4 changed files with 255 additions and 0 deletions
@ -0,0 +1,71 @@ |
|||||||
|
#!@l_prefix@/lib/openpkg/bash @l_prefix@/etc/rc |
||||||
|
## |
||||||
|
## rc.sec -- Run-Commands |
||||||
|
## |
||||||
|
|
||||||
|
%config |
||||||
|
sec_enable="$openpkg_rc_def" |
||||||
|
sec_log_prolog="true" |
||||||
|
sec_log_epilog="true" |
||||||
|
sec_log_numfiles="10" |
||||||
|
sec_log_minsize="1M" |
||||||
|
sec_log_complevel="9" |
||||||
|
|
||||||
|
%common |
||||||
|
sec_conffile="@l_prefix@/etc/sec/sec.conf" |
||||||
|
sec_rulefile="@l_prefix@/etc/sec/sec.rule" |
||||||
|
sec_pidfile="@l_prefix@/var/sec/sec.pid" |
||||||
|
sec_logfile="@l_prefix@/var/sec/sec.log" |
||||||
|
sec_dmpfile="@l_prefix@/var/sec/sec.dmp" |
||||||
|
sec_signal () { |
||||||
|
[ -f $sec_pidfile ] && kill -$1 `cat $sec_pidfile` |
||||||
|
} |
||||||
|
|
||||||
|
%status -u @l_susr@ -o |
||||||
|
sec_usable="no" |
||||||
|
sec_active="no" |
||||||
|
@l_prefix@/bin/sec -testonly -conf $sec_rulefile >/dev/null 2>&1 && sec_usable="yes" |
||||||
|
rcService sec enable yes && sec_signal 0 && sec_active="yes" |
||||||
|
echo "sec_enable=\"$sec_enable\"" |
||||||
|
echo "sec_usable=\"$sec_usable\"" |
||||||
|
echo "sec_active=\"$sec_active\"" |
||||||
|
|
||||||
|
%start -p 100 -u @l_susr@ |
||||||
|
rcService sec enable yes || exit 0 |
||||||
|
rcService sec active yes && exit 0 |
||||||
|
sec_flags=`sed <$sec_conffile \ |
||||||
|
-e 's;^;X;' \ |
||||||
|
-e '/^X.*#.*$/d' \ |
||||||
|
-e '/^X[ ]*$/d' \ |
||||||
|
-e 's;^X\([a-zA-Z][a-zA-Z0-9_]*\)[ ][ ]*\(..*\)$;--\1="\2";' \ |
||||||
|
-e 's;^X\([a-zA-Z][a-zA-Z0-9_]*\)[ ]*$;--\1;' \ |
||||||
|
-e 's;^X.*;;' | tr '\012' ' '` |
||||||
|
eval @l_prefix@/bin/sec \ |
||||||
|
-detach \ |
||||||
|
-conf $sec_rulefile \ |
||||||
|
-pid $sec_pidfile \ |
||||||
|
-log $sec_logfile \ |
||||||
|
-dump $sec_dmpfile \ |
||||||
|
${sec_flags} |
||||||
|
|
||||||
|
%stop -p 900 -u @l_susr@ |
||||||
|
rcService sec enable yes || exit 0 |
||||||
|
rcService sec active no && exit 0 |
||||||
|
sec_signal TERM |
||||||
|
sleep 2 |
||||||
|
rm -f $sec_pidfile >/dev/null 2>&1 || true |
||||||
|
|
||||||
|
%restart -p 100 -u @l_susr@ |
||||||
|
rcService sec enable yes || exit 0 |
||||||
|
rcService sec active no && exit 0 |
||||||
|
rc sec stop start |
||||||
|
|
||||||
|
%daily -u @l_susr@ |
||||||
|
rcService sec enable yes || exit 0 |
||||||
|
shtool rotate -f \ |
||||||
|
-n ${sec_log_numfiles} -s ${sec_log_minsize} -d \ |
||||||
|
-z ${sec_log_complevel} -m 644 -o @l_rusr@ -g @l_rgrp@ \ |
||||||
|
-P "${sec_log_prolog}" \ |
||||||
|
-E "${sec_log_epilog} && rc sec reload" \ |
||||||
|
$sec_logfile |
||||||
|
|
@ -0,0 +1,21 @@ |
|||||||
|
## |
||||||
|
## sec.conf -- sec(1) configuration options |
||||||
|
## |
||||||
|
|
||||||
|
# global options |
||||||
|
reopen_timeout 600 |
||||||
|
poll_timeout 0.1 |
||||||
|
check_timeout 30 |
||||||
|
blocksize 1024 |
||||||
|
debug 3 |
||||||
|
cleantime 1 |
||||||
|
bufsize 10 |
||||||
|
evstoresize 0 |
||||||
|
noquoting |
||||||
|
nofromstart |
||||||
|
nointevents |
||||||
|
nointcontexts |
||||||
|
|
||||||
|
# input files |
||||||
|
input /dev/null=null |
||||||
|
|
@ -0,0 +1,31 @@ |
|||||||
|
## |
||||||
|
## sec.rule -- sec(1) configuration rules |
||||||
