ports/174956: commit references a PR
dfilter service
dfilter at FreeBSD.ORG
Mon Feb 18 01:00:01 UTC 2013
The following reply was made to PR ports/174956; it has been noted by GNATS.
From: dfilter at FreeBSD.ORG (dfilter service)
To: bug-followup at FreeBSD.org
Cc:
Subject: Re: ports/174956: commit references a PR
Date: Mon, 18 Feb 2013 00:56:59 +0000 (UTC)
Author: miwi
Date: Mon Feb 18 00:56:47 2013
New Revision: 312466
URL: http://svnweb.freebsd.org/changeset/ports/312466
Log:
- Update to 0.8.0
- Trim header
- Convert to OPTIONSng
PR: 174956
Submitted by: maintainer
Added:
head/security/sguil-sensor/files/patch-ossec_agent.tcl (contents, props changed)
head/security/sguil-sensor/files/patch-pads_agent.tcl (contents, props changed)
head/security/sguil-sensor/files/patch-pcap_agent-sancp.tcl (contents, props changed)
head/security/sguil-sensor/files/patch-pcap_agent.tcl (contents, props changed)
head/security/sguil-sensor/files/patch-sancp_agent.tcl (contents, props changed)
head/security/sguil-sensor/files/patch-snort_agent.tcl (contents, props changed)
head/security/sguil-sensor/files/pcap_agent-sancp.in (contents, props changed)
Deleted:
head/security/sguil-sensor/files/log_packets.conf
head/security/sguil-sensor/files/patch-log_packets.sh
Modified:
head/security/sguil-sensor/Makefile (contents, props changed)
head/security/sguil-sensor/distinfo (contents, props changed)
head/security/sguil-sensor/files/pads_agent.in (contents, props changed)
head/security/sguil-sensor/files/pcap_agent.in (contents, props changed)
head/security/sguil-sensor/files/pkg-message.in (contents, props changed)
head/security/sguil-sensor/files/sancp_agent.in (contents, props changed)
head/security/sguil-sensor/files/snort_agent.in (contents, props changed)
head/security/sguil-sensor/pkg-descr (contents, props changed)
head/security/sguil-sensor/pkg-plist (contents, props changed)
Modified: head/security/sguil-sensor/Makefile
==============================================================================
--- head/security/sguil-sensor/Makefile Mon Feb 18 00:54:18 2013 (r312465)
+++ head/security/sguil-sensor/Makefile Mon Feb 18 00:56:47 2013 (r312466)
@@ -1,13 +1,8 @@
-# New ports collection makefile for: sguil-sensor
-# Date created: 23 Mar 2006
-# Whom: Paul Schmehl <pauls at utdallas.edu>
-#
+# Created by: Paul Schmehl <pauls at utdallas.edu>
# $FreeBSD$
-#
PORTNAME= sguil-sensor
-PORTVERSION= 0.7.0
-PORTREVISION= 3
+PORTVERSION= 0.8.0
CATEGORIES= security
MASTER_SITES= SF/sguil/sguil/sguil-${PORTVERSION}
@@ -15,104 +10,108 @@ MAINTAINER= pauls at utdallas.edu
COMMENT= Sguil is a network security monitoring program
LIB_DEPENDS= tls:${PORTSDIR}/devel/tcltls
-RUN_DEPENDS= snort:${PORTSDIR}/security/snort \
- barnyard2:${PORTSDIR}/security/barnyard2 \
+RUN_DEPENDS= barnyard2:${PORTSDIR}/security/barnyard2-sguil \
${LOCALBASE}/lib/tclx8.4/tclx.tcl:${PORTSDIR}/lang/tclX
-OPTIONS= SANCP "Include sancp sensor" off \
- PADS "Include pads sensor" off
+OPTIONS_DEFINE= PADS SANCP
+PADS_DESC= Include pads sensor
+SANCP_DESC= Include sancp sensor
+
+LICENSE_NAME= QPLv1.0
+LICENSE_FILE= ${WRKSRC}/doc/LICENSE.QPL
+LICENSE_PERMS= auto-accept
NO_BUILD= yes
-USE_RC_SUBR= example_agent pcap_agent snort_agent
-TCLSH_CMD?= tclsh8.4
+USE_RC_SUBR= pcap_agent snort_agent
+TCL_VER= 8.5
+TCLSH= tclsh${TCL_VER}
