debian/0000755000000000000000000000000011273271627007176 5ustar debian/README.source0000644000000000000000000000064711272412731011354 0ustar Debian source package for net-acct ================================== Patching upstream sources ------------------------- The quilt series is generated from the Git repository, using dom-{apply,save}-patches, from the dh-ocaml (>= 0.5) package. Please refer to the appendix about Git in the Debian OCaml Packaging Policy (from the same package). -- Stéphane Glondu , Thu, 29 Oct 2009 23:22:04 +0100 debian/net-acct.postrm0000644000000000000000000000201111272412731012124 0ustar #!/bin/sh # postrm script for net-acct # # see: dh_installdeb(1) set -e # summary of how this script can be called: # * `remove' # * `purge' # * `upgrade' # * `failed-upgrade' # * `abort-install' # * `abort-install' # * `abort-upgrade' # * `disappear' # # for details, see http://www.debian.org/doc/debian-policy/ or # the debian-policy package case "$1" in remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) ;; purge) if test -d /var/log/net-acct; then rm -Rf /var/log/net-acct fi ;; *) echo "postrm called with unknown argument \`$1'" >&2 exit 1 ;; esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0 debian/changelog0000644000000000000000000001145111273271371011046 0ustar net-acct (0.71-9) unstable; urgency=low * Move patches to upstream to quilt series * Switch to 3.0 (quilt) source format * Switch to dh with overrides * Add debian/README.source * Upstream is dead: remove Homepage field, update watch file * debian/control: - update my e-mail address and remove DMUA - update Standards-Version to 3.8.3 (no changes) -- Stéphane Glondu Sun, 01 Nov 2009 12:36:01 +0100 net-acct (0.71-8) unstable; urgency=low * New maintainer (Closes: #486000: ITA: net-acct) * Acknowledge NMU * Use debhelper 7: debian/rules rewritten, maintenance scripts updated (and partly automatically generated by debhelper) * Fix handling nostrip build option (Closes: #437610) * Update Standards-Version to 3.8.0 * Add Homepage field to debian/control * Fix Lintian warning in debian/changelog * Use logrotate instead of cron.daily/savelog * Purging removes log files (Closes: #332495) * Don't compress perl modules in examples (Closes: #162665) * Add README.Debian and switch to machine-parsable copyright format, as per http://wiki.debian.org/Proposals/CopyrightFormat * Add LSB short description and status command to init.d script * Add debian/watch * Fix incomplete sl2rbl output (Closes: #440335) -- Stephane Glondu Sat, 21 Jun 2008 12:14:12 +0200 net-acct (0.71-7.3) unstable; urgency=low * Non-maintainer upload. * Added LSB formatted dependency info in init.d script (closes: #468892) -- Peter Eisentraut Wed, 02 Apr 2008 02:06:30 +0200 net-acct (0.71-7.2) unstable; urgency=low * Non-maintainer upload. * debian/rules: fix bashism (Closes: #379633). * debian/postinst: fix deprecated-chown-usage lintian warning. -- Luca Falavigna Wed, 16 Jan 2008 22:13:23 +0100 net-acct (0.71-7.1) unstable; urgency=low * Non-maintainer upload. * Use invoke-rc.d; closes: #367725. -- Robert S. Edmonds Sun, 02 Sep 2007 01:25:09 -0400 net-acct (0.71-7) unstable; urgency=high * reupload for faster processing (resigned with correct GPG key) -- Bernd Eckenfels Tue, 07 Sep 2004 08:29:22 +0200 net-acct (0.71-6) unstable; urgency=high * spelling fix (Closes Bug: #125176) * SECURITY: fixed insecure temp file creation/deletion reported by Stefan Nordhausen. This is net-acct-notempfiles.patch from Sep 2 2004 (Closes: Bug #270359) (simply remove the code) * include stdlib.h to declare strdup (Closes: Bug #226655) (not critical since the compiled object was not used) * removed compiler warning (undefined integer variable in capture-linux.c) * bumped standards