File maltrail.spec of Package Maltrail

Name:           maltrail
Version:        0.0.1
Release:        1
Summary:        Malicious traffic detection system
License:        MIT
Group:          Productivity/Networking/Security
URL:            https://github.com/stamparm/maltrail
Source0:        %{name}-%{version}.tar.gz
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
BuildArch:      noarch
Requires:       python3
Requires:       python3-requests
BuildRequires:  python3-setuptools

%description
Maltrail is a malicious traffic detection system, utilizing publicly available 
(black)lists containing malicious and/or generally suspicious trails, and/or 
dynamically retrieved information (such as from the AbuseIPDB) about the 
incoming connection, along with other heuristics.

IMPORTANT: For full packet capture functionality, you must install pcapy-ng:
  pip3 install pcapy-ng

Without pcapy-ng, Maltrail will have limited functionality.

Features:
- Real-time traffic monitoring
- Malicious IP/domain detection  
- Web-based dashboard
- Systemd service integration

Configuration: /etc/maltrail/maltrail.conf
Web Interface: http://localhost:8338 (default)

%prep
%setup -q

%build
# Fix ALL import statements to use absolute imports
find . -name "*.py" -exec sed -i 's/from \.core\./from core./g' {} \;
find . -name "*.py" -exec sed -i 's/from \.\.thirdparty\./from thirdparty./g' {} \;
find . -name "*.py" -exec sed -i 's/from \.plugins\./from plugins./g' {} \;

%install
rm -rf %{buildroot}

# Create directories
install -d -m 755 %{buildroot}%{_bindir}
install -d -m 755 %{buildroot}%{_sysconfdir}/%{name}
install -d -m 755 %{buildroot}%{_sysconfdir}/%{name}/trails
install -d -m 755 %{buildroot}%{_var}/log/%{name}
install -d -m 755 %{buildroot}%{_sharedstatedir}/%{name}
install -d -m 755 %{buildroot}%{_unitdir}
install -d -m 755 %{buildroot}%{python3_sitelib}/%{name}

# Create wrapper scripts that always use the config file
cat > maltrail-sensor-wrapper << 'EOF'
#!/bin/bash
cd /usr/lib/python3.6/site-packages/maltrail

# If no arguments provided, use the default config file
if [ $# -eq 0 ]; then
    exec python3 sensor.py -c /etc/maltrail/maltrail.conf
else
    # Check if config file is already specified
    has_config=false
    for arg in "$@"; do
        if [ "$arg" = "-c" ] || [ "$arg" = "--config" ]; then
            has_config=true
            break
        fi
    done
    
    if [ "$has_config" = "false" ]; then
        exec python3 sensor.py -c /etc/maltrail/maltrail.conf "$@"
    else
        exec python3 sensor.py "$@"
    fi
fi
EOF

cat > maltrail-server-wrapper << 'EOF'
#!/bin/bash
cd /usr/lib/python3.6/site-packages/maltrail

# If no arguments provided, use the default config file
if [ $# -eq 0 ]; then
    exec python3 server.py -c /etc/maltrail/maltrail.conf
else
    # Check if config file is already specified
    has_config=false
    for arg in "$@"; do
        if [ "$arg" = "-c" ] || [ "$arg" = "--config" ]; then
            has_config=true
            break
        fi
    done
    
    if [ "$has_config" = "false" ]; then
        exec python3 server.py -c /etc/maltrail/maltrail.conf "$@"
    else
        exec python3 server.py "$@"
    fi
fi
EOF

# Install wrapper scripts as executable binaries
install -m 755 maltrail-sensor-wrapper %{buildroot}%{_bindir}/maltrail-sensor
install -m 755 maltrail-server-wrapper %{buildroot}%{_bindir}/maltrail-server

# Install Python modules (after fixing imports)
install -m 644 sensor.py %{buildroot}%{python3_sitelib}/%{name}/
install -m 644 server.py %{buildroot}%{python3_sitelib}/%{name}/

