#!/usr/bin/perl
$|=1 ;

$here = `pwd` ; chomp($here) ; $here =~ s%.*/%% ;

$ENV{'PATH'} = "/bin:/usr/bin:/sbin:/usr/sbin/:/usr/local/sbin:/usr/local/bin" ;

@progs = ('ps','ls','netstat','login','inetd','du','find',
  'crontab','killall','kill','passwd','top','sshd') ;
@libs = ('libcrypt.so.1','libpam.so.0','libpam_misc.so.0') ;

print "Choose name for rkdet (recommend renaming)\n" ;
print "rkdet  " ;
$a = (<STDIN>) ;  chomp($a) ;
if ($a) { $rkdet = $a ; } else { $rkdet = 'rkdet' ; }
$version="0.53" ; $release = '1' ;
if ($rkdet ne 'rkdet') {
  print "If building from SRPM you may need to repeat this build in order to create $rkdet-$version-$release.rpm\n" ;
}


print "Select checksum program:\n" ;
$p = `which md5sum 2>/dev/null` ; chomp($p) ;
if (-x $p) {
  push(@progs,'md5sum') ;
} else {
  $p = `which sum 2>/dev/null` ; chomp($p) ;
}
print "$p " ;
$a = (<STDIN>) ;  chomp($a) ;
if ( -x $a) {
  $cksum = $a ; push (@myprogs,$a) ;
} elsif(!$a && $p) {
  $cksum = $p ; push (@myprogs,$p) ;
} else {
  print "  not found; cannot continue\n" ;
  exit 1;
}

print "Select mail command:\n" ;
$p = `which mail 2>/dev/null` ; chomp($p) ;
if (-x $p) {
  $mail = "$p -s 'Intrusion Report for %s' root" ;
} else {
  $mail = "mail -s 'Intrusion Report for %s' root" ;
}
print "\"$mail\" " ;
$a = (<STDIN>) ;  chomp($a) ;
if ($a) { $mail = $a ; }

print "Select startup message:\n" ;
$p="(See your network guru for details)" ;
print "$p " ;
$a = (<STDIN>) ;  chomp($a) ;
if ( $a) {
  $guru = $a ;
} else {
  $guru = $p ;
}

print "Select run argument (see documentation):\n" ;
$p="163";
print "$p " ;
$a = (<STDIN>) ;  chomp($a) ;
if ( $a) {
  $arg = $a ;
} else {
  $arg = $p ;
}



print "Select netstat:\n" ;
$p = `which netstat 2>/dev/null` ; chomp($p) ;
print "$p " ;
$a = (<STDIN>) ;  chomp($a) ;
if ( -x $a) {
  $netstat = $a ;
} elsif(!$a && $p) {
  $netstat = $p ;
} else {
  print "  not found\n" ;
}
print "Select WAN disconnect command:\n" ;
$p = `which route 2>/dev/null` ; chomp($p) ;
$p = "$p del default" ;
print "$p " ;
$a = (<STDIN>) ;  chomp($a) ;
if ($a) {
  $delcmd = $a ;
} else {
  $delcmd = $p ;
}
print "Select LAN disconnect command:\n" ;
foreach $_ (split(/\n/,`route`)) {
  if (/^default/) {
    s/.* // ; $dev = $_ ;
  }
}
$p = `which ifconfig 2>/dev/null` ; chomp($p) ;
$p = "$p $dev down" ;
print "$p " ;
$a = (<STDIN>) ;  chomp($a) ;
if ( $a) {
  $offcmd = $a ;
} else {
  $offcmd = $p ;
}

print "Select logfile:\n" ;
if (-d '/var/log') { $p = "/var/log" ; }
$p = "$p/$rkdet.log" ;
print "$p " ;
$a = (<STDIN>) ;  chomp($a) ;
if ( $a) {
  $mylog =  $a ;
} else {
  $mylog =  $p ;
}

print "Select who command:\n" ;
$p = `which w 2>/dev/null` ; chomp($p) ;
print "$p " ;
$a = (<STDIN>) ;  chomp($a) ;
if ( -x $a) {
  $wcmd = $a ;
} elsif(!$a && $p) {
  $wcmd = $p ;
} else {
  print "  not found\n" ;
}

print "Select down message:\n" ;
$p ="Checksum failure - disconnecting network" ;
print "\"$p\" " ;
$a = (<STDIN>) ;  chomp($a) ;
if ( $a) {
  $downmsg = $a ; 
} else {
  $downmsg = $p ;
}