version from 3.5.6 to 3.6.1 (no /usr/doc link) * fixed path to interpreter in sample (Closes: Bug #162664) * fixed endianess problem in protocol type detection. * fixed copyright-should-refer-to-common-license-file-for-gpl -- Bernd Eckenfels Tue, 07 Sep 2004 07:31:22 +0200 net-acct (0.71-5) unstable; urgency=low * chnaged section to extra * added manpage from Alex King (alex@king.net.nz) THANKS! Closes: Bug#4309 -- Bernd Eckenfels Sun, 16 Dec 2001 05:29:34 +0100 net-acct (0.71-3) unstable; urgency=low * fixed missing check for binary in nacct-daily (Closes: Bug #116252) * fixed url in copyright file * upgraded to standrds version 3.5.6, remove gcc -g switch -- Bernd Eckenfels Sat, 20 Oct 2001 03:27:51 +0200 net-acct (0.71-2) unstable; urgency=low * closes bug #76917 (missing +x for prerm) -- Bernd Eckenfels Sat, 18 Nov 2000 02:06:24 +0100 net-acct (0.71-1) unstable; urgency=low * closes bug #76376 (typo in postinst) * closes bug #66093 (name of changelog file) * closes bug #58285 (daemon is stopped on remove) * updated standards version (moved /usr/doc) * made lintian happy (wrong manpage link, spelling fixes, ...) * new upstream version from exorsus.net -- Bernd Eckenfels Tue, 7 Nov 2000 00:56:26 +0100 net-acct (0.7-2) unstable; urgency=high * fixes rulefile for compilation on other archs (#32740) * fixes cron job if pid file is missing (#35538) -- Bernd Eckenfels Tue, 29 Jun 1999 23:08:51 +0200 net-acct (0.7-1) unstable; urgency=low * new upstream version * should fix #31639 -- Bernd Eckenfels Sun, 24 Jan 1999 15:35:51 +0100 net-acct (0.4-2) unstable; urgency=low * addes links to undocumented(7) for nacctd(1) and nacctab(5) (bug #4309) * renamed /usr/doc/net-acct/README to Manual.txt * new source format -- Bernd Eckenfels Thu, 27 Aug 1996 21:56:58 +0200 net-acct (0.4-1) unstable; urgency=low * added debian control files and my patch (see README.be-patch) -- Bernd Eckenfels Thu, 18 Jul 1996 21:56:58 +0200 debian/copyright0000644000000000000000000000145211272413467011132 0ustar Packaged-By: Bernd Eckenfels Packaged-Date: Thu, 18 Jul 1996 21:56:58 +0200 Original-Source-Location: http://exorsus.net/projects/net-acct/ Files: * Copyright: © 1994-1996 Ulrich Callmeier, Germany (program) © 1996 Bernd Eckenfels, Germany (enhancements) License: GPL-2+ Files: nacctd.8 Copyright: © 2001 Alex King License: GPL-2+ Files: debian/* Copyright: © 1996 Bernd Eckenfels, Germany © 2008 Stéphane Glondu License: GPL-2+ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version. See `/usr/share/common-licenses/GPL-2' for the full text. debian/watch0000644000000000000000000000011011272412731010207 0ustar # Upstream is dead; used to be at http://exorsus.net/projects/net-acct/ debian/net-acct.postinst0000644000000000000000000000231311272412731012470 0ustar #!/bin/sh # postinst script for net-acct # # see: dh_installdeb(1) set -e # summary of how this script can be called: # * `configure' # * `abort-upgrade' # * `abort-remove' `in-favour' # # * `abort-remove' # * `abort-deconfigure' `in-favour' # `removing' # # for details, see http://www.debian.org/doc/debian-policy/ or # the debian-policy package if [ ! -d /var/log/net-acct ]; then mkdir /var/log/net-acct chmod 755 /var/log/net-acct chown root:root /var/log/net-acct fi case "$1" in configure) cat<&2 exit 1 ;; esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0 debian/net-acct.init0000755000000000000000000000262711272412731011563 0ustar #!