diff options
| author | Martin Wilke <miwi@FreeBSD.org> | 2007-04-20 21:29:20 +0000 |
|---|---|---|
| committer | Martin Wilke <miwi@FreeBSD.org> | 2007-04-20 21:29:20 +0000 |
| commit | 2ab3c923e5867166314d637264b0081cb3cddbd0 (patch) | |
| tree | e25138f135833c8e47743cfea22081421058756c /security/ossec-hids-server | |
| parent | 74786e1406b24b6f8953272d4129d12b4b75835d (diff) | |
| download | ports-2ab3c923e5867166314d637264b0081cb3cddbd0.tar.gz ports-2ab3c923e5867166314d637264b0081cb3cddbd0.zip | |
OSSEC is an Open Source Host-based Intrusion Detection System.
It performs log analysis, integrity checking, Windows registry
monitoring, rootkit detection, time-based alerting and active
response.
WWW: http://www.ossec.net/
PR: ports/111944
Submitted by: Valerio Daelli <valerio.daelli at gmail.com>
Notes
Notes:
svn path=/head/; revision=190496
Diffstat (limited to 'security/ossec-hids-server')
| -rw-r--r-- | security/ossec-hids-server/Makefile | 60 | ||||
| -rw-r--r-- | security/ossec-hids-server/distinfo | 3 | ||||
| -rw-r--r-- | security/ossec-hids-server/files/ossec-hids.in | 42 | ||||
| -rw-r--r-- | security/ossec-hids-server/files/patch-InstallServer.sh | 20 | ||||
| -rw-r--r-- | security/ossec-hids-server/files/patch-LOCATION | 7 | ||||
| -rw-r--r-- | security/ossec-hids-server/files/patch-defs.h | 12 | ||||
| -rw-r--r-- | security/ossec-hids-server/pkg-descr | 6 | ||||
| -rw-r--r-- | security/ossec-hids-server/pkg-plist | 85 | ||||
| -rw-r--r-- | security/ossec-hids-server/pkg-plist.client | 35 |
9 files changed, 270 insertions, 0 deletions
diff --git a/security/ossec-hids-server/Makefile b/security/ossec-hids-server/Makefile new file mode 100644 index 000000000000..69870966f0a8 --- /dev/null +++ b/security/ossec-hids-server/Makefile @@ -0,0 +1,60 @@ +# New ports collection makefile for: ossec-hids-server +# Date created: 23 July 2006 +# Whom: Valerio Daelli <valerio.daelli@gmail.com> +# +# $FreeBSD$ +# + +PORTNAME= ossec-hids +PORTVERSION= 1.1 +CATEGORIES= security +MASTER_SITES= http://www.ossec.net/files/ +PKGNAMESUFFIX?= -server + +MAINTAINER= valerio.daelli@gmail.com +COMMENT= A security tool to monitor and check logs and intrusions + +USE_RC_SUBR= ossec-hids + +.include <bsd.port.pre.mk> + +.if defined(CLIENT_ONLY) +PKGNAMESUFFIX= -client +CONFLICTS= ossec-hids-server-[0-9]* ossec-hids-local-[0-9]* +.elif defined(LOCAL_ONLY) +PKGNAMESUFFIX= -local +CONFLICTS= ossec-hids-client-[0-9]* ossec-hids-server-[0-9]* +.else +CONFLICTS= ossec-hids-client-[0-9]* ossec-hids-local-[0-9]* +.endif + +post-patch: + @${REINPLACE_CMD} 's|PREFIX|${PREFIX}/${PORTNAME}|' ${WRKSRC}/src/LOCATION + @${REINPLACE_CMD} 's|PREFIX|${PREFIX}/${PORTNAME}|' ${WRKSRC}/src/headers/defs.h + +do-configure: + +do-build: + @cd ${WRKSRC}/src;${MAKE} all;${MAKE} build + +.if defined(CLIENT_ONLY) +do-install: + @cd ${WRKSRC}/src; ${MAKE} agent +.elif defined(LOCAL_ONLY) +do-install: + @cd ${WRKSRC}/src; ${MAKE} local +.else +do-install: + @cd ${WRKSRC}/src; ${MAKE} server +.endif + +post-install: + @if [ ! -f ${PREFIX}/${PORTNAME}/etc/ossec.conf ]; then \ + ${CP} ${PREFIX}/${PORTNAME}/etc/ossec.conf.sample ${PREFIX}/${PORTNAME}/etc/ossec.conf ; \ + fi + +.if defined(CLIENT_ONLY) +PLIST=${PKGDIR}/pkg-plist.client +.endif + +.include <bsd.port.post.mk> diff --git a/security/ossec-hids-server/distinfo b/security/ossec-hids-server/distinfo new file mode 100644 index 000000000000..c2d7e4a4b54a --- /dev/null +++ b/security/ossec-hids-server/distinfo @@ -0,0 +1,3 @@ +MD5 (ossec-hids-1.1.tar.gz) = d1c046f7cf4fd75c0f79985dc7f65411 +SHA256 (ossec-hids-1.1.tar.gz) = 030475d58689a6172ef44e6637fb32a1aa70d385e9b73becd2e31a1072d09d17 +SIZE (ossec-hids-1.1.tar.gz) = 502949 diff --git a/security/ossec-hids-server/files/ossec-hids.in b/security/ossec-hids-server/files/ossec-hids.in new file mode 100644 index 000000000000..d441686c5e05 --- /dev/null +++ b/security/ossec-hids-server/files/ossec-hids.in @@ -0,0 +1,42 @@ +#!/bin/sh +# +# PROVIDE: ossechids +# REQUIRE: DAEMON +# BEFORE: LOGIN + +. %%RC_SUBR%% + +name="ossechids" +rcvar=`set_rcvar` + +load_rc_config $name + +: ${ossechids_enable="NO"} +: ${ossechids_user="ossec"} +: ${ossechids_group="ossec"} + +start_cmd=${name}_start +stop_cmd=${name}_stop +restart_cmd=${name}_restart +status_cmd=${name}_status + +command="%%PREFIX%%/bin/ossec-control" +required_files="%%PREFIX%%/etc/ossec.conf" + +ossechids_start() { + $command start +} + +ossechids_stop() { + $command stop +} + +ossechids_restart() { + $command restart +} + +ossechids_status() { + $command status +} + +run_rc_command "$1" diff --git a/security/ossec-hids-server/files/patch-InstallServer.sh b/security/ossec-hids-server/files/patch-InstallServer.sh new file mode 100644 index 000000000000..f1f96cda5eb5 --- /dev/null +++ b/security/ossec-hids-server/files/patch-InstallServer.sh @@ -0,0 +1,20 @@ +diff -ruN src/InstallServer.sh.orig src/InstallServer.sh +--- src/InstallServer.sh.orig Sun Jan 7 23:38:16 2007 ++++ src/InstallServer.sh Thu Apr 5 15:58:08 2007 +@@ -255,12 +255,12 @@ + + ls ../etc/ossec.mc > /dev/null 2>&1 + if [ $? = 0 ]; then +- cp -pr ../etc/ossec.mc ${DIR}/etc/ossec.conf ++ cp -pr ../etc/ossec.mc ${DIR}/etc/ossec.conf.sample + else +- cp -pr ../etc/ossec-server.conf ${DIR}/etc/ossec.conf ++ cp -pr ../etc/ossec-server.conf ${DIR}/etc/ossec.conf.sample + fi +-chown root:${GROUP} ${DIR}/etc/ossec.conf +-chmod 440 ${DIR}/etc/ossec.conf ++chown root:${GROUP} ${DIR}/etc/ossec.conf.sample ++chmod 440 ${DIR}/etc/ossec.conf.sample + + + diff --git a/security/ossec-hids-server/files/patch-LOCATION b/security/ossec-hids-server/files/patch-LOCATION new file mode 100644 index 000000000000..f2ebade2745d --- /dev/null +++ b/security/ossec-hids-server/files/patch-LOCATION @@ -0,0 +1,7 @@ +diff -ruN src/LOCATION.orig src/LOCATION +--- src/LOCATION.orig Tue