Attachment #217154 for bug #247140




# $FreeBSD$

PORTNAME=	honeytrap
DISTVERSION=	g20200625
CATEGORIES=	security

MAINTAINER=	ezri.mudde@dutchsec.com
COMMENT=	Framework for running, monitoring and managing honeypots

LICENSE=	ART20

USES=		go:modules
GO_BUILDFLAGS=	-ldflags '-X github.com/honeytrap/honeytrap/cmd.Version=2020-07-22T08:34:55 -X github.com/honeytrap/honeytrap/cmd.ReleaseTag=DEVELOPMENT.2020-07-22T08-34-55Z -X github.com/honeytrap/honeytrap/cmd.CommitID=33bbb2db3a3140b0ce4fbda14747bc954e0bcadd -X github.com/honeytrap/honeytrap/cmd.ShortCommitID=33bbb2db3a31 -extldflags "static"'
USE_GITHUB=	yes
GH_TAGNAME=	33bbb2d
GH_TUPLE=	AndreasBriese:bbloom:28f7e881ca57:andreasbriese_bbloom/vendor/github.com/AndreasBriese/bbloom \
		AndreasBriese:bbloom:28f7e881ca57:andreasbriese_bbloom/vendor/github.com/AndreasBriese/bbloom \
		BurntSushi:toml:v0.3.0:burntsushi_toml/vendor/github.com/BurntSushi/toml \
		Logicalis:asn1:c9c836c1a3cd:logicalis_asn1/vendor/github.com/Logicalis/asn1 \
		Shopify:sarama:v1.16.0:shopify_sarama/vendor/github.com/Shopify/sarama \

		yuin:gopher-lua:8bfc7677f583:yuin_gopher_lua/vendor/github.com/yuin/gopher-lua \
		google:gvisor:3eb302470365:google_gvisor/vendor/gvisor.dev/gvisor

HONEYTRAP_USER?=	honeytrap
HONEYTRAP_GROUP?=	honeytrap
HONEYTRAP_DBDIR?=	/var/db/${PORTNAME}

USERS=		${HONEYTRAP_USER}
GROUPS=		${HONEYTRAP_GROUP}
USE_RC_SUBR=	honeytrap
PLIST_FILES=	"@sample(honeytrap,honeytrap,0600) ${ETCDIR}/honeytrap.toml.sample" \
		bin/honeytrap
		"@dir(honeytrap,honeytrap,4744) /var/log/honeytrap" \
		"@dir(honeytrap,honeytrap,4744) libdata/honeytrap"

SUB_LIST=	GROUP=${HONEYTRAP_GROUP} \
		HONEYTRAP_DBDIR=${HONEYTRAP_DBDIR} \
		USER=${HONEYTRAP_USER}

do-install:
	${MKDIR} ${STAGEDIR}${PREFIX}/bin
	${INSTALL_PROGRAM} ${WRKDIR}/bin/honeytrap ${STAGEDIR}${PREFIX}/bin/honeytrap
	${MKDIR} ${STAGEDIR}${PREFIX}/etc/rc.d ${STAGEDIR}${ETCDIR}
	${INSTALL_DATA} ${FILESDIR}/honeytrap.toml ${STAGEDIR}${ETCDIR}/honeytrap.toml.sample

post-install:
	${MKDIR} ${STAGEDIR}${PREFIX}/libdata/honeytrap
	${MKDIR} ${STAGEDIR}/var/log/honeytrap

