diff options
Diffstat (limited to 'security')
-rw-r--r-- | security/Makefile | 1 | ||||
-rw-r--r-- | security/nsm-console/Makefile | 108 | ||||
-rw-r--r-- | security/nsm-console/distinfo | 3 | ||||
-rw-r--r-- | security/nsm-console/files/patch-lib-nsm_consle.rb | 18 | ||||
-rw-r--r-- | security/nsm-console/files/patch-nsm | 38 | ||||
-rw-r--r-- | security/nsm-console/pkg-descr | 4 | ||||
-rw-r--r-- | security/nsm-console/pkg-message | 8 | ||||
-rw-r--r-- | security/nsm-console/pkg-plist | 168 |
8 files changed, 348 insertions, 0 deletions
diff --git a/security/Makefile b/security/Makefile index e1d8d03471b3..771a333a6346 100644 --- a/security/Makefile +++ b/security/Makefile @@ -296,6 +296,7 @@ SUBDIR += nmap-i18n-man SUBDIR += nmapfe SUBDIR += nofgpg + SUBDIR += nsm-console SUBDIR += nss SUBDIR += ocaml-cryptgps SUBDIR += ocaml-cryptokit diff --git a/security/nsm-console/Makefile b/security/nsm-console/Makefile new file mode 100644 index 000000000000..2f099c76b426 --- /dev/null +++ b/security/nsm-console/Makefile @@ -0,0 +1,108 @@ +# New ports collection makefile for: nsm-console +# Date created: 2008-01-15 +# Whom: Tomoyuki Sakurai <cherry@trombik.org> +# +# $FreeBSD$ +# + +PORTNAME= nsm-console +PORTVERSION= 0.3 +CATEGORIES= security +MASTER_SITES= http://navi.eight7.org/~hinmanm/files/ + +MAINTAINER= cherry@trombik.org +COMMENT= A framework for performing analysis on packat capture files + +USE_RUBY= yes +NO_BUILD= yes +RUBY_NO_BUILD_DEPENDS= yes +WRKSRC= ${WRKDIR}/${PORTNAME} +OPTIONS= TSHARK "Install tshark" on \ + WIRESHARK "Install wireshark" off \ + TCPDSTAT "Install tcpdstat" on \ + NGREP "Install ngrep" on \ + TCPFLOW "Install tcpflow" on \ + SNORT "Install snort" on \ + TCPXTRACT "Install tcpxtract" on \ + P0F "Install p0f" on \ + PADS "Install pads" on \ + FL0P "Install fl0p" on \ + CHAOSREADER "Install chaosreader" on \ + ARGUS "Install argus" on +NSM_LIBFILES= command_manager.rb \ + command_manager.rb \ + commands.rb \ + encodelib.rb \ + history.rb \ + logging.rb \ + nsm_category.rb \ + nsm_console.rb \ + nsm_helper.rb \ + nsm_module.rb +NSM_DOC= CHANGELOG TODO + +.include <bsd.port.pre.mk> + +.if defined(WITH_TSHARK) +RUN_DEPEND+= ${LOCALBASE}/bin/tshark:${PORTSDIR}/net/tshark +.endif +.if defined(WITH_WIRESHARK) +.if defined(WITH_TSHARK) +IGNORE= you cannot enable both WIRESHARK and TSHARK +.else +RUN_DEPENDS+= ${LOCALBASE}/bin/wireshark:${PORTSDIR}/net/wireshark +.endif +.endif +.if defined(WITH_TCPDSTAT) +RUN_DEPENDS+= ${LOCALBASE}/bin/tcpdstat:${PORTSDIR}/net/tcpdstat +.endif +.if defined(WITH_NGREP) +RUN_DEPENDS+= ${LOCALBASE}/bin/ngrep:${PORTSDIR}/net/ngrep +.endif +.if defined(WITH_TCPFLOW) +RUN_DEPENDS+= ${LOCALBASE}/bin/tcpflow:${PORTSDIR}/net/tcpflow +.endif +.if defined(WITH_SNORT) +RUN_DEPENDS+= ${LOCALBASE}/bin/snort:${PORTSDIR}/security/snort +.endif +.if defined(WITH_TCPXTRACT) +RUN_DEPENDS+= ${LOCALBASE}/bin/tcpxtract:${PORTSDIR}/net/tcpxtract +.endif +.if defined(WITH_P0F) +RUN_DEPENDS+= ${LOCALBASE}/bin/p0f:${PORTSDIR}/net-mgmt/p0f +.endif +.if defined(WITH_PADS) +RUN_DEPENDS+= ${LOCALBASE}/bin/pads:${PORTSDIR}/net-mgmt/pads +.endif +.if defined(WITH_FL0P) +RUN_DEPENDS+= ${LOCALBASE}/bin/fl0p:${PORTSDIR}/security/fl0p +.endif +.if defined(WITH_CHAOSREADER) +RUN_DEPENDS+= ${LOCALBASE}/bin/chaosreader:${PORTSDIR}/security/chaosreader +.endif +.if defined(WITH_ARGUS) +RUN_DEPENDS+= ${LOCALBASE}/bin/ra:${PORTSDIR}/net-mgmt/argus-clients \ + ${LOCALBASE}/sbin/argus:${PORTSDIR}/net-mgmt/argus +.endif + +post-patch: + ${REINPLACE_CMD} -e 's|%%DATADIR%%|${DATADIR}|g' ${WRKSRC}/nsm + +do-install: + ${MKDIR} ${RUBY_SITELIBDIR}/${PORTNAME} +.for F in ${NSM_LIBFILES} + ${INSTALL_DATA} ${WRKSRC}/lib/${F} ${RUBY_SITELIBDIR}/${PORTNAME} +.endfor +.for D in modules + cd ${WRKSRC} && ${FIND} ${D} -type d -exec ${MKDIR} ${DATADIR}/{} ";" + cd ${WRKSRC} && ${FIND} ${D} -type f -exec ${INSTALL_DATA} {} ${DATADIR}/{} ";" +.endfor + ${INSTALL_SCRIPT} ${WRKSRC}/nsm ${PREFIX}/bin +.if !defined(NOPORTDOCS) + ${MKDIR} ${DOCSDIR} +.for F in ${NSM_DOC} + ${INSTALL_DATA} ${WRKSRC}/${F} ${DOCSDIR}/ +.endfor +.endif + +.include <bsd.port.post.mk> diff --git a/security/nsm-console/distinfo b/security/nsm-console/distinfo new file mode 100644 index 000000000000..a9b5c711f29a --- /dev/null +++ b/security/nsm-console/distinfo @@ -0,0 +1,3 @@ +MD5 (nsm-console-0.3.tar.gz) = d97885eaadc51de2308acac8f5c279a4 +SHA256 (nsm-console-0.3.tar.gz) = 2e012f9eb38749edb8f1f8441ed34c1814682ae765acc0ce382e1f82d3e0455d +SIZE (nsm-console-0.3.tar.gz) = 415384 diff --git a/security/nsm-console/files/patch-lib-nsm_consle.rb b/security/nsm-console/files/patch-lib-nsm_consle.rb new file mode 100644 index 000000000000..69276d7d268c --- /dev/null +++ b/security/nsm-console/files/patch-lib-nsm_consle.rb @@ -0,0 +1,18 @@ +--- lib/nsm_console.rb.orig 2008-01-15 20:23:34.000000000 +0900 ++++ lib/nsm_console.rb 2008-01-15 20:24:32.000000000 +0900 +@@ -15,7 +15,7 @@ + load_categories($moduledir) + + ## Initialize logging +- logfilename = "logs/nsm-log." ++ logfilename = ENV["HOME"] + "/logs/nsm-log." + logfilename.concat(Time.now.year.to_s) + logfilename.concat(Time.now.month.to_s) + logfilename.concat(Time.now.day.to_s) +@@ -81,4 +81,4 @@ + + start_shell() + end +-end +\ No newline at end of file ++end diff --git a/security/nsm-console/files/patch-nsm b/security/nsm-console/files/patch-nsm new file mode 100644 index 000000000000..c331f3fa47f1 --- /dev/null +++ b/security/nsm-console/files/patch-nsm @@ -0,0 +1,38 @@ +--- nsm.orig 2008-01-09 07:20:10.000000000 +0900 ++++ nsm 2008-01-15 20:05:17.000000000 +0900 +@@ -12,8 +12,8 @@ + include Readline + + ## Require commands +-require 'lib/command_manager' +-require 'lib/commands' ++require 'nsm-console/command_manager' ++require 'nsm-console/commands' + + ## Required for tab completion + $tabstrings = CommandManager.get_commands_as_array() +@@ -23,16 +23,16 @@ + Readline.completion_proc = lambda{|s| $tabstrings.find_all{|elm| elm =~ /#{s}/}} + + ## Require nsm console specific files +-require 'lib/logging' +-require 'lib/history' +-require 'lib/nsm_module' +-require 'lib/nsm_category' +-require 'lib/nsm_helper' +-require 'lib/nsm_console' +-require 'lib/encodelib' ++require 'nsm-console/logging' ++require 'nsm-console/history' ++require 'nsm-console/nsm_module' ++require 'nsm-console/nsm_category' ++require 'nsm-console/nsm_helper' ++require 