WRKSRC= ${WRKDIR}/sguil-${PORTVERSION}
-SUB_LIST= SGUILDIR=${SGUILDIR}
+PATCH_WRKSRC= ${WRKSRC}/sensor
+SGUILDIR?= sguil-sensor
+SUB_LIST= SGUILDIR=${SGUILDIR} TCLSH=${TCLSH}
SUB_FILES= pkg-message
PLIST_SUB= SGUILDIR=${SGUILDIR}
-SGUILDIR?= sguil-sensor
-AGENTS= example_agent.tcl pads_agent.tcl pcap_agent.tcl sancp_agent.tcl snort_agent.tcl
-
-PORTDOCS= CHANGES FAQ INSTALL INSTALL.openbsd LICENSE.QPL \
- OPENSSL.README TODO UPGRADE USAGE sguildb.dia
-
-.include <bsd.port.pre.mk>
-
+AGENTS= pcap_agent.tcl snort_agent.tcl
+CONFS= pcap_agent.conf snort_agent.conf
+LOG_SCRIPTS= log_packets-daemonlogger.sh log_packets.sh
WITH_PCRE= true
-.if defined(WITH_SANCP)
+PORTDOCS1= README
+PORTDOCS2= README.daemonlogger
+PORTDOCS3= CHANGES FAQ INSTALL INSTALL.openbsd OPENSSL.README \
+ TODO UPGRADE USAGE sguildb.dia
+
+.include <bsd.port.options.mk>
+
+.if ${PORT_OPTIONS:MSANCP}
+AGENTS+= sancp_agent.tcl pcap_agent-sancp.tcl
+CONFS+= sancp_agent.conf sancp-indexed.conf pcap_agent-sancp.conf
RUN_DEPENDS+= sancp:${PORTSDIR}/security/sancp
-USE_RC_SUBR+= sancp_agent
-PLIST_SUB+= USESANCP=
+USE_RC_SUBR+= sancp_agent pcap_agent-sancp
+PLIST_SUB+= USESANCP=""
.else
PLIST_SUB+= USESANCP="@comment "
.endif
-.if defined(WITH_PADS)
+.if ${PORT_OPTIONS:MPADS}
+AGENTS+= pads_agent.tcl
+CONFS+= pads_agent.conf
RUN_DEPENDS+= pads:${PORTSDIR}/net-mgmt/pads
USE_RC_SUBR+= pads_agent
-PLIST_SUB+= USEPADS=
+PLIST_SUB+= USEPADS=""
.else
PLIST_SUB+= USEPADS="@comment "
.endif
post-patch:
.for f in ${AGENTS}
- @${REINPLACE_CMD} -e 's:exec tclsh:exec ${PREFIX}/bin/${TCLSH_CMD}:g' \
- ${WRKSRC}/sensor/${f}
- @${REINPLACE_CMD} -e 's:/etc/:${PREFIX}/etc/${SGUILDIR}/:g' \
+ @${REINPLACE_CMD} 's|/bin/sh|${PREFIX}/bin/${TCLSH}|' \
${WRKSRC}/sensor/${f}
.endfor
do-install:
@${MKDIR} ${PREFIX}/bin/${SGUILDIR}
@${MKDIR} ${PREFIX}/etc/${SGUILDIR}
-.for f in example_agent.tcl pcap_agent.tcl snort_agent.tcl
+ @${MKDIR} ${PREFIX}/share/${SGUILDIR}
+ @${MKDIR} ${PREFIX}/share/${SGUILDIR}/contrib
+ @${MKDIR} ${PREFIX}/share/${SGUILDIR}/init
+ (cd ${WRKSRC}/sensor/contrib && ${COPYTREE_SHARE} \* ${PREFIX}/share/${SGUILDIR}/contrib "! -name ossec_agent.tcl.orig")
+ (cd ${WRKSRC}/sensor/init && ${COPYTREE_SHARE} \* ${PREFIX}/share/${SGUILDIR}/init)
+.for f in ${AGENTS}
${INSTALL_SCRIPT} -m 751 ${WRKSRC}/sensor/${f} \
${PREFIX}/bin/${SGUILDIR}/${f}
.endfor
-.for f in log_packets.sh
+.for f in ${LOG_SCRIPTS}
${INSTALL_SCRIPT} -m 751 ${WRKSRC}/sensor/${f} \
${PREFIX}/bin/${SGUILDIR}/${f}
.endfor
-.for f in example_agent.conf pcap_agent.conf snort_agent.conf
+.for f in ${CONFS}
${INSTALL_DATA} ${WRKSRC}/sensor/${f} \
${PREFIX}/etc/${SGUILDIR}/${f}-sample
.endfor
-.for f in log_packets.conf
- ${INSTALL_DATA} ${FILESDIR}/${f} \
- ${PREFIX}/etc/${SGUILDIR}/${f}-sample
-.endfor
-.if defined(WITH_SANCP)
-.for f in sancp_agent.conf
- ${INSTALL_DATA} ${WRKSRC}/sensor/${f} \
- ${PREFIX}/etc/${SGUILDIR}/${f}-sample
+.if ${PORT_OPTIONS:MSANCP}
+.for f in log_packets-sancp.sh
+ ${INSTALL_SCRIPT} -m 751 ${WRKSRC}/sensor/${f} \
+ ${PREFIX}/bin/${SGUILDIR}/${f}
.endfor
.for f in sancp.conf
${INSTALL_DATA} ${WRKSRC}/sensor/sancp/${f} \
- ${PREFIX}/etc/${f}-sample
-.endfor
-.for f in sancp_agent.tcl
- ${INSTALL_SCRIPT} ${WRKSRC}/sensor/${f} \
- ${PREFIX}/bin/${SGUILDIR}/${f}
-.endfor
-.endif
-.if defined(WITH_PADS)
-.for f in pads_agent.conf
- ${INSTALL_DATA} ${WRKSRC}/sensor/${f} \
