Commited updated ebuild submitted by Philipp Lopaur <fips@fips.at>. Closes 43006.

9 files changed, 406 insertions, 5 deletions

diff --git a/net-analyzer/ipac-ng/ChangeLog b/net-analyzer/ipac-ng/ChangeLog
index d9a5e418129c..8b0009df94c0 100644
--- a/net-analyzer/ipac-ng/ChangeLog
+++ b/net-analyzer/ipac-ng/ChangeLog
@@ -1,6 +1,20 @@
 # ChangeLog for net-analyzer/ipac-ng
-# Copyright 2000-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ipac-ng/ChangeLog,v 1.3 2003/11/04 03:42:48 vapier Exp $
+# Copyright 2000-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ipac-ng/ChangeLog,v 1.4 2004/02/28 06:55:00 mboman Exp $
+
+*ipac-ng-1.27_p1-r2 (26 Jan 2004)
+
+  28 Feb 2004; Michael Boman <mboman@gentoo.org> ipac-ng-1.27_p1-r2.ebuild,
+  files/ipac-ng.cron.1.27_p1-r2, files/ipac-ng.rc.1.27_p1-r2,
+  files/ipac.conf.1.27_p1-r2, files/rules.conf.1.27_p1-r2:
+  Commited updated ebuild submitted by Philipp Lopaur
+  <fips@fips.at>. Closes 43006.
+
+  26 Jan 2004; Philipp Lopaur <fips@fips.at> :
+  Noticed that the default config files are not working with
+  ipac-ng-1.27_p1. Made new ipac.conf and rules.conf.
+  Updated /etc/init.d/ipac-ng for new iptables table names.
+  Updated the ebuild. Tested with vanilla 2.6.3 kernel.
 
 *ipac-ng-1.27_p1-r1 (03 Nov 2003)
 
diff --git a/net-analyzer/ipac-ng/Manifest b/net-analyzer/ipac-ng/Manifest
index c21d5d7cb5ca..d7865ea49d5c 100644
--- a/net-analyzer/ipac-ng/Manifest
+++ b/net-analyzer/ipac-ng/Manifest
@@ -1,7 +1,14 @@
+MD5 1fc63e9415d3d2828252746b7bde3144 metadata.xml 426
+MD5 b397e630dfd8dcdbf0163fe765fdd181 ChangeLog 1164
+MD5 ab22ef52b36d970789a5cb88f8816f48 ipac-ng-1.27_p1-r2.ebuild 2248
 MD5 efb51b5b0d355f79df0cf6a3f0bf70d6 ipac-ng-1.27_p1-r1.ebuild 1866
+MD5 3259a90e9dce51c57924e5ed590d0527 files/ipac-ng.cron.1.27_p1-r2 213
+MD5 ac210e9fd37f1a10dc14dd5e32df8170 files/digest-ipac-ng-1.27_p1-r1 68
 MD5 3259a90e9dce51c57924e5ed590d0527 files/ipac-ng.cron 213
+MD5 28ecb5c2155adbb6ddb44411c46556c7 files/ipac-ng.rc 843
 MD5 6329656330d06c7467a8d624b6b251ed files/ipac.conf 1817
-MD5 ac210e9fd37f1a10dc14dd5e32df8170 files/digest-ipac-ng-1.27_p1-r1 68
 MD5 4fa8f9af0149a73dd1191c24aba738a7 files/rules.conf 1803
-MD5 28ecb5c2155adbb6ddb44411c46556c7 files/ipac-ng.rc 843
-MD5 37783e3647171aee916e771553bb1c8f ChangeLog 582
+MD5 9ac60dc456ce20e032a5c4d2692fe6da files/ipac-ng.rc.1.27_p1-r2 913
+MD5 6329656330d06c7467a8d624b6b251ed files/ipac.conf.1.27_p1-r2 1817
+MD5 3b1a7de81326927d709b5691ec799683 files/rules.conf.1.27_p1-r2 7074
+MD5 ac210e9fd37f1a10dc14dd5e32df8170 files/digest-ipac-ng-1.27_p1-r2 68
diff --git a/net-analyzer/ipac-ng/files/digest-ipac-ng-1.27_p1-r2 b/net-analyzer/ipac-ng/files/digest-ipac-ng-1.27_p1-r2
new file mode 100644
index 000000000000..6b0ba9181e50
--- /dev/null
+++ b/net-analyzer/ipac-ng/files/digest-ipac-ng-1.27_p1-r2
@@ -0,0 +1 @@
+MD5 9ac8ded2b1690605017d41da04a7d90f ipac-ng-1.27pl1.tar.bz2 194433
diff --git a/net-analyzer/ipac-ng/files/ipac-ng.cron.1.27_p1-r2 b/net-analyzer/ipac-ng/files/ipac-ng.cron.1.27_p1-r2
new file mode 100644
