diff options
Diffstat (limited to 'security')
29 files changed, 0 insertions, 1239 deletions
diff --git a/security/Makefile b/security/Makefile index 9e8546e60901..e5b2619f2829 100644 --- a/security/Makefile +++ b/security/Makefile @@ -1225,7 +1225,6 @@ SUBDIR += sectok SUBDIR += secure_delete SUBDIR += setaudit - SUBDIR += sguil SUBDIR += sha SUBDIR += sha1collisiondetection SUBDIR += sha2wordlist diff --git a/security/sguil/Makefile b/security/sguil/Makefile deleted file mode 100644 index 282a414984db..000000000000 --- a/security/sguil/Makefile +++ /dev/null @@ -1,207 +0,0 @@ -# Created by: Muhammad Moinur Rahman <5u623l20@gmail.com> -# $FreeBSD$ - -PORTNAME= sguil -PORTVERSION= 1.0.0 -DISTVERSIONPREFIX= v -CATEGORIES= security - -MAINTAINER= bofh@FreeBSD.org -COMMENT= Sguil is a network security monitoring program - -LICENSE= GPLv3 - -RUN_DEPENDS= tcltls>=0:devel/tcltls \ - ${LOCALBASE}/lib/tclx8.4/tclx.tcl:lang/tclX - -USE_GITHUB= yes -GH_ACCOUNT= bammv - -OPTIONS_DEFINE= DOCS -OPTIONS_DEFAULT= SERVER CLIENT SENSOR -OPTIONS_MULTI= INSTANCE -OPTIONS_MULTI_INSTANCE= SERVER CLIENT SENSOR -OPTIONS_GROUP= SERVER CLIENT SENSOR -OPTIONS_GROUP_SERVER= MYSQL -OPTIONS_GROUP_CLIENT= AUDIO SANCP WIRESHARK -OPTIONS_GROUP_SENSOR= PADS_SENSOR SANCP_SENSOR -OPTIONS_SUB= yes - -SERVER_DESC= Install Sguil Server -CLIENT_DESC= Install Sguil Client -SENSOR_DESC= Install Sguil SENSOR -MYSQL_DESC= Depend on databases/mysqltcl -AUDIO_DESC= Install Festival Speech Synthesis -SANCP_DESC= Use sancp -PADS_SENSOR_DESC= Include pads sensor -SANCP_SENSOR_DESC= Include sancp sensor -WIRESHARK_DESC= Install wireshark - -CLIENT_USES= tk:wrapper -SERVER_RUN_DEPENDS= p0f:net-mgmt/p0f \ - tcpflow:net/tcpflow \ - dtplite:devel/tcllib -CLIENT_RUN_DEPENDS= dtplite:devel/tcllib \ - iwidgets>0:x11-toolkits/iwidgets \ - gpg2:security/gnupg -SENSOR_RUN_DEPENDS= barnyard2:security/barnyard2-sguil -MYSQL_LIB_DEPENDS= mysqltcl>=3.052:databases/mysqltcl -AUDIO_RUN_DEPENDS= festival:audio/festival -SANCP_RUN_DEPENDS= sancp:security/sancp -WIRESHARK_RUN_DEPENDS= wireshark:net/wireshark -PADS_SENSOR_RUN_DEPENDS= pads:net-mgmt/pads -SANCP_SENSOR_RUN_DEPENDS= sancp:security/sancp - -NO_BUILD= yes -NO_ARCH= yes -TCL_VER= 8.5 -TCLSH= tclsh${TCL_VER} -SERVER_SGUILDIR?= sguild -CLIENT_SGUILDIR?= sguil-client -SENSOR_SGUILDIR?= sguil-sensor -PLIST_SUB= SERVER_SGUILDIR=${SERVER_SGUILDIR} \ - CLIENT_SGUILDIR=${CLIENT_SGUILDIR} \ - SENSOR_SGUILDIR=${SENSOR_SGUILDIR} -SUB_LIST= SERVER_SGUILDIR=${SERVER_SGUILDIR} TCLSH=${TCLSH} \ - CLIENT_SGUILDIR=${CLIENT_SGUILDIR} \ - SENSOR_SGUILDIR=${SENSOR_SGUILDIR} -SERVER_CONFS= autocat.conf sguild.access sguild.email sguild.reports \ - sguild.conf sguild.queries sguild.users -CLIENT_LIBFILES=SguilUtil.tcl dkffont.tcl email17.tcl extdata.tcl \ - sellib.tcl sancp.tcl sound.tcl guilib.tcl qrybuild.tcl \ - qrylib.tcl report.tcl stdquery.tcl whois.tcl -SENSOR_AGENTS= pcap_agent.tcl snort_agent.tcl -SENSOR_CONFS= pcap_agent.conf snort_agent.conf -LOG_SCRIPTS= log_packets-daemonlogger.sh log_packets.sh -USERS= sguil -GROUPS= sguil - -PORTDOCS= ${COMMON_DOCS:S|^doc/||} -COMMON_DOCS= doc/CHANGES doc/FAQ doc/INSTALL doc/INSTALL.openbsd \ - doc/OPENSSL.README doc/TODO doc/UPGRADE doc/USAGE \ - doc/sguildb.dia - -.include <bsd.port.options.mk> - -.if ${PORT_OPTIONS:MCLIENT} -SUB_FILES= pkg-message-client -.endif - -.if ${PORT_OPTIONS:MSERVER} -USE_RC_SUBR+= sguild -SUB_FILES= pkg-message-server -.endif - -.if ${PORT_OPTIONS:MSENSOR} -DEPRECATED= Uses legacy GeoIP 1 format which no longer works; switch to GeoIP 2 where possible -EXPIRATION_DATE=2019-02-15 - -USE_RC_SUBR+= pcap_agent snort_agent -SUB_FILES= pkg-message-sensor -WITH_PCRE= true -PORTDOCS+= README.daemonlogger -. if ${PORT_OPTIONS:MSANCP_SENSOR} -SENSOR_AGENTS+= sancp_agent.tcl pcap_agent-sancp.tcl -SENSOR_CONFS+= sancp_agent.conf sancp-indexed.conf pcap_agent-sancp.conf -USE_RC_SUBR+= sancp_agent pcap_agent-sancp -PORTDOCS+= README.sancp_indexed_pcap -. endif -. if ${PORT_OPTIONS:MPADS_SENSOR} -SENSOR_AGENTS+= pads_agent.tcl -SENSOR_CONFS+= pads_agent.conf -USE_RC_SUBR+= pads_agent -. endif -.endif - -post-patch-SERVER-on: - @${REINPLACE_CMD} 's|/bin/sh|${TCLSH}|' \ - ${WRKSRC}/server/sguild - @${MKDIR} ${STAGEDIR}${PREFIX}/etc/${SERVER_SGUILDIR} \ - ${STAGEDIR}${PREFIX}/lib/${SERVER_SGUILDIR} \ - ${STAGEDIR}${PREFIX}/share/${SERVER_SGUILDIR} \ - ${STAGEDIR}${PREFIX}/share/${SERVER_SGUILDIR}/contrib - -post-patch-CLIENT-on: - @${MKDIR} ${STAGEDIR}${PREFIX}/bin/${CLIENT_SGUILDIR} \ - ${STAGEDIR}${PREFIX}/bin/${CLIENT_SGUILDIR}/lib \ - ${STAGEDIR}${PREFIX}/bin/${CLIENT_SGUILDIR}/images - -post-patch-SENSOR-on: -.for f in ${SENSOR_AGENTS} - @${REINPLACE_CMD} 's|/bin/sh|${PREFIX}/bin/${TCLSH}|' \ - ${WRKSRC}/sensor/${f} -.endfor - -do-install-SERVER-on: - (cd ${WRKSRC}/server/lib && \ - ${COPYTREE_BIN} \* ${STAGEDIR}${PREFIX}/lib/${SERVER_SGUILDIR}) - (cd ${WRKSRC}/server/sql_scripts && \ - ${COPYTREE_SHARE} \* \ - ${STAGEDIR}${PREFIX}/share/${SERVER_SGUILDIR}) - (cd ${WRKSRC}/server/contrib && \ - ${COPYTREE_SHARE} \* \ - ${STAGEDIR}${PREFIX}/share/${SERVER_SGUILDIR}/contrib) - ${INSTALL_SCRIPT} ${WRKSRC}/server/sguild ${STAGEDIR}${PREFIX}/bin -.for f in ${SERVER_CONFS} - ${INSTALL_DATA} ${WRKSRC}/server/${f} \ - ${STAGEDIR}${PREFIX}/etc/${SERVER_SGUILDIR}/${f}-sample -.endfor - -do-install-CLIENT-on: - ${INSTALL_SCRIPT} ${WRKSRC}/client/sguil.tk \ - ${STAGEDIR}${PREFIX}/bin/${CLIENT_SGUILDIR}/sguil.tk - ${INSTALL_DATA} ${WRKSRC}/client/sguil.conf \ - ${STAGEDIR}${PREFIX}/etc/sguil.conf-sample - (cd ${WRKSRC}/client/lib && ${INSTALL_DATA} ${CLIENT_LIBFILES} \ - ${STAGEDIR}${PREFIX}/bin/${CLIENT_SGUILDIR}/lib) - (cd ${WRKSRC}/client/lib/images && \ - ${INSTALL_DATA} sguil_logo_h.gif checked.gif unchecked.gif \ - ${STAGEDIR}${PREFIX}/bin/${CLIENT_SGUILDIR}/images) - (cd ${WRKSRC}/client/lib/tablelist5.14 && ${COPYTREE_SHARE} \* \ - ${STAGEDIR}${PREFIX}/bin/${CLIENT_SGUILDIR}/lib/tablelist5.14) - -do-install-SENSOR-on: - @${MKDIR} ${STAGEDIR}${PREFIX}/bin/${SENSOR_SGUILDIR} \ - ${STAGEDIR}${PREFIX}/etc/${SENSOR_SGUILDIR} \ - ${STAGEDIR}${PREFIX}/share/${SENSOR_SGUILDIR} \ - ${STAGEDIR}${PREFIX}/share/${SENSOR_SGUILDIR}/contrib \ - ${STAGEDIR}${PREFIX}/share/${SENSOR_SGUILDIR}/init - (cd ${WRKSRC}/sensor/contrib && \ - ${COPYTREE_SHARE} \* \ - ${STAGEDIR}${PREFIX}/share/${SENSOR_SGUILDIR}/contrib \ - "! -name ossec_agent.tcl.orig") - (cd ${WRKSRC}/sensor/init && \ - ${COPYTREE_SHARE} \* \ - ${STAGEDIR}${PREFIX}/share/${SENSOR_SGUILDIR}/init) - (cd ${WRKSRC}/sensor/ && \ - ${INSTALL_SCRIPT} ${SENSOR_AGENTS} \ - ${STAGEDIR}${PREFIX}/bin/${SENSOR_SGUILDIR}) - (cd ${WRKSRC}/sensor && \ - ${INSTALL_SCRIPT} ${LOG_SCRIPTS} \ - ${STAGEDIR}${PREFIX}/bin/${SENSOR_SGUILDIR}) -.for f in ${SENSOR_CONFS} - ${INSTALL_DATA} ${WRKSRC}/sensor/${f} \ - ${STAGEDIR}${PREFIX}/etc/${SENSOR_SGUILDIR}/${f}-sample -.endfor -.if ${PORT_OPTIONS:MSANCP_SENSOR} - ${INSTALL_SCRIPT} ${WRKSRC}/sensor/log_packets-sancp.sh \ - ${STAGEDIR}${PREFIX}/bin/${SENSOR_SGUILDIR} - ${INSTALL_DATA} ${WRKSRC}/sensor/sancp/sancp.conf \ - ${STAGEDIR}${PREFIX}/etc/${SENSOR_SGUILDIR}/sancp.conf-sample -.endif - -do-install: -.if ${PORT_OPTIONS:MDOCS} - @${MKDIR} ${STAGEDIR}${DOCSDIR} - ${INSTALL_DATA} ${COMMON_DOCS:S|^|${WRKSRC}/|} ${STAGEDIR}${DOCSDIR} -. if ${PORT_OPTIONS:MSENSOR} - ${INSTALL_DATA} ${WRKSRC}/sensor/README.daemonlogger \ - ${STAGEDIR}${DOCSDIR} -. if ${PORT_OPTIONS:MSANCP_SENSOR} - ${INSTALL_DATA} ${WRKSRC}/sensor/README.sancp_indexed_pcap \ - ${STAGEDIR}${DOCSDIR} -. endif -. endif -.endif - -.include <bsd.port.mk> diff --git a/security/sguil/distinfo b/security/sguil/distinfo deleted file mode 100644 index 64fadfa00e4d..000000000000 --- a/security/sguil/distinfo +++ /dev/null @@ -1,3 +0,0 @@ -TIMESTAMP = 1545208282 -SHA256 (bammv-sguil-v1.0.0_GH0.tar.gz) = 4f6bd74966750238a727087f639bafd723cf95807cc421cde1ade5a50e19ee16 -SIZE (bammv-sguil-v1.0.0_GH0.tar.gz) = 892934 diff --git a/security/sguil/files/example_agent.in b/security/sguil/files/example_agent.in deleted file mode 100644 index fdcecf751dba..000000000000 --- a/security/sguil/files/example_agent.in +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/sh - -# $FreeBSD: head/security/sguil-sensor/files/example_agent.in 340872 2014-01-24 00:14:07Z mat $ - -# PROVIDE: example_agent -# REQUIRE: DAEMON -# KEYWORD: shutdown - -# Add the following line to /etc/rc.conf to enable example_agent: -# example_agent_enable (bool): Set to YES to enable example_agent -# Default: NO -# example_agent_conf (str): Example_agent configuration file -# Default: %%PREFIX%%/etc/%%SGUILDIR%%/example_agent.conf -# example_agent_flags (str): Default: -D -# - -. /etc/rc.subr - -load_rc_config example_agent - -#set defaults -example_agent_enable=${example_agent_enable:-"NO"} -example_agent_conf=${example_agent_conf:-"%%PREFIX%%/etc/%%SGUILDIR%%/example_agent.conf"} -example_agent_flags=${example_agent_flags:-"-D"} - -name="example_agent" -rcvar=example_agent_enable -command="%%PREFIX%%/bin/%%SGUILDIR%%/example_agent.tcl" -command_args="-c ${example_agent_conf} ${example_agent_flags}" -procname="%%PREFIX%%/bin/tclsh8.4" -pidfile="/var/run/${name}.pid" -check_pidfile="${pidfile} ${procname} /bin/sh" - -run_rc_command "$1" diff --git a/security/sguil/files/pads_agent.in b/security/sguil/files/pads_agent.in deleted file mode 100644 index 829e9ed1e0df..000000000000 --- a/security/sguil/files/pads_agent.in +++ /dev/null @@ -1,66 +0,0 @@ -#!/bin/sh - -# $FreeBSD: head/security/sguil-sensor/files/pads_agent.in 312466 2013-02-18 00:56:47Z miwi $ - -# PROVIDE: pads_agent -# REQUIRE: DAEMON -# KEYWORD: shutdown - -# Add the following line to /etc/rc.conf to enable pads_agent: -# pads_agent_enable (bool): Set to YES to enable pads_agent -# Default: NO -# pads_agent_conf (str): Pads_agent configuration file -# Default: %%PREFIX%%/etc/%%SGUILDIR%%/pads_agent.conf -# pads_agent_flags (str): Default: -D -# - -. /etc/rc.subr - -name="pads_agent" -rcvar=${name}_enable -load_rc_config ${name} - -#set defaults -: ${pads_agent_enable:="NO"} -: ${pads_agent_conf:="%%PREFIX%%/etc/%%SGUILDIR%%/pads_agent.conf"} -: ${pads_agent_flags:="-D -c ${pads_agent_conf}"} - -command="%%PREFIX%%/bin/%%SGUILDIR%%/pads_agent.tcl" -procname="%%PREFIX%%/bin/%%TCLSH%%" -pidfile="/var/run/${name}.pid" - -start_precmd="pads_agent_ck4fifo" -stop_postcmd="pads_agent_rmfifo" - -pads_agent_ck4fifo() -{ - LOG_DIR=`grep "LOG_DIR " ${pads_agent_conf} | awk '{print $3}'` - HOSTNAME=`grep "HOSTNAME " ${pads_agent_conf} | awk '{print $3}'` - PADS_FIFO=${LOG_DIR}/${HOSTNAME}/pads.fifo - - if [ ! -p ${PADS_FIFO} ]; then - echo "${PADS_FIFO} does not exist. Creating now....." - /usr/bin/mkfifo ${PADS_FIFO} - fi - echo "Checking for ${PADS_FIFO}...." - if [ -p ${PADS_FIFO} ]; then - echo "Confirmed! ${PADS_FIFO} exists." - else - echo "I tried to create ${PADS_FIFO} and failed." - echo "You will need to create it manually before starting ${name}." - fi -} - -pads_agent_rmfifo() -{ - LOG_DIR=`grep "LOG_DIR " ${pads_agent_conf} | awk '{print $3}'` - HOSTNAME=`grep "HOSTNAME " ${pads_agent_conf} | awk '{print $3}'` - PADS_FIFO=${LOG_DIR}/${HOSTNAME}/pads.fifo - - if [ -p ${PADS_FIFO} ]; then - /bin/rm ${PADS_FIFO} - echo "Removing ${PADS_FIFO}...." - fi -} - -run_rc_command "$1" diff --git a/security/sguil/files/patch-client__sguil.conf b/security/sguil/files/patch-client__sguil.conf deleted file mode 100644 index 906002216cb0..000000000000 --- a/security/sguil/files/patch-client__sguil.conf +++ /dev/null @@ -1,35 +0,0 @@ ---- client/sguil.conf.orig 2014-03-29 00:41:36 UTC -+++ client/sguil.conf -@@ -18,7 +18,7 @@ set SGUILLIB ./lib - set DEBUG 1 - - # PATH to tls lib if needed (tcl can usually find this by default) --#set TLS_PATH /usr/lib/tls1.4/libtls1.4.so -+#set TLS_PATH /usr/local/lib/tls1.6/libtls1.6.so - # win32 example - #set TLS_PATH "c:/tcl/lib/tls1.4/tls14.dll" - -@@ -46,12 +46,12 @@ set HOME_NET "192.168.0.0/16 10.0.0.0/8" - # If you have festival installed, then you can have alerts spoken to - # you. Set the path to the festival binary here. If you are using - # speechd from speechio.org, then leave this commented out. --set FESTIVAL_PATH /usr/bin/festival -+set FESTIVAL_PATH /usr/local/bin/festival - # win32 example - # set FESTIVAL_PATH "c:\festival\bin\festival.exe" - - # Path to wireshark (ethereal) --set WIRESHARK_PATH /usr/sbin/wireshark -+set WIRESHARK_PATH /usr/local/bin/wireshark - # win32 example - # set WIRESHARK_PATH "c:/progra~1/wireshark/wireshark.exe" - -@@ -62,7 +62,7 @@ set WIRESHARK_STORE_DIR /tmp - # set WIRESHARK_STORE_DIR "c:/tmp" - - # Favorite browser for looking at sig info on snort.org --set BROWSER_PATH /usr/bin/firefox -+set BROWSER_PATH /usr/local/bin/firefox - # win32 example (IE) - # set BROWSER_PATH c:/progra~1/intern~1/iexplore.exe - diff --git a/security/sguil/files/patch-client__sguil.tk b/security/sguil/files/patch-client__sguil.tk deleted file mode 100644 index 5324e7406d4b..000000000000 --- a/security/sguil/files/patch-client__sguil.tk +++ /dev/null @@ -1,28 +0,0 @@ ---- client/sguil.tk.orig 2018-03-31 21:41:21 UTC -+++ client/sguil.tk -@@ -88,7 +88,7 @@ if [catch {package require smtp 1.4.3} smtpVersion] { - - # Load iwidgets and namespaces - if [catch {package require Iwidgets} iwidgetsVersion] { -- puts "ERROR: Cannot fine the Iwidgets extension." -+ puts "ERROR: Cannot find the Iwidgets extension." - puts "The iwidgets package is part of the incr tcl extension and is" - puts "available as a port/package most systems." - puts "See http://www.tcltk.com/iwidgets/ for more info." -@@ -2099,11 +2099,11 @@ if { ![info exists CONF_FILE] } { - set CONF_FILE $env(HOME)/sguil.conf - } elseif { [file exists ./sguil.conf] } { - set CONF_FILE ./sguil.conf -- } elseif { [file exists /etc/sguil] &&\ -- [file isdirectory /etc/sguil] &&\ -- [file exists /etc/sguil/sguil.conf] &&\ -- [file readable /etc/sguil/sguil.conf] } { -- set CONF_FILE /etc/sguil/sguil.conf -+ } elseif { [file exists /usr/local/etc/sguil] &&\ -+ [file isdirectory /usr/local/etc/sguil] &&\ -+ [file exists /usr/local/etc/sguil/sguil.conf] &&\ -+ [file readable /usr/local/etc/sguil/sguil.conf] } { -+ set CONF_FILE /usr/local/etc/sguil/sguil.conf - } else { - puts "Couldn't determine where the sguil config file is" - puts "Looked for $env(HOME)/sguil.conf and ./sguil.conf." diff --git a/security/sguil/files/patch-sensor__contrib__ossec_agent__ossec_agent.tcl b/security/sguil/files/patch-sensor__contrib__ossec_agent__ossec_agent.tcl deleted file mode 100644 index 4a431083751f..000000000000 --- a/security/sguil/files/patch-sensor__contrib__ossec_agent__ossec_agent.tcl +++ /dev/null @@ -1,30 +0,0 @@ ---- sensor/contrib/ossec_agent/ossec_agent.tcl.orig 2014-03-29 00:41:36 UTC -+++ sensor/contrib/ossec_agent/ossec_agent.tcl -@@ -1,6 +1,4 @@ - #!