${PREFIX}/etc/${SGUILDIR}/${f}-sample
.endfor
-.for f in pads_agent.tcl
- ${INSTALL_SCRIPT} ${WRKSRC}/sensor/${f} \
- ${PREFIX}/bin/${SGUILDIR}/${f}
-.endfor
.endif
post-install:
-.if !defined(NOPORTDOCS)
+.if ${PORT_OPTIONS:MDOCS}
@${MKDIR} ${DOCSDIR}
- cd ${WRKSRC}/doc && ${INSTALL_DATA} \
- ${PORTDOCS} ${DOCSDIR}
+ cd ${WRKSRC} && ${INSTALL_DATA} ${PORTDOCS1} ${DOCSDIR}
+ cd ${WRKSRC}/sensor && ${INSTALL_DATA} ${PORTDOCS2} ${DOCSDIR}
+ cd ${WRKSRC}/doc && ${INSTALL_DATA} ${PORTDOCS3} ${DOCSDIR}
+.if ${PORT_OPTIONS:MSANCP}
+.for f in README.sancp_indexed_pcap
+ cd ${WRKSRC}/sensor && ${INSTALL_DATA} ${f} ${DOCSDIR}
+.endfor
+.endif
.endif
@${CAT} ${PKGMESSAGE}
-.include <bsd.port.post.mk>
+.include <bsd.port.mk>
Modified: head/security/sguil-sensor/distinfo
==============================================================================
--- head/security/sguil-sensor/distinfo Mon Feb 18 00:54:18 2013 (r312465)
+++ head/security/sguil-sensor/distinfo Mon Feb 18 00:56:47 2013 (r312466)
@@ -1,2 +1,2 @@
-SHA256 (sguil-sensor-0.7.0.tar.gz) = c6f08b031df9de942fc38b35a4bfc7db13357e61b7290b526bad66fcbe3e4f3b
-SIZE (sguil-sensor-0.7.0.tar.gz) = 68436
+SHA256 (sguil-sensor-0.8.0.tar.gz) = aa4617c4f9cf1d598c6d728afed50cd6f90dc5d1516a6eda8126401b7bba4be5
+SIZE (sguil-sensor-0.8.0.tar.gz) = 142829
Modified: head/security/sguil-sensor/files/pads_agent.in
==============================================================================
--- head/security/sguil-sensor/files/pads_agent.in Mon Feb 18 00:54:18 2013 (r312465)
+++ head/security/sguil-sensor/files/pads_agent.in Mon Feb 18 00:56:47 2013 (r312466)
@@ -16,19 +16,51 @@
. /etc/rc.subr
-load_rc_config pads_agent
+name="pads_agent"
+rcvar=${name}_enable
+load_rc_config ${name}
#set defaults
-pads_agent_enable=${pads_agent_enable:-"NO"}
-pads_agent_conf=${pads_agent_conf:-"%%PREFIX%%/etc/%%SGUILDIR%%/pads_agent.conf"}
-pads_agent_flags=${pads_agent_flags:-"-D"}
+: ${pads_agent_enable:="NO"}
+: ${pads_agent_conf:="%%PREFIX%%/etc/%%SGUILDIR%%/pads_agent.conf"}
+: ${pads_agent_flags:="-D -c ${pads_agent_conf}"}
-name="pads_agent"
-rcvar=pads_agent_enable
command="%%PREFIX%%/bin/%%SGUILDIR%%/pads_agent.tcl"
-command_args="-c ${pads_agent_conf} ${pads_agent_flags}"
-procname="%%PREFIX%%/bin/tclsh8.4"
+procname="%%PREFIX%%/bin/%%TCLSH%%"
pidfile="/var/run/${name}.pid"
-check_pidfile="${pidfile} ${procname} /bin/sh"
+
+start_precmd="pads_agent_ck4fifo"
+stop_postcmd="pads_agent_rmfifo"
+
+pads_agent_ck4fifo()
+{
+ LOG_DIR=`grep "LOG_DIR " ${pads_agent_conf} | awk '{print $3}'`
+ HOSTNAME=`grep "HOSTNAME " ${pads_agent_conf} | awk '{print $3}'`
+ PADS_FIFO=${LOG_DIR}/${HOSTNAME}/pads.fifo
+
+ if [ ! -p ${PADS_FIFO} ]; then
+ echo "${PADS_FIFO} does not exist. Creating now....."
+ /usr/bin/mkfifo ${PADS_FIFO}
+ fi
+ echo "Checking for ${PADS_FIFO}...."
+ if [ -p ${PADS_FIFO} ]; then
+ echo "Confirmed! ${PADS_FIFO} exists."
+ else
+ echo "I tried to create ${PADS_FIFO} and failed."
+ echo "You will need to create it manually before starting ${name}."
+ fi
+}
+
+pads_agent_rmfifo()
+{
+ LOG_DIR=`grep "LOG_DIR " ${pads_agent_conf} | awk '{print $3}'`
+ HOSTNAME=`grep "HOSTNAME " ${pads_agent_conf} | awk '{print $3}'`
+ PADS_FIFO=${LOG_DIR}/${HOSTNAME}/pads.fifo
+
+ if [ -p ${PADS_FIFO} ]; then
+ /bin/rm ${PADS_FIFO}
+ echo "Removing ${PADS_FIFO}...."
