FreeBSD Bugzilla – Attachment 191323 Details for
Bug 226465
security/ossec-hids-server: update to 2.9.3
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Diff for ossec-hids-server 2.9.3
ossec-hids-server-2.9.3.diff (text/plain), 134.95 KB, created by
Dominik Lisiak
on 2018-03-09 01:30:28 UTC
(
hide
)
Description:
Diff for ossec-hids-server 2.9.3
Filename:
MIME Type:
Creator:
Dominik Lisiak
Created:
2018-03-09 01:30:28 UTC
Size:
134.95 KB
patch
obsolete
>Index: Makefile >=================================================================== >--- Makefile (revision 463924) >+++ Makefile (working copy) >@@ -1,44 +1,35 @@ >-# Created by: Valerio Daelli <valerio.daelli@gmail.com> > # $FreeBSD$ > > PORTNAME= ossec-hids >-PORTVERSION= 2.8.3 >-DISTVERSIONPREFIX= v >-PORTREVISION?= 3 >+PORTVERSION= 2.9.3 >+PORTREVISION?= > CATEGORIES= security >-PKGNAMESUFFIX= -server >+PKGNAMESUFFIX?= -server > >-MAINTAINER= dominik.lisiak@bemsoft.pl >+MAINTAINER?= dominik.lisiak@bemsoft.pl > COMMENT?= Security tool to monitor and check logs and intrusions > >-USE_GITHUB= yes >-GH_ACCOUNT= ossec >-USE_RC_SUBR= ossec-hids >+LICENSE?= GPLv2 >+LICENSE_FILE?= ${WRKSRC}/LICENSE > >-CFLAGS+= -ferror-limit=0 >- >-USES= readline ssl >- >-.if defined(MAINTAINER_MODE) >-UID_FILES+= ../../UIDs >-GID_FILES+= ../../GIDs >+.if !defined(AGENT_ONLY) >+RUN_DEPENDS= expect:lang/expect > .endif >-USERS= ossec ossecm ossecr >-GROUPS= ossec > >-.if !defined(CLIENT_ONLY) >-OPTIONS_DEFINE= MYSQL PGSQL >+GEOIP_LIB_DEPENDS= libGeoIP.so:net/GeoIP >+INOTIFY_LIB_DEPENDS= libinotify.so:devel/libinotify >+PRELUDE_LIB_DEPENDS= libprelude.so:security/libprelude >+ZEROMQ_LIB_DEPENDS= libczmq.so:net/czmq > >-MYSQL_VARS= WITH_DB=yes >-MYSQL_USE= MYSQL=client >-MYSQL_PORTDOCS= mysql.schema >- >-PGSQL_VARS= WITH_DB=yes >+USES= gmake readline ssl >+MYSQL_USE= mysql > PGSQL_USES= pgsql >-PGSQL_PORTDOCS= postgresql.schema > >-RUN_DEPENDS= expect:lang/expect >+USE_GITHUB= yes >+GH_ACCOUNT= ossec >+USE_RC_SUBR= ossec-hids > >+.if !defined(AGENT_ONLY) > USES+= shebangfix > SHEBANG_LANG= expect > expect_OLD_CMD= "/usr/bin/env expect" >@@ -55,82 +46,428 @@ > src/agentlessd/scripts/sshlogin.exp \ > src/agentlessd/scripts/su.exp > .endif >-OPTIONS_DEFINE+= DOCS > >-SUB_LIST= PORTNAME=${PORTNAME} >-SUB_FILES= pkg-message >+OPTIONS_SUB= yes >+OPTIONS_DEFINE+= DOCS INOTIFY >+ >+.if !defined(AGENT_ONLY) >+OPTIONS_DEFINE+= GEOIP PRELUDE ZEROMQ >+ >+OPTIONS_RADIO= DATABASE >+OPTIONS_RADIO_DATABASE= MYSQL PGSQL >+.endif >+ >+.if !defined(AGENT_ONLY) >+OPTIONS_GROUP+= G_RULES G_AR >+OPTIONS_GROUP_G_RULES= DEFAULT_R CONFIG_R FIREWALL_R PORTS_R >+OPTIONS_GROUP_G_AR= DEFAULT_C MERGE_C MERGE_AR RESTART_AR >+.endif >+OPTIONS_GROUP+= G_CHECKS G_CMDS G_LOGS >+OPTIONS_GROUP_G_CHECKS= ROOTCHECK SYSCHECK >+OPTIONS_GROUP_G_CMDS= LOGINS PORTS_TCP PORTS_UDP >+OPTIONS_GROUP_G_LOGS= BASELOGS ARLOG >+ >+.if !defined(AGENT_ONLY) && !defined(LOCAL_ONLY) >+OPTIONS_GROUP+= G_CHECKS_P G_LOGS_P >+OPTIONS_GROUP_G_CHECKS_P= ROOTCHECK_P SYSCHECK_P >+OPTIONS_GROUP_G_LOGS_P= BASELOGS_P ARLOG_P >+.endif >+ >+.if !defined(AGENT_ONLY) >+OPTIONS_SINGLE= FIREWALL >+OPTIONS_SINGLE_FIREWALL= PF IPFW IPF >+.endif >+ >+OPTIONS_DEFAULT+= INOTIFY LOGINS PORTS_TCP PORTS_UDP >+.if !defined(AGENT_ONLY) >+OPTIONS_DEFAULT+= IPF DEFAULT_R CONFIG_R FIREWALL_R PORTS_R DEFAULT_C MERGE_C MERGE_AR RESTART_AR ROOTCHECK SYSCHECK BASELOGS ARLOG >+.if !defined(LOCAL_ONLY) >+OPTIONS_DEFAULT+= ROOTCHECK_P SYSCHECK_P BASELOGS_P ARLOG_P >+.endif >+.endif >+ >+DIST_CONF_DESC= (ossec-dist.conf) >+AGENT_DIST_CONF_DESC= (agent-dist.conf) >+ >+INOTIFY_DESC= Kevent based real time monitoring >+PRELUDE_DESC= Sensor support from Prelude SIEM >+ZEROMQ_DESC= ZeroMQ support (experimental) >+ >+G_RULES_DESC= Rules ${DIST_CONF_DESC} >+DEFAULT_R_DESC= Rules provided by OSSEC >+CONFIG_R_DESC= Alert OSSEC main configuration files changes >+FIREWALL_R_DESC= Alert firewall active resonse (PF and IPFW) >+PORTS_R_DESC= Alert open TCP and UDP ports >+G_AR_DESC= Active response ${DIST_CONF_DESC} >+DEFAULT_C_DESC= Commands provided by OSSEC >+MERGE_C_DESC= Merge "dist" and "local" configs command >+MERGE_AR_DESC= Merge "dist" and "local" configs when they change >+RESTART_AR_DESC= Restart OSSEC when main configuration files change >+G_CHECKS_DESC= System checks ${DIST_CONF_DESC} >+ROOTCHECK_DESC= System audit and rootkit detection >+SYSCHECK_DESC= Integrity checking >+G_CMDS_DESC= Command monitoring ${DIST_CONF_DESC} >+LOGINS_DESC= Last logins >+PORTS_TCP_DESC= Listening TCP ports >+PORTS_UDP_DESC= Open UDP ports >+G_LOGS_DESC= Log monitoring ${DIST_CONF_DESC} >+BASELOGS_DESC= Base logs (messages, maillog, ...) >+ARLOG_DESC= Active response log >+ >+G_CHECKS_P_DESC= Pushed system checks ${AGENT_DIST_CONF_DESC} >+ROOTCHECK_P_DESC= ${ROOTCHECK_DESC} (profile: rootcheck) >+SYSCHECK_P_DESC= ${SYSCHECK_DESC} (profile: syscheck) >+G_LOGS_P_DESC= Pushed log monitoring ${AGENT_DIST_CONF_DESC} >+BASELOGS_P_DESC= ${BASELOGS_DESC} (profile: baselogs) >+ARLOG_P_DESC= ${ARLOG_DESC} (profile: arlog) >+ >+FIREWALL_DESC= Active response firewall ${DIST_CONF_DESC} >+PF_DESC= Packet Filter >+IPFW_DESC= ipfirewall >+IPF_DESC= ipfilter, iptables >+ >+DATABASE_DESC= Database output >+ >+PKGMSG_FILES= message-header >+ >+TEMPL_HEADER= template-header.xml >+TEMPL_SAMPLE_HEADER= template-sample-header.xml >+TEMPL_P_HEADER= template-pushed-header.xml >+ >+TEMPL_DEFAULT_R= template-rules-default.xml >+TEMPL_CONFIG_R= template-rules-config.xml >+TEMPL_FIREWALL_R= template-rules-firewall.xml >+TEMPL_PORTS_R= template-rules-ports.xml >+TEMPL_DEFAULT_C= template-ar-cmds-default.xml >+TEMPL_MERGE_C= template-ar-cmds-merge.xml >+TEMPL_MERGE_AR= template-ar-merge.xml >+TEMPL_RESTART_AR= template-ar-restart.xml >+TEMPL_ROOTCHECK= template-rootcheck.xml >+TEMPL_SYSCHECK= template-syscheck.xml >+TEMPL_LOGINS= template-cmds-logins.xml >+TEMPL_PORTS_TCP= template-cmds-ports-tcp.xml >+TEMPL_PORTS_UDP= template-cmds-ports-udp.xml >+TEMPL_BASELOGS= template-baselogs.xml >+TEMPL_ARLOG= template-arlog.xml >+TEMPL_SAMPLE= template-sample${PKGNAMESUFFIX}.xml >+TEMPL_P_SAMPLE= template-pushed-sample.xml >+ >+GEOIP_VARS= OSSEC_ARGS+=USE_GEOIP=yes >+INOTIFY_VARS= OSSEC_ARGS+=USE_INOTIFY=yes >+PRELUDE_VARS= OSSEC_ARGS+=USE_PRELUDE=yes >+ZEROMQ_VARS= OSSEC_ARGS+=USE_ZEROMQ=yes >+MYSQL_VARS= OSSEC_ARGS+=DATABASE=mysql PKGMSG_FILES+=message-db DB_TYPE=mysql DB_SCHEMA=mysql.schema >+PGSQL_VARS= OSSEC_ARGS+=DATABASE=pgsql PKGMSG_FILES+=message-db DB_TYPE=postgresql DB_SCHEMA=postgresql.schema >+ >+DEFAULT_R_VARS= TEMPL_FILES+=${TEMPL_DEFAULT_R} >+CONFIG_R_VARS= TEMPL_FILES+=${TEMPL_CONFIG_R} >+FIREWALL_R_VARS= TEMPL_FILES+=${TEMPL_FIREWALL_R} >+PORTS_R_VARS= TEMPL_FILES+=${TEMPL_PORTS_R} >+DEFAULT_C_VARS= TEMPL_FILES+=${TEMPL_DEFAULT_C} >+MERGE_C_VARS= TEMPL_FILES+=${TEMPL_MERGE_C} >+MERGE_AR_VARS= TEMPL_FILES+=${TEMPL_MERGE_AR} >+RESTART_AR_VARS= TEMPL_FILES+=${TEMPL_RESTART_AR} >+ROOTCHECK_VARS= TEMPL_FILES+=${TEMPL_ROOTCHECK} >+SYSCHECK_VARS= TEMPL_FILES+=${TEMPL_SYSCHECK} >+LOGINS_VARS= TEMPL_FILES+=${TEMPL_LOGINS} >+PORTS_TCP_VARS= TEMPL_FILES+=${TEMPL_PORTS_TCP} >+PORTS_UDP_VARS= TEMPL_FILES+=${TEMPL_PORTS_UDP} >+BASELOGS_VARS= TEMPL_FILES+=${TEMPL_BASELOGS} >+ARLOG_VARS= TEMPL_FILES+=${TEMPL_ARLOG} >+ >+DEFAULT_R_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_DEFAULT_R} >+CONFIG_R_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_CONFIG_R} >+FIREWALL_R_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_FIREWALL_R} >+PORTS_R_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_PORTS_R} >+DEFAULT_C_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_DEFAULT_C} >+MERGE_C_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_MERGE_C} >+MERGE_AR_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_MERGE_AR} >+RESTART_AR_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_RESTART_AR} >+ROOTCHECK_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_ROOTCHECK} >+SYSCHECK_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_SYSCHECK} >+LOGINS_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_LOGINS} >+PORTS_TCP_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_PORTS_TCP} >+PORTS_UDP_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_PORTS_UDP} >+BASELOGS_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_BASELOGS} >+ARLOG_VARS_OFF= TEMPL_SAMPLE_FILES+=${TEMPL_ARLOG} >+ >+ROOTCHECK_P_VARS= TEMPL_P_FILES+=${TEMPL_ROOTCHECK} >+SYSCHECK_P_VARS= TEMPL_P_FILES+=${TEMPL_SYSCHECK} >+BASELOGS_P_VARS= TEMPL_P_FILES+=${TEMPL_BASELOGS} >+ARLOG_P_VARS= TEMPL_P_FILES+=${TEMPL_ARLOG} >+ >+ROOTCHECK_PROFILE= rootcheck >+SYSCHECK_PROFILE= syscheck >+BASELOGS_PROFILE= baselogs >+ARLOG_PROFILE= arlog >+CLIENT_PROFILES:= ${ROOTCHECK_PROFILE}, ${SYSCHECK_PROFILE}, ${BASELOGS_PROFILE}, ${ARLOG_PROFILE} >+ >+SUB_LIST+= ROOTCHECK_PROFILE=${ROOTCHECK_PROFILE} \ >+ SYSCHECK_PROFILE=${SYSCHECK_PROFILE} \ >+ BASELOGS_PROFILE=${BASELOGS_PROFILE} \ >+ ARLOG_PROFILE=${ARLOG_PROFILE} \ >+ CLIENT_PROFILES="${CLIENT_PROFILES}" >+ >+PF_VARS= FW_DROP=pf.sh PKGMSG_FILES+=message-pf >+IPFW_VARS= FW_DROP=ipfw.sh >+IPF_VARS= FW_DROP=firewall-drop.sh >+ >+OSSEC_TYPE?= server >+PKGHELP= ${PKGDIR}/pkg-help${PKGNAMESUFFIX} >+OSSEC_ARGS+= TARGET=${OSSEC_TYPE} >+CONFLICTS_INSTALL?= ossec-hids-client-[0-9]* ossec-hids-agent-[0-9]* ossec-hids-local-[0-9]* >+STRIP_FILES?= agent_control \ >+ clear_stats \ >+ list_agents \ >+ manage_agents \ >+ ossec-agentlessd \ >+ ossec-analysisd \ >+ ossec-authd \ >+ ossec-csyslogd \ >+ ossec-dbd \ >+ ossec-execd \ >+ ossec-logcollector \ >+ ossec-logtest \ >+ ossec-lua \ >+ ossec-luac \ >+ ossec-maild \ >+ ossec-makelists \ >+ ossec-monitord \ >+ ossec-regex \ >+ ossec-remoted \ >+ ossec-reportd \ >+ ossec-syscheckd \ >+ rootcheck_control \ >+ syscheck_control \ >+ syscheck_update \ >+ verify-agent-conf >+TEMPL_TO_OSSEC= ${SCRIPTDIR}/template-to-ossec.sh ${OSSEC_TYPE} ${PREFIX}/${PORTNAME} >+TEMPL_TO_OSSEC_P= ${SCRIPTDIR}/template-to-agent.sh ${OSSEC_TYPE} ${PREFIX}/${PORTNAME} >+OSSEC_RC= ${PREFIX}/etc/rc.d/ossec-hids >+OSSEC_OSSEC_CONF= ${PREFIX}/${PORTNAME}/bin/ossec_conf >+OSSEC_AGENT_CONF= ${PREFIX}/${PORTNAME}/bin/agent_conf >+OSSEC_MERGE_CONFIG= ${PREFIX}/${PORTNAME}/active-response/bin/merge-configs.sh >+OSSEC_RESTART_OSSEC= ${PREFIX}/${PORTNAME}/active-response/bin/restart-ossec.sh >+OSSEC_TMP= ${PREFIX}/${PORTNAME}/tmp >+OSSEC_SHARED= ${PREFIX}/${PORTNAME}/etc/shared >+OSSEC_CONF= ${PREFIX}/${PORTNAME}/etc/ossec.conf >+OSSEC_DIST_CONF= ${PREFIX}/${PORTNAME}/etc/ossec-dist.conf >+OSSEC_LOCAL_CONF= ${PREFIX}/${PORTNAME}/etc/ossec-local.conf.sample >+OSSEC_P_CONF= ${PREFIX}/${PORTNAME}/etc/shared/agent.conf >+OSSEC_P_DIST_CONF= ${PREFIX}/${PORTNAME}/etc/agent-dist.conf >+OSSEC_P_LOCAL_CONF= ${PREFIX}/${PORTNAME}/etc/agent-local.conf.sample >+OSSEC_RULES_DIR= ${PREFIX}/${PORTNAME}/rules >+OSSEC_RULES_FILES= config firewall ports >+ >+.if !defined(MAINTAINER_MODE) >+USER_ARGS+= OSSEC_GROUP=${GROUP} \ >+ OSSEC_USER=${USER} \ >+ OSSEC_USER_MAIL=${USER} \ >+ OSSEC_USER_REM=${USER} >+.endif >+OSSEC_USER= ossec >+OSSEC_GROUP= ossec >+USERS= ${OSSEC_USER} ossecm ossecr >+GROUPS= ${OSSEC_GROUP} >+ >+SUB_LIST+= PORTNAME=${PORTNAME} \ >+ OSSEC_TYPE=${OSSEC_TYPE} \ >+ VERSION=${PORTVERSION} \ >+ DB_TYPE=${DB_TYPE} \ >+ DB_SCHEMA=${DOCSDIR}/${DB_SCHEMA} \ >+ FW_DROP=${FW_DROP} \ >+ USER=${USER} \ >+ OSSEC_USER=${OSSEC_USER} \ >+ OSSEC_GROUP=${OSSEC_GROUP} \ >+ OSSEC_RC=${OSSEC_RC} >+SUB_FILES= ${PKGMSG_FILES} \ >+ ${TEMPL_HEADER} \ >+ ${TEMPL_FILES} \ >+ ${TEMPL_SAMPLE_HEADER} \ >+ ${TEMPL_SAMPLE_FILES} \ >+ ${TEMPL_P_HEADER} \ >+ ${TEMPL_P_SAMPLE} \ >+ merge-config.sh \ >+ restart-ossec.sh \ >+ ossec-conf >+.if !defined(AGENT_ONLY) && !defined(LOCAL_ONLY) >+SUB_FILES+= agent-conf >+.endif >+.for file in ${OSSEC_RULES_FILES} >+SUB_FILES+= rule-${file}.xml >+.endfor >+ >+PLIST= ${PKGDIR}/pkg-plist${PKGNAMESUFFIX} > PLIST_SUB= PORTNAME=${PORTNAME} > DOCSFILES= BUGS CONFIG CONTRIBUTORS INSTALL LICENSE >-PORTDOCS= ${DOCSFILES} >+PKGMESSAGE= ${WRKDIR}/pkg-message > >-BROKEN_aarch64= Fails to compile: error: use of undeclared identifier __LDPGSZ >+CFLAGS+= -I${LOCALBASE}/include > >+BUILD_ARGS+= ${MAKE_ARGS} ${OSSEC_ARGS} PREFIX=${PREFIX}/${PORTNAME} >+INSTALL_ARGS+= ${USER_ARGS} ${OSSEC_ARGS} PREFIX=${STAGEDIR}${PREFIX}/${PORTNAME} >+ >+# Apache logs support >+APACHE_OPTION= APACHE >+APACHE_PROFILE= apache >+APACHE_DESC= Apache logs >+APACHE_P_DESC= ${APACHE_DESC} (profile: ${APACHE_PROFILE}) >+LOGS_OPTIONS+= ${APACHE_OPTION} >+ >+# Nginx logs support >+NGINX_OPTION= NGINX >+NGINX_PROFILE= nginx >+NGINX_DESC= Nginx logs >+NGINX_P_DESC= ${NGINX_DESC} (profile: ${NGINX_PROFILE}) >+LOGS_OPTIONS+= ${NGINX_OPTION} >+ >+# Radius logs support >+RADIUS_OPTION= RADIUS >+RADIUS_PROFILE= radius >+RADIUS_DESC= FreeRADIUS logs >+RADIUS_P_DESC= ${RADIUS_DESC} (profile: ${RADIUS_PROFILE}) >+LOGS_OPTIONS+= ${RADIUS_OPTION} >+ >+# Vsftpd logs support >+VSFTPD_OPTION= VSFTPD >+VSFTPD_PROFILE= vsftpd >+VSFTPD_DESC= Vsftpd logs >+VSFTPD_P_DESC= ${VSFTPD_DESC} (profile: ${VSFTPD_PROFILE}) >+LOGS_OPTIONS+= ${VSFTPD_OPTION} >+ >+.for option in ${LOGS_OPTIONS} >+OPTIONS_GROUP_G_LOGS+= ${option} >+OPTIONS_GROUP_G_LOGS_P+=${option}_P >+OPTIONS_DEFAULT+= ${option}_P >+SUB_FILES+= template-logs-${${option}_PROFILE}.xml >+SUB_LIST+= ${option}_PROFILE=${${option}_PROFILE} >+CLIENT_PROFILES:= ${CLIENT_PROFILES}, ${${option}_PROFILE} >+.endfor >+ > .include <bsd.port.pre.mk> > >-STRIP_FILES= ossec-luac agent_control ossec-lua ossec-dbd ossec-regex ossec-monitord ossec-makelists verify-agent-conf ossec-analysisd ossec-agentlessd syscheck_control ossec-execd manage_agents ossec-csyslogd ossec-syscheckd ossec-logtest ossec-authd ossec-logcollector list_agents ossec-maild clear_stats ossec-remoted ossec-reportd rootcheck_control syscheck_update >-.if defined(CLIENT_ONLY) >-SUB_LIST+= PRECMD=: >-PKGNAMESUFFIX= -client >-CONFLICTS_INSTALL= ossec-hids-server-[0-9]* ossec-hids-local-[0-9]* >-STRIP_FILES= agent-auth manage_agents ossec-agentd ossec-execd ossec-logcollector ossec-lua ossec-luac ossec-syscheckd >-.elif defined(LOCAL_ONLY) >-SUB_LIST+= PRECMD=ossechids_start_precmd >-PKGNAMESUFFIX= -local >-CONFLICTS_INSTALL= ossec-hids-client-[0-9]* ossec-hids-server-[0-9]* >-.else >-SUB_LIST+= PRECMD=ossechids_start_precmd >-CONFLICTS_INSTALL= ossec-hids-client-[0-9]* ossec-hids-local-[0-9]* >-.endif >+TEMPL_SAMPLE_FILES+= ${TEMPL_SAMPLE} >+TEMPL_P_SAMPLE_FILES+= ${TEMPL_P_SAMPLE} >+PKGMSG_FILES+= message-footer > > post-patch: >- @${REINPLACE_CMD} 's|PREFIX|${PREFIX}/${PORTNAME}|' ${WRKSRC}/src/headers/defs.h >- @${ECHO} "DIR=\"${STAGEDIR}${PREFIX}/${PORTNAME}\"" > ${WRKSRC}/src/LOCATION > @${REINPLACE_CMD} -e 's|-DLUA_USE_LINUX|& ${CPPFLAGS}|' \ > -e 's|-lreadline|& ${LDFLAGS}|' \ >- ${WRKSRC}/src/external/lua-5.2.3/src/Makefile >- @${REINPLACE_CMD} -e 's|OPENSSLCMD=|OPENSSLCMD=-L${OPENSSLLIB} |' \ >- ${WRKSRC}/src/Makeall >+ ${WRKSRC}/src/external/lua/src/Makefile > > do-build: >-.if defined(WITH_DB) >-.if defined(CLIENT_ONLY) >- @cd ${WRKSRC}/src;${MAKE} setagent;${MAKE} all;${MAKE} build >-.elif defined(LOCAL_ONLY) >- @cd ${WRKSRC}/src;${MAKE} setlocal;${MAKE} setdb;${MAKE} all;${MAKE} build >-.else >- @cd ${WRKSRC}/src;${MAKE} setdb;${MAKE} all;${MAKE} build >+ @cd ${WRKSRC}/src; ${SETENV} ${MAKE_ENV} ${MAKE_CMD} ${BUILD_ARGS} build >+ >+do-install: >+ @cd ${WRKSRC}/src; ${SETENV} ${MAKE_ENV} ${MAKE_CMD} ${INSTALL_ARGS} install >+ >+ossec-dist-conf: >+ @${CAT} ${WRKDIR}/${TEMPL_HEADER} > ${STAGEDIR}${OSSEC_DIST_CONF} >+.for file in ${TEMPL_FILES} >+ @${TEMPL_TO_OSSEC} ${WRKDIR}/${file} >> ${STAGEDIR}${OSSEC_DIST_CONF} >+ @${ECHO_CMD} >> ${STAGEDIR}${OSSEC_DIST_CONF} >+.endfor >+.for option in ${LOGS_OPTIONS} >+.if ${PORT_OPTIONS:M${option}} >+ @${TEMPL_TO_OSSEC} ${WRKDIR}/template-logs-${${option}_PROFILE}.xml >> ${STAGEDIR}${OSSEC_DIST_CONF} >+ @${ECHO_CMD} >> ${STAGEDIR}${OSSEC_DIST_CONF} > .endif >-.else >-.if defined(CLIENT_ONLY) >- @cd ${WRKSRC}/src;${MAKE} setagent;${MAKE} all;${MAKE} build; \ >- ${MAKE} unsetdb >-.elif defined(LOCAL_ONLY) >- @cd ${WRKSRC}/src;${MAKE} setlocal;${MAKE} all;${MAKE} build; \ >- ${MAKE} unsetdb >-.else >- @cd ${WRKSRC}/src;${MAKE} all;${MAKE} build;${MAKE} unsetdb >+.endfor >+ @${CHMOD} 640 ${STAGEDIR}${OSSEC_DIST_CONF} >+.if defined(MAINTAINER_MODE) >+ @${CHOWN} ${USER}:${OSSEC_GROUP} ${STAGEDIR}${OSSEC_DIST_CONF} > .endif >+ >+ossec-local-conf: >+ @${CAT} ${WRKDIR}/${TEMPL_SAMPLE_HEADER} > ${STAGEDIR}${OSSEC_LOCAL_CONF} >+.for file in ${TEMPL_SAMPLE_FILES} >+ @${TEMPL_TO_OSSEC} ${WRKDIR}/${file} >> ${STAGEDIR}${OSSEC_LOCAL_CONF} >+ @${ECHO_CMD} >> ${STAGEDIR}${OSSEC_LOCAL_CONF} >+.endfor >+ @${CHMOD} 640 ${STAGEDIR}${OSSEC_LOCAL_CONF} >+.if defined(MAINTAINER_MODE) >+ @${CHOWN} ${USER}:${OSSEC_GROUP} ${STAGEDIR}${OSSEC_LOCAL_CONF} > .endif > >-do-install: >-.if defined(CLIENT_ONLY) >- @cd ${WRKSRC}/src; ${MAKE} agent >-.elif defined(LOCAL_ONLY) >- @cd ${WRKSRC}/src; ${MAKE} local >+agent-dist-conf: >+.if !defined(AGENT_ONLY) && !defined(LOCAL_ONLY) >+ @${CAT} ${WRKDIR}/${TEMPL_P_HEADER} > ${STAGEDIR}${OSSEC_P_DIST_CONF} >+.for file in ${TEMPL_P_FILES} >+ @${TEMPL_TO_OSSEC_P} ${WRKDIR}/${file} >> ${STAGEDIR}${OSSEC_P_DIST_CONF} >+ @${ECHO_CMD} >> ${STAGEDIR}${OSSEC_P_DIST_CONF} >+.endfor >+.for option in ${LOGS_OPTIONS} >+.if ${PORT_OPTIONS:M${option}_P} >+ @${TEMPL_TO_OSSEC_P} ${WRKDIR}/template-logs-${${option}_PROFILE}.xml >> ${STAGEDIR}${OSSEC_P_DIST_CONF} >+ @${ECHO_CMD} >> ${STAGEDIR}${OSSEC_P_DIST_CONF} >+.endif >+.endfor >+ @${CHMOD} 640 ${STAGEDIR}${OSSEC_P_DIST_CONF} >+.if defined(MAINTAINER_MODE) >+ @${CHOWN} ${USER}:${OSSEC_GROUP} ${STAGEDIR}${OSSEC_P_DIST_CONF} >+.endif >+.endif >+ >+agent-local-conf: >+.if !defined(AGENT_ONLY) && !defined(LOCAL_ONLY) >+ @${CAT} ${WRKDIR}/${TEMPL_SAMPLE_HEADER} > ${STAGEDIR}${OSSEC_P_LOCAL_CONF} >+.for file in ${TEMPL_P_SAMPLE_FILES} >+ @${TEMPL_TO_OSSEC_P} ${WRKDIR}/${file} >> ${STAGEDIR}${OSSEC_P_LOCAL_CONF} >+ @${ECHO_CMD} >> ${STAGEDIR}${OSSEC_P_LOCAL_CONF} >+.endfor >+ @${CHMOD} 640 ${STAGEDIR}${OSSEC_P_LOCAL_CONF} >+.if defined(MAINTAINER_MODE) >+ @${CHOWN} ${USER}:${OSSEC_GROUP} ${STAGEDIR}${OSSEC_P_LOCAL_CONF} >+.endif >+.endif >+ >+ossec-rules: >+.if !defined(AGENT_ONLY) >+.for file in ${OSSEC_RULES_FILES} >+ @${SED} -e 's|<?xml.*?>||' ${WRKDIR}/rule-${file}.xml > ${STAGEDIR}${OSSEC_RULES_DIR}/freebsd_${file}_rules.xml >+ @${CHMOD} 640 ${STAGEDIR}${OSSEC_RULES_DIR}/freebsd_${file}_rules.xml >+.if defined(MAINTAINER_MODE) >+ @${CHOWN} ${USER}:${OSSEC_GROUP} ${STAGEDIR}${OSSEC_RULES_DIR}/freebsd_${file}_rules.xml >+.endif >+.endfor >+.endif >+ >+ossec-scripts: >+ @${CP} -f ${WRKDIR}/ossec-conf ${STAGEDIR}${OSSEC_OSSEC_CONF} >+ @${CHMOD} 550 ${STAGEDIR}${OSSEC_OSSEC_CONF} >+.if !defined(AGENT_ONLY) && !defined(LOCAL_ONLY) >+ @${CP} -f ${WRKDIR}/agent-conf ${STAGEDIR}${OSSEC_AGENT_CONF} >+ @${CHMOD} 550 ${STAGEDIR}${OSSEC_AGENT_CONF} >+.endif >+ @${CP} -f ${WRKDIR}/merge-config.sh ${STAGEDIR}${OSSEC_MERGE_CONFIG} >+ @${CHMOD} 550 ${STAGEDIR}${OSSEC_MERGE_CONFIG} >+ @${CP} -f ${WRKDIR}/restart-ossec.sh ${STAGEDIR}${OSSEC_RESTART_OSSEC} >+ @${CHMOD} 550 ${STAGEDIR}${OSSEC_RESTART_OSSEC} >+.if defined(MAINTAINER_MODE) >+ @${CHOWN} ${USER}:${OSSEC_GROUP} ${STAGEDIR}${OSSEC_MERGE_CONFIG} >+.endif >+ >+post-install: ossec-dist-conf ossec-local-conf agent-dist-conf agent-local-conf ossec-rules ossec-scripts >+ @${CHMOD} 770 ${STAGEDIR}${OSSEC_TMP} >+.if defined(AGENT_ONLY) >+.if defined(MAINTAINER_MODE) >+ @for file in $$(find "${STAGEDIR}${OSSEC_SHARED}" -type f); do ${CHMOD} 0644 $${file}; ${CHOWN} ${OSSEC_USER}:${OSSEC_GROUP} $${file}; done > .else >- @cd ${WRKSRC}/src; ${MAKE} server >+ @for file in $$(find "${STAGEDIR}${OSSEC_SHARED}" -type f); do ${CHMOD} 0644 $${file}; done > .endif >- @${MKDIR} ${STAGEDIR}${PREFIX}/${PORTNAME}/etc >+.endif >+ @${ECHO_CMD} -n > ${PKGMESSAGE} >+.for file in ${PKGMSG_FILES} >+ @${CAT} ${WRKDIR}/${file} >> ${PKGMESSAGE} >+ @${ECHO_CMD} >> ${PKGMESSAGE} >+.endfor > .for file in ${STRIP_FILES} >- ${STRIP_CMD} ${STAGEDIR}${PREFIX}/ossec-hids/bin/${file} >+ @${STRIP_CMD} ${STAGEDIR}${PREFIX}/${PORTNAME}/bin/${file} > .endfor > >-.if defined(CLIENT_ONLY) >- @${CP} ${WRKSRC}/etc/ossec-agent.conf ${STAGEDIR}${PREFIX}/${PORTNAME}/etc/ossec.conf.sample >-.elif defined(LOCAL_ONLY) >- ${CP} ${WRKSRC}/etc/ossec-local.conf ${STAGEDIR}${PREFIX}/${PORTNAME}/etc/ossec.conf.sample >-.else >- ${CP} ${WRKSRC}/etc/ossec-server.conf ${STAGEDIR}${PREFIX}/${PORTNAME}/etc/ossec.conf.sample >+.if defined(MAINTAINER_MODE) >+plist: makeplist >+ @${SCRIPTDIR}/plist.sh ${OSSEC_TYPE} ${PLIST} ${PREFIX}/${PORTNAME} ${WRKDIR} > .endif > > post-install-DOCS-on: >@@ -139,10 +476,10 @@ > > post-install-MYSQL-on: > @${MKDIR} ${STAGEDIR}${DOCSDIR} >- @cd ${WRKSRC} && ${INSTALL_DATA} src/os_dbd/mysql.schema ${STAGEDIR}${DOCSDIR} >+ @cd ${WRKSRC} && ${INSTALL_DATA} src/os_dbd/${DB_SCHEMA} ${STAGEDIR}${DOCSDIR} > > post-install-PGSQL-on: > @${MKDIR} ${STAGEDIR}${DOCSDIR} >- @cd ${WRKSRC} && ${INSTALL_DATA} src/os_dbd/postgresql.schema ${STAGEDIR}${DOCSDIR} >+ @cd ${WRKSRC} && ${INSTALL_DATA} src/os_dbd/${DB_SCHEMA} ${STAGEDIR}${DOCSDIR} > > .include <bsd.port.post.mk> >Index: distinfo >=================================================================== >--- distinfo (revision 463924) >+++ distinfo (working copy) >@@ -1,2 +1,3 @@ >-SHA256 (ossec-ossec-hids-v2.8.3_GH0.tar.gz) = 917989e23330d18b0d900e8722392cdbe4f17364a547508742c0fd005a1df7dd >-SIZE (ossec-ossec-hids-v2.8.3_GH0.tar.gz) = 1642095 >+TIMESTAMP = 1517645028 >+SHA256 (ossec-ossec-hids-2.9.3_GH0.tar.gz) = 6b70a8f93fc2412bfc34a793a53b4d22323568866c09fde87c7d3a9d04e3b313 >+SIZE (ossec-ossec-hids-2.9.3_GH0.tar.gz) = 1711222 >Index: files/agent-conf.in >=================================================================== >--- files/agent-conf.in (nonexistent) >+++ files/agent-conf.in (working copy) >@@ -0,0 +1,35 @@ >+#!/bin/sh >+ >+ossec_type="%%OSSEC_TYPE%%" >+ossec_home="%%PREFIX%%/%%PORTNAME%%" >+ >+agent_dist_conf="${ossec_home}/etc/agent-dist.conf" >+agent_local_conf="${ossec_home}/etc/agent-local.conf" >+ >+select_elements() { >+ local element="$1" >+ sed -n "/<${element}.*>/,/<\/${element}>/p" >+} >+ >+remove_comments() { >+ # Comments must be on separate lines i.e. not next to uncommented code >+ awk '/<!--/ {off=1} /-->/ {off=2} /([\s\S]*)/ {if (off==0) print; if (off==2) off=0}' >+} >+ >+remove_empty_lines() { >+ sed '/^\s*$/d' >+} >+ >+agent_conf() { >+ local dist_conf="$1" >+ local local_conf="$2" >+ >+ echo "<!-- OSSEC HIDS %%VERSION%% -->" >+ echo >+ echo "<!-- DO NOT EDIT - edit \"${local_conf}\" instead -->" >+ echo >+ >+ cat "${dist_conf}" "${local_conf}" | remove_comments | select_elements "agent_config" | remove_empty_lines >+} >+ >+agent_conf "${agent_dist_conf}" "${agent_local_conf}" > >Property changes on: files/agent-conf.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/merge-config.sh.in >=================================================================== >--- files/merge-config.sh.in (nonexistent) >+++ files/merge-config.sh.in (working copy) >@@ -0,0 +1,32 @@ >+#!/bin/sh >+ >+# This script is part of FreeBSD port - report any issues to the port MAINTAINER >+ >+ossec_type="%%OSSEC_TYPE%%" >+ossec_home="%%PREFIX%%/%%PORTNAME%%" >+ossec_rc="%%OSSEC_RC%%" >+ >+ACTION=$1 >+USER=$2 >+IP=$3 >+ >+LOCAL=`dirname $0`; >+cd $LOCAL >+cd ../../tmp >+ >+# Logging the call >+echo "`date` $0 $1 $2 $3 $4 $5" >> "${ossec_home}/logs/active-responses.log" >+ >+case ${ACTION} in >+ add) >+ "${ossec_rc}" merge_config >+ exit 0 >+ ;; >+ delete) >+ exit 0 >+ ;; >+ *) >+ echo "$0: invalid action: ${ACTION}" >+ exit 1 >+ ;; >+esac > >Property changes on: files/merge-config.sh.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/message-db.in >=================================================================== >--- files/message-db.in (nonexistent) >+++ files/message-db.in (working copy) >@@ -0,0 +1,8 @@ >+The database schema file: >+%%DB_SCHEMA%% >+ >+To enable database output execute: >+# %%PREFIX%%/%%PORTNAME%%/bin/ossec-control enable database >+ >+Then check this documentation: >+https://ossec.github.io/docs/syntax/head_ossec_config.database_output.html > >Property changes on: files/message-db.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/message-footer.in >=================================================================== >--- files/message-footer.in (nonexistent) >+++ files/message-footer.in (working copy) >@@ -0,0 +1,5 @@ >+When you deinstall this port after starting the daemons once, many >+directories that are created by the daemons will remain. To fully >+remove the port you need to delete those directories manually. To >+further enhance the security on your system, you may also enable >+some checks in PAM for a fast reaction against intrusions. > >Property changes on: files/message-footer.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/message-header.in >=================================================================== >--- files/message-header.in (nonexistent) >+++ files/message-header.in (working copy) >@@ -0,0 +1,9 @@ >+After installation, you need to edit the ossec-local.conf file to reflect >+the correct settings for your environment. All the files related >+to %%PORTNAME%% have been installed in %%PREFIX%%/%%PORTNAME%% and >+its subdirectories. >+ >+For information on proper configuration see: >+https://ossec.github.io/docs/syntax/ossec_config.html >+ >+To enable the startup script, add ossechids_enable="YES" to /etc/rc.conf. > >Property changes on: files/message-header.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/message-pf.in >=================================================================== >--- files/message-pf.in (nonexistent) >+++ files/message-pf.in (working copy) >@@ -0,0 +1,4 @@ >+Add the ossec_fwtable to /etc/pf.conf if using firewall-drop command: >+ table <ossec_fwtable> persist >+ block in quick from <ossec_fwtable> to any >+ block out quick from any to <ossec_fwtable> > >Property changes on: files/message-pf.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/ossec-conf.in >=================================================================== >--- files/ossec-conf.in (nonexistent) >+++ files/ossec-conf.in (working copy) >@@ -0,0 +1,63 @@ >+#!/bin/sh >+ >+ossec_type="%%OSSEC_TYPE%%" >+ossec_home="%%PREFIX%%/%%PORTNAME%%" >+ >+ossec_dist_conf="${ossec_home}/etc/ossec-dist.conf" >+ossec_local_conf="${ossec_home}/etc/ossec-local.conf" >+ >+select_elements_content() { >+ local element="$1" >+ sed -n "/<${element}>/,/<\/${element}>/{ /<${element}>/d; /<\/${element}>/d; p; }" >+} >+ >+remove_elements() { >+ local element="$1" >+ sed -e "/<${element}>/,/<\/${element}>/d" >+} >+ >+remove_comments() { >+ # Comments must be on separate lines i.e. not next to uncommented code >+ awk '/<!--/ {off=1} /-->/ {off=2} /([\s\S]*)/ {if (off==0) print; if (off==2) off=0}' >+} >+ >+remove_empty_lines() { >+ sed '/^\s*$/d' >+} >+ >+ossec_conf() { >+ local dist_conf="$1" >+ local local_conf="$2" >+ >+ echo "<!-- OSSEC HIDS %%VERSION%% -->" >+ echo >+ echo "<!-- DO NOT EDIT - edit \"${local_conf}\" instead -->" >+ echo >+ echo "<ossec_config>" >+ >+ if [ "${ossec_type}" != "agent" ]; then >+ if cat "${dist_conf}" "${local_conf}" | remove_comments | grep -q "<rules>"; then >+ echo " <rules>" >+ cat "${dist_conf}" "${local_conf}" | remove_comments | select_elements_content "rules" | remove_empty_lines >+ echo " </rules>" >+ fi >+ fi >+ >+ if cat "${dist_conf}" "${local_conf}" | remove_comments | grep -q "<rootcheck>"; then >+ echo " <rootcheck>" >+ cat "${dist_conf}" "${local_conf}" | remove_comments | select_elements_content "rootcheck" | remove_empty_lines >+ echo " </rootcheck>" >+ fi >+ >+ if cat "${dist_conf}" "${local_conf}" | remove_comments | grep -q "<syscheck>"; then >+ echo " <syscheck>" >+ cat "${dist_conf}" "${local_conf}" | remove_comments | select_elements_content "syscheck" | remove_empty_lines >+ echo " </syscheck>" >+ fi >+ >+ cat "${dist_conf}" "${local_conf}" | remove_comments | select_elements_content "ossec_config" | remove_elements "rules" | remove_elements "rootcheck" | remove_elements "syscheck" | remove_empty_lines >+ >+ echo "</ossec_config>" >+} >+ >+ossec_conf "${ossec_dist_conf}" "${ossec_local_conf}" > >Property changes on: files/ossec-conf.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/ossec-hids.in >=================================================================== >--- files/ossec-hids.in (revision 463924) >+++ files/ossec-hids.in (working copy) >@@ -1,5 +1,5 @@ > #!/bin/sh >-# >+# > # PROVIDE: ossechids > # REQUIRE: DAEMON > # BEFORE: LOGIN >@@ -15,51 +15,182 @@ > : ${ossechids_enable="NO"} > : ${ossechids_user="ossec"} > : ${ossechids_group="ossec"} >+: ${ossechids_clear_tmp="YES"} >+: ${ossechids_clear_log="NO"} >+: ${ossechids_clear_ar_log="NO"} >+: ${ossechids_fetch_time=15} > >-start_precmd=%%PRECMD%% >+ossec_type="%%OSSEC_TYPE%%" >+ossec_home="%%PREFIX%%/%%PORTNAME%%" >+ >+ossec_conf="${ossec_home}/etc/ossec.conf" >+ossec_dist_conf="${ossec_home}/etc/ossec-dist.conf" >+ossec_local_conf="${ossec_home}/etc/ossec-local.conf" >+ >+agent_conf="${ossec_home}/etc/shared/agent.conf" >+agent_dist_conf="${ossec_home}/etc/agent-dist.conf" >+agent_local_conf="${ossec_home}/etc/agent-local.conf" >+ >+ossec_client_keys="${ossec_home}/etc/client.keys" >+ossec_tmp="${ossec_home}/tmp" >+ossec_log="${ossec_home}/logs/ossec.log" >+ossec_ar_log="${ossec_home}/logs/active-responses.log" >+ossec_merged="${ossec_home}/etc/shared/merged.mg" >+ >+extra_commands="reload ossec_conf" >+case ${ossec_type} in >+ server) >+ extra_commands="${extra_commands} agent_conf" >+ ;; >+ agent) >+ extra_commands="${extra_commands} fetch_config" >+ ;; >+esac >+extra_commands="${extra_commands} merge_config" >+ > start_cmd="ossechids_command start" > stop_cmd="ossechids_command stop" > restart_cmd="ossechids_command restart" > status_cmd="ossechids_command status" > reload_cmd="ossechids_command reload" >+fetch_config_cmd="ossechids_command restart" >+merge_config_cmd="ossechids_create_configs" >+ossec_conf_cmd="ossechids_ossec_conf" >+agent_conf_cmd="ossechids_agent_conf" > >-command="%%PREFIX%%/%%PORTNAME%%/bin/ossec-control" >-required_files="%%PREFIX%%/%%PORTNAME%%/etc/ossec.conf" >-extra_commands="reload" >+start_precmd="ossechids_prepare" >+restart_precmd="ossechids_prepare" >+reload_precmd="ossechids_prepare" >+fetch_config_precmd="ossechids_prepare" > >-fts_queue=%%PREFIX%%/%%PORTNAME%%/queue/fts/fts-queue >-ig_queue=%%PREFIX%%/%%PORTNAME%%/queue/fts/ig-queue >-ossec_log=%%PREFIX%%/%%PORTNAME%%/logs/ossec.log >-active_responses_log=%%PREFIX%%/%%PORTNAME%%/logs/active-responses.log >+install_file() { >+ local path=$1 >+ local owner=$2 >+ local mode=$3 > >-ossechids_start_precmd() { >- # These files are not created by the daemons with the correct >- # ownership, so create them here before starting up the system, >- # if they don't already exist. This is only done for the "local" and >- # "server" installation types. >- if [ ! -e ${fts_queue} ]; then >- touch ${fts_queue} >- chown ${ossechids_user}:${ossechids_group} ${fts_queue} >- chmod 640 ${fts_queue} >+ if [ ! -e "${path}" ]; then >+ touch "${path}" && chown ${owner} "${path}" && chmod ${mode} "${path}" > fi >- if [ ! -e ${ig_queue} ]; then >- touch ${ig_queue} >- chown ${ossechids_user}:${ossechids_group} ${ig_queue} >- chmod 640 ${ig_queue} >+} >+ >+ossechids_check() { >+ case ${ossec_type} in >+ server) >+ if [ ! -s "${ossec_client_keys}" ]; then >+ echo "WARNING: There are no client keys created - remote connections will be disabled" >+ fi >+ ;; >+ agent) >+ if [ ! -s "${ossec_client_keys}" ]; then >+ echo "WARNING: There are is no client key imported - connection to server not possible" >+ fi >+ ;; >+ esac >+ >+ return 0 >+} >+ >+ossechids_create_configs() { >+ case ${ossec_type} in >+ server) >+ # Merge agent-dist.conf and agent-local.conf into agent.conf >+ if [ ! -e "${agent_conf}" -o "${agent_dist_conf}" -nt "${agent_conf}" -o "${agent_local_conf}" -nt "${agent_conf}" ]; then >+ install_file "${agent_conf}" %%USER%%:%%OSSEC_GROUP%% 0640 >+ "${ossec_home}/bin/agent_conf" > "${agent_conf}" >+ fi >+ ;; >+ agent) >+ # Touch agent.conf so the agent daemons won't complain if it doesn't exist >+ install_file "${agent_conf}" %%OSSEC_USER%%:%%OSSEC_GROUP%% 0644 >+ ;; >+ esac >+ >+ # Merge ossec-dist.conf and ossec-local.conf into ossec.conf >+ if [ ! -e "${ossec_conf}" -o "${ossec_dist_conf}" -nt "${ossec_conf}" -o "${ossec_local_conf}" -nt "${ossec_conf}" ]; then >+ install_file "${ossec_conf}" %%USER%%:%%OSSEC_GROUP%% 0640 >+ "${ossec_home}/bin/ossec_conf" > "${ossec_conf}" > fi > >- # Ensure logfiles are created with the correct ownership and mode >- for log in ${ossec_log} ${active_responses_log}; do >- if [ ! -e ${log} ]; then >- touch ${log} >- chown ${ossechids_user}:${ossechids_group} ${log} >- chmod 660 ${log} >- fi >- done >+ return 0 > } > >+ossechids_create_logs() { >+ # Create required log files if they don't exist >+ install_file "${ossec_log}" ${ossechids_user}:${ossechids_group} 0660 >+ install_file "${ossec_ar_log}" ${ossechids_user}:${ossechids_group} 0660 >+ >+ return 0 >+} >+ >+ossechids_clean_temps() { >+ if [ "${ossec_type}" == "server" ]; then >+ rm -f "${ossec_merged}" >+ fi >+ >+ if checkyesno ossechids_clear_tmp; then >+ rm -rf "${ossec_tmp}/*" >+ fi >+ >+ if checkyesno ossechids_clear_log; then >+ echo -n > "${ossec_log}" >+ fi >+ >+ if checkyesno ossechids_clear_ar_log; then >+ echo -n > "${ossec_ar_log}" >+ fi >+ >+ return 0 >+} >+ >+ossechids_fetch_configs() { >+ case ${ossec_type} in >+ agent) >+ rm -f "${ossec_merged}" >+ ossechids_command stop >+ sleep 1 >+ ossechids_command start >+ echo "Waiting ${ossechids_fetch_time} seconds for the shared configuration to be downloaded from the OSSEC server" >+ sleep ${ossechids_fetch_time} >+ if [ ! -s "${ossec_merged}" ]; then >+ echo "Failed to download shared configuration from the OSSEC server" >+ return 1 >+ fi >+ ;; >+ *) >+ echo "Shared configuration is only available for client installations" >+ return 1 >+ ;; >+ esac >+ >+ return 0 >+} >+ >+ossechids_prepare() { >+ case ${rc_arg} in >+ start|restart) >+ ossechids_create_logs && ossechids_create_configs && ossechids_clean_temps && ossechids_check || return 1 >+ ;; >+ fetch_config) >+ ossechids_create_logs && ossechids_create_configs && ossechids_clean_temps && ossechids_fetch_configs && ossechids_check || return 1 >+ ;; >+ reload) >+ ossechids_create_configs || return 1 >+ ;; >+ esac >+ >+ return 0 >+} >+ >+ossechids_ossec_conf() { >+ "${ossec_home}/bin/ossec_conf" >+} >+ >+ossechids_agent_conf() { >+ "${ossec_home}/bin/agent_conf" >+} >+ > ossechids_command() { >- ${command} ${rc_arg} >+ "${ossec_home}/bin/ossec-control" "$1" > } > > run_rc_command "$1" >Index: files/patch-active-response_host-deny.sh >=================================================================== >--- files/patch-active-response_host-deny.sh (nonexistent) >+++ files/patch-active-response_host-deny.sh (working copy) >@@ -0,0 +1,24 @@ >+--- active-response/host-deny.sh.orig 2017-12-19 21:30:31 UTC >++++ active-response/host-deny.sh >+@@ -11,7 +11,7 @@ IP=$3 >+ >+ LOCAL=`dirname $0`; >+ cd $LOCAL >+-cd ../ >++cd ../../tmp >+ PWD=`pwd` >+ LOCK="${PWD}/host-deny-lock" >+ LOCK_PID="${PWD}/host-deny-lock/pid" >+@@ -112,10 +112,10 @@ if [ "x${ACTION}" = "xadd" ]; then >+ # Deleting from hosts.deny >+ elif [ "x${ACTION}" = "xdelete" ]; then >+ lock; >+- TMP_FILE=`mktemp /var/ossec/ossec-hosts.XXXXXXXXXX` >++ TMP_FILE=`mktemp ${PWD}/ossec-hosts.XXXXXXXXXX` >+ if [ "X${TMP_FILE}" = "X" ]; then >+ # Cheap fake tmpfile, but should be harder then no random data >+- TMP_FILE="/var/ossec/ossec-hosts.`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -1 `" >++ TMP_FILE="${PWD}/ossec-hosts.`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -1 `" >+ fi >+ echo "${IP}" | grep "\:" > /dev/null 2>&1 >+ if [ $? = 0 ]; then > >Property changes on: files/patch-active-response_host-deny.sh >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/patch-src__InstallAgent.sh >=================================================================== >--- files/patch-src__InstallAgent.sh (revision 463924) >+++ files/patch-src__InstallAgent.sh (nonexistent) >@@ -1,123 +0,0 @@ >---- src/InstallAgent.sh.orig 2015-10-12 21:21:06 UTC >-+++ src/InstallAgent.sh >-@@ -37,11 +37,11 @@ fi >- >- # Creating groups/users >- if [ "$UNAME" = "FreeBSD" -o "$UNAME" = "DragonFly" ]; then >-- grep "^${USER}" /etc/passwd > /dev/null 2>&1 >-- if [ ! $? = 0 ]; then >-- /usr/sbin/pw groupadd ${GROUP} >-- /usr/sbin/pw useradd ${USER} -d ${DIR} -s /sbin/nologin -g ${GROUP} >-- fi >-+ #grep "^${USER}" /etc/passwd > /dev/null 2>&1 >-+ #if [ ! $? = 0 ]; then >-+ #/usr/sbin/pw groupadd ${GROUP} >-+ #/usr/sbin/pw useradd ${USER} -d ${DIR} -s /sbin/nologin -g ${GROUP} >-+ #fi >- >- elif [ "$UNAME" = "SunOS" ]; then >- grep "^${USER}" /etc/passwd > /dev/null 2>&1 >-@@ -106,22 +106,17 @@ for i in ${subdirs}; do >- done >- >- # Default for all directories >--chmod -R 550 ${DIR} >--chown -R root:${GROUP} ${DIR} >-+chmod -R 750 ${DIR} >- >- # To the ossec queue (default for agentd to read) >--chown -R ${USER}:${GROUP} ${DIR}/queue/ossec >- chmod -R 770 ${DIR}/queue/ossec >- >- # For the logging user >--chown -R ${USER}:${GROUP} ${DIR}/logs >- chmod -R 750 ${DIR}/logs >- chmod -R 775 ${DIR}/queue/rids >- touch ${DIR}/logs/ossec.log >--chown ${USER}:${GROUP} ${DIR}/logs/ossec.log >- chmod 664 ${DIR}/logs/ossec.log >- >--chown -R ${USER}:${GROUP} ${DIR}/queue/diff >- chmod -R 750 ${DIR}/queue/diff >- chmod 740 ${DIR}/queue/diff/* > /dev/null 2>&1 >- >-@@ -131,8 +126,7 @@ chmod 1550 ${DIR}/tmp >- >- >- # For the etc dir >--chmod 550 ${DIR}/etc >--chown -R root:${GROUP} ${DIR}/etc >-+chmod 750 ${DIR}/etc >- >- ls /etc/localtime > /dev/null 2>&1 >- if [ $? = 0 ]; then >-@@ -144,13 +138,11 @@ if [ "$UNAME" = "SunOS" ]; then >- mkdir -p ${DIR}/usr/share/lib/zoneinfo/ >- chmod -R 555 ${DIR}/usr/ >- cp -pr /usr/share/lib/zoneinfo/* ${DIR}/usr/share/lib/zoneinfo/ >-- chown -R root:${GROUP} ${DIR}/usr/ >- fi >- >- ls /etc/TIMEZONE > /dev/null 2>&1 >- if [ $? = 0 ]; then >- cp -p /etc/TIMEZONE ${DIR}/etc/; >-- chown root:${GROUP} ${DIR}/etc/TIMEZONE >- chmod 555 ${DIR}/etc/TIMEZONE >- fi >- >-@@ -170,25 +162,17 @@ cp -pr ../etc/local_internal_options.con >- cp -pr ../etc/client.keys ${DIR}/etc/ > /dev/null 2>&1 >- cp -pr agentlessd/scripts/* ${DIR}/agentless/ >- >--chown root:${GROUP} ${DIR}/etc/internal_options.conf >--chown root:${GROUP} ${DIR}/etc/local_internal_options.conf > /dev/null 2>&1 >--chown root:${GROUP} ${DIR}/etc/client.keys > /dev/null 2>&1 >--chown root:${GROUP} ${DIR}/agentless/* >--chown ${USER}:${GROUP} ${DIR}/.ssh >--chown -R root:${GROUP} ${DIR}/etc/shared >-- >--chmod 550 ${DIR}/etc >-+chmod 750 ${DIR}/etc >- chmod 440 ${DIR}/etc/internal_options.conf >- chmod 440 ${DIR}/etc/local_internal_options.conf > /dev/null 2>&1 >- chmod 440 ${DIR}/etc/client.keys > /dev/null 2>&1 >- chmod -R 770 ${DIR}/etc/shared # ossec must be able to write to it >--chmod 550 ${DIR}/agentless/* >-+chmod 750 ${DIR}/agentless/* >- chmod 700 ${DIR}/.ssh >- >- >- # For the /var/run >- chmod 770 ${DIR}/var/run >--chown root:${GROUP} ${DIR}/var/run >- >- >- # Moving the binary files >-@@ -202,7 +186,6 @@ cp -pr addagent/manage_agents ${DIR}/bin >- cp -pr ../contrib/util.sh ${DIR}/bin/ >- cp -pr external/lua/src/ossec-lua ${DIR}/bin/ >- cp -pr external/lua/src/ossec-luac ${DIR}/bin/ >--chown root:${GROUP} ${DIR}/bin/util.sh >- chmod +x ${DIR}/bin/util.sh >- >- # Copying active response modules >-@@ -210,10 +193,8 @@ sh ./init/fw-check.sh execute > /dev/nul >- cp -pr ../active-response/*.sh ${DIR}/active-response/bin/ >- cp -pr ../active-response/firewalls/*.sh ${DIR}/active-response/bin/ >- chmod 755 ${DIR}/active-response/bin/* >--chown root:${GROUP} ${DIR}/active-response/bin/* >- >--chown root:${GROUP} ${DIR}/bin/* >--chmod 550 ${DIR}/bin/* >-+chmod 750 ${DIR}/bin/* >- >- >- # Moving the config file >-@@ -229,7 +210,6 @@ if [ $? = 0 ]; then >- else >- cp -pr ../etc/ossec-agent.conf ${DIR}/etc/ossec.conf >- fi >--chown root:${GROUP} ${DIR}/etc/ossec.conf >- chmod 440 ${DIR}/etc/ossec.conf >- >- > >Property changes on: files/patch-src__InstallAgent.sh >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: files/patch-src__InstallServer.sh >=================================================================== >--- files/patch-src__InstallServer.sh (revision 463924) >+++ files/patch-src__InstallServer.sh (nonexistent) >@@ -1,208 +0,0 @@ >---- src/InstallServer.sh.orig 2015-10-12 21:21:06 UTC >-+++ src/InstallServer.sh >-@@ -44,13 +44,13 @@ fi >- >- # Creating groups/users >- if [ "$UNAME" = "FreeBSD" -o "$UNAME" = "DragonFly" ]; then >-- grep "^${USER_REM}" /etc/passwd > /dev/null 2>&1 >-- if [ ! $? = 0 ]; then >-- /usr/sbin/pw groupadd ${GROUP} >-- /usr/sbin/pw useradd ${USER} -d ${DIR} -s /sbin/nologin -g ${GROUP} >-- /usr/sbin/pw useradd ${USER_MAIL} -d ${DIR} -s /sbin/nologin -g ${GROUP} >-- /usr/sbin/pw useradd ${USER_REM} -d ${DIR} -s /sbin/nologin -g ${GROUP} >-- fi >-+# grep "^${USER_REM}" /etc/passwd > /dev/null 2>&1 >-+# if [ ! $? = 0 ]; then >-+# /usr/sbin/pw groupadd ${GROUP} >-+# /usr/sbin/pw useradd ${USER} -d ${DIR} -s /sbin/nologin -g ${GROUP} >-+# /usr/sbin/pw useradd ${USER_MAIL} -d ${DIR} -s /sbin/nologin -g ${GROUP} >-+# /usr/sbin/pw useradd ${USER_REM} -d ${DIR} -s /sbin/nologin -g ${GROUP} >-+# fi >- >- elif [ "$UNAME" = "SunOS" ]; then >- grep "^${USER_REM}" /etc/passwd > /dev/null 2>&1 >-@@ -121,66 +121,49 @@ for i in ${subdirs}; do >- done >- >- # Default for all directories >--chmod 550 ${DIR} >--chmod 550 ${DIR}/* >--chown root:${GROUP} ${DIR} >--chown root:${GROUP} ${DIR}/* >-+chmod 750 ${DIR} >-+chmod 750 ${DIR}/* >- >- # AnalysisD needs to write to alerts: log, mail and cmds >--chown -R ${USER}:${GROUP} ${DIR}/queue/alerts >- chmod -R 770 ${DIR}/queue/alerts >- >- # To the ossec queue (default for analysisd to read) >--chown -R ${USER}:${GROUP} ${DIR}/queue/ossec >- chmod -R 770 ${DIR}/queue/ossec >- >- # To the ossec fts queue >--chown -R ${USER}:${GROUP} ${DIR}/queue/fts >- chmod -R 750 ${DIR}/queue/fts >- chmod 750 ${DIR}/queue/fts/* > /dev/null 2>&1 >- >- # To the ossec syscheck/rootcheck queue >--chown -R ${USER}:${GROUP} ${DIR}/queue/syscheck >- chmod -R 750 ${DIR}/queue/syscheck >- chmod 740 ${DIR}/queue/syscheck/* > /dev/null 2>&1 >- >--chown -R ${USER}:${GROUP} ${DIR}/queue/rootcheck >- chmod -R 750 ${DIR}/queue/rootcheck >- chmod 740 ${DIR}/queue/rootcheck/* > /dev/null 2>&1 >- >--chown ${USER}:${GROUP} ${DIR}/queue/diff >--chown ${USER}:${GROUP} ${DIR}/queue/diff/* > /dev/null 2>&1 >- chmod 750 ${DIR}/queue/diff >- chmod 740 ${DIR}/queue/diff/* > /dev/null 2>&1 >- >--chown -R ${USER_REM}:${GROUP} ${DIR}/queue/agent-info >- chmod -R 750 ${DIR}/queue/agent-info >- chmod 740 ${DIR}/queue/agent-info/* > /dev/null 2>&1 >--chown -R ${USER_REM}:${GROUP} ${DIR}/queue/rids >- chmod -R 750 ${DIR}/queue/rids >- chmod 740 ${DIR}/queue/rids/* > /dev/null 2>&1 >- >--chown -R ${USER}:${GROUP} ${DIR}/queue/agentless >- chmod -R 750 ${DIR}/queue/agentless >- chmod 740 ${DIR}/queue/agentless/* > /dev/null 2>&1 >- >--chown -R root:${GROUP} ${DIR}/tmp >--chmod 1550 ${DIR}/tmp >-+chmod 1750 ${DIR}/tmp >- >- >- # For the stats directory >--chown -R ${USER}:${GROUP} ${DIR}/stats >- chmod -R 750 ${DIR}/stats >- >- # For the logging user >--chown -R ${USER}:${GROUP} ${DIR}/logs >- chmod -R 750 ${DIR}/logs >- touch ${DIR}/logs/ossec.log >--chown ${USER}:${GROUP} ${DIR}/logs/ossec.log >- chmod 660 ${DIR}/logs/ossec.log >- >- touch ${DIR}/logs/active-responses.log >--chown ${USER}:${GROUP} ${DIR}/logs/active-responses.log >- chmod 660 ${DIR}/logs/active-responses.log >- >- # For the rules directory >-@@ -198,7 +181,7 @@ if [ $? = 0 ]; then >- fi >- fi >- >--cp -pr ../etc/rules/* ${DIR}/rules/ >-+cp -pr ../etc/rules/*.xml ${DIR}/rules/ >- find ${DIR}/rules/ -type f -exec chmod 440 {} \; >- >- # If the local_rules is saved, moved it back >-@@ -207,37 +190,33 @@ if [ $? = 0 ]; then >- mv ${DIR}/rules/saved_local_rules.xml.$$ ${DIR}/rules/local_rules.xml >- fi >- >--chown -R root:${GROUP} ${DIR}/rules >--chmod -R 550 ${DIR}/rules >-+chmod -R 750 ${DIR}/rules >- >- >- # For the etc dir >--chmod 550 ${DIR}/etc >--chown -R root:${GROUP} ${DIR}/etc >-+chmod 750 ${DIR}/etc >- ls /etc/localtime > /dev/null 2>&1 >- if [ $? = 0 ]; then >- cp -pL /etc/localtime ${DIR}/etc/; >- chmod 440 ${DIR}/etc/localtime >-- chown root:${GROUP} ${DIR}/etc/localtime >- fi >- >- # Solaris Needs some extra files >- if [ "$UNAME" = "SunOS" ]; then >- mkdir -p ${DIR}/usr/share/lib/zoneinfo/ >-- chmod -R 550 ${DIR}/usr/ >-+ chmod -R 750 ${DIR}/usr/ >- cp -pr /usr/share/lib/zoneinfo/* ${DIR}/usr/share/lib/zoneinfo/ >- fi >- >- ls /etc/TIMEZONE > /dev/null 2>&1 >- if [ $? = 0 ]; then >- cp -p /etc/TIMEZONE ${DIR}/etc/; >-- chmod 550 ${DIR}/etc/TIMEZONE >-+ chmod 750 ${DIR}/etc/TIMEZONE >- fi >- >- >- # For the /var/run >- chmod 770 ${DIR}/var/run >--chown root:${GROUP} ${DIR}/var/run >- >- # Moving the binary files >- cp -pr addagent/manage_agents agentlessd/ossec-agentlessd \ >-@@ -260,7 +239,6 @@ cp -pr util/rootcheck_control ${DIR}/bin >- cp -pr external/lua/src/ossec-lua ${DIR}/bin/ >- cp -pr external/lua/src/ossec-luac ${DIR}/bin/ >- cp -pr ../contrib/util.sh ${DIR}/bin/ >--chown root:${GROUP} ${DIR}/bin/util.sh >- chmod +x ${DIR}/bin/util.sh >- >- # Local install chosen >-@@ -290,23 +268,15 @@ fi >- >- cp -pr ../etc/internal_options.conf ${DIR}/etc/ >- cp -pr rootcheck/db/*.txt ${DIR}/etc/shared/ >--chown root:${GROUP} ${DIR}/etc/decoder.xml >--chown root:${GROUP} ${DIR}/etc/local_decoder.xml >/dev/null 2>&1 >--chown root:${GROUP} ${DIR}/etc/internal_options.conf >--chown root:${GROUP} ${DIR}/etc/local_internal_options.conf >/dev/null 2>&1 >--chown root:${GROUP} ${DIR}/etc/client.keys >/dev/null 2>&1 >--chown root:${GROUP} ${DIR}/etc/shared/* >--chown root:${GROUP} ${DIR}/agentless/* >--chown ${USER}:${GROUP} ${DIR}/.ssh >- chmod 440 ${DIR}/etc/decoder.xml >- chmod 440 ${DIR}/etc/local_decoder.xml >/dev/null 2>&1 >- chmod 440 ${DIR}/etc/internal_options.conf >- chmod 440 ${DIR}/etc/local_internal_options.conf >/dev/null 2>&1 >- chmod 440 ${DIR}/etc/client.keys >/dev/null 2>&1 >--chmod 550 ${DIR}/etc >-+chmod 750 ${DIR}/etc >- chmod 770 ${DIR}/etc/shared >- chmod 440 ${DIR}/etc/shared/* >--chmod 550 ${DIR}/agentless/* >-+chmod 750 ${DIR}/agentless/* >- rm ${DIR}/etc/shared/merged.mg >/dev/null 2>&1 >- chmod 700 ${DIR}/.ssh >- >-@@ -316,11 +286,9 @@ sh ./init/fw-check.sh execute > /dev/nul >- cp -p ../active-response/*.sh ${DIR}/active-response/bin/ >- cp -p ../active-response/firewalls/*.sh ${DIR}/active-response/bin/ >- >--chmod 550 ${DIR}/active-response/bin/* >--chown root:${GROUP} ${DIR}/active-response/bin/* >-+chmod 750 ${DIR}/active-response/bin/* >- >--chown root:${GROUP} ${DIR}/bin/* >--chmod 550 ${DIR}/bin/* >-+chmod 750 ${DIR}/bin/* >- >- >- # Moving the config file >-@@ -331,12 +299,11 @@ fi >- >- ls ../etc/ossec.mc > /dev/null 2>&1 >- if [ $? = 0 ]; then >-- cp -pr ../etc/ossec.mc ${DIR}/etc/ossec.conf >-+ cp -pr ../etc/ossec.mc ${DIR}/etc/ossec.conf.sample >- else >-- cp -pr ../etc/ossec-server.conf ${DIR}/etc/ossec.conf >-+ cp -pr ../etc/ossec-server.conf ${DIR}/etc/ossec.conf.sample >- fi >--chown root:${GROUP} ${DIR}/etc/ossec.conf >--chmod 440 ${DIR}/etc/ossec.conf >-+chmod 640 ${DIR}/etc/ossec.conf.sample >- >- >- > >Property changes on: files/patch-src__InstallServer.sh >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: files/patch-src__LOCATION >=================================================================== >--- files/patch-src__LOCATION (revision 463924) >+++ files/patch-src__LOCATION (nonexistent) >@@ -1,5 +0,0 @@ >---- src/LOCATION.orig 2015-10-12 21:21:06 UTC >-+++ src/LOCATION >-@@ -1 +1 @@ >--DIR="/var/ossec" >-+DIR="/usr/ports/security/ossec-hids-server/work/stage/usr/local/ossec-hids" > >Property changes on: files/patch-src__LOCATION >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: files/patch-src__headers__defs.h >=================================================================== >--- files/patch-src__headers__defs.h (revision 463924) >+++ files/patch-src__headers__defs.h (nonexistent) >@@ -1,11 +0,0 @@ >---- src/headers/defs.h.orig 2015-10-12 21:21:06 UTC >-+++ src/headers/defs.h >-@@ -98,7 +98,7 @@ http://www.ossec.net/main/license/\n" >- #endif >- >- #ifndef DEFAULTDIR >-- #define DEFAULTDIR "/var/ossec" >-+ #define DEFAULTDIR "/usr/local/ossec-hids" >- #endif >- >- > >Property changes on: files/patch-src__headers__defs.h >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: files/patch-src_os__dbd_mysql.schema >=================================================================== >--- files/patch-src_os__dbd_mysql.schema (revision 463924) >+++ files/patch-src_os__dbd_mysql.schema (nonexistent) >@@ -1,11 +0,0 @@ >---- src/os_dbd/mysql.schema.orig 2015-10-12 21:21:06 UTC >-+++ src/os_dbd/mysql.schema >-@@ -45,7 +45,7 @@ CREATE TABLE server >- last_contact INT UNSIGNED NOT NULL, >- version VARCHAR(32) NOT NULL, >- hostname VARCHAR(64) NOT NULL UNIQUE, >-- information VARCHAR(128) NOT NULL, >-+ information TEXT NOT NULL, >- PRIMARY KEY (id) >- ); >- > >Property changes on: files/patch-src_os__dbd_mysql.schema >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: files/patch-src_os__dbd_postgresql.schema >=================================================================== >--- files/patch-src_os__dbd_postgresql.schema (revision 463924) >+++ files/patch-src_os__dbd_postgresql.schema (nonexistent) >@@ -1,11 +0,0 @@ >---- src/os_dbd/postgresql.schema.orig 2015-10-12 21:21:06 UTC >-+++ src/os_dbd/postgresql.schema >-@@ -47,7 +47,7 @@ CREATE TABLE server >- last_contact INT8 NOT NULL, >- version VARCHAR(32) NOT NULL, >- hostname VARCHAR(64) NOT NULL UNIQUE, >-- information VARCHAR(128) NOT NULL, >-+ information TEXT NOT NULL, >- PRIMARY KEY (id) >- ); >- > >Property changes on: files/patch-src_os__dbd_postgresql.schema >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: files/patch-src_os__net_os__net.c >=================================================================== >--- files/patch-src_os__net_os__net.c (nonexistent) >+++ files/patch-src_os__net_os__net.c (working copy) >@@ -0,0 +1,24 @@ >+--- src/os_net/os_net.c.orig 2017-12-19 21:30:31 UTC >++++ src/os_net/os_net.c >+@@ -48,16 +48,16 @@ int OS_Bindport(char *_port, unsigned in >+ >+ >+ memset(&hints, 0, sizeof(struct addrinfo)); >+-#ifdef AI_V4MAPPED >+- hints.ai_family = AF_INET6; /* Allow IPv4 and IPv6 */ >+- hints.ai_flags = AI_PASSIVE | AI_ADDRCONFIG | AI_V4MAPPED; >+-#else >++//#ifdef AI_V4MAPPED >++// hints.ai_family = AF_INET6; /* Allow IPv4 and IPv6 */ >++// hints.ai_flags = AI_PASSIVE | AI_ADDRCONFIG | AI_V4MAPPED; >++//#else >+ /* Certain *BSD OS (eg. OpenBSD) do not allow binding to a >+ single-socket for both IPv4 and IPv6 per RFC 3493. This will >+ allow one or the other based on _ip. */ >+ hints.ai_family = AF_UNSPEC; /* Allow IPv4 or IPv6 */ >+ hints.ai_flags = AI_PASSIVE; >+-#endif >++//#endif >+ hints.ai_protocol = _proto; >+ if (_proto == IPPROTO_UDP) { >+ hints.ai_socktype = SOCK_DGRAM; > >Property changes on: files/patch-src_os__net_os__net.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/patch-src_rootcheck_db_system__audit__rcl.txt >=================================================================== >--- files/patch-src_rootcheck_db_system__audit__rcl.txt (nonexistent) >+++ files/patch-src_rootcheck_db_system__audit__rcl.txt (working copy) >@@ -0,0 +1,11 @@ >+--- src/rootcheck/db/system_audit_rcl.txt.orig 2017-12-19 21:30:31 UTC >++++ src/rootcheck/db/system_audit_rcl.txt >+@@ -25,7 +25,7 @@ >+ # Multiple patterns can be specified by using " && " between them. >+ # (All of them must match for it to return true). >+ >+-$php.ini=/etc/php.ini,/var/www/conf/php.ini,/etc/php5/apache2/php.ini; >++$php.ini=/etc/php.ini,/var/www/conf/php.ini,/etc/php5/apache2/php.ini,/usr/local/etc/php.ini; >+ $web_dirs=/var/www,/var/htdocs,/home/httpd,/usr/local/apache,/usr/local/apache2,/usr/local/www; >+ >+ # PHP checks > >Property changes on: files/patch-src_rootcheck_db_system__audit__rcl.txt >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/pkg-message.in >=================================================================== >--- files/pkg-message.in (revision 463924) >+++ files/pkg-message.in (nonexistent) >@@ -1,21 +0,0 @@ >-After installation, you need to edit the ossec.conf file to reflect >-the correct settings for your environment. All the files related >-to %%PORTNAME%% have been installed in %%PREFIX%%/%%PORTNAME%% and >-its subdirectories. >- >-For information on proper configuration, see http://www.ossec.net/. >- >-To enable the startup script, add ossechids_enable="YES" to >-/etc/rc.conf. To enable database output, execute: >- >-%%PREFIX%%/%%PORTNAME%%/bin/ossec-control enable database >- >-Then check this documentation: >- >-http://www.ossec.net/doc/manual/output/database-output.html >- >-When you deinstall this port after starting the daemons once, many >-directories that are created by the daemons will remain. To fully >-remove the port you need to delete those directories manually. To >-further enhance the security on your system, you may also enable >-some checks in PAM for a fast reaction against intrusions. > >Property changes on: files/pkg-message.in >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: files/restart-ossec.sh.in >=================================================================== >--- files/restart-ossec.sh.in (nonexistent) >+++ files/restart-ossec.sh.in (working copy) >@@ -0,0 +1,32 @@ >+#!/bin/sh >+ >+# This script is part of FreeBSD port - report any issues to the port MAINTAINER >+ >+ossec_type="%%OSSEC_TYPE%%" >+ossec_home="%%PREFIX%%/%%PORTNAME%%" >+ossec_rc="%%OSSEC_RC%%" >+ >+ACTION=$1 >+USER=$2 >+IP=$3 >+ >+LOCAL=`dirname $0`; >+cd $LOCAL >+cd ../../tmp >+ >+# Logging the call >+echo "`date` $0 $1 $2 $3 $4 $5" >> "${ossec_home}/logs/active-responses.log" >+ >+case ${ACTION} in >+ add) >+ "${ossec_rc}" restart >+ exit 0 >+ ;; >+ delete) >+ exit 0 >+ ;; >+ *) >+ echo "$0: invalid action: ${ACTION}" >+ exit 1 >+ ;; >+esac > >Property changes on: files/restart-ossec.sh.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/rule-config.xml.in >=================================================================== >--- files/rule-config.xml.in (nonexistent) >+++ files/rule-config.xml.in (working copy) >@@ -0,0 +1,52 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<group name="ossec,"> >+ >+ <rule id="56001" level="10"> >+ <if_group>syscheck</if_group> >+ <match>%%PREFIX%%/%%PORTNAME%%/etc/ossec-dist.conf</match> >+ <description>ossec-dist.conf has been modified</description> >+ </rule> >+ >+ <rule id="56002" level="10"> >+ <if_group>syscheck</if_group> >+ <match>%%PREFIX%%/%%PORTNAME%%/etc/ossec-local.conf</match> >+ <description>ossec-local.conf has been modified</description> >+ </rule> >+ >+ <rule id="56003" level="10" ignore="10"> >+ <if_group>syscheck</if_group> >+ <match>%%PREFIX%%/%%PORTNAME%%/etc/ossec.conf</match> >+ <description>ossec.conf has been modified</description> >+ </rule> >+ >+ <rule id="56004" level="10" ignore="10"> >+ <if_group>syscheck</if_group> >+ <match>/var/ossec/etc/ossec.conf</match> >+ <description>ossec.conf has been modified</description> >+ </rule> >+ >+ <rule id="56011" level="10"> >+ <if_group>syscheck</if_group> >+ <match>%%PREFIX%%/%%PORTNAME%%/etc/agent-dist.conf</match> >+ <description>agent-dist.conf has been modified</description> >+ </rule> >+ >+ <rule id="56012" level="10"> >+ <if_group>syscheck</if_group> >+ <match>%%PREFIX%%/%%PORTNAME%%/etc/agent-local.conf</match> >+ <description>agent-local.conf has been modified</description> >+ </rule> >+ >+ <rule id="56013" level="10" ignore="10"> >+ <if_group>syscheck</if_group> >+ <match>%%PREFIX%%/%%PORTNAME%%/etc/shared/agent.conf</match> >+ <description>agent.conf has been modified</description> >+ </rule> >+ >+ <rule id="56014" level="10" ignore="10"> >+ <if_group>syscheck</if_group> >+ <match>/var/ossec/etc/shared/agent.conf</match> >+ <description>agent.conf has been modified</description> >+ </rule> >+ >+</group> > >Property changes on: files/rule-config.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/rule-firewall.xml.in >=================================================================== >--- files/rule-firewall.xml.in (nonexistent) >+++ files/rule-firewall.xml.in (working copy) >@@ -0,0 +1,32 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<group name="ossec,active_response,"> >+ >+ <rule id="56021" level="3"> >+ <if_sid>600</if_sid> >+ <action>ipfw.sh</action> >+ <status>add</status> >+ <description>Host Blocked by ipfw.sh Active Response</description> >+ </rule> >+ >+ <rule id="56022" level="3"> >+ <if_sid>600</if_sid> >+ <action>ipfw.sh</action> >+ <status>delete</status> >+ <description>Host Unblocked by ipfw.sh Active Response</description> >+ </rule> >+ >+ <rule id="56023" level="3"> >+ <if_sid>600</if_sid> >+ <action>pf.sh</action> >+ <status>add</status> >+ <description>Host Blocked by pf.sh Active Response</description> >+ </rule> >+ >+ <rule id="56024" level="3"> >+ <if_sid>600</if_sid> >+ <action>pf.sh</action> >+ <status>delete</status> >+ <description>Host Unblocked by pf.sh Active Response</description> >+ </rule> >+ >+</group> > >Property changes on: files/rule-firewall.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/rule-ports.xml.in >=================================================================== >--- files/rule-ports.xml.in (nonexistent) >+++ files/rule-ports.xml.in (working copy) >@@ -0,0 +1,32 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<group name="ossec,"> >+ >+ <rule id="56041" level="7"> >+ <if_sid>530</if_sid> >+ <match>ossec: output: 'freebsd-ports-tcp4'</match> >+ <check_diff /> >+ <description>Listening IPv4 TCP port opened or closed.</description> >+ </rule> >+ >+ <rule id="56042" level="7"> >+ <if_sid>530</if_sid> >+ <match>ossec: output: 'freebsd-ports-tcp6'</match> >+ <check_diff /> >+ <description>Listening IPv6 TCP port opened or closed.</description> >+ </rule> >+ >+ <rule id="56043" level="7"> >+ <if_sid>530</if_sid> >+ <match>ossec: output: 'freebsd-ports-udp4'</match> >+ <check_diff /> >+ <description>IPv4 UDP port opened or closed.</description> >+ </rule> >+ >+ <rule id="56044" level="7"> >+ <if_sid>530</if_sid> >+ <match>ossec: output: 'freebsd-ports-udp6'</match> >+ <check_diff /> >+ <description>IPv6 UDP port opened or closed.</description> >+ </rule> >+ >+</group> > >Property changes on: files/rule-ports.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-ar-cmds-default.xml.in >=================================================================== >--- files/template-ar-cmds-default.xml.in (nonexistent) >+++ files/template-ar-cmds-default.xml.in (working copy) >@@ -0,0 +1,38 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <command> >+ <name>host-deny</name> >+ <executable>host-deny.sh</executable> >+ <expect>srcip</expect> >+ <timeout_allowed>yes</timeout_allowed> >+ </command> >+ >+ <command> >+ <name>firewall-drop</name> >+ <executable>%%FW_DROP%%</executable> >+ <expect>srcip</expect> >+ <timeout_allowed>yes</timeout_allowed> >+ </command> >+ >+ <command> >+ <name>disable-account</name> >+ <executable>disable-account.sh</executable> >+ <expect>user</expect> >+ <timeout_allowed>yes</timeout_allowed> >+ </command> >+ >+ <command> >+ <name>restart-ossec</name> >+ <executable>restart-ossec.sh</executable> >+ <expect></expect> >+ </command> >+ >+ <command> >+ <name>route-null</name> >+ <executable>route-null.sh</executable> >+ <expect>srcip</expect> >+ <timeout_allowed>yes</timeout_allowed> >+ </command> >+ >+</template_config> > >Property changes on: files/template-ar-cmds-default.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-ar-cmds-merge.xml.in >=================================================================== >--- files/template-ar-cmds-merge.xml.in (nonexistent) >+++ files/template-ar-cmds-merge.xml.in (working copy) >@@ -0,0 +1,10 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <command> >+ <name>merge-configs</name> >+ <executable>merge-configs.sh</executable> >+ <expect></expect> >+ </command> >+ >+</template_config> > >Property changes on: files/template-ar-cmds-merge.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-ar-merge.xml.in >=================================================================== >--- files/template-ar-merge.xml.in (nonexistent) >+++ files/template-ar-merge.xml.in (working copy) >@@ -0,0 +1,11 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <active-response> >+ <!-- Create "ossec.conf" and "agent.conf" if "dist" or "local" files change. --> >+ <command>merge-configs</command> >+ <location>local</location> >+ <rules_id>56001,56002,56011,56012</rules_id> >+ </active-response> >+ >+</template_config> > >Property changes on: files/template-ar-merge.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-ar-restart.xml.in >=================================================================== >--- files/template-ar-restart.xml.in (nonexistent) >+++ files/template-ar-restart.xml.in (working copy) >@@ -0,0 +1,11 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <active-response> >+ <!-- Restart OSSEC if "ossec.conf" or "agent.conf" changes. --> >+ <command>restart-ossec</command> >+ <location>local</location> >+ <rules_id>56003,56004,56013,56014</rules_id> >+ </active-response> >+ >+</template_config> > >Property changes on: files/template-ar-restart.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-arlog.xml.in >=================================================================== >--- files/template-arlog.xml.in (nonexistent) >+++ files/template-arlog.xml.in (working copy) >@@ -0,0 +1,18 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config os="FreeBSD" profile="%%ARLOG_PROFILE%%"> >+ <!-- agent: Remove this section if server pushes log monitoring configuration using "agent.conf" (FreeBSD server can push it using "%%ARLOG_PROFILE%%" profile). --> >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>%%PREFIX%%/%%PORTNAME%%/logs/active-responses.log</location> >+ </localfile> >+ >+</template_config> >+ >+<template_config os="Linux" profile="%%ARLOG_PROFILE%%"> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/ossec/logs/active-responses.log</location> >+ </localfile> >+ >+</template_config> > >Property changes on: files/template-arlog.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-baselogs.xml.in >=================================================================== >--- files/template-baselogs.xml.in (nonexistent) >+++ files/template-baselogs.xml.in (working copy) >@@ -0,0 +1,68 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config os="FreeBSD" profile="%%BASELOGS_PROFILE%%"> >+ <!-- agent: Remove this section if server pushes log monitoring configuration using "agent.conf" (FreeBSD server can push it using "%%BASELOGS_PROFILE%%" profile). --> >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/auth.log</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/maillog</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/messages</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/security</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/userlog</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/xferlog</location> >+ </localfile> >+ >+</template_config> >+ >+<template_config os="Linux" profile="%%BASELOGS_PROFILE%%"> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/auth.log</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/dpkg.log</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/kern.log</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/mail.log</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/messages</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/syslog</location> >+ </localfile> >+ >+</template_config> > >Property changes on: files/template-baselogs.