Update snortsam to version 2.68 Additional: use the Makefile instead makesnortsam.sh patches to make the pf2 plugin even more proof (will be included in next official release) some small patches to correct the pf2 documentation some small other patches we will see in the next release For more information see http://snortsam.net/news.html If this patch is committed PR ports/139460 can be closed Since PR ports/139460 is now open since 6 weeks I will be happy to take maintainership if the old maintainer does not respond or has no time. In this case please remove http://www.freebsdbrasil.com.br/~urisso/files/snortsam/ from MASTER_SITES. I've made build and function test (mostly pf2 plugin) on this platforms FreeBSD 6.4 7.1 7.2 8.0 9.0 i386 FreeBSD 7.2 8.0 amd64 OpenBSD 4.5 4.6 i386 NetBSD 5.0 (i386) If the diff is mangled somewhere (~750 lines) contact me direct, I will send the whole port or the patch as tar/gz . -- olli hauer
Maintainer of security/snortsam, Please note that PR ports/140881 has just been submitted. If it contains a patch for an upgrade, an enhancement or a bug fix you agree on, reply to this email stating that you approve the patch and a committer will take care of it. The full text of the PR can be found at: http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/140881 -- Edwin Groothuis via the GNATS Auto Assign Tool edwin@FreeBSD.org
State Changed From-To: open->feedback Awaiting maintainers feedback (via the GNATS Auto Assign Tool)
Snortsam was updated with my patches, so please use this version instead. The new patch updates snortsam to version 2.69 -- olli hauer --- patch_snortsam-2.69.txt begins here --- --- snortsam/Makefile 2008-09-04 01:02:16.000000000 +0200 +++ snortsam/Makefile 2009-11-27 15:18:21.000000000 +0100 @@ -6,7 +6,7 @@ # PORTNAME= snortsam -PORTVERSION= 2.60 +PORTVERSION= 2.69 CATEGORIES= security MASTER_SITES= http://www.snortsam.net/files/snortsam/ \ http://www.freebsdbrasil.com.br/~urisso/files/snortsam/ @@ -15,53 +15,76 @@ MAINTAINER= urisso@bsd.com.br COMMENT= SnortSam is a output plugin for Snort -WRKSRC= ${WRKDIR}/${PKGNAMEPREFIX}${PORTNAME} +OPTIONS= IPFW "checks if configured tables are available" on \ + SAMTOOL "install samtool" on \ + DEBUG "build with verbose messages" off + +.include <bsd.port.pre.mk> +USE_RC_SUBR= snortsam.sh +SUB_FILES= pkg-message HAS_CONFIGURE= yes NO_BUILD= yes +CONFIGURE_SCRIPT= src/Makefile +WRKSRC= ${WRKDIR}/${PKGNAMEPREFIX}${PORTNAME} -SYSCONFDIR= ${PREFIX}/etc/snortsam - -CONFIGURE_SCRIPT= makesnortsam.sh - -USE_RC_SUBR= snortsam.sh +CONFIG_DIR?= ${PREFIX}/etc/snortsam PLIST_DIRS= etc/snortsam -PLIST_FILES= etc/snortsam/rootservers.cfg etc/snortsam/snortsam.conf.sample sbin/snortsam sbin/snortsam-debug -PORTDOCS= INSTALL README README.conf README.snmp_interface_down +PLIST_FILES= sbin/snortsam \ + etc/snortsam/snortsam.conf.sample \ + etc/snortsam/country-rootservers.conf.sample \ + etc/snortsam/opsec.conf.sample \ + etc/snortsam/rootservers.cfg.sample -OPTIONS= IPFW "Enable IPFW table checking if it set deny rules" on +.if defined(WITH_SAMTOOL) +PLIST_FILES+= sbin/samtool +.endif -.include <bsd.port.pre.mk> +PORTDOCS= AUTHORS BUGS CREDITS FAQ INSTALL LICENSE README README.ciscoacl \ + README.conf README.iptables README.netscreen README.pf README.pf2 \ + README.rules README.slackware README.snmp_interface_down README.wgrd \ + README_8signs.rtf TODO .if defined(WITHOUT_IPFW) -PATCH_SITES+=http://www.freebsdbrasil.com.br/~urisso/files/snortsam/:ipfw -PATCHFILES+=ssp_ipfw2.c.diff:ipfw +EXTRA_PATCHES+= ${FILESDIR}/ssp_ipfw2_no_table_check.patch .endif -post-extract: - @${CAT} ${PATCHDIR}/pkg-message-snortsam - @sleep 5 +.if defined(WITH_DEBUG) +DEBUG=-DDEBUG +.endif pre-configure: - ${REINPLACE_CMD} -e 's|/etc/snortsam.conf|/usr/local/etc/snortsam.conf|g' ${WRKSRC}/conf/snortsam.conf.sample - ${REINPLACE_CMD} -e 's|/etc/snortsam.conf|/usr/local/etc/snortsam.conf|g' ${WRKSRC}/docs/README.conf - ${REINPLACE_CMD} -e 's|/etc/snortsam.conf|/usr/local/etc/snortsam.conf|g' ${WRKSRC}/src/snortsam.c - ${REINPLACE_CMD} -e 's|/etc/snortsam.conf|/usr/local/etc/snortsam.conf|g' ${WRKSRC}/contrib/snortsam-state.c - ${CHMOD} +x ${WRKSRC}/makesnortsam.sh + @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/conf/snortsam.conf.sample + @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/docs/README.conf + @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/src/snortsam.h + @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/contrib/snortsam-state.c + @${CHMOD} +x ${WRKSRC}/makesnortsam.sh + +do-configure: + @cd ${WRKSRC}/src && ${MAKE} ${DEBUG} + @cd ${WRKSRC}/src && ${MAKE} samtool ${DEBUG} +# no access to snortsam.conf and samtool for non root users! do-install: - ${INSTALL_PROGRAM} ${WRKSRC}/snortsam ${PREFIX}/sbin - ${INSTALL_PROGRAM} ${WRKSRC}/snortsam-debug ${PREFIX}/sbin - ${MKDIR} ${SYSCONFDIR} - ${INSTALL_DATA} ${WRKSRC}/conf/snortsam.conf.sample ${SYSCONFDIR}/snortsam.conf.sample - ${INSTALL_DATA} ${WRKSRC}/conf/*rootservers.cfg ${SYSCONFDIR}/ + @${INSTALL_PROGRAM} ${WRKSRC}/snortsam ${PREFIX}/sbin +.if defined(WITH_SAMTOOL) + @${INSTALL} -o root -g wheel -m 500 ${WRKSRC}/samtool ${PREFIX}/sbin +.endif + @${MKDIR} ${CONFIG_DIR} + @${INSTALL_DATA} -m 600 ${WRKSRC}/conf/snortsam.conf.sample ${CONFIG_DIR}/snortsam.conf.sample + @${INSTALL_DATA} ${WRKSRC}/conf/opsec.conf ${CONFIG_DIR}/opsec.conf.sample + @${INSTALL_DATA} ${WRKSRC}/conf/rootservers.cfg ${CONFIG_DIR}/rootservers.cfg.sample + @${INSTALL_DATA} ${WRKSRC}/conf/country-rootservers.conf ${CONFIG_DIR}/country-rootservers.conf.sample .if !defined(NOPORTDOCS) + @${MKDIR} ${DOCSDIR} .for f in ${PORTDOCS} - ${MKDIR} ${DOCSDIR} - ${INSTALL_DATA} ${WRKSRC}/docs/${f} ${DOCSDIR} + @${INSTALL_DATA} ${WRKSRC}/docs/${f} ${DOCSDIR} .endfor .endif +post-install: + @${CAT} ${PKGMESSAGE} + .include <bsd.port.post.mk> --- snortsam/distinfo 2008-09-04 01:02:16.000000000 +0200 +++ snortsam/distinfo 2009-11-27 15:19:59.000000000 +0100 @@ -1,6 +1,3 @@ -MD5 (snortsam-src-2.60.tar.gz) = 5fdc69b18938237ac943beeb7f6c105a -SHA256 (snortsam-src-2.60.tar.gz) = 65c44a91487f533f66291b1dd41f06237d21ba7c9e43a27d8784e2915c2771f4 -SIZE (snortsam-src-2.60.tar.gz) = 1982833 -MD5 (ssp_ipfw2.c.diff) = bcc60c6d27805db5d96c284189cefee8 -SHA256 (ssp_ipfw2.c.diff) = 29355590da907bb4c9f3e259c460c1c29d7a0e6cb201290ffc904c246c8ef3e4 -SIZE (ssp_ipfw2.c.diff) = 1193 +MD5 (snortsam-src-2.69.tar.gz) = 7663ce82956a97c5f725028716d66140 +SHA256 (snortsam-src-2.69.tar.gz) = eb0dc0ebd65b6d15e3adabd7be2720221005683eefb7ca5986b9ca0284d55f92 +SIZE (snortsam-src-2.69.tar.gz) = 1971579 --- snortsam/files/patch-makesnortsam.sh 2008-09-04 01:02:16.000000000 +0200 +++ snortsam/files/patch-makesnortsam.sh 1970-01-01 01:00:00.000000000 +0100 @@ -1,13 +0,0 @@ ---- makesnortsam.sh.old 2008-08-03 00:04:24.000000000 -0300 -+++ makesnortsam.sh 2008-08-03 00:04:57.000000000 -0300 -@@ -11,8 +11,8 @@ - # Under Solaris, the OPSEC stuff is linked dynamically. - # On other platforms, statically. - --BSDTHREADLIB='-lc_r' --#BSDTHREADLIB='-lpthread' -+#BSDTHREADLIB='-lc_r' -+BSDTHREADLIB='-lpthread' - - systype=`uname` - --- snortsam/files/patch-snortsam.h 2008-09-04 01:02:16.000000000 +0200 +++ snortsam/files/patch-snortsam.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,16 +0,0 @@ ---- src/snortsam.h.old 2008-08-03 00:08:34.000000000 -0300 -+++ src/snortsam.h 2008-08-03 00:10:58.000000000 -0300 -@@ -178,10 +178,10 @@ - #define safecopy(dst,src) _safecp(dst,sizeof(dst),src) - - #ifdef WIN32 --#define FWSAMCONFIGFILE "snortsam.cfg" --#define FWSAMHISTORYFILE "snortsam.sta" -+#define FWSAMCONFIGFILE "/usr/local/etc/snortsam.cfg" -+#define FWSAMHISTORYFILE "/var/db/snortsam.sta" - #else --#define FWSAMCONFIGFILE "/etc/snortsam.conf" -+#define FWSAMCONFIGFILE "/usr/local/etc/snortsam.conf" - #define FWSAMHISTORYFILE "/var/db/snortsam.state" - #endif - --- snortsam/files/pkg-message-snortsam 2008-09-04 01:02:16.000000000 +0200 +++ snortsam/files/pkg-message-snortsam 1970-01-01 01:00:00.000000000 +0100 @@ -1,10 +0,0 @@ - -============================================================ -NOTE: Make sure that your SNORT installation it is defined - output plugin SNORTSAM for don't cause errors while - building SNORTSAM system. If exists some OLD SNORT - installation WITHOUT supports for interaction between - SNORT and SNORTSAM. PLEASE reconfigure WITH that this - feature and rebuild a new installation. -============================================================= - --- snortsam/files/pkg-message.in 1970-01-01 01:00:00.000000000 +0100 +++ snortsam/files/pkg-message.in 2009-11-27 15:33:53.000000000 +0100 @@ -0,0 +1,18 @@ +================================================================ +NOTE: SNORT have to be build with OPTION SNORTSAM. + + To enable snortsam as output plugin for snort a config + line like the following should be present in snort.conf + + output alert_fwsam: <snortsambox>:<port>/<password> + + With samtool it is possible to send alerts to snortsam, + this way you can test and adjust your FW rules. + + For more information read the INSTALL, FAQ, README + files in %%DOCSDIR%% + + Additional consolidate http://snortsam.net + +============================================================== + --- snortsam/files/ssp_ipfw2_no_table_check.patch 1970-01-01 01:00:00.000000000 +0100 +++ snortsam/files/ssp_ipfw2_no_table_check.patch 