svn commit: r389648 - in head/security/pulledpork: . files
Olli Hauer
ohauer at FreeBSD.org
Sun Jun 14 19:31:22 UTC 2015
Author: ohauer
Date: Sun Jun 14 19:31:20 2015
New Revision: 389648
URL: https://svnweb.freebsd.org/changeset/ports/389648
Log:
- update to upstream svn r269
- use pkg-plist
Added:
head/security/pulledpork/files/patch-etc__pulledpork.conf
- copied, changed from r389647, head/security/pulledpork/files/patch-so_rules.diff
head/security/pulledpork/files/patch-pulledpork.pl (contents, props changed)
head/security/pulledpork/pkg-plist (contents, props changed)
Deleted:
head/security/pulledpork/files/patch-so_rules.diff
Modified:
head/security/pulledpork/Makefile
Modified: head/security/pulledpork/Makefile
==============================================================================
--- head/security/pulledpork/Makefile Sun Jun 14 18:14:35 2015 (r389647)
+++ head/security/pulledpork/Makefile Sun Jun 14 19:31:20 2015 (r389648)
@@ -3,6 +3,7 @@
PORTNAME= pulledpork
PORTVERSION= 0.7.0
+PORTREVISION= 1
CATEGORIES= security
MASTER_SITES= GOOGLE_CODE
@@ -16,53 +17,40 @@ RUN_DEPENDS= p5-Crypt-SSLeay>=0.57:${POR
p5-libwww>=0:${PORTSDIR}/www/p5-libwww
NO_BUILD= yes
-USES= perl5
+USES= perl5 shebangfix
USE_PERL5= run
-
-PLIST_FILES= bin/pulledpork.pl \
- %%ETCDIR%%/disablesid.conf.sample \
- %%ETCDIR%%/dropsid.conf.sample \
- %%ETCDIR%%/enablesid.conf.sample \
- %%ETCDIR%%/modifysid.conf.sample \
- %%ETCDIR%%/pulledpork.conf.sample \
- %%DATADIR%%/README.CONTRIB \
- %%DATADIR%%/oink-conv.pl
+SHEBANG_FILES= ${WRKSRC}/pulledpork.pl ${WRKSRC}/contrib/oink-conv.pl
SUB_FILES= pkg-message
OPTIONS_DEFINE= DOCS
-
.include <bsd.port.options.mk>
-PORTDOCS= README README.CATEGORIES README.CHANGES README.RULESET README.SHAREDOBJECTS
-
post-patch:
- @${REINPLACE_CMD} -e "s|/usr/bin/perl|${PERL}|" ${WRKSRC}/pulledpork.pl
@${REINPLACE_CMD} -e 's|snort/enablesid.conf|pulledpork/enablesid.conf|g' \
-e 's|snort/dropsid.conf|pulledpork/dropsid.conf|g' \
-e 's|snort/disablesid.conf|pulledpork/disablesid.conf|g' \
-e 's|snort/modifysid.conf|pulledpork/modifysid.conf|g' \
-e "s|/usr/local/lib/snort_dynamicrules/|${PREFIX}/etc/snort/so_rules/|g" \
${WRKSRC}/etc/pulledpork.conf
- @${REINPLACE_CMD} -e "s| /usr/bin/perl|${PERL}|" ${WRKSRC}/contrib/oink-conv.pl
do-install:
- @${INSTALL_SCRIPT} ${WRKSRC}/pulledpork.pl ${STAGEDIR}${PREFIX}/bin
+ ${INSTALL_SCRIPT} ${WRKSRC}/pulledpork.pl ${STAGEDIR}${PREFIX}/bin
@${MKDIR} -m 750 ${STAGEDIR}${ETCDIR}
# pulledpork.conf contains the snort user registration key, do not install world readable
- @${INSTALL} -m 640 ${WRKSRC}/etc/pulledpork.conf ${STAGEDIR}${ETCDIR}/pulledpork.conf.sample
