Bump to 2.1.5. Happy holidays!

Package-Manager: portage-2.2_rc59/cvs/Linux x86_64

3 files changed, 158 insertions, 3 deletions

diff --git a/net-firewall/psad/ChangeLog b/net-firewall/psad/ChangeLog
index 6a483212365e..f92d74e1b9d2 100644
--- a/net-firewall/psad/ChangeLog
+++ b/net-firewall/psad/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for net-firewall/psad
-# Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/psad/ChangeLog,v 1.44 2008/09/12 05:03:41 battousai Exp $
+# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/psad/ChangeLog,v 1.45 2009/12/24 21:21:13 battousai Exp $
+
+*psad-2.1.5 (24 Dec 2009)
+
+  24 Dec 2009; Bryan Stine <battousai@gentoo.org> +psad-2.1.5.ebuild:
+  Version bump to 2.1.5. This version now includes SELinux policy which is
+  not yet in the refpol that I know of and will need a sec-policy package.
+  Happy holidays!
 
 *psad-2.1.4 (12 Sep 2008)
 
diff --git a/net-firewall/psad/Manifest b/net-firewall/psad/Manifest
index f6d29248c3df..bbbd8a48a5ec 100644
--- a/net-firewall/psad/Manifest
+++ b/net-firewall/psad/Manifest
@@ -1,8 +1,10 @@
 DIST psad-1.4.8.tar.bz2 564588 RMD160 bfc2e79c81caa5e786d7d4e36002fe84ff01bb50 SHA1 25e5f84fb1278b03c5eeaa507b3efbaef3829ec9 SHA256 93f71dc00a2b361db0e37232ce6cc943a6cb8873efaf17448589167826950110
 DIST psad-2.0.6.tar.bz2 688632 RMD160 e2e49c2a6207edc4c1ba404ca01823348229ee0f SHA1 8447a942f082abe22787133561ae2ec19bb02930 SHA256 c59973bbc8d61071a28f5910c4b7b9cc183bf66a9f689e2d1d4564bbcd9dcd90
 DIST psad-2.1.4.tar.bz2 952601 RMD160 d51e981f0c4b8e933565e173cb5dd2e5dd49b8ea SHA1 4bcead2148884a654307329c6256782591195e50 SHA256 9628ef56fd42f56f8ce302bb0897de91ebbee075389fbf20774e6d56ed9a0896
+DIST psad-2.1.5.tar.bz2 962775 RMD160 eba09cef247209252370854f5d708fd42ecf160a SHA1 312bf54f17b11939b5843618fd279ce7fd74408a SHA256 abf1daf9e218d0ac7cc18cf78e83c80d27e1c1114a11ace2b619c97648226a3d
 EBUILD psad-1.4.8.ebuild 4100 RMD160 204e9e00da80d6327b79b559f8bf14e84931a64f SHA1 4493b4d58db05b30cb77cc703697441640afeda6 SHA256 639e51895e14fa74f7b39a8773dc9531544e49fe063f46b626e9a0a43e9acce9
 EBUILD psad-2.0.6.ebuild 4119 RMD160 cbfd0985df696de3d945555ed8e843c24c1cf781 SHA1 fd44c2e570df893cab3cf6062a033cf22938ba3c SHA256 9d3b5ac2e304b41eb046c674b3a819153e56ba1e90b3fdf67acf02d3a8d1ff88
 EBUILD psad-2.1.4.ebuild 4154 RMD160 d81d487dadb1ed760b7612c45e2b787a5762f1b9 SHA1 b25ac15876edfa8de784240ac302c62ac12880a8 SHA256 ac823740fb497f977030a6262f2c1cc655480164932d1b6729cd4ecac3254698
-MISC ChangeLog 7984 RMD160 cd02e3587cee6530b7fd5c97c2f3f550180bf0bb SHA1 42637217f8d8e1688476e8361a9c3a8b133f3c78 SHA256 ce00bac9d5b2da31773f857a3c444be47010848e06c569e851082b675f1264ed
+EBUILD psad-2.1.5.ebuild 4154 RMD160 0c2954c8d8c8d1d71e2808aafb967a1eaa17e3e9 SHA1 fbaa9789ba5df461eecee1c45a16920800073b8f SHA256 4bac68f65fd12f676db5a6a6d392fc293582d865d908ee1e7e31ea69200932b1
+MISC ChangeLog 8250 RMD160 bbf76857e28e35f88653ac3220af1f17e742e129 SHA1 021f44b253bc702a767f11a028e7278e829ea694 SHA256 8a6955989eb3ba260c374f52216d438c6609b3c74115132b1b9bd843372a7550
 MISC metadata.xml 326 RMD160 28fe5b256012109509ece09a19485561d72c3fdb SHA1 e78aaaa99ab3320dcaed3ed1c726b28f362cbb49 SHA256 496192e7d16fb2a96fed99f7443d4f04af054f69f40171f907fed81462b0ef11
diff --git a/net-firewall/psad/psad-2.1.5.ebuild b/net-firewall/psad/psad-2.1.5.ebuild
new file mode 100644
index 000000000000..53f8fde826ac
--- /dev/null
+++ b/net-firewall/psad/psad-2.1.5.ebuild
@@ -0,0 +1,146 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/psad/psad-2.1.5.ebuild,v 1.1 2009/12/24 21:21:13 battousai Exp $
+
+inherit eutils perl-app
+
+IUSE=""
+
+DESCRIPTION="Port Scanning Attack Detection daemon"
+SRC_URI="http://www.cipherdyne.org/psad/download/${P}.tar.bz2"
+HOMEPAGE="http://www.cipherdyne.org/psad"
+
+SLOT="0"
+LICENSE="GPL-2"
+KEYWORDS="~alpha ~amd64 ~ppc ~sparc ~x86"
