svn commit: r518343 - in head/security: ossec-hids ossec-hids-agent ossec-hids-local ossec-hids-local-config ossec-hids-local/files ossec-hids-local/scripts ossec-hids-server
Fernando Apesteguía
fernape at FreeBSD.org
Sun Nov 24 17:58:31 UTC 2019
Author: fernape
Date: Sun Nov 24 17:58:28 2019
New Revision: 518343
URL: https://svnweb.freebsd.org/changeset/ports/518343
Log:
security/ossec-hids*: update to 3.5.0
ChangeLogs:
https://github.com/ossec/ossec-hids/releases/tag/3.4.0
https://github.com/ossec/ossec-hids/releases/tag/3.5.0
PR: 242110
Submitted by: dominik.lisiak at bemsoft.pl (maintainer)
Added:
head/security/ossec-hids/version.mk (contents, props changed)
Deleted:
head/security/ossec-hids-local-config/distinfo
Modified:
head/security/ossec-hids-agent/Makefile
head/security/ossec-hids-local-config/Makefile
head/security/ossec-hids-local/Makefile
head/security/ossec-hids-local/distinfo
head/security/ossec-hids-local/files/ossec-hids.in
head/security/ossec-hids-local/pkg-plist-agent
head/security/ossec-hids-local/pkg-plist-local
head/security/ossec-hids-local/pkg-plist-server
head/security/ossec-hids-local/scripts/plist.conf
head/security/ossec-hids-server/Makefile
head/security/ossec-hids/Makefile
Modified: head/security/ossec-hids-agent/Makefile
==============================================================================
--- head/security/ossec-hids-agent/Makefile Sun Nov 24 17:52:00 2019 (r518342)
+++ head/security/ossec-hids-agent/Makefile Sun Nov 24 17:58:28 2019 (r518343)
@@ -1,5 +1,6 @@
# $FreeBSD$
+COMMENT= Security tool to monitor and check logs and intrusions - agent installation
OSSEC_TYPE= agent
MASTERDIR= ${.CURDIR}/../ossec-hids-local
Modified: head/security/ossec-hids-local-config/Makefile
==============================================================================
--- head/security/ossec-hids-local-config/Makefile Sun Nov 24 17:52:00 2019 (r518342)
+++ head/security/ossec-hids-local-config/Makefile Sun Nov 24 17:58:28 2019 (r518343)
@@ -1,19 +1,13 @@
# $FreeBSD$
-PORTNAME= ossec-hids
-PORTVERSION= 3.3.0
-PORTREVISION= 0
-CATEGORIES= security
-PKGNAMESUFFIX= -${OSSEC_TYPE}-config
-
-MAINTAINER= dominik.lisiak at bemsoft.pl
-COMMENT= Configuration manager for ossec-hids
-
-LICENSE= GPLv2
-
+PKGNAMESUFFIX?= -${OSSEC_TYPE}-config
+COMMENT?= Configuration manager for ossec-hids-${OSSEC_TYPE}
OSSEC_TYPE?= local
+.include "${.CURDIR}/../ossec-hids/version.mk"
+
MASTERDIR?= ${.CURDIR}
+DISTINFO_FILE?= ${MASTERDIR}/../ossec-hids-local/distinfo
.if ${OSSEC_TYPE} == local
CONFLICTS_INSTALL= ossec-hids-client-* \
Modified: head/security/ossec-hids-local/Makefile
==============================================================================
--- head/security/ossec-hids-local/Makefile Sun Nov 24 17:52:00 2019 (r518342)
+++ head/security/ossec-hids-local/Makefile Sun Nov 24 17:58:28 2019 (r518343)
@@ -1,21 +1,15 @@
# $FreeBSD$
-PORTNAME= ossec-hids
-PORTVERSION= 3.3.0
-PORTREVISION= 0
-CATEGORIES= security
-PKGNAMESUFFIX= -${OSSEC_TYPE}
+PKGNAMESUFFIX?= -${OSSEC_TYPE}
+COMMENT?= Security tool to monitor and check logs and intrusions - local (standalone) installation
+OSSEC_TYPE?= local
-MAINTAINER= dominik.lisiak at bemsoft.pl
-COMMENT= Security tool to monitor and check logs and intrusions
+.include "${.CURDIR}/../ossec-hids/version.mk"
-LICENSE= GPLv2
LICENSE_FILE= ${WRKSRC}/LICENSE
USES= compiler gmake ssl
-OSSEC_TYPE?= local
-
.if ${OSSEC_TYPE} == local
CONFLICTS_INSTALL= ossec-hids-client-* \
ossec-hids-agent-* \
@@ -30,7 +24,7 @@ CONFLICTS_INSTALL= ossec-hids-client-* \
