aboutsummaryrefslogtreecommitdiff
path: root/security/nsm-console
diff options
context:
space:
mode:
authorMartin Wilke <miwi@FreeBSD.org>2008-01-21 11:56:43 +0000
committerMartin Wilke <miwi@FreeBSD.org>2008-01-21 11:56:43 +0000
commitb53d9e87d0b33afe467a699e484b18400c1fc86f (patch)
tree2c23523f1adee45a47c244337cb41674b1e80b7e /security/nsm-console
parent066c9be2c4e74d143708467464546a59132c1907 (diff)
downloadports-b53d9e87d0b33afe467a699e484b18400c1fc86f.tar.gz
ports-b53d9e87d0b33afe467a699e484b18400c1fc86f.zip
Notes
Diffstat (limited to 'security/nsm-console')
-rw-r--r--security/nsm-console/Makefile108
-rw-r--r--security/nsm-console/distinfo3
-rw-r--r--security/nsm-console/files/patch-lib-nsm_consle.rb18
-rw-r--r--security/nsm-console/files/patch-nsm38
-rw-r--r--security/nsm-console/pkg-descr4
-rw-r--r--security/nsm-console/pkg-message8
-rw-r--r--security/nsm-console/pkg-plist168
7 files changed, 347 insertions, 0 deletions
diff --git a/security/nsm-console/Makefile b/security/nsm-console/Makefile
new file mode 100644
index 000000000000..2f099c76b426
--- /dev/null
+++ b/security/nsm-console/Makefile
@@ -0,0 +1,108 @@
+# New ports collection makefile for: nsm-console
+# Date created: 2008-01-15
+# Whom: Tomoyuki Sakurai <cherry@trombik.org>
+#
+# $FreeBSD$
+#
+
+PORTNAME= nsm-console
+PORTVERSION= 0.3
+CATEGORIES= security
+MASTER_SITES= http://navi.eight7.org/~hinmanm/files/
+
+MAINTAINER= cherry@trombik.org
+COMMENT= A framework for performing analysis on packat capture files
+
+USE_RUBY= yes
+NO_BUILD= yes
+RUBY_NO_BUILD_DEPENDS= yes
+WRKSRC= ${WRKDIR}/${PORTNAME}
+OPTIONS= TSHARK "Install tshark" on \
+ WIRESHARK "Install wireshark" off \
+ TCPDSTAT "Install tcpdstat" on \
+ NGREP "Install ngrep" on \
+ TCPFLOW "Install tcpflow" on \
+ SNORT "Install snort" on \
+ TCPXTRACT "Install tcpxtract" on \
+ P0F "Install p0f" on \
+ PADS "Install pads" on \
+ FL0P "Install fl0p" on \
+ CHAOSREADER "Install chaosreader" on \
+ ARGUS "Install argus" on
+NSM_LIBFILES= command_manager.rb \
+ command_manager.rb \
+ commands.rb \
+ encodelib.rb \
+ history.rb \
+ logging.rb \
+ nsm_category.rb \
+ nsm_console.rb \
+ nsm_helper.rb \
+ nsm_module.rb
+NSM_DOC= CHANGELOG TODO
+
+.include <bsd.port.pre.mk>
+
+.if defined(WITH_TSHARK)
+RUN_DEPEND+= ${LOCALBASE}/bin/tshark:${PORTSDIR}/net/tshark
+.endif
+.if defined(WITH_WIRESHARK)
+.if defined(WITH_TSHARK)
+IGNORE= you cannot enable both WIRESHARK and TSHARK
+.else
+RUN_DEPENDS+= ${LOCALBASE}/bin/wireshark:${PORTSDIR}/net/wireshark
+.endif
+.endif
+.if defined(WITH_TCPDSTAT)
