Date: Wed, 8 Dec 1999 09:01:57 -0800 (PST) From: dan@freebsddiary.org To: freebsd-gnats-submit@freebsd.org Subject: ports/15360: new port = logcheck Message-ID: <19991208170157.5191D14A26@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 15360 >Category: ports >Synopsis: new port = logcheck >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Wed Dec 8 09:10:01 PST 1999 >Closed-Date: >Last-Modified: >Originator: Dan Langille >Release: 3.2 >Organization: The FreeBSD Diary >Environment: FreeBSD fred.int.nz.freebsd.org 3.2-RELEASE FreeBSD 3.2-RELEASE #0: Wed Dec 8 01:12:48 NZDT 1999 root@fred.int.nz.freebsd.org:/usr/src/sys/compile/FRED i386 >Description: New security port - log file scanner Logcheck is part of the Abacus Project of security tools. It is a program created to help in the processing of UNIX system logfiles generated by the various Abacus Project tools, system daemons, Wietse Venema's TCP Wrapper and Log Daemon packages, and the Firewall Toolkit© by Trusted Information Systems Inc.(TIS). Logcheck also works very well at reporting on other common operating system security violations and strange events. >How-To-Repeat: logcheck homepage is http://www.psionic.com/abacus/logcheck/ >Fix: # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # logcheck # logcheck/Makefile # logcheck/files # logcheck/files/md5 # logcheck/patches # logcheck/patches/patch-aa # logcheck/pkg # logcheck/pkg/COMMENT # logcheck/pkg/DESCR # logcheck/pkg/PLIST # echo c - logcheck mkdir -p logcheck > /dev/null 2>&1 echo x - logcheck/Makefile sed 's/^X//' >logcheck/Makefile << 'END-of-logcheck/Makefile' X# Ports collection makefile for: logcheck X# Version required: 1.1.1 X# Date created: 9 December 1999 X# Whom: Dan Langille <dan@freebsddiary.org> X# X# $FreeBSD$ X# X XDISTNAME= logcheck-1.1.1 XCATEGORIES= security XMASTER_SITES= http://www.psionic.com/tools/ X XMAINTAINER= dan@freebsddiary.org X X.include <bsd.port.mk> END-of-logcheck/Makefile echo c - logcheck/files mkdir -p logcheck/files > /dev/null 2>&1 echo x - logcheck/files/md5 sed 's/^X//' >logcheck/files/md5 << 'END-of-logcheck/files/md5' XMD5 (logcheck-1.1.1.tar.gz) = e97c2f096e219e20310c1b80e9e1bc29 END-of-logcheck/files/md5 echo c - logcheck/patches mkdir -p logcheck/patches > /dev/null 2>&1 echo x - logcheck/patches/patch-aa sed 's/^X//' >logcheck/patches/patch-aa << 'END-of-logcheck/patches/patch-aa' X--- Makefile.org Thu Dec 9 03:26:04 1999 X+++ Makefile Thu Dec 9 04:26:20 1999 X@@ -5,6 +5,8 @@ X # Thanks to rbulling@obscure.org for cleaning this Makefile up.. X # X X+SYSTYPE=freebsd X+ X # Generic compiler X CC = cc X # GNU.. X@@ -35,19 +37,19 @@ X # Debug mode for logtail X # CFLAGS = -g -DDEBUG X X-all: X- @echo "Usage: make <systype>" X- @echo "<systype> is one of: " X- @echo " linux, bsdos, freebsd, sun, generic, hpux, digital" X- @echo "" X- @echo "NOTE: This will make and install the package in these" X- @echo " directories:" X- @echo " logcheck configuration files : $(INSTALLDIR)" X- @echo " logcheck.sh shell script : $(INSTALLDIR_SH)" X- @echo " logtail program : $(INSTALLDIR_BIN)" X- @echo "" X- @echo "Edit the makefile if you wish to change these paths." X- @echo "Any existing files will be overwritten." X+all: build X+# @echo "Usage: make <systype>" X+# @echo "<systype> is one of: " X+# @echo " linux, bsdos, freebsd, sun, generic, hpux, digital" X+# @echo "" X+# @echo "NOTE: This will make and install the package in these" X+# @echo " directories:" X+# @echo " logcheck configuration files : $(INSTALLDIR)" X+# @echo " logcheck.sh shell script : $(INSTALLDIR_SH)" X+# @echo " logtail program : $(INSTALLDIR_BIN)" X+# @echo "" X+# @echo "Edit the makefile if you wish to change these paths." X+# @echo "Any existing files will be overwritten." X X clean: X /bin/rm ./src/logtail ./src/logtail.o X@@ -60,28 +62,41 @@ X /bin/rm $(INSTALLDIR)/logcheck.violations.ignore X /bin/rm $(INSTALLDIR_BIN)/logtail X X-install: X+build: X @echo "Making $(SYSTYPE)" X $(CC) $(CFLAGS) -o ./src/logtail ./src/logtail.c X+ X+install: X @echo "Creating temp directory $(TMPDIR)" X @if [ ! -d $(TMPDIR) ]; then /bin/mkdir $(TMPDIR); fi X @echo "Setting temp directory permissions" X chmod 700 $(TMPDIR) X @echo "Copying files" X- cp ./systems/$(SYSTYPE)/logcheck.hacking $(INSTALLDIR) X- cp ./systems/$(SYSTYPE)/logcheck.violations $(INSTALLDIR) X- cp ./systems/$(SYSTYPE)/logcheck.violations.ignore $(INSTALLDIR) X- cp ./systems/$(SYSTYPE)/logcheck.ignore $(INSTALLDIR) X- cp ./systems/$(SYSTYPE)/logcheck.sh $(INSTALLDIR_SH) X+ cp ./systems/$(SYSTYPE)/logcheck.hacking $(INSTALLDIR)/logcheck.hacking.sample X+ cp ./systems/$(SYSTYPE)/logcheck.violations $(INSTALLDIR)/logcheck.violations.sample X+ cp ./systems/$(SYSTYPE)/logcheck.violations.ignore $(INSTALLDIR)/logcheck.violations.ignore.sample X+ cp ./systems/$(SYSTYPE)/logcheck.ignore $(INSTALLDIR)/logcheck.ignore.sample X+ cp ./systems/$(SYSTYPE)/logcheck.sh $(INSTALLDIR_SH)/logcheck.sh X cp ./src/logtail $(INSTALLDIR_BIN) X @echo "Setting permissions" X chmod 700 $(INSTALLDIR_SH)/logcheck.sh X chmod 700 $(INSTALLDIR_BIN)/logtail X- chmod 600 $(INSTALLDIR)/logcheck.violations.ignore X- chmod 600 $(INSTALLDIR)/logcheck.violations X- chmod 600 $(INSTALLDIR)/logcheck.hacking