Date: Sat, 7 Jun 2003 12:07:00 +0200 From: "Clement Laforet" <sheepkiller@cultdeadsheep.org> To: FreeBSD-gnats-submit@FreeBSD.org Cc: Clement Laforet <sheepkiller@cultdeadsheep.org> Subject: ports/53013: [New port]: security/prelude-nids (part of Prelude NIDS port, 3/4) Message-ID: <20030607100715.BCBBF43F93@mx1.FreeBSD.org> Resent-Message-ID: <200306071010.h57AA7Mp096256@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 53013 >Category: ports >Synopsis: [New port]: security/prelude-nids (part of Prelude NIDS port, 3/4) >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sat Jun 07 03:10:07 PDT 2003 >Closed-Date: >Last-Modified: >Originator: Clement Laforet >Release: FreeBSD 4.8-STABLE i386 >Organization: cotds.org >Environment: System: FreeBSD lucifer.cultdeadsheep.org 4.8-STABLE FreeBSD 4.8-STABLE #2: Fri Jun 6 19:30:55 CEST 2003 root@lucifer.cultdeadsheep.org:/usr/src/sys/compile/LUCIFER i386 >Description: Rewrite of ports/41325 PR. prelude-nids : the Prelude Network Intrusion Detection System is a sensor, that may be installed on the same machine as the manager or not, which watches network traffic and looks for familiar patterns. This is functionally equivalent to Snort (http://www.snort.org). >How-To-Repeat: N/A. >Fix: --- prelude-nids.shar begins here --- # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # prelude-nids # prelude-nids/distinfo # prelude-nids/Makefile # prelude-nids/pkg-plist # prelude-nids/files # prelude-nids/files/patch-Makefile.in # prelude-nids/pkg-descr # echo c - prelude-nids mkdir -p prelude-nids > /dev/null 2>&1 echo x - prelude-nids/distinfo sed 's/^X//' >prelude-nids/distinfo << 'END-of-prelude-nids/distinfo' XMD5 (prelude-nids-0.8.1.tar.gz) = ffaa17e6694f12b8d5ede91c1fbdf22d END-of-prelude-nids/distinfo echo x - prelude-nids/Makefile sed 's/^X//' >prelude-nids/Makefile << 'END-of-prelude-nids/Makefile' X# New ports collection makefile for: prelude-nids X# Date created: Sun Aug 4 19:31:17 CEST 2002 X# Whom: Clement Laforet <sheepkiller@cultdeadsheep.org> X# X# $FreeBSD$ X XPORTNAME= prelude-nids XPORTVERSION= 0.8.1 XCATEGORIES= security XMASTER_SITES= http://www.prelude-ids.org/download/releases/ X XMAINTAINER= sheepkiller@cultdeadsheep.org XCOMMENT= Prelude Network Intrusion Detection System sensor X XLIB_DEPENDS= prelude.0:${PORTSDIR}/security/libprelude X XGNU_MAKE= yes XGNU_CONFIGURE= yes X XCONFIGURE_ARGS+= --prefix=${PREFIX} \ X --with-html-dir=${PREFIX}/share/doc \ X --program-prefix="" X XMAN8= prelude-nids.8 X X.include <bsd.port.mk> END-of-prelude-nids/Makefile echo x - prelude-nids/pkg-plist sed 's/^X//' >prelude-nids/pkg-plist << 'END-of-prelude-nids/pkg-plist' Xbin/prelude-nids Xetc/prelude-nids/ruleset/exploit.rules Xetc/prelude-nids/ruleset/scan.rules Xetc/prelude-nids/ruleset/finger.rules Xetc/prelude-nids/ruleset/shellcode.rules Xetc/prelude-nids/ruleset/ftp.rules Xetc/prelude-nids/ruleset/smtp.rules Xetc/prelude-nids/ruleset/icmp-info.rules Xetc/prelude-nids/ruleset/sql.rules Xetc/prelude-nids/ruleset/icmp.rules Xetc/prelude-nids/ruleset/telnet.rules Xetc/prelude-nids/ruleset/info.rules Xetc/prelude-nids/ruleset/tftp.rules Xetc/prelude-nids/ruleset/attack-responses.rules Xetc/prelude-nids/ruleset/local.rules Xetc/prelude-nids/ruleset/virus.rules Xetc/prelude-nids/ruleset/backdoor.rules Xetc/prelude-nids/ruleset/misc.rules Xetc/prelude-nids/ruleset/web-attacks.rules Xetc/prelude-nids/ruleset/bad-traffic.rules Xetc/prelude-nids/ruleset/netbios.rules Xetc/prelude-nids/ruleset/web-cgi.rules Xetc/prelude-nids/ruleset/classification.config Xetc/prelude-nids/ruleset/policy.rules Xetc/prelude-nids/ruleset/web-coldfusion.rules