+ fi
+}
run_rc_command "$1"
Added: head/security/sguil-sensor/files/patch-ossec_agent.tcl
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/sguil-sensor/files/patch-ossec_agent.tcl Mon Feb 18 00:56:47 2013 (r312466)
@@ -0,0 +1,30 @@
+--- contrib/ossec_agent/ossec_agent.tcl.orig 2012-12-17 22:47:18.000000000 +0000
++++ contrib/ossec_agent/ossec_agent.tcl 2012-12-17 22:48:45.000000000 +0000
+@@ -1,6 +1,4 @@
+ #!/bin/sh
+-# Run tcl from users PATH \
+-exec tclsh "$0" "$@"
+
+ # OSSEC agent for Sguil 0.7.0. Based on the "example_agent.tcl" code
+ # distributed with sguil.
+@@ -593,9 +591,9 @@
+ if { ![info exists CONF_FILE] } {
+
+ # No conf file specified check the defaults
+- if { [file exists /etc/ossec_agent.conf] } {
++ if { [file exists /usr/local/etc/sguil-sensor/ossec_agent.conf] } {
+
+- set CONF_FILE /etc/ossec_agent.conf
++ set CONF_FILE /usr/local/etc/sguil-sensor/ossec_agent.conf
+
+ } elseif { [file exists ./ossec_agent.conf] } {
+
+@@ -604,7 +602,7 @@
+ } else {
+
+ puts "Couldn't determine where the ossec_agent.tcl config file is"
+- puts "Looked for /etc/ossec_agent.conf and ./ossec_agent.conf."
++ puts "Looked for /usr/local/etc/sguil-sensor/ossec_agent.conf and ./ossec_agent.conf."
+ DisplayUsage $argv0
+
+ }
Added: head/security/sguil-sensor/files/patch-pads_agent.tcl
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/sguil-sensor/files/patch-pads_agent.tcl Mon Feb 18 00:56:47 2013 (r312466)
@@ -0,0 +1,39 @@
+--- pads_agent.tcl.orig 2012-12-19 21:25:26.000000000 +0000
++++ pads_agent.tcl 2012-12-19 21:27:37.000000000 +0000
+@@ -1,6 +1,4 @@
+ #!/bin/sh
+-# Run tcl from users PATH \
+-exec tclsh "$0" "$@"
+
+ # $Id: pads_agent.tcl,v 1.13 2011/02/17 02:55:48 bamm Exp $ #
+
+@@ -332,7 +330,7 @@
+ id process group set
+ if {[fork]} {exit 0}
+ set PID [id process]
+- if { ![info exists PID_FILE] } { set PID_FILE "/var/run/sensor_agent.pid" }
++ if { ![info exists PID_FILE] } { set PID_FILE "/var/run/pads_agent.pid" }
+ set PID_DIR [file dirname $PID_FILE]
+ if { ![file exists $PID_DIR] || ![file isdirectory $PID_DIR] || ![file writable $PID_DIR] } {
+ puts "ERROR: Directory $PID_DIR does not exists or is not writable."
+@@ -380,16 +378,16 @@
+ }
+ }
+ # Parse the config file here
+-# Default location is /etc/pads_agent.conf or pwd
++# Default location is /usr/local/etc/sguil-sensor/pads_agent.conf or pwd
+ if { ![info exists CONF_FILE] } {
+ # No conf file specified check the defaults
+- if { [file exists /etc/pads_agent.conf] } {
+- set CONF_FILE /etc/pads_agent.conf
++ if { [file exists /usr/local/etc/sguil-sensor/pads_agent.conf] } {
++ set CONF_FILE /usr/local/etc/sguil-sensor/pads_agent.conf
+ } elseif { [file exists ./pads_agent.conf] } {
+ set CONF_FILE ./pads_agent.conf
+ } else {
+ puts "Couldn't determine where the sensor_agent.tcl config file is"
+- puts "Looked for /etc/pads_agent.conf and ./pads_agent.conf."
++ puts "Looked for /usr/local/etc/sguil-sensor/pads_agent.conf and ./pads_agent.conf."
