net-firewall/iptables-snmp: An SNMP agent for linux iptables

author: Bertrand Jacquin <beber@meleeweb.net> 2013-12-02 13:10:36 +0100
committer: Bertrand Jacquin <beber@meleeweb.net> 2013-12-02 13:10:36 +0100
commit: f75a589736e49291f837f24842a4fa1d2de6e747 (patch)
tree: 2180ffed14fd14a675c77381a621f45757ae19bd /net-firewall
parent: metadata: refresh cache (diff)
download: portage-f75a589736e49291f837f24842a4fa1d2de6e747.tar.xz
6 files changed, 622 insertions, 0 deletions
diff --git a/net-firewall/iptables-snmp/ChangeLog b/net-firewall/iptables-snmp/ChangeLog
new file mode 100644
index 00000000..37a14a65
--- /dev/null
+++ b/net-firewall/iptables-snmp/ChangeLog
@@ -0,0 +1,6 @@
+*iptables-snmp-0.1 (02 Dec 2013)
+
+  02 Dec 2013; Bertrand Jacquin <beber@meleeweb.net>
+  +files/001-use_libiptc.patch, +files/002-use_libiptc.patch,
+  +iptables-snmp-0.1.ebuild, +metadata.xml:
+  net-firewall/iptables-snmp: An SNMP agent for linux iptables
diff --git a/net-firewall/iptables-snmp/Manifest b/net-firewall/iptables-snmp/Manifest
new file mode 100644
index 00000000..798ec2dd
--- /dev/null
+++ b/net-firewall/iptables-snmp/Manifest
@@ -0,0 +1,6 @@
+AUX 001-use_libiptc.patch 998 SHA256 dd4992d39cb3f159e3a06787da9b691f317b633ed0857796329f6d7be90cdc03 WHIRLPOOL b4cd419eb70070ae612a5c65f11cb5162aaa8ee1b2762b5164fe748705af75a9005de0a0225a7bc7486d41f136b788969fcd6a3af3bf7fd2d21b55c0176cd896
+AUX 002-use_libiptc.patch 16809 SHA256 d98ffdfe2aebf1c861c1bad9926a11f85429e73adcec7e774b68d498348c4eea WHIRLPOOL 5e53707bf5496bbfb0f2faf15e5600277e918139cc47c3425e46b0244bccfa3a3d5a9fd3671a5acf92694a01f1aabdc9363fb078dd03b49a3236f8dc65af6c5d
+DIST iptables-snmp-0.1.tar.gz 80215 SHA256 3275bb3820809a311b9f92ea32f071888b9a92f60c831417490e811f46ec4d54 WHIRLPOOL bac93d4a4b59916ae45a7e318b75d3d067003fedfcf247624b9396b60e1f1cad4aec0e2d1d50e3a48e382d7c259ded1165f1a802b9583280ef4cbd06a53a7335
+EBUILD iptables-snmp-0.1.ebuild 743 SHA256 222fb044bb9d8a626c0e20b44bc3d206c0a24196e899f147af45963ee595a850 WHIRLPOOL 00fe4e21ebe57c951ceb82c12d4a83bbfc9113f001d3ee2ce3f3593dba0f62cfd73ecccdf9dad9885a9773ccf93fca2bb91532761938bb341c5504a31eb1a6db
+MISC ChangeLog 256 SHA256 8f0bba9c37c56a5a4d5a6b87f31f8897fc5b0bfe81066b93c6c332c8c500adb2 WHIRLPOOL 5b348596893894c235caf98c8376ddda6f78a982d0c81b7e41e364246c3c2fc437e7f2d1348b31dcf5aa4ee879e5f7d3588f6c369e94b46e15b73646f921d932
+MISC metadata.xml 254 SHA256 c56bc3d6780712c960298c70bb86867aeb6661e97a317cc624516b0e16b72fcc WHIRLPOOL 2ebbfaa14ef0c1847284fe64a79f052cd7e73b25a724fba728c084aaaf2dd0692e068eedcf42ccef7e205077f00c35780ded7ec69118dc01ddb988b4802e46ae
diff --git a/net-firewall/iptables-snmp/files/001-use_libiptc.patch b/net-firewall/iptables-snmp/files/001-use_libiptc.patch
new file mode 100644
index 00000000..38d9a917
--- /dev/null
+++ b/net-firewall/iptables-snmp/files/001-use_libiptc.patch
