FreeBSD Bugzilla – Attachment 144107 Details for
Bug 191347
[NEW PORT] security/sguil: Sguil is a network security monitoring program
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
Shar File for sguil-0.9.0
sguil-0.9.0.shar (text/plain), 49.65 KB, created by
Muhammad Moinur Rahman
on 2014-06-24 20:37:02 UTC
(
hide
)
Description:
Shar File for sguil-0.9.0
Filename:
MIME Type:
Creator:
Muhammad Moinur Rahman
Created:
2014-06-24 20:37:02 UTC
Size:
49.65 KB
patch
obsolete
># This is a shell archive. Save it in a file, remove anything before ># this line, and then unpack it by entering "sh file". Note, it may ># create directories; files and directories will be owned by you and ># have default permissions. ># ># This archive contains: ># ># sguil ># sguil/Makefile ># sguil/distinfo ># sguil/pkg-descr ># sguil/files ># sguil/files/patch-server__lib__SguildLoaderd.tcl ># sguil/files/pads_agent.in ># sguil/files/sancp_agent.in ># sguil/files/patch-sensor__contrib__ossec_agent__ossec_agent.tcl ># sguil/files/patch-sensor__pcap_agent-sancp.tcl ># sguil/files/patch-server__lib__SguildMysqlMerge.tcl ># sguil/files/patch-sensor__sancp_agent.tcl ># sguil/files/patch-server__sguild.conf ># sguil/files/patch-server__sql_scripts__sancp_cleanup.tcl ># sguil/files/example_agent.in ># sguil/files/patch-sensor__pcap_agent.tcl ># sguil/files/pkg-message-sensor.in ># sguil/files/snort_agent.in ># sguil/files/pkg-message-server.in ># sguil/files/pkg-message-client.in ># sguil/files/patch-client__sguil.tk ># sguil/files/pcap_agent.in ># sguil/files/patch-server__sguild ># sguil/files/patch-server__sguild.access ># sguil/files/pcap_agent-sancp.in ># sguil/files/sguild.in ># sguil/files/patch-client__sguil.conf ># sguil/files/patch-server__snort_agent ># sguil/files/patch-sensor__pads_agent.tcl ># sguil/pkg-plist ># >echo c - sguil >mkdir -p sguil > /dev/null 2>&1 >echo x - sguil/Makefile >sed 's/^X//' >sguil/Makefile << '54ef8976c619a5ba9b9bb2b642d785b8' >X# Created by: Muhammad Moinur Rahman <5u623l20@gmail.com> >X# $FreeBSD:$ >X >XPORTNAME= sguil >XPORTVERSION= 0.9.0 >XCATEGORIES= security >X >XMAINTAINER= 5u623l20@gmail.com >XCOMMENT= Sguil is a network security monitoring program >X >XLICENSE= GPLv3 >X >XRUN_DEPENDS= tcltls>=0:${PORTSDIR}/devel/tcltls \ >X ${LOCALBASE}/lib/tclx8.4/tclx.tcl:${PORTSDIR}/lang/tclX >X >XUSE_GITHUB= yes >XGH_ACCOUNT= bammv >XGH_PROJECT= ${USERS} >XGH_TAGNAME= ${GH_COMMIT} >XGH_COMMIT= 0b16167 >X >XOPTIONS_DEFINE= DOCS >XOPTIONS_DEFAULT= SERVER CLIENT SENSOR >XOPTIONS_MULTI= INSTANCE >XOPTIONS_MULTI_INSTANCE= SERVER CLIENT SENSOR >XOPTIONS_GROUP= SERVER CLIENT SENSOR >XOPTIONS_GROUP_SERVER= MYSQL >XOPTIONS_GROUP_CLIENT= AUDIO SANCP WIRESHARK >XOPTIONS_GROUP_SENSOR= PADS_SENSOR SANCP_SENSOR >XOPTIONS_SUB= yes >XSERVER_DESC= Install Sguil Server >XCLIENT_DESC= Install Sguil Client >XSENSOR_DESC= Install Sguil SENSOR >XMYSQL_DESC= Depend on databases/mysqltcl >XAUDIO_DESC= Install Festival Speech Synthesis >XSANCP_DESC= Use sancp >XPADS_SENSOR_DESC= Include pads sensor >XSANCP_SENSOR_DESC= Include sancp sensor >XWIRESHARK_DESC= Install wireshark >XSERVER_RUN_DEPENDS= p0f:${PORTSDIR}/net-mgmt/p0f \ >X tcpflow:${PORTSDIR}/net/tcpflow \ >X dtplite:${PORTSDIR}/devel/tcllib >XCLIENT_RUN_DEPENDS= dtplite:${PORTSDIR}/devel/tcllib \ >X ${LOCALBASE}/lib/iwidgets/iwidgets.tcl:${PORTSDIR}/x11-toolkits/iwidgets \ >X gpg2:${PORTSDIR}/security/gnupg >XSENSOR_RUN_DEPENDS= barnyard2:${PORTSDIR}/security/barnyard2-sguil >XCLIENT_USES= tk:wrapper >XMYSQL_LIB_DEPENDS= libmysqltcl3.052.so:${PORTSDIR}/databases/mysqltcl >XAUDIO_RUN_DEPENDS= festival:${PORTSDIR}/audio/festival >XSANCP_RUN_DEPENDS= sancp:${PORTSDIR}/security/sancp >XPADS_SENSOR_RUN_DEPENDS= pads:${PORTSDIR}/net-mgmt/pads >XSANCP_SENSOR_RUN_DEPENDS+= sancp:${PORTSDIR}/security/sancp >XWIRESHARK_RUN_DEPENDS= wireshark:${PORTSDIR}/net/wireshark >X >XNO_BUILD= yes >XTCL_VER= 8.5 >XTCLSH= tclsh${TCL_VER} >XSERVER_SGUILDIR?= sguild >XCLIENT_SGUILDIR?= sguil-client >XSENSOR_SGUILDIR?= sguil-sensor >XPLIST_SUB= SERVER_SGUILDIR=${SERVER_SGUILDIR} CLIENT_SGUILDIR=${CLIENT_SGUILDIR} \ >X SENSOR_SGUILDIR=${SENSOR_SGUILDIR} >XSUB_FILES= pkg-message-server pkg-message-client pkg-message-sensor >XSUB_LIST= SERVER_SGUILDIR=${SERVER_SGUILDIR} TCLSH=${TCLSH} CLIENT_SGUILDIR=${CLIENT_SGUILDIR} \ >X SENSOR_SGUILDIR=${SENSOR_SGUILDIR} >XSERVER_CONFS= autocat.conf sguild.access sguild.email sguild.reports sguild.conf sguild.queries sguild.users >XCLIENT_LIBFILES= SguilUtil.tcl dkffont.tcl email17.tcl extdata.tcl sellib.tcl sancp.tcl \ >X sound.tcl guilib.tcl qrybuild.tcl qrylib.tcl report.tcl stdquery.tcl whois.tcl >XSENSOR_AGENTS= pcap_agent.tcl snort_agent.tcl >XSENSOR_CONFS= pcap_agent.conf snort_agent.conf >XLOG_SCRIPTS= log_packets-daemonlogger.sh log_packets.sh >XUSERS= sguil >XGROUPS= sguil >X >XPORTDOCS= ${COMMON_DOCS:S|^doc/||} >XCOMMON_DOCS= doc/CHANGES doc/FAQ doc/INSTALL doc/INSTALL.openbsd \ >X doc/OPENSSL.README doc/TODO doc/UPGRADE doc/USAGE doc/sguildb.dia >X >X.include <bsd.port.options.mk> >X >X.if ${PORT_OPTIONS:MSERVER} >XUSE_RC_SUBR+= sguild >X.endif >X >X.if ${PORT_OPTIONS:MSENSOR} >XUSE_RC_SUBR+= pcap_agent snort_agent >XWITH_PCRE= true >XPORTDOCS+= README.daemonlogger >X.if ${PORT_OPTIONS:MSANCP_SENSOR} >XSENSOR_AGENTS+= sancp_agent.tcl pcap_agent-sancp.tcl >XSENSOR_CONFS+= sancp_agent.conf sancp-indexed.conf pcap_agent-sancp.conf >XUSE_RC_SUBR+= sancp_agent pcap_agent-sancp >XPORTDOCS+= README.sancp_indexed_pcap >X.endif >X.if ${PORT_OPTIONS:MPADS_SENSOR} >XSENSOR_AGENTS+= pads_agent.tcl >XSENSOR_CONFS+= pads_agent.conf >XUSE_RC_SUBR+= pads_agent >X.endif >X.endif >X >Xpost-patch: >X.if ${PORT_OPTIONS:MSERVER} >X @${REINPLACE_CMD} 's|/bin/sh|/usr/local/bin/${TCLSH}|' \ >X ${WRKSRC}/server/sguild >X @${MKDIR} ${STAGEDIR}${PREFIX}/etc/${SERVER_SGUILDIR} >X @${MKDIR} ${STAGEDIR}${PREFIX}/lib/${SERVER_SGUILDIR} >X @${MKDIR} ${STAGEDIR}${PREFIX}/share/${SERVER_SGUILDIR} >X @${MKDIR} ${STAGEDIR}${PREFIX}/share/${SERVER_SGUILDIR}/contrib >X.endif >X.if ${PORT_OPTIONS:MCLIENT} >X @${MKDIR} ${STAGEDIR}${PREFIX}/bin/${CLIENT_SGUILDIR} >X @${MKDIR} ${STAGEDIR}${PREFIX}/bin/${CLIENT_SGUILDIR}/lib >X @${MKDIR} ${STAGEDIR}${PREFIX}/bin/${CLIENT_SGUILDIR}/images >X.endif >X.if ${PORT_OPTIONS:MSENSOR} >X.for f in ${SENSOR_AGENTS} >X @${REINPLACE_CMD} 's|/bin/sh|${PREFIX}/bin/${TCLSH}|' \ >X ${WRKSRC}/sensor/${f} >X.endfor >X.endif >X >Xdo-install: >X.if ${PORT_OPTIONS:MSERVER} >X (cd ${WRKSRC}/server/lib && ${COPYTREE_BIN} \* ${STAGEDIR}${PREFIX}/lib/${SERVER_SGUILDIR}) >X (cd ${WRKSRC}/server/sql_scripts && ${COPYTREE_SHARE} \* ${STAGEDIR}${PREFIX}/share/${SERVER_SGUILDIR}) >X (cd ${WRKSRC}/server/contrib && ${COPYTREE_SHARE} \* ${STAGEDIR}${PREFIX}/share/${SERVER_SGUILDIR}/contrib) >X.for f in sguild >X ${INSTALL_SCRIPT} -m 555 ${WRKSRC}/server/${f} ${STAGEDIR}${PREFIX}/bin/${f} >X.endfor >X.for f in ${SERVER_CONFS} >X ${INSTALL_DATA} -m 441 ${WRKSRC}/server/${f} ${STAGEDIR}${PREFIX}/etc/${SERVER_SGUILDIR}/${f}-sample >X.endfor >X.endif >X >X.if ${PORT_OPTIONS:MCLIENT} >X ${INSTALL_SCRIPT} -m 751 ${WRKSRC}/client/sguil.tk \ >X ${STAGEDIR}${PREFIX}/bin/${CLIENT_SGUILDIR}/sguil.tk >X.for f in sguil.conf >X ${INSTALL_DATA} ${WRKSRC}/client/${f} \ >X ${STAGEDIR}${PREFIX}/etc/${f}-sample >X.endfor >X >X.for f in ${CLIENT_LIBFILES} >X ${INSTALL_DATA} ${WRKSRC}/client/lib/${f} ${STAGEDIR}${PREFIX}/bin/${CLIENT_SGUILDIR}/lib/${f} >X.endfor >X.for f in sguil_logo_h.gif checked.gif unchecked.gif >X ${INSTALL_DATA} ${WRKSRC}/client/lib/images/${f} \ >X ${STAGEDIR}${PREFIX}/bin/${CLIENT_SGUILDIR}/images/${f} >X.endfor >X (cd ${WRKSRC}/client/lib/tablelist5.11 && ${COPYTREE_SHARE} \* \ >X ${STAGEDIR}${PREFIX}/bin/${CLIENT_SGUILDIR}/lib/tablelist5.11/) >X.endif >X >X.if ${PORT_OPTIONS:MSENSOR} >X @${MKDIR} ${STAGEDIR}${PREFIX}/bin/${SENSOR_SGUILDIR} >X @${MKDIR} ${STAGEDIR}${PREFIX}/etc/${SENSOR_SGUILDIR} >X @${MKDIR} ${STAGEDIR}${PREFIX}/share/${SENSOR_SGUILDIR} >X @${MKDIR} ${STAGEDIR}${PREFIX}/share/${SENSOR_SGUILDIR}/contrib >X @${MKDIR} ${STAGEDIR}${PREFIX}/share/${SENSOR_SGUILDIR}/init >X (cd ${WRKSRC}/sensor/contrib && ${COPYTREE_SHARE} \* ${STAGEDIR}${PREFIX}/share/${SENSOR_SGUILDIR}/contrib "! -name ossec_agent.tcl.orig") >X (cd ${WRKSRC}/sensor/init && ${COPYTREE_SHARE} \* ${STAGEDIR}${PREFIX}/share/${SENSOR_SGUILDIR}/init) >X.for f in ${SENSOR_AGENTS} >X ${INSTALL_SCRIPT} -m 751 ${WRKSRC}/sensor/${f} \ >X ${STAGEDIR}${PREFIX}/bin/${SENSOR_SGUILDIR}/${f} >X.endfor >X.for f in ${LOG_SCRIPTS} >X ${INSTALL_SCRIPT} -m 751 ${WRKSRC}/sensor/${f} \ >X ${STAGEDIR}${PREFIX}/bin/${SENSOR_SGUILDIR}/${f} >X.endfor >X.for f in ${SENSOR_CONFS} >X ${INSTALL_DATA} ${WRKSRC}/sensor/${f} \ >X ${STAGEDIR}${PREFIX}/etc/${SENSOR_SGUILDIR}/${f}-sample >X.endfor >X.if ${PORT_OPTIONS:MSANCP_SENSOR} >X.for f in log_packets-sancp.sh >X ${INSTALL_SCRIPT} -m 751 ${WRKSRC}/sensor/${f} \ >X ${STAGEDIR}${PREFIX}/bin/${SENSOR_SGUILDIR}/${f} >X.endfor >X.for f in sancp.conf >X ${INSTALL_DATA} ${WRKSRC}/sensor/sancp/${f} \ >X ${STAGEDIR}${PREFIX}/etc/${SENSOR_SGUILDIR}/${f}-sample >X.endfor >X.endif >X.endif >X >X.if ${PORT_OPTIONS:MDOCS} >X @${MKDIR} ${STAGEDIR}${DOCSDIR} >X ${INSTALL_DATA} ${COMMON_DOCS:S|^|${WRKSRC}/|} ${STAGEDIR}${DOCSDIR} >X.if ${PORT_OPTIONS:MSENSOR} >X ${INSTALL_DATA} ${WRKSRC}/sensor/README.daemonlogger ${STAGEDIR}${DOCSDIR} >X.if ${PORT_OPTIONS:MSANCP_SENSOR} >X ${INSTALL_DATA} ${WRKSRC}/sensor/README.sancp_indexed_pcap ${STAGEDIR}${DOCSDIR} >X.endif >X.endif >X.endif >X >Xpost-install: >X.if ${PORT_OPTIONS:MSERVER} >X @${CAT} ${WRKDIR}/pkg-message-server >X.endif >X.if ${PORT_OPTIONS:MCLIENT} >X @${CAT} ${WRKDIR}/pkg-message-client >X.endif >X.if ${PORT_OPTIONS:MCLIENT} >X @${CAT} ${WRKDIR}/pkg-message-sensor >X.endif >X >X.include <bsd.port.mk> >54ef8976c619a5ba9b9bb2b642d785b8 >echo x - sguil/distinfo >sed 's/^X//' >sguil/distinfo << '70d250fba123fdd72fe81180a9d85f11' >XSHA256 (sguil-0.9.0.tar.gz) = e83f664673a6c44efec8b0a765a41b00a00830ba02a058d4c0663c915f95c8ee >XSIZE (sguil-0.9.0.tar.gz) = 464313 >70d250fba123fdd72fe81180a9d85f11 >echo x - sguil/pkg-descr >sed 's/^X//' >sguil/pkg-descr << '6d22fa4db3a7254c1a6d51ea4b362157' >XSguil (pronounced sgweel) is built by network security analysts for network >Xsecurity analysts. Sguil's main component is an intuitive GUI that provides >Xaccess to realtime events, session data, and raw packet captures. Sguil >Xfacilitates the practice of Network Security Monitoring and event driven >Xanalysis. The Sguil client is written in tcl/tk and can be run on any operating >Xsystem that supports tcl/tk (including Linux, *BSD, Solaris, MacOS, and Win32). >X >XWWW: https://bammv.github.io/sguil/ >6d22fa4db3a7254c1a6d51ea4b362157 >echo c - sguil/files >mkdir -p sguil/files > /dev/null 2>&1 >echo x - sguil/files/patch-server__lib__SguildLoaderd.tcl >sed 's/^X//' >sguil/files/patch-server__lib__SguildLoaderd.tcl << '5a60a632a8b78dd305cad47fff1f60e5' >X--- server/lib/SguildLoaderd.tcl.orig 2012-10-12 21:07:19.000000000 +0000 >X+++ server/lib/SguildLoaderd.tcl 2012-10-12 21:15:06.000000000 +0000 >X@@ -220,7 +220,7 @@ >X } else { >X # Make sure its a MERGE table and not the old monster >X set tableStatus [mysqlsel $LOADERD_DB_ID {SHOW TABLE STATUS LIKE 'sancp'} -flatlist] >X- if { $tableStatus != "" && ![ string equal -nocase [lindex $tableStatus 1] "MRG_MyISAM" ] } { >X+ if { $tableStatus != "" && ![ string equal -nocase [lindex $tableStatus 1] "MRG_MYISAM" ] } { >X >X ErrorMessage "ERROR: loaderd: You appear to be using an old version of the\n\ >X sguil database schema that does not support the MERGE sancp\n\ >5a60a632a8b78dd305cad47fff1f60e5 >echo x - sguil/files/pads_agent.in >sed 's/^X//' >sguil/files/pads_agent.in << '0e48fbe574737cd243589190fd6e81a1' >X#!/bin/sh >X >X# $FreeBSD: head/security/sguil-sensor/files/pads_agent.in 312466 2013-02-18 00:56:47Z miwi $ >X >X# PROVIDE: pads_agent >X# REQUIRE: DAEMON >X# KEYWORD: shutdown >X >X# Add the following line to /etc/rc.conf to enable pads_agent: >X# pads_agent_enable (bool): Set to YES to enable pads_agent >X# Default: NO >X# pads_agent_conf (str): Pads_agent configuration file >X# Default: %%PREFIX%%/etc/%%SGUILDIR%%/pads_agent.conf >X# pads_agent_flags (str): Default: -D >X# >X >X. /etc/rc.subr >X >Xname="pads_agent" >Xrcvar=${name}_enable >Xload_rc_config ${name} >X >X#set defaults >X: ${pads_agent_enable:="NO"} >X: ${pads_agent_conf:="%%PREFIX%%/etc/%%SGUILDIR%%/pads_agent.conf"} >X: ${pads_agent_flags:="-D -c ${pads_agent_conf}"} >X >Xcommand="%%PREFIX%%/bin/%%SGUILDIR%%/pads_agent.tcl" >Xprocname="%%PREFIX%%/bin/%%TCLSH%%" >Xpidfile="/var/run/${name}.pid" >X >Xstart_precmd="pads_agent_ck4fifo" >Xstop_postcmd="pads_agent_rmfifo" >X >Xpads_agent_ck4fifo() >X{ >X LOG_DIR=`grep "LOG_DIR " ${pads_agent_conf} | awk '{print $3}'` >X HOSTNAME=`grep "HOSTNAME " ${pads_agent_conf} | awk '{print $3}'` >X PADS_FIFO=${LOG_DIR}/${HOSTNAME}/pads.fifo >X >X if [ ! -p ${PADS_FIFO} ]; then >X echo "${PADS_FIFO} does not exist. Creating now....." >X /usr/bin/mkfifo ${PADS_FIFO} >X fi >X echo "Checking for ${PADS_FIFO}...." >X if [ -p ${PADS_FIFO} ]; then >X echo "Confirmed! ${PADS_FIFO} exists." >X else >X echo "I tried to create ${PADS_FIFO} and failed." >X echo "You will need to create it manually before starting ${name}." >X fi >X} >X >Xpads_agent_rmfifo() >X{ >X LOG_DIR=`grep "LOG_DIR " ${pads_agent_conf} | awk '{print $3}'` >X HOSTNAME=`grep "HOSTNAME " ${pads_agent_conf} | awk '{print $3}'` >X PADS_FIFO=${LOG_DIR}/${HOSTNAME}/pads.fifo >X >X if [ -p ${PADS_FIFO} ]; then >X /bin/rm ${PADS_FIFO} >X echo "Removing ${PADS_FIFO}...." >X fi >X} >X >Xrun_rc_command "$1" >0e48fbe574737cd243589190fd6e81a1 >echo x - sguil/files/sancp_agent.in >sed 's/^X//' >sguil/files/sancp_agent.in << '3bbf5e22773c1306bb2f0f9afd576e1a' >X#!