From owner-freebsd-ports-bugs@FreeBSD.ORG Tue Apr 10 11:40:02 2007 Return-Path: X-Original-To: freebsd-ports-bugs@hub.freebsd.org Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id B1B1316A406 for ; Tue, 10 Apr 2007 11:40:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [69.147.83.40]) by mx1.freebsd.org (Postfix) with ESMTP id 8A8F813C45D for ; Tue, 10 Apr 2007 11:40:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id l3ABe2NZ051593 for ; Tue, 10 Apr 2007 11:40:02 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id l3ABe2aT051592; Tue, 10 Apr 2007 11:40:02 GMT (envelope-from gnats) Resent-Date: Tue, 10 Apr 2007 11:40:02 GMT Resent-Message-Id: <200704101140.l3ABe2aT051592@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, "valerio.daelli@gmail.com" Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id E7AFE16A404 for ; Tue, 10 Apr 2007 11:32:22 +0000 (UTC) (envelope-from eldon@sodio.ifom-ieo-campus.it) Received: from mail.ifom-firc.it (mail.ifom-firc.it [85.239.175.131]) by mx1.freebsd.org (Postfix) with ESMTP id 2612313C489 for ; Tue, 10 Apr 2007 11:32:21 +0000 (UTC) (envelope-from eldon@sodio.ifom-ieo-campus.it) Received: (qmail 63932 invoked by uid 811); 10 Apr 2007 11:32:51 -0000 Received: from 85.239.175.187 by mail.ifom-firc.it (envelope-from , uid 803) with qmail-scanner-2.01 (clamdscan: 0.90.1/2839. f-prot: 4.6.7/3.16.15. spamassassin: 3.1.8. Clear:RC:1(85.239.175.187):. Processed in 0.302798 secs); 10 Apr 2007 11:32:51 -0000 Received: from unknown (HELO sodio.ifom-ieo-campus.it) ([85.239.175.187]) (envelope-sender ) by smtp.ifom-firc.it (qmail-ldap-1.03) with SMTP for ; 10 Apr 2007 11:32:50 -0000 Received: (from eldon@sodio.ifom-ieo-campus.it) by sodio.ifom-ieo-campus.it (mini_sendmail/1.3.6 29jun2005); Tue, 10 Apr 2007 13:30:52 CEST (sender eldon@sodio.ifom-ieo-campus.it) Message-Id: <20070410113222.2612313C489@mx1.freebsd.org> Date: Tue, 10 Apr 2007 11:32:21 +0000 (UTC) From: "valerio.daelli@gmail.com" To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Subject: ports/111445: New port: security/ossec-hids-server security/ossec-hids-client security/ossec-hids-local - A tool to monitor logs and check intrusions X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: "valerio.daelli@gmail.com" List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Apr 2007 11:40:02 -0000 >Number: 111445 >Category: ports >Synopsis: New port: security/ossec-hids-server security/ossec-hids-client security/ossec-hids-local - A tool to monitor logs and check intrusions >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Tue Apr 10 11:40:02 GMT 2007 >Closed-Date: >Last-Modified: >Originator: Valerio Daelli >Release: FreeBSD 6.2-RELEASE-p3 amd64 >Organization: IFOM >Environment: System: FreeBSD sodio.ifom-ieo-campus.it 6.2-RELEASE-p3 FreeBSD 6.2-RELEASE-p3 #5: Fri Mar 16 15:21:33 CET 2007 root@sodio.ifom-ieo-campus.it:/usr/obj/usr/src/sys/SODIO amd64 >Description: ossec-hids is a security tool to monitor logs for events