@@ -0,0 +1,27 @@
+From: https://dev.openwrt.org/browser/packages/net/iptables-snmp/patches/001-use_libiptc.patch
+
+diff -urN iptables-snmp-0.1/Makefile.in iptables-snmp-0.1.new/Makefile.in
+--- iptables-snmp-0.1/Makefile.in	2005-11-02 13:00:10.000000000 +0100
++++ iptables-snmp-0.1.new/Makefile.in	2009-08-02 01:13:40.000000000 +0200
+@@ -67,7 +67,7 @@
+ 
+ all: iptables-snmp.so
+ 
+-iptables-snmp.so: $(OBJS) libiptc.a Makefile
++iptables-snmp.so: $(OBJS) Makefile
+ 	$(CC) $(CFLAGS) $(OTHER) $(DFLAGS) -shared  -o $@ $(OBJS) $(LDFLAGS)
+ 
+ libiptc.a: $(LIBIPTC_OBJS) Makefile
+diff -urN iptables-snmp-0.1/iptables-snmp.c iptables-snmp-0.1.new/iptables-snmp.c
+--- iptables-snmp-0.1/iptables-snmp.c	2005-11-02 12:10:54.000000000 +0100
++++ iptables-snmp-0.1.new/iptables-snmp.c	2009-08-02 01:13:30.000000000 +0200
+@@ -37,6 +37,9 @@
+ 
+ #include "libiptc/libiptc.h"
+ 
++/* For backward compatibility */
++typedef struct iptc_handle *iptc_handle_t;
++
+ static oid agent_version_oid[] = {
+     BASE_OID, 1, 0, AGENT_VERSION_INDEX
+ };
diff --git a/net-firewall/iptables-snmp/files/002-use_libiptc.patch b/net-firewall/iptables-snmp/files/002-use_libiptc.patch
new file mode 100644
index 00000000..f74670de
--- /dev/null
+++ b/net-firewall/iptables-snmp/files/002-use_libiptc.patch
@@ -0,0 +1,539 @@
+From: https://dev.openwrt.org/ticket/11045
+  002-use_libiptc.patch
+
+diff -urN iptables-snmp-0.1.orig/iptables-snmp.c iptables-snmp-0.1/iptables-snmp.c
+--- iptables-snmp-0.1.orig/iptables-snmp.c	2012-02-21 08:53:39.000000000 -0500
++++ iptables-snmp-0.1/iptables-snmp.c	2012-02-26 09:33:19.000000000 -0500
+@@ -35,7 +35,7 @@
+ #include <net-snmp/agent/net-snmp-agent-includes.h>
+ #include "iptables-snmp.h"
+ 
+-#include "libiptc/libiptc.h"
++#include <libiptc/libiptc.h>
+ 
+ /* For backward compatibility */
+ typedef struct iptc_handle *iptc_handle_t;
+@@ -83,7 +83,7 @@
+ 	    free(data->tables[i]);
+ 	    
+ 	    if (data->t[i] != NULL) {
+-	      iptc_free(&(data->t[i]));
++	      iptc_free(data->t[i]);
+ 	    }
+ 	}
+ 	free(data->tables);
+@@ -379,10 +379,10 @@
+ 	    c->table++;
+ 	    if (c->ctx->tables[c->table] == NULL) return NULL;
+ 	    
+-	    c->chainname = iptc_first_chain(&(c->ctx->t[c->table]));
++	    c->chainname = iptc_first_chain(c->ctx->t[c->table]);
+ 	    c->chain = 0;
+ 	} else {
+-	    c->chainname = iptc_next_chain(&(c->ctx->t[c->table]));
++	    c->chainname = iptc_next_chain(c->ctx->t[c->table]);
+ 	    c->chain++;
+ 	}
+     } while (c->chainname == NULL);
+@@ -523,8 +523,8 @@
+ 		
+ 		const char *cn;
+ 		int i;
+-		for (cn = iptc_first_chain(&(ctx->t[table])), i=0 ; cn ;
+-		     cn = iptc_next_chain(&(ctx->t[table])), i++) {
++		for (cn = iptc_first_chain(ctx->t[table]), i=0 ; cn ;
++		     cn = iptc_next_chain(ctx->t[table]), i++) {
+ 		    if (i == chain) {
