diff options
| author | hasso <hasso@pkgsrc.org> | 2009-08-23 19:49:27 +0000 |
|---|---|---|
| committer | hasso <hasso@pkgsrc.org> | 2009-08-23 19:49:27 +0000 |
| commit | d0b28389d42a5ee8acc238a0dde83b8d7e5ce5ef (patch) | |
| tree | 782c5d46b438d5c874884fb48d717746f6d7bf01 /security | |
| parent | 05d6c3de0e6c7fd31407ae9ff2d763223ef58c95 (diff) | |
| download | pkgsrc-d0b28389d42a5ee8acc238a0dde83b8d7e5ce5ef.tar.gz | |
Update to 0.9.15. Changes since 0.9.14:
- Make the Prelude-LML UDP server IPv6 compatible.
- Implement 'idmef-alter' and 'idmef-alter-force' option, alloing
to include static values into IDMEF events generated using a given
format.
- New PPP/PPTPD/L2TP ruleset, by Alexander Afonyashin <firm <at> iname.com>,
with slight modification from Pierre Chifflier <p.chifflier <at> inl.fr>.
Close #340.
- Fix CISCO VPN ruleset so that the 'Authentication rejected' rule will
trigger even if the 'server' field does not contain a word (fix #328).
- Remove dos-style end-of-lines (Closes #338)
- Fixes possible off by one when parsing variable reference number, and
remove un-needed check that would always evaluate to TRUE.Thanks
Steve Grubb <sgrubb <at> redhat.com> for reporting this problem (and
running flexelint on the Prelude sources)!
- Update for libtool 2.x compatibility.
- This simplify the whole regular expression handling a lot, making the
code much easier to read, and fixing potential problem with ovector
assignement. This code should also improve performance by a small
factor.
- Change CISCO references urls to their new location, add CISCO ASA rule
to handle discarded tcp or udp packets.
- Various fixes and update.
Diffstat (limited to 'security')
| -rw-r--r-- | security/prelude-lml/Makefile | 41 | ||||
| -rw-r--r-- | security/prelude-lml/PLIST | 12 | ||||
| -rw-r--r-- | security/prelude-lml/distinfo | 12 | ||||
| -rw-r--r-- | security/prelude-lml/patches/patch-aa | 17 | ||||
| -rw-r--r-- | security/prelude-lml/patches/patch-ab | 15 |
5 files changed, 56 insertions, 41 deletions
diff --git a/security/prelude-lml/Makefile b/security/prelude-lml/Makefile index d4a47d5b5e6..606bea6f107 100644 --- a/security/prelude-lml/Makefile +++ b/security/prelude-lml/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.26 2008/10/18 13:29:28 shannonjr Exp $ +# $NetBSD: Makefile,v 1.27 2009/08/23 19:49:27 hasso Exp $ # -DISTNAME= prelude-lml-0.9.14 +DISTNAME= prelude-lml-0.9.15 CATEGORIES= security MASTER_SITES= http://www.prelude-ids.com/download/releases/prelude-lml/ @@ -22,8 +22,7 @@ USE_LIBTOOL= yes GNU_CONFIGURE= yes USE_TOOLS+= gmake CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR:Q} -CONFIGURE_ARGS+= --with-html-dir=${PREFIX}/share/doc -CONFIGURE_ARGS+= --disable-fam +CONFIGURE_ARGS+= --html=${PREFIX}/share/doc CONFIGURE_ARGS+= --localstatedir=${VARBASE:Q} RCD_SCRIPTS= preludelml PRELUDE_USER?= _prelude @@ -38,8 +37,8 @@ PKG_GROUPS= ${PRELUDE_GROUP} PKG_USERS= ${PRELUDE_USER}:${PRELUDE_GROUP} EGDIR= ${PREFIX}/share/examples/prelude-lml -REQD_DIRS= ${EGDIR} -MAKE_DIRS+= ${VARBASE}/prelude-lml PKG_SYSCONFDIR +REQD_DIRS= ${EGDIR} ${PKG_SYSCONFDIR}/ruleset +MAKE_DIRS+= ${VARBASE}/prelude-lml MAKE_DIRS_PERMS+= ${VARBASE}/prelude-lml ${PRELUDE_USER} ${PRELUDE_GROUP} 0700 PKG_GECOS.