ports/105618: Update port: security/snortreport

freebsd at netfence.it freebsd at netfence.it
Thu Nov 16 23:20:07 UTC 2006


>Number:         105618
>Category:       ports
>Synopsis:       Update port: security/snortreport
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Thu Nov 16 23:20:01 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator:     Andrea Venturoli <freebsd at netfence.it>
>Release:        FreeBSD 5.4-RELEASE-p22 i386
>Organization:
NetFence
>Environment:
System: FreeBSD soth.ventu 5.4-RELEASE-p22 FreeBSD 5.4-RELEASE-p22 #4: Sun Oct 1 14:54:58 CEST 2006 root at soth.ventu:/usr/obj/usr/src/sys/SOTH i386


	
>Description:
        Snort Report is an add-on module for the Snort Intrusion Detection System.
>How-To-Repeat:
	
>Fix:

	

--- te begins here ---
# This is a shell archive.  Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file".  Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
#	snortreport
#	snortreport/Makefile
#	snortreport/distinfo
#	snortreport/pkg-descr
#	snortreport/pkg-message
#	snortreport/pkg-plist
#	snortreport/files
#	snortreport/files/patch-ipdetail.php
#	snortreport/files/patch-sigdetail.php
#
echo c - snortreport
mkdir -p snortreport > /dev/null 2>&1
echo x - snortreport/Makefile
sed 's/^X//' >snortreport/Makefile << 'END-of-snortreport/Makefile'
X# New ports collection makefile for:   snortreport
X# Date created:        18 Jan 2004
X# Whom:                Andrea Venturoli <freebsd at netfence.it>
X#
X# $FreeBSD: ports/security/snortreport/Makefile,v 1.6 2006/10/12 03:35:56 kris Exp $
X#
X
XPORTNAME=	snortreport
XPORTVERSION=	1.3.1
XCATEGORIES=	security www
XMASTER_SITES=	http://www.symmetrixtech.com/ids/
X
XMAINTAINER=	freebsd at netfence.it
XCOMMENT=	Add-on module for snort to generate real-time web reports
X
X.if !defined(WITHOUT_JPGRAPH)
XRUN_DEPENDS=	${LOCALBASE}/share/jpgraph/jpgraph.php:${PORTSDIR}/graphics/jpgraph
X.endif
X
XUSE_PHP=	yes
XWANT_PHP_WEB=	yes
X
XPKGMESSAGE=	${WRKDIR}/pkg-message
XNO_BUILD=	yes
X
Xpre-everything::
X	@${ECHO} ""
X	@${ECHO} "You have to configure PHP either with MySQL or PostgreSQL"
X	@${ECHO} "support in order to let snortreport collect its data."
X	@${ECHO} "Is is also suggested to compile support for GD in"
X	@${ECHO} "and have Jpgraph installed in order to view the charts."
X	@${ECHO} ""
X
Xpre-patch:
X	@${SED} 's|%%PREFIX%%|${PREFIX}|g' \
X		${PKGDIR}/pkg-message > ${PKGMESSAGE}
X
Xdo-install:
X	${MKDIR} ${PREFIX}/www/snortreport
X	${CP} -p ${WRKSRC}/*.php ${PREFIX}/www/snortreport
X	${CP} -p ${WRKSRC}/*.css ${PREFIX}/www/snortreport
X	${CP} -p ${WRKSRC}/*.png ${PREFIX}/www/snortreport
X	${CP} -p ${WRKSRC}/*.html ${PREFIX}/www/snortreport
X	${CP} -p ${WRKSRC}/*.phps ${PREFIX}/www/snortreport
X	${CP} -p ${WRKSRC}/*.js ${PREFIX}/www/snortreport
X	${CHOWN} -R www:www ${PREFIX}/www/snortreport
X
Xpost-install:
X.if !defined(NOPORTDOCS)
X	${INSTALL} -d -o ${DOCOWN} -g ${DOCGRP} ${DOCSDIR}
X	${INSTALL_DATA} ${WRKSRC}/INSTALL ${DOCSDIR}
X	${INSTALL_DATA} ${WRKSRC}/LICENSE ${DOCSDIR}
X	${INSTALL_DATA} ${WRKSRC}/Performance.txt ${DOCSDIR}
X	${INSTALL_DATA} ${WRKSRC}/create_indexes.sql ${DOCSDIR}
X.endif
X	@${CAT} ${PKGMESSAGE}
X
X.include <bsd.port.mk>
END-of-snortreport/Makefile
echo x - snortreport/distinfo
sed 's/^X//' >snortreport/distinfo << 'END-of-snortreport/distinfo'
XMD5 (snortreport-1.3.1.tar.gz) = 82407df1de6ab03319b5e4b82ef725ee
XSHA256 (snortreport-1.3.1.tar.gz) = 476008993100d11046ef34db68735b0e96cb3b939e431d2df592e6ffcf24de33
