Changeset 1206
- Timestamp:
- 08/13/08 23:46:41 (4 months ago)
- Files:
-
- fwknop/trunk/ChangeLog (modified) (1 diff)
- fwknop/trunk/fwknop (modified) (10 diffs)
- fwknop/trunk/fwknopd (modified) (10 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
fwknop/trunk/ChangeLog
r1201 r1206 24 24 path to be manipulated via the --Lib-dir command line argument and 25 25 'require' statements instead of the old 'use module' strategy. 26 - Added module version output for each non-core perl module used by fwknop 27 and fwknopd in --debug mode. This is mostly useful for the test suite 28 to see which versions of the modules are being used. 26 29 27 30 fwknop-1.9.6 (07/18/2008): fwknop/trunk/fwknop
r1202 r1206 29 29 # Copyright (C) 2004-2008 Michael Rash (mbr@cipherdyne.org) 30 30 # 31 # License - GNU Public License version 2 :31 # License - GNU Public License version 2 (GPLv2): 32 32 # 33 33 # This program is distributed in the hope that it will be useful, … … 687 687 require Digest::MD5; 688 688 Digest::MD5->import(qw(md5_base64)); 689 if ($debug) { 690 print "[+] Digest::MD5 $Digest::MD5::VERSION\n"; 691 } 689 692 $digest = md5_base64($msg); 690 693 print " MD5 digest: $digest\n" unless $quiet; … … 695 698 require Digest::SHA; 696 699 Digest::SHA->import(qw(sha1_base64)); 700 if ($debug) { 701 print "[+] Digest::SHA1::VERSION $Digest::SHA1::VERSION\n"; 702 } 697 703 $digest = sha1_base64($msg); 698 704 print " SHA1 digest: $digest\n" unless $quiet; … … 703 709 require Digest::SHA; 704 710 Digest::SHA->import(qw(sha256_base64)); 711 if ($debug) { 712 print "[+] Digest::SHA256::VERSION $Digest::SHA256::VERSION\n"; 713 } 705 714 $digest = sha256_base64($msg); 706 715 print " SHA256 digest: $digest\n" unless $quiet; … … 821 830 822 831 require Crypt::CBC; 832 833 if ($debug) { 834 print "[+] Crypt::CBC::VERSION $Crypt::CBC::VERSION\n"; 835 } 823 836 824 837 my $cipher = Crypt::CBC->new({ … … 900 913 ### use Net::RawIP to spoof the packets 901 914 require Net::RawIP; 915 916 if ($debug) { 917 print "[+] Net::RawIP::VERSION $Net::RawIP::VERSION\n"; 918 } 902 919 903 920 if ($spoof_proto eq 'udp') { … … 1036 1053 require Net::Ping::External; 1037 1054 Net::Ping::External->import(qw/ping/); 1055 1056 if ($debug) { 1057 print "[+] Net::Ping::External::VERSION ", 1058 "$Net::Ping::External::VERSION\n"; 1059 } 1060 1038 1061 print " icmp echo request -> $knock_dst\n"; 1039 1062 ping(hostname => "$knock_dst", count => 1, timeout => 1); … … 1070 1093 require Crypt::CBC; 1071 1094 1095 if ($debug) { 1096 print "[+] Crypt::CBC::VERSION $Crypt::CBC::VERSION\n"; 1097 } 1098 1072 1099 my $cipher = Crypt::CBC->new({ 1073 1100 'key' => $enc_key, … … 1262 1289 ### load the GnuPG::Interface module 1263 1290 require GnuPG::Interface; 1291 1292 if ($debug) { 1293 print "[+] GnuPG::Interface::VERSION ", 1294 "$GnuPG::Interface::VERSION\n"; 1295 } 1264 1296 1265 1297 ### we don't need a password if we are going to acquire … … 1358 1390 1359 1391 if ($debug) { 1360 print STDERR "[+] import_perl_modules(): The \@INC array:\n"; 1361 print STDERR "$_\n" for @INC; 1362 } 1392 print "[+] import_perl_modules(): The \@INC array:\n"; 1393 print "$_\n" for @INC; 1394 } 1395 1396 require Term::ReadKey; 1397 Term::ReadKey->import(qw/ReadMode ReadLine/); 1363 1398 1364 1399 require Net::IPv4Addr; 1365 require Term::ReadKey;1366 1367 Term::ReadKey->import(qw/ReadMode ReadLine/);1368 1400 Net::IPv4Addr->import(qw/ipv4_in_network/); 1401 1402 if ($debug) { 1403 print "[+] Term::ReadKey::VERSION $Term::ReadKey::VERSION\n", 1404 " Net::IPv4Addr::VERSION $Net::IPv4Addr::VERSION\n"; 1405 } 1369 1406 1370 1407 return; fwknop/trunk/fwknopd