+ 			if (table_info->colnum == C_CHAIN_NAME) {
+ 			    snmp_set_var_typed_value(var, ASN_OCTET_STR,
+@@ -535,8 +535,8 @@
+ 			    struct ipt_counters cnt;
+ 			    unsigned int isbuiltin = 1;
+ 			    
+-			    const char *pol = 
+-			      iptc_get_policy(cn, &cnt, &(ctx->t[table]));
++			    char *pol = 
++			      (char *)iptc_get_policy(cn, &cnt, ctx->t[table]);
+ 			    
+ 			    if (!pol) {
+ 			      isbuiltin = 0;
+@@ -544,40 +544,33 @@
+ 
+ 			    switch (table_info->colnum) {
+ 			    case C_CHAIN_POLICY:
+-			        if (!pol) {
+- 			          // this is not a built in chain, there is no policy
+-				  break;
+-				}
+-			        snmp_set_var_typed_value(var, ASN_OCTET_STR,
++				  if (!isbuiltin) {
++					pol = "none";
++				  }
++			          snmp_set_var_typed_value(var, ASN_OCTET_STR,
+ 							 (unsigned char *) pol, 
+ 							 strlen(pol));
+-				break;
++				  break;
+ 			    case C_CHAIN_OCTETS:
+-			        if (isbuiltin) {
+-                                  // this is a built in chain, display
+-                                  // counter
+-				  
++				  if (!isbuiltin) {
++					cnt.bcnt = 0;
++				  }
+ 				  c64.low = 0xffffffff & cnt.bcnt;
+ 				  c64.high = 0xffffffff & (cnt.bcnt >> 32);
+   				  snmp_set_var_typed_value(var, ASN_COUNTER64,
+ 					  		   (void*) &(c64),
+ 						  	   sizeof(c64));
+-				  
+-				}
+-				break;
++				  break;
+ 			    case C_CHAIN_PACKETS:
+-			        if (isbuiltin) {
+-                                    // this is a built in chain, display
+-                                    // counter
+-				  
++				  if (!isbuiltin) {
++					cnt.pcnt = 0;
++				  }
+ 				  c64.low = 0xffffffff & cnt.pcnt;
+ 				  c64.high = 0xffffffff & (cnt.pcnt >> 32);
+ 				  snmp_set_var_typed_value(var, ASN_COUNTER64,
+ 							   (void*) &(c64),
+ 							   sizeof(c64));
+-
+-				}
+-				break;
++				  break;
+ 			    }
+ 			}
+ 			break;
+@@ -655,18 +648,18 @@
+ 		    c->table++;
+ 		    if (c->ctx->tables[c->table] == NULL) return NULL;
+ 
+-		    c->chainname = iptc_first_chain(&(c->ctx->t[c->table]));
++		    c->chainname = iptc_first_chain(c->ctx->t[c->table]);
+ 		    c->chain = 0;
+ 		} else {
+-		    c->chainname = iptc_next_chain(&(c->ctx->t[c->table]));
++		    c->chainname = iptc_next_chain(c->ctx->t[c->table]);
+ 		    c->chain++;
+ 		}
+ 	    } while (c->chainname == NULL);
+ 
+-	    c->e = iptc_first_rule(c->chainname, &(c->ctx->t[c->table]));
++	    c->e = iptc_first_rule(c->chainname, c->ctx->t[c->table]);
+ 	    c->rule = 0;
+ 	} else {
+-	    c->e = iptc_next_rule(c->e, &(c->ctx->t[c->table]));
++	    c->e = iptc_next_rule(c->e, c->ctx->t[c->table]);
+ 	    c->rule++;
+ 	}
+     } while (c->e == NULL);
+@@ -868,8 +861,8 @@
+             case R_CHAIN_NAME_INDEX: {
+ 		const char *cn;
+ 		int i;
