Lines 1-44
Link Here
|
1 |
# Created by: Valerio Daelli <valerio.daelli@gmail.com> |
|
|
2 |
# $FreeBSD$ |
1 |
# $FreeBSD$ |
3 |
|
2 |
|
4 |
PORTNAME= ossec-hids |
3 |
PORTNAME= ossec-hids |
5 |
PORTVERSION= 2.8.3 |
4 |
PORTVERSION= 2.9.3 |
6 |
DISTVERSIONPREFIX= v |
5 |
PORTREVISION?= |
7 |
PORTREVISION?= 3 |
|
|
8 |
CATEGORIES= security |
6 |
CATEGORIES= security |
9 |
PKGNAMESUFFIX= -server |
7 |
PKGNAMESUFFIX?= -server |
10 |
|
8 |
|
11 |
MAINTAINER= dominik.lisiak@bemsoft.pl |
9 |
MAINTAINER?= dominik.lisiak@bemsoft.pl |
12 |
COMMENT?= Security tool to monitor and check logs and intrusions |
10 |
COMMENT?= Security tool to monitor and check logs and intrusions |
13 |
|
11 |
|
14 |
USE_GITHUB= yes |
12 |
LICENSE?= GPLv2 |
15 |
GH_ACCOUNT= ossec |
13 |
LICENSE_FILE?= ${WRKSRC}/LICENSE |
16 |
USE_RC_SUBR= ossec-hids |
|
|
17 |
|
14 |
|
18 |
CFLAGS+= -ferror-limit=0 |
15 |
.if !defined(AGENT_ONLY) |
19 |
|
16 |
RUN_DEPENDS= expect:lang/expect |
20 |
USES= readline ssl |
|
|
21 |
|
22 |
.if defined(MAINTAINER_MODE) |
23 |
UID_FILES+= ../../UIDs |
24 |
GID_FILES+= ../../GIDs |
25 |
.endif |
17 |
.endif |
26 |
USERS= ossec ossecm ossecr |
|
|
27 |
GROUPS= ossec |
28 |
|
18 |
|
29 |
.if !defined(CLIENT_ONLY) |
19 |
GEOIP_LIB_DEPENDS= libGeoIP.so:net/GeoIP |
30 |
OPTIONS_DEFINE= MYSQL PGSQL |
20 |
INOTIFY_LIB_DEPENDS= libinotify.so:devel/libinotify |
|
|
21 |
PRELUDE_LIB_DEPENDS= libprelude.so:security/libprelude |
22 |
ZEROMQ_LIB_DEPENDS= libczmq.so:net/czmq |
31 |
|
23 |
|
32 |
MYSQL_VARS= WITH_DB=yes |
24 |
USES= gmake readline ssl |
33 |
MYSQL_USE= MYSQL=client |
25 |
MYSQL_USE= mysql |
34 |
MYSQL_PORTDOCS= mysql.schema |
|
|
35 |
|
36 |
PGSQL_VARS= WITH_DB=yes |
37 |
PGSQL_USES= pgsql |
26 |
PGSQL_USES= pgsql |
38 |
PGSQL_PORTDOCS= postgresql.schema |
|
|
39 |
|
27 |
|
40 |
RUN_DEPENDS= expect:lang/expect |
28 |
USE_GITHUB= yes |
|
|
29 |
GH_ACCOUNT= ossec |
30 |
USE_RC_SUBR= ossec-hids |
41 |
|
31 |
|
|
|
32 |
.if !defined(AGENT_ONLY) |
42 |
USES+= shebangfix |
33 |
USES+= shebangfix |
43 |
SHEBANG_LANG= expect |
34 |
SHEBANG_LANG= expect |
44 |
expect_OLD_CMD= "/usr/bin/env expect" |
35 |
expect_OLD_CMD= "/usr/bin/env expect" |
Lines 55-136
Link Here
|
55 |
src/agentlessd/scripts/sshlogin.exp \ |
46 |
src/agentlessd/scripts/sshlogin.exp \ |
56 |
src/agentlessd/scripts/su.exp |
47 |
src/agentlessd/scripts/su.exp |
57 |
.endif |
48 |
.endif |
58 |
OPTIONS_DEFINE+= DOCS |
|
|
59 |
|
49 |
|
60 |
SUB_LIST= PORTNAME=${PORTNAME} |
50 |
OPTIONS_SUB= yes |
61 |
SUB_FILES= pkg-message |
51 |
OPTIONS_DEFINE+= DOCS INOTIFY |
|
|
52 |
|
53 |
.if !defined(AGENT_ONLY) |
54 |
OPTIONS_DEFINE+= GEOIP PRELUDE ZEROMQ |
55 |
|
56 |
OPTIONS_RADIO= DATABASE |
57 |
OPTIONS_RADIO_DATABASE= MYSQL PGSQL |
58 |
.endif |
59 |
|
60 |
.if !defined(AGENT_ONLY) |
61 |
OPTIONS_GROUP+= G_RULES G_AR |
62 |
OPTIONS_GROUP_G_RULES= DEFAULT_R CONFIG_R FIREWALL_R PORTS_R |
63 |
OPTIONS_GROUP_G_AR= DEFAULT_C MERGE_C MERGE_AR RESTART_AR |
64 |
.endif |
65 |
OPTIONS_GROUP+= G_CHECKS G_CMDS G_LOGS |
66 |
OPTIONS_GROUP_G_CHECKS= ROOTCHECK SYSCHECK |
67 |
OPTIONS_GROUP_G_CMDS= LOGINS PORTS_TCP PORTS_UDP |
