diff options
Diffstat (limited to 'security/bro/files')
23 files changed, 534 insertions, 128 deletions
diff --git a/security/bro/files/patch-Conn.h b/security/bro/files/patch-Conn.h deleted file mode 100644 index 6d126fb09e23..000000000000 --- a/security/bro/files/patch-Conn.h +++ /dev/null @@ -1,29 +0,0 @@ ---- Conn.h.orig Sun Aug 31 02:39:01 2003 -+++ Conn.h Thu Dec 21 13:27:24 2006 -@@ -59,7 +59,7 @@ - // dst_port just have to reflect the two different sides of the - // connection, neither has to be the particular source/destination - // or originator/responder. -- HashKey* ConnID::BuildConnKey() const; -+ HashKey* BuildConnKey() const; - }; - - static inline int addr_port_canon_lt(const uint32* a1, uint32 p1, -@@ -223,6 +223,8 @@ - return 1; - } - -+ void DeleteTimer(double t); -+ - protected: - virtual void UpdateEndpointVal(RecordVal* endp, int is_orig) = 0; - -@@ -235,8 +237,6 @@ - - friend class ConnectionTimer; - void RemoveTimer(Timer* t); -- -- void DeleteTimer(double t); - - void InactivityTimer(double t); - diff --git a/security/bro/files/patch-Makefile.in b/security/bro/files/patch-Makefile.in index ed829223ea40..b038cede4703 100644 --- a/security/bro/files/patch-Makefile.in +++ b/security/bro/files/patch-Makefile.in @@ -1,27 +1,36 @@ ---- Makefile.in.orig Sun Aug 31 04:39:14 2003 -+++ Makefile.in Tue Oct 14 12:08:51 2003 -@@ -52,13 +52,13 @@ - LIBS = $(LIBEDIT_LIBS) @LIBS@ -lm +--- Makefile.in.orig Thu Dec 14 11:59:51 2006 ++++ Makefile.in Wed Jul 18 23:57:10 2007 +@@ -206,7 +206,7 @@ + # noticed. + # + DISTCHECK_CONFIGURE_FLAGS = --disable-gtk-doc +-versiondir = $(prefix)/etc ++versiondir = $(prefix)/bro/etc + dist_version_DATA = VERSION + chown = @CHOWN@ - # Purify barfs when c++ is used for $(CPLUS). --PURIFY_CPLUS = g++ -+PURIFY_CPLUS = @CC@ - PURE_FLAGS = -chain-length=20 +@@ -658,9 +658,9 @@ + install-brolite: + $(MAKE) install + ( cd scripts && $(MAKE) install-brolite ) +- - @CHOWN@ -R `cat scripts/bro_user_id` ${prefix}/ ++ - @CHOWN@ -R `cat scripts/bro_user_id` ${prefix}/bro + @echo "*********************************************************" +- @echo "Please run \"${prefix}/etc/bro.rc --start\" to start bro" ++ @echo "Please run \"${prefix}/bro/scripts/bro.rc --start\" to start bro" + @echo "*********************************************************" - YACC = @YACC@ - YFLAGS = -d -t -v - LEX = @LEX@ --INSTALL = @INSTALL@ -d -+INSTALL = @INSTALL_PROGRAM@ - INSTALL_DATA = @INSTALL_DATA@ - @SET_MAKE@ - COMPRESS = @COMPRESS@ -@@ -121,7 +121,7 @@ + docs: +@@ -687,9 +687,9 @@ - all: $(PKG) + # make sure all the dirs are correctly created and owned + install-data-local: +- $(INSTALL) -d $(prefix)/logs +- $(INSTALL) -d $(prefix)/archive +- $(INSTALL) -d $(prefix)/var ++ $(INSTALL) -d $(prefix)/bro/logs ++ $(INSTALL) -d $(prefix)/bro/archive ++ $(INSTALL) -d $(prefix)/bro/var --$(PKG): $(LIBEDIT_LIB) $(OBJ) -+$(PKG): $(OBJ) - $(CPLUS) -o $(EXEC) $(OBJ) $(LDFLAGS) $(LIBS) - opt: - @$(MAKE) $(MFLAGS) CCOPT="`echo $(CCOPT) | sed -e 's/-O2//;s/$$/ -O3/'`" + release: + ./autogen.sh diff --git a/security/bro/files/patch-Obj.cc b/security/bro/files/patch-Obj.cc deleted file mode 100644 index 295affb0d446..000000000000 --- a/security/bro/files/patch-Obj.cc +++ /dev/null @@ -1,11 +0,0 @@ ---- Obj.cc.orig Sun Oct 5 18:27:31 2003 -+++ Obj.cc Sun Oct 5 18:27:44 2003 -@@ -47,7 +47,7 @@ - delete_data = true; - - int tmp; -- return s->Read(&(char*) filename, &tmp) && -+ return s->Read((char**) &filename, &tmp) && - s->Read(&first_line) && s->Read(&last_line) && - s->Read(&first_column) && s->Read(&last_column); - } diff --git a/security/bro/files/patch-Serializer.h