X- chmod 600 $(INSTALLDIR)/logcheck.ignore X+ chmod 600 $(INSTALLDIR)/logcheck.violations.ignore.sample X+ chmod 600 $(INSTALLDIR)/logcheck.violations.sample X+ chmod 600 $(INSTALLDIR)/logcheck.hacking.sample X+ chmod 600 $(INSTALLDIR)/logcheck.ignore.sample X @echo "Done. Don't forget to set your crontab." X+ @echo " " X+ @echo "---------------------------------------------------------------" X+ @echo "and to copy the sample files to the real file names." X+ @echo "here is an example what you need to do" X+ @echo "cd $(INSTALLDIR)" X+ @echo "mv logcheck.ignore.sample logcheck.ignore" X+ @echo "mv logcheck.violations.ignore.sample logcheck.violations.ignore" X+ @echo "mv logcheck.violations.sample logcheck.violations" X+ @echo "mv logcheck.hacking.sample logcheck.hacking" X+ @echo "logcheck is started with ./logcheck.sh" X+ @echo "---------------------------------------------------------------" X X generic: X make install SYSTYPE=generic END-of-logcheck/patches/patch-aa echo c - logcheck/pkg mkdir -p logcheck/pkg > /dev/null 2>&1 echo x - logcheck/pkg/COMMENT sed 's/^X//' >logcheck/pkg/COMMENT << 'END-of-logcheck/pkg/COMMENT' XAuditing tool for system logs on Unix boxes. END-of-logcheck/pkg/COMMENT echo x - logcheck/pkg/DESCR sed 's/^X//' >logcheck/pkg/DESCR << 'END-of-logcheck/pkg/DESCR' XLogcheck helps spot problems and security violations in your logfiles Xautomatically and will send the results to you in e-mail. X XLogcheck is part of the Abacus Project of security tools. It is a program Xcreated to help in the processing of UNIX system logfiles generated by the Xvarious Abacus Project tools, system daemons, Wietse Venema's TCP Wrapper Xand Log Daemon packages, and the Firewall Toolkit(c) by Trusted Information XSystems Inc.(TIS). Logcheck also works very well at reporting on other Xcommon operating system security violations and strange events. X XWWW: http://www.psionic.com/ X X- Dan Langille Xdan@freebsddiary.org END-of-logcheck/pkg/DESCR echo x - logcheck/pkg/PLIST sed 's/^X//' >logcheck/pkg/PLIST << 'END-of-logcheck/pkg/PLIST' Xetc/logcheck.hacking.sample Xetc/logcheck.violations.sample Xetc/logcheck.violations.ignore.sample Xetc/logcheck.ignore.sample Xetc/logcheck.sh Xbin/logtail END-of-logcheck/pkg/PLIST exit begin 644 logcheck.tar.gz M'XL(`.>-3C@``^U:_W/:.A+/K_%?L9=DYB4#&)NOA??:20JTQTR29@)YN3<W M-V^,4;`/V_)9(I3[ZV\E&[`)D)"7T.F</IV66MI=2;NKU:YLCXYLA]CCXL'[ M`2I&O5J%`Q`P5GZ3!Z@;I7+5,"IE$\`TZN72`53?<4X+3!BW(H"#B%*^C6[J M$.+M8T+[A3>W_Y4U)@^N1]YA#-,P:I7*9OO7S$IL_TJ]5D5",$N5NGD`QCO, MY0G^S^U_##<TX@QLZGG$YBX-P$\\`1YHU(PM-/<2[1A^)Q$35!'YS\2-R+`) M3V'J^`=IVQ8G8$<$?];2"32@36SB#T@$9J/10*Y[A_J;J.