68 |
OPTIONS_GROUP_G_LOGS= BASELOGS ARLOG |
69 |
|
70 |
.if !defined(AGENT_ONLY) && !defined(LOCAL_ONLY) |
71 |
OPTIONS_GROUP+= G_CHECKS_P G_LOGS_P |
72 |
OPTIONS_GROUP_G_CHECKS_P= ROOTCHECK_P SYSCHECK_P |
73 |
OPTIONS_GROUP_G_LOGS_P= BASELOGS_P ARLOG_P |
74 |
.endif |
75 |
|
76 |
.if !defined(AGENT_ONLY) |
77 |
OPTIONS_SINGLE= FIREWALL |
78 |
OPTIONS_SINGLE_FIREWALL= PF IPFW IPF |
79 |
.endif |
80 |
|
81 |
OPTIONS_DEFAULT+= INOTIFY LOGINS PORTS_TCP PORTS_UDP |
82 |
.if !defined(AGENT_ONLY) |
83 |
OPTIONS_DEFAULT+= IPF DEFAULT_R CONFIG_R FIREWALL_R PORTS_R DEFAULT_C MERGE_C MERGE_AR RESTART_AR ROOTCHECK SYSCHECK BASELOGS ARLOG |
84 |
.if !defined(LOCAL_ONLY) |
85 |
OPTIONS_DEFAULT+= ROOTCHECK_P SYSCHECK_P BASELOGS_P ARLOG_P |
86 |
.endif |
87 |
.endif |
88 |
|
89 |
DIST_CONF_DESC= (ossec-dist.conf) |
90 |
AGENT_DIST_CONF_DESC= (agent-dist.conf) |
91 |
|
92 |
INOTIFY_DESC= Kevent based real time monitoring |
93 |
PRELUDE_DESC= Sensor support from Prelude SIEM |
94 |
ZEROMQ_DESC= ZeroMQ support (experimental) |
95 |
|
96 |
G_RULES_DESC= Rules ${DIST_CONF_DESC} |
97 |
DEFAULT_R_DESC= Rules provided by OSSEC |
98 |
CONFIG_R_DESC= Alert OSSEC main configuration files changes |
99 |
FIREWALL_R_DESC= Alert firewall active resonse (PF and IPFW) |
100 |
PORTS_R_DESC= Alert open TCP and UDP ports |
101 |
G_AR_DESC= Active response ${DIST_CONF_DESC} |
102 |
DEFAULT_C_DESC= Commands provided by OSSEC |
103 |
MERGE_C_DESC= Merge "dist" and "local" configs command |
104 |
MERGE_AR_DESC= Merge "dist" and "local" configs when they change |
105 |
RESTART_AR_DESC= Restart OSSEC when main configuration files change |
106 |
G_CHECKS_DESC= System checks ${DIST_CONF_DESC} |
107 |
ROOTCHECK_DESC= System audit and rootkit detection |
108 |
SYSCHECK_DESC= Integrity checking |
109 |
G_CMDS_DESC= Command monitoring ${DIST_CONF_DESC} |
110 |
LOGINS_DESC= Last logins |
111 |
PORTS_TCP_DESC= Listening TCP ports |
112 |
PORTS_UDP_DESC= Open UDP ports |
113 |
G_LOGS_DESC= Log monitoring ${DIST_CONF_DESC} |
114 |
BASELOGS_DESC= Base logs (messages, maillog, ...) |
115 |
ARLOG_DESC= Active response log |
116 |
|
117 |
G_CHECKS_P_DESC= Pushed system checks ${AGENT_DIST_CONF_DESC} |
118 |
ROOTCHECK_P_DESC= ${ROOTCHECK_DESC} (profile: rootcheck) |
119 |
SYSCHECK_P_DESC= ${SYSCHECK_DESC} (profile: syscheck) |
120 |
G_LOGS_P_DESC= Pushed log monitoring ${AGENT_DIST_CONF_DESC} |
121 |
BASELOGS_P_DESC= ${BASELOGS_DESC} (profile: baselogs) |
122 |
ARLOG_P_DESC= ${ARLOG_DESC} (profile: arlog) |
123 |
|
124 |
FIREWALL_DESC= Active response firewall ${DIST_CONF_DESC} |
125 |
PF_DESC= Packet Filter |
126 |
IPFW_DESC= ipfirewall |
127 |
IPF_DESC= ipfilter, iptables |
128 |
|
129 |
DATABASE_DESC= Database output |
130 |
|
131 |
PKGMSG_FILES= message-header |
132 |
|
133 |
TEMPL_HEADER= template-header.xml |
134 |
TEMPL_SAMPLE_HEADER= template-sample-header.xml |
135 |
TEMPL_P_HEADER= template-pushed-header.xml |
136 |
|
137 |
TEMPL_DEFAULT_R= template-rules-default.xml |
138 |
TEMPL_CONFIG_R= template-rules-config.xml |
139 |
TEMPL_FIREWALL_R= template-rules-firewall.xml |