+ DisplayUsage $argv0
+ }
+ }
Added: head/security/sguil-sensor/files/patch-pcap_agent-sancp.tcl
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/sguil-sensor/files/patch-pcap_agent-sancp.tcl Mon Feb 18 00:56:47 2013 (r312466)
@@ -0,0 +1,35 @@
+--- pcap_agent-sancp.tcl.orig 2012-12-17 22:36:43.000000000 +0000
++++ pcap_agent-sancp.tcl 2012-12-17 22:38:22.000000000 +0000
+@@ -1,6 +1,4 @@
+ #!/bin/sh
+-# Run tcl from users PATH \
+-exec tclsh "$0" "$@"
+
+ # $Id: pcap_agent-sancp.tcl,v 1.2 2008/05/29 19:25:50 hanashi Exp $ #
+
+@@ -754,13 +752,13 @@
+ }
+
+ # Parse the config file here
+-# Default location is /etc/pcap_agent.conf or pwd
++# Default location is /usr/local/etc/sguil-sensor/pcap_agent.conf or pwd
+ if { ![info exists CONF_FILE] } {
+
+ # No conf file specified check the defaults
+- if { [file exists /etc/pcap_agent.conf] } {
++ if { [file exists /usr/local/etc/sguil-sensor/pcap_agent.conf] } {
+
+- set CONF_FILE /etc/pcap_agent.conf
++ set CONF_FILE /usr/local/etc/sguil-sensor/pcap_agent.conf
+
+ } elseif { [file exists ./pcap_agent.conf] } {
+
+@@ -769,7 +767,7 @@
+ } else {
+
+ puts "Couldn't determine where the pcap_agent.tcl config file is"
+- puts "Looked for /etc/pcap_agent.conf and ./pcap_agent.conf."
++ puts "Looked for /usr/local/etc/sguil-sensor/pcap_agent.conf and ./pcap_agent.conf."
+ DisplayUsage $argv0
+
+ }
Added: head/security/sguil-sensor/files/patch-pcap_agent.tcl
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/sguil-sensor/files/patch-pcap_agent.tcl Mon Feb 18 00:56:47 2013 (r312466)
@@ -0,0 +1,35 @@
+--- pcap_agent.tcl.orig 2012-12-17 22:31:44.000000000 +0000
++++ pcap_agent.tcl 2012-12-17 22:42:50.000000000 +0000
+@@ -1,6 +1,4 @@
+ #!/bin/sh
+-# Run tcl from users PATH \
+-exec tclsh "$0" "$@"
+
+ # $Id: pcap_agent.tcl,v 1.13 2011/03/10 22:03:33 bamm Exp $ #
+
+@@ -771,13 +769,13 @@
+ }
+
+ # Parse the config file here
+-# Default location is /etc/pcap_agent.conf or pwd
++# Default location is /usr/local/etc/sguil-sensor/pcap_agent.conf or pwd
+ if { ![info exists CONF_FILE] } {
+
+ # No conf file specified check the defaults
+- if { [file exists /etc/pcap_agent.conf] } {
++ if { [file exists /usr/local/etc/sguil-sensor/pcap_agent.conf] } {
+
+- set CONF_FILE /etc/pcap_agent.conf
++ set CONF_FILE /usr/local/etc/sguil-sensor/pcap_agent.conf
+
+ } elseif { [file exists ./pcap_agent.conf] } {
+
+@@ -786,7 +784,7 @@
+ } else {
+
+ puts "Couldn't determine where the pcap_agent.tcl config file is"
+- puts "Looked for /etc/pcap_agent.conf and ./pcap_agent.conf."
++ puts "Looked for /usr/local/etc/sguil-sensor/pcap_agent.conf and ./pcap_agent.conf."
+ DisplayUsage $argv0
+
+ }
Added: head/security/sguil-sensor/files/patch-sancp_agent.tcl
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/sguil-sensor/files/patch-sancp_agent.tcl Mon Feb 18 00:56:47 2013 (r312466)
@@ -0,0 +1,30 @@
+--- sancp_agent.tcl.orig 2012-12-17 22:43:39.000000000 +0000
++++ sancp_agent.tcl 2012-12-17 22:44:56.000000000 +0000
+@@ -1,6 +1,4 @@
+ #!/bin/sh
+-# Run tcl from users PATH \
+-exec tclsh "$0" "$@"
+
+ # $Id: sancp_agent.tcl,v 1.15 2011/03/10 22:03:33 bamm Exp $ #
+
+@@ -582,16 +580,16 @@
+ }
+ }
+ # Parse the config file here
+-# Default location is /etc/sancp_agent.conf or pwd
++# Default location is /usr/local/etc/sguil-sensor/sancp_agent.conf or pwd
+ if { ![info exists CONF_FILE] } {
+ # No conf file specified check the defaults
+- if { [file exists /etc/sancp_agent.conf] } {
+- set CONF_FILE /etc/sancp_agent.conf
++ if { [file exists /usr/local/etc/sguil-sensor/sancp_agent.conf] } {
++ set CONF_FILE /usr/local/etc/sguil-sensor/sancp_agent.conf
+ } elseif { [file exists ./sancp_agent.conf] } {
+ set CONF_FILE ./sancp_agent.conf
+ } else {
+ puts "Couldn't determine where the sancp_agent.tcl config file is"
+- puts "Looked for /etc/sancp_agent.conf and ./sancp_agent.conf."
++ puts "Looked for /usr/local/etc/sguil-sensor/sancp_agent.conf and ./sancp_agent.conf."
