--- flowscan-cuflow-1.7.orig/debian/compat
+++ flowscan-cuflow-1.7/debian/compat
@@ -0,0 +1 @@
+5
--- flowscan-cuflow-1.7.orig/debian/flowscan-cuflow.install
+++ flowscan-cuflow-1.7/debian/flowscan-cuflow.install
@@ -0,0 +1,2 @@
+CUFlow.pm usr/share/perl5
+CUFlow.cf etc/flowscan
--- flowscan-cuflow-1.7.orig/debian/rules
+++ flowscan-cuflow-1.7/debian/rules
@@ -0,0 +1,47 @@
+#!/usr/bin/make -f
+# Sample debian/rules that uses debhelper.
+# GNU copyright 1997 to 1999 by Joey Hess.
+
+include /usr/share/dpatch/dpatch.make
+
+get-orig-source:
+ @if [ -z "$(UPSTREAM_VERSION)" ]; then echo "Please run as .../debian/rules UPSTREAM_VERSION=xxx $@"; exit 1; fi
+ wget -O "CUFlow-$(UPSTREAM_VERSION).tgz" "http://www.columbia.edu/acis/networks/advanced/CUFlow/CUFlow-$(UPSTREAM_VERSION).tgz"
+ mv CUFlow-$(UPSTREAM_VERSION).tgz flowscan-cuflow_$(UPSTREAM_VERSION).orig.tar.gz
+
+build: patch
+ # Nothing to do here.
+
+clean: clean-patched unpatch
+clean-patched:
+ dh_testdir
+ dh_clean
+
+install: build
+ dh_testdir
+ dh_testroot
+ dh_clean -k
+ dh_install
+ dh_installdocs
+ dh_installchangelogs
+ dh_installexamples
+ dh_link
+ dh_installdeb
+ dh_strip
+ dh_compress
+ dh_fixperms
+ dh_shlibdeps
+ dh_gencontrol
+
+binary-indep: install
+ dh_testdir
+ dh_testroot
+ dh_md5sums -i
+ dh_builddeb -i
+
+# Build architecture-dependent files here.
+binary-arch: install
+
+binary: binary-indep binary-arch
+
+.PHONY: build clean binary-indep binary-arch binary install
--- flowscan-cuflow-1.7.orig/debian/copyright
+++ flowscan-cuflow-1.7/debian/copyright
@@ -0,0 +1,18 @@
+This Debian package was created by:
+ Russell Stuart <russell-debian@stuart.id.au>
+on:
+ Tue, 20 Dec 2005 20:20:59 +1000
+
+It was downloaded from:
+ http://www.columbia.edu/acis/networks/advanced/CUFlow
+
+Upstream Authors:
+ Johan Andersen <johan@columbia.edu>
+ Matt Selsky <selsky@columbia.edu>
+
+Copyright:
+ Copyright (c) 2002-2005, Trustees of Columbia University, New York.
+
+ The program is released under the the GNU General Public
+ License Version 2, found on Debian GNU/Linux systems in
+ the file /usr/share/common-licenses/GPL-2.
--- flowscan-cuflow-1.7.orig/debian/CUFlow.cf-example
+++ flowscan-cuflow-1.7/debian/CUFlow.cf-example
@@ -0,0 +1,87 @@
+# This is typical of something you might use for a firewall server
+# for home or an small office.
+#
+# These are the subnets in our network
+# These are used only to determine whether a packet is inbound our
+# outbound
+Subnet 192.168.1.0/24 # The local lan
+Subnet 12.34.56.78/32 # The external IP allocated by the ISP
+
+# These are networks we are particularly interested in, and want to
+# get separate rrd's for their aggregate traffic
+Network 12.34.56.78/32,192.168.1.1/32 localhost
+Network 192.168.1.0/24 lan
+
+# Where to put the rrd's
+# Make sure this is the same as $rrddir in CUGrapher.pl
+# Make sure you create it!
+OutputDir /var/local/netflow/rrd
+
+# Track multicast traffic
+Multicast
+
+# Keep top N lists
+# Show the top ten talkers, storing reports in /cflow/flows/reports
+# and keeping the current report in /etc/httpd/data/reports/topten.html
+# Make sure you create this directory!
+Scoreboard 10 /var/local/netflow/cuflow/scoreboard /var/local/netflow/cuflow/top10.html
+
+# Same, but build an over-time average top N list
+# Make sure you create this directory!
+AggregateScore 10 /var/local/netflow/cuflow/scoreboard/agg.dat /var/local/netflow/cuflow/agg10.html
+
+# Our two netflow exporters. Produce service and protocol reports for the
+# total, and each of these.
