ports/80484: New port: security/synscan flexible, scriptable TCP/IP test tool for network testing and active OS fingerprinting

[Jean-Pierre FORCIOLI]

>Number:         80484
>Category:       ports
>Synopsis:       New port: security/synscan flexible, scriptable TCP/IP test tool for network testing and active OS fingerprinting
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sat Apr 30 18:30:03 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator:     Jean-Pierre FORCIOLI
>Release:        FreeBSD 5.3-RELEASE-p8 i386
>Organization:
-
>Environment:
System: FreeBSD vulgus.cyber-networks.fr 5.3-RELEASE-p8 FreeBSD 5.3-RELEASE-p8 #7: Sat Apr 9 08:13:25 CEST 2005 root at vulgus.cyber-networks.fr:/usr/obj/usr/src/sys/VULGUS i386

>Description:

   -
     	
>How-To-Repeat:

   -

>Fix:

# This is a shell archive.  Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file".  Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
#	synscan
#	synscan/pkg-descr
#	synscan/Makefile
#	synscan/pkg-install
#	synscan/pkg-message
#	synscan/distinfo
#	synscan/pkg-plist
#	synscan/pkg-deinstall
#
echo c - synscan
mkdir -p synscan > /dev/null 2>&1
echo x - synscan/pkg-descr
sed 's/^X//' >synscan/pkg-descr << 'END-of-synscan/pkg-descr'
Xsynscan is a flexible, scriptable TCP/IP test tool for network testing
Xand active OS fingerprinting.
X
XMore verbosely, synscan is a userland TCP/IP stack that can be used to
Xtest many aspects and edge-conditions of a remote TCP implementation
Xand identify the operating system. By modifying certain directives in
Xthe scripts, one can extract different behavior from the remote
Ximplementation and use this to identify it. 
X
XPlease read the paper (linked below) for complete information.
X
XWWW: http://synscan.sourceforge.net/
XPAPER: http://synscan.sourceforge.net/taleck-synscan-2004.pdf
X
X- bob2
Xbob2 at april.org
END-of-synscan/pkg-descr
echo x - synscan/Makefile
sed 's/^X//' >synscan/Makefile << 'END-of-synscan/Makefile'
X# New ports collection makefile for:   synscan
X# Date created:        12 March 2005
X# Whom:                bob2
X#
X# $FreeBSD$
X#
X
XPORTNAME=	synscan
XPORTVERSION=	0.1
XCATEGORIES=	security
XMASTER_SITES=	${MASTER_SITE_SOURCEFORGE_EXTENDED}
XMASTER_SITE_SUBDIR=	synscan
X
XMAINTAINER=	bob2 at april.org
XCOMMENT=	Synscan is a flexible, scriptable TCP/IP test tool for network \
X		testing and active OS fingerprinting.
X
XMAN8=		synscan.8
XMAN5=		synscan.conf.5 synscan.services.5
XMANCOMPRESSED=	no
X
XGNU_CONFIGURE=	yes
XCONFIGURE_TARGET=--build=${MACHINE_ARCH}-portbld-freebsd${OSREL}
X
XCONFIGURE_ARGS=	--with-libdnet=${LOCALBASE}/bin
X
XLIB_DEPENDS=	dnet.1:${PORTSDIR}/net/libdnet
XBUILD_DEPENDS=	${LOCALBASE}/lib/libevent.a:${PORTSDIR}/devel/libevent
X
Xpost-install:
X	@${ECHO} "===>   Stripping ${PREFIX}/bin/synscan"
X	${STRIP_CMD} ${PREFIX}/bin/synscan
X	@${ECHO} ""
X	@${ECHO} "To use this port, make sure that you have loaded the PF kernel
X	@${ECHO} "module, by doing"
X	@${ECHO} ""
X	@${ECHO} "  # kldload pf"
X	@${ECHO} ""
X	@${ECHO} "or adding"
X	@${ECHO} ""
X	@${ECHO} "  pf_load=\"YES\""
X	@${ECHO} ""
X	@${ECHO} "to your /boot/loader.conf (normally done automatically whom installing"
X	@${ECHO} "the port)."
X	@${ECHO} ""
X	@${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
X
Xpost-deinstall:
X	@${SH} ${PKGDEINSTALL} ${PKGNAME} POST-DEINSTALL
X
X.include <bsd.port.pre.mk>
X
X.if ${OSVERSION} < 503000
XIGNORE=		You have to use FreeBSD 5.3 or more. This port uses PF (Packet Filter) which was introduced with FreeBSD 5.3-RELEASE.
X.endif
X
X.include <bsd.port.post.mk>
END-of-synscan/Makefile
echo x - synscan/pkg-install
sed 's/^X//' >synscan/pkg-install << 'END-of-synscan/pkg-install'
X#! /bin/sh
X# $FreeBSD$
X
XBOOT_LOADER_CONF=/boot/loader.conf
XPF_LOAD="pf_load"
X
XCP=/bin/cp
XDATE=/bin/date
XDIALOG=/usr/bin/dialog
XECHO=/bin/echo
XGREP=/usr/bin/grep
X
XTODAY=`${DATE} +%Y%m%d-%H%M%S`
X
Xif [ x"${2}" = xPOST-INSTALL ]; then
X
X    # Backup the original BOOT_LOADER_CONF file.
X    if [ -e ${BOOT_LOADER_CONF} ]; then
X	${CP} ${BOOT_LOADER_CONF} ${BOOT_LOADER_CONF}.before_synscan.${TODAY}
X    fi
X
X    # Check if PF is already used in the BOOT_LOADER_CONF file.
X    ${ECHO} "===> Checking if PF is used in your ${BOOT_LOADER_CONF}"
X    RESULT=`${GREP} ${PF_LOAD} ${BOOT_LOADER_CONF}`
X    
X    if [ x"${RESULT}" = x ]; then
X	${ECHO} "===> PF isn't used in your ${BOOT_LOADER_CONF}"
X
X	${DIALOG} --yesno "Would you like to enable PF in the ${BOOT_LOADER_CONF} file?" 7 50
X	
X	if [ $? -eq 0 ]; then
X	    ${ECHO} >> ${BOOT_LOADER_CONF}
X	    ${ECHO} "# ${TODAY} - Updated by pkg_add for synscan." >> ${BOOT_LOADER_CONF}
X	    ${ECHO} "pf_load=\"YES\"" >> ${BOOT_LOADER_CONF}
X	else
X	    ${ECHO} 
X	    ${ECHO} "*******************************************************************************"
X	    ${ECHO} "===> OK. So please make sure loading PF kernel module before launching synscan."
X	    ${ECHO} "*******************************************************************************"
X	    ${ECHO} 
X	fi
X    else
X	${ECHO}
X	${ECHO} "===>  PF is already used in your ${BOOT_LOADER_CONF} file."
X	${ECHO} "      It's current value usage is:"
X	${ECHO} "      ${RESULT}"
X	${ECHO}
X	
X    fi
Xfi
END-of-synscan/pkg-install
echo x - synscan/pkg-message
sed 's/^X//' >synscan/pkg-message << 'END-of-synscan/pkg-message'
X
XTo use this port, make sure that you have loaded the PF kernel 
Xmodule, by doing
X
X	# kldload pf
X
Xor adding
X
X	pf_load="YES"
X
Xto your /boot/loader.conf (normally done automatically when installing
Xthe port or the package).
END-of-synscan/pkg-message
echo x - synscan/distinfo
sed 's/^X//' >synscan/distinfo << 'END-of-synscan/distinfo'
XMD5 (synscan-0.1.tar.gz) = 144cfc268673c3e1f64820240ee89078
XSIZE (synscan-0.1.tar.gz) = 100138
END-of-synscan/distinfo
echo x - synscan/pkg-plist
sed 's/^X//' >synscan/pkg-plist << 'END-of-synscan/pkg-plist'
Xbin/synscan
Xshare/synscan-0.1/synscan.conf
Xshare/synscan-0.1/synscan.fingerprints
Xshare/synscan-0.1/synscan.services
X at dirrm share/synscan-0.1
END-of-synscan/pkg-plist
echo x - synscan/pkg-deinstall
sed 's/^X//' >synscan/pkg-deinstall << 'END-of-synscan/pkg-deinstall'
X#! /bin/sh
X# $FreeBSD$
X
XBOOT_LOADER_CONF=/boot/loader.conf
XPF_LOAD="pf_load"
X
XECHO=/bin/echo
XGREP=/usr/bin/grep
X
Xif [ x"${2}" = xPOST-DEINSTALL ]; then
X    
X    RESULT=`${GREP} ${PF_LOAD} ${BOOT_LOADER_CONF}`
X
X    if [ ! x"${RESULT}" = x ]; then
X	${ECHO} "===> PF was required by synscan."
X	${ECHO} "     PF is used in your ${BOOT_LOADER_CONF} file."
X	${ECHO} "     Maybe it was added by synscan install program."
X	${ECHO} "     It's current value is:"
X	${ECHO} "     ${RESULT}"
X	${ECHO} "     This reminder will give you an opportunity to disable/comment/delete"
X	${ECHO} "     the line from your ${BOOT_LOADER_CONF} file".
X    fi
Xfi
END-of-synscan/pkg-deinstall
exit

>Release-Note:
>Audit-Trail:
>Unformatted: