diff --git a/builder_scripts/conf/pfPorts/buildports.RELENG_2_2 b/builder_scripts/conf/pfPorts/buildports.RELENG_2_2 index e5cda6e..276485e 100644 --- a/builder_scripts/conf/pfPorts/buildports.RELENG_2_2 +++ b/builder_scripts/conf/pfPorts/buildports.RELENG_2_2 @@ -99,3 +99,4 @@ pcbsd-utils /usr/ports/sysutils/pcbsd-utils /usr/local/sbin/pbi_makeport ipmitool /usr/ports/sysutils/ipmitool /usr/local/bin/ipmitool dmidecode /usr/ports/sysutils/dmidecode /usr/local/sbin/dmidecode unbound /usr/ports/dns/unbound /usr/local/sbin/unbound +dshield-sensor /usr/ports/net-mgmt/dshield-sensor /usr/local/sbin/dshield-sensor diff --git a/pfPorts/dshield-sensor/Makefile b/pfPorts/dshield-sensor/Makefile new file mode 100644 index 0000000..bd64eed --- /dev/null +++ b/pfPorts/dshield-sensor/Makefile @@ -0,0 +1,49 @@ +# Created by: Robert Nelson +# $FreeBSD$ + +PORTNAME= dshield-sensor +PORTVERSION= 2015.04.03 +CATEGORIES= net-mgmt + +MAINTAINER= robertn@the-nelsons.org +COMMENT= Submit firewall logs to Dshield Sensor periodically + +RUN_DEPENDS= p5-Net-IP>=0:${PORTSDIR}/net-mgmt/p5-Net-IP + +USE_GITHUB= yes +GH_ACCOUNT= Robert-Nelson +GH_PROJECT= dshield-framework + +DISTVERSIONPREFIX= v + +USES= perl5 shebangfix +SHEBANG_FILES= ${WRKSRC}/build_clients.pl + +USE_PERL5= build run + +NO_ARCH= yes + +.include + +post-extract: + ${CP} ${FILESDIR}/dshield-sensor ${WRKSRC} + +post-patch: + @${REINPLACE_CMD} -e 's,@@DATADIR@@,${DATADIR},g' -e 's,@@ETCDIR@@,${ETCDIR},g' ${WRKSRC}/dshield-sensor ${WRKSRC}/dshield.cnf + +do-build: + cd ${WRKSRC}; ./build_clients.pl + @${REINPLACE_CMD} ${_SHEBANG_REINPLACE_ARGS} ${WRKSRC}/pfsense.pl + +do-install: + ${MKDIR} ${STAGEDIR}${DATADIR} + ${INSTALL_SCRIPT} ${WRKSRC}/pfsense.pl ${STAGEDIR}${DATADIR}/pfsense.pl + ${MKDIR} ${STAGEDIR}${ETCDIR} + ${INSTALL_DATA} ${WRKSRC}/dshield-source-exclude.lst ${STAGEDIR}${ETCDIR}/dshield-source-exclude.lst.sample + ${INSTALL_DATA} ${WRKSRC}/dshield-source-port-exclude.lst ${STAGEDIR}${ETCDIR}/dshield-source-port-exclude.lst.sample + ${INSTALL_DATA} ${WRKSRC}/dshield-target-exclude.lst ${STAGEDIR}${ETCDIR}/dshield-target-exclude.lst.sample + ${INSTALL_DATA} ${WRKSRC}/dshield-target-port-exclude.lst ${STAGEDIR}${ETCDIR}/dshield-target-port-exclude.lst.sample + ${INSTALL_DATA} ${WRKSRC}/dshield.cnf ${STAGEDIR}${ETCDIR}/dshield.cnf.sample + ${INSTALL_SCRIPT} ${WRKSRC}/dshield-sensor ${STAGEDIR}${PREFIX}/sbin/dshield-sensor + +.include diff --git a/pfPorts/dshield-sensor/distinfo b/pfPorts/dshield-sensor/distinfo new file mode 100644 index 0000000..5a4c5c9 --- /dev/null +++ b/pfPorts/dshield-sensor/distinfo @@ -0,0 +1,2 @@ +SHA256 (dshield-sensor-v2015.04.03_GH0.tar.gz) = c0dc2fba04a1d492e69ebcb30077ed1107d68c13562497851fc417d41875608a +SIZE (dshield-sensor-v2015.04.03_GH0.tar.gz) = 57749 diff --git a/pfPorts/dshield-sensor/files/dshield-sensor b/pfPorts/dshield-sensor/files/dshield-sensor new file mode 100755 index 0000000..f03b8c1 --- /dev/null +++ b/pfPorts/dshield-sensor/files/dshield-sensor @@ -0,0 +1,2 @@ +#!