aboutsummaryrefslogtreecommitdiff
path: root/network/p0f
diff options
context:
space:
mode:
Diffstat (limited to 'network/p0f')
-rw-r--r--network/p0f/README12
-rw-r--r--network/p0f/doinst.sh20
-rw-r--r--network/p0f/p0f.SlackBuild63
-rw-r--r--network/p0f/p0f.info8
-rw-r--r--network/p0f/slack-desc19
5 files changed, 122 insertions, 0 deletions
diff --git a/network/p0f/README b/network/p0f/README
new file mode 100644
index 0000000000000..1971c9d4515e8
--- /dev/null
+++ b/network/p0f/README
@@ -0,0 +1,12 @@
+p0f v2 is a passive operating system fingerprinting tool.
+It can identify the OS on:
+ - machines that connect to your box (SYN mode),
+ - machines you connect to (SYN+ACK mode),
+ - machines you cannot connect to (RST+ mode),
+ - machines whose communications you can observe.
+
+P0f can also detect or measure the following:
+ - firewall presence, NAT use,
+ - existence of a load balancer setup,
+ - the distance to the remote system and its uptime,
+ - other guy's network hookup (DSL, OC3, avian carriers) and his ISP.
diff --git a/network/p0f/doinst.sh b/network/p0f/doinst.sh
new file mode 100644
index 0000000000000..0959ef448fc4c
--- /dev/null
+++ b/network/p0f/doinst.sh
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+config() {
+ NEW="$1"
+ OLD="$(dirname $NEW)/$(basename $NEW .new)"
+ # If there's no config file by that name, mv it over:
+ if [ ! -r $OLD ]; then
+ mv $NEW $OLD
+ elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then
+ # toss the redundant copy
+ rm $NEW
+ fi
+ # Otherwise, we leave the .new copy for the admin to consider...
+}
+
+config etc/p0f/p0f.fp.new
+config etc/p0f/p0fa.fp.new
+config etc/p0f/p0fo.fp.new
+config etc/p0f/p0fr.fp.new
+
diff --git a/network/p0f/p0f.SlackBuild b/network/p0f/p0f.SlackBuild
new file mode 100644
index 0000000000000..b59b2db3ac93e
--- /dev/null
+++ b/network/p0f/p0f.SlackBuild
@@ -0,0 +1,63 @@
+#!/bin/sh
+
+# Slackware build script for p0f
+# Written by David Spencer <nobbutl@yahoo.co.uk>
+#==============================================================================
+
+# Modified by the SlackBuilds.org project
+# Assumed to be public domain per our submission policy
+
+set -e
+
+PRGNAM=p0f
+VERSION=2.0.8
+ARCH=${ARCH:-i486}
+BUILD=${BUILD:-1}
+TAG=${TAG:-_SBo}
+CWD=$(pwd)
+TMP=${TMP:-/tmp/SBo}
+PKG=$TMP/package-$PRGNAM
+OUTPUT=${OUTPUT:-/tmp}
+
+if [ "$ARCH" = "i486" ]; then
+ SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+elif [ "$ARCH" = "i686" ]; then
+ SLKCFLAGS="-O2 -march=i686 -mtune=i686"
+fi
+
+rm -rf $PKG
+mkdir -p $TMP $PKG $OUTPUT
+cd $TMP
+rm -rf $PRGNAM
+tar -xzvf $CWD/$PRGNAM-$VERSION.tgz
+cd $PRGNAM
+chown -R root:root .
+chmod -R u+w,go+r-w,a-s .
+
+make CFLAGS="$SLKCFLAGS -DUSE_BPF=\\\"pcap-bpf.h\\\" -I/usr/include/pcap" \
+ -f mk/Linux p0f
+
+mkdir -p $PKG/usr/sbin/
+cp -f p0f p0frep $PKG/usr/sbin/
+strip --strip-unneeded $PKG/usr/sbin/p0f
+
+mkdir -p $PKG/etc/p0f
+for i in p0f.fp p0fa.fp p0fr.fp p0fo.fp ; do \
+ cat $i > $PKG/etc/p0f/${i}.new ;
+done
+
+mkdir -p $PKG/usr/man/man1/
+cat p0f.1 | gzip -9 > $PKG/usr/man/man1/p0f.1.gz
+
+mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
+cd doc
+cp -a COPYING CREDITS ChangeLog KNOWN_BUGS README TODO \
+ $PKG/usr/doc/$PRGNAM-$VERSION
+cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
+
+mkdir -p $PKG/install
+cat $CWD/slack-desc > $PKG/install/slack-desc
+cat $CWD/doinst.sh > $PKG/install/doinst.sh
+
+cd $PKG
+/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.tgz
diff --git a/network/p0f/p0f.info b/network/p0f/p0f.info
new file mode 100644
index 0000000000000..028f49092ae16
--- /dev/null
+++ b/network/p0f/p0f.info
@@ -0,0 +1,8 @@
+PRGNAM="p0f"
+VERSION="2.0.8"
+HOMEPAGE="http://lcamtuf.coredump.cx/p0f.shtml"
+DOWNLOAD="http://lcamtuf.coredump.cx/p0f/p0f-2.0.8.tgz"
+MD5SUM="1ccbcd8d4c95ef6dae841120d23c56a5"
+MAINTAINER="David Spencer"
+EMAIL="nobbutl@yahoo.co.uk"
+APPROVED="rworkman"
diff --git a/network/p0f/slack-desc b/network/p0f/slack-desc
new file mode 100644
index 0000000000000..f13bbcb70024e
--- /dev/null
+++ b/network/p0f/slack-desc
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description. Line
+# up the first '|' above the ':' following the base package name, and the '|'
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
+# customary to leave one space after the ':'.
+
+ |-----handy-ruler------------------------------------------------------|
+p0f: p0f (passive os fingerprint tool)
+p0f:
+p0f: p0f is a passive operating system fingerprinting tool. It can
+p0f: identify the OS on machines that connect to your box, machines you
+p0f: connect to, machines you cannot connect to, and machines whose
+p0f: communications you can observe. It can detect or measure firewall
+p0f: presence, NAT use, existence of a load balancer setup, the distance
+p0f: to the remote system, its uptime, and its network hookup and ISP.
+p0f:
+p0f: Homepage: http://lcamtuf.coredump.cx/p0f.shtml
+p0f: