pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security/prelude-lml Update to 0.9.15. Changes since 0...
details: https://anonhg.NetBSD.org/pkgsrc/rev/95fcf3bfe213
branches: trunk
changeset: 398097:95fcf3bfe213
user: hasso <hasso%pkgsrc.org@localhost>
date: Sun Aug 23 19:49:27 2009 +0000
description:
Update to 0.9.15. Changes since 0.9.14:
- Make the Prelude-LML UDP server IPv6 compatible.
- Implement 'idmef-alter' and 'idmef-alter-force' option, alloing
to include static values into IDMEF events generated using a given
format.
- New PPP/PPTPD/L2TP ruleset, by Alexander Afonyashin <firm <at> iname.com>,
with slight modification from Pierre Chifflier <p.chifflier <at> inl.fr>.
Close #340.
- Fix CISCO VPN ruleset so that the 'Authentication rejected' rule will
trigger even if the 'server' field does not contain a word (fix #328).
- Remove dos-style end-of-lines (Closes #338)
- Fixes possible off by one when parsing variable reference number, and
remove un-needed check that would always evaluate to TRUE.Thanks
Steve Grubb <sgrubb <at> redhat.com> for reporting this problem (and
running flexelint on the Prelude sources)!
- Update for libtool 2.x compatibility.
- This simplify the whole regular expression handling a lot, making the
code much easier to read, and fixing potential problem with ovector
assignement. This code should also improve performance by a small
factor.
- Change CISCO references urls to their new location, add CISCO ASA rule
to handle discarded tcp or udp packets.
- Various fixes and update.
diffstat:
security/prelude-lml/Makefile | 41 +++++++++++++++++++++++++++++-----
security/prelude-lml/PLIST | 12 +++++----
security/prelude-lml/distinfo | 12 +++++-----
security/prelude-lml/patches/patch-aa | 17 +------------
security/prelude-lml/patches/patch-ab | 15 +++++-------
5 files changed, 56 insertions(+), 41 deletions(-)
diffs (243 lines):
diff -r 4695bd222121 -r 95fcf3bfe213 security/prelude-lml/Makefile
--- a/security/prelude-lml/Makefile Sun Aug 23 19:18:08 2009 +0000
+++ b/security/prelude-lml/Makefile Sun Aug 23 19:49:27 2009 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.26 2008/10/18 13:29:28 shannonjr Exp $
+# $NetBSD: Makefile,v 1.27 2009/08/23 19:49:27 hasso Exp $
#
-DISTNAME= prelude-lml-0.9.14
+DISTNAME= prelude-lml-0.9.15
CATEGORIES= security
MASTER_SITES= http://www.prelude-ids.com/download/releases/prelude-lml/
@@ -22,8 +22,7 @@
GNU_CONFIGURE= yes
USE_TOOLS+= gmake
CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR:Q}
-CONFIGURE_ARGS+= --with-html-dir=${PREFIX}/share/doc
-CONFIGURE_ARGS+= --disable-fam
+CONFIGURE_ARGS+= --html=${PREFIX}/share/doc
CONFIGURE_ARGS+= --localstatedir=${VARBASE:Q}
RCD_SCRIPTS= preludelml
PRELUDE_USER?= _prelude
@@ -38,8 +37,8 @@
PKG_USERS= ${PRELUDE_USER}:${PRELUDE_GROUP}
EGDIR= ${PREFIX}/share/examples/prelude-lml
-REQD_DIRS= ${EGDIR}
-MAKE_DIRS+= ${VARBASE}/prelude-lml PKG_SYSCONFDIR
+REQD_DIRS= ${EGDIR} ${PKG_SYSCONFDIR}/ruleset
+MAKE_DIRS+= ${VARBASE}/prelude-lml
MAKE_DIRS_PERMS+= ${VARBASE}/prelude-lml ${PRELUDE_USER} ${PRELUDE_GROUP} 0700
PKG_GECOS.${PRELUDE_USER}= Prelude IDS
@@ -71,6 +70,7 @@
apc-emu.rules \
arbor.rules \
arpwatch.rules \
+ asterisk.rules \
bonding.rules \
cacti-thold.rules \
checkpoint.rules \
@@ -85,9 +85,11 @@
f5-bigip.rules \
grsecurity.rules \
honeyd.rules \
+ honeytrap.rules \
httpd.rules \
ipchains.rules \
ipfw.rules \
+ kojoney.rules \
modsecurity.rules \
ms-cluster.rules \
ms-sql.rules \
@@ -103,8 +105,10 @@
pcre.rules \
portsentry.rules \
postfix.rules \
+ ppp.rules \
proftpd.rules \
qpopper.rules \
+ rishi.rules \
selinux.rules \
sendmail.rules \
shadow-utils.rules \
@@ -112,8 +116,10 @@
sonicwall.rules \
spamassassin.rules \
squid.rules \
+ su.rules \
ssh.rules \
sudo.rules \
+ suhosin.rules \
tripwire.rules \
vigor.rules \
vpopmail.rules \
@@ -124,9 +130,31 @@
CONF_FILES+= ${EGDIR}/ruleset/${f:Q} ${PKG_SYSCONFDIR}/ruleset/${f:Q}
.endfor
+PKG_OPTIONS_VAR= PKG_OPTIONS.prelude-lml
+PKG_SUPPORTED_OPTIONS= unsupported-rulesets
+
+.include "../../mk/bsd.options.mk"
+
+PLIST_VARS+= unsupported
+.if !empty(PKG_OPTIONS:Munsupported-rulesets)
+CONFIGURE_ARGS+= --enable-unsupported-rulesets
+PLIST.unsupported= yes
+unsupported_ruleset_DATA = \
+ exim.rules \
+ ipso.rules \
+ zywall.rules \
+ zyxel.rules
+. for f in ${unsupported_ruleset_DATA}
+CONF_FILES+= ${EGDIR}/ruleset/${f:Q} ${PKG_SYSCONFDIR}/ruleset/${f:Q}
+. endfor
+.endif
+
pre-patch:
${CP} ${FILESDIR}/run-prelude-lml.c ${WRKSRC}
+pre-configure:
+ ${LN} -s ${BUILDLINK_DIR}/lib/libltdl.so ${BUILDLINK_DIR}/lib/libltdlc.so
+
post-build:
cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} ${CC} ${CFLAGS} -o run-prelude-lml run-prelude-lml.c
@@ -136,4 +164,5 @@
.include "../../security/libprelude/buildlink3.mk"
.include "../../devel/pcre/buildlink3.mk"
+.include "../../devel/libltdl/buildlink3.mk"
.include "../../mk/bsd.pkg.mk"
diff -r 4695bd222121 -r 95fcf3bfe213 security/prelude-lml/PLIST
--- a/security/prelude-lml/PLIST Sun Aug 23 19:18:08 2009 +0000
+++ b/security/prelude-lml/PLIST Sun Aug 23 19:49:27 2009 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.12 2009/06/14 18:13:36 joerg Exp $
+@comment $NetBSD: PLIST,v 1.13 2009/08/23 19:49:27 hasso Exp $
bin/prelude-lml
include/prelude-lml/prelude-lml.h
lib/prelude-lml/debug.la
@@ -20,7 +20,6 @@
share/examples/prelude-lml/ruleset/httpd.rules
share/examples/prelude-lml/ruleset/ipchains.rules
share/examples/prelude-lml/ruleset/ipfw.rules
-share/examples/prelude-lml/ruleset/ipso.rules
share/examples/prelude-lml/ruleset/linksys-wap11.rules
share/examples/prelude-lml/ruleset/modsecurity.rules
share/examples/prelude-lml/ruleset/ms-sql.rules
@@ -53,13 +52,10 @@
share/examples/prelude-lml/ruleset/vpopmail.rules
share/examples/prelude-lml/ruleset/webmin.rules
share/examples/prelude-lml/ruleset/wu-ftp.rules
-share/examples/prelude-lml/ruleset/zywall.rules
-share/examples/prelude-lml/ruleset/zyxel.rules
share/examples/prelude-lml/ruleset/cacti-thold.rules
share/examples/prelude-lml/ruleset/cisco-asa.rules
share/examples/prelude-lml/ruleset/cisco-css.rules
share/examples/prelude-lml/ruleset/cisco-ips.rules
-share/examples/prelude-lml/ruleset/exim.rules
share/examples/prelude-lml/ruleset/ms-cluster.rules
share/examples/prelude-lml/ruleset/bonding.rules
share/examples/prelude-lml/ruleset/cisco-common.rules
@@ -68,4 +64,10 @@
share/examples/prelude-lml/ruleset/kojoney.rules
share/examples/prelude-lml/ruleset/rishi.rules
share/examples/prelude-lml/ruleset/suhosin.rules
+share/examples/prelude-lml/ruleset/ppp.rules
share/examples/rc.d/preludelml
+
+${PLIST.unsupported}share/examples/prelude-lml/ruleset/exim.rules
+${PLIST.unsupported}share/examples/prelude-lml/ruleset/zywall.rules
+${PLIST.unsupported}share/examples/prelude-lml/ruleset/zyxel.rules
+${PLIST.unsupported}share/examples/prelude-lml/ruleset/ipso.rules
diff -r 4695bd222121 -r 95fcf3bfe213 security/prelude-lml/distinfo
--- a/security/prelude-lml/distinfo Sun Aug 23 19:18:08 2009 +0000