+Router 127.0.0.1 localhost
+
+# Services we are interested in
+# File transfer traffic. 540=rsync,873=uucp,2401=cvs,3690=svn
+Service 540/tcp,873/tcp,873/udp,2401/tcp,3690/tcp rsync+uucp+..
+# Interfactive traffic. 22=ssh,23=telnet,992=telnets
+Service 22/tcp,23/tcp,992/tcp ssh+telnet
+# Email out. 25/smtp,465=smtps,587=message-submission
+Service 25/tcp,465/tcp,587/tcp email-out
+# Admin traffic. 53=dns,67-68=bootp/dhcp,69=tftp,123=ntp,389=ldap
+Service 53/udp,53/tcp,67-68/udp,67-68/tcp,69/udp,123/udp,123/tcp,389/tcp dns+ldap+dhcp..
+# Web traffic. 20-21=ftp,80=http,443=https,563=nntps,989-990=ftps,1080=socks,2628=dict,3128=squid,3130=squid,8080=windows proxy,8118=privoxy,
+Service 20-21/tcp,80/tcp,119/tcp,443/tcp,563/tcp,989-990/tcp,1080/tcp,2628/tcp,2628/udp,3128/tcp,3130/udp,8080/tcp,8118/tcp ftp+http+nntp
+# Email in. 109-110=pop,993-imaps,995=pop3s
+Service 109-110/tcp,993/tcp,995/tcp email-in
+# Networked file systems. 111=nfs,137-139=smb
+Service 111/tcp,111/udp,137-139/tcp,137-139/udp nfs+smb
+# Instant messaging. 194=irc,994=ircs,1863=msn,5050=yahoo,5190=aim/icq,5222=jabber,6665-6669=irc,6891-6900=ircd
+Service 194/tcp,194/udp,994/tcp,994/udp,1863/tcp,5050/tcp,5050/udp,5190/tcp,5222/tcp,5222/udp,6665-6669/tcp,6891-6900/tcp im
+# Sql servers. 1433-1434=mssql,3050=Firebird,3306=mysql,5432=postgre
+Service 1433-1434/tcp,3050/tcp,3050/udp,3306/tcp,3306/udp,5432/tcp,5432/udp sql
+# Voice over IP. 1718-1720=h.323,4569=iax,5060-5061=sip.
+Service 1718-1720/tcp,1720/udp,4569/tcp,4569/udp,5060-5061/tcp,5060-5061/udp voip
+# Peer to Peer. 1214=Kazza,2705=ShareDirect,4660-4665=edonkey,5500-5503=HotLine,6346-6347=GNUTella,6881-6889=BitTorrent,8038=grouper,8888-8889=napster
+Service 1214/tcp,1214/udp,2705/tcp,2705/udp,4660-4665/tcp,4660-4665/udp,5500-5503/tcp,5500-5503/udp,6346-6347/tcp,6346-6347/udp,6881-6889/tcp,6881-6889/udp,6969/tcp,6989/udp,8038/tcp,8038/udp,8888-8889/tcp,8888-8889/udp p2p
+# Printing. 515=lpr,631=ipp.
+Service 515/tcp,515/udp,631/tcp,631/udp printing
+# Remote Control. 1494=citrix,1604=citrix,3389=rdp,5800=vnc,5900=vnc,6000-6005=x11.
+Service 1494/tcp,1604/udp,3389/tcp,3389/udp,5800/tcp,5900/tcp,6000-6005/tcp,6000-6005/udp x11+vnc
+# Streaming Audio / Video. 554=QuickTime4,1558=Xing,1755=MS-NetShow,3689=iTunes,6970-6999=rtp-qt4,7000=VDOLive,7070=rtsp,6970-7170=rtsp,18888=Liquid Audio
+Service 554/tcp,554/udp,1558/udp,1755/tcp,1755/udp,3689/tcp,3689/udp,6970-6999/udp,7070/tcp,6970-7170/udp,7000/tcp,18888/tcp streaming
+# Games. 666=Doom,2300-2400=MS-DirectPlay-7,7002=CounterStrike,26000=Quake,27000-27031=CounterStrike,28800-29100=msn,11999=YahooGames,47624=MS-DirectPlay
+Service 666/tcp,666/udp,2300-2400/tcp,2300-2400/udp,7002/tcp,26000/tcp,26000/udp,27000-27031/udp,28800-29100/tcp,28800-29100/udp,11999/tcp,47624/tcp games
+
+# protocols we are interested in
+Protocol 1 icmp
+Protocol 4 ipip
+Protocol 6 tcp
+Protocol 17 udp
+Protocol 47 gre
+Protocol 50 esp
+Protocol 51 ah
+
+# ToS bit percentages to graph
+TOS 0-1 normal
+TOS 2-3 cheap
+TOS 4-7 reliable
+TOS 8-15 fast
+TOS 16-31 interactive
+TOS 32-255 other
+
+# Interested in traffic to/from AS 1
+##@ ASNumber 1 Genuity
--- flowscan-cuflow-1.7.orig/debian/flowscan-cugrapher.README.Debian
+++ flowscan-cuflow-1.7/debian/flowscan-cugrapher.README.Debian
@@ -0,0 +1,35 @@
+Using this package
+==================
+
+To use this you need to have installed flowscan-cuflow
+package and got it running. See that packages
+README.Debian for more information.