+RUN_DEPENDS+= ${LOCALBASE}/bin/tcpdstat:${PORTSDIR}/net/tcpdstat
+.endif
+.if defined(WITH_NGREP)
+RUN_DEPENDS+= ${LOCALBASE}/bin/ngrep:${PORTSDIR}/net/ngrep
+.endif
+.if defined(WITH_TCPFLOW)
+RUN_DEPENDS+= ${LOCALBASE}/bin/tcpflow:${PORTSDIR}/net/tcpflow
+.endif
+.if defined(WITH_SNORT)
+RUN_DEPENDS+= ${LOCALBASE}/bin/snort:${PORTSDIR}/security/snort
+.endif
+.if defined(WITH_TCPXTRACT)
+RUN_DEPENDS+= ${LOCALBASE}/bin/tcpxtract:${PORTSDIR}/net/tcpxtract
+.endif
+.if defined(WITH_P0F)
+RUN_DEPENDS+= ${LOCALBASE}/bin/p0f:${PORTSDIR}/net-mgmt/p0f
+.endif
+.if defined(WITH_PADS)
+RUN_DEPENDS+= ${LOCALBASE}/bin/pads:${PORTSDIR}/net-mgmt/pads
+.endif
+.if defined(WITH_FL0P)
+RUN_DEPENDS+= ${LOCALBASE}/bin/fl0p:${PORTSDIR}/security/fl0p
+.endif
+.if defined(WITH_CHAOSREADER)
+RUN_DEPENDS+= ${LOCALBASE}/bin/chaosreader:${PORTSDIR}/security/chaosreader
+.endif
+.if defined(WITH_ARGUS)
+RUN_DEPENDS+= ${LOCALBASE}/bin/ra:${PORTSDIR}/net-mgmt/argus-clients \
+ ${LOCALBASE}/sbin/argus:${PORTSDIR}/net-mgmt/argus
+.endif
+
+post-patch:
+ ${REINPLACE_CMD} -e 's|%%DATADIR%%|${DATADIR}|g' ${WRKSRC}/nsm
+
+do-install:
+ ${MKDIR} ${RUBY_SITELIBDIR}/${PORTNAME}
+.for F in ${NSM_LIBFILES}
+ ${INSTALL_DATA} ${WRKSRC}/lib/${F} ${RUBY_SITELIBDIR}/${PORTNAME}
+.endfor
+.for D in modules
+ cd ${WRKSRC} && ${FIND} ${D} -type d -exec ${MKDIR} ${DATADIR}/{} ";"
+ cd ${WRKSRC} && ${FIND} ${D} -type f -exec ${INSTALL_DATA} {} ${DATADIR}/{} ";"
+.endfor
+ ${INSTALL_SCRIPT} ${WRKSRC}/nsm ${PREFIX}/bin
+.if !defined(NOPORTDOCS)
+ ${MKDIR} ${DOCSDIR}
+.for F in ${NSM_DOC}
+ ${INSTALL_DATA} ${WRKSRC}/${F} ${DOCSDIR}/
+.endfor
+.endif
+
+.include <bsd.port.post.mk>
diff --git a/security/nsm-console/distinfo b/security/nsm-console/distinfo
new file mode 100644
index 000000000000..a9b5c711f29a
--- /dev/null
+++ b/security/nsm-console/distinfo
@@ -0,0 +1,3 @@
+MD5 (nsm-console-0.3.tar.gz) = d97885eaadc51de2308acac8f5c279a4
+SHA256 (nsm-console-0.3.tar.gz) = 2e012f9eb38749edb8f1f8441ed34c1814682ae765acc0ce382e1f82d3e0455d
+SIZE (nsm-console-0.3.tar.gz) = 415384
diff --git a/security/nsm-console/files/patch-lib-nsm_consle.rb b/security/nsm-console/files/patch-lib-nsm_consle.rb
new file mode 100644
index 000000000000..69276d7d268c
--- /dev/null
+++ b/security/nsm-console/files/patch-lib-nsm_consle.rb
@@ -0,0 +1,18 @@
+--- lib/nsm_console.rb.orig 2008-01-15 20:23:34.000000000 +0900
++++ lib/nsm_console.rb 2008-01-15 20:24:32.000000000 +0900
+@@ -15,7 +15,7 @@
+ load_categories($moduledir)
+
+ ## Initialize logging
+- logfilename = "logs/nsm-log."
++ logfilename = ENV["HOME"] + "/logs/nsm-log."