+ DisplayUsage $argv0
+ }
+ }
Added: head/security/sguil-sensor/files/patch-snort_agent.tcl
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/sguil-sensor/files/patch-snort_agent.tcl Mon Feb 18 00:56:47 2013 (r312466)
@@ -0,0 +1,35 @@
+--- snort_agent.tcl.orig 2012-12-17 22:33:35.000000000 +0000
++++ snort_agent.tcl 2012-12-17 22:39:39.000000000 +0000
+@@ -1,6 +1,4 @@
+ #!/bin/sh
+-# Run tcl from users PATH \
+-exec tclsh "$0" "$@"
+
+ # $Id: snort_agent.tcl,v 1.9 2011/02/17 02:55:48 bamm Exp $ #
+
+@@ -680,13 +678,13 @@
+ }
+
+ # Parse the config file here
+-# Default location is /etc/snort_agent.conf or pwd
++# Default location is /usr/local/etc/sguil-sensor/snort_agent.conf or pwd
+ if { ![info exists CONF_FILE] } {
+
+ # No conf file specified check the defaults
+- if { [file exists /etc/snort_agent.conf] } {
++ if { [file exists /usr/local/etc/sguil-sensor/snort_agent.conf] } {
+
+- set CONF_FILE /etc/snort_agent.conf
++ set CONF_FILE /usr/local/etc/sguil-sensor/snort_agent.conf
+
+ } elseif { [file exists ./snort_agent.conf] } {
+
+@@ -695,7 +693,7 @@
+ } else {
+
+ puts "Couldn't determine where the snort_agent.tcl config file is"
+- puts "Looked for /etc/snort_agent.conf and ./snort_agent.conf."
++ puts "Looked for /usr/local/etc/sguil-sensor/snort_agent.conf and ./snort_agent.conf."
+ DisplayUsage $argv0
+
+ }
Added: head/security/sguil-sensor/files/pcap_agent-sancp.in
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/sguil-sensor/files/pcap_agent-sancp.in Mon Feb 18 00:56:47 2013 (r312466)
@@ -0,0 +1,32 @@
+#!/bin/sh
+
+# $FreeBSD$
+
+# PROVIDE: pcap_agent-sancp
+# REQUIRE: DAEMON
+# KEYWORD: shutdown
+
+# Add the following line to /etc/rc.conf to enable pcap_agent-sancp:
+# pcap_agent-sancp_enable (bool): Set to YES to enable pcap_agent-sancp
+# Default: NO
+# pcap_agent-sancp_conf (str): Pads_agent configuration file
+# Default: %%PREFIX%%/etc/%%SGUILDIR%%/pcap_agent-sancp.conf
+# pcap_agent-sancp_flags (str): Default: -D
+#
+
+. /etc/rc.subr
+
+name="pcap_agent-sancp"
+rcvar=pcap_agent-sancp_enable
+load_rc_config pcap_agent-sancp
+
+#set defaults
+: ${pcap_agent-sancp_enable:="NO"}
+: ${pcap_agent-sancp_conf:="%%PREFIX%%/etc/%%SGUILDIR%%/pcap_agent-sancp.conf"}
+: ${pcap_agent-sancp_flags:="-D -c ${pcap_agent-sancp_conf}"}
+
+command="%%PREFIX%%/bin/%%SGUILDIR%%/pcap_agent-sancp.tcl"
+procname="%%PREFIX%%/bin/%%TCLSH%%"
+pidfile="/var/run/${name}.pid"
+
+run_rc_command "$1"
Modified: head/security/sguil-sensor/files/pcap_agent.in
==============================================================================
--- head/security/sguil-sensor/files/pcap_agent.in Mon Feb 18 00:54:18 2013 (r312465)
+++ head/security/sguil-sensor/files/pcap_agent.in Mon Feb 18 00:56:47 2013 (r312466)
@@ -16,19 +16,17 @@
. /etc/rc.subr
+name="pcap_agent"
+rcvar=pcap_agent_enable
load_rc_config pcap_agent
#set defaults
-pcap_agent_enable=${pcap_agent_enable:-"NO"}
-pcap_agent_conf=${pcap_agent_conf:-"%%PREFIX%%/etc/%%SGUILDIR%%/pcap_agent.conf"}
-pcap_agent_flags=${pcap_agent_flags:-"-D"}
+: ${pcap_agent_enable:="NO"}
+: ${pcap_agent_conf:="%%PREFIX%%/etc/%%SGUILDIR%%/pcap_agent.conf"}
+: ${pcap_agent_flags:="-D -c ${pcap_agent_conf}"}
-name="pcap_agent"
-rcvar=pcap_agent_enable
command="%%PREFIX%%/bin/%%SGUILDIR%%/pcap_agent.tcl"
-command_args="-c ${pcap_agent_conf} ${pcap_agent_flags}"
-procname="%%PREFIX%%/bin/tclsh8.4"
+procname="%%PREFIX%%/bin/%%TCLSH%%"
pidfile="/var/run/${name}.pid"
-check_pidfile="${pidfile} ${procname} /bin/sh"
run_rc_command "$1"
Modified: head/security/sguil-sensor/files/pkg-message.in
==============================================================================
--- head/security/sguil-sensor/files/pkg-message.in Mon Feb 18 00:54:18 2013 (r312465)
+++ head/security/sguil-sensor/files/pkg-message.in Mon Feb 18 00:56:47 2013 (r312466)
@@ -2,13 +2,11 @@
* !!!!!!!!!!! WARNING !!!!!!!!!!! *
***********************************
-If you already had barnyard installed, this port will NOT deinstall
-it and install the barnyard-sguil6 port instead. You will need to
-deinstall the barnyard port and install the barnyard-sguil6 port yourself
-instead. This port WILL NOT WORK without the barnyard-sguil6 port!!
