diff -Nru httpry-0.1.7/build/httpry.spec httpry-0.1.8/build/httpry.spec --- httpry-0.1.7/build/httpry.spec 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/build/httpry.spec 1970-01-01 00:00:00.000000000 +0000 @@ -1,116 +0,0 @@ -# -# ---------------------------------------------------- -# httpry - HTTP logging and information retrieval tool -# ---------------------------------------------------- -# -# Copyright (c) 2005-2012 Jason Bittel -# -# .spec file built and provided by Shawn Ashlee -# - -# -# Setting initial dist defaults. Do not modify these. -# Note: Mock sets these up... but we need to default for manual builds. -# -%{!?el4:%define el4 0} -%{!?el5:%define el5 0} -%{!?rhel:%define rhel 'empty'} - -# Build Options -# -# In order to properly build you will likely need to add one of the -following -# build options: -# -# --with el4 -# --with el5 -# -# -# Note for maintainers/builders: mock handles all these defs. We -include them -# here for manual builds. -# -%{?_with_el4:%define el4 1} -%{?_with_el4:%define rhel 4} -%{?_with_el4:%define dist .el4} - -%{?_with_el5:%define el5 1} -%{?_with_el5:%define rhel 5} -%{?_with_el5:%define dist .el5} - - -Summary: specialized packet sniffer designed for displaying and logging -HTTP traffic -Name: httpry -Version: 0.1.7 -Release: 1.rs%{?dist} -License: GPLv2 -Group: Applications/Internet -URL: http://dumpsterventures.com/jason/httpry/ -Vendor: Jason Bittel -Packager: Shawn Ashlee -Source0: -http://dumpsterventures.com/jason/httpry/%{name}-%{version}.tar.gz -Buildroot: %{_tmppath}/%{name}-%{version} - -%if %{el5} -BuildRequires: libpcap-devel -%else -BuildRequires: libpcap -%endif - -Requires: /usr/bin/perl - - -%description -httpry is a tool designed for displaying and logging HTTP traffic. It is -not -intended to perform analysis itself, but instead to capture, parse -and/or -log the traffic for later analysis. It can be run in real-time -displaying -the live traffic on the wire, or as a daemon process that logs to an -output -file. It is written to be as lightweight and flexible as possible, so -that -it can be easily adaptable to different applications. It does not -display -the raw HTTP data transferred, but instead focuses on parsing and -displaying -the request/response line along with associated header fields. - - -%prep -%setup -q - - -%build -%{__make} - - -%install -[ "%{buildroot}" != "/" ] && %{__rm} -rf %{buildroot} - -%{__install} -D -m 0755 %{name} %{buildroot}%{_sbindir}/%{name} -%{__install} -D -m 0644 %{name}.1 %{buildroot}%{_mandir}/man1/%{name}.1 -%{__install} -D -m 0755 rc.%{name} %{buildroot}%{_initrddir}/%{name} - - -%clean -[ "%{buildroot}" != "/" ] && %{__rm} -rf %{buildroot} - - -%files -%defattr(-,root,root) -%doc doc scripts test -%{_sbindir}/%{name} -%{_mandir}/man1/%{name}.1.gz -%{_initrddir}/%{name} - - -%changelog -* Wed Jan 21 2009 Shawn Ashlee -- updated to latest sources - -* Fri Sep 05 2008 Shawn Ashlee -- initial build diff -Nru httpry-0.1.7/config.h httpry-0.1.8/config.h --- httpry-0.1.7/config.h 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/config.h 2014-06-04 16:08:42.000000000 +0000 @@ -4,7 +4,7 @@ httpry - HTTP logging and information retrieval tool ---------------------------------------------------- - Copyright (c) 2005-2012 Jason Bittel + Copyright (c) 2005-2014 Jason Bittel */ @@ -12,7 +12,7 @@ #define _HAVE_CONFIG_H #define PROG_NAME "httpry" -#define PROG_VER "0.1.7" +#define PROG_VER "0.1.8" /* Default packet capture filter; must be a standard libpcap style filter *** Can be overridden */ @@ -27,7 +27,7 @@ /* Default request methods to process; see doc/method-string for more information *** Can be overridden with -m */ -#define DEFAULT_METHODS "get,post,put,head,options,delete,trace,connect" +#define DEFAULT_METHODS "get,post,put,head,options,delete,trace,connect,patch" /* Default threshold for displaying rps in rate statistics mode *** Can be overridden with -l */ diff -Nru httpry-0.1.7/debian/changelog httpry-0.1.8/debian/changelog --- httpry-0.1.7/debian/changelog 2012-11-08 22:12:37.000000000 +0000 +++ httpry-0.1.8/debian/changelog 2017-07-03 11:05:02.000000000 +0000 @@ -1,3 +1,15 @@ +httpry (0.1.8-1) unstable; urgency=medium + + [ Janos Guljas ] + * New upstream release. (Closes: #762393) + * Bump Standards-Version (no changes needed). + * Update debian/watch file. + * Update debian/copyright file. + * Depend httpry-daemon on lsb-base (>= 3.0-6). + * Update Vcs-* fileds in debian/control. + + -- Janos Guljas Mon, 03 Jul 2017 11:05:02 +0000 + httpry (0.1.7-3) unstable; urgency=low * Separate the init script from the binary package httpry: diff -Nru httpry-0.1.7/debian/control httpry-0.1.8/debian/control --- httpry-0.1.7/debian/control 2012-10-27 22:25:39.000000000 +0000 +++ httpry-0.1.8/debian/control 2017-07-03 11:05:02.000000000 +0000 @@ -3,10 +3,10 @@ Priority: optional Maintainer: Janos Guljas Build-Depends: debhelper (>= 9), libpcap0.8-dev -Standards-Version: 3.9.4 +Standards-Version: 4.0.0 Homepage: http://dumpsterventures.com/jason/httpry/ -Vcs-Git: git://git.debian.org/collab-maint/httpry.git -Vcs-Browser: http://git.debian.org/?p=collab-maint/httpry.git +Vcs-Git: git://anonscm.debian.org/collab-maint/httpry.git +Vcs-Browser: https://anonscm.debian.org/cgit/collab-maint/httpry.git Package: httpry Architecture: any @@ -46,7 +46,7 @@ Package: httpry-daemon Architecture: all -Depends: ${misc:Depends}, httpry (>= ${source:Version}) +Depends: ${misc:Depends}, httpry (>= ${source:Version}), lsb-base (>= 3.0-6) Breaks: httpry (<= 0.1.7-2) Description: HTTP logging and information retrieval tool - daemon httpry is a tool designed for displaying and logging HTTP traffic. It is not diff -Nru httpry-0.1.7/debian/copyright httpry-0.1.8/debian/copyright --- httpry-0.1.7/debian/copyright 2012-10-03 14:02:21.000000000 +0000 +++ httpry-0.1.8/debian/copyright 2017-07-03 11:05:02.000000000 +0000 @@ -11,7 +11,7 @@ Copyright: 2005-2012 Jason Bittel 2005 The Tcpdump Group 2002 Tim Carstens -License: BSD +License: BSD-4-clause These IP and TCP structs/macros are from sniffex.c and were released under the following license: . diff -Nru httpry-0.1.7/debian/.git-dpm httpry-0.1.8/debian/.git-dpm --- httpry-0.1.7/debian/.git-dpm 1970-01-01 00:00:00.000000000 +0000 +++ httpry-0.1.8/debian/.git-dpm 2017-07-03 11:04:05.000000000 +0000 @@ -0,0 +1,8 @@ +# see git-dpm(1) from git-dpm package +b949dec672f4669a9fba0dd38266f02c9973b426 +b949dec672f4669a9fba0dd38266f02c9973b426 +fb5220549060f394eae109ef25608c182bbf10fc +fb5220549060f394eae109ef25608c182bbf10fc +httpry_0.1.8.orig.tar.gz +6fc9ea49461769af6cd79aa9e657ba224d618b03 +49815 diff -Nru httpry-0.1.7/debian/patches/0001-Update-makefile-to-support-DESTDIR-and-debug-symbols.patch httpry-0.1.8/debian/patches/0001-Update-makefile-to-support-DESTDIR-and-debug-symbols.patch --- httpry-0.1.7/debian/patches/0001-Update-makefile-to-support-DESTDIR-and-debug-symbols.patch 1970-01-01 00:00:00.000000000 +0000 +++ httpry-0.1.8/debian/patches/0001-Update-makefile-to-support-DESTDIR-and-debug-symbols.patch 2017-07-03 11:04:05.000000000 +0000 @@ -0,0 +1,53 @@ +From c1d06dae9db1eaf80e57c703517acaf546cb9518 Mon Sep 17 00:00:00 2001 +From: Janos Guljas +Date: Mon, 3 Jul 2017 10:59:56 +0000 +Subject: Update makefile to support DESTDIR and debug symbols + +Last-Update: 2012-10-2 +--- + Makefile | 15 +++++++++------ + 1 file changed, 9 insertions(+), 6 deletions(-) + +diff --git a/Makefile b/Makefile +index 536b66d..922b712 100644 +--- a/Makefile ++++ b/Makefile +@@ -6,8 +6,10 @@ + # Copyright (c) 2005-2014 Jason Bittel + # + ++DESTDIR?