+
+Having done that, edit /etc/flowscan/CUGrapher.cf to
+reflect your tastes. The file is self-documenting -
+read it. In particular, be sure to set the OutputDir
+variable must be identical to what is in
+/etc/flowscan/CUFlow.cf.
+
+Finally, reconfigure your HTTP server to run CUGrapher.pl.
+It is installed into:
+
+ /usr/lib/cgi-bin/CUGrapher.pl
+
+and this is a symlink to it:
+
+ /usr/lib/cgi-bin/CUGrapher.cgi
+
+In Apache / Apache2 adding this line to httpd.conf
+should suffice:
+
+ Alias "/cuflow" "/usr/lib/cgi-bin/CUFlow.cgi"
+
+This will allow you to view the CUFlow web page at:
+
+ http://127.0.0.1/cuflow
+
+CUGrapher in this package has been modified to read its
+configuration from /etc/flowscan/CUGrapger.cf, so the
+instruction in the README.txt file about modifying the
+$rrddir to point to your databases no longer applies.
--- flowscan-cuflow-1.7.orig/debian/changelog
+++ flowscan-cuflow-1.7/debian/changelog
@@ -0,0 +1,44 @@
+flowscan-cuflow (1.7-5) unstable; urgency=low
+
+ * Got rid of bash ism's.
+ Closes: #530083.
+
+ -- Russell Stuart <russell-debian@stuart.id.au> Sat, 23 May 2009 17:09:28 +1000
+
+flowscan-cuflow (1.7-4) unstable; urgency=low
+
+ * Added: DM-Upload-Allowed: yes
+
+ -- Russell Stuart <russell-debian@stuart.id.au> Mon, 28 Jan 2008 20:58:18 +1000
+
+flowscan-cuflow (1.7-3) unstable; urgency=low
+
+ * Expenaded README.Debian for cuflow to cover a few traps newbies.
+
+ -- Russell Stuart <russell-debian@stuart.id.au> Mon, 8 May 2006 20:27:02 +1000
+
+flowscan-cuflow (1.7-2) unstable; urgency=low
+
+ * Changes architecture from "any" to "all".
+ Closes: #356869.
+
+ -- Russell Stuart <russell-debian@stuart.id.au> Wed, 15 Mar 2006 09:43:06 +1000
+
+flowscan-cuflow (1.7-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Russell Stuart <russell-debian@stuart.id.au> Wed, 11 Jan 2006 16:56:00 +1000
+
+flowscan-cuflow (1.5-2) unstable; urgency=low
+
+ * CUGrapher.pl now retains some settings after generating graphs.
+
+ -- Russell Stuart <russell-debian@stuart.id.au> Sun, 8 Jan 2006 17:38:30 +1000
+
+flowscan-cuflow (1.5-1) unstable; urgency=low
+
+ * Initial Release. closes: #344359.
+
+ -- Russell Stuart <russell-debian@stuart.id.au> Tue, 20 Dec 2005 18:13:02 +1000
+
--- flowscan-cuflow-1.7.orig/debian/flowscan.rc
+++ flowscan-cuflow-1.7/debian/flowscan.rc
@@ -0,0 +1,47 @@
+#!/bin/sh -e
+#
+# flowscan Transforms Cisco netflow files into rrd files.
+#
+# chkconfig: 345 20 20
+#
+# description: Start / stop the netflow recorder
+
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/bin/flowscan
+CONFIG=/etc/flowscan/flowscan.cf
+DESC="netflow recorder"
+
+test -f $DAEMON || exit 0
+test -f $CONFIG || exit 0
+
+startstop() {
+ local background=
+ [ "$1" != ."--start" ] || background="--background"
+ start-stop-daemon "$@" $background --make-pidfile --name ${DAEMON##*/} \
+ --pidfile="/var/run/${DAEMON##*/}.pid" --startas "$DAEMON"
+}
+
+case "$1" in
+ start)
+ echo -n "Starting $DESC: "
+ startstop --start
+ echo "${DAEMON##*/}."
+ ;;
+ stop)
+ echo -n "Stopping $DESC: "
+ startstop --stop
+ echo "${DAEMON##*/}."