.include <bsd.port.mk>

Lines 1-6 Link Here

(-)distinfo (-3 / +3 lines)
1	TIMESTAMP = 1587390791	1	TIMESTAMP = 1595352531
2	SHA256 (honeytrap-honeytrap-g20200415-d8d94c8f_GH0.tar.gz) = f565e52e8f4bbebc3765bd2ead68b7ab141da4ef00073749ae55268290f5d13a	2	SHA256 (honeytrap-honeytrap-g20200625-33bbb2d_GH0.tar.gz) = a6390179c0ba3282d7523f3633d4a15852f39081fd666f4ac3a4c37f95fef4c4
3	SIZE (honeytrap-honeytrap-g20200415-d8d94c8f_GH0.tar.gz) = 379014	3	SIZE (honeytrap-honeytrap-g20200625-33bbb2d_GH0.tar.gz) = 379053
4	SHA256 (AndreasBriese-bbloom-28f7e881ca57_GH0.tar.gz) = c87bf25d12aa9ef597c6a465dd2959d6d7e06d8341030d6d75c8a81ccc388ccd	4	SHA256 (AndreasBriese-bbloom-28f7e881ca57_GH0.tar.gz) = c87bf25d12aa9ef597c6a465dd2959d6d7e06d8341030d6d75c8a81ccc388ccd
5	SIZE (AndreasBriese-bbloom-28f7e881ca57_GH0.tar.gz) = 7141	5	SIZE (AndreasBriese-bbloom-28f7e881ca57_GH0.tar.gz) = 7141
6	SHA256 (BurntSushi-toml-v0.3.0_GH0.tar.gz) = 2c49390424cfb043f803977bce80b1504495bada54f9e845ff8b30a05fab9a36	6	SHA256 (BurntSushi-toml-v0.3.0_GH0.tar.gz) = 2c49390424cfb043f803977bce80b1504495bada54f9e845ff8b30a05fab9a36




[listener]
type="socket"

[service.ssh-simulator]
type="ssh-simulator"
credentials=["root:root", "root:password"]

[[port]]
ports=["tcp/8022"]
services=["ssh-simulator"]

[channel.console]
type="console"

[[filter]]
channel=["console"]

[[logging]]
output="/var/log/honeytrap/logging.log"
level="debug"




# $FreeBSD$
#
# PROVIDE: honeytrap
# REQUIRE: NETWORKING SERVERS DAEMON
# KEYWORD: shutdown

# Add honeytrap_enable="YES" to /etc/rc.conf to enable Honeytrap

# Additional variables you can define are:

# honeytrap_config (path):                Config file path.
#                                         Set to %%ETCDIR%%/honeytrap.toml by default.
# honeytrap_datadir (dir):                Set dir to store honeytrap data in.
#                                         Default is "%%HONEYTRAP_DBDIR%%"
# honeytrap_logdir (dir):                 Set dir to store honeytrap logs in.
#                                         Default is "/var/log/honeytrap"
# honeytrap_user (string):                Set user to run honeytrap.
#                                         Default is "%%USER%%".
# honeytrap_group (string):               Set group to run honeytrap.
#                                         Default is "%%GROUP%%".
# honeytrap_pidfile (string):             Set full path to pid file
#                                         Default is "/var/run/honeytrap.pid"
# honeytrap_syslog_output_enable (bool):  Set to YES to enable syslog output
#                                         Default is "NO". See daemon(8).
# honeytrap_syslog_output_tag (str):      Set syslog tag if syslog enabled.
#                                         Default is "honeytrap". See daemon(8).
# honeytrap_syslog_output_priority (str): Set syslog priority if syslog enabled.
#                                         Default is "info". See daemon(8).
# honeytrap_syslog_output_facility (str): Set syslog facility if syslog enabled.
#                                         Default is "daemon". See daemon(8).
#
# Add these lines to /etc/rc.conf.local or /etc/rc.conf
# to enable this service:
#
# honeytrap_enable (bool):	Set to NO by default.
#				Set it to YES to enable honeytrap.
# honeytrap_datadir (path):	Set to %%PREFIX%%/libdata/honeytrap
#				by default.
# honeytrap_config (path):	Set to %%PREFIX%%/etc/honeytrap.toml
#				by default.

. /etc/rc.subr


load_rc_config $name

: ${honeytrap_enable:="NO"}
: ${honeytrap_config="%%ETCDIR%%/honeytrap.toml"}
: ${honeytrap_datadir:="%%HONEYTRAP_DBDIR%%"}
: ${honeytrap_logdir:="/var/log/honeytrap"}
: ${honeytrap_user:="%%USER%%"}
: ${honeytrap_group:="%%GROUP%%"}
: ${honeytrap_pidfile:="/var/run/${name}.pid"}
: ${honeytrap_syslog_output_enable:="NO"}

pidfile=${honeytrap_pidfile}
procname="%%PREFIX%%/bin/honeytrap"
command="/usr/sbin/daemon"
command_args="-f -t ${name} ${honeytrap_syslog_output_flags} -p ${pidfile} /usr/bin/env ${honeytrap_env} ${procname} --data ${honeytrap_datadir} --config ${honeytrap_config} ${honeytrap_flags}"

