From owner-svn-ports-all@FreeBSD.ORG Mon Apr 27 20:33:40 2015 Return-Path: Delivered-To: svn-ports-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B14C5BCD; Mon, 27 Apr 2015 20:33:40 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9E88919DA; Mon, 27 Apr 2015 20:33:40 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t3RKXeFL079189; Mon, 27 Apr 2015 20:33:40 GMT (envelope-from lme@FreeBSD.org) Received: (from lme@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t3RKXcGl079169; Mon, 27 Apr 2015 20:33:38 GMT (envelope-from lme@FreeBSD.org) Message-Id: <201504272033.t3RKXcGl079169@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: lme set sender to lme@FreeBSD.org using -f From: Lars Engels Date: Mon, 27 Apr 2015 20:33:38 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r384872 - in head/security: . passivedns passivedns/files X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Apr 2015 20:33:40 -0000 Author: lme Date: Mon Apr 27 20:33:38 2015 New Revision: 384872 URL: https://svnweb.freebsd.org/changeset/ports/384872 Log: Add security/passivedns: A tool to collect DNS records passively to aid Incident handling, Network Security Monitoring (NSM) and general digital forensics. PassiveDNS sniffs traffic from an interface or reads a pcap-file and outputs the DNS-server answers to a log file. PassiveDNS can cache/aggregate duplicate DNS answers in-memory, limiting the amount of data in the logfile without losing the essense in the DNS answer. WWW: https://github.com/gamelinux/passivedns PR: 198499 Submitted by: shadowbq@gmail.com Added: head/security/passivedns/ head/security/passivedns/Makefile (contents, props changed) head/security/passivedns/distinfo (contents, props changed) head/security/passivedns/files/ head/security/passivedns/files/passivedns.in (contents, props changed) head/security/passivedns/files/pkg-message.in (contents, props changed) head/security/passivedns/pkg-descr (contents, props changed) head/security/passivedns/pkg-plist (contents, props changed) Modified: head/security/Makefile Modified: head/security/Makefile ============================================================================== --- head/security/Makefile Mon Apr 27 20:29:48 2015 (r384871) +++ head/security/Makefile Mon Apr 27 20:33:38 2015 (r384872) @@ -666,6 +666,7 @@ SUBDIR += pamtester SUBDIR += paperkey SUBDIR += parano + SUBDIR += passivedns SUBDIR += pbc SUBDIR += pbnj SUBDIR += pcsc-tools Added: head/security/passivedns/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/passivedns/Makefile Mon Apr 27 20:33:38 2015 (r384872) @@ -0,0 +1,40 @@ +# $FreeBSD$ + +PORTNAME= passivedns +DISTVERSION= ${GH_TAG} +CATEGORIES= security +DISTFILES= gamelinux-passivedns-1.1.3-60-ga6c7e26.tar.gz + +MAINTAINER= shadowbq@gmail.com +COMMENT= Network sniffer that logs DNS replies for use in passive DNS setups + +LICENSE= GPLv2 + +LIB_DEPENDS= libldns.so:${PORTSDIR}/dns/ldns + +USE_GITHUB= yes +GH_ACCOUNT= gamelinux +GH_PROJECT= passivedns +GH_TAG= a6c7e26 + +WRKSRC= ${WRKDIR}/gamelinux-${PORTNAME}-${GH_TAG} + +SUB_FILES= pkg-message + +USES= autoreconf gmake libtool +AUTOMAKE_ARGS= --add-missing + +GNU_CONFIGURE= yes +CONFIGURE_ARGS= --with-ldns-libraries=${PREFIX}/lib +CONFIGURE_ARGS+=--with-ldns-includes=${PREFIX}/include + +USE_RC_SUBR= passivedns + +.include + +do-install: + ${INSTALL_PROGRAM} ${WRKSRC}/src/passivedns \ + ${STAGEDIR}${PREFIX}/bin + ${MKDIR} ${STAGEDIR}/var/log/passivedns + +.include Added: head/security/passivedns/distinfo ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/passivedns/distinfo Mon Apr 27 20:33:38 2015 (r384872) @@ -0,0 +1,2 @@ +SHA256 (gamelinux-passivedns-1.1.3-60-ga6c7e26.tar.gz) = 6196cb863c8fcd352e4c3019053530c7ac75656a5c43d11be6774eb9115be5c7 +SIZE (gamelinux-passivedns-1.1.3-60-ga6c7e26.tar.gz) = 51318 Added: head/security/passivedns/files/passivedns.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/passivedns/files/passivedns.in Mon Apr 27 20:33:38 2015 (r384872) @@ -0,0 +1,49 @@ +#!/bin/sh + +# $FreeBSD$ +# +# PROVIDE: passivedns +# REQUIRE: DAEMON +# BEFORE: LOGIN +# KEYWORD: shutdown + +# Add the following lines to /etc/rc.conf to enable passivedns: +# passivedns_enable (bool): Set to YES to enable passivedns +# Default: NO +# passivedns_interface (str): +# Default: none - MUST BE SET +# passivedns_logdir (str): Logging Directory +# Default: "/var/log/passivedns" +# passivedns_fields (str): Passive DNS Fields to log +# Default: "SMcsCQTAtn" +# passivedns_flags (str): Extra flags passed to passivedns (-D is always passed) +# Default: none + +. /etc/rc.subr + +name="passivedns" +rcvar=passivedns_enable + +command="%%PREFIX%%/bin/passivedns" + +start_precmd=start_precmd + +start_precmd() +{ + if [ -z "${passivedns_interface}" ]; then + err 1 "passivedns_interface must set." + fi +} + +# set some defaults +load_rc_config $name + +: ${passivedns_enable="NO"} +: ${passivedns_logdir="/var/log/passivedns"} +: ${passivedns_fields="SMcsCQTAtn"} +: ${passivedns_flags=""} + +command_args="-i ${passivedns_interface} -l ${passivedns_logdir}/passivedns.log -f ${passivedns_fields} ${passivedns_flags} -D" + +run_rc_command "$1" + Added: head/security/passivedns/files/pkg-message.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/passivedns/files/pkg-message.in Mon Apr 27 20:33:38 2015 (r384872) @@ -0,0 +1,3 @@ +A startup script 'passivedns' was installed in %%PREFIX%%/etc/rc.d/. + +Type "passivedns -h" on the commandline for usage instructions. Added: head/security/passivedns/pkg-descr ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/passivedns/pkg-descr Mon Apr 27 20:33:38 2015 (r384872) @@ -0,0 +1,11 @@ +A tool to collect DNS records passively to aid Incident handling, Network +Security Monitoring (NSM) and general digital forensics. + +PassiveDNS sniffs traffic from an interface or reads a pcap-file and outputs +the DNS-server answers to a log file. PassiveDNS can cache/aggregate duplicate +DNS answers in-memory, limiting the amount of data in the logfile without +losing the essense in the DNS answer. + +(c)2011-2012 - Edward Bjarte Fjellskal + +WWW: https://github.com/gamelinux/passivedns Added: head/security/passivedns/pkg-plist ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/passivedns/pkg-plist Mon Apr 27 20:33:38 2015 (r384872) @@ -0,0 +1,2 @@ +bin/passivedns +@dir(root,wheel,750) /var/log/passivedns