FreeBSD Bugzilla – Attachment 198749 Details for
Bug 232794
security/ossec-hids-server: update from 2.8.3 to 3.1.0
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
ossec-hids-3.1.0.diff
ossec-hids-3.1.0.diff (text/plain), 221.14 KB, created by
Dominik Lisiak
on 2018-10-29 20:14:55 UTC
(
hide
)
Description:
ossec-hids-3.1.0.diff
Filename:
MIME Type:
Creator:
Dominik Lisiak
Created:
2018-10-29 20:14:55 UTC
Size:
221.14 KB
patch
obsolete
>Index: security/ossec-hids/Makefile >=================================================================== >--- security/ossec-hids/Makefile (nonexistent) >+++ security/ossec-hids/Makefile (working copy) >@@ -0,0 +1,35 @@ >+# $FreeBSD$ >+ >+PORTNAME= ossec-hids >+PORTVERSION= 3.1.0 >+PORTREVISION= >+CATEGORIES= security >+ >+MAINTAINER= dominik.lisiak@bemsoft.pl >+COMMENT= Security tool to monitor and check logs and intrusions >+ >+LICENSE= GPLv2 >+ >+RUN_DEPENDS= ossec-hids-${OSSEC_TYPE}>=${PORTVERSION}:security/ossec-hids-${OSSEC_TYPE} >+ >+USES= metaport >+ >+OPTIONS_DEFINE= CONFIG >+ >+OPTIONS_SINGLE= G_TYPE >+OPTIONS_SINGLE_G_TYPE= LOCAL AGENT SERVER >+ >+OPTIONS_DEFAULT= CONFIG LOCAL >+ >+CONFIG_DESC= Install configuration manager and samples >+G_TYPE_DESC= Installation type >+LOCAL_DESC= Analizes local data only (standalone) >+AGENT_DESC= Sends local data to the server for analysis >+SERVER_DESC= Analizes local data and data received from multiple agents >+ >+CONFIG_VARS= RUN_DEPENDS+=ossec-hids-${OSSEC_TYPE}-config>=${PORTVERSION}:security/ossec-hids-${OSSEC_TYPE}-config >+LOCAL_VARS= OSSEC_TYPE=local >+AGENT_VARS= OSSEC_TYPE=agent >+SERVER_VARS= OSSEC_TYPE=server >+ >+.include <bsd.port.mk> > >Property changes on: security/ossec-hids/Makefile >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:keywords >## -0,0 +1 ## >+FreeBSD=%H >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids/pkg-descr >=================================================================== >--- security/ossec-hids/pkg-descr (nonexistent) >+++ security/ossec-hids/pkg-descr (working copy) >@@ -0,0 +1,6 @@ >+OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection >+System (HIDS). It has a powerful correlation and analysis engine, integrating >+log analysis, file integrity checking, Windows registry monitoring, centralized >+policy enforcement, rootkit detection, real-time alerting and active response. >+ >+WWW: https://ossec.github.io > >Property changes on: security/ossec-hids/pkg-descr >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-agent-config/Makefile >=================================================================== >--- security/ossec-hids-agent-config/Makefile (nonexistent) >+++ security/ossec-hids-agent-config/Makefile (working copy) >@@ -0,0 +1,7 @@ >+# $FreeBSD$ >+ >+OSSEC_TYPE= agent >+ >+MASTERDIR= ${.CURDIR}/../ossec-hids-local-config >+ >+.include "${MASTERDIR}/Makefile" > >Property changes on: security/ossec-hids-agent-config/Makefile >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:keywords >## -0,0 +1 ## >+FreeBSD=%H >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-client/Makefile >=================================================================== >--- security/ossec-hids-client/Makefile (revision 483209) >+++ security/ossec-hids-client/Makefile (working copy) >@@ -1,13 +1,7 @@ >-# Created by: Valerio Daelli <valerio.daelli@gmail.com> > # $FreeBSD$ > >-PORTREVISION= 0 >-COMMENT= Client port of ossec-hids >+OSSEC_TYPE= agent > >-CLIENT_ONLY= yes >+MASTERDIR= ${.CURDIR}/../ossec-hids-local > >-MASTERDIR= ${.CURDIR}/../ossec-hids-server >- >-PLIST= ${.CURDIR}/pkg-plist.client >- > .include "${MASTERDIR}/Makefile" >Index: security/ossec-hids-client/pkg-plist.client >=================================================================== >--- security/ossec-hids-client/pkg-plist.client (revision 483209) >+++ security/ossec-hids-client/pkg-plist.client (nonexistent) >@@ -1,69 +0,0 @@ >-%%PORTNAME%%/active-response/bin/disable-account.sh >-%%PORTNAME%%/active-response/bin/firewall-drop.sh >-%%PORTNAME%%/active-response/bin/host-deny.sh >-%%PORTNAME%%/active-response/bin/ip-customblock.sh >-%%PORTNAME%%/active-response/bin/ipfw.sh >-%%PORTNAME%%/active-response/bin/ipfw_mac.sh >-%%PORTNAME%%/active-response/bin/ossec-tweeter.sh >-%%PORTNAME%%/active-response/bin/pf.sh >-%%PORTNAME%%/active-response/bin/restart-ossec.sh >-%%PORTNAME%%/active-response/bin/route-null.sh >-%%PORTNAME%%/bin/agent-auth >-%%PORTNAME%%/bin/manage_agents >-%%PORTNAME%%/bin/ossec-agentd >-%%PORTNAME%%/bin/ossec-control >-%%PORTNAME%%/bin/ossec-execd >-%%PORTNAME%%/bin/ossec-logcollector >-%%PORTNAME%%/bin/ossec-lua >-%%PORTNAME%%/bin/ossec-luac >-%%PORTNAME%%/bin/ossec-syscheckd >-%%PORTNAME%%/bin/util.sh >-@group ossec >-%%PORTNAME%%/etc/shared/cis_debian_linux_rcl.txt >-%%PORTNAME%%/etc/shared/cis_rhel_linux_rcl.txt >-%%PORTNAME%%/etc/shared/cis_rhel5_linux_rcl.txt >-%%PORTNAME%%/etc/shared/rootkit_trojans.txt >-%%PORTNAME%%/etc/shared/rootkit_files.txt >-%%PORTNAME%%/etc/shared/system_audit_rcl.txt >-%%PORTNAME%%/etc/shared/win_malware_rcl.txt >-%%PORTNAME%%/etc/shared/win_audit_rcl.txt >-%%PORTNAME%%/etc/shared/win_applications_rcl.txt >-@sample %%PORTNAME%%/etc/ossec.conf.sample >-%%PORTNAME%%/etc/internal_options.conf >-@owner ossec >-%%PORTNAME%%/logs/ossec.log >-@owner >-%%PORTNAME%%/agentless/main.exp >-%%PORTNAME%%/agentless/sshlogin.exp >-%%PORTNAME%%/agentless/ssh_asa-fwsmconfig_diff >-%%PORTNAME%%/agentless/ssh_foundry_diff >-%%PORTNAME%%/agentless/ssh_pixconfig_diff >-%%PORTNAME%%/agentless/ssh_nopass.exp >-%%PORTNAME%%/agentless/ssh_integrity_check_linux >-%%PORTNAME%%/agentless/ssh_integrity_check_bsd >-%%PORTNAME%%/agentless/ssh_generic_diff >-%%PORTNAME%%/agentless/ssh.exp >-%%PORTNAME%%/agentless/register_host.sh >-%%PORTNAME%%/agentless/su.exp >-@dir %%PORTNAME%%/agentless >-@dir %%PORTNAME%%/active-response/bin >-@dir %%PORTNAME%%/active-response >-@dir %%PORTNAME%%/etc/shared >-@dir %%PORTNAME%%/etc >-@dir %%PORTNAME%%/tmp >-@dir %%PORTNAME%%/var/run >-@dir %%PORTNAME%%/var >-@dir %%PORTNAME%%/queue/syscheck >-@dir %%PORTNAME%%/queue/rids >-@owner ossec >-@dir %%PORTNAME%%/queue/ossec >-@dir %%PORTNAME%%/queue/diff >-@owner >-@dir %%PORTNAME%%/queue/alerts >-@dir %%PORTNAME%%/queue >-@dir %%PORTNAME%%/logs >-@dir %%PORTNAME%%/bin >-@owner ossec >-@dir %%PORTNAME%%/.ssh >-@owner >-@dir %%PORTNAME%% > >Property changes on: security/ossec-hids-client/pkg-plist.client >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: security/ossec-hids-local/Makefile >=================================================================== >--- security/ossec-hids-local/Makefile (revision 483209) >+++ security/ossec-hids-local/Makefile (working copy) >@@ -1,11 +1,247 @@ >-# Created by: Valerio Daelli <valerio.daelli@gmail.com> > # $FreeBSD$ > >-PORTREVISION= 1 >-COMMENT= Client and server (local) port of ossec-hids >+PORTNAME= ossec-hids >+PORTVERSION= 3.1.0 >+PORTREVISION= >+CATEGORIES= security >+PKGNAMESUFFIX= -${OSSEC_TYPE} > >-LOCAL_ONLY= yes >+MAINTAINER= dominik.lisiak@bemsoft.pl >+COMMENT= Security tool to monitor and check logs and intrusions > >-MASTERDIR= ${.CURDIR}/../ossec-hids-server >+LICENSE= GPLv2 >+LICENSE_FILE= ${WRKSRC}/LICENSE > >-.include "${MASTERDIR}/Makefile" >+OSSEC_TYPE?= local >+ >+.if ${OSSEC_TYPE} == local >+CONFLICTS_INSTALL= ossec-hids-client-* \ >+ ossec-hids-agent-* \ >+ ossec-hids-server-* >+.elif ${OSSEC_TYPE} == agent >+CONFLICTS_INSTALL= ossec-hids-client-* \ >+ ossec-hids-local-* \ >+ ossec-hids-server-* >+.elif ${OSSEC_TYPE} == server >+CONFLICTS_INSTALL= ossec-hids-client-* \ >+ ossec-hids-agent-* \ >+ ossec-hids-local-* >+.endif >+ >+.if ${OSSEC_TYPE} != agent >+RUN_DEPENDS= expect:lang/expect >+.endif >+ >+GEOIP_LIB_DEPENDS= libGeoIP.so:net/GeoIP >+INOTIFY_LIB_DEPENDS= libinotify.so:devel/libinotify >+PRELUDE_LIB_DEPENDS= libprelude.so:security/libprelude >+ZEROMQ_LIB_DEPENDS= libczmq.so:net/czmq >+ >+USES= gmake readline ssl >+MYSQL_USE= mysql >+PGSQL_USES= pgsql >+ >+USE_GITHUB= yes >+GH_ACCOUNT= ossec >+USE_RC_SUBR= ossec-hids >+ >+.if ${OSSEC_TYPE} != agent >+USES+= shebangfix >+SHEBANG_LANG= expect >+expect_OLD_CMD= "/usr/bin/env expect" >+expect_CMD= ${LOCALBASE}/bin/expect >+SHEBANG_FILES= src/agentlessd/scripts/main.exp \ >+ src/agentlessd/scripts/ssh.exp \ >+ src/agentlessd/scripts/ssh_asa-fwsmconfig_diff \ >+ src/agentlessd/scripts/ssh_foundry_diff \ >+ src/agentlessd/scripts/ssh_generic_diff \ >+ src/agentlessd/scripts/ssh_integrity_check_bsd \ >+ src/agentlessd/scripts/ssh_integrity_check_linux \ >+ src/agentlessd/scripts/ssh_nopass.exp \ >+ src/agentlessd/scripts/ssh_pixconfig_diff \ >+ src/agentlessd/scripts/sshlogin.exp \ >+ src/agentlessd/scripts/su.exp >+.endif >+ >+OPTIONS_SUB= yes >+OPTIONS_DEFINE= DOCS INOTIFY >+ >+.if ${OSSEC_TYPE} != agent >+OPTIONS_DEFINE+= GEOIP PRELUDE ZEROMQ >+ >+OPTIONS_RADIO= DATABASE >+OPTIONS_RADIO_DATABASE= MYSQL PGSQL >+.endif >+ >+OPTIONS_DEFAULT= INOTIFY >+ >+INOTIFY_DESC= Kevent based real time monitoring >+PRELUDE_DESC= Sensor support from Prelude SIEM >+ZEROMQ_DESC= ZeroMQ support (experimental) >+DATABASE_DESC= Database output >+ >+GEOIP_VARS= OSSEC_ARGS+=USE_GEOIP=yes >+INOTIFY_VARS= OSSEC_ARGS+=USE_INOTIFY=yes >+PRELUDE_VARS= OSSEC_ARGS+=USE_PRELUDE=yes >+ZEROMQ_VARS= OSSEC_ARGS+=USE_ZEROMQ=yes >+MYSQL_VARS= OSSEC_ARGS+=DATABASE=mysql PKGMSG_FILES+=message-database DB_TYPE=mysql DB_SCHEMA=mysql.schema >+PGSQL_VARS= OSSEC_ARGS+=DATABASE=pgsql PKGMSG_FILES+=message-database DB_TYPE=postgresql DB_SCHEMA=postgresql.schema >+ >+OSSEC_ARGS+= TARGET=${OSSEC_TYPE} >+.if ${OSSEC_TYPE} == agent >+STRIP_FILES= agent-auth \ >+ manage_agents \ >+ ossec-agentd \ >+ ossec-execd \ >+ ossec-logcollector \ >+ ossec-lua \ >+ ossec-luac \ >+ ossec-syscheckd >+.else >+STRIP_FILES= agent_control \ >+ clear_stats \ >+ list_agents \ >+ manage_agents \ >+ ossec-agentlessd \ >+ ossec-analysisd \ >+ ossec-authd \ >+ ossec-csyslogd \ >+ ossec-dbd \ >+ ossec-execd \ >+ ossec-logcollector \ >+ ossec-logtest \ >+ ossec-lua \ >+ ossec-luac \ >+ ossec-maild \ >+ ossec-makelists \ >+ ossec-monitord \ >+ ossec-regex \ >+ ossec-remoted \ >+ ossec-reportd \ >+ ossec-syscheckd \ >+ rootcheck_control \ >+ syscheck_control \ >+ syscheck_update \ >+ verify-agent-conf >+.endif >+.if defined(MAINTAINER_MODE) >+OSSEC_HOME= ${PREFIX}/${PORTNAME} >+.else >+OSSEC_HOME?= ${PREFIX}/${PORTNAME} >+.endif >+OSSEC_RC= ${PREFIX}/etc/rc.d/ossec-hids >+FIREWALL_DROP_BIN= ${OSSEC_HOME}/active-response/bin/firewall-drop.sh >+IPFILTER_BIN= ${OSSEC_HOME}/active-response/bin/ipfilter.sh >+RESTART_OSSEC_BIN= ${OSSEC_HOME}/active-response/bin/restart-ossec.sh >+SHARED_DIR= ${OSSEC_HOME}/etc/shared >+INTERNAL_OPTS_CONF= ${OSSEC_HOME}/etc/local_internal_options.conf >+ >+.if empty(USER) >+USER=$$(${ID} -un) >+.endif >+.if empty(GROUP) >+GROUP=$$(${ID} -gn) >+.endif >+ >+.if !defined(MAINTAINER_MODE) >+USER_ARGS+= OSSEC_GROUP=${GROUP} \ >+ OSSEC_USER=${USER} \ >+ OSSEC_USER_MAIL=${USER} \ >+ OSSEC_USER_REM=${USER} >+.endif >+OSSEC_USER= ossec >+OSSEC_GROUP= ossec >+USERS= ${OSSEC_USER} ossecm ossecr >+GROUPS= ${OSSEC_GROUP} >+ >+SUB_LIST+= PORTNAME=${PORTNAME} \ >+ CATEGORY=${CATEGORIES:[1]} \ >+ OSSEC_TYPE=${OSSEC_TYPE} \ >+ OSSEC_HOME=${OSSEC_HOME} \ >+ VERSION=${PORTVERSION} \ >+ DB_TYPE=${DB_TYPE} \ >+ DB_SCHEMA=${DOCSDIR}/${DB_SCHEMA} \ >+ USER=${USER} \ >+ OSSEC_USER=${OSSEC_USER} \ >+ OSSEC_GROUP=${OSSEC_GROUP} \ >+ OSSEC_RC=${OSSEC_RC} >+SUB_FILES= pkg-install \ >+ pkg-deinstall \ >+ ${PKGMSG_FILES} \ >+ restart-ossec.sh >+ >+.if defined(MAINTAINER_MODE) >+PLIST_SUB= OSSEC_HOME=${PORTNAME} >+.else >+PLIST_SUB= OSSEC_HOME=${OSSEC_HOME} >+.endif >+PLIST= ${PKGDIR}/pkg-plist-${OSSEC_TYPE} >+DOCSFILES= BUGS CHANGELOG CONTRIBUTORS LICENSE README.md SUPPORT.md >+PKGHELP= ${PKGDIR}/pkg-help-${OSSEC_TYPE} >+PKGMESSAGE= ${WRKDIR}/pkg-message >+PKGMSG_FILES= message-header >+ >+CFLAGS+= -I${LOCALBASE}/include >+ >+BUILD_ARGS+= ${MAKE_ARGS} ${OSSEC_ARGS} PREFIX=${OSSEC_HOME} >+INSTALL_ARGS+= ${USER_ARGS} ${OSSEC_ARGS} PREFIX=${STAGEDIR}${OSSEC_HOME} >+ >+.include <bsd.port.pre.mk> >+ >+PKGMSG_FILES+= message-firewall message-config >+ >+post-patch: >+ @${REINPLACE_CMD} -e 's|-DLUA_USE_LINUX|& ${CPPFLAGS}|' \ >+ -e 's|-lreadline|& ${LDFLAGS}|' \ >+ ${WRKSRC}/src/external/lua/src/Makefile >+ >+do-build: >+ @cd ${WRKSRC}/src; ${SETENV} ${MAKE_ENV} ${MAKE_CMD} ${BUILD_ARGS} build >+ >+do-install: >+ @cd ${WRKSRC}/src; ${SETENV} ${MAKE_ENV} ${MAKE_CMD} ${INSTALL_ARGS} install >+ >+post-install: >+ @${MV} -f ${STAGEDIR}${INTERNAL_OPTS_CONF} ${STAGEDIR}${INTERNAL_OPTS_CONF}.sample >+ @${MV} -f ${STAGEDIR}${FIREWALL_DROP_BIN} ${STAGEDIR}${IPFILTER_BIN} >+ @${CP} -f ${WRKDIR}/restart-ossec.sh ${STAGEDIR}${RESTART_OSSEC_BIN} >+ @${CHMOD} 550 ${STAGEDIR}${RESTART_OSSEC_BIN} >+.if defined(MAINTAINER_MODE) >+ @${CHOWN} ${USER}:${OSSEC_GROUP} ${STAGEDIR}${RESTART_OSSEC_BIN} >+.endif >+ >+.if ${OSSEC_TYPE} == agent >+.if defined(MAINTAINER_MODE) >+ @for file_name in $$(find "${STAGEDIR}${SHARED_DIR}" -type f); do ${CHMOD} 0644 $${file_name}; ${CHOWN} ${OSSEC_USER}:${OSSEC_GROUP} $${file_name}; done >+.else >+ @for file_name in $$(find "${STAGEDIR}${SHARED_DIR}" -type f); do ${CHMOD} 0644 $${file_name}; done >+.endif >+.endif >+ @${ECHO_CMD} -n > ${PKGMESSAGE} >+.for file_name in ${PKGMSG_FILES} >+ @${CAT} ${WRKDIR}/${file_name} >> ${PKGMESSAGE} >+ @${ECHO_CMD} >> ${PKGMESSAGE} >+.endfor >+.for file_name in ${STRIP_FILES} >+ @${STRIP_CMD} ${STAGEDIR}${OSSEC_HOME}/bin/${file_name} >+.endfor >+ >+.if defined(MAINTAINER_MODE) >+plist: makeplist >+ @${SCRIPTDIR}/plist.sh ${OSSEC_TYPE} ${OSSEC_HOME} ${PLIST} ${WRKDIR} ${STAGEDIR} >+.endif >+ >+post-install-DOCS-on: >+ @${MKDIR} ${STAGEDIR}${DOCSDIR} >+ @cd ${WRKSRC} && ${INSTALL_DATA} ${DOCSFILES} ${STAGEDIR}${DOCSDIR} >+ @cd ${WRKSRC} && ${INSTALL_DATA} etc/ossec-${OSSEC_TYPE}.conf ${STAGEDIR}${DOCSDIR}/ossec.conf.sample >+ >+post-install-MYSQL-on: >+ @${MKDIR} ${STAGEDIR}${DOCSDIR} >+ @cd ${WRKSRC} && ${INSTALL_DATA} src/os_dbd/${DB_SCHEMA} ${STAGEDIR}${DOCSDIR} >+ >+post-install-PGSQL-on: >+ @${MKDIR} ${STAGEDIR}${DOCSDIR} >+ @cd ${WRKSRC} && ${INSTALL_DATA} src/os_dbd/${DB_SCHEMA} ${STAGEDIR}${DOCSDIR} >+ >+.include <bsd.port.post.mk> >Index: security/ossec-hids-local/distinfo >=================================================================== >--- security/ossec-hids-local/distinfo (nonexistent) >+++ security/ossec-hids-local/distinfo (working copy) >@@ -0,0 +1,3 @@ >+TIMESTAMP = 1539457911 >+SHA256 (ossec-ossec-hids-3.1.0_GH0.tar.gz) = e0e2987751badb95c2bf618531c7853b2289c910f796da85ff394c0faea43f50 >+SIZE (ossec-ossec-hids-3.1.0_GH0.tar.gz) = 1886469 > >Property changes on: security/ossec-hids-local/distinfo >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local/files/message-config.in >=================================================================== >--- security/ossec-hids-local/files/message-config.in (nonexistent) >+++ security/ossec-hids-local/files/message-config.in (working copy) >@@ -0,0 +1,5 @@ >+Consider installing "%%CATEGORY%%/%%PORTNAME%%-%%OSSEC_TYPE%%-config" to ease >+OSSEC configuration. >+ >+For additional help execute: >+# %%PREFIX%%/etc/rc.d/ossec-hids help > >Property changes on: security/ossec-hids-local/files/message-config.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local/files/message-database.in >=================================================================== >--- security/ossec-hids-local/files/message-database.in (nonexistent) >+++ security/ossec-hids-local/files/message-database.in (working copy) >@@ -0,0 +1,8 @@ >+The database schema file: >+%%DB_SCHEMA%% >+ >+To enable database output execute: >+# %%OSSEC_HOME%%/bin/ossec-control enable database >+ >+For further steps see the documentation: >+https://www.ossec.net/docs/syntax/head_ossec_config.database_output.html > >Property changes on: security/ossec-hids-local/files/message-database.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local/files/message-firewall.in >=================================================================== >--- security/ossec-hids-local/files/message-firewall.in (nonexistent) >+++ security/ossec-hids-local/files/message-firewall.in (working copy) >@@ -0,0 +1,12 @@ >+If you intend to use "firewall-drop" active response on this OSSEC instance >+create the script: >+%%OSSEC_HOME%%/active-response/bin/firewall-drop.sh >+ >+You can copy or hard link (symbolic link is not supported) one of the scripts >+already provided by OSSEC: >+%%OSSEC_HOME%%/active-response/bin/ipfilter.sh >+%%OSSEC_HOME%%/active-response/bin/ipfw.sh >+%%OSSEC_HOME%%/active-response/bin/pf.sh >+ >+For further steps see the documentation: >+https://www.ossec.net/docs/syntax/head_ossec_config.active-response.html > >Property changes on: security/ossec-hids-local/files/message-firewall.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local/files/message-header.in >=================================================================== >--- security/ossec-hids-local/files/message-header.in (nonexistent) >+++ security/ossec-hids-local/files/message-header.in (working copy) >@@ -0,0 +1,10 @@ >+All the files related to OSSEC have been installed in: >+%%OSSEC_HOME%% >+ >+You need to create main configuration file: >+%%OSSEC_HOME%%/etc/ossec.conf >+ >+For information on proper configuration see: >+https://www.ossec.net/docs/syntax/ossec_config.html >+ >+To enable the startup script add ossec_hids_enable="YES" to /etc/rc.conf. > >Property changes on: security/ossec-hids-local/files/message-header.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local/files/ossec-hids.in >=================================================================== >--- security/ossec-hids-local/files/ossec-hids.in (nonexistent) >+++ security/ossec-hids-local/files/ossec-hids.in (working copy) >@@ -0,0 +1,537 @@ >+#!/bin/sh >+# >+# PROVIDE: ossec_hids >+# REQUIRE: DAEMON >+# BEFORE: LOGIN >+# KEYWORD: shutdown >+ >+# ossec_hids_enable (bool): Set it to YES to enable %%PORTNAME%%. >+# Default: NO >+# ossec_hids_clear_log (bool): Set it to YES to clear ossec.log before %%PORTNAME%% startup. >+# Default: NO >+# ossec_hids_clear_ar_log (bool): Set it to YES to clear active-responses.log before %%PORTNAME%% startup. >+# Default: NO >+# ossec_hids_fetch_connect_time (int): Time in seconds to wait for the download of the shared configuration to start. >+# Used only by agent installation. >+# Default: 30 >+# ossec_hids_fetch_read_time (int): Time in seconds to wait for subsequent download chunks of the shared configuration. >+# Used only by agent installation. >+# Default: 10 >+ >+. /etc/rc.subr >+ >+name="ossec_hids" >+rcvar=ossec_hids_enable >+ >+load_rc_config $name >+ >+: ${ossec_hids_enable="NO"} >+: ${ossec_hids_clear_log="NO"} >+: ${ossec_hids_clear_ar_log="NO"} >+: ${ossec_hids_fetch_connect_time=30} >+: ${ossec_hids_fetch_read_time=10} >+ >+ossec_type="%%OSSEC_TYPE%%" >+ossec_home="%%OSSEC_HOME%%" >+ >+ossec_conf="${ossec_home}/etc/ossec.conf" >+ossec_conf_dir="${ossec_home}/etc/ossec.conf.d" >+ossec_conf_bin="${ossec_home}/bin/config/ossec-conf" >+ >+agent_conf="${ossec_home}/etc/shared/agent.conf" >+agent_conf_dir="${ossec_home}/etc/agent.conf.d" >+agent_conf_bin="${ossec_home}/bin/config/agent-conf" >+ >+ossec_client_keys="${ossec_home}/etc/client.keys" >+ossec_ar_tmp="${ossec_home}/active-response" >+ossec_log="${ossec_home}/logs/ossec.log" >+ossec_ar_log="${ossec_home}/logs/active-responses.log" >+ossec_merged="${ossec_home}/etc/shared/merged.mg" >+ >+ossec_local_time="/etc/localtime" >+ >+extra_commands="help status reload ossec_conf" >+case ${ossec_type} in >+ server) >+ extra_commands="${extra_commands} agent_conf manage_agent reset_counter" >+ ;; >+ agent) >+ extra_commands="${extra_commands} agent_conf manage_agent reset_counter config_profile fetch_config" >+ ;; >+esac >+if [ -x "${ossec_conf_bin}" ]; then >+ extra_commands="${extra_commands} merge_config" >+fi >+ >+ossec_rc_command=$1 >+shift 1 >+ >+help_cmd="ossec_hids_help $@" >+start_cmd="ossec_hids_command start $@" >+stop_cmd="ossec_hids_command stop $@" >+restart_cmd="ossec_hids_command restart $@" >+status_cmd="ossec_hids_command status $@" >+reload_cmd="ossec_hids_command reload $@" >+manage_agent_cmd="ossec_hids_manage_agent $@" >+reset_counter_cmd="ossec_hids_reset_counter $@" >+config_profile_cmd="ossec_hids_config_profile $@" >+fetch_config_cmd="ossec_hids_fetch_config $@" >+merge_config_cmd="ossec_hids_create_config force $@" >+ossec_conf_cmd="ossec_hids_ossec_conf $@" >+agent_conf_cmd="ossec_hids_agent_conf $@" >+ >+start_precmd="ossec_hids_create_env && ossec_hids_create_config && ossec_hids_clean && ossec_hids_check" >+restart_precmd="${start_precmd}" >+reload_precmd="ossec_hids_create_env && ossec_hids_create_config" >+config_profile_precmd="ossec_hids_check" >+fetch_config_precmd="${start_precmd}" >+ >+agent_ids_cmd="${ossec_home}/bin/manage_agents -l | sed -En -e 's|.*ID:[[:space:]]*([[:digit:]]+).*|\1|p'" >+agent_names_cmd="${ossec_home}/bin/manage_agents -l | sed -En -e 's|.*Name:[[:space:]]*([^,]+).*|\1|p'" >+ >+ossec_hids_help() { >+ local indent=" " >+ >+ echo "Additional commands:" >+ echo >+ >+ for command in ${extra_commands}; do >+ case ${command} in >+ ossec_conf) >+ echo "${command}" >+ if [ -x "${ossec_conf_bin}" ]; then >+ echo "${indent}Displays the \"ossec.conf\" as it would have been produced" >+ echo "${indent}by merging files from \"ossec.conf.d\" directory." >+ echo "${indent}Does not overwrite the actual \"ossec.conf\"." >+ else >+ echo "${indent}Displays the current \"ossec.conf\"." >+ fi >+ echo >+ ;; >+ agent_conf) >+ echo "${command}" >+ if [ -x "${agent_conf_bin}" ]; then >+ echo "${indent}Displays the \"agent.conf\" as it would have been produced" >+ echo "${indent}by merging files from \"agent.conf.d\" directory." >+ echo "${indent}Does not overwrite the actual \"agent.conf\"." >+ else >+ echo "${indent}Displays the current \"agent.conf\"." >+ fi >+ echo >+ ;; >+ manage_agent) >+ echo "${command} [...]" >+ echo "${indent}Executes OSSEC Agent Manager." >+ echo "${indent}Any additional arguments will be passed along (-h for help)." >+ echo "${indent}Use this command to export and import agent keys." >+ echo >+ ;; >+ reset_counter) >+ case ${ossec_type} in >+ server) >+ echo "${command} <agent_name>" >+ echo "${indent}Stops the OSSEC and resets (removes) the replay attack prevention counter(s)." >+ echo "${indent}Only the counter for the given <agent_name> is reset." >+ echo "${indent}If the <agent_name> is \"-\", then counters for all agents are reset." >+ ;; >+ agent) >+ echo "${command}" >+ echo "${indent}Stops the OSSEC and resets (removes) the replay attack prevention counter." >+ ;; >+ esac >+ echo "${indent}Use this command on both the server and the agent to bring back connectivity." >+ echo "${indent}The typical scenario for desynchronization of counters is one of the OSSEC" >+ echo "${indent}instances has been restored from backup." >+ echo "${indent}Use the following procedure:" >+ echo "${indent}1. Reset counter on the agent." >+ echo "${indent}2. Reset counter on the server for that specific agent." >+ echo "${indent}3. Start the server." >+ echo "${indent}4. Start the agent." >+ echo >+ ;; >+ config_profile) >+ echo "${command}" >+ echo "${indent}Displays a list (i.e. union of sets) of applicable (to this agent) configuration" >+ echo "${indent}profiles sent by the server (current \"agent.conf\") merged with configuration" >+ echo "${indent}profiles enabled on this agent (current \"ossec.conf\"). Each entry on the list" >+ echo "${indent}is marked with one of the following markers:" >+ echo "${indent}(+) - The profile is sent by the server and is enabled on this agent." >+ echo "${indent}(-) - The profile is sent by the server and is applicable for this agent, but is" >+ echo "${indent} not enabled in the \"ossec.conf\"." >+ echo "${indent}(?) - The profile is enabled on this agent, but is not sent by the server or is" >+ echo "${indent} not applicable to this agent." >+ echo >+ ;; >+ fetch_config) >+ echo "${command}" >+ echo "${indent}(Re)starts the agent with a fresh copy of server shared configuration (including" >+ echo "${indent}\"agent.conf\"). Command can also be used to ensure server connectivity." >+ echo >+ ;; >+ merge_config) >+ echo "${command}" >+ echo "${indent}Creates \"ossec.conf\" by merging files from \"ossec.conf.d\" directory." >+ case ${ossec_type} in >+ server) >+ echo "${indent}Creates \"agent.conf\" by merging files from \"agent.conf.d\" directory." >+ ;; >+ esac >+ echo "${indent}Usually you do not need to run this command, because configuration files will" >+ echo "${indent}be merged before OSSEC startup if any of them has been modified/created/deleted" >+ echo "${indent}since the last merging. This command, however, does merging unconditionally." >+ echo >+ ;; >+ esac >+ done >+ >+ echo "To avoid problems with this script and the port in general, keep your XML-like" >+ echo "configuration pretty printed. Place element tags in single and separate lines." >+ echo "Comments can span on multiple but still separate lines." >+ echo "Do NOT use the following formatting:" >+ echo >+ echo "${indent}<elementA" >+ echo "${indent}${indent}attribute=\"value\"><!