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-cmds-logins.xml.in >=================================================================== >--- files/template-cmds-logins.xml.in (nonexistent) >+++ files/template-cmds-logins.xml.in (working copy) >@@ -0,0 +1,10 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <localfile> >+ <log_format>full_command</log_format> >+ <command>last -n 5</command> >+ <alias>freebsd-last-logins</alias> >+ </localfile> >+ >+</template_config> > >Property changes on: files/template-cmds-logins.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-cmds-ports-tcp.xml.in >=================================================================== >--- files/template-cmds-ports-tcp.xml.in (nonexistent) >+++ files/template-cmds-ports-tcp.xml.in (working copy) >@@ -0,0 +1,16 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <localfile> >+ <log_format>full_command</log_format> >+ <command>netstat -4 -p tcp -Wan | grep LISTEN | awk '{print $4}' | sed 's/\(.*\)\./\1:/' | sort</command> >+ <alias>freebsd-ports-tcp4</alias> >+ </localfile> >+ >+ <localfile> >+ <log_format>full_command</log_format> >+ <command>netstat -6 -p tcp -Wan | grep LISTEN | awk '{print $4}' | sed 's/\(.*\)\./\1:/' | sort</command> >+ <alias>freebsd-ports-tcp6</alias> >+ </localfile> >+ >+</template_config> > >Property changes on: files/template-cmds-ports-tcp.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-cmds-ports-udp.xml.in >=================================================================== >--- files/template-cmds-ports-udp.xml.in (nonexistent) >+++ files/template-cmds-ports-udp.xml.in (working copy) >@@ -0,0 +1,16 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <localfile> >+ <log_format>full_command</log_format> >+ <command>netstat -4 -p udp -Wan | grep udp4 | awk '{print $4}' | sed 's/\(.*\)\./\1:/' | sort</command> >+ <alias>freebsd-ports-udp4</alias> >+ </localfile> >+ >+ <localfile> >+ <log_format>full_command</log_format> >+ <command>netstat -6 -p udp -Wan | grep udp6 | awk '{print $4}' | sed 's/\(.*\)\./\1:/' | sort</command> >+ <alias>freebsd-ports-udp6</alias> >+ </localfile> >+ >+</template_config> > >Property changes on: files/template-cmds-ports-udp.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-header.xml.in >=================================================================== >--- files/template-header.xml.in (nonexistent) >+++ files/template-header.xml.in (working copy) >@@ -0,0 +1,4 @@ >+<!-- OSSEC HIDS %%VERSION%% --> >+ >+<!-- DO NOT EDIT - file generated automatically based on selected port options. --> >+ > >Property changes on: files/template-header.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-logs-apache.xml.in >=================================================================== >--- files/template-logs-apache.xml.in (nonexistent) >+++ files/template-logs-apache.xml.in (working copy) >@@ -0,0 +1,28 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config os="FreeBSD" profile="%%APACHE_PROFILE%%"> >+ <!-- agent: Remove this section if server pushes log monitoring configuration using "agent.conf" (FreeBSD server can push it using "%%APACHE_PROFILE%%" profile). --> >+ <localfile> >+ <log_format>apache</log_format> >+ <location>/var/log/httpd-error.log</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>apache</log_format> >+ <location>/var/log/httpd-access.log</location> >+ </localfile> >+ >+</template_config> >+ >+<template_config os="Linux" profile="%%APACHE_PROFILE%%"> >+ >+ <localfile> >+ <log_format>apache</log_format> >+ <location>/var/log/apache2/error.log</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>apache</log_format> >+ <location>/var/log/apache2/access.log</location> >+ </localfile> >+ >+</template_config> > >Property changes on: files/template-logs-apache.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-logs-nginx.xml.in >=================================================================== >--- files/template-logs-nginx.xml.in (nonexistent) >+++ files/template-logs-nginx.xml.in (working copy) >@@ -0,0 +1,28 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config os="FreeBSD" profile="%%NGINX_PROFILE%%"> >+ <!-- agent: Remove this section if server pushes log monitoring configuration using "agent.conf" (FreeBSD server can push it using "%%NGINX_PROFILE%%" profile). --> >+ <localfile> >+ <log_format>apache</log_format> >+ <location>/var/log/nginx/error.log</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>apache</log_format> >+ <location>/var/log/nginx/access.log</location> >+ </localfile> >+ >+</template_config> >+ >+<template_config os="Linux" profile="%%NGINX_PROFILE%%"> >+ >+ <localfile> >+ <log_format>apache</log_format> >+ <location>/var/log/nginx/error.log</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>apache</log_format> >+ <location>/var/log/nginx/access.log</location> >+ </localfile> >+ >+</template_config> > >Property changes on: files/template-logs-nginx.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-logs-radius.xml.in >=================================================================== >--- files/template-logs-radius.xml.in (nonexistent) >+++ files/template-logs-radius.xml.in (working copy) >@@ -0,0 +1,18 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config os="FreeBSD" profile="%%RADIUS_PROFILE%%"> >+ <!-- agent: Remove this section if server pushes log monitoring configuration using "agent.conf" (FreeBSD server can push it using "%%RADIUS_PROFILE%%" profile). --> >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/radius.log</location> >+ </localfile> >+ >+</template_config> >+ >+<template_config os="Linux" profile="%%RADIUS_PROFILE%%"> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/freeradius/radius.log</location> >+ </localfile> >+ >+</template_config> > >Property changes on: files/template-logs-radius.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-logs-vsftpd.xml.in >=================================================================== >--- files/template-logs-vsftpd.xml.in (nonexistent) >+++ files/template-logs-vsftpd.xml.in (working copy) >@@ -0,0 +1,18 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config os="FreeBSD" profile="%%VSFTPD_PROFILE%%"> >+ <!-- agent: Remove this section if server pushes log monitoring configuration using "agent.conf" (FreeBSD server can push it using "%%VSFTPD_PROFILE%%" profile). --> >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/vsftpd.log</location> >+ </localfile> >+ >+</template_config> >+ >+<template_config os="Linux" profile="%%VSFTPD_PROFILE%%"> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/vsftpd.log</location> >+ </localfile> >+ >+</template_config> > >Property changes on: files/template-logs-vsftpd.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-pushed-header.xml.in >=================================================================== >--- files/template-pushed-header.xml.in (nonexistent) >+++ files/template-pushed-header.xml.in (working copy) >@@ -0,0 +1,4 @@ >+<!-- OSSEC HIDS %%VERSION%% --> >+ >+<!-- DO NOT EDIT - file generated automatically based on selected port options. --> >+ > >Property changes on: files/template-pushed-header.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-pushed-sample.xml.in >=================================================================== >--- files/template-pushed-sample.xml.in (nonexistent) >+++ files/template-pushed-sample.xml.in (working copy) >@@ -0,0 +1,3 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+</template_config> > >Property changes on: files/template-pushed-sample.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-rootcheck.xml.in >=================================================================== >--- files/template-rootcheck.xml.in (nonexistent) >+++ files/template-rootcheck.xml.in (working copy) >@@ -0,0 +1,23 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config os="FreeBSD" profile="%%ROOTCHECK_PROFILE%%"> >+ <!-- agent: Remove this section if server pushes rootcheck configuration using "agent.conf" (FreeBSD server can push it using "%%ROOTCHECK_PROFILE%%" profile). --> >+ <rootcheck> >+ <rootkit_files>%%PREFIX%%/%%PORTNAME%%/etc/shared/rootkit_files.txt</rootkit_files> >+ <rootkit_trojans>%%PREFIX%%/%%PORTNAME%%/etc/shared/rootkit_trojans.txt</rootkit_trojans> >+ <system_audit>%%PREFIX%%/%%PORTNAME%%/etc/shared/system_audit_rcl.txt</system_audit> >+ <system_audit>%%PREFIX%%/%%PORTNAME%%/etc/shared/system_audit_ssh.txt</system_audit> >+ </rootcheck> >+ >+</template_config> >+ >+<template_config os="Linux" profile="%%ROOTCHECK_PROFILE%%"> >+ >+ <rootcheck> >+ <rootkit_files>/var/ossec/etc/shared/rootkit_files.txt</rootkit_files> >+ <rootkit_trojans>/var/ossec/etc/shared/rootkit_trojans.txt</rootkit_trojans> >+ <system_audit>/var/ossec/etc/shared/system_audit_rcl.txt</system_audit> >+ <system_audit>/var/ossec/etc/shared/system_audit_ssh.txt</system_audit> >+ <system_audit>/var/ossec/etc/shared/cis_debian_linux_rcl.txt</system_audit> >+ </rootcheck> >+ >+</template_config> > >Property changes on: files/template-rootcheck.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-rules-config.xml.in >=================================================================== >--- files/template-rules-config.xml.in (nonexistent) >+++ files/template-rules-config.xml.in (working copy) >@@ -0,0 +1,8 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <rules> >+ <include>freebsd_config_rules.xml</include> >+ </rules> >+ >+</template_config> > >Property changes on: files/template-rules-config.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-rules-default.xml.in >=================================================================== >--- files/template-rules-default.xml.in (nonexistent) >+++ files/template-rules-default.xml.in (working copy) >@@ -0,0 +1,66 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <rules> >+ <!-- Imported from "ossec-hids-2.9.3/etc/templates/config/rules.template". --> >+ <include>rules_config.xml</include> >+ <include>pam_rules.xml</include> >+ <include>sshd_rules.xml</include> >+ <include>telnetd_rules.xml</include> >+ <include>syslog_rules.xml</include> >+ <include>arpwatch_rules.xml</include> >+ <include>symantec-av_rules.xml</include> >+ <include>symantec-ws_rules.xml</include> >+ <include>pix_rules.xml</include> >+ <include>named_rules.xml</include> >+ <include>smbd_rules.xml</include> >+ <include>vsftpd_rules.xml</include> >+ <include>pure-ftpd_rules.xml</include> >+ <include>proftpd_rules.xml</include> >+ <include>ms_ftpd_rules.xml</include> >+ <include>ftpd_rules.xml</include> >+ <include>hordeimp_rules.xml</include> >+ <include>roundcube_rules.xml</include> >+ <include>wordpress_rules.xml</include> >+ <include>cimserver_rules.xml</include> >+ <include>vpopmail_rules.xml</include> >+ <include>vmpop3d_rules.xml</include> >+ <include>courier_rules.xml</include> >+ <include>web_rules.xml</include> >+ <include>web_appsec_rules.xml</include> >+ <include>apache_rules.xml</include> >+ <include>nginx_rules.xml</include> >+ <include>php_rules.xml</include> >+ <include>mysql_rules.xml</include> >+ <include>postgresql_rules.xml</include> >+ <include>ids_rules.xml</include> >+ <include>squid_rules.xml</include> >+ <include>firewall_rules.xml</include> >+ <include>cisco-ios_rules.xml</include> >+ <include>netscreenfw_rules.xml</include> >+ <include>sonicwall_rules.xml</include> >+ <include>postfix_rules.xml</include> >+ <include>sendmail_rules.xml</include> >+ <include>imapd_rules.xml</include> >+ <include>mailscanner_rules.xml</include> >+ <include>dovecot_rules.xml</include> >+ <include>ms-exchange_rules.xml</include> >+ <include>racoon_rules.xml</include> >+ <include>vpn_concentrator_rules.xml</include> >+ <include>spamd_rules.xml</include> >+ <include>msauth_rules.xml</include> >+ <include>mcafee_av_rules.xml</include> >+ <include>trend-osce_rules.xml</include> >+ <include>ms-se_rules.xml</include> >+ <!-- <include>policy_rules.xml</include> --> >+ <include>zeus_rules.xml</include> >+ <include>solaris_bsm_rules.xml</include> >+ <include>vmware_rules.xml</include> >+ <include>ms_dhcp_rules.xml</include> >+ <include>asterisk_rules.xml</include> >+ <include>ossec_rules.xml</include> >+ <include>attack_rules.xml</include> >+ <include>local_rules.xml</include> >+ </rules> >+ >+</template_config> > >Property changes on: files/template-rules-default.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-rules-firewall.xml.in >=================================================================== >--- files/template-rules-firewall.xml.in (nonexistent) >+++ files/template-rules-firewall.xml.in (working copy) >@@ -0,0 +1,8 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <rules> >+ <include>freebsd_firewall_rules.xml</include> >+ </rules> >+ >+</template_config> > >Property changes on: files/template-rules-firewall.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-rules-ports.xml.in >=================================================================== >--- files/template-rules-ports.xml.in (nonexistent) >+++ files/template-rules-ports.xml.in (working copy) >@@ -0,0 +1,8 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <rules> >+ <include>freebsd_ports_rules.xml</include> >+ </rules> >+ >+</template_config> > >Property changes on: files/template-rules-ports.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-sample-agent.xml.in >=================================================================== >--- files/template-sample-agent.xml.in (nonexistent) >+++ files/template-sample-agent.xml.in (working copy) >@@ -0,0 +1,19 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <client> >+ <!-- Specify the IP address of the %%PORTNAME%% server. --> >+ <server-ip>1.2.3.4</server-ip> >+ <!-- Alternatively, specify the hostname of the %%PORTNAME%% server. --> >+ <!-- <server-hostname>example.com</server-hostname> --> >+ >+ <!-- Specifies the agent.conf profiles to be used by the agent. Multiple profiles can be included, separated by a comma and a space. --> >+ <!-- <config-profile>%%CLIENT_PROFILES%%</config-profile> --> >+ </client> >+ >+ <syscheck> >+ <!-- Ignoring the "hosts.allow" is reasonable if host-deny active response is active for this OSSEC instance. --> >+ <ignore>/etc/hosts.allow</ignore> >+ </syscheck> >+ >+</template_config> > >Property changes on: files/template-sample-agent.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-sample-header.xml.in >=================================================================== >--- files/template-sample-header.xml.in (nonexistent) >+++ files/template-sample-header.xml.in (working copy) >@@ -0,0 +1 @@ >+<!-- Place customized configuration here - it will not be overwritten during upgrades. --> > >Property changes on: files/template-sample-header.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-sample-local.xml.in >=================================================================== >--- files/template-sample-local.xml.in (nonexistent) >+++ files/template-sample-local.xml.in (working copy) >@@ -0,0 +1,51 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <global> >+ <!-- Uncomment to enable email notifications. --> >+ <!-- >+ <email_notification>yes</email_notification> >+ <email_to>example@example.com</email_to> >+ <smtp_server>smtp.example.com</smtp_server> >+ <email_from>ossecm@example.com</email_from> >+ --> >+ >+ <!