpu1th6h1QHhRo 5RE8svH4E+tYnK4q7LstS3aAygaDzFC+Ai/atr1fzUG49YRWHQ6LEaFe7yjjgI864Tym y4y/tNLI8bQlxgDcoPXX8X5lFJL5pxU1sMKEVXxz2lzTgJ0vaTFuDwKeKxty2AOorWv9 VcIg== X-Received: by 10.140.27.179 with SMTP id 48mr40761073qgx.18.1392737646450; Tue, 18 Feb 2014 07:34:06 -0800 (PST) MIME-Version: 1.0 Received: by 10.229.64.68 with HTTP; Tue, 18 Feb 2014 07:33:46 -0800 (PST) From: Chad Gross Date: Tue, 18 Feb 2014 10:33:46 -0500 Message-ID: Subject: [patch] net-mgmt/flowviewer and security/silktools patches To: freebsd-ports@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.17 Cc: lx@freebsd.org, samm@os2.kiev.ua X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Feb 2014 15:34:07 -0000 I managed to configure net-mgmt/flowviewer with security/silktools, but had to make some modifications to get it working. FlowViewer is configured by defaut to pass the $silk_data_dir + $device_name as the root data directory to the rwfilter tool, when the root directory should be the same as $silk_data_dir. I've confirmed it is still the configured this way in the latest version (4.3, released 2/11/14) so I could be misconfiguring something, but I don't see how since I following the documentation ( http://sourceforge.net/projects/flowviewer/files/FlowViewer.pdf/download). I also manually ran the commands out of working/DEBUG_VIEWER and it produced nothing until I updated --data-rootdir=/data/flows/S0 to --data-rootdir=/data/flows. Here are patches for the 4 affected files: --- FlowGrapher_Main.cgi.orig 2014-02-18 08:49:42.000000000 -0500 +++ FlowGrapher_Main.cgi 2014-02-18 09:09:58.000000000 -0500 @@ -535,7 +535,7 @@ $silk_flow_type =~ s/\s+//g; } - $data_root_dir = $silk_data_directory ."/". $device_name; + $data_root_dir = $silk_data_directory; # Prepare rwfilter start and end time parameters, filter criteria and window type --- FlowTracker_Recreate.orig 2014-02-16 15:50:35.000000000 -0500 +++ FlowTracker_Recreate 2014-02-18 09:09:58.000000000 -0500 @@ -245,7 +245,7 @@ $cat_start = epoch_to_date($cat_start_epoch,"LOCAL"); $cat_end = epoch_to_date($cat_end_epoch,"LOCAL"); - $data_root_dir = $silk_data_directory ."/". $device_name; + $data_root_dir = $silk_data_directory; $silk_flow_type = ""; --- FlowTracker_Collector.orig 2014-02-18 08:48:54.000000000 -0500 +++ FlowTracker_Collector 2014-02-18 09:09:58.000000000 -0500 @@ -303,7 +303,7 @@ # Set up silk data sources - $data_root_dir = $silk_data_directory ."/". $device_name; + $data_root_dir = $silk_data_directory; $silk_flow_type = ""; --- FlowViewer_Main.cgi.orig 2014-02-18 08:52:30.000000000 -0500 +++ FlowViewer_Main.cgi 2014-02-18 09:09:58.000000000 -0500 @@ -431,7 +431,7 @@ $silk_flow_type =~ s/\s+//g; } - $data_root_dir = $silk_data_directory ."/". $device_name; + $data_root_dir = $silk_data_directory; # Prepare rwfilter start and end time parameters I also found that security/silktools uses UTC by default, but has a configuration option to enable localtime ( https://tools.netsa.cert.org/silk/faq.html#timestamp-mismatch). Here is a patch to the Makefile containing a config option for localtime: --- /usr/ports/silktools/Makefile.orig 2014-02-18 09:29:28.000000000 -0500 +++ /usr/ports/silktools/Makefile 2014-02-18 09:41:48.000000000 -0500 @@ -23,6 +23,11 @@ USES= perl5 USE_PERL5= build +HAS_CONFIGURE= yes +OPTIONS_DEFINE= LOCALTIME +LOCALTIME_DESC= Use localtime instead of UTC + + MAN1= mapsid.1 num2dot.1 rwaddrcount.1 rwappend.1 \ rwbag.1 rwbagbuild.1 rwbagcat.1 rwbagtool.1 \ rwcat.1 rwcount.1 rwcut.1 rwdedupe.1 rwfglob.1 \ @@ -51,6 +56,13 @@ rwsender.8 NO_STAGE= yes + +.include + +.if ${PORT_OPTIONS:MLOCALTIME} +CONFIGURE_ARGS+=--enable-localtime +.endif + post-patch: @${REINPLACE_CMD} -e 's|echo aout|echo elf|' ${WRKSRC}/configure Thanks, Chad