and perform security scan on a system >How-To-Repeat: >Fix: --- SHAR-OSSEC-HIDS-SERVER begins here --- # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # /root/ossec-hids-server/ # /root/ossec-hids-server/files # /root/ossec-hids-server/files/patch-LOCATION # /root/ossec-hids-server/files/patch-defs.h # /root/ossec-hids-server/files/patch-InstallServer.sh # /root/ossec-hids-server/files/ossec-hids # /root/ossec-hids-server/pkg-descr # /root/ossec-hids-server/distinfo # /root/ossec-hids-server/Makefile # /root/ossec-hids-server/pkg-plist.client # /root/ossec-hids-server/pkg-plist # echo c - /root/ossec-hids-server/ mkdir -p /root/ossec-hids-server/ > /dev/null 2>&1 echo c - /root/ossec-hids-server/files mkdir -p /root/ossec-hids-server/files > /dev/null 2>&1 echo x - /root/ossec-hids-server/files/patch-LOCATION sed 's/^X//' >/root/ossec-hids-server/files/patch-LOCATION << 'END-of-/root/ossec-hids-server/files/patch-LOCATION' Xdiff -ruN src/LOCATION.orig src/LOCATION X--- src/LOCATION.orig Tue Oct 25 18:18:50 2005 X+++ src/LOCATION Mon Apr 2 10:51:37 2007 X@@ -1,2 +1,2 @@ X-DIR="/var/ossec" X+DIR="PREFIX" X CC=gcc END-of-/root/ossec-hids-server/files/patch-LOCATION echo x - /root/ossec-hids-server/files/patch-defs.h sed 's/^X//' >/root/ossec-hids-server/files/patch-defs.h << 'END-of-/root/ossec-hids-server/files/patch-defs.h' Xdiff -ruN src/headers/defs.h.orig src/headers/defs.h X--- src/headers/defs.h.orig Thu Feb 22 01:44:26 2007 X+++ src/headers/defs.h Mon Apr 2 10:54:45 2007 X@@ -86,7 +86,7 @@ X #endif X X #ifndef DEFAULTDIR X- #define DEFAULTDIR "/var/ossec" X+ #define DEFAULTDIR "PREFIX" X #endif X X END-of-/root/ossec-hids-server/files/patch-defs.h echo x - /root/ossec-hids-server/files/patch-InstallServer.sh sed 's/^X//' >/root/ossec-hids-server/files/patch-InstallServer.sh << 'END-of-/root/ossec-hids-server/files/patch-InstallServer.sh' Xdiff -ruN src/InstallServer.sh.orig src/InstallServer.sh X--- src/InstallServer.sh.orig Sun Jan 7 23:38:16 2007 X+++ src/InstallServer.sh Thu Apr 5 15:58:08 2007 X@@ -255,12 +255,12 @@ X X ls ../etc/ossec.mc > /dev/null 2>&1 X if [ $? = 0 ]; then X- cp -pr ../etc/ossec.mc ${DIR}/etc/ossec.conf X+ cp -pr ../etc/ossec.mc ${DIR}/etc/ossec.conf.sample X else X- cp -pr ../etc/ossec-server.conf ${DIR}/etc/ossec.conf X+ cp -pr ../etc/ossec-server.conf ${DIR}/etc/ossec.conf.sample X fi X-chown root:${GROUP} ${DIR}/etc/ossec.conf X-chmod 440 ${DIR}/etc/ossec.conf X+chown root:${GROUP} ${DIR}/etc/ossec.conf.sample X+chmod 440 ${DIR}/etc/ossec.conf.sample X X X END-of-/root/ossec-hids-server/files/patch-InstallServer.sh echo x - /root/ossec-hids-server/files/ossec-hids sed 's/^X//' >/root/ossec-hids-server/files/ossec-hids << 'END-of-/root/ossec-hids-server/files/ossec-hids' X#!/bin/sh X# X# PROVIDE: ossechids X# REQUIRE: DAEMON X# BEFORE: LOGIN X X. /etc/rc.subr X Xname="ossechids" Xrcvar=`set_rcvar` X Xload_rc_config $name X X: ${ossechids_enable="NO"} X: ${ossechids_user="ossec"} X: ${ossechids_group="ossec"} X Xstart_cmd=${name}_start Xstop_cmd=${name}_stop Xrestart_cmd=${name}_restart Xstatus_cmd=${name}_status X Xcommand="PREFIX/ossec-hids/bin/ossec-control" Xrequired_files="PREFIX/ossec-hids/etc/ossec.conf" X Xossechids_start() { X $command start X} X Xossechids_stop() { X $command stop X} X Xossechids_restart() { X $command restart X} X Xossechids_status() { X $command status X} X Xrun_rc_command "$1" END-of-/root/ossec-hids-server/files/ossec-hids echo x - /root/ossec-hids-server/pkg-descr sed 's/^X//' >/root/ossec-hids-server/pkg-descr << 'END-of-/root/ossec-hids-server/pkg-descr' XOssec-hids iss a security tool to monitor log files Xand intrusions. X XWWW: http://www.ossec.net/ END-of-/root/ossec-hids-server/pkg-descr echo x - /root/ossec-hids-server/distinfo sed 's/^X//' >/root/ossec-hids-server/distinfo << 'END-of-/root/ossec-hids-server/distinfo' XMD5 (ossec-hids-1.1.tar.gz) = d1c046f7cf4fd75c0f79985dc7f65411 XSHA256 (ossec-hids-1.1.tar.gz) = 030475d58689a6172ef44e6637fb32a1aa70d385e9b73becd2e31a1072d09d17 XSIZE (ossec-hids-1.1.tar.gz) = 502949 END-of-/root/ossec-hids-server/distinfo echo x - /root/ossec-hids-server/Makefile sed 's/^X//' >/root/ossec-hids-server/Makefile << 'END-of-/root/ossec-hids-server/Makefile' X# New ports collection makefile for: ossec-hids-server X# Date created: 23 July 2006 X# Whom: Valerio Daelli X# X# $FreeBSD$ X# X XPORTNAME= ossec-hids XPORTVERSION= 1.1 XCATEGORIES= security XMASTER_SITES= http://www.ossec.net/files/ XPKGNAMESUFFIX?= -server X XMAINTAINER= valerio.daelli@gmail.com XCOMMENT= A security tool to monitor and check logs and intrusions X X.include X X.if defined(CLIENT_ONLY) XPKGNAMESUFFIX= -client XCONFLICTS= ossec-hids-server-* ossec-hids-local-* X.elif defined(LOCAL_ONLY) XPKGNAMESUFFIX= -local XCONFLICTS= ossec-hids-client-* ossec-hids-server-* X.else XCONFLICTS= ossec-hids-client-* ossec-hids-local-* X.endif X Xpre-patch: X @${REINPLACE_CMD} 's|PREFIX|${PREFIX}/${PORTNAME}|' ${FILESDIR}/patch-LOCATION X @${REINPLACE_CMD} 's|PREFIX|${PREFIX}/${PORTNAME}|' ${FILESDIR}/patch-defs.h X @${REINPLACE_CMD} 's|PREFIX|${PREFIX}|' ${FILESDIR}/ossec-hids X @${CP} ${FILESDIR}/patch-LOCATION ${WRKDIR}/patch-LOCATION X @${CP} ${FILESDIR}/patch-defs.h ${WRKDIR}/patch-defs.h X @${CP} ${FILESDIR}/ossec-hids ${WRKDIR}/ossec-hids X @${MV} ${FILESDIR}/patch-LOCATION.bak ${FILESDIR}/patch-LOCATION X @${MV} ${FILESDIR}/patch-defs.h.bak ${FILESDIR}/patch-defs.h X @${MV} ${FILESDIR}/ossec-hids.bak ${FILESDIR}/ossec-hids X Xdo-patch: X @cd ${WRKSRC};${PATCH} -p0 < ${WRKDIR}/patch-LOCATION X @cd ${WRKSRC};${PATCH} -p0 < ${WRKDIR}/patch-defs.h X @cd ${WRKSRC};${PATCH} -p0 < ${FILESDIR}/patch-InstallServer.sh X Xdo-configure: X Xdo-build: X @cd ${WRKSRC}/src;${MAKE} all;${MAKE} build X X.if defined(CLIENT_ONLY) Xdo-install: X @cd ${WRKSRC}/src; ${MAKE} agent X.elif defined(LOCAL_ONLY) Xdo-install: X @cd ${WRKSRC}/src; ${MAKE} local X.else Xdo-install: X @cd ${WRKSRC}/src; ${MAKE} server