Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeroen Roovers <jer@gentoo.org>2014-07-16 23:56:11 +0000
committerJeroen Roovers <jer@gentoo.org>2014-07-16 23:56:11 +0000
commitd31e70f8c9da474daca64d00018521cbf1ada151 (patch)
treee316a515851d07005904153fa55f1604cd5776b8
parentDo not use a /run/ subdir. (diff)
downloadgentoo-2-d31e70f8c9da474daca64d00018521cbf1ada151.tar.gz
gentoo-2-d31e70f8c9da474daca64d00018521cbf1ada151.tar.bz2
gentoo-2-d31e70f8c9da474daca64d00018521cbf1ada151.zip
Version bump. Use /run not /var/run/sguil. Remove obsolete sed scripts.
(Portage version: 2.2.10/cvs/Linux x86_64, signed Manifest commit with key A792A613)
Diffstat
-rw-r--r--net-analyzer/sguil-sensor/ChangeLog9
-rw-r--r--net-analyzer/sguil-sensor/files/log_packets.confd4
-rw-r--r--net-analyzer/sguil-sensor/files/log_packets.initd6
-rw-r--r--net-analyzer/sguil-sensor/files/sensor_agent.initd6
-rw-r--r--net-analyzer/sguil-sensor/sguil-sensor-0.8.0.ebuild7
-rw-r--r--net-analyzer/sguil-sensor/sguil-sensor-0.9.0.ebuild79
6 files changed, 98 insertions, 13 deletions
diff --git a/net-analyzer/sguil-sensor/ChangeLog b/net-analyzer/sguil-sensor/ChangeLog
index 953c26e3a699..edb6429f5060 100644
--- a/net-analyzer/sguil-sensor/ChangeLog
+++ b/net-analyzer/sguil-sensor/ChangeLog
@@ -1,6 +1,13 @@
# ChangeLog for net-analyzer/sguil-sensor
# Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/sguil-sensor/ChangeLog,v 1.18 2014/07/16 23:37:37 jer Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/sguil-sensor/ChangeLog,v 1.19 2014/07/16 23:56:11 jer Exp $
+
+*sguil-sensor-0.9.0 (16 Jul 2014)
+
+ 16 Jul 2014; Jeroen Roovers <jer@gentoo.org> sguil-sensor-0.8.0.ebuild,
+ +sguil-sensor-0.9.0.ebuild, files/log_packets.confd, files/log_packets.initd,
+ files/sensor_agent.initd:
+ Version bump. Use /run not /var/run/sguil. Remove obsolete sed scripts.
16 Jul 2014; Jeroen Roovers <jer@gentoo.org> sguil-sensor-0.8.0.ebuild:
EAPI bump.
diff --git a/net-analyzer/sguil-sensor/files/log_packets.confd b/net-analyzer/sguil-sensor/files/log_packets.confd
index 522b61ba0d3c..93bdc772bff7 100644
--- a/net-analyzer/sguil-sensor/files/log_packets.confd
+++ b/net-analyzer/sguil-sensor/files/log_packets.confd
@@ -1,12 +1,12 @@
# Config file for /etc/init.d/log_packets
-# Copyright 1999-2012 Gentoo Foundation
+# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# This tell snort which interface to listen on (any for every interface)
IFACE=eth1
# Make sure this matches your IFACE
-PIDFILE=/var/run/sguil/log_packets_$IFACE.pid
+PIDFILE=/run/sguil-log_packets_$IFACE.pid
# You probably don't want to change this, but in case you do
LOGDIR="/var/lib/sguil"
diff --git a/net-analyzer/sguil-sensor/files/log_packets.initd b/net-analyzer/sguil-sensor/files/log_packets.initd
index 624f014dfcbb..a6387c549f06 100644
--- a/net-analyzer/sguil-sensor/files/log_packets.initd
+++ b/net-analyzer/sguil-sensor/files/log_packets.initd
@@ -1,9 +1,9 @@
#!/sbin/runscript
-# Copyright 1999-2005 Gentoo Foundation
+# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/sguil-sensor/files/log_packets.initd,v 1.4 2006/12/02 23:26:29 cedk Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/sguil-sensor/files/log_packets.initd,v 1.5 2014/07/16 23:56:11 jer Exp $
-opts="start stop cleandisk"
+extra_commands="cleandisk"
LOG_DIR="${LOGDIR}/${HOSTNAME}/dailylogs"
diff --git a/net-analyzer/sguil-sensor/files/sensor_agent.initd b/net-analyzer/sguil-sensor/files/sensor_agent.initd
index 8aac9c4b9d8f..603cd6aafeb6 100644
--- a/net-analyzer/sguil-sensor/files/sensor_agent.initd
+++ b/net-analyzer/sguil-sensor/files/sensor_agent.initd
@@ -1,7 +1,7 @@
#!/sbin/runscript
-# Copyright 1999-2005 Gentoo Foundation
+# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/sguil-sensor/files/sensor_agent.initd,v 1.4 2006/03/25 22:00:31 swegener Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/sguil-sensor/files/sensor_agent.initd,v 1.5 2014/07/16 23:56:11 jer Exp $
depend() {
need net
@@ -24,7 +24,7 @@ start() {
stop() {
ebegin "Stopping Sensor Agent"
- start-stop-daemon --stop --quiet --pidfile /var/run/sguil/sensor.pid
+ start-stop-daemon --stop --quiet --pidfile /run/sguil-sensor.pid
eend $?
