From 5b9aec0870e27a0443bb15d9136eed501e36a093 Mon Sep 17 00:00:00 2001 From: Ned Ludd Date: Thu, 7 Dec 2006 00:45:17 +0000 Subject: [PATCH] - version bump plus security fixes for bug #157156 Package-Manager: portage-2.1.2_pre1 --- net-firewall/psad/ChangeLog | 9 +- net-firewall/psad/Manifest | 52 +++++--- net-firewall/psad/files/digest-psad-1.4.8 | 3 + net-firewall/psad/psad-1.4.8.ebuild | 151 ++++++++++++++++++++++ 4 files changed, 198 insertions(+), 17 deletions(-) create mode 100644 net-firewall/psad/files/digest-psad-1.4.8 create mode 100644 net-firewall/psad/psad-1.4.8.ebuild diff --git a/net-firewall/psad/ChangeLog b/net-firewall/psad/ChangeLog index 076127906874..2af1a99f1348 100644 --- a/net-firewall/psad/ChangeLog +++ b/net-firewall/psad/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for net-firewall/psad -# Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/psad/ChangeLog,v 1.31 2005/11/28 12:11:33 mcummings Exp $ +# Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/net-firewall/psad/ChangeLog,v 1.32 2006/12/07 00:45:17 solar Exp $ + +*psad-1.4.8 (07 Dec 2006) + + 07 Dec 2006; +psad-1.4.8.ebuild: + - version bump plus security fixes for bug #157156 28 Nov 2005; psad-1.3.4.ebuild, psad-1.4.0.ebuild, psad-1.4.2.ebuild: diff --git a/net-firewall/psad/Manifest b/net-firewall/psad/Manifest index d37b988e0e84..f566865b55e6 100644 --- a/net-firewall/psad/Manifest +++ b/net-firewall/psad/Manifest @@ -1,18 +1,40 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - -MD5 3e650f91998dfc47d6309f2a849b0c9e ChangeLog 5863 -MD5 295923dc84bcfb6e5978b5039ffc0a3a files/digest-psad-1.3.4 63 -MD5 c43f2f1a27860fdad099c9000d373b01 files/digest-psad-1.4.0 63 -MD5 3ddd128f7239ca0bde300b2125ed63ab files/digest-psad-1.4.2 63 -MD5 ac85ccaacab6bf7a9dd356b8c92b3bac metadata.xml 326 +DIST psad-1.3.4.tar.bz2 493792 +DIST psad-1.4.0.tar.bz2 505014 +DIST psad-1.4.2.tar.bz2 544733 +DIST psad-1.4.8.tar.bz2 564588 RMD160 bfc2e79c81caa5e786d7d4e36002fe84ff01bb50 SHA1 25e5f84fb1278b03c5eeaa507b3efbaef3829ec9 SHA256 93f71dc00a2b361db0e37232ce6cc943a6cb8873efaf17448589167826950110 +EBUILD psad-1.3.4.ebuild 3404 RMD160 53dbbdca9b6ddedf16bcedc6c034d458cc791776 SHA1 882d84438d01b5bd2cc970e772944b28003e5d77 SHA256 3f7e1f5bd28c1baf43694037b32f3e9c26adefae837f0fc52aeddcea2c210186 MD5 ea24fb515df58b96714f4cb4e49fa696 psad-1.3.4.ebuild 3404 +RMD160 53dbbdca9b6ddedf16bcedc6c034d458cc791776 psad-1.3.4.ebuild 3404 +SHA256 3f7e1f5bd28c1baf43694037b32f3e9c26adefae837f0fc52aeddcea2c210186 psad-1.3.4.ebuild 3404 +EBUILD psad-1.4.0.ebuild 4108 RMD160 85b6b4290169f5fa5ad66d24835dd22da24b3cff SHA1 542de97bdcd79bcc22b5e79cbd5ca44a1769821a SHA256 