140 |
TEMPL_PORTS_R= template-rules-ports.xml |
141 |
TEMPL_DEFAULT_C= template-ar-cmds-default.xml |
142 |
TEMPL_MERGE_C= template-ar-cmds-merge.xml |
143 |
TEMPL_MERGE_AR= template-ar-merge.xml |
144 |
TEMPL_RESTART_AR= template-ar-restart.xml |
145 |
TEMPL_ROOTCHECK= template-rootcheck.xml |
146 |
TEMPL_SYSCHECK= template-syscheck.xml |
147 |
TEMPL_LOGINS= template-cmds-logins.xml |
148 |
TEMPL_PORTS_TCP= template-cmds-ports-tcp.xml |
149 |
TEMPL_PORTS_UDP= template-cmds-ports-udp.xml |
150 |
TEMPL_BASELOGS= template-baselogs.xml |
151 |
TEMPL_ARLOG= template-arlog.xml |
152 |
TEMPL_SAMPLE= template-sample${PKGNAMESUFFIX}.xml |
153 |
TEMPL_P_SAMPLE= template-pushed-sample.xml |
154 |
|
155 |
GEOIP_VARS= OSSEC_ARGS+=USE_GEOIP=yes |
156 |
INOTIFY_VARS= OSSEC_ARGS+=USE_INOTIFY=yes |
157 |
PRELUDE_VARS= OSSEC_ARGS+=USE_PRELUDE=yes |
158 |
ZEROMQ_VARS= OSSEC_ARGS+=USE_ZEROMQ=yes |
159 |
MYSQL_VARS= OSSEC_ARGS+=DATABASE=mysql PKGMSG_FILES+=message-db DB_TYPE=mysql DB_SCHEMA=mysql.schema |
160 |
PGSQL_VARS= OSSEC_ARGS+=DATABASE=pgsql PKGMSG_FILES+=message-db DB_TYPE=postgresql DB_SCHEMA=postgresql.schema |
161 |
|
162 |
DEFAULT_R_VARS= TEMPL_FILES+=${TEMPL_DEFAULT_R} |
163 |
CONFIG_R_VARS= TEMPL_FILES+=${TEMPL_CONFIG_R} |
164 |
FIREWALL_R_VARS= TEMPL_FILES+=${TEMPL_FIREWALL_R} |
165 |
PORTS_R_VARS= TEMPL_FILES+=${TEMPL_PORTS_R} |
166 |
DEFAULT_C_VARS= TEMPL_FILES+=${TEMPL_DEFAULT_C} |
167 |
MERGE_C_VARS= TEMPL_FILES+=${TEMPL_MERGE_C} |
168 |
MERGE_AR_VARS= TEMPL_FILES+=${TEMPL_MERGE_AR} |
169 |
RESTART_AR_VARS= TEMPL_FILES+=${TEMPL_RESTART_AR} |
170 |
ROOTCHECK_VARS= TEMPL_FILES+=${TEMPL_ROOTCHECK} |
171 |
SYSCHECK_VARS= TEMPL_FILES+=${TEMPL_SYSCHECK} |
172 |
LOGINS_VARS= TEMPL_FILES+=${TEMPL_LOGINS} |
173 |
PORTS_TCP_VARS= TEMPL_FILES+=${TEMPL_PORTS_TCP} |
174 |
PORTS_UDP_VARS= TEMPL_FILES+=${TEMPL_PORTS_UDP} |
175 |
BASELOGS_VARS= TEMPL_FILES+=${TEMPL_BASELOGS} |
176 |
ARLOG_VARS= TEMPL_FILES+=${TEMPL_ARLOG} |
177 |
|
178 |
DEFAULT_R_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_DEFAULT_R} |
179 |
CONFIG_R_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_CONFIG_R} |
180 |
FIREWALL_R_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_FIREWALL_R} |
181 |
PORTS_R_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_PORTS_R} |
182 |
DEFAULT_C_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_DEFAULT_C} |
183 |
MERGE_C_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_MERGE_C} |
184 |
MERGE_AR_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_MERGE_AR} |
185 |
RESTART_AR_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_RESTART_AR} |
186 |
ROOTCHECK_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_ROOTCHECK} |
187 |
SYSCHECK_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_SYSCHECK} |
188 |
LOGINS_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_LOGINS} |
189 |
PORTS_TCP_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_PORTS_TCP} |
190 |
PORTS_UDP_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_PORTS_UDP} |
191 |
BASELOGS_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_BASELOGS} |
