debian/0000755000000000000000000000000011640414202007160 5ustar debian/watch0000644000000000000000000000012411635140514010214 0ustar version=3 http://www.arpalert.org/index.php?page=download src/arpalert-(.*)\.tar.gz debian/copyright0000644000000000000000000000261011635140514011120 0ustar Format-Specification: http://wiki.debian.org/Proposals/CopyrightFormat?action=recall&rev=196 Packaged-By: Jan Wagner Packaged-Date: Wed, 11 Oct 2006 21:53:25 +0200 Upstream-Name: Arpalert Upstream-Maintainer: Thierry Fournier Upstream-Source: http://www.arpalert.org/src/ Files: * Copyright: Copyright (C) 2005-2010 Thierry Fournier License: GPL-2+ Files: debian/* Copyright: Copyright (C) 2006, 2008 Jan Wagner License: GPL-2+ License: GPL-2+ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL-2 file. debian/init.d0000644000000000000000000000560211635140514010301 0ustar #!/bin/sh # /etc/init.d/arpalert: v1 2006/10/12 jan Wagner # Based on /etc/init.d/arpwatch: v9 2004/08/14 KELEMEN Peter # Based on /etc/init.d/skeleton (1.8 03-Mar-1998 miquels@cistron.nl) # 2001/10/26 fuji@debian.org Support multiple instances. # 2001/11/24 fuji@debian.org Use POSIX-style functions. # 2001/12/17 fuji@debian.org Use --pidfile on startup, fix restart. # 2004/08/10 fuji@debian.org Source /etc/default/arwpatch . # Create datafile if it doesn't exist. # Run daemon only if executable. ### BEGIN INIT INFO # Provides: arpalert # Required-Start: $local_fs $network $remote_fs $syslog # Required-Stop: $local_fs $network $remote_fs $syslog # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: start and stop the arpalert daemon # Description: It listens on a network interface (without using 'promiscuous' # mode) and catches all conversations of MAC address to IP # request. It then compares the mac addresses it detected with a # pre-configured list of authorized MAC addresses. ### END INIT INFO PATH=/sbin:/bin:/usr/sbin:/usr/bin NAME=arpalert DAEMON=/usr/sbin/$NAME DESC="Ethernet station monitor daemon" DATADIR=/var/lib/$NAME test -x $DAEMON || exit 0 ### You shouldn't touch anything below unless you know what you are doing. not_configured () { echo "#### WARNING ####" echo "arpalert won't be started/stopped unless it is configured." echo "If you want to start arpalert as daemon, see /etc/default/arpalert." echo "#################" exit 0 } # check if arpalert is configured or not if [ -f "/etc/default/$NAME" ] then . /etc/default/$NAME if [ "$STARTUP" != "1" ] then not_configured fi else not_configured fi # Check whether we have to drop privileges. if [ -n "$RUNAS" ]; then if ! getent passwd "$RUNAS" >/dev/null; then RUNAS="" fi fi case "$1" in start) echo -n "Starting $DESC: " if [ ! $DATAFILE ]; then DATAFILE=$DATADIR/arpalert.leases fi if [ ! -f $DATAFILE ]; then echo -n "(creating $DATAFILE) " :> $DATAFILE fi if [ -n "$RUNAS" ]; then echo -n "(chown $RUNAS $DATAFILE) " chown $RUNAS $DATAFILE fi start-stop-daemon --start --quiet \ --name ${RUNAS} \ --exec $DAEMON -- -d -f $CONF $ARGS echo "$NAME." ;; stop) echo -n "Stopping $DESC: " start-stop-daemon --stop --quiet --oknodo \ --exec $DAEMON echo "$NAME." rm -f /var/run/$NAME.pid ;; reload) echo "Reload operation not supported -- use restart." exit 1 ;; restart|force-reload) $0 stop sleep 1 $0 start ;; *) N=/etc/init.d/$NAME echo "Usage: $N {start|stop|restart|force-reload}" >&2 exit 1 ;; esac exit 0 debian/postrm0000644000000000000000000000262311635140514010440 0ustar #!