+-		for (cn = iptc_first_chain(&(ctx->t[table])), i=0 ; cn ;
+-		     cn = iptc_next_chain(&(ctx->t[table])), i++) {
++		for (cn = iptc_first_chain(ctx->t[table]), i=0 ; cn ;
++		     cn = iptc_next_chain(ctx->t[table]), i++) {
+ 		    if (i == chain) {
+ 			snmp_set_var_typed_value(var, ASN_OCTET_STR,
+ 						 (unsigned char *) cn, 
+@@ -890,12 +883,12 @@
+ 		const char *cn;
+ 		int i;
+ 
+-		for (cn = iptc_first_chain(&(ctx->t[table])), i=0 ; cn ;
+-		     cn = iptc_next_chain(&(ctx->t[table])), i++) {
++		for (cn = iptc_first_chain(ctx->t[table]), i=0 ; cn ;
++		     cn = iptc_next_chain(ctx->t[table]), i++) {
+ /* 		    printf("%d %d\n", i, chain); */
+ 		    if (i == chain) {
+ 			struct ipt_counters *cnt = 
+-			  iptc_read_counter(cn, rule+1, &(ctx->t[table]));
++			  iptc_read_counter(cn, rule+1, ctx->t[table]);
+ 			struct counter64 c64;
+ 
+ 
+@@ -950,7 +943,7 @@
+ 		n -= i;
+ 
+ 		/* Print target name */ 
+-		target_name = iptc_get_target(e, &(ctx->t[table]));
++		target_name = iptc_get_target(e, ctx->t[table]);
+ 
+ 		if (target_name && *target_name) {
+ 		    i = snprintf(buf + sizeof(buf) - n, n,
+@@ -1159,6 +1152,7 @@
+ 
+     table_info->min_column = 1;
+     table_info->max_column = 7;
++    iinfo->make_data_context = chains_make_data_context;
+     iinfo->get_first_data_point = chains_get_first_names;
+     iinfo->get_next_data_point  = chains_get_next_names;
+     iinfo->free_loop_context_at_end = chains_free_loop_context_at_end;
+diff -urN iptables-snmp-0.1.orig/iptables-snmp.h iptables-snmp-0.1/iptables-snmp.h
+--- iptables-snmp-0.1.orig/iptables-snmp.h	1969-12-31 19:00:00.000000000 -0500
++++ iptables-snmp-0.1/iptables-snmp.h	2003-03-19 05:33:11.000000000 -0500
+@@ -0,0 +1,73 @@
++/* 
++ *  $Id$
++ * 
++ *  This file is part of iptables-snmp - using SNMP to read data from linux
++ *  iptables
++ * 
++ *  iptables-snmp is copyrighted software: 
++ *	(c) 2003 by Peter Stamfest <peter@stamfest.at>
++ * 
++ *  iptables-snmp is free software; you can redistribute it and/or modify
++ *  it under the terms of the GNU General Public License as published by
++ *  the Free Software Foundation; either version 2 of the License, or
++ *  (at your option) any later version.
++ * 
++ *  iptables-snmp is distributed in the hope that it will be useful,
++ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
++ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++ *  GNU General Public License for more details.
++ *
++ *  You should have received a copy of the GNU General Public License
++ *  along with iptables-snmp; if not, write to the Free Software
++ *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
++ *
++ *  Note: See the file COPYING for the GNU General Public License and some
++ *  extensions to it designed to protect the OID space of Peter Stamfest from
++ *  becoming polluted. 