/bin/sh --# Run tcl from users PATH \ --exec tclsh "$0" "$@" - - # OSSEC agent for Sguil 0.7.0. Based on the "example_agent.tcl" code - # distributed with sguil. -@@ -593,9 +591,9 @@ if { ![info exists IPADDR] } { - if { ![info exists CONF_FILE] } { - - # No conf file specified check the defaults -- if { [file exists /etc/ossec_agent.conf] } { -+ if { [file exists /usr/local/etc/sguil-sensor/ossec_agent.conf] } { - -- set CONF_FILE /etc/ossec_agent.conf -+ set CONF_FILE /usr/local/etc/sguil-sensor/ossec_agent.conf - - } elseif { [file exists ./ossec_agent.conf] } { - -@@ -604,7 +602,7 @@ if { ![info exists CONF_FILE] } { - } else { - - puts "Couldn't determine where the ossec_agent.tcl config file is" -- puts "Looked for /etc/ossec_agent.conf and ./ossec_agent.conf." -+ puts "Looked for /usr/local/etc/sguil-sensor/ossec_agent.conf and ./ossec_agent.conf." - DisplayUsage $argv0 - - } diff --git a/security/sguil/files/patch-sensor__pads_agent.tcl b/security/sguil/files/patch-sensor__pads_agent.tcl deleted file mode 100644 index a743b9812b26..000000000000 --- a/security/sguil/files/patch-sensor__pads_agent.tcl +++ /dev/null @@ -1,39 +0,0 @@ ---- sensor/pads_agent.tcl.orig 2014-03-29 00:41:36 UTC -+++ sensor/pads_agent.tcl -@@ -1,6 +1,4 @@ - #!/bin/sh --# Run tcl from users PATH \ --exec tclsh "$0" "$@" - - # $Id: pads_agent.tcl,v 1.13 2011/02/17 02:55:48 bamm Exp $ # - -@@ -332,7 +330,7 @@ proc Daemonize {} { - id process group set - if {[fork]} {exit 0} - set PID [id process] -- if { ![info exists PID_FILE] } { set PID_FILE "/var/run/sensor_agent.pid" } -+ if { ![info exists PID_FILE] } { set PID_FILE "/var/run/pads_agent.pid" } - set PID_DIR [file dirname $PID_FILE] - if { ![file exists $PID_DIR] || ![file isdirectory $PID_DIR] || ![file writable $PID_DIR] } { - puts "ERROR: Directory $PID_DIR does not exists or is not writable." -@@ -380,16 +378,16 @@ foreach arg $argv { - } - } - # Parse the config file here --# Default location is /etc/pads_agent.conf or pwd -+# Default location is /usr/local/etc/sguil-sensor/pads_agent.conf or pwd - if { ![info exists CONF_FILE] } { - # No conf file specified check the defaults -- if { [file exists /etc/pads_agent.conf] } { -- set CONF_FILE /etc/pads_agent.conf -+ if { [file exists /usr/local/etc/sguil-sensor/pads_agent.conf] } { -+ set CONF_FILE /usr/local/etc/sguil-sensor/pads_agent.conf - } elseif { [file exists ./pads_agent.conf] } { - set CONF_FILE ./pads_agent.conf - } else { - puts "Couldn't determine where the sensor_agent.tcl config file is" -- puts "Looked for /etc/pads_agent.conf and ./pads_agent.conf." -+ puts "Looked for /usr/local/etc/sguil-sensor/pads_agent.conf and ./pads_agent.conf." - DisplayUsage $argv0 - } - } diff --git a/security/sguil/files/patch-sensor__pcap_agent-sancp.tcl b/security/sguil/files/patch-sensor__pcap_agent-sancp.tcl deleted file mode 100644 index 72a4c0ea025d..000000000000 --- a/security/sguil/files/patch-sensor__pcap_agent-sancp.tcl +++ /dev/null @@ -1,35 +0,0 @@ ---- sensor/pcap_agent-sancp.tcl.orig 2014-03-29 00:41:36 UTC -+++ sensor/pcap_agent-sancp.tcl -@@ -1,6 +1,4 @@ - #!/bin/sh --# Run tcl from users PATH \ --exec tclsh "$0" "$@" - - # $Id: pcap_agent-sancp.tcl,v 1.2 2008/05/29 19:25:50 hanashi Exp $ # - -@@ -754,13 +752,13 @@ foreach arg $argv { - } - - # Parse the config file here --# Default location is /etc/pcap_agent.conf or pwd -+# Default location is /usr/local/etc/sguil-sensor/pcap_agent.conf or pwd - if { ![info exists CONF_FILE] } { - - # No conf file specified check the defaults -- if { [file exists /etc/pcap_agent.conf] } { -+ if { [file exists /usr/local/etc/sguil-sensor/pcap_agent.conf] } { - -- set CONF_FILE /etc/pcap_agent.conf -+ set CONF_FILE /usr/local/etc/sguil-sensor/pcap_agent.conf - - } elseif { [file exists ./pcap_agent.conf] } { - -@@ -769,7 +767,7 @@ if { ![info exists CONF_FILE] } { - } else { - - puts "Couldn't determine where the pcap_agent.tcl config file is" -- puts "Looked for /etc/pcap_agent.conf and ./pcap_agent.conf." -+ puts "Looked for /usr/local/etc/sguil-sensor/pcap_agent.conf and ./pcap_agent.conf." - DisplayUsage $argv0 - - } diff --git a/security/sguil/files/patch-sensor__pcap_agent.tcl b/security/sguil/files/patch-sensor__pcap_agent.tcl deleted file mode 100644 index 7bfdc0e579e6..000000000000 --- a/security/sguil/files/patch-sensor__pcap_agent.tcl +++ /dev/null @@ -1,35 +0,0 @@ ---- sensor/pcap_agent.tcl.orig 2018-03-31 21:41:21 UTC -+++ sensor/pcap_agent.tcl -@@ -1,6 +1,4 @@ - #!/bin/sh --# Run tcl from users PATH \ --exec tclsh "$0" "$@" - - # $Id: pcap_agent.tcl,v 1.13 2011/03/10 22:03:33 bamm Exp $ # - -@@ -779,13 +777,13 @@ set BACK_SECONDS 0 - set FWD_SECONDS 0 - - # Parse the config file here --# Default location is /etc/pcap_agent.conf or pwd -+# Default location is /usr/local/etc/sguil-sensor/pcap_agent.conf or pwd - if { ![info exists CONF_FILE] } { - - # No conf file specified check the defaults -- if { [file exists /etc/pcap_agent.conf] } { -+ if { [file exists /usr/local/etc/sguil-sensor/pcap_agent.conf] } { - -- set CONF_FILE /etc/pcap_agent.conf -+ set CONF_FILE /usr/local/etc/sguil-sensor/pcap_agent.conf - - } elseif { [file exists ./pcap_agent.conf] } { - -@@ -794,7 +792,7 @@ if { ![info exists CONF_FILE] } { - } else { - - puts "Couldn't determine where the pcap_agent.tcl config file is" -- puts "Looked for /etc/pcap_agent.conf and ./pcap_agent.conf." -+ puts "Looked for /usr/local/etc/sguil-sensor/pcap_agent.conf and ./pcap_agent.conf." - DisplayUsage $argv0 - - } diff --git a/security/sguil/files/patch-sensor__sancp_agent.tcl b/security/sguil/files/patch-sensor__sancp_agent.tcl deleted file mode 100644 index da122fe68ebd..000000000000 --- a/security/sguil/files/patch-sensor__sancp_agent.tcl +++ /dev/null @@ -1,30 +0,0 @@ ---- sensor/sancp_agent.tcl.orig 2014-03-29 00:41:36 UTC -+++ sensor/sancp_agent.tcl -@@ -1,6 +1,4 @@ - #!/bin/sh --# Run tcl from users PATH \ --exec tclsh "$0" "$@" - - # $Id: sancp_agent.tcl,v 1.15 2011/03/10 22:03:33 bamm Exp $ # - -@@ -582,16 +580,16 @@ foreach arg $argv { - } - } - # Parse the config file here --# Default location is /etc/sancp_agent.conf or pwd -+# Default location is /usr/local/etc/sguil-sensor/sancp_agent.conf or pwd - if { ![info exists CONF_FILE] } { - # No conf file specified check the defaults -- if { [file exists /etc/sancp_agent.conf] } { -- set CONF_FILE /etc/sancp_agent.conf -+ if { [file exists /usr/local/etc/sguil-sensor/sancp_agent.conf] } { -+ set CONF_FILE /usr/local/etc/sguil-sensor/sancp_agent.conf - } elseif { [file exists ./sancp_agent.conf] } { - set CONF_FILE ./sancp_agent.conf - } else { - puts "Couldn't determine where the sancp_agent.tcl config file is" -- puts "Looked for /etc/sancp_agent.conf and ./sancp_agent.conf." -+ puts "Looked for /usr/local/etc/sguil-sensor/sancp_agent.conf and ./sancp_agent.conf." - DisplayUsage $argv0 - } - } diff --git a/security/sguil/files/patch-sensor_snort__agent.tcl b/security/sguil/files/patch-sensor_snort__agent.tcl deleted file mode 100644 index 53bbde07f147..000000000000 --- a/security/sguil/files/patch-sensor_snort__agent.tcl +++ /dev/null @@ -1,35 +0,0 @@ ---- sensor/snort_agent.tcl.orig 2014-03-29 00:41:36 UTC -+++ sensor/snort_agent.tcl -@@ -1,6 +1,4 @@ - #!