Update FreeBSD port to 1.2.4 (#971)

Available on FreeBSD ports tree and can be installed via ports or pkg.
2024-05-21 19:36:21 +02:00 · 2023-03-06 14:06:34 +01:00 · 2023-03-06 14:06:34 +01:00 · c220afea84
parent 52cac989d1
commit c220afea84
11 changed files with 180 additions and 36 deletions
--- a/src/packaging/FreeBSD/Makefile
+++ b/src/packaging/FreeBSD/Makefile
@ -1,46 +1,73 @@
-# $FreeBSD$
-
 PORTNAME=	fastnetmon
-PORTVERSION=	1.1.2
+PORTVERSION=	1.2.4
 DISTVERSIONPREFIX=	v
-CATEGORIES=	net-mgmt
+CATEGORIES=	net-mgmt security

-MAINTAINER=	pavel.odintsov@gmail.com
-COMMENT=	Very fast DDoS analyzer with sFlow/NetFLow/IPFIX/SPAN/mirror support
+MAINTAINER=	farrokhi@FreeBSD.org
+COMMENT=	Very fast DDoS analyzer with sflow/netflow/mirror support
+WWW=		https://fastnetmon.com

 LICENSE=	GPLv2
 LICENSE_FILE=	${WRKSRC}/LICENSE

-LIB_DEPENDS=	liblog4cpp.so:${PORTSDIR}/devel/log4cpp \
-		libboost_regex.so:${PORTSDIR}/devel/boost-libs
+BROKEN_armv6=		does not build: invokes x86 assembler
+BROKEN_armv7=		does not build: invokes x86 assembler
+
+LIB_DEPENDS=	libboost_regex.so:devel/boost-libs \
+		liblog4cpp.so:devel/log4cpp \
+		libmongoc-1.0.so:devel/mongo-c-driver \
+		libjson-c.so:devel/json-c \
+		libbson-1.0.so:devel/libbson \
+		libcapnp.so:devel/capnproto \
+		libgrpc.so:devel/grpc142 \
+		libprotobuf.so:devel/protobuf \
+		libabsl_base.so:devel/abseil \
+		libhiredis.so:databases/hiredis
+
+USES=	cmake compiler:c++11-lang pkgconfig localbase:ldflags ssl

 USE_GITHUB=	yes
 GH_ACCOUNT=	pavel-odintsov

-# TODO: enable this after updating /usr/ports/{UIDs,GIDs}
-#USERS=		fastnetmon
-#GROUPS=		fastnetmon
+USERS=	${PORTNAME}
+GROUPS=	${PORTNAME}

-USES=		cmake
-CMAKE_SOURCE_PATH=${WRKSRC}/src
+USE_RC_SUBR=	${PORTNAME}

-USE_RC_SUBR=	fastnetmon
+OPTIONS_DEFINE=	DOCS REDIS
+
+REDIS_LIB_DEPENDS=	libhiredis.so:databases/hiredis

 PORTDOCS=	*

-OPTIONS_DEFINE=	DOCS
+CXXFLAGS += -DBOOST_STACKTRACE_GNU_SOURCE_NOT_REQUIRED
+CFLAGS_i386=	-march=i586
+CMAKE_SOURCE_PATH=	${WRKSRC}/src
+CMAKE_ARGS+=	-DDISABLE_PF_RING_SUPPORT=ON \
+		-DENABLE_NETMAP_SUPPORT=OFF \
+		-DLINK_WITH_ABSL=ON \
+		-DSET_ABSOLUTE_INSTALL_PATH=OFF \
+		-DCMAKE_INSTALL_MANDIR=${PREFIX}/man
+
+CMAKE_INSTALL_PREFIX=	${PREFIX}
+
+.include <bsd.port.pre.mk>