=/usr/local ++ + CC = gcc +-CCFLAGS = -Wall -O3 -funroll-loops -I/usr/include/pcap -I/usr/local/include/pcap ++CCFLAGS = -Wall -g -DDEBUG -O3 -funroll-loops -I/usr/include/pcap -I/usr/local/include/pcap + DEBUGFLAGS = -Wall -g -DDEBUG -I/usr/include/pcap -I/usr/local/include/pcap + LIBS = -lpcap -lm -pthread + PROG = httpry +@@ -18,7 +20,7 @@ FILES = httpry.c format.c methods.c utility.c rate.c + all: $(PROG) + + $(PROG): $(FILES) +- $(CC) $(CCFLAGS) -o $(PROG) $(FILES) $(LIBS) ++ $(CC) $(CCFLAGS) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) -o $(PROG) $(FILES) $(LIBS) + + debug: $(FILES) + @echo "--------------------------------------------------" +@@ -50,12 +52,13 @@ install: $(PROG) + @echo "a location of your choosing manually" + @echo "--------------------------------------------------" + @echo "" +- cp -f $(PROG) /usr/sbin/ +- cp -f $(PROG).1 /usr/man/man1/ || cp -f $(PROG).1 /usr/local/man/man1/ ++ mkdir -p $(DESTDIR)/usr/sbin/ ++ cp -f $(PROG) $(DESTDIR)/usr/sbin/ ++# cp -f $(PROG).1 /usr/man/man1/ || cp -f $(PROG).1 /usr/local/man/man1/ + + uninstall: +- rm -f /usr/sbin/$(PROG) +- rm -f /usr/man/man1/$(PROG).1 || rm -f /usr/local/man/man1/$(PROG).1 ++ rm -f $(DESTDIR)/sbin/$(PROG) ++# rm -f /usr/man/man1/$(PROG).1 || rm -f /usr/local/man/man1/$(PROG).1 + + clean: + rm -f $(PROG) diff -Nru httpry-0.1.7/debian/patches/0002-Fix-hyphens-on-options-in-manpage-httpry.1.patch httpry-0.1.8/debian/patches/0002-Fix-hyphens-on-options-in-manpage-httpry.1.patch --- httpry-0.1.7/debian/patches/0002-Fix-hyphens-on-options-in-manpage-httpry.1.patch 1970-01-01 00:00:00.000000000 +0000 +++ httpry-0.1.8/debian/patches/0002-Fix-hyphens-on-options-in-manpage-httpry.1.patch 2017-07-03 11:04:05.000000000 +0000 @@ -0,0 +1,111 @@ +From b949dec672f4669a9fba0dd38266f02c9973b426 Mon Sep 17 00:00:00 2001 +From: Janos Guljas +Date: Mon, 3 Jul 2017 10:59:57 +0000 +Subject: Fix hyphens on options in manpage httpry.1 + +Last-Update: 2012-10-2 +--- + httpry.1 | 49 +++++++++++++++++++++++++------------------------ + 1 file changed, 25 insertions(+), 24 deletions(-) + +diff --git a/httpry.1 b/httpry.1 +index 4d34394..bf174d4 100644 +--- a/httpry.1 ++++ b/httpry.1 +@@ -2,11 +2,11 @@ + .SH NAME + httpry \- HTTP logging and information retrieval tool + .SH SYNOPSIS +-.B httpry [ -dFpq ] [ -b file ] [ -f format ] [ -i device ] [ -m methods ] [ -n count ] [ -o file ] [ -P file ] [ -r file ] [ -S bytes ] [ -u user ] [ 'expression' ] ++.B httpry [ \-dFpq ] [ \-b file ] [ \-f format ] [ \-i device ] [ \-m methods ] [ \-n count ] [ \-o file ] [ \-P file ] [ \-r file ] [ \-S bytes ] [ \-u user ] [ 'expression' ] + .br +-.B httpry -s [ -l threshold ] [ -t seconds ] ++.B httpry \-s [ \-l threshold ] [ \-t seconds ] + .br +-.B httpry -h ++.B httpry \-h + .br + .SH DESCRIPTION + .PP +@@ -16,59 +16,60 @@ to perform analysis itself, but instead to capture, parse and log the traffic + for later analysis. It can be run in real-time displaying the live traffic on + the wire, or as a daemon process that logs to an output file. + .SH OPTIONS +-.IP "-b \fIfile\fP" ++.IP "\-b \fIfile\fP" + Write all processed HTTP packets to a binary pcap dump file. Useful for + further analysis of logged data. +-.IP "-d" ++.IP "\-d" + Run the program as a daemon process. All program status output will be sent + to syslog. A pid file is created for the process in /var/run/httpry.pid by +-default. Requires an output file specified with -o. +-.IP "-f \fIformat\fP" ++default. Requires an output file specified with \-o. ++.IP "\-f \fIformat\fP" + Provide a comma-delimited string specifying the parsed HTTP data to output. + See the doc/format-string file for further information regarding available + options and syntax. +-.IP "-F" ++.IP "\-F" + Disable all output buffering. This may be helpful when piping httpry output + into another program. +-.IP "-h" ++.IP "\-h" + Display a brief description of these options. +-.IP "-i \fIdevice\fP" ++.IP "\-i \fIdevice\fP" + Specify an ethernet interface for the program to listen on. If not specified, + the program will poll the system for a list of interfaces and select the + first one found. +-.IP "-l \fIthreshold\fP" ++.IP "\-l \fIthreshold\fP" + Specify a requests per second rate threshold value when running in rate +-statistics mode (-s). Only hosts with a rps value greater than or equal to ++statistics mode (\-s). Only hosts with a rps value greater than or equal to + this number will be displayed. Defaults to 1. +-.IP "-m \fImethods\fP" ++.IP "\-m \fImethods\fP" + Provide a comma-delimited string that specifies the request methods to parse. + The program defaults to parsing all of the standard RFC2616 method strings if + this option is not set. See the doc/method-string file for more information. +-.IP "-n \fIcount\fP" ++.IP "\-n \fIcount\fP" + Parse this number of HTTP packets and then exit. Defaults to 0, which means + loop forever. +-.IP "-o \fIfile\fP" ++.IP "\-o \fIfile\fP" + Specify an output file for writing parsed packet data. +-.IP "-p" ++.IP "\-p" + Do not put the NIC in promiscuous mode on startup. Note that the NIC could + already be in that mode for another reason. +-.IP "-P \fIfile\fP" ++.IP "\-P \fIfile\fP" + Specify a path and filename for creating the PID file in daemon mode. +-.IP "-q" ++.IP "\-q" + Suppress non-critical output (startup banner, statistics, etc.). +-.IP "-r \fIfile\fP" ++.IP "\-r \fIfile\fP" + Provide an input capture file to read from instead of performing + a live capture. This option does not require root privileges. +-.IP "-s" ++.IP "\-s" + Run httpry in an HTTP request per second display mode. This periodically + displays the rate per active host and total rate at a specified interval. +-.IP "-S" ++.IP "\-S" + Specify a number of bytes to skip in the ethernet header. This allows for + custom header offsets to be accounted for. +-.IP "-t \fIseconds\fP" ++.IP "\-t \fIseconds\fP" ++>>>>>>> HEAD~0 + Specify the host statistics display interval in seconds when running in +-rate statistics mode (-s). Defaults to 5 seconds. +-.IP "-u \fIuser\fP" ++rate statistics mode (\-s). Defaults to 5 seconds. ++.IP "\-u \fIuser\fP" + Specify an alternate user to take ownership of the process and any output + files. You will need root privileges to do this; it will switch to the new + user after initialization. diff -Nru httpry-0.1.7/debian/patches/fix-makefile.patch httpry-0.1.8/debian/patches/fix-makefile.patch --- httpry-0.1.7/debian/patches/fix-makefile.patch 2012-10-03 14:02:21.000000000 +0000 +++ httpry-0.1.8/debian/patches/fix-makefile.