Sunday, September 01, 2019

[update] netshot 0.14.0

Hi,

this is a long overdue update for netshot from version 0.11.0 to 0.14.0.

It now contains improved and additional drivers, general improvements and
updated libraries (vulnerabilities!).
Release history: https://github.com/netfishers-onl/Netshot/tree/master/dist

The install instructions for Debian and CentoOS have been moved to the
wiki and are not part of the port anymore. Instead I added a pkg-readme
with detailed instructions.

I changed the port to depend exclusively on Java 1.8. Netshot depends on
nashorn which was deprecated after Java 1.8. It might work with later Java
versions but I did not test it yet.

OK?

Remi


Index: Makefile
===================================================================
RCS file: /cvs/ports/sysutils/netshot/Makefile,v
retrieving revision 1.6
diff -u -p -r1.6 Makefile
--- Makefile 12 Jul 2019 21:15:36 -0000 1.6
+++ Makefile 27 Aug 2019 21:10:34 -0000
@@ -2,8 +2,7 @@

COMMENT = config backup and policy check for network devices

-V = 0.11.0
-REVISION = 1
+V = 0.14.0
DISTNAME = netshot_${V}
PKGNAME = ${DISTNAME:S/_/-/}
WRKDIST = ${WRKDIR}
@@ -22,7 +21,7 @@ MASTER_SITES = https://github.com/netfi
EXTRACT_SUFX = .zip

MODULES = java
-MODJAVA_VER = 1.8+
+MODJAVA_VER = 1.8

RUN_DEPENDS = java/javaPathHelper

Index: distinfo
===================================================================
RCS file: /cvs/ports/sysutils/netshot/distinfo,v
retrieving revision 1.2
diff -u -p -r1.2 distinfo
--- distinfo 8 Feb 2019 21:33:40 -0000 1.2
+++ distinfo 13 Aug 2019 08:13:55 -0000
@@ -1,2 +1,2 @@
-SHA256 (netshot_0.11.0.zip) = 00N9CByc4inEaWctvmG6IRBZKf95vJrhTJ0Gu5NDfhY=
-SIZE (netshot_0.11.0.zip) = 45555732
+SHA256 (netshot_0.14.0.zip) = 7HX9oTy/mWagcSvTPsgekNX7WTelHS7eu1lNUbNdOO8=
+SIZE (netshot_0.14.0.zip) = 45721309
Index: patches/patch-netshot_conf
===================================================================
RCS file: /cvs/ports/sysutils/netshot/patches/patch-netshot_conf,v
retrieving revision 1.2
diff -u -p -r1.2 patch-netshot_conf
--- patches/patch-netshot_conf 8 Feb 2019 21:33:40 -0000 1.2
+++ patches/patch-netshot_conf 25 Aug 2019 21:27:25 -0000
@@ -20,16 +20,23 @@ Index: netshot.conf

# REST
-netshot.http.ssl.keystore.file = /usr/local/netshot/netshot.jks
-+netshot.http.ssl.keystore.file = ${PREFIX}/netshot/netshot.jks
++netshot.http.ssl.keystore.file = ${SYSCONFDIR}/netshot.jks
netshot.http.ssl.keystore.pass = password
#netshot.http.baseurl = https://localhost
netshot.http.baseurl = https://0.0.0.0
-@@ -35,7 +35,7 @@ netshot.snmptrap.community = Netsh01
- # General settings
- netshot.snapshots.auto.interval = 15
+@@ -38,12 +38,12 @@ netshot.snapshots.auto.interval = 15
+ # Allow a trap received from any IP of a device to trigger an automatic snapshot
netshot.snapshots.auto.anyip = true
+ # After a snapshot, dump the last configuration to a file in this directory
+-#netshot.snapshots.dump = /usr/local/netshot/dumps
++#netshot.snapshots.dump = ${VARBASE}/netshot/dumps
+ # Where to store the binary snapshot files
+-netshot.snapshots.binary.path = /var/local/netshot
++netshot.snapshots.binary.path = ${VARBASE}/netshot
+
+ # Where to look for additional drivers
-netshot.drivers.path = /usr/local/netshot/drivers
+netshot.drivers.path = ${PREFIX}/netshot/drivers