+ ;;
+ restart|force-reload)
+ echo -n "Reloading $DESC: "
+ startstop --stop --oknodo --quiet
+ startstop --start
+ echo "${DAEMON##*/}."
+ ;;
+ *)
+ echo "Usage: $0 {start|stop|restart|force-reload}" >&2
+ exit 1
+ ;;
+esac
+
+exit 0
--- flowscan-cuflow-1.7.orig/debian/control
+++ flowscan-cuflow-1.7/debian/control
@@ -0,0 +1,28 @@
+Source: flowscan-cuflow
+Section: net
+Priority: optional
+Maintainer: Russell Stuart <russell-debian@stuart.id.au>
+Build-Depends: debhelper (>> 5), dpatch
+Standards-Version: 3.8.1
+Homepage: http://www.columbia.edu/acis/networks/advanced/CUFlow/
+DM-Upload-Allowed: yes
+
+Package: flowscan-cuflow
+Architecture: all
+Depends: flowscan
+Recommends: flowscan-cugrapher
+Description: Flowscan module combining CampusIO and SubNetIO
+ CUFlow is a FlowScan module designed to combine the features
+ of CampusIO and SubNetIO and to process data more quickly. CUFlow
+ allows you to differentiate traffic by protocol, service, TOS,
+ router, and network and then generate TopN reports over 5 minutes
+ periods and over an extended period of time.
+
+Package: flowscan-cugrapher
+Architecture: all
+Depends: flowscan-cuflow
+Description: A CGI interface for flowscan-cuflow
+ CUGrapher creates graphs for the data collected CUFlow. The graphs
+ are displayed in a web browser. The graphs can be customised by
+ entering queries on the web form, or by creating a default set of
+ graphs in the /etc configuration file.
--- flowscan-cuflow-1.7.orig/debian/flowscan-cugrapher.install
+++ flowscan-cuflow-1.7/debian/flowscan-cugrapher.install
@@ -0,0 +1,2 @@
+CUGrapher.pl usr/lib/cgi-bin
+CUGrapher.cf etc/flowscan
--- flowscan-cuflow-1.7.orig/debian/flowscan-cuflow.docs
+++ flowscan-cuflow-1.7/debian/flowscan-cuflow.docs
@@ -0,0 +1 @@
+README.txt
--- flowscan-cuflow-1.7.orig/debian/flowscan-cugrapher.links
+++ flowscan-cuflow-1.7/debian/flowscan-cugrapher.links
@@ -0,0 +1 @@
+usr/lib/cgi-bin/CUGrapher.pl usr/lib/cgi-bin/CUGrapher.cgi
--- flowscan-cuflow-1.7.orig/debian/flowscan-cuflow.README.Debian
+++ flowscan-cuflow-1.7/debian/flowscan-cuflow.README.Debian
@@ -0,0 +1,166 @@
+Using this module
+=================
+
+1. Edit /etc/flowscan/flowscan.cf and change the ReportClasses
+ to read:
+
+ ReportClasses CUFlow
+
+2. Edit /etc/flowscan/CUFlow.cf to suit. There is a copy of
+ this file as distributed upstream in the examples directory.
+ There is also an example of a version more suited to a
+ typical home / small office server.
+
+3. Capture data in 5 minute intervals. (See the -N flag to
+ flow-capture below). CUFlow doesn't handle anything
+ other than 5 minute intervals very well.
+
+4. Consider installing flowscan-cugrapher so you can display
+ pretty graphs of the data you collect on a web page.
+
+
+
+Micro HOWTO on using CUFlow to monitor data on the local server
+===============================================================
+
+My guess is that 90% of people just want to use this package
+to track what data is flowing through their Debian server,
+typically with the end goal being to nail whatever is hogging
+their bandwidth. It will do this well, but installing this
+package is just one step among many. Here are the entire
+list:
+
+a. Install the fprobe-ulog package to gather the raw data.
+
+b. Use debconf (ie during installation or later by running
+ dpkg-reconfigure fprobe-ulog) to set the FLOW_COLLECTOR
+ variable in /etc/default/fprobe-ulog to:
+
+ FLOW_COLLECTOR="127.0.0.1:555"
+
+ The INTERFACES variable can be left blank.
+
+c. Add some "iptables -j ULOG" entries to your firewall
+ to direct the traffic to fprobe-ulog you want logged.
+ These commands may suffice:
+
+ iptables --insert INPUT 1 ! --source LAN/N --interface ! lo --jump ULOG
+ iptables --insert FORWARD 1 --interface ! lo --jump ULOG
+ iptables --insert OUTPUT 1 ! --destination LAN/N --jump ULOG
+
+ Here "LAN/N" is the IP address range of your LAN, eg
+ "192.168.0.0/24". Having it there prevents fprobe-ulog
+ from seeing LAN traffic. Writing the LAN traffic to
+ the log doesn't confuse flowscan, but fprobe-ulog can
+ be overwhelmed by too much traffic, such as you might
+ find on a 100Mbit LAN.
