From: Mario Höllein <mhoellein@freenet.de>
Date: Wed, 7 Aug 2019 12:43:31 +0000 (+0200)
Subject: committing changes in /etc made by "apt-get install fwlogwatch"
X-Git-Url: https://git.hoellein.online/?a=commitdiff_plain;h=0333eb1525f66b5e772461511bf50c2cf55282db;p=zenbook

committing changes in /etc made by "apt-get install fwlogwatch"

Package changes:
+fwlogwatch 1.4-1 amd64
---

diff --git a/.etckeeper b/.etckeeper
index fe086b7..0fdb12a 100755
--- a/.etckeeper
+++ b/.etckeeper
@@ -1209,6 +1209,7 @@ maybe chmod 0755 'cron.daily/cracklib-runtime'
 maybe chmod 0755 'cron.daily/devolo-updates'
 maybe chmod 0755 'cron.daily/dpkg'
 maybe chmod 0755 'cron.daily/etckeeper'
+maybe chmod 0755 'cron.daily/fwlogwatch'
 maybe chmod 0755 'cron.daily/logrotate'
 maybe chmod 0755 'cron.daily/man-db'
 maybe chmod 0755 'cron.daily/mlocate'
@@ -1340,6 +1341,7 @@ maybe chmod 0644 'default/cryptdisks'
 maybe chmod 0644 'default/dbus'
 maybe chmod 0644 'default/devolo-updates'
 maybe chmod 0644 'default/devpts'
+maybe chmod 0644 'default/fwlogwatch'
 maybe chmod 0644 'default/google-chrome'
 maybe chmod 0644 'default/grub'
 maybe chmod 0755 'default/grub.d'
@@ -1609,6 +1611,8 @@ maybe chmod 0644 'foremost.conf'
 maybe chmod 0644 'fprintd.conf'
 maybe chmod 0664 'fstab'
 maybe chmod 0644 'fuse.conf'
+maybe chmod 0755 'fwlogwatch'
+maybe chmod 0644 'fwlogwatch/fwlogwatch.config'
 maybe chmod 0755 'fwupd'
 maybe chmod 0644 'fwupd/daemon.conf'
 maybe chmod 0644 'fwupd/redfish.conf'
@@ -1768,6 +1772,7 @@ maybe chmod 0755 'init.d/devolonetsvc'
 maybe chmod 0755 'init.d/dns-clean'
 maybe chmod 0755 'init.d/fancontrol'
 maybe chmod 0755 'init.d/fhem'
+maybe chmod 0755 'init.d/fwlogwatch'
 maybe chmod 0755 'init.d/gdm3'
 maybe chmod 0755 'init.d/grub-common'
 maybe chmod 0755 'init.d/halt'
diff --git a/cron.daily/fwlogwatch b/cron.daily/fwlogwatch
new file mode 100755
index 0000000..927a13d
--- /dev/null
+++ b/cron.daily/fwlogwatch
@@ -0,0 +1,48 @@
+#!/bin/sh
+# fwlogwatch's daily cron job
+# Copyright 2001 Alberto Gonzalez Iniesta <agi@agi.as>
+# Licensed under the GNU General Public License, version 2.  See the file
+# /usr/share/common-licenses/GPL or <http://www.gnu.org/copyleft/gpl.txt>.