 post-patch:
-	@${REINPLACE_CMD} -e 's|/usr/local|${LOCALBASE}|' ${WRKSRC}/src/CMakeLists.txt
 	@${REINPLACE_CMD} -e 's|/usr/local|${PREFIX}|; \
 		s|/var/run|&/fastnetmon|g; s|/var/log|&/fastnetmon|g; \
 		s|"/etc/|"${PREFIX}/etc/|g; s|/root/fastnetmon|${DATADIR}|g' \
 		${WRKSRC}/src/fastnetmon.conf ${WRKSRC}/src/fastnetmon.cpp
+	@${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|g' \
+		${WRKSRC}/src/man/fastnetmon.8 ${WRKSRC}/src/fast_platform.h.template

 post-install:
 	${MV} ${STAGEDIR}${PREFIX}/etc/${PORTNAME}.conf \
 		${STAGEDIR}${PREFIX}/etc/${PORTNAME}.conf.sample
-	cd ${WRKSRC} && ${COPYTREE_SHARE} "README.md docs" ${STAGEDIR}${DOCSDIR}
 	${MKDIR} ${STAGEDIR}/var/run/fastnetmon ${STAGEDIR}/var/log/fastnetmon
+	${INSTALL_SCRIPT} ${WRKSRC}/src/notify_about_attack.sh ${STAGEDIR}${PREFIX}/bin

-.include <bsd.port.mk>
+post-install-DOCS-on:
+	cd ${WRKSRC} && ${COPYTREE_SHARE} "README.md docs" ${STAGEDIR}${DOCSDIR}
+
+.include <bsd.port.post.mk>
--- a/src/packaging/FreeBSD/distinfo
+++ b/src/packaging/FreeBSD/distinfo
@ -1,2 +1,3 @@
-SHA256 (FastVPSEestiOu-fastnetmon-v1.1.2_GH0.tar.gz) = f2c554aa402e608b9837132b17da79b49f1b998c17934344779ddc9a397261b4
-SIZE (FastVPSEestiOu-fastnetmon-v1.1.2_GH0.tar.gz) = 6072730
+TIMESTAMP = 1677848493
+SHA256 (pavel-odintsov-fastnetmon-v1.2.4_GH0.tar.gz) = 84cd5db0e270f6c268923592eabd5cb0d1689293d9d9f6f0634af548b29f9bb4
+SIZE (pavel-odintsov-fastnetmon-v1.2.4_GH0.tar.gz) = 1056097
--- a/src/packaging/FreeBSD/files/fastnetmon.in
+++ b/src/packaging/FreeBSD/files/fastnetmon.in
@ -5,24 +5,26 @@
 # BEFORE:  securelevel
 # KEYWORD: shutdown

-# Add the following line to /etc/rc.conf to enable `fastnetmon':
+# Add the following line to /etc/rc.conf to enable 'fastnetmon':
 #
 # fastnetmon_enable="YES"
 #

 . /etc/rc.subr

-name="fastnetmon"
-rcvar="${name}_enable"
-
-command="%%PREFIX%%/bin/fastnetmon"
-pidfile="/var/run/fastnetmon/$name.pid"
+name=fastnetmon
+desc="fastnetmon startup script"
+rcvar=fastnetmon_enable

 load_rc_config "$name"

-: ${fastnetmon_enable:="NO"}
-# TODO: enable this after updating /usr/ports/{UIDs,GIDs}
-#: ${fastnetmon_user:="fastnetmon"}
-: ${fastnetmon_flags:="--daemonize"}
+: ${fastnetmon_enable:=NO}
+: ${fastnetmon_conf:=%%ETCDIR%%/$name.conf}
+: ${fastnetmon_flags:=--daemonize}
+: ${fastnetmon_user:=fastnetmon}
+
+command=%%PREFIX%%/bin/fastnetmon
+command_args="--configuration_file ${fastnetmon_conf} ${fastnetmon_flags}"
+pidfile=/var/run/fastnetmon/$name.pid