/bin/sh # based on arpwatch.postrm: v2 2004/09/15 KELEMEN Peter # arpalert.postrm: v1 2006/10/12 Jan Wagner NUSER=arpalert NGROUP=arpalert set -e case "$1" in purge) # find first and last SYSTEM_UID numbers for LINE in `grep SYSTEM_UID /etc/adduser.conf | grep -v "^#"`; do case $LINE in FIRST_SYSTEM_UID*) FIST_SYSTEM_UID=`echo $LINE | cut -f2 -d '='` ;; LAST_SYSTEM_UID*) LAST_SYSTEM_UID=`echo $LINE | cut -f2 -d '='` ;; *) ;; esac done # remove system account if necessary if [ -n "$FIST_SYSTEM_UID" ] && [ -n "$LAST_SYSTEM_UID" ]; then if USERID=`getent passwd $NUSER | cut -f 3 -d ':'`; then if [ -n "$USERID" ]; then if [ "$FIST_SYSTEM_UID" -le "$USERID" ] && \ [ "$USERID" -le "$LAST_SYSTEM_UID" ] && \ [ -x /usr/sbin/deluser ]; then deluser --quiet $NUSER || true # And then remove the group GROUPID=`getent group $NGROUP | cut -f 3 -d ':'` if [ -n "$GROUPID" ] && [ -x /usr/sbin/delgroup ] ; then delgroup --quiet $NGROUP || true fi fi fi fi fi # Remove state files if [ -d /var/lib/arpalert ]; then find /var/lib/arpalert/ -type f | xargs rm -f fi ;; remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) ;; *) echo "postrm called with unknown argument \`$1'" >&2 exit 1 ;; esac #DEBHELPER# debian/source/0000755000000000000000000000000011635140514010466 5ustar debian/source/format0000644000000000000000000000001411635140514011674 0ustar 3.0 (quilt) debian/changelog0000644000000000000000000000720311640414202011034 0ustar arpalert (2.0.11-7.1) unstable; urgency=low * QA upload * Fix build with hardening flags (Closes: #643352) -- Moritz Muehlenhoff Tue, 27 Sep 2011 20:39:43 +0200 arpalert (2.0.11-7) unstable; urgency=low * QA upload * modernize debian/rules: - use dpkg-buildflags - add build-arch, build-indep - dh_clean -k -> dh_prep * bump Standards-Version * fix some spelling errors found by lintian * shorten the long description to be a description -- Bernhard R. Link Sat, 17 Sep 2011 17:50:59 +0200 arpalert (2.0.11-6) unstable; urgency=low * QA upload, set maintainer to Debian QA group * Switch to source format 3 -- Moritz Muehlenhoff Fri, 10 Jun 2011 00:29:09 +0200 arpalert (2.0.11-5) unstable; urgency=low * Add "Copyright" to all copyrights in debian/copyright * Bump Standards-Version to 3.8.4, no changes needed * Migrate target binary-arch and clean from debian/rules to dh7 * Migrate Vcs-Fields over to scm.uncompleted.org * Add 1.0 to debian/source/format * Add ${misc:Depends} to dependencies -- Jan Wagner Tue, 09 Mar 2010 21:36:09 +0100 arpalert (2.0.11-3) unstable; urgency=low * Updating standards version to 3.8.0, no changes needed * implement machine-interpretable copyright file -- Jan Wagner Sun, 20 Jul 2008 11:47:41 +0200 arpalert (2.0.11-2) unstable; urgency=low * adjust package copyright to actual year * remove trailing whitespaces * fix typo in initscript * add conditional deluser and delgroup in postrm -- Jan Wagner Mon, 14 Apr 2008 21:52:21 +0200 arpalert (2.0.11-1) unstable; urgency=low * New upstream release * removed integrated 01_fix_makefile.in.dpatch and 02_manpage_fix_pidfile.dpatch from patchset * removed dpatch infrastructur for now * removed trailing whitespaces from changelog and rules -- Jan Wagner Mon, 31 Mar 2008 21:27:35 +0200 arpalert (2.0.9-2) unstable; urgency=low * added Vcs- fields, moved Homepage into source header's field * bump standards version to 3.7.3 * implement STARTUP value in default to disable