/bin/sh --# Run tcl from users PATH \ --exec tclsh "$0" "$@" - - # $Id: snort_agent.tcl,v 1.9 2011/02/17 02:55:48 bamm Exp $ # - -@@ -680,13 +678,13 @@ foreach arg $argv { - } - - # Parse the config file here --# Default location is /etc/snort_agent.conf or pwd -+# Default location is /usr/local/etc/sguil-sensor/snort_agent.conf or pwd - if { ![info exists CONF_FILE] } { - - # No conf file specified check the defaults -- if { [file exists /etc/snort_agent.conf] } { -+ if { [file exists /usr/local/etc/sguil-sensor/snort_agent.conf] } { - -- set CONF_FILE /etc/snort_agent.conf -+ set CONF_FILE /usr/local/etc/sguil-sensor/snort_agent.conf - - } elseif { [file exists ./snort_agent.conf] } { - -@@ -695,7 +693,7 @@ if { ![info exists CONF_FILE] } { - } else { - - puts "Couldn't determine where the snort_agent.tcl config file is" -- puts "Looked for /etc/snort_agent.conf and ./snort_agent.conf." -+ puts "Looked for /usr/local/etc/sguil-sensor/snort_agent.conf and ./snort_agent.conf." - DisplayUsage $argv0 - - } diff --git a/security/sguil/files/patch-server__lib__SguildLoaderd.tcl b/security/sguil/files/patch-server__lib__SguildLoaderd.tcl deleted file mode 100644 index 9327edeaa813..000000000000 --- a/security/sguil/files/patch-server__lib__SguildLoaderd.tcl +++ /dev/null @@ -1,11 +0,0 @@ ---- server/lib/SguildLoaderd.tcl.orig 2014-03-29 00:41:36 UTC -+++ server/lib/SguildLoaderd.tcl -@@ -220,7 +220,7 @@ proc InitLoaderd {} { - } else { - # Make sure its a MERGE table and not the old monster - set tableStatus [mysqlsel $LOADERD_DB_ID {SHOW TABLE STATUS LIKE 'sancp'} -flatlist] -- if { $tableStatus != "" && ![ string equal -nocase [lindex $tableStatus 1] "MRG_MyISAM" ] } { -+ if { $tableStatus != "" && ![ string equal -nocase [lindex $tableStatus 1] "MRG_MYISAM" ] } { - - ErrorMessage "ERROR: loaderd: You appear to be using an old version of the\n\ - sguil database schema that does not support the MERGE sancp\n\ diff --git a/security/sguil/files/patch-server__lib__SguildMysqlMerge.tcl b/security/sguil/files/patch-server__lib__SguildMysqlMerge.tcl deleted file mode 100644 index 7db5fcc6db5a..000000000000 --- a/security/sguil/files/patch-server__lib__SguildMysqlMerge.tcl +++ /dev/null @@ -1,11 +0,0 @@ ---- server/lib/SguildMysqlMerge.tcl.orig 2014-03-29 00:41:36 UTC -+++ server/lib/SguildMysqlMerge.tcl -@@ -9,7 +9,7 @@ proc InitializeMysqlMergeTables {} { - set tmpQry "SHOW TABLE STATUS LIKE '$tableName'" - set tableStatus [mysqlsel $MAIN_DB_SOCKETID $tmpQry -flatlist] - -- if { $tableStatus != "" && ![ string equal -nocase [lindex $tableStatus 1] "MRG_MyISAM" ] } { -+ if { $tableStatus != "" && ![ string equal -nocase [lindex $tableStatus 1] "MRG_MYISAM" ] } { - - # Non MERGE table found. - set errorMsg "\n*************************************************************\n diff --git a/security/sguil/files/patch-server__sguild b/security/sguil/files/patch-server__sguild deleted file mode 100644 index d92097818c9a..000000000000 --- a/security/sguil/files/patch-server__sguild +++ /dev/null @@ -1,101 +0,0 @@ ---- server/sguild.orig 2018-03-31 21:41:21 UTC -+++ server/sguild -@@ -1,6 +1,4 @@ - #!/bin/sh --# Run tcl from users PATH \ --exec tclsh "$0" "$@" - - # $Id: sguild,v 1.194 2013/09/05 00:38:45 bamm Exp $ # - -@@ -35,13 +33,13 @@ proc DisplayUsage { cmdName } { - puts " -D Runs sguild in daemon mode" - puts " -d <0|1|2>: Set DEBUG level" - puts " -P <filename>: PATH to write PID file (def: /var/run/sguild.pid)" -- puts " -c <filename>: PATH to sguild config file (def: /etc/sguild/sguild.conf or .)" -- puts " -a <filename>: PATH to autocat config file (def: /etc/sguild/autocat.conf)" -- puts " -g <filename>: PATH to global queries file (def: /etc/sguild/sguild.queries)" -- puts " -A <filename>: PATH to user access file (def: /etc/sguild/sguild.access)" -+ puts " -c <filename>: PATH to sguild config file (def: /usr/local/etc/sguild/sguild.conf or .)" -+ puts " -a <filename>: PATH to autocat config file (def: /usr/local/etc/sguild/autocat.conf)" -+ puts " -g <filename>: PATH to global queries file (def: /usr/local/etc/sguild/sguild.queries)" -+ puts " -A <filename>: PATH to user access file (def: /usr/local/etc/sguild/sguild.access)" - puts " -l <filepath>: PATH to sguild libraries (def: ./lib)" - puts " -O <filepath>: PATH to tls library, libtls1.*.so (def: \$LIBPATH)" -- puts " -C <directory>: Directory with certificate files chain.pem, cert.pem, and privkey.pem files (def: /etc/sguild/certs)" -+ puts " -C <directory>: Directory with certificate files chain.pem, cert.pem, and privkey.pem files (def: /usr/local/etc/sguild/certs)" - puts " -L <directory>: Directory to write logfiles (def: /var/log/sguild)" - puts " -U <userid>: User id to write logfiles" - puts " -G <groupid>: Group id to write logfiles" -@@ -232,7 +230,7 @@ foreach arg $argv { - ################################## - - # Do all priv account actions here. --# Open log files/etc. Privs will be dropped after. -+# Open log files/usr/local/etc. Privs will be dropped after. - - if { ![info exists LOG_PATH] } { set LOG_PATH /var/log/sguild } - -@@ -310,8 +308,8 @@ if { [info exists GROUP] } { - - if { ![info exists CONF_FILE] } { - # No conf file specified check the defaults -- if { [file exists /etc/sguild/sguild.conf] } { -- set CONF_FILE /etc/sguild/sguild.conf -+ if { [file exists /usr/local/etc/sguild/sguild.conf] } { -+ set CONF_FILE /usr/local/etc/sguild/sguild.conf - } elseif { [file exists ./sguild.conf] } { - set CONF_FILE ./sguild.conf - } else { -@@ -452,7 +450,7 @@ if { [catch {package require tls} tlsError] } { - # Check for certs - if {![info exists CERTS_PATH]} { - -- set CERTS_PATH /etc/sguild/certs -+ set CERTS_PATH /usr/local/etc/sguild/certs - - } - -@@ -508,8 +506,8 @@ if { [info exists DISABLEUSER] && $DISABLEUSER} { - # Load accessfile - if { ![info exists ACCESS_FILE] } { - # Check the defaults -- if { [file exists /etc/sguild/sguild.access] } { -- set ACCESS_FILE "/etc/sguild/sguild.access" -+ if { [file exists /usr/local/etc/sguild/sguild.access] } { -+ set ACCESS_FILE "/usr/local/etc/sguild/sguild.access" - } elseif { [file exists ./sguild.access] } { - set ACCESS_FILE "./sguild.access" - } else { -@@ -535,8 +533,8 @@ if { [file exists $ACCESS_FILE] } { - #} - # Load email config file - if { ![info exists EMAIL_FILE] } { -- if { [file exists /etc/sguild/sguild.email] } { -- set EMAIL_FILE "/etc/sguild/sguild.email" -+ if { [file exists /usr/local/etc/sguild/sguild.email] } { -+ set EMAIL_FILE "/usr/local/etc/sguild/sguild.email" - } else { - set EMAIL_FILE "./sguild.email" - } -@@ -548,8 +546,8 @@ if { [file exists $EMAIL_FILE] } { - } - # Load global queries. - if { ![info exists GLOBAL_QRY_FILE] } { -- if { [file exists /etc/sguild/sguild.queries] } { -- set GLOBAL_QRY_FILE "/etc/sguild/sguild.queries" -+ if { [file exists /usr/local/etc/sguild/sguild.queries] } { -+ set GLOBAL_QRY_FILE "/usr/local/etc/sguild/sguild.queries" - } else { - set GLOBAL_QRY_FILE "./sguild.queries" - } -@@ -561,8 +559,8 @@ if { [file exists $GLOBAL_QRY_FILE] } { - } - # Load report queries. - if { ![info exists REPORT_QRY_FILE] } { -- if { [file exists /etc/sguild/sguild.reports] } { -- set REPORT_QRY_FILE "/etc/sguild/sguild.reports" -+ if { [file exists /usr/local/etc/sguild/sguild.reports] } { -+ set REPORT_QRY_FILE "/usr/local/etc/sguild/sguild.reports" - } else { - set REPORT_QRY_FILE "./sguild.reports" - } diff --git a/security/sguil/files/patch-server__sguild.access b/security/sguil/files/patch-server__sguild.access deleted file mode 100644 index ddf04335d4db..000000000000 --- a/security/sguil/files/patch-server__sguild.access +++ /dev/null @@ -1,12 +0,0 @@ ---- server/sguild.access.orig 2014-03-29 00:41:36 UTC -+++ server/sguild.access -@@ -4,7 +4,8 @@ - # This file is used by sguild for access control. It is read upon init # - # or when sguild receives a HUP signal. # - # # --# By default, sguild will look first for /etc/sguild/sguild.access, # -+# By default, sguild will look first for # -+# /usr/local/etc/sguild/sguild.access, # - # then ./sguild.access unless the -A /path/to/sguild.access switch # - # is used. # - # # diff --git a/security/sguil/files/patch-server__sguild.conf b/security/sguil/files/patch-server__sguild.conf deleted file mode 100644 index 3e17ed99636b..000000000000 --- a/security/sguil/files/patch-server__sguild.conf +++ /dev/null @@ -1,28 +0,0 @@ ---- server/sguild.conf.orig 2014-03-29 00:41:36 UTC -+++ server/sguild.conf -@@ -5,7 +5,7 @@ - #set GROUP sguil - - # Path the sguild libs --set SGUILD_LIB_PATH ./lib -+set SGUILD_LIB_PATH /usr/local/lib/sguild - - # DEBUG 0=off 1=important stuff 2=everything. Option 2 is VERY chatty. - set DEBUG 2 -@@ -67,7 +67,7 @@ set TMP_LOAD_DIR /sguild_data/load - - # You MUST have tcpflow installed to get xscripts - # http://www.circlemud.org/~jelson/software/tcpflow/ --set TCPFLOW "/usr/bin/tcpflow" -+set TCPFLOW "/usr/local/bin/tcpflow" - - # p0f - (C) Michal Zalewski <lcamtuf@gis.net>, William Stearns <wstearns@pobox.com> - # If you have p0f (a passive OS fingerprinting system) installed, you can have -@@ -78,6 +78,6 @@ set P0F 1 - - # Path the the p0f binary. Switches -q and -s <filename> are appended on exec, - # add any others you may need here. --set P0F_PATH "/usr/sbin/p0f" -+set P0F_PATH "/usr/local/bin/p0f" - - # Email config moved to sguild.email diff --git a/security/sguil/files/patch-server__sql_scripts__sancp_cleanup.tcl b/security/sguil/files/patch-server__sql_scripts__sancp_cleanup.tcl deleted file mode 100644 index 779e1bc438ec..000000000000 --- a/security/sguil/files/patch-server__sql_scripts__sancp_cleanup.tcl +++ /dev/null @@ -1,11 +0,0 @@ ---- server/sql_scripts/sancp_cleanup.tcl.orig 2014-03-29 00:41:36 UTC -+++ server/sql_scripts/sancp_cleanup.tcl -@@ -214,7 +214,7 @@ set createQuery " - INDEX dst_port (dst_port), \ - INDEX src_port (src_port), \ - INDEX start_time (start_time) \ -- ) TYPE=MERGE UNION=([join $tmpTables ,]) \ -+ ) ENGINE=MERGE UNION=([join $tmpTables ,]) \ - " - # Create our MERGE sancp table - mysqlexec $dbSocketID $createQuery diff --git a/security/sguil/files/pcap_agent-sancp.in b/security/sguil/files/pcap_agent-sancp.in deleted file mode 100644 index 2179083fa504..000000000000 --- a/security/sguil/files/pcap_agent-sancp.in +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/sh - -# $FreeBSD: head/security/sguil-sensor/files/pcap_agent-sancp.in 312466 2013-02-18 00:56:47Z miwi $ - -# PROVIDE: pcap_agent-sancp -# REQUIRE: DAEMON -# KEYWORD: shutdown - -# Add the following line to /etc/rc.conf to enable pcap_agent-sancp: -# pcap_agent-sancp_enable (bool): Set to YES to enable pcap_agent-sancp -# Default: NO -# pcap_agent-sancp_conf (str): Pads_agent configuration file -# Default: %%PREFIX%%/etc/%%SGUILDIR%%/pcap_agent-sancp.conf -# pcap_agent-sancp_flags (str): Default: -D -# - -. /etc/rc.subr - -name="pcap_agent-sancp" -rcvar=pcap_agent-sancp_enable -load_rc_config pcap_agent-sancp - -#set defaults -: ${pcap_agent-sancp_enable:="NO"} -: ${pcap_agent-sancp_conf:="%%PREFIX%%/etc/%%SGUILDIR%%/pcap_agent-sancp.conf"} -: ${pcap_agent-sancp_flags:="-D -c ${pcap_agent-sancp_conf}"} - -command="%%PREFIX%%/bin/%%SGUILDIR%%/pcap_agent-sancp.tcl" -procname="%%PREFIX%%/bin/%%TCLSH%%" -pidfile="/var/run/${name}.pid" - -run_rc_command "$1" diff --git a/security/sguil/files/pcap_agent.in b/security/sguil/files/pcap_agent.in deleted file mode 100644 index 0162d624bb65..000000000000 --- a/security/sguil/files/pcap_agent.in +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/sh - -# $FreeBSD: head/security/sguil-sensor/files/pcap_agent.in 312466 2013-02-18 00:56:47Z miwi $ - -# PROVIDE: pcap_agent -# REQUIRE: DAEMON -# KEYWORD: shutdown - -# Add the following line to /etc/rc.conf to enable pcap_agent: -# pcap_agent_enable (bool): Set to YES to enable pcap_agent -# Default: NO -# pcap_agent_conf (str): Pcap_agent configuration file -# Default: %%PREFIX%%/etc/%%SGUILDIR%%/pcap_agent.conf -# pcap_agent_flags (str): Default: -D -# - -. /etc/rc.subr - -name="pcap_agent" -rcvar=pcap_agent_enable -load_rc_config pcap_agent - -#set defaults -: ${pcap_agent_enable:="NO"} -: ${pcap_agent_conf:="%%PREFIX%%/etc/%%SGUILDIR%%/pcap_agent.conf"} -: ${pcap_agent_flags:="-D -c ${pcap_agent_conf}"} - -command="%%PREFIX%%/bin/%%SGUILDIR%%/pcap_agent.tcl" -procname="%%PREFIX%%/bin/%%TCLSH%%" -pidfile="/var/run/${name}.pid" - -run_rc_command "$1" diff --git a/security/sguil/files/pkg-message-client.in b/security/sguil/files/pkg-message-client.in deleted file mode 100644 index c7cd1cce242c..000000000000 --- a/security/sguil/files/pkg-message-client.in +++ /dev/null @@ -1,16 +0,0 @@ -Sguil-client -============ -See the USAGE document in the %%DOCSDIR%% for instructions -on how to use the sguil client to connect to and maintain -the sguil network monitoring system. - -NOTE: This port installs a sguil.conf-sample file in -%%PREFIX%%/bin/%%CLIENT_SGUILDIR%%/. If you are installing this on a -multi-user system, each user might want to have a -sguil.conf file in their home directory. Sguil.tk sources -the home directory first for the sguil.conf file. - -There are several items in the conf file that may need -editing, including the path to your web browser, the name -of the sguil server you connect to and possibly the port -you connect to (if you're not using the default port.) diff --git a/security/sguil/files/pkg-message-sensor.in b/security/sguil/files/pkg-message-sensor.in deleted file mode 100644 index 22aa6d485f26..000000000000 --- a/security/sguil/files/pkg-message-sensor.in +++ /dev/null @@ -1,31 +0,0 @@ - *********************************** - * !!!!!!!!!!! WARNING !!!!!!!!!!! * - *********************************** - -If you already had barnyard2 installed, this port will NOT deinstall -it and install the barnyard2-sguil port instead. You will need to -deinstall the barnyard2 port and install the barnyard2-sguil port yourself -instead. This port WILL NOT WORK without the barnyard2-sguil port!! - -See the %%DOCSDIR%%/INSTALL doc for details on the -configuration and for croning the script. - -WARNING!!! Sguil et al will fill up your /tmp directory very -quickly. You should probably configure