start_precmd="honeytrap_start_precmd"
honeytrap_flags="--data $honeytrap_datadir --config $honeytrap_config"
pidfile=/var/run/${name}.pid

if checkyesno honeytrap_syslog_output_enable; then
    if [ -n "${honeytrap_syslog_output_tag}" ]; then
        honeytrap_syslog_output_flags="-T ${honeytrap_syslog_output_tag}"
    else
        honeytrap_syslog_output_flags="-T ${name}"
    fi
    if [ -n "${honeytrap_syslog_output_priority}" ]; then
        honeytrap_syslog_output_flags="${honeytrap_syslog_output_flags} -s ${honeytrap_syslog_output_priority}"
    fi

    if [ -n "${honeytrap_syslog_output_facility}" ]; then
        honeytrap_syslog_output_flags="${honeytrap_syslog_output_flags} -l ${honeytrap_syslog_output_facility}"
    fi
    command_args="-f -t ${name} ${honeytrap_syslog_output_flags} -p ${pidfile} /usr/bin/env ${honeytrap_env} ${procname} --data ${honeytrap_datadir} --config ${honeytrap_config} ${honeytrap_flags}"
fi

honeytrap_start_precmd()
{
    if [ ! -e ${pidfile} ]; then
        install -o ${honeytrap_user} -g ${honeytrap_group} /dev/null ${pidfile}
    fi

    if [ ! -d ${honeytrap_datadir} ]; then
        install -d -m 0750 -o ${honeytrap_user} -g ${honeytrap_group} ${honeytrap_datadir}
    fi
    if [ ! -d ${honeytrap_logdir} ]; then
        install -d -m 0750 -o ${honeytrap_user} -g ${honeytrap_group} ${honeytrap_logdir}
    fi
}
 
run_rc_command "$@"




[listener]
type="socket"

[service.ssh-simulator]
type="ssh-simulator"
credentials=["root:root", "root:password"]

[[port]]
ports=["tcp/8022"]
services=["ssh-simulator"]

[channel.console]
type="console"

[[filter]]
channel=["console"]

[[logging]]
output="/var/log/honeytrap/logging.log"
level="debug"




--- cmd/constants.go.orig	2020-08-11 10:18:40 UTC
+++ cmd/constants.go
@@ -19,15 +19,12 @@ var (
 	// GOPATH - GOPATH value at the time of build.
 	GOPATH = ""
 
-	// Go get development tag.
-	goGetTag = "DEVELOPMENT.GOGET"
-
 	// Version - version time.RFC3339.
-	Version = goGetTag
+	Version = ""
 	// ReleaseTag - release tag in TAG.%Y-%m-%dT%H-%M-%SZ.
-	ReleaseTag = goGetTag
+	ReleaseTag = ""
 	// CommitID - latest commit id.
-	CommitID = goGetTag
+	CommitID = ""
 	// ShortCommitID - first 12 characters from CommitID.
 	ShortCommitID = CommitID[:12]
 )