192 |
ARLOG_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_ARLOG} |
193 |
|
194 |
ROOTCHECK_P_VARS= TEMPL_P_FILES+=${TEMPL_ROOTCHECK} |
195 |
SYSCHECK_P_VARS= TEMPL_P_FILES+=${TEMPL_SYSCHECK} |
196 |
BASELOGS_P_VARS= TEMPL_P_FILES+=${TEMPL_BASELOGS} |
197 |
ARLOG_P_VARS= TEMPL_P_FILES+=${TEMPL_ARLOG} |
198 |
|
199 |
ROOTCHECK_PROFILE= rootcheck |
200 |
SYSCHECK_PROFILE= syscheck |
201 |
BASELOGS_PROFILE= baselogs |
202 |
ARLOG_PROFILE= arlog |
203 |
CLIENT_PROFILES:= ${ROOTCHECK_PROFILE}, ${SYSCHECK_PROFILE}, ${BASELOGS_PROFILE}, ${ARLOG_PROFILE} |
204 |
|
205 |
SUB_LIST+= ROOTCHECK_PROFILE=${ROOTCHECK_PROFILE} \ |
206 |
SYSCHECK_PROFILE=${SYSCHECK_PROFILE} \ |
207 |
BASELOGS_PROFILE=${BASELOGS_PROFILE} \ |
208 |
ARLOG_PROFILE=${ARLOG_PROFILE} \ |
209 |
CLIENT_PROFILES="${CLIENT_PROFILES}" |
210 |
|
211 |
PF_VARS= FW_DROP=pf.sh PKGMSG_FILES+=message-pf |
212 |
IPFW_VARS= FW_DROP=ipfw.sh |
213 |
IPF_VARS= FW_DROP=firewall-drop.sh |
214 |
|
215 |
OSSEC_TYPE?= server |
216 |
PKGHELP= ${PKGDIR}/pkg-help${PKGNAMESUFFIX} |
217 |
OSSEC_ARGS+= TARGET=${OSSEC_TYPE} |
218 |
CONFLICTS_INSTALL?= ossec-hids-client-[0-9]* ossec-hids-agent-[0-9]* ossec-hids-local-[0-9]* |
219 |
STRIP_FILES?= agent_control \ |
220 |
clear_stats \ |
221 |
list_agents \ |
222 |
manage_agents \ |
223 |
ossec-agentlessd \ |
224 |
ossec-analysisd \ |
225 |
ossec-authd \ |
226 |
ossec-csyslogd \ |
227 |
ossec-dbd \ |
228 |
ossec-execd \ |
229 |
ossec-logcollector \ |
230 |
ossec-logtest \ |
231 |
ossec-lua \ |
232 |
ossec-luac \ |
233 |
ossec-maild \ |
234 |
ossec-makelists \ |
235 |
ossec-monitord \ |
236 |
ossec-regex \ |
237 |
ossec-remoted \ |
238 |
ossec-reportd \ |
239 |
ossec-syscheckd \ |
240 |
rootcheck_control \ |
241 |
syscheck_control \ |
242 |
syscheck_update \ |
243 |
verify-agent-conf |
244 |
TEMPL_TO_OSSEC= ${SCRIPTDIR}/template-to-ossec.sh ${OSSEC_TYPE} ${PREFIX}/${PORTNAME} |
245 |
TEMPL_TO_OSSEC_P= ${SCRIPTDIR}/template-to-agent.sh ${OSSEC_TYPE} ${PREFIX}/${PORTNAME} |
246 |
OSSEC_RC= ${PREFIX}/etc/rc.d/ossec-hids |
247 |
OSSEC_OSSEC_CONF= ${PREFIX}/${PORTNAME}/bin/ossec_conf |
248 |
OSSEC_AGENT_CONF= ${PREFIX}/${PORTNAME}/bin/agent_conf |
249 |
OSSEC_MERGE_CONFIG= ${PREFIX}/${PORTNAME}/active-response/bin/merge-configs.sh |
250 |
OSSEC_RESTART_OSSEC= ${PREFIX}/${PORTNAME}/active-response/bin/restart-ossec.sh |
251 |
OSSEC_TMP= ${PREFIX}/${PORTNAME}/tmp |
252 |
OSSEC_SHARED= ${PREFIX}/${PORTNAME}/etc/shared |
253 |
OSSEC_CONF= ${PREFIX}/${PORTNAME}/etc/ossec.conf |
254 |
OSSEC_DIST_CONF= ${PREFIX}/${PORTNAME}/etc/ossec-dist.conf |
255 |
OSSEC_LOCAL_CONF= ${PREFIX}/${PORTNAME}/etc/ossec-local.conf.sample |
256 |
OSSEC_P_CONF= ${PREFIX}/${PORTNAME}/etc/shared/agent.conf |
257 |
OSSEC_P_DIST_CONF= ${PREFIX}/${PORTNAME}/etc/agent-dist.conf |
258 |
OSSEC_P_LOCAL_CONF= ${PREFIX}/${PORTNAME}/etc/agent-local.conf.sample |
259 |
OSSEC_RULES_DIR= ${PREFIX}/${PORTNAME}/rules |
260 |
OSSEC_RULES_FILES= config firewall ports |
261 |
|
262 |
.if !defined(MAINTAINER_MODE) |
263 |
USER_ARGS+= OSSEC_GROUP=${GROUP} \ |
264 |
OSSEC_USER=${USER} \ |
265 |
OSSEC_USER_MAIL=${USER} \ |
