summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Volkov <pva@gentoo.org>2008-06-05 13:12:14 +0000
committerPeter Volkov <pva@gentoo.org>2008-06-05 13:12:14 +0000
commitc0eb0f70ee680b79711ea81efb47868871a8e3f0 (patch)
tree84422adc8aa56d940579204c87824a2c8a0281a5 /net-analyzer
parentVersion bump (diff)
downloadgentoo-2-c0eb0f70ee680b79711ea81efb47868871a8e3f0.tar.gz
gentoo-2-c0eb0f70ee680b79711ea81efb47868871a8e3f0.tar.bz2
gentoo-2-c0eb0f70ee680b79711ea81efb47868871a8e3f0.zip
Added debian patches, should fix kernel 2.6.24 compatibility problem, bug #213284, thank svrmarty for report.
(Portage version: 2.1.4.4)
Diffstat (limited to 'net-analyzer')
-rw-r--r--net-analyzer/ippl/ChangeLog12
-rw-r--r--net-analyzer/ippl/files/ippl-1.4.14-manpage.patch15
-rw-r--r--net-analyzer/ippl/files/ippl-1.4.14-noportresolve.patch347
-rw-r--r--net-analyzer/ippl/files/ippl-1.4.14-privilege-drop.patch140
-rw-r--r--net-analyzer/ippl/ippl-1.4.14-r1.ebuild45
5 files changed, 557 insertions, 2 deletions
diff --git a/net-analyzer/ippl/ChangeLog b/net-analyzer/ippl/ChangeLog
index c42e63e7ef17..fbbb3756a481 100644
--- a/net-analyzer/ippl/ChangeLog
+++ b/net-analyzer/ippl/ChangeLog
@@ -1,6 +1,14 @@
# ChangeLog for net-analyzer/ippl
-# Copyright 2002-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ippl/ChangeLog,v 1.11 2007/04/28 12:35:52 tove Exp $
+# Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ippl/ChangeLog,v 1.12 2008/06/05 13:12:14 pva Exp $
+
+*ippl-1.4.14-r1 (05 Jun 2008)
+
+ 05 Jun 2008; Peter Volkov <pva@gentoo.org>
+ +files/ippl-1.4.14-manpage.patch, +files/ippl-1.4.14-noportresolve.patch,
+ +files/ippl-1.4.14-privilege-drop.patch, +ippl-1.4.14-r1.ebuild:
+ Added debian patches, should fix kernel 2.6.24 compatibility problem, bug
+ #213284, thank svrmarty for report.
28 Apr 2007; Torsten Veller <tove@gentoo.org> ippl-1.4.14.ebuild:
Use newinitd
diff --git a/net-analyzer/ippl/files/ippl-1.4.14-manpage.patch b/net-analyzer/ippl/files/ippl-1.4.14-manpage.patch
new file mode 100644
index 000000000000..f70ca94dd972
--- /dev/null
+++ b/net-analyzer/ippl/files/ippl-1.4.14-manpage.patch
@@ -0,0 +1,15 @@
+patch by Marc Haber <mh+debian-packages@zugschlus.de>
+
+--- ./Docs/ippl.conf.man 2000-11-05 22:03:47.000000000 +0000
++++ /tmp/dpep-work.IyOfxu/trunk/Docs/ippl.conf.man 2005-03-19 20:53:38.340875122 +0000
+@@ -222,9 +222,7 @@
+ .SS Protocol
+ .PP
+ protocol is one of the supported protocols (see the protocols
+-section), except the
+-.I all
+-keyword, which is not supported.
++section).
+
+ .SS Description
+ .PP
diff --git a/net-analyzer/ippl/files/ippl-1.4.14-noportresolve.patch b/net-analyzer/ippl/files/ippl-1.4.14-noportresolve.patch
new file mode 100644
index 000000000000..80cda4274ccb
--- /dev/null
+++ b/net-analyzer/ippl/files/ippl-1.4.14-noportresolve.patch
@@ -0,0 +1,347 @@
+patch by Marc Haber <mh+debian-packages@zugschlus.de>
+
+--- Docs/ippl.conf.man 2008-06-05 12:39:24 +0000
++++ Docs/ippl.conf.man 2008-06-05 12:46:02 +0000
+@@ -92,6 +92,13 @@
+ .PP
+ By default, IP address resolution is disabled for all the protocols.
+
++Ippl by default resolves tcp/udp port numbers to their respective
++service names. If you pass a protocol to the noportresolve option,
++ippl logs the port number instead. This is a Debian specific extension.