}
diff --git a/net-analyzer/sguil-sensor/sguil-sensor-0.8.0.ebuild b/net-analyzer/sguil-sensor/sguil-sensor-0.8.0.ebuild
index 93408664f6ab..488aa043ad73 100644
--- a/net-analyzer/sguil-sensor/sguil-sensor-0.8.0.ebuild
+++ b/net-analyzer/sguil-sensor/sguil-sensor-0.8.0.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/sguil-sensor/sguil-sensor-0.8.0.ebuild,v 1.4 2014/07/16 23:37:37 jer Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/sguil-sensor/sguil-sensor-0.8.0.ebuild,v 1.5 2014/07/16 23:56:11 jer Exp $
EAPI=5
inherit user
@@ -32,14 +32,13 @@ pkg_setup() {
src_prepare() {
sed -i \
- -e 's:192.168.8.1:127.0.0.1:' \
-e "s:gateway:${HOSTNAME}:" \
-e 's:/snort_data:/var/lib/sguil:' \
-e 's:DAEMON 0:DAEMON 1:' \
-e 's:DEBUG 1:DEBUG 0:g' \
sensor/sensor_agent.conf || die
sed -i \
- -e 's:/var/run/sensor_agent.pid:/var/run/sguil/sensor.pid:' \
+ -e 's:/run/sensor_agent.pid:/run/sguil-sensor.pid:' \
sensor/sensor_agent.tcl || die
}
@@ -56,7 +55,7 @@ src_install() {
# Create the directory structure
diropts -g sguil -o sguil
- keepdir /var/lib/sguil /var/run/sguil /var/lib/sguil/archive \
+ keepdir /var/lib/sguil /var/lib/sguil/archive \
"/var/lib/sguil/${HOSTNAME}" \
"/var/lib/sguil/${HOSTNAME}/portscans" \
"/var/lib/sguil/${HOSTNAME}/ssn_logs" \
diff --git a/net-analyzer/sguil-sensor/sguil-sensor-0.9.0.ebuild b/net-analyzer/sguil-sensor/sguil-sensor-0.9.0.ebuild
new file mode 100644
index 000000000000..c4185860900d
--- /dev/null
+++ b/net-analyzer/sguil-sensor/sguil-sensor-0.9.0.ebuild
@@ -0,0 +1,79 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/sguil-sensor/sguil-sensor-0.9.0.ebuild,v 1.1 2014/07/16 23:56:11 jer Exp $
+
+EAPI=5
+inherit user
+
+MY_PV="${PV/_p/p}"
+DESCRIPTION="Sensor part of sguil Network Security Monitoring"
+HOMEPAGE="http://sguil.sourceforge.net"
+SRC_URI="https://github.com/bammv/${PN/-sensor}/archive/v${PV}.tar.gz -> ${P/-sensor}.tar.gz"
+
+LICENSE="GPL-2 QPL"
+SLOT="0"
+KEYWORDS="~x86"
+
+RDEPEND="
+ >=dev-lang/tcl-8.3[-threads]
+ >=dev-tcltk/tclx-8.3
+ >=net-analyzer/barnyard-0.2.0-r1
+ >=net-analyzer/snort-2.4.1-r1
+ dev-ml/pcre-ocaml
+ net-analyzer/sancp
+"
+
+S="${WORKDIR}/sguil-${MY_PV}"
+
+pkg_setup() {
+ enewgroup sguil
+ enewuser sguil -1 -1 /var/lib/sguil sguil
+}
+
+src_prepare() {
+ sed -i \
+ -e "s:gateway:${HOSTNAME}:" \
+ -e 's:/snort_data:/var/lib/sguil:' \
+ -e 's:DAEMON 0:DAEMON 1:' \
+ -e 's:DEBUG 1:DEBUG 0:g' \
+ sensor/sensor_agent.conf || die
+ sed -i \
+ -e 's:/var/run/sensor_agent.pid:/run/sguil-sensor.pid:' \
+ sensor/sensor_agent.tcl || die
+}
+
+src_install() {
+ dodoc doc/*
+
+ dobin sensor/sensor_agent.tcl
+
+ newinitd "${FILESDIR}/log_packets.initd" log_packets
+ newinitd "${FILESDIR}/sensor_agent.initd" sensor_agent
+ newconfd "${FILESDIR}/log_packets.confd" log_packets
+ insinto /etc/sguil
+ doins sensor/sensor_agent.conf
+
+ # Create the directory structure
+ diropts -g sguil -o sguil
+ keepdir /var/lib/sguil /var/lib/sguil/archive \
+ "/var/lib/sguil/${HOSTNAME}" \
+ "/var/lib/sguil/${HOSTNAME}/portscans" \
+ "/var/lib/sguil/${HOSTNAME}/ssn_logs" \
+ "/var/lib/sguil/${HOSTNAME}/dailylogs" \
+ "/var/lib/sguil/${HOSTNAME}/sancp"
+
+}
+
+pkg_postinst() {
+ elog
+ elog "You should check /etc/sguil/sensor_agent.conf and"
+ elog "/etc/init.d/logpackets and ensure that they are accurate"
+ elog "for your environment. They should work providing that you"
+ elog "are running the sensor on the same machine as the server."
+ elog "This ebuild assumes that you are running a single sensor"
+ elog "environment, if this is not the case then you must make sure"
+ elog "to modify /etc/sguil/sensor_agent.conf and change the HOSTNAME variable."
+ elog "You should crontab the /etc/init.d/log_packets script to restart"
+ elog "each hour."
+ elog
+}