Portage is a package management system used by Gentoo Linux
# ChangeLog for net-firewall/psad
# Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
# $Header: /var/cvsroot/gentoo-x86/net-firewall/psad/ChangeLog,v 1.43 2007/05/06 10:00:48 genone Exp $
06 May 2007; Marius Mauch
psad-2.0.6.ebuild:
Replacing einfo with elog
28 Apr 2007; Sven Wegener
psad-2.0.6.ebuild:
Fix *initd, *confd and *envd calls (#173884, #174266)
26 Apr 2007; Bryan Stine
Forgot to re-KEYWORD.
*psad-2.0.6 (26 Apr 2007)
26 Apr 2007; Bryan Stine
-psad-1.4.0.ebuild, -psad-1.4.2.ebuild, psad-1.4.8.ebuild,
+psad-2.0.6.ebuild:
Bump to newest upstream, 2.0.6. Now installing modules with
perl-module_src_install to fix ebuilds for perllocal.pod collisions as
described in bug #133767. Cleaned out old ebuilds.
18 Dec 2006; Bryan Østergaard
Stable on Alpha, bug 157156.
13 Dec 2006; Tobias Scherbaum
ppc stable, bug #157156
11 Dec 2006; Peter Weller
Added amd64 keyword wrt bug #157156
10 Dec 2006; Christian Heim
psad-1.4.0.ebuild, psad-1.4.2.ebuild, psad-1.4.8.ebuild:
Removing the fixlocalpod, its now in the perl-app/perl-module eclass (thanks
to mcummings).
09 Dec 2006; Christian Heim
psad-1.4.0.ebuild, psad-1.4.2.ebuild, psad-1.4.8.ebuild:
Fixing the collision mentioned by Christian Faulhammer in #157156.
08 Dec 2006; Christian Faulhammer
stable x86, security bug #157156
*psad-1.4.8 (07 Dec 2006)
07 Dec 2006;
- version bump plus security fixes for bug #157156
28 Nov 2005;
psad-1.4.2.ebuild:
Switched from perl-module to perl-app eclass
21 Sep 2005; Seemant Kulleen
psad-1.4.2.ebuild:
fix the grep for mydomain so that it takes only ^domain, as the word domain
can appear in other places in resolv.conf. Thanks to Chandler Carruth
(chandlerc on IRC)
31 Jul 2005; Bryan Stine
Stable x86...whoops.
*psad-1.4.2 (31 Jul 2005)
31 Jul 2005; Bryan Stine
-psad-1.3.2.ebuild, psad-1.3.4.ebuild, psad-1.4.0.ebuild,
+psad-1.4.2.ebuild:
Bump to 1.4.2, add a fix for hostname and DNS domain name detection when
using newer baselayout. Closes bug #90544.
17 Jun 2005; Michael Hanselmann
Stable on ppc.
21 Apr 2005; Simon Stelling
stable on amd64
22 Jan 2005; Bryan Østergaard
Stable on alpha.
07 Jan 2005; Bryan D. Stine
Sync up installed files with RPM spec.
06 Jan 2005; Bryan D. Stine
psad-1.3.2.ebuild, psad-1.3.4.ebuild, psad-1.4.0.ebuild:
A couple of fixes for unreported bugs. Typo fixes for postinst einfo in
1.3.1-1.3.4 ebuilds. Removed that same postinst einfo from 1.4.0 and added
detection for different sysloggers, giving conf suggestions for each. Closes
bug #76966.
05 Jan 2005; Bryan D. Stine
x86 stable 1.3.2.
05 Jan 2005; Bryan D. Stine
psad-1.3.2.ebuild, psad-1.3.4.ebuild, psad-1.4.0.ebuild:
Changed dependancy on mailx to virtual/mailx. Fixes bug #73972.