+If you already had barnyard2 installed, this port will NOT deinstall
+it and install the barnyard2-sguil port instead. You will need to
+deinstall the barnyard2 port and install the barnyard2-sguil port yourself
+instead. This port WILL NOT WORK without the barnyard2-sguil port!!
-You MUST edit the log_packets.conf file (located in %%PREFIX%%/etc/%%SGUILDIR%%)
-to fit your configuration before running the log_packets.sh script.
See the %%DOCSDIR%%/INSTALL doc for details on the
configuration and for croning the script.
@@ -16,13 +14,18 @@ WARNING!!! Sguil et al will fill up you
quickly. You should probably configure sguil et al to log to
another partition/location (e.g. /nsm/tmp/).
-You must ALSO edit all of the sensor conf fileis (located in
+You must ALSO edit all of the sensor conf files (located in
%%PREFIX%%/%%SGUILDIR%%/etc/) to reflect your configuration before
starting the sensor_agents.
+A number of ancilliary things have been installed in
+%%PREFIX%%/share/%%SGUILDIR%%.
+
If you chose to run sancp, and you already had a sancp.conf file in
%%PREFIX%%/etc, copy it to sancp.conf.orig before creating the new one.
-The new sancp.conf-sample file contains the settings for squil.
-If you still want to maintain the customized sancp.conf file, then copy
-the new sancp.conf-sample file to sguild-sancp.conf (for example) and
-add sancp_conf=%%PREFIX%%/etc/sguild-sancp.conf to /etc/rc.conf.
+The new sancp.conf-sample file contains the settings for squil. NOTE:
+the conf file is for sancp 1.5.3. It may need additional edits to work
+with the current ports version of sancp. If you still want to maintain
+the customized sancp.conf file, then copy the new sancp.conf-sample
+file to sguild-sancp.conf (for example) and add
+sancp_conf=%%PREFIX%%/etc/sguild-sancp.conf to /etc/rc.conf.
Modified: head/security/sguil-sensor/files/sancp_agent.in
==============================================================================
--- head/security/sguil-sensor/files/sancp_agent.in Mon Feb 18 00:54:18 2013 (r312465)
+++ head/security/sguil-sensor/files/sancp_agent.in Mon Feb 18 00:56:47 2013 (r312466)
@@ -16,19 +16,17 @@
. /etc/rc.subr
+name="sancp_agent"
+rcvar=sancp_agent_enable
load_rc_config sancp_agent
#set defaults
-sancp_agent_enable=${sancp_agent_enable:-"NO"}
-sancp_agent_conf=${sancp_agent_conf:-"%%PREFIX%%/etc/%%SGUILDIR%%/sancp_agent.conf"}
-sancp_agent_flags=${sancp_agent_flags:-"-D"}
+: ${sancp_agent_enable:="NO"}
+: ${sancp_agent_conf:="%%PREFIX%%/etc/%%SGUILDIR%%/sancp_agent.conf"}
+: ${sancp_agent_flags:="-D -c ${sancp_agent_conf}"}
-name="sancp_agent"
-rcvar=sancp_agent_enable
command="%%PREFIX%%/bin/%%SGUILDIR%%/sancp_agent.tcl"
-command_args="-c ${sancp_agent_conf} ${sancp_agent_flags}"
-procname="%%PREFIX%%/bin/tclsh8.4"
+procname="%%PREFIX%%/bin/%%TCLSH%%"
pidfile="/var/run/${name}.pid"
-check_pidfile="${pidfile} ${procname} /bin/sh"
run_rc_command "$1"
Modified: head/security/sguil-sensor/files/snort_agent.in
==============================================================================
--- head/security/sguil-sensor/files/snort_agent.in Mon Feb 18 00:54:18 2013 (r312465)
+++ head/security/sguil-sensor/files/snort_agent.in Mon Feb 18 00:56:47 2013 (r312466)
@@ -16,19 +16,17 @@
. /etc/rc.subr
+name="snort_agent"
+rcvar=snort_agent_enable
load_rc_config snort_agent
#set defaults
-snort_agent_enable=${snort_agent_enable:-"NO"}
-snort_agent_conf=${snort_agent_conf:-"%%PREFIX%%/etc/%%SGUILDIR%%/snort_agent.conf"}
-snort_agent_flags=${snort_agent_flags:-"-D"}
+: ${snort_agent_enable:="NO"}
+: ${snort_agent_conf:="%%PREFIX%%/etc/%%SGUILDIR%%/snort_agent.conf"}
+: ${snort_agent_flags:="-D -c ${snort_agent_conf}"}
-name="snort_agent"
-rcvar=snort_agent_enable
command="%%PREFIX%%/bin/%%SGUILDIR%%/snort_agent.tcl"
-command_args="-c ${snort_agent_conf} ${snort_agent_flags}"
-procname="%%PREFIX%%/bin/tclsh8.4"
+procname="%%PREFIX%%/bin/%%TCLSH%%"
pidfile="/var/run/${name}.pid"
-check_pidfile="${pidfile} ${procname} /bin/sh"
run_rc_command "$1"
Modified: head/security/sguil-sensor/pkg-descr
==============================================================================
--- head/security/sguil-sensor/pkg-descr Mon Feb 18 00:54:18 2013 (r312465)
+++ head/security/sguil-sensor/pkg-descr Mon Feb 18 00:56:47 2013 (r312466)
@@ -4,7 +4,7 @@ The actual interface and GUI server are
(www.tcl.tk). Sguil also relies on other open source software
in order to function properly.