'nsm-console/nsm_console' ++require 'nsm-console/encodelib' + + ## Default module directory +-$moduledir = "modules" ++$moduledir = "%%DATADIR%%/modules" + ## Default output directory + $outputdir = "${PCAP_BASE}-output" + diff --git a/security/nsm-console/pkg-descr b/security/nsm-console/pkg-descr new file mode 100644 index 000000000000..fbc887e54152 --- /dev/null +++ b/security/nsm-console/pkg-descr @@ -0,0 +1,4 @@ +NSM Console (Network Security Monitoring Console) is a framework for performing +analysis on packat capture files. + +WWW: http://thnetos.wordpress.com/nsm-console/ diff --git a/security/nsm-console/pkg-message b/security/nsm-console/pkg-message new file mode 100644 index 000000000000..3bdf5627b4c9 --- /dev/null +++ b/security/nsm-console/pkg-message @@ -0,0 +1,8 @@ +Default log directory is $HOME/logs, which is NOT automatically created. + +Execute: + > mkdir $HOME/logs +or change it from nsm console: + nsm> logfile path/to/logfile + +This will be configurable in the future. diff --git a/security/nsm-console/pkg-plist b/security/nsm-console/pkg-plist new file mode 100644 index 000000000000..9aba7ab86d67 --- /dev/null +++ b/security/nsm-console/pkg-plist @@ -0,0 +1,168 @@ +@comment $FreeBSD$ +bin/nsm +%%RUBY_SITELIBDIR%%/nsm-console/commands.rb +%%RUBY_SITELIBDIR%%/nsm-console/encodelib.rb +%%RUBY_SITELIBDIR%%/nsm-console/history.rb +%%RUBY_SITELIBDIR%%/nsm-console/logging.rb +%%RUBY_SITELIBDIR%%/nsm-console/nsm_category.rb +%%RUBY_SITELIBDIR%%/nsm-console/nsm_console.rb +%%RUBY_SITELIBDIR%%/nsm-console/nsm_helper.rb +%%RUBY_SITELIBDIR%%/nsm-console/nsm_module.rb +%%RUBY_SITELIBDIR%%/nsm-console/command_manager.rb +%%DATADIR%%/modules/aimsnarf.module/aimsnarf +%%DATADIR%%/modules/aimsnarf.module/defaults +%%DATADIR%%/modules/aimsnarf.module/description +%%DATADIR%%/modules/aimsnarf.module/info +%%DATADIR%%/modules/argus-basic.module/argus-basic +%%DATADIR%%/modules/argus-basic.module/defaults +%%DATADIR%%/modules/argus-basic.module/description +%%DATADIR%%/modules/argus-basic.module/info +%%DATADIR%%/modules/bro-ids.module/bro-ids +%%DATADIR%%/modules/bro-ids.module/bro.cfg +%%DATADIR%%/modules/bro-ids.module/defaults +%%DATADIR%%/modules/bro-ids.module/description +%%DATADIR%%/modules/bro-ids.module/info +%%DATADIR%%/modules/capinfos.module/capinfos +%%DATADIR%%/modules/capinfos.module/defaults +%%DATADIR%%/modules/capinfos.module/description +%%DATADIR%%/modules/capinfos.module/info +%%DATADIR%%/modules/categories/flow +%%DATADIR%%/modules/categories/forensics +%%DATADIR%%/modules/categories/nsm +%%DATADIR%%/modules/categories/statistics +%%DATADIR%%/modules/chaosreader.module/chaosreader +%%DATADIR%%/modules/chaosreader.module/defaults +%%DATADIR%%/modules/chaosreader.module/description +%%DATADIR%%/modules/chaosreader.module/info +%%DATADIR%%/modules/fl0p.module/defaults +%%DATADIR%%/modules/fl0p.module/description +%%DATADIR%%/modules/fl0p.module/fl0p +%%DATADIR%%/modules/fl0p.module/info +%%DATADIR%%/modules/hash.module/defaults +%%DATADIR%%/modules/hash.module/description +%%DATADIR%%/modules/hash.module/hash +%%DATADIR%%/modules/hash.module/info +%%DATADIR%%/modules/honeysnap.module/defaults +%%DATADIR%%/modules/honeysnap.module/description +%%DATADIR%%/modules/honeysnap.module/honeysnap +%%DATADIR%%/modules/honeysnap.module/honeysnap.cfg +%%DATADIR%%/modules/honeysnap.module/info +%%DATADIR%%/modules/iploc.module/defaults +%%DATADIR%%/modules/iploc.module/description +%%DATADIR%%/modules/iploc.module/info +%%DATADIR%%/modules/iploc.module/iploc +%%DATADIR%%/modules/ngrep.module/description +%%DATADIR%%/modules/ngrep.module/info +%%DATADIR%%/modules/ngrep.module/ngrep +%%DATADIR%%/modules/p0f.module/defaults +%%DATADIR%%/modules/p0f.module/description +%%DATADIR%%/modules/p0f.module/info +%%DATADIR%%/modules/p0f.module/p0f +%%DATADIR%%/modules/pads.module/defaults +%%DATADIR%%/modules/pads.module/description +%%DATADIR%%/modules/pads.module/info +%%DATADIR%%/modules/pads.module/pads +%%DATADIR%%/modules/snort.module/rules/bleeding-attack_response.rules +%%DATADIR%%/modules/snort.module/rules/bleeding-botcc-BLOCK.rules +%%DATADIR%%/modules/snort.module/rules/bleeding-botcc.excluded +%%DATADIR%%/modules/snort.module/rules/bleeding-botcc.rules +%%DATADIR%%/modules/snort.module/rules/bleeding-compromised-BLOCK.rules +%%DATADIR%%/modules/snort.module/rules/bleeding-compromised.rules +%%DATADIR%%/modules/snort.module/rules/bleeding-dos.rules +%%DATADIR%%/modules/snort.module/rules/bleeding-drop-BLOCK.rules +%%DATADIR%%/modules/snort.module/rules/bleeding-drop.rules +%%DATADIR%%/modules/snort.module/rules/bleeding-dshield-BLOCK.rules +%%DATADIR%%/modules/snort.module/rules/bleeding-dshield.rules +%%DATADIR%%/modules/snort.module/rules/bleeding-exploit.rules +%%DATADIR%%/modules/snort.module/rules/bleeding-game.rules +%%DATADIR%%/modules/snort.module/rules/bleeding-inappropriate.rules +%%DATADIR%%/modules/snort.module/rules/bleeding-malware.rules +%%DATADIR%%/modules/snort.module/rules/bleeding-p2p.rules +%%DATADIR%%/modules/snort.module/rules/bleeding-policy.rules +%%DATADIR%%/modules/snort.module/rules/bleeding-rbn-BLOCK.rules +%%DATADIR%%/modules/snort.module/rules/bleeding-rbn.rules +%%DATADIR%%/modules/snort.module/rules/bleeding-scan.rules +%%DATADIR%%/modules/snort.module/rules/bleeding-sid-msg.map +%%DATADIR%%/modules/snort.module/rules/bleeding-virus.rules +%%DATADIR%%/modules/snort.module/rules/bleeding-voip.rules +%%DATADIR%%/modules/snort.module/rules/bleeding-web.rules +%%DATADIR%%/modules/snort.module/rules/bleeding-web_sql_injection.rules +%%DATADIR%%/modules/snort.module/rules/bleeding.conf +%%DATADIR%%/modules/snort.module/rules/bleeding.rules +%%DATADIR%%/modules/snort.module/rules/community-bot.rules +%%DATADIR%%/modules/snort.module/rules/community-deleted.rules +%%DATADIR%%/modules/snort.module/rules/community-dos.rules +%%DATADIR%%/modules/snort.module/rules/community-ftp.rules +%%DATADIR%%/modules/snort.module/rules/community-exploit.rules +%%DATADIR%%/modules/snort.module/rules/community-game.rules +%%DATADIR%%/modules/snort.module/rules/community-icmp.rules +%%DATADIR%%/modules/snort.module/rules/community-imap.rules +%%DATADIR%%/modules/snort.module/rules/community-inappropriate.rules +%%DATADIR%%/modules/snort.module/rules/community-mail-client.rules +%%DATADIR%%/modules/snort.module/rules/community-misc.rules +%%DATADIR%%/modules/snort.module/rules/community-nntp.rules +%%DATADIR%%/modules/snort.module/rules/community-oracle.rules +%%DATADIR%%/modules/snort.module/rules/community-policy.rules +%%DATADIR%%/modules/snort.module/rules/community-sip.rules +%%DATADIR%%/modules/snort.module/rules/community-smtp.rules +%%DATADIR%%/modules/snort.module/rules/community-sql-injection.rules +%%DATADIR%%/modules/snort.module/rules/community-virus.rules +%%DATADIR%%/modules/snort.module/rules/community-web-attacks.rules +%%DATADIR%%/modules/snort.module/rules/community-web-cgi.rules +%%DATADIR%%/modules/snort.module/rules/community-web-client.rules +%%DATADIR%%/modules/snort.module/rules/community-web-dos.rules +%%DATADIR%%/modules/snort.module/rules/community-web-iis.rules +%%DATADIR%%/modules/snort.module/rules/community-web-misc.rules +%%DATADIR%%/modules/snort.module/rules/community-web-php.rules +%%DATADIR%%/modules/snort.module/rules/LICENSE +%%DATADIR%%/modules/snort.module/classification.config +%%DATADIR%%/modules/snort.module/defaults +%%DATADIR%%/modules/snort.module/description +%%DATADIR%%/modules/snort.module/info +%%DATADIR%%/modules/snort.module/reference.config +%%DATADIR%%/modules/snort.module/snort +%%DATADIR%%/modules/snort.module/snort.conf +%%DATADIR%%/modules/snort.module/unicode.map +%%DATADIR%%/modules/tcpdstat.module/defaults +%%DATADIR%%/modules/tcpdstat.module/description +%%DATADIR%%/modules/tcpdstat.module/info +%%DATADIR%%/modules/tcpdstat.module/tcpdstat +%%DATADIR%%/modules/tcpflow.module/defaults +%%DATADIR%%/modules/tcpflow.module/description +%%DATADIR%%/modules/tcpflow.module/info +%%DATADIR%%/modules/tcpflow.module/tcpflow +%%DATADIR%%/modules/tcpxtract.module/defaults +%%DATADIR%%/modules/tcpxtract.module/description +%%DATADIR%%/modules/tcpxtract.module/info +%%DATADIR%%/modules/tcpxtract.module/tcpxtract +%%DATADIR%%/modules/tcpxtract.module/tcpxtract.conf +%%DATADIR%%/modules/tshark.module/defaults +%%DATADIR%%/modules/tshark.module/description +%%DATADIR%%/modules/tshark.module/info +%%DATADIR%%/modules/tshark.module/tshark +%%DATADIR%%/modules/README +%%PORTDOCS%%%%DOCSDIR%%/CHANGELOG +%%PORTDOCS%%%%DOCSDIR%%/TODO +%%PORTDOCS%%@dirrm %%DOCSDIR%% +@dirrmtry %%DATADIR%%/modules/tshark.module +@dirrmtry %%DATADIR%%/modules/tcpxtract.module +@dirrmtry %%DATADIR%%/modules/tcpflow.module +@dirrmtry %%DATADIR%%/modules/tcpdstat.module +@dirrmtry %%DATADIR%%/modules/snort.module/rules +@dirrmtry %%DATADIR%%/modules/snort.module +@dirrmtry %%DATADIR%%/modules/pads.module +@dirrmtry %%DATADIR%%/modules/p0f.module +@dirrmtry %%DATADIR%%/modules/ngrep.module +@dirrmtry %%DATADIR%%/modules/iploc.module +@dirrmtry %%DATADIR%%/modules/honeysnap.module +@dirrmtry %%DATADIR%%/modules/hash.module +@dirrmtry %%DATADIR%%/modules/fl0p.module +@dirrmtry %%DATADIR%%/modules/chaosreader.module +@dirrmtry %%DATADIR%%/modules/categories +@dirrmtry %%DATADIR%%/modules/capinfos.module +@dirrmtry %%DATADIR%%/modules/bro-ids.module +@dirrmtry %%DATADIR%%/modules/argus-basic.module +@dirrmtry %%DATADIR%%/modules/aimsnarf.module +@dirrmtry %%DATADIR%%/modules +@dirrmtry %%DATADIR%% +@dirrmtry %%RUBY_SITELIBDIR%%/nsm-console |