# Contributor: Stuart Cardall # Maintainer: Stuart Cardall pkgname=psad pkgver=2.4.3 pkgrel=1 pkgdesc="3 lightweight system daemons that analyze iptables log messages to detect port scans and other suspicious traffic" url="http://cipherdyne.org/psad/" arch="all" license="GPL" depends="perl iptables ip6tables ssmtp mailx psmisc perl-bit-vector perl-date-calc perl-iptables-chainmgr perl-iptables-parse perl-net-ipv4addr perl-unix-syslog net-tools whois" subpackages="$pkgname-doc" source="http://cipherdyne.org/psad/download/$pkgname-nodeps-$pkgver.tar.gz psad.initd psad.confd" builddir="$srcdir/$pkgname-nodeps-$pkgver" build() { cd "$builddir" # Set the config dirs. sed -e "s|'/usr/sbin'|'$pkgdir/usr/sbin'|" \ -e "s|'/usr/bin'|'$pkgdir/usr/bin'|" \ -e "s|my \$mpath = \"/usr/share/man/man\$section\";|my \$mpath = \"$pkgdir/usr/share/man/man\$section\";|" \ -i ./install.pl || return 1 # /usr/sbin/psadwatchd set with last cmd sed -e "s|/var/log/psad|$pkgdir&|" \ -e "s|/var/run/psad|$pkgdir/run/psad|" \ -e "s|/var/lib/psad|$pkgdir&|" \ -e "s|/usr/lib/psad|$pkgdir&|" \ -e "s|/etc/psad|$pkgdir&|" \ -e "s|/usr/bin/whois_psad|$pkgdir/usr/bin/whois|" \ -e "s|/usr/sbin/fwcheck_psad|$pkgdir&|" \ -e "s|/usr/sbin/kmsgsd|$pkgdir&|" \ -e "s|/usr/sbin/psad|$pkgdir&|" \ -i ./psad.conf || return 1 # Set mail command to mailx. sed -e 's|/bin/mail;|/usr/bin/mail;|g' -i ./psad.conf || return 1 # Disable install of generic init script & setting numeric run level. local start=$(sed -n '/if ($init_dir and &is_root()) {/=' ./install.pl) local end=$(expr $start + 7) # Busybox sed does not support +7d. sed ''$start','$end'd' ./install.pl -i || return 1 # Populate install.answers so build does not wait for them. cat >./install.answers <<-EOF Would you like to merge the config from the existing psad installation: y; Preserve any user modfications in etc psad signatures: y; Preserve any user modfications in etc psad icmp_types: y; Preserve any user modfications in etc psad icmp6_types: y; Preserve any user modfications in etc psad posf: y; Preserve any user modfications in etc psad auto_dl: y; Preserve any user modfications in etc psad snort_rule_dl: y; Preserve any user modfications in etc psad pf os: y; Preserve any user modfications in etc psad ip_options: y; Would you like alerts sent to a different address: y; Email addresses: root@localhost; Would you like psad to only parse specific strings in iptables messages: n; First is it ok to leave the HOME_NET setting as any: y; Would you like to enable DShield alerts: n; Would you like to install the latest signatures from http www cipherdyne org psad signatures: n; Enable psad at boot time:\t n; EOF } package() { cd "$builddir" mkdir -p "$pkgdir"/etc/psad \ "$pkgdir"/usr/bin \ "$pkgdir"/usr/sbin \ "$pkgdir"/usr/share/man/man8 \ "$pkgdir"/var/lib/psad \ "$pkgdir"/var/log/psad # Add dummy whois so build completes. ln -s /bin/busybox "$pkgdir"/usr/bin/whois || return 1 # Dummy runlevel 1 / skip perl module installation. ./install.pl --runlevel 1 --Use-answers --Skip-mod-install || return 1 rm -Rf "$pkgdir"/var/run # Set correct permissions. chmod -R o+r "$pkgdir"/etc/psad chmod -R o+r "$pkgdir"/usr/sbin/* chmod 0700 "$pkgdir"/var/lib/psad # Remove whois symbolic link. rm -f "$pkgdir"/usr/bin/whois # Fix the config. sed "s|$pkgdir||" -i "$pkgdir"/etc/psad/psad.conf || return 1 sed "s|$pkgdir||" -i "$pkgdir"/var/log/psad/install.log || return 1 # Install init script & config defaults. install -m755 -D "$srcdir"/$pkgname.initd \ "$pkgdir"/etc/init.d/$pkgname || return 1 install -m644 -D "$srcdir"/$pkgname.confd \ "$pkgdir"/etc/conf.d/$pkgname || return 1 } md5sums="644e6094c5142f54cdca6e7429825307 psad-nodeps-2.4.3.tar.gz 1b061d02d75d09537ef25e588c09583f psad.initd bc07efebb41cc23c4be129bbbacc874b psad.confd" sha256sums="c5a90f4c284c0eda3b24c5fcd9d0fd0e464ad8bf0fe7559ac6ecc41bb81e0b65 psad-nodeps-2.4.3.tar.gz 872152efdd6b5774ed0a11a44156ca5c4707af31ac4e998cfd20a3f47a81fefa psad.initd 74c72225fa37c367a458321b737050cacaf262f32b0cc13babc54468ff1988b9 psad.confd" sha512sums="9234a2ed534f571fb46d7566313802813076b9a3f2011695288b7b1a5c4f3f22cefc6ea99e087cbeb1072d61c278c11a28b5aaa4e4024d8bb459dda4873840d2 psad-nodeps-2.4.3.tar.gz ec709b1ba1df36dad5c1c2cfb5fc45765ac4ccdd6fc7a3e2f23c972c7dfb8e5910aeb1ba42437abd0d2c766bb99bcb790301c7b8ba3ee7e6593dcae13e9efc3a psad.initd a80666f59356cc6157a9f5dca132991d4f1e0afda8f673d602de2557219d5521bec9ae148330e98d9483175d14d96e4cc2ccd11541d8b187b0e47f44ba4ada54 psad.confd"