ossec-hids-local-*
.endif
-LIB_DEPENDS= libpcre2-8.so:devel/pcre2
+LIB_DEPENDS= libpcre2-8.so:devel/pcre2 libevent.so:devel/libevent
.if ${OSSEC_TYPE} != agent
RUN_DEPENDS= expect:lang/expect
.endif
@@ -41,7 +35,7 @@ ZEROMQ_LIB_DEPENDS= libczmq.so:net/czmq
INOTIFY_USES= pkgconfig
LUA_USES= readline
-MYSQL_USES= mysql
+MYSQL_USE= mysql
PGSQL_USES= pgsql
USE_GITHUB= yes
@@ -135,8 +129,13 @@ FIREWALL_DROP_BIN= ${OSSEC_HOME}/active-response/bin/f
IPFILTER_BIN= ${OSSEC_HOME}/active-response/bin/ipfilter.sh
RESTART_OSSEC_BIN= ${OSSEC_HOME}/active-response/bin/restart-ossec.sh
SHARED_DIR= ${OSSEC_HOME}/etc/shared
-INTERNAL_OPTS_CONF= ${OSSEC_HOME}/etc/local_internal_options.conf
+SAMPLE_FILES= ${OSSEC_HOME}/etc/local_internal_options.conf \
+ ${OSSEC_HOME}/active-response/bin/cloudflare-ban.sh \
+ ${OSSEC_HOME}/active-response/bin/ossec-pagerduty.sh \
+ ${OSSEC_HOME}/active-response/bin/ossec-slack.sh \
+ ${OSSEC_HOME}/active-response/bin/ossec-tweeter.sh
+
.if empty(USER)
USER=$$(${ID} -un)
.endif
@@ -187,6 +186,9 @@ INOTIFY_CFLAGS= $$(${PKG_CONFIG} --cflags libinotify)
INOTIFY_LDFLAGS=$$(${PKG_CONFIG} --libs libinotify)
OSSEC_ARGS+= TARGET=${OSSEC_TYPE} PCRE2_SYSTEM=yes INSTALL_LOCALTIME=no INSTALL_RESOLVCONF=no
+.if defined(OSSEC_MAX_AGENTS)
+OSSEC_ARGS+= MAXAGENTS=${OSSEC_MAX_AGENTS}
+.endif
.if !defined(MAINTAINER_MODE)
OSSEC_ARGS+= INSTALL_CMD=install
.endif
@@ -212,7 +214,9 @@ do-install:
@cd ${WRKSRC}/src; ${SETENV} ${MAKE_ENV} ${MAKE_CMD} ${INSTALL_ARGS} install
post-install:
- @${MV} -f ${STAGEDIR}${INTERNAL_OPTS_CONF} ${STAGEDIR}${INTERNAL_OPTS_CONF}.sample
+.for file_path in ${SAMPLE_FILES}
+ @${MV} -f ${STAGEDIR}${file_path} ${STAGEDIR}${file_path}.sample
+.endfor
@${MV} -f ${STAGEDIR}${FIREWALL_DROP_BIN} ${STAGEDIR}${IPFILTER_BIN}
@${CP} ${WRKDIR}/restart-ossec.sh ${STAGEDIR}${RESTART_OSSEC_BIN}
@${CHMOD} 550 ${STAGEDIR}${RESTART_OSSEC_BIN}
Modified: head/security/ossec-hids-local/distinfo
==============================================================================
--- head/security/ossec-hids-local/distinfo Sun Nov 24 17:52:00 2019 (r518342)
+++ head/security/ossec-hids-local/distinfo Sun Nov 24 17:58:28 2019 (r518343)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1555773447
-SHA256 (ossec-ossec-hids-3.3.0_GH0.tar.gz) = 34fac7664548ddfeea96cb0567df4eda7515cc107625eb25315a5c3522954197
-SIZE (ossec-ossec-hids-3.3.0_GH0.tar.gz) = 1900070
+TIMESTAMP = 1574094213
+SHA256 (ossec-ossec-hids-3.5.0_GH0.tar.gz) = 720458e7da9fb1437efab3030a3bd42ca84dc652dd1931dedce745456d40e1ad
+SIZE (ossec-ossec-hids-3.5.0_GH0.tar.gz) = 1920232
Modified: head/security/ossec-hids-local/files/ossec-hids.in
==============================================================================
--- head/security/ossec-hids-local/files/ossec-hids.in Sun Nov 24 17:52:00 2019 (r518342)
+++ head/security/ossec-hids-local/files/ossec-hids.in Sun Nov 24 17:58:28 2019 (r518343)
@@ -13,7 +13,7 @@
# Default: NO
# ossec_hids_fetch_connect_time (int): Time in seconds to wait for the download of the shared configuration to start.
# Used only by agent installation.
-# Default: 30
+# Default: 40
# ossec_hids_fetch_read_time (int): Time in seconds to wait for subsequent download chunks of the shared configuration.
# Used only by agent installation.
# Default: 10
@@ -28,7 +28,7 @@ load_rc_config $name
: ${ossec_hids_enable="NO"}
: ${ossec_hids_clear_log="NO"}
: ${ossec_hids_clear_ar_log="NO"}
-: ${ossec_hids_fetch_connect_time=30}
+: ${ossec_hids_fetch_connect_time=40}
: ${ossec_hids_fetch_read_time=10}