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,45 +0,0 @@ -Description: Update makefile to support DESTDIR and debug symbols -Author: Janos Guljas -Last-Update: 2012-10-2 - ---- a/Makefile -+++ b/Makefile -@@ -6,8 +6,10 @@ - # Copyright (c) 2005-2012 Jason Bittel - # - -+DESTDIR?=/usr/local -+ - CC = gcc --CCFLAGS = -Wall -O3 -funroll-loops -I/usr/include/pcap -I/usr/local/include/pcap -+CCFLAGS = -Wall -g -DDEBUG -O3 -funroll-loops -I/usr/include/pcap -I/usr/local/include/pcap - DEBUGFLAGS = -Wall -g -DDEBUG -I/usr/include/pcap -I/usr/local/include/pcap - LIBS = -lpcap -lm -pthread - PROG = httpry -@@ -18,7 +20,7 @@ FILES = httpry.c format.c methods.c uti - all: $(PROG) - - $(PROG): $(FILES) -- $(CC) $(CCFLAGS) -o $(PROG) $(FILES) $(LIBS) -+ $(CC) $(CCFLAGS) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) -o $(PROG) $(FILES) $(LIBS) - - debug: $(FILES) - @echo "--------------------------------------------------" -@@ -50,12 +52,13 @@ install: $(PROG) - @echo "a location of your choosing manually" - @echo "--------------------------------------------------" - @echo "" -- cp -f $(PROG) /usr/sbin/ -- cp -f $(PROG).1 /usr/man/man1/ || cp -f $(PROG).1 /usr/local/man/man1/ -+ mkdir -p $(DESTDIR)/usr/sbin/ -+ cp -f $(PROG) $(DESTDIR)/usr/sbin/ -+# cp -f $(PROG).1 /usr/man/man1/ || cp -f $(PROG).1 /usr/local/man/man1/ - - uninstall: -- rm -f /usr/sbin/$(PROG) -- rm -f /usr/man/man1/$(PROG).1 || rm -f /usr/local/man/man1/$(PROG).1 -+ rm -f $(DESTDIR)/sbin/$(PROG) -+# rm -f /usr/man/man1/$(PROG).1 || rm -f /usr/local/man/man1/$(PROG).1 - - clean: - rm -f $(PROG) diff -Nru httpry-0.1.7/debian/patches/fix-manpage.patch httpry-0.1.8/debian/patches/fix-manpage.patch --- httpry-0.1.7/debian/patches/fix-manpage.patch 2012-10-03 14:02:21.000000000 +0000 +++ httpry-0.1.8/debian/patches/fix-manpage.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,95 +0,0 @@ -Description: Fix hyphens on options in manpage httpry.1 -Author: Janos Guljas -Last-Update: 2012-10-2 - ---- a/httpry.1 -+++ b/httpry.1 -@@ -2,9 +2,9 @@ - .SH NAME - httpry \- HTTP logging and information retrieval tool - .SH SYNOPSIS --.B httpry [ -dFpq ] [ -b file ] [ -f format ] [ -i device ] [ -m methods ] [ -n count ] [ -o file ] [ -P file ] [ -r file ] [-t seconds] [ -u user ] [ 'expression' ] -+.B httpry [ \-dFpq ] [ \-b file ] [ \-f format ] [ \-i device ] [ \-m methods ] [ \-n count ] [ \-o file ] [ \-P file ] [ \-r file ] [ \-t seconds] [ \-u user ] [ 'expression' ] - .br --.B httpry -h -+.B httpry \-h - .br - .SH DESCRIPTION - .PP -@@ -14,56 +14,56 @@ to perform analysis itself, but instead - for later analysis. It can be run in real-time displaying the live traffic on - the wire, or as a daemon process that logs to an output file. - .SH OPTIONS --.IP "-b \fIfile\fP" -+.IP "\-b \fIfile\fP" - Write all processed HTTP packets to a binary pcap dump file. Useful for - further analysis of logged data. --.IP "-d" -+.IP "\-d" - Run the program as a daemon process. All program status output will be sent - to syslog. A pid file is created for the process in /var/run/httpry.pid by --default. Requires an output file specified with -o. --.IP "-f \fIformat\fP" -+default. Requires an output file specified with \-o. -+.IP "\-f \fIformat\fP" - Provide a comma-delimited string specifying the parsed HTTP data to output. - See the doc/format-string file for further information regarding available - options and syntax. --.IP "-F" -+.IP "\-F" - Disable all output buffering. This may be helpful when piping httpry output - into another program. --.IP "-h" -+.IP "\-h" - Display a brief description of these options. --.IP "-i \fIdevice\fP" -+.IP "\-i \fIdevice\fP" - Specify an ethernet interface for the program to listen on. If not specified, - the program will poll the system for a list of interfaces and select the - first one found. --.IP "-l \fIthreshold\fP" -+.IP "\-l \fIthreshold\fP" - Specify a requests per second rate threshold value when running in rate --statistics mode (-s). Only hosts with a rps value greater than or equal to -+statistics mode (\-s). Only hosts with a rps value greater than or equal to - this number will be displayed. Defaults to 1. --.IP "-m \fImethods\fP" -+.IP "\-m \fImethods\fP" - Provide a comma-delimited string that specifies the request methods to parse. - The program defaults to parsing all of the standard RFC2616 method strings if - this option is not set. See the doc/method-string file for more information. --.IP "-n \fIcount\fP" -+.IP "\-n \fIcount\fP" - Parse this number of HTTP packets and then exit. Defaults to 0, which means - loop forever. --.IP "-o \fIfile\fP" -+.IP "\-o \fIfile\fP" - Specify an output file for writing parsed packet data. --.IP "-p" -+.IP "\-p" - Do not put the NIC in promiscuous mode on startup. Note that the NIC could - already be in that mode for another reason. --.IP "-P \fIfile\fP" -+.IP "\-P \fIfile\fP" - Specify a path and filename for creating the PID file in daemon mode. --.IP "-q" -+.IP "\-q" - Suppress non-critical output (startup banner, statistics, etc.). --.IP "-r \fIfile\fP" -+.IP "\-r \fIfile\fP" - Provide an input capture file to read from instead of performing - a live capture. This option does not require root privileges. --.IP "-s" -+.IP "\-s" - Run httpry in an HTTP request per second display mode. This periodically - displays the rate per active host and total rate at a specified interval. --.IP "-t \fIseconds\fP" -+.IP "\-t \fIseconds\fP" - Specify the host statistics display interval in seconds when running in --rate statistics mode (-s). Defaults to 5 seconds. --.IP "-u \fIuser\fP" -+rate statistics mode (\-s). Defaults to 5 seconds. -+.IP "\-u \fIuser\fP" - Specify an alternate user to take ownership of the process and any output - files. You will need root privileges to do this; it will switch to the new - user after initialization. diff -Nru httpry-0.1.7/debian/patches/series httpry-0.1.8/debian/patches/series --- httpry-0.1.7/debian/patches/series 2012-10-03 14:02:21.000000000 +0000 +++ httpry-0.1.8/debian/patches/series 2017-07-03 11:04:05.000000000 +0000 @@ -1,2 +1,2 @@ -fix-makefile.patch -fix-manpage.patch +0001-Update-makefile-to-support-DESTDIR-and-debug-symbols.patch +0002-Fix-hyphens-on-options-in-manpage-httpry.1.patch diff -Nru httpry-0.1.7/debian/watch httpry-0.1.8/debian/watch --- httpry-0.1.7/debian/watch 2012-10-03 14:02:21.000000000 +0000 +++ httpry-0.1.8/debian/watch 2017-07-03 11:05:02.000000000 +0000 @@ -1,2 +1,3 @@ version=3 -http://githubredir.debian.net/github/jbittel/httpry /github/jbittel/httpry/httpry-(.