Date: Fri, 17 Nov 2006 00:15:32 +0100 (CET) From: freebsd@netfence.it To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/105618: Update port: security/snortreport Message-ID: <200611162315.kAGNFWvf065648@soth.ventu> Resent-Message-ID: <200611162320.kAGNK1DI002798@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 105618 >Category: ports >Synopsis: Update port: security/snortreport >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Thu Nov 16 23:20:01 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Andrea Venturoli <freebsd@netfence.it> >Release: FreeBSD 5.4-RELEASE-p22 i386 >Organization: NetFence >Environment: System: FreeBSD soth.ventu 5.4-RELEASE-p22 FreeBSD 5.4-RELEASE-p22 #4: Sun Oct 1 14:54:58 CEST 2006 root@soth.ventu:/usr/obj/usr/src/sys/SOTH i386 >Description: Snort Report is an add-on module for the Snort Intrusion Detection System. >How-To-Repeat: >Fix: --- te begins here --- # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # snortreport # snortreport/Makefile # snortreport/distinfo # snortreport/pkg-descr # snortreport/pkg-message # snortreport/pkg-plist # snortreport/files # snortreport/files/patch-ipdetail.php # snortreport/files/patch-sigdetail.php # echo c - snortreport mkdir -p snortreport > /dev/null 2>&1 echo x - snortreport/Makefile sed 's/^X//' >snortreport/Makefile << 'END-of-snortreport/Makefile' X# New ports collection makefile for: snortreport X# Date created: 18 Jan 2004 X# Whom: Andrea Venturoli <freebsd@netfence.it> X# X# $FreeBSD: ports/security/snortreport/Makefile,v 1.6 2006/10/12 03:35:56 kris Exp $ X# X XPORTNAME= snortreport XPORTVERSION= 1.3.1 XCATEGORIES= security www XMASTER_SITES= http://www.symmetrixtech.com/ids/ X XMAINTAINER= freebsd@netfence.it XCOMMENT= Add-on module for snort to generate real-time web reports X X.if !defined(WITHOUT_JPGRAPH) XRUN_DEPENDS= ${LOCALBASE}/share/jpgraph/jpgraph.php:${PORTSDIR}/graphics/jpgraph X.endif X XUSE_PHP= yes XWANT_PHP_WEB= yes X XPKGMESSAGE= ${WRKDIR}/pkg-message XNO_BUILD= yes X Xpre-everything:: X @${ECHO} "" X @${ECHO} "You have to configure PHP either with MySQL or PostgreSQL" X @${ECHO} "support in order to let snortreport collect its data." X @${ECHO} "Is is also suggested to compile support for GD in" X @${ECHO} "and have Jpgraph installed in order to view the charts." X @${ECHO} "" X Xpre-patch: X @${SED} 's|%%PREFIX%%|${PREFIX}|g' \ X ${PKGDIR}/pkg-message > ${PKGMESSAGE} X Xdo-install: X ${MKDIR} ${PREFIX}/www/snortreport X ${CP} -p ${WRKSRC}/*.php ${PREFIX}/www/snortreport X ${CP} -p ${WRKSRC}/*.css ${PREFIX}/www/snortreport X ${CP} -p ${WRKSRC}/*.png ${PREFIX}/www/snortreport X ${CP} -p ${WRKSRC}/*.html ${PREFIX}/www/snortreport X ${CP} -p ${WRKSRC}/*.phps ${PREFIX}/www/snortreport X ${CP} -p ${WRKSRC}/*.js ${PREFIX}/www/snortreport X ${CHOWN} -R www:www ${PREFIX}/www/snortreport X Xpost-install: X.if !defined(NOPORTDOCS) X ${INSTALL} -d -o ${DOCOWN} -g ${DOCGRP} ${DOCSDIR} X ${INSTALL_DATA} ${WRKSRC}/INSTALL ${DOCSDIR} X ${INSTALL_DATA} ${WRKSRC}/LICENSE ${DOCSDIR} X ${INSTALL_DATA} ${WRKSRC}/Performance.txt ${DOCSDIR} X ${INSTALL_DATA} ${WRKSRC}/create_indexes.sql ${DOCSDIR} X.endif X @${CAT} ${PKGMESSAGE} X X.include <bsd.port.mk> END-of-snortreport/Makefile echo x - snortreport/distinfo sed 's/^X//' >snortreport/distinfo << 'END-of-snortreport/distinfo' XMD5 (snortreport-1.3.1.tar.gz) = 82407df1de6ab03319b5e4b82ef725ee XSHA256 (snortreport-1.3.1.tar.gz) = 476008993100d11046ef34db68735b0e96cb3b939e431d2df592e6ffcf24de33 XSIZE (snortreport-1.3.1.tar.gz) = 43334 END-of-snortreport/distinfo echo x - snortreport/pkg-descr sed 's/^X//' >snortreport/pkg-descr << 'END-of-snortreport/pkg-descr' XSnort Report is an add-on module for the Snort Intrusion Detection System. X XIt generates real-time intrusion detection reports in an easy to read format Xbased on data collected from a MySQL or PostgreSQL database. X XWWW: http://www.symmetrixtech.com/download.html X X- Andrea Venturoli Xfreebsd@netfence.it END-of-snortreport/pkg-descr echo x - snortreport/pkg-message sed 's/^X//' >snortreport/pkg-message << 'END-of-snortreport/pkg-message' X*************************************************************** XSnortreport has been installed in %%PREFIX%%/www/snortreport. XChange into this directory and make any necessary change to Xthe config file (srconf.php). XAlso modify your web server configuration to let access to this Xdirectory. X*************************************************************** END-of-snortreport/pkg-message echo x - snortreport/pkg-plist sed 's/^X//' >snortreport/pkg-plist << 'END-of-snortreport/pkg-plist' Xwww/snortreport/DB.php Xwww/snortreport/DB_mysql.php Xwww/snortreport/DB_pgsql.php Xwww/snortreport/alertchart.php Xwww/snortreport/alerts.php Xwww/snortreport/default.css Xwww/snortreport/functions.php Xwww/snortreport/go.png Xwww/snortreport/index.php Xwww/snortreport/info-retrieval.php Xwww/snortreport/ipdetail.php Xwww/snortreport/menu.html Xwww/snortreport/nbtscan.php Xwww/snortreport/nmap.php Xwww/snortreport/nodata.png Xwww/snortreport/page_bottom.php Xwww/snortreport/page_top.php Xwww/snortreport/portscan.php Xwww/snortreport/profiling.phps Xwww/snortreport/psdetail.php Xwww/snortreport/sig-by-time-chart.php Xwww/snortreport/sigdetail.php Xwww/snortreport/srconf.php Xwww/snortreport/srlogo.png Xwww/snortreport/ssm.js Xwww/snortreport/ssmItems.js Xwww/snortreport/timespan.php X%%PORTDOCS%%%%DOCSDIR%%/INSTALL X%%PORTDOCS%%%%DOCSDIR%%/LICENSE X%%PORTDOCS%%%%DOCSDIR%%/Performance.txt X%%PORTDOCS%%%%DOCSDIR%%/create_indexes.sql X@dirrm www/snortreport X%%PORTDOCS%%@dirrm %%DOCSDIR%% END-of-snortreport/pkg-plist echo c - snortreport/files mkdir -p snortreport/files > /dev/null 2>&1 echo x - snortreport/files/patch-ipdetail.php sed 's/^X//' >snortreport/files/patch-ipdetail.php << 'END-of-snortreport/files/patch-ipdetail.php' X*** /usr/local/www/snortreport/ipdetail.php Thu Dec 22 06:07:07 2005 X--- ./ipdetail.php Thu Nov 9 14:28:57 2006 X*************** X*** 40,48 **** X X // set up the SQL query X if ($type == "src") { X! $query = "SELECT event.cid, event.sid, event.signature, event.timestamp, iphdr.ip_src, iphdr.ip_dst, iphdr.ip_ver, iphdr.ip_hlen, iphdr.ip_tos, iphdr.ip_len, iphdr.ip_id, iphdr.ip_flags, iphdr.ip_off, iphdr.ip_ttl, iphdr.ip_proto, iphdr.ip_csum, signature.sig_name, signature.sig_id, signature.sig_sid FROM event, iphdr, signature WHERE event.cid = iphdr.cid AND event.sid = iphdr.sid AND event.signature = signature.sig_id AND iphdr.ip_src = ".$ipAddress." AND event.timestamp > ".$db->timestamp($beginTime)." AND event.timestamp < ".$db->timestamp($endTime) or die("Error in query"); X } else { X! $query = "SELECT event.cid, event.sid, event.signature, event.timestamp, iphdr.ip_src, iphdr.ip_dst, iphdr.ip_ver, iphdr.ip_hlen, iphdr.ip_tos, iphdr.ip_len, iphdr.ip_id, iphdr.ip_flags, iphdr.ip_off, iphdr.ip_ttl, iphdr.ip_proto, iphdr.ip_csum, signature.sig_name, signature.sig_id, signature.sig_sid FROM event, iphdr, signature WHERE event.cid = iphdr.cid AND event.sid = iphdr.sid AND event.signature = signature.sig_id AND iphdr.ip_dst = ".