+++ b/security/prelude-lml/distinfo Sun Aug 23 19:49:27 2009 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.15 2008/10/18 13:29:28 shannonjr Exp $
+$NetBSD: distinfo,v 1.16 2009/08/23 19:49:28 hasso Exp $
-SHA1 (prelude-lml-0.9.14.tar.gz) = 586e9f19eaed2f2ba9d869a5fd7b0e391e0e5a68
-RMD160 (prelude-lml-0.9.14.tar.gz) = 59fbcca565840975d1e8b5c10ae27cfe23f4a033
-Size (prelude-lml-0.9.14.tar.gz) = 819949 bytes
-SHA1 (patch-aa) = 634202846912919004df2dc0b47f3f23b5ed7363
-SHA1 (patch-ab) = 41ecade30abfb985c3dabfbb43b2cf0bd44a6d9d
+SHA1 (prelude-lml-0.9.15.tar.gz) = 96f2f0d029dd75ca047bc0839f14418ddc1b5975
+RMD160 (prelude-lml-0.9.15.tar.gz) = 2dffcf6f4470e78fa0cf911c6ad801074ab1e793
+Size (prelude-lml-0.9.15.tar.gz) = 1018513 bytes
+SHA1 (patch-aa) = 9b7fbb9499b8e2abbf67d548292d8393d0e603fc
+SHA1 (patch-ab) = 31b02ae4bf29d6495268f203e512e5a18d6967ff
SHA1 (patch-ac) = 0980dcf3d203ad759997bd3d1efb36ea6722a4af
SHA1 (patch-ad) = ff6978d5975e4a410a8a9206d0a395ada5b4dbdf
diff -r 4695bd222121 -r 95fcf3bfe213 security/prelude-lml/patches/patch-aa
--- a/security/prelude-lml/patches/patch-aa Sun Aug 23 19:18:08 2009 +0000
+++ b/security/prelude-lml/patches/patch-aa Sun Aug 23 19:49:27 2009 +0000
@@ -1,20 +1,7 @@
-$NetBSD: patch-aa,v 1.4 2008/04/28 10:54:08 shannonjr Exp $
+$NetBSD: patch-aa,v 1.5 2009/08/23 19:49:28 hasso Exp $
--- configure.orig 2008-04-24 11:48:16.000000000 -0600
+++ configure
-@@ -34206,10 +34206,10 @@ fi
- exec_prefix=$exec_prefix_save
-
-
--configdir=$SYSCONFDIR/prelude-lml
-+configdir=$SYSCONFDIR
- prelude_lml_conf=$configdir/prelude-lml.conf
- regex_conf=$configdir/plugins.rules
--metadata_dir=$LOCALSTATEDIR/lib/prelude-lml
-+metadata_dir=$LOCALSTATEDIR/prelude-lml
- plugindir=$LIBDIR/prelude-lml
-
-
@@ -34815,6 +34815,8 @@ do
case $ac_option in
# Handling of the options.
@@ -23,4 +10,4 @@
+ exit 0
ac_cs_recheck=: ;;
--version | --versio | --versi | --vers | --ver | --ve | --v | -V )
- echo "$ac_cs_version"; exit ;;
+ $as_echo "$ac_cs_version"; exit ;;
diff -r 4695bd222121 -r 95fcf3bfe213 security/prelude-lml/patches/patch-ab
--- a/security/prelude-lml/patches/patch-ab Sun Aug 23 19:18:08 2009 +0000
+++ b/security/prelude-lml/patches/patch-ab Sun Aug 23 19:49:27 2009 +0000
@@ -1,12 +1,11 @@
-$NetBSD: patch-ab,v 1.3 2007/09/05 18:58:41 shannonjr Exp $
+$NetBSD: patch-ab,v 1.4 2009/08/23 19:49:28 hasso Exp $
--- Makefile.in.orig 2007-08-08 09:48:58.000000000 -0600
+++ Makefile.in
-@@ -872,34 +872,12 @@ uninstall-info: uninstall-info-recursive
- uninstall uninstall-am uninstall-info-am uninstall-local
+@@ -1285,33 +1285,10 @@
--install-data-local:
+ install-data-local:
- $(INSTALL) -m 700 -d $(DESTDIR)$(metadata_dir)
- @if test -f $(DESTDIR)$(configdir)/prelude-lml.conf; then \
- echo "********************************************************************************"; \
@@ -30,14 +29,12 @@
- else \
- $(INSTALL) -m 600 $(top_srcdir)/plugins.rules $(DESTDIR)$(configdir)/; \
- fi
-+install-data-local:
+ $(BSD_INSTALL_DATA) $(top_srcdir)/prelude-lml.conf @EGDIR@
+ $(BSD_INSTALL_DATA) $(top_srcdir)/plugins.rules @EGDIR@
uninstall-local:
- rm -f $(DESTDIR)$(configdir)/prelude-lml.conf; \
- rm -f $(DESTDIR)$(configdir)/plugin.rules;
-+
- # Tell versions [3.59,3.63) of GNU make to not export all variables.
- # Otherwise a system limit (for SysV at least) may be exceeded.
- .NOEXPORT:
+
+ dist-hook:
+ @if test -d "$(srcdir)/.git"; then \
Home |
Main Index |
Thread Index |
Old Index