ports/140881: [patch] port security/snortsam update to version 2.68
olli hauer
ohauer at gmx.de
Fri Nov 27 15:40:03 UTC 2009
The following reply was made to PR ports/140881; it has been noted by GNATS.
From: olli hauer <ohauer at gmx.de>
To: bug-followup at FreeBSD.org, ohauer at gmx.de
Cc: ohauer at gmx.de
Subject: Re: ports/140881: [patch] port security/snortsam update to version 2.68
Date: Fri, 27 Nov 2009 16:37:09 +0100 (CET)
Snortsam was updated with my patches, so please use this
version instead.
The new patch updates snortsam to version 2.69
--
olli hauer
--- patch_snortsam-2.69.txt begins here ---
--- snortsam/Makefile 2008-09-04 01:02:16.000000000 +0200
+++ snortsam/Makefile 2009-11-27 15:18:21.000000000 +0100
@@ -6,7 +6,7 @@
#
PORTNAME= snortsam
-PORTVERSION= 2.60
+PORTVERSION= 2.69
CATEGORIES= security
MASTER_SITES= http://www.snortsam.net/files/snortsam/ \
http://www.freebsdbrasil.com.br/~urisso/files/snortsam/
@@ -15,53 +15,76 @@
MAINTAINER= urisso at bsd.com.br
COMMENT= SnortSam is a output plugin for Snort
-WRKSRC= ${WRKDIR}/${PKGNAMEPREFIX}${PORTNAME}
+OPTIONS= IPFW "checks if configured tables are available" on \
+ SAMTOOL "install samtool" on \
+ DEBUG "build with verbose messages" off
+
+.include <bsd.port.pre.mk>
+USE_RC_SUBR= snortsam.sh
+SUB_FILES= pkg-message
HAS_CONFIGURE= yes
NO_BUILD= yes
+CONFIGURE_SCRIPT= src/Makefile
+WRKSRC= ${WRKDIR}/${PKGNAMEPREFIX}${PORTNAME}
-SYSCONFDIR= ${PREFIX}/etc/snortsam
-
-CONFIGURE_SCRIPT= makesnortsam.sh
-
-USE_RC_SUBR= snortsam.sh
+CONFIG_DIR?= ${PREFIX}/etc/snortsam
PLIST_DIRS= etc/snortsam
-PLIST_FILES= etc/snortsam/rootservers.cfg etc/snortsam/snortsam.conf.sample sbin/snortsam sbin/snortsam-debug
-PORTDOCS= INSTALL README README.conf README.snmp_interface_down
+PLIST_FILES= sbin/snortsam \
+ etc/snortsam/snortsam.conf.sample \
+ etc/snortsam/country-rootservers.conf.sample \
+ etc/snortsam/opsec.conf.sample \
+ etc/snortsam/rootservers.cfg.sample
-OPTIONS= IPFW "Enable IPFW table checking if it set deny rules" on
+.if defined(WITH_SAMTOOL)
+PLIST_FILES+= sbin/samtool
+.endif
-.include <bsd.port.pre.mk>
+PORTDOCS= AUTHORS BUGS CREDITS FAQ INSTALL LICENSE README README.ciscoacl \
+ README.conf README.iptables README.netscreen README.pf README.pf2 \
+ README.rules README.slackware README.snmp_interface_down README.wgrd \
+ README_8signs.rtf TODO
.if defined(WITHOUT_IPFW)
-PATCH_SITES+=http://www.freebsdbrasil.com.br/~urisso/files/snortsam/:ipfw
-PATCHFILES+=ssp_ipfw2.c.diff:ipfw
+EXTRA_PATCHES+= ${FILESDIR}/ssp_ipfw2_no_table_check.patch
.endif
-post-extract:
- @${CAT} ${PATCHDIR}/pkg-message-snortsam
- @sleep 5
+.if defined(WITH_DEBUG)
+DEBUG=-DDEBUG
+.endif
pre-configure:
- ${REINPLACE_CMD} -e 's|/etc/snortsam.conf|/usr/local/etc/snortsam.conf|g' ${WRKSRC}/conf/snortsam.conf.sample
- ${REINPLACE_CMD} -e 's|/etc/snortsam.conf|/usr/local/etc/snortsam.conf|g' ${WRKSRC}/docs/README.conf
- ${REINPLACE_CMD} -e 's|/etc/snortsam.conf|/usr/local/etc/snortsam.conf|g' ${WRKSRC}/src/snortsam.c
- ${REINPLACE_CMD} -e 's|/etc/snortsam.conf|/usr/local/etc/snortsam.conf|g' ${WRKSRC}/contrib/snortsam-state.c
- ${CHMOD} +x ${WRKSRC}/makesnortsam.sh
+ @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/conf/snortsam.conf.sample
+ @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/docs/README.conf
+ @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/src/snortsam.h
+ @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/contrib/snortsam-state.c
+ @${CHMOD} +x ${WRKSRC}/makesnortsam.sh
+
+do-configure:
+ @cd ${WRKSRC}/src && ${MAKE} ${DEBUG}
+ @cd ${WRKSRC}/src && ${MAKE} samtool ${DEBUG}
+# no access to snortsam.conf and samtool for non root users!
