diff options
| -rw-r--r-- | debian/changelog | 144 | ||||
| -rw-r--r-- | debian/clean | 2 | ||||
| -rw-r--r-- | debian/compat | 1 | ||||
| -rw-r--r-- | debian/conntrack.examples | 1 | ||||
| -rw-r--r-- | debian/conntrack.install | 2 | ||||
| -rw-r--r-- | debian/conntrackd.README.Debian | 8 | ||||
| -rw-r--r-- | debian/conntrackd.conf | 101 | ||||
| -rw-r--r-- | debian/conntrackd.default | 5 | ||||
| -rw-r--r-- | debian/conntrackd.examples | 2 | ||||
| -rwxr-xr-x | debian/conntrackd.init | 61 | ||||
| -rw-r--r-- | debian/conntrackd.install | 3 | ||||
| -rw-r--r-- | debian/conntrackd.logrotate | 9 | ||||
| -rw-r--r-- | debian/conntrackd.postinst | 17 | ||||
| -rw-r--r-- | debian/conntrackd.postrm | 19 | ||||
| -rwxr-xr-x | debian/conntrackd.preinst | 25 | ||||
| -rw-r--r-- | debian/control | 28 | ||||
| -rw-r--r-- | debian/copyright | 21 | ||||
| -rwxr-xr-x | debian/rules | 13 | ||||
| -rw-r--r-- | debian/source/format | 1 | ||||
| -rw-r--r-- | debian/watch | 4 |
20 files changed, 467 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..0d2cfc3 --- /dev/null +++ b/debian/changelog @@ -0,0 +1,144 @@ +conntrack (1:1.2.1-1) unstable; urgency=low + + * [ed902b3] Initial upstream branch. + * [ea27bb4] Imported Upstream version 1.2.1 + * [9a5f9ae] Update libnetfilter_conntrack requirement + * [92005c6] Fix dependency + * [fb4a63b] wrap-and-sort debian/control + * [21100c2] Remove obsolete stuff + * [30f468d] Convert to dh9 + * [b96ec88] Bump standards version + * [741f6a6] wrap-and-sort + * [9c43cb9] Install examples + * [f403c41] Installation of examples moved to dh_installexamples + * [d60e302] Remove wrong example + + -- Alexander Wirt <formorer@debian.org> Tue, 12 Jun 2012 18:09:58 +0200 + +conntrack (1:1.0.0-2) unstable; urgency=low + + * Build depend on libnetfilter-conntrack >= 0.9.1 + (Closes: #616410) + + -- Alexander Wirt <formorer@debian.org> Fri, 04 Mar 2011 10:07:00 +0100 + +conntrack (1:1.0.0-1) unstable; urgency=low + + * New upstream version (Closes: #589202, #589203, #589204) + - Fix removing of conntrack entries (Closes: #496769) + * Bump standards version + * Force deb source 1.0 + * Use invoke-rc.d in logrotate.de (Closes: #613512) + * Make logrotate silent (Closes: #605247) + + -- Alexander Wirt <formorer@debian.org> Thu, 03 Mar 2011 23:07:26 +0100 + +conntrack (1:0.9.14-2) unstable; urgency=low + + * Integrate lost NMU from Stefan Fritsch. Thanks Stefan + * Prevent dpkg conffile prompt for unmodified conntrackd.conf when upgrading + from pre 1:0.9.12-1 (closes: #542662). + + -- Alexander Wirt <formorer@debian.org> Sat, 13 Feb 2010 11:17:59 +0100 + +conntrack (1:0.9.14-1) unstable; urgency=low + + * New upstream version + * Add ${misc:Depends} to all binary packages + * Add dpatch support + * Bump standards version (no changes) + * Remove Max from Uploaders. Thanks for your work! + * Backport patch from HEAD to fix UDP filtering. + Thanks tino for the hint + + -- Alexander Wirt <formorer@debian.org> Sat, 30 Jan 2010 18:34:09 +0100 + +conntrack (1:0.9.13-1) unstable; urgency=low + + [ Max Kellermann ] + * new upstream release (Closes: #537896, #545918) + - require libnfnetlink 1.0.0, libnetfilter_conntrack 0.0.100 + - ChangeLog was removed by upstream + * updated home page in the copyright file (Closes: #533583) + * correct LSB dependencies in init script, patch by Petter