++
++By default service resolving is enabled, since this is the behaviour
++of the upstream program.
++
+ .SH LOGGING FORMAT
+
+ .BR ippl
+@@ -198,6 +205,12 @@
+ .I noresolve
+ disable IP address resolution.
+ .PP
++.I portresolve
++enable IP service resolution.
++.PP
++.I noportresolve
++disable IP service resolution.
++.PP
+ .I ident
+ use ident logging (only for TCP).
+ .PP
+
+--- Source/configuration.c 2008-06-05 12:39:24 +0000
++++ Source/configuration.c 2008-06-05 12:46:02 +0000
+@@ -60,6 +60,7 @@
+ extern unsigned int dns_expire;
+ extern unsigned short log_protocols;
+ extern unsigned short resolve_protocols;
++ extern unsigned short portresolve_protocols;
+ extern unsigned short icmp_format;
+ extern unsigned short tcp_format;
+ extern unsigned short udp_format;
+@@ -71,6 +72,7 @@
+ dns_expire = DNS_EXPIRE;
+ log_protocols = NONE;
+ resolve_protocols = 0; /* Do not resolve by default */
++ portresolve_protocols = RUN_TCP | RUN_UDP | RUN_ICMP; /* Resolve by default */
+ icmp_format = LOGFORMAT_NORMAL;
+ tcp_format = LOGFORMAT_NORMAL;
+ udp_format = LOGFORMAT_NORMAL;
+
+--- Source/filter.c 2008-06-05 12:39:24 +0000
++++ Source/filter.c 2008-06-05 12:46:02 +0000
+@@ -46,6 +46,7 @@
+
+ extern unsigned short use_ident;
+ extern unsigned short resolve_protocols;
++extern unsigned short portresolve_protocols;
+ extern unsigned short icmp_format;
+ extern unsigned short tcp_format;
+ extern unsigned short udp_format;
+@@ -66,7 +67,7 @@
+ #ifdef FILTER_DEBUG
+ void display_info(struct log_info *info, int entries) {
+
+- log.log(log.level_or_fd, "DBG: (e:%d) log:%d ident:%d resolve:%d closing:%d format:%d", entries, info->log, info->ident, info->resolve, info->logclosing, info->logformat);
++ log.log(log.level_or_fd, "DBG: (e:%d) log:%d ident:%d resolve:%d portresolve: %d, closing:%d format:%d", entries, info->log, info->ident, info->resolve, info->portresolve, info->logclosing, info->logformat);
+ }
+ #endif
+
+@@ -200,6 +201,19 @@
+ break;
+ }
+ }
++ if (info->portresolve == -1) {
++ switch (protocol) {
++ case IPPROTO_ICMP:
++ info->portresolve = portresolve_protocols & RUN_ICMP;
++ break;
++ case IPPROTO_TCP:
++ info->portresolve = portresolve_protocols & RUN_TCP;
++ break;
++ case IPPROTO_UDP:
++ info->portresolve = portresolve_protocols & RUN_UDP;
++ break;
++ }
++ }
+ }
+
+ struct log_info do_log(const __u32 from, const __u32 to, const __u16 type, const __u16 srctype, const short protocol) {
+@@ -244,6 +258,7 @@
+ info.log = p->log;
+ info.ident = p->ident;
+ info.resolve = p->resolve;
++ info.portresolve = p->portresolve;
+ info.logformat = p->logformat;
+ info.logclosing = p->logclosing;
+ set_defaults(protocol, &info);
+@@ -265,6 +280,7 @@
+ info.log = p->log;
+ info.ident = p->ident;
+ info.resolve = p->resolve;
++ info.portresolve = p->portresolve;
+ info.logformat = p->logformat;
+ set_defaults(protocol, &info);
+ #ifdef FILTER_DEBUG
+@@ -280,7 +296,7 @@
+ info.log = TRUE;
+ info.ident = use_ident;
+ info.logclosing = log_closing;
+- info.logformat = info.resolve = -1;
++ info.logformat = info.resolve = info.portresolve = -1;
+ set_defaults(protocol, &info);
+
+ #ifdef FILTER_DEBUG
+
+--- Source/filter.h 2008-06-05 12:39:24 +0000
++++ Source/filter.h 2008-06-05 12:46:02 +0000