|
## |
||||||
|
|
||||||
|
# |
||||||
|
# Sample rule set for classical FTP server output |
||||||
|
# |
||||||
|
|
||||||
|
#type=single |
||||||
|
#continue=takenext |
||||||
|
#ptype=regexp |
||||||
|
#pattern=ftpd\[(\d+)\]: \S+ \(foo.*FTP session opened |
||||||
|
#desc=ftp session opened for foo pid $1 |
||||||
|
#action=create ftp_$1 |
||||||
|
|
||||||
|
#type=single |
||||||
|
#continue=takenext |
||||||
|
#ptype=regexp |
||||||
|
#pattern=ftpd\[(\d+)\]: |
||||||
|
#context=ftp_$1 |
||||||
|
#desc=ftp session event for foo pid $1 |
||||||
|
#action=add ftp_$1 $0; set ftp_$1 1800 \ |
||||||
|
# (report ftp_$1 /bin/mail root@localhost) |
||||||
|
|
||||||
|
#type=single |
||||||
|
#ptype=regexp |
||||||
|
#pattern=ftpd\[(\d+)\]: \S+ \(foo.*FTP session closed |
||||||
|
#desc=ftp session closed for foo pid $1 |
||||||
|
#action=report ftp_$1 /bin/mail root@localhost; \ |
||||||
|
# delete ftp_$1 |
||||||
|
|
@ -0,0 +1,132 @@ |
|||||||
|
## |
||||||
|
## sec.spec -- OpenPKG RPM Specification |
||||||
|
## Copyright (c) 2000-2004 The OpenPKG Project <http://www.openpkg.org/> |
||||||
|
## Copyright (c) 2000-2004 Ralf S. Engelschall <rse@engelschall.com> |
||||||
|
## Copyright (c) 2000-2004 Cable & Wireless <http://www.cw.com/> |
||||||
|
## |
||||||
|
## Permission to use, copy, modify, and distribute this software for |
||||||
|
## any purpose with or without fee is hereby granted, provided that |
||||||
|
## the above copyright notice and this permission notice appear in all |
||||||
|
## copies. |
||||||
|
## |
||||||
|
## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED |
||||||
|
## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF |
||||||
|
## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
||||||
|
## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR |
||||||
|
## CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
||||||
|
## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
||||||
|
## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF |
||||||
|
## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND |
||||||
|
## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, |
||||||
|
## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT |
||||||
|
## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
||||||
|
## SUCH DAMAGE. |
||||||
|
## |
||||||
|
|
||||||
|
# package version |
||||||
|
%define V_dist 2.3.beta2 |
||||||
|
%define V_opkg 2.3b2 |
||||||
|
|
||||||
|
# package information |
||||||
|
Name: sec |
||||||
|
Summary: Simple Event Correlation |
||||||
|
URL: http://kodu.neti.ee/~risto/sec/ |
||||||
|
Vendor: Risto Vaarandi |
||||||
|
Packager: The OpenPKG Project |
||||||
|
Distribution: OpenPKG |
||||||
|
Class: EVAL |
||||||
|
Group: System |
||||||
|
License: Open Source |
||||||
|
Version: %{V_opkg} |
||||||
|
Release: 20041228 |
||||||
|
|
||||||
|
# list of sources |
||||||
|
Source0: http://osdn.dl.sourceforge.net/simple-evcorr/sec-%{V_dist}.tar.gz |
||||||
|
Source1: rc.sec |
||||||
|
Source2: sec.conf |
||||||
|
Source3: sec.rule |
||||||
|
|
||||||
|
# build information |
||||||
|
Prefix: %{l_prefix} |
||||||
|
BuildRoot: %{l_buildroot} |
||||||
|
BuildPreReq: OpenPKG, openpkg >= 20040130 |
||||||
|
PreReq: OpenPKG, openpkg >= 20040130 |
