%define tcpdump_ver 4.9.3 %define libpcap_ver 1.9.1 %{!?_licensedir:%global license %%doc} Summary: A network traffic monitoring tool. Summary(ja): ネットワークのトラフィックをモニタするツール Name: tcpdump Epoch: 1 Version: %{tcpdump_ver} %define tcpdump_dir tcpdump-%{tcpdump_ver} %define tcpslice_dir tcpslice Release: 2%{?_dist_release} Group: system,network Vendor: Project Vine Distribution: Vine Linux Packager: daisuke, shaolin # XXX epoch is necessary to obsolete tcpdump-3.4a5 License: BSD URL: https://www.tcpdump.org/ Source0: https://www.tcpdump.org/release/tcpdump-%{tcpdump_ver}.tar.gz Source1: ftp://ftp.ee.lbl.gov/tcpslice-1.2a3.tar.gz Patch0004: 0004-tcpslice-update-tcpslice-patch-to-1.2a3.patch Patch0005: 0005-tcpslice-remove-unneeded-include.patch Patch0006: 0006-tcpslice-don-t-test-the-pointer-but-pointee-for-NULL.patch Patch1000: 0013-CVE-2020-8037.patch %define tcpslice_dir tcpslice-1.2a3 BuildRoot: %{_tmppath}/%{name}-%{version}-root BuildRequires: glibc-kernheaders >= 2.2.0 BuildRequires: openssl-devel BuildRequires: libpcap-devel >= %{libpcap_ver} BuildRequires: autoconf, automake BuildRequires: git %description Tcpdump is a command-line tool for monitoring network traffic. Tcpdump can capture and display the packet headers on a particular network interface or on all interfaces. Tcpdump can display all of the packet headers, or just the ones that match particular criteria. Install tcpdump if you need a program to monitor network traffic. %description -l ja tcpdump はネットワークのトラフィックをモニタする、コマンドライン ベースのツールです。tcpdump はあるネットワークインターフェイス もしくは全てのネットワークインターフェイス上のパケットのヘッダを キャプチャして表示することができます。tcpdump は全てのパケットの ヘッダを表示することもできますし、ある規則に合致するものだけを 表示することもできます。 ネットワークのトラフィックをモニタする必要がある場合、tcpdump を インストールしてください。 %debug_package %prep %autosetup -a 1 -S git %build export CFLAGS="$RPM_OPT_FLAGS $(getconf LFS_CFLAGS) -fno-strict-aliasing" pushd %{tcpslice_dir} # update config.{guess,sub} automake -a -f 2> /dev/null || : %configure make %{?_smp_mflags} popd %configure --with-crypto --with-user=tcpdump --without-smi make %{?_smp_mflags} %install rm -rf %{buildroot} mkdir -p %{buildroot}%{_libdir} mkdir -p %{buildroot}%{_mandir}/man{3,8} mkdir -p %{buildroot}%{_sbindir} pushd %{tcpslice_dir} install -m755 tcpslice ${RPM_BUILD_ROOT}%{_sbindir} install -m644 tcpslice.1 ${RPM_BUILD_ROOT}%{_mandir}/man8/tcpslice.8 popd install -m755 tcpdump ${RPM_BUILD_ROOT}%{_sbindir} install -m644 tcpdump.1 ${RPM_BUILD_ROOT}%{_mandir}/man8/tcpdump.8 # fix section numbers sed -i 's/\(\.TH[a-zA-Z ]*\)[1-9]\(.*\)/\18\2/' \ ${RPM_BUILD_ROOT}%{_mandir}/man8/* %clean rm -rf %{buildroot} %pre groupadd -g 72 tcpdump 2> /dev/null ||: useradd -u 72 -g 72 -s /sbin/nologin -M -r \ -d / tcpdump 2> /dev/null ||: exit 0 %files %defattr(-,root,root) %license LICENSE %doc README.md CHANGES CREDITS %{_sbindir}/tcpdump %{_sbindir}/tcpslice %{_mandir}/man8/tcpslice.8* %{_mandir}/man8/tcpdump.8* %changelog * Mon Feb 01 2021 Tomohiro "Tomo-p" KATO - 1.4.9.3-2 - imported Patch1000 from rawhide to fix CVE-2020-8037. * Sat Oct 05 2019 Tomohiro "Tomo-p" KATO - 1:4.9.3-1 - new upstream release. - dropped Patch0001: fixed in upstream. - dropped Patch0002, 0003, 0007 and0008. * Sun Sep 17 2017 Tomohiro "Tomo-p" KATO - 1:4.9.2-1 - new upstream release. - dropped all patches. - imported patches from rawhide. - updated %%SOURCE1. * Tue Mar 29 2016 Yoji TOYODA - 1:4.7.4-2 - rebuild with openssl-1.0.2g * Sun Jun 07 2015 Yoji TOYODA - 1:4.7.4-1 - new upstream release * Sun Mar 15 2015 Yoji TOYODA - 1:4.7.3-1 - new upstream release - update Patch10 (tcpdump-4.7.3-portnumbers.patch) - update