${PRELUDE_USER}= Prelude IDS @@ -71,6 +70,7 @@ ruleset_DATA = \ apc-emu.rules \ arbor.rules \ arpwatch.rules \ + asterisk.rules \ bonding.rules \ cacti-thold.rules \ checkpoint.rules \ @@ -85,9 +85,11 @@ ruleset_DATA = \ f5-bigip.rules \ grsecurity.rules \ honeyd.rules \ + honeytrap.rules \ httpd.rules \ ipchains.rules \ ipfw.rules \ + kojoney.rules \ modsecurity.rules \ ms-cluster.rules \ ms-sql.rules \ @@ -103,8 +105,10 @@ ruleset_DATA = \ pcre.rules \ portsentry.rules \ postfix.rules \ + ppp.rules \ proftpd.rules \ qpopper.rules \ + rishi.rules \ selinux.rules \ sendmail.rules \ shadow-utils.rules \ @@ -112,8 +116,10 @@ ruleset_DATA = \ sonicwall.rules \ spamassassin.rules \ squid.rules \ + su.rules \ ssh.rules \ sudo.rules \ + suhosin.rules \ tripwire.rules \ vigor.rules \ vpopmail.rules \ @@ -124,9 +130,31 @@ ruleset_DATA = \ CONF_FILES+= ${EGDIR}/ruleset/${f:Q} ${PKG_SYSCONFDIR}/ruleset/${f:Q} .endfor +PKG_OPTIONS_VAR= PKG_OPTIONS.prelude-lml +PKG_SUPPORTED_OPTIONS= unsupported-rulesets + +.include "../../mk/bsd.options.mk" + +PLIST_VARS+= unsupported +.if !empty(PKG_OPTIONS:Munsupported-rulesets) +CONFIGURE_ARGS+= --enable-unsupported-rulesets +PLIST.unsupported= yes +unsupported_ruleset_DATA = \ + exim.rules \ + ipso.rules \ + zywall.rules \ + zyxel.rules +. for f in ${unsupported_ruleset_DATA} +CONF_FILES+= ${EGDIR}/ruleset/${f:Q} ${PKG_SYSCONFDIR}/ruleset/${f:Q} +. endfor +.endif + pre-patch: ${CP} ${FILESDIR}/run-prelude-lml.c ${WRKSRC} +pre-configure: + ${LN} -s ${BUILDLINK_DIR}/lib/libltdl.so ${BUILDLINK_DIR}/lib/libltdlc.so + post-build: cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} ${CC} ${CFLAGS} -o run-prelude-lml run-prelude-lml.c @@ -136,4 +164,5 @@ post-install: .include "../../security/libprelude/buildlink3.mk" .include "../../devel/pcre/buildlink3.mk" +.include "../../devel/libltdl/buildlink3.mk" .include "../../mk/bsd.pkg.mk" diff --git a/security/prelude-lml/PLIST b/security/prelude-lml/PLIST index cf8c9916262..75e1b56229b 100644 --- a/security/prelude-lml/PLIST +++ b/security/prelude-lml/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.12 2009/06/14 18:13:36 joerg Exp $ +@comment $NetBSD: PLIST,v 1.13 2009/08/23 19:49:27 hasso Exp $ bin/prelude-lml include/prelude-lml/prelude-lml.h lib/prelude-lml/debug.la @@ -20,7 +20,6 @@ share/examples/prelude-lml/ruleset/honeyd.rules share/examples/prelude-lml/ruleset/httpd.rules share/examples/prelude-lml/ruleset/ipchains.rules share/examples/prelude-lml/ruleset/ipfw.rules -share/examples/prelude-lml/ruleset/ipso.rules share/examples/prelude-lml/ruleset/linksys-wap11.rules share/examples/prelude-lml/ruleset/modsecurity.rules share/examples/prelude-lml/ruleset/ms-sql.rules @@ -53,13 +52,10 @@ share/examples/prelude-lml/ruleset/vigor.rules share/examples/prelude-lml/ruleset/vpopmail.rules share/examples/prelude-lml/ruleset/webmin.rules share/examples/prelude-lml/ruleset/wu-ftp.rules -share/examples/prelude-lml/ruleset/zywall.rules -share/examples/prelude-lml/ruleset/zyxel.rules share/examples/prelude-lml/ruleset/cacti-thold.rules share/examples/prelude-lml/ruleset/cisco-asa.rules share/examples/prelude-lml/ruleset/cisco-css.rules share/examples/prelude-lml/ruleset/cisco-ips.rules -share/examples/prelude-lml/ruleset/exim.rules share/examples/prelude-lml/ruleset/ms-cluster.rules share/examples/prelude-lml/ruleset/bonding.rules share/examples/prelude-lml/ruleset/cisco-common.rules @@ -68,4 +64,10 @@ share/examples/prelude-lml/ruleset/honeytrap.rules share/examples/prelude-lml/ruleset/kojoney.rules share/examples/prelude-lml/ruleset/rishi.rules share/examples/prelude-lml/ruleset/suhosin.rules +share/examples/prelude-lml/ruleset/ppp.rules share/examples/rc.d/preludelml + +${PLIST.unsupported}share/examples/prelude-lml/ruleset/exim.rules +${PLIST.unsupported}share/examples/prelude-lml/ruleset/zywall.rules +${PLIST.unsupported}share/examples/prelude-lml/ruleset/zyxel.rules +${PLIST.unsupported}share/examples/prelude-lml/ruleset/ipso.rules diff --git a/security/prelude-lml/distinfo b/security/prelude-lml/distinfo index f490666b667..bcf3bc2b6f1 100644 --- a/security/prelude-lml/distinfo +++ b/security/prelude-lml/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.15 2008/10/18 13:29:28 shannonjr Exp $ +$NetBSD: distinfo,v 1.16 2009/08/23 19:49:28 hasso Exp $ -SHA1 (prelude-lml-0.9.14.tar.gz) = 586e9f19eaed2f2ba9d869a5fd7b0e391e0e5a68 -RMD160 (prelude-lml-0.9.14.tar.gz) = 59fbcca565840975d1e8b5c10ae27cfe23f4a033 -Size (prelude-lml-0.9.14.tar.gz) = 819949 bytes -SHA1 (patch-aa) = 634202846912919004df2dc0b47f3f23b5ed7363 -SHA1 (patch-ab) = 41ecade30abfb985c3dabfbb43b2cf0bd44a6d9d +SHA1 (prelude-lml-0.9.15.tar.gz) = 96f2f0d029dd75ca047bc0839f14418ddc1b5975 +RMD160 (prelude-lml-0.9.15.tar.gz) = 2dffcf6f4470e78fa0cf911c6ad801074ab1e793 +Size (prelude-lml-0.9.15.tar.gz) = 1018513 bytes +SHA1 (patch-aa) = 9b7fbb9499b8e2abbf67d548292d8393d0e603fc +SHA1 (patch-ab) = 31b02ae4bf29d6495268f203e512e5a18d6967ff SHA1 (patch-ac) = 0980dcf3d203ad759997bd3d1efb36ea6722a4af SHA1 (patch-ad) = ff6978d5975e4a410a8a9206d0a395ada5b4dbdf diff --git a/security/prelude-lml/patches/patch-aa b/security/prelude-lml/patches/patch-aa index 805ca2d788f..7b8c7281f10 100644 --- a/security/prelude-lml/patches/patch-aa +++ b/security/prelude-lml/patches/patch-aa @@ -1,20 +1,7 @@ -$NetBSD: patch-aa,v 1.4 2008/04/28 10:54:08 shannonjr Exp $ +$NetBSD: patch-aa,v 1.5 2009/08/23 19:49:28 hasso Exp $ --- configure.orig 2008-04-24 11:48:16.000000000 -0600 +++ configure -@@ -34206,10 +34206,10 @@ fi - exec_prefix=$exec_prefix_save - - --configdir=$SYSCONFDIR/prelude-lml -+configdir=$SYSCONFDIR - prelude_lml_conf=$configdir/prelude-lml.conf - regex_conf=$configdir/plugins.rules --metadata_dir=$LOCALSTATEDIR/lib/prelude-lml -+metadata_dir=$LOCALSTATEDIR/prelude-lml - plugindir=$LIBDIR/prelude-lml - - @@ -34815,6 +34815,8 @@ do case $ac_option in # Handling of the options. @@ -23,4 +10,4 @@ $NetBSD: patch-aa,v 1.4 2008/04/28 10:54:08 shannonjr Exp $ + exit 0 ac_cs_recheck=: ;; --version | --versio | --versi | --vers | --ver | --ve | --v | -V ) - echo "$ac_cs_version"; exit ;; + $as_echo "$ac_cs_version"; exit ;; diff --git a/security/prelude-lml/patches/patch-ab b/security/prelude-lml/patches/patch-ab index cda7ccc0854..970960e9e50 100644 --- a/security/prelude-lml/patches/patch-ab +++ b/security/prelude-lml/patches/patch-ab @@ -1,12 +1,11 @@ -$NetBSD: patch-ab,v 1.3 2007/09/05 18:58:41 shannonjr Exp $ +$NetBSD: patch-ab,v 1.4 2009/08/23 19:49:28 hasso Exp $ --- Makefile.in.orig 2007-08-08 09:48:58.000000000 -0600 +++ Makefile.in -@@ -872,34 +872,12 @@ uninstall-info: uninstall-info-recursive - uninstall uninstall-am uninstall-info-am uninstall-local +@@ -1285,33 +1285,10 @@ --install-data-local: + install-data-local: - $(INSTALL) -m 700 -d $(DESTDIR)$(metadata_dir) - @if test -f $(DESTDIR)$(configdir)/prelude-lml.conf; then \ - echo "********************************************************************************"; \ @@ -30,14 +29,12 @@ $NetBSD: patch-ab,v 1.3 2007/09/05 18:58:41 shannonjr Exp $ - else \ - $(INSTALL) -m 600 $(top_srcdir)/plugins.rules $(DESTDIR)$(configdir)/; \ - fi -+install-data-local: + $(BSD_INSTALL_DATA) $(top_srcdir)/prelude-lml.conf @EGDIR@ + $(BSD_INSTALL_DATA) $(top_srcdir)/plugins.rules @EGDIR@ uninstall-local: - rm -f $(DESTDIR)$(configdir)/prelude-lml.conf; \ - rm -f $(DESTDIR)$(configdir)/plugin.rules; -+ - # Tell versions [3.59,3.63) of GNU make to not export all variables. - # Otherwise a system limit (for SysV at least) may be exceeded. - .NOEXPORT: + + dist-hook: + @if test -d "$(srcdir)/.git"; then \ |