sguil et al to log to -another partition/location (e.g. /nsm/tmp/). - -You must ALSO edit all of the sensor conf files (located in -%%PREFIX%%/%%SENSOR_SGUILDIR%%/etc/) to reflect your configuration before -starting the sensor_agents. - -A number of ancilliary things have been installed in -%%PREFIX%%/share/%%SENSOR_SGUILDIR%%. - -If you chose to run sancp, and you already had a sancp.conf file in -%%PREFIX%%/etc, copy it to sancp.conf.orig before creating the new one. -The new sancp.conf-sample file contains the settings for squil. NOTE: -the conf file is for sancp 1.5.3. It may need additional edits to work -with the current ports version of sancp. If you still want to maintain -the customized sancp.conf file, then copy the new sancp.conf-sample -file to sguild-sancp.conf (for example) and add -sancp_conf=%%PREFIX%%/etc/sguild-sancp.conf to /etc/rc.conf. diff --git a/security/sguil/files/pkg-message-server.in b/security/sguil/files/pkg-message-server.in deleted file mode 100644 index 5d1c20c04948..000000000000 --- a/security/sguil/files/pkg-message-server.in +++ /dev/null @@ -1,44 +0,0 @@ -Sguil-server -============ -If you had existing config files in %%PREFIX%%/etc/%%SERVER_SGUILDIR%% -they were not overwritten. If this is a first time install, you -must copy the sample files to the corresponding conf file and -edit the various config files for your site. See the INSTALL -doc in %%DOCSDIR%% for details. If this is an upgrade, replace -your existing conf file with the new one and edit accordingly - -The sql scripts for creating database tables were placed in -the %%PREFIX%%/share/%%SERVER_SGUILDIR%%/ directory. PLEASE -note LOG_DIR is not set by this install. You MUST create the -correct LOG_DIRS and put a copy of the snort rules you use in -LOG_DIR/rules. - -The sguild program was placed in %%PREFIX%%/bin/. - -Some contributed scripts were placed in -%%PREFIX%%/share/%%SERVER_SGUILDIR%%/contrib - -A startup script, named sguild was installed in -%%PREFIX%%/etc/rc.d/. To enable it, edit /etc/rc.conf -per the instructions in the script. - -NOTE. You MUST create a directory /var/run/%%SERVER_SGUILDIR%%, and set the ownership -to user guil group sguil -You MUST also create certs. Here's how to do it; -Create the directory %%SERVER_SGUILDIR%%/certs -Set ownership to sguil user and group. -Create a password-protected CA cert. -openssl req -out CA.pem -new -x509 -Create a server certificate/key pair. -openssl genrsa -out sguild.key 1024 -Create a certificate request to be signed by the CA. -DO NOT password protect your server key. If you do, you will be required -to enter the password every time you start the server. -openssl req -key sguild.key -new -out sguild.req -If this is the first time you've created the cert, -Create a serial file so your certs will have incremented serial numbers. -openssl x509 -req -in sguild.req -CA CA.pem -CAAkey privkey.pem -CAcreateserial -out sguild.pem -If you're updating the existing cert -Update the actual certificate for your server. -openssl x509 -req -in sguild.req -CA CA.pem -CAkey privkey.pem -CAserial CA.sr1 -out sguild.pem -Put the certs to the %%SERVER_SGUILDIR%%/certs directory diff --git a/security/sguil/files/sancp_agent.in b/security/sguil/files/sancp_agent.in deleted file mode 100644 index 8804a5840b56..000000000000 --- a/security/sguil/files/sancp_agent.in +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/sh - -# $FreeBSD: head/security/sguil-sensor/files/sancp_agent.in 312466 2013-02-18 00:56:47Z miwi $ - -# PROVIDE: sancp_agent -# REQUIRE: DAEMON -# KEYWORD: shutdown - -# Add the following line to /etc/rc.conf to enable sancp_agent: -# sancp_agent_enable (bool): Set to YES to enable sancp_agent -# Default: NO -# sancp_agent_conf (str): Sancp_agent configuration file -# Default: %%PREFIX%%/etc/%%SGUILDIR%%/sancp_agent.conf -# sancp_agent_flags (str): Default: -D -# - -. /etc/rc.subr - -name="sancp_agent" -rcvar=sancp_agent_enable -load_rc_config sancp_agent - -#set defaults -: ${sancp_agent_enable:="NO"} -: ${sancp_agent_conf:="%%PREFIX%%/etc/%%SGUILDIR%%/sancp_agent.conf"} -: ${sancp_agent_flags:="-D -c ${sancp_agent_conf}"} - -command="%%PREFIX%%/bin/%%SGUILDIR%%/sancp_agent.tcl" -procname="%%PREFIX%%/bin/%%TCLSH%%" -pidfile="/var/run/${name}.pid" - -run_rc_command "$1" diff --git a/security/sguil/files/sguild.in b/security/sguil/files/sguild.in deleted file mode 100644 index 6de271fa8da4..000000000000 --- a/security/sguil/files/sguild.in +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/sh - -# $FreeBSD: head/security/sguil-server/files/sguild.in 312467 2013-02-18 01:01:11Z miwi $ - -# PROVIDE: sguild -# REQUIRE: DAEMON -# KEYWORD: shutdown - -# Add the following lines to /etc/rc.conf to enable sguild: -# sguild_enable (bool): Set to YES to enable sguild -# Default: NO -# sguild_flags (str): Extra flags passed to sguild -# Default: -D -P ${pid} -# sguild_conf (str): Sguild configuration file -# Default: %%PREFIX%%/etc/%%SGUILDIR%%/sguild.conf -# sguild_user (str): Default: sguil -# Note: this value MUST be set in /etc/rc.conf if you do not accept the default -# user created by the pkg-install script - -. /etc/rc.subr - -name="sguild" -rcvar=sguild_enable -load_rc_config sguild -# set some defaults -: ${sguild_enable:="NO"} -: ${sguild_conf:="%%PREFIX%%/etc/%%SGUILDIR%%/sguild.conf"} -: ${pid:="/var/run/%%SGUILDIR%%/sguild.pid"} -: ${sguild_flags:="-D -P ${pid}"} -: ${sguild_user:="sguil"} - -command="%%PREFIX%%/bin/${name}" -procname="%%PREFIX%%/bin/%%TCLSH%%" - -run_rc_command "$1" diff --git a/security/sguil/files/snort_agent.in b/security/sguil/files/snort_agent.in deleted file mode 100644 index 7a44b2688880..000000000000 --- a/security/sguil/files/snort_agent.in +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/sh - -# $FreeBSD: head/security/sguil-sensor/files/snort_agent.in 312466 2013-02-18 00:56:47Z miwi $ - -# PROVIDE: snort_agent -# REQUIRE: DAEMON -# KEYWORD: shutdown - -# Add the following line to /etc/rc.conf to enable snort_agent: -# snort_agent_enable (bool): Set to YES to enable snort_agent -# Default: NO -# snort_agent_conf (str): Snort_agent configuration file -# Default: %%PREFIX%%/etc/%%SGUILDIR%%/snort_agent.conf -# snort_agent_flags (str): Default: -D -# - -. /etc/rc.subr - -name="snort_agent" -rcvar=snort_agent_enable -load_rc_config snort_agent - -#set defaults -: ${snort_agent_enable:="NO"} -: ${snort_agent_conf:="%%PREFIX%%/etc/%%SGUILDIR%%/snort_agent.conf"} -: ${snort_agent_flags:="-D -c ${snort_agent_conf}"} - -command="%%PREFIX%%/bin/%%SGUILDIR%%/snort_agent.tcl" -procname="%%PREFIX%%/bin/%%TCLSH%%" -pidfile="/var/run/${name}.pid" - -run_rc_command "$1" diff --git a/security/sguil/pkg-descr b/security/sguil/pkg-descr deleted file mode 100644 index c50ec5935fe0..000000000000 --- a/security/sguil/pkg-descr +++ /dev/null @@ -1,8 +0,0 @@ -Sguil (pronounced sgweel) is built by network security analysts for network -security analysts. Sguil's main component is an intuitive GUI that provides -access to realtime events, session data, and raw packet captures. Sguil -facilitates the practice of Network Security Monitoring and event driven -analysis. The Sguil client is written in tcl/tk and can be run on any operating -system that supports tcl/tk (including Linux, *BSD, Solaris, MacOS, and Win32). - -WWW: https://bammv.github.io/sguil/ diff --git a/security/sguil/pkg-plist b/security/sguil/pkg-plist deleted file mode 100644 index 6d34f7e58f4a..000000000000 --- a/security/sguil/pkg-plist +++ /dev/null @@ -1,225 +0,0 @@ -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/images/checked.gif -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/images/sguil_logo_h.gif -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/images/unchecked.gif -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/SguilUtil.