XSIZE (snortreport-1.3.1.tar.gz) = 43334
END-of-snortreport/distinfo
echo x - snortreport/pkg-descr
sed 's/^X//' >snortreport/pkg-descr << 'END-of-snortreport/pkg-descr'
XSnort Report is an add-on module for the Snort Intrusion Detection System.
X
XIt generates real-time intrusion detection reports in an easy to read format
Xbased on data collected from a MySQL or PostgreSQL database.
X
XWWW: http://www.symmetrixtech.com/download.html
X
X- Andrea Venturoli
Xfreebsd at netfence.it
END-of-snortreport/pkg-descr
echo x - snortreport/pkg-message
sed 's/^X//' >snortreport/pkg-message << 'END-of-snortreport/pkg-message'
X***************************************************************
XSnortreport has been installed in %%PREFIX%%/www/snortreport.
XChange into this directory and make any necessary change to
Xthe config file (srconf.php).
XAlso modify your web server configuration to let access to this
Xdirectory.
X***************************************************************
END-of-snortreport/pkg-message
echo x - snortreport/pkg-plist
sed 's/^X//' >snortreport/pkg-plist << 'END-of-snortreport/pkg-plist'
Xwww/snortreport/DB.php
Xwww/snortreport/DB_mysql.php
Xwww/snortreport/DB_pgsql.php
Xwww/snortreport/alertchart.php
Xwww/snortreport/alerts.php
Xwww/snortreport/default.css
Xwww/snortreport/functions.php
Xwww/snortreport/go.png
Xwww/snortreport/index.php
Xwww/snortreport/info-retrieval.php
Xwww/snortreport/ipdetail.php
Xwww/snortreport/menu.html
Xwww/snortreport/nbtscan.php
Xwww/snortreport/nmap.php
Xwww/snortreport/nodata.png
Xwww/snortreport/page_bottom.php
Xwww/snortreport/page_top.php
Xwww/snortreport/portscan.php
Xwww/snortreport/profiling.phps
Xwww/snortreport/psdetail.php
Xwww/snortreport/sig-by-time-chart.php
Xwww/snortreport/sigdetail.php
Xwww/snortreport/srconf.php
Xwww/snortreport/srlogo.png
Xwww/snortreport/ssm.js
Xwww/snortreport/ssmItems.js
Xwww/snortreport/timespan.php
X%%PORTDOCS%%%%DOCSDIR%%/INSTALL
X%%PORTDOCS%%%%DOCSDIR%%/LICENSE
X%%PORTDOCS%%%%DOCSDIR%%/Performance.txt
X%%PORTDOCS%%%%DOCSDIR%%/create_indexes.sql
X at dirrm www/snortreport
X%%PORTDOCS%%@dirrm %%DOCSDIR%%
END-of-snortreport/pkg-plist
echo c - snortreport/files
mkdir -p snortreport/files > /dev/null 2>&1
echo x - snortreport/files/patch-ipdetail.php
sed 's/^X//' >snortreport/files/patch-ipdetail.php << 'END-of-snortreport/files/patch-ipdetail.php'
X*** /usr/local/www/snortreport/ipdetail.php	Thu Dec 22 06:07:07 2005
X--- ./ipdetail.php	Thu Nov  9 14:28:57 2006
X***************
X*** 40,48 ****
X  
X  // set up the SQL query
X  if ($type == "src") {
X! 	$query = "SELECT event.cid, event.sid, event.signature, event.timestamp, iphdr.ip_src, iphdr.ip_dst, iphdr.ip_ver, iphdr.ip_hlen, iphdr.ip_tos, iphdr.ip_len, iphdr.ip_id, iphdr.ip_flags, iphdr.ip_off, iphdr.ip_ttl, iphdr.ip_proto, iphdr.ip_csum, signature.sig_name, signature.sig_id, signature.sig_sid FROM event, iphdr, signature WHERE event.cid = iphdr.cid AND event.sid = iphdr.sid AND event.signature = signature.sig_id AND iphdr.ip_src = ".$ipAddress." AND event.timestamp > ".$db->timestamp($beginTime)." AND event.timestamp < ".$db->timestamp($endTime) or die("Error in query");
X  } else {