/bin/sh >X >X# $FreeBSD: head/security/sguil-sensor/files/sancp_agent.in 312466 2013-02-18 00:56:47Z miwi $ >X >X# PROVIDE: sancp_agent >X# REQUIRE: DAEMON >X# KEYWORD: shutdown >X >X# Add the following line to /etc/rc.conf to enable sancp_agent: >X# sancp_agent_enable (bool): Set to YES to enable sancp_agent >X# Default: NO >X# sancp_agent_conf (str): Sancp_agent configuration file >X# Default: %%PREFIX%%/etc/%%SGUILDIR%%/sancp_agent.conf >X# sancp_agent_flags (str): Default: -D >X# >X >X. /etc/rc.subr >X >Xname="sancp_agent" >Xrcvar=sancp_agent_enable >Xload_rc_config sancp_agent >X >X#set defaults >X: ${sancp_agent_enable:="NO"} >X: ${sancp_agent_conf:="%%PREFIX%%/etc/%%SGUILDIR%%/sancp_agent.conf"} >X: ${sancp_agent_flags:="-D -c ${sancp_agent_conf}"} >X >Xcommand="%%PREFIX%%/bin/%%SGUILDIR%%/sancp_agent.tcl" >Xprocname="%%PREFIX%%/bin/%%TCLSH%%" >Xpidfile="/var/run/${name}.pid" >X >Xrun_rc_command "$1" >3bbf5e22773c1306bb2f0f9afd576e1a >echo x - sguil/files/patch-sensor__contrib__ossec_agent__ossec_agent.tcl >sed 's/^X//' >sguil/files/patch-sensor__contrib__ossec_agent__ossec_agent.tcl << 'c7047a5bc5c9ab482781cd49053371ed' >X--- sensor/contrib/ossec_agent/ossec_agent.tcl.orig 2012-12-17 22:47:18.000000000 +0000 >X+++ sensor/contrib/ossec_agent/ossec_agent.tcl 2012-12-17 22:48:45.000000000 +0000 >X@@ -1,6 +1,4 @@ >X #!/bin/sh >X-# Run tcl from users PATH \ >X-exec tclsh "$0" "$@" >X >X # OSSEC agent for Sguil 0.7.0. Based on the "example_agent.tcl" code >X # distributed with sguil. >X@@ -593,9 +591,9 @@ >X if { ![info exists CONF_FILE] } { >X >X # No conf file specified check the defaults >X- if { [file exists /etc/ossec_agent.conf] } { >X+ if { [file exists /usr/local/etc/sguil-sensor/ossec_agent.conf] } { >X >X- set CONF_FILE /etc/ossec_agent.conf >X+ set CONF_FILE /usr/local/etc/sguil-sensor/ossec_agent.conf >X >X } elseif { [file exists ./ossec_agent.conf] } { >X >X@@ -604,7 +602,7 @@ >X } else { >X >X puts "Couldn't determine where the ossec_agent.tcl config file is" >X- puts "Looked for /etc/ossec_agent.conf and ./ossec_agent.conf." >X+ puts "Looked for /usr/local/etc/sguil-sensor/ossec_agent.conf and ./ossec_agent.conf." >X DisplayUsage $argv0 >X >X } >c7047a5bc5c9ab482781cd49053371ed >echo x - sguil/files/patch-sensor__pcap_agent-sancp.tcl >sed 's/^X//' >sguil/files/patch-sensor__pcap_agent-sancp.tcl << '16009c47949e63cf716864d8d0610e40' >X--- sensor/pcap_agent-sancp.tcl.orig 2012-12-17 22:36:43.000000000 +0000 >X+++ sensor/pcap_agent-sancp.tcl 2012-12-17 22:38:22.000000000 +0000 >X@@ -1,6 +1,4 @@ >X #!/bin/sh >X-# Run tcl from users PATH \ >X-exec tclsh "$0" "$@" >X >X # $Id: pcap_agent-sancp.tcl,v 1.2 2008/05/29 19:25:50 hanashi Exp $ # >X >X@@ -754,13 +752,13 @@ >X } >X >X # Parse the config file here >X-# Default location is /etc/pcap_agent.conf or pwd >X+# Default location is /usr/local/etc/sguil-sensor/pcap_agent.conf or pwd >X if { ![info exists CONF_FILE] } { >X >X # No conf file specified check the defaults >X- if { [file exists /etc/pcap_agent.conf] } { >X+ if { [file exists /usr/local/etc/sguil-sensor/pcap_agent.conf] } { >X >X- set CONF_FILE /etc/pcap_agent.conf >X+ set CONF_FILE /usr/local/etc/sguil-sensor/pcap_agent.conf >X >X } elseif { [file exists ./pcap_agent.conf] } { >X >X@@ -769,7 +767,7 @@ >X } else { >X >X puts "Couldn't determine where the pcap_agent.tcl config file is" >X- puts "Looked for /etc/pcap_agent.conf and ./pcap_agent.conf." >X+ puts "Looked for /usr/local/etc/sguil-sensor/pcap_agent.conf and ./pcap_agent.conf." >X DisplayUsage $argv0 >X >X } >16009c47949e63cf716864d8d0610e40 >echo x - sguil/files/patch-server__lib__SguildMysqlMerge.tcl >sed 's/^X//' >sguil/files/patch-server__lib__SguildMysqlMerge.tcl << '7986b40972a849565b8c2c4b8c0139bc' >X--- server/lib/SguildMysqlMerge.tcl.orig 2012-10-12 21:18:22.000000000 +0000 >X+++ server/lib/SguildMysqlMerge.tcl 2012-10-12 21:19:41.000000000 +0000 >X@@ -9,7 +9,7 @@ >X set tmpQry "SHOW TABLE STATUS LIKE '$tableName'" >X set tableStatus [mysqlsel $MAIN_DB_SOCKETID $tmpQry -flatlist] >X >X- if { $tableStatus != "" && ![ string equal -nocase [lindex $tableStatus 1] "MRG_MyISAM" ] } { >X+ if { $tableStatus != "" && ![ string equal -nocase [lindex $tableStatus 1] "MRG_MYISAM" ] } { >X >X # Non MERGE table found. >X set errorMsg "\n*************************************************************\n >7986b40972a849565b8c2c4b8c0139bc >echo x - sguil/files/patch-sensor__sancp_agent.tcl >sed 's/^X//' >sguil/files/patch-sensor__sancp_agent.tcl << '662c8c55caeca0236f4252d64ccacbc2' >X--- sensor/sancp_agent.tcl.orig 2012-12-17 22:43:39.000000000 +0000 >X+++ sensor/sancp_agent.tcl 2012-12-17 22:44:56.000000000 +0000 >X@@ -1,6 +1,4 @@ >X #!