/bin/sh ### BEGIN INIT INFO # Provides: net-acct # Required-Start: $remote_fs $syslog # Required-Stop: $remote_fs $syslog # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: User-mode IP accounting daemon ### END INIT INFO # # /etc/init.d/net-acct start/stop/restart nacctd # # See /usr/share/doc/net-acct/ for information # DAEMON=/usr/sbin/nacctd NAME=nacctd DESC="User-mode IP accounting daemon" PIDFILE=/var/run/nacctd.pid CONFFILE=/etc/naccttab test -r "$CONFFILE" || exit 0 test -x "$DAEMON" || exit 0 # Function used to determine if the program is alive is_alive () { ret=1 if [ -r "$PIDFILE" ] ; then pid=`cat $PIDFILE` if [ -e /proc/$pid ] ; then procname=`/bin/ps h -p $pid -C ${DAEMON##*/}` [ -n "$procname" ] && ret=0 fi fi return $ret } case "$1" in start) start-stop-daemon --start --verbose --exec "$DAEMON" ;; stop) start-stop-daemon --stop --verbose --pidfile "$PIDFILE" ;; restart|force-reload|reload) start-stop-daemon --stop --retry 5 --verbose --pidfile "$PIDFILE" start-stop-daemon --start --verbose --exec "$DAEMON" ;; status) echo -n "Status of $DAEMON: " if is_alive; then echo "alive." else echo "dead." exit 1 fi ;; *) echo "Usage: /etc/init.d/net-acct {start|stop|restart|status}" exit 1 esac exit 0 debian/net-acct.docs0000644000000000000000000000001711272412731011534 0ustar README CHANGES debian/control0000644000000000000000000000124111273271342010571 0ustar Source: net-acct Section: net Priority: extra Maintainer: Stéphane Glondu Build-Depends: debhelper (>= 7.0.50~) Standards-Version: 3.8.3 Vcs-Browser: http://git.debian.org/?p=collab-maint/net-acct.git Vcs-Git: git://git.debian.org/git/collab-maint/net-acct.git Package: net-acct Architecture: any Depends: logrotate, ${shlibs:Depends}, ${misc:Depends} Description: User-mode IP accounting daemon This package logs network traffic. It provides a daemon (nacctd) that logs all traffic passing the machine it runs on (similar to what tcpdump does). . Capability is provided to associate traffic to slip/ppp users in case you run a slip/ppp server. debian/source/0000755000000000000000000000000011272412731010466 5ustar debian/source/format0000644000000000000000000000001411273271626011703 0ustar 3.0 (quilt) debian/gbp.conf0000644000000000000000000000003611272412731010604 0ustar [DEFAULT] pristine-tar = True debian/net-acct.examples0000644000000000000000000000002211272412731012416 0ustar contrib/* tools/* debian/net-acct.manpages0000644000000000000000000000001111272412731012371 0ustar nacctd.8 debian/net-acct.install0000644000000000000000000000005011272412731012247 0ustar src/nacctd usr/sbin debian/naccttab etc debian/rules0000755000000000000000000000064611272412731010254 0ustar #!/usr/bin/make -f # -*- makefile -*- # Uncomment this to turn on verbose mode. #export DH_VERBOSE=1 %: dh $@ .PHONY: override_dh_auto_build override_dh_auto_build: $(MAKE) -C src MASQ=-DREMAP_MASQUERADE cp src/naccttab.sample debian/naccttab .PHONY: override_dh_auto_clean override_dh_auto_clean: $(MAKE) -C src clean -rm -f debian/naccttab .PHONY: override_dh_compress override_dh_compress: dh_compress -X.pl debian/net-acct.logrotate0000644000000000000000000000142211272412731012605 0ustar /var/log/net-acct/net-acct.log { rotate 14 daily compress prerotate if test -r /var/run/nacctd.pid; then # Stop writing out entries kill -TSTP `cat /var/run/nacctd.pid` fi endscript postrotate if test -r /var/run/nacctd.pid; then # Start writing out entries again kill -CONT `cat /var/run/nacctd.pid` fi endscript } /var/log/net-acct/net-acct.debug { rotate 2 daily compress prerotate if test -r /var/run/nacctd.pid; then # Stop writing out entries kill -TSTP `cat /var/run/nacctd.pid` fi endscript postrotate date > /var/log/net-acct/net-acct.debug if test -r /var/run/nacctd.pid; then # Start writing out entries again kill -CONT `cat /var/run/nacctd.pid` fi endscript } debian/README.Debian0000644000000000000000000000155311272412731011233 0ustar net-acct-0.71 This is Debian Linux's prepackaged version of Ulrich Callmeier's net-acct, a user mode daemon for accounting IP traffic. It writes detailed logs including protocol, sender