index 000000000000..fe8566c68201
--- /dev/null
+++ b/net-analyzer/ipac-ng/files/ipac-ng.cron.1.27_p1-r2
@@ -0,0 +1,8 @@
+#!/bin/sh
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ipac-ng/files/ipac-ng.cron.1.27_p1-r2,v 1.1 2004/02/28 06:55:01 mboman Exp $
+
+FI=/usr/sbin/fetchipac
+
+if [ -x ${FI} ] && [ -f /var/run/ipac.rules ]; then 
+	${FI}
+fi
diff --git a/net-analyzer/ipac-ng/files/ipac-ng.rc.1.27_p1-r2 b/net-analyzer/ipac-ng/files/ipac-ng.rc.1.27_p1-r2
new file mode 100644
index 000000000000..25d1a3bb233f
--- /dev/null
+++ b/net-analyzer/ipac-ng/files/ipac-ng.rc.1.27_p1-r2
@@ -0,0 +1,42 @@
+#!/sbin/runscript
+# Copyright 1999-2003 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License, v2 or later
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ipac-ng/files/ipac-ng.rc.1.27_p1-r2,v 1.1 2004/02/28 06:55:01 mboman Exp $
+
+depend() {
+	need net logger
+}
+
+start() {
+	ebegin "Setting up ipac-ng iptables chains"
+	/usr/sbin/fetchipac -S
+	/usr/sbin/fetchipac
+	eend $?
+}
+
+stop() {
+	## fetch so we dont loose data
+	/usr/sbin/fetchipac
+
+	IPT=/sbin/iptables
+	ebegin "Removing ipac-ng iptables settings"
+
+	${IPT} -D INPUT -s 0/0 -d 0/0 -j ipac~o
+	${IPT} -D OUTPUT -s 0/0 -d 0/0 -j ipac~i
+	${IPT} -D FORWARD -s 0/0 -d 0/0 -j ipac~fi
+	${IPT} -D FORWARD -s 0/0 -d 0/0 -j ipac~fo
+	
+	${IPT} -F ipac~i
+	${IPT} -F ipac~o
+	${IPT} -F ipac~fi
+	${IPT} -F ipac~fo
+	
+	${IPT} -X ipac~i
+	${IPT} -X ipac~o
+	${IPT} -X ipac~fi
+	${IPT} -X ipac~fo
+
+	rm -f /var/run/ipac.rules /var/run/ipac.status
+
+	eend $?
+}
diff --git a/net-analyzer/ipac-ng/files/ipac.conf.1.27_p1-r2 b/net-analyzer/ipac-ng/files/ipac.conf.1.27_p1-r2
new file mode 100644
index 000000000000..e7d7c591a7a0
--- /dev/null
+++ b/net-analyzer/ipac-ng/files/ipac.conf.1.27_p1-r2
@@ -0,0 +1,51 @@
+# This is the main ipac-ng configuration file.  It contains the
+# configuration directives that give the ipac-ng its instructions.
+
+## mode of operations: operate only like old ipac or not
+## please note: you *should* specify YES, unless you are kaiser13 :)
+## note2: you are trying to use 'ugly flawed experimental dangerous mode' 
+##                             if you are using 'no', don't set it to no.
+classic mode = yes
+
+## specify access agent. supported are: files, postgre. files works with classic mode only
+# did you specify 'no' above? ok, here should be 'files' for you.
+access agent = files
+
+## accouting agent. iptables and ipchains available now. 
+#   (ipchains is not supported in nonclassic mode). does anybody still uses them?
+account agent = iptables
+
+## storage. gdbm, postgre and files supported. (files is not recommended)
+# postgre is the best & fastest method now.
+storage = gdbm
+
+
+# set the hostname, used to store\fetch\another work with database
+# get from hostname() if not specified here
+hostname = sibinet
+
+
+## rules file for classic mode
+rules file = /etc/ipac-ng/rules.conf
+
+## login all users at startup (specific only for nonclassic mode) (only those who has enough cash)
+# note: forget about this.