/bin/sh >X-# Run tcl from users PATH \ >X-exec tclsh "$0" "$@" >X >X # $Id: sancp_agent.tcl,v 1.15 2011/03/10 22:03:33 bamm Exp $ # >X >X@@ -582,16 +580,16 @@ >X } >X } >X # Parse the config file here >X-# Default location is /etc/sancp_agent.conf or pwd >X+# Default location is /usr/local/etc/sguil-sensor/sancp_agent.conf or pwd >X if { ![info exists CONF_FILE] } { >X # No conf file specified check the defaults >X- if { [file exists /etc/sancp_agent.conf] } { >X- set CONF_FILE /etc/sancp_agent.conf >X+ if { [file exists /usr/local/etc/sguil-sensor/sancp_agent.conf] } { >X+ set CONF_FILE /usr/local/etc/sguil-sensor/sancp_agent.conf >X } elseif { [file exists ./sancp_agent.conf] } { >X set CONF_FILE ./sancp_agent.conf >X } else { >X puts "Couldn't determine where the sancp_agent.tcl config file is" >X- puts "Looked for /etc/sancp_agent.conf and ./sancp_agent.conf." >X+ puts "Looked for /usr/local/etc/sguil-sensor/sancp_agent.conf and ./sancp_agent.conf." >X DisplayUsage $argv0 >X } >X } >662c8c55caeca0236f4252d64ccacbc2 >echo x - sguil/files/patch-server__sguild.conf >sed 's/^X//' >sguil/files/patch-server__sguild.conf << '80a098595ab71fd076f2edbf1da54ac2' >X--- server/sguild.conf.orig 2008-04-03 17:47:18.000000000 -0500 >X+++ server/sguild.conf 2008-04-03 17:53:11.000000000 -0500 >X@@ -1,7 +1,7 @@ >X # $Id: sguild.conf,v 1.29 2006/06/02 20:40:57 bamm Exp $ # >X >X # Path the sguild libs >X-set SGUILD_LIB_PATH ./lib >X+set SGUILD_LIB_PATH /usr/local/lib/sguild >X >X # DEBUG 0=off 1=important stuff 2=everything. Option 2 is VERY chatty. >X set DEBUG 2 >X@@ -63,7 +63,7 @@ >X >X # You MUST have tcpflow installed to get xscripts >X # http://www.circlemud.org/~jelson/software/tcpflow/ >X-set TCPFLOW "/usr/bin/tcpflow" >X+set TCPFLOW "/usr/local/bin/tcpflow" >X >X # p0f - (C) Michal Zalewski <lcamtuf@gis.net>, William Stearns <wstearns@pobox.com> >X # If you have p0f (a passive OS fingerprinting system) installed, you can have >X@@ -74,6 +74,6 @@ >X >X # Path the the p0f binary. Switches -q and -s <filename> are appended on exec, >X # add any others you may need here. >X-set P0F_PATH "/usr/sbin/p0f" >X+set P0F_PATH "/usr/local/bin/p0f" >X >X # Email config moved to sguild.email >80a098595ab71fd076f2edbf1da54ac2 >echo x - sguil/files/patch-server__sql_scripts__sancp_cleanup.tcl >sed 's/^X//' >sguil/files/patch-server__sql_scripts__sancp_cleanup.tcl << '2f2f993b9884cd0689e7e85d4128e69d' >X--- server/sql_scripts/sancp_cleanup.tcl.orig 2011-08-11 20:31:07.000000000 +0000 >X+++ server/sql_scripts/sancp_cleanup.tcl 2011-08-11 20:31:26.000000000 +0000 >X@@ -214,7 +214,7 @@ >X INDEX dst_port (dst_port), \ >X INDEX src_port (src_port), \ >X INDEX start_time (start_time) \ >X- ) TYPE=MERGE UNION=([join $tmpTables ,]) \ >X+ ) ENGINE=MERGE UNION=([join $tmpTables ,]) \ >X " >X # Create our MERGE sancp table >X mysqlexec $dbSocketID $createQuery >2f2f993b9884cd0689e7e85d4128e69d >echo x - sguil/files/example_agent.in >sed 's/^X//' >sguil/files/example_agent.in << '1a0c22b90c3c36362271c2a6603db7d0' >X#!/bin/sh >X >X# $FreeBSD: head/security/sguil-sensor/files/example_agent.in 340872 2014-01-24 00:14:07Z mat $ >X >X# PROVIDE: example_agent >X# REQUIRE: DAEMON >X# KEYWORD: shutdown >X >X# Add the following line to /etc/rc.conf to enable example_agent: >X# example_agent_enable (bool): Set to YES to enable example_agent >X# Default: NO >X# example_agent_conf (str): Example_agent configuration file >X# Default: %%PREFIX%%/etc/%%SGUILDIR%%/example_agent.conf >X# example_agent_flags (str): Default: -D >X# >X >X. /etc/rc.subr >X >Xload_rc_config example_agent >X >X#set defaults >Xexample_agent_enable=${example_agent_enable:-"NO"} >Xexample_agent_conf=${example_agent_conf:-"%%PREFIX%%/etc/%%SGUILDIR%%/example_agent.conf"} >Xexample_agent_flags=${example_agent_flags:-"-D"} >X >Xname="example_agent" >Xrcvar=example_agent_enable >Xcommand="%%PREFIX%%/bin/%%SGUILDIR%%/example_agent.tcl" >Xcommand_args="-c ${example_agent_conf} ${example_agent_flags}" >Xprocname="%%PREFIX%%/bin/tclsh8.4" >Xpidfile="/var/run/${name}.pid" >Xcheck_pidfile="${pidfile} ${procname} /bin/sh" >X >Xrun_rc_command "$1" >1a0c22b90c3c36362271c2a6603db7d0 >echo x - sguil/files/patch-sensor__pcap_agent.tcl >sed 's/^X//' >sguil/files/patch-sensor__pcap_agent.tcl << '59ca5fd34363d6f0bacd1ee809f17afa' >X--- sensor/pcap_agent.tcl.orig 2012-12-17 22:31:44.000000000 +0000 >X+++ sensor/pcap_agent.tcl 2012-12-17 22:42:50.000000000 +0000 >X@@ -1,6 +1,4 @@ >X #!/bin/sh >X-# Run tcl from users PATH \ >X-exec tclsh "$0" "$@" >X >X # $Id: pcap_agent.tcl,v 1.13 2011/03/10 22:03:33 bamm Exp $ # >X >X@@ -771,13 +769,13 @@ >X } >X >X # Parse the config file here >X-# Default location is /etc/pcap_agent.conf or pwd >X+# Default location is /usr/local/etc/sguil-sensor/pcap_agent.conf or pwd >X if { ![info exists CONF_FILE] } { >X >X # No conf file specified check the defaults >X- if { [file exists /etc/pcap_agent.conf] } { >X+ if { [file exists /usr/local/etc/sguil-sensor/pcap_agent.conf] } { >X >X- set CONF_FILE /etc/pcap_agent.conf >X+ set CONF_FILE /usr/local/etc/sguil-sensor/pcap_agent.conf >X >X } elseif { [file exists ./pcap_agent.conf] } { >X >X@@ -786,7 +784,7 @@ >X } else { >X >X puts "Couldn't determine where the pcap_agent.tcl config file is" >X- puts "Looked for /etc/pcap_agent.conf and ./pcap_agent.conf." >X+ puts "Looked for /usr/local/etc/sguil-sensor/pcap_agent.conf and ./pcap_agent.conf." >X DisplayUsage $argv0 >X >X } >59ca5fd34363d6f0bacd1ee809f17afa >echo x - sguil/files/pkg-message-sensor.in >sed 's/^X//' >sguil/files/pkg-message-sensor.in << '0732711dbf0ccbb3b661a7a2faea892e' >X *********************************** >X * !!!!!!!!!!! WARNING !!!!!!!!!!! * >X *********************************** >X >XIf you already had barnyard2 installed, this port will NOT deinstall >Xit and install the barnyard2-sguil port instead. You will need to >Xdeinstall the barnyard2 port and install the barnyard2-sguil port yourself >Xinstead. This port WILL NOT WORK without the barnyard2-sguil port!! >X >XSee the %%DOCSDIR%%/INSTALL doc for details on the >Xconfiguration and for croning the script. >X >XWARNING!!! Sguil et al will fill up your /tmp directory very >Xquickly. You should probably configure sguil et al to log to >Xanother partition/location (e.g. /nsm/tmp/). >X >XYou must ALSO edit all of the sensor conf files (located in >X%%PREFIX%%/%%SENSOR_SGUILDIR%%/etc/) to reflect your configuration before >Xstarting the sensor_agents. >X >XA number of ancilliary things have been installed in >X%%PREFIX%%/share/%%SENSOR_SGUILDIR%%. >X >XIf you chose to run sancp, and you already had a sancp.conf file in >X%%PREFIX%%/etc, copy it to sancp.conf.orig before creating the new one. >XThe new sancp.conf-sample file contains the settings for squil. NOTE: >Xthe conf file is for sancp 1.5.3. It may need additional edits to work >Xwith the current ports version of sancp. If you still want to maintain >Xthe customized sancp.conf file, then copy the new sancp.conf-sample >Xfile to sguild-sancp.conf (for example) and add >Xsancp_conf=%%PREFIX%%/etc/sguild-sancp.conf to /etc/rc.conf. >0732711dbf0ccbb3b661a7a2faea892e >echo x - sguil/files/snort_agent.in >sed 's/^X//' >sguil/files/snort_agent.in << 'e49561efeb6c3e3535aaf8ed4053f4e6' >X#!