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/dkffont.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/email17.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/extdata.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/guilib.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/qrybuild.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/qrylib.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/report.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/sancp.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/sellib.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/sound.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/stdquery.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/CHANGES.txt -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/COPYRIGHT.txt -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/README.txt -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/browse.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/browseTree.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/browseTree_tile.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/browse_tile.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/bwidget.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/bwidget_tile.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/checked.gif -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/clsdFolder.gif -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/comp.xbm -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/config.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/config_tile.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/dirViewer.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/dirViewer_tile.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/embeddedWindows.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/embeddedWindows_tile.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/file.gif -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/images.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/iwidgets.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/iwidgets_tile.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/leaf.xbm -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/miscWidgets.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/miscWidgets_tile.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/open.gif -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/openFolder.gif -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/option.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/option_tile.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/styles.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/styles_tile.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/tileWidgets.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/demos/unchecked.gif -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/adwaita.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/ambiance.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/aqua.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/arrowStyles.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/baghira.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/bicolor1.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/bicolor2.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/bicolor3.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/bicolor4.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/browse.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/browseTree.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/bwidget.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/classic1.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/classic2.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/classic3.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/classic4.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/config.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/dirViewer.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/dust.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/dustSand.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/embeddedWindows.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/embeddedWindows_tile.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/gtk.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/index.html -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/klearlooks.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/mate.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/mint.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/newWave.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/oxygen1.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/oxygen2.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/phase.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/plain1.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/plain2.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/plain3.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/plain4.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/plastik.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/plastique.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/radiance.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/styles.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/stylesheet.css -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/tablelist.html -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/tablelistBWidget.html -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/tablelistBinding.html -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/tablelistColSort.html -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/tablelistCombobox.html -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/tablelistCtext.html -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/tablelistIwidgets.html -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/tablelistMentry.html -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/tablelistThemes.html -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/tablelistTile.html -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/tablelistTkCore.html -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/tablelistWidget.html -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/tileWidgets.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/ubuntu.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/ubuntu2.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/vistaAero.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/vistaClassic.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/win7Aero.