Patch21 (tcpdump-4.7.3-isis-dos.patch) - remove Patch16,17,22 * Wed Jan 15 2014 Yoji TOYODA - 1:4.5.1-1 - new upstream release * Fri Jun 22 2012 Yoji TOYODA - 1:4.3.0-1 - new upstream release * Thu Mar 22 2012 MATSUBAYASHI Kohji - 1:4.1.1-4 - rebuild * Sat Jan 29 2011 Yoji TOYODA 1:4.1.1-3 - rebuild with openssl-1.0.0c * Sat Sep 18 2010 Ryoichi INAGAKI 1:4.1.1-2 - removed pcap header direction - added URL tag * Sun May 23 2010 Ryoichi INAGAKI 1:4.1.1-1 - new upstream release - updated Patch10 - built with new toolchain * Sat Apr 25 2009 Ryoichi INAGAKI 1:4.0.0-2 - spec in UTF-8 - added BuildRequires: libpcap-devel instead of libpcap - changed Group to Applications/System * Thu Oct 30 2008 Satoshi IWAMOTO 1:4.0.0-1 - new upstream release with libpcap 1.0.0 * Mon Apr 14 2008 MATSUBAYASHI Kohji 1:3.9.8-2 - built again with libpcap-0.9.8 for sure this time * Sat Apr 12 2008 Ryoichi INAGAKI 1:3.9.8-1vl5 - new upstream release * Sat Sep 1 2007 Ryoichi INAGAKI 1:3.9.7-0vl1 - new upstream release * Sat Jul 7 2007 Ryoichi INAGAKI 1:3.9.6-0vl1 - new upstream release * Mon May 21 2007 MATSUBAYASHI Kohji 1:3.9.3-0vl3 - rebuilt with new toolchain * Fri Aug 26 2005 Ryoichi INAGAKI 1:3.9.3-0vl2 - dropped --with-user option * Mon Aug 22 2005 Ryoichi INAGAKI 1:3.9.3-0vl1 - new upstream release - some patches are imported from fedora package - build with libpcap 0.9.3 - changed BuildRequire kernel-headers to glibc-kernheaders * Sun Jun 13 2004 Daisuke SUZUKI 1:3.8.3-0vl1 - new upstream release - some patches are imported from fedora package * Sat Oct 11 2003 Ryoichi INAGAKI 1:3.7.2-0vl1 - updated to 3.7.2 - fixed patches based on Redhat Rawhide - rebuild with libpcap-0.7.2 - s/Copyright/License/ * Fri Feb 21 2003 Daisuke SUZUKI 1:3.7.1-0vl2 - split out libpcap, Requires: libpcap * Fri Feb 21 2003 Daisuke SUZUKI 1:3.7.1-0vl1 - update to new upstream release tcpdump 3.7.1, arpwatch 0.7.1 - drop unneeded patches - use autoconf213, automake14 - split out arpwatch * Fri Feb 21 2003 Daisuke SUZUKI 1:3.6.2-13vl2 - add patch16 to fix print_bgp security bug - errata 20030221-3 * Wed Jun 12 2002 Daisuke SUZUKI 1:3.6.2-13vl1 - merged with 3.6.2-13 - fix buffer overflow for errata * Thu May 16 2002 Harald Hoyer 12:3.6.2-13 - added official 3.6.3 fix - fixed 6.2 compat #63113 * Wed Jan 23 2002 Harald Hoyer 12:3.6.2-12 - tcpdump-3.6.2-snaplen.patch added to fix #55145 * Tue Dec 18 2001 Harald Hoyer 12:3.6.2-10 - took old purge patch for filters - fixed #54225,#58346 - drop root by default #49635 - fixed #54593 - fixed #57711 * Thu Oct 25 2001 IWAI Masaharu - 3.6.2-9vl1 - used PRM macros - changed File Name to Package Name in Prereq tag - marged 3.6.2-9 (RedHat7.2) * Tue Jan 23 2001 MATSUBAYASHI 'Shaolin' Kohji - 3.4-19vl2 - use better macros * Thu Sep 21 2000 Yoshihiro Kajiki - add libpcap-0.4-guy-gerald.patch to fix the timeout problem (by Ethereal) - add Japanese summarys and descriptions - modify spec file to build as a normal user * Thu Feb 17 2000 Bernhard Rosenkraenzer - Compile shared libpcap with -fPIC (Bug #6342) * Wed Feb 02 2000 Cristian Gafton - fix descriptions - man pages are compressed * Wed Dec 22 1999 Jeff Johnson - remove sparc64 SIOCGIFNAME hack, not needed with (at least) kernel 2.2.12-40. - upgrade to ANK ss991030 snapshot with pcap magic fix (#6773). - add getprotobyname lookup (#6725). - getservbyname port lookup appears functional (#7569). - remove uid 2090 backdoor (sorry Dave) (#7116). * Thu Sep 09 1999 Cristian Gafton - fox the pcap.h header * Fri Aug 20 1999 Jeff Johnson - prevent segfault on