2009-11-25 23:53:50.000000000 +0100 @@ -0,0 +1,18 @@ +--- src/ssp_ipfw2.c.orig 2008-04-26 21:53:21.000000000 +0200 ++++ src/ssp_ipfw2.c 2009-11-14 22:03:41.000000000 +0100 +@@ -91,6 +91,7 @@ + } + } + } ++#if defined(ENABLE_IPFW_TABLE_CHECK) + /* Check if inbound table exists */ + snprintf(chk,sizeof(chk)-1,"/sbin/ipfw show | grep -q \"deny ip from any to table(%u) via %s\"",ipfw2p->in_table,ipfw2p->interface); + if(system(chk)) +@@ -110,6 +111,7 @@ + } + } + ++#endif /* ENABLE_IPFW_TABLE_CHECK */ + #ifdef FWSAMDEBUG + if(plugindatalist->data) + printf("Debug: [ipfw2] Adding IPFW2: i/f '%s', tables %u (in) and %u (out)\n", ipfw2p->interface, ipfw2p->in_table,ipfw2p->out_table); --- snortsam/pkg-descr 2008-09-04 01:02:16.000000000 +0200 +++ snortsam/pkg-descr 2009-11-25 23:53:50.000000000 +0100 @@ -1,5 +1,6 @@ -SnortSam is a plugin for Snort, an open-source light-weight -Intrusion Detection System (IDS). The plugin allows for -automated blocking of IP addresses on many firewalls. +SnortSam is an intelligent agent that allows the popular +open-source Intrusion Detection System called Snort to block +intruding connections by reconfiguration of many firewalls +and Cisco devices. WWW: http://www.snortsam.net --- patch_snortsam-2.69.txt ends here ---
This patch updates snortsam from version 2.63 to version 2.69 Since the snortsam config files/directory contains sensitive data like passwords for FW/routers ... the config file is moved to a own config directory and the mode of this directory is set to 700 with owner root:wheel If the Maintainer times out I will be happy to take over the port, since I rewrote the ssp_pf(2) modules and buildscripts (upstream). -- olli hauer --- patch_snortsam-2.69_v2.txt begins here --- --- snortsam/Makefile +++ snortsam/Makefile @@ -6,62 +6,85 @@ # PORTNAME= snortsam -PORTVERSION= 2.63 +PORTVERSION= 2.69 CATEGORIES= security -MASTER_SITES= http://www.snortsam.net/files/snortsam/ \ - http://www.freebsdbrasil.com.br/~urisso/files/snortsam/ +MASTER_SITES= http://www.snortsam.net/files/snortsam/ DISTNAME= ${PORTNAME}-src-${PORTVERSION} MAINTAINER= urisso@bsd.com.br COMMENT= SnortSam is a output plugin for Snort -WRKSRC= ${WRKDIR}/${PKGNAMEPREFIX}${PORTNAME} +OPTIONS= IPFW "checks if configured tables are available" on \ + SAMTOOL "install samtool" on \ + DEBUG "build with verbose messages" off -HAS_CONFIGURE= yes -NO_BUILD= yes +.include <bsd.port.pre.mk> -SYSCONFDIR= ${PREFIX}/etc/snortsam +USE_RC_SUBR= snortsam.sh +SUB_FILES= pkg-message \ + pkg-install -CONFIGURE_SCRIPT= makesnortsam.sh +HAS_CONFIGURE= yes +NO_BUILD= yes +CONFIGURE_SCRIPT= src/Makefile +WRKSRC= ${WRKDIR}/${PKGNAMEPREFIX}${PORTNAME} -USE_RC_SUBR= snortsam.sh +CONFIG_DIR?