+# 
+set -e
+test $DEBIAN_SCRIPT_DEBUG && set -v -x
+
+FWLOGWATCH=/usr/sbin/fwlogwatch
+CONFIG=/etc/default/fwlogwatch
+EXTRA_HEADER="Content-Type: text/plain"
+
+test -x $FWLOGWATCH || exit 0
+test -r $CONFIG || exit 0
+
+# Source configuration generated from debconf's values
+. $CONFIG
+
+if [ "$CRON_EMAIL" = "none" ]; then
+  exit 0
+fi
+
+OUTPUT=`$FWLOGWATCH $CRON_PARAMS`
+
+(echo "$OUTPUT" | grep -q 'No valid time entries found') \
+  && exit 0
+
+## Mail results
+
+TMPFILE=`mktemp /tmp/fwlogwatch.XXXXXXXXXX`
+
+#echo "From: " >> $TMPFILE
+echo "To: $CRON_EMAIL" >> $TMPFILE
+echo "Subject: fwlogwatch daily news" >> $TMPFILE
+
+(echo "$OUTPUT" | grep -q '</html>') \
+  && echo "Content-Type: text/html" >> $TMPFILE
+
+echo >> $TMPFILE
+
+echo "$OUTPUT" >> $TMPFILE
+
+/usr/lib/sendmail -F `id -nu` "$CRON_EMAIL" < $TMPFILE
+
+rm -f $TMPFILE
+
+# vim:set ai et sts=2 sw=2 tw=0:
diff --git a/default/fwlogwatch b/default/fwlogwatch
new file mode 100644
index 0000000..4b8366e
--- /dev/null
+++ b/default/fwlogwatch
@@ -0,0 +1,9 @@
+#
+# Debian's configuration for fwlogwatch
+# The best way to edit this file is running 'dpkg-reconfigure fwlogwatch'
+#
+START_DAEMON='false'
+PARAMS=''
+MODE=''
+EMAIL=''
+CRON_EMAIL='none'
diff --git a/fwlogwatch/fwlogwatch.config b/fwlogwatch/fwlogwatch.config
new file mode 100644
index 0000000..21934cc
--- /dev/null
+++ b/fwlogwatch/fwlogwatch.config
@@ -0,0 +1,369 @@
+# $Id: fwlogwatch.config 715 2010-10-22 14:21:15Z bw $
+#
+# Sample fwlogwatch configuration file
+#
+# The values filled in or mentioned in the description are the default values,
+# you only need to uncomment an option if you change it's value.
+# Valid parameters to binary options are on/yes/true and off/no/false.
+# Whitespace and comments are ignored anywhere in the file, case does not
+# matter.
+
+
+### Include files ###
+# The option 'include_file' can be used to include external configuration
+# files.
+#
+#include_file =
+
+
+### Global options ###
+# Use 'verbose' if you want extra information and log messages.
+# Use it twice for even more info. fwlogwatch is quiet by default.
+# Command line option: -v[v]
+#
+#verbose = no
+#verbose = no
+
+# Use 'resolve_hosts' if you want IP addresses looked up in the DNS (output
+# will be slower).
+# 'resolve_services' enables lookup of port numbers in /etc/services.
+# Command line options: -n / -N
+#
+#resolve_hosts = no
+#resolve_services = no
+
+# If your logs contain private IP addresses that are not resolvable through
+# DNS but you want reports with meaningful host names you can inject your
+# own list of IP/name pairs (in the same format as /etc/hosts) into the DNS
+# cache with the 'dns_cache' option. fwlogwatch will not modify this file.
+# Command line option: -i <file>
+#
+#dns_cache = /home/user/my_hosts.txt
+
+# Specify the input file(s) if you don't want to use the default. Use one line
+# for each file. Compressed files (gzip) are supported. You can use '-' for
+# standard input (stdin).  In realtime response mode the daemon needs the
+# absolute path to the file.
+# Command line option: [file(s)]
+#
+#input = /var/log/messages
+
+
+### Evaluation options ###
+# You can select which parsers you want to use if you don't want fwlogwatch
+# to check for all known log formats. You can choose one or a combination
+# of:
+#
+# i ipchains
+# n netfilter
+# f ipfilter
+# c Cisco IOS
+# p Cisco PIX/ASA
+# e NetScreen
+# l Elsa Lancom
+# s Snort
+#
+# Command line option: -P <format>
+#
+#parser = infcp
+
+# The following six options define which criteria will be considered when
+# comparing logged packets. You can turn off the source or destination IP
+# address distinction ('src_ip'/'dst_ip') or activate the protocol, source
+# and destination port and TCP option distinction
+# ('protocol'/'src_port'/'dst_port'/'tcp_opts').
+# Command line options: -S / -D / -p / -s / -d / -y
+#
+#src_ip = on
+#dst_ip = on
+#protocol = off
+#src_port = off
+#dst_port = off
+#tcp_opts = off
+
+# The following eight options permit to select and/or exclude certain
+# hosts or ports. Rules can be added and combined, source and destination
+# hosts and ports are differentiated, specifying networks is possible in
+# CIDR format.
+# Command line option: -E <format>
+#
+#exclude_src_host =
+#exclude_src_port =
+#exclude_dst_host =
+#exclude_dst_port =
+#include_src_host =
+#include_src_port =
+#include_dst_host =
+#include_dst_port =
+
+# The following four options permit to include and/or exclude chain and
+# branch (target) strings such as "input", "forward", "output" and
+# "accept", "deny", "pass", "block", "p", etc. Use one string per line
+# without quotes. Including a string causes all others to be excluded.