+@@ -53,6 +53,7 @@
+ struct filter_entry {
+ short log; /* TRUE for "log", FALSE for "ignore" */
+ short ident; /* TRUE if we should use ident */
++ short portresolve; /* TRUE if we should resolve TCP/UDP services */
+ short resolve; /* TRUE if we should resolve IP addresses */
+ short logformat; /* format used to log */
+ short logclosing; /* TRUE to log closing TCP connections */
+@@ -72,6 +73,7 @@
+ short log;
+ short ident;
+ short resolve;
++ short portresolve;
+ short logclosing;
+ short logformat;
+ };
+
+--- Source/ippl.l 2008-06-05 12:39:24 +0000
++++ Source/ippl.l 2008-06-05 12:46:02 +0000
+@@ -75,6 +75,9 @@
+ [lL][oO][gG][cC][lL][oO][sS][iI][nN][gG] return LOGCLOSING;
+ [nN][oO][lL][oO][gG][cC][lL][oO][sS][iI][nN][gG] return NOLOGCLOSING;
+
++[nN][oO][pP][oO][rR][tT][rR][eE][sS][oO][lL][vV][eE] return NOPORTRESOLVE;
++[pP][oO][rR][tT][rR][eE][sS][oO][lL][vV][eE] return PORTRESOLVE;
++
+ [nN][oO][rR][eE][sS][oO][lL][vV][eE] return NORESOLVE;
+ [rR][eE][sS][oO][lL][vV][eE] return RESOLVE;
+
+
+--- Source/ippl.y 2008-06-05 12:39:24 +0000
++++ Source/ippl.y 2008-06-05 12:46:02 +0000
+@@ -61,6 +61,7 @@
+
+ /* Should name resolving be done? */
+ unsigned short resolve_protocols;
++unsigned short portresolve_protocols;
+
+ /* Logging format for each protocol */
+ unsigned short icmp_format;
+@@ -100,7 +101,7 @@
+ %token<stringval> IP HOSTMASK IDENTIFIER FILENAME
+ %token<longval> NUMBER
+
+-%token LOGFORMAT DETAILED SHORT NORMAL RESOLVE NORESOLVE IDENT NOIDENT LOGCLOSING NOLOGCLOSING
++%token LOGFORMAT DETAILED SHORT NORMAL RESOLVE NORESOLVE IDENT NOIDENT LOGCLOSING NOLOGCLOSING PORTRESOLVE NOPORTRESOLVE
+ %token RUN RUNAS EXPIRE LOG_IN LOG IGNORE FROM TO TYPE PORT SRCPORT OPTION COMMA
+ %token ICMP TCP UDP ALL
+
+@@ -138,6 +139,11 @@
+ | NORESOLVE ProtoList EOL
+ { resolve_protocols &= ~$2; }
+
++ | PORTRESOLVE ProtoList EOL
++ { portresolve_protocols |= $2; }
++ | NOPORTRESOLVE ProtoList EOL
++ { portresolve_protocols &= ~$2; }
++
+ | LOGCLOSING EOL
+ { log_closing = TRUE; }
+ | NOLOGCLOSING EOL
+@@ -249,6 +255,7 @@
+ switches.log = -1;
+ switches.ident = use_ident;
+ switches.resolve = -1;
++ switches.portresolve = -1;
+ switches.logformat = -1;
+ switches.logclosing = log_closing;
+ }
+@@ -259,6 +266,7 @@
+ $$->ident = switches.ident;
+ $$->logclosing = switches.logclosing;
+ $$->resolve = switches.resolve;
++ $$->portresolve = switches.portresolve;
+ $$->logformat = switches.logformat;
+ $$->protocol = $4.protocol;
+ $$->loginfo = $4.loginfoval;
+@@ -287,6 +295,8 @@
+ | NOIDENT { switches.ident = FALSE; }
+ | RESOLVE { switches.resolve = RUN_ICMP | RUN_TCP | RUN_UDP; }
+ | NORESOLVE { switches.resolve = 0; }
++ | PORTRESOLVE { switches.portresolve = RUN_ICMP | RUN_TCP | RUN_UDP; }
++ | NOPORTRESOLVE { switches.portresolve = 0; }
+ | SHORT { switches.logformat = LOGFORMAT_SHORT; }
+ | NORMAL { switches.logformat = LOGFORMAT_NORMAL; }
+ | DETAILED { switches.logformat = LOGFORMAT_DETAILED; }
+
+--- Source/main.c 2008-06-05 12:39:24 +0000
++++ Source/main.c 2008-06-05 12:46:02 +0000
+@@ -48,6 +48,10 @@
+ #include "filter.h"
+ #include "pidfile.h"
+
++#ifndef PATH_MAX
++#define PATH_MAX 4096
++#endif
++
+ /* Logging mechanism */
+ struct loginfo log;
+
+
+--- Source/netutils.c 2008-06-05 12:39:24 +0000