-- I am a long and" >+ echo "${indent}${indent}${indent}descriptive comment -->" >+ echo "${indent}${indent}<elementB>" >+ echo "${indent}${indent}${indent}Some content" >+ echo "${indent}${indent}</elementB><elementC>" >+ echo "${indent}${indent}${indent}Another content</elementC>" >+ echo "${indent}</elementA>" >+ echo >+ echo "Use instead:" >+ echo >+ echo "${indent}<elementA attribute=\"value\">" >+ echo "${indent}${indent}<!-- I am a long and" >+ echo "${indent}${indent}descriptive comment -->" >+ echo "${indent}${indent}<elementB>Some content</elementB>" >+ echo "${indent}${indent}<elementC>Another content</elementC>" >+ echo "${indent}</elementA>" >+ echo >+} >+ >+ossec_hids_create_file() { >+ local path=$1 >+ local owner=$2 >+ local mode=$3 >+ >+ if [ ! -e "${path}" ]; then >+ touch "${path}" && chown ${owner} "${path}" && chmod ${mode} "${path}" >+ fi >+} >+ >+ossec_hids_check() { >+ case ${ossec_type} in >+ server) >+ if [ ! -s "${ossec_client_keys}" ]; then >+ echo "WARNING: There are no client keys created - remote connections will be disabled." >+ echo >+ fi >+ ;; >+ agent) >+ if [ ! -s "${ossec_client_keys}" ]; then >+ echo "WARNING: There are is no client key imported - connection to server not possible." >+ echo >+ else >+ if [ $(eval ${agent_ids_cmd} | wc -l) -gt 1 ]; then >+ echo "ERROR: There are multiple client keys imported - only one is allowed." >+ echo >+ return 1 >+ fi >+ fi >+ ;; >+ esac >+ >+ return 0 >+} >+ >+ossec_hids_inline_content() { >+ local element="$1" >+ sed -En "s|.*<${element}>(.*)</${element}>.*|\1|p" >+} >+ >+ossec_hids_remove_comments() { >+ # Comments must be on separate lines i.e. not next to uncommented code >+ awk '/<!--/ {off=1} /-->/ {off=2} /([\s\S]*)/ {if (off==0) print; if (off==2) off=0}' >+} >+ >+ossec_hids_config_profile() { >+ if [ ! -f "${ossec_conf}" ]; then >+ echo -n "ERROR: The \"${ossec_conf}\" is missing." >+ if [ -x "${ossec_conf_bin}" ]; then >+ echo " Run:" >+ echo "$(realpath $0) merge_config" >+ else >+ echo >+ fi >+ echo >+ return 1 >+ fi >+ if [ ! -f "${agent_conf}" ]; then >+ echo "ERROR: The \"${agent_conf}\" is missing. Run:" >+ echo "$(realpath $0) fetch_config" >+ echo >+ return 1 >+ fi >+ >+ local os="FreeBSD" >+ local name=$(eval ${agent_names_cmd}) >+ >+ local server_profiles=`ossec_hids_remove_comments < "${agent_conf}" | sed -En \ >+ -e "s|.*<agent_config[[:space:]]+profile=\"([^\"]+)\"[[:space:]]*>.*|\1|p" \ >+ -e "s|.*<agent_config[[:space:]]+profile=\"([^\"]+)\"[[:space:]]+os=\"${os}\"[[:space:]]*>.*|\1|p" \ >+ -e "s|.*<agent_config[[:space:]]+os=\"${os}\"[[:space:]]+profile=\"([^\"]+)\"[[:space:]]*>.*|\1|p" \ >+ -e "s|.*<agent_config[[:space:]]+profile=\"([^\"]+)\"[[:space:]]+name=\"${name}\"[[:space:]]*>.*|\1|p" \ >+ -e "s|.*<agent_config[[:space:]]+name=\"${name}\"[[:space:]]+profile=\"([^\"]+)\"[[:space:]]*>.*|\1|p" \ >+ -e "s|.*<agent_config[[:space:]]+profile=\"([^\"]+)\"[[:space:]]+os=\"${os}\"[[:space:]]+name=\"${name}\"[[:space:]]*>.*|\1|p" \ >+ -e "s|.*<agent_config[[:space:]]+profile=\"([^\"]+)\"[[:space:]]+name=\"${name}\"[[:space:]]+os=\"${os}\"[[:space:]]*>.*|\1|p" \ >+ -e "s|.*<agent_config[[:space:]]+os=\"${os}\"[[:space:]]+profile=\"([^\"]+)\"[[:space:]]+name=\"${name}\"[[:space:]]*>.*|\1|p" \ >+ -e "s|.*<agent_config[[:space:]]+os=\"${os}\"[[:space:]]+name=\"${name}\"[[:space:]]+profile=\"([^\"]+)\"[[:space:]]*>.*|\1|p" \ >+ -e "s|.*<agent_config[[:space:]]+name=\"${name}\"[[:space:]]+profile=\"([^\"]+)\"[[:space:]]+os=\"${os}\"[[:space:]]*>.*|\1|p" \ >+ -e "s|.*<agent_config[[:space:]]+name=\"${name}\"[[:space:]]+os=\"${os}\"[[:space:]]+profile=\"([^\"]+)\"[[:space:]]*>.*|\1|p" \ >+ | sort -u` >+ >+ local agent_profiles=$(ossec_hids_remove_comments < "${ossec_conf}" | ossec_hids_inline_content "config-profile" | sed -E 's|[[:space:]]*,[[:space:]]*| |g') >+ >+ local output="" >+ for server_profile in ${server_profiles}; do >+ local matching_profile="" >+ for agent_profile in ${agent_profiles}; do >+ if [ "${agent_profile}" == "${server_profile}" ]; then >+ matching_profile="${agent_profile}" >+ break >+ fi >+ done >+ if [ -n "${matching_profile}" ]; then >+ output="${output}(+) ${server_profile} >+" >+ else >+ output="${output}(-) ${server_profile} >+" >+ fi >+ done >+ for agent_profile in ${agent_profiles}; do >+ local matching_profile="" >+ for server_profile in ${server_profiles}; do >+ if [ "${server_profile}" == "${agent_profile}" ]; then >+ matching_profile="${server_profile}" >+ break >+ fi >+ done >+ if [ -z "${matching_profile}" ]; then >+ output="${output}(?) ${agent_profile} >+" >+ fi >+ done >+ >+ echo -n "${output}" | sort -k 2 >+} >+ >+ossec_hids_config_is_outdated() { >+ local dst_file="$1" >+ local src_dir="$2" >+ >+ if [ ! -e "${dst_file}" ]; then >+ return 0 >+ fi >+ >+ if [ "${src_dir}" -nt "${dst_file}" ]; then >+ return 0 >+ fi >+ >+ for src_file in $(find "${src_dir}" -maxdepth 1 -type f -name "*.conf"); do >+ if [ "${src_file}" -nt "${dst_file}" ]; then >+ return 0 >+ fi >+ done >+ >+ return 1 >+} >+ >+ossec_hids_create_config() { >+ case ${ossec_type} in >+ server) >+ if [ -x "${agent_conf_bin}" ]; then >+ # Merge agent.conf.d files into agent.conf >+ if [ "$1" == "force" ] || ossec_hids_config_is_outdated "${agent_conf}" "${agent_conf_dir}"; then >+ ossec_hids_create_file "${agent_conf}" %%USER%%:%%OSSEC_GROUP%% 0640 >+ "${agent_conf_bin}" > "${agent_conf}" >+ fi >+ fi >+ ;; >+ esac >+ >+ if [ -x "${ossec_conf_bin}" ]; then >+ # Merge ossec.conf.d files into ossec.conf >+ if [ "$1" == "force" ] || ossec_hids_config_is_outdated "${ossec_conf}" "${ossec_conf_dir}"; then >+ ossec_hids_create_file "${ossec_conf}" %%USER%%:%%OSSEC_GROUP%% 0640 >+ "${ossec_conf_bin}" > "${ossec_conf}" >+ fi >+ fi >+ >+ return 0 >+} >+ >+ossec_hids_create_env() { >+ # Copy required files from outside of home directory >+ if [ ! -e "${ossec_local_time}" ]; then >+ echo "ERROR: Missing \"${ossec_local_time}\". Run command \"tzsetup\"." >+ echo >+ return 1 >+ fi >+ install -o %%USER%% -g %%OSSEC_GROUP%% -m 0440 "${ossec_local_time}" "${ossec_home}${ossec_local_time}" >+ >+ return 0 >+} >+ >+ossec_hids_clean() { >+ if [ "${ossec_type}" == "server" ]; then >+ rm -f "${ossec_merged}" >+ fi >+ >+ if checkyesno ossec_hids_clear_log && [ -e "${ossec_log}" ]; then >+ echo -n > "${ossec_log}" >+ fi >+ >+ if checkyesno ossec_hids_clear_ar_log && [ -e "${ossec_ar_log}" ]; then >+ echo -n > "${ossec_ar_log}" >+ fi >+ >+ return 0 >+} >+ >+ossec_hids_reset_counter() { >+ local agent_name="$1" >+ >+ ossec_hids_command stop >+ sleep 1 >+ echo >+ >+ case ${ossec_type} in >+ server) >+ if [ -z "${agent_name}" ]; then >+ echo "ERROR: Specify agent name to reset counter for this agent or \"-\" to reset counters for all agents." >+ echo >+ return 1 >+ fi >+ local agent_counter=0 >+ if [ "${agent_name}" == "-" ]; then >+ for agent_id in $(eval ${agent_ids_cmd}); do >+ if [ -e "${ossec_home}/queue/rids/${agent_id}" ]; then >+ rm "${ossec_home}/queue/rids/${agent_id}" && agent_counter=$((agent_counter + 1)) >+ fi >+ done >+ else >+ local agent_id=`${ossec_home}/bin/manage_agents -l | sed -En -e "s|.*ID:[[:space:]]*([[:digit:]]+),[[:space:]]*Name:[[:space:]]${agent_name},.*|\1|p"` >+ if [ -n "${agent_id}" ]; then >+ if [ -e "${ossec_home}/queue/rids/${agent_id}" ]; then >+ rm "${ossec_home}/queue/rids/${agent_id}" && agent_counter=$((agent_counter + 1)) >+ fi >+ fi >+ fi >+ echo "Removed ${agent_counter} counter(s)." >+ echo >+ ;; >+ agent) >+ local agent_counter=0 >+ for agent_id in $(eval ${agent_ids_cmd}); do >+ # Should be executed only once >+ if [ -e "${ossec_home}/queue/rids/${agent_id}" ]; then >+ rm "${ossec_home}/queue/rids/${agent_id}" && agent_counter=$((agent_counter + 1)) >+ fi >+ done >+ echo "Removed ${agent_counter} counter(s)." >+ echo >+ ;; >+ esac >+ >+ return 0 >+} >+ >+ossec_hids_fetch_config() { >+ ossec_hids_command stop >+ sleep 1 >+ echo >+ rm -f "${ossec_merged}" >+ ossec_hids_command start || return 1 >+ echo >+ echo "Waiting ${ossec_hids_fetch_connect_time} seconds for the shared configuration download to start." >+ sleep ${ossec_hids_fetch_connect_time} >+ if [ ! -s "${ossec_merged}" ]; then >+ echo "ERROR: Failed to download shared configuration from the OSSEC server." >+ echo >+ local ossec_log_tail=$(tail "${ossec_log}") >+ echo "Portion of the \"${ossec_log}\":" >+ echo "${ossec_log_tail}" >+ echo >+ if echo "${ossec_log_tail}" | grep -q "ERROR: Unable to send message to"; then >+ echo "Check if your configuration contains the correct server address in \"server-ip\" option." >+ echo >+ else >+ local ossec_rc_path="$(realpath $0)" >+ echo "Is the imported agent key correct? To import it run:" >+ echo "${ossec_rc_path} manage_agent" >+ echo >+ echo "If you are certain the imported agent key is correct, then run:" >+ echo "${ossec_rc_path} reset_counter" >+ echo "${ossec_rc_path} fetch_config" >+ echo >+ echo "If this does't help, you need to reset counter on the server." >+ echo "If the server runs FreeBSD port of OSSEC, run:" >+ echo "On the agent:" >+ echo "${ossec_rc_path} reset_counter" >+ echo "On the server:" >+ echo "${ossec_rc_path} reset_counter $(eval ${agent_names_cmd})" >+ echo "${ossec_rc_path} start" >+ echo "On the agent:" >+ echo "${ossec_rc_path} fetch_config" >+ echo >+ fi >+ ossec_hids_command stop >+ return 1 >+ else >+ # The download has started >+ while true; do >+ local current_time=$(date +%s) >+ local modification_time=$(stat -f %m "${ossec_merged}") >+ if [ $((current_time - modification_time)) -gt ${ossec_hids_fetch_read_time} ]; then >+ echo "Download finished." >+ echo >+ ossec_hids_command restart || return 1 >+ break; >+ else >+ echo "Download in progress..." >+ sleep ${ossec_hids_fetch_read_time} >+ fi >+ done >+ fi >+ >+ return 0 >+} >+ >+ossec_hids_ossec_conf() { >+ if [ -x "${ossec_conf_bin}" ]; then >+ "${ossec_conf_bin}" >+ elif [ -f "${ossec_conf}" ]; then >+ cat "${ossec_conf}" >+ fi >+} >+ >+ossec_hids_agent_conf() { >+ if [ -x "${agent_conf_bin}" ]; then >+ "${agent_conf_bin}" >+ elif [ -f "${agent_conf}" ]; then >+ cat "${agent_conf}" >+ fi >+} >+ >+ossec_hids_manage_agent() { >+ "${ossec_home}/bin/manage_agents" $@ >+ return $? >+} >+ >+ossec_hids_command() { >+ "${ossec_home}/bin/ossec-control" $1 >+ return $? >+} >+ >+run_rc_command "${ossec_rc_command}" > >Property changes on: security/ossec-hids-local/files/ossec-hids.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local/files/patch-src_Makefile >=================================================================== >--- security/ossec-hids-local/files/patch-src_Makefile (nonexistent) >+++ security/ossec-hids-local/files/patch-src_Makefile (working copy) >@@ -0,0 +1,10 @@ >+--- src/Makefile.orig 2018-10-11 22:25:16 UTC >++++ src/Makefile >+@@ -406,7 +406,6 @@ endif >+ install -d -m 0750 -o ${OSSEC_USER} -g ${OSSEC_GROUP} ${PREFIX}/queue/diff >+ >+ install -d -m 0550 -o root -g ${OSSEC_GROUP} ${PREFIX}/etc >+- install -m 0440 -o root -g ${OSSEC_GROUP} /etc/localtime ${PREFIX}/etc >+ >+ install -d -m 1550 -o root -g ${OSSEC_GROUP} ${PREFIX}/tmp >+ > >Property changes on: security/ossec-hids-local/files/patch-src_Makefile >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local/files/pkg-deinstall.in >=================================================================== >--- security/ossec-hids-local/files/pkg-deinstall.in (nonexistent) >+++ security/ossec-hids-local/files/pkg-deinstall.in (working copy) >@@ -0,0 +1,18 @@ >+#!/bin/sh >+ >+ossec_home="%%OSSEC_HOME%%" >+ar_conf="${ossec_home}/etc/shared/ar.conf" >+merged_mg="${ossec_home}/etc/shared/merged.mg" >+client_keys="${ossec_home}/etc/client.keys" >+firewall_drop="${ossec_home}/active-response/bin/firewall-drop.sh" >+local_time="${ossec_home}/etc/localtime" >+ >+if [ "$2" == "DEINSTALL" ]; then >+ rm -f "${ar_conf}" >+ rm -f "${merged_mg}" >+ if [ ! -s "${client_keys}" ]; then >+ rm -f "${client_keys}" >+ fi >+ rm -f "${firewall_drop}" >+ rm -f "${local_time}" >+fi > >Property changes on: security/ossec-hids-local/files/pkg-deinstall.in >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local/files/pkg-install.in >=================================================================== >--- security/ossec-hids-local/files/pkg-install.in (nonexistent) >+++ security/ossec-hids-local/files/pkg-install.in (working copy) >@@ -0,0 +1,23 @@ >+#!/bin/sh >+ >+ossec_home="%%OSSEC_HOME%%" >+client_keys="${ossec_home}/etc/client.keys" >+ >+create_file() { >+ local path=$1 >+ local owner=$2 >+ local mode=$3 >+ >+ if [ ! -e "${path}" ]; then >+ touch "${path}" && chown ${owner} "${path}" && chmod ${mode} "${path}" >+ fi >+} >+ >+if [ "$2" == "POST-INSTALL" ]; then >+ pw usermod %%OSSEC_USER%% -d "${ossec_home}" >+ pw usermod ossecm -d "${ossec_home}" >+ pw usermod ossecr -d "${ossec_home}" >+ chown %%USER%%:%%OSSEC_GROUP%% "${ossec_home}" >+ >+ create_file "${client_keys}" root:ossec 0640 >+fi > >Property changes on: security/ossec-hids-local/files/pkg-install.in >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local/files/restart-ossec.sh.in >=================================================================== >--- security/ossec-hids-local/files/restart-ossec.sh.in (nonexistent) >+++ security/ossec-hids-local/files/restart-ossec.sh.in (working copy) >@@ -0,0 +1,32 @@ >+#!/bin/sh >+ >+# This script is part of FreeBSD port - report any issues to the port MAINTAINER >+ >+ossec_type="%%OSSEC_TYPE%%" >+ossec_home="%%OSSEC_HOME%%" >+ossec_rc="%%OSSEC_RC%%" >+ >+ACTION=$1 >+USER=$2 >+IP=$3 >+ >+LOCAL=`dirname $0`; >+cd $LOCAL >+cd ../../tmp >+ >+# Logging the call >+echo "`date` $0 $1 $2 $3 $4 $5" >> "${ossec_home}/logs/active-responses.log" >+ >+case ${ACTION} in >+ add) >+ "${ossec_rc}" restart >+ exit 0 >+ ;; >+ delete) >+ exit 0 >+ ;; >+ *) >+ echo "$0: invalid action: ${ACTION}" >+ exit 1 >+ ;; >+esac > >Property changes on: security/ossec-hids-local/files/restart-ossec.sh.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local/pkg-descr >=================================================================== >--- security/ossec-hids-local/pkg-descr (nonexistent) >+++ security/ossec-hids-local/pkg-descr (working copy) >@@ -0,0 +1,6 @@ >+OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection >+System (HIDS). It has a powerful correlation and analysis engine, integrating >+log analysis, file integrity checking, Windows registry monitoring, centralized >+policy enforcement, rootkit detection, real-time alerting and active response. >+ >+WWW: https://ossec.github.io > >Property changes on: security/ossec-hids-local/pkg-descr >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local/pkg-plist-agent >=================================================================== >--- security/ossec-hids-local/pkg-plist-agent (nonexistent) >+++ security/ossec-hids-local/pkg-plist-agent (working copy) >@@ -0,0 +1,79 @@ >+@dir(,ossec,0550) %%OSSEC_HOME%% >+@dir(,ossec,0550) %%OSSEC_HOME%%/active-response >+@dir(,ossec,0550) %%OSSEC_HOME%%/active-response/bin >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/disable-account.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/firewalld-drop.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/host-deny.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ip-customblock.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ipfilter.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ipfw.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ipfw_mac.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/npf.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-pagerduty.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-slack.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-tweeter.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/pf.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/restart-ossec.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/route-null.sh >+@dir(,,0550) %%OSSEC_HOME%%/bin >+@(,,0550) %%OSSEC_HOME%%/bin/agent-auth >+@(,,0550) %%OSSEC_HOME%%/bin/manage_agents >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-agentd >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-control >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-execd >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-logcollector >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-lua >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-luac >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-syscheckd >+@(,,0550) %%OSSEC_HOME%%/bin/util.sh >+@dir(,ossec,0550) %%OSSEC_HOME%%/etc >+@(,ossec,0640) %%OSSEC_HOME%%/etc/internal_options.conf >+@sample(,ossec,0640) %%OSSEC_HOME%%/etc/local_internal_options.conf.sample >+@dir(,ossec,0770) %%OSSEC_HOME%%/etc/shared >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/acsc_office2016_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_apache2224_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_debian_linux_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_debianlinux7-8_L1_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_debianlinux7-8_L2_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_mysql5-6_community_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_mysql5-6_enterprise_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_rhel5_linux_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_rhel6_linux_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_rhel7_linux_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_rhel_linux_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_sles11_linux_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_sles12_linux_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_win10_enterprise_L1_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_win10_enterprise_L2_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_win2012r2_domainL1_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_win2012r2_domainL2_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_win2012r2_memberL1_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_win2012r2_memberL2_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_win2016_domainL1_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_win2016_domainL2_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_win2016_memberL1_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/cis_win2016_memberL2_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/rootkit_files.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/rootkit_trojans.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/system_audit_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/system_audit_ssh.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/win_applications_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/win_audit_rcl.txt >+@(ossec,ossec,0644) %%OSSEC_HOME%%/etc/shared/win_malware_rcl.txt >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/logs >+@dir(,ossec,0550) %%OSSEC_HOME%%/queue >+@dir(ossec,ossec,0770) %%OSSEC_HOME%%/queue/alerts >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/queue/diff >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/queue/ossec >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/queue/rids >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/queue/syscheck >+@dir(,ossec,1550) %%OSSEC_HOME%%/tmp >+@dir(,ossec,0550) %%OSSEC_HOME%%/var >+@dir(,ossec,0770) %%OSSEC_HOME%%/var/run >+%%PORTDOCS%%%%DOCSDIR%%/BUGS >+%%PORTDOCS%%%%DOCSDIR%%/CHANGELOG >+%%PORTDOCS%%%%DOCSDIR%%/CONTRIBUTORS >+%%PORTDOCS%%%%DOCSDIR%%/LICENSE >+%%PORTDOCS%%%%DOCSDIR%%/README.md >+%%PORTDOCS%%%%DOCSDIR%%/SUPPORT.md >+%%PORTDOCS%%%%DOCSDIR%%/ossec.conf.sample > >Property changes on: security/ossec-hids-local/pkg-plist-agent >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local/pkg-plist-local >=================================================================== >--- security/ossec-hids-local/pkg-plist-local (nonexistent) >+++ security/ossec-hids-local/pkg-plist-local (working copy) >@@ -0,0 +1,200 @@ >+@dir(,ossec,0550) %%OSSEC_HOME%% >+@dir(,ossec,0550) %%OSSEC_HOME%%/active-response >+@dir(,ossec,0550) %%OSSEC_HOME%%/active-response/bin >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/disable-account.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/firewalld-drop.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/host-deny.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ip-customblock.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ipfilter.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ipfw.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ipfw_mac.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/npf.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-pagerduty.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-slack.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-tweeter.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/pf.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/restart-ossec.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/route-null.sh >+@dir(,ossec,0550) %%OSSEC_HOME%%/agentless >+@(,ossec,0550) %%OSSEC_HOME%%/agentless/main.exp >+@(,ossec,0550) %%OSSEC_HOME%%/agentless/register_host.sh >+@(,ossec,0550) %%OSSEC_HOME%%/agentless/ssh.exp >+@(,ossec,0550) %%OSSEC_HOME%%/agentless/ssh_asa-fwsmconfig_diff >+@(,ossec,0550) %%OSSEC_HOME%%/agentless/ssh_foundry_diff >+@(,ossec,0550) %%OSSEC_HOME%%/agentless/ssh_generic_diff >+@(,ossec,0550) %%OSSEC_HOME%%/agentless/ssh_integrity_check_bsd >+@(,ossec,0550) %%OSSEC_HOME%%/agentless/ssh_integrity_check_linux >+@(,ossec,0550) %%OSSEC_HOME%%/agentless/ssh_nopass.exp >+@(,ossec,0550) %%OSSEC_HOME%%/agentless/ssh_pixconfig_diff >+@(,ossec,0550) %%OSSEC_HOME%%/agentless/sshlogin.exp >+@(,ossec,0550) %%OSSEC_HOME%%/agentless/su.exp >+@dir(,,0550) %%OSSEC_HOME%%/bin >+@(,,0550) %%OSSEC_HOME%%/bin/agent_control >+@(,,0550) %%OSSEC_HOME%%/bin/clear_stats >+@(,,0550) %%OSSEC_HOME%%/bin/list_agents >+@(,,0550) %%OSSEC_HOME%%/bin/manage_agents >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-agentlessd >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-analysisd >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-authd >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-control >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-csyslogd >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-dbd >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-execd >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-logcollector >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-logtest >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-lua >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-luac >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-maild >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-makelists >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-monitord >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-regex >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-remoted >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-reportd >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-syscheckd >+@(,,0550) %%OSSEC_HOME%%/bin/rootcheck_control >+@(,,0550) %%OSSEC_HOME%%/bin/syscheck_control >+@(,,0550) %%OSSEC_HOME%%/bin/syscheck_update >+@(,,0550) %%OSSEC_HOME%%/bin/util.sh >+@(,,0550) %%OSSEC_HOME%%/bin/verify-agent-conf >+@dir(,ossec,0550) %%OSSEC_HOME%%/etc >+@(,ossec,0640) %%OSSEC_HOME%%/etc/decoder.xml >+@(,ossec,0640) %%OSSEC_HOME%%/etc/internal_options.conf >+@sample(,ossec,0640) %%OSSEC_HOME%%/etc/local_internal_options.conf.sample >+@dir(,ossec,0770) %%OSSEC_HOME%%/etc/shared >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/acsc_office2016_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_apache2224_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_debian_linux_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_debianlinux7-8_L1_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_debianlinux7-8_L2_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_mysql5-6_community_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_mysql5-6_enterprise_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_rhel5_linux_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_rhel6_linux_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_rhel7_linux_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_rhel_linux_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_sles11_linux_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_sles12_linux_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win10_enterprise_L1_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win10_enterprise_L2_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win2012r2_domainL1_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win2012r2_domainL2_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win2012r2_memberL1_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win2012r2_memberL2_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win2016_domainL1_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win2016_domainL2_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win2016_memberL1_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win2016_memberL2_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/rootkit_files.