+# Command line option: -E <format>
+#
+#exclude_chain =
+#include_chain =
+#exclude_branch =
+#include_branch =
+
+
+### Sorting options ###
+# Since the sort algorithm used is stable you can sort several times,
+# entries that are equal for the primary criteria will be sorted by the
+# next criteria. The sort string can be composed of 11 fields of the form
+# 'ab' where 'a' is the sort criteria:
+#
+# c count
+# t start time
+# e end time
+# z duration
+# n target name
+# p protocol
+# b byte count
+# S source host
+# s source port
+# D destination host
+# d destination port
+#
+# and 'b' the order:
+#
+# a ascending
+# d descending
+#
+# Sorting is done in the given sequence, so the last option is the primary
+# criteria. If you don't use the 'sort_order' option the summary mode
+# default 'tacd' will be used (start with the highest count, if two counts
+# match list the one earlier in time first), of which 'ta' is built in, so
+# if you specify an empty sort string or everything else is equal entries
+# will be sorted ascending by time. In realtime response mode the default
+# is 'cd'.
+#
+# Command line option: -O <order>
+#
+#sort_order =
+
+
+### Output options ###
+# With the option 'title' you can change the title of the summary and the
+# status page and the subject of summaries sent by email.
+# The default title in summary mode is 'fwlogwatch summary' and in realtime
+# response mode it is 'fwlogwatch status'.
+#
+#title =
+
+# With the option 'stylesheet' you can make fwlogwatch omit the inline CSS
+# used to define the page colors and reference an external stylesheet.
+# In summary mode the string you specify will be taken as it is and used in a
+# link tag, in realtime response mode this only happens if it is an external
+# URL and starts with "http", else a local file will be assumed and embedded
+# at the corresponding position.
+#
+#stylesheet =
+
+# With the following four options you can customize the colors of the HTML
+# output (summary and realtime response status page), use the RGB value
+# with '#' or directly one of the 16 basic HTML color names (aqua black
+# blue fuchsia gray green lime maroon navy olive purple red silver teal
+# white yellow).
+#
+#textcolor = white
+#bgcolor = black
+#rowcolor1 = #555555
+#rowcolor2 = #333333
+
+
+### Log summary mode ###
+# Use 'data_amount' if you want so see the sum of total packet lengths for
+# each entry (this obviously only works with log formats that contain this
+# information).
+# Command line option: -b
+#
+#data_amount = no
+
+# Use 'start_times' and/or 'last times' if you want to see the timestamp
+# of the first and/or last logged packet of each entry.
+# Command line options: -t / -e
+#
+#start_times = no
+#end_times = no
+
+# Use 'duration' if you want to see the time interval between the first and
+# the last connection attempt of the current entry.
+# Command line option: -z
+#
+#duration = no
+
+# Use 'html' to enable HTML output.
+# Command line option: -w
+#
+#html = no
+
+# Specify the name of an output file
+# Command line option: -o <file>
+#
+#output =
+
+# Use 'recent' to ignore events older than a certain time (off by default).
+# The default unit is seconds.
+# Units: m = minutes, h = hours, d = days, w = weeks, M = months, y = years.
+# Command line option: -l <time>
+#
+#recent =
+
+# Use 'at_least' to hide entries that have a small number of counts (useful
+# when analyzing large log files).
+# Command line option: -m <count>
+#
+#at_least = 1
+
+# Use 'maximum' to limit the number of entries shown (e.g. for a "top 20"),
+# restricted by the 'at_least' option. Zero shows all entries.
+# Command line option: -M <number>
+#
+#maximum = 0
+
+# Use 'whois_lookup' if you want information about the source IP addresses
+# looked up in the whois database (this is slow, please don't stress the
+# registry with too many queries).
+# Command line option: -W
+#
+#whois_lookup = no
+
+# Use 'sender' to specify your email address for abuse reports.
+# The default is <user>@<hostname>.
+# Command line option: -F <email>
+#
+#sender =
+
+# Use 'recipient' to specify the email address of the abuse contact or CERT
+# you want to send reports to. If used in log summary mode the summary will
+# be sent to this address by email (in plain text or HTML as selected with
+# the -w option and the content of the title option as subject).
+# Command line option: -T <email>
+#
+#recipient =
+
+# You can use 'cc' to send a carbon copy of the report (e.g. to you for
+# your archives or a second abuse or CERT contact).
+# Command line option: -C <email>
+#
+#cc =
+
+
+### Realtime response mode ###
+# Use 'realtime_response' to turn this mode on. You can change the
+# configuration file while fwlogwatch is running and have it reread it
+# by sending the HUP signal.