Return to bug 247140

Lines 1-19 Link Here

(-)Makefile (-18 / +20 lines)
1	# $FreeBSD$	1	# $FreeBSD$
2		2
3	PORTNAME= honeytrap	3	PORTNAME= honeytrap
4	DISTVERSION= g20200415	4	DISTVERSION= g20200625
5	CATEGORIES= security	5	CATEGORIES= security
6		6
7	MAINTAINER= remco.verhoef@dutchsec.com	7	MAINTAINER= ezri.mudde@dutchsec.com
8	COMMENT= HoneyTrap Freebsd port	8	COMMENT= Framework for running, monitoring and managing honeypots
9		9
10	LICENSE= ART20	10	LICENSE= ART20
11		11
12	USES= go:modules	12	USES= go:modules
		13	GO_BUILDFLAGS= -ldflags '-X github.com/honeytrap/honeytrap/cmd.Version=2020-07-22T08:34:55 -X github.com/honeytrap/honeytrap/cmd.ReleaseTag=DEVELOPMENT.2020-07-22T08-34-55Z -X github.com/honeytrap/honeytrap/cmd.CommitID=33bbb2db3a3140b0ce4fbda14747bc954e0bcadd -X github.com/honeytrap/honeytrap/cmd.ShortCommitID=33bbb2db3a31 -extldflags "static"'
13	USE_GITHUB= yes	14	USE_GITHUB= yes
14	GH_TAGNAME= d8d94c8f	15	GH_TAGNAME= 33bbb2d
15	GH_TUPLE= \	16	GH_TUPLE= AndreasBriese:bbloom:28f7e881ca57:andreasbriese_bbloom/vendor/github.com/AndreasBriese/bbloom \
16	AndreasBriese:bbloom:28f7e881ca57:andreasbriese_bbloom/vendor/github.com/AndreasBriese/bbloom \
17	BurntSushi:toml:v0.3.0:burntsushi_toml/vendor/github.com/BurntSushi/toml \	17	BurntSushi:toml:v0.3.0:burntsushi_toml/vendor/github.com/BurntSushi/toml \
18	Logicalis:asn1:c9c836c1a3cd:logicalis_asn1/vendor/github.com/Logicalis/asn1 \	18	Logicalis:asn1:c9c836c1a3cd:logicalis_asn1/vendor/github.com/Logicalis/asn1 \
19	Shopify:sarama:v1.16.0:shopify_sarama/vendor/github.com/Shopify/sarama \	19	Shopify:sarama:v1.16.0:shopify_sarama/vendor/github.com/Shopify/sarama \
Lines 70-91 Link Here
70	yuin:gopher-lua:8bfc7677f583:yuin_gopher_lua/vendor/github.com/yuin/gopher-lua \	70	yuin:gopher-lua:8bfc7677f583:yuin_gopher_lua/vendor/github.com/yuin/gopher-lua \
71	google:gvisor:3eb302470365:google_gvisor/vendor/gvisor.dev/gvisor	71	google:gvisor:3eb302470365:google_gvisor/vendor/gvisor.dev/gvisor
72		72
73	USERS= honeytrap	73	HONEYTRAP_USER?= honeytrap
74	GROUPS= honeytrap	74	HONEYTRAP_GROUP?= honeytrap
		75	HONEYTRAP_DBDIR?= /var/db/${PORTNAME}
		76
		77	USERS= ${HONEYTRAP_USER}
		78	GROUPS= ${HONEYTRAP_GROUP}
75	USE_RC_SUBR= honeytrap	79	USE_RC_SUBR= honeytrap
76	PLIST_FILES= bin/honeytrap \	80	PLIST_FILES= "@sample(honeytrap,honeytrap,0600) ${ETCDIR}/honeytrap.toml.sample" \
77	etc/honeytrap.toml \	81	bin/honeytrap
78	"@dir(honeytrap,honeytrap,4744) /var/log/honeytrap" \
79	"@dir(honeytrap,honeytrap,4744) libdata/honeytrap"
80		82
		83	SUB_LIST= GROUP=${HONEYTRAP_GROUP} \
		84	HONEYTRAP_DBDIR=${HONEYTRAP_DBDIR} \
		85	USER=${HONEYTRAP_USER}
		86
81	do-install:	87	do-install:
82	${MKDIR} ${STAGEDIR}${PREFIX}/bin	88	${MKDIR} ${STAGEDIR}${PREFIX}/bin
83	${INSTALL_PROGRAM} ${WRKDIR}/bin/honeytrap ${STAGEDIR}${PREFIX}/bin/honeytrap	89	${INSTALL_PROGRAM} ${WRKDIR}/bin/honeytrap ${STAGEDIR}${PREFIX}/bin/honeytrap
84	${MKDIR} ${STAGEDIR}${PREFIX}/etc/rc.d	90	${MKDIR} ${STAGEDIR}${PREFIX}/etc/rc.d ${STAGEDIR}${ETCDIR}
85	${INSTALL_DATA} ${FILESDIR}/etc/honeytrap.toml ${STAGEDIR}${PREFIX}/etc	91	${INSTALL_DATA} ${FILESDIR}/honeytrap.toml ${STAGEDIR}${ETCDIR}/honeytrap.toml.sample
86		92
87	post-install:
88	${MKDIR} ${STAGEDIR}${PREFIX}/libdata/honeytrap
89	${MKDIR} ${STAGEDIR}/var/log/honeytrap
90
91	.include <bsd.port.mk>	93	.include <bsd.port.mk>