+).tar.gz +https://github.com/jbittel/httpry/releases \ +.*[^n]/(?:|v|version-|release-|r|REL_|rel-|(?:httpry)(?:_|-))(\d[^\s/]*)\.(?:tar\.xz|txz|tar\.bz2|tbz2|tar\.gz|tgz) diff -Nru httpry-0.1.7/doc/ChangeLog httpry-0.1.8/doc/ChangeLog --- httpry-0.1.7/doc/ChangeLog 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/doc/ChangeLog 2014-06-04 16:08:42.000000000 +0000 @@ -4,6 +4,14 @@ lists notable changes and fixes to the core httpry program. +version 0.1.8 + * added support for 802.1Q VLAN tagged packets + * added PATCH HTTP method to default method list + * changed packet parsing to continue without a full header present + * added PPP link type support + * added custom ethernet header offset option (-S) + * changed read timeout to be non-zero + version 0.1.7 * added an option (-P) to specify the PID filename * fixed compiling under OSX @@ -16,7 +24,7 @@ * added IPv6 support * added a force output flush option (-F) to disable output buffering * removed line buffering on output files - * added a http request per second display mode (-t) + * added a HTTP request per second display mode (-t) version 0.1.5 * added a binary pcap dump file option (-b) @@ -75,7 +83,7 @@ * command line arguments now *always* take precedence over config options * wrote custom command line argument parser * removed chance to test against invalid data on exit - * all major packet fields are now availble for output + * all major packet fields are now available for output * config file options now all lowercase * output files are now chown'd to process owner * -n switch now counts parsed packets, not total packets seen @@ -113,5 +121,5 @@ * error/log/warn message printing pushed into function macros * standardized error and status message strings * ability to specify running directory (-r) - * fixed an incorrect array initialisation + * fixed an incorrect array initialization * split version and help information into two commands (-v and -h) diff -Nru httpry-0.1.7/doc/format-string httpry-0.1.8/doc/format-string --- httpry-0.1.7/doc/format-string 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/doc/format-string 2014-06-04 16:08:42.000000000 +0000 @@ -61,6 +61,6 @@ supporting custom fields. Input order is maintained so you can position the fields in the output string. -If you find yourself frequently using a custom format string and don't want to -specify it every run, just modify the default format string in config.h and -recompile httpry. +If you consistently use a custom format string and don't want to specify it +every run, just modify the default format string in config.h and recompile +httpry. diff -Nru httpry-0.1.7/doc/method-string httpry-0.1.8/doc/method-string --- httpry-0.1.7/doc/method-string 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/doc/method-string 2014-06-04 16:08:42.000000000 +0000 @@ -6,11 +6,10 @@ This is the default methods string used: - options,get,head,post,put,delete,trace,connect + get,post,put,head,options,delete,trace,connect,patch -These are all of the default methods listed in RFC2616. If, for example, you -wanted to only process GET and HEAD requests (the default behavior in httpry <= -version 0.1.3) you would use: +For example, if you want to only process GET and HEAD requests (the default +behavior in httpry <= version 0.1.3) you would use: httpry -m get,head @@ -24,6 +23,5 @@ types but are capturing traffic both directions, you will still see the server responses for requests that were ignored. -If you find yourself frequently using a custom method string and don't want to -specify it every run, modify the default method string in config.h and -recompile httpry. +If you consistently use a custom method string and don't want to specify it +every run, modify the default method string in config.h and recompile httpry. diff -Nru httpry-0.1.7/doc/perl-tools httpry-0.1.8/doc/perl-tools --- httpry-0.1.7/doc/perl-tools 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/doc/perl-tools 2014-06-04 16:08:42.000000000 +0000 @@ -28,7 +28,7 @@ a plugins directory is specified (-d), that is used instead. If no directory is specified, the script first searches the current directory for a plugin directory followed by the base directory of - the script. The first directory found is used. To load only specifc + the script. The first directory found is used. To load only specific plugins, use the -p switch to provide a comma-delimited list of plugins (-d is not applied here, so specify them by their full path). Most included plugins require a config file, which must be named diff -Nru httpry-0.1.7/doc/README httpry-0.1.8/doc/README --- httpry-0.1.7/doc/README 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/doc/README 2014-06-04 16:08:42.000000000 +0000 @@ -10,9 +10,9 @@ HTTP logging and information retrieval tool - version 0.1.7 + version 0.1.8 - Copyright (c) 2005-2012 Jason Bittel + Copyright (c) 2005-2014 Jason Bittel For further information about the program, see: http://dumpsterventures.com/jason/httpry @@ -69,14 +69,14 @@ --{ USAGE }-- -Running httpry with no options will cause it to listen on the first nework +Running httpry with no options will cause it to listen on the first network device and output to the console with some sane defaults. The -h switch will print out an abbreviated description of the available options to change the defaults. This section describes these options in greater detail. -httpry [ -dFhpqs ] [ -b file ] [ -f format ] [ -i device ] [-l threshold ] - [-m methods ] [ -n count ] [ -o file ] [ -P file ] [ -r file ] - [-t seconds] [ -u user ] [ 'expression' ] +httpry [ -dFhpqs ] [ -b file ] [ -f format ] [ -i device ] [ -l threshold ] + [ -m methods ] [ -n count ] [ -o file ] [ -P file ] [ -r file ] + [ -S bytes ] [ -t seconds ] [ -u user ] [ 'expression' ] -b file Write all processed HTTP packets to a binary pcap dump file. Useful for @@ -139,6 +139,10 @@ Run httpry in