diff options
| author | Lars Engels <lme@FreeBSD.org> | 2015-04-27 20:33:38 +0000 |
|---|---|---|
| committer | Lars Engels <lme@FreeBSD.org> | 2015-04-27 20:33:38 +0000 |
| commit | 8e9e078da05b0a117a12fcca330ce1056492aeea (patch) | |
| tree | e246c1b2848fcf9e0a4bfc36962c3b4966648a3f /security/passivedns | |
| parent | 870ffb420eb067f1b5c10f37262747e501614cd2 (diff) | |
| download | ports-8e9e078da05b0a117a12fcca330ce1056492aeea.tar.gz ports-8e9e078da05b0a117a12fcca330ce1056492aeea.zip | |
Add security/passivedns:
A tool to collect DNS records passively to aid Incident handling, Network
Security Monitoring (NSM) and general digital forensics.
PassiveDNS sniffs traffic from an interface or reads a pcap-file and outputs
the DNS-server answers to a log file. PassiveDNS can cache/aggregate duplicate
DNS answers in-memory, limiting the amount of data in the logfile without
losing the essense in the DNS answer.
WWW: https://github.com/gamelinux/passivedns
PR: 198499
Submitted by: shadowbq@gmail.com
Notes
Notes:
svn path=/head/; revision=384872
Diffstat (limited to 'security/passivedns')
| -rw-r--r-- | security/passivedns/Makefile | 40 | ||||
| -rw-r--r-- | security/passivedns/distinfo | 2 | ||||
| -rw-r--r-- | security/passivedns/files/passivedns.in | 49 | ||||
| -rw-r--r-- | security/passivedns/files/pkg-message.in | 3 | ||||
| -rw-r--r-- | security/passivedns/pkg-descr | 11 | ||||
| -rw-r--r-- | security/passivedns/pkg-plist | 2 |
6 files changed, 107 insertions, 0 deletions
diff --git a/security/passivedns/Makefile b/security/passivedns/Makefile new file mode 100644 index 000000000000..3f5f7f5e3a83 --- /dev/null +++ b/security/passivedns/Makefile @@ -0,0 +1,40 @@ +# $FreeBSD$ + +PORTNAME= passivedns +DISTVERSION= ${GH_TAG} +CATEGORIES= security +DISTFILES= gamelinux-passivedns-1.1.3-60-ga6c7e26.tar.gz + +MAINTAINER= shadowbq@gmail.com +COMMENT= Network sniffer that logs DNS replies for use in passive DNS setups + +LICENSE= GPLv2 + +LIB_DEPENDS= libldns.so:${PORTSDIR}/dns/ldns + +USE_GITHUB= yes +GH_ACCOUNT= gamelinux +GH_PROJECT= passivedns +GH_TAG= a6c7e26 + +WRKSRC= ${WRKDIR}/gamelinux-${PORTNAME}-${GH_TAG} + +SUB_FILES= pkg-message + +USES= autoreconf gmake libtool +AUTOMAKE_ARGS= --add-missing + +GNU_CONFIGURE= yes +CONFIGURE_ARGS= --with-ldns-libraries=${PREFIX}/lib +CONFIGURE_ARGS+=--with-ldns-includes=${PREFIX}/include + +USE_RC_SUBR= passivedns + +.include <bsd.port.options.mk> + +do-install: + ${INSTALL_PROGRAM} ${WRKSRC}/src/passivedns \ + ${STAGEDIR}${PREFIX}/bin + ${MKDIR} ${STAGEDIR}/var/log/passivedns + +.include <bsd.port.mk> diff --git a/security/passivedns/distinfo b/security/passivedns/distinfo new file mode 100644 index 000000000000..b27f96909f51 --- /dev/null +++ b/security/passivedns/distinfo @@ -0,0 +1,2 @@ +SHA256 (gamelinux-passivedns-1.1.3-60-ga6c7e26.tar.gz) = 6196cb863c8fcd352e4c3019053530c7ac75656a5c43d11be6774eb9115be5c7 +SIZE (gamelinux-passivedns-1.1.3-60-ga6c7e26.tar.gz) = 51318 diff --git a/security/passivedns/files/passivedns.in b/security/passivedns/files/passivedns.in new file mode 100644 index 000000000000..89714a1945c4 --- /dev/null +++ b/security/passivedns/files/passivedns.in @@ -0,0 +1,49 @@ +#!/bin/sh + +# $FreeBSD$ +# +# PROVIDE: passivedns +# REQUIRE: DAEMON +# BEFORE: LOGIN +# KEYWORD: shutdown + +# Add the following lines to /etc/rc.conf to enable passivedns: +# passivedns_enable (bool): Set to YES to enable passivedns +# Default: NO +# passivedns_interface (str): +# Default: none - MUST BE SET +# passivedns_logdir (str): Logging Directory +# Default: "/var/log/passivedns" +# passivedns_fields (str): Passive DNS Fields to log +# Default: "SMcsCQTAtn" +# passivedns_flags (str): Extra flags passed to passivedns (-D is always passed) +# Default: none + +. /etc/rc.subr + +name="passivedns" +rcvar=passivedns_enable + +command="%%PREFIX%%/bin/passivedns" + +start_precmd=start_precmd + +start_precmd() +{ + if [ -z "${passivedns_interface}" ]; then + err 1 "passivedns_interface must set." + fi +} + +# set some defaults +load_rc_config $name + +: ${passivedns_enable="NO"} +: ${passivedns_logdir="/var/log/passivedns"} +: ${passivedns_fields="SMcsCQTAtn"} +: ${passivedns_flags=""} + +command_args="-i ${passivedns_interface} -l ${passivedns_logdir}/passivedns.log -f ${passivedns_fields} ${passivedns_flags} -D" + +run_rc_command "$1" + diff --git a/security/passivedns/files/pkg-message.in b/security/passivedns/files/pkg-message.in new file mode 100644 index 000000000000..c3417abca644 --- /dev/null +++ b/security/passivedns/files/pkg-message.in @@ -0,0 +1,3 @@ +A startup script 'passivedns' was installed in %%PREFIX%%/etc/rc.d/. + +Type "passivedns -h" on the commandline for usage instructions. diff --git a/security/passivedns/pkg-descr b/security/passivedns/pkg-descr new file mode 100644 index 000000000000..75f695a3429b --- /dev/null +++ b/security/passivedns/pkg-descr @@ -0,0 +1,11 @@ +A tool to collect DNS records passively to aid Incident handling, Network +Security Monitoring (NSM) and general digital forensics. + +PassiveDNS sniffs traffic from an interface or reads a pcap-file and outputs +the DNS-server answers to a log file. PassiveDNS can cache/aggregate duplicate +DNS answers in-memory, limiting the amount of data in the logfile without +losing the essense in the DNS answer. + +(c)2011-2012 - Edward Bjarte Fjellskal + +WWW: https://github.com/gamelinux/passivedns diff --git a/security/passivedns/pkg-plist b/security/passivedns/pkg-plist new file mode 100644 index 000000000000..5dfdf01942b8 --- /dev/null +++ b/security/passivedns/pkg-plist @@ -0,0 +1,2 @@ +bin/passivedns +@dir(root,wheel,750) /var/log/passivedns |