Reinholdtsen + (Closes: #541079) + + [ Alexander Wirt ] + * Bump standards version + + -- Alexander Wirt <formorer@debian.org> Thu, 17 Sep 2009 12:32:19 +0200 + +conntrack (1:0.9.12-1) unstable; urgency=low + + [ Max Kellermann ] + * new upstream release + - build-depend on libnfnetlink 0.0.40, libnetfilter-conntrack 0.0.99 + - fixes FTBS (undeclared variable) + (Closes: #522181, #518891) + * moved conntrackd.conf to /etc/conntrackd/conntrackd.conf (Closes: #477679) + * updated sample configuration file + * updated home page to http://conntrack-tools.netfilter.org/ + * restart conntrackd after logrotate (Closes: #513079) + + [ Alexander Wirt ] + * Bump standards version + + -- Alexander Wirt <formorer@debian.org> Thu, 02 Apr 2009 11:37:25 +0200 + +conntrack (1:0.9.7-1) unstable; urgency=low + + [ Max Kellermann ] + * new upstream release + - dropped all patches because they have been merged by upstream + - depend on libnfnetlink 0.0.33, libnetfilter-conntrack 0.0.94 + + [ Alexander Wirt ] + * Bump standards version (No changes) + + -- Alexander Wirt <formorer@debian.org> Tue, 22 Jul 2008 23:33:30 +0200 + +conntrack (1:0.9.6-4) unstable; urgency=low + + [ Max Kellermann ] + * fix compilation on SPARC (printf argument mismatch) + + -- Alexander Wirt <formorer@debian.org> Mon, 14 Apr 2008 23:09:22 +0200 + +conntrack (1:0.9.6-3) unstable; urgency=low + + [ Max Kellermann ] + * fix gcc 4.3 compilation errors: + - "large integer implicitly truncated to unsigned type" (Closes: #472812) + - "'input' defined but not used" (Closes: #474768) + + -- Alexander Wirt <formorer@debian.org> Tue, 08 Apr 2008 22:08:10 +0200 + +conntrack (1:0.9.6-2) unstable; urgency=low + + * Build depend on bison (Closes: #472442) + + -- Alexander Wirt <formorer@debian.org> Mon, 24 Mar 2008 12:35:44 +0100 + +conntrack (1:0.9.6-1) unstable; urgency=low + + [ Max Kellermann ] + * new upstream release + * added package "conntrackd" + * updated watchfile for new upstream name "conntrack-tools" (Closes: + #449899) + * removed "-Wall" from CFLAGS override + * moved DH_COMPAT to debian/compat + * don't ignore "make distclean" errors + * bumped Standards-Version to 3.7.3 + * install upstream changelog + * added Homepage header to debian/control + * call dh_install with -X.svn because upstream accidently distributed + the .svn directories + + -- Alexander Wirt <formorer@debian.org> Fri, 21 Mar 2008 22:46:22 +0100 + +conntrack (1.00~beta2-1) unstable; urgency=low + + * initial debian release (Closes: #388615) + + -- Max Kellermann <max@duempel.org> Thu, 21 Sep 2006 18:04:51 +0200 diff --git a/debian/clean b/debian/clean new file mode 100644 index 0000000..50b22e2 --- /dev/null +++ b/debian/clean @@ -0,0 +1,2 @@ +config.log +lex.yy.c diff --git a/debian/compat b/debian/compat new file mode 100644 index 0000000..ec63514 --- /dev/null +++ b/debian/compat @@ -0,0 +1 @@ +9 diff --git a/debian/conntrack.examples b/debian/conntrack.examples new file mode 100644 index 0000000..dc8cddb --- /dev/null +++ b/debian/conntrack.examples @@ -0,0 +1 @@ +doc/cli diff --git a/debian/conntrack.install b/debian/conntrack.install new file mode 100644 index 0000000..ab442d1 --- /dev/null +++ b/debian/conntrack.install @@ -0,0 +1,2 @@ +debian/tmp/usr/sbin/conntrack +debian/tmp/usr/share/man/man8/conntrack.8 diff --git a/debian/conntrackd.README.Debian