[packages/chkrootkit.git] / chkrootkit-0.42-ip.patch

--- chkrootkit	Fri Sep 12 14:47:14 2003
+++ chkrootkit	Mon Sep 15 18:29:16 2003
@@ -25,7 +25,7 @@
 tcpdump top telnetd timed traceroute vdir w write"
 
 # Tools
-TOOLS="aliens asp bindshell lkm rexedcs sniffer w55808 wted scalper slapper z2"
+TOOLS="aliens asp bindshell lkm rexedcs sniffer promisctest w55808 wted scalper slapper z2"
 
 # Return Codes
 INFECTED=0
@@ -172,6 +172,39 @@
        fi
     fi
 }
+
+promisctest () { 
+	# Add gratutuous printf for "regular" mode output ("./chkrootkit promisctest")
+	printf "%s\n"; ip="/sbin/ip"
+	${egrep} /proc/version -qe "2\.(4|5|6)"; KERNVER="$?"
+	case "${KERNVER:0:1}" in
+	0)
+		if [ ! -x ${ip} ]; then
+			printf "%snot tested: can't exec ${ip}\n"
+			return ${NOT_TESTED}
+		fi
+		${ip} link show | ${egrep} "^[0-9]" | while read DEVF; do
+		DEVF=( ${DEVF} )
+		printf "%s${DEVF[@]}" | ${egrep} -qe "PROMISC"; STATUS="$?"
+		case "${STATUS:0:1}" in
+		1)
+			if [ "${EXPERT}" = "t" ]; then
+				printf "%s${DEVF[1]} has device flags:\t${DEVF[2]}\n"
+				else printf "%s${DEVF[1]}\tis not promisc\n"
+			fi;;
+		0)
+			if [ "${EXPERT}" = "t" ]; then
+				printf "%s${DEVF[1]} has device flags:\t${DEVF[2]}\n"
+				else printf "%s${DEVF[1]}\tIS PROMISC\n"
+			fi;;
+		esac
+		done;;
+	*)
+		echo "not tested."
+		return ${NOT_TESTED};;
+	esac
+ }
+
 
 z2 () {
     if [ ! -x ./chklastlog ]; then
Commit	Line	Data
0623d257	1	--- chkrootkit Fri Sep 12 14:47:14 2003
	2	+++ chkrootkit Mon Sep 15 18:29:16 2003
	3	@@ -25,7 +25,7 @@
	4	tcpdump top telnetd timed traceroute vdir w write"
	5
	6	# Tools
	7	-TOOLS="aliens asp bindshell lkm rexedcs sniffer w55808 wted scalper slapper z2"
	8	+TOOLS="aliens asp bindshell lkm rexedcs sniffer promisctest w55808 wted scalper slapper z2"
	9
	10	# Return Codes
	11	INFECTED=0
	12	@@ -172,6 +172,39 @@
	13	fi
	14	fi
	15	}
	16	+
	17	+promisctest () {
	18	+ # Add gratutuous printf for "regular" mode output ("./chkrootkit promisctest")
	19	+ printf "%s\n"; ip="/sbin/ip"
	20	+ ${egrep} /proc/version -qe "2\.(4\|5\|6)"; KERNVER="$?"
	21	+ case "${KERNVER:0:1}" in
	22	+ 0)
	23	+ if [ ! -x ${ip} ]; then
	24	+ printf "%snot tested: can't exec ${ip}\n"
	25	+ return ${NOT_TESTED}
	26	+ fi
	27	+ ${ip} link show \| ${egrep} "^[0-9]" \| while read DEVF; do
	28	+ DEVF=( ${DEVF} )
	29	+ printf "%s${DEVF[@]}" \| ${egrep} -qe "PROMISC"; STATUS="$?"
	30	+ case "${STATUS:0:1}" in
	31	+ 1)
	32	+ if [ "${EXPERT}" = "t" ]; then
	33	+ printf "%s${DEVF[1]} has device flags:\t${DEVF[2]}\n"
	34	+ else printf "%s${DEVF[1]}\tis not promisc\n"
	35	+ fi;;
	36	+ 0)
	37	+ if [ "${EXPERT}" = "t" ]; then
	38	+ printf "%s${DEVF[1]} has device flags:\t${DEVF[2]}\n"
	39	+ else printf "%s${DEVF[1]}\tIS PROMISC\n"
	40	+ fi;;
	41	+ esac
	42	+ done;;
	43	+ *)
	44	+ echo "not tested."
	45	+ return ${NOT_TESTED};;
	46	+ esac
	47	+ }
	48	+
	49
	50	z2 () {
	51	if [ ! -x ./chklastlog ]; then