Lines 1-20 Link Here

(-)files/etc/honeytrap.toml (-20 lines)
1	[listener]
2	type="socket"
3
4	[service.ssh-simulator]
5	type="ssh-simulator"
6	credentials=["root:root", "root:password"]
7
8	[[port]]
9	ports=["tcp/8022"]
10	services=["ssh-simulator"]
11
12	[channel.console]
13	type="console"
14
15	[[filter]]
16	channel=["console"]
17
18	[[logging]]
19	output="/var/log/honeytrap/logging.log"
20	level="debug"

Lines 3-20 Link Here

(-)files/honeytrap.in (-19 / +66 lines)
3	# $FreeBSD$	3	# $FreeBSD$
4	#	4	#
5	# PROVIDE: honeytrap	5	# PROVIDE: honeytrap
6	# REQUIRE: LOGIN	6	# REQUIRE: NETWORKING SERVERS DAEMON
7	# KEYWORD: shutdown	7	# KEYWORD: shutdown
		8
		9	# Add honeytrap_enable="YES" to /etc/rc.conf to enable Honeytrap
		10
		11	# Additional variables you can define are:
		12
		13	# honeytrap_config (path): Config file path.
		14	# Set to %%ETCDIR%%/honeytrap.toml by default.
		15	# honeytrap_datadir (dir): Set dir to store honeytrap data in.
		16	# Default is "%%HONEYTRAP_DBDIR%%"
		17	# honeytrap_logdir (dir): Set dir to store honeytrap logs in.
		18	# Default is "/var/log/honeytrap"
		19	# honeytrap_user (string): Set user to run honeytrap.
		20	# Default is "%%USER%%".
		21	# honeytrap_group (string): Set group to run honeytrap.
		22	# Default is "%%GROUP%%".
		23	# honeytrap_pidfile (string): Set full path to pid file
		24	# Default is "/var/run/honeytrap.pid"
		25	# honeytrap_syslog_output_enable (bool): Set to YES to enable syslog output
		26	# Default is "NO". See daemon(8).
		27	# honeytrap_syslog_output_tag (str): Set syslog tag if syslog enabled.
		28	# Default is "honeytrap". See daemon(8).
		29	# honeytrap_syslog_output_priority (str): Set syslog priority if syslog enabled.
		30	# Default is "info". See daemon(8).
		31	# honeytrap_syslog_output_facility (str): Set syslog facility if syslog enabled.
		32	# Default is "daemon". See daemon(8).
8	#	33	#
9	# Add these lines to /etc/rc.conf.local or /etc/rc.conf
10	# to enable this service:
11	#
12	# honeytrap_enable (bool): Set to NO by default.
13	# Set it to YES to enable honeytrap.
14	# honeytrap_datadir (path): Set to %%PREFIX%%/libdata/honeytrap
15	# by default.
16	# honeytrap_config (path): Set to %%PREFIX%%/etc/honeytrap.toml
17	# by default.
18		34
19	. /etc/rc.subr	35	. /etc/rc.subr
20		36
Lines 24-41 Link Here
24	load_rc_config $name	40	load_rc_config $name
25		41
26	: ${honeytrap_enable:="NO"}	42	: ${honeytrap_enable:="NO"}
27	: ${honeytrap_datadir="%%PREFIX%%/libdata/honeytrap"}	43	: ${honeytrap_config="%%ETCDIR%%/honeytrap.toml"}
28	: ${honeytrap_config="%%PREFIX%%/etc/honeytrap.toml"}	44	: ${honeytrap_datadir:="%%HONEYTRAP_DBDIR%%"}
		45	: ${honeytrap_logdir:="/var/log/honeytrap"}
		46	: ${honeytrap_user:="%%USER%%"}
		47	: ${honeytrap_group:="%%GROUP%%"}
		48	: ${honeytrap_pidfile:="/var/run/${name}.pid"}
		49	: ${honeytrap_syslog_output_enable:="NO"}
29		50
30	start_cmd="${name}_start"	51	pidfile=${honeytrap_pidfile}
		52	procname="%%PREFIX%%/bin/honeytrap"
		53	command="/usr/sbin/daemon"
		54	command_args="-f -t ${name} ${honeytrap_syslog_output_flags} -p ${pidfile} /usr/bin/env ${honeytrap_env} ${procname} --data ${honeytrap_datadir} --config ${honeytrap_config} ${honeytrap_flags}"
31		55
32	honeytrap_program="%%PREFIX%%/bin/honeytrap"	56	start_precmd="honeytrap_start_precmd"
33	honeytrap_flags="--data $honeytrap_datadir --config $honeytrap_config"
34	pidfile=/var/run/${name}.pid
35		57
36	honeytrap_start()	58	if checkyesno honeytrap_syslog_output_enable; then
		59	if [ -n "${honeytrap_syslog_output_tag}" ]; then
		60	honeytrap_syslog_output_flags="-T ${honeytrap_syslog_output_tag}"
		61	else
		62	honeytrap_syslog_output_flags="-T ${name}"
		63	fi
		64	if [ -n "${honeytrap_syslog_output_priority}" ]; then
		65	honeytrap_syslog_output_flags="${honeytrap_syslog_output_flags} -s ${honeytrap_syslog_output_priority}"
		66	fi
		67
		68	if [ -n "${honeytrap_syslog_output_facility}" ]; then
		69	honeytrap_syslog_output_flags="${honeytrap_syslog_output_flags} -l ${honeytrap_syslog_output_facility}"
		70	fi
		71	command_args="-f -t ${name} ${honeytrap_syslog_output_flags} -p ${pidfile} /usr/bin/env ${honeytrap_env} ${procname} --data ${honeytrap_datadir} --config ${honeytrap_config} ${honeytrap_flags}"
		72	fi
		73
		74	honeytrap_start_precmd()
37	{	75	{
38	daemon -o /var/log/honeytrap/service.log -p $pidfile -u $name $honeytrap_program $honeytrap_flags	76	if [ ! -e ${pidfile} ]; then
		77	install -o ${honeytrap_user} -g ${honeytrap_group} /dev/null ${pidfile}
		78	fi
		79
		80	if [ ! -d ${honeytrap_datadir} ]; then
		81	install -d -m 0750 -o ${honeytrap_user} -g ${honeytrap_group} ${honeytrap_datadir}
		82	fi
		83	if [ ! -d ${honeytrap_logdir} ]; then
		84	install -d -m 0750 -o ${honeytrap_user} -g ${honeytrap_group} ${honeytrap_logdir}
		85	fi
39	}	86	}
40		87
41	run_rc_command "$@"	88	run_rc_command "$@"