+
+d. Create these directories:
+
+ mkdir -p /var/local/netflow/flows
+ mkdir -p /var/local/netflow/rrd
+ mkdir -p /var/local/netflow/cuflow/scoreboard
+
+e. Use the flow-capture program, which is provided by the
+ flow-tools package, to write the data fprobe gathers
+ to disk. Be sure to use version 0.68-5 or better -
+ versions prior to that had a bug which meant it didn't
+ work with flowscan. Comment out all the existing
+ lines in /etc/flow-tools/flow-capture.conf and add
+ this line at the end:
+
+ -E1G -N 0 -n 287 -S60 -V5 -w /var/local/netflow/flows -z9 127.0.0.1/127.0.0.1/555
+
+ You can alter some of these settings (making
+ compensating changes elsewhere), but leave "-n 287"
+ and "-V5" strictly alone.
+
+f. Edit /etc/flowscan/flowscan.cf and change the
+ FlowFileGlob line to read:
+
+ FlowFileGlob /var/local/netflow/flows/ft-v05.*
+
+g. Edit /etc/flowscan/CUFlow.cf, and change the following
+ lines:
+
+ OutputDir /var/local/netflow/rrd
+ Scoreboard 10 /var/local/netflow/cuflow/scoreboard /var/local/netflow/cuflow/top10.html
+ AggregateScore 10 /var/local/netflow/cuflow/scoreboard/agg.dat /var/local/netflow/cuflow/agg10.html
+ Router 127.0.0.1 localhost
+
+ You will have to change the following configuration items
+ to reflect the IP address allocation for your local LAN.
+ For example, if "ifconfig eth0" says something like
+ "inet addr:192.168.1.10 Bcast:192.168.1.255 Netmask:255.255.255.0"
+ then you would set them to:
+
+ Subnet 192.168.1.10/24
+ Network 192.168.1.10/24
+
+ You must also put all other IP addresses you machine has
+ been allocated in this file. For example, if your
+ machine is running a PPPoE server and has been allocated
+ the IP address 11.12.13.14 by your ISP, then you need a
+ line like this:
+
+ Subnet 11.12.13.14/32
+
+ Alas adding this IP address is NOT optional. CUFlow will
+ only gather statistics on packets it thinks are going from
+ an internal IP address to an external IP address, or visa
+ versa. If you don't add all IP addresses the machine has,
+ then incoming packet destined those IP addresses will look
+ like external-->external, and hence be ignored. This is a
+ real issue if your ISP allocated you your IP address
+ dynamically. Your only recourse it to create CUFlow.cf
+ dynamically every time you re-connect the link, and
+ re-start flowscan after you have done so.
+
+h. Start/restart the services you have just configured by
+ running:
+
+ /etc/init.d/fprobe-ulog restart
+ /etc/init.d/flow-capture restart
+
+i. Within 5 minutes files named ft-v05.* should appear in
+ /var/local/netflow/flows. When they do run "flowscan".
+ No parameters are needed. The only error your should
+ see is something like:
+
+ illegal attempt to update using time 1135127401 when last update time is 1135127701 (minimum one second step)
+
+ Press control+C to stop it running.
+
+j. Install flowscan.rc to /etc/init.d. flowscan.rc can be
+ found in the /usr/share/doc/flowscan-cuflow/examples
+ directory:
+
+ cp /usr/share/doc/flowscan-cuflow/examples/flowscan.rc /etc/init.d/flowscan
+ update-rc.d flowscan defaults
+ /etc/init.d/flowscan start
+
+k. Install the flow-cugrapher package.
+
+l. Edit /etc/flowscan/CUGrapher.cf and change these settings:
+
+ OutputDir /var/local/netflow/rrd
+ Scoreboard /var/local/netflow/cuflow/top10.html
+ AggregateScore /var/local/netflow/cuflow/agg10.html
+
+m. Configure your web server to run CUGrapher.pl. For
+ Apache this line will achieve that for the URL
+ "http://host.name/cuflow":
+
+ Alias "/cuflow" "/usr/lib/cgi-bin/CUFlow.cgi"
+
+ Restart apache.
+
+ You should now be able to see pretty pictures when
+ you display http://127.0.0.1/cuflow.
+
+n. Use the web page to produce the graphs you would like
+ to see. You can display those graphs when the web page
+ is initially displayed by following the instructions
+ in /etc/flowscan/CUGrapger.cf for the "DefaultGraph"
+ variable. Add one "DefaultGraph" line for each graph
+ you want to display.