obscure spoofed ip header (#4634). * Wed Aug 18 1999 Jeff Johnson - add defattr to arpwatch (#4591). * Mon Aug 16 1999 Bill Nottingham - initscript munging * Sun Aug 8 1999 Jeff Johnson - add -DWORDS_BIGINDIAN to tcpdump compile on sparc sparc61. * Tue Aug 3 1999 Jeff Johnson - include A. Kuznetsov's patches to libpcap/tcpdump. - added arpsnmp to package (#3258). - arp2ethers written for different of awk (#4326). * Sun Mar 21 1999 Cristian Gafton - auto rebuild in the new build environment (release 10) * Fri Mar 19 1999 Jeff Johnson - strip binaries. * Wed Jan 13 1999 Bill Nottingham - autoconf fixes for arm * Tue Sep 29 1998 Jeff Johnson - libpcap description typo. * Sat Sep 19 1998 Jeff Johnson - fix arpwatch summary line. * Mon Aug 17 1998 Jeff Johnson - enable arpwatch * Mon Aug 3 1998 Jeff Johnson - separate package for libpcap. - update tcpdump to 3.4, libpcap to 0.4. - added arpwatch (but disabled for now) * Thu May 07 1998 Prospector System - translations modified for de, fr, tr * Sat May 2 1998 Alan Cox - Added the SACK printing fix so you can dump Linux 2.1+. * Tue Oct 21 1997 Erik Troan - updated to release 3.4a5 - uses a buildroot and %attr * Thu Jul 17 1997 Erik Troan - built against glibc * Fri Aug 31 2001 Harald Hoyer 12:3.6.2-9 - took better fix for #52654 from tcpdump cvs * Thu Aug 30 2001 Harald Hoyer 11:3.6.2-8 - fixed #52654 * Thu Jul 19 2001 Harald Hoyer 10:3.6.2-7 - added shared library to libpcap (#47174) - afs printing security patch (#49294) * Wed Jun 20 2001 Harald Hoyer - use initgroups, instead of setgroups * Mon Jun 18 2001 Harald Hoyer - added dropgroup patches (#44563) * Mon May 07 2001 Harald Hoyer - switched to Pekka's tcpdump-3.6.2 package - incremented epoch * Sat Apr 14 2001 Pekka Savola - fix building of tcpslice on glibc 2.2.2 (time.h) - disable /etc/init.d requirement and fix %post scripts in arpwatch * Wed Feb 14 2001 Harald Hoyer - glibc sys/time -> time include patch * Wed Feb 7 2001 Trond Eivind Glomsr - Add space to this check * Wed Feb 07 2001 Harald Hoyer - added check for presence of /etc/sysconfig/arpwatch (#23172) * Wed Feb 7 2001 Pekka Savola - update to 3.6.2, 0.6.2 and new CVS of tcpslice. - i18n'ize arpwatch init script * Fri Feb 2 2001 Trond Eivind Glomsr - i18nize initscript * Mon Jan 29 2001 Harald Hoyer - fixed EINTR stopping for e.g. SIGSTOP. (#22008) - added -u option for tcpdump (#20231) - new arpwatch version (#23172) - added "all" and "one" interface for -i (#20907) - added arpwatch sysconfig (#23172) * Mon Jan 22 2001 Harald Hoyer - more (potential) overflows in libpcap. #21373 - documentation fix for #20906 * Sun Jan 14 2001 Pekka Savola - use --enable-ipv6 - Add two patches from CVS to enhance 802.2 printing, and more importantly, to be able to specify 'no stp' * Sat Jan 13 2001 Pekka Savola - Make SMB printing output a lot more quiet unless in verbose mode. - Make -n resolve port/protocol numbers but not hostnames, -nn for no resolving at all - Separate droproot patch from a more generic man/usage fix one - Add non-promiscuous mode -by default patch, but don't apply it by default * Thu Jan 11 2001 Pekka Savola - Update to tcpdump 3.6.1 and libpcap 0.6.1 releases. * Mon Jan 8 2001 Pekka Savola - Update to 20010108 CVS, disable some upstreamed patches. - Change some additional .1 pages to .8. - Add droproot patch, some --usage and man page fixes. * Mon Jan 1 2001 Pekka Savola - Initial packaging with latest tcpdump.org CVS tcpdump-3.6 and libpcap-0.6. - add earlier print-domain.c, the latest is segfaulting - don't unnecesessarily include