diff options
author | Stuart Cardall <developer@it-offshore.co.uk> | 2016-08-18 20:46:53 +0000 |
---|---|---|
committer | Carlo Landmeter <clandmeter@gmail.com> | 2016-08-21 22:24:04 +0200 |
commit | 5c9f3ca3e307be53b45beeed2ce1626f38008625 (patch) | |
tree | 919836fe454e953f46685adf8228b0401280d4b6 /community/fwsnort | |
parent | 6a00a953ba02bab6440a2c784e7db37c6eaeace1 (diff) | |
download | aports-5c9f3ca3e307be53b45beeed2ce1626f38008625.tar.bz2 aports-5c9f3ca3e307be53b45beeed2ce1626f38008625.tar.xz |
testing/[various]: move to community
albatross-themes
apk-post-messages
autossh
bitcoin
btrbk
entr
ffmpegthumbnailer
firejail
firetools
fwsnort
gnome-colors
imapsync
inetutils-syslogd
inotify-tools-inc
isync
junit
ktsuss
letsencrypt-nosudo
libmbim
libndp
libqmi
libteam
mini-sendmail
modemmanager
namecoin
networkmanager
nginx-naxsi
numix-themes
nxapi
opencl-headers
opencl-icd-loader
opus-tools
perl-authen-ntlm
perl-bit-vector
perl-data-uniqid
perl-file-copy-recursive
perl-getopt-argvfile
perl-io-tee
perl-iptables-chainmgr
perl-iptables-parse
perl-module-scandeps
perl-par-dist
perl-par-packer
perl-par
perl-uri-escape
psad
py-crcmod
py-graphviz
py-lz4
py-opencl
py-opengl-accelerate
runit
secpwgen
secure-delete
socklog
spacefm
tinyssh
udevil
virt-viewer
virtualbricks
whois
wrk
xpra
zram-init
Diffstat (limited to 'community/fwsnort')
-rw-r--r-- | community/fwsnort/APKBUILD | 76 | ||||
-rw-r--r-- | community/fwsnort/fwsnort.post-install | 16 | ||||
-rw-r--r-- | community/fwsnort/fwsnort.up | 5 | ||||
-rw-r--r-- | community/fwsnort/fwsnort.update | 15 | ||||
-rw-r--r-- | community/fwsnort/periodic.daily | 5 |
5 files changed, 117 insertions, 0 deletions
diff --git a/community/fwsnort/APKBUILD b/community/fwsnort/APKBUILD new file mode 100644 index 0000000000..90f96e5dd5 --- /dev/null +++ b/community/fwsnort/APKBUILD @@ -0,0 +1,76 @@ +# Contributor: Stuart Cardall <developer@it-offshore.co.uk> +# Maintainer: Stuart Cardall <developer@it-offshore.co.uk> +pkgname=fwsnort +pkgver=1.6.5 +pkgrel=0 +pkgdesc="Application layer IDS/IPS by translating snort rules into iptables" +url="http://www.cipherdyne.org/fwsnort/" +arch="noarch" +license="GPL" +depends="perl perl-netaddr-ip perl-iptables-parse iptables ip6tables net-tools" +depends_dev="wget" +makedepends="$depends_dev" +install="$pkgname.post-install" +source="http://www.cipherdyne.org/$pkgname/download/$pkgname-nodeps-$pkgver.tar.gz + fwsnort.up + fwsnort.update + periodic.daily + " + +_builddir="$srcdir"/$pkgname-$pkgver + +build() { + cd "$_builddir" + + #Disable Root requirement to build + START=$(sed -n '/die "You need to be root (or equivalent UID 0"/=' ./install.pl) + END=$(expr $START + 1) + #Busybox sed does not support +1d + sed -e ''$START','$END'd' ./install.pl -i + + #prevent chmod 0500 halting the build + sed -e "s|0500|0755|" ./install.pl -i + + #change MAN path so package builds + sed -e "s|/usr/share/man/man8|$pkgdir&|" ./install.pl -i + + # --install-test-dir sets the INSTALL_ROOT to $src/../test/fwsnort-test + # avoids installation attempted into /etc /usr /var + # -S disables dependency installs (we also build with the nodep sources) + ./install.pl -S --install-test-dir +} + +package() { + cd "$_builddir" + mkdir -p $pkgdir/etc \ + $pkgdir/usr \ + $pkgdir/usr + cp -rf $srcdir/fwsnort-$pkgver/test/fwsnort-install/* $pkgdir + + # delete references to $pkgdir made by the installer + cp -f $srcdir/fwsnort-$pkgver/fwsnort.conf $pkgdir/etc/fwsnort/fwsnort.conf + #fix permissions + chmod 0500 $pkgdir/etc/fwsnort $pkgdir/etc/fwsnort/snort_rules + chmod 0500 $pkgdir/usr/sbin/fwsnort + chmod 0600 $pkgdir/etc/fwsnort/fwsnort.conf + + # install rule / signature update script + install -Dm755 "$srcdir"/fwsnort.update "$pkgdir"/usr/bin/update-fwsnort + # install iptables rule splicing script + install -Dm755 "$srcdir"/fwsnort.up "$pkgdir"/etc/network/if-pre-up.d/fwsnort + # install daily cron + install -Dm755 "$srcdir"/periodic.daily "$pkgdir"/etc/periodic/daily/fwsnort +} + +md5sums="a822b8a8eb482400b192acb7ea7ae342 fwsnort-nodeps-1.6.5.tar.gz +442039bc04d553c7c5f9d3fc4269cc71 fwsnort.up +ab969dd4b3154f8ce663e51473eda6c7 fwsnort.update +80bd0a7b0c1392e8a279d95e06120ca4 periodic.daily" +sha256sums="8a74abb75bd3c38fc00650e3d99aa2c8d657f2017c41c8c9aab5670d2afc5d26 fwsnort-nodeps-1.6.5.tar.gz +8caf113ff779a02fe97288d545f029111151fac9f342be9b40aa9f80e49dd359 fwsnort.up +a015a512ba9c7b3de7a8da42b33fd1eace25544b4d8b25c3a5f465c8d765a384 fwsnort.update +f080f4cb0b8e915a5d3af798b46b13fee0d2258d9c8c9dffafa4ecc0b9e1bbe6 periodic.daily" +sha512sums="6103bc8a04fbd1207f8bcae81e7d6522a50bb25d3f901561525649d4aeeb7a955f779968058471f2b8a4ab28e8358de429ee51d2f2cea24cc07f8fb02037db78 fwsnort-nodeps-1.6.5.tar.gz +3c97b5f4bb922086acd62305baae4ba1d91e6e627d063f131f98e08da3f57b607b35558eae2cf292b3997d25f09147039f95123161f8f29c5b97b71c80811e9f fwsnort.up +2a1e7ca6dc1c4a6e59907175c3483736f0efe1dcd8035dae2b903cd22fe953d29333939ad9e0a6f446480eda55370f4b11a77016932bef73e769b5e5401e92c0 fwsnort.update +763b459d43319e9b6678a5addd96b3542c629379f9f11095bc158b1ef08b039cd776ceedd6207953ab01000804d7580a3a8223b352b407d3cc6a05c27d96fcb0 periodic.daily" diff --git a/community/fwsnort/fwsnort.post-install b/community/fwsnort/fwsnort.post-install new file mode 100644 index 0000000000..b4e80d6c5c --- /dev/null +++ b/community/fwsnort/fwsnort.post-install @@ -0,0 +1,16 @@ +#!/bin/sh +# fwsnort post install script +############################# + +NORMAL="\033[1;0m" +STRONG="\033[1;1m" +GREEN="\033[1;32m" + +print_strong() { + local prompt="${STRONG}$1 ${GREEN}$2${NORMAL}" + printf "${prompt} %s\n" +} + +print_strong "\nFWSNORT installed & daily signature updates configured.\n\nTo update now run:" "\t/usr/bin/update-fwsnort\n" +exit 0 + diff --git a/community/fwsnort/fwsnort.up b/community/fwsnort/fwsnort.up new file mode 100644 index 0000000000..b750f59098 --- /dev/null +++ b/community/fwsnort/fwsnort.up @@ -0,0 +1,5 @@ +#!/bin/sh + +#splice fwsnort rules into iptables whenever the network comes up +/var/lib/fwsnort/fwsnort.sh + diff --git a/community/fwsnort/fwsnort.update b/community/fwsnort/fwsnort.update new file mode 100644 index 0000000000..41dc608f6d --- /dev/null +++ b/community/fwsnort/fwsnort.update @@ -0,0 +1,15 @@ +#!/bin/sh + +# update fwsnort rules / psad signatures +/usr/sbin/fwsnort --update-rules +#generate iptables ruleset +/usr/sbin/fwsnort +#splice rules into iptables +/var/lib/fwsnort/fwsnort.sh + +if ps aux | grep psad; then + psad --sig-update + echo "running 'psad -H'" + psad -H +fi + diff --git a/community/fwsnort/periodic.daily b/community/fwsnort/periodic.daily new file mode 100644 index 0000000000..ffc785d82d --- /dev/null +++ b/community/fwsnort/periodic.daily @@ -0,0 +1,5 @@ +#!/bin/sh +#update FWSNORT Rules & PSAD signatures daily +/usr/bin/update-fwsnort +exit 0 + |