+
# Authentication
- netshot.aaa.maxidletime = 1800
Index: pkg/PLIST
===================================================================
RCS file: /cvs/ports/sysutils/netshot/pkg/PLIST,v
retrieving revision 1.1.1.1
diff -u -p -r1.1.1.1 PLIST
--- pkg/PLIST 28 Aug 2018 11:25:53 -0000 1.1.1.1
+++ pkg/PLIST 27 Aug 2019 21:08:42 -0000
@@ -7,12 +7,11 @@ netshot/
netshot/netshot.jar
share/doc/netshot/
share/doc/netshot/COPYING
-share/doc/netshot/INSTALL.Debian-Ubuntu-Mint.txt
-share/doc/netshot/INSTALL.Redhat-CentOS.txt
share/doc/netshot/LICENSE.txt
share/doc/netshot/README.txt
share/doc/netshot/UPDATE.txt
share/doc/netshot/VERSION.txt
+share/doc/pkg-readmes/${PKGSTEM}
share/examples/netshot/
share/examples/netshot/netshot.conf
@mode 0640
@@ -21,3 +20,5 @@ share/examples/netshot/netshot.conf
@mode 0750
@owner _netshot
@sample ${VARBASE}/log/netshot/
+@sample ${VARBASE}/netshot/
+@sample ${VARBASE}/netshot/dumps
Index: pkg/README
===================================================================
RCS file: pkg/README
diff -N pkg/README
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ pkg/README 1 Sep 2019 16:15:57 -0000
@@ -0,0 +1,46 @@
+$OpenBSD$
+
++-----------------------------------------------------------------------
+| Running ${PKGSTEM} on OpenBSD
++-----------------------------------------------------------------------
+
+Netshot requires a database which might be on the same server as Netshot
+or remote. It supports PostgreSQL and MySQL/MariaDB. Below example uses
+MariaDB on the same host.
+
+- Install the package mariadb-server.
+ See ${LOCALBASE}/share/doc/pkg-readmes/mariadb-server for the first
+ steps after the installation.
+
+- Create a database and a database user (change the password!):
+ $ mysql -u root
+ > CREATE DATABASE netshot01 CHARACTER SET utf8
+ DEFAULT COLLATE utf8_general_ci;
+ > GRANT ALL PRIVILEGES ON netshot01.*
+ TO 'netshot'@'localhost' IDENTIFIED BY 'netshot';
+ > quit
+
+- Check the database connection config in /etc/netshot.conf.
+ Should netshot not start but log "The server time zone value 'CEST' is
+ unreconized or represents more than one time zone" the connect string
+ might be modified to look like this:
+ netshot.db.url = jdbc:mysql://localhost/netshot01?serverTimezone=UTC
+
+- Create a TLS certificate in a Java keystore:
+ # ${LOCALBASE}/jdk-1.8.0/bin/keytool -genkey -keyalg RSA -alias selfsigned \
+ -keystore ${SYSCONFDIR}/netshot.jks -storepass password -validity 3600 \
+ -keysize 4096
+ # chmod 640 ${SYSCONFDIR}/netshot.jks
+ # chgrp _netshot ${SYSCONFDIR}/netshot.jks
+
+- Enable and start Netshot to create the database tables.
+ # rcctl enable netshot; rcctl start netshot
+
+- Add an initial application user to the database:
+ $ mysql -u root
+ > USE netshot01;
+ > INSERT INTO user (level, local, username, hashed_password)
+ VALUES (1000, 1, 'netshot', '7htrot2BNjUV/g57h/HJ/C1N0Fqrj+QQ');
+
+- Access Netshot with a browser on https://localhost:8443.
+ (username 'netshot' with password 'netshot')

No comments:

Post a Comment