aboutsummaryrefslogtreecommitdiff
path: root/security/snortsam
diff options
context:
space:
mode:
authorMartin Wilke <miwi@FreeBSD.org>2009-12-31 20:18:29 +0000
committerMartin Wilke <miwi@FreeBSD.org>2009-12-31 20:18:29 +0000
commitb09f7cb232faacdf8b4c1db2ab8378e468d634ab (patch)
tree8a3e2187a1fad4cc7191a2e6c3288c894339b1f8 /security/snortsam
parente2a378f830126fc43063e118dd7cee8e5d59a9e9 (diff)
downloadports-b09f7cb232faacdf8b4c1db2ab8378e468d634ab.tar.gz
ports-b09f7cb232faacdf8b4c1db2ab8378e468d634ab.zip
Notes
Diffstat (limited to 'security/snortsam')
-rw-r--r--security/snortsam/Makefile83
-rw-r--r--security/snortsam/distinfo6
-rw-r--r--security/snortsam/files/patch-snortsam.h16
-rw-r--r--security/snortsam/files/pkg-install.in17
-rw-r--r--security/snortsam/files/pkg-message-snortsam10
-rw-r--r--security/snortsam/files/pkg-message.in18
-rw-r--r--security/snortsam/files/snortsam.sh.in31
-rw-r--r--security/snortsam/files/ssp_ipfw2_no_table_check.patch18
-rw-r--r--security/snortsam/pkg-descr7
9 files changed, 128 insertions, 78 deletions
diff --git a/security/snortsam/Makefile b/security/snortsam/Makefile
index 7f4561d740df..89d7712436a2 100644
--- a/security/snortsam/Makefile
+++ b/security/snortsam/Makefile
@@ -6,62 +6,85 @@
#
PORTNAME= snortsam
-PORTVERSION= 2.63
+PORTVERSION= 2.69
CATEGORIES= security
-MASTER_SITES= http://www.snortsam.net/files/snortsam/ \
- http://www.freebsdbrasil.com.br/~urisso/files/snortsam/
+MASTER_SITES= http://www.snortsam.net/files/snortsam/
DISTNAME= ${PORTNAME}-src-${PORTVERSION}
MAINTAINER= urisso@bsd.com.br
COMMENT= SnortSam is a output plugin for Snort
-WRKSRC= ${WRKDIR}/${PKGNAMEPREFIX}${PORTNAME}
+OPTIONS= IPFW "checks if configured tables are available" on \
+ SAMTOOL "install samtool" on \
+ DEBUG "build with verbose messages" off
+
+.include <bsd.port.pre.mk>
+
+USE_RC_SUBR= snortsam.sh
+SUB_FILES= pkg-message \
+ pkg-install
HAS_CONFIGURE= yes
NO_BUILD= yes
+CONFIGURE_SCRIPT= src/Makefile
+WRKSRC= ${WRKDIR}/${PKGNAMEPREFIX}${PORTNAME}
-SYSCONFDIR= ${PREFIX}/etc/snortsam
-
-CONFIGURE_SCRIPT= makesnortsam.sh
-
-USE_RC_SUBR= snortsam.sh
+CONFIG_DIR?= ${PREFIX}/etc/snortsam
PLIST_DIRS= etc/snortsam
-PLIST_FILES= etc/snortsam/rootservers.cfg etc/snortsam/snortsam.conf.sample sbin/snortsam sbin/snortsam-debug
-PORTDOCS= INSTALL README README.conf README.snmp_interface_down
+PLIST_FILES= sbin/snortsam \
+ etc/snortsam/snortsam.conf.sample \
+ etc/snortsam/country-rootservers.conf.sample \
+ etc/snortsam/rootservers.cfg.sample
-OPTIONS= IPFW "Enable IPFW table checking if it set deny rules" on
+.if defined(WITH_SAMTOOL)
+PLIST_FILES+= sbin/samtool
+.endif
-.include <bsd.port.pre.mk>
+PORTDOCS= AUTHORS BUGS CREDITS FAQ INSTALL LICENSE README README.ciscoacl \
+ README.conf README.iptables README.netscreen README.pf README.pf2 \
+ README.rules README.slackware README.snmp_interface_down README.wgrd \
+ README_8signs.rtf TODO