- @${INSTALL_DATA} ${WRKSRC}/etc/disablesid.conf ${STAGEDIR}${ETCDIR}/disablesid.conf.sample
- @${INSTALL_DATA} ${WRKSRC}/etc/dropsid.conf ${STAGEDIR}${ETCDIR}/dropsid.conf.sample
- @${INSTALL_DATA} ${WRKSRC}/etc/enablesid.conf ${STAGEDIR}${ETCDIR}/enablesid.conf.sample
- @${INSTALL_DATA} ${WRKSRC}/etc/modifysid.conf ${STAGEDIR}${ETCDIR}/modifysid.conf.sample
+ ${INSTALL} -m 640 ${WRKSRC}/etc/pulledpork.conf ${STAGEDIR}${ETCDIR}/pulledpork.conf.sample
+ ${INSTALL_DATA} ${WRKSRC}/etc/disablesid.conf ${STAGEDIR}${ETCDIR}/disablesid.conf.sample
+ ${INSTALL_DATA} ${WRKSRC}/etc/dropsid.conf ${STAGEDIR}${ETCDIR}/dropsid.conf.sample
+ ${INSTALL_DATA} ${WRKSRC}/etc/enablesid.conf ${STAGEDIR}${ETCDIR}/enablesid.conf.sample
+ ${INSTALL_DATA} ${WRKSRC}/etc/modifysid.conf ${STAGEDIR}${ETCDIR}/modifysid.conf.sample
@${MKDIR} ${STAGEDIR}${DATADIR}
- @${INSTALL_DATA} ${WRKSRC}/contrib/README.CONTRIB ${STAGEDIR}${DATADIR}
- @${INSTALL_SCRIPT} ${WRKSRC}/contrib/oink-conv.pl ${STAGEDIR}${DATADIR}
+ ${INSTALL_DATA} ${WRKSRC}/contrib/README.CONTRIB ${STAGEDIR}${DATADIR}
+ ${INSTALL_SCRIPT} ${WRKSRC}/contrib/oink-conv.pl ${STAGEDIR}${DATADIR}
@${MKDIR} ${STAGEDIR}${DOCSDIR}
- @${INSTALL_DATA} ${WRKSRC}/README ${STAGEDIR}${DOCSDIR}
- @${INSTALL_DATA} ${WRKSRC}/doc/README.CATEGORIES ${STAGEDIR}${DOCSDIR}
- @${INSTALL_DATA} ${WRKSRC}/doc/README.CHANGES ${STAGEDIR}${DOCSDIR}
- @${INSTALL_DATA} ${WRKSRC}/doc/README.RULESET ${STAGEDIR}${DOCSDIR}
- @${INSTALL_DATA} ${WRKSRC}/doc/README.SHAREDOBJECTS ${STAGEDIR}${DOCSDIR}
+ ${INSTALL_DATA} ${WRKSRC}/README ${STAGEDIR}${DOCSDIR}
+ ${INSTALL_DATA} ${WRKSRC}/doc/README.CATEGORIES ${STAGEDIR}${DOCSDIR}
+ ${INSTALL_DATA} ${WRKSRC}/doc/README.CHANGES ${STAGEDIR}${DOCSDIR}
+ ${INSTALL_DATA} ${WRKSRC}/doc/README.RULESET ${STAGEDIR}${DOCSDIR}
+ ${INSTALL_DATA} ${WRKSRC}/doc/README.SHAREDOBJECTS ${STAGEDIR}${DOCSDIR}
.include <bsd.port.mk>
Copied and modified: head/security/pulledpork/files/patch-etc__pulledpork.conf (from r389647, head/security/pulledpork/files/patch-so_rules.diff)
==============================================================================
--- head/security/pulledpork/files/patch-so_rules.diff Sun Jun 14 18:14:35 2015 (r389647, copy source)
+++ head/security/pulledpork/files/patch-etc__pulledpork.conf Sun Jun 14 19:31:20 2015 (r389648)
@@ -1,41 +1,38 @@
-Index: etc/pulledpork.conf
-===================================================================
---- etc/pulledpork.conf (revision 268)
-+++ etc/pulledpork.conf (working copy)