ossec_type="%%OSSEC_TYPE%%"
Modified: head/security/ossec-hids-local/pkg-plist-agent
==============================================================================
--- head/security/ossec-hids-local/pkg-plist-agent Sun Nov 24 17:52:00 2019 (r518342)
+++ head/security/ossec-hids-local/pkg-plist-agent Sun Nov 24 17:58:28 2019 (r518343)
@@ -1,6 +1,7 @@
@dir(,ossec,0550) %%OSSEC_HOME%%
@dir(,ossec,0550) %%OSSEC_HOME%%/active-response
@dir(,ossec,0550) %%OSSEC_HOME%%/active-response/bin
+ at sample(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/cloudflare-ban.sh.sample
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/disable-account.sh
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/firewalld-drop.sh
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/host-deny.sh
@@ -9,9 +10,9 @@
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ipfw.sh
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ipfw_mac.sh
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/npf.sh
-@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-pagerduty.sh
-@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-slack.sh
-@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-tweeter.sh
+ at sample(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-pagerduty.sh.sample
+ at sample(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-slack.sh.sample
+ at sample(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-tweeter.sh.sample
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/pf.sh
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/restart-ossec.sh
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/route-null.sh
Modified: head/security/ossec-hids-local/pkg-plist-local
==============================================================================
--- head/security/ossec-hids-local/pkg-plist-local Sun Nov 24 17:52:00 2019 (r518342)
+++ head/security/ossec-hids-local/pkg-plist-local Sun Nov 24 17:58:28 2019 (r518343)
@@ -1,6 +1,7 @@
@dir(,ossec,0550) %%OSSEC_HOME%%
@dir(,ossec,0550) %%OSSEC_HOME%%/active-response
@dir(,ossec,0550) %%OSSEC_HOME%%/active-response/bin
+ at sample(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/cloudflare-ban.sh.sample
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/disable-account.sh
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/firewalld-drop.sh
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/host-deny.sh
@@ -9,9 +10,9 @@
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ipfw.sh
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ipfw_mac.sh
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/npf.sh
-@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-pagerduty.sh
-@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-slack.sh
-@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-tweeter.sh
+ at sample(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-pagerduty.sh.sample
+ at sample(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-slack.sh.sample
+ at sample(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-tweeter.sh.sample
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/pf.sh
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/restart-ossec.sh
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/route-null.sh
Modified: head/security/ossec-hids-local/pkg-plist-server
==============================================================================
--- head/security/ossec-hids-local/pkg-plist-server Sun Nov 24 17:52:00 2019 (r518342)
+++ head/security/ossec-hids-local/pkg-plist-server Sun Nov 24 17:58:28 2019 (r518343)