--- flowscan-cuflow-1.7.orig/debian/flowscan-cuflow.examples
+++ flowscan-cuflow-1.7/debian/flowscan-cuflow.examples
@@ -0,0 +1,3 @@
+CUFlow.cf
+debian/flowscan.rc
+debian/CUFlow.cf-example
--- flowscan-cuflow-1.7.orig/debian/watch
+++ flowscan-cuflow-1.7/debian/watch
@@ -0,0 +1,3 @@
+version=3
+
+http://www.columbia.edu/acis/networks/advanced/CUFlow/CUFlow-(.*).tgz
--- flowscan-cuflow-1.7.orig/debian/flowscan-cugrapher.docs
+++ flowscan-cuflow-1.7/debian/flowscan-cugrapher.docs
@@ -0,0 +1 @@
+README.txt
--- flowscan-cuflow-1.7.orig/debian/patches/01-etc_config.patch
+++ flowscan-cuflow-1.7/debian/patches/01-etc_config.patch
@@ -0,0 +1,20 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## etc_config.patch.dpatch by <russell-debian@stuart.id.au>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Move config files to /etc
+
+@DPATCH@
+diff -Nur flowscan-cuflow-1.7.orig/CUFlow.pm flowscan-cuflow-1.7/CUFlow.pm
+--- flowscan-cuflow-1.7.orig/CUFlow.pm 2006-01-11 06:47:04.000000000 +1000
++++ flowscan-cuflow-1.7/CUFlow.pm 2006-01-11 16:36:48.000000000 +1000
+@@ -346,7 +346,8 @@
+ $CUFlow::MCAST_MASK = unpack('N', inet_aton('240.0.0.0'));
+
+ $CUFlow::SUBNETS = new Net::Patricia || die "Could not create a trie ($!)\n";
+-&parseConfig("${FindBin::Bin}/CUFlow.cf"); # Read our config file
++#&parseConfig("${FindBin::Bin}/CUFlow.cf"); # Read our config file
++&parseConfig("/etc/${FindBin::Script}/CUFlow.cf"); # Read our config file
+
+ sub parseConfig {
+ my $file = shift;
--- flowscan-cuflow-1.7.orig/debian/patches/02-cugrapher-config.patch
+++ flowscan-cuflow-1.7/debian/patches/02-cugrapher-config.patch
@@ -0,0 +1,334 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 02-cugrapher-config.patch.dpatch by <russell-debian@stuart.id.au>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Make CUGrapher.pl read settings from /etc/flowscan/CUGrapher.cf
+
+@DPATCH@
+diff -Nur CUFlow-1.7/CUGrapher.cf flowscan-cuflow-1.7/CUGrapher.cf
+--- CUFlow-1.7/CUGrapher.cf 1970-01-01 10:00:00.000000000 +1000
++++ flowscan-cuflow-1.7/CUGrapher.cf 2006-01-11 16:58:03.000000000 +1000
+@@ -0,0 +1,67 @@
++# Configuration file for CUGrapger.pl.
++#
++
++# Where to find the rrd's. You must set this.
++# Make sure it is the same as OutputDir in CUFlow.cf.
++#
++# Eg: OutputDir /cflow/reports/rrds
++# Default: not set
++
++# Organisation name - appears in the graph title.
++#
++# Eg: Organization Columbia University Campus
++# Default: (blank)
++
++# Default number of hours to go back.
++#
++# Eg: Hours 24
++# Default: Hours 48
++
++# Default width of graph in pixels.
++#
++# Eg: Width 800
++# Default: Width 640
++
++# Default height of graph in pixels.
++#
++# Eg: Height 480
++# Default: Height 320
++
++# Default image type. Can be png or gif.
++#
++# Eg: ImageType gif
++# Default: ImageType png
++
++# Default graph title.
++#
++# Eg: Title My Graph
++# Default: Title Well Known Protocols/Services
++
++#
++# Specify a graph to be displayed on startup, when no query
++# has been entered. To display multiple graphs supply
++# multiple "DefaultGraph" lines. To generate the string
++# following the "DefaultGraph":
++# 1. Use the web page to generate the graph you want.
++# 2. Copy the query part of the URL displayed by your browser
++# (ie everything part the '?').
++# 3. Remove the ';showmenu=1' from the query string copied.
++#
++# Eg: DefaultGraph report=bits;hours=48;imageType=png;width=640;height=320;duration=;router=all;all_all_services=1;legend=1;title=My%20Graph
++# Default: not set
++
++# The path to the AggregateScore web page build by CUFlow. If
++# non-blank a like to AggregateScore web page will be displayed.
++# If supplied this must be the same as the file name given to
++# the AggregateScore setting in CUFlow.cf.