and destination address and ports, byte and packets count and some support for dynamic addresses. (from the readme:) Since the author, Ulrich Callmeier, seems to have abandoned this software, please do not send comments or bug reports to him anymore. Net-Acct is a user-space daemon which generates log files of network traffic for accounting purposes. Initially created by Ulrich Callmeier, it is now worked upon occasionally by a team of volunteers on the list net-acct@CoLi.Uni-SB.DE, questions are best asked there or net-acct@exorsus.net. This package was put together by Bernd Eckenfels . -- Stephane Glondu Sat, 21 Jun 2008 00:47:08 +0200 debian/patches/0000755000000000000000000000000011273271626010624 5ustar debian/patches/0003-REMAP_MASQUERADE-stuff.patch0000644000000000000000000000351511272412731015722 0ustar From: Bernd Eckenfels Date: Sun, 15 Jun 2008 16:34:38 +0200 Subject: [PATCH] REMAP_MASQUERADE stuff --- src/main.c | 6 +++++- src/netacct.h | 7 +++++++ src/process.c | 5 ----- 3 files changed, 12 insertions(+), 6 deletions(-) diff --git a/src/main.c b/src/main.c index f36450c..d13e765 100644 --- a/src/main.c +++ b/src/main.c @@ -29,6 +29,11 @@ void usage(void) fprintf(stderr, "Usage: %s [-dD] [-c filename]\n\n\t-d\tSwitch on debugging\n", progname); fprintf(stderr, "\t-c\tSpecify alternative configuration file\n"); fprintf(stderr, "\t-D\tDon't detach (for inittab)\n\n"); +#ifdef REMAP_MASQUERADE + fprintf(stderr, "\tHASHSIZE=%d REMAP_MASQUERADE(%d..%d)\n\n",HASHSIZE,PORT_MASQ_BEGIN,PORT_MASQ_END); +#else + fprintf(stderr, "\tHASHSIZE=%d REMAP_MASQUERADE not defined\n\n",HASHSIZE); +#endif } void process_options(int argc, char *argv[]) @@ -254,4 +259,3 @@ int main(int argc, char *argv[]) fclose(dbg_file); return 0; } - diff --git a/src/netacct.h b/src/netacct.h index 5edb7e6..5415ec3 100644 --- a/src/netacct.h +++ b/src/netacct.h @@ -23,6 +23,13 @@ #define IP_TCP 6 #endif +#ifdef REMAP_MASQUERADE +/* #include */ +/* from /usr/src/linux/include/net/ip_masq.h */ +#define PORT_MASQ_BEGIN 61000 +#define PORT_MASQ_END (PORT_MASQ_BEGIN+4096) +#define PROC_MASQ_FILENAME "/proc/net/ip_masquerade" +#endif /* certain features you can disable or enable */ #undef HUMAN_READABLE_TIME diff --git a/src/process.c b/src/process.c index 3ad8860..e926682 100644 --- a/src/process.c +++ b/src/process.c @@ -21,11 +21,6 @@ #include #include -#ifdef REMAP_MASQUERADE -#include -#define PROC_MASQ_FILENAME "/proc/net/ip_masquerade" -#endif - char *rcs_revision_process_c = "$Revision: 1.8 $"; volatile int running; -- debian/patches/0007-Fix-incomplete-sl2rbl-output.patch0000644000000000000000000000217711272412731017650 0ustar From: Stephane Glondu Date: Sat, 21 Jun 2008 11:23:54 +0200 Subject: [PATCH] Fix incomplete sl2rbl output See Debian bug #440335. The example script sl2rdbl seems to have a bug which inhibits the display of any from or to ports in some cases if the port is not "well known" in /etc/services. Patch from Rainer Zocholl. --- tools/sl2rdbl | 8 ++++---- 1 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tools/sl2rdbl b/tools/sl2rdbl index bf62f61..c40e585 100755 --- a/tools/sl2rdbl +++ b/tools/sl2rdbl @@ -46,14 +46,14 @@ while(<>) if($proto eq 'udp') { - if(!(($port1) = $udp[$x_fromport])) {$port1 = $x_fromport;}; - if(!(($port2) = $udp[$x_toport])) {$port2 = $x_toport;}; + if(!($port1 = $udp[$x_fromport])) {$port1 = $x_fromport;}; + if(!($port2 = $udp[$x_toport])) {$port2 = $x_toport;}; } elsif($proto eq 'tcp') { - if(!(($port1) = $tcp[$x_fromport])) {$port1 = $x_fromport;}; - if(!(($port2) = $tcp[$x_toport])) {$port2 = $x_toport;}; + if(!($port1 = $tcp[$x_fromport])) {$port1 = $x_fromport;}; + if(!