aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--security/Makefile1
-rw-r--r--security/logcheck/Makefile23
-rw-r--r--security/logcheck/distinfo1
-rw-r--r--security/logcheck/files/patch-aa72
-rw-r--r--security/logcheck/pkg-comment1
-rw-r--r--security/logcheck/pkg-descr14
-rw-r--r--security/logcheck/pkg-message14
-rw-r--r--security/logcheck/pkg-plist6
8 files changed, 132 insertions, 0 deletions
diff --git a/security/Makefile b/security/Makefile
index 09799b793c42..cc200d62a336 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -27,6 +27,7 @@
SUBDIR += libident
SUBDIR += libmcrypt
SUBDIR += libparanoia
+ SUBDIR += logcheck
SUBDIR += mhash
SUBDIR += nbaudit
SUBDIR += nessus
diff --git a/security/logcheck/Makefile b/security/logcheck/Makefile
new file mode 100644
index 000000000000..edd5a243c147
--- /dev/null
+++ b/security/logcheck/Makefile
@@ -0,0 +1,23 @@
+# Ports collection makefile for: logcheck
+# Version required: 1.1.1
+# Date created: 9 December 1999
+# Whom: Dan Langille <dan@freebsddiary.org>
+#
+# $FreeBSD$
+#
+
+DISTNAME= logcheck-1.1.1
+CATEGORIES= security
+MASTER_SITES= http://www.psionic.com/tools/
+
+MAINTAINER= ports@freebsddiary.org
+
+PKGMESSAGE= ${WRKDIR}/MESSAGE
+
+post-build:
+ @${SED} -e 's,%%PREFIX%%,${PREFIX},g' ${PKGDIR}/MESSAGE > ${PKGMESSAGE}
+
+post-install:
+ @${CAT} ${PKGMESSAGE}
+
+.include <bsd.port.mk>
diff --git a/security/logcheck/distinfo b/security/logcheck/distinfo
new file mode 100644
index 000000000000..724e3b6aad21
--- /dev/null
+++ b/security/logcheck/distinfo
@@ -0,0 +1 @@
+MD5 (logcheck-1.1.1.tar.gz) = e97c2f096e219e20310c1b80e9e1bc29
diff --git a/security/logcheck/files/patch-aa b/security/logcheck/files/patch-aa
new file mode 100644
index 000000000000..9b122f884394
--- /dev/null
+++ b/security/logcheck/files/patch-aa
@@ -0,0 +1,72 @@
+--- Makefile.orig Sun Oct 31 09:07:29 1999
++++ Makefile Fri Dec 24 16:37:46 1999
+@@ -5,6 +5,8 @@
+ # Thanks to rbulling@obscure.org for cleaning this Makefile up..
+ #
+
++SYSTYPE=freebsd
++
+ # Generic compiler
+ CC = cc
+ # GNU..
+@@ -35,19 +37,7 @@
+ # Debug mode for logtail
+ # CFLAGS = -g -DDEBUG
+
+-all:
+- @echo "Usage: make <systype>"
+- @echo "<systype> is one of: "
+- @echo " linux, bsdos, freebsd, sun, generic, hpux, digital"
+- @echo ""
+- @echo "NOTE: This will make and install the package in these"
+- @echo " directories:"
+- @echo " logcheck configuration files : $(INSTALLDIR)"
+- @echo " logcheck.sh shell script : $(INSTALLDIR_SH)"
+- @echo " logtail program : $(INSTALLDIR_BIN)"
+- @echo ""
+- @echo "Edit the makefile if you wish to change these paths."
+- @echo "Any existing files will be overwritten."
