blob: e1cf8dedd9b2605277ea00f97bfc97926037e073 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
|
# Contributor: Stuart Cardall <developer@it-offshore.co.uk>
# Maintainer: Stuart Cardall <developer@it-offshore.co.uk>
pkgname=psad
pkgver=2.4.1
pkgrel=1
pkgdesc="3 lightweight system daemons that analyze iptables log messages to detect port scans and other suspicious traffic"
url="http://cipherdyne.org/psad/"
arch="all"
license="GPL"
depends="perl iptables ip6tables ssmtp mailx psmisc perl-bit-vector perl-date-calc perl-iptables-chainmgr \
perl-iptables-parse perl-net-ipv4addr perl-unix-syslog net-tools"
subpackages="$pkgname-doc"
source="http://cipherdyne.org/psad/download/$pkgname-nodeps-$pkgver.tar.gz
psad.initd
psad.confd
"
_builddir="$srcdir"/$pkgname-$pkgver
build() {
cd "$_builddir"
#Set the config dirs
sed -e "s|'/usr/sbin'|'$pkgdir/usr/sbin'|" \
-e "s|'/usr/bin'|'$pkgdir/usr/bin'|" \
-e "s|my \$mpath = \"/usr/share/man/man\$section\";|my \$mpath = \"$pkgdir/usr/share/man/man\$section\";|" \
./install.pl -i
#/usr/sbin/psadwatchd set with last cmd
sed -e "s|/var/log/psad|$pkgdir&|" \
-e "s|/var/run/psad|$pkgdir&|" \
-e "s|/var/lib/psad|$pkgdir&|" \
-e "s|/usr/lib/psad|$pkgdir&|" \
-e "s|/etc/psad|$pkgdir&|" \
-e "s|/usr/bin/whois_psad|$pkgdir/usr/bin/whois|" \
-e "s|/usr/sbin/fwcheck_psad|$pkgdir&|" \
-e "s|/usr/sbin/kmsgsd|$pkgdir&|" \
-e "s|/usr/sbin/psad|$pkgdir&|" \
./psad.conf -i
# set mail command to mailx
sed -e 's|/bin/mail;|/usr/bin/mail;|g' -i ./psad.conf
#Disable install of generic init script & setting numeric run level
START=$(sed -n '/if ($init_dir and &is_root()) {/=' ./install.pl)
END=$(expr $START + 7)
#Busybox sed does not support +7d
sed -e ''$START','$END'd' ./install.pl -i
#populate install.answers so build does not wait for them
echo -e "Would you like to merge the config from the existing psad installation:\t n;" > ./install.answers
echo -e "Preserve any user modfications in etc psad signatures:\t y;" >> ./install.answers
echo -e "Preserve any user modfications in etc psad icmp_types:\t y;" >> ./install.answers
echo -e "Preserve any user modfications in etc psad icmp6_types:\t y;" >> ./install.answers
echo -e "Preserve any user modfications in etc psad posf:\t y;" >> ./install.answers
echo -e "Preserve any user modfications in etc psad auto_dl:\t y;" >> ./install.answers
echo -e "Preserve any user modfications in etc psad snort_rule_dl:\t y;" >> ./install.answers
echo -e "Preserve any user modfications in etc psad pf os:\t y;" >> ./install.answers
echo -e "Preserve any user modfications in etc psad ip_options:\t y;" >> ./install.answers
echo -e "Would you like alerts sent to a different address:\t y;" >> ./install.answers
echo -e "Email addresses:\t root@localhost;" >> ./install.answers
echo -e "Would you like psad to only parse specific strings in iptables messages:\t n;" >> ./install.answers
echo -e "First is it ok to leave the HOME_NET setting as any:\t y;" >> ./install.answers
echo -e "Would you like to enable DShield alerts:\t n;" >> ./install.answers
echo -e "Would you like to install the latest signatures from http www cipherdyne org psad signatures:\t n;" >> ./install.answers
echo -e "Enable psad at boot time:\t n;" >> ./install.answers
}
package() {
cd "$_builddir"
mkdir -p $pkgdir/etc/psad \
$pkgdir/usr/bin \
$pkgdir/usr/sbin \
$pkgdir/usr/share/man/man8 \
$pkgdir/var/lib/psad \
$pkgdir/var/log/psad \
$pkgdir/var/run/psad
# add dummy whois so build completes
ln -s /bin/busybox $pkgdir/usr/bin/whois
# dummy runlevel 1 / skip perl module installation
./install.pl --runlevel 1 --Use-answers --Skip-mod-install
#Set correct permissions
chmod -R o+r $pkgdir/etc/psad
chmod -R o+r $pkgdir/usr/sbin/*
chmod 0700 $pkgdir/var/lib/psad
#remove whois symbolic link
rm f $pkgdir/usr/bin/whois
# Fix the config
sed -e "s|$pkgdir||" $pkgdir/etc/psad/psad.conf -i
sed -e "s|$pkgdir||" $pkgdir/var/log/psad/install.log -i
#install init script & config defaults
install -m755 -D "$srcdir"/$pkgname.initd \
"$pkgdir"/etc/init.d/$pkgname || return 1
install -m644 -D "$srcdir"/$pkgname.confd \
"$pkgdir"/etc/conf.d/$pkgname || return 1
# temporarily disable whois lookups https://github.com/mrash/psad/issues/22
sed -i 's|ENABLE_WHOIS_LOOKUPS Y;|ENABLE_WHOIS_LOOKUPS N;|' "$pkgdir"/etc/psad/psad.conf
}
md5sums="acbb0ab7ae9a983386b8baee2a51b929 psad-nodeps-2.4.1.tar.gz
b7d0fa3ee0b711a92f25ff8188dbf75b psad.initd
bc07efebb41cc23c4be129bbbacc874b psad.confd"
sha256sums="48bd4b1adbaef628cadfc271436c0fc0ca3cc9a8e79b13cf4244cc4db2e29b6c psad-nodeps-2.4.1.tar.gz
1a5b8f1b014a9f78b43cd6e4e1006d6901a654fc51dcbe2c405d509b4a950a78 psad.initd
74c72225fa37c367a458321b737050cacaf262f32b0cc13babc54468ff1988b9 psad.confd"
sha512sums="f1d68dd184cb4722aadd97a6d99959db325f370592ba785bf392bfd03c9497f1eaacbe497d98a7e35e91ea5fa776672fa735bbc92e4025e2978220f330d6a6e5 psad-nodeps-2.4.1.tar.gz
f9f7e5e9da9de2f2258ae1b36e22e59faf950c7110de869c3581f7a89cd6dfdc96aa4db06a4ceca0ac016e8adbeb1e3bca3da66a565aec8a1ddf2808e93897c2 psad.initd
a80666f59356cc6157a9f5dca132991d4f1e0afda8f673d602de2557219d5521bec9ae148330e98d9483175d14d96e4cc2ccd11541d8b187b0e47f44ba4ada54 psad.confd"
|