+ logfilename.concat(Time.now.year.to_s)
+ logfilename.concat(Time.now.month.to_s)
+ logfilename.concat(Time.now.day.to_s)
+@@ -81,4 +81,4 @@
+
+ start_shell()
+ end
+-end
+\ No newline at end of file
++end
diff --git a/security/nsm-console/files/patch-nsm b/security/nsm-console/files/patch-nsm
new file mode 100644
index 000000000000..c331f3fa47f1
--- /dev/null
+++ b/security/nsm-console/files/patch-nsm
@@ -0,0 +1,38 @@
+--- nsm.orig 2008-01-09 07:20:10.000000000 +0900
++++ nsm 2008-01-15 20:05:17.000000000 +0900
+@@ -12,8 +12,8 @@
+ include Readline
+
+ ## Require commands
+-require 'lib/command_manager'
+-require 'lib/commands'
++require 'nsm-console/command_manager'
++require 'nsm-console/commands'
+
+ ## Required for tab completion
+ $tabstrings = CommandManager.get_commands_as_array()
+@@ -23,16 +23,16 @@
+ Readline.completion_proc = lambda{|s| $tabstrings.find_all{|elm| elm =~ /#{s}/}}
+
+ ## Require nsm console specific files
+-require 'lib/logging'
+-require 'lib/history'
+-require 'lib/nsm_module'
+-require 'lib/nsm_category'
+-require 'lib/nsm_helper'
+-require 'lib/nsm_console'
+-require 'lib/encodelib'
++require 'nsm-console/logging'
++require 'nsm-console/history'
++require 'nsm-console/nsm_module'
++require 'nsm-console/nsm_category'
++require 'nsm-console/nsm_helper'
++require 'nsm-console/nsm_console'
++require 'nsm-console/encodelib'
+
+ ## Default module directory
+-$moduledir = "modules"
++$moduledir = "%%DATADIR%%/modules"
+ ## Default output directory
+ $outputdir = "${PCAP_BASE}-output"
+
diff --git a/security/nsm-console/pkg-descr b/security/nsm-console/pkg-descr
new file mode 100644
index 000000000000..fbc887e54152
--- /dev/null
+++ b/security/nsm-console/pkg-descr
@@ -0,0 +1,4 @@
+NSM Console (Network Security Monitoring Console) is a framework for performing
+analysis on packat capture files.
+
+WWW: http://thnetos.wordpress.com/nsm-console/
diff --git a/security/nsm-console/pkg-message b/security/nsm-console/pkg-message
new file mode 100644
index 000000000000..3bdf5627b4c9
--- /dev/null
+++ b/security/nsm-console/pkg-message
@@ -0,0 +1,8 @@
+Default log directory is $HOME/logs, which is NOT automatically created.
+
+Execute:
+ > mkdir $HOME/logs
+or change it from nsm console:
+ nsm> logfile path/to/logfile
+
+This will be configurable in the future.
diff --git a/security/nsm-console/pkg-plist b/security/nsm-console/pkg-plist
new file mode 100644
index 000000000000..9aba7ab86d67
--- /dev/null
+++ b/security/nsm-console/pkg-plist
@@ -0,0 +1,168 @@
+@comment $FreeBSD$
+bin/nsm
+%%RUBY_SITELIBDIR%%/nsm-console/commands.rb
+%%RUBY_SITELIBDIR%%/nsm-console/encodelib.rb
+%%RUBY_SITELIBDIR%%/nsm-console/history.rb
+%%RUBY_SITELIBDIR%%/nsm-console/logging.rb
+%%RUBY_SITELIBDIR%%/nsm-console/nsm_category.rb
+%%RUBY_SITELIBDIR%%/nsm-console/nsm_console.rb
+%%RUBY_SITELIBDIR%%/nsm-console/nsm_helper.rb
+%%RUBY_SITELIBDIR%%/nsm-console/nsm_module.rb
+%%RUBY_SITELIBDIR%%/nsm-console/command_manager.rb
+%%DATADIR%%/modules/aimsnarf.module/aimsnarf
+%%DATADIR%%/modules/aimsnarf.module/defaults
+%%DATADIR%%/modules/aimsnarf.module/description
+%%DATADIR%%/modules/aimsnarf.module/info
+%%DATADIR%%/modules/argus-basic.module/argus-basic
+%%DATADIR%%/modules/argus-basic.module/defaults
+%%DATADIR%%/modules/argus-basic.module/description
+%%DATADIR%%/modules/argus-basic.module/info
+%%DATADIR%%/modules/bro-ids.module/bro-ids
+%%DATADIR%%/modules/bro-ids.module/bro.cfg
+%%DATADIR%%/modules/bro-ids.module/defaults
+%%DATADIR%%/modules/bro-ids.module/description
+%%DATADIR%%/modules/bro-ids.module/info
+%%DATADIR%%/modules/capinfos.module/capinfos
