]>
Commit | Line | Data |
---|---|---|
040768c9 | 1 | Summary: Firewall log analyzer, report generator and realtime response agent |
cdf47a6b | 2 | Summary(pl.UTF-8): Analizator logów firewalla, generator raportów i agent natychmiastowej odpowiedzi |
040768c9 | 3 | Name: fwlogwatch |
13b6db92 | 4 | Version: 1.1 |
69aa03ce | 5 | Release: 1 |
040768c9 AM |
6 | License: GPL |
7 | Group: Applications/System | |
2b5a597f | 8 | Source0: http://www.kybs.de/boris/sw/%{name}-%{version}.tar.bz2 |
13b6db92 | 9 | # Source0-md5: 266974c417a7b973d3e54b64f95e9536 |
040768c9 AM |
10 | Source1: %{name}.init |
11 | Source2: %{name}.sysconfig | |
ab0eebc4 | 12 | Patch0: %{name}-paths.patch |
cd02a642 | 13 | URL: http://fwlogwatch.inside-security.de/ |
040768c9 | 14 | BuildRequires: flex |
cd02a642 | 15 | BuildRequires: m4 |
a5560b4f | 16 | BuildRequires: zlib-devel |
0d4a2378 | 17 | Requires(post,preun): /sbin/chkconfig |
a5560b4f | 18 | Requires: rc-scripts |
040768c9 AM |
19 | BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) |
20 | ||
efdd6e07 | 21 | %define _sysconfdir /etc/%{name} |
22 | ||
040768c9 AM |
23 | %description |
24 | fwlogwatch produces ipchains, netfilter/iptables, ipfilter, Cisco IOS | |
25 | and Cisco PIX log summary reports in text and HTML form and has a lot | |
26 | of options to find and display relevant patterns in connection | |
27 | attempts. With the data found it can also generate customizable | |
28 | incident reports from a template and send them to abuse contacts at | |
29 | offending sites or CERT coordination centers. Finally, it can also run | |
30 | as daemon and report anomalies or start countermeasures. | |
31 | ||
1d24c41b | 32 | %description -l pl.UTF-8 |
040768c9 AM |
33 | fwlogwatch produkuje sumaryczne raporty w formacie tekstowym oraz HTML |
34 | z informacjami dostarczanymi przez logi ipchains, netfilter/iptables, | |
35 | ipfilter, Cisco IOS oraz Cisco PIX. fwlogwatch ma wiele opcji | |
1d24c41b JR |
36 | pozwalających znajdować określone wzorce w próbach połączeń. Na |
37 | podstawie tych danych może generować raporty o incydentach i wysyłać | |
38 | je na adres abuse lub do centrów koordynacji CERT. Może on również | |
39 | pracować jako daemon i informować o anomaliach oraz podejmować kroki | |
040768c9 AM |
40 | zapobiegawcze. |
41 | ||
42 | %prep | |
43 | %setup -q | |
ab0eebc4 | 44 | %patch0 -p1 |
040768c9 AM |
45 | |
46 | %build | |
47 | %{__make} \ | |
f9557e2f | 48 | CC="%{__cc}" \ |
49 | CFLAGS="%{rpmcflags} -Wall" \ | |
50 | LDFLAGS="%{rpmldflags}" | |
040768c9 AM |
51 | |
52 | %install | |
53 | rm -rf $RPM_BUILD_ROOT | |
52b646ee | 54 | install -d $RPM_BUILD_ROOT{/etc/{rc.d/init.d,sysconfig},%{_sysconfdir}} \ |
efdd6e07 | 55 | $RPM_BUILD_ROOT{%{_sbindir},%{_mandir}/man8} |
040768c9 AM |
56 | |
57 | %{__make} install install-config \ | |
13b6db92 | 58 | INSTALL_DIR="$RPM_BUILD_ROOT%{_usr}" \ |
59 | CONF_DIR="$RPM_BUILD_ROOT%{_sysconfdir}" | |
040768c9 | 60 | |
efdd6e07 | 61 | install %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name} |
62 | install %{SOURCE2} $RPM_BUILD_ROOT/etc/sysconfig/%{name} | |
040768c9 | 63 | |
e74c070c JB |
64 | %clean |
65 | rm -rf $RPM_BUILD_ROOT | |
66 | ||
040768c9 | 67 | %post |
0a581986 | 68 | %service %{name} restart |
040768c9 AM |
69 | |
70 | %preun | |
efdd6e07 | 71 | if [ "$1" = "0" ]; then |
0a581986 | 72 | %service %{name} stop |
efdd6e07 | 73 | /sbin/chkconfig --del %{name} |
040768c9 | 74 | fi |
040768c9 | 75 | |
040768c9 AM |
76 | %files |
77 | %defattr(644,root,root,755) | |
0d4a2378 | 78 | %doc contrib/fw* AUTHORS CREDITS ChangeLog README |
efdd6e07 | 79 | %attr(700,root,root) %dir %{_sysconfdir} |
13b6db92 | 80 | %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/* |
040768c9 | 81 | %attr(755,root,root) %{_sbindir}/* |
efdd6e07 | 82 | %attr(754,root,root) /etc/rc.d/init.d/%{name} |
a5560b4f | 83 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/%{name} |
040768c9 | 84 | %{_mandir}/man?/* |