$ipAddress." AND event.timestamp > ".$db->timestamp($beginTime)." AND event.timestamp < ".$db->timestamp($endTime) or die("Error in query"); X } X X // run the query on the database X--- 40,48 ---- X X // set up the SQL query X if ($type == "src") { X! $query = "SELECT event.cid, event.sid, event.signature, ".$db->timeSinceEpoch('event.timestamp').", iphdr.ip_src, iphdr.ip_dst, iphdr.ip_ver, iphdr.ip_hlen, iphdr.ip_tos, iphdr.ip_len, iphdr.ip_id, iphdr.ip_flags, iphdr.ip_off, iphdr.ip_ttl, iphdr.ip_proto, iphdr.ip_csum, signature.sig_name, signature.sig_id, signature.sig_sid FROM event, iphdr, signature WHERE event.cid = iphdr.cid AND event.sid = iphdr.sid AND event.signature = signature.sig_id AND iphdr.ip_src = ".$ipAddress." AND ".$db->timeSinceEpoch('event.timestamp')." > ".$db->timestamp($beginTime)." AND ".$db->timeSinceEpoch("event.timestamp")." < ".$db->timestamp($endTime) or die("Error in query"); X } else { X! $query = "SELECT event.cid, event.sid, event.signature, ".$db->timeSinceEpoch("event.timestamp").", iphdr.ip_src, iphdr.ip_dst, iphdr.ip_ver, iphdr.ip_hlen, iphdr.ip_tos, iphdr.ip_len, iphdr.ip_id, iphdr.ip_flags, iphdr.ip_off, iphdr.ip_ttl, iphdr.ip_proto, iphdr.ip_csum, signature.sig_name, signature.sig_id, signature.sig_sid FROM event, iphdr, signature WHERE event.cid = iphdr.cid AND event.sid = iphdr.sid AND event.signature = signature.sig_id AND iphdr.ip_dst = ".$ipAddress." AND ".$db->timeSinceEpoch("event.timestamp")." > ".$db->timestamp($beginTime)." AND ".$db->timeSinceEpoch("event.timestamp")." < ".$db->timestamp($endTime) or die("Error in query"); X } X X // run the query on the database END-of-snortreport/files/patch-ipdetail.php echo x - snortreport/files/patch-sigdetail.php sed 's/^X//' >snortreport/files/patch-sigdetail.php << 'END-of-snortreport/files/patch-sigdetail.php' X*** /usr/local/www/snortreport/sigdetail.php Thu Dec 22 06:07:07 2005 X--- ./sigdetail.php Thu Nov 9 14:28:57 2006 X*************** X*** 38,44 **** X assert($beginTime < $endTime); X X $URLTimeConstraint = "beginTime=$beginTime&endTime=$endTime"; X! $DBTimeConstraint = "(event.timestamp > " . $db->timestamp($beginTime) . " AND event.timestamp < " . $db->timestamp($endTime) . ")"; X X $sigid = intval($sigid) or die("Invalid signature ID"); X X--- 38,44 ---- X assert($beginTime < $endTime); X X $URLTimeConstraint = "beginTime=$beginTime&endTime=$endTime"; X! $DBTimeConstraint = "(".$db->timeSinceEpoch("event.timestamp")." > " . $db->timestamp($beginTime) . " AND ".$db->timeSinceEpoch("event.timestamp")." < " . $db->timestamp($endTime) . ")"; X X $sigid = intval($sigid) or die("Invalid signature ID"); X X*************** X*** 101,106 **** X--- 101,108 ---- X } X } X X+ if (!empty($Sources)) { X+ X if (PROFILING) elapsedTimer(__FILE__ . ": " . __LINE__); X // Get the total number of alerts for each source X X*************** X*** 327,332 **** X--- 329,336 ---- X print "<b><a href=\"sigdetail.php?$qs\">$anchor</a></b><br>\n"; X X if (PROFILING) elapsedTimer(__FILE__ . ": " . __LINE__); X+ X+ } X X require_once("page_bottom.php"); X END-of-snortreport/files/patch-sigdetail.php exit --- te ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200611162315.kAGNFWvf065648>