 run_rc_command "$1"
--- a/src/packaging/FreeBSD/files/patch-src_fast__endianless.hpp
+++ b/src/packaging/FreeBSD/files/patch-src_fast__endianless.hpp
@ -0,0 +1,10 @@
+--- src/fast_endianless.hpp.orig	2023-03-04 15:33:46 UTC
+++ src/fast_endianless.hpp
+@@ -12,6 +12,7 @@
+ // For be64toh and htobe64
+ #if defined(__FreeBSD__) || defined(__DragonFly__)
+ #include <sys/endian.h>
+#include <cstdint>
+ #endif
+ 
+ // Linux standard functions for endian conversions are ugly because there are no checks about arguments length
--- a/src/packaging/FreeBSD/files/patch-src_fast__library.cpp
+++ b/src/packaging/FreeBSD/files/patch-src_fast__library.cpp
@ -0,0 +1,15 @@
+--- src/fast_library.cpp.orig	2023-03-05 11:34:07 UTC
+++ src/fast_library.cpp
+@@ -1249,7 +1249,11 @@ bool get_interface_number_by_device_name(int socket_fd
+         return false;
+     }
+ 
+-    interface_number = ifr.ifr_ifindex;
+    #ifdef __FreeBSD__
+      interface_number = ifr.ifr_ifru.ifru_index;
+    #else
+      interface_number = ifr.ifr_ifindex;
+    #endif
+ #else
+     /* Fallback to if_nametoindex(3) otherwise. */
+     interface_number = if_nametoindex(interface_name.c_str());
--- a/src/packaging/FreeBSD/files/patch-src_fast__platform.h.template
+++ b/src/packaging/FreeBSD/files/patch-src_fast__platform.h.template
@ -0,0 +1,26 @@
+--- src/fast_platform.h.template.orig	2023-03-01 14:23:34 UTC
+++ src/fast_platform.h.template
+@@ -9,19 +9,19 @@ class FastnetmonPlatformConfigurtion {
+     std::string fastnetmon_version = "${FASTNETMON_APPLICATION_VERSION}";
+ 
+     std::string pid_path = "/var/run/fastnetmon.pid";
+-    std::string global_config_path = "/etc/fastnetmon.conf";
+    std::string global_config_path = "%%PREFIX%%/etc/fastnetmon.conf";
+ 
+     std::string log_file_path = "/var/log/fastnetmon.log";
+     std::string attack_details_folder = "/var/log/fastnetmon_attacks";
+ 
+     // Default path to notify script
+-    std::string notify_script_path = "/usr/local/bin/notify_about_attack.sh";
+    std::string notify_script_path = "%%PREFIX%%/bin/notify_about_attack.sh";
+ 
+     // Default path to file with networks for whitelising
+-    std::string white_list_path = "/etc/networks_whitelist";
+    std::string white_list_path = "%%PREFIX%%/etc/networks_whitelist";
+ 
+     // Default path to file with all networks listing
+-    std::string networks_list_path = "/etc/networks_list";
+    std::string networks_list_path = "%%PREFIX%%/etc/networks_list";
+ 
+     /* Platform specific paths end */
+ };
--- a/src/packaging/FreeBSD/files/patch-src_fastnetmon.cpp
+++ b/src/packaging/FreeBSD/files/patch-src_fastnetmon.cpp
@ -0,0 +1,40 @@
+--- src/fastnetmon.cpp.orig	2023-03-01 14:23:34 UTC
+++ src/fastnetmon.cpp
+@@ -12,8 +12,8 @@
+ #include <unistd.h>
+ 
+ #include <arpa/inet.h>
+-#include <net/if_arp.h> // struct arphdr
+-#include <netinet/if_ether.h>
+//#include <net/if_arp.h> // struct arphdr
+//#include <netinet/if_ether.h>
+ #include <netinet/in.h>
+ #include <netinet/ip.h>
+ #include <netinet/ip_icmp.h>
+@@ -161,7 +161,7 @@ unsigned int stats_thread_initial_call_delay = 30;
+ std::string reporting_server = "community-stats.fastnetmon.com";
+ 
+ // Path to temporarily store backtrace when fatal failure happened