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/win7Classic.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/winnative.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/winxpBlue.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/winxpOlive.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/winxpSilver.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/doc/yuyo.png -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/pkgIndex.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/scripts/mwutil.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/scripts/pencil.cur -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/scripts/repair.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/scripts/tablelistBind.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/scripts/tablelistConfig.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/scripts/tablelistEdit.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/scripts/tablelistImages.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/scripts/tablelistMove.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/scripts/tablelistSort.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/scripts/tablelistThemes.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/scripts/tablelistUtil.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/scripts/tablelistWidget.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/scripts/tclIndex -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/tablelist.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/tablelist_tile.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.14/tablelistPublic.tcl -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/whois.tcl -@mode 751 -%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/sguil.tk -@mode -%%CLIENT%%etc/sguil.conf-sample -@mode 751 -%%SENSOR%%bin/%%SENSOR_SGUILDIR%%/log_packets-daemonlogger.sh -%%SENSOR%%bin/%%SENSOR_SGUILDIR%%/log_packets.sh -%%SENSOR%%bin/%%SENSOR_SGUILDIR%%/pcap_agent.tcl -%%SENSOR%%bin/%%SENSOR_SGUILDIR%%/snort_agent.tcl -@mode -%%SENSOR%%etc/%%SENSOR_SGUILDIR%%/pcap_agent.conf-sample -%%SENSOR%%etc/%%SENSOR_SGUILDIR%%/snort_agent.conf-sample -%%SENSOR%%share/%%SENSOR_SGUILDIR%%/contrib/ossec_agent/README -%%SENSOR%%share/%%SENSOR_SGUILDIR%%/contrib/ossec_agent/ossec_agent.conf -%%SENSOR%%share/%%SENSOR_SGUILDIR%%/contrib/ossec_agent/ossec_agent.tcl -%%SENSOR%%share/%%SENSOR_SGUILDIR%%/contrib/pcap-agent.service -%%SENSOR%%share/%%SENSOR_SGUILDIR%%/contrib/portscan_loader/Makefile -%%SENSOR%%share/%%SENSOR_SGUILDIR%%/contrib/portscan_loader/portscan_loader.c -%%SENSOR%%share/%%SENSOR_SGUILDIR%%/contrib/serviceunit.README -%%SENSOR%%share/%%SENSOR_SGUILDIR%%/contrib/snort-agent.service -%%SENSOR%%share/%%SENSOR_SGUILDIR%%/init/sensoragent -@mode 751 -%%SENSOR%%%%PADS_SENSOR%%bin/%%SENSOR_SGUILDIR%%/pads_agent.tcl -@mode -%%SENSOR%%%%PADS_SENSOR%%etc/%%SENSOR_SGUILDIR%%/pads_agent.conf-sample -@mode 751 -%%SENSOR%%%%SANCP_SENSOR%%bin/%%SENSOR_SGUILDIR%%/log_packets-sancp.sh -%%SENSOR%%%%SANCP_SENSOR%%bin/%%SENSOR_SGUILDIR%%/pcap_agent-sancp.tcl -%%SENSOR%%%%SANCP_SENSOR%%bin/%%SENSOR_SGUILDIR%%/sancp_agent.tcl -@mode -%%SENSOR%%%%SANCP_SENSOR%%etc/%%SENSOR_SGUILDIR%%/sancp_agent.conf-sample -%%SENSOR%%%%SANCP_SENSOR%%etc/%%SENSOR_SGUILDIR%%/sancp-indexed.conf-sample -%%SENSOR%%%%SANCP_SENSOR%%etc/%%SENSOR_SGUILDIR%%/pcap_agent-sancp.conf-sample -%%SENSOR%%%%SANCP_SENSOR%%etc/%%SENSOR_SGUILDIR%%/sancp.conf-sample -%%SERVER%%bin/sguild -%%SERVER%%etc/%%SERVER_SGUILDIR%%/autocat.conf-sample -%%SERVER%%etc/%%SERVER_SGUILDIR%%/sguild.access-sample -%%SERVER%%etc/%%SERVER_SGUILDIR%%/sguild.conf-sample -%%SERVER%%etc/%%SERVER_SGUILDIR%%/sguild.email-sample -%%SERVER%%etc/%%SERVER_SGUILDIR%%/sguild.queries-sample -%%SERVER%%etc/%%SERVER_SGUILDIR%%/sguild.reports-sample -%%SERVER%%@owner sguil -%%SERVER%%@group sguil -%%SERVER%%etc/%%SERVER_SGUILDIR%%/sguild.users-sample -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildAccess.tcl -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildAutoCat.tcl -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildClientCmdRcvd.tcl -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildConnect.tcl -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildCreateDB.tcl -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildEmailEvent.tcl -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildEvent.tcl -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildGenericDB.tcl -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildGenericEvent.tcl -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildHealthChecks.tcl -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildLoaderd.tcl -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildLoaderd.tcl.orig -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildMysqlMerge.tcl -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildMysqlMerge.tcl.orig -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildPadsLib.tcl -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildQueryd.tcl -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildReportBuilder.tcl -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildSendComms.tcl -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildSensorAgentComms.tcl -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildSensorCmdRcvd.tcl -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildHttpsd.tcl -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildSimpleWhois.tcl -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildTranscript.tcl -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildUtils.tcl -%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildWebSocket.tcl -%%SERVER%%@owner root -%%SERVER%%@group wheel -%%SERVER%%share/%%SERVER_SGUILDIR%%/autocat2mysql.tcl -%%SERVER%%share/%%SERVER_SGUILDIR%%/contrib/ElasticSearch/logstash_sguil.conf -%%SERVER%%share/%%SERVER_SGUILDIR%%/contrib/ElasticSearch/sguil_http.json -%%SERVER%%share/%%SERVER_SGUILDIR%%/contrib/ElasticSearch/sguil_template.json -%%SERVER%%share/%%SERVER_SGUILDIR%%/contrib/incident_report.tcl -%%SERVER%%share/%%SERVER_SGUILDIR%%/contrib/init/sguil -%%SERVER%%share/%%SERVER_SGUILDIR%%/contrib/init/sguild -%%SERVER%%share/%%SERVER_SGUILDIR%%/create_ruledb.sql -%%SERVER%%share/%%SERVER_SGUILDIR%%/create_sguildb.sql -%%SERVER%%share/%%SERVER_SGUILDIR%%/migrate_event.tcl -%%SERVER%%share/%%SERVER_SGUILDIR%%/migrate_sancp.tcl -%%SERVER%%share/%%SERVER_SGUILDIR%%/sancp_cleanup.tcl -%%SERVER%%share/%%SERVER_SGUILDIR%%/sancp_cleanup.tcl.orig -%%SERVER%%share/%%SERVER_SGUILDIR%%/update_0.7.tcl -%%SERVER%%share/%%SERVER_SGUILDIR%%/update_0.8.tcl -%%SERVER%%share/%%SERVER_SGUILDIR%%/update_sguildb_v10-v11.sql -%%SERVER%%share/%%SERVER_SGUILDIR%%/update_sguildb_v11-v12.sql -%%SERVER%%share/%%SERVER_SGUILDIR%%/update_sguildb_v12-v13.sql -%%SERVER%%share/%%SERVER_SGUILDIR%%/update_sguildb_v13-v14.sql -%%SERVER%%share/%%SERVER_SGUILDIR%%/update_sguildb_v5-v6.sql -%%SERVER%%share/%%SERVER_SGUILDIR%%/update_sguildb_v6-v7.sql -%%SERVER%%share/%%SERVER_SGUILDIR%%/update_sguildb_v7-v8.sql -%%SERVER%%share/%%SERVER_SGUILDIR%%/update_sguildb_v8-v9.sql -%%SERVER%%share/%%SERVER_SGUILDIR%%/update_sguildb_v9-v10.sql |