29 Dec 2004; Ciaran McCreesh
Change encoding to UTF-8 for GLEP 31 compliance
*psad-1.4.0 (01 Dec 2004)
01 Dec 2004; Bryan D. Stine
+psad-1.4.0.ebuild:
I need to keep up with the bumps better. The latest two bumps close #69263
(thanks Daniel Webert) and #72990 (thanks Alexey Portnov). The new upstream
version have changed the init-script locations in the tarballs, so the
ebuilds were updated accordingly.
08 Aug 2004; Tom Martin
psad-1.3.2.ebuild:
Typo in DESCRIPTION: Scannning -> Scanning. Bug 59717.
*psad-1.3.2 (24 Jun 2004)
24 Jun 2004; Bryan Stine
+psad-1.3.2.ebuild:
Version bump to new 1.3.2 release. This release also resulted in a few
rewritten installation instructions and some changed filenames. Also changed
/etc/init.d doins stuff to doexe.
21 Jun 2004; Bryan Stine
The ebuild now installs manfiles. Thanks to Michael Rash for pointing this out.
05 Jun 2004; Bryan Østergaard
Stable on alpha.
30 May 2004; Robin H. Johnson
mailx move
23 Mar 2004; Bryan Stine
psad-1.3.1.ebuild, psad-1.3.ebuild:
Expunged old ebuilds. Bumping 1.3.1 to x86 stable, but need to wait on deps
for the other arches.
02 Feb 2004; Bryan Stine
psad-1.3.1.ebuild, psad-1.3.ebuild:
Added information about conf changes required for system loggers, closes bug
38234
*psad-1.3.1 (13 Jan 2004)
13 Jan 2004; Bryan Stine
psad-1.2.4-r1.ebuild, psad-1.3.ebuild:
Version bump. Thanks to seemant for helping me maintain this before now.
Also, hppa, mips, ia64 and arm have been removed from KEYWORDS. Runtime
dependencies are not yet available for those architectures.
*psad-1.3 (01 Dec 2003)
01 Dec 2003; Seemant Kulleen
psad-1.2.4-r1.ebuild, psad-1.2.4.ebuild, psad-1.3.ebuild:
version bump, and moved 1.2.4-r1 to stable x86. The usual Battoussai
acknowledgement here :)
*psad-1.2.4-r1 (28 Oct 2003)
28 Oct 2003; Seemant Kulleen
files/psad-1.2.4-metalog.patch:
new patch to make psad work better with metalog. The patch was written by:
Dennis Freise
and myself. Battoussai rediff'd it and updated the ebuild for us.
*psad-1.2.4 (20 Oct 2003)
20 Oct 2003; Seemant Kulleen
version bump, with fixes: This one seds the machine's hostname (based on
/etc/hostname and /etc/dnsdomainname) into the psad.conf file. I also fixed a
problem regarding the perl modules bundled with psad (they needed to be put
into subdirs of the /usr/lib/psad directory). And finally, diskmond has been
removed from the package -- All this work was done by Battoussai.
