FreeBSD Bugzilla – Attachment 71580 Details for
Bug 104227
new port: security/sguil-server
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
sguild.shar
sguild.shar (text/plain), 15.60 KB, created by
pauls
on 2006-10-09 22:40:17 UTC
(
hide
)
Description:
sguild.shar
Filename:
MIME Type:
Creator:
pauls
Created:
2006-10-09 22:40:17 UTC
Size:
15.60 KB
patch
obsolete
># This is a shell archive. Save it in a file, remove anything before ># this line, and then unpack it by entering "sh file". Note, it may ># create directories; files and directories will be owned by you and ># have default permissions. ># ># This archive contains: ># ># . ># ./pkg-plist ># ./files ># ./files/patch-sguild ># ./files/patch-sguild.access ># ./files/patch-sguild.conf ># ./files/sguild.sh.in ># ./files/pkg-message.in ># ./Makefile ># ./pkg-descr ># ./distinfo ># >echo c - . >mkdir -p . > /dev/null 2>&1 >echo x - ./pkg-plist >sed 's/^X//' >./pkg-plist << 'END-of-./pkg-plist' >Xbin/archive_sguildb.tcl >Xbin/incident_report.tcl >Xbin/sguild >Xetc/%%SGUILDIR%%/autocat.conf-sample >Xetc/%%SGUILDIR%%/sguild.access-sample >Xetc/%%SGUILDIR%%/sguild.conf-sample >Xetc/%%SGUILDIR%%/sguild.email-sample >Xetc/%%SGUILDIR%%/sguild.queries-sample >Xetc/%%SGUILDIR%%/sguild.reports-sample >Xetc/%%SGUILDIR%%/sguild.users-sample >Xlib/%%SGUILDIR%%/SguildAccess.tcl >Xlib/%%SGUILDIR%%/SguildAutoCat.tcl >Xlib/%%SGUILDIR%%/SguildClientCmdRcvd.tcl >Xlib/%%SGUILDIR%%/SguildConnect.tcl >Xlib/%%SGUILDIR%%/SguildCreateDB.tcl >Xlib/%%SGUILDIR%%/SguildEmailEvent.tcl >Xlib/%%SGUILDIR%%/SguildEvent.tcl >Xlib/%%SGUILDIR%%/SguildGenericDB.tcl >Xlib/%%SGUILDIR%%/SguildHealthChecks.tcl >Xlib/%%SGUILDIR%%/SguildLoaderd.tcl >Xlib/%%SGUILDIR%%/SguildMysqlMerge.tcl >Xlib/%%SGUILDIR%%/SguildQueryd.tcl >Xlib/%%SGUILDIR%%/SguildReportBuilder.tcl >Xlib/%%SGUILDIR%%/SguildSendComms.tcl >Xlib/%%SGUILDIR%%/SguildSensorAgentComms.tcl >Xlib/%%SGUILDIR%%/SguildSensorCmdRcvd.tcl >Xlib/%%SGUILDIR%%/SguildTranscript.tcl >Xlib/%%SGUILDIR%%/SguildUtils.tcl >Xshare/%%SGUILDIR%%/create_ruledb.sql >Xshare/%%SGUILDIR%%/create_sguildb.sql >Xshare/%%SGUILDIR%%/migrate_event.tcl >Xshare/%%SGUILDIR%%/migrate_sancp.tcl >Xshare/%%SGUILDIR%%/update_sguildb_v5-v6.sql >Xshare/%%SGUILDIR%%/update_sguildb_v6-v7.sql >Xshare/%%SGUILDIR%%/update_sguildb_v7-v8.sql >Xshare/%%SGUILDIR%%/update_sguildb_v8-v9.sql >Xshare/%%SGUILDIR%%/update_sguildb_v9-v10.sql >Xshare/%%SGUILDIR%%/update_sguildb_v10-v11.sql >X@dirrm share/%%SGUILDIR%% >X@unexec if [ ! -f %D/etc/%%SGUILDIR%%/sguild.conf ] ; then rmdir %D/etc/%%SGUILDIR%%; fi >X@dirrm lib/%%SGUILDIR%% >END-of-./pkg-plist >echo c - ./files >mkdir -p ./files > /dev/null 2>&1 >echo x - ./files/patch-sguild >sed 's/^X//' >./files/patch-sguild << 'END-of-./files/patch-sguild' >X--- sguild.orig Tue Mar 28 04:36:05 2006 >X+++ sguild Tue Mar 28 04:37:10 2006 >X@@ -229,7 +229,7 @@ >X package require tls >X # Check for certs >X if {![info exists CERTS_PATH]} { >X- set CERTS_PATH /etc/sguild/certs >X+ set CERTS_PATH /usr/local/etc/sguil-server/certs >X } >X if {![file exists $CERTS_PATH] || ![file isdirectory $CERTS_PATH]} { >X puts "ERROR: $CERTS_PATH does not exist or is not a directory" >X@@ -251,13 +251,13 @@ >X >X if { ![info exists CONF_FILE] } { >X # No conf file specified check the defaults >X- if { [file exists /etc/sguild/sguild.conf] } { >X- set CONF_FILE /etc/sguild/sguild.conf >X+ if { [file exists /usr/local/etc/sguil-server/sguild.conf] } { >X+ set CONF_FILE /usr/local/etc/sguil-server/sguild.conf >X } elseif { [file exists ./sguild.conf] } { >X set CONF_FILE ./sguild.conf >X } else { >X puts "Couldn't determine where the sguil config file is" >X- puts "Looked for ./sguild.conf and /etc/sguild/sguild.conf." >X+ puts "Looked for ./sguild.conf and /usr/local/etc/sguil-server/sguild.conf." >X DisplayUsage $argv0 >X } >X } >X@@ -338,17 +338,17 @@ >X # Check for a valid USERS file >X if { ![info exists USERS_FILE] } { >X # No users file was specified. Go with the defaults >X- if { [file exists /etc/sguild/sguild.users] } { >X- set USERS_FILE "/etc/sguild/sguild.users" >X+ if { [file exists /usr/local/etc/sguil-server/sguild.users] } { >X+ set USERS_FILE "/usr/local/etc/sguil-server/sguild.users" >X } elseif { [file exists ./sguild.users] } { >X set USERS_FILE "./sguild.users" >X } else { >X if { [info exists ADDUSER] && $ADDUSER } { >X- CreateUsersFile "/etc/sguild/sguild.users" >X+ CreateUsersFile "/usr/local/etc/sguil-server/sguild.users" >X } else { >X set DEBUG 2 >X LogMessage "ERROR: Could not find a sguild.users file." >X- LogMessage " Checked in ./ and /etc/sguild/" >X+ LogMessage " Checked in ./ and /usr/local/etc/sguil-server/" >X DisplayUsage $argv0 >X } >X } >X@@ -376,8 +376,8 @@ >X # Load accessfile >X if { ![info exists ACCESS_FILE] } { >X # Check the defaults >X- if { [file exists /etc/sguild/sguild.access] } { >X- set ACCESS_FILE "/etc/sguild/sguild.access" >X+ if { [file exists /usr/local/etc/sguil-server/sguild.access] } { >X+ set ACCESS_FILE "/usr/local/etc/sguil-server/sguild.access" >X } elseif { [file exists ./sguild.access] } { >X set ACCESS_FILE "./sguild.access" >X } else { >X@@ -391,8 +391,8 @@ >X } >X # Load auto cat config >X if { ![info exists AUTOCAT_FILE] } { >X- if { [file exists /etc/sguild/autocat.conf] } { >X- set AUTOCAT_FILE "/etc/sguild/autocat.conf" >X+ if { [file exists /usr/local/etc/sguil-server/autocat.conf] } { >X+ set AUTOCAT_FILE "/usr/local/etc/sguil-server/autocat.conf" >X } else { >X set AUTOCAT_FILE "./autocat.conf" >X } >X@@ -402,8 +402,8 @@ >X } >X # Load email config file >X if { ![info exists EMAIL_FILE] } { >X- if { [file exists /etc/sguild/sguild.email] } { >X- set EMAIL_FILE "/etc/sguild/sguild.email" >X+ if { [file exists /usr/local/etc/sguil-server/sguild.email] } { >X+ set EMAIL_FILE "/usr/local/etc/sguil-server/sguild.email" >X } else { >X set EMAIL_FILE "./sguild.email" >X } >X@@ -415,8 +415,8 @@ >X } >X # Load global queries. >X if { ![info exists GLOBAL_QRY_FILE] } { >X- if { [file exists /etc/sguild/sguild.queries] } { >X- set GLOBAL_QRY_FILE "/etc/sguild/sguild.queries" >X+ if { [file exists /usr/local/etc/sguil-server/sguild.queries] } { >X+ set GLOBAL_QRY_FILE "/usr/local/etc/sguil-server/sguild.queries" >X } else { >X set GLOBAL_QRY_FILE "./sguild.queries" >X } >X@@ -428,8 +428,8 @@ >X } >X # Load report queries. >X if { ![info exists REPORT_QRY_FILE] } { >X- if { [file exists /etc/sguild/sguild.reports] } { >X- set REPORT_QRY_FILE "/etc/sguild/sguild.reports" >X+ if { [file exists /usr/local/etc/sguil-server/sguild.reports] } { >X+ set REPORT_QRY_FILE "/usr/local/etc/sguil-server/sguild.reports" >X } else { >X set REPORT_QRY_FILE "./sguild.reports" >X } >END-of-./files/patch-sguild >echo x - ./files/patch-sguild.access >sed 's/^X//' >./files/patch-sguild.access << 'END-of-./files/patch-sguild.access' >X--- sguild.access.orig Tue Mar 28 03:36:31 2006 >X+++ sguild.access Tue Mar 28 03:37:44 2006 >X@@ -4,7 +4,8 @@ >X # This file is used by sguild for access control. It is read upon init # >X # or when sguild receives a HUP signal. # >X # # >X-# By default, sguild will look first for /etc/sguild/sguild.access, # >X+# By default, sguild will look first for # >X+# /usrlocal//etc/sguild/sguild.access, # >X # then ./sguild.access unless the -A /path/to/sguild.access switch # >X # is used. # >X # # >END-of-./files/patch-sguild.access >echo x - ./files/patch-sguild.conf >sed 's/^X//' >./files/patch-sguild.conf << 'END-of-./files/patch-sguild.conf' >X*** sguild.conf.orig Tue Mar 28 02:38:13 2006 >X--- sguild.conf Tue Mar 28 02:39:47 2006 >X*************** >X*** 2,6 **** >X >X # Path the sguild libs >X! set SGUILD_LIB_PATH ./lib >X >X # DEBUG 0=off 1=important stuff 2=everything. Option 2 is VERY chatty. >X--- 2,6 ---- >X >X # Path the sguild libs >X! set SGUILD_LIB_PATH /usr/local/lib/sguil-server/ >X >X # DEBUG 0=off 1=important stuff 2=everything. Option 2 is VERY chatty. >X*************** >X*** 61,65 **** >X # You MUST have tcpflow installed to get xscripts >X # http://www.circlemud.org/~jelson/software/tcpflow/ >X! set TCPFLOW "/usr/bin/tcpflow" >X >X # p0f - (C) Michal Zalewski <lcamtuf@gis.net>, William Stearns <wstearns@pobox.com> >X--- 61,65 ---- >X # You MUST have tcpflow installed to get xscripts >X # http://www.circlemud.org/~jelson/software/tcpflow/ >X! set TCPFLOW "/usr/local/bin/tcpflow" >X >X # p0f - (C) Michal Zalewski <lcamtuf@gis.net>, William Stearns <wstearns@pobox.com> >X*************** >X*** 72,76 **** >X # Path the the p0f binary. Switches -q and -s <filename> are appended on exec, >X # add any others you may need here. >X! set P0F_PATH "/usr/sbin/p0f" >X >X # Email config moved to sguild.email >X--- 72,76 ---- >X # Path the the p0f binary. Switches -q and -s <filename> are appended on exec, >X # add any others you may need here. >X! set P0F_PATH "/usr/local/bin/p0f" >X >X # Email config moved to sguild.email >END-of-./files/patch-sguild.conf >echo x - ./files/sguild.sh.in >sed 's/^X//' >./files/sguild.sh.in << 'END-of-./files/sguild.sh.in' >X#!/bin/sh >X >X# PROVIDE: sguild >X# REQUIRE: DAEMON >X# KEYWORD: FreeBSD shutdown >X >X# Add the following lines to /etc/rc.conf to enable sguild: >X# sguild_enable (bool): Set to YES to enable sguild >X# Default: NO >X# sguild_flags (str): Extra flags passed to sguild >X# Default: -D >X# sguild_conf (str): Sguild configuration file >X# Default: %%PREFIX%%/etc/%%SGUILDIR%%/sguild.conf >X >X. %%RC_SUBR%% >X >Xname="sguild" >Xrcvar=`set_rcvar` >X >Xcommand="%%PREFIX%%/bin/${name}" >Xprocname="%%TCLSH%%" >Xcheck_process="${command} /bin/sh" >Xstop_cmd="sguild_stop" >X >Xsguild_enable=${sguild_enable-NO} >Xsguild_conf=${sguild_conf-%%PREFIX%%/etc/%%SGUILDIR%%/sguild.conf} >Xsguild_flags=${sguild_flags--D} >X[ -n "$sguild_conf" ] && sguild_flags="$sguild_flags -c $sguild_conf" >X >Xsguild_stop() { >X if [ -z "${rc_pid}" ]; then >X echo "${name} not running?" >X else >X echo "Stopping ${name}." >X `/bin/kill -9 ${rc_pid}` >X wait_for_pids "${rc_pid}" >X if [ -f "/var/run/${name}.pid" ]; then >X `rm -f /var/run/${name}.pid` >X fi >X fi >X} >X >Xload_rc_config ${name} >Xrun_rc_command "$1" >END-of-./files/sguild.sh.in >echo x - ./files/pkg-message.in >sed 's/^X//' >./files/pkg-message.in << 'END-of-./files/pkg-message.in' >X *********************************** >X * !!!!!!!!!!! WARNING !!!!!!!!!!! * >X *********************************** >X >XIf you had existing config files in %%PREFIX%%/etc/%%SGUILDIR%% >Xthey were not overwritten. If this is a first time install, you >Xmust copy the sample files to the corresponding conf file and >Xedit the various config files for your site. See the INSTALL >Xdoc in %%DOCSDIR%% for details. >X >XThe sql scripts for creating database tables were placed in >Xthe %%PREFIX%%/share/%%SGUILDIR%%/ directory. PLEASE >XNOTE: LOG_DIR is not set by this install. You MUST create the >Xcorrect LOG_DIRS and put a copy of the snort rules you use in >XLOG_DIR/rules. >X >XThe sguild, archive_sguildb.tcl and incident_report.tcl scripts >Xwere placed in %%PREFIX%%/bin/. The incident_report.tcl >Xscript is from the contrib section. There is no documentation >Xand the script's variables must be edited before it is used. >X >XA startup script, named sguild.sh was installed in >X%%PREFIX%%/etc/rc.d/. To enable it, edit /etc/rc.conf >Xper the instructions in the script. >X >XFor general questions, see the sguil faq: >Xhttp://sguil.sourceforge.net/index.php?page=faq >XFor detailed install instructions see Richard Bejtlich's >Xexcellent guide at his blog: >Xhttp://taosecurity.blogspot.com/2006/03/new-sguil-scripts-and-vm-i-have-not.html >END-of-./files/pkg-message.in >echo x - ./Makefile >sed 's/^X//' >./Makefile << 'END-of-./Makefile' >X# New ports collection makefile for: sguil-server >X# Date created: 9 Oct 2006 >X# Whom: Paul Schmehl <pauls@utdallas.edu> >X# >X# $FreeBSD$ >X# >X >XPORTNAME= sguil-server >XPORTVERSION= 0.6.1 >XCATEGORIES= security >XMASTER_SITES= ${MASTER_SITE_SOURCEFORGE} >XMASTER_SITE_SUBDIR= sguil >X >XMAINTAINER= pauls@utdallas.edu >XCOMMENT= Squil is a network security management program >X >XRUN_DEPENDS= p0f:${PORTSDIR}/net-mgmt/p0f \ >X tcpflow:${PORTSDIR}/net/tcpflow \ >X dtplite:${PORTSDIR}/devel/tcllib \ >X barnyard:${PORTSDIR}/security/barnyard-sguil6 \ >X ${LOCALBASE}/lib/tcl8.4/mysqltcl:${PORTSDIR}/databases/mysqltcl \ >X ${LOCALBASE}/lib/tclx8.4/tclx.tcl:${PORTSDIR}/lang/tclX >XLIB_DEPENDS= tls:${PORTSDIR}/devel/tcltls >X >XNO_BUILD= yes >XUSE_RC_SUBR= sguild.sh >XTCLSH_CMD?= ${PREFIX}/bin/tclsh8.4 >XSGUILDIR?