++ */
++#ifndef IPTABLES_SNMP_H_INCLUDED
++#define IPTABLES_SNMP_H_INCLUDED
++
++/* init function */
++void init_iptables(void);
++
++#define STAMFEST_OID		1,3,6,1,4,1,12806
++
++/* USE_ENTERPRISE_OID may get passed on the commandline (-D) */
++#ifndef USE_ENTERPRISE_OID
++#  define USE_ENTERPRISE_OID	STAMFEST_OID
++#endif
++
++#define BASE_OID		USE_ENTERPRISE_OID,6,1
++
++#define AGENT_VERSION_INDEX	1
++#define IPTABLES_VERSION_INDEX	2
++
++/* the chains table */
++
++#define C_CHAIN_INDEX		1
++#define C_TABLE_INDEX		2
++#define C_CHAIN_NAME		3
++#define C_TABLE_NAME		4
++#define C_CHAIN_POLICY		5
++#define C_CHAIN_OCTETS		6
++#define C_CHAIN_PACKETS		7
++
++/* the rules table */
++
++#define R_RULE_INDEX		1
++#define R_CHAIN_INDEX		2
++#define R_TABLE_INDEX		3
++#define R_CHAIN_NAME_INDEX	4
++#define R_TABLE_NAME_INDEX	5
++#define R_OCTETS_INDEX		6
++#define R_PACKETS_INDEX		7
++#define R_RULE_SHORT_INDEX	8
++#define R_SRC_IPADDR_INDEX	9
++#define R_SRC_MASK_INDEX	10
++#define R_DST_IPADDR_INDEX	11
++#define R_DST_MASK_INDEX	12
++
++#define R_MAX			12
++
++#endif /* IPTABLES_SNMP_H_INCLUDED */
+diff -urN iptables-snmp-0.1.orig/Makefile.in iptables-snmp-0.1/Makefile.in
+--- iptables-snmp-0.1.orig/Makefile.in	2012-02-21 08:53:39.000000000 -0500
++++ iptables-snmp-0.1/Makefile.in	2012-02-25 10:35:46.000000000 -0500
+@@ -45,15 +45,17 @@
+ INSTALL_PREFIX  =
+ 
+ NAME		=	iptables-snmp
+-AGENT_VERSION	=	0.1
++AGENT_VERSION	=	0.1-002
+ 
+-IPTABLES	=	1.3.3
++# How could this be mechanically determined from iptables
++IPTABLES	=	1.4.10
+ 
+ STAMFEST_OID	=	1,3,6,1,4,1,12806
+ 
+ SRCS		=	iptables-snmp.c
+ OBJS		=	$(SRCS:.c=.o)
+-LDFLAGS		=	-L. -liptc
++L_SNMP_FLAGS	=	-lnetsnmp -lnetsnmphelpers -lnetsnmpagent -lnetsnmpmibs
++L_LDFLAGS	=	-lip4tc $(L_SNMP_FLAGS)
+ 
+ NETFILTER	=	\"$(IPTABLES)\"
+ 
+@@ -63,12 +65,12 @@
+ 
+ DFLAGS		=	-fPIC
+ 
+-OTHER		=	-Iinclude -DIPTABLES_VERSION=$(NETFILTER) -DUSE_ENTERPRISE_OID=$(STAMFEST_OID) -DAGENT_VERSION=\"$(AGENT_VERSION)\"
++OTHER		=	-DIPTABLES_VERSION=$(NETFILTER) -DUSE_ENTERPRISE_OID=$(STAMFEST_OID) -DAGENT_VERSION=\"$(AGENT_VERSION)\"
+ 
+ all: iptables-snmp.so
+ 
+ iptables-snmp.so: $(OBJS) Makefile
+-	$(CC) $(CFLAGS) $(OTHER) $(DFLAGS) -shared  -o $@ $(OBJS) $(LDFLAGS)
++	$(CC) $(DFLAGS) -shared -o $@ $(OBJS) $(L_LDFLAGS) $(LDFLAGS)
+ 
+ libiptc.a: $(LIBIPTC_OBJS) Makefile
+ 	$(AR) rc $@ $(LIBIPTC_OBJS)
+diff -urN iptables-snmp-0.1.orig/mibs/IPTABLES.MIB iptables-snmp-0.1/mibs/IPTABLES.MIB
+--- iptables-snmp-0.1.orig/mibs/IPTABLES.MIB	2003-03-19 03:02:17.000000000 -0500
++++ iptables-snmp-0.1/mibs/IPTABLES.MIB	2012-02-23 09:48:02.000000000 -0500
+@@ -38,15 +38,25 @@
+ 
+ IMPORTS
+     MODULE-IDENTITY, OBJECT-TYPE,
++    -- next missing imports added by AG
++    Integer32, Counter64, IpAddress,
+     Counter32                             FROM SNMPv2-SMI
++    -- next missing import added by AG
++    DisplayString                         FROM SNMPv2-TC
++
+     stamfestMIB                           FROM STAMFEST-MIB;
+ 
+ iptablesMIB MODULE-IDENTITY
+-    LAST-UPDATED "200303190800Z"
++    LAST-UPDATED "201202231600Z"
++    -- LAST-UPDATED "200303190800Z"
+     ORGANIZATION "Peter Stamfest - Unix, Networking and Computing Consultant"
+     CONTACT-INFO "peter@stamfest.at"
+     DESCRIPTION
+       "A MIB module describing linux iptables"
++     REVISION   "201202231600Z"
++     DESCRIPTION
++       "Modified by AG to adhere to standards and
++	to reflect the latest version of libiptc."