-- List of IP addresses that should never be blocked by the active response (one per element). --> >+ <white_list>127.0.0.1</white_list> >+ </global> >+ >+ <!-- Run "%%PREFIX%%/%%PORTNAME%%/bin/ossec-control enable database" to enable ossec-dbd. --> >+ <!-- Uncomment to enable database output (if compiled with database support). --> >+ <!-- >+ <database_output> >+ <hostname>localhost</hostname> >+ <username>ossec</username> >+ <password>secret</password> >+ <database>ossec</database> >+ <type>%%DB_TYPE%%</type> >+ </database_output> >+ --> >+ >+ <syscheck> >+ <auto_ignore>no</auto_ignore> >+ <!-- Ignoring the "hosts.allow" is reasonable if host-deny active response is active for this OSSEC instance. --> >+ <ignore>/etc/hosts.allow</ignore> >+ </syscheck> >+ >+ <active-response> >+ <!-- Deny the IP in "/etc/hosts.allow". --> >+ <command>host-deny</command> >+ <location>local</location> >+ <level>6</level> >+ <timeout>600</timeout> >+ </active-response> >+ >+ <active-response> >+ <!-- Block the IP on the firewall. Remember to set proper "location" of the firewall. --> >+ <command>firewall-drop</command> >+ <location>local</location> >+ <level>6</level> >+ <timeout>600</timeout> >+ </active-response> >+ >+</template_config> > >Property changes on: files/template-sample-local.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-sample-server.xml.in >=================================================================== >--- files/template-sample-server.xml.in (nonexistent) >+++ files/template-sample-server.xml.in (working copy) >@@ -0,0 +1,57 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <remote> >+ <connection>secure</connection> >+ <!-- Because of a bug, setting the IP is mandatory for IPv4. --> >+ <local_ip>1.2.3.4</local_ip> >+ </remote> >+ >+ <global> >+ <!-- Uncomment to enable email notifications. --> >+ <!-- >+ <email_notification>yes</email_notification> >+ <email_to>example@example.com</email_to> >+ <smtp_server>smtp.example.com</smtp_server> >+ <email_from>ossecm@example.com</email_from> >+ --> >+ >+ <!-- List of IP addresses that should never be blocked by the active response (one per element). --> >+ <white_list>127.0.0.1</white_list> >+ </global> >+ >+ <!-- Run "%%PREFIX%%/%%PORTNAME%%/bin/ossec-control enable database" to enable ossec-dbd. --> >+ <!-- Uncomment to enable database output (if compiled wit database support). --> >+ <!-- >+ <database_output> >+ <hostname>localhost</hostname> >+ <username>ossec</username> >+ <password>secret</password> >+ <database>ossec</database> >+ <type>%%DB_TYPE%%</type> >+ </database_output> >+ --> >+ >+ <syscheck> >+ <auto_ignore>no</auto_ignore> >+ <!-- Ignoring the "hosts.allow" is reasonable if host-deny active response is active for this OSSEC instance. --> >+ <ignore>/etc/hosts.allow</ignore> >+ </syscheck> >+ >+ <active-response> >+ <!-- Deny the IP in "/etc/hosts.allow". --> >+ <command>host-deny</command> >+ <location>local</location> >+ <level>6</level> >+ <timeout>600</timeout> >+ </active-response> >+ >+ <active-response> >+ <!-- Block the IP on the firewall. Remember to set proper "location" of the firewall. --> >+ <command>firewall-drop</command> >+ <location>local</location> >+ <level>6</level> >+ <timeout>600</timeout> >+ </active-response> >+ >+</template_config> > >Property changes on: files/template-sample-server.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/template-syscheck.xml.in >=================================================================== >--- files/template-syscheck.xml.in (nonexistent) >+++ files/template-syscheck.xml.in (working copy) >@@ -0,0 +1,22 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config os="FreeBSD" profile="%%SYSCHECK_PROFILE%%"> >+ <!-- agent: Remove this section if server pushes syscheck configuration using "agent.conf" (FreeBSD server can push it using "%%SYSCHECK_PROFILE%%" profile). --> >+ <syscheck> >+ <directories realtime="yes" check_all="yes">/etc,/usr/bin,/usr/sbin</directories> >+ <directories realtime="yes" check_all="yes">/bin,/sbin</directories> >+ <directories realtime="yes" check_all="yes">%%PREFIX%%/etc,%%PREFIX%%/bin,%%PREFIX%%/sbin</directories> >+ <directories realtime="yes" check_all="yes">%%OSSEC_SYSCHECK_DIRS%%</directories> >+ </syscheck> >+ >+</template_config> >+ >+<template_config os="Linux" profile="%%SYSCHECK_PROFILE%%"> >+ >+ <syscheck> >+ <directories realtime="yes" check_all="yes">/etc,/usr/bin,/usr/sbin</directories> >+ <directories realtime="yes" check_all="yes">/bin,/sbin</directories> >+ <directories realtime="yes" check_all="yes">/usr/local/etc,/usr/local/bin,/usr/local/sbin</directories> >+ <directories realtime="yes" check_all="yes">/var/ossec/etc,/var/ossec/bin,/var/ossec/active-response,/var/ossec/agentless,/var/ossec/rules</directories> >+ </syscheck> >+ >+</template_config> > >Property changes on: files/template-syscheck.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: pkg-deinstall >=================================================================== >--- pkg-deinstall (nonexistent) >+++ pkg-deinstall (working copy) >@@ -0,0 +1,14 @@ >+#!/bin/sh >+ >+ossec_home="${PKG_PREFIX}/ossec-hids" >+ossec_conf="${ossec_home}/etc/ossec.conf" >+agent_conf="${ossec_home}/etc/shared/agent.conf" >+ar_conf="${ossec_home}/etc/shared/ar.conf" >+merged_mg="${ossec_home}/etc/shared/merged.mg" >+ >+if [ "$2" == "DEINSTALL" ]; then >+ rm -f "${ossec_conf}" >+ rm -f "${agent_conf}" >+ rm -f "${ar_conf}" >+ rm -f "${merged_mg}" >+fi > >Property changes on: pkg-deinstall >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: pkg-descr >=================================================================== >--- pkg-descr (revision 463924) >+++ pkg-descr (working copy) >@@ -3,4 +3,4 @@ > monitoring, rootkit detection, time-based alerting and active > response. > >-WWW: http://www.ossec.net/ >+WWW: https://ossec.github.io >Index: pkg-help-agent >=================================================================== >--- pkg-help-agent (nonexistent) >+++ pkg-help-agent (working copy) >@@ -0,0 +1,13 @@ >+Hints: >+ >+ The main configuration is kept in "ossec-dist.conf" and "ossec-local.conf". >+ These two files will be merged into "ossec.conf" before OSSEC startup. >+ >+ Any unchecked "ossec-dist.conf" options will result in placing related >+ configuration in "ossec-local.conf.sample" instead of "ossec-dist.conf". >+ >+ If the agent configuration is pushed by the server using "agent.conf", then >+ the "System checks" and "Log monitoring" should remain empty - all options >+ there should be unchecked (default) and proper sections removed from >+ "ossec-local.conf". Note that for security reasons "Command monitoring" >+ options cannot be pushed using "agent.conf". > >Property changes on: pkg-help-agent >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: pkg-help-local >=================================================================== >--- pkg-help-local (nonexistent) >+++ pkg-help-local (working copy) >@@ -0,0 +1,7 @@ >+Hints: >+ >+ The main configuration is kept in "ossec-dist.conf" and "ossec-local.conf". >+ These two files will be merged into "ossec.conf" before OSSEC startup. >+ >+ Any unchecked "ossec-dist.conf" options will result in placing related >+ configuration in "ossec-local.conf.sample" instead of "ossec-dist.conf". > >Property changes on: pkg-help-local >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: pkg-help-server >=================================================================== >--- pkg-help-server (nonexistent) >+++ pkg-help-server (working copy) >@@ -0,0 +1,24 @@ >+Hints: >+ >+ The main configuration is kept in "ossec-dist.conf" and "ossec-local.conf". >+ These two files will be merged into "ossec.conf" before OSSEC startup. >+ >+ Any unchecked "ossec-dist.conf" options will result in placing related >+ configuration in "ossec-local.conf.sample" instead of "ossec-dist.conf". >+ >+ The agent configuration is kept in "agent-dist.conf" and "agent-local.conf". >+ These two files will be merged into "agent.conf" before OSSEC startup. >+ >+ The agent needs to use proper profile to benefit from "agent.conf" >+ configuration on the server. This means you can leave all of the >+ "agent-dist.conf" options checked even if no agents use them. >+ >+ >+Note: >+ >+ The currently supported agent systems via "agent-dist.conf" are: >+ - FreeBSD >+ - Debian Linux >+ >+ Consider contributing to the port by contacting the maintainer and >+ providing template configurations for other operating systems. > >Property changes on: pkg-help-server >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: pkg-install >=================================================================== >--- pkg-install (nonexistent) >+++ pkg-install (working copy) >@@ -0,0 +1,59 @@ >+#!/bin/sh >+ >+ossec_home="${PKG_PREFIX}/ossec-hids" >+ossec_conf="${ossec_home}/etc/ossec.conf" >+ossec_conf_bak="${ossec_conf}.bak" >+agent_conf="${ossec_home}/etc/shared/agent.conf" >+agent_conf_bak="${ossec_home}/etc/agent.conf.bak" >+ossec_client_keys="${ossec_home}/etc/client.keys" >+ossec_internal_options="${ossec_home}/etc/local_internal_options.conf" >+ >+install_file() { >+ local path=$1 >+ local owner=$2 >+ local mode=$3 >+ >+ if [ ! -e "${path}" ]; then >+ touch "${path}" && chown ${owner} "${path}" && chmod ${mode} "${path}" >+ fi >+} >+ >+if [ "$2" == "POST-INSTALL" ]; then >+ if [ -e "${ossec_conf}" ]; then >+ mv -f "${ossec_conf}" "${ossec_conf_bak}" >+ echo >+ echo "WARNING:" >+ echo " Existing \"${ossec_conf}\" has been saved to \"${ossec_conf_bak}\"." >+ echo " The \"ossec.conf\" must no longer be used for configuration. Use \"ossec-local.conf\" instead." >+ echo >+ fi >+ >+ case "$1" in >+ ossec-hids-server*) >+ if [ -e "${agent_conf}" ]; then >+ mv -f "${agent_conf}" "${agent_conf_bak}" >+ echo >+ echo "WARNING:" >+ echo " Existing \"${agent_conf}\" has been saved to \"${agent_conf_bak}\"." >+ echo " The \"agent.conf\" must no longer be used for configuration. Use \"agent-local.conf\" instead." >+ echo >+ fi >+ ;; >+ esac >+ >+ install_file "${ossec_client_keys}" root:ossec 0640 >+ >+ if [ ! -e "${ossec_internal_options}" ]; then >+ install_file "${ossec_internal_options}" root:ossec 0640 >+ >+ echo "# local_internal_options.conf >+# >+# This file should be handled with care. It contains >+# run time modifications that can affect the use >+# of OSSEC. Only change it if you know what you >+# are doing. Look first at ossec-local.conf >+# for most of the things you want to change. >+# >+# This file will not be overwritten during upgrades." > "${ossec_internal_options}" >+ fi >+fi > >Property changes on: pkg-install >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: pkg-plist >=================================================================== >--- pkg-plist (revision 463924) >+++ pkg-plist (nonexistent) >@@ -1,168 +0,0 @@ >-%%PORTNAME%%/active-response/bin/disable-account.sh >-%%PORTNAME%%/active-response/bin/firewall-drop.sh >-%%PORTNAME%%/active-response/bin/host-deny.sh >-%%PORTNAME%%/active-response/bin/ip-customblock.sh >-%%PORTNAME%%/active-response/bin/ipfw_mac.sh >-%%PORTNAME%%/active-response/bin/ipfw.sh >-%%PORTNAME%%/active-response/bin/ossec-tweeter.sh >-%%PORTNAME%%/active-response/bin/pf.sh >-%%PORTNAME%%/active-response/bin/restart-ossec.sh >-%%PORTNAME%%/active-response/bin/route-null.sh >-%%PORTNAME%%/bin/agent_control >-%%PORTNAME%%/bin/clear_stats >-%%PORTNAME%%/bin/list_agents >-%%PORTNAME%%/bin/manage_agents >-%%PORTNAME%%/bin/ossec-agentlessd >-%%PORTNAME%%/bin/ossec-analysisd >-%%PORTNAME%%/bin/ossec-authd >-%%PORTNAME%%/bin/ossec-control >-%%PORTNAME%%/bin/ossec-csyslogd >-%%PORTNAME%%/bin/ossec-dbd >-%%PORTNAME%%/bin/ossec-execd >-%%PORTNAME%%/bin/ossec-logcollector >-%%PORTNAME%%/bin/ossec-logtest >-%%PORTNAME%%/bin/ossec-lua >-%%PORTNAME%%/bin/ossec-luac >-%%PORTNAME%%/bin/ossec-maild >-%%PORTNAME%%/bin/ossec-makelists >-%%PORTNAME%%/bin/ossec-monitord >-%%PORTNAME%%/bin/ossec-regex >-%%PORTNAME%%/bin/ossec-remoted >-%%PORTNAME%%/bin/ossec-reportd >-%%PORTNAME%%/bin/ossec-syscheckd >-%%PORTNAME%%/bin/rootcheck_control >-%%PORTNAME%%/bin/syscheck_control >-%%PORTNAME%%/bin/syscheck_update >-%%PORTNAME%%/bin/util.sh >-%%PORTNAME%%/bin/verify-agent-conf >-@group ossec >-%%PORTNAME%%/etc/decoder.xml >-%%PORTNAME%%/etc/internal_options.conf >-@sample %%PORTNAME%%/etc/ossec.conf.sample >-%%PORTNAME%%/etc/shared/rootkit_files.txt >-%%PORTNAME%%/etc/shared/rootkit_trojans.txt >-%%PORTNAME%%/etc/shared/system_audit_rcl.txt >-%%PORTNAME%%/etc/shared/win_applications_rcl.txt >-%%PORTNAME%%/etc/shared/win_audit_rcl.txt >-%%PORTNAME%%/etc/shared/win_malware_rcl.txt >-%%PORTNAME%%/etc/shared/cis_debian_linux_rcl.txt >-%%PORTNAME%%/etc/shared/cis_rhel_linux_rcl.txt >-%%PORTNAME%%/etc/shared/cis_rhel5_linux_rcl.txt >-@owner >-@group >-@mode >-%%PORTNAME%%/rules/apache_rules.xml >-%%PORTNAME%%/rules/arpwatch_rules.xml >-%%PORTNAME%%/rules/asterisk_rules.xml >-%%PORTNAME%%/rules/attack_rules.xml >-%%PORTNAME%%/rules/cimserver_rules.xml >-%%PORTNAME%%/rules/cisco-ios_rules.xml >-%%PORTNAME%%/rules/clam_av_rules.xml >-%%PORTNAME%%/rules/courier_rules.xml >-%%PORTNAME%%/rules/dovecot_rules.xml >-%%PORTNAME%%/rules/dropbear_rules.xml >-%%PORTNAME%%/rules/firewall_rules.xml >-%%PORTNAME%%/rules/ftpd_rules.xml >-%%PORTNAME%%/rules/hordeimp_rules.xml >-%%PORTNAME%%/rules/ids_rules.xml >-%%PORTNAME%%/rules/imapd_rules.xml >-%%PORTNAME%%/rules/local_rules.xml >-%%PORTNAME%%/rules/mailscanner_rules.xml >-%%PORTNAME%%/rules/mcafee_av_rules.xml >-%%PORTNAME%%/rules/ms-exchange_rules.xml >-%%PORTNAME%%/rules/ms-se_rules.xml >-%%PORTNAME%%/rules/ms_dhcp_rules.xml >-%%PORTNAME%%/rules/ms_ftpd_rules.xml >-%%PORTNAME%%/rules/msauth_rules.xml >-%%PORTNAME%%/rules/mysql_rules.xml >-%%PORTNAME%%/rules/named_rules.xml >-%%PORTNAME%%/rules/netscreenfw_rules.xml >-%%PORTNAME%%/rules/nginx_rules.xml >-%%PORTNAME%%/rules/openbsd_rules.xml >-%%PORTNAME%%/rules/ossec_rules.xml >-%%PORTNAME%%/rules/pam_rules.xml >-%%PORTNAME%%/rules/php_rules.xml >-%%PORTNAME%%/rules/pix_rules.xml >-%%PORTNAME%%/rules/policy_rules.xml >-%%PORTNAME%%/rules/postfix_rules.xml >-%%PORTNAME%%/rules/postgresql_rules.xml >-%%PORTNAME%%/rules/proftpd_rules.xml >-%%PORTNAME%%/rules/pure-ftpd_rules.xml >-%%PORTNAME%%/rules/racoon_rules.xml >-%%PORTNAME%%/rules/roundcube_rules.xml >-%%PORTNAME%%/rules/rules_config.xml >-%%PORTNAME%%/rules/sendmail_rules.xml >-%%PORTNAME%%/rules/smbd_rules.xml >-%%PORTNAME%%/rules/solaris_bsm_rules.xml >-%%PORTNAME%%/rules/sonicwall_rules.xml >-%%PORTNAME%%/rules/spamd_rules.xml >-%%PORTNAME%%/rules/squid_rules.xml >-%%PORTNAME%%/rules/sshd_rules.xml >-%%PORTNAME%%/rules/symantec-av_rules.xml >-%%PORTNAME%%/rules/symantec-ws_rules.xml >-%%PORTNAME%%/rules/syslog_rules.xml >-%%PORTNAME%%/rules/telnetd_rules.xml >-%%PORTNAME%%/rules/trend-osce_rules.xml >-%%PORTNAME%%/rules/vmpop3d_rules.xml >-%%PORTNAME%%/rules/vmware_rules.xml >-%%PORTNAME%%/rules/vpn_concentrator_rules.xml >-%%PORTNAME%%/rules/vpopmail_rules.xml >-%%PORTNAME%%/rules/vsftpd_rules.xml >-%%PORTNAME%%/rules/web_appsec_rules.xml >-%%PORTNAME%%/rules/web_rules.xml >-%%PORTNAME%%/rules/wordpress_rules.xml >-%%PORTNAME%%/rules/zeus_rules.xml >-@owner root >-@group ossec >-%%PORTNAME%%/agentless/main.exp >-%%PORTNAME%%/agentless/register_host.sh >-%%PORTNAME%%/agentless/ssh.exp >-%%PORTNAME%%/agentless/ssh_asa-fwsmconfig_diff >-%%PORTNAME%%/agentless/ssh_foundry_diff >-%%PORTNAME%%/agentless/ssh_generic_diff >-%%PORTNAME%%/agentless/ssh_integrity_check_bsd >-%%PORTNAME%%/agentless/ssh_integrity_check_linux >-%%PORTNAME%%/agentless/ssh_nopass.exp >-%%PORTNAME%%/agentless/ssh_pixconfig_diff >-%%PORTNAME%%/agentless/sshlogin.exp >-%%PORTNAME%%/agentless/su.exp >-@(ossec,,) %%PORTNAME%%/logs/active-responses.log >-@(ossec,,) %%PORTNAME%%/logs/ossec.log >-@mode 550 >-@dir %%PORTNAME%%/.ssh >-@dir %%PORTNAME%%/active-response/bin >-@dir %%PORTNAME%%/active-response >-@dir %%PORTNAME%%/agentless >-@dir %%PORTNAME%%/bin >-@dir %%PORTNAME%%/etc/shared >-@dir %%PORTNAME%%/etc >-@dir %%PORTNAME%%/queue/rootcheck >-@dir %%PORTNAME%%/rules >-@dir %%PORTNAME%%/tmp >-@mode 770 >-@dir %%PORTNAME%%/var/run >-@mode 550 >-@dir %%PORTNAME%%/var >-@owner ossec >-@mode 770 >-@dir %%PORTNAME%%/queue/alerts >-@dir %%PORTNAME%%/queue/ossec >-@mode 750 >-@dir %%PORTNAME%%/queue/fts >-@dir %%PORTNAME%%/queue/syscheck >-@dir %%PORTNAME%%/queue/diff >-@dir %%PORTNAME%%/queue/agentless >-@dir %%PORTNAME%%/stats >-@dir %%PORTNAME%%/logs/alerts >-@dir %%PORTNAME%%/logs/archives >-@dir %%PORTNAME%%/logs/firewall >-@dir %%PORTNAME%%/logs >-@owner ossecr >-@dir %%PORTNAME%%/queue/agent-info >-@dir %%PORTNAME%%/queue/rids >-@owner ossec >-@mode 550 >-@dir %%PORTNAME%%/queue >-@owner root >-@mode 550 >-@dir %%PORTNAME%% > >Property changes on: pkg-plist >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: pkg-plist-agent >=================================================================== >--- pkg-plist-agent (nonexistent) >+++ pkg-plist-agent (working copy) >@@ -0,0 +1,67 @@ >+@dir(,ossec,550) %%PORTNAME%% >+@dir(,ossec,550) %%PORTNAME%%/active-response >+@dir(,ossec,550) %%PORTNAME%%/active-response/bin >+@(,ossec,550) %%PORTNAME%%/active-response/bin/disable-account.