+-std::string backtrace_path = "/var/log/fastnetmon_backtrace.dump";
+std::string backtrace_path = "/var/log/fastnetmon/fastnetmon_backtrace.dump";
+ 
+ // Each this seconds we will check about available data in bucket
+ unsigned int check_for_availible_for_processing_packets_buckets = 1;
+@@ -435,7 +435,7 @@ std::string exabgp_community_subnet = "";
+ std::string exabgp_community_host   = "";
+ 
+ 
+-std::string exabgp_command_pipe = "/var/run/exabgp.cmd";
+std::string exabgp_command_pipe = "/var/run/fastnetmon/exabgp.cmd";
+ std::string exabgp_next_hop     = "";
+ 
+ // Graphite monitoring
+@@ -519,7 +519,7 @@ void sigpipe_handler_for_popen(int signo) {
+ #ifdef GEOIP
+ bool geoip_init() {
+     // load GeoIP ASN database to memory
+-    geo_ip = GeoIP_open("/root/fastnetmon/GeoIPASNum.dat", GEOIP_MEMORY_CACHE);
+    geo_ip = GeoIP_open("/usr/local/share/fastnetmon/GeoIPASNum.dat", GEOIP_MEMORY_CACHE);
+ 
+     if (geo_ip == NULL) {
+         return false;
--- a/src/packaging/FreeBSD/files/patch-src_man_fastnetmon.8
+++ b/src/packaging/FreeBSD/files/patch-src_man_fastnetmon.8
@ -0,0 +1,11 @@
+--- src/man/fastnetmon.8.orig	2023-03-03 16:20:18 UTC
+++ src/man/fastnetmon.8
+@@ -8,7 +8,7 @@ fastnetmon [--daemonize]
+ .SH DESCRIPTION
+ FastNetMon - a high performance DoS/DDoS load analyzer built on top of multiple packet capture engines (NetFlow, IPFIX, sFlow, port mirror).
+ 
+-For more information about configuration, please look at the comments in /etc/fastnetmon.conf and check the project GitHub page: https://github.com/pavel-odintsov/fastnetmon.
+For more information about configuration, please look at the comments in %%PREFIX%%/etc/fastnetmon.conf and check the project GitHub page: https://github.com/pavel-odintsov/fastnetmon.
+ .SH OPTIONS
+ fastnetmon has only a single command line option --daemonize which is used for forking and detaching it from the terminal.
+ .SH SEE ALSO
--- a/src/packaging/FreeBSD/files/patch-src_notifyaboutattack.sh
+++ b/src/packaging/FreeBSD/files/patch-src_notifyaboutattack.sh
@ -0,0 +1,8 @@
+--- src/notify_about_attack.sh.orig	2023-03-06 10:33:26 UTC
+++ src/notify_about_attack.sh
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env bash
+#!/bin/sh
+ 
+ #
+ # Hello, lovely FastNetMon customer. I'm really happy to see you here
--- a/src/packaging/FreeBSD/pkg-descr
+++ b/src/packaging/FreeBSD/pkg-descr
@ -1,4 +1,2 @@
-FastNetMon - A high performance DoS/DDoS load analyzer built on top
-of multiple packet capture engines (NetFlow, IPFIX, sFlow, Netmap, PCAP).
-
-WWW: https://fastnetmon.com
+FastNetMon - A high performance DoS/DDoS load analyzer built on top of
+multiple packet capture engines (NetFlow, IPFIX, sFLOW, netmap, PF_RING, PCAP).
--- a/src/packaging/FreeBSD/pkg-plist
+++ b/src/packaging/FreeBSD/pkg-plist
@ -1,5 +1,11 @@
 bin/fastnetmon
+bin/fastnetmon_api_client
 bin/fastnetmon_client
+bin/notify_about_attack.sh
+etc/networks_list
+etc/networks_whitelist
+man/man8/fastnetmon.8.gz
+man/man1/fastnetmon_client.1.gz
@sample etc/fastnetmon.conf.sample
-@dir /var/run/fastnetmon
-@dir /var/log/fastnetmon
+@dir(fastnetmon,fastnetmon) /var/run/fastnetmon
+@dir(fastnetmon,fastnetmon) /var/log/fastnetmon