++++ Source/netutils.c 2008-06-05 12:46:02 +0000
+@@ -237,15 +237,21 @@
+ * Get a service name for a specified protocol
+ */
+
+-void service_lookup(char *proto, char *service, __u16 port) {
++void service_lookup(char *proto, char *service, __u16 port, int portresolve) {
+ struct servent *se;
+
+ pthread_mutex_lock(&service_mutex);
+- se = getservbyport(port, proto);
+- if (se == NULL)
++ if (portresolve)
++ {
++ se = getservbyport(port, proto);
++ if (se == NULL)
++ snprintf(service, SERVICE_LENGTH, "port %d", ntohs(port));
++ else {
++ snprintf(service, SERVICE_LENGTH, "%s", se->s_name);
++ }
++ }
++ else {
+ snprintf(service, SERVICE_LENGTH, "port %d", ntohs(port));
+- else {
+- snprintf(service, SERVICE_LENGTH, "%s", se->s_name);
+ }
+ pthread_mutex_unlock(&service_mutex);
+ }
+
+--- Source/netutils.h 2008-06-05 12:39:24 +0000
++++ Source/netutils.h 2008-06-05 12:46:02 +0000
+@@ -53,6 +53,6 @@
+ const __u32 src_addr, const __u16 src_port,
+ const __u32 dst_addr, const __u16 dst_port);
+
+-void service_lookup(char *proto, char *service, __u16 port);
++void service_lookup(char *proto, char *service, __u16 port, int portresolve);
+
+ #endif
+
+--- Source/tcp.c 2008-06-05 12:39:24 +0000
++++ Source/tcp.c 2008-06-05 12:46:02 +0000
+@@ -51,6 +51,7 @@
+ struct loginfo tcp_log;
+ extern struct loginfo log;
+ extern unsigned short resolve_protocols;
++extern unsigned short portresolve_protocols;
+
+ /*
+ * Structure of a TCP packet
+@@ -88,7 +89,7 @@
+ *details ='\0';
+ host_print(remote_host, IPHDR.saddr,
+ info.resolve);
+- service_lookup("tcp", service, TCPHDR.dest);
++ service_lookup("tcp", service, TCPHDR.dest, info.portresolve);
+ if (info.logformat == LOGFORMAT_DETAILED) {
+ get_details(details,
+ IPHDR.saddr,
+@@ -186,7 +187,7 @@
+ *details ='\0';
+ host_print(remote_host, IPHDR.saddr,
+ info.resolve);
+- service_lookup("tcp", service, TCPHDR.dest);
++ service_lookup("tcp", service, TCPHDR.dest, info.portresolve);
+ if (info.logformat == LOGFORMAT_DETAILED) {
+ get_details(details,
+ IPHDR.saddr,
+
+--- Source/udp.c 2008-06-05 12:39:24 +0000
++++ Source/udp.c 2008-06-05 12:46:02 +0000
+@@ -81,7 +81,7 @@
+ *details ='\0';
+ host_print(remote_host, IPHDR.saddr,
+ info.resolve);
+- service_lookup("udp", service, UDPHDR.dest);
++ service_lookup("udp", service, UDPHDR.dest, info.portresolve);
+ if (info.logformat == LOGFORMAT_DETAILED) {
+ get_details(details,
+ IPHDR.saddr,
+
+--- ippl.conf 2008-06-05 12:39:24 +0000
++++ ippl.conf 2008-06-05 12:48:36 +0000
+@@ -4,13 +4,15 @@
+ # User used
+ # ---------
+ # Specify the user (declared in /etc/passwd) used to run the
+-# logging threads.
+-#runas nobody
++# logging threads. The ippl process visible in the process table
++# is still running as root! Look in /proc/pid/task to see the threads
++# running as ippl
++runas ippl
+
+ # Resolve hostnames?
+ # ------------------
+-# Uncomment the line below to disable DNS lookups
+-#noresolve all
++# Uncomment the line below to enable DNS lookups
++#resolve all
+
+ # Use ident?
+ # ----------
+@@ -38,9 +40,14 @@
+ # ----------------
+ run icmp tcp
+ # Uncomment the line below to log UDP traffic.
+-# See ippl.conf(5) for recommandations.
++# See ippl.conf(5) for recommendations.
