rocky needs the v

.gitignore

@@ -1,5 +1,7 @@
 *~
 *.o
+*.gz
 pcapmirror
 debian/debhelper-build-stamp
 debian/pcapmirror.substvars
+debian/files

.gitlab-ci.yml

@@ -12,7 +12,7 @@ build-bookworm:
   tags:
     - bookworm
   script:
-    - tar -czf ../pcapmirror_0.2.orig.tar.gz --exclude=debian .
+    - tar -czf ../pcapmirror_0.3.orig.tar.gz --exclude=debian .
     - apt-get update && apt-get install -y libpcap-dev
     - dpkg-buildpackage -uc -us
     - mkdir -p build
@@ -23,6 +23,7 @@ build-bookworm:
       - build/*.deb
       - build/*.dsc
       - build/*.tar.xz
+      - build/*.tar.gz
       - build/*.changes
       - build/*.buildinfo
       - build/*.diff.gz
@@ -34,7 +35,7 @@ build-sid:
   tags:
     - sid
   script:
-    - tar -czf ../pcapmirror_0.2.orig.tar.gz --exclude=debian .
+    - tar -czf ../pcapmirror_0.3.orig.tar.gz --exclude=debian .
     - apt-get update && apt-get install -y libpcap-dev
     - dpkg-buildpackage -uc -us
     - mkdir -p build
@@ -45,6 +46,47 @@ build-sid:
       - build/*.deb
       - build/*.dsc
       - build/*.tar.xz
+      - build/*.tar.gz
       - build/*.changes
       - build/*.buildinfo
       - build/*.diff.gz
+
+build-rocky9:
+  stage: build
+  only:
+    - tags
+  tags:
+    - rocky9
+  script:
+    - dnf install -y libpcap-devel
+    - mkdir -p /root/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
+    - tar -czf /root/rpmbuild/SOURCES/pcapmirror-v0.3.tar.gz --exclude=debian --exclude=.git .
+    - cp -r * /root/rpmbuild/BUILD
+    - rpmbuild -ba pcapmirror.spec
+    - mkdir -p build
+    - mv /root/rpmbuild/RPMS/x86_64/pcapmirror*.* build/
+    - mv /root/rpmbuild/SRPMS/pcapmirror*.* build/
+
+  artifacts:
+    paths:
+      - build/*
+
+build-rocky8:
+  stage: build
+  only:
+    - tags
+  tags:
+    - rocky8
+  script:
+    - dnf install -y libpcap-devel
+    - mkdir -p /root/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
+    - tar -czf /root/rpmbuild/SOURCES/pcapmirror-v0.3.tar.gz --exclude=debian --exclude=.git .
+    - cp -r * /root/rpmbuild/BUILD
+    - rpmbuild -ba pcapmirror.spec
+    - mkdir -p build
+    - mv /root/rpmbuild/RPMS/x86_64/pcapmirror*.* build/
+    - mv /root/rpmbuild/SRPMS/pcapmirror*.* build/
+
+  artifacts:
+    paths:
+      - build/*

Makefile

@@ -22,7 +22,7 @@ TARGET = pcapmirror
 PREFIX = /usr
 
 # Default rule
-all: $(TARGET)
+all: $(TARGET) man
 
 # Create executable
 $(TARGET): $(OBJS)
@@ -32,6 +32,9 @@ $(TARGET): $(OBJS)
 %.o: %.c
 		$(CC) $(CFLAGS) -c $< -o $@
 
+man:
+	gzip -9 -c pcapmirror.8 > pcapmirror.8.gz
+
 # Clean up object files and executable
 clean:
 		rm -f -f $(OBJS) $(TARGET)
@@ -40,10 +43,13 @@ clean:
 install: $(TARGET)
 		mkdir -p $(DESTDIR)$(PREFIX)/bin
 		install -D $(TARGET) $(DESTDIR)$(PREFIX)/bin/$(TARGET)
+		install -D $(TARGET).8 $(DESTDIR)$(PREFIX)/share/man/man8/$(TARGET).8
+		
 
 # Uninstall the executable
 uninstall:
 		rm -f $(TARGET) $(DESTDIR)$(PREFIX)/bin/$(TARGET)
+		rm -f $(TARGET).8.gz $(DESTDIR)$(PREFIX)/share/man/man8/$(TARGET).8.gz
 