b/security/bro/files/patch-Serializer.h deleted file mode 100644 index 3113bddd8ef9..000000000000 --- a/security/bro/files/patch-Serializer.h +++ /dev/null @@ -1,13 +0,0 @@ ---- Serializer.h.orig Thu Dec 21 13:24:28 2006 -+++ Serializer.h Thu Dec 21 13:24:45 2006 -@@ -82,8 +82,8 @@ - void StartSerialization(); - bool EndSerialization(); - -- bool Serializer::UnserializeID(); -- bool Serializer::UnserializeEvent(); -+ bool UnserializeID(); -+ bool UnserializeEvent(); - - SerializationFormat* format; - diff --git a/security/bro/files/patch-aux-scripts-Makefile.in b/security/bro/files/patch-aux-scripts-Makefile.in new file mode 100644 index 000000000000..cbd3f2b43819 --- /dev/null +++ b/security/bro/files/patch-aux-scripts-Makefile.in @@ -0,0 +1,11 @@ +--- aux/scripts/Makefile.in.orig Wed Jul 18 16:27:01 2007 ++++ aux/scripts/Makefile.in Wed Jul 18 16:27:41 2007 +@@ -173,7 +173,7 @@ + target_vendor = @target_vendor@ + + # override where to stick the scripts +-scriptdir = ${prefix}/scripts ++scriptdir = ${prefix}/bro/scripts + dist_script_SCRIPTS = bro-logchk.pl host-to-addrs mvlog host-grep + EXTRA_DIST = hot-report mon-report ip-grep ca-create ca-issue + all: all-am diff --git a/security/bro/files/patch-libedit::configure b/security/bro/files/patch-libedit::configure deleted file mode 100644 index fe37b4aeec1c..000000000000 --- a/security/bro/files/patch-libedit::configure +++ /dev/null @@ -1,19 +0,0 @@ ---- libedit/configure.orig Tue Oct 14 12:30:58 2003 -+++ libedit/configure Tue Oct 14 12:31:54 2003 -@@ -733,13 +733,13 @@ - CFLAGS="$ac_save_CFLAGS" - elif test $ac_cv_prog_cc_g = yes; then - if test "$GCC" = yes; then -- CFLAGS="-g -O2" -+ CFLAGS="" - else -- CFLAGS="-g" -+ CFLAGS="" - fi - else - if test "$GCC" = yes; then -- CFLAGS="-O2" -+ CFLAGS="" - else - CFLAGS= - fi diff --git a/security/bro/files/patch-patricia.c b/security/bro/files/patch-patricia.c deleted file mode 100644 index b3db5ede01f0..000000000000 --- a/security/bro/files/patch-patricia.c +++ /dev/null @@ -1,22 +0,0 @@ ---- patricia.c.orig Tue Oct 7 15:06:56 2003 -+++ patricia.c Tue Oct 7 15:07:19 2003 -@@ -52,6 +52,11 @@ - "This product includes software developed by the University of Michigan, Merit" - "Network, Inc., and their contributors."; - -+#include <sys/types.h> -+#include <sys/socket.h> -+#include <netinet/in.h> -+#include <arpa/inet.h> -+ - #include <assert.h> /* assert */ - #include <ctype.h> /* isdigit */ - #include <errno.h> /* errno */ -@@ -60,7 +65,6 @@ - #include <stdio.h> /* sprintf, fprintf, stderr */ - #include <stdlib.h> /* free, atol, calloc */ - #include <string.h> /* memcpy, strchr, strlen */ --#include <arpa/inet.h> /* for inet_addr */ - - #include "patricia.h" - diff --git a/security/bro/files/patch-patricia.h b/security/bro/files/patch-patricia.h deleted file mode 100644 index 10979f72537e..000000000000 --- a/security/bro/files/patch-patricia.h +++ /dev/null @@ -1,11 +0,0 @@ ---- patricia.h.orig Sun Oct 5 18:29:52 2003 -+++ patricia.h Sun Oct 5 18:30:05 2003 -@@ -51,6 +51,8 @@ - #ifndef _PATRICIA_H - #define _PATRICIA_H - -+#include <sys/types.h> -+ - /* typedef unsigned int u_int; */ - typedef void (*void_fn_t)(); - /* { from defs.h */ diff --git a/security/bro/files/patch-policy-Makefile.in b/security/bro/files/patch-policy-Makefile.in new file mode 100644 index 000000000000..32cfa1c0f4b7 --- /dev/null +++ b/security/bro/files/patch-policy-Makefile.in @@ -0,0 +1,64 @@ +--- policy/Makefile.in.orig Wed Jul 18 16:30:32 2007 ++++ policy/Makefile.in Wed Jul 18 16:31:47 2007 +@@ -190,7 +190,7 @@ + + + # doesn't end in a sig +-bropolicydir = ${prefix}/policy ++bropolicydir = ${prefix}/bro/policy + dist_bropolicy_DATA = bro.init adu.bro alarm.bro analy.bro \ + anon.bro arp.bro backdoor.bro blaster.bro brolite.bro \ + brolite-backdoor.bro brolite-sigs.bro capture-events.bro \ +@@ -542,30 +542,30 @@ + + + install-data-hook: +- $(INSTALL_DATA) bro.bif.bro $(DESTDIR)${prefix}/policy/ +- $(INSTALL_DATA) common-rw.bif.bro $(DESTDIR)${prefix}/policy/ +- $(INSTALL_DATA) const.bif.bro $(DESTDIR)${prefix}/policy/ +- $(INSTALL_DATA) dns-rw.bif.bro $(DESTDIR)${prefix}/policy/ +- $(INSTALL_DATA) event.bif.bro $(DESTDIR)${prefix}/policy/ +- $(INSTALL_DATA) finger-rw.bif.bro $(DESTDIR)${prefix}/policy/ +- $(INSTALL_DATA) ftp-rw.bif.bro $(DESTDIR)${prefix}/policy/ +- $(INSTALL_DATA) http-rw.bif.bro $(DESTDIR)${prefix}/policy/ +- $(INSTALL_DATA) ident-rw.bif.bro $(DESTDIR)${prefix}/policy/ +- $(INSTALL_DATA) smtp-rw.bif.bro $(DESTDIR)${prefix}/policy/ +- $(INSTALL_DATA) strings.bif.bro $(DESTDIR)${prefix}/policy/ ++ $(INSTALL_DATA) bro.bif.bro $(DESTDIR)${prefix}/bro/policy/ ++ $(INSTALL_DATA) common-rw.bif.bro $(DESTDIR)${prefix}/bro/policy/ ++ $(INSTALL_DATA) const.bif.bro $(DESTDIR)${prefix}/bro/policy/ ++ $(INSTALL_DATA) dns-rw.bif.bro $(DESTDIR)${prefix}/bro/policy/ ++ $(INSTALL_DATA) event.bif.bro $(DESTDIR)${prefix}/bro/policy/ ++ $(INSTALL_DATA) finger-rw.bif.bro $(DESTDIR)${prefix}/bro/policy/ ++ $(INSTALL_DATA) ftp-rw.bif.bro $(DESTDIR)${prefix}/bro/policy/ ++ $(INSTALL_DATA) http-rw.bif.bro $(DESTDIR)${prefix}/bro/policy/ ++ $(INSTALL_DATA) ident-rw.bif.bro $(DESTDIR)${prefix}/bro/policy/ ++ $(INSTALL_DATA) smtp-rw.bif.bro $(DESTDIR)${prefix}/bro/policy/ ++ $(INSTALL_DATA) strings.bif.bro $(DESTDIR)${prefix}/bro/policy/ + + uninstall-local: +- rm -f $(DESTDIR)${prefix}/policy/bro.bif.bro +- rm -f $(DESTDIR)${prefix}/policy/common-rw.bif.bro +- rm -f $(DESTDIR)${prefix}/policy/const.bif.bro +- rm -f $(DESTDIR)${prefix}/policy/dns-rw.bif.bro +- rm -f $(DESTDIR)${prefix}/policy/event.bif.bro +- rm -f $(DESTDIR)${prefix}/policy/finger-rw.bif.bro +- rm -f $(DESTDIR)${prefix}/policy/ftp-rw.bif.bro +- rm -f $(DESTDIR)${prefix}/policy/http-rw.bif.bro +- rm -f $(DESTDIR)${prefix}/policy/ident-rw.bif.bro +- rm -f $(DESTDIR)${prefix}/policy/smtp-rw.bif.bro +- rm -f $(DESTDIR)${prefix}/policy/strings.bif.bro ++ rm -f $(DESTDIR)${prefix}/bro/policy/bro.bif.bro ++ rm -f $(DESTDIR)${prefix}/bro/policy/common-rw.bif.bro ++ rm -f $(DESTDIR)${prefix}/bro/policy/const.bif.bro ++ rm -f $(DESTDIR)${prefix}/bro/policy/dns-rw.bif.bro ++ rm -f $(DESTDIR)${prefix}/bro/policy/event.bif.bro ++ rm -f $(DESTDIR)${prefix}/bro/policy/finger-rw.bif.bro ++ rm -f $(DESTDIR)${prefix}/bro/policy/ftp-rw.bif.bro ++ rm -f $(DESTDIR)${prefix}/bro/policy/http-rw.bif.bro ++ rm -f $(DESTDIR)${prefix}/bro/policy/ident-rw.bif.bro ++ rm -f $(DESTDIR)${prefix}/bro/policy/smtp-rw.bif.bro ++ rm -f $(DESTDIR)${prefix}/bro/policy/strings.bif.bro + # Tell versions [3.59,3.63) of GNU make to not export all variables. + # Otherwise a system limit (for SysV at least) may be exceeded. + .NOEXPORT: diff --git a/security/bro/files/patch-policy-sigs-Makefile.in b/security/bro/files/patch-policy-sigs-Makefile.in new file mode 100644 index 000000000000..be598acfd6a0 --- /dev/null +++ b/security/bro/files/patch-policy-sigs-Makefile.in @@ -0,0 +1,11 @@ +--- policy/sigs/Makefile.in.orig Wed Jul 18 16:32:45 2007 ++++ policy/sigs/Makefile.in Wed Jul 18 16:33:13 2007 +@@ -171,7 +171,7 @@ + target_cpu = @target_cpu@ + target_os = @target_os@ + target_vendor = @target_vendor@ +-sigsdir = ${prefix}/policy/sigs ++sigsdir = ${prefix}/bro/policy/sigs + dist_sigs_DATA = dpd.sig ex.web-rules.sig p0fsyn.osf \ + snort-default.sig ssl-worm.sig worm.sig + diff --git a/security/bro/files/patch-script-s2b-example-bro_files-Makefile.in b/security/bro/files/patch-script-s2b-example-bro_files-Makefile.in new file mode 100644 index 000000000000..deb7f329fe49 --- /dev/null +++ b/security/bro/files/patch-script-s2b-example-bro_files-Makefile.in @@ -0,0 +1,14 @@ +--- scripts/s2b/example_bro_files/Makefile.in.orig Wed Jul 18 17:39:54 2007 ++++ scripts/s2b/example_bro_files/Makefile.in Wed Jul 18 17:40:29 2007 +@@ -172,9 +172,9 @@ + target_cpu = @target_cpu@ + target_os = @target_os@ + target_vendor = @target_vendor@ +-actiondir = ${prefix}/policy ++actiondir = ${prefix}/bro/policy + dist_action_DATA = sig-action.bro +-sigsdir = ${prefix}/site ++sigsdir = ${prefix}/bro/site + dist_sigs_DATA = signatures.sig + all: all-am + diff --git a/security/bro/files/patch-scripts-Makefile.in b/security/bro/files/patch-scripts-Makefile.in new file mode 100644 index 000000000000..25bcff64dd7d --- /dev/null +++ b/security/bro/files/patch-scripts-Makefile.in @@ -0,0 +1,92 @@ +--- scripts/Makefile.in.orig Thu Dec 14 11:59:53 2006 ++++ scripts/Makefile.in Wed Jul 18 22:30:43 2007 +@@ -186,12 +186,12 @@ + target_os = @target_os@ + target_vendor = @target_vendor@ + bro_bin = ${prefix}/bin +-bro_logs = ${prefix}/logs ++bro_logs = ${prefix}/bro/logs + bro_etc = ${prefix}/etc +-bro_site = ${prefix}/site +-bro_scripts = ${prefix}/scripts +-bro_reports = ${prefix}/reports +-bro_perlmods = ${prefix}/perl ++bro_site = ${prefix}/bro/site ++bro_scripts = ${prefix}/bro/scripts ++bro_reports = ${prefix}/bro/reports ++bro_perlmods = ${prefix}/bro/perl + + # where to download signatures from. + SIGHOST = www.bro-ids.org +@@ -222,9 +222,9 @@ + bin_SCRIPT = bro.rc + + # more files! Ugggg, will the pain ever stop? +-scoredir = $(prefix)/etc ++scoredir = $(prefix)/bro/etc + dist_score_DATA = alert_scores signature_scores +-scriptsdir = $(prefix)/scripts ++scriptsdir = $(prefix)/bro/scripts + dist_scripts_SCRIPTS = bro_log_compress.sh \ + frontend-mail-reports.sh frontend-site-report.sh push_logs.sh mail_notice.sh + +@@ -596,11 +596,11 @@ + rm -f $(bro_etc)/bro.rc + rm -f $(bro_etc)/bro.cfg + rm -f $(bro_etc)/bro.cfg.example +- rm -f $(prefix)/etc/bro.rc-hooks.sh ++ rm -f $(prefix)/bro/scripts/bro.rc-hooks.sh + rm -f $(prefix)/site/local.site.bro + rm -f $(prefix)/site/${brohost}.bro + $(srcdir)/install_cron.sh uninstall +- -rm -f $(prefix)/etc/bro.rc-hooks.sh.new ++ -rm -f $(prefix)/bro/scripts/bro.rc-hooks.sh.new + -rm -f /usr/local/etc/rc.d/bro.sh + + # install the stuff to do reports +@@ -625,14 +625,14 @@ + @if [ ! -s signatures.sig.new ] ; then \ + echo "Error in download. Try again later." ; \ + else \ +- if [ ! -f $(prefix)/site/signatures.sig ] ; then \ ++ if [ ! -f $(prefix)/bro/site/signatures.sig ] ; then \ + echo "No previous version, installing new version." ; \ +- cp signatures.sig.new $(prefix)/site/signatures.sig ; \ ++ cp signatures.sig.new $(prefix)/bro/site/signatures.sig ; \ + else \ +- cp signatures.sig.new $(prefix)/site/signatures.sig.new ; \ ++ cp signatures.sig.new $(prefix)/bro/site/signatures.sig.new ; \ + echo "***********************************************************" ; \ + echo "A new signature file (signatures.sig.new) has been placed in" ; \ +- echo "$(prefix)/site. Please compare it to your current signatures.sig " ; \ ++ echo "$(prefix)/bro/site. Please compare it to your current signatures.sig " ; \ + echo "and copy it over if there are no significant differences." ; \ + echo "***********************************************************" ; \ + fi \ +@@ -669,20 +669,20 @@ + else \ + $(INSTALL_DATA) $(srcdir)/local.lite.bro $(bro_site)/${brohost}.bro.new ; \ + fi +- @if [ ! -f $(prefix)/etc/bro.rc-hooks.sh ] ; then \ +- $(INSTALL_DATA) $(srcdir)/bro.rc-hooks.sh $(prefix)/etc/bro.rc-hooks.sh ; \ ++ @if [ ! -f $(prefix)/bro/scripts/bro.rc-hooks.sh ] ; then \ ++ $(INSTALL_DATA) $(srcdir)/bro.rc-hooks.sh $(prefix)/bro/scripts/bro.rc-hooks.sh ; \ + else \ +- $(INSTALL_DATA) $(srcdir)/bro.rc-hooks.sh $(prefix)/etc/bro.rc-hooks.sh.new ; \ ++ $(INSTALL_DATA) $(srcdir)/bro.rc-hooks.sh $(prefix)/bro/scripts/bro.rc-hooks.sh.new ; \ + fi + + # Default files that can be installed/reinstalled, not site specific + install_default_files: + $(INSTALL) $(srcdir)/mail_reports.sh $(bro_scripts)/mail_reports.sh +- $(INSTALL) bro.rc $(prefix)/etc/bro.rc +- $(INSTALL) bro_config $(prefix)/scripts/bro_config ++ $(INSTALL) bro.rc $(prefix)/bro/scripts/bro.rc ++ $(INSTALL) bro_config $(prefix)/bro/scripts/bro_config + -$(INSTALL_DATA) bro.cfg $(bro_etc)/bro.cfg + $(INSTALL_DATA) $(srcdir)/bro.cfg.example $(bro_etc)/bro.cfg.example +- - $(INSTALL) bro.rc /usr/local/etc/rc.d/bro.sh ++ - $(INSTALL) bro.rc @prefix@/bro/scripts/bro.sh + (cd s2b ; $(MAKE) install) + + # install cron file diff --git a/security/bro/files/patch-scripts-bro-config.in b/security/bro/files/patch-scripts-bro-config.in new file mode 100644 index 000000000000..64fecf79a024 --- /dev/null +++ b/security/bro/files/patch-scripts-bro-config.in @@ -0,0 +1,115 @@ +--- scripts/bro_config.in.orig Tue Dec 5 15:58:52 2006 ++++ scripts/bro_config.in Sat Jul 14 14:38:48 2007 +@@ -6,7 +6,7 @@ + # on the "configure" command line + # some machines (i.e. OSX) don't put sbin in the path by default + PATH=$PATH:/usr/sbin:/sbin +-BROHOME=@prefix@ ++BROHOME=@prefix@/bro + # Usage + Usage="bro_config: [-p prefix] [-d]" + # Debug mode? +@@ -39,9 +39,9 @@ + bro_config_got_root() + { + # make a backup of local.site.bro if it exists +- if [ -f local.site.bro ]; then ++ if [ -f ${BROHOME}/site/local.site.bro ]; then + echo "Detected an old local.site.bro, saving it to local.site.bro.save" +- cp local.site.bro local.site.bro.save ++ cp ${BROHOME}/site/local.site.bro ${BROHOME}/site/local.site.bro.save + fi + + if [ `id -ur` -ne 0 ]; then +@@ -62,7 +62,7 @@ + ###################################################################### + bro_config_create_local_site_bro() + { +-cat - > local.site.bro << _EOF ++cat - > ${BROHOME}/sitelocal.site.bro.default << _EOF + # This file should describe your network configuration. + # If your local network is a class C, and its network + # address was 192.168.1.0 and a class B network +@@ -263,7 +263,7 @@ + # BRO_HOSTNAME=`hostname` + + # Directory containing Bro binaries +-BRO_BIN_DIR="${BRO_BIN_DIR:-${BROHOME}/bin}" ++BRO_BIN_DIR="${BRO_BIN_DIR:-@prefix@/bin}" + + # Directory containing Bro logs + BROLOGS="${BROLOGS:-${BROHOME}/logs}" +@@ -287,7 +287,7 @@ + # BRO_PREFIX="local" + + # Location of the Bro executable +-BRO="${BRO:-$BRO_BIN_DIR/bro}" ++BRO="${BRO_BIN_DIR}/bro" + + # Base command line options. + BRO_ADD_OPTS=" -W" +@@ -352,7 +352,7 @@ + BRO_EMAIL_REMOTE="${BRO_EMAIL_REMOTE}" + + # User id to install and run Bro under +-BRO_USER_ID="${BRO_USER_ID:-brother}" ++BRO_USER_ID="${BRO_USER_ID:-root}" + + # Site name for reports (i.e. LBNL, FOO.COM, BAZ.ORG) + BRO_SITE_NAME="${BRO_SITE_NAME}" +@@ -454,29 +454,29 @@ + echo " done." + kill -INT $pid 2>&1 > /dev/null + echo -n "Analyzing dump file....." +- ./localnetMAC.pl -a 16 -r /tmp/bro_config.tcpdump.file.$$ -b local.site.bro 2>&1 > /dev/null ++ ${BROHOME}/scripts/localnetMAC.pl -a 16 -r /tmp/bro_config.tcpdump.file.$$ -b ${BROHOME}/site/local.site.bro 2>&1 > /dev/null + rm /tmp/bro_config.tcpdump.file.