266 |
OSSEC_USER_REM=${USER} |
267 |
.endif |
268 |
OSSEC_USER= ossec |
269 |
OSSEC_GROUP= ossec |
270 |
USERS= ${OSSEC_USER} ossecm ossecr |
271 |
GROUPS= ${OSSEC_GROUP} |
272 |
|
273 |
SUB_LIST+= PORTNAME=${PORTNAME} \ |
274 |
OSSEC_TYPE=${OSSEC_TYPE} \ |
275 |
VERSION=${PORTVERSION} \ |
276 |
DB_TYPE=${DB_TYPE} \ |
277 |
DB_SCHEMA=${DOCSDIR}/${DB_SCHEMA} \ |
278 |
FW_DROP=${FW_DROP} \ |
279 |
USER=${USER} \ |
280 |
OSSEC_USER=${OSSEC_USER} \ |
281 |
OSSEC_GROUP=${OSSEC_GROUP} \ |
282 |
OSSEC_RC=${OSSEC_RC} |
283 |
SUB_FILES= ${PKGMSG_FILES} \ |
284 |
${TEMPL_HEADER} \ |
285 |
${TEMPL_FILES} \ |
286 |
${TEMPL_SAMPLE_HEADER} \ |
287 |
${TEMPL_SAMPLE_FILES} \ |
288 |
${TEMPL_P_HEADER} \ |
289 |
${TEMPL_P_SAMPLE} \ |
290 |
merge-config.sh \ |
291 |
restart-ossec.sh \ |
292 |
ossec-conf |
293 |
.if !defined(AGENT_ONLY) && !defined(LOCAL_ONLY) |
294 |
SUB_FILES+= agent-conf |
295 |
.endif |
296 |
.for file in ${OSSEC_RULES_FILES} |
297 |
SUB_FILES+= rule-${file}.xml |
298 |
.endfor |
299 |
|
300 |
PLIST= ${PKGDIR}/pkg-plist${PKGNAMESUFFIX} |
62 |
PLIST_SUB= PORTNAME=${PORTNAME} |
301 |
PLIST_SUB= PORTNAME=${PORTNAME} |
63 |
DOCSFILES= BUGS CONFIG CONTRIBUTORS INSTALL LICENSE |
302 |
DOCSFILES= BUGS CONFIG CONTRIBUTORS INSTALL LICENSE |
64 |
PORTDOCS= ${DOCSFILES} |
303 |
PKGMESSAGE= ${WRKDIR}/pkg-message |
65 |
|
304 |
|
66 |
BROKEN_aarch64= Fails to compile: error: use of undeclared identifier __LDPGSZ |
305 |
CFLAGS+= -I${LOCALBASE}/include |
67 |
|
306 |
|
|
|
307 |
BUILD_ARGS+= ${MAKE_ARGS} ${OSSEC_ARGS} PREFIX=${PREFIX}/${PORTNAME} |
308 |
INSTALL_ARGS+= ${USER_ARGS} ${OSSEC_ARGS} PREFIX=${STAGEDIR}${PREFIX}/${PORTNAME} |
309 |
|
310 |
# Apache logs support |
311 |
APACHE_OPTION= APACHE |
312 |
APACHE_PROFILE= apache |
313 |
APACHE_DESC= Apache logs |
314 |
APACHE_P_DESC= ${APACHE_DESC} (profile: ${APACHE_PROFILE}) |
315 |
LOGS_OPTIONS+= ${APACHE_OPTION} |
316 |
|
317 |
# Nginx logs support |
318 |
NGINX_OPTION= NGINX |
319 |
NGINX_PROFILE= nginx |
320 |
NGINX_DESC= Nginx logs |
321 |
NGINX_P_DESC= ${NGINX_DESC} (profile: ${NGINX_PROFILE}) |
322 |
LOGS_OPTIONS+= ${NGINX_OPTION} |
323 |
|
324 |
# Radius logs support |
325 |
RADIUS_OPTION= RADIUS |
326 |
RADIUS_PROFILE= radius |
327 |
RADIUS_DESC= FreeRADIUS logs |
328 |
RADIUS_P_DESC= ${RADIUS_DESC} (profile: ${RADIUS_PROFILE}) |
329 |
LOGS_OPTIONS+= ${RADIUS_OPTION} |
330 |
|
331 |
# Vsftpd logs support |
332 |
VSFTPD_OPTION= VSFTPD |
333 |
VSFTPD_PROFILE= vsftpd |
334 |
VSFTPD_DESC= Vsftpd logs |
335 |
VSFTPD_P_DESC= ${VSFTPD_DESC} (profile: ${VSFTPD_PROFILE}) |
336 |
LOGS_OPTIONS+= ${VSFTPD_OPTION} |
337 |
|
338 |
.for option in ${LOGS_OPTIONS} |
339 |
OPTIONS_GROUP_G_LOGS+= ${option} |
340 |
OPTIONS_GROUP_G_LOGS_P+=${option}_P |
341 |
OPTIONS_DEFAULT+= ${option}_P |
342 |
SUB_FILES+= template-logs-${${option}_PROFILE}.xml |
343 |
SUB_LIST+= ${option}_PROFILE=${${option}_PROFILE} |
344 |
CLIENT_PROFILES:= ${CLIENT_PROFILES}, ${${option}_PROFILE} |
345 |
.endfor |
346 |
|
68 |
.include <bsd.port.pre.mk> |
347 |
.include <bsd.port.pre.mk> |
69 |
|
348 |
|
70 |