b/debian/conntrackd.README.Debian new file mode 100644 index 0000000..8964ec4 --- /dev/null +++ b/debian/conntrackd.README.Debian @@ -0,0 +1,8 @@ +conntrackd can run in two modes: +- statistics mode +- synchronization mode + +This package comes with a sample configuration file for the statistics +mode in (/etc/conntrackd/conntrackd.conf). There are also sample +configuration files for the synchronization mode in +/usr/share/doc/conntrackd/examples. diff --git a/debian/conntrackd.conf b/debian/conntrackd.conf new file mode 100644 index 0000000..6d76261 --- /dev/null +++ b/debian/conntrackd.conf @@ -0,0 +1,101 @@ +# +# General settings +# +General { + # + # Number of buckets in the caches: hash table + # + HashSize 8192 + + # + # Maximum number of conntracks: + # it must be >= $ cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max + # + HashLimit 65535 + + # + # Logfile: on (/var/log/conntrackd.log), off, or a filename + # Default: off + # + #LogFile on + + # + # Syslog: on, off or a facility name (daemon (default) or local0..7) + # Default: off + # + Syslog on + + # + # Lockfile + # + LockFile /var/lock/conntrackd.lock + + # + # Unix socket configuration + # + UNIX { + Path /var/run/conntrackd.sock + Backlog 20 + } + + # + # Netlink socket buffer size + # + SocketBufferSize 262142 + + # + # Increase the socket buffer up to maximun if required + # + SocketBufferSizeMaxGrown 655355 + + # + # Event filtering: This clause allows you to filter certain traffic, + # There are currently three filter-sets: Protocol, Address and + # State. The filter is attached to an action that can be: Accept or + # Ignore. Thus, you can define the event filtering policy of the + # filter-sets in positive or negative logic depending on your needs. + # + Filter { + # + # Accept only certain protocols: You may want to log the + # state of flows depending on their layer 4 protocol. + # + Protocol Accept { + TCP + } + + # + # Ignore traffic for a certain set of IP's. + # + Address Ignore { + IPv4_address 127.0.0.1 # loopback + } + + # + # Uncomment this line below if you want to filter by flow state. + # The existing TCP states are: SYN_SENT, SYN_RECV, ESTABLISHED, + # FIN_WAIT, CLOSE_WAIT, LAST_ACK, TIME_WAIT, CLOSED, LISTEN. + # + # State Accept { + # ESTABLISHED CLOSED TIME_WAIT CLOSE_WAIT for TCP + # } + } +} + +Stats { + # + # If you enable this option, the daemon writes the information about + # destroyed connections to a logfile. Default is off. + # Logfile: on, off, or a filename + # Default file: (/var/log/conntrackd-stats.log) + # + LogFile on + + # + # Enable connection logging via Syslog. Default is off. + # Syslog: on, off or a facility name (daemon (default) or local0..7) + # If you set the facility, use the same as in the General clause, + # otherwise you'll get a warning message. + # + #Syslog on +} diff --git a/debian/conntrackd.default b/debian/conntrackd.default new file mode 100644 index 0000000..9926d79 --- /dev/null +++ b/debian/conntrackd.default @@ -0,0 +1,5 @@ +# Which configuration file? +#CONFIG=/etc/conntrackd/conntrackd.conf + +# Additional options for daemon startup. +#OPTIONS="" diff --git a/debian/conntrackd.examples b/debian/conntrackd.examples new file mode 100644 index 0000000..8161d36 --- /dev/null +++ b/debian/conntrackd.examples @@ -0,0 +1,2 @@ +doc/stats +doc/sync diff --git a/debian/conntrackd.init b/debian/conntrackd.init new file mode 100755 index 0000000..0c5ccb9 --- /dev/null +++ b/debian/conntrackd.init @@ -0,0 +1,61 @@ +#!