5 files changed, 92 insertions, 0 deletions

diff --git a/security/spybye/Makefile b/security/spybye/Makefile
new file mode 100644
index 000000000000..91c4830fbe00
--- /dev/null
+++ b/security/spybye/Makefile
@@ -0,0 +1,34 @@
+# New ports collection makefile for:	spybye
+# Date created:				23 May 2008
+# Whom:					pauls
+#
+# $FreeBSD$
+#
+
+PORTNAME=	spybye
+PORTVERSION=	0.3
+CATEGORIES=	security www
+MASTER_SITES=	http://www.monkey.org/~provos/
+
+MAINTAINER=	pauls@utdallas.edu
+COMMENT=	A web proxy to detect malware
+
+BUILD_DEPENDS=	event_rpcgen.py:${PORTSDIR}/devel/libevent
+
+OPTIONS=	CLAMAV "Enable CLAMAV support" off
+
+USE_RC_SUBR=	spybye.sh
+GNU_CONFIGURE=	yes
+CONFIGURE_ENV=	LDFLAGS="${LDFLAGS}"
+CONFIGURE_TARGET=	--build=${MACHINE_ARCH}-portbld-freebsd${OSREL}
+
+MAN1=		spybye.1
+
+.include <bsd.port.pre.mk>
+
+.if defined(WITH_CLAMAV)
+LIB_DEPENDS+=	clamav:${PORTSDIR}/security/clamav
+CONFIGURE_ARGS+=	--with-libclamav=${PREFIX}/bin
+.endif
+
+.include <bsd.port.post.mk>
diff --git a/security/spybye/distinfo b/security/spybye/distinfo
new file mode 100644
index 000000000000..1e9a72270c89
--- /dev/null
+++ b/security/spybye/distinfo
@@ -0,0 +1,3 @@
+MD5 (spybye-0.3.tar.gz) = 1cc6b8c5ef244e38fd05d02b02f55d5d
+SHA256 (spybye-0.3.tar.gz) = 00dd7df03c9a37e80854fa27e44eeaaa4a8c49fa3b0597b5e3b1b2a128669432
+SIZE (spybye-0.3.tar.gz) = 160014
diff --git a/security/spybye/files/spybye.sh.in b/security/spybye/files/spybye.sh.in
new file mode 100644
index 000000000000..12e6cd9d007e
--- /dev/null
+++ b/security/spybye/files/spybye.sh.in
@@ -0,0 +1,37 @@
+#!/bin/sh
+#
+
+# PROVIDE: spybye
+# REQUIRE: DAEMON
+# BEFORE: LOGIN
+# KEYWORD: shutdown
+
+# Add the following lines to /etc/rc.conf to enable spybye:
+# spybye_enable (bool):       Set to YES to enable spybye
+#                               Default: NO
+# spybye_flags (str):         Extra flags passed to spybye
+#                               Default: -x -p 8080 -l /var/log/spybye.log
+#       
+# spybye command arguments
+# spybye: [-P] [-p port] [-g good] [-b bad] [-l logfile] [-S shareurl] [-x]
+#	 -P disable private IP check; allows the proxy to fetch 127/8
+#	 -p port port number to create proxy server on
+#	 -g good_patterns a file or url containing the good patterns
+#	 -b bad_patterns a file or url containing the danger patterns
+#	 -l logfile a file to log dangerous site interactions to
+#	 -S shareurl host to log dangerous site interactions to
+#	 -x enable proxy mode
+
+. %%RC_SUBR%%
+
+name="spybye"
+load_rc_config ${name}
+rcvar=`set_rcvar`
+# set the defaults
+: ${spybye_enable="NO"}
+: ${spybye_flags="-x -p 8080 -l /var/log/spybye.log"}
+
+command=%%PREFIX%%/bin/${name}
+command_args="${spybye_flags} &"
+
+run_rc_command "$1"
diff --git a/security/spybye/pkg-descr b/security/spybye/pkg-descr
new file mode 100644
index 000000000000..cdc434d193dc
--- /dev/null
+++ b/security/spybye/pkg-descr
@@ -0,0 +1,13 @@
+SpyBye is a tool to help web masters determine if their web pages
+are hosting browser exploits that can infect visiting users with
+malware. It functions as an HTTP proxy server and intercepts all
+browser requests. SpyBye uses a few simple rules to determine if
+embedded links on your web page are harmlesss, unknown or maybe
+even dangerous.
+
+SpyBye analyzes all downloads in the background and provides you
+with a warning notification whenever it encounters content that
+is potentially malicious. At that point, you can click on the link
+in the notification and receive a more detailed analysis of the web page.
+
+WWW: http://www.spybye.org/
diff --git a/security/spybye/pkg-plist b/security/spybye/pkg-plist
new file mode 100644
index 000000000000..b88fd581a705
--- /dev/null
+++ b/security/spybye/pkg-plist
@@ -0,0 +1,5 @@
+bin/spybye
+bin/spybye2html
+share/spybye/bad_patterns
+share/spybye/good_patterns
+@dirrm share/spybye