STRIP_FILES= ossec-luac agent_control ossec-lua ossec-dbd ossec-regex ossec-monitord ossec-makelists verify-agent-conf ossec-analysisd ossec-agentlessd syscheck_control ossec-execd manage_agents ossec-csyslogd ossec-syscheckd ossec-logtest ossec-authd ossec-logcollector list_agents ossec-maild clear_stats ossec-remoted ossec-reportd rootcheck_control syscheck_update |
349 |
TEMPL_SAMPLE_FILES+= ${TEMPL_SAMPLE} |
71 |
.if defined(CLIENT_ONLY) |
350 |
TEMPL_P_SAMPLE_FILES+= ${TEMPL_P_SAMPLE} |
72 |
SUB_LIST+= PRECMD=: |
351 |
PKGMSG_FILES+= message-footer |
73 |
PKGNAMESUFFIX= -client |
|
|
74 |
CONFLICTS_INSTALL= ossec-hids-server-[0-9]* ossec-hids-local-[0-9]* |
75 |
STRIP_FILES= agent-auth manage_agents ossec-agentd ossec-execd ossec-logcollector ossec-lua ossec-luac ossec-syscheckd |
76 |
.elif defined(LOCAL_ONLY) |
77 |
SUB_LIST+= PRECMD=ossechids_start_precmd |
78 |
PKGNAMESUFFIX= -local |
79 |
CONFLICTS_INSTALL= ossec-hids-client-[0-9]* ossec-hids-server-[0-9]* |
80 |
.else |
81 |
SUB_LIST+= PRECMD=ossechids_start_precmd |
82 |
CONFLICTS_INSTALL= ossec-hids-client-[0-9]* ossec-hids-local-[0-9]* |
83 |
.endif |
84 |
|
352 |
|
85 |
post-patch: |
353 |
post-patch: |
86 |
@${REINPLACE_CMD} 's|PREFIX|${PREFIX}/${PORTNAME}|' ${WRKSRC}/src/headers/defs.h |
|
|
87 |
@${ECHO} "DIR=\"${STAGEDIR}${PREFIX}/${PORTNAME}\"" > ${WRKSRC}/src/LOCATION |
88 |
@${REINPLACE_CMD} -e 's|-DLUA_USE_LINUX|& ${CPPFLAGS}|' \ |
354 |
@${REINPLACE_CMD} -e 's|-DLUA_USE_LINUX|& ${CPPFLAGS}|' \ |
89 |
-e 's|-lreadline|& ${LDFLAGS}|' \ |
355 |
-e 's|-lreadline|& ${LDFLAGS}|' \ |
90 |
${WRKSRC}/src/external/lua-5.2.3/src/Makefile |
356 |
${WRKSRC}/src/external/lua/src/Makefile |
91 |
@${REINPLACE_CMD} -e 's|OPENSSLCMD=|OPENSSLCMD=-L${OPENSSLLIB} |' \ |
|
|
92 |
${WRKSRC}/src/Makeall |
93 |
|
357 |
|
94 |
do-build: |
358 |
do-build: |
95 |
.if defined(WITH_DB) |
359 |
@cd ${WRKSRC}/src; ${SETENV} ${MAKE_ENV} ${MAKE_CMD} ${BUILD_ARGS} build |
96 |
.if defined(CLIENT_ONLY) |
360 |
|
97 |
@cd ${WRKSRC}/src;${MAKE} setagent;${MAKE} all;${MAKE} build |
361 |
do-install: |
98 |
.elif defined(LOCAL_ONLY) |
362 |
@cd ${WRKSRC}/src; ${SETENV} ${MAKE_ENV} ${MAKE_CMD} ${INSTALL_ARGS} install |
99 |
@cd ${WRKSRC}/src;${MAKE} setlocal;${MAKE} setdb;${MAKE} all;${MAKE} build |
363 |
|
100 |
.else |
364 |
ossec-dist-conf: |
101 |
@cd ${WRKSRC}/src;${MAKE} setdb;${MAKE} all;${MAKE} build |
365 |
@${CAT} ${WRKDIR}/${TEMPL_HEADER} > ${STAGEDIR}${OSSEC_DIST_CONF} |
|
|
366 |
.for file in ${TEMPL_FILES} |
367 |
@${TEMPL_TO_OSSEC} ${WRKDIR}/${file} >> ${STAGEDIR}${OSSEC_DIST_CONF} |
368 |
@${ECHO_CMD} >> ${STAGEDIR}${OSSEC_DIST_CONF} |
369 |
.endfor |
370 |
.for option in ${LOGS_OPTIONS} |
371 |
.if ${PORT_OPTIONS:M${option}} |
372 |
@${TEMPL_TO_OSSEC} ${WRKDIR}/template-logs-${${option}_PROFILE}.xml >> ${STAGEDIR}${OSSEC_DIST_CONF} |
373 |
@${ECHO_CMD} >> ${STAGEDIR}${OSSEC_DIST_CONF} |
102 |
.endif |
374 |
.endif |
103 |
.else |
375 |
.endfor |
104 |
.if defined(CLIENT_ONLY) |
376 |
@${CHMOD} 640 ${STAGEDIR}${OSSEC_DIST_CONF} |
105 |
@cd ${WRKSRC}/src;${MAKE} setagent;${MAKE} all;${MAKE} build; \ |
377 |