/bin/sh >X >X# $FreeBSD: head/security/sguil-sensor/files/snort_agent.in 312466 2013-02-18 00:56:47Z miwi $ >X >X# PROVIDE: snort_agent >X# REQUIRE: DAEMON >X# KEYWORD: shutdown >X >X# Add the following line to /etc/rc.conf to enable snort_agent: >X# snort_agent_enable (bool): Set to YES to enable snort_agent >X# Default: NO >X# snort_agent_conf (str): Snort_agent configuration file >X# Default: %%PREFIX%%/etc/%%SGUILDIR%%/snort_agent.conf >X# snort_agent_flags (str): Default: -D >X# >X >X. /etc/rc.subr >X >Xname="snort_agent" >Xrcvar=snort_agent_enable >Xload_rc_config snort_agent >X >X#set defaults >X: ${snort_agent_enable:="NO"} >X: ${snort_agent_conf:="%%PREFIX%%/etc/%%SGUILDIR%%/snort_agent.conf"} >X: ${snort_agent_flags:="-D -c ${snort_agent_conf}"} >X >Xcommand="%%PREFIX%%/bin/%%SGUILDIR%%/snort_agent.tcl" >Xprocname="%%PREFIX%%/bin/%%TCLSH%%" >Xpidfile="/var/run/${name}.pid" >X >Xrun_rc_command "$1" >e49561efeb6c3e3535aaf8ed4053f4e6 >echo x - sguil/files/pkg-message-server.in >sed 's/^X//' >sguil/files/pkg-message-server.in << 'f9a04ae5cfce508921a72d9e0cbe5a35' >XSguil-server >X============ >XIf you had existing config files in %%PREFIX%%/etc/%%SERVER_SGUILDIR%% >Xthey were not overwritten. If this is a first time install, you >Xmust copy the sample files to the corresponding conf file and >Xedit the various config files for your site. See the INSTALL >Xdoc in %%DOCSDIR%% for details. If this is an upgrade, replace >Xyour existing conf file with the new one and edit accordingly >X >XThe sql scripts for creating database tables were placed in >Xthe %%PREFIX%%/share/%%SERVER_SGUILDIR%%/ directory. PLEASE >Xnote LOG_DIR is not set by this install. You MUST create the >Xcorrect LOG_DIRS and put a copy of the snort rules you use in >XLOG_DIR/rules. >X >XThe sguild program was placed in %%PREFIX%%/bin/. >X >XSome contributed scripts were placed in >X%%PREFIX%%/share/%%SERVER_SGUILDIR%%/contrib >X >XA startup script, named sguild was installed in >X%%PREFIX%%/etc/rc.d/. To enable it, edit /etc/rc.conf >Xper the instructions in the script. >X >XNOTE. You MUST create a directory /var/run/%%SERVER_SGUILDIR%%, and set the ownership >Xto user guil group sguil >XYou MUST also create certs. Here's how to do it; >XCreate the directory %%SERVER_SGUILDIR%%/certs >XSet ownership to sguil user and group. >XCreate a password-protected CA cert. >Xopenssl req -out CA.pem -new -x509 >XCreate a server certificate/key pair. >Xopenssl genrsa -out sguild.key 1024 >XCreate a certificate request to be signed by the CA. >XDO NOT password protect your server key. If you do, you will be required >Xto enter the password every time you start the server. >Xopenssl req -key sguild.key -new -out sguild.req >XIf this is the first time you've created the cert, >XCreate a serial file so your certs will have incremented serial numbers. >Xopenssl x509 -req -in sguild.req -CA CA.pem -CAAkey privkey.pem -CAcreateserial -out sguild.pem >XIf you're updating the existing cert >XUpdate the actual certificate for your server. >Xopenssl x509 -req -in sguild.req -CA CA.pem -CAkey privkey.pem -CAserial CA.sr1 -out sguild.pem >XPut the certs to the %%SERVER_SGUILDIR%%/certs directory >f9a04ae5cfce508921a72d9e0cbe5a35 >echo x - sguil/files/pkg-message-client.in >sed 's/^X//' >sguil/files/pkg-message-client.in << '0247ee0d356b8a3a8251e3d1e2eb9fb4' >XSguil-client >X============ >XSee the USAGE document in the %%DOCSDIR%% for instructions >Xon how to use the sguil client to connect to and maintain >Xthe sguil network monitoring system. >X >XNOTE: This port installs a sguil.conf-sample file in >X%%PREFIX%%/bin/%%CLIENT_SGUILDIR%%/. If you are installing this on a >Xmulti-user system, each user might want to have a >Xsguil.conf file in their home directory. Sguil.tk sources >Xthe home directory first for the sguil.conf file. >X >XThere are several items in the conf file that may need >Xediting, including the path to your web browser, the name >Xof the sguil server you connect to and possibly the port >Xyou connect to (if you're not using the default port.) >0247ee0d356b8a3a8251e3d1e2eb9fb4 >echo x - sguil/files/patch-client__sguil.tk >sed 's/^X//' >sguil/files/patch-client__sguil.tk << 'b054ba181f1268891c95e109660becc7' >X--- client/sguil.tk.orig 2012-11-15 22:24:35.000000000 +0000 >X+++ client/sguil.tk 2012-11-15 22:26:33.000000000 +0000 >X@@ -88,7 +88,7 @@ >X >X # Load iwidgets and namespaces >X if [catch {package require Iwidgets} iwidgetsVersion] { >X- puts "ERROR: Cannot fine the Iwidgets extension." >X+ puts "ERROR: Cannot find the Iwidgets extension." >X puts "The iwidgets package is part of the incr tcl extension and is" >X puts "available as a port/package most systems." >X puts "See http://www.tcltk.com/iwidgets/ for more info." >X@@ -2053,11 +2053,11 @@ >X set CONF_FILE $env(HOME)/sguil.conf >X } elseif { [file exists ./sguil.conf] } { >X set CONF_FILE ./sguil.conf >X- } elseif { [file exists /etc/sguil] &&\ >X- [file isdirectory /etc/sguil] &&\ >X- [file exists /etc/sguil/sguil.conf] &&\ >X- [file readable /etc/sguil/sguil.conf] } { >X- set CONF_FILE /etc/sguil/sguil.conf >X+ } elseif { [file exists /usr/local/etc/sguil] &&\ >X+ [file isdirectory /usr/local/etc/sguil] &&\ >X+ [file exists /usr/local/etc/sguil/sguil.conf] &&\ >X+ [file readable /usr/local/etc/sguil/sguil.conf] } { >X+ set CONF_FILE /usr/local/etc/sguil/sguil.conf >X } else { >X puts "Couldn't determine where the sguil config file is" >X puts "Looked for $env(HOME)/sguil.conf and ./sguil.conf." >b054ba181f1268891c95e109660becc7 >echo x - sguil/files/pcap_agent.in >sed 's/^X//' >sguil/files/pcap_agent.in << 'aa16ba11c08f27d1fd7ebd0618fc044f' >X#!/bin/sh >X >X# $FreeBSD: head/security/sguil-sensor/files/pcap_agent.in 312466 2013-02-18 00:56:47Z miwi $ >X >X# PROVIDE: pcap_agent >X# REQUIRE: DAEMON >X# KEYWORD: shutdown >X >X# Add the following line to /etc/rc.conf to enable pcap_agent: >X# pcap_agent_enable (bool): Set to YES to enable pcap_agent >X# Default: NO >X# pcap_agent_conf (str): Pcap_agent configuration file >X# Default: %%PREFIX%%/etc/%%SGUILDIR%%/pcap_agent.conf >X# pcap_agent_flags (str): Default: -D >X# >X >X. /etc/rc.subr >X >Xname="pcap_agent" >Xrcvar=pcap_agent_enable >Xload_rc_config pcap_agent >X >X#set defaults >X: ${pcap_agent_enable:="NO"} >X: ${pcap_agent_conf:="%%PREFIX%%/etc/%%SGUILDIR%%/pcap_agent.conf"} >X: ${pcap_agent_flags:="-D -c ${pcap_agent_conf}"} >X >Xcommand="%%PREFIX%%/bin/%%SGUILDIR%%/pcap_agent.tcl" >Xprocname="%%PREFIX%%/bin/%%TCLSH%%" >Xpidfile="/var/run/${name}.pid" >X >Xrun_rc_command "$1" >aa16ba11c08f27d1fd7ebd0618fc044f >echo x - sguil/files/patch-server__sguild >sed 's/^X//' >sguil/files/patch-server__sguild << '7a20185773a5f81846b117223ee63c29' >X--- server/sguild.orig 2014-06-23 21:54:25.595758574 +0600 >X+++ server/sguild 2014-06-23 21:59:48.122743440 +0600 >X@@ -1,6 +1,4 @@ >X #!