an HTTP request per second display mode. This periodically displays the rate per active host and total rate at a specified interval. +-S +Specify a number of bytes to skip in the ethernet header. This allows for +custom header offsets to be accounted for. + -t seconds Specify the host statistics display interval in seconds when running in rate statistics mode (-s). Defaults to 5 seconds. @@ -165,8 +169,8 @@ --{ KNOWN ISSUES }-- It is worth noting that httpry is rather naive when it comes to parsing HTTP -packets. It does not perform any reordering or reassemply of packets and +packets. It does not perform any reordering or reassembly of packets and simply searches the start of each packet for HTTP data and ignores the packet if it does not find valid data. HTTP packets that are fragmented within the -request/response line will be ignored and any header data present in subsequent -packets will not be parsed. +request/response line will be parsed to the end of the packet and any header +data present in subsequent packets will not be parsed. diff -Nru httpry-0.1.7/error.h httpry-0.1.8/error.h --- httpry-0.1.7/error.h 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/error.h 2014-06-04 16:08:42.000000000 +0000 @@ -4,7 +4,7 @@ httpry - HTTP logging and information retrieval tool ---------------------------------------------------- - Copyright (c) 2005-2012 Jason Bittel + Copyright (c) 2005-2014 Jason Bittel */ diff -Nru httpry-0.1.7/format.c httpry-0.1.8/format.c --- httpry-0.1.7/format.c 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/format.c 2014-06-04 16:08:42.000000000 +0000 @@ -4,7 +4,7 @@ httpry - HTTP logging and information retrieval tool ---------------------------------------------------- - Copyright (c) 2005-2012 Jason Bittel + Copyright (c) 2005-2014 Jason Bittel */ diff -Nru httpry-0.1.7/format.h httpry-0.1.8/format.h --- httpry-0.1.7/format.h 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/format.h 2014-06-04 16:08:42.000000000 +0000 @@ -4,7 +4,7 @@ httpry - HTTP logging and information retrieval tool ---------------------------------------------------- - Copyright (c) 2005-2012 Jason Bittel + Copyright (c) 2005-2014 Jason Bittel */ diff -Nru httpry-0.1.7/httpry.1 httpry-0.1.8/httpry.1 --- httpry-0.1.7/httpry.1 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/httpry.1 2014-06-04 16:08:42.000000000 +0000 @@ -2,7 +2,9 @@ .SH NAME httpry \- HTTP logging and information retrieval tool .SH SYNOPSIS -.B httpry [ -dFpq ] [ -b file ] [ -f format ] [ -i device ] [ -m methods ] [ -n count ] [ -o file ] [ -P file ] [ -r file ] [-t seconds] [ -u user ] [ 'expression' ] +.B httpry [ -dFpq ] [ -b file ] [ -f format ] [ -i device ] [ -m methods ] [ -n count ] [ -o file ] [ -P file ] [ -r file ] [ -S bytes ] [ -u user ] [ 'expression' ] +.br +.B httpry -s [ -l threshold ] [ -t seconds ] .br .B httpry -h .br @@ -60,6 +62,9 @@ .IP "-s" Run httpry in an HTTP request per second display mode. This periodically displays the rate per active host and total rate at a specified interval. +.IP "-S" +Specify a number of bytes to skip in the ethernet header. This allows for +custom header offsets to be accounted for. .IP "-t \fIseconds\fP" Specify the host statistics display interval in seconds when running in rate statistics mode (-s). Defaults to 5 seconds. diff -Nru httpry-0.1.7/httpry.c httpry-0.1.8/httpry.c --- httpry-0.1.7/httpry.c 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/httpry.c 2014-06-04 16:08:42.000000000 +0000 @@ -4,7 +4,7 @@ httpry - HTTP logging and information retrieval tool ---------------------------------------------------- - Copyright (c) 2005-2012 Jason Bittel + Copyright (c) 2005-2014 Jason Bittel */ @@ -32,12 +32,12 @@ /* Function declarations */ int getopt(int, char * const *, const char *); pcap_t *prepare_capture(char *interface, int promisc, char *filename, char *capfilter); -void set_header_offset(int header_type); +void set_link_offset(int header_type); void open_outfiles(); void runas_daemon(); void change_user(char *name); void parse_http_packet(u_char *args, const struct pcap_pkthdr *header, const u_char *pkt); -int process_ip6_nh(const u_char *pkt, int size_ip, int len); +int process_ip6_nh(const u_char *pkt, int size_ip, unsigned int caplen, unsigned int offset); char *parse_header_line(char *header_line); int parse_client_request(char *header_line); int parse_server_response(char *header_line); @@ -50,6 +50,7 @@ /* Program flags/options, set by arguments or config file */ static unsigned int parse_count = 0; static int daemon_mode = 0; +static int eth_skip_bits = 0; static char *use_infile = NULL; static char *interface = NULL; static char *capfilter = NULL; @@ -71,7 +72,7 @@ static char *buf = NULL; static unsigned int num_parsed = 0; /* Count of fully parsed HTTP packets */ static time_t start_time = 0; /* Start tick for statistics calculations */ -static int header_offset = 0; +static int link_offset = 0; static pcap_dumper_t *dumpfile = NULL; static char default_capfilter[] = DEFAULT_CAPFILTER; static char default_format[] = DEFAULT_FORMAT; @@ -98,7 +99,7 @@ if (pcap_lookupnet(dev, &net, &mask, errbuf) == -1) net = 0; - pcap_hnd = pcap_open_live(dev, BUFSIZ, promisc, 0, errbuf); + pcap_hnd = pcap_open_live(dev, BUFSIZ, promisc, 1000, errbuf); if (pcap_hnd == NULL) LOG_DIE("Cannot open live capture on '%s': %s", dev, errbuf); @@ -110,7 +111,7 @@ LOG_DIE("Cannot open saved capture file: %s", errbuf); } - set_header_offset(pcap_datalink(pcap_hnd)); + set_link_offset(pcap_datalink(pcap_hnd)); /* Compile capture filter and apply to handle */ if (pcap_compile(pcap_hnd, &filter, capfilter, 0, net) == -1) @@ -127,7 +128,7 @@ } /* Set the proper packet header offset length based on the datalink type */ -void set_header_offset(int header_type) { +void set_link_offset(int header_type) { #ifdef DEBUG ASSERT(header_type >= 0); @@ -135,28 +136,37 @@ switch (header_type) { case DLT_EN10MB: - header_offset = 14; + link_offset = 14; break; #ifdef DLT_IEEE802_11 case DLT_IEEE802_11: - header_offset = 32; + link_offset = 32; break; #endif #ifdef DLT_LINUX_SLL case DLT_LINUX_SLL: - header_offset = 16; + link_offset = 16; break; #endif #ifdef DLT_LOOP case DLT_LOOP: - header_offset = 4; + link_offset = 4; break; #endif case DLT_NULL: - header_offset = 4; + link_offset = 4; break; case DLT_RAW: - header_offset = 0; + link_offset = 0; + break; + case DLT_PPP: + link_offset = 4; + break; +#ifdef DLT_PPP_SERIAL + case DLT_PPP_SERIAL: +#endif + case DLT_PPP_ETHER: + link_offset = 8; break; default: LOG_DIE("Unsupported datalink type: %s", pcap_datalink_val_to_name(header_type)); @@ -289,16 +299,29 @@ char