*psad-1.2.3-r1 (06 Oct 2003)
06 Oct 2003; Seemant Kulleen
Moved bundled PERL module locations to /usr/lib/psad to avoid conflicts with
the system PERL tree -- thanks again to Battoussai
19 Sep 2003; Seemant Kulleen
version bump, thanks again to Battoussai (Bryan Stine
*psad-1.2.1 (17 Sep 2003)
17 Sep 2003; Seemant Kulleen
Port Scanning Attack Detection daemon. This is a dependency of Bastille, and
probably can be used standalone as well. Much thanks to Battoussai (Bryan
Stine
DIST psad-1.4.8.tar.bz2 564588 RMD160 bfc2e79c81caa5e786d7d4e36002fe84ff01bb50 SHA1 25e5f84fb1278b03c5eeaa507b3efbaef3829ec9 SHA256 93f71dc00a2b361db0e37232ce6cc943a6cb8873efaf17448589167826950110
DIST psad-2.0.6.tar.bz2 688632 RMD160 e2e49c2a6207edc4c1ba404ca01823348229ee0f SHA1 8447a942f082abe22787133561ae2ec19bb02930 SHA256 c59973bbc8d61071a28f5910c4b7b9cc183bf66a9f689e2d1d4564bbcd9dcd90
EBUILD psad-1.4.8.ebuild 4076 RMD160 fa730adcc2c478c6e3d21b703842f6da1b6420f9 SHA1 c9f62b91dfb7937c9b737b3ad5d197ee58302d35 SHA256 30b6ccbe76bb8a78a1aa3209a4f54efaa27bcd5899c84a0538929980c9e33f98
EBUILD psad-2.0.6.ebuild 4099 RMD160 dcd8870d32554d073f130569a8455c3a1fb25b6c SHA1 d6cb7167345034707f3556629c14e80d1addaf5a SHA256 834d45baee6b8b96fb04b0867b620c7ef92bd2cefc9d20a6156f8b412a9f876d
MISC ChangeLog 7565 RMD160 4d271fe213f95fd7642d11df1ff7c69d603b56ab SHA1 101d53c3ad82eef8ba052de96809b82bbbbfd6c7 SHA256 dcd22f70905481e9de3b91ba3bada57d23670680f936eceaa936bd6902d22bb8
MISC metadata.xml 326 RMD160 28fe5b256012109509ece09a19485561d72c3fdb SHA1 e78aaaa99ab3320dcaed3ed1c726b28f362cbb49 SHA256 496192e7d16fb2a96fed99f7443d4f04af054f69f40171f907fed81462b0ef11
# Copyright 1999-2007 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/net-firewall/psad/psad-1.4.8.ebuild,v 1.11 2007/07/13 07:21:37 mr_bones_ Exp $
inherit eutils perl-app
IUSE=""
DESCRIPTION="Port Scanning Attack Detection daemon"
SRC_URI="http://www.cipherdyne.org/psad/download/${P}.tar.bz2"
HOMEPAGE="http://www.cipherdyne.org/psad"
SLOT="0"
LICENSE="GPL-2"
KEYWORDS="alpha amd64 ppc ~sparc x86"
DEPEND="${DEPEND}
dev-lang/perl"
RDEPEND="virtual/logger
dev-perl/Unix-Syslog
dev-perl/Date-Calc
virtual/mailx
net-firewall/iptables
net-misc/whois"
src_compile() {
cd ${S}/Psad
SRC_PREP="no" perl-module_src_compile
emake test
cd ${S}/Net-IPv4Addr
SRC_PREP="no" perl-module_src_compile
emake test
cd ${S}/IPTables-Parse
SRC_PREP="no" perl-module_src_compile
emake test
cd ${S}/IPTables-ChainMgr
SRC_PREP="no" perl-module_src_compile
emake test
cd ${S}
# We'll use the C binaries
emake || die "Make failed: daemons"
}
src_install() {
local myhostname=
local mydomain=
doman *.8
keepdir /var/lib/psad /var/log/psad /var/run/psad /var/lock/subsys/${PN}
dodir /etc/psad
cd ${S}/Psad
perl-module_src_install
cd ${S}/Net-IPv4Addr
perl-module_src_install
cd ${S}/IPTables-ChainMgr
perl-module_src_install
cd ${S}/IPTables-Parse
perl-module_src_install
cd ${S}
insinto /usr
dosbin kmsgsd psad psadwatchd
newsbin fwcheck_psad.pl fwcheck_psad
dobin pscan
cd ${S}
fix_psad_conf
insinto /etc/psad
doins *.conf
doins psad_*
doins auto_dl icmp_types posf signatures pf.os
cd ${S}/init-scripts
newinitd psad-init.gentoo psad
cd ${S}/snort_rules
dodir /etc/psad/snort_rules
insinto /etc/psad/snort_rules
doins *.rules
cd ${S}
dodoc BENCHMARK CREDITS Change* FW_EXAMPLE_RULES README LICENSE SCAN_LOG
}
pkg_postinst() {
if [ ! -p ${ROOT}/var/lib/psad/psadfifo ]
then
ebegin "Creating syslog FIFO for PSAD"
mknod -m 600 ${ROOT}/var/lib/psad/psadfifo p
eend $?