$$ + #Yes there is a spelling error in the output + echo " done." +- num=`grep "MAC adresses" local.site.bro | awk '{print $3}'` ++ num=`grep "MAC adresses" ${BROHOME}/site/local.site.bro | awk '{print $3}'` + if [ "$num" -gt 2 ] ; then + echo "You don't appear to be running on a DMZ (found more then two (2) hardware " +- echo "address. Please edit local.site.bro to reflect your correct network parameters" +- cp local.site.bro.default local.site.bro ++ echo "address. Please edit ${BROHOME}/site/local.site.bro to reflect your correct network parameters" ++ cp ${BROHOME}/site/local.site.bro.default ${BROHOME}/site/local.site.bro + else + echo "Your network appears to contain the following networks:" +- for net in ` grep ",$" local.site.bro|sed 's/,//g'`; ++ for net in ` grep ",$" ${BROHOME}/site/local.site.bro|sed 's/,//g'`; + do + echo $net; + done +- echo "Edit local.site.bro by hand if this is not correct" ++ echo "Edit ${BROHOME}/site/local.site.bro by hand if this is not correct" + fi + else +- if [ -f local.site.bro ]; then ++ if [ -f ${BROHOME}/site/local.site.bro ]; then + echo "No previous local.site.bro found. Creating default" + bro_config_create_local_site_bro + #cp local.site.bro.default local.site.bro +- echo "Please edit local.site.bro so that it describes your network configuration" ++ echo "Please edit ${BROHOME}/site/local.site.bro so that it describes your network configuration" + fi + fi + } +@@ -617,7 +617,7 @@ + # source a bro.cfg if it exists, so we know the past default values from the + # last run + +- dirs="$BROHOME/etc/bro.cfg $BROHOME/etc/bro.cfg.example `pwd`/bro.cfg" ++ dirs="@prefix@/etc/bro.cfg @prefix@/etc/bro.cfg.example `pwd`/bro.cfg" + cfgused= + + for cfgfile in $dirs ; do +@@ -783,7 +783,7 @@ + bro_config_site_name() + { + if [ -z $BRO_SITE_NAME ]; then +- BRO_SITE_NAME=`hostname|awk -F. '{print $2 $3}'` ++ BRO_SITE_NAME=`hostname|awk -F. '{print $2"."$3}'` + if [ -z $BRO_SITE_NAME ] ; then + BRO_SITE_NAME="SOMESITE" + fi diff --git a/security/bro/files/patch-scripts-bro.rc.in b/security/bro/files/patch-scripts-bro.rc.in new file mode 100644 index 000000000000..21a4561599d4 --- /dev/null +++ b/security/bro/files/patch-scripts-bro.rc.in @@ -0,0 +1,47 @@ +--- scripts/bro.rc.in.orig Fri Jul 13 15:53:29 2007 ++++ scripts/bro.rc.in Fri Jul 13 15:59:26 2007 +@@ -25,7 +25,7 @@ + # For tasks to complete before and after Bro starts please edit the following + # scripts to suit your needs. For those of you familiar with dhclient this + # uses the same idea. +-# Before Bro starts $BROHOME/etc/bro.rc-hooks.sh ++# Before Bro starts @prefix@/bin/bro.rc-hooks.sh + + # See the bottom of this script for an explanation of how this all works. + # I'll try my best to be clear.... +@@ -35,14 +35,14 @@ + RETVAL=0 + + # picked up from configure at install time +-BROHOME="@prefix@" ++BROHOME="@prefix@/bro" + export BROHOME + + # Set the environment. +-source_config="${BROHOME}/etc/bro.cfg" ++source_config="@prefix@/etc/bro.cfg" + + # Location of bro-hooks.sh script +-bro_hooks="${BROHOME}/etc/bro.rc-hooks.sh" ++bro_hooks="@prefix@/bro/scripts/bro.rc-hooks.sh" + + # Set the full path to this script as called + if [ `echo ${0} | grep -E "^/"` ]; then +@@ -88,7 +88,7 @@ + export BROLOGS + export BROPATH + export BROHOME +-export PATH="${BROHOME}/bro/bin:${BROHOME}/bro/scripts:/usr/local/bin:/usr/local/sbin:${PATH}" ++export PATH="@prefix@/bin:${BROHOME}/scripts:/usr/local/bin:/usr/local/sbin:${PATH}" + + # Make sure that the $BRO_RUNTIME_DIR exists and is writtable + if [ ! -d "${BRO_RUNTIME_DIR}" ]; then +@@ -1033,7 +1033,7 @@ + # running instance of Bro. + # bro.rc logs it's