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/rootkit_trojans.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/system_audit_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/system_audit_ssh.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/win_applications_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/win_audit_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/win_malware_rcl.txt >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/logs >+@dir(,ossec,0550) %%OSSEC_HOME%%/rules >+@(,ossec,0640) %%OSSEC_HOME%%/rules/apache_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/apparmor_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/arpwatch_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/asterisk_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/attack_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/cimserver_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/cisco-ios_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/clam_av_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/courier_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/dnsmasq_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/dovecot_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/dropbear_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/exim_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/firewall_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/firewalld_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/ftpd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/hordeimp_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/ids_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/imapd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/linux_usbdetect_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/local_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/mailscanner_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/mcafee_av_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/ms-exchange_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/ms-se_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/ms1016_usbdetect_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/ms_dhcp_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/ms_firewall_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/ms_ftpd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/ms_ipsec_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/msauth_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/mysql_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/named_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/netscreenfw_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/nginx_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/nsd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/openbsd-dhcpd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/openbsd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/opensmtpd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/ossec_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/owncloud_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/pam_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/php_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/pix_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/policy_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/postfix_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/postgresql_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/proftpd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/proxmox-ve_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/psad_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/pure-ftpd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/racoon_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/roundcube_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/rules_config.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/sendmail_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/smbd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/solaris_bsm_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/sonicwall_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/spamd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/squid_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/sshd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/symantec-av_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/symantec-ws_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/syslog_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/sysmon_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/systemd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/telnetd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/trend-osce_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/unbound_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/vmpop3d_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/vmware_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/vpn_concentrator_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/vpopmail_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/vsftpd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/web_appsec_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/web_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/wordpress_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/zeus_rules.xml >+@dir(,ossec,0700) %%OSSEC_HOME%%/.ssh >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/logs/alerts >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/logs/archives >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/logs/firewall >+@dir(,ossec,0550) %%OSSEC_HOME%%/queue >+@dir(ossecr,ossec,0750) %%OSSEC_HOME%%/queue/agent-info >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/queue/agentless >+@dir(ossec,ossec,0770) %%OSSEC_HOME%%/queue/alerts >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/queue/diff >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/queue/fts >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/queue/ossec >+@dir(ossecr,ossec,0750) %%OSSEC_HOME%%/queue/rids >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/queue/rootcheck >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/queue/syscheck >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/stats >+@dir(,ossec,1550) %%OSSEC_HOME%%/tmp >+@dir(,ossec,0550) %%OSSEC_HOME%%/var >+@dir(,ossec,0770) %%OSSEC_HOME%%/var/run >+%%PORTDOCS%%%%DOCSDIR%%/BUGS >+%%PORTDOCS%%%%DOCSDIR%%/CHANGELOG >+%%PORTDOCS%%%%DOCSDIR%%/CONTRIBUTORS >+%%PORTDOCS%%%%DOCSDIR%%/LICENSE >+%%PORTDOCS%%%%DOCSDIR%%/README.md >+%%PORTDOCS%%%%DOCSDIR%%/SUPPORT.md >+%%PORTDOCS%%%%DOCSDIR%%/ossec.conf.sample >+%%MYSQL%%%%DOCSDIR%%/mysql.schema >+%%PGSQL%%%%DOCSDIR%%/postgresql.schema > >Property changes on: security/ossec-hids-local/pkg-plist-local >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local/pkg-plist-server >=================================================================== >--- security/ossec-hids-local/pkg-plist-server (nonexistent) >+++ security/ossec-hids-local/pkg-plist-server (working copy) >@@ -0,0 +1,200 @@ >+@dir(,ossec,0550) %%OSSEC_HOME%% >+@dir(,ossec,0550) %%OSSEC_HOME%%/active-response >+@dir(,ossec,0550) %%OSSEC_HOME%%/active-response/bin >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/disable-account.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/firewalld-drop.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/host-deny.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ip-customblock.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ipfilter.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ipfw.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ipfw_mac.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/npf.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-pagerduty.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-slack.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/ossec-tweeter.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/pf.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/restart-ossec.sh >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/route-null.sh >+@dir(,ossec,0550) %%OSSEC_HOME%%/agentless >+@(,ossec,0550) %%OSSEC_HOME%%/agentless/main.exp >+@(,ossec,0550) %%OSSEC_HOME%%/agentless/register_host.sh >+@(,ossec,0550) %%OSSEC_HOME%%/agentless/ssh.exp >+@(,ossec,0550) %%OSSEC_HOME%%/agentless/ssh_asa-fwsmconfig_diff >+@(,ossec,0550) %%OSSEC_HOME%%/agentless/ssh_foundry_diff >+@(,ossec,0550) %%OSSEC_HOME%%/agentless/ssh_generic_diff >+@(,ossec,0550) %%OSSEC_HOME%%/agentless/ssh_integrity_check_bsd >+@(,ossec,0550) %%OSSEC_HOME%%/agentless/ssh_integrity_check_linux >+@(,ossec,0550) %%OSSEC_HOME%%/agentless/ssh_nopass.exp >+@(,ossec,0550) %%OSSEC_HOME%%/agentless/ssh_pixconfig_diff >+@(,ossec,0550) %%OSSEC_HOME%%/agentless/sshlogin.exp >+@(,ossec,0550) %%OSSEC_HOME%%/agentless/su.exp >+@dir(,,0550) %%OSSEC_HOME%%/bin >+@(,,0550) %%OSSEC_HOME%%/bin/agent_control >+@(,,0550) %%OSSEC_HOME%%/bin/clear_stats >+@(,,0550) %%OSSEC_HOME%%/bin/list_agents >+@(,,0550) %%OSSEC_HOME%%/bin/manage_agents >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-agentlessd >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-analysisd >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-authd >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-control >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-csyslogd >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-dbd >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-execd >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-logcollector >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-logtest >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-lua >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-luac >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-maild >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-makelists >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-monitord >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-regex >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-remoted >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-reportd >+@(,,0550) %%OSSEC_HOME%%/bin/ossec-syscheckd >+@(,,0550) %%OSSEC_HOME%%/bin/rootcheck_control >+@(,,0550) %%OSSEC_HOME%%/bin/syscheck_control >+@(,,0550) %%OSSEC_HOME%%/bin/syscheck_update >+@(,,0550) %%OSSEC_HOME%%/bin/util.sh >+@(,,0550) %%OSSEC_HOME%%/bin/verify-agent-conf >+@dir(,ossec,0550) %%OSSEC_HOME%%/etc >+@(,ossec,0640) %%OSSEC_HOME%%/etc/decoder.xml >+@(,ossec,0640) %%OSSEC_HOME%%/etc/internal_options.conf >+@sample(,ossec,0640) %%OSSEC_HOME%%/etc/local_internal_options.conf.sample >+@dir(,ossec,0770) %%OSSEC_HOME%%/etc/shared >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/acsc_office2016_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_apache2224_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_debian_linux_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_debianlinux7-8_L1_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_debianlinux7-8_L2_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_mysql5-6_community_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_mysql5-6_enterprise_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_rhel5_linux_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_rhel6_linux_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_rhel7_linux_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_rhel_linux_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_sles11_linux_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_sles12_linux_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win10_enterprise_L1_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win10_enterprise_L2_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win2012r2_domainL1_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win2012r2_domainL2_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win2012r2_memberL1_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win2012r2_memberL2_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win2016_domainL1_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win2016_domainL2_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win2016_memberL1_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/cis_win2016_memberL2_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/rootkit_files.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/rootkit_trojans.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/system_audit_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/system_audit_ssh.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/win_applications_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/win_audit_rcl.txt >+@(ossec,ossec,0640) %%OSSEC_HOME%%/etc/shared/win_malware_rcl.txt >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/logs >+@dir(,ossec,0550) %%OSSEC_HOME%%/rules >+@(,ossec,0640) %%OSSEC_HOME%%/rules/apache_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/apparmor_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/arpwatch_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/asterisk_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/attack_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/cimserver_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/cisco-ios_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/clam_av_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/courier_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/dnsmasq_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/dovecot_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/dropbear_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/exim_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/firewall_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/firewalld_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/ftpd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/hordeimp_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/ids_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/imapd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/linux_usbdetect_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/local_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/mailscanner_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/mcafee_av_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/ms-exchange_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/ms-se_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/ms1016_usbdetect_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/ms_dhcp_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/ms_firewall_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/ms_ftpd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/ms_ipsec_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/msauth_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/mysql_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/named_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/netscreenfw_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/nginx_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/nsd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/openbsd-dhcpd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/openbsd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/opensmtpd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/ossec_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/owncloud_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/pam_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/php_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/pix_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/policy_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/postfix_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/postgresql_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/proftpd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/proxmox-ve_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/psad_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/pure-ftpd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/racoon_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/roundcube_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/rules_config.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/sendmail_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/smbd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/solaris_bsm_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/sonicwall_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/spamd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/squid_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/sshd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/symantec-av_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/symantec-ws_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/syslog_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/sysmon_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/systemd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/telnetd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/trend-osce_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/unbound_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/vmpop3d_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/vmware_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/vpn_concentrator_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/vpopmail_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/vsftpd_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/web_appsec_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/web_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/wordpress_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/zeus_rules.xml >+@dir(,ossec,0700) %%OSSEC_HOME%%/.ssh >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/logs/alerts >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/logs/archives >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/logs/firewall >+@dir(,ossec,0550) %%OSSEC_HOME%%/queue >+@dir(ossecr,ossec,0750) %%OSSEC_HOME%%/queue/agent-info >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/queue/agentless >+@dir(ossec,ossec,0770) %%OSSEC_HOME%%/queue/alerts >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/queue/diff >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/queue/fts >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/queue/ossec >+@dir(ossecr,ossec,0750) %%OSSEC_HOME%%/queue/rids >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/queue/rootcheck >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/queue/syscheck >+@dir(ossec,ossec,0750) %%OSSEC_HOME%%/stats >+@dir(,ossec,1550) %%OSSEC_HOME%%/tmp >+@dir(,ossec,0550) %%OSSEC_HOME%%/var >+@dir(,ossec,0770) %%OSSEC_HOME%%/var/run >+%%PORTDOCS%%%%DOCSDIR%%/BUGS >+%%PORTDOCS%%%%DOCSDIR%%/CHANGELOG >+%%PORTDOCS%%%%DOCSDIR%%/CONTRIBUTORS >+%%PORTDOCS%%%%DOCSDIR%%/LICENSE >+%%PORTDOCS%%%%DOCSDIR%%/README.md >+%%PORTDOCS%%%%DOCSDIR%%/SUPPORT.md >+%%PORTDOCS%%%%DOCSDIR%%/ossec.conf.sample >+%%MYSQL%%%%DOCSDIR%%/mysql.schema >+%%PGSQL%%%%DOCSDIR%%/postgresql.schema > >Property changes on: security/ossec-hids-local/pkg-plist-server >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local/scripts/plist.sh >=================================================================== >--- security/ossec-hids-local/scripts/plist.sh (nonexistent) >+++ security/ossec-hids-local/scripts/plist.sh (working copy) >@@ -0,0 +1,119 @@ >+#!/bin/sh >+ >+# Script generates entries for pkg-plist. >+# Do not use it directly. Use the following command instead: >+# >+# make MAINTAINER_MODE=yes clean plist >+ >+OSSEC_TYPE=$1 >+OSSEC_HOME=$2 >+PLIST=$3 >+WORKDIR=$4 >+STAGEDIR=$5 >+ >+staged_plist="${WORKDIR}/.staged-plist" >+fixed_lines="" >+if [ "${OSSEC_TYPE}" != "agent" ]; then >+ fixed_lines="${fixed_lines} %%MYSQL%%%%DOCSDIR%%/mysql.schema %%PGSQL%%%%DOCSDIR%%/postgresql.schema" >+fi >+skip_lines="%%PORTDOCS%%%%DOCSDIR%%/mysql.schema %%PORTDOCS%%%%DOCSDIR%%/postgresql.schema" >+skip_paths="/etc/ossec.conf /etc/client.keys /logs/active-responses.log /logs/ossec.log /lua" >+sample_paths="/etc/local_internal_options.conf.sample" >+if [ "${OSSEC_TYPE}" == "agent" ]; then >+ skip_paths="${skip_paths} /rules /agentless /.ssh" >+fi >+ >+print_path() { >+ local path="$1" >+ local command="$2" >+ local full_path="${STAGEDIR}${OSSEC_HOME}${path}" >+ if [ -z "${command}" ]; then >+ command="@" >+ if [ -d "${full_path}" ]; then >+ command="@dir" >+ fi >+ fi >+ local user=`stat -f "%Su" "${full_path}"` >+ if [ "${user}" == "${USER}" ]; then >+ user="" >+ fi >+ local group=`stat -f "%Sg" "${full_path}"` >+ if [ "${group}" == "${GROUP}" ]; then >+ group="" >+ fi >+ local mode=`stat -f "%p" "${full_path}" | tail -c 5` >+ echo -e "${command}(${user},${group},${mode}) %%OSSEC_HOME%%${path}" >> "${PLIST}" >+} >+ >+echo -n > "${PLIST}" >+ >+print_path >+ >+done_paths="" >+while read line; do >+ skip_line="" >+ for e in ${skip_lines}; do >+ if [ "${e}" == "${line}" ]; then >+ skip_line="${e}" >+ break >+ fi >+ done >+ if [ -z "${skip_line}" ]; then >+ path="" >+ case $line in >+ "@dir %%OSSEC_HOME%%"*) >+ path=`echo "${line}" | sed -e "s|@dir %%OSSEC_HOME%%||g"` >+ ;; >+ "%%OSSEC_HOME%%"*) >+ path=`echo "${line}" | sed -e "s|%%OSSEC_HOME%%||g"` >+ ;; >+ "%%"*) >+ unchanged_lines="${unchanged_lines} ${line}" >+ ;; >+ esac >+ if [ -n "${path}" ]; then >+ segments=`echo "${path}" | tr "/" "\n"` >+ path="" >+ for segment in ${segments}; do >+ path="${path}/${segment}" >+ skip_path="" >+ for e in ${skip_paths}; do >+ if [ "${e}" == "${path}" ]; then >+ skip_path="${e}" >+ break >+ fi >+ done >+ if [ -n "${skip_path}" ]; then >+ break >+ fi >+ done_path="" >+ for e in ${done_paths}; do >+ if [ "${e}" == "${path}" ]; then >+ done_path="${e}" >+ break >+ fi >+ done >+ if [ -z "${done_path}" ]; then >+ done_paths="${done_paths} ${path}" >+ sample_path="" >+ for e in ${sample_paths}; do >+ if [ "${e}" == "${path}" ]; then >+ sample_path="${e}" >+ break >+ fi >+ done >+ if [ -n "${sample_path}" ]; then >+ print_path "${path}" @sample >+ else >+ print_path "${path}" >+ fi >+ fi >+ done >+ fi >+ fi >+done < "${staged_plist}" >+ >+unchanged_lines="${unchanged_lines} ${fixed_lines}" >+for line in ${unchanged_lines}; do >+ echo "${line}" >> "${PLIST}" >+done > >Property changes on: security/ossec-hids-local/scripts/plist.sh >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:executable >## -0,0 +1 ## >+* >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/Makefile >=================================================================== >--- security/ossec-hids-local-config/Makefile (nonexistent) >+++ security/ossec-hids-local-config/Makefile (working copy) >@@ -0,0 +1,456 @@ >+# $FreeBSD$ >+ >+PORTNAME= ossec-hids >+PORTVERSION= 3.1.0 >+PORTREVISION= >+CATEGORIES= security >+PKGNAMESUFFIX= -${OSSEC_TYPE}-config >+ >+MAINTAINER= dominik.lisiak@bemsoft.pl >+COMMENT= Configuration manager for ossec-hids >+ >+LICENSE= GPLv2 >+ >+OSSEC_TYPE?= local >+ >+MASTERDIR?