starting daemon (Closes: #458610). -- Jan Wagner Thu, 03 Jan 2008 20:59:51 +0100 arpalert (2.0.9-1) unstable; urgency=low * New upstream release -- Jan Wagner Sat, 17 Nov 2007 21:27:11 +0100 arpalert (2.0.8-2) unstable; urgency=low * fix watch file (Closes: #449898) -- Jan Wagner Wed, 07 Nov 2007 15:01:05 +0100 arpalert (2.0.8-1) unstable; urgency=low * New upstream release -- Jan Wagner Mon, 24 Sep 2007 12:23:38 +0200 arpalert (2.0.6-1) unstable; urgency=low * New upstream release * send_alert.pl moved to /usr/share/arpalert/ (Closes: #427759) * updated package description (Closes: #427762) -- Jan Wagner Fri, 08 Jun 2007 13:44:16 +0200 arpalert (2.0.5-1) unstable; urgency=low * new upstream * some cosmetic fixes in rules -- Jan Wagner Mon, 12 Mar 2007 20:35:16 +0100 arpalert (2.0.3-1) unstable; urgency=medium * New upstream release * Improve Description, Thanks to Martin 'Joey' Schulze (Closes: #400572) -- Jan Wagner Fri, 24 Nov 2006 12:14:00 +0100 arpalert (2.0.2-1) unstable; urgency=low * New upstream release + shipping oui file now * adjusted 01_fix_makefile.in.dpatch for new upstream -- Jan Wagner Mon, 6 Nov 2006 15:48:00 +0100 arpalert (2.0.0-1) unstable; urgency=low * Initial Release. (Closes: #392647) -- Jan Wagner Wed, 19 Oct 2006 01:06:18 +0200 debian/compat0000644000000000000000000000000211635140514010364 0ustar 7 debian/patches/0000755000000000000000000000000011640414331010612 5ustar debian/patches/series0000644000000000000000000000011611640414152012026 0ustar 0001-fix-some-spelling-errors.patch 0002-fix-build-with-hardening-flags.patch debian/patches/0002-fix-build-with-hardening-flags.patch0000644000000000000000000000065711640414140020103 0ustar diff -aur arpalert-2.0.11.orig//log.c arpalert-2.0.11/log.c --- arpalert-2.0.11.orig//log.c 2008-03-31 20:36:42.000000000 +0200 +++ arpalert-2.0.11/log.c 2011-09-27 20:38:33.000000000 +0200 @@ -119,7 +119,7 @@ #ifdef USE_SYSLOG if(config[CF_USESYSLOG].valeur.integer == TRUE && syslog_initialized == TRUE){ - syslog(priority, log_msg); + syslog(priority, "%s", log_msg); } #endif Nur in arpalert-2.0.11: log.c~. debian/patches/0001-fix-some-spelling-errors.patch0000644000000000000000000000474411635140515017102 0ustar From a15a623c957c9186724b402bec555d09cd6fb5be Mon Sep 17 00:00:00 2001 From: Bernhard R. Link Date: Sat, 17 Sep 2011 17:48:08 +0200 Subject: fix some spelling errors --- doc/arpalert.8 | 4 ++-- maclist.c | 4 ++-- sens.c | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/doc/arpalert.8 b/doc/arpalert.8 index d0e4a24..d03915e 100644 --- a/doc/arpalert.8 +++ b/doc/arpalert.8 @@ -17,7 +17,7 @@ Specify the config file. Comma separated network interfaces listen to. .TP \fB\-p pid_file\fR -Use this pid file. this file containis a pid number of the arpalert session. If the file exist and his locked, the deamon do not run. +Use this pid file. this file containis a pid number of the arpalert session. If the file exist and his locked, the daemon do not run. .TP \fB\-e exec_script\fR Script launched when an alert is send. @@ -71,7 +71,7 @@ If this option is commented out, the program does not use chroot. .br The program read the config file and open the syslog socket before the chroot: .br -The kill -HUP does not work with chroot. +The kill \-HUP does not work with chroot. .br If the syslog program is restarted, the socket change and the arpalert syslog system can't be connect to the new socket: the logs