Oct 25 18:18:50 2005 ++++ src/LOCATION Mon Apr 2 10:51:37 2007 +@@ -1,2 +1,2 @@ +-DIR="/var/ossec" ++DIR="PREFIX" + CC=gcc diff --git a/security/ossec-hids-server/files/patch-defs.h b/security/ossec-hids-server/files/patch-defs.h new file mode 100644 index 000000000000..931423df7da0 --- /dev/null +++ b/security/ossec-hids-server/files/patch-defs.h @@ -0,0 +1,12 @@ +diff -ruN src/headers/defs.h.orig src/headers/defs.h +--- src/headers/defs.h.orig Thu Feb 22 01:44:26 2007 ++++ src/headers/defs.h Mon Apr 2 10:54:45 2007 +@@ -86,7 +86,7 @@ + #endif + + #ifndef DEFAULTDIR +- #define DEFAULTDIR "/var/ossec" ++ #define DEFAULTDIR "PREFIX" + #endif + + diff --git a/security/ossec-hids-server/pkg-descr b/security/ossec-hids-server/pkg-descr new file mode 100644 index 000000000000..40f7eef3ae8b --- /dev/null +++ b/security/ossec-hids-server/pkg-descr @@ -0,0 +1,6 @@ +OSSEC is an Open Source Host-based Intrusion Detection System. +It performs log analysis, integrity checking, Windows registry +monitoring, rootkit detection, time-based alerting and active +response. + +WWW: http://www.ossec.net/ diff --git a/security/ossec-hids-server/pkg-plist b/security/ossec-hids-server/pkg-plist new file mode 100644 index 000000000000..3bf8d5e614c1 --- /dev/null +++ b/security/ossec-hids-server/pkg-plist @@ -0,0 +1,85 @@ +ossec-hids/active-response/bin/disable-account.sh +ossec-hids/active-response/bin/firewall-drop.sh +ossec-hids/active-response/bin/host-deny.sh +ossec-hids/active-response/bin/route-null.sh +ossec-hids/bin/clear_stats +ossec-hids/bin/list_agents +ossec-hids/bin/manage_agents +ossec-hids/bin/ossec-agentd +ossec-hids/bin/ossec-analysisd +ossec-hids/bin/ossec-control +ossec-hids/bin/ossec-execd +ossec-hids/bin/ossec-logcollector +ossec-hids/bin/ossec-maild +ossec-hids/bin/ossec-monitord +ossec-hids/bin/ossec-remoted +ossec-hids/bin/ossec-syscheckd +ossec-hids/bin/syscheck_update +ossec-hids/etc/decoder.xml +ossec-hids/etc/internal_options.conf +ossec-hids/etc/localtime +@unexec if cmp -s %D/ossec-hids/etc/ossec.conf.sample %D/ossec-hids/etc/ossec.conf; then rm -f %D/ossec-hids/etc/ossec.conf; fi +ossec-hids/etc/ossec.conf.sample +@exec if [ ! -f %D/ossec-hids/etc/ossec.conf ] ; then cp -p %D/ossec-hids/etc/ossec.conf.sample %D/ossec-hids/etc/orbit.conf; fi +ossec-hids/etc/shared/rootkit_files.txt +ossec-hids/etc/shared/rootkit_trojans.txt +ossec-hids/logs/ossec.log +ossec-hids/rules/apache_rules.xml +ossec-hids/rules/arpwatch_rules.xml +ossec-hids/rules/attack_rules.xml +ossec-hids/rules/firewall_rules.xml +ossec-hids/rules/ftpd_rules.xml +ossec-hids/rules/hordeimp_rules.xml +ossec-hids/rules/ids_rules.xml +ossec-hids/rules/imapd_rules.xml +ossec-hids/rules/local_rules.xml +ossec-hids/rules/mailscanner_rules.xml +ossec-hids/rules/ms-exchange_rules.xml +ossec-hids/rules/ms_ftpd_rules.xml +ossec-hids/rules/msauth_rules.xml +ossec-hids/rules/named_rules.xml +ossec-hids/rules/netscreenfw_rules.xml +ossec-hids/rules/ossec_rules.xml +ossec-hids/rules/pam_rules.xml +ossec-hids/rules/pix_rules.xml +ossec-hids/rules/policy_rules.xml +ossec-hids/rules/postfix_rules.xml +ossec-hids/rules/proftpd_rules.xml +ossec-hids/rules/pure-ftpd_rules.xml +ossec-hids/rules/racoon_rules.xml +ossec-hids/rules/rules_config.xml +ossec-hids/rules/sendmail_rules.xml +ossec-hids/rules/smbd_rules.xml +ossec-hids/rules/spamd_rules.xml +ossec-hids/rules/squid_rules.xml +ossec-hids/rules/sshd_rules.xml +ossec-hids/rules/symantec-av_rules.xml +ossec-hids/rules/syslog_rules.xml +ossec-hids/rules/telnetd_rules.xml +ossec-hids/rules/vpn_concentrator_rules.xml +ossec-hids/rules/vpopmail_rules.xml +ossec-hids/rules/vsftpd_rules.xml +ossec-hids/rules/web_rules.xml +@dirrm ossec-hids/var/run +@dirrm ossec-hids/var +@dirrm ossec-hids/tmp +@dirrm ossec-hids/stats +@dirrm ossec-hids/rules +@dirrm ossec-hids/queue/syscheck +@dirrm ossec-hids/queue/rootcheck +@dirrm ossec-hids/queue/rids +@dirrm ossec-hids/queue/ossec +@dirrm ossec-hids/queue/fts +@dirrm ossec-hids/queue/alerts +@dirrm ossec-hids/queue/agent-info +@dirrm ossec-hids/queue +@dirrm ossec-hids/logs/firewall +@dirrm ossec-hids/logs/archives +@dirrm ossec-hids/logs/alerts +@dirrm ossec-hids/logs +@dirrm ossec-hids/etc/shared +@dirrm ossec-hids/etc +@dirrm ossec-hids/bin +@dirrm ossec-hids/active-response/bin +@dirrm ossec-hids/active-response +@dirrm ossec-hids diff --git a/security/ossec-hids-server/pkg-plist.client b/security/ossec-hids-server/pkg-plist.client new file mode 100644 index 000000000000..9f2630c45c48 --- /dev/null +++ b/security/ossec-hids-server/pkg-plist.client @@ -0,0 +1,35 @@ +ossec-hids/active-response/bin/disable-account.sh +ossec-hids/active-response/bin/firewall-drop.sh +ossec-hids/active-response/bin/firewalls/ipfw.sh +ossec-hids/active-response/bin/firewalls/ipfw_mac.sh +ossec-hids/active-response/bin/firewalls/pf.sh +ossec-hids/active-response/bin/host-deny.sh +ossec-hids/active-response/bin/route-null.sh +ossec-hids/bin/manage_agents +ossec-hids/bin/ossec-agentd +ossec-hids/bin/ossec-control +ossec-hids/bin/ossec-execd +ossec-hids/bin/ossec-logcollector +ossec-hids/bin/ossec-syscheckd +ossec-hids/etc/internal_options.conf +ossec-hids/etc/localtime +ossec-hids/etc/shared/rootkit_trojans.txt +ossec-hids/etc/shared/rootkit_files.txt +ossec-hids/etc/ossec.conf +ossec-hids/active-response/bin/firewalls +ossec-hids/logs/ossec.log +@dirrm ossec-hids/active-response/bin/firewalls +@dirrm ossec-hids/active-response/bin +@dirrm ossec-hids/active-response +@dirrm ossec-hids/etc/shared +@dirrm ossec-hids/etc/ +@dirrm ossec-hids/var/run +@dirrm ossec-hids/var +@dirrm ossec-hids/queue/syscheck +@dirrm ossec-hids/queue/rids +@dirrm ossec-hids/queue/ossec +@dirrm ossec-hids/queue/alerts +@dirrm ossec-hids/queue +@dirrm ossec-hids/logs +@dirrm ossec-hids/bin +@dirrm ossec-hids
\ No newline at end of file |