%define name p0f %define version 2.0.8 %define release %mkrel 1 %define daemon %{name}d # TODO # * mysql support => depedency, config file and so on. # * for mysql version, should create the database at first connection. # use a mysql | wc -l, or something like that. # * don't forget the permission of the config for mysql ! # Name: %{name} Summary: Passive OS fingerprinting tool Version: %{version} Release: %{release} License: GPL Group: Networking/Other Source0: http://lcamtuf.coredump.cx/p0f/%{name}-%{version}.tar.bz2 Source1: %{name}.init.mdk.bz2 Source2: %{name}.sysconfig.bz2 URL: http://lcamtuf.coredump.cx/p0f.shtml BuildRoot: %{_tmppath}/%{name}-buildroot BuildRequires: libpcap-devel Requires: chkconfig Requires: fileutils Requires: grep Requires: awk Requires: sh-utils Requires(post): rpm-helper Requires(preun): rpm-helper %description p0f performs passive OS fingerprinting technique bases on information coming from remote host when it establishes connection to our system. Captured packets contains enough information to determine OS - and, unlike active scanners (nmap, queSO) - it is done without sending anything to this host. %prep rm -Rf $RPM_BUILD_ROOT %setup -q -n %{name} %build %make -f mk/Linux CFLAGS='%optflags -DUSE_BPF=\"pcap-bpf.h\"' %install %__install -d $RPM_BUILD_ROOT{%{_sysconfdir}/sysconfig,%{_sysconfdir}/%{name},%{_initrddir}} %__install -d $RPM_BUILD_ROOT/%{_bindir} %__install -d $RPM_BUILD_ROOT/%{_sbindir} %__install -d $RPM_BUILD_ROOT/%{_mandir}/man1/ %__cp -p p0f.fp $RPM_BUILD_ROOT/%{_sysconfdir}/%{name} bzcat %{SOURCE1} > $RPM_BUILD_ROOT/%{_initrddir}/%{name} bzcat %{SOURCE2} > $RPM_BUILD_ROOT/%{_sysconfdir}/sysconfig/%{name} # ugly hack, to correct the fact that p0f doesn't go by himself in the background. # easier to code than a patch ( at least, for me ) # this script is called by the init script echo '#!/bin/sh p0f -q $* & com=$! sleep 3 # if the command is still here( ie not crashed ) # grep will return a good return value ps | awk "{print \$1}" | grep $com 1>/dev/null 2>&1'> $RPM_BUILD_ROOT/%{_sbindir}/%{daemon} chmod +x $RPM_BUILD_ROOT/%{_sbindir}/%{daemon} %__cp -p p0f p0frep $RPM_BUILD_ROOT/%{_bindir} %__cp -p p0f.1 $RPM_BUILD_ROOT/%{_mandir}/man1/ %clean rm -rf $RPM_BUILD_ROOT %files %defattr(-,root,root,755) %doc doc/COPYING doc/CREDITS doc/INSTALL.Win32 doc/KNOWN_BUGS doc/README %doc doc/TODO %config(noreplace) %attr(644,root,root) %{_sysconfdir}/sysconfig/%{name} %dir %attr(755,root,root) %{_sysconfdir}/%{name} %config(noreplace) %attr(644,root,root) %{_sysconfdir}/%{name}/p0f.fp %config(noreplace) %attr(755,root,root) %{_initrddir}/%{name} %{_bindir}/p0frep %{_bindir}/p0f %{_sbindir}/%{daemon} %{_mandir}/man1/* %post %_post_service %{name} %preun %_preun_service %{name} %changelog * Wed Sep 06 2006 Olivier Thauvin <nanardon@mandriva.org> + 2006-09-06 17:46:41 (60384) - 2.0.8 * Wed Sep 06 2006 Olivier Thauvin <nanardon@mandriva.org> + 2006-09-06 17:41:27 (60383) Import p0f * Fri Mar 10 2006 Olivier Thauvin <nanardon@mandriva.org> 2.0.6-2mdk - fix prereq * Fri Mar 10 2006 Olivier Thauvin <nanardon@mandriva.org> 2.0.6-1mdk - 2.0.6 * Wed Jul 13 2005 Oden Eriksson <oeriksson@mandriva.com> 2.0.5-3mdk - rebuilt against new libpcap-0.9.1 (aka. a "play safe" rebuild) * Sat Apr 16 2005 Giuseppe Ghibò <ghibo@mandriva.com> 2.0.5-2mdk - removed libpcap0 explicit requires (for X86-64). * Tue Sep 14 2004 Olivier Thauvin <thauvin@aerov.jussieu.fr> 2.0.5-1mdk * Mon Jul 12 2004 Tibor Pittich <Tibor.Pittich@mandrake.org> 2.0.4-2mdk - corect location of fingerprint file - added man page * Sun Jul 11 2004 Michael Scherer <misc@mandrake.org> 2.0.4-1mdk - New release 2.0.4 - use the good tarball * Mon Apr 26 2004 Olivier Thauvin <thauvin@aerov.jussieu.fr> 2.0.3-2mdk - patch0 (renamed pcap include) Bug #9600 * Mon Nov 03 2003 Olivier Thauvin <thauvin@aerov.jussieu.fr> 2.0.3-1mdk - 2.0.3 * Thu Sep 04 2003 Olivier Thauvin <thauvin@aerov.jussieu.fr> 2.0.1-1mdk - 2.0.1 * Fri Apr 04 2003 Lenny Cartier <lenny@mandrakesoft.com> 1.8.3-1mdk - 1.8.3 * Mon Feb 10 2003 Lenny Cartier <lenny@mandrakesoft.com> 1.8.2.2-1mdk - from Michael Scherer <scherer.michael@free.fr> : - Initial Mdk RPM - Mandrakification of the init file * Mon Jan 21 2002 William Stearns <wstearns@pobox.com> - Minor fixes and updates - Addition of p0frep log reporting tool * Mon Jan 21 2002 William Stearns <wstearns@pobox.com> - Updated to 1.8 final sources * Sat Nov 17 2001 William Stearns <wstearns@pobox.com> - Updated to 1.8 test sources * Sun Aug 13 2000 William Stearns <wstearns@pobox.com> - first rpm from 1.7 sources. - addition of a SysV init file