print "Select mail subject:\n" ;
$p ="Intruder Report for" ;
print "\"$p\" " ;
$a = (<STDIN>) ;  chomp($a) ;
if ( $a) {
  $mailmsg = $a ; 
} else {
  $mailmsg = $p ;
}

print "Select kill message:\n" ;
$p ="Attempt to kill $rkdet" ;
print "\"$p\" " ;
$a = (<STDIN>) ;  chomp($a) ;
if ( $a) {
  $kilmsg = $a ; 
} else {
  $kilmsg = $p ;
}


print "Select delete tool:\n" ;
$p = `which bcwipe 2>/dev/null` ; chomp($p) ;
unless (-x $p) {
  $p = `which rm 2>/dev/null` ; chomp($p) ;
}
print "$p " ;
$a = (<STDIN>) ;  chomp($a) ;
if ( -x $a) {
  $rm = $a ; 
} elsif(!$a && $p) {
  $rm = $p ;
} else {
  print "  not found; cannot continue\n" ;
  exit 1;
}

print "Choose install directory\n" ;
print "/usr/sbin  " ;
$a = (<STDIN>) ;  chomp($a) ;
if ( -d $a) {
  $bindir =  $a ;
} elsif(!$a) {
  $bindir = '/usr/sbin';
} else {
  print "  not a directory; cannot continue\n" ;
  exit 1;
}


push (@myprogs,"$bindir/$rkdet") ;


print "Select files to check:\n" ;
foreach $prog (@progs) {
  $p = `which $prog 2>/dev/null` ; chomp($p) ;
  print "$prog ($p) " ;
  $a = (<STDIN>) ;  chomp($a) ;
  if ( -f $a) {
    push (@myprogs,$a) ;
  } elsif(!$a && $p) {
    push (@myprogs,$p) ;
  } else {
    print "  not found; will not check $prog\n" ;
  }
}
foreach $lib (@libs) {
  $p = "/lib/".$lib ;
  unless ( -f $p) { $p = '' ; }
  print "$lib ($p)  " ;
  $a = (<STDIN>) ;  chomp($a) ;
  if ( -f $a) {
    push (@myprogs,$a) ;
  } elsif(!$a && $p) {
    push (@myprogs,$p) ;
  } else {
    print "  not found; will not check $lib\n" ;
  }
}
open (OUT,">xfiles.txt") or die "Cannot write xfiles.txt" ;

foreach $p (@myprogs) {
  print OUT "$p\n" ;
}  
close (OUT) ;

open (OUT,">xstrings.txt") or die "Cannot write xstrings.txt" ;
print OUT<<EOT;
delcmd;3;$delcmd
mylog;3;$mylog
offcmd;1;$offcmd
ifcmd;4;interface status
mailfmt;4;$mail
netcmd;9;$netstat -nt
wcmd;3;$wcmd
downmsg;5;$downmsg
mailmsg;9;$mailmsg
md5cmd;3;$cksum 2>&1 %s
md5msg;3;Checksums differ: %s
kmsg;4;Intrusion Report checksum %d ifstatus %d
kilmsg;9;$kilmsg
pmmsg;1;Warning: Interface %s is in promiscuous mode
dbmsg;1;Warning: Interface %s is in debug mode
EOT


open (OUT,">Makefile") or die "Cannot write Makefile" ;
print OUT<<EOT;
#
# change ME to rename rkdet to something else (recommended)
#
ME= $rkdet
PACKAGE=$rkdet-$version
RELEASE=$release
#
# Makefile for $rkdet
#
#
BINDIR=	$bindir
# substitute disk wipe if you like...
RM= $rm

# XOR to test messages
#OPTS = -DXOR

# TEST to disable network disconnect
# NOFORK to disable forking
#OPTS = -DTEST -DNOFORK -DINTV=4


CFLAGS=	-O2 
#CFLAGS= -g

CC= umask 077 ; gcc

rkdet:	rkdet.o if-generic.o
	\$(CC) \$(CFLAGS) \$(OPTS) -o rkdet rkdet.o if-generic.o

install:	rkdet 
	install -s -m 700 rkdet  \$(BINDIR)/\$(ME)
	install -m 700 rkdet.rc /etc/rc.d/init.d/\$(ME)
	strip \$(BINDIR)/\$(ME)

check:	rkdet.c xstrings.c xfiles.c if-generic.o xstrings.h
	\$(CC) \$(CFLAGS) -DXOR  -o rkdet-test rkdet.c if-generic.o
	echo "Checking commands and messages"
	./rkdet-test
	rm -f rkdet-test

