svn commit: r532477 - in head/security: . bsmtrace3 bsmtrace3/files
Kyle Evans
kevans at FreeBSD.org
Wed Apr 22 14:20:42 UTC 2020
Author: kevans
Date: Wed Apr 22 14:20:41 2020
New Revision: 532477
URL: https://svnweb.freebsd.org/changeset/ports/532477
Log:
[NEW] security/bsmtrace3: BSM based intrusion detection system
bsmtrace is a BSM based intrusion detection system, utilizing audit trails
and real-time audit event analysis through auditpipe(4). This host based
IDS operates using a finite state machine principles with a flexible
sequence driven signature system.
WWW: https://www.github.com/openbsm/bsmtrace
This is a repocopy of security/bsmtrace, updated to recently-released 3.x.
There are breaking changes between 1.x and 3.x, so it was decided to create
a new port to give consumers some time to update their configs. The old
security/bsmtrace should be deprecated in fairly short order, after
bsmtrace3 has received a little bit of soak time in ports.
bsmtrace 3.x, compared to the previous port, offers following new features:
- Set arrays will now resize on the fly, so the size limits should be no
more
- Logging channels have been removed, there's now one `logfile` directive
that can be applied at the global level to switch the logfile, assuming
the -l logdir option is in use
- Other config files can now be included with the 'include' directive; globs
are not currently supported, paths are relative to the primary config
file
- Sequences can now be configured to match on the jail name with the
per-sequence `zone` directive; valid values are: any, none, or a glob
string that matches the jail name.
Any = any jail, not the host. None = Only the host, no jails.
Other points:
- The Makefile patch is no longer needed as PCRE is now a mandatory
dependency.
- The dprintf(3) conflict is no more, so the rest of the patches also
disappear.
- This port now installs manpages to ${PREFIX}/share/man as per recent
guidelines to reflect base hierarchy.
- MAINTAINER remains csjp with the OpenBSM/TrustedBSD project.
Approved by: koobs (mentor)
Differential Revision: https://reviews.freebsd.org/D24437
Added:
head/security/bsmtrace3/
- copied from r532475, head/security/bsmtrace/
Deleted:
head/security/bsmtrace3/files/patch-Makefile
head/security/bsmtrace3/files/patch-bsm.c
head/security/bsmtrace3/files/patch-bsmtrace.c
head/security/bsmtrace3/files/patch-bsmtrace.h
head/security/bsmtrace3/files/patch-trigger.c
Modified:
head/security/Makefile
head/security/bsmtrace3/Makefile
head/security/bsmtrace3/distinfo
head/security/bsmtrace3/pkg-descr
head/security/bsmtrace3/pkg-plist
Modified: head/security/Makefile
==============================================================================
--- head/security/Makefile Wed Apr 22 14:07:39 2020 (r532476)
+++ head/security/Makefile Wed Apr 22 14:20:41 2020 (r532477)
@@ -60,6 +60,7 @@
SUBDIR += bruteforceblocker
SUBDIR += bsdsfv
SUBDIR += bsmtrace
+ SUBDIR += bsmtrace3
SUBDIR += bugs
SUBDIR += bzrtp
SUBDIR += ca_root_nss
Modified: head/security/bsmtrace3/Makefile