+#login at start = no
+
+## support for traffic passing to\from auth host (specific only for nonclassic mode)
+## name or ip of the auth host
+## disable support if not specified,
+# forget about this, too
+#auth host = sibinet.com
+
+# dont store lines contains only zeroes to speedup processing and to save space
+drop zero lines = yes
+
+# This parameters controls database location
+# left blank 'db host', 'db port' for local database
+# as now, both databasess (access and storage) configured by these parameters
+db host = localhost
+db name = ipac
+db user = root
+db port = 5432
+db pass = ""
diff --git a/net-analyzer/ipac-ng/files/rules.conf.1.27_p1-r2 b/net-analyzer/ipac-ng/files/rules.conf.1.27_p1-r2
new file mode 100644
index 000000000000..7c4da7de00ac
--- /dev/null
+++ b/net-analyzer/ipac-ng/files/rules.conf.1.27_p1-r2
@@ -0,0 +1,195 @@
+# Example config file with accounting rules
+# Install as /etc/ipac-ng/rules.conf.iptables
+#
+# Format:
+# Name of rule|direction|interface|protocol|source|destination
+# WARNING!!!! spaces are not allowed before and after '|'.
+#
+# where
+# Name of rule		Any string to identify this rule
+# direction		ipac~fi  - forward in
+#			ipac~fo  - forward out
+#			ipac~i   - outgoing from machine with ipac-ng to other host(/net)
+#					(or incoming to otherhost)
+#			ipac~o   - incoming to machine with ipac-ng
+#					(or outgoing from otherhost)
+#
+# interface		interface name, '+' means all interfaces (dont try to use ip numbers here!)
+# protocol		tcp | udp | icmp | all
+# source		\
+# destination		both as described in ipfwadm(8), or empty
+#
+# incoming:
+
+
+###
+###    W A R N I N G ! ! !
+###
+### Don't use symbols other than '0-9A-z[space]' in rules names. You may encounter 
+### some strange troubles.
+
+# lets demonstrate this by following rules.
+# Example 1:
+# there are some hosts in our net 192.168.0.0/24
+# our ipac-ng host has two interfaces - eth0 connected to local net
+#				    and eth1 to internet
+
+
+# lets count all traffic incoming to our net
+
+# forwarded from inet (0/0) to localnet (192.168.0.0/24)
+#incoming all to my net|ipac~fi||all||192.168.0.0/24
+
+# incoming to localnet from ipac-ng host (specify ipac-ng ip's here, to avoid
+#					doubling forwarded traffic when using NAT)
+#incoming all to my net|ipac~i||all|192.168.0.1|192.168.0.0/24
+
+
+# same for outgoing:
+#outgoing all from my net|ipac~fo||all|192.168.0.0/24|
+#outgoing all from my net|ipac~o||all|192.168.0.0/24|192.168.0.1
+
+
+
+# and now we want to know, how much there is traffic to our ipac host from inet
+#incoming inet to ipac host|ipac~o|eth1|all||
+
+# same for outgoing for this host
+#outgoing inet from ipac host|ipac~i|eth1|all||
+
+# please note, that chains 'ipac~i' and 'ipac~o' are reversed for the host with ipac
+
+# wanna count traffic to squid that resides on the host with ipac-ng? here you are :)
+#incoming to squid|ipac~o|eth1|all|0/0 80 81 82 83 8080|
+# sure, this rule is only valid in the case when you don't eat traffic from these ports
+# by hopping on the web from ipac-ng host (maybe you like to use links :)
+
+# our net is using squid heavily, let's count them all together:
+#outgoing from squid to mynet|ipac~i||all|192.168.0.1 squid|192.168.0.0/24
+
+
+# now lets count traffic for hosts mary (192.168.0.12) and fred (192.168.0.13)
+
+# incoming:
+#incoming all to mary|ipac~fi||all||192.168.0.12
+#incoming all to mary|ipac~i||all|192.168.0.1|192.168.0.12
+
+# and outgoing:
+#outgoing all from mary|ipac~fo||all|192.168.0.12|
+#outgoing all from mary|ipac~o||all|192.168.0.12|192.168.0.1
+
+
+# same for fred
+# incoming:
+#incoming all to mary|ipac~fi||all||192.168.0.13
+#incoming all to mary|ipac~i||all|192.168.0.1|192.168.0.13
+
+# and outgoing:
+#outgoing all from fred|ipac~fo||all|192.168.0.13|
+#outgoing all from fred|ipac~o||all|192.168.0.13|192.168.0.1
+
+
+# we also wants http and ssh traffic statistics
+
+# http incoming
+#incoming http to my net|ipac~fi||all|0/0 http squid 8080|192.168.0.0/24
+#incoming http to my net|ipac~i||all|192.168.0.1 http squid|192.168.0.0/24
+# please note, that the last rule includes rule 'outgoing from squid to mynet'
+
+
+# outgoing:
+#outgoing http from my net|ipac~fo||all|192.168.0.0/24|0/0 http squid 8080
+#outgoing http from my net|ipac~o||all|192.168.0.0/24|192.168.0.1 http squid
+
+
+# ssh incoming
+#incoming ssh to my net|ipac~fi||all|0/0 ssh|192.168.0.0/24
+#incoming ssh to my net|ipac~i||all|192.168.0.1 ssh|192.168.0.0/24
+
+# outgoing:
+#outgoing ssh from my net|ipac~fo||all|192.168.0.0/24|0/0 ssh
+#outgoing ssh from my net|ipac~o||all|192.168.0.0/24|192.168.0.1 ssh
+
+
+# there is somenet of our friend. we wanna know how much traffic it generates
+# note: that net cidrs is contained in CONFIGDIR (/etc/ipac-ng by default) 
+#						'friendnet' file
+
+#incoming from somenet to mynet|ipac~fi||all||@/friendnet@in_some_to_my~fi
+# first field here ('incoming from somenet to mynet') contains rule name.
