Date: Mon, 27 Apr 2015 20:33:38 +0000 (UTC) From: Lars Engels <lme@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r384872 - in head/security: . passivedns passivedns/files Message-ID: <201504272033.t3RKXcGl079169@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: lme Date: Mon Apr 27 20:33:38 2015 New Revision: 384872 URL: https://svnweb.freebsd.org/changeset/ports/384872 Log: Add security/passivedns: A tool to collect DNS records passively to aid Incident handling, Network Security Monitoring (NSM) and general digital forensics. PassiveDNS sniffs traffic from an interface or reads a pcap-file and outputs the DNS-server answers to a log file. PassiveDNS can cache/aggregate duplicate DNS answers in-memory, limiting the amount of data in the logfile without losing the essense in the DNS answer. WWW: https://github.com/gamelinux/passivedns PR: 198499 Submitted by: shadowbq@gmail.com Added: head/security/passivedns/ head/security/passivedns/Makefile (contents, props changed) head/security/passivedns/distinfo (contents, props changed) head/security/passivedns/files/ head/security/passivedns/files/passivedns.in (contents, props changed) head/security/passivedns/files/pkg-message.in (contents, props changed) head/security/passivedns/pkg-descr (contents, props changed) head/security/passivedns/pkg-plist (contents, props changed) Modified: head/security/Makefile Modified: head/security/Makefile ============================================================================== --- head/security/Makefile Mon Apr 27 20:29:48 2015 (r384871) +++ head/security/Makefile Mon Apr 27 20:33:38 2015 (r384872) @@ -666,6 +666,7 @@ SUBDIR += pamtester SUBDIR += paperkey SUBDIR += parano + SUBDIR += passivedns SUBDIR += pbc SUBDIR += pbnj SUBDIR += pcsc-tools Added: head/security/passivedns/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/passivedns/Makefile Mon Apr 27 20:33:38 2015 (r384872) @@ -0,0 +1,40 @@ +# $FreeBSD$ + +PORTNAME= passivedns +DISTVERSION= ${GH_TAG} +CATEGORIES= security +DISTFILES= gamelinux-passivedns-1.1.3-60-ga6c7e26.tar.gz + +MAINTAINER= shadowbq@gmail.com +COMMENT= Network sniffer that logs DNS replies for use in passive DNS setups + +LICENSE= GPLv2 + +LIB_DEPENDS= libldns.so:${PORTSDIR}/dns/ldns + +USE_GITHUB= yes +GH_ACCOUNT= gamelinux +GH_PROJECT= passivedns +GH_TAG= a6c7e26 + +WRKSRC= ${WRKDIR}/gamelinux-${PORTNAME}-${GH_TAG} + +SUB_FILES= pkg-message + +USES= autoreconf gmake libtool +AUTOMAKE_ARGS= --add-missing + +GNU_CONFIGURE= yes +CONFIGURE_ARGS= --with-ldns-libraries=${PREFIX}/lib +CONFIGURE_ARGS+=--with-ldns-includes=${PREFIX}/include + +USE_RC_SUBR= passivedns + +.include <bsd.port.options.mk> + +do-install: + ${INSTALL_PROGRAM} ${WRKSRC}/src/passivedns \ + ${STAGEDIR}${PREFIX}/bin + ${MKDIR} ${STAGEDIR}/var/log/passivedns + +.include <bsd.port.mk> Added: head/security/passivedns/distinfo ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/passivedns/distinfo Mon Apr 27 20:33:38 2015 (r384872) @@ -0,0 +1,2 @@ +SHA256 (gamelinux-passivedns-1.1.3-60-ga6c7e26.tar.gz) = 6196cb863c8fcd352e4c3019053530c7ac75656a5c43d11be6774eb9115be5c7 +SIZE (gamelinux-passivedns-1.1.3-60-ga6c7e26.tar.gz) = 51318 Added: head/security/passivedns/files/passivedns.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/passivedns/files/passivedns.in Mon Apr 27 20:33:38 2015 (r384872) @@ -0,0 +1,49 @@ +#!/bin/sh + +# $FreeBSD$ +# +# PROVIDE: passivedns +# REQUIRE: DAEMON +# BEFORE: LOGIN +# KEYWORD: shutdown + +# Add the following lines to /etc/rc.conf to enable passivedns: +# passivedns_enable (bool): Set to YES to enable passivedns +# Default: NO +# passivedns_interface (str): +# Default: none - MUST BE SET +# passivedns_logdir (str): Logging Directory +# Default: "/var/log/passivedns" +# passivedns_fields (str): Passive DNS Fields to log +# Default: "SMcsCQTAtn" +# passivedns_flags (str): Extra flags passed to passivedns (-D is always passed) +# Default: none + +. /etc/rc.subr + +name="passivedns" +rcvar=passivedns_enable + +command="%%PREFIX%%/bin/passivedns" + +start_precmd=start_precmd + +start_precmd() +{ + if [ -z "${passivedns_interface}" ]; then + err 1 "passivedns_interface must set." + fi +} + +# set some defaults +load_rc_config $name + +: ${passivedns_enable="NO"} +: ${passivedns_logdir="/var/log/passivedns"} +: ${passivedns_fields="SMcsCQTAtn"} +: ${passivedns_flags=""} + +command_args="-i ${passivedns_interface} -l ${passivedns_logdir}/passivedns.log -f ${passivedns_fields} ${passivedns_flags} -D" + +run_rc_command "$1" + Added: head/security/passivedns/files/pkg-message.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/passivedns/files/pkg-message.in Mon Apr 27 20:33:38 2015 (r384872) @@ -0,0 +1,3 @@ +A startup script 'passivedns' was installed in %%PREFIX%%/etc/rc.d/. + +Type "passivedns -h" on the commandline for usage instructions. Added: head/security/passivedns/pkg-descr ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/passivedns/pkg-descr Mon Apr 27 20:33:38 2015 (r384872) @@ -0,0 +1,11 @@ +A tool to collect DNS records passively to aid Incident handling, Network +Security Monitoring (NSM) and general digital forensics. + +PassiveDNS sniffs traffic from an interface or reads a pcap-file and outputs +the DNS-server answers to a log file. PassiveDNS can cache/aggregate duplicate +DNS answers in-memory, limiting the amount of data in the logfile without +losing the essense in the DNS answer. + +(c)2011-2012 - Edward Bjarte Fjellskal + +WWW: https://github.com/gamelinux/passivedns Added: head/security/passivedns/pkg-plist ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/passivedns/pkg-plist Mon Apr 27 20:33:38 2015 (r384872) @@ -0,0 +1,2 @@ +bin/passivedns +@dir(root,wheel,750) /var/log/passivedns
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201504272033.t3RKXcGl079169>