/bin/bash +# +# conntrackd Start conntrackd using /etc/conntrackd.conf +# +# Written by Max Kellermann <max@duempel.org> +# +### BEGIN INIT INFO +# Provides: conntrackd +# Required-Start: $network $syslog $remote_fs +# Required-Stop: $network $syslog $remote_fs +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Description: Starts conntrackd +# short-description: Starts conntrackd +### END INIT INFO + +#includes lsb functions +source /lib/lsb/init-functions + +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin +DAEMON=/usr/sbin/conntrackd + +test -x $DAEMON || exit 0 + +CONFIG=/etc/conntrackd/conntrackd.conf +OPTIONS="" + +test -f /etc/default/conntrackd && source /etc/default/conntrackd + +test -f $CONFIG || exit 0 + +case "$1" in + start) + log_begin_msg "Starting conntrackd" + start-stop-daemon --start --quiet \ + --exec $DAEMON \ + -- \ + -d \ + -C "$CONFIG" \ + $OPTIONS + log_end_msg $? + ;; + stop) + log_begin_msg "Stopping conntrackd" + $DAEMON \ + -C "$CONFIG" \ + -k + log_end_msg $? + ;; + restart|force-reload) + $0 stop + sleep 1 + $0 start + ;; + *) + log_action_msg "Usage: /etc/init.d/conntrackd {start|stop|restart|force-reload}" + exit 1 + ;; +esac + +exit 0 diff --git a/debian/conntrackd.install b/debian/conntrackd.install new file mode 100644 index 0000000..1c9808d --- /dev/null +++ b/debian/conntrackd.install @@ -0,0 +1,3 @@ +debian/conntrackd.conf etc/conntrackd +debian/tmp/usr/sbin/conntrackd +debian/tmp/usr/share/man/man8/conntrackd.8 diff --git a/debian/conntrackd.logrotate b/debian/conntrackd.logrotate new file mode 100644 index 0000000..d1b0164 --- /dev/null +++ b/debian/conntrackd.logrotate @@ -0,0 +1,9 @@ +/var/log/conntrackd-stats.log { + weekly + rotate 2 + missingok + + postrotate + invoke-rc.d conntrackd restart > /dev/null + endscript +} diff --git a/debian/conntrackd.postinst b/debian/conntrackd.postinst new file mode 100644 index 0000000..847932b --- /dev/null +++ b/debian/conntrackd.postinst @@ -0,0 +1,17 @@ +#!/bin/sh +set -e + +action=$1 +version=$2 + +# package versions < 0.9.8-1 had the configuration file in a +# non-standard location +if [ "$action" = configure -a -n "$version" ] && + dpkg --compare-versions "$version" lt "1:0.9.8-1" && + test -f /etc/conntrackd.conf.dpkg-updating +then + # unmodified version, delete without prompting + rm /etc/conntrackd.conf.dpkg-updating +fi + +#DEBHELPER# diff --git a/debian/conntrackd.postrm b/debian/conntrackd.postrm new file mode 100644 index 0000000..4c29446 --- /dev/null +++ b/debian/conntrackd.postrm @@ -0,0 +1,19 @@ +#!/bin/sh +set -e + +action=$1 + +# package versions < 0.9.8-1 had the configuration file in a +# non-standard location +if [ "$action" = "abort-upgrade" ] && + [ -f /etc/conntrackd.conf.dpkg-updating ] +then + # unmodified version, restore + mv /etc/conntrackd.conf.dpkg-updating /etc/conntrackd.conf +fi + +if [ "$action" = "purge" ] ; then + rm -f /etc/conntrackd.conf.dpkg-updating +fi + +#DEBHELPER# diff --git a/debian/conntrackd.preinst b/debian/conntrackd.preinst new file mode 100755 index 0000000..2bb65ef --- /dev/null +++ b/debian/conntrackd.preinst @@ -0,0 +1,25 @@ +#!