($port2 = $tcp[$x_toport])) {$port2 = $x_toport;}; } else { -- debian/patches/0004-Change-naccttab.sample.patch0000644000000000000000000000541311272412731016444 0ustar From: Bernd Eckenfels Date: Sun, 15 Jun 2008 16:39:06 +0200 Subject: [PATCH] Change naccttab.sample --- src/naccttab.sample | 20 ++++++++++---------- 1 files changed, 10 insertions(+), 10 deletions(-) diff --git a/src/naccttab.sample b/src/naccttab.sample index 11f8cf9..d6a226d 100644 --- a/src/naccttab.sample +++ b/src/naccttab.sample @@ -10,11 +10,11 @@ fdelay 60 # this defines after how many seconds # since only one output record will be # generated for related traffic -file /var/log/net-acct # defines output file +file /var/log/net-acct/net-acct.log # defines output file # this is the regular output file of # the daemon -dumpfile /var/log/net-acct-dump # defines dump file +dumpfile /var/log/net-acct/dump # defines dump file # this is used to dump the not yet # written information so this is not # lost should the machine crash @@ -22,16 +22,16 @@ dumpfile /var/log/net-acct-dump # defines dump file # file of this name will be moved # to *.o -notdev eth1 # Dont log entries for this device +#notdev eth1 # Dont log entries for this device # Use this on routers that you dont # log forwarded packets twice. -device eth0 # device to put into promiscous mode +#device eth0 # device to put into promiscous mode # you can specify as many as you want # and you don't have to specify one # (e.g. if this runs on your router) -# iflimit eth0 # on machines with multiple interfaces, +iflimit eth0 # on machines with multiple interfaces, # log only packets on this interface # mutually exclusive with hostlimit @@ -59,7 +59,7 @@ ignorenet 127.0.0.0 255.0.0.0 # ignore loopback net # of the masqueraded destination debug 2 # set debugging level -debugfile /tmp/nacctd.debug # where to put debugging info +debugfile /var/log/net-acct/net-acct.debug # where to put debugging info # Device configuration # Defines where the real data starts for each type of interface @@ -79,12 +79,12 @@ headers plip 14 12 # For dynamic slip/ppp -dynamicip /var/run # where files for dynamic ip are stored -dynamicnet 202.36.94.0 255.255.255.0 # on which network are all the +#dynamicip /var/run # where files for dynamic ip are stored +#dynamicnet 202.36.94.0 255.255.255.0 # on which network are all the # dynamically assigned adresses -exclude-name-lookup 202.36.94.1 255.255.255.255 -exclude-name-lookup 202.36.94.253 255.255.255.255 +#exclude-name-lookup 202.36.94.1 255.255.255.255 +#exclude-name-lookup 202.36.94.253 255.255.255.255 # hostlimit 12.34.56.78 # log only packets to/from this host # hostlimit 34.56.78.12 # and this one too -- debian/patches/series0000644000000000000000000000034311272412731012032 0ustar 0001-Change-perl-path-in-shebang.patch 0002-Minor-fixes.patch 0003-REMAP_MASQUERADE-stuff.patch 0004-Change-naccttab.sample.patch 0005-Add-manpage.patch 0006-Fix-insecure-temp-file.patch 0007-Fix-incomplete-sl2rbl-output.patch debian/patches/0006-Fix-insecure-temp-file.patch0000644000000000000000000000550211272412731016444 0ustar From: Bernd Eckenfels Date: Sun, 15 Jun 2008 16:52:11 +0200 Subject: [PATCH] Fix insecure temp file From Debian changelog, version 0.71-6: SECURITY: fixed insecure temp file creation/deletion reported by Stefan Nordhausen. This is net-acct-notempfiles.patch from Sep 2 2004 (Closes: Bug #270359) (simply remove the code) --- src/process.c | 17 ----------------- 1 files changed, 0 insertions(+), 17 deletions(-) diff --git a/src/process.c b/src/process.c index e926682..5b6ec2b 100644 --- a/src/process.c +++ b/src/process.c @@ -397,7 +397,6 @@ void WAIT_CHILD(void) void write_list(void) { FILE *f; - char tmpn[255]; int i; while( (writepid = fork()) < 0) sleep(1); @@ -410,9 +409,6 @@ void write_list(void) DEBUG(DBG_STATE, sprintf(dbg, "write child: synchronized with parent\n")); - sprintf(tmpn, "/tmp/nacctd.write.