actions to syslog via the logger command. + # bro.rc offers users an interface into the starting and stopping of a Bro +-# process via the file $BROHOME/etc/bro.rc-hooks.rc. This allows for ++# process via the file @prefix@/bro/scripts/bro.rc-hooks.rc. This allows for + # actions to be sent to any custom monitoring or alerting programs the + # user may wish to use. + diff --git a/security/bro/files/patch-scripts-localnetMAC.pl b/security/bro/files/patch-scripts-localnetMAC.pl new file mode 100644 index 000000000000..b3232189886f --- /dev/null +++ b/security/bro/files/patch-scripts-localnetMAC.pl @@ -0,0 +1,15 @@ +--- scripts/localnetMAC.pl.in.orig Sat Jul 14 00:01:55 2007 ++++ scripts/localnetMAC.pl.in Sat Jul 14 00:03:48 2007 +@@ -50,10 +50,10 @@ + + my $fh; + if ($args{r} and $args{r}=~/gz$/){ +- open (IN, "$decomp $args{r} |../aux/adtrace/adtrace -|") or die "cannot execute $decomp $args{r} |../aux/adtrace/adtrace - : $!\n"; ++ open (IN, "$decomp $args{r} |@prefix@/bin/adtrace -|") or die "cannot execute $decomp $args{r} |@prefix@/bin/adtrace - : $!\n"; + $fh = *IN; + }elsif($args{r}){ +- open (IN, "../aux/adtrace/adtrace $args{r}|") or die "cannot execute ./adtrace/adtrace $args{r}: $!\n"; ++ open (IN, "@prefix@/bin/adtrace $args{r}|") or die "cannot execute @prefix@/bin/adtrace $args{r}: $!\n"; + $fh = *IN; + }elsif($args{t} and $args{t}=~/gz$/){ + open (IN, "$decomp $args{t} |") or die "cannot execute $decomp $args{t} | : $!\n"; diff --git a/security/bro/files/patch-scripts-perl-Makefile.PL b/security/bro/files/patch-scripts-perl-Makefile.PL new file mode 100644 index 000000000000..b28d02dc311a --- /dev/null +++ b/security/bro/files/patch-scripts-perl-Makefile.PL @@ -0,0 +1,18 @@ +--- scripts/perl/Makefile.PL.orig Wed Jul 18 16:40:51 2007 ++++ scripts/perl/Makefile.PL Wed Jul 18 16:47:11 2007 +@@ -43,13 +43,13 @@ + } + else + { +- $brohome = '/usr/local/bro'; ++ $brohome = $ENV{PREFIX}/bro'; + } + } + + if( ! $broconfig ) + { +- $broconfig = "$brohome/etc/bro.cfg"; ++ $broconfig = "$ENV{PREFIX}/etc/bro.cfg"; + } + + diff --git a/security/bro/files/patch-scripts-s2b-bin-Makefile.in b/security/bro/files/patch-scripts-s2b-bin-Makefile.in new file mode 100644 index 000000000000..30649ae3bdfb --- /dev/null +++ b/security/bro/files/patch-scripts-s2b-bin-Makefile.in @@ -0,0 +1,11 @@ +--- scripts/s2b/bin/Makefile.in.orig Wed Jul 18 17:33:29 2007 ++++ scripts/s2b/bin/Makefile.in Wed Jul 18 17:34:02 2007 +@@ -321,7 +321,7 @@ + + + # OR we can install them on a make install +-#scriptsdir=$(prefix)/etc ++#scriptsdir=$(prefix)/bro/scripts + #dist_scripts_SCRIPTS = s2b.pl snort2bro + # Tell versions [3.59,3.63) of GNU make to not export all variables. + # Otherwise a system limit (for SysV at least) may be exceeded. diff --git a/security/bro/files/patch-scripts-s2b-bro-include-Makefile.in b/security/bro/files/patch-scripts-s2b-bro-include-Makefile.in new file mode 100644 index 000000000000..1539a3b047c1 --- /dev/null +++ b/security/bro/files/patch-scripts-s2b-bro-include-Makefile.in @@ -0,0 +1,11 @@ +--- scripts/s2b/bro-include/Makefile.in.orig Wed Jul 18 17:35:02 2007 ++++ scripts/s2b/bro-include/Makefile.in Wed Jul 18 17:35:25 2007 +@@ -171,7 +171,7 @@ + target_cpu = @target_cpu@ + target_os = @target_os@ + target_vendor = @target_vendor@ +-includesigsdir = ${prefix}/policy ++includesigsdir = ${prefix}/bro/policy + dist_includesigs_DATA = sig-addendum.sig sig-functions.bro + all: all-am + diff --git a/security/bro/files/patch-scripts-s2b-etc-Makefile.in b/security/bro/files/patch-scripts-s2b-etc-Makefile.in new file mode 100644 index 000000000000..de449617299d --- /dev/null +++ b/security/bro/files/patch-scripts-s2b-etc-Makefile.in @@ -0,0 +1,11 @@ +--- scripts/s2b/etc/Makefile.in.orig Wed Jul 18 17:37:19 2007 ++++ scripts/s2b/etc/Makefile.in Wed Jul 18 17:37:45 2007 +@@ -321,7 +321,7 @@ + + + # OR we can install them on a make install +-#scriptsdir=$(prefix)/etc ++#scriptsdir=$(prefix)/bro/scripts + #dist_scripts_SCRIPTS = s2b-augment.cfg s2b-ruleset-augment.cfg s2b-sigmap.cfg s2b.cfg + # Tell versions [3.59,3.63) of GNU make to not export all variables. + # Otherwise a system limit (for SysV at least) may be exceeded. diff --git a/security/bro/files/patch-src-Makefile.in b/security/bro/files/patch-src-Makefile.in new file mode 100644 index 000000000000..e351acf5d880 --- /dev/null +++ b/security/bro/files/patch-src-Makefile.in @@ -0,0 +1,11 @@ +--- src/Makefile.in.orig Wed Jul 18 16:48:03 2007 ++++ src/Makefile.in Wed Jul 18 16:48:34 2007 +@@ -550,7 +550,7 @@ + $(DISTCLEANFILES) + + +-#bropolicydir=${prefix}/policy ++#bropolicydir=${prefix}/bro/policy + #dist_bropolicy_DATA = $(BIF_BRO) + CCOPT = @V_CCOPT@ -W -Wall -Wno-unused + INCLS = @V_INCLS@ diff --git a/security/bro/files/pkg-deinstall.in b/security/bro/files/pkg-deinstall.in new file mode 100644 index 000000000000..f36772a02b0e --- /dev/null +++ b/security/bro/files/pkg-deinstall.in @@ -0,0 +1,21 @@ +#!/bin/sh + +# Since pkg-plist prepends PREFIX to SITE_PERL, +# we can't remove these files in the normal way + +if [ "$2" != "POST-DEINSTALL" ]; then + exit 0 +fi + +/bin/rm %%SITE_PERL%%/mach/IP4.pm +/bin/rm %%SITE_PERL%%/mach/Bro/Config.pm +/bin/rm %%SITE_PERL%%/mach/Bro/Log.pm +/bin/rm %%SITE_PERL%%/mach/Bro/Report.pm +/bin/rm %%SITE_PERL%%/mach/Bro/Signature.pm +/bin/rm %%SITE_PERL%%/mach/Bro/Log/Alarm.pm +/bin/rm %%SITE_PERL%%/mach/Bro/Log/Conn.pm +/bin/rm %%SITE_PERL%%/mach/Bro/Report/Alarm.pm +/bin/rm %%SITE_PERL%%/mach/Bro/Report/Conn.pm +/bin/rmdir %%SITE_PERL%%/mach/Bro/Report +/bin/rmdir %%SITE_PERL%%/mach/Bro/Log +/bin/rmdir %%SITE_PERL%%/mach/Bro diff --git a/security/bro/files/pkg-install.in b/security/bro/files/pkg-install.in new file mode 100644 index 000000000000..c10f1d2392cf --- /dev/null +++ b/security/bro/files/pkg-install.in @@ -0,0 +1,25 @@ +#!/bin/sh + +# Call the bro_config script to configure bro and, when complete, +# copy the newly created cfg file to %%PREFIX%%/etc. + +echo "****************************************" +echo "* RUNNING THE BRO CONFIGURATION SCRIPT *" +echo "****************************************" +echo + +if [ -f %%BROHOME%%/scripts/bro_config ]; then + /bin/sh %%BROHOME%%/scripts/bro_config +fi + +if [ -f %%WRKSRC%%/../../bro.cfg ]; then + cp bro.cfg %%PREFIX%%/etc/bro.cfg +fi + +if [ -f %%WRKSRC%%/../../bro.cfg ]; then + rm %%WRKSRC%%/../../bro.cfg* +fi + +if [ -f %%WRKSRC%%/../../bro_user_id ]; then + rm %%WRKSRC%%/../../bro_user* +fi diff --git a/security/bro/files/pkg-message.in b/security/bro/files/pkg-message.in new file mode 100644 index 000000000000..c10f1d2392cf --- /dev/null +++ b/security/bro/files/pkg-message.in @@ -0,0 +1,25 @@ +#!/bin/sh + +# Call the bro_config script to configure bro and, when complete, +# copy the newly created cfg file to %%PREFIX%%/etc. + +echo "****************************************" +echo "* RUNNING THE BRO CONFIGURATION SCRIPT *" +echo "****************************************" +echo + +if [ -f %%BROHOME%%/scripts/bro_config ]; then + /bin/sh %%BROHOME%%/scripts/bro_config +fi + +if [ -f %%WRKSRC%%/../../bro.cfg ]; then + cp bro.cfg %%PREFIX%%/etc/bro.cfg +fi + +if [ -f %%WRKSRC%%/../../bro.cfg ]; then + rm %%WRKSRC%%/../../bro.cfg* +fi + +if [ -f %%WRKSRC%%/../../bro_user_id ]; then + rm %%WRKSRC%%/../../bro_user* +fi |