Index: branches/2014Q1/security/snortsam/Makefile =================================================================== --- branches/2014Q1/security/snortsam/Makefile (revision 340442) +++ branches/2014Q1/security/snortsam/Makefile (revision 340443) @@ -1,91 +1,78 @@ # Created by: Danton Dorati # $FreeBSD$ PORTNAME= snortsam PORTVERSION= 2.70 PORTREVISION= 1 CATEGORIES= security MASTER_SITES= http://www.snortsam.net/files/snortsam/ DISTNAME= ${PORTNAME}-src-${PORTVERSION} MAINTAINER= urisso@bsd.com.br COMMENT= SnortSam is a output plugin for Snort OPTIONS_DEFINE= IPFW SAMTOOL DEBUG DOCS OPTIONS_DEFAULT= IPFW SAMTOOL IPFW_DESC= checks if configured tables are available SAMTOOL_DESC= install samtool -NO_STAGE= yes .include USE_RC_SUBR= snortsam SUB_FILES= pkg-message \ pkg-install -HAS_CONFIGURE= yes -NO_BUILD= yes -CONFIGURE_SCRIPT= src/Makefile - -CONFIG_DIR?= ${PREFIX}/etc/snortsam - PLIST_DIRS= etc/snortsam PLIST_FILES= sbin/snortsam \ - etc/snortsam/snortsam.conf.sample \ - etc/snortsam/country-rootservers.conf.sample \ - etc/snortsam/rootservers.cfg.sample + %%ETCDIR%%/snortsam.conf.sample \ + %%ETCDIR%%/country-rootservers.conf.sample \ + %%ETCDIR%%/rootservers.cfg.sample .if ${PORT_OPTIONS:MSAMTOOL} PLIST_FILES+= sbin/samtool .endif PORTDOCS= AUTHORS BUGS CREDITS FAQ INSTALL LICENSE README README.ciscoacl \ README.conf README.iptables README.netscreen README.pf README.pf2 \ README.rules README.slackware README.snmp_interface_down README.wgrd \ README_8signs.rtf TODO .if ! ${PORT_OPTIONS:MIPFW} EXTRA_PATCHES+= ${FILESDIR}/ssp_ipfw2_no_table_check.patch .endif .if ${PORT_OPTIONS:MDEBUG} DEBUG=-DDEBUG .endif +# This seems silly, but the RC file gets into ${WRKDIR}/${PORTNAME} which +# without this, would exist and be a directory. post-extract: @${MV} ${WRKDIR}/${PORTNAME} ${WRKSRC} -pre-configure: - @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/conf/snortsam.conf.sample - @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/docs/README.conf - @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/src/snortsam.h - @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${CONFIG_DIR}/snortsam.conf|g" ${WRKSRC}/contrib/snortsam-state.c +post-patch: + @${REINPLACE_CMD} -e '/^CC/d' ${WRKSRC}/src/Makefile + @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${ETCDIR}/snortsam.conf|g" ${WRKSRC}/conf/snortsam.conf.sample + @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${ETCDIR}/snortsam.conf|g" ${WRKSRC}/docs/README.conf + @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${ETCDIR}/snortsam.conf|g" ${WRKSRC}/src/snortsam.h + @${REINPLACE_CMD} -e "s|/etc/snortsam.conf|${ETCDIR}/snortsam.conf|g" ${WRKSRC}/contrib/snortsam-state.c @${CHMOD} +x ${WRKSRC}/makesnortsam.sh -do-configure: +do-build: @cd ${WRKSRC}/src && ${MAKE} ${DEBUG} @cd ${WRKSRC}/src && ${MAKE} samtool ${DEBUG} -# no access to snortsam.conf and samtool for non root users! do-install: - @${INSTALL_PROGRAM} ${WRKSRC}/snortsam ${PREFIX}/sbin -.if ${PORT_OPTIONS:MSAMTOOL} - @${INSTALL} -o root -g wheel -m 500 ${WRKSRC}/samtool ${PREFIX}/sbin -.endif - @${MKDIR} -m 700 ${CONFIG_DIR} - @${INSTALL_DATA} -m 600 ${WRKSRC}/conf/snortsam.conf.sample ${CONFIG_DIR}/snortsam.conf.sample - @${INSTALL_DATA} ${WRKSRC}/conf/rootservers.cfg ${CONFIG_DIR}/rootservers.cfg.sample - @${INSTALL_DATA} ${WRKSRC}/conf/country-rootservers.conf ${CONFIG_DIR}/country-rootservers.conf.sample + ${INSTALL_PROGRAM} ${WRKSRC}/snortsam ${STAGEDIR}${PREFIX}/sbin + ${INSTALL_PROGRAM} ${WRKSRC}/samtool ${STAGEDIR}${PREFIX}/sbin + @${MKDIR} ${STAGEDIR}${ETCDIR} + ${INSTALL_DATA} ${WRKSRC}/conf/snortsam.conf.sample ${STAGEDIR}${ETCDIR}/snortsam.conf.sample + ${INSTALL_DATA} ${WRKSRC}/conf/rootservers.cfg ${STAGEDIR}${ETCDIR}/rootservers.cfg.sample + ${INSTALL_DATA} ${WRKSRC}/conf/country-rootservers.conf ${STAGEDIR}${ETCDIR}/country-rootservers.conf.sample -.if ${PORT_OPTIONS:MDOCS} - @${MKDIR} ${DOCSDIR} + @${MKDIR} ${STAGEDIR}${DOCSDIR} .for f in ${PORTDOCS} - @${INSTALL_DATA} ${WRKSRC}/docs/${f} ${DOCSDIR} + ${INSTALL_DATA} ${WRKSRC}/docs/${f} ${STAGEDIR}${DOCSDIR} .endfor -.endif - -post-install: - @${SH} ${PKGINSTALL} ${DISTNAME} POST-INSTALL - @${CAT} ${PKGMESSAGE} .include Index: branches/2014Q1/security/snortsam/files/patch-src__ssp_pf2.c =================================================================== --- branches/2014Q1/security/snortsam/files/patch-src__ssp_pf2.c (nonexistent) +++ branches/2014Q1/security/snortsam/files/patch-src__ssp_pf2.c (revision 340443) @@ -0,0 +1,11 @@ +--- ./src/ssp_pf2.c.orig 2009-11-27 02:39:40.000000000 +0100 ++++ ./src/ssp_pf2.c 2014-01-20 19:03:47.000000000 +0100 +@@ -95,7 +95,7 @@ + } + } + +- return; ++ return 0; + } + + Property changes on: branches/2014Q1/security/snortsam/files/patch-src__ssp_pf2.c ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: branches/2014Q1/security/snortsam/files/pkg-install.in =================================================================== --- branches/2014Q1/security/snortsam/files/pkg-install.in (revision 340442) +++ branches/2014Q1/security/snortsam/files/pkg-install.in (revision 340443) @@ -1,17 +1,24 @@ #!/bin/sh # # $FreeBSD$ ETCDIR=${ETCDIR:=%%ETCDIR%%} +PREFIX=${PREFIX:=%%PREFIX%%} # snortsam config file contain sensitive data like # passwords needed to block IP's on the firewalls. # Set permission of the config dir to 700 so only # root:wheel can access this directory. +# Also, samtool shouldn't be run by non root. if [ "$2" = "POST-INSTALL" ]; then if [ -d ${ETCDIR} ]; then /usr/sbin/chown root:wheel ${ETCDIR} /bin/chmod 700 ${ETCDIR} + /bin/chmod 600 ${ETCDIR}/snortsam.conf.sample + fi + if [ -x ${PREFIX}/sbin/samtool ] + then + /bin/chmod 500 ${PREFIX}/sbin/samtool fi fi Index: branches/2014Q1 =================================================================== --- branches/2014Q1 (revision 340442) +++ branches/2014Q1 (revision 340443) Property changes on: branches/2014Q1 ___________________________________________________________________ Modified: svn:mergeinfo ## -0,0 +0,1 ## Merged /head:r340439-340440