+     ::= { stamfestMIB 1 }
+ 
+ iptablesMIBObjects OBJECT IDENTIFIER ::= { iptablesMIB 1 }
+@@ -77,7 +87,8 @@
+ ----------------------------------------------------------------------
+ 
+ iptableNamesTable OBJECT-TYPE
+-    SYNTAX     SEQUENCE OF iptableNamesEntry
++    -- next changed to SEQUENCE name by AG
++    SYNTAX     SEQUENCE OF IptableNamesEntry
+     MAX-ACCESS  not-accessible
+     STATUS      current
+     DESCRIPTION
+@@ -100,7 +111,8 @@
+     }
+ 
+ tableIndex OBJECT-TYPE
+-    SYNTAX      Integer32
++    -- next range added by AG
++    SYNTAX      Integer32 (0..65535)
+     MAX-ACCESS  read-only
+     STATUS      current
+     DESCRIPTION
+@@ -123,7 +135,8 @@
+ ----------------------------------------------------------------------
+ 
+ iptableChains OBJECT-TYPE
+-    SYNTAX     SEQUENCE OF iptableChainsEntry
++    -- next changed to SEQUENCE name by AG
++    SYNTAX     SEQUENCE OF IptableChainsEntry
+     MAX-ACCESS  not-accessible
+     STATUS      current
+     DESCRIPTION
+@@ -131,12 +144,14 @@
+     ::= { iptablesMIBObjects 2 }
+ 
+ iptableChainsEntry OBJECT-TYPE
+-    SYNTAX IptableRulesEntry
++    -- next changed to chains SEQUENCE name by AG
++    SYNTAX IptableChainsEntry
+     MAX-ACCESS  not-accessible
+     STATUS      current
+     DESCRIPTION
+ 	"An entry containing and mapping of table and chain names."