X! 	$query = "SELECT event.cid, event.sid, event.signature, event.timestamp, iphdr.ip_src, iphdr.ip_dst, iphdr.ip_ver, iphdr.ip_hlen, iphdr.ip_tos, iphdr.ip_len, iphdr.ip_id, iphdr.ip_flags, iphdr.ip_off, iphdr.ip_ttl, iphdr.ip_proto, iphdr.ip_csum, signature.sig_name, signature.sig_id, signature.sig_sid FROM event, iphdr, signature WHERE event.cid = iphdr.cid AND event.sid = iphdr.sid AND event.signature = signature.sig_id AND iphdr.ip_dst = ".$ipAddress." AND event.timestamp > ".$db->timestamp($beginTime)." AND event.timestamp < ".$db->timestamp($endTime) or die("Error in query");
X  }
X  
X  // run the query on the database
X--- 40,48 ----
X  
X  // set up the SQL query
X  if ($type == "src") {
X! 	$query = "SELECT event.cid, event.sid, event.signature, ".$db->timeSinceEpoch('event.timestamp').", iphdr.ip_src, iphdr.ip_dst, iphdr.ip_ver, iphdr.ip_hlen, iphdr.ip_tos, iphdr.ip_len, iphdr.ip_id, iphdr.ip_flags, iphdr.ip_off, iphdr.ip_ttl, iphdr.ip_proto, iphdr.ip_csum, signature.sig_name, signature.sig_id, signature.sig_sid FROM event, iphdr, signature WHERE event.cid = iphdr.cid AND event.sid = iphdr.sid AND event.signature = signature.sig_id AND iphdr.ip_src = ".$ipAddress." AND ".$db->timeSinceEpoch('event.timestamp')." > ".$db->timestamp($beginTime)." AND ".$db->timeSinceEpoch("event.timestamp")." < ".$db->timestamp($endTime) or die("Error in query");
X  } else {
X! 	$query = "SELECT event.cid, event.sid, event.signature, ".$db->timeSinceEpoch("event.timestamp").", iphdr.ip_src, iphdr.ip_dst, iphdr.ip_ver, iphdr.ip_hlen, iphdr.ip_tos, iphdr.ip_len, iphdr.ip_id, iphdr.ip_flags, iphdr.ip_off, iphdr.ip_ttl, iphdr.ip_proto, iphdr.ip_csum, signature.sig_name, signature.sig_id, signature.sig_sid FROM event, iphdr, signature WHERE event.cid = iphdr.cid AND event.sid = iphdr.sid AND event.signature = signature.sig_id AND iphdr.ip_dst = ".$ipAddress." AND ".$db->timeSinceEpoch("event.timestamp")." > ".$db->timestamp($beginTime)." AND ".$db->timeSinceEpoch("event.timestamp")." < ".$db->timestamp($endTime) or die("Error in query");
X  }
X  
X  // run the query on the database
END-of-snortreport/files/patch-ipdetail.php
echo x - snortreport/files/patch-sigdetail.php
sed 's/^X//' >snortreport/files/patch-sigdetail.php << 'END-of-snortreport/files/patch-sigdetail.php'
X*** /usr/local/www/snortreport/sigdetail.php	Thu Dec 22 06:07:07 2005
X--- ./sigdetail.php	Thu Nov  9 14:28:57 2006
X***************
X*** 38,44 ****
X  assert($beginTime < $endTime);
X  
X  $URLTimeConstraint = "beginTime=$beginTime&endTime=$endTime";
X! $DBTimeConstraint = "(event.timestamp > " . $db->timestamp($beginTime) . " AND event.timestamp < " . $db->timestamp($endTime) . ")";
X  
X  $sigid = intval($sigid) or die("Invalid signature ID");
X  
X--- 38,44 ----
X  assert($beginTime < $endTime);
X  
X  $URLTimeConstraint = "beginTime=$beginTime&endTime=$endTime";
X! $DBTimeConstraint = "(".$db->timeSinceEpoch("event.timestamp")." > " . $db->timestamp($beginTime) . " AND ".$db->timeSinceEpoch("event.timestamp")." < " . $db->timestamp($endTime) . ")";
X  
X  $sigid = intval($sigid) or die("Invalid signature ID");
X  
X***************
X*** 101,106 ****
X--- 101,108 ----
X  	}
X  }
X  
X+ if (!empty($Sources)) {
X+ 
X  if (PROFILING) elapsedTimer(__FILE__ . ": " . __LINE__);
X  // Get the total number of alerts for each source
X  
X***************
X*** 327,332 ****
X--- 329,336 ----
X  print "<b><a href=\"sigdetail.php?$qs\">$anchor</a></b><br>\n";
X  
X  if (PROFILING) elapsedTimer(__FILE__ . ": " . __LINE__);
X+ 
X+ }
X  
X  require_once("page_bottom.php");
X  
END-of-snortreport/files/patch-sigdetail.php
exit
--- te ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:



More information about the freebsd-ports-bugs mailing list