with syslog are disabled. Prefere to use the log file. diff --git a/maclist.c b/maclist.c index 8af36c7..b9867ae 100644 --- a/maclist.c +++ b/maclist.c @@ -144,7 +144,7 @@ int maclist_file(char *file_name, int level, int mode){ // first arg: mac addr if(str_to_mac(args[0], &mac) == -1){ logmsg(LOG_ERR, - "file: \"%s\", line %d: mac adress error", + "file: \"%s\", line %d: mac address error", file_name, ligne); return -1; } @@ -153,7 +153,7 @@ int maclist_file(char *file_name, int level, int mode){ ip.s_addr = inet_addr(args[1]); if(ip.s_addr == INADDR_NONE){ logmsg(LOG_ERR, - "file: \"%s\", line %d: ip adress error: %s", + "file: \"%s\", line %d: ip address error: %s", file_name, ligne, args[1]); return -1; } diff --git a/sens.c b/sens.c index def734d..a3532c3 100644 --- a/sens.c +++ b/sens.c @@ -267,7 +267,7 @@ int sens_init(int status) { ip.s_addr = inet_addr(str_ip); if(ip.s_addr == INADDR_NONE){ logmsg(LOG_ERR, - "file: \"%s\", line %d: ip adress error: %s", + "file: \"%s\", line %d: ip address error: %s", config[CF_AUTHFILE].valeur.string, ligne, str_ip); return -1; debian/postinst0000644000000000000000000000252111635140514010774 0ustar #!/bin/sh # based on arpwatch.postinst: v11 2004/09/15 KELEMEN Peter # arpalert.postinst: v1 2006/01/12 Jan Wagner set -e AAUSER="arpalert" AAGROUP="arpalert" AAHOME="/var/lib/$AAUSER" AAGECOS="ARP Alerter" case "$1" in configure) # Take care of group. if AAGROUP_ENTRY=`getent group $AAGROUP`; then # group exists : else # group does not exist yet addgroup --quiet --system $AAGROUP fi # Take care of user. if AAUSER_ENTRY=`getent passwd $AAUSER`; then # user exists adduser --quiet $AAUSER $AAGROUP else # user does not exist yet adduser --quiet --system \ --ingroup $AAGROUP \ --gecos "$AAGECOS" \ --home $AAHOME \ --no-create-home \ --shell /bin/sh \ --disabled-login \ --disabled-password \ $AAUSER fi # Set up home directory. if [ -d $AAHOME ]; then chown -R ${AAUSER}:${AAGROUP} $AAHOME chmod -R o-rwX $AAHOME fi ;; abort-upgrade|abort-remove|abort-deconfigure) ;; *) echo "postinst called with unknown argument \`$1'" >&2 exit 1 ;; esac NAME=arpalert DBDIR=/var/lib/$NAME DBFILE=arp.dat BACKUPDIR=/var/backups # Restore backed up ARP databases. if [ -d $BACKUPDIR -a -d $BACKUPDIR/$NAME ]; then cp $BACKUPDIR/$NAME/* $DBDIR 2>/dev/null || true fi if [ -d $DBDIR ]; then touch $DBDIR/$DBFILE fi #DEBHELPER# debian/rules0000755000000000000000000000513211635140514010247 0ustar #!/usr/bin/make -f # written by Jan Wagner # Uncomment this to turn on verbose mode. # export DH_VERBOSE=1 # These are used for cross-compiling and for saving the configure script # from having to guess our platform (since we know it already) DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) CFLAGS := $(shell dpkg-buildflags --get CFLAGS) CPPFLAGS := $(shell dpkg-buildflags --get CPPFLAGS) LDFLAGS := $(shell dpkg-buildflags --get LDFLAGS) CFLAGS += -Wall # Makefile's value is otherwise overriden and modules no longer work without LDFLAGS += -Wl,--export-dynamic ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) MAKEFLAGS += -j$(patsubst parallel=%,%,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) endif config.status: configure dh_testdir # non-standard Makefile.in, does not use CPPFLAGS and does # not use CFLAGS when linking, so work around that: ./configure --prefix=/usr --mandir=\$${prefix}/share/man \ --infodir=\$${prefix}/share/info --sysconfdir=/etc \ --localstatedir=/var \ --build=$(DEB_BUILD_GNU_TYPE) --host=$(DEB_BUILD_GNU_TYPE) \ CFLAGS='$(CPPFLAGS) $(CFLAGS)' LDFLAGS='$(CFLAGS) $(LDFLAGS)' # avoid Makefile overriding optimisation flags: sed -e '/-Wall -O2/d' -i Makefile build: build-arch build-indep build-arch: build-stamp build-indep: build-stamp: config.status dh_testdir # Makefile uses CFLAGS += @CFLAGS@ ..., so empty the on in environment # Makefile also overrides the one set by configure, so supply it again... CFLAGS="" $(MAKE) LDFLAGS='$(CFLAGS) $(LDFLAGS)' touch build-stamp clean: rm -f build-stamp ifeq ($(shell ls Makefile),Makefile) $(MAKE) mrproper endif dh clean binary-indep: binary-arch: build-stamp dh_testdir dh_testroot dh_prep dh_installdirs # Add here commands to install the arch part of the package $(MAKE) DESTDIR=debian/arpalert install PREFIX=debian/arpalert/usr install -d -m 0755 debian/arpalert/usr/share/doc/arpalert/examples/scripts/ cp -R scripts/contribs debian/arpalert/usr/share/doc/arpalert/examples/scripts/ cp -R scripts/test_scripts debian/arpalert/usr/share/doc/arpalert/examples/scripts/test # move alert script to /usr/share/arpalert/ install -d -m 0755 debian/arpalert/usr/share/arpalert/ mv debian/arpalert/usr/share/doc/arpalert/examples/scripts/contribs/send_alert.pl debian/arpalert/usr/share/arpalert/ dh binary-arch --until dh_compress dh_fixperms --exclude=/var/lib/arpwatch dh binary-arch --after dh_fixperms binary: binary-indep binary-arch .PHONY: binary-indep binary-arch build-arch build-indep binary build debian/preinst0000644000000000000000000000064211635140514010577 0ustar #!/bin/sh # based on arpwatch.preinst: v4 2004/08/14 KELEMEN Peter # arpalert.preinst: v1 2006/10/12 Jan Wagner set -e NAME=arpalert DBDIR=/var/lib/$NAME DBFILE=arp.dat BACKUPDIR=/var/backups # Back up collected ARP databases. if [ -d $DBDIR -a -d $BACKUPDIR ]; then if [ -d $BACKUPDIR/$NAME ]; then rm -r $BACKUPDIR/$NAME fi cp -rp $DBDIR $BACKUPDIR/$NAME fi #DEBHELPER# debian/control0000644000000000000000000000175411635140674010607 0ustar Source: arpalert Section: net Priority: optional Maintainer: Debian QA Group Build-Depends: debhelper (>= 7), libpcap0.8-dev Homepage: http://www.arpalert.org/ Vcs-Browser: https://scm.uncompleted.org/projects/debian/repository/show/arpalert Vcs-Svn: https://scm.uncompleted.org/svn/debian/arpalert Standards-Version: 3.9.2 Package: arpalert Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends}, adduser Description: monitor ARP changes in ethernet networks The arpalert daemon listens on a network interface (without using 'promiscuous' mode) and catches all conversations of MAC address to IP request. It then compares the mac addresses it detected with a pre-configured list of authorized MAC addresses. If the MAC is not in list, arpalert launches a pre-defined user script with the MAC address and IP address as parameters. . If you need to use a list of authorized MAC addresses, this package should suit your needs, otherwise arpwatch may be also fine. debian/default0000644000000000000000000000052611635140514010540 0ustar # Global options for arpalert(8). # Set to '0' to disable startup (daemon mode) STARTUP=1 # Config file CONF=/etc/arpalert/arpalert.conf # Arguments passed on start (-d implied) ARGS="" # Debian: run as `arpalert' user. Empty this to run as root. RUNAS="arpalert" # Default lease file is "/var/lib/arpalert/arpalert.leases" DATAFILE=""