fi
echo
elog "Please be sure to edit /etc/psad/psad.conf to reflect your system's"
elog "configuration or it may not work correctly or start up. Specifically, check"
elog "the validity of the HOSTNAME setting and replace the EMAIL_ADDRESSES and"
elog "HOME_NET settings at the least."
elog
if has_version ">=app-admin/syslog-ng-0.0.0"
then
ewarn "You appear to have installed syslog-ng. If you are using syslog-ng as your"
ewarn "default system logger, please change the SYSLOG_DAEMON entry in"
ewarn "/etc/psad/psad.conf to the following (per examples in psad.conf):"
ewarn " SYSLOG_DAEMON syslog-ng;"
ewarn
fi
if has_version ">=app-admin/sysklogd-0.0.0"
then
elog "You have sysklogd installed. If this is your default system logger, no"
elog "special configuration is needed. If it is not, please set SYSLOG_DAEMON"
elog "in /etc/psad/psad.conf accordingly."
elog
fi
if has_version ">=app-admin/metalog-0.0"
then
ewarn "You appear to have installed metalog. If you are using metalog as your"
ewarn "default system logger, please change the SYSLOG_DAEMON entry in"
ewarn "/etc/psad/psad.conf to the following (per examples in psad.conf):"
ewarn " SYSLOG_DAEMON metalog"
fi
}
fix_psad_conf() {
cp psad.conf psad.conf.orig
# Ditch the _CHANGEME_ for hostname, substituting in our real hostname
[ -e /etc/hostname ] && myhostname="$(< /etc/hostname)"
[ "${myhostname}" == "" ] && myhostname="$HOSTNAME"
mydomain=".$(grep ^domain /etc/resolv.conf | cut -d" " -f2)"
sed -i "s:HOSTNAME\(.\+\)\_CHANGEME\_;:HOSTNAME\1${myhostname}${mydomain};:" psad.conf || die "fix_psad_conf failed"
# Fix up paths
sed -i "s:/sbin/syslogd:/usr/sbin/syslogd:g" psad.conf || die "fix_psad_conf failed"
sed -i "s:/sbin/syslog-ng:/usr/sbin/syslog-ng:g" psad.conf || die "fix_psad_conf failed"
sed -i "s:/bin/uname:/usr/bin/uname:g" psad.conf || die "fix_psad_conf failed"
sed -i "s:/bin/mknod:/usr/bin/mknod:g" psad.conf || die "fix_psad_conf failed"
sed -i "s:/usr/bin/whois_psad:/usr/bin/whois:g" psad.conf || die "fix_psad_conf failed"
}
# Copyright 1999-2007 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/net-firewall/psad/psad-2.0.6.ebuild,v 1.5 2007/07/13 07:21:37 mr_bones_ Exp $
inherit eutils perl-app
IUSE=""
DESCRIPTION="Port Scanning Attack Detection daemon"
SRC_URI="http://www.cipherdyne.org/psad/download/${P}.tar.bz2"
HOMEPAGE="http://www.cipherdyne.org/psad"
SLOT="0"
LICENSE="GPL-2"
KEYWORDS="~alpha ~amd64 ~ppc ~sparc ~x86"
DEPEND="${DEPEND}
dev-lang/perl"
RDEPEND="virtual/logger
dev-perl/Unix-Syslog
dev-perl/Date-Calc
virtual/mailx
net-firewall/iptables
net-misc/whois"
src_compile() {
cd ${S}/Net-IPv4Addr
SRC_PREP="no" perl-module_src_compile
emake test
cd ${S}/IPTables-Parse
SRC_PREP="no" perl-module_src_compile
emake test
cd ${S}/IPTables-ChainMgr
SRC_PREP="no" perl-module_src_compile
emake test
cd ${S}
# We'll use the C binaries
emake || die "Make failed: daemons"
}
src_install() {
local myhostname=
local mydomain=
doman *.8