-@@ -121,12 +121,12 @@
+--- etc/pulledpork.conf.orig 2013-09-11 21:01:05 UTC
++++ etc/pulledpork.conf
+@@ -121,14 +121,14 @@ config_path=/usr/local/etc/snort/snort.c
# Define your distro, this is for the precompiled shared object libs!
# Valid Distro Types:
-# Debian-5-0, Debian-6-0,
-# Ubuntu-8.04, Ubuntu-10-4
-# Centos-4-8, Centos-5-4
-+# Debian-6-0,
-+# Ubuntu-10-4, Ubuntu-12-04
-+# Centos-5-4
++# Debian-6-0, Ubuntu-10-4
++# Ubuntu-12-04, Centos-5-4
# FC-12, FC-14, RHEL-5-5, RHEL-6-0
-# FreeBSD-7-3, FreeBSD-8-1
-# OpenBSD-4-8
-+# FreeBSD-8-1, FreeBSD-9-0
-+# OpenBSD-4-8, OpenBSD-5-2, OpenBSD-5-3
++# FreeBSD-8-1, FreeBSD-9-0, FreeBSD-10-0
++# OpenBSD-5-2, OpenBSD-5-3
++# OpenSUSE-11-4, OpenSUSE-12-1
# Slackware-13-1
- distro=FreeBSD-8.1
+-distro=FreeBSD-8.1
++distro=FreeBSD-10-0
-Index: pulledpork.pl
-===================================================================
---- pulledpork.pl (revision 268)
-+++ pulledpork.pl (working copy)
-@@ -144,10 +144,10 @@
- -D What Distro are you running on, for the so_rules
- For latest supported options see http://www.snort.org/snort-rules/shared-object-rules
- Valid Distro Types:
-- Debian-5-0, Debian-6-0, Ubuntu-8.04, Ubuntu-10-4
-- Centos-4-8, Centos-5-4, FC-12, FC-14, RHEL-5-5, RHEL-6-0
-- FreeBSD-7-3, FreeBSD-8-1
-- OpenBSD-4-8
-+ Debian-6-0, Ubuntu-10-4, Ubuntu-12-04
-+ Centos-5-4, FC-12, FC-14, RHEL-5-5, RHEL-6-0
-+ FreeBSD-8-1, FreeBSD-9-0
-+ OpenBSD-4-8, OpenBSD-5-2, OpenBSD-5-3
- Slackware-13-1
- -e Where the enablesid config file lives.
- -E Write ONLY the enabled rules to the output files.
+ ####### This next section is optional, but probably pretty useful to you.
+ ####### Please read thoroughly!
+@@ -187,7 +187,7 @@ snort_control=/usr/local/bin/snort_contr
+ # This value MUST contain all 4 minor version
+ # numbers. ET rules are now also dependant on this, verify supported ET versions
+ # prior to simply throwing rubbish in this variable kthx!
+-# snort_version=2.9.0.0
++# snort_version=2.9.7.3
+
+ # Here you can specify what rule modification files to run automatically.
+ # simply uncomment and specify the apt path.
+@@ -206,4 +206,4 @@ snort_control=/usr/local/bin/snort_contr
+ ####### need to process so_rules, simply comment out the so_rule section
+ ####### you can also specify -T at runtime to process only GID 1 rules.
+
+-version=0.7.0
++version=0.7.1
Added: head/security/pulledpork/files/patch-pulledpork.pl
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/pulledpork/files/patch-pulledpork.pl Sun Jun 14 19:31:20 2015 (r389648)
@@ -0,0 +1,141 @@
+--- pulledpork.pl.orig 2015-06-01 19:41:36 UTC
++++ pulledpork.pl
+@@ -3,7 +3,7 @@
+ ## pulledpork v(whatever it says below!)