%d", (int) getpid()); - creat(tmpn, S_IRUSR); - openlog("nacctd (write)", 0, LOG_DAEMON); DEBUG(DBG_STATE, sprintf(dbg, "* write process %d forked\n", (int) getpid())); @@ -420,14 +416,12 @@ void write_list(void) f = fopen(cfg->filename, "a"); if(f==NULL) { - unlink(tmpn); syslog(LOG_ERR, "error opening file %s: %m\n",cfg->filename); exit(1); } if(do_write_list(f, olist) != 0) { - unlink(tmpn); syslog(LOG_ERR, "error writing to file %s: %m\n", cfg->filename); exit(1); } @@ -436,8 +430,6 @@ void write_list(void) for (i=0; i < HASH_SIZE; i++) olist[i] = NULL; - unlink(tmpn); - DEBUG(DBG_STATE, sprintf(dbg, "* write finished, count = %ld\n", olistsize)); exit(0); @@ -446,7 +438,6 @@ void write_list(void) void dump_curr_list(void) { FILE *f; - char tmpn[255]; int i; while( (dumppid = fork()) < 0) sleep(1); @@ -459,16 +450,12 @@ void dump_curr_list(void) /* Here goes the child */ - sprintf(tmpn, "/tmp/nacctd.dump.%d", (int) getpid()); - creat(tmpn, S_IRUSR); - openlog("nacctd (dump)", 0, LOG_DAEMON); DEBUG(DBG_STATE, sprintf(dbg, "* dump process %d forked\n", (int) getpid())); if(plistsize == 0) { - unlink(tmpn); unlink(cfg->dumpname); DEBUG(DBG_STATE, sprintf(dbg, "* dump finished, dump empty\n")); exit(0); @@ -477,14 +464,12 @@ void dump_curr_list(void) f = fopen(cfg->dumpname, "w"); if(f==NULL) { - unlink(tmpn); syslog(LOG_ERR, "error opening file %s: %m\n",cfg->dumpname); exit(1); } if(do_write_list(f, plist) != 0) { - unlink(tmpn); syslog(LOG_ERR, "error writing to file %s: %m\n", cfg->dumpname); exit(1); } @@ -492,8 +477,6 @@ void dump_curr_list(void) for (i=0; i < HASH_SIZE; i++) plist[i] = NULL; - unlink(tmpn); - DEBUG(DBG_STATE, sprintf(dbg, "* dump finished, count = %ld\n", plistsize)); exit(0); -- debian/patches/0001-Change-perl-path-in-shebang.patch0000644000000000000000000000075611272412731017314 0ustar From: Stephane Glondu Date: Sun, 15 Jun 2008 15:41:01 +0200 Subject: [PATCH] Change perl path in shebang --- tools/sl2rdbl | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/tools/sl2rdbl b/tools/sl2rdbl index dd3c9f6..bf62f61 100755 --- a/tools/sl2rdbl +++ b/tools/sl2rdbl @@ -1,4 +1,4 @@ -#!/pkg/utils/bin/perl5.002 +#!/usr/bin/perl # (C) 1994 Ulrich Callmeier # Slip To Readable # Converts output of nacctd to a somewhat more readable form -- debian/patches/0002-Minor-fixes.patch0000644000000000000000000000321711272412731014420 0ustar From: Bernd Eckenfels Date: Sun, 15 Jun 2008 15:54:08 +0200 Subject: [PATCH] Minor fixes --- src/capture-linux.c | 4 ++-- src/capture-pcap.c | 3 ++- src/daemon.c | 1 + 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/src/capture-linux.c b/src/capture-linux.c index d67c488..eded076 100644 --- a/src/capture-linux.c +++ b/src/capture-linux.c @@ -13,7 +13,7 @@ #include #include #include -#include +#include #include #include #include @@ -362,7 +362,7 @@ void packet_loop() int hardheader; int length; static struct iphdr *tmp_iphdr; - int type; + int type = 0; int dynamicstyle; int do_user; __u32 dynamicaddr, otheraddr; diff --git a/src/capture-pcap.c b/src/capture-pcap.c index 23e45af..5388b62 100644 --- a/src/capture-pcap.c +++ b/src/capture-pcap.c @@ -10,6 +10,7 @@ #include #include #include +#include void handle_ip(unsigned char buf[], char *devname, char *user); @@ -100,7 +101,7 @@ handle_frame (unsigned char buf[], int length) int found = 0; struct mon_host_struct *ptr; - if(buf[12] * 256 + buf[13] == ETHERTYPE_IP) + if(buf[12] * 256 + buf[13] == htons(ETHERTYPE_IP)) { memcpy (&tmp_iphdr, &(buf[14]), sizeof (tmp_iphdr)); diff --git a/src/daemon.c b/src/daemon.c index 3ffec85..7c3879d 100644 --- a/src/daemon.c +++ b/src/daemon.c @@ -8,6 +8,7 @@ #include #include #include +#include #include #include #include -- debian/patches/0005-Add-manpage.patch0000644000000000000000000001703211272412731014321 0ustar From: Alex King Date: Sun, 15 Jun 2008 16:49:29 +0200 Subject: [PATCH] Add manpage From Debian changelog, version 0.71-5: added manpage from Alex King (alex@king.net.nz) THANKS! Closes: Bug#4309 --- nacctd.8 | 201 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 files changed, 201 insertions(+), 0 deletions(-) create mode 100644 nacctd.8 diff --git a/nacctd.8 b/nacctd.8 new file mode 100644 index 0000000..2e6ba82 --- /dev/null +++ b/nacctd.8 @@ -0,0 +1,201 @@ +.\" (C) Copyright 2001 Alex King (alex@king.net.nz) +.\" +.\" This is free documentation; you can redistribute it and/or +.\" modify it under the terms of the GNU General Public License as +.\" published by the Free Software Foundation; either version 2 of +.\" the License, or (at your option) any later version. +.\" +.\" The GNU General Public License's references to "object code" +.\" and "executables" are to be interpreted as the output of any +.\" document formatting or typesetting system, including +.\" intermediate and printed output. +.\" +.\" This manual is distributed in the hope that it will be useful, +.\" but WITHOUT ANY WARRANTY; without even the implied warranty of +.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.\" GNU General Public License for more details. +.\" +.\" You should have received a copy of the GNU General Public +.\" License along with this manual; if not, write to the Free +.\" Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, +.\" USA. +.\" +.\" Fri Apr 6 01:27:28 NZST 2001 Alex King initial release +.\" Sat Apr 7 10:20:53 NZST 2001 Alex King cleaned up +.\" with the help of Colin Watson +.\" +.TH nacctd 8 "16 Dec 2001" +.SH NAME +nacctd \- network accounting daemon +.SH SYNOPSIS +.B nacctd +.IB [ \-dD "] [" \-c " filename]" +.SH DESCRIPTION +The network accounting daemon logs network traffic in a format +suitable for generating billing information or usage statistics. +.B nacctd +listens on network interfaces and periodically writes information +to a log file. + +.B nacctd +is configured by editing its configuration file, +.BR /etc/nacctd.conf . + +.SH OPTIONS +.TP +.B -d +This will let nacctd run in debug mode +.TP +.B -D +This will make nacctd not to detach as a daemon, suitable for running it +from inittab. +.TP +.B -c +.I configfile +Specify the path of an alternative config file. + +.SH CONFIGURATION FILE OPTIONS +.TP +.B flush \fI\fR +Flush every \fIn\fR seconds. This gives the interval in seconds when the +accumulated data is flushed to the output file. Typically set to 300 +(five minutes). +.TP +.B fdelay \fI\fR +This defines after how many seconds of inactivity a certain record of +traffic information may be written out. This helps making the log files +smaller since only one output record will be generated for related +traffic. Typically set to 60 seconds. +.TP +.B file \fI\fR +Specifies the main output file for the daemon to log network traffic to. +.TP +.B dumpfile \fI\fR +Specifies a file to dump data to that is not yet written to the main +output file. This is to prevent data loss should a crash occur. On +startup an existing file of this name will be moved to .o +.TP +.B notdev \fI +Don't log entries for this interface. +.TP +.B device \fI +Specifies a network interface to put into promiscuous mode. +.TP +.B iflimit \fI +Log only packets on this interface. Mutually exclusive with +.B hostlimit. +.TP +.B ignoremask \fI +Specifies a netmask (in dotted quad format) for which traffic +is ignored. This allows traffic on the local LAN to be excluded. +.TP +.B ignorenet \fI +Ignore traffic on this network. Ignoring a net with ignorenet is not +as efficient as ignoremask. Thus you should