+
+DEPEND="${DEPEND}
+	dev-lang/perl"
+
+RDEPEND="virtual/logger
+	dev-perl/Unix-Syslog
+	dev-perl/Date-Calc
+	virtual/mailx
+	net-firewall/iptables
+	net-misc/whois"
+
+src_compile() {
+	cd "${S}"/deps/Net-IPv4Addr
+	SRC_PREP="no" perl-module_src_compile
+	emake test
+
+	cd "${S}"/deps/IPTables-Parse
+	SRC_PREP="no" perl-module_src_compile
+	emake test
+
+	cd "${S}"/deps/IPTables-ChainMgr
+	SRC_PREP="no" perl-module_src_compile
+	emake test
+
+	cd "${S}"
+	# We'll use the C binaries
+	emake || die "Make failed: daemons"
+}
+
+src_install() {
+	local myhostname=
+	local mydomain=
+
+	doman *.8
+
+	keepdir /var/lib/psad /var/log/psad /var/run/psad /var/lock/subsys/${PN}
+	dodir /etc/psad
+
+	cd "${S}"/deps/Net-IPv4Addr
+	perl-module_src_install
+
+	cd "${S}"/deps/IPTables-ChainMgr
+	perl-module_src_install
+
+	cd "${S}"/deps/IPTables-Parse
+	perl-module_src_install
+
+	cd "${S}"
+	insinto /usr
+	dosbin kmsgsd psad psadwatchd
+	newsbin fwcheck_psad.pl fwcheck_psad
+	dobin pscan
+
+	cd "${S}"
+
+	fix_psad_conf
+
+	insinto /etc/psad
+	doins *.conf
+	doins psad_*
+	doins auto_dl icmp_types ip_options posf signatures pf.os
+
+	cd "${S}"/init-scripts
+	newinitd psad-init.gentoo psad
+
+	cd "${S}"/deps/snort_rules
+	dodir /etc/psad/snort_rules
+	insinto /etc/psad/snort_rules
+	doins *.rules
+
+	cd "${S}"
+	dodoc BENCHMARK CREDITS Change* FW_EXAMPLE_RULES README SCAN_LOG
+}
+
+pkg_postinst() {
+	if [ ! -p "${ROOT}"/var/lib/psad/psadfifo ]
+	then
+		ebegin "Creating syslog FIFO for PSAD"
+		mknod -m 600 "${ROOT}"/var/lib/psad/psadfifo p
+		eend $?
+	fi
+
+	echo
+	elog "Please be sure to edit /etc/psad/psad.conf to reflect your system's"
+	elog "configuration or it may not work correctly or start up. Specifically, check"
+	elog "the validity of the HOSTNAME setting and replace the EMAIL_ADDRESSES and"
+	elog "HOME_NET settings at the least."
+	elog
+	if has_version ">=app-admin/syslog-ng-0.0.0"
+	then
+		ewarn "You appear to have installed syslog-ng. If you are using syslog-ng as your"
+		ewarn "default system logger, please change the SYSLOG_DAEMON entry in"
+		ewarn "/etc/psad/psad.conf to the following (per examples in psad.conf):"
+		ewarn "		SYSLOG_DAEMON	syslog-ng;"
+		ewarn
+	fi
+	if has_version ">=app-admin/sysklogd-0.0.0"
+	then
+		elog "You have sysklogd installed. If this is your default system logger, no"
+		elog "special configuration is needed. If it is not, please set SYSLOG_DAEMON"
+		elog "in /etc/psad/psad.conf accordingly."
+		elog
+	fi
+	if has_version ">=app-admin/metalog-0.0"
+	then
+		ewarn "You appear to have installed metalog. If you are using metalog as your"
+		ewarn "default system logger, please change the SYSLOG_DAEMON entry in"
+		ewarn "/etc/psad/psad.conf to the following (per examples in psad.conf):"
+		ewarn "		SYSLOG_DAEMON	metalog"
+	fi
+
+	ewarn "NOTE: You need firewall rules to log dropped packets. Otherwise PSAD will"
+	ewarn "not be aware of any port scan attacks. Please see FW_EXAMPLE_RULES in the"
+	ewarn "psad documentation directory (ie /usr/share/doc/${P}) for the criteria and"
+	ewarn "sample rules."
+}
+
+fix_psad_conf() {
+	cp psad.conf psad.conf.orig
+
+	# Ditch the _CHANGEME_ for hostname, substituting in our real hostname
+	[ -e /etc/hostname ] && myhostname="$(< /etc/hostname)"
+	[ "${myhostname}" == "" ] && myhostname="$HOSTNAME"
+	mydomain=".$(grep ^domain /etc/resolv.conf | cut -d" " -f2)"
+	sed -i "s:HOSTNAME\(.\+\)\_CHANGEME\_;:HOSTNAME\1${myhostname}${mydomain};:" psad.conf || die "fix_psad_conf failed"
+
+	# Fix up paths
+	sed -i "s:/sbin/syslogd:/usr/sbin/syslogd:g" psad.conf || die "fix_psad_conf failed"
+	sed -i "s:/sbin/syslog-ng:/usr/sbin/syslog-ng:g" psad.conf || die "fix_psad_conf failed"
+	sed -i "s:/usr/bin/whois_psad:/usr/bin/whois:g" psad.conf || die "fix_psad_conf failed"
+}