+ ## cummingsj at gmail.com
+
+-# Copyright (C) 2009-2013 JJ Cummings and the PulledPork Team!
++# Copyright (C) 2009-2014 JJ Cummings and the PulledPork Team!
+
+ # This program is free software; you can redistribute it and/or
+ # modify it under the terms of the GNU General Public License
+@@ -41,16 +41,17 @@ use Data::Dumper;
+
+ # we are gonna need these!
+ my ( $oinkcode, $temp_path, $rule_file, $Syslogging );
+-my $VERSION = "PulledPork v0.7.0 - Swine Flu!";
++my $VERSION = "PulledPork v0.7.1 - Swine Flu with a side of Ebola!";
+ my $ua = LWP::UserAgent->new;
+
++
+ my ( $Hash, $ALogger, $Config_file, $Sorules, $Auto );
+ my ( $Output, $Distro, $Snort, $sid_changelog, $ignore_files );
+ my ( $Snort_config, $Snort_path, $Textonly, $grabonly, $ips_policy, );
+ my ( $pid_path, $SigHup, $NoDownload, $sid_msg_map, @base_url );
+ my ( $local_rules, $arch, $docs, @records, $enonly );
+ my ( $rstate, $keep_rulefiles, $rule_file_path, $prefix, $black_list );
+-my ( $Process, $hmatch, $bmatch , $sid_msg_version);
++my ( $Process, $hmatch, $bmatch , $sid_msg_version, $skipVerify);
+ my $Sostubs = 1;
+
+ # verbose and quiet control print()
+@@ -144,11 +145,11 @@ sub Help {
+ -D What Distro are you running on, for the so_rules
+ For latest supported options see http://www.snort.org/snort-rules/shared-object-rules
+ Valid Distro Types:
+- Debian-5-0, Debian-6-0, Ubuntu-8.04, Ubuntu-10-4
+- Centos-4-8, Centos-5-4, FC-12, FC-14, RHEL-5-5, RHEL-6-0
+- FreeBSD-7-3, FreeBSD-8-1
+- OpenBSD-4-8
+- Slackware-13-1
++ Debian-6-0, Ubuntu-10-4, Ubuntu-12-04, Centos-5-4
++ FC-12, FC-14, RHEL-5-5, RHEL-6-0
++ FreeBSD-8-1, FreeBSD-9-0, FreeBSD-10-0
++ OpenBSD-5-2, OpenBSD-5-3
++ OpenSUSE-11-4, OpenSUSE-12-1, Slackware-13-1
+ -e Where the enablesid config file lives.
+ -E Write ONLY the enabled rules to the output files.
+ -g grabonly (download tarball rule file(s) and do NOT process)
+@@ -176,6 +177,7 @@ sub Help {
+ -V Print Version and exit
+ -v Verbose mode, you know.. for troubleshooting and such nonsense.
+ -vv EXTRA Verbose mode, you know.. for in-depth troubleshooting and other such nonsense.
++ -w Skip the SSL verification (if there are issues pulling down rule files)
+ __EOT
+
+ exit(0);
+@@ -191,7 +193,7 @@ sub pulledpork {
+ `----,\\ )
+ `--==\\\\ / $VERSION
+ `--==\\\\/
+- .-~~~~-.Y|\\\\_ Copyright (C) 2009-2013 JJ Cummings
++ .-~~~~-.Y|\\\\_ Copyright (C) 2009-2014 JJ Cummings
+ \@_/ / 66\\_ cummingsj\@gmail.com
+ | \\ \\ _(\")
+ \\ /-| ||'--' Rules give me wings!
+@@ -350,9 +352,27 @@ sub compare_md5 {
+ ## mimic LWP::Simple getstore routine - Thx pkthound!
+ sub getstore {
+ my ( $url, $file ) = @_;
+- my $request = HTTP::Request->new( GET => $url );
+- my $response = $ua->request( $request, $file );
+- $response->code;
++
++ # on the first run, the file may not exist, so check.