snprintf.o, it didn't compile with gcc 2.96 anyway - don't use savestr, require openssl, tweak tweak tweak - add tcpslice, patch it a bit for egcs detection * Sun Dec 31 2000 Pekka Savola - tcpdump: spice up the manpage about interfaces - tcpdump: add 'all' and 'any' keywords to -i, saner default behaviour. - upgrade arpwatch to 2.1a10 * Sun Nov 26 2000 Jeff Johnson - more (potential) overflows in libpcap. * Sun Nov 12 2000 Jeff Johnson - eliminate still more buffer overflows (from FreeBSD) (#20069). * Thu Nov 2 2000 Jeff Johnson - eliminate more buffer overflows (from FreeBSD) (#20069). - 802.1q ether type incorrect (#19850). - add -u flag to drop arpwatch privs (#19696). * Sun Oct 15 2000 Jeff Johnson - updated ethercodes.dat * Thu Oct 12 2000 Jeff Johnson - fix arpwatch tmp race (#18943). * Fri Aug 11 2000 Bill Nottingham - fix condrestart * Fri Aug 11 2000 Jeff Johnson - correct arpsnmp man pages (#15442). - don't print harmless ENOPROTOOPT message (#13518). * Fri Aug 4 2000 Jeff Johnson - rebuild with final kernel headers (#13518). * Sat Jul 22 2000 Jeff Johnson - add STP patch (#14112). * Fri Jul 14 2000 Matt Wilson - source /etc/init.d/functions - back out /etc/init.d/arpwatch, place file in /etc/rc.d - move initscript to /etc/init.d - changed initscript to use start() and stop() functions - added condrestart to init script - added %%post %%preun %%postun scripts to register arpwatch script - added Prereq: for all things needed in post/preun/postun * Wed Jul 12 2000 Prospector - automatic rebuild * Tue Jul 11 2000 Jeff Johnson - updated man page and help (pekkas@netcore.fi) (#10739 et al). * Sun Jun 18 2000 Jeff Johnson - FHS packaging. * Tue May 9 2000 Bill Nottingham - minor tweaks for ia64 (prototypes) * Thu Feb 17 2000 Bernhard Rosenkraenzer - Compile shared libpcap with -fPIC (Bug #6342) * Wed Feb 02 2000 Cristian Gafton - fix descriptions - man pages are compressed * Wed Dec 22 1999 Jeff Johnson - remove sparc64 SIOCGIFNAME hack, not needed with (at least) kernel 2.2.12-40. - upgrade to ANK ss991030 snapshot with pcap magic fix (#6773). - add getprotobyname lookup (#6725). - getservbyname port lookup appears functional (#7569). - remove uid 2090 backdoor (sorry Dave) (#7116). * Thu Sep 09 1999 Cristian Gafton - fox the pcap.h header * Fri Aug 20 1999 Jeff Johnson - prevent segfault on obscure spoofed ip header (#4634). * Wed Aug 18 1999 Jeff Johnson - add defattr to arpwatch (#4591). * Mon Aug 16 1999 Bill Nottingham - initscript munging * Sun Aug 8 1999 Jeff Johnson - add -DWORDS_BIGINDIAN to tcpdump compile on sparc sparc61. * Tue Aug 3 1999 Jeff Johnson - include A. Kuznetsov's patches to libpcap/tcpdump. - added arpsnmp to package (#3258). - arp2ethers written for different of awk (#4326). * Sun Mar 21 1999 Cristian Gafton - auto rebuild in the new build environment (release 10) * Fri Mar 19 1999 Jeff Johnson - strip binaries. * Wed Jan 13 1999 Bill Nottingham - autoconf fixes for arm * Tue Sep 29 1998 Jeff Johnson - libpcap description typo. * Sat Sep 19 1998 Jeff Johnson - fix arpwatch summary line. * Mon Aug 17 1998 Jeff Johnson - enable arpwatch * Mon Aug 3 1998 Jeff Johnson - separate package for libpcap. - update tcpdump to 3.4, libpcap to 0.4. - added arpwatch (but disabled for now) * Thu May 07 1998 Prospector System - translations modified for de, fr, tr * Sat May 2 1998 Alan Cox - Added the SACK printing fix so you can dump Linux 2.1+. * Tue Oct 21 1997 Erik Troan - updated to release 3.4a5 - uses a buildroot and %attr * Thu Jul 17 1997 Erik Troan - built against glibc