.if defined(MAINTAINER_MODE) |
106 |
${MAKE} unsetdb |
378 |
@${CHOWN} ${USER}:${OSSEC_GROUP} ${STAGEDIR}${OSSEC_DIST_CONF} |
107 |
.elif defined(LOCAL_ONLY) |
|
|
108 |
@cd ${WRKSRC}/src;${MAKE} setlocal;${MAKE} all;${MAKE} build; \ |
109 |
${MAKE} unsetdb |
110 |
.else |
111 |
@cd ${WRKSRC}/src;${MAKE} all;${MAKE} build;${MAKE} unsetdb |
112 |
.endif |
379 |
.endif |
|
|
380 |
|
381 |
ossec-local-conf: |
382 |
@${CAT} ${WRKDIR}/${TEMPL_SAMPLE_HEADER} > ${STAGEDIR}${OSSEC_LOCAL_CONF} |
383 |
.for file in ${TEMPL_SAMPLE_FILES} |
384 |
@${TEMPL_TO_OSSEC} ${WRKDIR}/${file} >> ${STAGEDIR}${OSSEC_LOCAL_CONF} |
385 |
@${ECHO_CMD} >> ${STAGEDIR}${OSSEC_LOCAL_CONF} |
386 |
.endfor |
387 |
@${CHMOD} 640 ${STAGEDIR}${OSSEC_LOCAL_CONF} |
388 |
.if defined(MAINTAINER_MODE) |
389 |
@${CHOWN} ${USER}:${OSSEC_GROUP} ${STAGEDIR}${OSSEC_LOCAL_CONF} |
113 |
.endif |
390 |
.endif |
114 |
|
391 |
|
115 |
do-install: |
392 |
agent-dist-conf: |
116 |
.if defined(CLIENT_ONLY) |
393 |
.if !defined(AGENT_ONLY) && !defined(LOCAL_ONLY) |
117 |
@cd ${WRKSRC}/src; ${MAKE} agent |
394 |
@${CAT} ${WRKDIR}/${TEMPL_P_HEADER} > ${STAGEDIR}${OSSEC_P_DIST_CONF} |
118 |
.elif defined(LOCAL_ONLY) |
395 |
.for file in ${TEMPL_P_FILES} |
119 |
@cd ${WRKSRC}/src; ${MAKE} local |
396 |
@${TEMPL_TO_OSSEC_P} ${WRKDIR}/${file} >> ${STAGEDIR}${OSSEC_P_DIST_CONF} |
|
|
397 |
@${ECHO_CMD} >> ${STAGEDIR}${OSSEC_P_DIST_CONF} |
398 |
.endfor |
399 |
.for option in ${LOGS_OPTIONS} |
400 |
.if ${PORT_OPTIONS:M${option}_P} |
401 |
@${TEMPL_TO_OSSEC_P} ${WRKDIR}/template-logs-${${option}_PROFILE}.xml >> ${STAGEDIR}${OSSEC_P_DIST_CONF} |
402 |
@${ECHO_CMD} >> ${STAGEDIR}${OSSEC_P_DIST_CONF} |
403 |
.endif |
404 |
.endfor |
405 |
@${CHMOD} 640 ${STAGEDIR}${OSSEC_P_DIST_CONF} |
406 |
.if defined(MAINTAINER_MODE) |
407 |
@${CHOWN} ${USER}:${OSSEC_GROUP} ${STAGEDIR}${OSSEC_P_DIST_CONF} |
408 |
.endif |
409 |
.endif |
410 |
|
411 |
agent-local-conf: |
412 |
.if !defined(AGENT_ONLY) && !defined(LOCAL_ONLY) |
413 |
@${CAT} ${WRKDIR}/${TEMPL_SAMPLE_HEADER} > ${STAGEDIR}${OSSEC_P_LOCAL_CONF} |
414 |
.for file in ${TEMPL_P_SAMPLE_FILES} |
415 |
@${TEMPL_TO_OSSEC_P} ${WRKDIR}/${file} >> ${STAGEDIR}${OSSEC_P_LOCAL_CONF} |
416 |
@${ECHO_CMD} >> ${STAGEDIR}${OSSEC_P_LOCAL_CONF} |
417 |
.endfor |
418 |
@${CHMOD} 640 ${STAGEDIR}${OSSEC_P_LOCAL_CONF} |
419 |
.if defined(MAINTAINER_MODE) |
420 |
@${CHOWN} ${USER}:${OSSEC_GROUP} ${STAGEDIR}${OSSEC_P_LOCAL_CONF} |
421 |
.endif |
422 |
.endif |
423 |
|
424 |
ossec-rules: |
425 |
.if !defined(AGENT_ONLY) |
426 |
.for file in ${OSSEC_RULES_FILES} |
427 |
@${SED} -e 's|<?xml.*?>||' ${WRKDIR}/rule-${file}.xml > ${STAGEDIR}${OSSEC_RULES_DIR}/freebsd_${file}_rules.xml |
428 |
@${CHMOD} 640 ${STAGEDIR}${OSSEC_RULES_DIR}/freebsd_${file}_rules.xml |
429 |
.if defined(MAINTAINER_MODE) |
430 |
@${CHOWN} ${USER}:${OSSEC_GROUP} ${STAGEDIR}${OSSEC_RULES_DIR}/freebsd_${file}_rules.xml |
431 |
.endif |
432 |
.endfor |
433 |
.endif |
434 |
|
435 |
ossec-scripts: |
436 |
@${CP} -f ${WRKDIR}/ossec-conf ${STAGEDIR}${OSSEC_OSSEC_CONF} |
437 |
@${CHMOD} 550 ${STAGEDIR}${OSSEC_OSSEC_CONF} |
438 |