= ${PREFIX}/etc/snortsam PLIST_DIRS= etc/snortsam -PLIST_FILES= etc/snortsam/rootservers.cfg etc/snortsam/snortsam.conf.sample sbin/snortsam sbin/snortsam-debug -PORTDOCS= INSTALL README README.conf README.snmp_interface_down +PLIST_FILES= sbin/snortsam \ + etc/snortsam/snortsam.conf.sample \ + etc/snortsam/country-rootservers.conf.sample \ + etc/snortsam/rootservers.cfg.sample -OPTIONS= IPFW "Enable IPFW table checking if it set deny rules" on +.if defined(WITH_SAMTOOL) +PLIST_FILES+= sbin/samtool +.endif -.include <bsd.port.pre.mk> +PORTDOCS= AUTHORS BUGS CREDITS FAQ INSTALL LICENSE README README.ciscoacl \ + README.conf README.iptables README.netscreen README.pf README.pf2 \ + README.rules README.slackware README.snmp_interface_down README.wgrd \ + README_8signs.rtf TODO .if defined(WITHOUT_IPFW) -PATCH_SITES+=http://www.freebsdbrasil.com.br/~urisso/files/snortsam/:ipfw -PATCHFILES+=ssp_ipfw2.c.diff:ipfw +EXTRA_PATCHES+= ${FILESDIR}/ssp_ipfw2_no_table_check.patch .endif -post-extract: - @${CAT} ${PATCHDIR}/pkg-message-snortsam - @sleep 5 +.if defined(WITH_DEBUG) +DEBUG=-DDEBUG +.endif pre-configure: - ${REINPLACE_CMD} -e 's|/etc/snortsam.conf|/usr/local/etc/snortsam.conf|g' ${WRKSRC}/conf/snortsam.conf.sample - ${REINPLACE_CMD} -e 's|/etc/snortsam.conf|/usr/local/etc/snortsam.conf|g' ${WRKSRC}/docs/README.conf - ${REINPLACE_CMD} -e 's|/etc/snortsam.conf|/usr/local/etc/snortsam.conf|g' ${WRKSRC}/src/snortsam.c - ${REINPLACE_CMD} -e 's|/etc/snortsam.conf|/usr/local/etc/snortsam.conf|g' ${WRKSRC}/contrib/snortsam-state.c - ${CHMOD} +x ${WRKSRC}/makesnortsam.sh + @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/conf/snortsam.conf.sample + @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/docs/README.conf + @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/src/snortsam.h + @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/contrib/snortsam-state.c + @${CHMOD} +x ${WRKSRC}/makesnortsam.sh + +do-configure: + @cd ${WRKSRC}/src && ${MAKE} ${DEBUG} + @cd ${WRKSRC}/src && ${MAKE} samtool ${DEBUG} +# no access to snortsam.conf and samtool for non root users! do-install: - ${INSTALL_PROGRAM} ${WRKSRC}/snortsam ${PREFIX}/sbin - ${INSTALL_PROGRAM} ${WRKSRC}/snortsam-debug ${PREFIX}/sbin - ${MKDIR} ${SYSCONFDIR} - ${INSTALL_DATA} ${WRKSRC}/conf/snortsam.conf.sample ${SYSCONFDIR}/snortsam.conf.sample - ${INSTALL_DATA} ${WRKSRC}/conf/*rootservers.cfg ${SYSCONFDIR}/ + @${INSTALL_PROGRAM} ${WRKSRC}/snortsam ${PREFIX}/sbin +.if defined(WITH_SAMTOOL) + @${INSTALL} -o root -g wheel -m 500 ${WRKSRC}/samtool ${PREFIX}/sbin +.endif + @${MKDIR} -m 700 ${CONFIG_DIR} + @${INSTALL_DATA} -m 600 ${WRKSRC}/conf/snortsam.conf.sample ${CONFIG_DIR}/snortsam.conf.sample + @${INSTALL_DATA} ${WRKSRC}/conf/rootservers.cfg ${CONFIG_DIR}/rootservers.cfg.sample + @${INSTALL_DATA} ${WRKSRC}/conf/country-rootservers.conf ${CONFIG_DIR}/country-rootservers.conf.sample .if !defined(NOPORTDOCS) + @${MKDIR} ${DOCSDIR} .for f in ${PORTDOCS} - ${MKDIR} ${DOCSDIR} - ${INSTALL_DATA} ${WRKSRC}/docs/${f} ${DOCSDIR} + @${INSTALL_DATA} ${WRKSRC}/docs/${f} ${DOCSDIR} .endfor .endif +post-install: + @${SH} ${PKGINSTALL} ${DISTNAME} POST-INSTALL + @${CAT} ${PKGMESSAGE} + .include <bsd.port.post.mk> --- snortsam/distinfo +++ snortsam/distinfo @@ -1,3 +1,3 @@ -MD5 (snortsam-src-2.63.tar.gz) = d74f5e744358bc9da85ad9d4fb393f76 -SHA256 (snortsam-src-2.63.tar.gz) = f56208e2cba56c55bb97c09582b71e3d9c1c05c551df2cc59f493910e9f403a3 -SIZE (snortsam-src-2.63.tar.gz) = 1967776 +MD5 (snortsam-src-2.69.tar.gz) = 