rkdet.o:	rkdet.c xstrings.c xstrings.h xfiles.c Makefile
	\$(CC) \$(CFLAGS) \$(OPTS) -o rkdet.o -c rkdet.c

if-generic.o:	if-generic.c
	\$(CC) \$(CFLAGS) -o if-generic.o -c if-generic.c

xstrings.c:	xstrings.txt mkmsg.pl
	umask 077 ; ./mkmsg.pl < xstrings.txt > xstrings.c

xstrings.h:	xstrings.txt mkmsgh.pl
	umask 077 ; ./mkmsgh.pl < xstrings.txt > xstrings.h

xfiles.c:	xfiles.txt mkfil.pl
	umask 077 ; ./mkfil.pl < xfiles.txt > xfiles.c

clean:
	- \$(RM) -f xstrings.c xstrings.h xfiles.c core rkdet *.o \#*

bare:
	- \$(RM) -f *

tar:	../../SOURCES/\$(PACKAGE).tar.gz

../../SOURCES/\$(PACKAGE).tar.gz:	rkdet.c xstrings.txt xfiles.txt \$(PACKAGE).spec INSTALL Readme README Makefile configure if-generic.c mkmsg.pl mkmsgh.pl rkdet.rc CHANGES panic.sh
	make clean
EOT
if ($here eq "$rkdet-$version") {
  print OUT "	cd ../ ; tar -zcf ../SOURCES/\$(PACKAGE).tar.gz \$(PACKAGE)\n" ;
} else {
  print OUT "	cd ../ ; ln -s $here \$(PACKAGE) ; tar -zcf ../SOURCES/\$(PACKAGE).tar.gz \$(PACKAGE) ; rm -f \$(PACKAGE)\n" ;
}
print OUT<<EOT;

rpm:	../../SOURCES/\$(PACKAGE).tar.gz \$(PACKAGE).spec
	cp -f \$(PACKAGE).spec ../../SPECS
	cd .. ; rpm -ba ../SPECS/\$(PACKAGE).spec

sign:
	cd .. ; rpm --resign ../SRPMS/\$(PACKAGE)-\${RELEASE}.src.rpm 
	cd .. ; rpm  --resign ../RPMS/i386/\$(PACKAGE)-\${RELEASE}.i386.rpm
	cd .. ; pgps -a ../SOURCES/\$(PACKAGE).tar.gz

config:	configure
	./configure

EOT

open (OUT,">$rkdet-$version.spec") or die "Cannot write spec" ;
print OUT<<EOT;
Summary: Daemon to check system operation
%define version $version
%define name $rkdet
Name: %{name}
Version: %{version}
Release: 1
Source: http://vancouver-webpages.com/rkdet/%{name}-%{version}.tar.gz
Copyright: Freeware
Packager: Andrew Daviel <andrew\@vancouver-webpages.com>
Group: Networking/Daemons

%description
Consult your system manager for details

%prep
%setup -n %{name}-%{version}

%build
echo "You should probably run the configure script (in /usr/src/redhat/BUILD/%{name}-%{version})"
make 

%install
make install

%pre
if [ -f /etc/rc.d/init.d/%{name} ] ; then
/etc/rc.d/init.d/%{name} stop
fi

%preun
/etc/rc.d/init.d/%{name} stop
/sbin/chkconfig --del %{name}

%post
/sbin/chkconfig --add %{name}
/etc/rc.d/init.d/%{name} start


%files
$bindir/%{name}
/etc/rc.d/init.d/%{name}

%doc Readme
EOT

open (OUT,">rkdet.rc") or die "Cannot write rc" ;
print OUT<<EOT;
#! /bin/sh
#
# chkconfig: 2345 05 95
# description: no description available
# processname: $rkdet

# Get functions
. /etc/rc.d/init.d/functions

# See how we were called.
case "\$1" in
  start)
	echo "Starting $rkdet "
	echo -n "$guru"
	daemon $rkdet $arg
	echo
	touch /var/lock/subsys/$rkdet
	;;
  stop)
	echo -n "Stopping $rkdet "
	killproc $rkdet -9
	echo
	rm -f /var/lock/subsys/$rkdet
	;;
  status)
	status $rkdet
	;;
  restart)
	\$0 stop
	\$0 start
	;;
  *)
	echo "Usage: \$0 {start|stop|status|restart}"
	exit 1
	;;
esac

exit 0
EOT
