diff options
| author | Jean Milanez Melo <jmelo@FreeBSD.org> | 2008-09-03 23:02:16 +0000 |
|---|---|---|
| committer | Jean Milanez Melo <jmelo@FreeBSD.org> | 2008-09-03 23:02:16 +0000 |
| commit | 207434802b7a737d7f66780757ab87c8e6414bc5 (patch) | |
| tree | 76381db115de5294ac1246759057184d22ed1ea8 /security/snortsam | |
| parent | 7adf47f0c94f4e9d1befc4e29a56b0bc279ebdab (diff) | |
| download | ports-207434802b7a737d7f66780757ab87c8e6414bc5.tar.gz ports-207434802b7a737d7f66780757ab87c8e6414bc5.zip | |
New port: security/snortsam
SnortSam is a plugin for Snort, an open-source light-weight
Intrusion Detection System (IDS). The plugin allows for
automated blocking of IP addresses on many firewalls.
WWW: http://www.snortsam.net
PR: ports/126896
Submitted by: Danton Dorati <danton@freebsdbrasil.com.br>
Notes
Notes:
svn path=/head/; revision=219799
Diffstat (limited to 'security/snortsam')
| -rw-r--r-- | security/snortsam/Makefile | 67 | ||||
| -rw-r--r-- | security/snortsam/distinfo | 6 | ||||
| -rw-r--r-- | security/snortsam/files/patch-makesnortsam.sh | 13 | ||||
| -rw-r--r-- | security/snortsam/files/patch-snortsam.h | 16 | ||||
| -rw-r--r-- | security/snortsam/files/pkg-message-snortsam | 10 | ||||
| -rw-r--r-- | security/snortsam/files/snortsam.sh.in | 33 | ||||
| -rw-r--r-- | security/snortsam/pkg-descr | 5 |
7 files changed, 150 insertions, 0 deletions
diff --git a/security/snortsam/Makefile b/security/snortsam/Makefile new file mode 100644 index 000000000000..ff83c519bf5a --- /dev/null +++ b/security/snortsam/Makefile @@ -0,0 +1,67 @@ +# New ports collection makefile for: SnortSam +# Date created: 27 August 2008 +# Whom: Danton Dorati <urisso@bsd.com.br> +# +# $FreeBSD$ +# + +PORTNAME= snortsam +PORTVERSION= 2.60 +CATEGORIES= security +MASTER_SITES= http://www.snortsam.net/files/snortsam/ \ + http://www.freebsdbrasil.com.br/~urisso/files/snortsam/ +DISTNAME= ${PORTNAME}-src-${PORTVERSION} + +MAINTAINER= urisso@bsd.com.br +COMMENT= SnortSam is a output plugin for Snort + +WRKSRC= ${WRKDIR}/${PKGNAMEPREFIX}${PORTNAME} + +HAS_CONFIGURE= yes +NO_BUILD= yes + +SYSCONFDIR= ${PREFIX}/etc/snortsam + +CONFIGURE_SCRIPT= makesnortsam.sh + +USE_RC_SUBR= snortsam.sh + +PLIST_DIRS= etc/snortsam +PLIST_FILES= etc/snortsam/rootservers.cfg etc/snortsam/snortsam.conf.sample sbin/snortsam sbin/snortsam-debug +PORTDOCS= INSTALL README README.conf README.snmp_interface_down + +OPTIONS= IPFW "Enable IPFW table checking if it set deny rules" on + +.include <bsd.port.pre.mk> + +.if defined(WITHOUT_IPFW) +PATCH_SITES+=http://www.freebsdbrasil.com.br/~urisso/files/snortsam/:ipfw +PATCHFILES+=ssp_ipfw2.c.diff:ipfw +.endif + +post-extract: + @${CAT} ${PATCHDIR}/pkg-message-snortsam + @sleep 5 + +pre-configure: + ${REINPLACE_CMD} -e 's|/etc/snortsam.conf|/usr/local/etc/snortsam.conf|g' ${WRKSRC}/conf/snortsam.conf.sample + ${REINPLACE_CMD} -e 's|/etc/snortsam.conf|/usr/local/etc/snortsam.conf|g' ${WRKSRC}/docs/README.conf + ${REINPLACE_CMD} -e 's|/etc/snortsam.conf|/usr/local/etc/snortsam.conf|g' ${WRKSRC}/src/snortsam.c + ${REINPLACE_CMD} -e 's|/etc/snortsam.conf|/usr/local/etc/snortsam.conf|g' ${WRKSRC}/contrib/snortsam-state.c + ${CHMOD} +x ${WRKSRC}/makesnortsam.sh + +do-install: + ${INSTALL_PROGRAM} ${WRKSRC}/snortsam ${PREFIX}/sbin + ${INSTALL_PROGRAM} ${WRKSRC}/snortsam-debug ${PREFIX}/sbin + ${MKDIR} ${SYSCONFDIR} + ${INSTALL_DATA} ${WRKSRC}/conf/snortsam.conf.sample ${SYSCONFDIR}/snortsam.conf.sample + ${INSTALL_DATA} ${WRKSRC}/conf/*rootservers.cfg ${SYSCONFDIR}/ + +.if !defined(NOPORTDOCS) +.for f in ${PORTDOCS} + ${MKDIR} ${DOCSDIR} + ${INSTALL_DATA} ${WRKSRC}/docs/${f} ${DOCSDIR} +.endfor +.endif + +.include <bsd.port.post.mk> diff --git a/security/snortsam/distinfo b/security/snortsam/distinfo new file mode 100644 index 000000000000..7ce884cae0f2 --- /dev/null +++ b/security/snortsam/distinfo @@ -0,0 +1,6 @@ +MD5 (snortsam-src-2.60.tar.gz) = 