 # Run the executable (example)
 run: $(TARGET)

debian/changelog

@@ -1,3 +1,9 @@
+pcapmirror (0.3-1) unstable; urgency=medium
+
+  * added manpage
+
+ -- Matthias Cramer <cramer@freestone.net>  Fri, 21 Mar 2025 16:00:05 +0100
+
 pcapmirror (0.2-1) unstable; urgency=medium
 
   * First Debian package

debian/files

@@ -1,3 +0,0 @@
-pcapmirror-dbgsym_0.2-1_amd64.deb debug optional automatic=yes
-pcapmirror_0.2-1_amd64.buildinfo net optional
-pcapmirror_0.2-1_amd64.deb net optional

debian/install

@@ -1 +1,2 @@
 pcapmirror /usr/bin
+pcapmirror.8 /usr/share/man/man8

pcapmirror.8

@@ -0,0 +1,52 @@
+.TH PCAPMIRROR 1 "March 22, 2025" "pcapmirror 0.3" "User Commands"
+.SH NAME
+pcapmirror \- A command-line tool for capturing and mirroring network traffic
+
+.SH SYNOPSIS
+.B pcapmirror
+[\fIoptions\fR]
+
+.SH DESCRIPTION
+.B pcapmirror
+is a command-line tool for capturing network traffic and mirroring it to a remote destination using TZSP encapsulation. It leverages the \fBlibpcap\fR library for packet capture and provides options for filtering traffic based on BPF syntax. This tool is useful for network monitoring, intrusion detection, and remote packet analysis.
+
+.SH OPTIONS
+.TP
+.B \-i \fIinterface\fR
+Specify the capture interface (e.g., eth0).
+.TP
+.B \-f \fIfilter\fR
+Specify the capture filter in BPF syntax (e.g., tcp port 80).
+.TP
+.B \-r \fIip_address\fR
+Specify the destination IP address (required).
+.TP
+.B \-p \fIport\fR
+Specify the destination port (default: 37008).
+.TP
+.B \-v
+Enable verbose mode (prints packet information).
+.TP
+.B \-h
+Show this help message.
+
+.SH EXAMPLES
+To capture traffic on the eth0 interface, filter for TCP port 80, and send it to the destination, use the following command:
+
+.EX
+sudo pcapmirror -i eth0 -f "tcp port 80" -r 192.168.1.100 -p 47008 -v
+.EE
+
+.SH USAGE WITH WIRESHARK
+With this tool, you can mirror traffic directly to a running Wireshark.
+
+To avoid capturing traffic from your own monitoring machine, configure Wireshark with a capture filter of udp port 37008 or udp dst port 37008. Also, verify that your firewall permits this UDP traffic.
+
+.SH SEE ALSO
+.BR bpf (2), tcpdump (1), wireshark (1), pcap (3)
+
+.SH AUTHOR
+Matthias Cramer <cramer@freestone.net>
+
+.SH COPYRIGHT
+Copyright (c) 2025, Matthias Cramer. All rights reserved.

pcapmirror.spec

@@ -0,0 +1,32 @@
+Name:     pcapmirror
+Version:  0.3
+Release:  %(perl -e 'print time()')%{?dist}
+Summary:  A simple packet capture mirror
+License:  BSD 3-Clause License
+URL:      https://git.freestone.net/cramer/pcapmirror
+Source:   https://git.freestone.net/cramer/pcapmirror/-/archive/v%version/pcapmirror-v%version.tar.gz
+BuildRequires:   gcc
+BuildRequires:   make
+BuildRequires:   libpcap-devel
+
+%description
+pcapmirror is a command-line tool for capturing and mirroring network traffic using TZSP encapsulation. It leverages the `libpcap` library for packet capture and supports BPF syntax for filtering traffic.
+
+%build
+%make_build
+
+%install
+%make_install
+
+%files
+%{_bindir}/pcapmirror
+%{_mandir}/man8/pcapmirror.8.gz
+%license LICENSE
+%doc README.md
+
+
+%changelog
+* Sat Mar 22 2025 Matthias Cramer <cramer@freesone.net> 0.3-1
+- added manpage
+* Sat Mar 22 2025 Matthias Cramer <cramer@freesone.net> 0.2-1
+- Initial release of pcapmirror