Line 0 Link Here

(-)files/honeytrap.toml (+20 lines)
	1	[listener]
	2	type="socket"
	3
	4	[service.ssh-simulator]
	5	type="ssh-simulator"
	6	credentials=["root:root", "root:password"]
	7
	8	[[port]]
	9	ports=["tcp/8022"]
	10	services=["ssh-simulator"]
	11
	12	[channel.console]
	13	type="console"
	14
	15	[[filter]]
	16	channel=["console"]
	17
	18	[[logging]]
	19	output="/var/log/honeytrap/logging.log"
	20	level="debug"

Line 0 Link Here

(-)files/patch-cmd_constants.go (+21 lines)
	1	--- cmd/constants.go.orig 2020-08-11 10:18:40 UTC
	2	+++ cmd/constants.go
	3	@@ -19,15 +19,12 @@ var (
	4	// GOPATH - GOPATH value at the time of build.
	5	GOPATH = ""
	6
	7	- // Go get development tag.
	8	- goGetTag = "DEVELOPMENT.GOGET"
	9	-
	10	// Version - version time.RFC3339.
	11	- Version = goGetTag
	12	+ Version = ""
	13	// ReleaseTag - release tag in TAG.%Y-%m-%dT%H-%M-%SZ.
	14	- ReleaseTag = goGetTag
	15	+ ReleaseTag = ""
	16	// CommitID - latest commit id.
	17	- CommitID = goGetTag
	18	+ CommitID = ""
	19	// ShortCommitID - first 12 characters from CommitID.
	20	ShortCommitID = CommitID[:12]
	21	)