.if defined(WITHOUT_IPFW)
-PATCH_SITES+=http://www.freebsdbrasil.com.br/~urisso/files/snortsam/:ipfw
-PATCHFILES+=ssp_ipfw2.c.diff:ipfw
+EXTRA_PATCHES+= ${FILESDIR}/ssp_ipfw2_no_table_check.patch
.endif
-post-extract:
- @${CAT} ${PATCHDIR}/pkg-message-snortsam
- @sleep 5
+.if defined(WITH_DEBUG)
+DEBUG=-DDEBUG
+.endif
pre-configure:
- ${REINPLACE_CMD} -e 's|/etc/snortsam.conf|/usr/local/etc/snortsam.conf|g' ${WRKSRC}/conf/snortsam.conf.sample
- ${REINPLACE_CMD} -e 's|/etc/snortsam.conf|/usr/local/etc/snortsam.conf|g' ${WRKSRC}/docs/README.conf
- ${REINPLACE_CMD} -e 's|/etc/snortsam.conf|/usr/local/etc/snortsam.conf|g' ${WRKSRC}/src/snortsam.c
- ${REINPLACE_CMD} -e 's|/etc/snortsam.conf|/usr/local/etc/snortsam.conf|g' ${WRKSRC}/contrib/snortsam-state.c
- ${CHMOD} +x ${WRKSRC}/makesnortsam.sh
+ @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/conf/snortsam.conf.sample
+ @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/docs/README.conf
+ @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/src/snortsam.h
+ @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/contrib/snortsam-state.c
+ @${CHMOD} +x ${WRKSRC}/makesnortsam.sh
+do-configure:
+ @cd ${WRKSRC}/src && ${MAKE} ${DEBUG}
+ @cd ${WRKSRC}/src && ${MAKE} samtool ${DEBUG}
+
+# no access to snortsam.conf and samtool for non root users!
do-install:
- ${INSTALL_PROGRAM} ${WRKSRC}/snortsam ${PREFIX}/sbin
- ${INSTALL_PROGRAM} ${WRKSRC}/snortsam-debug ${PREFIX}/sbin
- ${MKDIR} ${SYSCONFDIR}
- ${INSTALL_DATA} ${WRKSRC}/conf/snortsam.conf.sample ${SYSCONFDIR}/snortsam.conf.sample
- ${INSTALL_DATA} ${WRKSRC}/conf/*rootservers.cfg ${SYSCONFDIR}/
+ @${INSTALL_PROGRAM} ${WRKSRC}/snortsam ${PREFIX}/sbin
+.if defined(WITH_SAMTOOL)
+ @${INSTALL} -o root -g wheel -m 500 ${WRKSRC}/samtool ${PREFIX}/sbin
+.endif
+ @${MKDIR} -m 700 ${CONFIG_DIR}
+ @${INSTALL_DATA} -m 600 ${WRKSRC}/conf/snortsam.conf.sample ${CONFIG_DIR}/snortsam.conf.sample
+ @${INSTALL_DATA} ${WRKSRC}/conf/rootservers.cfg ${CONFIG_DIR}/rootservers.cfg.sample
+ @${INSTALL_DATA} ${WRKSRC}/conf/country-rootservers.conf ${CONFIG_DIR}/country-rootservers.conf.sample
.if !defined(NOPORTDOCS)
+ @${MKDIR} ${DOCSDIR}
.for f in ${PORTDOCS}
- ${MKDIR} ${DOCSDIR}
- ${INSTALL_DATA} ${WRKSRC}/docs/${f} ${DOCSDIR}
+ @${INSTALL_DATA} ${WRKSRC}/docs/${f} ${DOCSDIR}
.endfor
.endif
+post-install:
+ @${SH} ${PKGINSTALL} ${DISTNAME} POST-INSTALL
+ @${CAT} ${PKGMESSAGE}
+
.include <bsd.port.post.mk>
diff --git a/security/snortsam/distinfo b/security/snortsam/distinfo
index b2b4d778fde4..faf27d5eaddb 100644
--- a/security/snortsam/distinfo
+++ b/security/snortsam/distinfo
@@ -1,3 +1,3 @@
-MD5 (snortsam-src-2.63.tar.gz) = d74f5e744358bc9da85ad9d4fb393f76
-SHA256 (snortsam-src-2.63.tar.gz) = f56208e2cba56c55bb97c09582b71e3d9c1c05c551df2cc59f493910e9f403a3
-SIZE (snortsam-src-2.63.tar.gz) = 1967776
+MD5 (snortsam-src-2.69.tar.gz) = 7663ce82956a97c5f725028716d66140