= ${.CURDIR} >+ >+.if ${OSSEC_TYPE} == local >+CONFLICTS_INSTALL= ossec-hids-client-* \ >+ ossec-hids-agent-* \ >+ ossec-hids-server-* >+.elif ${OSSEC_TYPE} == agent >+CONFLICTS_INSTALL= ossec-hids-client-* \ >+ ossec-hids-local-* \ >+ ossec-hids-server-* >+.elif ${OSSEC_TYPE} == server >+CONFLICTS_INSTALL= ossec-hids-client-* \ >+ ossec-hids-agent-* \ >+ ossec-hids-local-* >+.endif >+ >+.if !defined(MAINTAINER_MODE) >+RUN_DEPENDS= ossec-hids-${OSSEC_TYPE}>=${PORTVERSION}:security/ossec-hids-${OSSEC_TYPE} >+.endif >+ >+.if defined(MAINTAINER_MODE) >+USE_GITHUB= yes >+GH_ACCOUNT= ossec >+.else >+MASTER_SITES= # >+DISTFILES= # >+EXTRACT_ONLY= # >+.endif >+NO_BUILD= yes >+NO_ARCH= yes >+ >+OPTIONS_SUB= yes >+ >+OPTIONS_SINGLE= FIREWALL >+OPTIONS_SINGLE_FIREWALL= IPF IPFW PF >+ >+OPTIONS_DEFAULT+= IPF >+ >+FIREWALL_DESC= Active Response Firewall >+PF_DESC= Packet Filter >+IPFW_DESC= ipfirewall >+IPF_DESC= ipfilter >+ >+TEMPL_ENABLED_HEADER= template-header-enabled.xml >+TEMPL_DISABLED_HEADER= template-header-disabled.xml >+TEMPL_SAMPLE_HEADER= template-header-sample.xml >+TEMPL_PUSHED_ENABLED_HEADER= ${TEMPL_ENABLED_HEADER} >+TEMPL_PUSHED_DISABLED_HEADER= ${TEMPL_DISABLED_HEADER} >+ >+TEMPL_SAMPLE= template-sample-${OSSEC_TYPE}.xml >+TEMPL_SAMPLE_DB= template-sample-database.xml >+ >+PF_VARS= FW_DROP=pf.sh PKGMSG_FILES+=message-pf >+IPFW_VARS= FW_DROP=ipfw.sh >+IPF_VARS= FW_DROP=ipfilter.sh >+ >+.if defined(MAINTAINER_MODE) >+OSSEC_HOME= ${PREFIX}/${PORTNAME} >+.else >+OSSEC_HOME?= ${PREFIX}/${PORTNAME} >+.endif >+OSSEC_RC= ${PREFIX}/etc/rc.d/ossec-hids >+TEMPL_TO_OSSEC= ${SCRIPTDIR}/template-to-ossec.sh ${OSSEC_TYPE} ${OSSEC_HOME} >+TEMPL_TO_AGENT= ${SCRIPTDIR}/template-to-agent.sh ${OSSEC_TYPE} ${OSSEC_HOME} >+ >+OSSEC_DIR= ${STAGEDIR}${OSSEC_HOME} >+BIN_DIR= ${OSSEC_DIR}/bin >+CONF_BIN_DIR= ${BIN_DIR}/config >+OSSEC_CONF_BIN= ${CONF_BIN_DIR}/ossec-conf >+AGENT_CONF_BIN= ${CONF_BIN_DIR}/agent-conf >+COMMAND_BIN_DIR= ${BIN_DIR}/command >+ >+AR_BIN_DIR= ${OSSEC_DIR}/active-response/bin >+MERGE_CONFIG_BIN= ${AR_BIN_DIR}/merge-config.sh >+ >+ETC_DIR= ${OSSEC_DIR}/etc >+OSSEC_CONF_DIR= ${ETC_DIR}/ossec.conf.d >+AGENT_CONF_DIR= ${ETC_DIR}/agent.conf.d >+OSSEC_LOCAL_CONF_DIR= ${OSSEC_CONF_DIR}/disabled >+AGENT_LOCAL_CONF_DIR= ${AGENT_CONF_DIR}/disabled >+OSSEC_SAMPLE_CONF= ${OSSEC_CONF_DIR}/900.local.conf.sample >+COMMAND_CONF_DIR= ${ETC_DIR} >+COMMAND_CONF= ${COMMAND_CONF_DIR}/command.conf.sample >+RULES_DIR= ${OSSEC_DIR}/rules >+ >+.if empty(USER) >+USER=$$(${ID} -un) >+.endif >+.if empty(GROUP) >+GROUP=$$(${ID} -gn) >+.endif >+ >+OSSEC_USER= ossec >+OSSEC_GROUP= ossec >+ >+SUB_LIST+= PORTNAME=${PORTNAME} \ >+ OSSEC_TYPE=${OSSEC_TYPE} \ >+ OSSEC_HOME=${OSSEC_HOME} \ >+ VERSION=${PORTVERSION} \ >+ USER=${USER} \ >+ OSSEC_USER=${OSSEC_USER} \ >+ OSSEC_GROUP=${OSSEC_GROUP} \ >+ OSSEC_RC=${OSSEC_RC} \ >+ FW_DROP=${FW_DROP} >+SUB_FILES= pkg-install \ >+ pkg-deinstall \ >+ ${PKGMSG_FILES} \ >+ ${TEMPL_ENABLED_HEADER} \ >+ ${TEMPL_DISABLED_HEADER} \ >+ ${TEMPL_SAMPLE_HEADER} \ >+ ${TEMPL_PUSHED_ENABLED_HEADER} \ >+ ${TEMPL_PUSHED_DISABLED_HEADER} \ >+ ${TEMPL_SAMPLE} \ >+ merge-config.sh \ >+ ossec-conf \ >+ command.conf >+.if ${OSSEC_TYPE} == server >+SUB_FILES+= agent-conf >+.endif >+ >+.if defined(MAINTAINER_MODE) >+PLIST_SUB= OSSEC_HOME=${PORTNAME} >+.else >+PLIST_SUB= OSSEC_HOME=${OSSEC_HOME} >+.endif >+PLIST= ${PKGDIR}/pkg-plist-${OSSEC_TYPE} >+PKGHELP= ${PKGDIR}/pkg-help-${OSSEC_TYPE} >+PKGMESSAGE= ${WRKDIR}/pkg-message >+PKGMSG_FILES= message-ossec-conf >+.if ${OSSEC_TYPE} == server >+PKGMSG_FILES+= message-agent-conf >+.endif >+ >+CONF_GROUPS= RULES AR ROOTCHECK SYSCHECK CMDOUT LOGS >+ >+############################################################ >+ >+.for conf_group in ${CONF_GROUPS} >+. include "${MASTERDIR}/opt-${conf_group:tl}.mk" >+${conf_group}_INSTANCE_OPTIONS= >+${conf_group}_PUSHED_OPTIONS= >+. for option in ${${conf_group}_OPTIONS} >+. if ${${option}_DEFINE:M${OSSEC_TYPE}} >+${conf_group}_INSTANCE_OPTIONS+= ${option} >+${conf_group}_ALL_OPTIONS+= ${option} >+. endif >+. if ${${option}_DEFINE:Mpushed} >+. if ${OSSEC_TYPE} == server >+${conf_group}_PUSHED_OPTIONS+= ${option} >+. endif >+. if !${${conf_group}_ALL_OPTIONS:M${option}} >+${conf_group}_ALL_OPTIONS+= ${option} >+. endif >+. endif >+. endfor >+.endfor >+ >+############################################################ >+ >+.for conf_group in ${CONF_GROUPS} >+. if !empty(${conf_group}_PROFILE) >+. if ${OSSEC_TYPE} == agent >+. if empty(CLIENT_PROFILES) >+CLIENT_PROFILES:= ${${conf_group}_PROFILE} >+. else >+CLIENT_PROFILES:= ${CLIENT_PROFILES}, ${${conf_group}_PROFILE} >+. endif >+. endif >+SUB_LIST+= ${conf_group}_PROFILE=${${conf_group}_PROFILE} >+. endif >+. for option in ${${conf_group}_ALL_OPTIONS} >+. if !empty(${option}_PROFILE) >+. if ${OSSEC_TYPE} == agent >+. if empty(CLIENT_PROFILES) >+CLIENT_PROFILES:= ${${option}_PROFILE} >+. else >+CLIENT_PROFILES:= ${CLIENT_PROFILES}, ${${option}_PROFILE} >+. endif >+. endif >+SUB_LIST+= ${option}_PROFILE=${${option}_PROFILE} >+. endif >+. endfor >+.endfor >+ >+SUB_LIST+= CLIENT_PROFILES="${CLIENT_PROFILES}" >+ >+############################################################ >+ >+.for conf_group in ${CONF_GROUPS} >+. for option in ${${conf_group}_ALL_OPTIONS} >+. if !defined(${option}_TEMPLATE) >+${option}_TEMPLATE= template-${option:tl:S/_/-/g}.xml >+. endif >+. if !empty(${option}_TEMPLATE) && !${SUB_FILES:M${${option}_TEMPLATE}} >+SUB_FILES+= ${${option}_TEMPLATE} >+. endif >+. endfor >+.endfor >+ >+.for file_name in ${RULES_FILES} >+SUB_FILES+= rules-${file_name}.xml >+.endfor >+ >+.for file_name in ${CMDOUT_SCRIPTS} >+SUB_FILES+= command-${file_name}.sh >+.endfor >+ >+############################################################ >+ >+.for conf_group in ${CONF_GROUPS} >+. for option in ${${conf_group}_INSTANCE_OPTIONS} >+. if !empty(${option}_DEPENDS) && !empty(${${option}_DEPENDS}_OPTION) && ${${${option}_DEPENDS:S/_/ /:[1]}_INSTANCE_OPTIONS:M${${option}_DEPENDS}} >+${${${option}_DEPENDS}_OPTION}_VARS+= ${conf_group}_INSTANCE_OPTIONS_ENABLED+=${option} >+${${${option}_DEPENDS}_OPTION}_VARS_OFF+= ${conf_group}_INSTANCE_OPTIONS_DISABLED+=${option} >+. elif !empty(${option}_OPTION) >+OPTIONS_GROUP_G_${conf_group}+= ${${option}_OPTION} >+${${option}_OPTION}_DESC= ${${option}_DESC} >+. if ${${option}_DEFAULT:M${OSSEC_TYPE}} >+OPTIONS_DEFAULT+= ${${option}_OPTION} >+. endif >+${${option}_OPTION}_VARS+= ${conf_group}_INSTANCE_OPTIONS_ENABLED+=${option} >+${${option}_OPTION}_VARS_OFF+= ${conf_group}_INSTANCE_OPTIONS_DISABLED+=${option} >+. endif >+. endfor >+. if !empty(OPTIONS_GROUP_G_${conf_group}) >+OPTIONS_GROUP+= G_${conf_group} >+G_${conf_group}_DESC= ${${conf_group}_DESC} >+. endif >+.endfor >+ >+############################################################ >+ >+.for conf_group in ${CONF_GROUPS} >+. for option in ${${conf_group}_PUSHED_OPTIONS} >+. if !empty(${option}_DEPENDS) && !empty(${${option}_DEPENDS}_OPTION) && ${${${option}_DEPENDS:S/_/ /:[1]}_PUSHED_OPTIONS:M${${option}_DEPENDS}} >+${${${option}_DEPENDS}_OPTION}_P_VARS+= ${conf_group}_PUSHED_OPTIONS_ENABLED+=${option} >+${${${option}_DEPENDS}_OPTION}_P_VARS_OFF+= ${conf_group}_PUSHED_OPTIONS_DISABLED+=${option} >+. elif !empty(${option}_DEPENDS) && !empty(${${option}_DEPENDS}_OPTION) && ${${${option}_DEPENDS:S/_/ /:[1]}_INSTANCE_OPTIONS:M${${option}_DEPENDS}} >+${${${option}_DEPENDS}_OPTION}_VARS+= ${conf_group}_PUSHED_OPTIONS_ENABLED+=${option} >+${${${option}_DEPENDS}_OPTION}_VARS_OFF+= ${conf_group}_PUSHED_OPTIONS_DISABLED+=${option} >+. elif !empty(${option}_OPTION) >+OPTIONS_GROUP_G_${conf_group}_P+= ${${option}_OPTION}_P >+${${option}_OPTION}_P_DESC= ${${option}_DESC} >+. if !empty(${option}_PROFILE) >+${${option}_OPTION}_P_DESC+= (profile: ${${option}_PROFILE}) >+. endif >+. if ${${option}_DEFAULT:Mpushed} >+OPTIONS_DEFAULT+= ${${option}_OPTION}_P >+. endif >+${${option}_OPTION}_P_VARS+= ${conf_group}_PUSHED_OPTIONS_ENABLED+=${option} >+${${option}_OPTION}_P_VARS_OFF+= ${conf_group}_PUSHED_OPTIONS_DISABLED+=${option} >+. endif >+. endfor >+. if !empty(OPTIONS_GROUP_G_${conf_group}_P) >+OPTIONS_GROUP+= G_${conf_group}_P >+G_${conf_group}_P_DESC= Pushed ${${conf_group}_DESC} >+. if !empty(${conf_group}_PROFILE) >+G_${conf_group}_P_DESC+= (profile: ${${conf_group}_PROFILE}) >+. endif >+. endif >+.endfor >+ >+############################################################ >+ >+.include <bsd.port.pre.mk> >+ >+show-opts: >+.for conf_group in ${CONF_GROUPS} >+ @${ECHO_CMD} "${conf_group}: ${${conf_group}_DESC}" >+. for option in ${${conf_group}_INSTANCE_OPTIONS} >+ @${ECHO_CMD} " ${option}: ${${option}_DESC}" >+. if empty(${option}_TEMPLATE) >+ @${ECHO_CMD} " Template: -" >+. else >+ @${ECHO_CMD} " Template: ${${option}_TEMPLATE}" >+. endif >+. if !empty(${conf_group}_INSTANCE_OPTIONS_ENABLED) && ${${conf_group}_INSTANCE_OPTIONS_ENABLED:M${option}} >+ @${ECHO_CMD} " Enabled: true" >+. endif >+. if !empty(${conf_group}_INSTANCE_OPTIONS_DISABLED) && ${${conf_group}_INSTANCE_OPTIONS_DISABLED:M${option}} >+ @${ECHO_CMD} " Enabled: false" >+. endif >+. if !empty(${conf_group}_PUSHED_OPTIONS_ENABLED) && ${${conf_group}_PUSHED_OPTIONS_ENABLED:M${option}} >+ @${ECHO_CMD} " Pushed: true" >+. endif >+. if !empty(${conf_group}_PUSHED_OPTIONS_DISABLED) && ${${conf_group}_PUSHED_OPTIONS_DISABLED:M${option}} >+ @${ECHO_CMD} " Pushed: false" >+. endif >+. endfor >+.endfor >+ >+pre-install: >+ @-${OSSEC_HOME}/bin/ossec-dbd -h 2>&1 | ${GREP} -q 'PostgreSQL' && \ >+ ${SED} -e 's|%%OSSEC_HOME%%|${OSSEC_HOME}|g' -e 's|%%DB_TYPE%%|postgresql|g' \ >+ ${FILESDIR}/${TEMPL_SAMPLE_DB}.in > ${WRKDIR}/${TEMPL_SAMPLE_DB} >+ @-${OSSEC_HOME}/bin/ossec-dbd -h 2>&1 | ${GREP} -q 'MySQL' && \ >+ ${SED} -e 's|%%OSSEC_HOME%%|${OSSEC_HOME}|g' -e 's|%%DB_TYPE%%|mysql|g' \ >+ ${FILESDIR}/${TEMPL_SAMPLE_DB}.in > ${WRKDIR}/${TEMPL_SAMPLE_DB} >+ >+ossec-dirs: >+ @${MKDIR} -p ${CONF_BIN_DIR} ${COMMAND_BIN_DIR} ${AR_BIN_DIR} ${OSSEC_CONF_DIR} ${OSSEC_LOCAL_CONF_DIR} ${COMMAND_CONF_DIR} >+.if ${OSSEC_TYPE} != agent >+ @${MKDIR} -p ${RULES_DIR} >+.endif >+.if ${OSSEC_TYPE} == server >+ @${MKDIR} -p ${AGENT_CONF_DIR} ${AGENT_LOCAL_CONF_DIR} >+.endif >+ >+ossec-scripts: >+ @${CP} -f ${WRKDIR}/ossec-conf ${OSSEC_CONF_BIN} >+.if ${OSSEC_TYPE} == server >+ @${CP} -f ${WRKDIR}/agent-conf ${AGENT_CONF_BIN} >+.endif >+.for file_name in ${CMDOUT_SCRIPTS} >+ @${CP} -f ${WRKDIR}/command-${file_name}.sh ${COMMAND_BIN_DIR}/${file_name}.sh >+.endfor >+ @${CP} -f ${WRKDIR}/command.conf ${COMMAND_CONF} >+ @${CP} -f ${WRKDIR}/merge-config.sh ${MERGE_CONFIG_BIN} >+ >+ossec-rules: >+.if ${OSSEC_TYPE} != agent >+. for file_name in ${RULES_FILES} >+ @${SED} -e 's|<?xml.*?>||' ${WRKDIR}/rules-${file_name}.xml > ${RULES_DIR}/freebsd_${file_name}_rules.xml >+. endfor >+.endif >+ >+ossec-conf-managed: >+.for conf_group in ${CONF_GROUPS} >+. if !empty(${conf_group}_INSTANCE_OPTIONS) >+ @${CAT} ${WRKDIR}/${TEMPL_ENABLED_HEADER} > ${OSSEC_CONF_DIR}/${${conf_group}_MANAGED_CONF} >+. if !empty(${conf_group}_INSTANCE_OPTIONS_ENABLED) >+. for option in ${${conf_group}_INSTANCE_OPTIONS} >+. if ${${conf_group}_INSTANCE_OPTIONS_ENABLED:M${option}} >+. if !empty(${option}_TEMPLATE) >+ @${ECHO_CMD} "<!-- Enabled ${${option}_OPTION} -->" >> ${OSSEC_CONF_DIR}/${${conf_group}_MANAGED_CONF} >+ @${TEMPL_TO_OSSEC} ${WRKDIR}/${${option}_TEMPLATE} >> ${OSSEC_CONF_DIR}/${${conf_group}_MANAGED_CONF} >+ @${ECHO_CMD} >> ${OSSEC_CONF_DIR}/${${conf_group}_MANAGED_CONF} >+. endif >+. endif >+. endfor >+. endif >+. endif >+.endfor >+ >+ossec-conf-local: >+.for conf_group in ${CONF_GROUPS} >+. if !empty(${conf_group}_INSTANCE_OPTIONS) >+ @${CAT} ${WRKDIR}/${TEMPL_DISABLED_HEADER} > ${OSSEC_LOCAL_CONF_DIR}/${${conf_group}_LOCAL_CONF} >+. if !empty(${conf_group}_INSTANCE_OPTIONS_DISABLED) >+. for option in ${${conf_group}_INSTANCE_OPTIONS} >+. if ${${conf_group}_INSTANCE_OPTIONS_DISABLED:M${option}} >+. if !empty(${option}_TEMPLATE) >+ @${ECHO_CMD} "<!-- Disabled ${${option}_OPTION} -->" >> ${OSSEC_LOCAL_CONF_DIR}/${${conf_group}_LOCAL_CONF} >+ @${TEMPL_TO_OSSEC} ${WRKDIR}/${${option}_TEMPLATE} >> ${OSSEC_LOCAL_CONF_DIR}/${${conf_group}_LOCAL_CONF} >+ @${ECHO_CMD} >> ${OSSEC_LOCAL_CONF_DIR}/${${conf_group}_LOCAL_CONF} >+. endif >+. endif >+. endfor >+. endif >+. endif >+.endfor >+ >+ossec-conf-sample: >+ @${CAT} ${WRKDIR}/${TEMPL_SAMPLE_HEADER} > ${OSSEC_SAMPLE_CONF} >+ @${ECHO_CMD} >> ${OSSEC_SAMPLE_CONF} >+ @${TEMPL_TO_OSSEC} ${WRKDIR}/${TEMPL_SAMPLE} >> ${OSSEC_SAMPLE_CONF} >+ @${ECHO_CMD} >> ${OSSEC_SAMPLE_CONF} >+ @-${TEST} -f ${WRKDIR}/${TEMPL_SAMPLE_DB} && \ >+ ${TEMPL_TO_OSSEC} ${WRKDIR}/${TEMPL_SAMPLE_DB} >> ${OSSEC_SAMPLE_CONF} && \ >+ ${ECHO_CMD} >> ${OSSEC_SAMPLE_CONF} >+ >+agent-conf-managed: >+.for conf_group in ${CONF_GROUPS} >+. if !empty(${conf_group}_PUSHED_OPTIONS) >+ @${CAT} ${WRKDIR}/${TEMPL_PUSHED_ENABLED_HEADER} > ${AGENT_CONF_DIR}/${${conf_group}_MANAGED_CONF} >+. if !empty(${conf_group}_PUSHED_OPTIONS_ENABLED) >+. for option in ${${conf_group}_PUSHED_OPTIONS} >+. if ${${conf_group}_PUSHED_OPTIONS_ENABLED:M${option}} >+. if !empty(${option}_TEMPLATE) >+ @${ECHO_CMD} "<!-- Enabled ${${option}_OPTION}_P -->" >> ${AGENT_CONF_DIR}/${${conf_group}_MANAGED_CONF} >+ @${TEMPL_TO_AGENT} ${WRKDIR}/${${option}_TEMPLATE} >> ${AGENT_CONF_DIR}/${${conf_group}_MANAGED_CONF} >+ @${ECHO_CMD} >> ${AGENT_CONF_DIR}/${${conf_group}_MANAGED_CONF} >+. endif >+. endif >+. endfor >+. endif >+. endif >+.endfor >+ >+agent-conf-local: >+.for conf_group in ${CONF_GROUPS} >+. if !empty(${conf_group}_PUSHED_OPTIONS) >+ @${CAT} ${WRKDIR}/${TEMPL_PUSHED_DISABLED_HEADER} > ${AGENT_LOCAL_CONF_DIR}/${${conf_group}_LOCAL_CONF} >+. if !empty(${conf_group}_PUSHED_OPTIONS_DISABLED) >+. for option in ${${conf_group}_PUSHED_OPTIONS} >+. if ${${conf_group}_PUSHED_OPTIONS_DISABLED:M${option}} >+. if !empty(${option}_TEMPLATE) >+ @${ECHO_CMD} "<!-- Disabled ${${option}_OPTION}_P -->" >> ${AGENT_LOCAL_CONF_DIR}/${${conf_group}_LOCAL_CONF} >+ @${TEMPL_TO_AGENT} ${WRKDIR}/${${option}_TEMPLATE} >> ${AGENT_LOCAL_CONF_DIR}/${${conf_group}_LOCAL_CONF} >+ @${ECHO_CMD} >> ${AGENT_LOCAL_CONF_DIR}/${${conf_group}_LOCAL_CONF} >+. endif >+. endif >+. endfor >+. endif >+. endif >+.endfor >+ >+do-install: ossec-dirs ossec-scripts ossec-rules ossec-conf-managed ossec-conf-local ossec-conf-sample agent-conf-managed agent-conf-local >+ >+ossec-permissions: >+ @${CHMOD} -R 550 ${OSSEC_DIR} >+ @${CHMOD} 640 ${COMMAND_CONF} ${OSSEC_CONF_DIR}/* ${OSSEC_LOCAL_CONF_DIR}/* >+ @${CHMOD} 550 ${OSSEC_CONF_DIR} ${OSSEC_LOCAL_CONF_DIR} >+.if ${OSSEC_TYPE} != agent >+ @${CHMOD} 640 ${RULES_DIR}/* >+.endif >+.if ${OSSEC_TYPE} == server >+ @${CHMOD} 640 ${AGENT_CONF_DIR}/* ${AGENT_LOCAL_CONF_DIR}/* >+ @${CHMOD} 550 ${AGENT_CONF_DIR} ${AGENT_LOCAL_CONF_DIR} >+.endif >+.if defined(MAINTAINER_MODE) >+ @${CHOWN} -R ${USER}:${OSSEC_GROUP} ${OSSEC_DIR} >+ @${CHOWN} -R ${USER}:${GROUP} ${BIN_DIR} >+.endif >+ >+post-install: ossec-permissions >+ @${ECHO_CMD} -n > ${PKGMESSAGE} >+.for file_name in ${PKGMSG_FILES} >+ @${CAT} ${WRKDIR}/${file_name} >> ${PKGMESSAGE} >+ @${ECHO_CMD} >> ${PKGMESSAGE} >+.endfor >+ >+.if defined(MAINTAINER_MODE) >+plist: makeplist >+ @${SCRIPTDIR}/plist.sh ${OSSEC_TYPE} ${OSSEC_HOME} ${PLIST} ${WRKDIR} ${STAGEDIR} >+ >+rules: extract >+ @${SCRIPTDIR}/rules.sh ${FILESDIR}/${RULES_DEFAULT_TEMPLATE}.in ${WRKSRC} >+.endif >+ >+.include <bsd.port.post.mk> > >Property changes on: security/ossec-hids-local-config/Makefile >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:keywords >## -0,0 +1 ## >+FreeBSD=%H >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/distinfo >=================================================================== >--- security/ossec-hids-local-config/distinfo (nonexistent) >+++ security/ossec-hids-local-config/distinfo (working copy) >@@ -0,0 +1,3 @@ >+TIMESTAMP = 1539459620 >+SHA256 (ossec-ossec-hids-3.1.0_GH0.tar.gz) = e0e2987751badb95c2bf618531c7853b2289c910f796da85ff394c0faea43f50 >+SIZE (ossec-ossec-hids-3.1.0_GH0.tar.gz) = 1886469 > >Property changes on: security/ossec-hids-local-config/distinfo >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/agent-conf.in >=================================================================== >--- security/ossec-hids-local-config/files/agent-conf.in (nonexistent) >+++ security/ossec-hids-local-config/files/agent-conf.in (working copy) >@@ -0,0 +1,33 @@ >+#!/bin/sh >+ >+ossec_type="%%OSSEC_TYPE%%" >+ossec_home="%%OSSEC_HOME%%" >+ >+agent_conf_dir="${ossec_home}/etc/agent.conf.d" >+agent_conf_files="${agent_conf_dir}/*.conf" >+ >+select_elements() { >+ local element="$1" >+ sed -n "/<${element}.*>/,/<\/${element}>/p" >+} >+ >+remove_comments() { >+ # Comments must be on separate lines i.e. not next to uncommented code >+ awk '/<!--/ {off=1} /-->/ {off=2} /([\s\S]*)/ {if (off==0) print; if (off==2) off=0}' >+} >+ >+remove_empty_lines() { >+ sed '/^\s*$/d' >+} >+ >+agent_conf() { >+ >+ echo "<!-- OSSEC HIDS %%VERSION%% -->" >+ echo >+ echo "<!-- DO NOT EDIT - file generated automatically - edit \"agent.conf.d/900.local.conf\" instead -->" >+ echo >+ >+ cat $@ | remove_comments | select_elements "agent_config" | remove_empty_lines >+} >+ >+agent_conf "${agent_conf_files}" > >Property changes on: security/ossec-hids-local-config/files/agent-conf.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/command-last-logins.sh.in >=================================================================== >--- security/ossec-hids-local-config/files/command-last-logins.sh.in (nonexistent) >+++ security/ossec-hids-local-config/files/command-last-logins.sh.in (working copy) >@@ -0,0 +1,8 @@ >+#!/bin/sh >+ >+# This script is part of FreeBSD port - report any issues to the port MAINTAINER >+ >+ossec_home="%%OSSEC_HOME%%" >+. "${ossec_home}/etc/command.conf" >+ >+last -n ${last_logins} > >Property changes on: security/ossec-hids-local-config/files/command-last-logins.sh.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/command-open-ports.sh.in >=================================================================== >--- security/ossec-hids-local-config/files/command-open-ports.sh.in (nonexistent) >+++ security/ossec-hids-local-config/files/command-open-ports.sh.in (working copy) >@@ -0,0 +1,19 @@ >+#!/bin/sh >+ >+# This script is part of FreeBSD port - report any issues to the port MAINTAINER >+ >+family=$1 >+protocol=$2 >+ports=$3 >+ >+if [ -z "${ports}" ]; then >+ privileged_ports="1-$((`sysctl -n net.inet.ip.portrange.first` - 1))" >+ >+ ossec_home="%%OSSEC_HOME%%" >+ . "${ossec_home}/etc/command.conf" >+ >+ ports="privileged_${protocol}_ports" >+ eval ports=\$${ports} >+fi >+ >+sockstat -l -${family} -P ${protocol} -p ${ports} | grep -Eo '[^[:space:]]+:[0-9]+' | sort -u > >Property changes on: security/ossec-hids-local-config/files/command-open-ports.sh.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/command.conf.in >=================================================================== >--- security/ossec-hids-local-config/files/command.conf.in (nonexistent) >+++ security/ossec-hids-local-config/files/command.conf.in (working copy) >@@ -0,0 +1,6 @@ >+#!/bin/sh >+ >+last_logins=5 >+ >+privileged_tcp_ports=${privileged_ports},10050-10051 >+privileged_udp_ports=${privileged_ports} > >Property changes on: security/ossec-hids-local-config/files/command.conf.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/merge-config.sh.in >=================================================================== >--- security/ossec-hids-local-config/files/merge-config.sh.in (nonexistent) >+++ security/ossec-hids-local-config/files/merge-config.sh.in (working copy) >@@ -0,0 +1,32 @@ >+#!/bin/sh >+ >+# This script is part of FreeBSD port - report any issues to the port MAINTAINER >+ >+ossec_type="%%OSSEC_TYPE%%" >+ossec_home="%%OSSEC_HOME%%" >+ossec_rc="%%OSSEC_RC%%" >+ >+ACTION=$1 >+USER=$2 >+IP=$3 >+ >+LOCAL=`dirname $0`; >+cd $LOCAL >+cd ../../tmp >+ >+# Logging the call >+echo "`date` $0 $1 $2 $3 $4 $5" >> "${ossec_home}/logs/active-responses.log" >+ >+case ${ACTION} in >+ add) >+ "${ossec_rc}" merge_config >+ exit 0 >+ ;; >+ delete) >+ exit 0 >+ ;; >+ *) >+ echo "$0: invalid action: ${ACTION}" >+ exit 1 >+ ;; >+esac > >Property changes on: security/ossec-hids-local-config/files/merge-config.sh.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/message-agent-conf.in >=================================================================== >--- security/ossec-hids-local-config/files/message-agent-conf.in (nonexistent) >+++ security/ossec-hids-local-config/files/message-agent-conf.in (working copy) >@@ -0,0 +1,3 @@ >+The "agent.conf" must no longer be used for configuration. It will be >+overwritten by merged "*.conf" files from the configuration directory: >+%%OSSEC_HOME%%/etc/agent.conf.d > >Property changes on: security/ossec-hids-local-config/files/message-agent-conf.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/message-ossec-conf.in >=================================================================== >--- security/ossec-hids-local-config/files/message-ossec-conf.in (nonexistent) >+++ security/ossec-hids-local-config/files/message-ossec-conf.in (working copy) >@@ -0,0 +1,3 @@ >+The "ossec.conf" must no longer be used for configuration. It will be >+overwritten by merged "*.conf" files from the configuration directory: >+%%OSSEC_HOME%%/etc/ossec.conf.d > >Property changes on: security/ossec-hids-local-config/files/message-ossec-conf.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/message-pf.in >=================================================================== >--- security/ossec-hids-local-config/files/message-pf.in (nonexistent) >+++ security/ossec-hids-local-config/files/message-pf.in (working copy) >@@ -0,0 +1,4 @@ >+Add the ossec_fwtable to /etc/pf.conf if using "firewall-drop" active response: >+ table <ossec_fwtable> persist >+ block in quick from <ossec_fwtable> to any >+ block out quick from any to <ossec_fwtable> > >Property changes on: security/ossec-hids-local-config/files/message-pf.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/ossec-conf.in >=================================================================== >--- security/ossec-hids-local-config/files/ossec-conf.in (nonexistent) >+++ security/ossec-hids-local-config/files/ossec-conf.in (working copy) >@@ -0,0 +1,60 @@ >+#!/bin/sh >+ >+ossec_type="%%OSSEC_TYPE%%" >+ossec_home="%%OSSEC_HOME%%" >+ >+ossec_conf_dir="${ossec_home}/etc/ossec.conf.d" >+ossec_conf_files="${ossec_conf_dir}/*.conf" >+ >+select_elements_content() { >+ local element="$1" >+ sed -n "/<${element}>/,/<\/${element}>/{ /<${element}>/d; /<\/${element}>/d; p; }" >+} >+ >+remove_elements() { >+ local element="$1" >+ sed -e "/<${element}>/,/<\/${element}>/d" >+} >+ >+remove_comments() { >+ # Comments must be on separate lines i.e. not next to uncommented code >+ awk '/<!--/ {off=1} /-->/ {off=2} /([\s\S]*)/ {if (off==0) print; if (off==2) off=0}' >+} >+ >+remove_empty_lines() { >+ sed '/^\s*$/d' >+} >+ >+ossec_conf() { >+ echo "<!-- OSSEC HIDS %%VERSION%% -->" >+ echo >+ echo "<!-- DO NOT EDIT - file generated automatically - edit \"ossec.conf.d/900.local.conf\" instead -->" >+ echo >+ echo "<ossec_config>" >+ >+ if [ "${ossec_type}" != "agent" ]; then >+ if cat $@ | remove_comments | grep -q "<rules>"; then >+ echo " <rules>" >+ cat $@ | remove_comments | select_elements_content "rules" | remove_empty_lines >+ echo " </rules>" >+ fi >+ fi >+ >+ if cat $@ | remove_comments | grep -q "<rootcheck>"; then >+ echo " <rootcheck>" >+ cat $@ | remove_comments | select_elements_content "rootcheck" | remove_empty_lines >+ echo " </rootcheck>" >+ fi >+ >+ if cat $@ | remove_comments | grep -q "<syscheck>"; then >+ echo " <syscheck>" >+ cat $@ | remove_comments | select_elements_content "syscheck" | remove_empty_lines >+ echo " </syscheck>" >+ fi >+ >+ cat $@ | remove_comments | select_elements_content "ossec_config" | remove_elements "rules" | remove_elements "rootcheck" | remove_elements "syscheck" | remove_empty_lines >+ >+ echo "</ossec_config>" >+} >+ >+ossec_conf "${ossec_conf_files}" > >Property changes on: security/ossec-hids-local-config/files/ossec-conf.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/pkg-deinstall.in >=================================================================== >--- security/ossec-hids-local-config/files/pkg-deinstall.in (nonexistent) >+++ security/ossec-hids-local-config/files/pkg-deinstall.in (working copy) >@@ -0,0 +1,10 @@ >+#!