exclude your local network +with ignoremask in preference to ignorenet. +.TP +.B masqif \fI +Specifies an ip number we are masquerading as. This re-maps ip/port +for incoming connections (e.g. FTP-data) to ip/port of the masqueraded +destination. +.TP +.B debug \fI +Sets the debugging level to \fI\fR. +.TP +.B headers \fI +Defines where the real data starts for each type of interface. +\fI\fR is one of eth, lo, plip, isdn etc. +\fI\fR is the offset in bytes to the start of the real data. +\fI\fR is the offset of the type field in bytes, or a 0 if +there is no type field. If SLIP or PPP devices are specified here, +association of dynamic ip addresses with usernames won't work (see +\fIdynamicip\fR below). +.TP +.B dynamicip \fI +Specifies a directory to get username information from, where users +are logged into ppp or slip accounts and assigned dynamic ip addresses. +The directory should contain +a file for each logged in user, where the filename is their +IP address, and the file contains their username. +Typically, these files will be created by ip-up scripts. +.TP +.B dynamicnet \fI +Specifies the network the slip/ppp dynamic ips are assigned from. +.TP +.B exclude-name-lookup \fI +Specifies a (sub)net to exclude from dynamic ip name lookup. +.TP +.B hostlimit \fI +Log only packets to/from this host. This may be specified multiple +times for multiple hosts. This option is mutually exclusive with +\fIiflimit\fR. +.TP +.B disable \fI +Don't include field \fI\fR in the output format. +.TP +.B dontignore \fI +Don't ignore hosts on the specified (sub)net that would otherwise have +been excluded by an ignorenet statement. This can be a useful to +account for proxy traffic by specifying the proxy servers' subnet. +.TP +.B line \fI +Specifies fixed mapping of slip/ppp interface names to tty devices. +This is used to assign traffic to a user if nacctd runs on the +ppp/slip server and the relation between network interface and serial +line is fixed. This option is obsolete. +.SH "OUTPUT FILE FORMAT" +The output file consists of lines with up to 10 fields, or less if the +configuration file disables one or more fields. + +\fItimestamp protocol src-addr src-port dst-addr dst-port count size user interface\fR +.TP +\fItimestamp +Time in seconds past the epoch (standard UNIX time format) +.TP +\fIprotocol +IP protocol +.TP +\fIcount +count of packets +.TP +\fIsize +size of data +.TP +\fIuser +associated user in case of a slip/ppp link, this will always be +"unknown" for other interfaces. +.LP +If the type is an ICMP message, field 4 is the ICMP message type and field +6 is the ICMP message code. + +Please note that for forwarded packets there will be one line for EACH +interface the packet passed. So if you are running this on your slip-server +you will get all the traffic over the slip interfaces TWICE, once for the sl* +devices and once for the eth* device. The same goes for ppp and generally for +all forwarded traffic. You can specify with 'notdev' entries which +interfaces you don't want to see in the log. +.SH FILES +.TP +/etc/nacctd.conf +Configuration file +.TP +/var/log/net-acct +Default location for the main output file +.TP +/var/log/net-acct-dump +Default location for the dump of data not yet written to the main +file. +.SH "SEE ALSO" +/usr/share/doc/net-acct/*, +.BR tcpdump (8), +.BR trafshow (1). +.SH CAVEATS +This manual page is incomplete, and possibly inaccurate. +.SH AUTHORS +Ulrich Callmeier + +Richard Clark + +This manual page was written by Alex King , +for the Debian GNU/Linux system, using material from the original +documentation. -- debian/net-acct.dirs0000644000000000000000000000001511272412731011543 0ustar usr/sbin etc debian/compat0000644000000000000000000000000211272412731010364 0ustar 7