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/firewall-drop.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/firewalld-drop.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/host-deny.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/ip-customblock.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/ipfw.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/ipfw_mac.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/merge-configs.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/npf.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/ossec-slack.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/ossec-tweeter.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/pf.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/restart-ossec.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/route-null.sh >+@dir(,,550) %%PORTNAME%%/bin >+@(,,550) %%PORTNAME%%/bin/agent-auth >+@(,,550) %%PORTNAME%%/bin/manage_agents >+@(,,550) %%PORTNAME%%/bin/ossec-agentd >+@(,,550) %%PORTNAME%%/bin/ossec-control >+@(,,550) %%PORTNAME%%/bin/ossec-execd >+@(,,550) %%PORTNAME%%/bin/ossec-logcollector >+@(,,550) %%PORTNAME%%/bin/ossec-lua >+@(,,550) %%PORTNAME%%/bin/ossec-luac >+@(,,550) %%PORTNAME%%/bin/ossec-syscheckd >+@(,,550) %%PORTNAME%%/bin/ossec_conf >+@(,,550) %%PORTNAME%%/bin/util.sh >+@dir(,ossec,550) %%PORTNAME%%/etc >+@(,ossec,640) %%PORTNAME%%/etc/internal_options.conf >+@(,ossec,440) %%PORTNAME%%/etc/localtime >+@(,ossec,640) %%PORTNAME%%/etc/ossec-dist.conf >+@sample(,ossec,640) %%PORTNAME%%/etc/ossec-local.conf.sample >+@dir(,ossec,770) %%PORTNAME%%/etc/shared >+@(ossec,ossec,644) %%PORTNAME%%/etc/shared/cis_debian_linux_rcl.txt >+@(ossec,ossec,644) %%PORTNAME%%/etc/shared/cis_mysql5-6_community_rcl.txt >+@(ossec,ossec,644) %%PORTNAME%%/etc/shared/cis_mysql5-6_enterprise_rcl.txt >+@(ossec,ossec,644) %%PORTNAME%%/etc/shared/cis_rhel5_linux_rcl.txt >+@(ossec,ossec,644) %%PORTNAME%%/etc/shared/cis_rhel6_linux_rcl.txt >+@(ossec,ossec,644) %%PORTNAME%%/etc/shared/cis_rhel7_linux_rcl.txt >+@(ossec,ossec,644) %%PORTNAME%%/etc/shared/cis_rhel_linux_rcl.txt >+@(ossec,ossec,644) %%PORTNAME%%/etc/shared/cis_sles11_linux_rcl.txt >+@(ossec,ossec,644) %%PORTNAME%%/etc/shared/cis_sles12_linux_rcl.txt >+@(ossec,ossec,644) %%PORTNAME%%/etc/shared/rootkit_files.txt >+@(ossec,ossec,644) %%PORTNAME%%/etc/shared/rootkit_trojans.txt >+@(ossec,ossec,644) %%PORTNAME%%/etc/shared/system_audit_rcl.txt >+@(ossec,ossec,644) %%PORTNAME%%/etc/shared/system_audit_ssh.txt >+@(ossec,ossec,644) %%PORTNAME%%/etc/shared/win_applications_rcl.txt >+@(ossec,ossec,644) %%PORTNAME%%/etc/shared/win_audit_rcl.txt >+@(ossec,ossec,644) %%PORTNAME%%/etc/shared/win_malware_rcl.txt >+@dir(ossec,ossec,750) %%PORTNAME%%/logs >+@dir(,ossec,700) %%PORTNAME%%/.ssh >+@dir(,ossec,550) %%PORTNAME%%/queue >+@dir(ossec,ossec,770) %%PORTNAME%%/queue/alerts >+@dir(ossec,ossec,750) %%PORTNAME%%/queue/diff >+@dir(ossec,ossec,750) %%PORTNAME%%/queue/ossec >+@dir(ossec,ossec,750) %%PORTNAME%%/queue/rids >+@dir(ossec,ossec,750) %%PORTNAME%%/queue/syscheck >+@dir(,ossec,770) %%PORTNAME%%/tmp >+@dir(,ossec,550) %%PORTNAME%%/var >+@dir(,ossec,770) %%PORTNAME%%/var/run >+%%PORTDOCS%%%%DOCSDIR%%/BUGS >+%%PORTDOCS%%%%DOCSDIR%%/CONFIG >+%%PORTDOCS%%%%DOCSDIR%%/CONTRIBUTORS >+%%PORTDOCS%%%%DOCSDIR%%/INSTALL >+%%PORTDOCS%%%%DOCSDIR%%/LICENSE > >Property changes on: pkg-plist-agent >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: pkg-plist-local >=================================================================== >--- pkg-plist-local (nonexistent) >+++ pkg-plist-local (working copy) >@@ -0,0 +1,184 @@ >+@dir(,ossec,550) %%PORTNAME%% >+@dir(,ossec,550) %%PORTNAME%%/active-response >+@dir(,ossec,550) %%PORTNAME%%/active-response/bin >+@(,ossec,550) %%PORTNAME%%/active-response/bin/disable-account.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/firewall-drop.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/firewalld-drop.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/host-deny.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/ip-customblock.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/ipfw.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/ipfw_mac.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/merge-configs.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/npf.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/ossec-slack.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/ossec-tweeter.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/pf.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/restart-ossec.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/route-null.sh >+@dir(,ossec,550) %%PORTNAME%%/agentless >+@(,ossec,550) %%PORTNAME%%/agentless/main.exp >+@(,ossec,550) %%PORTNAME%%/agentless/register_host.sh >+@(,ossec,550) %%PORTNAME%%/agentless/ssh.exp >+@(,ossec,550) %%PORTNAME%%/agentless/ssh_asa-fwsmconfig_diff >+@(,ossec,550) %%PORTNAME%%/agentless/ssh_foundry_diff >+@(,ossec,550) %%PORTNAME%%/agentless/ssh_generic_diff >+@(,ossec,550) %%PORTNAME%%/agentless/ssh_integrity_check_bsd >+@(,ossec,550) %%PORTNAME%%/agentless/ssh_integrity_check_linux >+@(,ossec,550) %%PORTNAME%%/agentless/ssh_nopass.exp >+@(,ossec,550) %%PORTNAME%%/agentless/ssh_pixconfig_diff >+@(,ossec,550) %%PORTNAME%%/agentless/sshlogin.exp >+@(,ossec,550) %%PORTNAME%%/agentless/su.exp >+@dir(,,550) %%PORTNAME%%/bin >+@(,,550) %%PORTNAME%%/bin/agent_control >+@(,,550) %%PORTNAME%%/bin/clear_stats >+@(,,550) %%PORTNAME%%/bin/list_agents >+@(,,550) %%PORTNAME%%/bin/manage_agents >+@(,,550) %%PORTNAME%%/bin/ossec-agentlessd >+@(,,550) %%PORTNAME%%/bin/ossec-analysisd >+@(,,550) %%PORTNAME%%/bin/ossec-authd >+@(,,550) %%PORTNAME%%/bin/ossec-control >+@(,,550) %%PORTNAME%%/bin/ossec-csyslogd >+@(,,550) %%PORTNAME%%/bin/ossec-dbd >+@(,,550) %%PORTNAME%%/bin/ossec-execd >+@(,,550) %%PORTNAME%%/bin/ossec-logcollector >+@(,,550) %%PORTNAME%%/bin/ossec-logtest >+@(,,550) %%PORTNAME%%/bin/ossec-lua >+@(,,550) %%PORTNAME%%/bin/ossec-luac >+@(,,550) %%PORTNAME%%/bin/ossec-maild >+@(,,550) %%PORTNAME%%/bin/ossec-makelists >+@(,,550) %%PORTNAME%%/bin/ossec-monitord >+@(,,550) %%PORTNAME%%/bin/ossec-regex >+@(,,550) %%PORTNAME%%/bin/ossec-remoted >+@(,,550) %%PORTNAME%%/bin/ossec-reportd >+@(,,550) %%PORTNAME%%/bin/ossec-syscheckd >+@(,,550) %%PORTNAME%%/bin/ossec_conf >+@(,,550) %%PORTNAME%%/bin/rootcheck_control >+@(,,550) %%PORTNAME%%/bin/syscheck_control >+@(,,550) %%PORTNAME%%/bin/syscheck_update >+@(,,550) %%PORTNAME%%/bin/util.sh >+@(,,550) %%PORTNAME%%/bin/verify-agent-conf >+@dir(,ossec,550) %%PORTNAME%%/etc >+@(,ossec,640) %%PORTNAME%%/etc/decoder.xml >+@(,ossec,640) %%PORTNAME%%/etc/internal_options.conf >+@(,ossec,440) %%PORTNAME%%/etc/localtime >+@(,ossec,640) %%PORTNAME%%/etc/ossec-dist.conf >+@sample(,ossec,640) %%PORTNAME%%/etc/ossec-local.conf.sample >+@dir(,ossec,770) %%PORTNAME%%/etc/shared >+@(,ossec,640) %%PORTNAME%%/etc/shared/cis_debian_linux_rcl.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/cis_mysql5-6_community_rcl.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/cis_mysql5-6_enterprise_rcl.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/cis_rhel5_linux_rcl.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/cis_rhel6_linux_rcl.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/cis_rhel7_linux_rcl.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/cis_rhel_linux_rcl.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/cis_sles11_linux_rcl.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/cis_sles12_linux_rcl.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/rootkit_files.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/rootkit_trojans.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/system_audit_rcl.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/system_audit_ssh.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/win_applications_rcl.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/win_audit_rcl.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/win_malware_rcl.txt >+@dir(ossec,ossec,750) %%PORTNAME%%/logs >+@dir(,ossec,550) %%PORTNAME%%/rules >+@(,ossec,640) %%PORTNAME%%/rules/apache_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/apparmor_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/arpwatch_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/asterisk_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/attack_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/cimserver_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/cisco-ios_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/clam_av_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/courier_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/dovecot_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/dropbear_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/exim_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/firewall_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/firewalld_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/freebsd_config_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/freebsd_firewall_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/freebsd_ports_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/ftpd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/hordeimp_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/ids_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/imapd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/local_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/mailscanner_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/mcafee_av_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/ms-exchange_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/ms-se_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/ms_dhcp_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/ms_ftpd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/msauth_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/mysql_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/named_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/netscreenfw_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/nginx_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/nsd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/openbsd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/opensmtpd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/ossec_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/owncloud_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/pam_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/php_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/pix_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/policy_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/postfix_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/postgresql_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/proftpd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/proxmox-ve_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/psad_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/pure-ftpd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/racoon_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/roundcube_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/rules_config.xml >+@(,ossec,640) %%PORTNAME%%/rules/sendmail_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/smbd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/solaris_bsm_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/sonicwall_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/spamd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/squid_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/sshd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/symantec-av_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/symantec-ws_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/syslog_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/sysmon_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/systemd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/telnetd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/trend-osce_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/unbound_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/vmpop3d_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/vmware_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/vpn_concentrator_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/vpopmail_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/vsftpd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/web_appsec_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/web_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/wordpress_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/zeus_rules.xml >+@dir(,ossec,700) %%PORTNAME%%/.ssh >+@dir(ossec,ossec,750) %%PORTNAME%%/logs/alerts >+@dir(ossec,ossec,750) %%PORTNAME%%/logs/archives >+@dir(ossec,ossec,750) %%PORTNAME%%/logs/firewall >+@dir(,ossec,550) %%PORTNAME%%/queue >+@dir(ossecr,ossec,750) %%PORTNAME%%/queue/agent-info >+@dir(ossec,ossec,750) %%PORTNAME%%/queue/agentless >+@dir(ossec,ossec,770) %%PORTNAME%%/queue/alerts >+@dir(ossec,ossec,750) %%PORTNAME%%/queue/diff >+@dir(ossec,ossec,750) %%PORTNAME%%/queue/fts >+@dir(ossec,ossec,750) %%PORTNAME%%/queue/ossec >+@dir(ossecr,ossec,750) %%PORTNAME%%/queue/rids >+@dir(ossec,ossec,750) %%PORTNAME%%/queue/rootcheck >+@dir(ossec,ossec,750) %%PORTNAME%%/queue/syscheck >+@dir(ossec,ossec,750) %%PORTNAME%%/stats >+@dir(,ossec,770) %%PORTNAME%%/tmp >+@dir(,ossec,550) %%PORTNAME%%/var >+@dir(,ossec,770) %%PORTNAME%%/var/run >+%%PORTDOCS%%%%DOCSDIR%%/BUGS >+%%PORTDOCS%%%%DOCSDIR%%/CONFIG >+%%PORTDOCS%%%%DOCSDIR%%/CONTRIBUTORS >+%%PORTDOCS%%%%DOCSDIR%%/INSTALL >+%%PORTDOCS%%%%DOCSDIR%%/LICENSE >+%%MYSQL%%%%DOCSDIR%%/mysql.schema >+%%PGSQL%%%%DOCSDIR%%/postgresql.schema > >Property changes on: pkg-plist-local >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: pkg-plist-server >=================================================================== >--- pkg-plist-server (nonexistent) >+++ pkg-plist-server (working copy) >@@ -0,0 +1,187 @@ >+@dir(,ossec,550) %%PORTNAME%% >+@dir(,ossec,550) %%PORTNAME%%/active-response >+@dir(,ossec,550) %%PORTNAME%%/active-response/bin >+@(,ossec,550) %%PORTNAME%%/active-response/bin/disable-account.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/firewall-drop.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/firewalld-drop.