diff options
Diffstat (limited to 'security/snortsam/files')
| -rw-r--r-- | security/snortsam/files/patch-snortsam.h | 16 | ||||
| -rw-r--r-- | security/snortsam/files/pkg-install.in | 17 | ||||
| -rw-r--r-- | security/snortsam/files/pkg-message-snortsam | 10 | ||||
| -rw-r--r-- | security/snortsam/files/pkg-message.in | 18 | ||||
| -rw-r--r-- | security/snortsam/files/snortsam.sh.in | 31 | ||||
| -rw-r--r-- | security/snortsam/files/ssp_ipfw2_no_table_check.patch | 18 |
6 files changed, 68 insertions, 42 deletions
diff --git a/security/snortsam/files/patch-snortsam.h b/security/snortsam/files/patch-snortsam.h deleted file mode 100644 index ab32bb001eaf..000000000000 --- a/security/snortsam/files/patch-snortsam.h +++ /dev/null @@ -1,16 +0,0 @@ ---- src/snortsam.h.old 2008-08-03 00:08:34.000000000 -0300 -+++ src/snortsam.h 2008-08-03 00:10:58.000000000 -0300 -@@ -178,10 +178,10 @@ - #define safecopy(dst,src) _safecp(dst,sizeof(dst),src) - - #ifdef WIN32 --#define FWSAMCONFIGFILE "snortsam.cfg" --#define FWSAMHISTORYFILE "snortsam.sta" -+#define FWSAMCONFIGFILE "/usr/local/etc/snortsam.cfg" -+#define FWSAMHISTORYFILE "/var/db/snortsam.sta" - #else --#define FWSAMCONFIGFILE "/etc/snortsam.conf" -+#define FWSAMCONFIGFILE "/usr/local/etc/snortsam.conf" - #define FWSAMHISTORYFILE "/var/db/snortsam.state" - #endif - diff --git a/security/snortsam/files/pkg-install.in b/security/snortsam/files/pkg-install.in new file mode 100644 index 000000000000..dfafcc7ef509 --- /dev/null +++ b/security/snortsam/files/pkg-install.in @@ -0,0 +1,17 @@ +#!/bin/sh +# +# $FreeBSD$ + +ETCDIR=${ETCDIR:=%%ETCDIR%%} + +# snortsam config file contain sensitive data like +# passwords needed to block IP's on the firewalls. +# Set permission of the config dir to 700 so only +# root:wheel can access this directory. +if [ "$2" = "POST-INSTALL" ]; then + if [ -d ${ETCDIR} ]; then + /usr/sbin/chown root:wheel ${ETCDIR} + /bin/chmod 700 ${ETCDIR} + fi +fi + diff --git a/security/snortsam/files/pkg-message-snortsam b/security/snortsam/files/pkg-message-snortsam deleted file mode 100644 index 504ed78649d7..000000000000 --- a/security/snortsam/files/pkg-message-snortsam +++ /dev/null @@ -1,10 +0,0 @@ - -============================================================ -NOTE: Make sure that your SNORT installation it is defined - output plugin SNORTSAM for don't cause errors while - building SNORTSAM system. If exists some OLD SNORT - installation WITHOUT supports for interaction between - SNORT and SNORTSAM. PLEASE reconfigure WITH that this - feature and rebuild a new installation. -============================================================= - diff --git a/security/snortsam/files/pkg-message.in b/security/snortsam/files/pkg-message.in new file mode 100644 index 000000000000..461458e0a8fc --- /dev/null +++ b/security/snortsam/files/pkg-message.in @@ -0,0 +1,18 @@ +================================================================ +NOTE: SNORT have to be build with OPTION SNORTSAM. + + To enable snortsam as output plugin for snort a config + line like the following should be present in snort.conf + + output alert_fwsam: <snortsambox>:<port>/<password> + + With samtool it is possible to send alerts to snortsam, + this way you can test and adjust your FW rules. + + For more information read the INSTALL, FAQ, README + files in %%DOCSDIR%% + + Additional consolidate http://snortsam.net + +============================================================== + diff --git a/security/snortsam/files/snortsam.sh.in b/security/snortsam/files/snortsam.sh.in index 946e951f153a..f53bb8f29c00 100644 --- a/security/snortsam/files/snortsam.sh.in +++ b/security/snortsam/files/snortsam.sh.in @@ -1,31 +1,30 @@ #!/bin/sh -# $FreeBSD: +# $FreeBSD$ # PROVIDE: snortsam # REQUIRE: DAEMON -# BEFORE: LOGIN +# BEFORE: LOGIN # KEYWORD: shutdown -# Add the following lines to /etc/rc.conf to enable snortsam: -# snortsam_enable (bool): Set to YES to enable snortsam -# Default: NO -# snortsam_flags (str): Extra flags passed to snortsam -# Default: "" -# snortsam_conf (str): Snortsam configuration file -# Default: ${PREFIX}/etc/snortsam/snortsam.conf # - +# Add the following line to /etc/rc.conf to enable snortsam: +# +# snortsam_enable="YES" +# +# # optional Snortsam configuration file: +# snortsam_conf="%%ETCDIR%%/snortsam.conf" +# +# DO NOT CHANGE THE DEFAULT VALUES HERE +# . %%RC_SUBR%% name="snortsam" rcvar=`set_rcvar` +load_rc_config snortsam +# defaults command="%%PREFIX%%/sbin/snortsam" - -load_rc_config $name - -[ -z "$snortsam_enable" ] && snortsam_enable="NO" -[ -z "$snortsam_conf" ] && snortsam_conf="%%PREFIX%%/etc/snortsam/snortsam.conf" -[ -n "$snortsam_conf" ] && snortsam_flags="$snortsam_flags $snortsam_conf" +snortsam_enable=${snortsam_enable:-"NO"} +snortsam_flags=${snortsam_conf:-"%%ETCDIR%%/snortsam.conf"} run_rc_command "$1" diff --git a/security/snortsam/files/ssp_ipfw2_no_table_check.patch b/security/snortsam/files/ssp_ipfw2_no_table_check.patch new file mode 100644 index 000000000000..1e20b9e5992f --- /dev/null +++ b/security/snortsam/files/ssp_ipfw2_no_table_check.patch @@ -0,0 +1,18 @@ +--- src/ssp_ipfw2.c.orig 2008-04-26 21:53:21.000000000 +0200 ++++ src/ssp_ipfw2.c 2009-11-14 22:03:41.000000000 +0100 +@@ -91,6 +91,7 @@ + } + } + } ++#if defined(ENABLE_IPFW_TABLE_CHECK) + /* Check if inbound table exists */ + snprintf(chk,sizeof(chk)-1,"/sbin/ipfw show | grep -q \"deny ip from any to table(%u) via %s\"",ipfw2p->in_table,ipfw2p->interface); + if(system(chk)) +@@ -110,6 +111,7 @@ + } + } + ++#endif /* ENABLE_IPFW_TABLE_CHECK */ + #ifdef FWSAMDEBUG + if(plugindatalist->data) + printf("Debug: [ipfw2] Adding IPFW2: i/f '%s', tables %u (in) and %u (out)\n", ipfw2p->interface, ipfw2p->in_table,ipfw2p->out_table); |