||||||
|
AutoReq: no |
||||||
|
AutoReqProv: no |
||||||
|
|
||||||
|
%description |
||||||
|
SEC is a tool that was designed to solve event correlation tasks |
||||||
|
in network and system management. Event correlation is a process |
||||||
|
where a stream of primitive events is processed in order to detect |
||||||
|
composite events that correspond to event patterns in the event |
||||||
|
stream. After startup SEC reads lines from files, named pipes, |
||||||
|
or standard input, matches the lines with regular expressions to |
||||||
|
recognize input events, and correlates events according to the rules |
||||||
|
that are specified in its configuration file. SEC can be configured |
||||||
|
to produce its output by executing user-specified shell commands, |
||||||
|
and by using utilities like snmptrap(1) or snmpnotify(1), SEC can |
||||||
|
generate network management events as output. Other options for |
||||||
|
producing output events are described further in this man page. |
||||||
|
|
||||||
|
%track |
||||||
|
prog sec = { |
||||||
|
version = %{version} |
||||||
|
url = http://prdownloads.sourceforge.net/simle-evcorr/ |
||||||
|
regex = sec-(__VER__)\.tar\.gz |
||||||
|
} |
||||||
|
|
||||||
|
%prep |
||||||
|
%setup -q -n sec-%{V_dist} |
||||||
|
|
||||||
|
%build |
||||||
|
|
||||||
|
%install |
||||||
|
# create installation hierarchy |
||||||
|
rm -rf $RPM_BUILD_ROOT |
||||||
|
%{l_shtool} mkdir -f -p -m 755 \ |
||||||
|
$RPM_BUILD_ROOT%{l_prefix}/bin \ |
||||||
|
$RPM_BUILD_ROOT%{l_prefix}/man/man1 \ |
||||||
|
$RPM_BUILD_ROOT%{l_prefix}/etc/rc.d \ |
||||||
|
$RPM_BUILD_ROOT%{l_prefix}/etc/sec \ |
||||||
|
$RPM_BUILD_ROOT%{l_prefix}/var/sec |
||||||
|
|
||||||
|
# install program and manual page |
||||||
|
%{l_shtool} install -c -m 755 \ |
||||||
|
-e 's;/usr/bin/perl;%{l_prefix}/bin/perl;' \ |
||||||
|
sec.pl $RPM_BUILD_ROOT%{l_prefix}/bin/sec |
||||||
|
%{l_shtool} install -c -m 644 \ |
||||||
|
sec.pl.man $RPM_BUILD_ROOT%{l_prefix}/man/man1/sec.1 |
||||||
|
|
||||||
|
# install default configuration |
||||||
|
%{l_shtool} install -c -m 644 %{l_value -s -a} \ |
||||||
|
%{SOURCE sec.conf} %{SOURCE sec.rule} \ |
||||||
|
$RPM_BUILD_ROOT%{l_prefix}/etc/sec/ |
||||||
|
|
||||||
|
# install run-command script |
||||||
|
%{l_shtool} install -c -m 755 %{l_value -s -a} \ |
||||||
|
%{SOURCE rc.sec} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/ |
||||||
|
|
||||||
|
# determine installation files |
||||||
|
%{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \ |
||||||
|
%{l_files_std} \ |
||||||
|
'%config %{l_prefix}/etc/sec/*' |
||||||
|
|
||||||
|
%files -f files |
||||||
|
|
||||||
|
%clean |
||||||
|
rm -rf $RPM_BUILD_ROOT |
||||||
|
|
||||||
|
%post |
||||||
|
# after upgrade, restart service |
||||||
|
[ $1 -eq 2 ] || exit 0 |
||||||
|
eval `%{l_rc} sec status 2>/dev/null` |
||||||
|
[ ".$sec_active" = .yes ] && %{l_rc} sec restart |
||||||
|
exit 0 |
||||||
|
|
||||||
|
%preun |
||||||
|
# before erase, stop service and remove log files |
||||||
|
[ $1 -eq 0 ] || exit 0 |
||||||
|
%{l_rc} sec stop 2>/dev/null |
||||||
|
rm -f $RPM_INSTALL_PREFIX/var/sec/sec.* >/dev/null 2>&1 || true |
||||||
|
exit 0 |
||||||
|
|
Loading…
Reference in new issue