5fdc69b18938237ac943beeb7f6c105a +SHA256 (snortsam-src-2.60.tar.gz) = 65c44a91487f533f66291b1dd41f06237d21ba7c9e43a27d8784e2915c2771f4 +SIZE (snortsam-src-2.60.tar.gz) = 1982833 +MD5 (ssp_ipfw2.c.diff) = bcc60c6d27805db5d96c284189cefee8 +SHA256 (ssp_ipfw2.c.diff) = 29355590da907bb4c9f3e259c460c1c29d7a0e6cb201290ffc904c246c8ef3e4 +SIZE (ssp_ipfw2.c.diff) = 1193 diff --git a/security/snortsam/files/patch-makesnortsam.sh b/security/snortsam/files/patch-makesnortsam.sh new file mode 100644 index 000000000000..4143c536ead9 --- /dev/null +++ b/security/snortsam/files/patch-makesnortsam.sh @@ -0,0 +1,13 @@ +--- makesnortsam.sh.old 2008-08-03 00:04:24.000000000 -0300 ++++ makesnortsam.sh 2008-08-03 00:04:57.000000000 -0300 +@@ -11,8 +11,8 @@ + # Under Solaris, the OPSEC stuff is linked dynamically. + # On other platforms, statically. + +-BSDTHREADLIB='-lc_r' +-#BSDTHREADLIB='-lpthread' ++#BSDTHREADLIB='-lc_r' ++BSDTHREADLIB='-lpthread' + + systype=`uname` + diff --git a/security/snortsam/files/patch-snortsam.h b/security/snortsam/files/patch-snortsam.h new file mode 100644 index 000000000000..ab32bb001eaf --- /dev/null +++ b/security/snortsam/files/patch-snortsam.h @@ -0,0 +1,16 @@ +--- src/snortsam.h.old 2008-08-03 00:08:34.000000000 -0300 ++++ src/snortsam.h 2008-08-03 00:10:58.000000000 -0300 +@@ -178,10 +178,10 @@ + #define safecopy(dst,src) _safecp(dst,sizeof(dst),src) + + #ifdef WIN32 +-#define FWSAMCONFIGFILE "snortsam.cfg" +-#define FWSAMHISTORYFILE "snortsam.sta" ++#define FWSAMCONFIGFILE "/usr/local/etc/snortsam.cfg" ++#define FWSAMHISTORYFILE "/var/db/snortsam.sta" + #else +-#define FWSAMCONFIGFILE "/etc/snortsam.conf" ++#define FWSAMCONFIGFILE "/usr/local/etc/snortsam.conf" + #define FWSAMHISTORYFILE "/var/db/snortsam.state" + #endif + diff --git a/security/snortsam/files/pkg-message-snortsam b/security/snortsam/files/pkg-message-snortsam new file mode 100644 index 000000000000..504ed78649d7 --- /dev/null +++ b/security/snortsam/files/pkg-message-snortsam @@ -0,0 +1,10 @@ + +============================================================ +NOTE: Make sure that your SNORT installation it is defined + output plugin SNORTSAM for don't cause errors while + building SNORTSAM system. If exists some OLD SNORT + installation WITHOUT supports for interaction between + SNORT and SNORTSAM. PLEASE reconfigure WITH that this + feature and rebuild a new installation. +============================================================= + diff --git a/security/snortsam/files/snortsam.sh.in b/security/snortsam/files/snortsam.sh.in new file mode 100644 index 000000000000..3f15c079042f --- /dev/null +++ b/security/snortsam/files/snortsam.sh.in @@ -0,0 +1,33 @@ +#!/bin/sh +# $FreeBSD: + +# PROVIDE: snortsam +# REQUIRE: DAEMON +# BEFORE: LOGIN +# KEYWORD: shutdown + +# Add the following lines to /etc/rc.conf to enable snortsam: +# snortsam_enable (bool): Set to YES to enable snortsam +# Default: NO +# snortsam_flags (str): Extra flags passed to snortsam +# Default: "" +# snortsam_conf (str): Snortsam configuration file +# Default: ${PREFIX}/etc/snortsam/snortsam.conf +# + +. %%RC_SUBR%% + +name="snortsam" +rcvar=`set_rcvar` + +command="%%PREFIX%%/sbin/snortsam" + +load_rc_config $name + +[ -z "$snortsam_enable" ] && snortsam_enable="NO" +[ -z "$snortsam_conf" ] && snortsam_conf="%%PREFIX%%/etc/snortsam/snortsam.conf" +[ -z "$snortsam_flags" ] && snortsam_flags="" + +[ -n "$snortsam_conf" ] && snortsam_flags="$snortsam_flags $snortsam_conf" + +run_rc_command "$1" diff --git a/security/snortsam/pkg-descr b/security/snortsam/pkg-descr new file mode 100644 index 000000000000..978766d40228 --- /dev/null +++ b/security/snortsam/pkg-descr @@ -0,0 +1,5 @@ +SnortSam is a plugin for Snort, an open-source light-weight +Intrusion Detection System (IDS). The plugin allows for +automated blocking of IP addresses on many firewalls. + +WWW: http://www.snortsam.net |