/bin/sh +set -e + +action=$1 +version=$2 + +if [ "$action" = upgrade -a -n "$version" ] && + dpkg --compare-versions "$version" lt "1:0.9.8-1" && + test -f /etc/conntrackd.conf && + ! test -e /etc/conntrackd/conntrackd.conf; then + # package versions < 0.9.8-1 had the configuration file in a + # non-standard location + mkdir -p /etc/conntrackd + if md5sum /etc/conntrackd.conf 2> /dev/null | + grep -q 9e463d9bb7902e513da1b90b326bd43d + then + # unmodified version, dpkg should not prompt, delete in postinst + mv /etc/conntrackd.conf /etc/conntrackd.conf.dpkg-updating + else + # move to new location to make dpkg prompt + mv /etc/conntrackd.conf /etc/conntrackd/conntrackd.conf + fi +fi + +#DEBHELPER# diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..ccf1cce --- /dev/null +++ b/debian/control @@ -0,0 +1,28 @@ +Source: conntrack +Section: net +Priority: optional +Maintainer: Alexander Wirt <formorer@debian.org> +Homepage: http://conntrack-tools.netfilter.org/ +Build-Depends: bison, + debhelper (>= 9), + flex, + libmnl-dev (>= 1.0.1), + libnetfilter-conntrack-dev (>= 1.0.1), + libnetfilter-cttimeout-dev (>= 1.0.0) +Standards-Version: 3.9.3 + +Package: conntrack +Architecture: any +Depends: ${misc:Depends}, ${shlibs:Depends} +Description: Program to modify the conntrack tables + conntrack is a userspace command line program targeted at system + administrators. It enables them to view and manage the in-kernel + connection tracking state table. + +Package: conntrackd +Architecture: any +Depends: ${misc:Depends}, ${shlibs:Depends} +Description: Connection tracking daemon + Conntrackd can replicate the status of the connections that are + currently being processed by your stateful firewall based on Linux. + Conntrackd can also run as statistics daemon. diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..5ab105b --- /dev/null +++ b/debian/copyright @@ -0,0 +1,21 @@ +This package was debianized by Max Kellermann <max@duempel.org> on +Thu Sep 21 00:09:44 CEST 2006 + +It was downloaded from http://conntrack-tools.netfilter.org/downloads.html + +Upstream Authors: +Pablo Neira Ayuso <pablo@netfilter.org> +Harald Welte <laforge@netfilter.org> + +Copyright: + +(C) 2005 by Pablo Neira Ayuso <pablo@netfilter.org> +<laforge@netfilter.org> + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or (at + your option) any later version. + +On Debian GNU/Linux systems, the complete text of the GNU General +Public License can be found in `/usr/share/common-licenses/GPL'. diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..955dd78 --- /dev/null +++ b/debian/rules @@ -0,0 +1,13 @@ +#!/usr/bin/make -f +# -*- makefile -*- +# Sample debian/rules that uses debhelper. +# This file was originally written by Joey Hess and Craig Small. +# As a special exception, when this file is copied by dh-make into a +# dh-make output file, you may use that output file without restriction. +# This special exception was added by Craig Small in version 0.37 of dh-make. + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +%: + dh $@ diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 0000000..163aaf8 --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/debian/watch b/debian/watch new file mode 100644 index 0000000..e684794 --- /dev/null +++ b/debian/watch @@ -0,0 +1,4 @@ +version=3 + +opts="uversionmangle=s/beta/~beta/" \ +http://ftp.netfilter.org/pub/conntrack-tools/conntrack-tools-(\S+)\.tar\.bz2 |