+-    INDEX   { tableIndex }
++    -- next changed to defined object by AG
++    INDEX   { chainIndex }
+     ::= { iptableChains 1 }
+ 
+ IptableChainsEntry ::=
+@@ -144,13 +159,19 @@
+        chainIndex	Integer32,
+        tableIndexC	Integer32,
+        chainName	DisplayString,
+-       chainPolicy	DisplayString
+-       chainOctets      Integer64,
+-       chainPackets	Integer64
++       -- next added by AG
++       chainTableNameC DisplayString,
++       -- next comma added by AG
++       chainPolicy	DisplayString,
++       -- next 2 changed to Counter64 by AG
++       chainOctets      Counter64,
++       chainPackets     Counter64
++
+     }
+ 
+ chainIndex OBJECT-TYPE
+-    SYNTAX      Integer32
++    -- next range added by AG
++    SYNTAX      Integer32 (0..65535)
+     MAX-ACCESS  read-only
+     STATUS      current
+     DESCRIPTION
+@@ -190,7 +211,8 @@
+     ::= { iptableChainsEntry 5 }
+ 
+ chainOctets OBJECT-TYPE
+-    SYNTAX      Integer64
++    -- next changed to Counter64 by AG
++    SYNTAX      Counter64
+     MAX-ACCESS  read-only
+     STATUS      current
+     DESCRIPTION
+@@ -198,7 +220,8 @@
+     ::= { iptableChainsEntry 6 }
+ 
+ chainPackets OBJECT-TYPE
+-    SYNTAX      Integer64
++    -- next changed to Counter64 by AG
++    SYNTAX      Counter64
+     MAX-ACCESS  read-only
+     STATUS      current
+     DESCRIPTION
+@@ -212,7 +235,8 @@
+ ----------------------------------------------------------------------
+ 
+ iptableRules OBJECT-TYPE
+-    SYNTAX     SEQUENCE OF iptableRulesEntry
++    -- next changed to SEQUENCE name by AG
++    SYNTAX     SEQUENCE OF IptableRulesEntry
+     MAX-ACCESS  not-accessible
+     STATUS      current
+     DESCRIPTION
+@@ -225,7 +249,8 @@
+     STATUS      current
+     DESCRIPTION
+ 	"An entry containing and mapping of table and chain names."
+-    INDEX   { tableIndex }
++    -- next changed to defined object by AG
++    INDEX   { tableIndexR }
+     ::= { iptableRules 1 }
+ 
+ IptableRulesEntry ::=
+@@ -235,9 +260,11 @@
+        tableIndexR	Integer32,
+        chainNameR	DisplayString,
+        chainTableNameR	DisplayString,
+-       ruleOctets	Integer64,
+-       rulePackets	Integer64,
+-       chainRule	DisplayString
++       -- next 2 changed to Counter64 by AG
++       ruleOctets       Counter64,
++       rulePackets      Counter64,
++       -- next comma added by AG
++       chainRule	DisplayString,
+        sourceIP		IpAddress,
+        sourceMask	IpAddress,
+        destinationIP	IpAddress,
+@@ -261,7 +288,8 @@
+     ::= { iptableRulesEntry 2 }
+ 
+ tableIndexR OBJECT-TYPE
+-    SYNTAX      Integer32
++    -- next range added by AG
++    SYNTAX      Integer32 (0..65535)
+     MAX-ACCESS  read-only
+     STATUS      current
+     DESCRIPTION
+@@ -285,7 +313,8 @@
+     ::= { iptableRulesEntry 5 }
+ 
+ ruleOctets OBJECT-TYPE
+-    SYNTAX      Integer64
++    -- next changed to Counter64 by AG
++    SYNTAX      Counter64
+     MAX-ACCESS  read-only
+     STATUS      current
+     DESCRIPTION
+@@ -293,7 +322,8 @@
+     ::= { iptableRulesEntry 6 }
+ 
+ rulePackets OBJECT-TYPE
+-    SYNTAX      Integer64
++    -- next changed to Counter64 by AG
++    SYNTAX      Counter64
+     MAX-ACCESS  read-only
+     STATUS      current
+     DESCRIPTION
+@@ -350,4 +380,4 @@
+ 
+ ip6tablesMIBObjects OBJECT IDENTIFIER ::= { iptablesMIB 2 }
+ 
+-END
+\ No newline at end of file
++END
+diff -urN iptables-snmp-0.1.orig/mibs/STAMFEST.MIB iptables-snmp-0.1/mibs/STAMFEST.MIB