7663ce82956a97c5f725028716d66140 +SHA256 (snortsam-src-2.69.tar.gz) = eb0dc0ebd65b6d15e3adabd7be2720221005683eefb7ca5986b9ca0284d55f92 +SIZE (snortsam-src-2.69.tar.gz) = 1971579 --- snortsam/files/patch-snortsam.h +++ snortsam/files/patch-snortsam.h @@ -1,16 +0,0 @@ ---- src/snortsam.h.old 2008-08-03 00:08:34.000000000 -0300 -+++ src/snortsam.h 2008-08-03 00:10:58.000000000 -0300 -@@ -178,10 +178,10 @@ - #define safecopy(dst,src) _safecp(dst,sizeof(dst),src) - - #ifdef WIN32 --#define FWSAMCONFIGFILE "snortsam.cfg" --#define FWSAMHISTORYFILE "snortsam.sta" -+#define FWSAMCONFIGFILE "/usr/local/etc/snortsam.cfg" -+#define FWSAMHISTORYFILE "/var/db/snortsam.sta" - #else --#define FWSAMCONFIGFILE "/etc/snortsam.conf" -+#define FWSAMCONFIGFILE "/usr/local/etc/snortsam.conf" - #define FWSAMHISTORYFILE "/var/db/snortsam.state" - #endif - --- snortsam/files/pkg-install.in +++ snortsam/files/pkg-install.in @@ -0,0 +1,17 @@ +#!/bin/sh +# +# $FreeBSD$ + +ETCDIR=${ETCDIR:=%%ETCDIR%%} + +# snortsam config file contain sensitive data like +# passwords needed to block IP's on the firewalls. +# Set permission of the config dir to 700 so only +# root:wheel can access this directory. +if [ "$2" = "POST-INSTALL" ]; then + if [ -d ${ETCDIR} ]; then + /usr/sbin/chown root:wheel ${ETCDIR} + /bin/chmod 700 ${ETCDIR} + fi +fi + --- snortsam/files/pkg-message-snortsam +++ snortsam/files/pkg-message-snortsam @@ -1,10 +0,0 @@ - -============================================================ -NOTE: Make sure that your SNORT installation it is defined - output plugin SNORTSAM for don't cause errors while - building SNORTSAM system. If exists some OLD SNORT - installation WITHOUT supports for interaction between - SNORT and SNORTSAM. PLEASE reconfigure WITH that this - feature and rebuild a new installation. -============================================================= - --- snortsam/files/pkg-message.in +++ snortsam/files/pkg-message.in @@ -0,0 +1,18 @@ +================================================================ +NOTE: SNORT have to be build with OPTION SNORTSAM. + + To enable snortsam as output plugin for snort a config + line like the following should be present in snort.conf + + output alert_fwsam: <snortsambox>:<port>/<password> + + With samtool it is possible to send alerts to snortsam, + this way you can test and adjust your FW rules. + + For more information read the INSTALL, FAQ, README + files in %%DOCSDIR%% + + Additional consolidate http://snortsam.net + +============================================================== + --- snortsam/files/snortsam.sh.in +++ snortsam/files/snortsam.sh.in @@ -1,31 +1,30 @@ #!/bin/sh -# $FreeBSD: +# $FreeBSD$ # PROVIDE: snortsam # REQUIRE: DAEMON -# BEFORE: LOGIN +# BEFORE: LOGIN # KEYWORD: shutdown -# Add the following lines to /etc/rc.conf to enable snortsam: -# snortsam_enable (bool): Set to YES to enable snortsam -# Default: NO -# snortsam_flags (str): Extra flags passed to snortsam -# Default: "" -# snortsam_conf (str): Snortsam configuration file -# Default: ${PREFIX}/etc/snortsam/snortsam.conf # - +# Add the following line to /etc/rc.conf to enable