.if !defined(AGENT_ONLY) && !defined(LOCAL_ONLY) |
439 |
@${CP} -f ${WRKDIR}/agent-conf ${STAGEDIR}${OSSEC_AGENT_CONF} |
440 |
@${CHMOD} 550 ${STAGEDIR}${OSSEC_AGENT_CONF} |
441 |
.endif |
442 |
@${CP} -f ${WRKDIR}/merge-config.sh ${STAGEDIR}${OSSEC_MERGE_CONFIG} |
443 |
@${CHMOD} 550 ${STAGEDIR}${OSSEC_MERGE_CONFIG} |
444 |
@${CP} -f ${WRKDIR}/restart-ossec.sh ${STAGEDIR}${OSSEC_RESTART_OSSEC} |
445 |
@${CHMOD} 550 ${STAGEDIR}${OSSEC_RESTART_OSSEC} |
446 |
.if defined(MAINTAINER_MODE) |
447 |
@${CHOWN} ${USER}:${OSSEC_GROUP} ${STAGEDIR}${OSSEC_MERGE_CONFIG} |
448 |
.endif |
449 |
|
450 |
post-install: ossec-dist-conf ossec-local-conf agent-dist-conf agent-local-conf ossec-rules ossec-scripts |
451 |
@${CHMOD} 770 ${STAGEDIR}${OSSEC_TMP} |
452 |
.if defined(AGENT_ONLY) |
453 |
.if defined(MAINTAINER_MODE) |
454 |
@for file in $$(find "${STAGEDIR}${OSSEC_SHARED}" -type f); do ${CHMOD} 0644 $${file}; ${CHOWN} ${OSSEC_USER}:${OSSEC_GROUP} $${file}; done |
120 |
.else |
455 |
.else |
121 |
@cd ${WRKSRC}/src; ${MAKE} server |
456 |
@for file in $$(find "${STAGEDIR}${OSSEC_SHARED}" -type f); do ${CHMOD} 0644 $${file}; done |
122 |
.endif |
457 |
.endif |
123 |
@${MKDIR} ${STAGEDIR}${PREFIX}/${PORTNAME}/etc |
458 |
.endif |
|
|
459 |
@${ECHO_CMD} -n > ${PKGMESSAGE} |
460 |
.for file in ${PKGMSG_FILES} |
461 |
@${CAT} ${WRKDIR}/${file} >> ${PKGMESSAGE} |
462 |
@${ECHO_CMD} >> ${PKGMESSAGE} |
463 |
.endfor |
124 |
.for file in ${STRIP_FILES} |
464 |
.for file in ${STRIP_FILES} |
125 |
${STRIP_CMD} ${STAGEDIR}${PREFIX}/ossec-hids/bin/${file} |
465 |
@${STRIP_CMD} ${STAGEDIR}${PREFIX}/${PORTNAME}/bin/${file} |
126 |
.endfor |
466 |
.endfor |
127 |
|
467 |
|
128 |
.if defined(CLIENT_ONLY) |
468 |
.if defined(MAINTAINER_MODE) |
129 |
@${CP} ${WRKSRC}/etc/ossec-agent.conf ${STAGEDIR}${PREFIX}/${PORTNAME}/etc/ossec.conf.sample |
469 |
plist: makeplist |
130 |
.elif defined(LOCAL_ONLY) |
470 |
@${SCRIPTDIR}/plist.sh ${OSSEC_TYPE} ${PLIST} ${PREFIX}/${PORTNAME} ${WRKDIR} |
131 |
${CP} ${WRKSRC}/etc/ossec-local.conf ${STAGEDIR}${PREFIX}/${PORTNAME}/etc/ossec.conf.sample |
|
|
132 |
.else |
133 |
${CP} ${WRKSRC}/etc/ossec-server.conf ${STAGEDIR}${PREFIX}/${PORTNAME}/etc/ossec.conf.sample |
134 |
.endif |
471 |
.endif |
135 |
|
472 |
|
136 |
post-install-DOCS-on: |
473 |
post-install-DOCS-on: |
Lines 139-148
Link Here
|
139 |
|
476 |
|
140 |
post-install-MYSQL-on: |
477 |
post-install-MYSQL-on: |
141 |
@${MKDIR} ${STAGEDIR}${DOCSDIR} |
478 |
@${MKDIR} ${STAGEDIR}${DOCSDIR} |
142 |
@cd ${WRKSRC} && ${INSTALL_DATA} src/os_dbd/mysql.schema ${STAGEDIR}${DOCSDIR} |
479 |
@cd ${WRKSRC} && ${INSTALL_DATA} src/os_dbd/${DB_SCHEMA} ${STAGEDIR}${DOCSDIR} |
143 |
|
480 |
|
144 |
post-install-PGSQL-on: |
481 |
post-install-PGSQL-on: |
145 |
@${MKDIR} ${STAGEDIR}${DOCSDIR} |
482 |
@${MKDIR} ${STAGEDIR}${DOCSDIR} |
146 |
@cd ${WRKSRC} && ${INSTALL_DATA} src/os_dbd/postgresql.schema ${STAGEDIR}${DOCSDIR} |
483 |
@cd ${WRKSRC} && ${INSTALL_DATA} src/os_dbd/${DB_SCHEMA} ${STAGEDIR}${DOCSDIR} |
147 |
|
484 |
|
148 |
.include <bsd.port.post.mk> |
485 |
.include <bsd.port.post.mk> |