r1202 r1206 29 29 # Copyright (C) 2004-2008 Michael Rash (mbr@cipherdyne.org) 30 30 # 31 # License - GNU Public License version 2 :31 # License - GNU Public License version 2 (GPLv2): 32 32 # 33 33 # This program is distributed in the hope that it will be useful, … … 68 68 my $blacklist_ar = []; 69 69 my $blacklist_exclude_ar = []; 70 my %p0f_sigs = ();70 my %p0f_sigs = (); 71 71 my %pid_files = (); 72 my %ip_sequences 72 my %ip_sequences = (); 73 73 my %digest_store = (); 74 my %ipt_input = ();75 my %ipt_forward = ();76 my %ipt_prerouting = ();74 my %ipt_input = (); 75 my %ipt_forward = (); 76 my %ipt_prerouting = (); 77 77 my %ipt_postrouting = (); 78 my %ipt_output 79 my @ipt_config 78 my %ipt_output = (); ### optional 79 my @ipt_config = (); 80 80 81 81 my $os_fprint_only = 0; … … 291 291 292 292 require Net::Pcap; 293 294 if ($debug ) { 295 print STDERR "[+] Net::Pcap::VERSION $Net::Pcap::VERSION\n"; 296 } 293 297 294 298 &pcap_loop(); … … 3360 3364 $access_hsh{'DATA_COLLECT_MODE'} = $ENCRYPT_SEQUENCE; 3361 3365 } elsif ($line =~ /^\s*KEY:\s*(.*)\s*;/) { 3362 require Crypt::CBC unless $imported_crypt_cbc; 3366 unless ($imported_crypt_cbc) { 3367 require Crypt::CBC; 3368 print STDERR "[+] Crypt::CBC::VERSION $Crypt::CBC::VERSION\n" 3369 if $debug; 3370 } 3363 3371 $imported_crypt_cbc = 1; 3364 3372 $access_hsh{'KEY'} = $1; … … 3368 3376 } 3369 3377 } elsif ($line =~ /^\s*GPG_REMOTE_ID:\s*(.*)\s*;/) { 3370 require GnuPG::Interface unless $imported_gpg; 3378 unless ($imported_gpg) { 3379 require GnuPG::Interface; 3380 print STDERR "[+] GnuPG::Interface::VERSION ", 3381 "$GnuPG::Interface::VERSION\n" if $debug; 3382 } 3371 3383 $imported_gpg = 1; 3372 3384 my @arr = split /\s*\,\s*/, $1; … … 3375 3387 } 3376 3388 } elsif ($line =~ /^\s*GPG_DECRYPT_ID:\s*(.*)\s*;/) { 3377 require GnuPG::Interface unless $imported_gpg; 3389 unless ($imported_gpg) { 3390 require GnuPG::Interface; 3391 print STDERR "[+] GnuPG::Interface::VERSION ", 3392 "$GnuPG::Interface::VERSION\n" if $debug; 3393 } 3378 3394 $imported_gpg = 1; 3379 3395 $access_hsh{'GPG_DECRYPT_ID'} = $1; 3380 3396 } elsif ($line =~ /^\s*GPG_DECRYPT_PW:\s*(.*)\s*;/) { 3381 require GnuPG::Interface unless $imported_gpg; 3397 unless ($imported_gpg) { 3398 require GnuPG::Interface; 3399 print STDERR "[+] GnuPG::Interface::VERSION ", 3400 "$GnuPG::Interface::VERSION\n" if $debug; 3401 } 3382 3402 $imported_gpg = 1; 3383 3403 $access_hsh{'GPG_DECRYPT_PW'} = $1; 3384 3404 } elsif ($line =~ /^\s*GPG_HOME_DIR:\s*(\S+)\s*;/) { 3385 require GnuPG::Interface unless $imported_gpg; 3405 unless ($imported_gpg) { 3406 require GnuPG::Interface; 3407 print STDERR "[+] GnuPG::Interface::VERSION ", 3408 "$GnuPG::Interface::VERSION\n" if $debug; 3409 } 3386 3410 $imported_gpg = 1; 3387 3411 $access_hsh{'GPG_HOME_DIR'} = $1; … … 4247 4271 4248 4272 ### Install signal handlers for debugging and for reaping zombie 4249 ### whoisprocesses.4273 ### processes. 4250 4274 $SIG{'__WARN__'} = \&warn_handler; 4251 4275 $SIG{'__DIE__'} = \&die_handler; … … 4658 4682 require IPTables::Parse; 4659 4683 require IPTables::ChainMgr; 4684 4685 if ($debug) { 4686 print STDERR "[+] IPTables::Parse::VERSION ", 4687 "$IPTables::Parse::VERSION\n", 4688 " IPTables::ChainMgr::VERSION ", 4689 "$IPTables::ChainMgr::VERSION\n"; 4690 } 4660 4691 4661 4692 $imported_iptables_modules = 1; … … 4759 4790 } 4760 4791 4761 require Unix::Syslog unless $config{'ALERTING_METHODS'} =~ /no.?syslog/i; 4762 4763 Unix::Syslog->import(qw(:subs :macros)) 4764 unless $config{'ALERTING_METHODS'} =~ /no.?syslog/i; 4792 unless ($config{'ALERTING_METHODS'} =~ /no.?syslog/i) { 4793 require Unix::Syslog; 4794 Unix::Syslog->import(qw(:subs :macros)); 4795 4796 if ($debug) { 4797 print STDERR "[+] Unix::Syslog::VERSION $Unix::Syslog::VERSION\n"; 4798 } 4799 } 4765 4800 4766 4801 require Net::IPv4Addr; 4767 4802 Net::IPv4Addr->import(qw/ipv4_in_network/); 4803 4804 if ($debug) { 4805 print STDERR "[+] Net::IPv4Addr::VERSION $Net::IPv4Addr::VERSION\n"; 4806 } 4768 4807 4769 4808 return; … … 4945 4984 ### MD5 sum 4946 4985 require Digest::MD5; 4986 Digest::MD5->import(qw(md5_base64)); 4987 4947 4988 require Digest::SHA; 4948 Digest::MD5->import(qw(md5_base64));4949 4989 Digest::SHA->import(qw(sha1_base64 sha256_base64)); 4990 4991 if ($debug) { 4992 print STDERR "[+] Digest::MD5::VERSION $Digest::MD5::VERSION\n", 4993 " Digest::SHA::VERSION $Digest::SHA::VERSION\n"; 4994 } 4950 4995 4951 4996 return;