sport[PORTSTRLEN], dport[PORTSTRLEN]; char ts[MAX_TIME_LEN]; int is_request = 0, is_response = 0; + unsigned int eth_type = 0, offset; + const struct eth_header *eth; const struct ip_header *ip; const struct ip6_header *ip6; const struct tcp_header *tcp; const char *data; int size_ip, size_tcp, size_data, family; + /* Check the ethernet type and insert a VLAN offset if necessary */ + eth = (struct eth_header *) pkt; + eth_type = ntohs(eth->ether_type); + if (eth_type == ETHER_TYPE_VLAN) { + offset = link_offset + 4; + } else { + offset = link_offset; + } + + offset += eth_skip_bits; + /* Position pointers within packet stream and do sanity checks */ - ip = (struct ip_header *) (pkt + header_offset); - ip6 = (struct ip6_header *) (pkt + header_offset); + ip = (struct ip_header *) (pkt + offset); + ip6 = (struct ip6_header *) (pkt + offset); switch (IP_V(ip)) { case 4: family = AF_INET; break; @@ -313,16 +336,16 @@ } else { /* AF_INET6 */ size_ip = sizeof(struct ip6_header); if (ip6->ip6_nh != IPPROTO_TCP) - size_ip = process_ip6_nh(pkt, size_ip, header->caplen - header_offset); + size_ip = process_ip6_nh(pkt, size_ip, header->caplen, offset); if (size_ip < 40) return; } - tcp = (struct tcp_header *) (pkt + header_offset + size_ip); + tcp = (struct tcp_header *) (pkt + offset + size_ip); size_tcp = TH_OFF(tcp) * 4; if (size_tcp < 20) return; - data = (char *) (pkt + header_offset + size_ip + size_tcp); - size_data = (header->caplen - (header_offset + size_ip + size_tcp)); + data = (char *) (pkt + offset + size_ip + size_tcp); + size_data = (header->caplen - (offset + size_ip + size_tcp)); if (size_data <= 0) return; /* Check if we appear to have a valid request or response */ @@ -399,9 +422,10 @@ /* Iterate through IPv6 extension headers looking for a TCP header. Returns the total size of the IPv6 header, including all extension headers. Return 0 to abort processing of this packet. */ -int process_ip6_nh(const u_char *pkt, int size_ip, int len) { +int process_ip6_nh(const u_char *pkt, int size_ip, unsigned int caplen, unsigned int offset) { const struct ip6_ext_header *ip6_eh; - ip6_eh = (struct ip6_ext_header *) (pkt + header_offset + size_ip); + unsigned int len = caplen - offset; + ip6_eh = (struct ip6_ext_header *) (pkt + offset + size_ip); while (ip6_eh->ip6_eh_nh != IPPROTO_TCP) { switch (ip6_eh->ip6_eh_nh) { @@ -420,7 +444,7 @@ if (size_ip > len) return 0; - ip6_eh = (struct ip6_ext_header *) (pkt + header_offset + size_ip); + ip6_eh = (struct ip6_ext_header *) (pkt + offset + size_ip); } /* Next header is TCP, so increment past the final extension header */ @@ -440,7 +464,11 @@ /* Search for a '\n' line terminator, ignoring a leading '\r' if it exists (per RFC2616 section 19.3) */ tmp = strchr(pos, '\n'); - if (!tmp) return NULL; + if (!tmp && header_line) { + return header_line; + } else if (!tmp) { + return NULL; + } *tmp = '\0'; if (*(tmp - 1) == '\r') *(--tmp) = '\0'; @@ -472,15 +500,15 @@ *request_uri++ = '\0'; while (isspace(*request_uri)) request_uri++; - if ((http_version = strchr(request_uri, ' ')) == NULL) return 1; - *http_version++ = '\0'; - while (isspace(*http_version)) http_version++; - - if (strncmp(http_version, HTTP_STRING, strlen(HTTP_STRING)) != 0) return 1; + if ((http_version = strchr(request_uri, ' ')) != NULL) { + *http_version++ = '\0'; + while (isspace(*http_version)) http_version++; + if (strncmp(http_version, HTTP_STRING, strlen(HTTP_STRING)) != 0) return 1; + insert_value("http-version", http_version); + } insert_value("method", method); insert_value("request-uri", request_uri); - insert_value("http-version", http_version); insert_value("direction", ">"); return 0; @@ -602,7 +630,7 @@ void display_banner() { PRINT("%s version %s -- " "HTTP logging and information retrieval tool", PROG_NAME, PROG_VER); - PRINT("Copyright (c) 2005-2012 Jason Bittel "); + PRINT("Copyright (c) 2005-2014 Jason Bittel "); return; } @@ -650,7 +678,7 @@ signal(SIGINT, &handle_signal); /* Process command line arguments */ - while ((opt = getopt(argc, argv, "b:df:Fhpqi:l:m:n:o:P:r:st:u:")) != -1) { + while ((opt = getopt(argc, argv, "b:df:Fhpqi:l:m:n:o:P:r:st:u:S:")) != -1) { switch (opt) { case 'b': use_dumpfile = optarg; break; case 'd': daemon_mode = 1; use_syslog = 1; break; @@ -669,6 +697,7 @@ case 's': rate_stats = 1; break; case 't': rate_interval = atoi(optarg); break; case 'u': new_user = optarg; break; + case 'S': eth_skip_bits = atoi(optarg); break; default: display_usage(); } } diff -Nru httpry-0.1.7/Makefile httpry-0.1.8/Makefile --- httpry-0.1.7/Makefile 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/Makefile 2014-06-04 16:08:42.000000000 +0000 @@ -3,7 +3,7 @@ # httpry - HTTP logging and information retrieval tool # ---------------------------------------------------- # -# Copyright (c) 2005-2012 Jason Bittel +# Copyright (c) 2005-2014 Jason Bittel # CC = gcc diff -Nru httpry-0.1.7/methods.c httpry-0.1.8/methods.c --- httpry-0.1.7/methods.c 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/methods.c 2014-06-04 16:08:42.000000000 +0000 @@ -4,7 +4,7 @@ httpry - HTTP logging and information retrieval tool ---------------------------------------------------- - Copyright (c) 2005-2012 Jason Bittel + Copyright (c) 2005-2014 Jason Bittel */ diff -Nru httpry-0.1.7/methods.h httpry-0.1.8/methods.h --- httpry-0.1.7/methods.h 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/methods.h 2014-06-04 16:08:42.000000000 +0000 @@ -4,7 +4,7 @@ httpry - HTTP logging and information retrieval tool ---------------------------------------------------- - Copyright (c) 2005-2012 Jason Bittel + Copyright (c) 2005-2014 Jason Bittel */ diff -Nru httpry-0.1.7/rate.c httpry-0.1.8/rate.c --- httpry-0.1.7/rate.c 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/rate.c 2014-06-04 16:08:42.000000000 +0000 @@ -4,7 +4,7 @@ httpry - HTTP logging and information retrieval tool ---------------------------------------------------- - Copyright (c) 2005-2012 Jason Bittel + Copyright (c) 2005-2014 Jason Bittel */ diff -Nru httpry-0.1.7/rate.h httpry-0.1.8/rate.h --- httpry-0.1.7/rate.h 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/rate.h 2014-06-04 16:08:42.000000000 +0000 @@ -4,7 +4,7 @@ httpry - HTTP logging and information retrieval tool ---------------------------------------------------- - Copyright (c) 2005-2012 Jason Bittel + Copyright (c) 2005-2014 Jason Bittel */ diff -Nru httpry-0.1.7/rc.httpry httpry-0.1.8/rc.httpry --- httpry-0.1.7/rc.httpry 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/rc.httpry 2014-06-04 16:08:42.000000000 +0000 @@ -5,7 +5,7 @@ # httpry - HTTP logging and information retrieval tool # ---------------------------------------------------- # -# Copyright (c) 2005-2012 Jason Bittel +# Copyright (c) 2005-2014 Jason Bittel # # diff -Nru httpry-0.1.7/README httpry-0.1.8/README --- httpry-0.1.7/README 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/README 2014-06-04 16:08:42.000000000 +0000 @@ -10,9 +10,9 @@ HTTP logging and information retrieval tool - version 0.1.7 + version 0.1.8 - Copyright (c) 2005-2012 Jason Bittel + Copyright (c) 2005-2014 Jason Bittel For further information about the program, see: http://dumpsterventures.com/jason/httpry @@ -69,14 +69,14 @@ --{ USAGE }-- -Running httpry with no options will cause it to listen on the first nework +Running httpry with no options will cause it to listen on the first network device and output to the console with some sane defaults. The -h switch will print out an abbreviated description of the available options to change the defaults. This section describes these options in greater detail. -httpry [ -dFhpqs ] [ -b file ] [ -f format ] [ -i device ] [-l threshold ] - [-m methods ] [ -n count ] [ -o file ] [ -P file ] [ -r file ] - [-t seconds] [ -u user ] [ 'expression' ] +httpry [ -dFhpqs ] [ -b file ] [ -f format ] [ -i device ] [ -l threshold ] + [ -m methods ] [ -n count ] [ -o file ] [ -P file ] [ -r file ] + [ -S bytes ] [ -t seconds ] [ -u user ] [ 'expression' ] -b file Write all processed HTTP packets to a binary pcap dump file. Useful for @@ -139,6 +139,10 @@ Run httpry in an HTTP request per second display mode. This periodically displays the rate per active host and total rate at a specified interval. +-S +Specify a number of bytes to skip in the ethernet header. This allows for +custom header offsets to be accounted for. + -t seconds Specify the host statistics display interval in seconds when running in rate statistics mode (-s). Defaults to 5 seconds. @@ -165,8 +169,8 @@ --{ KNOWN ISSUES }-- It is worth noting that httpry is rather naive when it comes to parsing HTTP -packets. It does not perform any reordering or reassemply of packets and +packets. It does not perform any reordering or reassembly of packets and simply searches the start of each packet for HTTP data and ignores the packet if it does not find valid data. HTTP packets that are fragmented within the -request/response line will be ignored and any header data present in subsequent -packets will not be parsed. +request/response line will be parsed to the end of the packet and any header +data present in subsequent packets will not be parsed. diff -Nru httpry-0.1.7/scripts/parse_log.pl httpry-0.1.8/scripts/parse_log.pl --- httpry-0.1.7/scripts/parse_log.pl 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/scripts/parse_log.pl 2014-06-04 16:08:42.000000000 +0000 @@ -5,7 +5,7 @@ # httpry - HTTP logging and information retrieval tool # ---------------------------------------------------- # -# Copyright (c) 2005-2012 Jason Bittel +# Copyright (c) 2005-2014 Jason Bittel # use strict; diff -Nru httpry-0.1.7/scripts/perl-tools httpry-0.1.8/scripts/perl-tools --- httpry-0.1.7/scripts/perl-tools 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/scripts/perl-tools 2014-06-04 16:08:42.000000000 +0000 @@ -28,7 +28,7 @@ a plugins directory is specified (-d), that is used instead. If no directory is specified, the script first searches the current directory for a plugin directory followed by the base directory of - the script. The first directory found is used. To load only specifc + the script. The first directory found is used. To load only specific plugins, use the -p switch to provide a comma-delimited list of plugins (-d is not applied here, so specify them by their full path). Most included plugins require a config file, which must be named diff -Nru httpry-0.1.7/scripts/plugins/common_log.cfg httpry-0.1.8/scripts/plugins/common_log.cfg --- httpry-0.1.7/scripts/plugins/common_log.cfg 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/scripts/plugins/common_log.cfg 2014-06-04 16:08:42.000000000 +0000 @@ -15,9 +15,15 @@ # responses and only print available request # data. # +# $combined_format (not required) +# Set to '1' if you want to output in the +# combined log format instead, including +# the Referer and User-Agent headers. +# $output_dir = ""; $output_file = "common_log.txt"; $ignore_response = 0; +$combined_format = 0; 1; diff -Nru httpry-0.1.7/scripts/plugins/common_log.pm httpry-0.1.8/scripts/plugins/common_log.pm --- httpry-0.1.7/scripts/plugins/common_log.pm 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/scripts/plugins/common_log.pm 2014-06-04 16:08:42.000000000 +0000 @@ -3,7 +3,7 @@ # httpry - HTTP logging and information retrieval tool # ---------------------------------------------------- # -# Copyright (c) 2005-2012 Jason Bittel +# Copyright (c) 2005-2014 Jason Bittel # package common_log; @@ -48,6 +48,7 @@ my $self = shift; my $record = shift; my $line = ""; + my $line_suffix; my ($sec, $min, $hour, $mday, $mon, $year); my $tz_offset; @@ -80,6 +81,22 @@ # Append request fields $line .= " \"$record->{'method'} $record->{'request-uri'} $record->{'http-version'}\""; + if ($combined_format) { + # Append referer + if (exists $record->{'referer'}) { + $line .= "\t \"$record->{'referer'}\""; + } else { + $line .= "\t \"-\""; + } + + # Append user agent string + if (exists $record->{'user-agent'}) { + $line .= " \"$record->{'user-agent'}\""; + } else { + $line .= " \"-\""; + } + } + if ($ignore_response) { print $fh "$line - -\n"; } else { @@ -87,9 +104,9 @@ } } elsif ($record->{'direction'} eq '<') { # NOTE: This is a bit naive, but functional. Basically we match a request with the - # next response from that IP in the log file. This means that under busy conditions - # the responses could be matched to the wrong request but currently there isn't a - # more accurate way to tie them together. + # next response from that IP pair in the log file. This means that under busy + # conditions the response could be matched to the wrong request but currently there + # isn't a more accurate way to tie them together. if (exists $requests{"$record->{'dest-ip'}$record->{'source-ip'}"}) { $line = shift(@{ $requests{"$record->{'dest-ip'}$record->{'source-ip'}"} }); return unless $line; @@ -101,6 +118,8 @@ return; } + ($line, $line_suffix) = split /\t/, $line, 2 if $combined_format; + # Append status code if (exists $record->{'status-code'}) { $line .= " $record->{'status-code'}"; @@ -115,7 +134,7 @@ $line .= " -"; } - # TODO: also support combined log format: add referer and user-agent request headers + $line .