+# you'll see all statistics under this name 
+# other fields are same as above but now we are interested in the last one -
+#						@/frendnet@in_some_to_my~fi
+# 'friendnet' represents file with cidr's of that net, one in a line
+# 'in_some_to_my' represents chains name that will be created. there is no sense
+#	for ipac-ng of that name. but it may be usefull for you to give 
+#					"speaking" name to that chain
+
+# same for outgoing
+#outgoing to somenet from mynet|ipac~fo||all|@/friendnet@out_some_to_my~fo|
+
+# denote absense of rules targetted to 'ipac~i' and 'ipac~o'
+# we just don't want to count traffic from\to our ipac-ng host to\from friendnet
+
+# and now we want to count traffic to our other net 192.168.1.0/24 for every host
+# lets separate /24 subnet to some smaller ones to lower latence. /26 for e.g.
+#%chain% incoming to othernet0~fi|ipac~fi||all||192.168.1.0/26
+#%chain% incoming to othernet1~fi|ipac~fi||all||192.168.1.64/26
+#%chain% incoming to othernet2~fi|ipac~fi||all||192.168.1.128/26
+#%chain% incoming to othernet3~fi|ipac~fi||all||192.168.1.192/26
+
+#%chain% outgoing from othernet0~fo|ipac~fo||all|192.168.1.0/26|
+#%chain% outgoing from othernet1~fo|ipac~fo||all|192.168.1.64/26|
+#%chain% outgoing from othernet2~fo|ipac~fo||all|192.168.1.128/26|
+#%chain% outgoing from othernet3~fo|ipac~fo||all|192.168.1.192/26|
+
+# and every single host follows
+#incoming to 192.168.1.2|incoming to othernet0~fi||all||192.168.1.2
+#incoming to 192.168.1.3|incoming to othernet0~fi||all||192.168.1.3
+#incoming to 192.168.1.4|incoming to othernet0~fi||all||192.168.1.4
+#
+# and so on :)
+#incoming to 192.168.1.63|incoming to othernet0~fi||all||192.168.1.63
+
+# same for outgoing 
+#outgoing from 192.168.1.2|outgoing from othernet0~fo||all|192.168.1.2|
+#outgoing from 192.168.1.3|outgoing from othernet0~fo||all|192.168.1.3|
+#outgoing from 192.168.1.4|outgoing from othernet0~fo||all|192.168.1.4|
+
+# and the last
+#outgoing from 192.168.1.63|outgoing from othernet0~fo||all|192.168.1.63|
+
+# repeat for other chains and hosts
+
+#incoming to 192.168.1.64|incoming to othernet1~fi||all||192.168.1.64
+#incoming to 192.168.1.65|incoming to othernet1~fi||all||192.168.1.65
+#incoming to 192.168.1.66|incoming to othernet1~fi||all||192.168.1.66
+
+# and so on :)
+#incoming to 192.168.1.127|incoming to othernet1~fi||all||192.168.1.127
+
+# same for outgoing 
+#outgoing from 192.168.1.64|outgoing from othernet1~fo||all|192.168.1.64|
+#outgoing from 192.168.1.65|outgoing from othernet1~fo||all|192.168.1.65|
+#outgoing from 192.168.1.66|outgoing from othernet1~fo||all|192.168.1.66|
+
+# and the last
+#outgoing from 192.168.1.127|outgoing from othernet1~fo||all|192.168.1.127|
+
+# and so on :)
+
+# please note that chain names must ends with one of: '~i', '~o', '~fi' or '~fo'
+# which one is necessary is defined by the parent chain.