+%%DATADIR%%/modules/capinfos.module/defaults
+%%DATADIR%%/modules/capinfos.module/description
+%%DATADIR%%/modules/capinfos.module/info
+%%DATADIR%%/modules/categories/flow
+%%DATADIR%%/modules/categories/forensics
+%%DATADIR%%/modules/categories/nsm
+%%DATADIR%%/modules/categories/statistics
+%%DATADIR%%/modules/chaosreader.module/chaosreader
+%%DATADIR%%/modules/chaosreader.module/defaults
+%%DATADIR%%/modules/chaosreader.module/description
+%%DATADIR%%/modules/chaosreader.module/info
+%%DATADIR%%/modules/fl0p.module/defaults
+%%DATADIR%%/modules/fl0p.module/description
+%%DATADIR%%/modules/fl0p.module/fl0p
+%%DATADIR%%/modules/fl0p.module/info
+%%DATADIR%%/modules/hash.module/defaults
+%%DATADIR%%/modules/hash.module/description
+%%DATADIR%%/modules/hash.module/hash
+%%DATADIR%%/modules/hash.module/info
+%%DATADIR%%/modules/honeysnap.module/defaults
+%%DATADIR%%/modules/honeysnap.module/description
+%%DATADIR%%/modules/honeysnap.module/honeysnap
+%%DATADIR%%/modules/honeysnap.module/honeysnap.cfg
+%%DATADIR%%/modules/honeysnap.module/info
+%%DATADIR%%/modules/iploc.module/defaults
+%%DATADIR%%/modules/iploc.module/description
+%%DATADIR%%/modules/iploc.module/info
+%%DATADIR%%/modules/iploc.module/iploc
+%%DATADIR%%/modules/ngrep.module/description
+%%DATADIR%%/modules/ngrep.module/info
+%%DATADIR%%/modules/ngrep.module/ngrep
+%%DATADIR%%/modules/p0f.module/defaults
+%%DATADIR%%/modules/p0f.module/description
+%%DATADIR%%/modules/p0f.module/info
+%%DATADIR%%/modules/p0f.module/p0f
+%%DATADIR%%/modules/pads.module/defaults
+%%DATADIR%%/modules/pads.module/description
+%%DATADIR%%/modules/pads.module/info
+%%DATADIR%%/modules/pads.module/pads
+%%DATADIR%%/modules/snort.module/rules/bleeding-attack_response.rules
+%%DATADIR%%/modules/snort.module/rules/bleeding-botcc-BLOCK.rules
+%%DATADIR%%/modules/snort.module/rules/bleeding-botcc.excluded
+%%DATADIR%%/modules/snort.module/rules/bleeding-botcc.rules
+%%DATADIR%%/modules/snort.module/rules/bleeding-compromised-BLOCK.rules
+%%DATADIR%%/modules/snort.module/rules/bleeding-compromised.rules
+%%DATADIR%%/modules/snort.module/rules/bleeding-dos.rules
+%%DATADIR%%/modules/snort.module/rules/bleeding-drop-BLOCK.rules
+%%DATADIR%%/modules/snort.module/rules/bleeding-drop.rules
+%%DATADIR%%/modules/snort.module/rules/bleeding-dshield-BLOCK.rules
+%%DATADIR%%/modules/snort.module/rules/bleeding-dshield.rules
+%%DATADIR%%/modules/snort.module/rules/bleeding-exploit.rules
+%%DATADIR%%/modules/snort.module/rules/bleeding-game.rules
+%%DATADIR%%/modules/snort.module/rules/bleeding-inappropriate.rules
+%%DATADIR%%/modules/snort.module/rules/bleeding-malware.rules
+%%DATADIR%%/modules/snort.module/rules/bleeding-p2p.rules
+%%DATADIR%%/modules/snort.module/rules/bleeding-policy.rules
+%%DATADIR%%/modules/snort.module/rules/bleeding-rbn-BLOCK.rules
+%%DATADIR%%/modules/snort.module/rules/bleeding-rbn.rules
+%%DATADIR%%/modules/snort.module/rules/bleeding-scan.rules
+%%DATADIR%%/modules/snort.module/rules/bleeding-sid-msg.map
+%%DATADIR%%/modules/snort.module/rules/bleeding-virus.rules
+%%DATADIR%%/modules/snort.module/rules/bleeding-voip.rules
+%%DATADIR%%/modules/snort.module/rules/bleeding-web.rules
+%%DATADIR%%/modules/snort.module/rules/bleeding-web_sql_injection.rules
+%%DATADIR%%/modules/snort.module/rules/bleeding.conf
+%%DATADIR%%/modules/snort.module/rules/bleeding.rules
+%%DATADIR%%/modules/snort.module/rules/community-bot.rules
+%%DATADIR%%/modules/snort.module/rules/community-deleted.rules
+%%DATADIR%%/modules/snort.module/rules/community-dos.rules
+%%DATADIR%%/modules/snort.module/rules/community-ftp.rules