@@ -1,6 +1,7 @@
@dir(,ossec,0550) %%OSSEC_HOME%%
@dir(,ossec,0550) %%OSSEC_HOME%%/active-response
@dir(,ossec,0550) %%OSSEC_HOME%%/active-response/bin
+ at sample(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/cloudflare-ban.sh.sample
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/disable-account.sh
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/firewalld-drop.sh
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/host-deny.sh
@@ -9,9 +10,9 @@
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ipfw.sh
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ipfw_mac.sh
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/npf.sh
-@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-pagerduty.sh
-@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-slack.sh
-@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-tweeter.sh
+ at sample(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-pagerduty.sh.sample
+ at sample(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-slack.sh.sample
+ at sample(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-tweeter.sh.sample
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/pf.sh
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/restart-ossec.sh
@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/route-null.sh
Modified: head/security/ossec-hids-local/scripts/plist.conf
==============================================================================
--- head/security/ossec-hids-local/scripts/plist.conf Sun Nov 24 17:52:00 2019 (r518342)
+++ head/security/ossec-hids-local/scripts/plist.conf Sun Nov 24 17:58:28 2019 (r518343)
@@ -27,4 +27,8 @@ if [ "${OSSEC_TYPE}" = "agent" ]; then
fi
sample_paths="
-/etc/local_internal_options.conf.sample"
+/etc/local_internal_options.conf.sample
+/active-response/bin/cloudflare-ban.sh.sample
+/active-response/bin/ossec-pagerduty.sh.sample
+/active-response/bin/ossec-slack.sh.sample
+/active-response/bin/ossec-tweeter.sh.sample"
Modified: head/security/ossec-hids-server/Makefile
==============================================================================
--- head/security/ossec-hids-server/Makefile Sun Nov 24 17:52:00 2019 (r518342)
+++ head/security/ossec-hids-server/Makefile Sun Nov 24 17:58:28 2019 (r518343)
@@ -1,5 +1,6 @@
# $FreeBSD$
+COMMENT= Security tool to monitor and check logs and intrusions - server installation
OSSEC_TYPE= server
MASTERDIR= ${.CURDIR}/../ossec-hids-local
Modified: head/security/ossec-hids/Makefile
==============================================================================
--- head/security/ossec-hids/Makefile Sun Nov 24 17:52:00 2019 (r518342)
+++ head/security/ossec-hids/Makefile Sun Nov 24 17:58:28 2019 (r518343)
@@ -1,14 +1,6 @@
# $FreeBSD$
-PORTNAME= ossec-hids
-PORTVERSION= 3.3.0
-PORTREVISION= 0
-CATEGORIES= security
-
-MAINTAINER= dominik.lisiak at bemsoft.pl
-COMMENT= Security tool to monitor and check logs and intrusions
-
-LICENSE= GPLv2
+.include "${.CURDIR}/version.mk"
RUN_DEPENDS= ossec-hids-${OSSEC_TYPE}>=${PORTVERSION}:security/ossec-hids-${OSSEC_TYPE}
Added: head/security/ossec-hids/version.mk
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/ossec-hids/version.mk Sun Nov 24 17:58:28 2019 (r518343)
@@ -0,0 +1,9 @@
+PORTNAME= ossec-hids
+PORTVERSION= 3.5.0
+PORTREVISION?= 0
+CATEGORIES= security
+
+MAINTAINER= dominik.lisiak at bemsoft.pl
+COMMENT?= Security tool to monitor and check logs and intrusions
+
+LICENSE= GPLv2
More information about the svn-ports-head
mailing list