/bin/sh >X-# Run tcl from users PATH \ >X-exec tclsh "$0" "$@" >X >X # $Id: sguild,v 1.194 2013/09/05 00:38:45 bamm Exp $ # >X >X@@ -221,7 +219,7 @@ >X ################################## >X >X # Do all priv account actions here. >X-# Open log files/etc. Privs will be dropped after. >X+# Open log files/usr/local/etc. Privs will be dropped after. >X >X if { ![info exists LOG_PATH] } { set LOG_PATH /var/log/sguild } >X >X@@ -321,7 +319,7 @@ >X # Check for certs >X if {![info exists CERTS_PATH]} { >X >X- set CERTS_PATH /etc/sguild/certs >X+ set CERTS_PATH /usr/local/etc/sguild/certs >X >X } >X >X@@ -351,13 +349,13 @@ >X >X if { ![info exists CONF_FILE] } { >X # No conf file specified check the defaults >X- if { [file exists /etc/sguild/sguild.conf] } { >X- set CONF_FILE /etc/sguild/sguild.conf >X+ if { [file exists /usr/local/etc/sguild/sguild.conf] } { >X+ set CONF_FILE /usr/local/etc/sguild/sguild.conf >X } elseif { [file exists ./sguild.conf] } { >X set CONF_FILE ./sguild.conf >X } else { >X puts "Couldn't determine where the sguil config file is" >X- puts "Looked for ./sguild.conf and /etc/sguild/sguild.conf." >X+ puts "Looked for ./sguild.conf and /usr/local/etc/sguild/sguild.conf." >X DisplayUsage $argv0 >X } >X } >X@@ -484,8 +482,8 @@ >X # Load accessfile >X if { ![info exists ACCESS_FILE] } { >X # Check the defaults >X- if { [file exists /etc/sguild/sguild.access] } { >X- set ACCESS_FILE "/etc/sguild/sguild.access" >X+ if { [file exists /usr/local/etc/sguild/sguild.access] } { >X+ set ACCESS_FILE "/usr/local/etc/sguild/sguild.access" >X } elseif { [file exists ./sguild.access] } { >X set ACCESS_FILE "./sguild.access" >X } else { >X@@ -511,8 +509,8 @@ >X #} >X # Load email config file >X if { ![info exists EMAIL_FILE] } { >X- if { [file exists /etc/sguild/sguild.email] } { >X- set EMAIL_FILE "/etc/sguild/sguild.email" >X+ if { [file exists /usr/local/etc/sguild/sguild.email] } { >X+ set EMAIL_FILE "/usr/local/etc/sguild/sguild.email" >X } else { >X set EMAIL_FILE "./sguild.email" >X } >X@@ -524,8 +522,8 @@ >X } >X # Load global queries. >X if { ![info exists GLOBAL_QRY_FILE] } { >X- if { [file exists /etc/sguild/sguild.queries] } { >X- set GLOBAL_QRY_FILE "/etc/sguild/sguild.queries" >X+ if { [file exists /usr/local/etc/sguild/sguild.queries] } { >X+ set GLOBAL_QRY_FILE "/usr/local/etc/sguild/sguild.queries" >X } else { >X set GLOBAL_QRY_FILE "./sguild.queries" >X } >X@@ -537,8 +535,8 @@ >X } >X # Load report queries. >X if { ![info exists REPORT_QRY_FILE] } { >X- if { [file exists /etc/sguild/sguild.reports] } { >X- set REPORT_QRY_FILE "/etc/sguild/sguild.reports" >X+ if { [file exists /usr/local/etc/sguild/sguild.reports] } { >X+ set REPORT_QRY_FILE "/usr/local/etc/sguild/sguild.reports" >X } else { >X set REPORT_QRY_FILE "./sguild.reports" >X } >7a20185773a5f81846b117223ee63c29 >echo x - sguil/files/patch-server__sguild.access >sed 's/^X//' >sguil/files/patch-server__sguild.access << '0784878240cca935aa332d5fad2a3114' >X--- server/sguild.access.orig 2008-04-03 17:55:46.000000000 -0500 >X+++ server/sguild.access 2008-04-03 17:56:50.000000000 -0500 >X@@ -4,7 +4,8 @@ >X # This file is used by sguild for access control. It is read upon init # >X # or when sguild receives a HUP signal. # >X # # >X-# By default, sguild will look first for /etc/sguild/sguild.access, # >X+# By default, sguild will look first for # >X+# /usr/local/etc/sguild/sguild.access, # >X # then ./sguild.access unless the -A /path/to/sguild.access switch # >X # is used. # >X # # >0784878240cca935aa332d5fad2a3114 >echo x - sguil/files/pcap_agent-sancp.in >sed 's/^X//' >sguil/files/pcap_agent-sancp.in << 'cdf08d879b33c25c28dd9b49976749b2' >X#!/bin/sh >X >X# $FreeBSD: head/security/sguil-sensor/files/pcap_agent-sancp.in 312466 2013-02-18 00:56:47Z miwi $ >X >X# PROVIDE: pcap_agent-sancp >X# REQUIRE: DAEMON >X# KEYWORD: shutdown >X >X# Add the following line to /etc/rc.conf to enable pcap_agent-sancp: >X# pcap_agent-sancp_enable (bool): Set to YES to enable pcap_agent-sancp >X# Default: NO >X# pcap_agent-sancp_conf (str): Pads_agent configuration file >X# Default: %%PREFIX%%/etc/%%SGUILDIR%%/pcap_agent-sancp.conf >X# pcap_agent-sancp_flags (str): Default: -D >X# >X >X. /etc/rc.subr >X >Xname="pcap_agent-sancp" >Xrcvar=pcap_agent-sancp_enable >Xload_rc_config pcap_agent-sancp >X >X#set defaults >X: ${pcap_agent-sancp_enable:="NO"} >X: ${pcap_agent-sancp_conf:="%%PREFIX%%/etc/%%SGUILDIR%%/pcap_agent-sancp.conf"} >X: ${pcap_agent-sancp_flags:="-D -c ${pcap_agent-sancp_conf}"} >X >Xcommand="%%PREFIX%%/bin/%%SGUILDIR%%/pcap_agent-sancp.tcl" >Xprocname="%%PREFIX%%/bin/%%TCLSH%%" >Xpidfile="/var/run/${name}.pid" >X >Xrun_rc_command "$1" >cdf08d879b33c25c28dd9b49976749b2 >echo x - sguil/files/sguild.in >sed 's/^X//' >sguil/files/sguild.in << '54fb494793b8ea3cb9d9e47d50c87b8e' >X#!/bin/sh >X >X# $FreeBSD: head/security/sguil-server/files/sguild.in 312467 2013-02-18 01:01:11Z miwi $ >X >X# PROVIDE: sguild >X# REQUIRE: DAEMON >X# KEYWORD: shutdown >X >X# Add the following lines to /etc/rc.conf to enable sguild: >X# sguild_enable (bool): Set to YES to enable sguild >X# Default: NO >X# sguild_flags (str): Extra flags passed to sguild >X# Default: -D -P ${pid} >X# sguild_conf (str): Sguild configuration file >X# Default: %%PREFIX%%/etc/%%SGUILDIR%%/sguild.conf >X# sguild_user (str): Default: sguil >X# Note: this value MUST be set in /etc/rc.conf if you do not accept the default >X# user created by the pkg-install script >X >X. /etc/rc.subr >X >Xname="sguild" >Xrcvar=sguild_enable >Xload_rc_config sguild >X# set some defaults >X: ${sguild_enable:="NO"} >X: ${sguild_conf:="%%PREFIX%%/etc/%%SGUILDIR%%/sguild.conf"} >X: ${pid:="/var/run/%%SGUILDIR%%/sguild.pid"} >X: ${sguild_flags:="-D -P ${pid}"} >X: ${sguild_user:="sguil"} >X >Xcommand="%%PREFIX%%/bin/${name}" >Xprocname="%%PREFIX%%/bin/%%TCLSH%%" >X >Xrun_rc_command "$1" >54fb494793b8ea3cb9d9e47d50c87b8e >echo x - sguil/files/patch-client__sguil.conf >sed 