++ if ( -e $file) {
++ # Check to ensure the user has write access to the file
++ if ( -r $file && -w _) {
++ my $request = HTTP::Request->new( GET => $url );
++ my $response = $ua->request( $request, $file );
++ $response->code;
++ } else {
++ carp "ERROR: $file is not writable by ".(getpwuid($<))[0]."\n";
++ syslogit( 'err|local0', "FATAL: $file is not writable by ".(getpwuid($<))[0]."\n" )
++ if $Syslogging;
++ exit(1);
++ }
++ } else {
++ # The file does not exist, any errors refer to permission issues
++ my $request = HTTP::Request->new( GET => $url );
++ my $response = $ua->request( $request, $file );
++ $response->code;
++ }
++
+ }
+
+ ## time to grab the real 0xb33f
+@@ -1507,7 +1527,8 @@ GetOptions(
+ "u=s" => \@base_url,
+ "V!" => sub { Version() },
+ "v+" => \$Verbose,
+- "help|?" => sub { Help() }
++ "help|?" => sub { Help() },
++ "w" => \$skipVerify
+ );
+
+ ## Fly piggy fly!
+@@ -1533,7 +1554,7 @@ if ( $Verbose && !$Quiet ) {
+ if ( exists $Config_info{'version'} ) {
+ croak "You are not using the current version of pulledpork.conf!\n",
+ "Please use the version of pulledpork.conf that shipped with $VERSION!\n\n"
+- if $Config_info{'version'} ne "0.7.0";
++ if $Config_info{'version'} ne "0.7.1";
+ }
+ else {
+ croak
+@@ -1700,6 +1721,7 @@ if ( $Verbose && !$Quiet ) {
+ if ($Textonly) { print "\tText Rules only Flag is Set\n"; }
+ if ( $Verbose == 2 ) { print "\tExtra Verbose Flag is Set\n"; }
+ if ($Verbose) { print "\tVerbose Flag is Set\n"; }
++ if ($skipVerify) { print "\tSSL Hostname Verification disabled\n"; }
+ if (@base_url) { print "\tBase URL is: @base_url\n"; }
+ }
+
+@@ -1717,10 +1739,17 @@ if ( !-d $temp_path ) {
+ # Validate sid_msg_map version
+ Help("Please specify version 1 or 2 for sid_msg_version in your config file\n") unless $sid_msg_version =~ /(1|2)/;
+
++
+ # set some UserAgent and other connection configs
+ $ua->agent("$VERSION");
+ $ua->show_progress(1) if ( $Verbose && !$Quiet );
+
++# check to see if SSL verfication is disabled
++if ($skipVerify) {
++ $ua->ssl_opts( verify_hostname => 0 )
++}
++
++
+ # New Settings to allow proxy connections to use proper SSL formating - Thx pkthound!
+ $ua->timeout(60);
+ $ua->cookie_jar( {} );
Added: head/security/pulledpork/pkg-plist
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/pulledpork/pkg-plist Sun Jun 14 19:31:20 2015 (r389648)
@@ -0,0 +1,14 @@
+bin/pulledpork.pl
+%%ETCDIR%%/disablesid.conf.sample
+%%ETCDIR%%/dropsid.conf.sample
+%%ETCDIR%%/enablesid.conf.sample
+%%ETCDIR%%/modifysid.conf.sample
+@(,,0640) %%ETCDIR%%/pulledpork.conf.sample
+%%PORTDOCS%%%%DOCSDIR%%/README
+%%PORTDOCS%%%%DOCSDIR%%/README.CATEGORIES
+%%PORTDOCS%%%%DOCSDIR%%/README.CHANGES
+%%PORTDOCS%%%%DOCSDIR%%/README.RULESET
+%%PORTDOCS%%%%DOCSDIR%%/README.SHAREDOBJECTS
+%%DATADIR%%/README.CONTRIB
+%%DATADIR%%/oink-conv.pl
+ at dir(,,0750) %%ETCDIR%%
More information about the svn-ports-head
mailing list