+SHA256 (snortsam-src-2.69.tar.gz) = eb0dc0ebd65b6d15e3adabd7be2720221005683eefb7ca5986b9ca0284d55f92
+SIZE (snortsam-src-2.69.tar.gz) = 1971579
diff --git a/security/snortsam/files/patch-snortsam.h b/security/snortsam/files/patch-snortsam.h
deleted file mode 100644
index ab32bb001eaf..000000000000
--- a/security/snortsam/files/patch-snortsam.h
+++ /dev/null
@@ -1,16 +0,0 @@
---- src/snortsam.h.old 2008-08-03 00:08:34.000000000 -0300
-+++ src/snortsam.h 2008-08-03 00:10:58.000000000 -0300
-@@ -178,10 +178,10 @@
- #define safecopy(dst,src) _safecp(dst,sizeof(dst),src)
-
- #ifdef WIN32
--#define FWSAMCONFIGFILE "snortsam.cfg"
--#define FWSAMHISTORYFILE "snortsam.sta"
-+#define FWSAMCONFIGFILE "/usr/local/etc/snortsam.cfg"
-+#define FWSAMHISTORYFILE "/var/db/snortsam.sta"
- #else
--#define FWSAMCONFIGFILE "/etc/snortsam.conf"
-+#define FWSAMCONFIGFILE "/usr/local/etc/snortsam.conf"
- #define FWSAMHISTORYFILE "/var/db/snortsam.state"
- #endif
-
diff --git a/security/snortsam/files/pkg-install.in b/security/snortsam/files/pkg-install.in
new file mode 100644
index 000000000000..dfafcc7ef509
--- /dev/null
+++ b/security/snortsam/files/pkg-install.in
@@ -0,0 +1,17 @@
+#!/bin/sh
+#
+# $FreeBSD$
+
+ETCDIR=${ETCDIR:=%%ETCDIR%%}
+
+# snortsam config file contain sensitive data like
+# passwords needed to block IP's on the firewalls.
+# Set permission of the config dir to 700 so only
+# root:wheel can access this directory.
+if [ "$2" = "POST-INSTALL" ]; then
+ if [ -d ${ETCDIR} ]; then
+ /usr/sbin/chown root:wheel ${ETCDIR}
+ /bin/chmod 700 ${ETCDIR}
+ fi
+fi
+
diff --git a/security/snortsam/files/pkg-message-snortsam b/security/snortsam/files/pkg-message-snortsam
deleted file mode 100644
index 504ed78649d7..000000000000
--- a/security/snortsam/files/pkg-message-snortsam
+++ /dev/null
@@ -1,10 +0,0 @@
-
-============================================================
-NOTE: Make sure that your SNORT installation it is defined
- output plugin SNORTSAM for don't cause errors while
- building SNORTSAM system. If exists some OLD SNORT
- installation WITHOUT supports for interaction between
- SNORT and SNORTSAM. PLEASE reconfigure WITH that this
- feature and rebuild a new installation.
-=============================================================
-
diff --git a/security/snortsam/files/pkg-message.in b/security/snortsam/files/pkg-message.in
new file mode 100644
index 000000000000..461458e0a8fc
--- /dev/null
+++ b/security/snortsam/files/pkg-message.in
@@ -0,0 +1,18 @@
+================================================================
+NOTE: SNORT have to be build with OPTION SNORTSAM.
+
+ To enable snortsam as output plugin for snort a config
+ line like the following should be present in snort.conf
+
+ output alert_fwsam: <snortsambox>:<port>/<password>
+
+ With samtool it is possible to send alerts to snortsam,
+ this way you can test and adjust your FW rules.