+ #run udp
+
++# Resolve tcp/udp port to service name?
++# -------------------------------------
++# portresolve icmp tcp udp
++# Set noportresolve <protocol-list> to log port numbers instead
++
+ # Logging format
+ # ----------------
+ # If you want to see the destination address, the ports, etc
+@@ -63,6 +70,3 @@
+ # Do not log DNS queries
+ #ignore udp port domain
+ #ignore udp srcport domain
+-
+-# End of configuration
+-# Copyright (C) 1998-1999 Hugo Haas - Etienne Bernard
+
diff --git a/net-analyzer/ippl/files/ippl-1.4.14-privilege-drop.patch b/net-analyzer/ippl/files/ippl-1.4.14-privilege-drop.patch
new file mode 100644
index 000000000000..7a397a86c054
--- /dev/null
+++ b/net-analyzer/ippl/files/ippl-1.4.14-privilege-drop.patch
@@ -0,0 +1,140 @@
+privilege-drop by Marc Haber <mh+debian-packages@zugschlus.de>
+
+--- trunk~/Source/icmp.c 2001-09-28 20:47:58.000000000 +0200
++++ trunk/Source/icmp.c 2007-05-20 12:05:24.000000000 +0200
+@@ -39,6 +39,8 @@
+ #include "log.h"
+ #include "filter.h"
+ #include "configuration.h"
++#include <string.h>
++#include <errno.h>
+
+ /* Socket */
+ int icmp_socket;
+@@ -296,14 +298,16 @@
+
+ icmp_socket = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP);
+ if (icmp_socket <= 0) {
+- log.log(log.level_or_fd, "FATAL: Unable to open icmp raw socket");
++ int error = errno;
++ log.log(log.level_or_fd, "FATAL: Unable to open icmp raw socket\nERROR No: %d\nERROR : %s", error, strerror(error));
+ exit(1);
+ }
+
+- setgid(((struct passwd *)nobody)->pw_gid);
++ /* Don't do this here - race conditions will arise */
++ /* setgid(((struct passwd *)nobody)->pw_gid);
+ initgroups(((struct passwd *)nobody)->pw_name,
+ ((struct passwd *)nobody)->pw_gid);
+- setuid(((struct passwd *)nobody)->pw_uid);
++ setuid(((struct passwd *)nobody)->pw_uid); */
+
+ for(;;) {
+ if (read(icmp_socket, (__u8 *) &pkt, ICMP_CAPTURE_LENGTH) == -1) {
+--- trunk~/Source/main.c 2000-04-21 21:37:49.000000000 +0200
++++ trunk/Source/main.c 2007-05-20 12:05:24.000000000 +0200
+@@ -153,6 +153,17 @@
+ run_thread(&udp_t, log_udp, (void *)account);
+ }
+
++ /* Sleep 1 sec to allow the other threads to catchup */
++ /* Not the best way to solve the issue but it works */
++ sleep(1);
++
++ /* Drop privileges */
++
++ setgid(((struct passwd *)account)->pw_gid);
++ initgroups(((struct passwd *)account)->pw_name,
++ ((struct passwd *)account)->pw_gid);
++ setuid(((struct passwd *)account)->pw_uid);
++
+ }
+
+
+@@ -160,8 +171,10 @@
+ * reload_configuration
+ *
+ * Stops the threads and reloads the configuration
++ *
++ * -- DEPRECATED (due to privilege drop cannot reload - needs a restart!)