/bin/sh +@@DATADIR@@/pfsense.pl -config=/var/etc/dshield.cnf diff --git a/pfPorts/dshield-sensor/files/patch-dshield.cnf b/pfPorts/dshield-sensor/files/patch-dshield.cnf new file mode 100644 index 0000000..4ef4c63 --- /dev/null +++ b/pfPorts/dshield-sensor/files/patch-dshield.cnf @@ -0,0 +1,38 @@ +--- dshield.cnf.orig 2015-03-29 17:50:14 UTC ++++ dshield.cnf +@@ -35,7 +35,7 @@ replyto= + # client processes 'syslog' reports. Unless your firewall logs go to + # a different file.... + +-log=/var/log/messages ++#log=/var/log/messages + + # Regular expression that must match in each log line that is processed + # Needed if your log contains all kinds of different things, not just +@@ -79,20 +79,21 @@ sendmail=/usr/sbin/sendmail -oi -t + # Or for testing and debugging, so that you don't have to fool with mail until + # you have it working right. + +-whereto=MAIL ++#whereto=MAIL ++whereto=- + + # These optional files contain ranges that are used to exclude + # log lines, so you can filter out log lines that you don't want + # to submit to DShield. + # + # IP addresses +-source_exclude=/etc/dshield-source-exclude.lst +-target_exclude=/etc/dshield-target-exclude.lst ++source_exclude=@@ETCDIR@@/dshield-source-exclude.lst ++target_exclude=@@ETCDIR@@/dshield-target-exclude.lst + + # + # Ports +-source_port_exclude=/etc/dshield-source-port-exclude.lst +-target_port_exclude=/etc/dshield-target-port-exclude.lst ++source_port_exclude=@@ETCDIR@@/dshield-source-port-exclude.lst ++target_port_exclude=@@ETCDIR@@/dshield-target-port-exclude.lst + + # Replace the first byte of the target IP with '10.' + # Note that if you set this to 'Y' then DShield won't send FightBack diff --git a/pfPorts/dshield-sensor/pkg-descr b/pfPorts/dshield-sensor/pkg-descr new file mode 100644 index 0000000..3ca81da --- /dev/null +++ b/pfPorts/dshield-sensor/pkg-descr @@ -0,0 +1,3 @@ +This is a set of scripts which automatically submits firewall logs to DShield + +WWW: https://dshield.org/howto.html diff --git a/pfPorts/dshield-sensor/pkg-plist b/pfPorts/dshield-sensor/pkg-plist new file mode 100644 index 0000000..fca8f59 --- /dev/null +++ b/pfPorts/dshield-sensor/pkg-plist @@ -0,0 +1,7 @@ +sbin/dshield-sensor +%%DATADIR%%/pfsense.pl +@sample %%ETCDIR%%/dshield-source-exclude.lst.sample +@sample %%ETCDIR%%/dshield-source-port-exclude.lst.sample +@sample %%ETCDIR%%/dshield-target-exclude.lst.sample +@sample %%ETCDIR%%/dshield-target-port-exclude.lst.sample +@sample %%ETCDIR%%/dshield.cnf.sample