= $line_suffix if $combined_format; print $fh "$line\n"; } diff -Nru httpry-0.1.7/scripts/plugins/content_analysis.pm httpry-0.1.8/scripts/plugins/content_analysis.pm --- httpry-0.1.7/scripts/plugins/content_analysis.pm 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/scripts/plugins/content_analysis.pm 2014-06-04 16:08:42.000000000 +0000 @@ -3,7 +3,7 @@ # httpry - HTTP logging and information retrieval tool # ---------------------------------------------------- # -# Copyright (c) 2005-2012 Jason Bittel +# Copyright (c) 2005-2014 Jason Bittel # package content_analysis; diff -Nru httpry-0.1.7/scripts/plugins/db_dump.pm httpry-0.1.8/scripts/plugins/db_dump.pm --- httpry-0.1.7/scripts/plugins/db_dump.pm 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/scripts/plugins/db_dump.pm 2014-06-04 16:08:42.000000000 +0000 @@ -3,7 +3,7 @@ # httpry - HTTP logging and information retrieval tool # ---------------------------------------------------- # -# Copyright (c) 2005-2012 Jason Bittel +# Copyright (c) 2005-2014 Jason Bittel # package db_dump; diff -Nru httpry-0.1.7/scripts/plugins/find_proxies.pm httpry-0.1.8/scripts/plugins/find_proxies.pm --- httpry-0.1.7/scripts/plugins/find_proxies.pm 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/scripts/plugins/find_proxies.pm 2014-06-04 16:08:42.000000000 +0000 @@ -3,7 +3,7 @@ # httpry - HTTP logging and information retrieval tool # ---------------------------------------------------- # -# Copyright (c) 2005-2012 Jason Bittel +# Copyright (c) 2005-2014 Jason Bittel # package find_proxies; diff -Nru httpry-0.1.7/scripts/plugins/hostnames.pm httpry-0.1.8/scripts/plugins/hostnames.pm --- httpry-0.1.7/scripts/plugins/hostnames.pm 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/scripts/plugins/hostnames.pm 2014-06-04 16:08:42.000000000 +0000 @@ -3,7 +3,7 @@ # httpry - HTTP logging and information retrieval tool # ---------------------------------------------------- # -# Copyright (c) 2005-2012 Jason Bittel +# Copyright (c) 2005-2014 Jason Bittel # package hostnames; diff -Nru httpry-0.1.7/scripts/plugins/log_summary.pm httpry-0.1.8/scripts/plugins/log_summary.pm --- httpry-0.1.7/scripts/plugins/log_summary.pm 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/scripts/plugins/log_summary.pm 2014-06-04 16:08:42.000000000 +0000 @@ -3,7 +3,7 @@ # httpry - HTTP logging and information retrieval tool # ---------------------------------------------------- # -# Copyright (c) 2005-2012 Jason Bittel +# Copyright (c) 2005-2014 Jason Bittel # package log_summary; diff -Nru httpry-0.1.7/scripts/plugins/sample_plugin.pm httpry-0.1.8/scripts/plugins/sample_plugin.pm --- httpry-0.1.7/scripts/plugins/sample_plugin.pm 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/scripts/plugins/sample_plugin.pm 2014-06-04 16:08:42.000000000 +0000 @@ -3,7 +3,7 @@ # httpry - HTTP logging and information retrieval tool # ---------------------------------------------------- # -# Copyright (c) 2005-2012 Jason Bittel +# Copyright (c) 2005-2014 Jason Bittel # # This is an example plugin for the perl parse script parse_log.pl. It shows diff -Nru httpry-0.1.7/scripts/plugins/search_terms.pm httpry-0.1.8/scripts/plugins/search_terms.pm --- httpry-0.1.7/scripts/plugins/search_terms.pm 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/scripts/plugins/search_terms.pm 2014-06-04 16:08:42.000000000 +0000 @@ -3,7 +3,7 @@ # httpry - HTTP logging and information retrieval tool # ---------------------------------------------------- # -# Copyright (c) 2005-2012 Jason Bittel +# Copyright (c) 2005-2014 Jason Bittel # package search_terms; diff -Nru httpry-0.1.7/scripts/plugins/tokenize.pm httpry-0.1.8/scripts/plugins/tokenize.pm --- httpry-0.1.7/scripts/plugins/tokenize.pm 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/scripts/plugins/tokenize.pm 2014-06-04 16:08:42.000000000 +0000 @@ -3,7 +3,7 @@ # httpry - HTTP logging and information retrieval tool # ---------------------------------------------------- # -# Copyright (c) 2005-2012 Jason Bittel +# Copyright (c) 2005-2014 Jason Bittel # package tokenize; diff -Nru httpry-0.1.7/scripts/plugins/xml_output.cfg httpry-0.1.8/scripts/plugins/xml_output.cfg --- httpry-0.1.7/scripts/plugins/xml_output.cfg 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/scripts/plugins/xml_output.cfg 2014-06-04 16:08:42.000000000 +0000 @@ -16,7 +16,7 @@ # $output_file = "xml_output.xml"; -$flow_version = "0.1.7"; +$flow_version = "0.1.8"; $xml_version = "0.2"; 1; diff -Nru httpry-0.1.7/scripts/plugins/xml_output.pm httpry-0.1.8/scripts/plugins/xml_output.pm --- httpry-0.1.7/scripts/plugins/xml_output.pm 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/scripts/plugins/xml_output.pm 2014-06-04 16:08:42.000000000 +0000 @@ -3,7 +3,7 @@ # httpry - HTTP logging and information retrieval tool # ---------------------------------------------------- # -# Copyright (c) 2005-2012 Jason Bittel +# Copyright (c) 2005-2014 Jason Bittel # package xml_output; diff -Nru httpry-0.1.7/tcp.h httpry-0.1.8/tcp.h --- httpry-0.1.7/tcp.h 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/tcp.h 2014-06-04 16:08:42.000000000 +0000 @@ -4,7 +4,7 @@ httpry - HTTP logging and information retrieval tool ---------------------------------------------------- - Copyright (c) 2005-2012 Jason Bittel + Copyright (c) 2005-2014 Jason Bittel */ @@ -14,6 +14,10 @@ #include #include +#ifndef ETHER_TYPE_VLAN +#define ETHER_TYPE_VLAN 0x8100 /* 802.1q VLAN type */ +#endif + /* These IP and TCP structs/macros are from sniffex.c and were released under the following license: */ @@ -107,6 +111,16 @@ * */ +/* Ethernet addresses are 6 bytes */ +#define ETHER_ADDR_LEN 6 + +/* Ethernet header */ +struct eth_header { + u_char ether_dhost[ETHER_ADDR_LEN]; /* destination host address */ + u_char ether_shost[ETHER_ADDR_LEN]; /* source host address */ + u_short ether_type; /* IP? ARP? RARP? etc */ +}; + /* IP header */ struct ip_header { u_char ip_vhl; /* version << 4 | header length >> 2 */ diff -Nru httpry-0.1.7/utility.c httpry-0.1.8/utility.c --- httpry-0.1.7/utility.c 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/utility.c 2014-06-04 16:08:42.000000000 +0000 @@ -4,7 +4,7 @@ httpry - HTTP logging and information retrieval tool ---------------------------------------------------- - Copyright (c) 2005-2012 Jason Bittel + Copyright (c) 2005-2014 Jason Bittel */ diff -Nru httpry-0.1.7/utility.h httpry-0.1.8/utility.h --- httpry-0.1.7/utility.h 2012-02-29 20:29:03.000000000 +0000 +++ httpry-0.1.8/utility.h 2014-06-04 16:08:42.000000000 +0000 @@ -4,7 +4,7 @@ httpry - HTTP logging and information retrieval tool ---------------------------------------------------- - Copyright (c) 2005-2012 Jason Bittel + Copyright (c) 2005-2014 Jason Bittel */