==============================================================================
--- head/security/bsmtrace/Makefile Wed Apr 22 13:56:15 2020 (r532475)
+++ head/security/bsmtrace3/Makefile Wed Apr 22 14:20:41 2020 (r532477)
@@ -1,28 +1,29 @@
-# Created by: alm
# $FreeBSD$
PORTNAME= bsmtrace
-PORTVERSION= 1.4
-PORTREVISION= 1
+PORTVERSION= 3.0
+DISTVERSIONPREFIX= v
CATEGORIES= security
-MASTER_SITES= LOCAL/csjp
+PKGNAMESUFFIX= 3
MAINTAINER= csjp at FreeBSD.org
COMMENT= BSM based intrusion detection system
LICENSE= BSD2CLAUSE
+LIB_DEPENDS= libpcre.so:devel/pcre
+
+CONFLICTS_INSTALL= bsmtrace-[0-9]*
+
+USE_GITHUB= yes
+GH_ACCOUNT= openbsm
+
SUB_FILES= pkg-message
MAKE_JOBS_UNSAFE= yes
-OPTIONS_DEFINE= PCRE EXAMPLES
+OPTIONS_DEFINE= EXAMPLES
-PCRE_LIB_DEPENDS= libpcre.so:devel/pcre
-PCRE_MAKE_ENV= PCRE=1
-PCRE_USES= localbase
-PCRE_LIBS= -lpcre
-
pre-build:
${REINPLACE_CMD} -e \
's,/etc/bsmtrace.conf,${PREFIX}/etc/bsmtrace.conf,' \
@@ -31,9 +32,10 @@ pre-build:
do-install:
${INSTALL_PROGRAM} ${WRKSRC}/${PORTNAME} ${STAGEDIR}${PREFIX}/sbin
- ${INSTALL_MAN} ${WRKSRC}/${PORTNAME}.1 ${STAGEDIR}${MAN1PREFIX}/man/man1
+ ${INSTALL_MAN} ${WRKSRC}/${PORTNAME}.1 \
+ ${STAGEDIR}${MAN1PREFIX}/share/man/man1
${INSTALL_MAN} ${WRKSRC}/${PORTNAME}.conf.5 \
- ${STAGEDIR}${MAN5PREFIX}/man/man5
+ ${STAGEDIR}${MAN5PREFIX}/share/man/man5
do-install-EXAMPLES-on:
@${MKDIR} ${STAGEDIR}${EXAMPLESDIR}
Modified: head/security/bsmtrace3/distinfo
==============================================================================
--- head/security/bsmtrace/distinfo Wed Apr 22 13:56:15 2020 (r532475)
+++ head/security/bsmtrace3/distinfo Wed Apr 22 14:20:41 2020 (r532477)
@@ -1,2 +1,3 @@
-SHA256 (bsmtrace-1.4.tar.gz) = c325a3246ace8aef835b30f542a3028c3f1a14784c8e83236624f04d26269f95
-SIZE (bsmtrace-1.4.tar.gz) = 25169
+TIMESTAMP = 1586997209
+SHA256 (openbsm-bsmtrace-v3.0_GH0.tar.gz) = 7b3575cbd2ecb4368221bd8e732f194825e75db44b61cb13c959e1dde3d3c831
+SIZE (openbsm-bsmtrace-v3.0_GH0.tar.gz) = 32679
Modified: head/security/bsmtrace3/pkg-descr
==============================================================================
--- head/security/bsmtrace/pkg-descr Wed Apr 22 13:56:15 2020 (r532475)
+++ head/security/bsmtrace3/pkg-descr Wed Apr 22 14:20:41 2020 (r532477)
@@ -3,4 +3,4 @@ and real-time audit event analysis through auditpipe(4
IDS operates using a finite state machine principles with a flexible
sequence driven signature system.
-WWW: https://people.freebsd.org/~csjp/bsmtrace/bsmtrace.txt
+WWW: https://www.github.com/openbsm/bsmtrace
Modified: head/security/bsmtrace3/pkg-plist
==============================================================================
--- head/security/bsmtrace/pkg-plist Wed Apr 22 13:56:15 2020 (r532475)
+++ head/security/bsmtrace3/pkg-plist Wed Apr 22 14:20:41 2020 (r532477)
@@ -1,4 +1,4 @@
sbin/bsmtrace
-man/man1/bsmtrace.1.gz
-man/man5/bsmtrace.conf.5.gz
+share/man/man1/bsmtrace.1.gz
+share/man/man5/bsmtrace.conf.5.gz
%%EXAMPLESDIR%%/bsmtrace.conf
More information about the svn-ports-all
mailing list