do-install:
- ${INSTALL_PROGRAM} ${WRKSRC}/snortsam ${PREFIX}/sbin
- ${INSTALL_PROGRAM} ${WRKSRC}/snortsam-debug ${PREFIX}/sbin
- ${MKDIR} ${SYSCONFDIR}
- ${INSTALL_DATA} ${WRKSRC}/conf/snortsam.conf.sample ${SYSCONFDIR}/snortsam.conf.sample
- ${INSTALL_DATA} ${WRKSRC}/conf/*rootservers.cfg ${SYSCONFDIR}/
+ @${INSTALL_PROGRAM} ${WRKSRC}/snortsam ${PREFIX}/sbin
+.if defined(WITH_SAMTOOL)
+ @${INSTALL} -o root -g wheel -m 500 ${WRKSRC}/samtool ${PREFIX}/sbin
+.endif
+ @${MKDIR} ${CONFIG_DIR}
+ @${INSTALL_DATA} -m 600 ${WRKSRC}/conf/snortsam.conf.sample ${CONFIG_DIR}/snortsam.conf.sample
+ @${INSTALL_DATA} ${WRKSRC}/conf/opsec.conf ${CONFIG_DIR}/opsec.conf.sample
+ @${INSTALL_DATA} ${WRKSRC}/conf/rootservers.cfg ${CONFIG_DIR}/rootservers.cfg.sample
+ @${INSTALL_DATA} ${WRKSRC}/conf/country-rootservers.conf ${CONFIG_DIR}/country-rootservers.conf.sample
.if !defined(NOPORTDOCS)
+ @${MKDIR} ${DOCSDIR}
.for f in ${PORTDOCS}
- ${MKDIR} ${DOCSDIR}
- ${INSTALL_DATA} ${WRKSRC}/docs/${f} ${DOCSDIR}
+ @${INSTALL_DATA} ${WRKSRC}/docs/${f} ${DOCSDIR}
.endfor
.endif
+post-install:
+ @${CAT} ${PKGMESSAGE}
+
.include <bsd.port.post.mk>
--- snortsam/distinfo 2008-09-04 01:02:16.000000000 +0200
+++ snortsam/distinfo 2009-11-27 15:19:59.000000000 +0100
@@ -1,6 +1,3 @@
-MD5 (snortsam-src-2.60.tar.gz) = 5fdc69b18938237ac943beeb7f6c105a
-SHA256 (snortsam-src-2.60.tar.gz) = 65c44a91487f533f66291b1dd41f06237d21ba7c9e43a27d8784e2915c2771f4
-SIZE (snortsam-src-2.60.tar.gz) = 1982833
-MD5 (ssp_ipfw2.c.diff) = bcc60c6d27805db5d96c284189cefee8
-SHA256 (ssp_ipfw2.c.diff) = 29355590da907bb4c9f3e259c460c1c29d7a0e6cb201290ffc904c246c8ef3e4
-SIZE (ssp_ipfw2.c.diff) = 1193
+MD5 (snortsam-src-2.69.tar.gz) = 7663ce82956a97c5f725028716d66140
+SHA256 (snortsam-src-2.69.tar.gz) = eb0dc0ebd65b6d15e3adabd7be2720221005683eefb7ca5986b9ca0284d55f92
+SIZE (snortsam-src-2.69.tar.gz) = 1971579
--- snortsam/files/patch-makesnortsam.sh 2008-09-04 01:02:16.000000000 +0200
+++ snortsam/files/patch-makesnortsam.sh 1970-01-01 01:00:00.000000000 +0100
@@ -1,13 +0,0 @@
---- makesnortsam.sh.old 2008-08-03 00:04:24.000000000 -0300
-+++ makesnortsam.sh 2008-08-03 00:04:57.000000000 -0300
-@@ -11,8 +11,8 @@
- # Under Solaris, the OPSEC stuff is linked dynamically.
- # On other platforms, statically.