# Install configuration files
install -m 640 maltrail.conf %{buildroot}%{_sysconfdir}/%{name}/maltrail.conf

# Install trails directory structure
cp -r trails/* %{buildroot}%{_sysconfdir}/%{name}/trails/

# Install systemd service files
install -m 644 maltrail-sensor.service %{buildroot}%{_unitdir}/
install -m 644 maltrail-server.service %{buildroot}%{_unitdir}/

# Install Python modules
cp -r core %{buildroot}%{python3_sitelib}/%{name}/
cp -r plugins %{buildroot}%{python3_sitelib}/%{name}/
cp -r thirdparty %{buildroot}%{python3_sitelib}/%{name}/

# Install HTML files
install -d -m 755 %{buildroot}%{_sharedstatedir}/%{name}/html
cp -r html/* %{buildroot}%{_sharedstatedir}/%{name}/html/

# Install misc files
install -d -m 755 %{buildroot}%{_sharedstatedir}/%{name}/misc
cp -r misc/* %{buildroot}%{_sharedstatedir}/%{name}/misc/

%post
%systemd_post maltrail-sensor.service
%systemd_post maltrail-server.service

# Display post-install message
if [ $1 -eq 1 ]; then
    echo ""
    echo "===================================================================="
    echo "Maltrail installed successfully!"
    echo ""
    echo "IMPORTANT: For full packet capture functionality, install pcapy-ng:"
    echo "  pip3 install pcapy-ng"
    echo "  OR for system-wide installation:"
    echo "  sudo pip3 install pcapy-ng"
    echo ""
    echo "Configuration file: /etc/maltrail/maltrail.conf"
    echo "Start services: sudo systemctl start maltrail-sensor maltrail-server"
    echo "Enable at boot: sudo systemctl enable maltrail-sensor maltrail-server"
    echo "Web interface: http://localhost:8338"
    echo ""
    echo "To test manually:"
    echo "  maltrail-server"
    echo "  maltrail-sensor"
    echo "===================================================================="
    echo ""
fi

%preun
%systemd_preun maltrail-sensor.service
%systemd_preun maltrail-server.service

%postun
%systemd_postun maltrail-sensor.service
%systemd_postun maltrail-server.service

%files
%defattr(-,root,root,-)
%doc README.md LICENSE CHANGELOG
%{_bindir}/maltrail-sensor
%{_bindir}/maltrail-server
%config(noreplace) %{_sysconfdir}/%{name}/maltrail.conf
%dir %{_sysconfdir}/%{name}
%dir %{_sysconfdir}/%{name}/trails
%{_sysconfdir}/%{name}/trails/*
%{_unitdir}/maltrail-sensor.service
%{_unitdir}/maltrail-server.service
%dir %{python3_sitelib}/%{name}
%{python3_sitelib}/%{name}/*

%dir %{_sharedstatedir}/%{name}
%dir %{_sharedstatedir}/%{name}/html
%{_sharedstatedir}/%{name}/html/*
%dir %{_sharedstatedir}/%{name}/misc
%{_sharedstatedir}/%{name}/misc/*

%changelog
* Fri Nov 28 2025 KYGnus.co <kygnus.co@proton.me> - 0.0.1-1
- Update wrapper scripts to automatically use /etc/maltrail/maltrail.conf
- Fix config file detection in wrapper scripts
- Ensure config file is properly owned by package
- Fix ALL import statements using sed commands in %build section
- Convert all relative imports to absolute imports
- Fix ModuleNotFoundError and relative import issues
- Use simple bash wrapper scripts
- Remove complex patching approach
- Fix configuration file path issue
- Fix typo: %{buildbuildroot} to %{buildroot} in misc directory creation
- Fix shebang lines: change 'python' to 'python3' for OpenSUSE compatibility
- Remove python3-pcapy-ng dependency (available via pip only)
- Add post-install message about pcapy-ng requirement
- Enhanced package description with installation notes
- Fix directory ownership for html and misc folders