's/^X//' >sguil/files/patch-client__sguil.conf << 'd5ca091f6c99b67155f7e5267db67966' >X--- client/sguil.conf.orig 2012-11-15 22:46:24.000000000 +0000 >X+++ client/sguil.conf 2012-11-15 22:48:28.000000000 +0000 >X@@ -18,7 +18,7 @@ >X set DEBUG 1 >X >X # PATH to tls lib if needed (tcl can usually find this by default) >X-#set TLS_PATH /usr/lib/tls1.4/libtls1.4.so >X+#set TLS_PATH /usr/local/lib/tls1.6/libtls1.6.so >X # win32 example >X #set TLS_PATH "c:/tcl/lib/tls1.4/tls14.dll" >X >X@@ -46,12 +46,12 @@ >X # If you have festival installed, then you can have alerts spoken to >X # you. Set the path to the festival binary here. If you are using >X # speechd from speechio.org, then leave this commented out. >X-set FESTIVAL_PATH /usr/bin/festival >X+set FESTIVAL_PATH /usr/local/bin/festival >X # win32 example >X # set FESTIVAL_PATH "c:\festival\bin\festival.exe" >X >X # Path to wireshark (ethereal) >X-set WIRESHARK_PATH /usr/sbin/wireshark >X+set WIRESHARK_PATH /usr/local/bin/wireshark >X # win32 example >X # set WIRESHARK_PATH "c:/progra~1/wireshark/wireshark.exe" >X >X@@ -62,7 +62,7 @@ >X # set WIRESHARK_STORE_DIR "c:/tmp" >X >X # Favorite browser for looking at sig info on snort.org >X-set BROWSER_PATH /usr/bin/firefox >X+set BROWSER_PATH /usr/local/bin/firefox >X # win32 example (IE) >X # set BROWSER_PATH c:/progra~1/intern~1/iexplore.exe >X >d5ca091f6c99b67155f7e5267db67966 >echo x - sguil/files/patch-server__snort_agent >sed 's/^X//' >sguil/files/patch-server__snort_agent << 'b1d385092982dcf70b506d03846ee320' >X--- sensor/snort_agent.tcl.orig 2012-12-17 22:33:35.000000000 +0000 >X+++ sensor/snort_agent.tcl 2012-12-17 22:39:39.000000000 +0000 >X@@ -1,6 +1,4 @@ >X #!/bin/sh >X-# Run tcl from users PATH \ >X-exec tclsh "$0" "$@" >X >X # $Id: snort_agent.tcl,v 1.9 2011/02/17 02:55:48 bamm Exp $ # >X >X@@ -680,13 +678,13 @@ >X } >X >X # Parse the config file here >X-# Default location is /etc/snort_agent.conf or pwd >X+# Default location is /usr/local/etc/sguil-sensor/snort_agent.conf or pwd >X if { ![info exists CONF_FILE] } { >X >X # No conf file specified check the defaults >X- if { [file exists /etc/snort_agent.conf] } { >X+ if { [file exists /usr/local/etc/sguil-sensor/snort_agent.conf] } { >X >X- set CONF_FILE /etc/snort_agent.conf >X+ set CONF_FILE /usr/local/etc/sguil-sensor/snort_agent.conf >X >X } elseif { [file exists ./snort_agent.conf] } { >X >X@@ -695,7 +693,7 @@ >X } else { >X >X puts "Couldn't determine where the snort_agent.tcl config file is" >X- puts "Looked for /etc/snort_agent.conf and ./snort_agent.conf." >X+ puts "Looked for /usr/local/etc/sguil-sensor/snort_agent.conf and ./snort_agent.conf." >X DisplayUsage $argv0 >X >X } >b1d385092982dcf70b506d03846ee320 >echo x - sguil/files/patch-sensor__pads_agent.tcl >sed 's/^X//' >sguil/files/patch-sensor__pads_agent.tcl << '14bf4b54e55efa463b9f081d996a5214' >X--- sensor/pads_agent.tcl.orig 2012-12-19 21:25:26.000000000 +0000 >X+++ sensor/pads_agent.tcl 2012-12-19 21:27:37.000000000 +0000 >X@@ -1,6 +1,4 @@ >X #!/bin/sh >X-# Run tcl from users PATH \ >X-exec tclsh "$0" "$@" >X >X # $Id: pads_agent.tcl,v 1.13 2011/02/17 02:55:48 bamm Exp $ # >X >X@@ -332,7 +330,7 @@ >X id process group set >X if {[fork]} {exit 0} >X set PID [id process] >X- if { ![info exists PID_FILE] } { set PID_FILE "/var/run/sensor_agent.pid" } >X+ if { ![info exists PID_FILE] } { set PID_FILE "/var/run/pads_agent.pid" } >X set PID_DIR [file dirname $PID_FILE] >X if { ![file exists $PID_DIR] || ![file isdirectory $PID_DIR] || ![file writable $PID_DIR] } { >X puts "ERROR: Directory $PID_DIR does not exists or is not writable." >X@@ -380,16 +378,16 @@ >X } >X } >X # Parse the config file here >X-# Default location is /etc/pads_agent.conf or pwd >X+# Default location is /usr/local/etc/sguil-sensor/pads_agent.conf or pwd >X if { ![info exists CONF_FILE] } { >X # No conf file specified check the defaults >X- if { [file exists /etc/pads_agent.conf] } { >X- set CONF_FILE /etc/pads_agent.conf >X+ if { [file exists /usr/local/etc/sguil-sensor/pads_agent.conf] } { >X+ set CONF_FILE /usr/local/etc/sguil-sensor/pads_agent.conf >X } elseif { [file exists ./pads_agent.conf] } { >X set CONF_FILE ./pads_agent.conf >X } else { >X puts "Couldn't determine where the sensor_agent.tcl config file is" >X- puts "Looked for /etc/pads_agent.conf and ./pads_agent.conf." >X+ puts "Looked for /usr/local/etc/sguil-sensor/pads_agent.conf and ./pads_agent.conf." >X DisplayUsage $argv0 >X } >X } >14bf4b54e55efa463b9f081d996a5214 >echo x - sguil/pkg-plist >sed 's/^X//' >sguil/pkg-plist << '27dbbf0b7d3a1ec1718f282a0af6c2a9' >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/images/checked.gif >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/images/sguil_logo_h.gif >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/images/unchecked.gif >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/SguilUtil.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/dkffont.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/email17.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/extdata.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/guilib.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/qrybuild.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/qrylib.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/report.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/sancp.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/sellib.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/sound.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/stdquery.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.11/COPYRIGHT.txt >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.11/pkgIndex.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.11/scripts/mwutil.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.11/scripts/repair.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.11/scripts/tablelistBind.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.11/scripts/tablelistConfig.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.11/scripts/tablelistEdit.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.11/scripts/tablelistImages.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.11/scripts/tablelistMove.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.11/scripts/tablelistSort.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.11/scripts/tablelistThemes.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.11/scripts/tablelistUtil.