1 Summary: Firewall log analyzer, report generator and realtime response agent
2 Summary(pl): Analizator logów firewalla, generator raportów i agent natychmiastowej odpowiedzi
7 Group: Applications/System
8 Group(de): Applikationen/System
9 Group(pl): Aplikacje/System
10 Source0: http://www.kyb.uni-stuttgart.de/boris/sw/%{name}-%{version}.tar.bz2
12 Source2: %{name}.sysconfig
13 Patch0: %{name}-DESTDIR.patch
14 Patch1: %{name}-config.patch
15 URL: http://cert.uni-stuttgart.de/projects/fwlogwatch/
17 BuildRequires: zlib-devel
19 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
21 %define _sysconfdir /etc/%{name}
24 fwlogwatch produces ipchains, netfilter/iptables, ipfilter, Cisco IOS
25 and Cisco PIX log summary reports in text and HTML form and has a lot
26 of options to find and display relevant patterns in connection
27 attempts. With the data found it can also generate customizable
28 incident reports from a template and send them to abuse contacts at
29 offending sites or CERT coordination centers. Finally, it can also run
30 as daemon and report anomalies or start countermeasures.
33 fwlogwatch produkuje sumaryczne raporty w formacie tekstowym oraz HTML
34 z informacjami dostarczanymi przez logi ipchains, netfilter/iptables,
35 ipfilter, Cisco IOS oraz Cisco PIX. fwlogwatch ma wiele opcji
36 pozwalaj±cych znajdowaæ okre¶lone wzorce w próbach po³±czeñ. Na
37 podstawie tych danych mo¿e generowaæ raporty o incydentach i wysy³aæ
38 je na adres abuse lub do centrów koordynacji CERT. Mo¿e on równie¿
39 pracowaæ jako daemon i informowaæ o anomaliach oraz podejmowaæ kroki
49 CC="%{__cc}" OPT="%{rpmcflags}" LDFLAGS="%{rpmldflags}" \
50 SYSCONFDIR="%{_sysconfdir}"
53 rm -rf $RPM_BUILD_ROOT
54 install -d $RPM_BUILD_ROOT{/etc/{rc.d/init.d,sysconfig},%{_sysconfdir}} \
55 $RPM_BUILD_ROOT{%{_sbindir},%{_mandir}/man8}
57 %{__make} install install-config \
58 DESTDIR=$RPM_BUILD_ROOT \
59 SYSCONFDIR="%{_sysconfdir}" \
63 install %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name}
64 install %{SOURCE2} $RPM_BUILD_ROOT/etc/sysconfig/%{name}
66 gzip -9nf contrib/fw* AUTHORS CREDITS ChangeLog README
69 /sbin/chkconfig --add %{name}
70 if [ -f %{_var}/lock/subsys/%{name} ]; then
71 /etc/rc.d/init.d/%{name} restart 1>&2
73 echo "Run \"/etc/rc.d/init.d/%{name} start\" to start %{name} daemon."
77 if [ "$1" = "0" ]; then
78 if [ -f %{_var}/lock/subsys/%{name} ]; then
79 /etc/rc.d/init.d/%{name} stop 1>&2
81 /sbin/chkconfig --del %{name}
85 rm -rf $RPM_BUILD_ROOT
88 %defattr(644,root,root,755)
90 %attr(700,root,root) %dir %{_sysconfdir}
91 %attr(600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/*.*
92 %attr(750,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}//fwlw_*
93 %attr(755,root,root) %{_sbindir}/*
94 %attr(754,root,root) /etc/rc.d/init.d/%{name}
95 %attr(640,root,root) %config(noreplace) %verify(not size mtime md5) /etc/sysconfig/%{name}