/bin/sh >+ >+ossec_home="%%OSSEC_HOME%%" >+ossec_conf="${ossec_home}/etc/ossec.conf" >+agent_conf="${ossec_home}/etc/shared/agent.conf" >+ >+if [ "$2" == "DEINSTALL" ]; then >+ rm -f "${ossec_conf}" >+ rm -f "${agent_conf}" >+fi > >Property changes on: security/ossec-hids-local-config/files/pkg-deinstall.in >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/pkg-install.in >=================================================================== >--- security/ossec-hids-local-config/files/pkg-install.in (nonexistent) >+++ security/ossec-hids-local-config/files/pkg-install.in (working copy) >@@ -0,0 +1,32 @@ >+#!/bin/sh >+ >+ossec_home="%%OSSEC_HOME%%" >+ar_bin_dir="${ossec_home}/active-response/bin" >+ossec_conf="${ossec_home}/etc/ossec.conf" >+ossec_conf_bak="${ossec_conf}.bak" >+agent_conf="${ossec_home}/etc/shared/agent.conf" >+agent_conf_bak="${ossec_home}/etc/agent.conf.bak" >+ >+if [ "$2" == "POST-INSTALL" ]; then >+ ln -f "${ar_bin_dir}/%%FW_DROP%%" "${ar_bin_dir}/firewall-drop.sh" >+ >+ if [ -e "${ossec_conf}" ]; then >+ mv -f "${ossec_conf}" "${ossec_conf_bak}" >+ echo >+ echo "WARNING:" >+ echo " Existing \"${ossec_conf}\" has been saved to \"${ossec_conf_bak}\"." >+ echo >+ fi >+ >+ case "$1" in >+ ossec-hids-server*) >+ if [ -e "${agent_conf}" ]; then >+ mv -f "${agent_conf}" "${agent_conf_bak}" >+ echo >+ echo "WARNING:" >+ echo " Existing \"${agent_conf}\" has been saved to \"${agent_conf_bak}\"." >+ echo >+ fi >+ ;; >+ esac >+fi > >Property changes on: security/ossec-hids-local-config/files/pkg-install.in >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/rules-cmdout.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/rules-cmdout.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/rules-cmdout.xml.in (working copy) >@@ -0,0 +1,67 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<group name="ossec,"> >+ >+ <rule id="56041" level="1"> >+ <if_sid>530</if_sid> >+ <match>ossec: output: 'freebsd-last-logins'</match> >+ <check_diff /> >+ <description>List of the last logged in users.</description> >+ </rule> >+ >+ <rule id="56042" level="1"> >+ <if_sid>530</if_sid> >+ <match>ossec: output: 'freebsd-open-ports-tcp4-all'</match> >+ <check_diff /> >+ <description>Listening IPv4 TCP port opened or closed.</description> >+ </rule> >+ >+ <rule id="56043" level="7"> >+ <if_sid>530</if_sid> >+ <match>ossec: output: 'freebsd-open-ports-tcp4'</match> >+ <check_diff /> >+ <description>Listening IPv4 TCP port opened or closed.</description> >+ </rule> >+ >+ <rule id="56044" level="1"> >+ <if_sid>530</if_sid> >+ <match>ossec: output: 'freebsd-open-ports-tcp6-all'</match> >+ <check_diff /> >+ <description>Listening IPv6 TCP port opened or closed.</description> >+ </rule> >+ >+ <rule id="56045" level="7"> >+ <if_sid>530</if_sid> >+ <match>ossec: output: 'freebsd-open-ports-tcp6'</match> >+ <check_diff /> >+ <description>Listening IPv6 TCP port opened or closed.</description> >+ </rule> >+ >+ <rule id="56046" level="1"> >+ <if_sid>530</if_sid> >+ <match>ossec: output: 'freebsd-open-ports-udp4-all'</match> >+ <check_diff /> >+ <description>Listening IPv4 UDP port opened or closed.</description> >+ </rule> >+ >+ <rule id="56047" level="7"> >+ <if_sid>530</if_sid> >+ <match>ossec: output: 'freebsd-open-ports-udp4'</match> >+ <check_diff /> >+ <description>Listening IPv4 UDP port opened or closed.</description> >+ </rule> >+ >+ <rule id="56048" level="1"> >+ <if_sid>530</if_sid> >+ <match>ossec: output: 'freebsd-open-ports-udp6-all'</match> >+ <check_diff /> >+ <description>Listening IPv6 UDP port opened or closed.</description> >+ </rule> >+ >+ <rule id="56049" level="7"> >+ <if_sid>530</if_sid> >+ <match>ossec: output: 'freebsd-open-ports-udp6'</match> >+ <check_diff /> >+ <description>Listening IPv6 UDP port opened or closed.</description> >+ </rule> >+ >+</group> > >Property changes on: security/ossec-hids-local-config/files/rules-cmdout.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/rules-config.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/rules-config.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/rules-config.xml.in (working copy) >@@ -0,0 +1,52 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<group name="ossec,"> >+ >+ <rule id="56001" level="10" ignore="10"> >+ <if_group>syscheck</if_group> >+ <match>%%OSSEC_HOME%%/etc/ossec.conf.d</match> >+ <description>ossec.conf.d has been modified</description> >+ </rule> >+ >+ <rule id="56002" level="10" ignore="10"> >+ <if_group>syscheck</if_group> >+ <match>%%OSSEC_HOME%%/etc/ossec.conf</match> >+ <description>ossec.conf has been modified</description> >+ </rule> >+ >+ <rule id="56003" level="10" ignore="10"> >+ <if_group>syscheck</if_group> >+ <match>/var/ossec/etc/ossec.conf.d</match> >+ <description>ossec.conf.d has been modified</description> >+ </rule> >+ >+ <rule id="56004" level="10" ignore="10"> >+ <if_group>syscheck</if_group> >+ <match>/var/ossec/etc/ossec.conf</match> >+ <description>ossec.conf has been modified</description> >+ </rule> >+ >+ <rule id="56021" level="10" ignore="10"> >+ <if_group>syscheck</if_group> >+ <match>%%OSSEC_HOME%%/etc/agent.conf.d</match> >+ <description>agent.conf.d has been modified</description> >+ </rule> >+ >+ <rule id="56022" level="10" ignore="10"> >+ <if_group>syscheck</if_group> >+ <match>%%OSSEC_HOME%%/etc/shared/agent.conf</match> >+ <description>agent.conf has been modified</description> >+ </rule> >+ >+ <rule id="56023" level="10" ignore="10"> >+ <if_group>syscheck</if_group> >+ <match>/var/ossec/etc/agent.conf.d</match> >+ <description>agent.conf.d has been modified</description> >+ </rule> >+ >+ <rule id="56024" level="10" ignore="10"> >+ <if_group>syscheck</if_group> >+ <match>/var/ossec/etc/shared/agent.conf</match> >+ <description>agent.conf has been modified</description> >+ </rule> >+ >+</group> > >Property changes on: security/ossec-hids-local-config/files/rules-config.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-ar-cmds-default.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-ar-cmds-default.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-ar-cmds-default.xml.in (working copy) >@@ -0,0 +1,38 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <command> >+ <name>host-deny</name> >+ <executable>host-deny.sh</executable> >+ <expect>srcip</expect> >+ <timeout_allowed>yes</timeout_allowed> >+ </command> >+ >+ <command> >+ <name>firewall-drop</name> >+ <executable>firewall-drop.sh</executable> >+ <expect>srcip</expect> >+ <timeout_allowed>yes</timeout_allowed> >+ </command> >+ >+ <command> >+ <name>disable-account</name> >+ <executable>disable-account.sh</executable> >+ <expect>user</expect> >+ <timeout_allowed>yes</timeout_allowed> >+ </command> >+ >+ <command> >+ <name>restart-ossec</name> >+ <executable>restart-ossec.sh</executable> >+ <expect></expect> >+ </command> >+ >+ <command> >+ <name>route-null</name> >+ <executable>route-null.sh</executable> >+ <expect>srcip</expect> >+ <timeout_allowed>yes</timeout_allowed> >+ </command> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-ar-cmds-default.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-ar-cmds-merge.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-ar-cmds-merge.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-ar-cmds-merge.xml.in (working copy) >@@ -0,0 +1,10 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <command> >+ <name>merge-config</name> >+ <executable>merge-config.sh</executable> >+ <expect></expect> >+ </command> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-ar-cmds-merge.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-ar-fwdrop.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-ar-fwdrop.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-ar-fwdrop.xml.in (working copy) >@@ -0,0 +1,13 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <active-response> >+ <!-- Block the IP on the firewall. --> >+ <!-- See: http://www.ossec.net/docs/syntax/head_ossec_config.active-response.html#active-response-options --> >+ <command>firewall-drop</command> >+ <location>local</location> >+ <level>6</level> >+ <timeout>600</timeout> >+ </active-response> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-ar-fwdrop.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-ar-hostdeny.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-ar-hostdeny.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-ar-hostdeny.xml.in (working copy) >@@ -0,0 +1,12 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <active-response> >+ <!-- Deny the IP in "/etc/hosts.allow" or "/etc/hosts.deny". --> >+ <command>host-deny</command> >+ <location>local</location> >+ <level>6</level> >+ <timeout>600</timeout> >+ </active-response> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-ar-hostdeny.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-ar-merge.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-ar-merge.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-ar-merge.xml.in (working copy) >@@ -0,0 +1,11 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <active-response> >+ <!-- Create "ossec.conf" and "agent.conf" if "ossec.conf.d/*" or "agent.conf.d/*" files change. --> >+ <command>merge-config</command> >+ <location>local</location> >+ <rules_id>56001,56003,56021,56023</rules_id> >+ </active-response> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-ar-merge.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-ar-restart.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-ar-restart.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-ar-restart.xml.in (working copy) >@@ -0,0 +1,11 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <active-response> >+ <!-- Restart OSSEC if "ossec.conf" or "agent.conf" changes. --> >+ <command>restart-ossec</command> >+ <location>local</location> >+ <rules_id>56002,56004,56022,56024</rules_id> >+ </active-response> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-ar-restart.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-cmdout-last-logins.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-cmdout-last-logins.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-cmdout-last-logins.xml.in (working copy) >@@ -0,0 +1,10 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <localfile> >+ <log_format>full_command</log_format> >+ <command>%%OSSEC_HOME%%/bin/command/last-logins.sh</command> >+ <alias>freebsd-last-logins</alias> >+ </localfile> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-cmdout-last-logins.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-cmdout-open-ports-tcp.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-cmdout-open-ports-tcp.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-cmdout-open-ports-tcp.xml.in (working copy) >@@ -0,0 +1,28 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <localfile> >+ <log_format>full_command</log_format> >+ <command>%%OSSEC_HOME%%/bin/command/open-ports.sh 4 tcp 1-65535</command> >+ <alias>freebsd-open-ports-tcp4-all</alias> >+ </localfile> >+ >+ <localfile> >+ <log_format>full_command</log_format> >+ <command>%%OSSEC_HOME%%/bin/command/open-ports.sh 4 tcp</command> >+ <alias>freebsd-open-ports-tcp4</alias> >+ </localfile> >+ >+ <localfile> >+ <log_format>full_command</log_format> >+ <command>%%OSSEC_HOME%%/bin/command/open-ports.sh 6 tcp 1-65535</command> >+ <alias>freebsd-open-ports-tcp6-all</alias> >+ </localfile> >+ >+ <localfile> >+ <log_format>full_command</log_format> >+ <command>%%OSSEC_HOME%%/bin/command/open-ports.sh 6 tcp</command> >+ <alias>freebsd-open-ports-tcp6</alias> >+ </localfile> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-cmdout-open-ports-tcp.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-cmdout-open-ports-udp.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-cmdout-open-ports-udp.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-cmdout-open-ports-udp.xml.in (working copy) >@@ -0,0 +1,28 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <localfile> >+ <log_format>full_command</log_format> >+ <command>%%OSSEC_HOME%%/bin/command/open-ports.sh 4 udp 1-65535</command> >+ <alias>freebsd-open-ports-udp4-all</alias> >+ </localfile> >+ >+ <localfile> >+ <log_format>full_command</log_format> >+ <command>%%OSSEC_HOME%%/bin/command/open-ports.sh 4 udp</command> >+ <alias>freebsd-open-ports-udp4</alias> >+ </localfile> >+ >+ <localfile> >+ <log_format>full_command</log_format> >+ <command>%%OSSEC_HOME%%/bin/command/open-ports.sh 6 udp 1-65535</command> >+ <alias>freebsd-open-ports-udp6-all</alias> >+ </localfile> >+ >+ <localfile> >+ <log_format>full_command</log_format> >+ <command>%%OSSEC_HOME%%/bin/command/open-ports.sh 6 udp</command> >+ <alias>freebsd-open-ports-udp6</alias> >+ </localfile> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-cmdout-open-ports-udp.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-header-disabled.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-header-disabled.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-header-disabled.xml.in (working copy) >@@ -0,0 +1,10 @@ >+<!-- OSSEC HIDS %%VERSION%% --> >+ >+<!-- DO NOT EDIT - file generated automatically using disabled port options --> >+ >+<!-- >+ You can indirectly edit this file by copying it to the parent directory. >+ The copied file will not be deleted or modified during port removal or >+ upgrades. >+--> >+ > >Property changes on: security/ossec-hids-local-config/files/template-header-disabled.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-header-enabled.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-header-enabled.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-header-enabled.xml.in (working copy) >@@ -0,0 +1,4 @@ >+<!-- OSSEC HIDS %%VERSION%% --> >+ >+<!-- DO NOT EDIT - file generated automatically using enabled port options --> >+ > >Property changes on: security/ossec-hids-local-config/files/template-header-enabled.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-header-sample.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-header-sample.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-header-sample.xml.in (working copy) >@@ -0,0 +1 @@ >+<!-- Place customized configuration here - it will not be overwritten during upgrades. --> > >Property changes on: security/ossec-hids-local-config/files/template-header-sample.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-logs-apache.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-logs-apache.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-logs-apache.xml.in (working copy) >@@ -0,0 +1,28 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config os="FreeBSD" profile="%%LOGS_APACHE_PROFILE%%"> >+ >+ <localfile> >+ <log_format>apache</log_format> >+ <location>/var/log/httpd-error.log</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>apache</log_format> >+ <location>/var/log/httpd-access.log</location> >+ </localfile> >+ >+</template_config> >+ >+<template_config os="Linux" profile="%%LOGS_APACHE_PROFILE%%"> >+ >+ <localfile> >+ <log_format>apache</log_format> >+ <location>/var/log/apache2/error.log</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>apache</log_format> >+ <location>/var/log/apache2/access.log</location> >+ </localfile> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-logs-apache.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-logs-nginx.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-logs-nginx.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-logs-nginx.xml.in (working copy) >@@ -0,0 +1,28 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config os="FreeBSD" profile="%%LOGS_NGINX_PROFILE%%"> >+ >+ <localfile> >+ <log_format>apache</log_format> >+ <location>/var/log/nginx/error.log</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>apache</log_format> >+ <location>/var/log/nginx/access.log</location> >+ </localfile> >+ >+</template_config> >+ >+<template_config os="Linux" profile="%%LOGS_NGINX_PROFILE%%"> >+ >+ <localfile> >+ <log_format>apache</log_format> >+ <location>/var/log/nginx/error.log</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>apache</log_format> >+ <location>/var/log/nginx/access.log</location> >+ </localfile> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-logs-nginx.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-logs-radius.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-logs-radius.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-logs-radius.xml.in (working copy) >@@ -0,0 +1,18 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config os="FreeBSD" profile="%%LOGS_RADIUS_PROFILE%%"> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/radius.log</location> >+ </localfile> >+ >+</template_config> >+ >+<template_config os="Linux" profile="%%LOGS_RADIUS_PROFILE%%"> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/freeradius/radius.log</location> >+ </localfile> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-logs-radius.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-logs-response.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-logs-response.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-logs-response.xml.in (working copy) >@@ -0,0 +1,18 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config os="FreeBSD" profile="%%LOGS_RESPONSE_PROFILE%%"> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>%%OSSEC_HOME%%/logs/active-responses.log</location> >+ </localfile> >+ >+</template_config> >+ >+<template_config os="Linux" profile="%%LOGS_RESPONSE_PROFILE%%"> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/ossec/logs/active-responses.log</location> >+ </localfile> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-logs-response.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-logs-system.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-logs-system.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-logs-system.xml.in (working copy) >@@ -0,0 +1,68 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config os="FreeBSD" profile="%%LOGS_SYSTEM_PROFILE%%"> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/auth.log</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/maillog</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/messages</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/security</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/userlog</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/xferlog</location> >+ </localfile> >+ >+</template_config> >+ >+<template_config os="Linux" profile="%%LOGS_SYSTEM_PROFILE%%"> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/auth.log</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/dpkg.log</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/kern.log</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/mail.log</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/messages</location> >+ </localfile> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/syslog</location> >+ </localfile> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-logs-system.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-logs-vsftpd.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-logs-vsftpd.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-logs-vsftpd.xml.in (working copy) >@@ -0,0 +1,18 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config os="FreeBSD" profile="%%LOGS_VSFTPD_PROFILE%%"> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/vsftpd.log</location> >+ </localfile> >+ >+</template_config> >+ >+<template_config os="Linux" profile="%%LOGS_VSFTPD_PROFILE%%"> >+ >+ <localfile> >+ <log_format>syslog</log_format> >+ <location>/var/log/vsftpd.log</location> >+ </localfile> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-logs-vsftpd.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-rootcheck-basic.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-rootcheck-basic.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-rootcheck-basic.xml.in (working copy) >@@ -0,0 +1,22 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config os="FreeBSD" profile="%%ROOTCHECK_BASIC_PROFILE%%"> >+ >+ <rootcheck> >+ <rootkit_files>%%OSSEC_HOME%%/etc/shared/rootkit_files.txt</rootkit_files> >+ <rootkit_trojans>%%OSSEC_HOME%%/etc/shared/rootkit_trojans.txt</rootkit_trojans> >+ <system_audit>%%OSSEC_HOME%%/etc/shared/system_audit_rcl.txt</system_audit> >+ <system_audit>%%OSSEC_HOME%%/etc/shared/system_audit_ssh.txt</system_audit> >+ </rootcheck> >+ >+</template_config> >+ >+<template_config os="Linux" profile="%%ROOTCHECK_BASIC_PROFILE%%"> >+ >+ <rootcheck> >+ <rootkit_files>/var/ossec/etc/shared/rootkit_files.txt</rootkit_files> >+ <rootkit_trojans>/var/ossec/etc/shared/rootkit_trojans.txt</rootkit_trojans> >+ <system_audit>/var/ossec/etc/shared/system_audit_rcl.txt</system_audit> >+ <system_audit>/var/ossec/etc/shared/system_audit_ssh.txt</system_audit> >+ </rootcheck> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-rootcheck-basic.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-rootcheck-cis-l1.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-rootcheck-cis-l1.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-rootcheck-cis-l1.xml.in (working copy) >@@ -0,0 +1,9 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+ >+<template_config os="Linux" profile="%%ROOTCHECK_CIS_L1_PROFILE%%"> >+ >+ <rootcheck> >+ <system_audit>/var/ossec/etc/shared/cis_debianlinux7-8_L1_rcl.txt</system_audit> >+ </rootcheck> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-rootcheck-cis-l1.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-rootcheck-cis-l2.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-rootcheck-cis-l2.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-rootcheck-cis-l2.xml.in (working copy) >@@ -0,0 +1,9 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+ >+<template_config os="Linux" profile="%%ROOTCHECK_CIS_L2_PROFILE%%"> >+ >+ <rootcheck> >+ <system_audit>/var/ossec/etc/shared/cis_debianlinux7-8_L2_rcl.txt</system_audit> >+ </rootcheck> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-rootcheck-cis-l2.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-rootcheck-cis.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-rootcheck-cis.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-rootcheck-cis.xml.in (working copy) >@@ -0,0 +1,9 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+ >+<template_config os="Linux" profile="%%ROOTCHECK_CIS_PROFILE%%"> >+ >+ <rootcheck> >+ <system_audit>/var/ossec/etc/shared/cis_debian_linux_rcl.txt</system_audit> >+ </rootcheck> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-rootcheck-cis.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-rules-cmdout.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-rules-cmdout.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-rules-cmdout.xml.in (working copy) >@@ -0,0 +1,8 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <rules> >+ <include>freebsd_cmdout_rules.xml</include> >+ </rules> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-rules-cmdout.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-rules-config.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-rules-config.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-rules-config.xml.in (working copy) >@@ -0,0 +1,8 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <rules> >+ <include>freebsd_config_rules.xml</include> >+ </rules> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-rules-config.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-rules-default.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-rules-default.