b174e3895bf751a71f991d7485bd2cd3c78bad876b2f2f7abcb8dc3659631394 MD5 430edbbbbd3b839986145eb102cc933d psad-1.4.0.ebuild 4108 +RMD160 85b6b4290169f5fa5ad66d24835dd22da24b3cff psad-1.4.0.ebuild 4108 +SHA256 b174e3895bf751a71f991d7485bd2cd3c78bad876b2f2f7abcb8dc3659631394 psad-1.4.0.ebuild 4108 +EBUILD psad-1.4.2.ebuild 4353 RMD160 a1e30bf458df9a61658c337a93211973a17cc332 SHA1 9f55ca9cb230e4410559f47ef32916cd6163ed2a SHA256 b46f70269881078f6b9620c2d484ff27867eff1d002d901c0b53483c36eddad1 MD5 5e07f9ebb83b7457fe6eabdca01e694f psad-1.4.2.ebuild 4353 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.2 (GNU/Linux) - -iD8DBQFDivP9tG5z4I8BtQoRAmfQAJ9uE07jRwNxNx6g27QHAMB065PZGwCeLemc -4y2a+tL28SzgPU25LEQl86M= -=5d0o ------END PGP SIGNATURE----- +RMD160 a1e30bf458df9a61658c337a93211973a17cc332 psad-1.4.2.ebuild 4353 +SHA256 b46f70269881078f6b9620c2d484ff27867eff1d002d901c0b53483c36eddad1 psad-1.4.2.ebuild 4353 +EBUILD psad-1.4.8.ebuild 4271 RMD160 6e56c3df9240277af02e76e1014a22bf6fe87818 SHA1 a868b322718abe827a154758272a65afaaf5729a SHA256 ecf60d9405f2a2cddd7c72ac1929aee2b7d7f56d162bce2cb25145fe05a67ae6 +MD5 d1dc90efbc9b20775e42e86e3bff4754 psad-1.4.8.ebuild 4271 +RMD160 6e56c3df9240277af02e76e1014a22bf6fe87818 psad-1.4.8.ebuild 4271 +SHA256 ecf60d9405f2a2cddd7c72ac1929aee2b7d7f56d162bce2cb25145fe05a67ae6 psad-1.4.8.ebuild 4271 +MISC ChangeLog 5994 RMD160 6212623b7ec42e22cdae245ec02b41faa25ee534 SHA1 29fc895cf59b76312e989836d1818ccf6101af81 SHA256 3e5d49274334dafc50ca2d393175888cedcbdd1b595421a57dc5732257ee89f0 +MD5 e98b3b1aefc72deeb00a0be535cf80a0 ChangeLog 5994 +RMD160 6212623b7ec42e22cdae245ec02b41faa25ee534 ChangeLog 5994 +SHA256 3e5d49274334dafc50ca2d393175888cedcbdd1b595421a57dc5732257ee89f0 ChangeLog 5994 +MISC metadata.xml 326 RMD160 28fe5b256012109509ece09a19485561d72c3fdb SHA1 e78aaaa99ab3320dcaed3ed1c726b28f362cbb49 SHA256 496192e7d16fb2a96fed99f7443d4f04af054f69f40171f907fed81462b0ef11 +MD5 ac85ccaacab6bf7a9dd356b8c92b3bac metadata.xml 326 +RMD160 28fe5b256012109509ece09a19485561d72c3fdb metadata.xml 326 +SHA256 496192e7d16fb2a96fed99f7443d4f04af054f69f40171f907fed81462b0ef11 metadata.xml 326 +MD5 295923dc84bcfb6e5978b5039ffc0a3a files/digest-psad-1.3.4 63 +RMD160 74527e69af060cbcd298240e6a57bf9500fd9450 files/digest-psad-1.3.4 63 +SHA256 a0758ffe27fa1b4afa2767f5d71db9f41bf149ebdf2694fdd4e64e775704a1d0 files/digest-psad-1.3.4 63 +MD5 c43f2f1a27860fdad099c9000d373b01 files/digest-psad-1.4.0 63 +RMD160 d17c0f51fc952b42e59ae28f693a318021dd22b6 files/digest-psad-1.4.0 63 +SHA256 7e320a9e571038ab340a7a7ba2f143bb0e80920d5a7abfa0433e6d7ce9d1765d files/digest-psad-1.4.0 63 +MD5 3ddd128f7239ca0bde300b2125ed63ab files/digest-psad-1.4.2 63 +RMD160 3139460e988fde5cf0d0694b3bfa214e7672fc2a