+%%DATADIR%%/modules/snort.module/rules/community-exploit.rules
+%%DATADIR%%/modules/snort.module/rules/community-game.rules
+%%DATADIR%%/modules/snort.module/rules/community-icmp.rules
+%%DATADIR%%/modules/snort.module/rules/community-imap.rules
+%%DATADIR%%/modules/snort.module/rules/community-inappropriate.rules
+%%DATADIR%%/modules/snort.module/rules/community-mail-client.rules
+%%DATADIR%%/modules/snort.module/rules/community-misc.rules
+%%DATADIR%%/modules/snort.module/rules/community-nntp.rules
+%%DATADIR%%/modules/snort.module/rules/community-oracle.rules
+%%DATADIR%%/modules/snort.module/rules/community-policy.rules
+%%DATADIR%%/modules/snort.module/rules/community-sip.rules
+%%DATADIR%%/modules/snort.module/rules/community-smtp.rules
+%%DATADIR%%/modules/snort.module/rules/community-sql-injection.rules
+%%DATADIR%%/modules/snort.module/rules/community-virus.rules
+%%DATADIR%%/modules/snort.module/rules/community-web-attacks.rules
+%%DATADIR%%/modules/snort.module/rules/community-web-cgi.rules
+%%DATADIR%%/modules/snort.module/rules/community-web-client.rules
+%%DATADIR%%/modules/snort.module/rules/community-web-dos.rules
+%%DATADIR%%/modules/snort.module/rules/community-web-iis.rules
+%%DATADIR%%/modules/snort.module/rules/community-web-misc.rules
+%%DATADIR%%/modules/snort.module/rules/community-web-php.rules
+%%DATADIR%%/modules/snort.module/rules/LICENSE
+%%DATADIR%%/modules/snort.module/classification.config
+%%DATADIR%%/modules/snort.module/defaults
+%%DATADIR%%/modules/snort.module/description
+%%DATADIR%%/modules/snort.module/info
+%%DATADIR%%/modules/snort.module/reference.config
+%%DATADIR%%/modules/snort.module/snort
+%%DATADIR%%/modules/snort.module/snort.conf
+%%DATADIR%%/modules/snort.module/unicode.map
+%%DATADIR%%/modules/tcpdstat.module/defaults
+%%DATADIR%%/modules/tcpdstat.module/description
+%%DATADIR%%/modules/tcpdstat.module/info
+%%DATADIR%%/modules/tcpdstat.module/tcpdstat
+%%DATADIR%%/modules/tcpflow.module/defaults
+%%DATADIR%%/modules/tcpflow.module/description
+%%DATADIR%%/modules/tcpflow.module/info
+%%DATADIR%%/modules/tcpflow.module/tcpflow
+%%DATADIR%%/modules/tcpxtract.module/defaults
+%%DATADIR%%/modules/tcpxtract.module/description
+%%DATADIR%%/modules/tcpxtract.module/info
+%%DATADIR%%/modules/tcpxtract.module/tcpxtract
+%%DATADIR%%/modules/tcpxtract.module/tcpxtract.conf
+%%DATADIR%%/modules/tshark.module/defaults
+%%DATADIR%%/modules/tshark.module/description
+%%DATADIR%%/modules/tshark.module/info
+%%DATADIR%%/modules/tshark.module/tshark
+%%DATADIR%%/modules/README
+%%PORTDOCS%%%%DOCSDIR%%/CHANGELOG
+%%PORTDOCS%%%%DOCSDIR%%/TODO
+%%PORTDOCS%%@dirrm %%DOCSDIR%%
+@dirrmtry %%DATADIR%%/modules/tshark.module
+@dirrmtry %%DATADIR%%/modules/tcpxtract.module
+@dirrmtry %%DATADIR%%/modules/tcpflow.module
+@dirrmtry %%DATADIR%%/modules/tcpdstat.module
+@dirrmtry %%DATADIR%%/modules/snort.module/rules
+@dirrmtry %%DATADIR%%/modules/snort.module
+@dirrmtry %%DATADIR%%/modules/pads.module
+@dirrmtry %%DATADIR%%/modules/p0f.module
+@dirrmtry %%DATADIR%%/modules/ngrep.module
+@dirrmtry %%DATADIR%%/modules/iploc.module
+@dirrmtry %%DATADIR%%/modules/honeysnap.module
+@dirrmtry %%DATADIR%%/modules/hash.module
+@dirrmtry %%DATADIR%%/modules/fl0p.module
+@dirrmtry %%DATADIR%%/modules/chaosreader.module
+@dirrmtry %%DATADIR%%/modules/categories
+@dirrmtry %%DATADIR%%/modules/capinfos.module
+@dirrmtry %%DATADIR%%/modules/bro-ids.module
+@dirrmtry %%DATADIR%%/modules/argus-basic.module
+@dirrmtry %%DATADIR%%/modules/aimsnarf.module
+@dirrmtry %%DATADIR%%/modules
+@dirrmtry %%DATADIR%%
+@dirrmtry %%RUBY_SITELIBDIR%%/nsm-console