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-rules-default.xml.in (working copy) >@@ -0,0 +1,87 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <rules> >+ <include>rules_config.xml</include> >+ <include>ossec_rules.xml</include> >+ <include>syslog_rules.xml</include> >+ <include>sendmail_rules.xml</include> >+ <include>postfix_rules.xml</include> >+ <include>spamd_rules.xml</include> >+ <include>imapd_rules.xml</include> >+ <include>mailscanner_rules.xml</include> >+ <include>ms-exchange_rules.xml</include> >+ <include>courier_rules.xml</include> >+ <include>firewall_rules.xml</include> >+ <include>pix_rules.xml</include> >+ <include>netscreenfw_rules.xml</include> >+ <include>cisco-ios_rules.xml</include> >+ <include>sonicwall_rules.xml</include> >+ <include>pam_rules.xml</include> >+ <include>telnetd_rules.xml</include> >+ <include>sshd_rules.xml</include> >+ <include>solaris_bsm_rules.xml</include> >+ <include>asterisk_rules.xml</include> >+ <include>ms_dhcp_rules.xml</include> >+ <include>arpwatch_rules.xml</include> >+ <include>symantec-av_rules.xml</include> >+ <include>symantec-ws_rules.xml</include> >+ <include>trend-osce_rules.xml</include> >+ <include>hordeimp_rules.xml</include> >+ <include>roundcube_rules.xml</include> >+ <include>wordpress_rules.xml</include> >+ <include>cimserver_rules.xml</include> >+ <include>dovecot_rules.xml</include> >+ <include>vmpop3d_rules.xml</include> >+ <include>vpopmail_rules.xml</include> >+ <include>ftpd_rules.xml</include> >+ <include>proftpd_rules.xml</include> >+ <include>pure-ftpd_rules.xml</include> >+ <include>vsftpd_rules.xml</include> >+ <include>ms_ftpd_rules.xml</include> >+ <include>named_rules.xml</include> >+ <include>exim_rules.xml</include> >+ <include>smbd_rules.xml</include> >+ <include>racoon_rules.xml</include> >+ <include>vpn_concentrator_rules.xml</include> >+ <include>msauth_rules.xml</include> >+ <include>mcafee_av_rules.xml</include> >+ <include>ms-se_rules.xml</include> >+ <include>sysmon_rules.xml</include> >+ <include>ms_ipsec_rules.xml</include> >+ <include>vmware_rules.xml</include> >+ <include>ids_rules.xml</include> >+ <include>apache_rules.xml</include> >+ <include>web_rules.xml</include> >+ <include>zeus_rules.xml</include> >+ <include>nginx_rules.xml</include> >+ <include>php_rules.xml</include> >+ <include>web_appsec_rules.xml</include> >+ <include>squid_rules.xml</include> >+ <include>attack_rules.xml</include> >+ <include>systemd_rules.xml</include> >+ <include>firewalld_rules.xml</include> >+ <include>mysql_rules.xml</include> >+ <include>postgresql_rules.xml</include> >+ <include>dropbear_rules.xml</include> >+ <include>openbsd_rules.xml</include> >+ <include>apparmor_rules.xml</include> >+ <include>clam_av_rules.xml</include> >+ <include>openbsd-dhcpd_rules.xml</include> >+ <include>nsd_rules.xml</include> >+ <include>owncloud_rules.xml</include> >+ <include>proxmox-ve_rules.xml</include> >+ <include>opensmtpd_rules.xml</include> >+ <include>dnsmasq_rules.xml</include> >+ <include>linux_usbdetect_rules.xml</include> >+ <include>ms1016_usbdetect_rules.xml</include> >+ <include>ms_firewall_rules.xml</include> >+ <include>psad_rules.xml</include> >+ <include>unbound_rules.xml</include> >+ <include>local_rules.xml</include> >+ >+ <!-- Files not included by default --> >+ <!--<include>policy_rules.xml</include>--> >+ </rules> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-rules-default.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-sample-agent.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-sample-agent.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-sample-agent.xml.in (working copy) >@@ -0,0 +1,14 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <client> >+ <!-- Specify the IP address of the %%PORTNAME%% server. --> >+ <server-ip>1.2.3.4</server-ip> >+ <!-- Alternatively, specify the hostname of the %%PORTNAME%% server. --> >+ <!-- <server-hostname>example.com</server-hostname> --> >+ >+ <!-- Specifies the agent.conf profiles to be used by the agent. Multiple profiles can be included, separated by a comma and a space. --> >+ <!-- <config-profile>%%CLIENT_PROFILES%%</config-profile> --> >+ </client> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-sample-agent.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-sample-database.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-sample-database.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-sample-database.xml.in (working copy) >@@ -0,0 +1,12 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ <!-- Run "%%OSSEC_HOME%%/bin/ossec-control enable database" to enable ossec-dbd. --> >+ <database_output> >+ <hostname>localhost</hostname> >+ <username>ossec</username> >+ <password>secret</password> >+ <database>ossec</database> >+ <type>%%DB_TYPE%%</type> >+ </database_output> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-sample-database.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-sample-local.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-sample-local.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-sample-local.xml.in (working copy) >@@ -0,0 +1,17 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <global> >+ <!-- Uncomment to enable email notifications. --> >+ <!-- >+ <email_notification>yes</email_notification> >+ <email_to>example@example.com</email_to> >+ <smtp_server>smtp.example.com</smtp_server> >+ <email_from>ossecm@example.com</email_from> >+ --> >+ >+ <!-- List of IP addresses that should never be blocked by the active response (one per element). --> >+ <white_list>127.0.0.1</white_list> >+ </global> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-sample-local.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-sample-server.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-sample-server.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-sample-server.xml.in (working copy) >@@ -0,0 +1,23 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <remote> >+ <connection>secure</connection> >+ <!-- OSSEC server listens on all interfacees by default. --> >+ <!-- <local_ip>1.2.3.4</local_ip> --> >+ </remote> >+ >+ <global> >+ <!-- Uncomment to enable email notifications. --> >+ <!-- >+ <email_notification>yes</email_notification> >+ <email_to>example@example.com</email_to> >+ <smtp_server>smtp.example.com</smtp_server> >+ <email_from>ossecm@example.com</email_from> >+ --> >+ >+ <!-- List of IP addresses that should never be blocked by the active response (one per element). --> >+ <white_list>127.0.0.1</white_list> >+ </global> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-sample-server.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-syscheck-basic.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-syscheck-basic.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-syscheck-basic.xml.in (working copy) >@@ -0,0 +1,18 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config os="FreeBSD" profile="%%SYSCHECK_BASIC_PROFILE%%"> >+ >+ <syscheck> >+ <directories realtime="yes" check_all="yes">/bin,/sbin,/usr/bin,/usr/sbin,%%PREFIX%%/bin,%%PREFIX%%/sbin</directories> >+ <directories realtime="yes" check_all="yes">/etc,%%PREFIX%%/etc</directories> >+ </syscheck> >+ >+</template_config> >+ >+<template_config os="Linux" profile="%%SYSCHECK_BASIC_PROFILE%%"> >+ >+ <syscheck> >+ <directories realtime="yes" check_all="yes">/bin,/sbin,/usr/bin,/usr/sbin,/usr/local/bin,/usr/local/sbin</directories> >+ <directories realtime="yes" check_all="yes">/etc,/usr/local/etc</directories> >+ </syscheck> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-syscheck-basic.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-syscheck-hostdeny.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-syscheck-hostdeny.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-syscheck-hostdeny.xml.in (working copy) >@@ -0,0 +1,16 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config os="FreeBSD"> >+ >+ <syscheck> >+ <ignore>/etc/hosts.allow</ignore> >+ </syscheck> >+ >+</template_config> >+ >+<template_config os="Linux"> >+ >+ <syscheck> >+ <ignore>/etc/hosts.deny</ignore> >+ </syscheck> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-syscheck-hostdeny.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-syscheck-newfiles.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-syscheck-newfiles.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-syscheck-newfiles.xml.in (working copy) >@@ -0,0 +1,16 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config os="FreeBSD"> >+ >+ <syscheck> >+ <alert_new_files>yes</alert_new_files> >+ </syscheck> >+ >+</template_config> >+ >+<template_config os="Linux"> >+ >+ <syscheck> >+ <alert_new_files>yes</alert_new_files> >+ </syscheck> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-syscheck-newfiles.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-syscheck-noauto.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-syscheck-noauto.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-syscheck-noauto.xml.in (working copy) >@@ -0,0 +1,16 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config os="FreeBSD"> >+ >+ <syscheck> >+ <auto_ignore>no</auto_ignore> >+ </syscheck> >+ >+</template_config> >+ >+<template_config os="Linux"> >+ >+ <syscheck> >+ <auto_ignore>no</auto_ignore> >+ </syscheck> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-syscheck-noauto.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/files/template-syscheck-ossec.xml.in >=================================================================== >--- security/ossec-hids-local-config/files/template-syscheck-ossec.xml.in (nonexistent) >+++ security/ossec-hids-local-config/files/template-syscheck-ossec.xml.in (working copy) >@@ -0,0 +1,18 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<template_config os="FreeBSD" profile="%%SYSCHECK_OSSEC_PROFILE%%"> >+ >+ <syscheck> >+ <directories realtime="yes" check_all="yes">%%OSSEC_SYSCHECK_BIN_DIRS%%</directories> >+ <directories realtime="yes" check_all="yes">%%OSSEC_SYSCHECK_ETC_DIRS%%</directories> >+ </syscheck> >+ >+</template_config> >+ >+<template_config os="Linux" profile="%%SYSCHECK_OSSEC_PROFILE%%"> >+ >+ <syscheck> >+ <directories realtime="yes" check_all="yes">/var/ossec/bin,/var/ossec/active-response,/var/ossec/agentless</directories> >+ <directories realtime="yes" check_all="yes">/var/ossec/etc,/var/ossec/rules</directories> >+ </syscheck> >+ >+</template_config> > >Property changes on: security/ossec-hids-local-config/files/template-syscheck-ossec.xml.in >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/opt-ar.mk >=================================================================== >--- security/ossec-hids-local-config/opt-ar.mk (nonexistent) >+++ security/ossec-hids-local-config/opt-ar.mk (working copy) >@@ -0,0 +1,46 @@ >+AR_MANAGED_CONF= 110.active-response.conf >+AR_LOCAL_CONF= 510.active-response.local.conf >+ >+AR_DESC= Active Response >+ >+# Default commands >+AR_CMDS_DEFAULT_OPTION= DEFAULT_C >+AR_CMDS_DEFAULT_DESC= Commands provided by OSSEC >+AR_CMDS_DEFAULT_DEFINE= server local >+AR_CMDS_DEFAULT_DEFAULT=server local >+AR_OPTIONS+= AR_CMDS_DEFAULT >+ >+# Config merge commands >+AR_CMDS_MERGE_OPTION= MERGE_C >+AR_CMDS_MERGE_DESC= Commands to merge configuration files >+AR_CMDS_MERGE_DEFINE= server local >+AR_CMDS_MERGE_DEFAULT= server local >+AR_OPTIONS+= AR_CMDS_MERGE >+ >+# Config merge active response >+AR_MERGE_OPTION= MERGE_AR >+AR_MERGE_DESC= Merge configuration files when they change >+AR_MERGE_DEFINE= server local >+AR_MERGE_DEFAULT= server local >+AR_OPTIONS+= AR_MERGE >+ >+# OSSEC restart active response >+AR_RESTART_OPTION= RESTART_AR >+AR_RESTART_DESC= Restart OSSEC when main configuration files change >+AR_RESTART_DEFINE= server local >+AR_RESTART_DEFAULT= server local >+AR_OPTIONS+= AR_RESTART >+ >+# Host deny active response >+AR_HOSTDENY_OPTION= HOSTDENY_AR >+AR_HOSTDENY_DESC= Block the attacker's IP using access control files >+AR_HOSTDENY_DEFINE= server local >+AR_HOSTDENY_DEFAULT= >+AR_OPTIONS+= AR_HOSTDENY >+ >+# Firewall drop active response >+AR_FWDROP_OPTION= FWDROP_AR >+AR_FWDROP_DESC= Block the attacker's IP on the firewall >+AR_FWDROP_DEFINE= server local >+AR_FWDROP_DEFAULT= >+AR_OPTIONS+= AR_FWDROP > >Property changes on: security/ossec-hids-local-config/opt-ar.mk >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/opt-cmdout.mk >=================================================================== >--- security/ossec-hids-local-config/opt-cmdout.mk (nonexistent) >+++ security/ossec-hids-local-config/opt-cmdout.mk (working copy) >@@ -0,0 +1,27 @@ >+CMDOUT_MANAGED_CONF= 140.command-output.conf >+CMDOUT_LOCAL_CONF= 540.command-output.local.conf >+ >+CMDOUT_DESC= Command Output Monitoring >+ >+CMDOUT_SCRIPTS= last-logins open-ports >+ >+# Last logins >+CMDOUT_LAST_LOGINS_OPTION= LOGINS >+CMDOUT_LAST_LOGINS_DESC= Last logins >+CMDOUT_LAST_LOGINS_DEFINE= server local agent >+CMDOUT_LAST_LOGINS_DEFAULT= server local agent >+CMDOUT_OPTIONS+= CMDOUT_LAST_LOGINS >+ >+# Open TCP ports >+CMDOUT_OPEN_PORTS_TCP_OPTION= PORTS_TCP >+CMDOUT_OPEN_PORTS_TCP_DESC= Open TCP ports >+CMDOUT_OPEN_PORTS_TCP_DEFINE= server local agent >+CMDOUT_OPEN_PORTS_TCP_DEFAULT= server local agent >+CMDOUT_OPTIONS+= CMDOUT_OPEN_PORTS_TCP >+ >+# Open UDP ports >+CMDOUT_OPEN_PORTS_UDP_OPTION= PORTS_UDP >+CMDOUT_OPEN_PORTS_UDP_DESC= Open UDP ports >+CMDOUT_OPEN_PORTS_UDP_DEFINE= server local agent >+CMDOUT_OPEN_PORTS_UDP_DEFAULT= server local agent >+CMDOUT_OPTIONS+= CMDOUT_OPEN_PORTS_UDP > >Property changes on: security/ossec-hids-local-config/opt-cmdout.mk >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/opt-logs.mk >=================================================================== >--- security/ossec-hids-local-config/opt-logs.mk (nonexistent) >+++ security/ossec-hids-local-config/opt-logs.mk (working copy) >@@ -0,0 +1,52 @@ >+LOGS_MANAGED_CONF= 150.logs.conf >+LOGS_LOCAL_CONF= 550.logs.local.conf >+ >+LOGS_DESC= Log Monitoring >+ >+# Default logs support >+LOGS_SYSTEM_OPTION= SYSTEM >+LOGS_SYSTEM_PROFILE= system-logs >+LOGS_SYSTEM_DESC= Default system logs >+LOGS_SYSTEM_DEFINE= server local agent pushed >+LOGS_SYSTEM_DEFAULT= server local pushed >+LOGS_OPTIONS+= LOGS_SYSTEM >+ >+# Active response log support >+LOGS_RESPONSE_OPTION= RESPONSE >+LOGS_RESPONSE_PROFILE= active-response-logs >+LOGS_RESPONSE_DESC= Active response logs >+LOGS_RESPONSE_DEFINE= server local agent pushed >+LOGS_RESPONSE_DEFAULT= server local pushed >+LOGS_OPTIONS+= LOGS_RESPONSE >+ >+# Apache logs support >+LOGS_APACHE_OPTION= APACHE >+LOGS_APACHE_PROFILE= apache-logs >+LOGS_APACHE_DESC= Apache logs >+LOGS_APACHE_DEFINE= server local agent pushed >+LOGS_APACHE_DEFAULT= pushed >+LOGS_OPTIONS+= LOGS_APACHE >+ >+# Nginx logs support >+LOGS_NGINX_OPTION= NGINX >+LOGS_NGINX_PROFILE= nginx-logs >+LOGS_NGINX_DESC= Nginx logs >+LOGS_NGINX_DEFINE= server local agent pushed >+LOGS_NGINX_DEFAULT= pushed >+LOGS_OPTIONS+= LOGS_NGINX >+ >+# Radius logs support >+LOGS_RADIUS_OPTION= RADIUS >+LOGS_RADIUS_PROFILE= radius-logs >+LOGS_RADIUS_DESC= FreeRADIUS logs >+LOGS_RADIUS_DEFINE= server local agent pushed >+LOGS_RADIUS_DEFAULT= pushed >+LOGS_OPTIONS+= LOGS_RADIUS >+ >+# Vsftpd logs support >+LOGS_VSFTPD_OPTION= VSFTPD >+LOGS_VSFTPD_PROFILE= vsftpd-logs >+LOGS_VSFTPD_DESC= Vsftpd logs >+LOGS_VSFTPD_DEFINE= server local agent pushed >+LOGS_VSFTPD_DEFAULT= pushed >+LOGS_OPTIONS+= LOGS_VSFTPD > >Property changes on: security/ossec-hids-local-config/opt-logs.mk >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/opt-rootcheck.mk >=================================================================== >--- security/ossec-hids-local-config/opt-rootcheck.mk (nonexistent) >+++ security/ossec-hids-local-config/opt-rootcheck.mk (working copy) >@@ -0,0 +1,36 @@ >+ROOTCHECK_MANAGED_CONF= 120.rootcheck.conf >+ROOTCHECK_LOCAL_CONF= 520.rootcheck.local.conf >+ >+ROOTCHECK_DESC= System Audit and Rootkit Detection (rootcheck) >+ >+# Basic >+ROOTCHECK_BASIC_OPTION= BASIC_RC >+ROOTCHECK_BASIC_PROFILE= basic-rootcheck >+ROOTCHECK_BASIC_DESC= Basic audit and rootkits >+ROOTCHECK_BASIC_DEFINE= server local agent pushed >+ROOTCHECK_BASIC_DEFAULT= server local pushed >+ROOTCHECK_OPTIONS+= ROOTCHECK_BASIC >+ >+# CIS default >+ROOTCHECK_CIS_OPTION= CIS_RC >+ROOTCHECK_CIS_PROFILE= cis-rootcheck >+ROOTCHECK_CIS_DESC= CIS benchmark - Legacy >+ROOTCHECK_CIS_DEFINE= pushed >+ROOTCHECK_CIS_DEFAULT= pushed >+ROOTCHECK_OPTIONS+= ROOTCHECK_CIS >+ >+# CIS level 1 >+ROOTCHECK_CIS_L1_OPTION= CIS_L1_RC >+ROOTCHECK_CIS_L1_PROFILE= cis-level1-rootcheck >+ROOTCHECK_CIS_L1_DESC= CIS benchmark - Level 1 >+ROOTCHECK_CIS_L1_DEFINE= pushed >+ROOTCHECK_CIS_L1_DEFAULT= pushed >+ROOTCHECK_OPTIONS+= ROOTCHECK_CIS_L1 >+ >+# CIS level 2 >+ROOTCHECK_CIS_L2_OPTION= CIS_L2_RC >+ROOTCHECK_CIS_L2_PROFILE= cis-level2-rootcheck >+ROOTCHECK_CIS_L2_DESC= CIS benchmark - Level 2 >+ROOTCHECK_CIS_L2_DEFINE= pushed >+ROOTCHECK_CIS_L2_DEFAULT= pushed >+ROOTCHECK_OPTIONS+= ROOTCHECK_CIS_L2 > >Property changes on: security/ossec-hids-local-config/opt-rootcheck.mk >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/opt-rules.mk >=================================================================== >--- security/ossec-hids-local-config/opt-rules.mk (nonexistent) >+++ security/ossec-hids-local-config/opt-rules.mk (working copy) >@@ -0,0 +1,27 @@ >+RULES_MANAGED_CONF= 100.rules.conf >+RULES_LOCAL_CONF= 500.rules.local.conf >+ >+RULES_DESC= Alerting Rules >+ >+RULES_FILES= config cmdout >+ >+# Default rules >+RULES_DEFAULT_OPTION= DEFAULT_R >+RULES_DEFAULT_DESC= Rules provided by OSSEC >+RULES_DEFAULT_DEFINE= server local >+RULES_DEFAULT_DEFAULT= server local >+RULES_OPTIONS+= RULES_DEFAULT >+ >+# Config rules >+RULES_CONFIG_OPTION= CONFIG_R >+RULES_CONFIG_DESC= Alert changes of the OSSEC main configuration files >+RULES_CONFIG_DEFINE= server local >+RULES_CONFIG_DEFAULT= server local >+RULES_OPTIONS+= RULES_CONFIG >+ >+# Command output rules >+RULES_CMDOUT_OPTION= CMDOUT_R >+RULES_CMDOUT_DESC= Alert changes of output of the monitored commands >+RULES_CMDOUT_DEFINE= server local >+RULES_CMDOUT_DEFAULT= server local >+RULES_OPTIONS+= RULES_CMDOUT > >Property changes on: security/ossec-hids-local-config/opt-rules.mk >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/opt-syscheck.mk >=================================================================== >--- security/ossec-hids-local-config/opt-syscheck.mk (nonexistent) >+++ security/ossec-hids-local-config/opt-syscheck.mk (working copy) >@@ -0,0 +1,42 @@ >+SYSCHECK_MANAGED_CONF= 130.syscheck.conf >+SYSCHECK_LOCAL_CONF= 530.syscheck.local.conf >+ >+SYSCHECK_DESC= File Integrity Checking (syscheck) >+ >+# Default direcotries >+SYSCHECK_BASIC_OPTION= BASIC_SC >+SYSCHECK_BASIC_PROFILE= basic-syscheck >+SYSCHECK_BASIC_DESC= "bin", "sbin" and "etc" >+SYSCHECK_BASIC_DEFINE= server local agent pushed >+SYSCHECK_BASIC_DEFAULT= server local pushed >+SYSCHECK_OPTIONS+= SYSCHECK_BASIC >+ >+# OSSEC directories >+SYSCHECK_OSSEC_OPTION= OSSEC_SC >+SYSCHECK_OSSEC_PROFILE= ossec-syscheck >+SYSCHECK_OSSEC_DESC= OSSEC directories >+SYSCHECK_OSSEC_DEFINE= server local agent pushed >+SYSCHECK_OSSEC_DEFAULT= server local pushed >+SYSCHECK_OPTIONS+= SYSCHECK_OSSEC >+ >+# Alert new files >+SYSCHECK_NEWFILES_OPTION= NEWFILES_SC >+SYSCHECK_NEWFILES_DESC= Alert on new files created >+SYSCHECK_NEWFILES_DEFINE= server local >+SYSCHECK_NEWFILES_DEFAULT= server local >+SYSCHECK_OPTIONS+= SYSCHECK_NEWFILES >+ >+# Disable auto_ignore >+SYSCHECK_NOAUTO_OPTION= NOAUTO_SC >+SYSCHECK_NOAUTO_DESC= Disable auto_ignore feature >+SYSCHECK_NOAUTO_DEFINE= server local >+SYSCHECK_NOAUTO_DEFAULT= server local >+SYSCHECK_OPTIONS+= SYSCHECK_NOAUTO >+ >+# Ignore /etc/hosts.allow >+SYSCHECK_HOSTDENY_DEPENDS= AR_HOSTDENY >+SYSCHECK_HOSTDENY_OPTION= HOSTDENY_SC >+SYSCHECK_HOSTDENY_DESC= Ignore access control files >+SYSCHECK_HOSTDENY_DEFINE= server local agent pushed >+SYSCHECK_HOSTDENY_DEFAULT= server local pushed >+SYSCHECK_OPTIONS+= SYSCHECK_HOSTDENY > >Property changes on: security/ossec-hids-local-config/opt-syscheck.mk >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/pkg-descr >=================================================================== >--- security/ossec-hids-local-config/pkg-descr (nonexistent) >+++ security/ossec-hids-local-config/pkg-descr (working copy) >@@ -0,0 +1,9 @@ >+OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection >+System (HIDS). It has a powerful correlation and analysis engine, integrating >+log analysis, file integrity checking, Windows registry monitoring, centralized >+policy enforcement, rootkit detection, real-time alerting and active response. >+ >+This package adds the configuration overlay with samples, additional rules, >+commands, scripts and support for multiple configuration files. >+ >+WWW: https://ossec.github.io > >Property changes on: security/ossec-hids-local-config/pkg-descr >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/pkg-help-agent >=================================================================== >--- security/ossec-hids-local-config/pkg-help-agent (nonexistent) >+++ security/ossec-hids-local-config/pkg-help-agent (working copy) >@@ -0,0 +1,29 @@ >+Unless stated otherwise, every option here corresponds to certain configuration >+block which would be placed in one of the configuration files in "ossec.conf.d" >+directory. Disabled options will do the same, but for "ossec.conf.d/disabled" >+directory. All "*.conf" files from the "ossec.conf.d" directory will be merged >+into "ossec.conf" in alphabetic order. If you are not satisfied with the >+generated configuration, you can disable the corresponding option and use files >+from "ossec.conf.d/disabled" directory as samples. >+ >+Most of the options are disabled by default, because it is expected that the >+server will push the agent configuration using "agent.conf". FreeBSD port of >+OSSEC server extended with similar "config" port does this by default. If this >+is the case, then the "ossec.conf" should only enable required profiles. >+ >+Files generated by the port will be overwritten during port upgrades so any >+additional configuration should be put in separate files. >+ >+Command Output Monitoring: >+ >+ Adds additional commands, the output of which can be monitored. To actually >+ send alerts about the changing output, the proper rules need to be configured >+ on the server as well. For security reasons commands cannot be pushed by the >+ server and thus must be configured locally on every agent. >+ These commands can be tweaked in "command.conf". >+ >+Active Response Firewall: >+ >+ Creates "firewall-drop.sh" hardlink to one of the scripts shipped with OSSEC. >+ This option is only meaningful if this OSSEC instance will be the target of >+ "firewall-drop" active response (configured on the server). > >Property changes on: security/ossec-hids-local-config/pkg-help-agent >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/pkg-help-local >=================================================================== >--- security/ossec-hids-local-config/pkg-help-local (nonexistent) >+++ security/ossec-hids-local-config/pkg-help-local (working copy) >@@ -0,0 +1,31 @@ >+Unless stated otherwise, every option here corresponds to certain configuration >+block which would be placed in one of the configuration files in "ossec.conf.d" >+directory. Disabled options will do the same, but for "ossec.conf.d/disabled" >+directory. All "*.conf" files from the "ossec.conf.d" directory will be merged >+into "ossec.conf" in alphabetic order. If you are not satisfied with the >+generated configuration, you can disable the corresponding option and use files >+from "ossec.conf.d/disabled" directory as samples. >+ >+Files generated by the port will be overwritten during port upgrades so any >+additional configuration should be put in separate files. >+ >+File Integrity Checking: >+ >+ NOAUTO_SC: >+ OSSEC by default will ignore files that change too often (after the third >+ change). This option disables this feature. Files that change too often >+ as a result of correct system operation should better be added to ignore >+ list manually. >+ >+Command Output Monitoring: >+ >+ Adds additional commands, the output of which can be monitored. To actually >+ send alerts about the changing output, the proper rules need to be configured >+ as well (see CMDOUT_R option). >+ These commands can be tweaked in "command.conf". >+ >+Active Response Firewall: >+ >+ Creates "firewall-drop.sh" hardlink to one of the scripts shipped with OSSEC. >+ This option is only meaningful if "firewall-drop" active response will be >+ enabled in the configuration. > >Property changes on: security/ossec-hids-local-config/pkg-help-local >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/pkg-help-server >=================================================================== >--- security/ossec-hids-local-config/pkg-help-server (nonexistent) >+++ security/ossec-hids-local-config/pkg-help-server (working copy) >@@ -0,0 +1,46 @@ >+Unless stated otherwise, every option here corresponds to certain configuration >+block which would be placed in one of the configuration files in "ossec.conf.d" >+directory. Disabled options will do the same, but for "ossec.conf.d/disabled" >+directory. All "*.conf" files from the "ossec.conf.d" directory will be merged >+into "ossec.conf" in alphabetic order. If you are not satisfied with the >+generated configuration, you can disable the corresponding option and use files >+from "ossec.conf.d/disabled" directory as samples. >+ >+The "pushed" sections (*_P options) relate to configuration pushed to agents >+using "agent.conf". The generated configuration blocks will be placed in >+"agent.conf.d" and "agent.conf.d/disabled" directories. >+Note that the agent needs to enable proper profile to benefit from "agent.conf" >+configuration pushed by the server. This also means that profiles not enabled >+on the agent are ignored. This is why all "pushed" options are enabled by >+default. The port currently contains configuration templates for the following >+agent systems: >+ >+ - FreeBSD >+ - Debian Linux >+ >+Consider contributing to the port by contacting the maintainer and providing >+configuration templates for other operating systems runnig OSSEC agents. >+ >+Files generated by the port will be overwritten during port upgrades so any >+additional configuration should be put in separate files. >+ >+File Integrity Checking: >+ >+ NOAUTO_SC: >+ OSSEC by default will ignore files that change too often (after the third >+ change). This option disables this feature. Files that change too often >+ as a result of correct system operation should better be added to ignore >+ list manually. >+ >+Command Output Monitoring: >+ >+ Adds additional commands, the output of which can be monitored. To actually >+ send alerts about the changing output, the proper rules need to be configured >+ as well (see CMDOUT_R option). >+ These commands can be tweaked in "command.conf". >+ >+Active Response Firewall: >+ >+ Creates "firewall-drop.sh" hardlink to one of the scripts shipped with OSSEC. >+ This option is only meaningful if this OSSEC instance will be the target of >+ "firewall-drop" active response. > >Property changes on: security/ossec-hids-local-config/pkg-help-server >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/pkg-plist-agent >=================================================================== >--- security/ossec-hids-local-config/pkg-plist-agent (nonexistent) >+++ security/ossec-hids-local-config/pkg-plist-agent (working copy) >@@ -0,0 +1,23 @@ >+@dir(,ossec,0550) %%OSSEC_HOME%% >+@dir(,ossec,0550) %%OSSEC_HOME%%/active-response >+@dir(,ossec,0550) %%OSSEC_HOME%%/active-response/bin >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/merge-config.sh >+@dir(,,0550) %%OSSEC_HOME%%/bin >+@dir(,,0550) %%OSSEC_HOME%%/bin/command >+@(,,0550) %%OSSEC_HOME%%/bin/command/last-logins.sh >+@(,,0550) %%OSSEC_HOME%%/bin/command/open-ports.sh >+@dir(,,0550) %%OSSEC_HOME%%/bin/config >+@(,,0550) %%OSSEC_HOME%%/bin/config/ossec-conf >+@dir(,ossec,0550) %%OSSEC_HOME%%/etc >+@sample(,ossec,0640) %%OSSEC_HOME%%/etc/command.conf.sample >+@dir(,ossec,0550) %%OSSEC_HOME%%/etc/ossec.conf.d >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/120.rootcheck.