X.endif X Xpost-install: X @${CP} -p ${WRKDIR}/ossec-hids /usr/local/etc/rc.d/ X @if [ ! -f ${PREFIX}/${PORTNAME}/etc/ossec.conf ]; then \ X ${CP} -p ${PREFIX}/${PORTNAME}/etc/ossec.conf.sample ${PREFIX}/${PORTNAME}/etc/ossec.conf ; \ X fi X X.if defined(CLIENT_ONLY) XPLIST=${PKGDIR}/pkg-plist.client X.endif X X.include END-of-/root/ossec-hids-server/Makefile echo x - /root/ossec-hids-server/pkg-plist.client sed 's/^X//' >/root/ossec-hids-server/pkg-plist.client << 'END-of-/root/ossec-hids-server/pkg-plist.client' Xossec-hids/active-response/bin/disable-account.sh Xossec-hids/active-response/bin/firewall-drop.sh Xossec-hids/active-response/bin/firewalls/ipfw.sh Xossec-hids/active-response/bin/firewalls/ipfw_mac.sh Xossec-hids/active-response/bin/firewalls/pf.sh Xossec-hids/active-response/bin/host-deny.sh Xossec-hids/active-response/bin/route-null.sh Xossec-hids/bin/manage_agents Xossec-hids/bin/ossec-agentd Xossec-hids/bin/ossec-control Xossec-hids/bin/ossec-execd Xossec-hids/bin/ossec-logcollector Xossec-hids/bin/ossec-syscheckd Xossec-hids/etc/internal_options.conf Xossec-hids/etc/localtime Xossec-hids/logs/ossec.log X@dirrm ossec-hids/var/run X@dirrm ossec-hids/var X@dirrm ossec-hids/queue/syscheck X@dirrm ossec-hids/queue/rids X@dirrm ossec-hids/queue/ossec X@dirrm ossec-hids/queue/alerts X@dirrm ossec-hids/queue X@dirrm ossec-hids/logs X@dirrm ossec-hids/bin END-of-/root/ossec-hids-server/pkg-plist.client echo x - /root/ossec-hids-server/pkg-plist sed 's/^X//' >/root/ossec-hids-server/pkg-plist << 'END-of-/root/ossec-hids-server/pkg-plist' Xossec-hids/active-response/bin/disable-account.sh Xossec-hids/active-response/bin/firewall-drop.sh Xossec-hids/active-response/bin/host-deny.sh Xossec-hids/active-response/bin/route-null.sh Xossec-hids/bin/clear_stats Xossec-hids/bin/list_agents Xossec-hids/bin/manage_agents Xossec-hids/bin/ossec-agentd Xossec-hids/bin/ossec-analysisd Xossec-hids/bin/ossec-control Xossec-hids/bin/ossec-execd Xossec-hids/bin/ossec-logcollector Xossec-hids/bin/ossec-maild Xossec-hids/bin/ossec-monitord Xossec-hids/bin/ossec-remoted Xossec-hids/bin/ossec-syscheckd Xossec-hids/bin/syscheck_update Xossec-hids/etc/decoder.xml Xossec-hids/etc/internal_options.conf Xossec-hids/etc/localtime Xossec-hids/etc/shared/rootkit_files.txt Xossec-hids/etc/shared/rootkit_trojans.txt X@unexec if cmp -s ossec-hids/etc/ossec.conf.sample ossec-hids/etc/ossec.conf; then rm -f ossec-hids/etc/ossec.conf; fi Xossec-hids/etc/ossec.conf.sample X@exec if [ ! -f ossec-hids/etc/ossec.conf ] ; then cp -p ossec-hids/etc/ossec.conf.sample ossec-hids/etc/orbit.conf; fi Xossec-hids/logs/ossec.log Xossec-hids/rules/apache_rules.xml Xossec-hids/rules/arpwatch_rules.xml Xossec-hids/rules/attack_rules.xml Xossec-hids/rules/firewall_rules.xml Xossec-hids/rules/ftpd_rules.xml Xossec-hids/rules/hordeimp_rules.xml Xossec-hids/rules/ids_rules.xml Xossec-hids/rules/imapd_rules.xml Xossec-hids/rules/local_rules.xml Xossec-hids/rules/mailscanner_rules.xml