= sguil-server >XWRKSRC= ${WRKDIR}/sguil-${PORTVERSION} >XPATCH_WRKSRC= ${WRKSRC}/server >XPLIST_SUB= SGUILDIR=${SGUILDIR} >XSUB_FILES= pkg-message >XSUB_LIST= SGUILDIR=${SGUILDIR} TCLSH=${TCLSH_CMD} >XLIBRARIES= SguildAccess.tcl SguildEvent.tcl SguildReportBuilder.tcl \ >X SguildAutoCat.tcl SguildGenericDB.tcl SguildSendComms.tcl \ >X SguildClientCmdRcvd.tcl SguildHealthChecks.tcl SguildSensorAgentComms.tcl \ >X SguildConnect.tcl SguildLoaderd.tcl SguildSensorCmdRcvd.tcl \ >X SguildCreateDB.tcl SguildMysqlMerge.tcl SguildTranscript.tcl \ >X SguildEmailEvent.tcl SguildQueryd.tcl SguildUtils.tcl >XSCRIPTS= create_ruledb.sql update_sguildb_v10-v11.sql update_sguildb_v8-v9.sql \ >X create_sguildb.sql update_sguildb_v5-v6.sql update_sguildb_v9-v10.sql \ >X migrate_event.tcl update_sguildb_v6-v7.sql migrate_sancp.tcl update_sguildb_v7-v8.sql >XCONFS= autocat.conf sguild.access sguild.conf sguild.email sguild.queries sguild.reports sguild.users >X >XPORTDOCS= CHANGES INSTALL INSTALL.openbsd LICENSE.QPL \ >X OPENSSL.README TODO USAGE sguildb.dia >X >X.include <bsd.port.pre.mk> >X >Xpost-patch: >X.for f in archive_sguildb.tcl sguild contrib/incident_report.tcl >X @${REINPLACE_CMD} -e 's:exec tclsh:exec ${TCLSH_CMD}:g' ${WRKSRC}/server/${f} >X.endfor >X >Xdo-install: >X @${MKDIR} ${PREFIX}/etc/${SGUILDIR} >X @${MKDIR} ${PREFIX}/lib/${SGUILDIR} >X @${MKDIR} ${PREFIX}/share/${SGUILDIR} >X.for f in archive_sguildb.tcl sguild >X ${INSTALL_SCRIPT} -m 751 ${WRKSRC}/server/${f} ${PREFIX}/bin/${f} >X.endfor >X.for f in incident_report.tcl >X ${INSTALL_SCRIPT} -m 751 ${WRKSRC}/server/contrib/${f} ${PREFIX}/bin/${f} >X.endfor >X.for f in ${CONFS} >X ${INSTALL_DATA} ${WRKSRC}/server/${f} ${PREFIX}/etc/${SGUILDIR}/${f}-sample >X.endfor >X.for f in ${LIBRARIES} >X ${INSTALL_DATA} ${WRKSRC}/server/lib/${f} ${PREFIX}/lib/${SGUILDIR}/${f} >X.endfor >X.for f in ${SCRIPTS} >X ${INSTALL_DATA} ${WRKSRC}/server/sql_scripts/${f} ${PREFIX}/share/${SGUILDIR}/${f} >X.endfor >Xpost-install: >X.if !defined(NOPORTDOCS) >X @${MKDIR} ${DOCSDIR} >X cd ${WRKSRC}/doc && ${INSTALL_DATA} ${PORTDOCS} ${DOCSDIR} >X.endif >X @${CAT} ${PKGMESSAGE} >X >X.include <bsd.port.post.mk> >END-of-./Makefile >echo x - ./pkg-descr >sed 's/^X//' >./pkg-descr << 'END-of-./pkg-descr' >XSguil is an open source tool to implement Network >XSecurity Monitoring (NSM). NSM is the collection, >Xanalysis, and escalation of indications and warnings >Xto detect and respond to intrusions. NSM tools are >Xused more for network audit and specialized >Xapplications than traditional alert-centric "intrusion >Xdetection" systems. >X >XWant to learn more about Network Security Monitoring >X(NSM)? Then check out Richard Bejtlich's recently >Xreleased book, The Tao of Network Security Monitoring: >XBeyond Intrusion Detection. An excerpt reads: >X >X"Network security monitoring (NSM) equips security >Xstaff to deal with the inevitable consequences of too >Xfew resources and too many responsibilities. NSM collects >Xthe data needed to generate better assessment, detection, >Xand response processes--resulting in decreased impact from >Xunauthorized activities." >X >XWWW: http://sguil.sourceforge.net/index.php >Xpauls@utdallas.edu >END-of-./pkg-descr >echo x - ./distinfo >sed 's/^X//' >./distinfo << 'END-of-./distinfo' >XMD5 (sguil-server-0.6.1.tar.gz) = 27decbe3c6528bf2c86c74b35b8f7b3b >XSHA256 (sguil-server-0.6.1.tar.gz) = 22aea8f76da0530ae7ee9a68efe1de7615bec47a7702c93f8fe338d57590ce57 >XSIZE (sguil-server-0.6.1.tar.gz) = 92901 >END-of-./distinfo >exit
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=71580">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 104227
: 71580