keepdir /var/lib/psad /var/log/psad /var/run/psad /var/lock/subsys/${PN}
dodir /etc/psad
cd ${S}/Net-IPv4Addr
perl-module_src_install
cd ${S}/IPTables-ChainMgr
perl-module_src_install
cd ${S}/IPTables-Parse
perl-module_src_install
cd ${S}
insinto /usr
dosbin kmsgsd psad psadwatchd
newsbin fwcheck_psad.pl fwcheck_psad
dobin pscan
cd ${S}
fix_psad_conf
insinto /etc/psad
doins *.conf
doins psad_*
doins auto_dl icmp_types ip_options posf signatures pf.os
cd ${S}/init-scripts
newinitd psad-init.gentoo psad
cd ${S}/snort_rules
dodir /etc/psad/snort_rules
insinto /etc/psad/snort_rules
doins *.rules
cd ${S}
dodoc BENCHMARK CREDITS Change* FW_EXAMPLE_RULES README LICENSE SCAN_LOG
}
pkg_postinst() {
if [ ! -p ${ROOT}/var/lib/psad/psadfifo ]
then
ebegin "Creating syslog FIFO for PSAD"
mknod -m 600 ${ROOT}/var/lib/psad/psadfifo p
eend $?
fi
echo
elog "Please be sure to edit /etc/psad/psad.conf to reflect your system's"
elog "configuration or it may not work correctly or start up. Specifically, check"
elog "the validity of the HOSTNAME setting and replace the EMAIL_ADDRESSES and"
elog "HOME_NET settings at the least."
elog
if has_version ">=app-admin/syslog-ng-0.0.0"
then
ewarn "You appear to have installed syslog-ng. If you are using syslog-ng as your"
ewarn "default system logger, please change the SYSLOG_DAEMON entry in"
ewarn "/etc/psad/psad.conf to the following (per examples in psad.conf):"
ewarn " SYSLOG_DAEMON syslog-ng;"
ewarn
fi
if has_version ">=app-admin/sysklogd-0.0.0"
then
elog "You have sysklogd installed. If this is your default system logger, no"
elog "special configuration is needed. If it is not, please set SYSLOG_DAEMON"
elog "in /etc/psad/psad.conf accordingly."
elog
fi
if has_version ">=app-admin/metalog-0.0"
then
ewarn "You appear to have installed metalog. If you are using metalog as your"
ewarn "default system logger, please change the SYSLOG_DAEMON entry in"
ewarn "/etc/psad/psad.conf to the following (per examples in psad.conf):"
ewarn " SYSLOG_DAEMON metalog"
fi
ewarn "NOTE: You need firewall rules to log dropped packets. Otherwise PSAD will"
ewarn "not be aware of any port scan attacks. Please see FW_EXAMPLE_RULES in the"
ewarn "psad documentation directory (ie /usr/share/doc/${P}) for the criteria and"
ewarn "sample rules."
}
fix_psad_conf() {
cp psad.conf psad.conf.orig
# Ditch the _CHANGEME_ for hostname, substituting in our real hostname
[ -e /etc/hostname ] && myhostname="$(< /etc/hostname)"
[ "${myhostname}" == "" ] && myhostname="$HOSTNAME"
mydomain=".$(grep ^domain /etc/resolv.conf | cut -d" " -f2)"
sed -i "s:HOSTNAME\(.\+\)\_CHANGEME\_;:HOSTNAME\1${myhostname}${mydomain};:" psad.conf || die "fix_psad_conf failed"
# Fix up paths
sed -i "s:/sbin/syslogd:/usr/sbin/syslogd:g" psad.conf || die "fix_psad_conf failed"
sed -i "s:/sbin/syslog-ng:/usr/sbin/syslog-ng:g" psad.conf || die "fix_psad_conf failed"
sed -i "s:/usr/bin/whois_psad:/usr/bin/whois:g" psad.conf || die "fix_psad_conf failed"
}