-The sensor list includes security/barnyard, security/snort,
+The sensor list includes security/barnyard2-sguil, security/snort,
security/sancp, net-mgmt/pads, tcpdump (a part of the OS)
and devel/tcltls as well as lang/tcl84 and lang/tclX. Care
has been taken to ensure that everything you need to build
@@ -15,4 +15,3 @@ Sguil currently functions as an analysis
rule management capabilities.
WWW: http://sguil.sourceforge.net/index.php
-pauls at utdallas.edu
Modified: head/security/sguil-sensor/pkg-plist
==============================================================================
--- head/security/sguil-sensor/pkg-plist Mon Feb 18 00:54:18 2013 (r312465)
+++ head/security/sguil-sensor/pkg-plist Mon Feb 18 00:56:47 2013 (r312466)
@@ -1,15 +1,41 @@
+bin/%%SGUILDIR%%/log_packets-daemonlogger.sh
bin/%%SGUILDIR%%/log_packets.sh
-bin/%%SGUILDIR%%/example_agent.tcl
bin/%%SGUILDIR%%/pcap_agent.tcl
bin/%%SGUILDIR%%/snort_agent.tcl
-etc/%%SGUILDIR%%/example_agent.conf-sample
etc/%%SGUILDIR%%/pcap_agent.conf-sample
etc/%%SGUILDIR%%/snort_agent.conf-sample
-etc/%%SGUILDIR%%/log_packets.conf-sample
+share/%%SGUILDIR%%/contrib/ossec_agent/README
+share/%%SGUILDIR%%/contrib/ossec_agent/ossec_agent.conf
+share/%%SGUILDIR%%/contrib/ossec_agent/ossec_agent.tcl
+share/%%SGUILDIR%%/contrib/portscan_loader/Makefile
+share/%%SGUILDIR%%/contrib/portscan_loader/portscan_loader.c
+share/%%SGUILDIR%%/init/sensoragent
+%%PORTDOCS%%%%DOCSDIR%%/CHANGES
+%%PORTDOCS%%%%DOCSDIR%%/FAQ
+%%PORTDOCS%%%%DOCSDIR%%/INSTALL
+%%PORTDOCS%%%%DOCSDIR%%/INSTALL.openbsd
+%%PORTDOCS%%%%DOCSDIR%%/OPENSSL.README
+%%PORTDOCS%%%%DOCSDIR%%/README
+%%PORTDOCS%%%%DOCSDIR%%/TODO
+%%PORTDOCS%%%%DOCSDIR%%/UPGRADE
+%%PORTDOCS%%%%DOCSDIR%%/USAGE
+%%PORTDOCS%%%%DOCSDIR%%/sguildb.dia
+%%PORTDOCS%%%%DOCSDIR%%/README.daemonlogger
%%USEPADS%%bin/%%SGUILDIR%%/pads_agent.tcl
%%USEPADS%%etc/%%SGUILDIR%%/pads_agent.conf-sample
-%%USESANCP%%etc/sancp.conf-sample
+%%USESANCP%%bin/%%SGUILDIR%%/log_packets-sancp.sh
+%%USESANCP%%bin/%%SGUILDIR%%/pcap_agent-sancp.tcl
%%USESANCP%%bin/%%SGUILDIR%%/sancp_agent.tcl
%%USESANCP%%etc/%%SGUILDIR%%/sancp_agent.conf-sample
- at dirrm bin/%%SGUILDIR%%
+%%USESANCP%%etc/%%SGUILDIR%%/sancp-indexed.conf-sample
+%%USESANCP%%etc/%%SGUILDIR%%/pcap_agent-sancp.conf-sample
+%%USESANCP%%etc/%%SGUILDIR%%/sancp.conf-sample
+%%USESANCP%%%%DOCSDIR%%/README.sancp_indexed_pcap
+ at dirrm share/%%SGUILDIR%%/init
+ at dirrm share/%%SGUILDIR%%/contrib/portscan_loader
+ at dirrm share/%%SGUILDIR%%/contrib/ossec_agent
+ at dirrm share/%%SGUILDIR%%/contrib
+ at dirrm share/%%SGUILDIR%%
@dirrmtry etc/%%SGUILDIR%%
+ at dirrm bin/%%SGUILDIR%%
+%%PORTDOCS%%@dirrm %%DOCSDIR%%
_______________________________________________
svn-ports-all at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-ports-all
To unsubscribe, send any mail to "svn-ports-all-unsubscribe at freebsd.org"
More information about the freebsd-ports-bugs
mailing list