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/130.syscheck.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/140.command-output.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/150.logs.conf >+@sample(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/900.local.conf.sample >+@dir(,ossec,0550) %%OSSEC_HOME%%/etc/ossec.conf.d/disabled >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/disabled/520.rootcheck.local.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/disabled/530.syscheck.local.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/disabled/540.command-output.local.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/disabled/550.logs.local.conf > >Property changes on: security/ossec-hids-local-config/pkg-plist-agent >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/pkg-plist-local >=================================================================== >--- security/ossec-hids-local-config/pkg-plist-local (nonexistent) >+++ security/ossec-hids-local-config/pkg-plist-local (working copy) >@@ -0,0 +1,30 @@ >+@dir(,ossec,0550) %%OSSEC_HOME%% >+@dir(,ossec,0550) %%OSSEC_HOME%%/active-response >+@dir(,ossec,0550) %%OSSEC_HOME%%/active-response/bin >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/merge-config.sh >+@dir(,,0550) %%OSSEC_HOME%%/bin >+@dir(,,0550) %%OSSEC_HOME%%/bin/command >+@(,,0550) %%OSSEC_HOME%%/bin/command/last-logins.sh >+@(,,0550) %%OSSEC_HOME%%/bin/command/open-ports.sh >+@dir(,,0550) %%OSSEC_HOME%%/bin/config >+@(,,0550) %%OSSEC_HOME%%/bin/config/ossec-conf >+@dir(,ossec,0550) %%OSSEC_HOME%%/etc >+@sample(,ossec,0640) %%OSSEC_HOME%%/etc/command.conf.sample >+@dir(,ossec,0550) %%OSSEC_HOME%%/etc/ossec.conf.d >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/100.rules.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/110.active-response.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/120.rootcheck.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/130.syscheck.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/140.command-output.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/150.logs.conf >+@sample(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/900.local.conf.sample >+@dir(,ossec,0550) %%OSSEC_HOME%%/etc/ossec.conf.d/disabled >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/disabled/500.rules.local.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/disabled/510.active-response.local.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/disabled/520.rootcheck.local.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/disabled/530.syscheck.local.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/disabled/540.command-output.local.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/disabled/550.logs.local.conf >+@dir(,ossec,0550) %%OSSEC_HOME%%/rules >+@(,ossec,0640) %%OSSEC_HOME%%/rules/freebsd_cmdout_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/freebsd_config_rules.xml > >Property changes on: security/ossec-hids-local-config/pkg-plist-local >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/pkg-plist-server >=================================================================== >--- security/ossec-hids-local-config/pkg-plist-server (nonexistent) >+++ security/ossec-hids-local-config/pkg-plist-server (working copy) >@@ -0,0 +1,39 @@ >+@dir(,ossec,0550) %%OSSEC_HOME%% >+@dir(,ossec,0550) %%OSSEC_HOME%%/active-response >+@dir(,ossec,0550) %%OSSEC_HOME%%/active-response/bin >+@(,ossec,0550) %%OSSEC_HOME%%/active-response/bin/merge-config.sh >+@dir(,,0550) %%OSSEC_HOME%%/bin >+@dir(,,0550) %%OSSEC_HOME%%/bin/command >+@(,,0550) %%OSSEC_HOME%%/bin/command/last-logins.sh >+@(,,0550) %%OSSEC_HOME%%/bin/command/open-ports.sh >+@dir(,,0550) %%OSSEC_HOME%%/bin/config >+@(,,0550) %%OSSEC_HOME%%/bin/config/agent-conf >+@(,,0550) %%OSSEC_HOME%%/bin/config/ossec-conf >+@dir(,ossec,0550) %%OSSEC_HOME%%/etc >+@dir(,ossec,0550) %%OSSEC_HOME%%/etc/agent.conf.d >+@(,ossec,0640) %%OSSEC_HOME%%/etc/agent.conf.d/120.rootcheck.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/agent.conf.d/130.syscheck.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/agent.conf.d/150.logs.conf >+@dir(,ossec,0550) %%OSSEC_HOME%%/etc/agent.conf.d/disabled >+@(,ossec,0640) %%OSSEC_HOME%%/etc/agent.conf.d/disabled/520.rootcheck.local.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/agent.conf.d/disabled/530.syscheck.local.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/agent.conf.d/disabled/550.logs.local.conf >+@sample(,ossec,0640) %%OSSEC_HOME%%/etc/command.conf.sample >+@dir(,ossec,0550) %%OSSEC_HOME%%/etc/ossec.conf.d >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/100.rules.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/110.active-response.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/120.rootcheck.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/130.syscheck.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/140.command-output.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/150.logs.conf >+@sample(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/900.local.conf.sample >+@dir(,ossec,0550) %%OSSEC_HOME%%/etc/ossec.conf.d/disabled >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/disabled/500.rules.local.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/disabled/510.active-response.local.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/disabled/520.rootcheck.local.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/disabled/530.syscheck.local.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/disabled/540.command-output.local.conf >+@(,ossec,0640) %%OSSEC_HOME%%/etc/ossec.conf.d/disabled/550.logs.local.conf >+@dir(,ossec,0550) %%OSSEC_HOME%%/rules >+@(,ossec,0640) %%OSSEC_HOME%%/rules/freebsd_cmdout_rules.xml >+@(,ossec,0640) %%OSSEC_HOME%%/rules/freebsd_config_rules.xml > >Property changes on: security/ossec-hids-local-config/pkg-plist-server >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/scripts/plist.sh >=================================================================== >--- security/ossec-hids-local-config/scripts/plist.sh (nonexistent) >+++ security/ossec-hids-local-config/scripts/plist.sh (working copy) >@@ -0,0 +1,113 @@ >+#!/bin/sh >+ >+# Script generates entries for pkg-plist. >+# Do not use it directly. Use the following command instead: >+# >+# make MAINTAINER_MODE=yes clean plist >+ >+OSSEC_TYPE=$1 >+OSSEC_HOME=$2 >+PLIST=$3 >+WORKDIR=$4 >+STAGEDIR=$5 >+ >+staged_plist="${WORKDIR}/.staged-plist" >+fixed_lines="" >+skip_lines="" >+skip_paths="" >+sample_paths="/etc/command.conf.sample /etc/ossec.conf.d/900.local.conf.sample /etc/agent.conf.d/900.local.conf.sample" >+ >+print_path() { >+ local path="$1" >+ local command="$2" >+ local full_path="${STAGEDIR}${OSSEC_HOME}${path}" >+ if [ -z "${command}" ]; then >+ command="@" >+ if [ -d "${full_path}" ]; then >+ command="@dir" >+ fi >+ fi >+ local user=`stat -f "%Su" "${full_path}"` >+ if [ "${user}" == "${USER}" ]; then >+ user="" >+ fi >+ local group=`stat -f "%Sg" "${full_path}"` >+ if [ "${group}" == "${GROUP}" ]; then >+ group="" >+ fi >+ local mode=`stat -f "%p" "${full_path}" | tail -c 5` >+ echo -e "${command}(${user},${group},${mode}) %%OSSEC_HOME%%${path}" >> "${PLIST}" >+} >+ >+echo -n > "${PLIST}" >+ >+print_path >+ >+done_paths="" >+while read line; do >+ skip_line="" >+ for e in ${skip_lines}; do >+ if [ "${e}" == "${line}" ]; then >+ skip_line="${e}" >+ break >+ fi >+ done >+ if [ -z "${skip_line}" ]; then >+ path="" >+ case $line in >+ "@dir %%OSSEC_HOME%%"*) >+ path=`echo "${line}" | sed -e "s|@dir %%OSSEC_HOME%%||g"` >+ ;; >+ "%%OSSEC_HOME%%"*) >+ path=`echo "${line}" | sed -e "s|%%OSSEC_HOME%%||g"` >+ ;; >+ "%%"*) >+ unchanged_lines="${unchanged_lines} ${line}" >+ ;; >+ esac >+ if [ -n "${path}" ]; then >+ segments=`echo "${path}" | tr "/" "\n"` >+ path="" >+ for segment in ${segments}; do >+ path="${path}/${segment}" >+ skip_path="" >+ for e in ${skip_paths}; do >+ if [ "${e}" == "${path}" ]; then >+ skip_path="${e}" >+ break >+ fi >+ done >+ if [ -n "${skip_path}" ]; then >+ break >+ fi >+ done_path="" >+ for e in ${done_paths}; do >+ if [ "${e}" == "${path}" ]; then >+ done_path="${e}" >+ break >+ fi >+ done >+ if [ -z "${done_path}" ]; then >+ done_paths="${done_paths} ${path}" >+ sample_path="" >+ for e in ${sample_paths}; do >+ if [ "${e}" == "${path}" ]; then >+ sample_path="${e}" >+ break >+ fi >+ done >+ if [ -n "${sample_path}" ]; then >+ print_path "${path}" @sample >+ else >+ print_path "${path}" >+ fi >+ fi >+ done >+ fi >+ fi >+done < "${staged_plist}" >+ >+unchanged_lines="${unchanged_lines} ${fixed_lines}" >+for line in ${unchanged_lines}; do >+ echo "${line}" >> "${PLIST}" >+done > >Property changes on: security/ossec-hids-local-config/scripts/plist.sh >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:executable >## -0,0 +1 ## >+* >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/scripts/rules.sh >=================================================================== >--- security/ossec-hids-local-config/scripts/rules.sh (nonexistent) >+++ security/ossec-hids-local-config/scripts/rules.sh (working copy) >@@ -0,0 +1,89 @@ >+#!/bin/sh >+ >+# Script generates entries for template-rules-default.xml.in. >+# Do not use it directly. Use the following command instead: >+# >+# make MAINTAINER_MODE=yes rules >+ >+rules_template=$1 >+src_dir=$2 >+ >+skip_files="policy_rules.xml local_rules.xml" >+append_files="local_rules.xml" >+ >+rules="" >+for file in `find "${src_dir}/etc/rules" -depth 1 -name "*.xml"`; do >+ file_name="${file##*/}" >+ skip_file="" >+ for e in ${skip_files}; do >+ if [ "${e}" == "${file_name}" ]; then >+ skip_file="${e}" >+ break >+ fi >+ done >+ if [ -z "${skip_file}" ]; then >+ rule_ids=`sed -Ene 's|^.*<rule[[:space:]]+id="([0-9]+)".*$|\1|p' "${file}"` >+ if [ -n "${rule_ids}" ]; then >+ min_rule_id=`echo "${rule_ids}" | sort -n | head -n 1` >+ ref_rule_ids=`sed -Ene 's|^.*<if_sid>([0-9,]+)</if_sid>.*$|\1|p' "${file}" | tr ',' '\n'` >+ for ref_rule_id in ${ref_rule_ids}; do >+ found_rule_id="" >+ for rule_id in ${rule_ids}; do >+ if [ "${ref_rule_id}" = "${rule_id}" ]; then >+ found_rule_id="${rule_id}" >+ break >+ fi >+ done >+ if [ -z "${found_rule_id}" ]; then >+ # The referenced rule id is not present in this file so it must come from another >+ if [ ${ref_rule_id} -gt ${min_rule_id} ]; then >+ # Ordering by referenced rule id doesn't need to give proper results, but let's hope it does >+ min_rule_id=$((ref_rule_id + 1)) >+ fi >+ fi >+ done >+ >+ rules="${rules}${min_rule_id} ${file_name} >+" >+ fi >+ fi >+done >+ >+echo -n "${rules}" | sort -n >+ >+if [ -n "${rules_template}" ]; then >+ rules=`echo -n "${rules}" | sort -n | cut -d' ' -f2` >+ for file_name in ${append_files}; do >+ rules="${rules} >+${file_name}" >+ done >+ >+ echo '<?xml version="1.0" encoding="UTF-8"?> >+<template_config> >+ >+ <rules>' > "${rules_template}" >+ >+ for rule in ${rules}; do >+ echo " <include>${rule}</include>" >> "${rules_template}" >+ done >+ >+ echo ' >+ <!-- Files not included by default -->' >> "${rules_template}" >+ >+ for skip_file in ${skip_files}; do >+ append_file="" >+ for e in ${append_files}; do >+ if [ "${e}" == "${skip_file}" ]; then >+ append_file="${e}" >+ break >+ fi >+ done >+ if [ -z "${append_file}" ]; then >+ echo " <!--<include>${skip_file}</include>-->" >> "${rules_template}" >+ fi >+ done >+ >+ echo ' </rules> >+ >+</template_config>' >> "${rules_template}" >+fi > >Property changes on: security/ossec-hids-local-config/scripts/rules.sh >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:executable >## -0,0 +1 ## >+* >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/scripts/template-to-agent.sh >=================================================================== >--- security/ossec-hids-local-config/scripts/template-to-agent.sh (nonexistent) >+++ security/ossec-hids-local-config/scripts/template-to-agent.sh (working copy) >@@ -0,0 +1,33 @@ >+#!/bin/sh >+ >+if [ $# -lt 3 ]; then >+ echo "Too few arguments" >+ echo "Usage: `basename $0` <ossec_type> <ossec_prefix> <ossec_file>" >+ exit 1 >+fi >+ >+ossec_type="$1" >+ossec_prefix="$2" >+ossec_file="$3" >+ >+if [ ! -f "${ossec_file}" ]; then >+ echo "File \"${ossec_file}\" does not exist" >+ exit 1 >+fi >+ >+ossec_syscheck_bin_dirs="${ossec_prefix}/bin,${ossec_prefix}/active-response" >+ossec_syscheck_etc_dirs="${ossec_prefix}/etc" >+ >+replace() { >+ sed -e 's|<template_config \(.*\)>|<agent_config \1>|' \ >+ -e 's|</template_config>|</agent_config>|' \ >+ -e "s|%%OSSEC_SYSCHECK_BIN_DIRS%%|${ossec_syscheck_bin_dirs}|" \ >+ -e "s|%%OSSEC_SYSCHECK_ETC_DIRS%%|${ossec_syscheck_etc_dirs}|" \ >+ "${ossec_file}" >+} >+ >+extract() { >+ sed -n '/^<agent_config .*>$/,/^<\/agent_config>$/p' >+} >+ >+replace | extract > >Property changes on: security/ossec-hids-local-config/scripts/template-to-agent.sh >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:executable >## -0,0 +1 ## >+* >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-local-config/scripts/template-to-ossec.sh >=================================================================== >--- security/ossec-hids-local-config/scripts/template-to-ossec.sh (nonexistent) >+++ security/ossec-hids-local-config/scripts/template-to-ossec.sh (working copy) >@@ -0,0 +1,45 @@ >+#!/bin/sh >+ >+if [ $# -lt 3 ]; then >+ echo "Too few arguments" >+ echo "Usage: `basename $0` <ossec_type> <ossec_prefix> <ossec_file>" >+ exit 1 >+fi >+ >+ossec_type="$1" >+ossec_prefix="$2" >+ossec_file="$3" >+ >+if [ ! -f "${ossec_file}" ]; then >+ echo "File \"${ossec_file}\" does not exist" >+ exit 1 >+fi >+ >+ossec_syscheck_bin_dirs="${ossec_prefix}/bin,${ossec_prefix}/active-response" >+ossec_syscheck_etc_dirs="${ossec_prefix}/etc" >+if [ "${ossec_type}" != "agent" ]; then >+ ossec_syscheck_bin_dirs="${ossec_syscheck_bin_dirs},${ossec_prefix}/agentless" >+ ossec_syscheck_etc_dirs="${ossec_syscheck_etc_dirs},${ossec_prefix}/rules" >+fi >+ >+replace() { >+ if grep -q "<template_config>" "${ossec_file}"; then >+ sed -e 's|<template_config>|<ossec_config>|' \ >+ -e 's|</template_config>|</ossec_config>|' \ >+ -e "s|%%OSSEC_SYSCHECK_BIN_DIRS%%|${ossec_syscheck_bin_dirs}|" \ >+ -e "s|%%OSSEC_SYSCHECK_ETC_DIRS%%|${ossec_syscheck_etc_dirs}|" \ >+ "${ossec_file}" >+ else >+ sed -e 's|<template_config .*os="FreeBSD".*>|<ossec_config>|' \ >+ -e 's|</template_config>|</ossec_config>|' \ >+ -e "s|%%OSSEC_SYSCHECK_BIN_DIRS%%|${ossec_syscheck_bin_dirs}|" \ >+ -e "s|%%OSSEC_SYSCHECK_ETC_DIRS%%|${ossec_syscheck_etc_dirs}|" \ >+ "${ossec_file}" >+ fi >+} >+ >+extract() { >+ sed -n '/^<ossec_config.*>$/,/^<\/ossec_config>$/p' >+} >+ >+replace | extract > >Property changes on: security/ossec-hids-local-config/scripts/template-to-ossec.sh >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:executable >## -0,0 +1 ## >+* >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/ossec-hids-server/Makefile >=================================================================== >--- security/ossec-hids-server/Makefile (revision 483209) >+++ security/ossec-hids-server/Makefile (working copy) >@@ -1,148 +1,7 @@ >-# Created by: Valerio Daelli <valerio.daelli@gmail.com> > # $FreeBSD$ > >-PORTNAME= ossec-hids >-PORTVERSION= 2.8.3 >-DISTVERSIONPREFIX= v >-PORTREVISION?= 3 >-CATEGORIES= security >-PKGNAMESUFFIX= -server >+OSSEC_TYPE= server > >-MAINTAINER= dominik.lisiak@bemsoft.pl >-COMMENT?= Security tool to monitor and check logs and intrusions >+MASTERDIR= ${.CURDIR}/../ossec-hids-local > >-USE_GITHUB= yes >-GH_ACCOUNT= ossec >-USE_RC_SUBR= ossec-hids >- >-CFLAGS+= -ferror-limit=0 >- >-USES= readline ssl >- >-.if defined(MAINTAINER_MODE) >-UID_FILES+= ../../UIDs >-GID_FILES+= ../../GIDs >-.endif >-USERS= ossec ossecm ossecr >-GROUPS= ossec >- >-.if !defined(CLIENT_ONLY) >-OPTIONS_DEFINE= MYSQL PGSQL >- >-MYSQL_VARS= WITH_DB=yes >-MYSQL_USE= MYSQL=client >-MYSQL_PORTDOCS= mysql.schema >- >-PGSQL_VARS= WITH_DB=yes >-PGSQL_USES= pgsql >-PGSQL_PORTDOCS= postgresql.schema >- >-RUN_DEPENDS= expect:lang/expect >- >-USES+= shebangfix >-SHEBANG_LANG= expect >-expect_OLD_CMD= "/usr/bin/env expect" >-expect_CMD= ${LOCALBASE}/bin/expect >-SHEBANG_FILES= src/agentlessd/scripts/main.exp \ >- src/agentlessd/scripts/ssh.exp \ >- src/agentlessd/scripts/ssh_asa-fwsmconfig_diff \ >- src/agentlessd/scripts/ssh_foundry_diff \ >- src/agentlessd/scripts/ssh_generic_diff \ >- src/agentlessd/scripts/ssh_integrity_check_bsd \ >- src/agentlessd/scripts/ssh_integrity_check_linux \ >- src/agentlessd/scripts/ssh_nopass.exp \ >- src/agentlessd/scripts/ssh_pixconfig_diff \ >- src/agentlessd/scripts/sshlogin.exp \ >- src/agentlessd/scripts/su.exp >-.endif >-OPTIONS_DEFINE+= DOCS >- >-SUB_LIST= PORTNAME=${PORTNAME} >-SUB_FILES= pkg-message >-PLIST_SUB= PORTNAME=${PORTNAME} >-DOCSFILES= BUGS CONFIG CONTRIBUTORS INSTALL LICENSE >-PORTDOCS= ${DOCSFILES} >- >-BROKEN_aarch64= Fails to compile: error: use of undeclared identifier __LDPGSZ >- >-.include <bsd.port.pre.mk> >- >-STRIP_FILES= ossec-luac agent_control ossec-lua ossec-dbd ossec-regex ossec-monitord ossec-makelists verify-agent-conf ossec-analysisd ossec-agentlessd syscheck_control ossec-execd manage_agents ossec-csyslogd ossec-syscheckd ossec-logtest ossec-authd ossec-logcollector list_agents ossec-maild clear_stats ossec-remoted ossec-reportd rootcheck_control syscheck_update >-.if defined(CLIENT_ONLY) >-SUB_LIST+= PRECMD=: >-PKGNAMESUFFIX= -client >-CONFLICTS_INSTALL= ossec-hids-server-[0-9]* ossec-hids-local-[0-9]* >-STRIP_FILES= agent-auth manage_agents ossec-agentd ossec-execd ossec-logcollector ossec-lua ossec-luac ossec-syscheckd >-.elif defined(LOCAL_ONLY) >-SUB_LIST+= PRECMD=ossechids_start_precmd >-PKGNAMESUFFIX= -local >-CONFLICTS_INSTALL= ossec-hids-client-[0-9]* ossec-hids-server-[0-9]* >-.else >-SUB_LIST+= PRECMD=ossechids_start_precmd >-CONFLICTS_INSTALL= ossec-hids-client-[0-9]* ossec-hids-local-[0-9]* >-.endif >- >-post-patch: >- @${REINPLACE_CMD} 's|PREFIX|${PREFIX}/${PORTNAME}|' ${WRKSRC}/src/headers/defs.h >- @${ECHO} "DIR=\"${STAGEDIR}${PREFIX}/${PORTNAME}\"" > ${WRKSRC}/src/LOCATION >- @${REINPLACE_CMD} -e 's|-DLUA_USE_LINUX|& ${CPPFLAGS}|' \ >- -e 's|-lreadline|& ${LDFLAGS}|' \ >- ${WRKSRC}/src/external/lua-5.2.3/src/Makefile >- @${REINPLACE_CMD} -e 's|OPENSSLCMD=|OPENSSLCMD=-L${OPENSSLLIB} |' \ >- ${WRKSRC}/src/Makeall >- >-do-build: >-.if defined(WITH_DB) >-.if defined(CLIENT_ONLY) >- @cd ${WRKSRC}/src;${MAKE} setagent;${MAKE} all;${MAKE} build >-.elif defined(LOCAL_ONLY) >- @cd ${WRKSRC}/src;${MAKE} setlocal;${MAKE} setdb;${MAKE} all;${MAKE} build >-.else >- @cd ${WRKSRC}/src;${MAKE} setdb;${MAKE} all;${MAKE} build >-.endif >-.else >-.if defined(CLIENT_ONLY) >- @cd ${WRKSRC}/src;${MAKE} setagent;${MAKE} all;${MAKE} build; \ >- ${MAKE} unsetdb >-.elif defined(LOCAL_ONLY) >- @cd ${WRKSRC}/src;${MAKE} setlocal;${MAKE} all;${MAKE} build; \ >- ${MAKE} unsetdb >-.else >- @cd ${WRKSRC}/src;${MAKE} all;${MAKE} build;${MAKE} unsetdb >-.endif >-.endif >- >-do-install: >-.if defined(CLIENT_ONLY) >- @cd ${WRKSRC}/src; ${MAKE} agent >-.elif defined(LOCAL_ONLY) >- @cd ${WRKSRC}/src; ${MAKE} local >-.else >- @cd ${WRKSRC}/src; ${MAKE} server >-.endif >- @${MKDIR} ${STAGEDIR}${PREFIX}/${PORTNAME}/etc >-.for file in ${STRIP_FILES} >- ${STRIP_CMD} ${STAGEDIR}${PREFIX}/ossec-hids/bin/${file} >-.endfor >- >-.if defined(CLIENT_ONLY) >- @${CP} ${WRKSRC}/etc/ossec-agent.conf ${STAGEDIR}${PREFIX}/${PORTNAME}/etc/ossec.conf.sample >-.elif defined(LOCAL_ONLY) >- ${CP} ${WRKSRC}/etc/ossec-local.conf ${STAGEDIR}${PREFIX}/${PORTNAME}/etc/ossec.conf.sample >-.else >- ${CP} ${WRKSRC}/etc/ossec-server.conf ${STAGEDIR}${PREFIX}/${PORTNAME}/etc/ossec.conf.sample >-.endif >- >-post-install-DOCS-on: >- @${MKDIR} ${STAGEDIR}${DOCSDIR} >- @cd ${WRKSRC} && ${INSTALL_DATA} ${DOCSFILES} ${STAGEDIR}${DOCSDIR} >- >-post-install-MYSQL-on: >- @${MKDIR} ${STAGEDIR}${DOCSDIR} >- @cd ${WRKSRC} && ${INSTALL_DATA} src/os_dbd/mysql.schema ${STAGEDIR}${DOCSDIR} >- >-post-install-PGSQL-on: >- @${MKDIR} ${STAGEDIR}${DOCSDIR} >- @cd ${WRKSRC} && ${INSTALL_DATA} src/os_dbd/postgresql.schema ${STAGEDIR}${DOCSDIR} >- >-.include <bsd.port.post.mk> >+.include "${MASTERDIR}/Makefile" >Index: security/ossec-hids-server/distinfo >=================================================================== >--- security/ossec-hids-server/distinfo (revision 483209) >+++ security/ossec-hids-server/distinfo (nonexistent) >@@ -1,2 +0,0 @@ >-SHA256 (ossec-ossec-hids-v2.8.3_GH0.tar.gz) = 917989e23330d18b0d900e8722392cdbe4f17364a547508742c0fd005a1df7dd >-SIZE (ossec-ossec-hids-v2.8.3_GH0.tar.gz) = 1642095 > >Property changes on: security/ossec-hids-server/distinfo >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: security/ossec-hids-server/files/ossec-hids.in >=================================================================== >--- security/ossec-hids-server/files/ossec-hids.in (revision 483209) >+++ security/ossec-hids-server/files/ossec-hids.in (nonexistent) >@@ -1,65 +0,0 @@ >-#!