+--- iptables-snmp-0.1.orig/mibs/STAMFEST.MIB	2003-03-19 03:02:56.000000000 -0500
++++ iptables-snmp-0.1/mibs/STAMFEST.MIB	2012-02-23 08:55:26.000000000 -0500
+@@ -29,27 +29,36 @@
+ ----------------------------------------------------------------------
+ 
+ IMPORTS
+-     enterprises		           FROM SNMPv2-SMI;
++     -- enterprises		           FROM SNMPv2-SMI;
++     -- Modified by AG
++     enterprises, MODULE-IDENTITY           FROM SNMPv2-SMI;
+  
+ stamfestTOP MODULE-IDENTITY
+-     LAST-UPDATED "200303131352Z"
++     -- LAST-UPDATED "200303131352Z"
++     LAST-UPDATED "201202231311Z"
+      ORGANIZATION "Peter Stamfest - Unix, Networking and Computing Consultant"
+      CONTACT-INFO
+        "peter@stamfest.at"
++     -- Added by AG
+      DESCRIPTION
+        "The top OID assigned to Peter Stamfest. Sub OIDs get used for LDAP
+         and SNMP. Note that all MIBs get collected below stamfestMIB
+         (not stamfestTOP)"
++     REVISION	"201202231311Z"
++     DESCRIPTION
++       "Modified by AG to adhere to standards"
+      ::= { enterprises 12806 }
+ 
+-stamfestMIB MODULE-IDENTITY
+-     LAST-UPDATED "200303131352Z"
+-     ORGANIZATION "Peter Stamfest - Unix, Networking and Computing Consultant"
+-     CONTACT-INFO
+-       "peter@stamfest.at"
+-     DESCRIPTION
+-       "A common MIB base for SNMP MIBs released by Peter Stamfest"
+-     ::= { stamfestTOP 6 }
++-- Modified by AG
++-- stamfestMIB MODULE-IDENTITY
++--     LAST-UPDATED "200303131352Z"
++--     ORGANIZATION "Peter Stamfest - Unix, Networking and Computing Consultant"
++--     CONTACT-INFO
++--       "peter@stamfest.at"
++--     DESCRIPTION
++--       "A common MIB base for SNMP MIBs released by Peter Stamfest"
++--     ::= { stamfestTOP 6 }
++stamfestMIB OBJECT IDENTIFIER ::= { stamfestTOP 6 }
+ 
+ END
+  
diff --git a/net-firewall/iptables-snmp/iptables-snmp-0.1.ebuild b/net-firewall/iptables-snmp/iptables-snmp-0.1.ebuild
new file mode 100644
index 00000000..6b6a5320
--- /dev/null
+++ b/net-firewall/iptables-snmp/iptables-snmp-0.1.ebuild
@@ -0,0 +1,36 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+EAPI=5
+inherit eutils
+
+DESCRIPTION="SNMP agent for linux iptables"
+HOMEPAGE="http://www.nobiscuit.com/iptables-snmp"
+SRC_URI="http://www.nobiscuit.com/iptables-snmp/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64"
+IUSE=""
+
+REQUIRED_USE="kernel_linux"
+
+DEPEND="net-firewall/iptables
+	net-analyzer/net-snmp"
+RDEPEND="${DEPEND}"
+
+src_prepare() {
+	epatch "${FILESDIR}/001-use_libiptc.patch"
+	epatch "${FILESDIR}/002-use_libiptc.patch"
+}
+
+src_install() {
+	emake install INSTALL_PREFIX="${ED}"
+
+	insinto /usr/share/snmp/mibs
+	newins mibs/IPTABLES.MIB IPTABLES.txt
+	newins mibs/STAMFEST.MIB STAMFEST.txt
+
+	dodoc README
+}
diff --git a/net-firewall/iptables-snmp/metadata.xml b/net-firewall/iptables-snmp/metadata.xml
new file mode 100644
index 00000000..933498d8
--- /dev/null
+++ b/net-firewall/iptables-snmp/metadata.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+    <maintainer>
+        <email>beber@meleeweb.net</email>
+        <name>Bertrand Jacquin</name>
+    </maintainer>
+</pkgmetadata>
author	Bertrand Jacquin <beber@meleeweb.net>	2013-12-02 13:10:36 +0100
committer	Bertrand Jacquin <beber@meleeweb.net>	2013-12-02 13:10:36 +0100
commit	f75a589736e49291f837f24842a4fa1d2de6e747 (patch)
tree	2180ffed14fd14a675c77381a621f45757ae19bd /net-firewall
parent	metadata: refresh cache (diff)
download	portage-f75a589736e49291f837f24842a4fa1d2de6e747.tar.xz