1 Summary: Firewall log analyzer, report generator and realtime response agent
2 Summary(pl): Analizator logów firewalla, generator raportów i agent natychmiastowej odpowiedzi
7 Group: Applications/System
8 Source0: http://www.kybs.de/boris/sw/%{name}-%{version}.tar.bz2
9 # Source0-md5: a0aa323568862e23fdbc6473ce6a01b5
11 Source2: %{name}.sysconfig
12 URL: http://fwlogwatch.inside-security.de/
14 BuildRequires: zlib-devel
17 Requires(post,preun): /sbin/chkconfig
18 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
20 %define _sysconfdir /etc/%{name}
23 fwlogwatch produces ipchains, netfilter/iptables, ipfilter, Cisco IOS
24 and Cisco PIX log summary reports in text and HTML form and has a lot
25 of options to find and display relevant patterns in connection
26 attempts. With the data found it can also generate customizable
27 incident reports from a template and send them to abuse contacts at
28 offending sites or CERT coordination centers. Finally, it can also run
29 as daemon and report anomalies or start countermeasures.
32 fwlogwatch produkuje sumaryczne raporty w formacie tekstowym oraz HTML
33 z informacjami dostarczanymi przez logi ipchains, netfilter/iptables,
34 ipfilter, Cisco IOS oraz Cisco PIX. fwlogwatch ma wiele opcji
35 pozwalaj±cych znajdowaæ okre¶lone wzorce w próbach po³±czeñ. Na
36 podstawie tych danych mo¿e generowaæ raporty o incydentach i wysy³aæ
37 je na adres abuse lub do centrów koordynacji CERT. Mo¿e on równie¿
38 pracowaæ jako daemon i informowaæ o anomaliach oraz podejmowaæ kroki
47 CFLAGS="%{rpmcflags} -Wall" \
48 LDFLAGS="%{rpmldflags}"
51 rm -rf $RPM_BUILD_ROOT
52 install -d $RPM_BUILD_ROOT{/etc/{rc.d/init.d,sysconfig},%{_sysconfdir}} \
53 $RPM_BUILD_ROOT{%{_sbindir},%{_mandir}/man8}
55 %{__make} install install-config \
56 INSTALL_DIR="$RPM_BUILD_ROOT/usr" \
57 CONF_DIR="$RPM_BUILD_ROOT/etc/fwlogwatch"
59 install %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name}
60 install %{SOURCE2} $RPM_BUILD_ROOT/etc/sysconfig/%{name}
63 rm -rf $RPM_BUILD_ROOT
66 /sbin/chkconfig --add %{name}
67 if [ -f %{_var}/lock/subsys/%{name} ]; then
68 /etc/rc.d/init.d/%{name} restart 1>&2
70 echo "Run \"/etc/rc.d/init.d/%{name} start\" to start %{name} daemon."
74 if [ "$1" = "0" ]; then
75 if [ -f %{_var}/lock/subsys/%{name} ]; then
76 /etc/rc.d/init.d/%{name} stop 1>&2
78 /sbin/chkconfig --del %{name}
82 %defattr(644,root,root,755)
83 %doc contrib/fw* AUTHORS CREDITS ChangeLog README
84 %attr(700,root,root) %dir %{_sysconfdir}
85 %attr(600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/*.config
86 %attr(755,root,root) %{_sbindir}/*
87 %attr(754,root,root) /etc/rc.d/init.d/%{name}
88 %attr(640,root,root) %config(noreplace) %verify(not size mtime md5) /etc/sysconfig/%{name}