/bin/sh >-# >-# PROVIDE: ossechids >-# REQUIRE: DAEMON >-# BEFORE: LOGIN >-# KEYWORD: shutdown >- >-. /etc/rc.subr >- >-name="ossechids" >-rcvar=ossechids_enable >- >-load_rc_config $name >- >-: ${ossechids_enable="NO"} >-: ${ossechids_user="ossec"} >-: ${ossechids_group="ossec"} >- >-start_precmd=%%PRECMD%% >-start_cmd="ossechids_command start" >-stop_cmd="ossechids_command stop" >-restart_cmd="ossechids_command restart" >-status_cmd="ossechids_command status" >-reload_cmd="ossechids_command reload" >- >-command="%%PREFIX%%/%%PORTNAME%%/bin/ossec-control" >-required_files="%%PREFIX%%/%%PORTNAME%%/etc/ossec.conf" >-extra_commands="reload" >- >-fts_queue=%%PREFIX%%/%%PORTNAME%%/queue/fts/fts-queue >-ig_queue=%%PREFIX%%/%%PORTNAME%%/queue/fts/ig-queue >-ossec_log=%%PREFIX%%/%%PORTNAME%%/logs/ossec.log >-active_responses_log=%%PREFIX%%/%%PORTNAME%%/logs/active-responses.log >- >-ossechids_start_precmd() { >- # These files are not created by the daemons with the correct >- # ownership, so create them here before starting up the system, >- # if they don't already exist. This is only done for the "local" and >- # "server" installation types. >- if [ ! -e ${fts_queue} ]; then >- touch ${fts_queue} >- chown ${ossechids_user}:${ossechids_group} ${fts_queue} >- chmod 640 ${fts_queue} >- fi >- if [ ! -e ${ig_queue} ]; then >- touch ${ig_queue} >- chown ${ossechids_user}:${ossechids_group} ${ig_queue} >- chmod 640 ${ig_queue} >- fi >- >- # Ensure logfiles are created with the correct ownership and mode >- for log in ${ossec_log} ${active_responses_log}; do >- if [ ! -e ${log} ]; then >- touch ${log} >- chown ${ossechids_user}:${ossechids_group} ${log} >- chmod 660 ${log} >- fi >- done >-} >- >-ossechids_command() { >- ${command} ${rc_arg} >-} >- >-run_rc_command "$1" > >Property changes on: security/ossec-hids-server/files/ossec-hids.in >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: security/ossec-hids-server/files/patch-src__InstallAgent.sh >=================================================================== >--- security/ossec-hids-server/files/patch-src__InstallAgent.sh (revision 483209) >+++ security/ossec-hids-server/files/patch-src__InstallAgent.sh (nonexistent) >@@ -1,123 +0,0 @@ >---- src/InstallAgent.sh.orig 2015-10-12 21:21:06 UTC >-+++ src/InstallAgent.sh >-@@ -37,11 +37,11 @@ fi >- >- # Creating groups/users >- if [ "$UNAME" = "FreeBSD" -o "$UNAME" = "DragonFly" ]; then >-- grep "^${USER}" /etc/passwd > /dev/null 2>&1 >-- if [ ! $? = 0 ]; then >-- /usr/sbin/pw groupadd ${GROUP} >-- /usr/sbin/pw useradd ${USER} -d ${DIR} -s /sbin/nologin -g ${GROUP} >-- fi >-+ #grep "^${USER}" /etc/passwd > /dev/null 2>&1 >-+ #if [ ! $? = 0 ]; then >-+ #/usr/sbin/pw groupadd ${GROUP} >-+ #/usr/sbin/pw useradd ${USER} -d ${DIR} -s /sbin/nologin -g ${GROUP} >-+ #fi >- >- elif [ "$UNAME" = "SunOS" ]; then >- grep "^${USER}" /etc/passwd > /dev/null 2>&1 >-@@ -106,22 +106,17 @@ for i in ${subdirs}; do >- done >- >- # Default for all directories >--chmod -R 550 ${DIR} >--chown -R root:${GROUP} ${DIR} >-+chmod -R 750 ${DIR} >- >- # To the ossec queue (default for agentd to read) >--chown -R ${USER}:${GROUP} ${DIR}/queue/ossec >- chmod -R 770 ${DIR}/queue/ossec >- >- # For the logging user >--chown -R ${USER}:${GROUP} ${DIR}/logs >- chmod -R 750 ${DIR}/logs >- chmod -R 775 ${DIR}/queue/rids >- touch ${DIR}/logs/ossec.log >--chown ${USER}:${GROUP} ${DIR}/logs/ossec.log >- chmod 664 ${DIR}/logs/ossec.log >- >--chown -R ${USER}:${GROUP} ${DIR}/queue/diff >- chmod -R 750 ${DIR}/queue/diff >- chmod 740 ${DIR}/queue/diff/* > /dev/null 2>&1 >- >-@@ -131,8 +126,7 @@ chmod 1550 ${DIR}/tmp >- >- >- # For the etc dir >--chmod 550 ${DIR}/etc >--chown -R root:${GROUP} ${DIR}/etc >-+chmod 750 ${DIR}/etc >- >- ls /etc/localtime > /dev/null 2>&1 >- if [ $? = 0 ]; then >-@@ -144,13 +138,11 @@ if [ "$UNAME" = "SunOS" ]; then >- mkdir -p ${DIR}/usr/share/lib/zoneinfo/ >- chmod -R 555 ${DIR}/usr/ >- cp -pr /usr/share/lib/zoneinfo/* ${DIR}/usr/share/lib/zoneinfo/ >-- chown -R root:${GROUP} ${DIR}/usr/ >- fi >- >- ls /etc/TIMEZONE > /dev/null 2>&1 >- if [ $? = 0 ]; then >- cp -p /etc/TIMEZONE ${DIR}/etc/; >-- chown root:${GROUP} ${DIR}/etc/TIMEZONE >- chmod 555 ${DIR}/etc/TIMEZONE >- fi >- >-@@ -170,25 +162,17 @@ cp -pr ../etc/local_internal_options.con >- cp -pr ../etc/client.keys ${DIR}/etc/ > /dev/null 2>&1 >- cp -pr agentlessd/scripts/* ${DIR}/agentless/ >- >--chown root:${GROUP} ${DIR}/etc/internal_options.conf >--chown root:${GROUP} ${DIR}/etc/local_internal_options.conf > /dev/null 2>&1 >--chown root:${GROUP} ${DIR}/etc/client.keys > /dev/null 2>&1 >--chown root:${GROUP} ${DIR}/agentless/* >--chown ${USER}:${GROUP} ${DIR}/.ssh >--chown -R root:${GROUP} ${DIR}/etc/shared >-- >--chmod 550 ${DIR}/etc >-+chmod 750 ${DIR}/etc >- chmod 440 ${DIR}/etc/internal_options.conf >- chmod 440 ${DIR}/etc/local_internal_options.conf > /dev/null 2>&1 >- chmod 440 ${DIR}/etc/client.keys > /dev/null 2>&1 >- chmod -R 770 ${DIR}/etc/shared # ossec must be able to write to it >--chmod 550 ${DIR}/agentless/* >-+chmod 750 ${DIR}/agentless/* >- chmod 700 ${DIR}/.ssh >- >- >- # For the /var/run >- chmod 770 ${DIR}/var/run >--chown root:${GROUP} ${DIR}/var/run >- >- >- # Moving the binary files >-@@ -202,7 +186,6 @@ cp -pr addagent/manage_agents ${DIR}/bin >- cp -pr ../contrib/util.sh ${DIR}/bin/ >- cp -pr external/lua/src/ossec-lua ${DIR}/bin/ >- cp -pr external/lua/src/ossec-luac ${DIR}/bin/ >--chown root:${GROUP} ${DIR}/bin/util.sh >- chmod +x ${DIR}/bin/util.sh >- >- # Copying active response modules >-@@ -210,10 +193,8 @@ sh ./init/fw-check.sh execute > /dev/nul >- cp -pr ../active-response/*.sh ${DIR}/active-response/bin/ >- cp -pr ../active-response/firewalls/*.sh ${DIR}/active-response/bin/ >- chmod 755 ${DIR}/active-response/bin/* >--chown root:${GROUP} ${DIR}/active-response/bin/* >- >--chown root:${GROUP} ${DIR}/bin/* >--chmod 550 ${DIR}/bin/* >-+chmod 750 ${DIR}/bin/* >- >- >- # Moving the config file >-@@ -229,7 +210,6 @@ if [ $? = 0 ]; then >- else >- cp -pr ../etc/ossec-agent.conf ${DIR}/etc/ossec.conf >- fi >--chown root:${GROUP} ${DIR}/etc/ossec.conf >- chmod 440 ${DIR}/etc/ossec.conf >- >- > >Property changes on: security/ossec-hids-server/files/patch-src__InstallAgent.sh >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: security/ossec-hids-server/files/patch-src__InstallServer.sh >=================================================================== >--- security/ossec-hids-server/files/patch-src__InstallServer.sh (revision 483209) >+++ security/ossec-hids-server/files/patch-src__InstallServer.sh (nonexistent) >@@ -1,208 +0,0 @@ >---- src/InstallServer.sh.orig 2015-10-12 21:21:06 UTC >-+++ src/InstallServer.sh >-@@ -44,13 +44,13 @@ fi >- >- # Creating groups/users >- if [ "$UNAME" = "FreeBSD" -o "$UNAME" = "DragonFly" ]; then >-- grep "^${USER_REM}" /etc/passwd > /dev/null 2>&1 >-- if [ ! $? = 0 ]; then >-- /usr/sbin/pw groupadd ${GROUP} >-- /usr/sbin/pw useradd ${USER} -d ${DIR} -s /sbin/nologin -g ${GROUP} >-- /usr/sbin/pw useradd ${USER_MAIL} -d ${DIR} -s /sbin/nologin -g ${GROUP} >-- /usr/sbin/pw useradd ${USER_REM} -d ${DIR} -s /sbin/nologin -g ${GROUP} >-- fi >-+# grep "^${USER_REM}" /etc/passwd > /dev/null 2>&1 >-+# if [ ! $? = 0 ]; then >-+# /usr/sbin/pw groupadd ${GROUP} >-+# /usr/sbin/pw useradd ${USER} -d ${DIR} -s /sbin/nologin -g ${GROUP} >-+# /usr/sbin/pw useradd ${USER_MAIL} -d ${DIR} -s /sbin/nologin -g ${GROUP} >-+# /usr/sbin/pw useradd ${USER_REM} -d ${DIR} -s /sbin/nologin -g ${GROUP} >-+# fi >- >- elif [ "$UNAME" = "SunOS" ]; then >- grep "^${USER_REM}" /etc/passwd > /dev/null 2>&1 >-@@ -121,66 +121,49 @@ for i in ${subdirs}; do >- done >- >- # Default for all directories >--chmod 550 ${DIR} >--chmod 550 ${DIR}/* >--chown root:${GROUP} ${DIR} >--chown root:${GROUP} ${DIR}/* >-+chmod 750 ${DIR} >-+chmod 750 ${DIR}/* >- >- # AnalysisD needs to write to alerts: log, mail and cmds >--chown -R ${USER}:${GROUP} ${DIR}/queue/alerts >- chmod -R 770 ${DIR}/queue/alerts >- >- # To the ossec queue (default for analysisd to read) >--chown -R ${USER}:${GROUP} ${DIR}/queue/ossec >- chmod -R 770 ${DIR}/queue/ossec >- >- # To the ossec fts queue >--chown -R ${USER}:${GROUP} ${DIR}/queue/fts >- chmod -R 750 ${DIR}/queue/fts >- chmod 750 ${DIR}/queue/fts/* > /dev/null 2>&1 >- >- # To the ossec syscheck/rootcheck queue >--chown -R ${USER}:${GROUP} ${DIR}/queue/syscheck >- chmod -R 750 ${DIR}/queue/syscheck >- chmod 740 ${DIR}/queue/syscheck/* > /dev/null 2>&1 >- >--chown -R ${USER}:${GROUP} ${DIR}/queue/rootcheck >- chmod -R 750 ${DIR}/queue/rootcheck >- chmod 740 ${DIR}/queue/rootcheck/* > /dev/null 2>&1 >- >--chown ${USER}:${GROUP} ${DIR}/queue/diff >--chown ${USER}:${GROUP} ${DIR}/queue/diff/* > /dev/null 2>&1 >- chmod 750 ${DIR}/queue/diff >- chmod 740 ${DIR}/queue/diff/* > /dev/null 2>&1 >- >--chown -R ${USER_REM}:${GROUP} ${DIR}/queue/agent-info >- chmod -R 750 ${DIR}/queue/agent-info >- chmod 740 ${DIR}/queue/agent-info/* > /dev/null 2>&1 >--chown -R ${USER_REM}:${GROUP} ${DIR}/queue/rids >- chmod -R 750 ${DIR}/queue/rids >- chmod 740 ${DIR}/queue/rids/* > /dev/null 2>&1 >- >--chown -R ${USER}:${GROUP} ${DIR}/queue/agentless >- chmod -R 750 ${DIR}/queue/agentless >- chmod 740 ${DIR}/queue/agentless/* > /dev/null 2>&1 >- >--chown -R root:${GROUP} ${DIR}/tmp >--chmod 1550 ${DIR}/tmp >-+chmod 1750 ${DIR}/tmp >- >- >- # For the stats directory >--chown -R ${USER}:${GROUP} ${DIR}/stats >- chmod -R 750 ${DIR}/stats >- >- # For the logging user >--chown -R ${USER}:${GROUP} ${DIR}/logs >- chmod -R 750 ${DIR}/logs >- touch ${DIR}/logs/ossec.log >--chown ${USER}:${GROUP} ${DIR}/logs/ossec.log >- chmod 660 ${DIR}/logs/ossec.log >- >- touch ${DIR}/logs/active-responses.log >--chown ${USER}:${GROUP} ${DIR}/logs/active-responses.log >- chmod 660 ${DIR}/logs/active-responses.log >- >- # For the rules directory >-@@ -198,7 +181,7 @@ if [ $? = 0 ]; then >- fi >- fi >- >--cp -pr ../etc/rules/* ${DIR}/rules/ >-+cp -pr ../etc/rules/*.xml ${DIR}/rules/ >- find ${DIR}/rules/ -type f -exec chmod 440 {} \; >- >- # If the local_rules is saved, moved it back >-@@ -207,37 +190,33 @@ if [ $? = 0 ]; then >- mv ${DIR}/rules/saved_local_rules.xml.$$ ${DIR}/rules/local_rules.xml >- fi >- >--chown -R root:${GROUP} ${DIR}/rules >--chmod -R 550 ${DIR}/rules >-+chmod -R 750 ${DIR}/rules >- >- >- # For the etc dir >--chmod 550 ${DIR}/etc >--chown -R root:${GROUP} ${DIR}/etc >-+chmod 750 ${DIR}/etc >- ls /etc/localtime > /dev/null 2>&1 >- if [ $? = 0 ]; then >- cp -pL /etc/localtime ${DIR}/etc/; >- chmod 440 ${DIR}/etc/localtime >-- chown root:${GROUP} ${DIR}/etc/localtime >- fi >- >- # Solaris Needs some extra files >- if [ "$UNAME" = "SunOS" ]; then >- mkdir -p ${DIR}/usr/share/lib/zoneinfo/ >-- chmod -R 550 ${DIR}/usr/ >-+ chmod -R 750 ${DIR}/usr/ >- cp -pr /usr/share/lib/zoneinfo/* ${DIR}/usr/share/lib/zoneinfo/ >- fi >- >- ls /etc/TIMEZONE > /dev/null 2>&1 >- if [ $? = 0 ]; then >- cp -p /etc/TIMEZONE ${DIR}/etc/; >-- chmod 550 ${DIR}/etc/TIMEZONE >-+ chmod 750 ${DIR}/etc/TIMEZONE >- fi >- >- >- # For the /var/run >- chmod 770 ${DIR}/var/run >--chown root:${GROUP} ${DIR}/var/run >- >- # Moving the binary files >- cp -pr addagent/manage_agents agentlessd/ossec-agentlessd \ >-@@ -260,7 +239,6 @@ cp -pr util/rootcheck_control ${DIR}/bin >- cp -pr external/lua/src/ossec-lua ${DIR}/bin/ >- cp -pr external/lua/src/ossec-luac ${DIR}/bin/ >- cp -pr ../contrib/util.sh ${DIR}/bin/ >--chown root:${GROUP} ${DIR}/bin/util.sh >- chmod +x ${DIR}/bin/util.sh >- >- # Local install chosen >-@@ -290,23 +268,15 @@ fi >- >- cp -pr ../etc/internal_options.conf ${DIR}/etc/ >- cp -pr rootcheck/db/*.txt ${DIR}/etc/shared/ >--chown root:${GROUP} ${DIR}/etc/decoder.xml >--chown root:${GROUP} ${DIR}/etc/local_decoder.xml >/dev/null 2>&1 >--chown root:${GROUP} ${DIR}/etc/internal_options.conf >--chown root:${GROUP} ${DIR}/etc/local_internal_options.conf >/dev/null 2>&1 >--chown root:${GROUP} ${DIR}/etc/client.keys >/dev/null 2>&1 >--chown root:${GROUP} ${DIR}/etc/shared/* >--chown root:${GROUP} ${DIR}/agentless/* >--chown ${USER}:${GROUP} ${DIR}/.ssh >- chmod 440 ${DIR}/etc/decoder.xml >- chmod 440 ${DIR}/etc/local_decoder.xml >/dev/null 2>&1 >- chmod 440 ${DIR}/etc/internal_options.conf >- chmod 440 ${DIR}/etc/local_internal_options.conf >/dev/null 2>&1 >- chmod 440 ${DIR}/etc/client.keys >/dev/null 2>&1 >--chmod 550 ${DIR}/etc >-+chmod 750 ${DIR}/etc >- chmod 770 ${DIR}/etc/shared >- chmod 440 ${DIR}/etc/shared/* >--chmod 550 ${DIR}/agentless/* >-+chmod 750 ${DIR}/agentless/* >- rm ${DIR}/etc/shared/merged.mg >/dev/null 2>&1 >- chmod 700 ${DIR}/.ssh >- >-@@ -316,11 +286,9 @@ sh ./init/fw-check.sh execute > /dev/nul >- cp -p ../active-response/*.sh ${DIR}/active-response/bin/ >- cp -p ../active-response/firewalls/*.sh ${DIR}/active-response/bin/ >- >--chmod 550 ${DIR}/active-response/bin/* >--chown root:${GROUP} ${DIR}/active-response/bin/* >-+chmod 750 ${DIR}/active-response/bin/* >- >--chown root:${GROUP} ${DIR}/bin/* >--chmod 550 ${DIR}/bin/* >-+chmod 750 ${DIR}/bin/* >- >- >- # Moving the config file >-@@ -331,12 +299,11 @@ fi >- >- ls ../etc/ossec.mc > /dev/null 2>&1 >- if [ $? = 0 ]; then >-- cp -pr ../etc/ossec.mc ${DIR}/etc/ossec.conf >-+ cp -pr ../etc/ossec.mc ${DIR}/etc/ossec.conf.sample >- else >-- cp -pr ../etc/ossec-server.conf ${DIR}/etc/ossec.conf >-+ cp -pr ../etc/ossec-server.conf ${DIR}/etc/ossec.conf.sample >- fi >--chown root:${GROUP} ${DIR}/etc/ossec.conf >--chmod 440 ${DIR}/etc/ossec.conf >-+chmod 640 ${DIR}/etc/ossec.conf.sample >- >- >- > >Property changes on: security/ossec-hids-server/files/patch-src__InstallServer.sh >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: security/ossec-hids-server/files/patch-src__LOCATION >=================================================================== >--- security/ossec-hids-server/files/patch-src__LOCATION (revision 483209) >+++ security/ossec-hids-server/files/patch-src__LOCATION (nonexistent) >@@ -1,5 +0,0 @@ >---- src/LOCATION.orig 2015-10-12 21:21:06 UTC >-+++ src/LOCATION >-@@ -1 +1 @@ >--DIR="/var/ossec" >-+DIR="/usr/ports/security/ossec-hids-server/work/stage/usr/local/ossec-hids" > >Property changes on: security/ossec-hids-server/files/patch-src__LOCATION >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: security/ossec-hids-server/files/patch-src__headers__defs.h >=================================================================== >--- security/ossec-hids-server/files/patch-src__headers__defs.h (revision 483209) >+++ security/ossec-hids-server/files/patch-src__headers__defs.h (nonexistent) >@@ -1,11 +0,0 @@ >---- src/headers/defs.h.orig 2015-10-12 21:21:06 UTC >-+++ src/headers/defs.h >-@@ -98,7 +98,7 @@ http://www.ossec.net/main/license/\n" >- #endif >- >- #ifndef DEFAULTDIR >-- #define DEFAULTDIR "/var/ossec" >-+ #define DEFAULTDIR "/usr/local/ossec-hids" >- #endif >- >- > >Property changes on: security/ossec-hids-server/files/patch-src__headers__defs.h >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: security/ossec-hids-server/files/patch-src_os__dbd_mysql.schema >=================================================================== >--- security/ossec-hids-server/files/patch-src_os__dbd_mysql.schema (revision 483209) >+++ security/ossec-hids-server/files/patch-src_os__dbd_mysql.schema (nonexistent) >@@ -1,11 +0,0 @@ >---- src/os_dbd/mysql.schema.orig 2015-10-12 21:21:06 UTC >-+++ src/os_dbd/mysql.schema >-@@ -45,7 +45,7 @@ CREATE TABLE server >- last_contact INT UNSIGNED NOT NULL, >- version VARCHAR(32) NOT NULL, >- hostname VARCHAR(64) NOT NULL UNIQUE, >-- information VARCHAR(128) NOT NULL, >-+ information TEXT NOT NULL, >- PRIMARY KEY (id) >- ); >- > >Property changes on: security/ossec-hids-server/files/patch-src_os__dbd_mysql.schema >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: security/ossec-hids-server/files/patch-src_os__dbd_postgresql.schema >=================================================================== >--- security/ossec-hids-server/files/patch-src_os__dbd_postgresql.schema (revision 483209) >+++ security/ossec-hids-server/files/patch-src_os__dbd_postgresql.schema (nonexistent) >@@ -1,11 +0,0 @@ >---- src/os_dbd/postgresql.schema.orig 2015-10-12 21:21:06 UTC >-+++ src/os_dbd/postgresql.schema >-@@ -47,7 +47,7 @@ CREATE TABLE server >- last_contact INT8 NOT NULL, >- version VARCHAR(32) NOT NULL, >- hostname VARCHAR(64) NOT NULL UNIQUE, >-- information VARCHAR(128) NOT NULL, >-+ information TEXT NOT NULL, >- PRIMARY KEY (id) >- ); >- > >Property changes on: security/ossec-hids-server/files/patch-src_os__dbd_postgresql.schema >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: security/ossec-hids-server/files/pkg-message.in >=================================================================== >--- security/ossec-hids-server/files/pkg-message.in (revision 483209) >+++ security/ossec-hids-server/files/pkg-message.in (nonexistent) >@@ -1,21 +0,0 @@ >-After installation, you need to edit the ossec.conf file to reflect >-the correct settings for your environment. All the files related >-to %%PORTNAME%% have been installed in %%PREFIX%%/%%PORTNAME%% and >-its subdirectories. >- >-For information on proper configuration, see http://www.ossec.net/. >- >-To enable the startup script, add ossechids_enable="YES" to >-/etc/rc.conf. To enable database output, execute: >- >-%%PREFIX%%/%%PORTNAME%%/bin/ossec-control enable database >- >-Then check this documentation: >- >-http://www.ossec.net/doc/manual/output/database-output.html >- >-When you deinstall this port after starting the daemons once, many >-directories that are created by the daemons will remain. To fully >-remove the port you need to delete those directories manually. To >-further enhance the security on your system, you may also enable >-some checks in PAM for a fast reaction against intrusions. > >Property changes on: security/ossec-hids-server/files/pkg-message.in >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: security/ossec-hids-server/pkg-descr >=================================================================== >--- security/ossec-hids-server/pkg-descr (revision 483209) >+++ security/ossec-hids-server/pkg-descr (nonexistent) >@@ -1,6 +0,0 @@ >-OSSEC is an Open Source Host-based Intrusion Detection System. >-It performs log analysis, integrity checking, Windows registry >-monitoring, rootkit detection, time-based alerting and active >-response. >- >-WWW: http://www.ossec.net/ > >Property changes on: security/ossec-hids-server/pkg-descr >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: security/ossec-hids-server/pkg-plist >=================================================================== >--- security/ossec-hids-server/pkg-plist (revision 483209) >+++ security/ossec-hids-server/pkg-plist (nonexistent) >@@ -1,168 +0,0 @@ >-%%PORTNAME%%/active-response/bin/disable-account.sh >-%%PORTNAME%%/active-response/bin/firewall-drop.sh >-%%PORTNAME%%/active-response/bin/host-deny.sh >-%%PORTNAME%%/active-response/bin/ip-customblock.sh >-%%PORTNAME%%/active-response/bin/ipfw_mac.sh >-%%PORTNAME%%/active-response/bin/ipfw.sh >-%%PORTNAME%%/active-response/bin/ossec-tweeter.sh >-%%PORTNAME%%/active-response/bin/pf.sh >-%%PORTNAME%%/active-response/bin/restart-ossec.sh >-%%PORTNAME%%/active-response/bin/route-null.sh >-%%PORTNAME%%/bin/agent_control >-%%PORTNAME%%/bin/clear_stats >-%%PORTNAME%%/bin/list_agents >-%%PORTNAME%%/bin/manage_agents >-%%PORTNAME%%/bin/ossec-agentlessd >-%%PORTNAME%%/bin/ossec-analysisd >-%%PORTNAME%%/bin/ossec-authd >-%%PORTNAME%%/bin/ossec-control >-%%PORTNAME%%/bin/ossec-csyslogd >-%%PORTNAME%%/bin/ossec-dbd >-%%PORTNAME%%/bin/ossec-execd >-%%PORTNAME%%/bin/ossec-logcollector >-%%PORTNAME%%/bin/ossec-logtest >-%%PORTNAME%%/bin/ossec-lua >-%%PORTNAME%%/bin/ossec-luac >-%%PORTNAME%%/bin/ossec-maild >-%%PORTNAME%%/bin/ossec-makelists >-%%PORTNAME%%/bin/ossec-monitord >-%%PORTNAME%%/bin/ossec-regex >-%%PORTNAME%%/bin/ossec-remoted >-%%PORTNAME%%/bin/ossec-reportd >-%%PORTNAME%%/bin/ossec-syscheckd >-%%PORTNAME%%/bin/rootcheck_control >-%%PORTNAME%%/bin/syscheck_control >-%%PORTNAME%%/bin/syscheck_update >-%%PORTNAME%%/bin/util.sh >-%%PORTNAME%%/bin/verify-agent-conf >-@group ossec >-%%PORTNAME%%/etc/decoder.xml >-%%PORTNAME%%/etc/internal_options.conf >-@sample %%PORTNAME%%/etc/ossec.conf.sample >-%%PORTNAME%%/etc/shared/rootkit_files.txt >-%%PORTNAME%%/etc/shared/rootkit_trojans.txt >-%%PORTNAME%%/etc/shared/system_audit_rcl.txt >-%%PORTNAME%%/etc/shared/win_applications_rcl.txt >-%%PORTNAME%%/etc/shared/win_audit_rcl.txt >-%%PORTNAME%%/etc/shared/win_malware_rcl.txt >-%%PORTNAME%%/etc/shared/cis_debian_linux_rcl.txt >-%%PORTNAME%%/etc/shared/cis_rhel_linux_rcl.txt >-%%PORTNAME%%/etc/shared/cis_rhel5_linux_rcl.txt >-@owner >-@group >-@mode >-%%PORTNAME%%/rules/apache_rules.xml >-%%PORTNAME%%/rules/arpwatch_rules.xml >-%%PORTNAME%%/rules/asterisk_rules.xml >-%%PORTNAME%%/rules/attack_rules.xml >-%%PORTNAME%%/rules/cimserver_rules.xml >-%%PORTNAME%%/rules/cisco-ios_rules.xml >-%%PORTNAME%%/rules/clam_av_rules.xml >-%%PORTNAME%%/rules/courier_rules.xml >-%%PORTNAME%%/rules/dovecot_rules.xml >-%%PORTNAME%%/rules/dropbear_rules.xml >-%%PORTNAME%%/rules/firewall_rules.xml >-%%PORTNAME%%/rules/ftpd_rules.xml >-%%PORTNAME%%/rules/hordeimp_rules.xml >-%%PORTNAME%%/rules/ids_rules.xml >-%%PORTNAME%%/rules/imapd_rules.xml >-%%PORTNAME%%/rules/local_rules.xml >-%%PORTNAME%%/rules/mailscanner_rules.xml >-%%PORTNAME%%/rules/mcafee_av_rules.xml >-%%PORTNAME%%/rules/ms-exchange_rules.xml >-%%PORTNAME%%/rules/ms-se_rules.xml >-%%PORTNAME%%/rules/ms_dhcp_rules.xml >-%%PORTNAME%%/rules/ms_ftpd_rules.xml >-%%PORTNAME%%/rules/msauth_rules.xml >-%%PORTNAME%%/rules/mysql_rules.xml >-%%PORTNAME%%/rules/named_rules.xml >-%%PORTNAME%%/rules/netscreenfw_rules.xml >-%%PORTNAME%%/rules/nginx_rules.xml >-%%PORTNAME%%/rules/openbsd_rules.xml >-%%PORTNAME%%/rules/ossec_rules.xml >-%%PORTNAME%%/rules/pam_rules.xml >-%%PORTNAME%%/rules/php_rules.xml >-%%PORTNAME%%/rules/pix_rules.xml >-%%PORTNAME%%/rules/policy_rules.xml >-%%PORTNAME%%/rules/postfix_rules.xml >-%%PORTNAME%%/rules/postgresql_rules.xml >-%%PORTNAME%%/rules/proftpd_rules.xml >-%%PORTNAME%%/rules/pure-ftpd_rules.xml >-%%PORTNAME%%/rules/racoon_rules.xml >-%%PORTNAME%%/rules/roundcube_rules.xml >-%%PORTNAME%%/rules/rules_config.xml >-%%PORTNAME%%/rules/sendmail_rules.xml >-%%PORTNAME%%/rules/smbd_rules.xml >-%%PORTNAME%%/rules/solaris_bsm_rules.xml >-%%PORTNAME%%/rules/sonicwall_rules.xml >-%%PORTNAME%%/rules/spamd_rules.xml >-%%PORTNAME%%/rules/squid_rules.xml >-%%PORTNAME%%/rules/sshd_rules.xml >-%%PORTNAME%%/rules/symantec-av_rules.xml >-%%PORTNAME%%/rules/symantec-ws_rules.xml >-%%PORTNAME%%/rules/syslog_rules.xml >-%%PORTNAME%%/rules/telnetd_rules.xml >-%%PORTNAME%%/rules/trend-osce_rules.xml >-%%PORTNAME%%/rules/vmpop3d_rules.xml >-%%PORTNAME%%/rules/vmware_rules.xml >-%%PORTNAME%%/rules/vpn_concentrator_rules.xml >-%%PORTNAME%%/rules/vpopmail_rules.xml >-%%PORTNAME%%/rules/vsftpd_rules.xml >-%%PORTNAME%%/rules/web_appsec_rules.xml >-%%PORTNAME%%/rules/web_rules.xml >-%%PORTNAME%%/rules/wordpress_rules.xml >-%%PORTNAME%%/rules/zeus_rules.xml >-@owner root >-@group ossec >-%%PORTNAME%%/agentless/main.exp >-%%PORTNAME%%/agentless/register_host.sh >-%%PORTNAME%%/agentless/ssh.exp >-%%PORTNAME%%/agentless/ssh_asa-fwsmconfig_diff >-%%PORTNAME%%/agentless/ssh_foundry_diff >-%%PORTNAME%%/agentless/ssh_generic_diff >-%%PORTNAME%%/agentless/ssh_integrity_check_bsd >-%%PORTNAME%%/agentless/ssh_integrity_check_linux >-%%PORTNAME%%/agentless/ssh_nopass.exp >-%%PORTNAME%%/agentless/ssh_pixconfig_diff >-%%PORTNAME%%/agentless/sshlogin.exp >-%%PORTNAME%%/agentless/su.exp >-@(ossec,,) %%PORTNAME%%/logs/active-responses.log >-@(ossec,,) %%PORTNAME%%/logs/ossec.log >-@mode 550 >-@dir %%PORTNAME%%/.ssh >-@dir %%PORTNAME%%/active-response/bin >-@dir %%PORTNAME%%/active-response >-@dir %%PORTNAME%%/agentless >-@dir %%PORTNAME%%/bin >-@dir %%PORTNAME%%/etc/shared >-@dir %%PORTNAME%%/etc >-@dir %%PORTNAME%%/queue/rootcheck >-@dir %%PORTNAME%%/rules >-@dir %%PORTNAME%%/tmp >-@mode 770 >-@dir %%PORTNAME%%/var/run >-@mode 550 >-@dir %%PORTNAME%%/var >-@owner ossec >-@mode 770 >-@dir %%PORTNAME%%/queue/alerts >-@dir %%PORTNAME%%/queue/ossec >-@mode 750 >-@dir %%PORTNAME%%/queue/fts >-@dir %%PORTNAME%%/queue/syscheck >-@dir %%PORTNAME%%/queue/diff >-@dir %%PORTNAME%%/queue/agentless >-@dir %%PORTNAME%%/stats >-@dir %%PORTNAME%%/logs/alerts >-@dir %%PORTNAME%%/logs/archives >-@dir %%PORTNAME%%/logs/firewall >-@dir %%PORTNAME%%/logs >-@owner ossecr >-@dir %%PORTNAME%%/queue/agent-info >-@dir %%PORTNAME%%/queue/rids >-@owner ossec >-@mode 550 >-@dir %%PORTNAME%%/queue >-@owner root >-@mode 550 >-@dir %%PORTNAME%% > >Property changes on: security/ossec-hids-server/pkg-plist >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: security/ossec-hids-server-config/Makefile >=================================================================== >--- security/ossec-hids-server-config/Makefile (nonexistent) >+++ security/ossec-hids-server-config/Makefile (working copy) >@@ -0,0 +1,7 @@ >+# $FreeBSD$ >+ >+OSSEC_TYPE= server >+ >+MASTERDIR= ${.CURDIR}/../ossec-hids-local-config >+ >+.include "${MASTERDIR}/Makefile" > >Property changes on: security/ossec-hids-server-config/Makefile >___________________________________________________________________ >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:keywords >## -0,0 +1 ## >+FreeBSD=%H >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=198749">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 232794
:
198749
|
198750
|
198751
|
198752
|
198944