snortsam: +# +# snortsam_enable="YES" +# +# # optional Snortsam configuration file: +# snortsam_conf="%%ETCDIR%%/snortsam.conf" +# +# DO NOT CHANGE THE DEFAULT VALUES HERE +# . %%RC_SUBR%% name="snortsam" rcvar=`set_rcvar` +load_rc_config snortsam +# defaults command="%%PREFIX%%/sbin/snortsam" - -load_rc_config $name - -[ -z "$snortsam_enable" ] && snortsam_enable="NO" -[ -z "$snortsam_conf" ] && snortsam_conf="%%PREFIX%%/etc/snortsam/snortsam.conf" -[ -n "$snortsam_conf" ] && snortsam_flags="$snortsam_flags $snortsam_conf" +snortsam_enable=${snortsam_enable:-"NO"} +snortsam_flags=${snortsam_conf:-"%%ETCDIR%%/snortsam.conf"} run_rc_command "$1" --- snortsam/files/ssp_ipfw2_no_table_check.patch +++ snortsam/files/ssp_ipfw2_no_table_check.patch @@ -0,0 +1,18 @@ +--- src/ssp_ipfw2.c.orig 2008-04-26 21:53:21.000000000 +0200 ++++ src/ssp_ipfw2.c 2009-11-14 22:03:41.000000000 +0100 +@@ -91,6 +91,7 @@ + } + } + } ++#if defined(ENABLE_IPFW_TABLE_CHECK) + /* Check if inbound table exists */ + snprintf(chk,sizeof(chk)-1,"/sbin/ipfw show | grep -q \"deny ip from any to table(%u) via %s\"",ipfw2p->in_table,ipfw2p->interface); + if(system(chk)) +@@ -110,6 +111,7 @@ + } + } + ++#endif /* ENABLE_IPFW_TABLE_CHECK */ + #ifdef FWSAMDEBUG + if(plugindatalist->data) + printf("Debug: [ipfw2] Adding IPFW2: i/f '%s', tables %u (in) and %u (out)\n", ipfw2p->interface, ipfw2p->in_table,ipfw2p->out_table); --- snortsam/pkg-descr +++ snortsam/pkg-descr @@ -1,5 +1,6 @@ -SnortSam is a plugin for Snort, an open-source light-weight -Intrusion Detection System (IDS). The plugin allows for -automated blocking of IP addresses on many firewalls. +SnortSam is an intelligent agent that allows the popular +open-source Intrusion Detection System called Snort to block +intruding connections by reconfiguration of many firewalls +and Cisco devices. WWW: http://www.snortsam.net --- patch_snortsam-2.69_v2.txt ends here ---
Responsible Changed From-To: freebsd-ports-bugs->miwi I'll take it.
State Changed From-To: feedback->closed Committed. Thanks!
miwi 2009-12-31 20:18:29 UTC FreeBSD ports repository Modified files: security/snortsam Makefile distinfo pkg-descr security/snortsam/files snortsam.sh.in Added files: security/snortsam/files pkg-install.in pkg-message.in ssp_ipfw2_no_table_check.patch Removed files: security/snortsam/files patch-snortsam.h pkg-message-snortsam Log: - Update to 2.69 Changelog: http://snortsam.net/news.html PR: 140881 Submitted by: olli hauer <ohauer@gmx.de> Approved by: maintainer timeout Revision Changes Path 1.3 +53 -30 ports/security/snortsam/Makefile 1.3 +3 -3 ports/security/snortsam/distinfo 1.2 +0 -16 ports/security/snortsam/files/patch-snortsam.h (dead) 1.1 +17 -0 ports/security/snortsam/files/pkg-install.in (new) 1.2 +0 -10 ports/security/snortsam/files/pkg-message-snortsam (dead) 1.1 +18 -0 ports/security/snortsam/files/pkg-message.in (new) 1.3 +15 -16 ports/security/snortsam/files/snortsam.sh.in 1.1 +18 -0 ports/security/snortsam/files/ssp_ipfw2_no_table_check.patch (new) 1.2 +4 -3 ports/security/snortsam/pkg-descr _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"