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.11/scripts/tablelistWidget.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.11/scripts/tclIndex >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.11/tablelist.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.11/tablelist_tile.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.11/tablelistPublic.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/lib/whois.tcl >X%%CLIENT%%bin/%%CLIENT_SGUILDIR%%/sguil.tk >X%%CLIENT%%etc/sguil.conf-sample >X%%CLIENT%%@dirrm bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.11/scripts >X%%CLIENT%%@dirrm bin/%%CLIENT_SGUILDIR%%/lib/tablelist5.11 >X%%CLIENT%%@dirrm bin/%%CLIENT_SGUILDIR%%/lib >X%%CLIENT%%@dirrm bin/%%CLIENT_SGUILDIR%%/images >X%%CLIENT%%@dirrm bin/%%CLIENT_SGUILDIR%% >X%%SENSOR%%bin/%%SENSOR_SGUILDIR%%/log_packets-daemonlogger.sh >X%%SENSOR%%bin/%%SENSOR_SGUILDIR%%/log_packets.sh >X%%SENSOR%%bin/%%SENSOR_SGUILDIR%%/pcap_agent.tcl >X%%SENSOR%%bin/%%SENSOR_SGUILDIR%%/snort_agent.tcl >X%%SENSOR%%etc/%%SENSOR_SGUILDIR%%/pcap_agent.conf-sample >X%%SENSOR%%etc/%%SENSOR_SGUILDIR%%/snort_agent.conf-sample >X%%SENSOR%%share/%%SENSOR_SGUILDIR%%/contrib/ossec_agent/README >X%%SENSOR%%share/%%SENSOR_SGUILDIR%%/contrib/ossec_agent/ossec_agent.conf >X%%SENSOR%%share/%%SENSOR_SGUILDIR%%/contrib/ossec_agent/ossec_agent.tcl >X%%SENSOR%%share/%%SENSOR_SGUILDIR%%/contrib/portscan_loader/Makefile >X%%SENSOR%%share/%%SENSOR_SGUILDIR%%/contrib/portscan_loader/portscan_loader.c >X%%SENSOR%%share/%%SENSOR_SGUILDIR%%/init/sensoragent >X%%SENSOR%%%%PADS_SENSOR%%bin/%%SENSOR_SGUILDIR%%/pads_agent.tcl >X%%SENSOR%%%%PADS_SENSOR%%etc/%%SENSOR_SGUILDIR%%/pads_agent.conf-sample >X%%SENSOR%%%%SANCP_SENSOR%%bin/%%SENSOR_SGUILDIR%%/log_packets-sancp.sh >X%%SENSOR%%%%SANCP_SENSOR%%bin/%%SENSOR_SGUILDIR%%/pcap_agent-sancp.tcl >X%%SENSOR%%%%SANCP_SENSOR%%bin/%%SENSOR_SGUILDIR%%/sancp_agent.tcl >X%%SENSOR%%%%SANCP_SENSOR%%etc/%%SENSOR_SGUILDIR%%/sancp_agent.conf-sample >X%%SENSOR%%%%SANCP_SENSOR%%etc/%%SENSOR_SGUILDIR%%/sancp-indexed.conf-sample >X%%SENSOR%%%%SANCP_SENSOR%%etc/%%SENSOR_SGUILDIR%%/pcap_agent-sancp.conf-sample >X%%SENSOR%%%%SANCP_SENSOR%%etc/%%SENSOR_SGUILDIR%%/sancp.conf-sample >X%%SENSOR%%@dirrm share/%%SENSOR_SGUILDIR%%/init >X%%SENSOR%%@dirrm share/%%SENSOR_SGUILDIR%%/contrib/portscan_loader >X%%SENSOR%%@dirrm share/%%SENSOR_SGUILDIR%%/contrib/ossec_agent >X%%SENSOR%%@dirrm share/%%SENSOR_SGUILDIR%%/contrib >X%%SENSOR%%@dirrm share/%%SENSOR_SGUILDIR%% >X%%SENSOR%%@dirrmtry etc/%%SENSOR_SGUILDIR%% >X%%SENSOR%%@dirrm bin/%%SENSOR_SGUILDIR%% >X%%SERVER%%bin/sguild >X%%SERVER%%etc/%%SERVER_SGUILDIR%%/autocat.conf-sample >X%%SERVER%%etc/%%SERVER_SGUILDIR%%/sguild.access-sample >X%%SERVER%%etc/%%SERVER_SGUILDIR%%/sguild.conf-sample >X%%SERVER%%etc/%%SERVER_SGUILDIR%%/sguild.email-sample >X%%SERVER%%etc/%%SERVER_SGUILDIR%%/sguild.queries-sample >X%%SERVER%%etc/%%SERVER_SGUILDIR%%/sguild.reports-sample >X%%SERVER%%@owner sguil >X%%SERVER%%@group sguil >X%%SERVER%%etc/%%SERVER_SGUILDIR%%/sguild.users-sample >X%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildAccess.tcl >X%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildAutoCat.tcl >X%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildClientCmdRcvd.tcl >X%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildConnect.tcl >X%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildCreateDB.tcl >X%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildEmailEvent.tcl >X%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildEvent.tcl >X%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildGenericDB.tcl >X%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildGenericEvent.tcl >X%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildHealthChecks.tcl >X%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildLoaderd.tcl >X%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildLoaderd.tcl.orig >X%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildMysqlMerge.tcl >X%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildMysqlMerge.tcl.orig >X%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildPadsLib.tcl >X%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildQueryd.tcl >X%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildReportBuilder.tcl >X%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildSendComms.tcl >X%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildSensorAgentComms.tcl >X%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildSensorCmdRcvd.tcl >X%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildTranscript.tcl >X%%SERVER%%lib/%%SERVER_SGUILDIR%%/SguildUtils.tcl >X%%SERVER%%@owner root >X%%SERVER%%@group wheel >X%%SERVER%%share/%%SERVER_SGUILDIR%%/autocat2mysql.tcl >X%%SERVER%%share/%%SERVER_SGUILDIR%%/contrib/incident_report.tcl >X%%SERVER%%share/%%SERVER_SGUILDIR%%/contrib/init/sguil >X%%SERVER%%share/%%SERVER_SGUILDIR%%/contrib/init/sguild >X%%SERVER%%share/%%SERVER_SGUILDIR%%/create_ruledb.sql >X%%SERVER%%share/%%SERVER_SGUILDIR%%/create_sguildb.sql >X%%SERVER%%share/%%SERVER_SGUILDIR%%/migrate_event.tcl >X%%SERVER%%share/%%SERVER_SGUILDIR%%/migrate_sancp.tcl >X%%SERVER%%share/%%SERVER_SGUILDIR%%/sancp_cleanup.tcl >X%%SERVER%%share/%%SERVER_SGUILDIR%%/sancp_cleanup.tcl.orig >X%%SERVER%%share/%%SERVER_SGUILDIR%%/update_0.7.tcl >X%%SERVER%%share/%%SERVER_SGUILDIR%%/update_0.8.tcl >X%%SERVER%%share/%%SERVER_SGUILDIR%%/update_sguildb_v10-v11.sql >X%%SERVER%%share/%%SERVER_SGUILDIR%%/update_sguildb_v11-v12.sql >X%%SERVER%%share/%%SERVER_SGUILDIR%%/update_sguildb_v12-v13.sql >X%%SERVER%%share/%%SERVER_SGUILDIR%%/update_sguildb_v13-v14.sql >X%%SERVER%%share/%%SERVER_SGUILDIR%%/update_sguildb_v5-v6.sql >X%%SERVER%%share/%%SERVER_SGUILDIR%%/update_sguildb_v6-v7.sql >X%%SERVER%%share/%%SERVER_SGUILDIR%%/update_sguildb_v7-v8.sql >X%%SERVER%%share/%%SERVER_SGUILDIR%%/update_sguildb_v8-v9.sql >X%%SERVER%%share/%%SERVER_SGUILDIR%%/update_sguildb_v9-v10.sql >X%%SERVER%%@dirrm share/%%SERVER_SGUILDIR%%/contrib/init >X%%SERVER%%@dirrm share/%%SERVER_SGUILDIR%%/contrib >X%%SERVER%%@dirrm share/%%SERVER_SGUILDIR%% >X%%SERVER%%@dirrm lib/%%SERVER_SGUILDIR%% >X%%SERVER%%@dirrm etc/%%SERVER_SGUILDIR%% >27dbbf0b7d3a1ec1718f282a0af6c2a9 >exit
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=144107">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 191347
: 144107 |
144108
|
144109