+ */
+-void reload_configuration() {
++void reload_configuration_DEPRECATED() {
+ extern pthread_mutex_t log_mutex, service_mutex, dns_mutex, r_mux, w_mux;
+ extern pthread_cond_t w_cond;
+ extern int readers;
+@@ -353,8 +366,10 @@
+ * Function executed when we receive a SIHUP signal
+ */
+ void sighup(int sig) {
+- reload_configuration();
+- log.log(log.level_or_fd, "IP Protocols Logger: reloaded configuration.");
++ // DEPRECATED - reload_configuration();
++ // log.log(log.level_or_fd, "IP Protocols Logger: reloaded configuration.");
++ log.log(log.level_or_fd, "IP Protocols Logger: reload configuration is unsupported.");
++ die(sig);
+ signal(SIGHUP, sighup);
+ }
+
+--- trunk~/Source/tcp.c 2001-09-29 15:27:01.000000000 +0200
++++ trunk/Source/tcp.c 2007-05-20 12:05:24.000000000 +0200
+@@ -44,6 +44,8 @@
+ #include "filter.h"
+ #include "configuration.h"
+ #include "ident.h"
++#include <errno.h>
++#include <string.h>
+
+ /* Socket */
+ int tcp_socket;
+@@ -258,14 +260,16 @@
+
+ tcp_socket = socket(AF_INET, SOCK_RAW, IPPROTO_TCP);
+ if (tcp_socket <= 0) {
+- log.log(log.level_or_fd, "FATAL: Unable to open tcp raw socket");
++ int error = errno;
++ log.log(log.level_or_fd, "FATAL: Unable to open tcp raw socket\nERROR No: %d\nERROR : %s", error, strerror(error));
+ exit(1);
+ }
+
+- setgid(((struct passwd *)nobody)->pw_gid);
++ /* Don't do this here - race conditions will arise */
++ /* setgid(((struct passwd *)nobody)->pw_gid);
+ initgroups(((struct passwd *)nobody)->pw_name,
+ ((struct passwd *)nobody)->pw_gid);
+- setuid(((struct passwd *)nobody)->pw_uid);
++ setuid(((struct passwd *)nobody)->pw_uid); */
+
+ for(;;) {
+ if (read(tcp_socket, (__u8 *) &pkt, TCP_CAPTURE_LENGTH) == -1) {
+--- trunk~/Source/udp.c 2001-09-28 20:47:35.000000000 +0200
++++ trunk/Source/udp.c 2007-05-20 12:05:24.000000000 +0200
+@@ -39,6 +39,8 @@
+ #include "filter.h"
+ #include "configuration.h"
+ #include "ident.h"
++#include <errno.h>
++#include <string.h>
+
+ /* Socket */
+ int udp_socket;
+@@ -138,14 +140,16 @@
+
+ udp_socket = socket(AF_INET, SOCK_RAW, IPPROTO_UDP);
+ if (udp_socket <= 0) {
+- log.log(log.level_or_fd, "FATAL: Unable to open udp raw socket");
++ int error = errno;
++ log.log(log.level_or_fd, "FATAL: Unable to open udp raw socket\nERROR No: %d\nERROR : %s", error, strerror(error));
+ exit(1);
+ }
+
+- setgid(((struct passwd *)nobody)->pw_gid);
++ /* Don't do this here - race conditions will arise */
++ /* setgid(((struct passwd *)nobody)->pw_gid);
+ initgroups(((struct passwd *)nobody)->pw_name,
+ ((struct passwd *)nobody)->pw_gid);
+- setuid(((struct passwd *)nobody)->pw_uid);
++ setuid(((struct passwd *)nobody)->pw_uid); */
+
+ for(;;) {
+ if (read(udp_socket, (__u8 *) &pkt, UDP_CAPTURE_LENGTH) == -1) {
diff --git a/net-analyzer/ippl/ippl-1.4.14-r1.ebuild b/net-analyzer/ippl/ippl-1.4.14-r1.ebuild
new file mode 100644
index 000000000000..4b29a2fc2bcb
--- /dev/null
+++ b/net-analyzer/ippl/ippl-1.4.14-r1.ebuild
@@ -0,0 +1,45 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ippl/ippl-1.4.14-r1.ebuild,v 1.1 2008/06/05 13:12:14 pva Exp $
+
+inherit eutils
+
+DESCRIPTION="A daemon which logs TCP/UDP/ICMP packets"
+HOMEPAGE="http://pltplp.net/ippl/"
+SRC_URI="http://pltplp.net/ippl/archive/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~x86"
+IUSE=""
+
+DEPEND="|| ( sys-devel/bison >=dev-util/yacc-1.9.1-r1 )
+ >=sys-devel/flex-2.5.4a-r4"
+RDEPEND=""
+
+pkg_setup() {
+ enewuser ippl || die "Failed to add user ippl"
+}
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+
+ # Patches from debian which besides features additions fix some bugs...
+ epatch "${FILESDIR}"/ippl-1.4.14-noportresolve.patch
+ epatch "${FILESDIR}"/ippl-1.4.14-manpage.patch
+ epatch "${FILESDIR}"/ippl-1.4.14-privilege-drop.patch
+}
+
+src_install() {
+ dosbin Source/ippl
+
+ insinto "/etc"
+ doins ippl.conf
+
+ doman Docs/{ippl.8,ippl.conf.5}
+
+ dodoc BUGS CREDITS HISTORY README TODO
+
+ newinitd "${FILESDIR}"/ippl.rc ippl
+}