+
+ For more information read the INSTALL, FAQ, README
+ files in %%DOCSDIR%%
+
+ Additional consolidate http://snortsam.net
+
+==============================================================
+
diff --git a/security/snortsam/files/snortsam.sh.in b/security/snortsam/files/snortsam.sh.in
index 946e951f153a..f53bb8f29c00 100644
--- a/security/snortsam/files/snortsam.sh.in
+++ b/security/snortsam/files/snortsam.sh.in
@@ -1,31 +1,30 @@
#!/bin/sh
-# $FreeBSD:
+# $FreeBSD$
# PROVIDE: snortsam
# REQUIRE: DAEMON
-# BEFORE: LOGIN
+# BEFORE: LOGIN
# KEYWORD: shutdown
-# Add the following lines to /etc/rc.conf to enable snortsam:
-# snortsam_enable (bool): Set to YES to enable snortsam
-# Default: NO
-# snortsam_flags (str): Extra flags passed to snortsam
-# Default: ""
-# snortsam_conf (str): Snortsam configuration file
-# Default: ${PREFIX}/etc/snortsam/snortsam.conf
#
-
+# Add the following line to /etc/rc.conf to enable snortsam:
+#
+# snortsam_enable="YES"
+#
+# # optional Snortsam configuration file:
+# snortsam_conf="%%ETCDIR%%/snortsam.conf"
+#
+# DO NOT CHANGE THE DEFAULT VALUES HERE
+#
. %%RC_SUBR%%
name="snortsam"
rcvar=`set_rcvar`
+load_rc_config snortsam
+# defaults
command="%%PREFIX%%/sbin/snortsam"
-
-load_rc_config $name
-
-[ -z "$snortsam_enable" ] && snortsam_enable="NO"
-[ -z "$snortsam_conf" ] && snortsam_conf="%%PREFIX%%/etc/snortsam/snortsam.conf"
-[ -n "$snortsam_conf" ] && snortsam_flags="$snortsam_flags $snortsam_conf"
+snortsam_enable=${snortsam_enable:-"NO"}
+snortsam_flags=${snortsam_conf:-"%%ETCDIR%%/snortsam.conf"}
run_rc_command "$1"
diff --git a/security/snortsam/files/ssp_ipfw2_no_table_check.patch b/security/snortsam/files/ssp_ipfw2_no_table_check.patch
new file mode 100644
index 000000000000..1e20b9e5992f
--- /dev/null
+++ b/security/snortsam/files/ssp_ipfw2_no_table_check.patch
@@ -0,0 +1,18 @@
+--- src/ssp_ipfw2.c.orig 2008-04-26 21:53:21.000000000 +0200
++++ src/ssp_ipfw2.c 2009-11-14 22:03:41.000000000 +0100
+@@ -91,6 +91,7 @@
+ }
+ }
+ }
++#if defined(ENABLE_IPFW_TABLE_CHECK)
+ /* Check if inbound table exists */
+ snprintf(chk,sizeof(chk)-1,"/sbin/ipfw show | grep -q \"deny ip from any to table(%u) via %s\"",ipfw2p->in_table,ipfw2p->interface);
+ if(system(chk))
+@@ -110,6 +111,7 @@
+ }
+ }
+
++#endif /* ENABLE_IPFW_TABLE_CHECK */
+ #ifdef FWSAMDEBUG
+ if(plugindatalist->data)
+ printf("Debug: [ipfw2] Adding IPFW2: i/f '%s', tables %u (in) and %u (out)\n", ipfw2p->interface, ipfw2p->in_table,ipfw2p->out_table);
diff --git a/security/snortsam/pkg-descr b/security/snortsam/pkg-descr
index 978766d40228..5b2a0ec24e63 100644
--- a/security/snortsam/pkg-descr
+++ b/security/snortsam/pkg-descr
@@ -1,5 +1,6 @@
-SnortSam is a plugin for Snort, an open-source light-weight
-Intrusion Detection System (IDS). The plugin allows for
-automated blocking of IP addresses on many firewalls.
+SnortSam is an intelligent agent that allows the popular
+open-source Intrusion Detection System called Snort to block
+intruding connections by reconfiguration of many firewalls
+and Cisco devices.
WWW: http://www.snortsam.net