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/host-deny.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/ip-customblock.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/ipfw.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/ipfw_mac.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/merge-configs.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/npf.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/ossec-slack.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/ossec-tweeter.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/pf.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/restart-ossec.sh >+@(,ossec,550) %%PORTNAME%%/active-response/bin/route-null.sh >+@dir(,ossec,550) %%PORTNAME%%/agentless >+@(,ossec,550) %%PORTNAME%%/agentless/main.exp >+@(,ossec,550) %%PORTNAME%%/agentless/register_host.sh >+@(,ossec,550) %%PORTNAME%%/agentless/ssh.exp >+@(,ossec,550) %%PORTNAME%%/agentless/ssh_asa-fwsmconfig_diff >+@(,ossec,550) %%PORTNAME%%/agentless/ssh_foundry_diff >+@(,ossec,550) %%PORTNAME%%/agentless/ssh_generic_diff >+@(,ossec,550) %%PORTNAME%%/agentless/ssh_integrity_check_bsd >+@(,ossec,550) %%PORTNAME%%/agentless/ssh_integrity_check_linux >+@(,ossec,550) %%PORTNAME%%/agentless/ssh_nopass.exp >+@(,ossec,550) %%PORTNAME%%/agentless/ssh_pixconfig_diff >+@(,ossec,550) %%PORTNAME%%/agentless/sshlogin.exp >+@(,ossec,550) %%PORTNAME%%/agentless/su.exp >+@dir(,,550) %%PORTNAME%%/bin >+@(,,550) %%PORTNAME%%/bin/agent_conf >+@(,,550) %%PORTNAME%%/bin/agent_control >+@(,,550) %%PORTNAME%%/bin/clear_stats >+@(,,550) %%PORTNAME%%/bin/list_agents >+@(,,550) %%PORTNAME%%/bin/manage_agents >+@(,,550) %%PORTNAME%%/bin/ossec-agentlessd >+@(,,550) %%PORTNAME%%/bin/ossec-analysisd >+@(,,550) %%PORTNAME%%/bin/ossec-authd >+@(,,550) %%PORTNAME%%/bin/ossec-control >+@(,,550) %%PORTNAME%%/bin/ossec-csyslogd >+@(,,550) %%PORTNAME%%/bin/ossec-dbd >+@(,,550) %%PORTNAME%%/bin/ossec-execd >+@(,,550) %%PORTNAME%%/bin/ossec-logcollector >+@(,,550) %%PORTNAME%%/bin/ossec-logtest >+@(,,550) %%PORTNAME%%/bin/ossec-lua >+@(,,550) %%PORTNAME%%/bin/ossec-luac >+@(,,550) %%PORTNAME%%/bin/ossec-maild >+@(,,550) %%PORTNAME%%/bin/ossec-makelists >+@(,,550) %%PORTNAME%%/bin/ossec-monitord >+@(,,550) %%PORTNAME%%/bin/ossec-regex >+@(,,550) %%PORTNAME%%/bin/ossec-remoted >+@(,,550) %%PORTNAME%%/bin/ossec-reportd >+@(,,550) %%PORTNAME%%/bin/ossec-syscheckd >+@(,,550) %%PORTNAME%%/bin/ossec_conf >+@(,,550) %%PORTNAME%%/bin/rootcheck_control >+@(,,550) %%PORTNAME%%/bin/syscheck_control >+@(,,550) %%PORTNAME%%/bin/syscheck_update >+@(,,550) %%PORTNAME%%/bin/util.sh >+@(,,550) %%PORTNAME%%/bin/verify-agent-conf >+@dir(,ossec,550) %%PORTNAME%%/etc >+@(,ossec,640) %%PORTNAME%%/etc/agent-dist.conf >+@sample(,ossec,640) %%PORTNAME%%/etc/agent-local.conf.sample >+@(,ossec,640) %%PORTNAME%%/etc/decoder.xml >+@(,ossec,640) %%PORTNAME%%/etc/internal_options.conf >+@(,ossec,440) %%PORTNAME%%/etc/localtime >+@(,ossec,640) %%PORTNAME%%/etc/ossec-dist.conf >+@sample(,ossec,640) %%PORTNAME%%/etc/ossec-local.conf.sample >+@dir(,ossec,770) %%PORTNAME%%/etc/shared >+@(,ossec,640) %%PORTNAME%%/etc/shared/cis_debian_linux_rcl.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/cis_mysql5-6_community_rcl.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/cis_mysql5-6_enterprise_rcl.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/cis_rhel5_linux_rcl.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/cis_rhel6_linux_rcl.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/cis_rhel7_linux_rcl.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/cis_rhel_linux_rcl.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/cis_sles11_linux_rcl.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/cis_sles12_linux_rcl.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/rootkit_files.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/rootkit_trojans.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/system_audit_rcl.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/system_audit_ssh.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/win_applications_rcl.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/win_audit_rcl.txt >+@(,ossec,640) %%PORTNAME%%/etc/shared/win_malware_rcl.txt >+@dir(ossec,ossec,750) %%PORTNAME%%/logs >+@dir(,ossec,550) %%PORTNAME%%/rules >+@(,ossec,640) %%PORTNAME%%/rules/apache_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/apparmor_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/arpwatch_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/asterisk_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/attack_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/cimserver_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/cisco-ios_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/clam_av_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/courier_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/dovecot_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/dropbear_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/exim_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/firewall_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/firewalld_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/freebsd_config_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/freebsd_firewall_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/freebsd_ports_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/ftpd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/hordeimp_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/ids_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/imapd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/local_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/mailscanner_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/mcafee_av_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/ms-exchange_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/ms-se_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/ms_dhcp_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/ms_ftpd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/msauth_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/mysql_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/named_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/netscreenfw_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/nginx_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/nsd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/openbsd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/opensmtpd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/ossec_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/owncloud_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/pam_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/php_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/pix_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/policy_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/postfix_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/postgresql_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/proftpd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/proxmox-ve_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/psad_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/pure-ftpd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/racoon_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/roundcube_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/rules_config.xml >+@(,ossec,640) %%PORTNAME%%/rules/sendmail_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/smbd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/solaris_bsm_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/sonicwall_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/spamd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/squid_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/sshd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/symantec-av_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/symantec-ws_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/syslog_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/sysmon_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/systemd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/telnetd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/trend-osce_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/unbound_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/vmpop3d_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/vmware_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/vpn_concentrator_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/vpopmail_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/vsftpd_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/web_appsec_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/web_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/wordpress_rules.xml >+@(,ossec,640) %%PORTNAME%%/rules/zeus_rules.xml >+@dir(,ossec,700) %%PORTNAME%%/.ssh >+@dir(ossec,ossec,750) %%PORTNAME%%/logs/alerts >+@dir(ossec,ossec,750) %%PORTNAME%%/logs/archives >+@dir(ossec,ossec,750) %%PORTNAME%%/logs/firewall >+@dir(,ossec,550) %%PORTNAME%%/queue >+@dir(ossecr,ossec,750) %%PORTNAME%%/queue/agent-info >+@dir(ossec,ossec,750) %%PORTNAME%%/queue/agentless >+@dir(ossec,ossec,770) %%PORTNAME%%/queue/alerts >+@dir(ossec,ossec,750) %%PORTNAME%%/queue/diff >+@dir(ossec,ossec,750) %%PORTNAME%%/queue/fts >+@dir(ossec,ossec,750) %%PORTNAME%%/queue/ossec >+@dir(ossecr,ossec,750) %%PORTNAME%%/queue/rids >+@dir(ossec,ossec,750) %%PORTNAME%%/queue/rootcheck >+@dir(ossec,ossec,750) %%PORTNAME%%/queue/syscheck >+@dir(ossec,ossec,750) %%PORTNAME%%/stats >+@dir(,ossec,770) %%PORTNAME%%/tmp >+@dir(,ossec,550) %%PORTNAME%%/var >+@dir(,ossec,770) %%PORTNAME%%/var/run >+%%PORTDOCS%%%%DOCSDIR%%/BUGS >+%%PORTDOCS%%%%DOCSDIR%%/CONFIG >+%%PORTDOCS%%%%DOCSDIR%%/CONTRIBUTORS >+%%PORTDOCS%%%%DOCSDIR%%/INSTALL >+%%PORTDOCS%%%%DOCSDIR%%/LICENSE >+%%MYSQL%%%%DOCSDIR%%/mysql.schema >+%%PGSQL%%%%DOCSDIR%%/postgresql.schema > >Property changes on: pkg-plist-server >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: scripts/plist.sh >=================================================================== >--- scripts/plist.sh (nonexistent) >+++ scripts/plist.sh (working copy) >@@ -0,0 +1,119 @@ >+#!/bin/sh >+ >+# Script generates entries for pkg-plist >+# Do not use it directly. Use the following command instead: >+# >+# make MAINTAINER_MODE=yes clean plist >+ >+OSSEC_TYPE=$1 >+PLIST=$2 >+PREFIX=$3 >+WORKDIR=$4 >+STAGEDIR="${WORKDIR}/stage" >+ >+staged_plist="${WORKDIR}/.staged-plist" >+fixed_lines="" >+if [ "${OSSEC_TYPE}" != "agent" ]; then >+ fixed_lines="${fixed_lines} %%MYSQL%%%%DOCSDIR%%/mysql.schema %%PGSQL%%%%DOCSDIR%%/postgresql.schema" >+fi >+skip_lines="%%PORTDOCS%%%%DOCSDIR%%/mysql.schema %%PORTDOCS%%%%DOCSDIR%%/postgresql.schema" >+skip_paths="/etc/ossec.conf /etc/local_internal_options.conf /etc/client.keys /logs/active-responses.log /logs/ossec.log /lua" >+sample_paths="/etc/ossec-local.conf.sample /etc/agent-local.conf.sample" >+if [ "${OSSEC_TYPE}" == "agent" ]; then >+ skip_paths="${skip_paths} /rules /agentless" >+fi >+ >+print_path() { >+ local path="$1" >+ local command="$2" >+ local full_path="${STAGEDIR}${PREFIX}${path}" >+ if [ -z "${command}" ]; then >+ command="@" >+ if [ -d "${full_path}" ]; then >+ command="@dir" >+ fi >+ fi >+ local user=`stat -f "%Su" "${full_path}"` >+ if [ "${user}" == "${USER}" ]; then >+ user="" >+ fi >+ local group=`stat -f "%Sg" "${full_path}"` >+ if [ "${group}" == "${GROUP}" ]; then >+ group="" >+ fi >+ local mode=`stat -f "%p" "${full_path}" | tail -c 4` >+ echo -e "${command}(${user},${group},${mode}) %%PORTNAME%%${path}" >> "${PLIST}" >+} >+ >+echo -n > "${PLIST}" >+ >+print_path >+ >+done_paths="" >+while read line; do >+ skip_line="" >+ for e in ${skip_lines}; do >+ if [ "${e}" == "${line}" ]; then >+ skip_line="${e}" >+ break >+ fi >+ done >+ if [ -z "${skip_line}" ]; then >+ path="" >+ case $line in >+ "@dir %%PORTNAME%%"*) >+ path=`echo "${line}" | sed -e "s|@dir %%PORTNAME%%||g"` >+ ;; >+ "%%PORTNAME%%"*) >+ path=`echo "${line}" | sed -e "s|%%PORTNAME%%||g"` >+ ;; >+ "%%"*) >+ unchanged_lines="${unchanged_lines} ${line}" >+ ;; >+ esac >+ if [ -n "${path}" ]; then >+ segments=`echo "${path}" | tr "/" "\n"` >+ path="" >+ for segment in ${segments}; do >+ path="${path}/${segment}" >+ skip_path="" >+ for e in ${skip_paths}; do >+ if [ "${e}" == "${path}" ]; then >+ skip_path="${e}" >+ break >+ fi >+ done >+ if [ -n "${skip_path}" ]; then >+ break >+ fi >+ done_path="" >+ for e in ${done_paths}; do >+ if [ "${e}" == "${path}" ]; then >+ done_path="${e}" >+ break >+ fi >+ done >+ if [ -z "${done_path}" ]; then >+ done_paths="${done_paths} ${path}" >+ sample_path="" >+ for e in ${sample_paths}; do >+ if [ "${e}" == "${path}" ]; then >+ sample_path="${e}" >+ break >+ fi >+ done >+ if [ -n "${sample_path}" ]; then >+ print_path "${path}" @sample >+ else >+ print_path "${path}" >+ fi >+ fi >+ done >+ fi >+ fi >+done < "${staged_plist}" >+ >+unchanged_lines="${unchanged_lines} ${fixed_lines}" >+for line in ${unchanged_lines}; do >+ echo "${line}" >> "${PLIST}" >+done > >Property changes on: scripts/plist.sh >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:executable >## -0,0 +1 ## >+* >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: scripts/template-to-agent.sh >=================================================================== >--- scripts/template-to-agent.sh (nonexistent) >+++ scripts/template-to-agent.sh (working copy) >@@ -0,0 +1,21 @@ >+#!/bin/sh >+ >+ossec_type="$1" >+ossec_prefix="$2" >+ossec_file="$3" >+ >+ossec_syscheck_dirs="${ossec_prefix}/etc,${ossec_prefix}/bin,${ossec_prefix}/active-response" >+ >+replace() { >+ sed -e 's|<template_config\(.*\)>|<agent_config\1>|' \ >+ -e 's|</template_config>|</agent_config>|' \ >+ -e "s|%%OSSEC_SYSCHECK_DIRS%%|${ossec_syscheck_dirs}|" \ >+ -e 's|^ <!-- agent:.*-->$||' \ >+ "${ossec_file}" >+} >+ >+extract() { >+ sed -n '/^<agent_config.*>$/,/^<\/agent_config>$/p' >+} >+ >+replace | extract > >Property changes on: scripts/template-to-agent.sh >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:executable >## -0,0 +1 ## >+* >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: scripts/template-to-ossec.sh >=================================================================== >--- scripts/template-to-ossec.sh (nonexistent) >+++ scripts/template-to-ossec.sh (working copy) >@@ -0,0 +1,37 @@ >+#!/bin/sh >+ >+ossec_type="$1" >+ossec_prefix="$2" >+ossec_file="$3" >+ >+ossec_syscheck_dirs="${ossec_prefix}/etc,${ossec_prefix}/bin,${ossec_prefix}/active-response" >+if [ "${ossec_type}" != "agent" ]; then >+ ossec_syscheck_dirs="${ossec_syscheck_dirs},${ossec_prefix}/agentless,${ossec_prefix}/rules" >+fi >+ >+replace() { >+ case "${ossec_type}" in >+ agent) >+ sed -e 's|<template_config>|<ossec_config>|' \ >+ -e 's|<template_config .*os="FreeBSD".*>|<ossec_config>|' \ >+ -e 's|</template_config>|</ossec_config>|' \ >+ -e "s|%%OSSEC_SYSCHECK_DIRS%%|${ossec_syscheck_dirs}|" \ >+ -e 's|^ <!-- agent:\(.*\)-->$| <!--\1-->|' \ >+ "${ossec_file}" >+ ;; >+ *) >+ sed -e 's|<template_config>|<ossec_config>|' \ >+ -e 's|<template_config .*os="FreeBSD".*>|<ossec_config>|' \ >+ -e 's|</template_config>|</ossec_config>|' \ >+ -e "s|%%OSSEC_SYSCHECK_DIRS%%|${ossec_syscheck_dirs}|" \ >+ -e 's|^ <!-- agent:.*-->$||' \ >+ "${ossec_file}" >+ ;; >+ esac >+} >+ >+extract() { >+ sed -n '/^<ossec_config.*>$/,/^<\/ossec_config>$/p' >+} >+ >+replace | extract > >Property changes on: scripts/template-to-ossec.sh >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:executable >## -0,0 +1 ## >+* >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 226465
:
191323
|
191324
|
191325
|
191326
|
191327
|
191384
|
192476