+
+
+##############################
+#just a simple example
+#note that outgoing from this host is ipac~i
+#and incoming is ipac~o
+
+outgoing eth0|ipac~i|eth0|all||
+incoming eth0|ipac~o|eth0|all||
+traffic eth0|ipac~i|eth0|all||
+traffic eth0|ipac~o|eth0|all||
+
+
diff --git a/net-analyzer/ipac-ng/ipac-ng-1.27_p1-r2.ebuild b/net-analyzer/ipac-ng/ipac-ng-1.27_p1-r2.ebuild
new file mode 100644
index 000000000000..50ff00ee0189
--- /dev/null
+++ b/net-analyzer/ipac-ng/ipac-ng-1.27_p1-r2.ebuild
@@ -0,0 +1,72 @@
+# Copyright 1999-2004 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ipac-ng/ipac-ng-1.27_p1-r2.ebuild,v 1.1 2004/02/28 06:55:00 mboman Exp $
+
+DESCRIPTION="ip accounting suite for 2.4 and 2.6 series kernels with text and PNG image output like mrtg"
+HOMEPAGE="http://sourceforge.net/projects/ipac-ng/"
+SRC_URI="mirror://sourceforge/ipac-ng/${P/_p/pl}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~x86"
+IUSE="gd"
+
+DEPEND="sys-devel/bison
+	sys-devel/flex
+	dev-lang/perl
+	sys-libs/gdbm
+	gd? ( dev-perl/GD )
+	sys-devel/flex
+	virtual/glibc"
+RDEPEND="net-firewall/iptables
+	virtual/cron
+	dev-lang/perl
+	sys-libs/gdbm
+	gd? ( dev-perl/GD )
+	virtual/glibc"
+
+S=${WORKDIR}/${P/_p*}
+
+src_compile() {
+	econf \
+		--enable-default-storage=gdbm \
+		--enable-default-agent=iptables \
+		--enable-default-access=files \
+		--enable-classic=yes \
+		|| die "./configure failed"
+	emake -j1 || die "make failed"
+}
+
+src_install() {
+	make DESTDIR=${D} install || die "make install failed"
+
+	dodir /var/lib/ipac
+
+	insinto /etc/ipac-ng
+	newins ${FILESDIR}/ipac.conf.${PVR} ipac.conf
+	newins ${FILESDIR}/rules.conf.${PVR} rules.conf
+
+	exeinto /etc/init.d
+	newexe ${FILESDIR}/ipac-ng.rc.${PVR} ipac-ng
+
+	exeinto /etc/cron.hourly
+	newexe ${FILESDIR}/ipac-ng.cron.${PVR} ipac-ng
+
+	dodoc  COPYING README* TODO UPDATE* CHANGES
+}
+
+pkg_postinst() {
+	einfo "W A R N I N G !"
+	einfo "do not use \"/etc/init.d/iptables save\" when ipac-ng is running!"
+	einfo "this WILL save ipac rules and can cause problems!"
+	einfo "ipac-ng should be started AFTER iptables and shut down BEFORE iptables"
+	einfo "use /etc/init.d/iptables save only when ipac rules are removed!"
+	einfo "the accounting database is at /var/lib/ipac"
+	einfo "use /usr/sbin/ipacsum to get your ip acounting data"
+	einfo "use /usr/sbin/fetchipac to update the accounting at any time"
+	einfo "fetchipac is run by cron every hour by /etc/cron.daily/ipac-ng"
+	einfo "after you changed rules.conf you have to run \"fetchipac -S\" or"
+	einfo "stop/start the service so your iptables gets updated"
+	einfo "if ipac is not working with the default configuration make"
+	einfo "rm /etc/ipac-ng/* and rm /var/lib/ipac/* and emerge again"
+}
diff --git a/net-analyzer/ipac-ng/metadata.xml b/net-analyzer/ipac-ng/metadata.xml
new file mode 100644
index 000000000000..0529f8a3c7f8
--- /dev/null
+++ b/net-analyzer/ipac-ng/metadata.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<herd>netmon</herd>
+<maintainer>
+  <email>mboman@gentoo.org</email>
+  <name>Michael Boman</name>
+  <description>Interim Maintainer</description>
+</maintainer>
+<longdescription>IP accounting suite for 2.4 and 2.6 series kernels with text and PNG image output like MRTG.</longdescription>
+</pkgmetadata>