++all: build
+
+ clean:
+ /bin/rm ./src/logtail ./src/logtail.o
+@@ -60,27 +50,29 @@
+ /bin/rm $(INSTALLDIR)/logcheck.violations.ignore
+ /bin/rm $(INSTALLDIR_BIN)/logtail
+
+-install:
++build:
+ @echo "Making $(SYSTYPE)"
+ $(CC) $(CFLAGS) -o ./src/logtail ./src/logtail.c
++
++install:
+ @echo "Creating temp directory $(TMPDIR)"
+ @if [ ! -d $(TMPDIR) ]; then /bin/mkdir $(TMPDIR); fi
+ @echo "Setting temp directory permissions"
+ chmod 700 $(TMPDIR)
+ @echo "Copying files"
+- cp ./systems/$(SYSTYPE)/logcheck.hacking $(INSTALLDIR)
+- cp ./systems/$(SYSTYPE)/logcheck.violations $(INSTALLDIR)
+- cp ./systems/$(SYSTYPE)/logcheck.violations.ignore $(INSTALLDIR)
+- cp ./systems/$(SYSTYPE)/logcheck.ignore $(INSTALLDIR)
+- cp ./systems/$(SYSTYPE)/logcheck.sh $(INSTALLDIR_SH)
++ cp ./systems/$(SYSTYPE)/logcheck.hacking $(INSTALLDIR)/logcheck.hacking.sample
++ cp ./systems/$(SYSTYPE)/logcheck.violations $(INSTALLDIR)/logcheck.violations.sample
++ cp ./systems/$(SYSTYPE)/logcheck.violations.ignore $(INSTALLDIR)/logcheck.violations.ignore.sample
++ cp ./systems/$(SYSTYPE)/logcheck.ignore $(INSTALLDIR)/logcheck.ignore.sample
++ cp ./systems/$(SYSTYPE)/logcheck.sh $(INSTALLDIR_SH)/logcheck.sh
+ cp ./src/logtail $(INSTALLDIR_BIN)
+ @echo "Setting permissions"
+ chmod 700 $(INSTALLDIR_SH)/logcheck.sh
+ chmod 700 $(INSTALLDIR_BIN)/logtail
+- chmod 600 $(INSTALLDIR)/logcheck.violations.ignore
+- chmod 600 $(INSTALLDIR)/logcheck.violations
+- chmod 600 $(INSTALLDIR)/logcheck.hacking
+- chmod 600 $(INSTALLDIR)/logcheck.ignore
++ chmod 600 $(INSTALLDIR)/logcheck.violations.ignore.sample
++ chmod 600 $(INSTALLDIR)/logcheck.violations.sample
++ chmod 600 $(INSTALLDIR)/logcheck.hacking.sample
++ chmod 600 $(INSTALLDIR)/logcheck.ignore.sample
+ @echo "Done. Don't forget to set your crontab."
+
+ generic:
diff --git a/security/logcheck/pkg-comment b/security/logcheck/pkg-comment
new file mode 100644
index 000000000000..b334222d7bd4
--- /dev/null
+++ b/security/logcheck/pkg-comment
@@ -0,0 +1 @@
+Auditing tool for system logs on Unix boxes
diff --git a/security/logcheck/pkg-descr b/security/logcheck/pkg-descr
new file mode 100644
index 000000000000..91ccbe4c5b7f
--- /dev/null
+++ b/security/logcheck/pkg-descr
@@ -0,0 +1,14 @@
+Logcheck helps spot problems and security violations in your logfiles
+automatically and will send the results to you in e-mail.
+
+Logcheck is part of the Abacus Project of security tools. It is a program
+created to help in the processing of UNIX system logfiles generated by the
+various Abacus Project tools, system daemons, Wietse Venema's TCP Wrapper
+and Log Daemon packages, and the Firewall Toolkit(c) by Trusted Information
+Systems Inc.(TIS). Logcheck also works very well at reporting on other
+common operating system security violations and strange events.
+
+WWW: http://www.psionic.com/
+
+- Dan Langille
+dan@freebsddiary.org
diff --git a/security/logcheck/pkg-message b/security/logcheck/pkg-message
new file mode 100644
index 000000000000..5dae1b02af91
--- /dev/null
+++ b/security/logcheck/pkg-message
@@ -0,0 +1,14 @@
+----------------------------------------------------------------------------
+
+ Remember to copy the sample files to the real file names.
+ Here is an example what you need to do:
+
+ cd %%PREFIX%%/etc/
+ cp logcheck.ignore.sample logcheck.ignore
+ cp logcheck.violations.ignore.sample logcheck.violations.ignore
+ cp logcheck.violations.sample logcheck.violations
+ cp logcheck.hacking.sample logcheck.hacking
+
+ Note that logcheck is started with %%PREFIX%%/etc/logcheck.sh
+
+----------------------------------------------------------------------------
diff --git a/security/logcheck/pkg-plist b/security/logcheck/pkg-plist
new file mode 100644
index 000000000000..6c148fc1f0df
--- /dev/null
+++ b/security/logcheck/pkg-plist
@@ -0,0 +1,6 @@
+bin/logtail
+etc/logcheck.hacking.sample
+etc/logcheck.ignore.sample
+etc/logcheck.sh
+etc/logcheck.violations.ignore.sample
+etc/logcheck.violations.sample