+# Command line option: -R
+#
+#realtime_response = no
+
+# If 'ipchains_check' is activated (and the ipchains parser is selected),
+# fwlogwatch will verify that ipchains rules are set up correctly.
+#
+#ipchains_check = no
+
+# With the 'pidfile' option you can specify a file fwlogwatch will use to
+# keep it's PID so it can receive signals from scripts. If not specified it
+# will not be created.
+# Suggested value: /var/run/fwlogwatch.pid
+#
+#pidfile =
+
+# Use the 'run_as' option to make fwlogwatch capable of binding a
+# privileged port and opening a protected log file as root and then (as
+# daemon) change it's user and group ID to a non-privileged user (a security
+# feature). Please note that reopening a protected log file (e.g. after a
+# kill -USR1) will not be possible once privileges are released. Also
+# remember that you can use fwlogwatch without status web server or with an
+# unprivileged port and with enough permissions to read a log file to run it
+# entirely as user, but you will not be able to execute response scripts
+# that need root privileges (e.g. to modify a firewall).
+# Suggested value: nobody
+#
+#run_as =
+
+# The option 'stateful_start' is enabled by default and causes fwlogwatch
+# to read in the full log file at start and remember all entries that are
+# within the 'recent' parameter (and notify and/or react to them if
+# configured to do so). When disabled, fwlogwatch will jump to the end of
+# the log file and start with an empty packet cache.
+#
+#stateful_start = yes
+
+# Use 'alert_threshold' to define how many connections must happen (within
+# the 'forget' time range) to activate an alert/response.
+# Command line option: -a <count>
+#
+#alert_threshold = 5
+
+# Use the option 'recent' as in log summary mode above to control how long
+# an event should be relevant. After the specified time it is forgotten and
+# if another connection attempt is started it is treated as new. The default
+# for 'recent' in realtime response mode is 1 day.
+# Command line option: -l
+#
+#recent =
+
+# An alert is logged to syslog by default, you can add predefined and/or
+# custom notification and response functions using the fwlw_notify and
+# fwlw_respond scripts that are executed if 'notify' and 'respond'
+# respectively are specified here.
+# Command line options: -A / -B
+#
+#notify = no
+#respond = no
+
+# Alternative paths for the notification and response scripts can be
+# specified with the 'notification_script' and 'response_script' options.
+#
+#notification_script = /usr/local/sbin/fwlw_notify
+#response_script = /usr/local/sbin/fwlw_respond
+
+# Known hosts are those that will not be warned about or actions taken
+# against, even if they match the alert/response criteria.
+# Use 'known_host' for your trusted gateways, peers and DNS servers (this
+# is an anti-spoofing measure). You can specify single IP addresses or
+# networks in CIDR notation (e.g. 192.168.1.0/24).
+# Command line option: -k <IP/net>
+#
+#known_host =
+#known_host =
+
+# You can see which hosts fwlogwatch knows about and which ones it is
+# watching at any time through it's web interface. Use the 'server_status'
+# option to activate the web server in fwlogwatch, 'bind_to' is the IP
+# address of the interface to be bound (defaults to the local host, 0.0.0.0
+# means all), 'listen_port' is the port it will listen on. 'listen_to'
+# allows to restrict access to a single IP address. fwlogwatch will want to
+# authenticate the user, that's what 'status_user' and 'status_password'
+# are for. The password must be a standard Unix DES encrypted password
+# including salt, you can for example use
+# htpasswd -nb user password
+# to generate one. Finally, 'refresh' activates automatic reloading of the
+# status page, the parameter is the time in seconds.
+# Command line option: -X <port>
+#
+#server_status = no
+#bind_to = 127.0.0.1
+#listen_port = 888
+#listen_to =
+#status_user = admin
+#status_password = 2fi4nEVVz0IXo
+#refresh =
+
+
+### Show log times mode ###
+# Use this mode to display the number of lines and the time of the first and
+# last entry in a log file. Unlike the summary mode report this does not show
+# the time of the first and last packet log entry but the time of the first
+# and last entry overall. No other action is performed. Compressed files
+# (gzip) are supported. Use the command line and/or the input option  to
+# specify the files to show.
+# Command line option: -L
+#
+#show_log_times
+
+
+### EOF ###
diff --git a/init.d/fwlogwatch b/init.d/fwlogwatch
new file mode 100755
index 0000000..0853dcf
--- /dev/null
+++ b/init.d/fwlogwatch
@@ -0,0 +1,69 @@
+#!/bin/sh -e
+### BEGIN INIT INFO
+# Provides:          fwlogwatch
+# Required-Start:    $remote_fs $syslog
+# Required-Stop:     $remote_fs $syslog
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: Start daemon at boot time
+# Description:       Enable service provided by daemon.