files/digest-psad-1.4.2 63 +SHA256 bcb60ffbbd6dd5b20a6b62f05a919fea65e27ff37dbd5f80cc38a4a33cb86ddf files/digest-psad-1.4.2 63 +MD5 a271d8d6d5d0b994cb66e0008d6e271f files/digest-psad-1.4.8 235 +RMD160 39a0044dcacf7d926ae18d0184e831d2775f6099 files/digest-psad-1.4.8 235 +SHA256 4d3b792a8be313e2a5d2e891dc3f5bf42afe72101493d7b39fff9ffb2649fc19 files/digest-psad-1.4.8 235 diff --git a/net-firewall/psad/files/digest-psad-1.4.8 b/net-firewall/psad/files/digest-psad-1.4.8 new file mode 100644 index 000000000000..7b21d039c801 --- /dev/null +++ b/net-firewall/psad/files/digest-psad-1.4.8 @@ -0,0 +1,3 @@ +MD5 e0cae71a71bf176c8b8ece1dec1df21b psad-1.4.8.tar.bz2 564588 +RMD160 bfc2e79c81caa5e786d7d4e36002fe84ff01bb50 psad-1.4.8.tar.bz2 564588 +SHA256 93f71dc00a2b361db0e37232ce6cc943a6cb8873efaf17448589167826950110 psad-1.4.8.tar.bz2 564588 diff --git a/net-firewall/psad/psad-1.4.8.ebuild b/net-firewall/psad/psad-1.4.8.ebuild new file mode 100644 index 000000000000..5f507801c04c --- /dev/null +++ b/net-firewall/psad/psad-1.4.8.ebuild @@ -0,0 +1,151 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-firewall/psad/psad-1.4.8.ebuild,v 1.1 2006/12/07 00:45:17 solar Exp $ + +inherit eutils perl-app + +IUSE="" + +DESCRIPTION="Port Scanning Attack Detection daemon" +SRC_URI="http://www.cipherdyne.org/psad/download/${P}.tar.bz2" +HOMEPAGE="http://www.cipherdyne.org/psad" + +SLOT="0" +LICENSE="GPL-2" +KEYWORDS="~x86 ~amd64 ~ppc ~alpha ~sparc" + +DEPEND="${DEPEND} + dev-lang/perl" + +RDEPEND="virtual/logger + dev-perl/Unix-Syslog + dev-perl/Date-Calc + virtual/mailx + net-firewall/iptables + net-misc/whois" + +src_compile() { + cd ${S}/Psad + SRC_PREP="no" perl-module_src_compile + emake test + + cd ${S}/Net-IPv4Addr + SRC_PREP="no" perl-module_src_compile + emake test + + cd ${S}/IPTables-Parse + SRC_PREP="no" perl-module_src_compile + emake test + + cd ${S}/IPTables-ChainMgr + SRC_PREP="no" perl-module_src_compile + emake test + + cd ${S} + # We'll use the C binaries + emake || die "Make failed: daemons" +} + +src_install() { + local myhostname= + local mydomain= + + doman *.8 + + keepdir /var/lib/psad /var/log/psad /var/run/psad /var/lock/subsys/${PN} + dodir /etc/psad + cd ${S}/Psad + emake install DESTDIR=${D} || die "Install failed: Psad.pm" + + cd ${S}/Net-IPv4Addr + emake install DESTDIR=${D} || die "Install failed: Net-IPv4Addr.pm" + + cd ${S}/IPTables-ChainMgr + emake install DESTDIR=${D} || die "Install failed: IPTables-Mgr.pm" + + cd ${S}/IPTables-Parse + emake install DESTDIR=${D} || die "Install failed: IPTables-Parse.pm" + + cd ${S} + insinto /usr + dosbin kmsgsd psad psadwatchd + newsbin fwcheck_psad.pl fwcheck_psad + dobin pscan + + cd ${S} + + fix_psad_conf + + insinto /etc/psad + doins *.conf + doins psad_* + doins auto_dl icmp_types posf signatures pf.os + + cd ${S}/init-scripts + exeinto /etc/init.d + newexe psad-init.gentoo psad + + cd ${S}/snort_rules + dodir /etc/psad/snort_rules + insinto /etc/psad/snort_rules + doins *.rules + + cd ${S} + dodoc BENCHMARK CREDITS Change* FW_EXAMPLE_RULES README LICENSE SCAN_LOG +} + +pkg_postinst() { + if [ ! -p ${ROOT}/var/lib/psad/psadfifo ] + then + ebegin "Creating syslog FIFO for PSAD" + mknod -m 600 ${ROOT}/var/lib/psad/psadfifo p + eend $? + fi + + echo + einfo "Please be sure to edit /etc/psad/psad.conf to reflect your system's" + einfo "configuration or it may not work correctly or start up. Specifically, check" + einfo "the validity of the HOSTNAME setting and replace the EMAIL_ADDRESSES and" + einfo "HOME_NET settings at the least." + echo + if has_version ">=app-admin/syslog-ng-0.0.0" + then + ewarn "You appear to have installed syslog-ng. If you are using syslog-ng as your" + ewarn "default system logger, please change the SYSLOG_DAEMON entry in" + ewarn "/etc/psad/psad.conf to the following (per examples in psad.conf):" + ewarn " SYSLOG_DAEMON syslog-ng;" + echo + fi + if has_version ">=app-admin/sysklogd-0.0.0" + then + einfo "You have sysklogd installed. If this is your default system logger, no" + einfo "special configuration is needed. If it is not, please set SYSLOG_DAEMON" + einfo "in /etc/psad/psad.conf accordingly." + echo + fi + if has_version ">=app-admin/metalog-0.0" + then + ewarn "You appear to have installed metalog. If you are using metalog as your" + ewarn "default system logger, please change the SYSLOG_DAEMON entry in" + ewarn "/etc/psad/psad.conf to the following (per examples in psad.conf):" + ewarn " SYSLOG_DAEMON metalog" + fi +} + +fix_psad_conf() { + cp psad.conf psad.conf.orig + + # Ditch the _CHANGEME_ for hostname, substituting in our real hostname + [ -e /etc/hostname ] && myhostname="$(< /etc/hostname)" + [ "${myhostname}" == "" ] && myhostname="$HOSTNAME" + mydomain=".$(grep ^domain /etc/resolv.conf | cut -d" " -f2)" + sed -i "s:HOSTNAME\(.\+\)\_CHANGEME\_;:HOSTNAME\1${myhostname}${mydomain};:" psad.conf || die "fix_psad_conf failed" + + # Fix up paths + sed -i "s:/sbin/syslogd:/usr/sbin/syslogd:g" psad.conf || die "fix_psad_conf failed" + sed -i "s:/sbin/syslog-ng:/usr/sbin/syslog-ng:g" psad.conf || die "fix_psad_conf failed" + sed -i "s:/bin/uname:/usr/bin/uname:g" psad.conf || die "fix_psad_conf failed" + sed -i "s:/bin/mknod:/usr/bin/mknod:g" psad.conf || die "fix_psad_conf failed" + sed -i "s:/usr/bin/whois_psad:/usr/bin/whois:g" psad.conf || die "fix_psad_conf failed" +} + -- 2.26.2