-
--BSDTHREADLIB='-lc_r'
--#BSDTHREADLIB='-lpthread'
-+#BSDTHREADLIB='-lc_r'
-+BSDTHREADLIB='-lpthread'
-
- systype=`uname`
-
--- snortsam/files/patch-snortsam.h 2008-09-04 01:02:16.000000000 +0200
+++ snortsam/files/patch-snortsam.h 1970-01-01 01:00:00.000000000 +0100
@@ -1,16 +0,0 @@
---- src/snortsam.h.old 2008-08-03 00:08:34.000000000 -0300
-+++ src/snortsam.h 2008-08-03 00:10:58.000000000 -0300
-@@ -178,10 +178,10 @@
- #define safecopy(dst,src) _safecp(dst,sizeof(dst),src)
-
- #ifdef WIN32
--#define FWSAMCONFIGFILE "snortsam.cfg"
--#define FWSAMHISTORYFILE "snortsam.sta"
-+#define FWSAMCONFIGFILE "/usr/local/etc/snortsam.cfg"
-+#define FWSAMHISTORYFILE "/var/db/snortsam.sta"
- #else
--#define FWSAMCONFIGFILE "/etc/snortsam.conf"
-+#define FWSAMCONFIGFILE "/usr/local/etc/snortsam.conf"
- #define FWSAMHISTORYFILE "/var/db/snortsam.state"
- #endif
-
--- snortsam/files/pkg-message-snortsam 2008-09-04 01:02:16.000000000 +0200
+++ snortsam/files/pkg-message-snortsam 1970-01-01 01:00:00.000000000 +0100
@@ -1,10 +0,0 @@
-
-============================================================
-NOTE: Make sure that your SNORT installation it is defined
- output plugin SNORTSAM for don't cause errors while
- building SNORTSAM system. If exists some OLD SNORT
- installation WITHOUT supports for interaction between
- SNORT and SNORTSAM. PLEASE reconfigure WITH that this
- feature and rebuild a new installation.
-=============================================================
-
--- snortsam/files/pkg-message.in 1970-01-01 01:00:00.000000000 +0100
+++ snortsam/files/pkg-message.in 2009-11-27 15:33:53.000000000 +0100
@@ -0,0 +1,18 @@
+================================================================
+NOTE: SNORT have to be build with OPTION SNORTSAM.
+
+ To enable snortsam as output plugin for snort a config
+ line like the following should be present in snort.conf
+
+ output alert_fwsam: <snortsambox>:<port>/<password>
+
+ With samtool it is possible to send alerts to snortsam,
+ this way you can test and adjust your FW rules.
+
+ For more information read the INSTALL, FAQ, README
+ files in %%DOCSDIR%%
+
+ Additional consolidate http://snortsam.net
+
+==============================================================
+
--- snortsam/files/ssp_ipfw2_no_table_check.patch 1970-01-01 01:00:00.000000000 +0100
+++ snortsam/files/ssp_ipfw2_no_table_check.patch 2009-11-25 23:53:50.000000000 +0100
@@ -0,0 +1,18 @@
+--- src/ssp_ipfw2.c.orig 2008-04-26 21:53:21.000000000 +0200
++++ src/ssp_ipfw2.c 2009-11-14 22:03:41.000000000 +0100
+@@ -91,6 +91,7 @@
+ }
+ }
+ }
++#if defined(ENABLE_IPFW_TABLE_CHECK)
+ /* Check if inbound table exists */
+ snprintf(chk,sizeof(chk)-1,"/sbin/ipfw show | grep -q \"deny ip from any to table(%u) via %s\"",ipfw2p->in_table,ipfw2p->interface);
+ if(system(chk))
+@@ -110,6 +111,7 @@
+ }
+ }
+
++#endif /* ENABLE_IPFW_TABLE_CHECK */
+ #ifdef FWSAMDEBUG
+ if(plugindatalist->data)
+ printf("Debug: [ipfw2] Adding IPFW2: i/f '%s', tables %u (in) and %u (out)\n", ipfw2p->interface, ipfw2p->in_table,ipfw2p->out_table);
--- snortsam/pkg-descr 2008-09-04 01:02:16.000000000 +0200
+++ snortsam/pkg-descr 2009-11-25 23:53:50.000000000 +0100
@@ -1,5 +1,6 @@
-SnortSam is a plugin for Snort, an open-source light-weight
-Intrusion Detection System (IDS). The plugin allows for
-automated blocking of IP addresses on many firewalls.
+SnortSam is an intelligent agent that allows the popular
+open-source Intrusion Detection System called Snort to block
+intruding connections by reconfiguration of many firewalls
+and Cisco devices.
WWW: http://www.snortsam.net
--- patch_snortsam-2.69.txt ends here ---
More information about the freebsd-ports-bugs
mailing list