+### END INIT INFO
+#
+# Original version by Robert Leslie
+# <rob@mars.org>, edited by iwj and cs
+# Modified for fwlogwatch by Alberto Gonzalez Iniesta <agi@agi.as>
+# Modified for fwlogwatch by J.S.Junior <j.s.junior@live.com>
+
+test $DEBIAN_SCRIPT_DEBUG && set -v -x
+
+DAEMON=/usr/sbin/fwlogwatch
+CONFIG=/etc/fwlogwatch/fwlogwatch.config
+DEFAULT=/etc/default/fwlogwatch
+NAME=fwlogwatch
+#Inicialize function
+. /lib/lsb/init-functions
+
+test -x $DAEMON || exit 0
+test -f $CONFIG || exit 0
+test -r $DEFAULT || exit 0
+
+# Source configuration generated from debconf's values
+. $DEFAULT
+
+# Start fwlogwatch as a daemon?
+if [ "$START_DAEMON" != "true" ]; then
+  exit 0
+fi
+
+PIDFILE=`grep "^pidfile" $CONFIG | sed 's/.*=[\t ]*//' `
+
+case "$1" in
+start)
+  echo -n "Starting firewall log watcher: fwlogwatch"
+  start-stop-daemon --start --quiet \
+	--exec $DAEMON -- -R $PARAMS
+  echo "."
+  ;;
+stop)
+  echo -n "Stopping firewall log watcher: fwlogwatch"
+  start-stop-daemon --stop --quiet --oknodo \
+	--exec $DAEMON --pidfile $PIDFILE
+  echo "."
+  ;;
+restart|force-reload)
+  $0 stop
+  sleep 1
+  $0 start
+  ;;
+status)
+    status_of_proc -p $PIDFILE $DAEMON $NAME
+;;
+*)
+  echo "Usage: /etc/init.d/fwlogwatch {start|stop|restart|force-reload}" >&2
+  exit 1
+  ;;
+esac
+
+exit 0
+
+# vim:set ai et sts=2 sw=2 tw=0:
diff --git a/rc0.d/K01fwlogwatch b/rc0.d/K01fwlogwatch
new file mode 120000
index 0000000..9dae528
--- /dev/null
+++ b/rc0.d/K01fwlogwatch
@@ -0,0 +1 @@
+../init.d/fwlogwatch
\ No newline at end of file
diff --git a/rc1.d/K01fwlogwatch b/rc1.d/K01fwlogwatch
new file mode 120000
index 0000000..9dae528
--- /dev/null
+++ b/rc1.d/K01fwlogwatch
@@ -0,0 +1 @@
+../init.d/fwlogwatch
\ No newline at end of file
diff --git a/rc2.d/S03fwlogwatch b/rc2.d/S03fwlogwatch
new file mode 120000
index 0000000..9dae528
--- /dev/null
+++ b/rc2.d/S03fwlogwatch
@@ -0,0 +1 @@
+../init.d/fwlogwatch
\ No newline at end of file
diff --git a/rc3.d/S03fwlogwatch b/rc3.d/S03fwlogwatch
new file mode 120000
index 0000000..9dae528
--- /dev/null
+++ b/rc3.d/S03fwlogwatch
@@ -0,0 +1 @@
+../init.d/fwlogwatch
\ No newline at end of file
diff --git a/rc4.d/S03fwlogwatch b/rc4.d/S03fwlogwatch
new file mode 120000
index 0000000..9dae528
--- /dev/null
+++ b/rc4.d/S03fwlogwatch
@@ -0,0 +1 @@
+../init.d/fwlogwatch
\ No newline at end of file
diff --git a/rc5.d/S03fwlogwatch b/rc5.d/S03fwlogwatch
new file mode 120000
index 0000000..9dae528
--- /dev/null
+++ b/rc5.d/S03fwlogwatch
@@ -0,0 +1 @@
+../init.d/fwlogwatch
\ No newline at end of file
diff --git a/rc6.d/K01fwlogwatch b/rc6.d/K01fwlogwatch
new file mode 120000
index 0000000..9dae528
--- /dev/null
+++ b/rc6.d/K01fwlogwatch
@@ -0,0 +1 @@
+../init.d/fwlogwatch
\ No newline at end of file