++#
++# Eg: AggregateScore /var/local/netflow/cuflow/agg10.html
++# Default: (not set)
++
++# The path to the Scoreboard web page built by CUFlow. If
++# non-blank a link to the Scoreboard web page will be
++# displayed. If supplied this must be the same as the file
++# name given to the Scoreboard setting in CUFlow.cf.
++#
++# Eg: Scoreboard /var/local/netflow/cuflow/top10.html
++# Default: (not set)
+diff -Nur CUFlow-1.7/CUGrapher.pl flowscan-cuflow-1.7/CUGrapher.pl
+--- CUFlow-1.7/CUGrapher.pl 2006-01-11 06:47:10.000000000 +1000
++++ flowscan-cuflow-1.7/CUGrapher.pl 2006-01-11 17:02:07.000000000 +1000
+@@ -15,23 +15,68 @@
+
+ ### Local settings ###
+
++# top 10 url's
++my $aggregateScoreFile;
++my $scoreboardFile;
+ # directory with rrd files
+-my $rrddir = "/cflow/reports/rrds";
++my $rrddir;
+ # default number of hours to go back
+ my $hours = 48;
+ # duration of graph, starting from $hours ago
+ my $duration;
+ # organization name
+-my $organization = "Estimated Columbia University Campus";
++my $organization = "";
+ # default graph width
+ my $width = 640;
+ # default graph height
+ my $height = 320;
+ # default image type (png/gif)
+ my $imageType = 'png';
++# default image display on startup
++my @defaultGraph;
++# Page title
++my $title = "Well Known Protocols/Services";
+
+ ### End local settings ###
+
++## Read the configuration file
++my $conffile = "/etc/flowscan/CUGrapher.cf";
++if (open(FH,$conffile)) {
++ while(<FH>) {
++ s/\#.*$//; # Strip out everything after a #
++ next if /^\s*$/; # Skip blank lines
++
++ if (/^\s*OutputDir\s+(\S+)\s*$/) {
++ $rrddir = $1;
++ } elsif (/^\s*AggregateScore\s+(\S.*)\s*$/) {
++ $aggregateScoreFile = $1;
++ } elsif (/^\s*Scoreboard\s+(\S.*)\s*$/) {
++ $scoreboardFile = $1;
++ } elsif (/^\s*Organization\s+(\S.*)\s*$/) {
++ $organization = $1;
++ } elsif (/^\s*Width\s+(\S+)\s*$/) {
++ $width = $1;
++ } elsif (/^\s*Height\s+(\S.*)\s*$/) {
++ $height = $1;
++ } elsif (/^\s*ImageType\s+(\S.*)\s*$/) {
++ $imageType = $1;
++ } elsif (/^\s*Hours\s+(\S.*)\s*$/) {
++ $hours = $1;
++ } elsif (/^\s*Title\s+(\S.*)\s*$/) {
++ $title = $1;
++ } elsif (/^\s*DefaultGraph\s+(\S*)\s*$/) {
++ $defaultGraph[@defaultGraph] = $1;
++ } else {
++ &browserDie( "Invalid line $. in $conffile\n\t$_\n" );
++ }
++ }
++ close(FH);
++}
++
++if (! $rrddir) {
++ &browserDie( "OutputDir not set in $conffile\n" );
++}
++
+ # auto-flush STDOUT
+ $| = 1;
+
+@@ -41,12 +86,21 @@
+ 'flows' => 'flows' );
+
+ unless( param() ) {
+- &showMenu();
++ &showMenu(@defaultGraph);
+ }
+
+ if (param('showmenu')) {
+ Delete('showmenu');
+- &showMenu(self_url());
++ @defaultGraph = ( query_string() );
++ &showMenu(@defaultGraph);
++}
++
++if (param("show-aggregateScore")) {
++ &showFile('AggregateScore', $aggregateScoreFile);
++}
++
++if (param("show-scoreboard")) {
++ &showFile('Scoreboard', $scoreboardFile);
+ }
+
+ # protocol/service -> filename
+@@ -72,6 +126,7 @@
+ &getDuration();
+ &getWidth();
+ &getHeight();
++&getTitle();
+ &getTotal();
+ &getDebug();
+
+@@ -104,15 +159,57 @@
+ }
+ }
+
++sub showFile {
++ my ($title, $fileName) = @_;
++ my $q = new CGI::Pretty(""); # Avoid inheriting the parameter list
++
++ print $q->header;
++
++ open(HTMLFILE, $fileName) or
++ &browserDie("Can't open ${title} ${fileName}");
++ while (<HTMLFILE>) {
++ print $_;
++ }
++ exit;
++}
++
++sub defParam {
++ my ($name, $default) = @_;
++ my $result = param($name);
++
++ return $result if ($result);
++ return $default;
++}
++
+ sub showMenu {
+- my ($imgurl) = @_;
++ my (@graphs) = @_;
+ my $q = new CGI::Pretty(""); # Avoid inheriting the parameter list
++ my $url = $q->url(-relative => 1);
++ my $default;
+
+
+ print $q->header, $q->start_html( -title => 'Generate FlowScan graphs on the fly',
+ -bgcolor => 'ffffff' );
++
++ print $q->h1({-align => "center"}, "NetFlow report for ${organization}");
++
++ print $q->start_p({-align => "center"});
++ if ($aggregateScoreFile) {
++ print $q->a(
++ { -href => "${url}?show-aggregateScore=1" },
++ $q->font({-size => "+1"}, "See the Aggregate Scores"));
++ print " ";
++ }
++ if ($scoreboardFile) {
++ print $q->a(
++ { -href => "${url}?show-scoreboard=1" },
++ $q->font({-size => "+1"}, "See the Scoreboard"));
++ }
++ print $q->end_p();
++
++ foreach my $imguri (@graphs) {
++ my $imgurl = $url . "?" . $imguri;
+
+- if ($imgurl) {
+ if ($imgurl =~ /debug=1/) {
+ (my $cleanimgurl = $imgurl) =~ s/debug=1//;
+ print $q->center( $q->a( { href => $imgurl},
+@@ -124,8 +221,8 @@
+ -alt => 'The Graph you requested'}));
+ }
+ }
+-
+- print $q->start_form( -action => $q->url(), -method => 'get' ); # Just the url, without query string
++
++ print $q->start_form( -action => $url, -method => 'get' ); # Just the url, without query string
+
+ print $q->start_table( { -align => 'center',
+ -cellspacing => '10' } );
+@@ -137,37 +234,41 @@
+ "Report: ",
+ $q->popup_menu( -name => 'report',
+ -values => [sort keys %reportName],
+- -default => '' ) );
++ -default => defParam('report', 'bin') ) );
+
+- my %hours = ( 24 => '24 hours',
++ my %hours = ( 12 => '12 hours',
++ 24 => '24 hours',
+ 36 => '36 hours',
+ 48 => '48 hours',
+ 168 => '1 week',
+ 720 => '1 month' );
++ $hours{defParam('hours', $hours)} = defParam('hours', $hours) . " hours"
++ if (!$hours{defParam('hours', $hours)});
+
+ print $q->td( { -align => 'right' },
+ "Time period: ",
+ $q->popup_menu( -name => 'hours',
+ -values => [sort {$a <=> $b} keys %hours],
+- -default => $hours,
++ -default => defParam('hours', $hours) + "",
+ -labels => \%hours ) );
+
+ print $q->td( { -rowspan => '2' },
+ "Image type: ",
+ $q->popup_menu( -name => 'imageType',
+ -values => ['png', 'gif'],
+- -default => 'png' ) );
++ -default => defParam('imageType', 'png') ) );
+
++ $default = param
+ print $q->td( { -rowspan => '2' },
+ "Width:",
+ $q->textfield( -name => "width",
+- -default => $width,
++ -default => defParam('width', $width),
+ -size => 7 ) );
+
+ print $q->td( { -rowspan => '2' },
+ "Height:",
+ $q->textfield( -name => "height",
+- -default => $height,
++ -default => defParam('height', $height),
+ -size => 7 ) );
+
+ print $q->end_Tr();
+@@ -267,6 +368,7 @@
+ print $q->br;
+
+ print $q->hidden('showmenu','1');
++ print $q->hidden('title',$title);
+
+ print $q->center( $q->submit( -name => '',
+ -value => 'Generate graph' ),
+@@ -355,6 +457,12 @@
+ }
+ }
+
++sub getTitle {
++ if ( param('title') ) {
++ $title = param('title');
++ }
++}
++
+ sub getDebug {
+ if( param('debug') && param('debug') eq '1' ) {
+ $debug = 1;
+@@ -652,8 +760,7 @@
+ push @args, ('--interlaced',
+ '--imgformat='.uc($imageType),
+ '--vertical-label='.$reportName{$reportType}.' per second',
+- "--title=${organization} Well Known Protocols/Services, ".
+- "\u${reportName{$reportType}}, +out/-in",
++ "--title=${title}, \u${reportName{$reportType}}, +out/-in",
+ "--start=".(time - $hours*60*60),
+ "--end=".(time - $hours*60*60 + $duration*60*60),
+ "--width=${width}",
--- flowscan-cuflow-1.7.orig/debian/patches/00list
+++ flowscan-cuflow-1.7/debian/patches/00list
@@ -0,0 +1,2 @@
+01-etc_config.patch
+02-cugrapher-config.patch
![[patchlogo]](http://patch-tracker.debian.org/static/img/swirlpatch.png)