=H6P%<6L'(Q5G# M;T,K.'^("!FPX="UHIE.H]$G[1AEG7S!YL^]]@D^:>UNKW]]<=7YF%U4(9YN MZZ+?^?KMMMOIR7Y&[$GD\IEV=='K=V[_['7[LL?A/&P6B]/I5`^%(EQ;MZE? MY)1ZK*@A=?>ZCW\[MU+*NIEIFNX&MC<9XLRQ70_1`+H__J3]"/LO]K^P.'N? M4V"G^%\JB?UOE"LJ_N\#*_;WA^^@].?B/]3K2?RO5$JFC/]5LZSB_SYPU:[" M:382ZJ@0??3?,_@(I%&W2P]&HT9*9H/@KC0-VQQ\,$B#F`.[U/@A(4OA#;'8 M_Z'%\3_O<@+L%O_+8O^7:RK_WPN>V%_^%BSK#<=X)O[7JZ8YS_\K94/$?W28 MBHK_^T"A4(!YZ2>2T\.^,Q$9N4C,C7*S5&NB061BGLOE%I09JHJ@*ADQU?DY M%*KY&N2J^0]P?J[!,?0=*Q@SX!2BP<3SW&!T3@<,LVLYH*@RP/:(%6`'<,=E MBU%@$NHZ2M!`R_7^Z/7_N.E\3))I+2<D?R4!B5P;BQ<_1/I(`VBU\-BR;=E[ M?8?L8D+E:MYL0*Y<%S_QI-ID,!F!3X>RS!&U`+=<3_2TOEQ>?.VAE,(("NUV MY_/=5YQ`P?*\IE8X/#PGMD/AZ(Y9(]*4M1+\QF:,ST+RZ2A%L&@$7!$-"-"' M)J0)L`!Q@\GW/.!R*,M#LK(\L$F0AU&\M#PXH:`9NB.76UZ:_PA2#]??^ITF M:AK'FF)-%,_+"H;@!NC?V,`=`J%ECW'6V"8>&<E(B/?B$$LZF]/():RYIGM9 M-*'.@P=W-(DL63/*[!&:<'+:O>[U+RXOV]W;LZT"=.8`<PA.C=F1&W+9F17P M9^_O&V4(:T$8T5%D^=G2<$7&Y^YU5DCFH3-TN=3-HNAU'V!&)ZA%G!^ZK(W. MBRJ3^D(%<H?I&0$7P0S(=Y=QX;VQ%J0!!FCP1Q)-L83D)-"/M)QPH,/#P<3U MT'N/GW.D%,4&3TI1O,Z54@)P2:FGUSI39D9KO.E)_\[NM$7"R_UIO9!='6JC M]E[I4BD)+_8IT.+(B7ZEP>%A<>`&Q<@'O<@BNSA?4^9)IS(@UHQ\Z0/D:J5\ MQ90!<<F<47EQH=U'EWK2-DQW1P&-R"8>J9_B(IYJA<1IFH=:3CI_4W`F*\5( M+]9X<IJ$][,CT7ERVFJ=86,<B<^@0+<NR<;#(#<?)26\)2Z>Y*%"_'#ABS,4 MW+^ZD0XEB=$Z_X2_06&X[(!__2K,$X!<H#]&WF7GKVB2U"@]PM<-$I+(=YFX M(&)R&-O!LP:3'&,I*#U5&LX6QI9!W@[%*G'C$Y\5E_I9&L3!_1?K+F6O%W$N M3?F7F!,_>(6,5S/B_EG=SUKNM;IZTJTSRP\]\B*)FW2X5E&ODKM62UL(=QEE MN^C=Y:VQ2[I3^G^XLH>?Q(PU>VK;)GIFN/64F=A4F)/55LBVAKW=N%Y$GOC? MBVB36>1>,_>T27=@WH%KS4YZV8+F'$L?:&.FHP/^^PL7&?J(<'%V,OS!LQ0K MAH@&W!KH1WCTY9;G^5'JH?#7D!8EDA]Q<F.8ED=[/-OD;,8.T8:GC2=;(+!\ MPO0TOT-PNV$Z905XL,>\4\>22X&`$"E\2-,<]G`E^4GU^8^P7GVKS9N8-GG& M%HH7B-HL8Q-SUEV>M*?9%HDB:E%4[!R5-G6Y@U$EM?7?U/R8726I<Y)?R3QX MG@//"]*$Y&>]"5W>_XQ'[_4-P.[W?V;55.]_]H*,_5O?KJXZU_VW'N/9]S_H M',G['\,H5>7[GWI=W?_M`Q<3+%=E_4*I)Z_"XD1/!&-QVP!W@?L=!O0[GF@_ M:XQ3V(S,_F]W>JW;MQ_CF?UOFO7E]S_)^Y^*>O^['US.\RJ'>"&F5B'EXA9L MX&&M)^_\YM_!0*KD=8,X"4?GB5-@S9IPZF.OC:G13/+)&RM&1.(LDV,V\;C, ME47.BP)(P1>7-YIVF<KL0DSL@#Y(EHN!94\8W$3TW\26K8NIR(]M=.ARF5,O M;NVTY%,C,8I83G(W*?IM@F4D1CF4<G?=_4<JR,4+D%F<Y!W$&;[V:$4NQ?%7 MIB&'SL_YAQ;Q42%YN'<)9P1^1S&^]0N#?NL&[B,KQ`H6E8-*P%5"6U+/;TZ1 MRTJT\\6-R%0DE7V4/G;YJ7TFYM&/T#EQ2MT`X[(?WXQJO;@.QT9;/^UW>V<Z M+#1H>8S"E$9C!H\DFL%47(=BF1$1\8V17'\`%$?$2=G4%Y.AH5BWZ$J6M,[> MT@]X)*\MR2,).)X%VOW]?7/3UU":5LA\HJ6M_0[J1_N^PDK\O[GL]MX\^WL^ M_RN5C<7[WUHECO\E0\7_?8!P>^/U3:;OZ870IN[LC4Z&:DL7<S1QV3Z_G/O1 M>E%04%!04%!04%!04%!04%!04%!04%!04%!04%!04%!0^%GP/U.HN#@`4``` ` end >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991208170157.5191D14A26>