Xetc/prelude-nids/ruleset/porn.rules Xetc/prelude-nids/ruleset/web-frontpage.rules Xetc/prelude-nids/ruleset/ddos.rules Xetc/prelude-nids/ruleset/prelude.rules Xetc/prelude-nids/ruleset/web-iis.rules Xetc/prelude-nids/ruleset/dns.rules Xetc/prelude-nids/ruleset/rpc.rules Xetc/prelude-nids/ruleset/web-misc.rules Xetc/prelude-nids/ruleset/dos.rules Xetc/prelude-nids/ruleset/rservices.rules Xetc/prelude-nids/ruleset/x11.rules Xetc/prelude-nids/ruleset/reference.config Xetc/prelude-nids/unitable.txt X@unexec [ -f %D/etc/prelude-nids/prelude-nids.conf-dist ] && rm %D/etc/prelude-nids/prelude-nids.conf-dist || true Xinclude/prelude-nids/nids-alert.h Xinclude/prelude-nids/nids-alert-id.h Xlib/prelude-nids/detects/arpspoof.so Xlib/prelude-nids/detects/arpspoof.la Xlib/prelude-nids/detects/debug.so Xlib/prelude-nids/detects/debug.la Xlib/prelude-nids/detects/scandetect.so Xlib/prelude-nids/detects/scandetect.la Xlib/prelude-nids/detects/shellcode.so Xlib/prelude-nids/detects/shellcode.la Xlib/prelude-nids/detects/snortrules.so Xlib/prelude-nids/detects/snortrules.la Xlib/prelude-nids/protocols/http.so Xlib/prelude-nids/protocols/http.la Xlib/prelude-nids/protocols/rpc.so Xlib/prelude-nids/protocols/rpc.la Xlib/prelude-nids/protocols/telnet.so Xlib/prelude-nids/protocols/telnet.la X@unexec rmdir %D/etc/prelude-nids/ruleset 2> /dev/null || true X@unexec rmdir %D/etc/prelude-nids 2>/dev/null || echo "If you are permanently removing this port, you should do a ``rm -rf ${PKG_PREFIX}/etc/prelude-nids`` to remove any configuration files left." | fmt X@dirrm include/prelude-nids X@dirrm lib/prelude-nids/detects X@dirrm lib/prelude-nids/protocols X@dirrm lib/prelude-nids END-of-prelude-nids/pkg-plist echo c - prelude-nids/files mkdir -p prelude-nids/files > /dev/null 2>&1 echo x - prelude-nids/files/patch-Makefile.in sed 's/^X//' >prelude-nids/files/patch-Makefile.in << 'END-of-prelude-nids/files/patch-Makefile.in' X--- Makefile.in.orig Sat Jun 7 10:49:54 2003 X+++ Makefile.in Sat Jun 7 10:50:43 2003 X@@ -440,17 +440,8 @@ X X X install-data-local: X- @if test -f $(DESTDIR)/$(configdir)/prelude-nids.conf; then \ X- echo "********************************************************************************"; \ X- echo; \ X- echo "$(DESTDIR)/$(configdir)/prelude-nids.conf already exist..."; \ X- echo "Installing default configuration in $(DESTDIR)/$(configdir)/prelude-nids.conf-dist"; \ X- echo; \ X- echo "********************************************************************************"; \ X- $(INSTALL) -m 600 $(top_srcdir)/prelude-nids.conf $(DESTDIR)/$(configdir)/prelude-nids.conf-dist; \ X- else \ X- $(INSTALL) -m 600 $(top_srcdir)/prelude-nids.conf $(DESTDIR)/$(configdir)/; \ X- fi X+ $(INSTALL) -m 600 $(top_srcdir)/prelude-nids.conf $(DESTDIR)/$(configdir)/prelude-nids.conf-dist; \ X+ X # Tell versions [3.59,3.63) of GNU make to not export all variables. X # Otherwise a system limit (for SysV at least) may be exceeded. X .NOEXPORT: END-of-prelude-nids/files/patch-Makefile.in echo x - prelude-nids/pkg-descr sed 's/^X//' >prelude-nids/pkg-descr << 'END-of-prelude-nids/pkg-descr' XPrelude is a new innovative hybrid Intrusion Detection system designed Xto be very modular, distributed, rock solid and fast. X XThe Prelude Network Intrusion Detection System is a sensor, that may Xbe installed on the same machine as the manager or not, which watches Xnetwork traffic and looks for familiar patterns. This is functionally Xequivalent to (Snort (http://www.snort.org). X XWWW: http://www.prelude-ids.org/ END-of-prelude-nids/pkg-descr exit --- prelude-nids.shar ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030607100715.BCBBF43F93>