Xossec-hids/rules/ms-exchange_rules.xml Xossec-hids/rules/ms_ftpd_rules.xml Xossec-hids/rules/msauth_rules.xml Xossec-hids/rules/named_rules.xml Xossec-hids/rules/netscreenfw_rules.xml Xossec-hids/rules/ossec_rules.xml Xossec-hids/rules/pam_rules.xml Xossec-hids/rules/pix_rules.xml Xossec-hids/rules/policy_rules.xml Xossec-hids/rules/postfix_rules.xml Xossec-hids/rules/proftpd_rules.xml Xossec-hids/rules/pure-ftpd_rules.xml Xossec-hids/rules/racoon_rules.xml Xossec-hids/rules/rules_config.xml Xossec-hids/rules/sendmail_rules.xml Xossec-hids/rules/smbd_rules.xml Xossec-hids/rules/spamd_rules.xml Xossec-hids/rules/squid_rules.xml Xossec-hids/rules/sshd_rules.xml Xossec-hids/rules/symantec-av_rules.xml Xossec-hids/rules/syslog_rules.xml Xossec-hids/rules/telnetd_rules.xml Xossec-hids/rules/vpn_concentrator_rules.xml Xossec-hids/rules/vpopmail_rules.xml Xossec-hids/rules/vsftpd_rules.xml Xossec-hids/rules/web_rules.xml Xetc/rc.d/ossec-hids X@dirrm ossec-hids/var/run X@dirrm ossec-hids/var X@dirrm ossec-hids/tmp X@dirrm ossec-hids/stats X@dirrm ossec-hids/rules X@dirrm ossec-hids/queue/syscheck X@dirrm ossec-hids/queue/rootcheck X@dirrm ossec-hids/queue/rids X@dirrm ossec-hids/queue/ossec X@dirrm ossec-hids/queue/fts X@dirrm ossec-hids/queue/alerts X@dirrm ossec-hids/queue/agent-info X@dirrm ossec-hids/queue X@dirrm ossec-hids/logs/firewall X@dirrm ossec-hids/logs/archives X@dirrm ossec-hids/logs/alerts X@dirrm ossec-hids/logs X@dirrm ossec-hids/bin END-of-/root/ossec-hids-server/pkg-plist exit --- SHAR-OSSEC-HIDS-SERVER ends here --- --- SHAR-OSSEC-HIDS-LOCAL begins here --- # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # /root/ossec-hids-local/ # /root/ossec-hids-local/Makefile # echo c - /root/ossec-hids-local/ mkdir -p /root/ossec-hids-local/ > /dev/null 2>&1 echo x - /root/ossec-hids-local/Makefile sed 's/^X//' >/root/ossec-hids-local/Makefile << 'END-of-/root/ossec-hids-local/Makefile' X# New ports collection makefile for: ossec-hids-client X# Date created: 23 July 2006 X# Whom: Valerio Daelli X# X# $FreeBSD$ X# X XLOCAL_ONLY= yes X XMASTERDIR= ${.CURDIR}/../ossec-hids-server X X.include "${MASTERDIR}/Makefile" END-of-/root/ossec-hids-local/Makefile exit --- SHAR-OSSEC-HIDS-LOCAL ends here --- --- SHAR-OSSEC-HIDS-CLIENT begins here --- # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # /root/ossec-hids-client/ # /root/ossec-hids-client/Makefile # echo c - /root/ossec-hids-client/ mkdir -p /root/ossec-hids-client/ > /dev/null 2>&1 echo x - /root/ossec-hids-client/Makefile sed 's/^X//' >/root/ossec-hids-client/Makefile << 'END-of-/root/ossec-hids-client/Makefile' X# New ports collection makefile for: ossec-hids-client X# Date created: 23 July 2006 X# Whom: Valerio Daelli X# X# $FreeBSD$ X# X XCLIENT_ONLY= yes X XMASTERDIR= ${.CURDIR}/../ossec-hids-server X X.include "${MASTERDIR}/Makefile" END-of-/root/ossec-hids-client/Makefile exit --- SHAR-OSSEC-HIDS-CLIENT ends here --- >Release-Note: >Audit-Trail: >Unformatted: