Vortex is a near real time IDS and network surveillance engine for TCP stream

data. Vortex decouples packet capture, stream reassembly, and real time constraints from analysis. Vortex is used to provide TCP stream data to a separate analyzer program. Feature safe: yes
svn path=/head/; revision=316046
2024-11-22 00:35:15 +00:00 · 2013-04-18 15:03:15 +00:00 · 2013-04-18 15:03:15 +00:00 · 4863f45fda · 2021-03-31 03:12:20 +00:00
commit 4863f45fda
parent 70a4193b0f
7 changed files with 91 additions and 0 deletions
--- a/net/Makefile
+++ b/net/Makefile
@ -1214,6 +1214,7 @@
    SUBDIR += vnc
    SUBDIR += vncreflector
    SUBDIR += vnstat
+    SUBDIR += vortex
    SUBDIR += vserver
    SUBDIR += vtun
    SUBDIR += wackamole
--- a/net/vortex/Makefile
+++ b/net/vortex/Makefile
@ -0,0 +1,35 @@
+# $FreeBSD$
+
+PORTNAME=	vortex
+DISTVERSION=	2.9.0-59
+CATEGORIES=	net ipv6
+MASTER_SITES=	SF/${PORTNAME}-ids/${PORTNAME}/2.9.0/
+EXTRACT_SUFX=	.tgz
+
+MAINTAINER=	wxs@FreeBSD.org
+COMMENT=	Network surveillance engine
+
+LICENSE=	GPLv2
+
+BUILD_DEPENDS=	${LOCALBASE}/lib/libnids.a:${PORTSDIR}/net/libnids \
+		${LIBNET_CONFIG}:${PORTSDIR}/net/libnet
+
+LIBNET_CONFIG=	${LOCALBASE}/bin/libnet11-config
+
+WRKSRC=		${WRKDIR}/${PORTNAME}-2.9.0
+USE_GNOME=	glib20
+
+do-build:
+	cd ${WRKSRC} && ${CC} -c vortex.c -I${LOCALBASE}/include
+	cd ${WRKSRC} && ${CC} -o vortex vortex.o -L${LOCALBASE}/lib ${LOCALBASE}/lib/libnids.a `${LIBNET_CONFIG} --libs` -lgthread-2.0 -lpcap
+	cd ${WRKSRC} && ${CC} -o xpipes xpipes.c ${PTHREAD_LIBS}
+
+do-install:
+	${INSTALL_DATA}	${WRKSRC}/vortex.conf ${PREFIX}/etc/vortex.conf.sample
+	if [ ! -f ${PREFIX}/etc/vortex.conf ]; then \
+		${CP} -p ${PREFIX}/etc/vortex.conf.sample ${PREFIX}/etc/vortex.conf; \
+	fi
+	${INSTALL_PROGRAM} ${WRKSRC}/vortex ${PREFIX}/bin
+	${INSTALL_PROGRAM} ${WRKSRC}/xpipes ${PREFIX}/bin
+
+.include <bsd.port.mk>
--- a/net/vortex/distinfo
+++ b/net/vortex/distinfo
@ -0,0 +1,2 @@
+SHA256 (vortex-2.9.0-59.tgz) = c2d0ed8eaed374dc5fbbb0e37a32acad82ca224a3ff8377f94f6372837394bbc
+SIZE (vortex-2.9.0-59.tgz) = 37693
--- a/net/vortex/files/patch-vortex.c
+++ b/net/vortex/files/patch-vortex.c
@ -0,0 +1,30 @@
+--- ./vortex.c.orig	2011-09-16 15:35:15.000000000 -0400
+++ ./vortex.c	2013-04-18 09:50:33.000000000 -0400
+@@ -38,6 +38,12 @@
+ 
+ #ifdef linux
+ #include <syscall.h>
+#elif defined(__FreeBSD__)
+#include <sys/param.h>
+#include <sys/cpuset.h>
+typedef cpuset_t cpu_set_t;
+#include <limits.h>
+#define SIZE_MAX SSIZE_MAX
+ #endif
+ 
+ #include <unistd.h>
+@@ -65,8 +71,13 @@
+ #endif
+ 
+ //don't ask me why this isn't in headers?
+-#define gettid() syscall(__NR_gettid)
+#ifdef linux
+ #define my_sched_setaffinity(a,b,c) sched_setaffinity(a, b, c)
+#define gettid() syscall(__NR_gettid)
+#elif defined(__FreeBSD__)
+#define my_sched_setaffinity(a,b,c) (-1)
+#define gettid() 0
+#endif
+ 
+ //TODO LIST:
+ 
--- a/net/vortex/files/patch-xpipes.c
+++ b/net/vortex/files/patch-xpipes.c
@ -0,0 +1,14 @@
+--- ./xpipes.c.orig	2013-04-18 09:50:44.000000000 -0400
+++ ./xpipes.c	2013-04-18 09:54:21.000000000 -0400
+@@ -37,7 +37,11 @@
+ #include <stdio.h>
+ #include <string.h>
+ #include <stdlib.h>
+#ifdef linux
+ #include <linux/limits.h>
+#elif defined(__FreeBSD__)
+#include <sys/param.h>
+#endif
+ #include <pthread.h>
+ #include <unistd.h>
+ 
--- a/net/vortex/pkg-descr
+++ b/net/vortex/pkg-descr
@ -0,0 +1,4 @@
+Vortex is a near real time IDS and network surveillance engine for TCP stream
+data. Vortex decouples packet capture, stream reassembly, and real time
+constraints from analysis. Vortex is used to provide TCP stream data to a
+separate analyzer program.
--- a/net/vortex/pkg-plist
+++ b/net/vortex/pkg-plist
@ -0,0 +1,5 @@
+bin/vortex
+bin/xpipes
+@unexec if cmp -s %D/etc/vortex.conf.sample %D/etc/vortex.conf; then rm -f %D/etc/vortex.conf; fi
+etc/vortex.conf.sample
+@exec if [ ! -f %D/etc/vortex.conf ]; then cp -p %D/%F %B/vortex.conf; fi