Add snortsnarf-010523 (version numbering changed from the vendor scheme of

MMDDYY to make it monotonic). This is a utility for generating a set of HTML reports/summaries based on snort alert files. At the moment we only enable the HTML generation features. There are other features such as the ability to annotate incidents in the report which are not currently enabled.
svn path=/head/; revision=45597
2001-07-30 00:24:02 +00:00 · 2001-07-30 00:24:02 +00:00 · 6b38a92024 · 2021-03-31 03:12:20 +00:00
commit 6b38a92024
parent 492002c8fb
7 changed files with 95 additions and 0 deletions
--- a/security/Makefile
+++ b/security/Makefile
@ -167,6 +167,7 @@
    SUBDIR += sniff
    SUBDIR += snort
    SUBDIR += snort-rep
+    SUBDIR += snortsnarf
    SUBDIR += srm
    SUBDIR += srp
    SUBDIR += ssh
--- a/security/snortsnarf/Makefile
+++ b/security/snortsnarf/Makefile
@ -0,0 +1,43 @@
+# New ports collection makefile for:	snortsnarf
+# Date created:		29 July 2001
+# Whom:			Kris Kennaway <kris@FreeBSD.org>
+#
+# $FreeBSD$
+#
+
+PORTNAME=	snortsnarf
+PORTVERSION=	010523
+CATEGORIES=	security
+MASTER_SITES=	http://www.silicondefense.com/software/snortsnarf/
+DISTNAME=	SnortSnarf-052301.1
+
+MAINTAINER=	kris@FreeBSD.org
+
+RUN_DEPENDS=	${LOCALBASE}/lib/perl5/site_perl/${PERL_VER}/Time/JulianDay.pm:${PORTSDIR}/devel/p5-Time
+
+NO_BUILD=	yes
+
+do-install:
+	${SED} s,%LOCALBASE%,${LOCALBASE}, < ${WRKSRC}/snortsnarf.pl > ${WRKSRC}/snortsnarf
+	${INSTALL_SCRIPT} ${WRKSRC}/snortsnarf ${LOCALBASE}/bin/snortsnarf
+	${MKDIR} ${LOCALBASE}/libdata/snortsnarf
+	${MKDIR} ${LOCALBASE}/libdata/snortsnarf/SnortSnarf
+.for i in IPAddrContact.pm ann_xml.pl web_utils.pl xml_help.pl
+	${INSTALL_DATA} ${WRKSRC}/include/${i} ${LOCALBASE}/libdata/snortsnarf/
+.endfor
+.for i in AlertBase.pm HTMLOutput.pm MemTimeBase.pm MultiStore.pm \
+	MemPacket.pm HTMLMemStorage.pm Filtering.pm PacketBase.pm \
+	AllMods.pm BasicFilters.pm KnownEquiv.pm SnortFileInput.pm \
+	HTMLAnomMemStorage.pm Input.pm SorterBase.pm Sort.pm \
+	StorageBase.pm MemAlert.pm BasicSorters.pm Filter.pm \
+	SnortRules.pm MemStorage.pm
+	${INSTALL_DATA} ${WRKSRC}/include/SnortSnarf/${i} ${LOCALBASE}/libdata/snortsnarf/SnortSnarf/
+.endfor
+.if !defined(NOPORTDOCS)
+	${MKDIR} ${LOCALBASE}/share/doc/snortsnarf
+.for i in README Usage
+	${INSTALL_DATA} ${WRKSRC}/${i} ${LOCALBASE}/share/doc/snortsnarf
+.endfor
+.endif
+
+.include <bsd.port.mk>
--- a/security/snortsnarf/distinfo
+++ b/security/snortsnarf/distinfo
@ -0,0 +1 @@
+MD5 (SnortSnarf-052301.1.tar.gz) = 4c5d229abcfaa740d40720376eb70d52
--- a/security/snortsnarf/files/patch-aa
+++ b/security/snortsnarf/files/patch-aa
@ -0,0 +1,11 @@
+--- snortsnarf.pl.orig	Sun Jul 29 16:53:40 2001
+++ snortsnarf.pl	Sun Jul 29 16:56:20 2001
+@@ -199,7 +199,7 @@
+ 
+ # Version control info: $Id: snortsnarf.pl,v 1.16 2000/06/14 18:40:45 jim Exp $
+ 
+-use lib qw(./include);
+use lib qw(%LOCALBASE%/libdata/snortsnarf/);
+ use Cwd;
+ 
+ # avoid needing to refer to SnortSnarf packages as SnortSnarf::*, even if
--- a/security/snortsnarf/pkg-comment
+++ b/security/snortsnarf/pkg-comment
@ -0,0 +1 @@
+Generate HTML report summaries from snort incident alerts
--- a/security/snortsnarf/pkg-descr
+++ b/security/snortsnarf/pkg-descr
@ -0,0 +1,6 @@
+This program creates a set of HTML pages to allow you to quickly and
+conveniently navigate around output files of the Snort intrusion
+detection system (http://www.snort.org/).  The reports summarize the
+incidents logged in the snort alert file.
+
+WWW: http://www.silicondefense.com/software/snortsnarf/
--- a/security/snortsnarf/pkg-plist
+++ b/security/snortsnarf/pkg-plist
@ -0,0 +1,32 @@
+bin/snortsnarf
+libdata/snortsnarf/IPAddrContact.pm
+libdata/snortsnarf/SnortSnarf/AlertBase.pm
+libdata/snortsnarf/SnortSnarf/AllMods.pm
+libdata/snortsnarf/SnortSnarf/BasicFilters.pm
+libdata/snortsnarf/SnortSnarf/BasicSorters.pm
+libdata/snortsnarf/SnortSnarf/Filter.pm
+libdata/snortsnarf/SnortSnarf/Filtering.pm
+libdata/snortsnarf/SnortSnarf/HTMLAnomMemStorage.pm
+libdata/snortsnarf/SnortSnarf/HTMLMemStorage.pm
+libdata/snortsnarf/SnortSnarf/HTMLOutput.pm
+libdata/snortsnarf/SnortSnarf/Input.pm
+libdata/snortsnarf/SnortSnarf/KnownEquiv.pm
+libdata/snortsnarf/SnortSnarf/MemAlert.pm
+libdata/snortsnarf/SnortSnarf/MemPacket.pm
+libdata/snortsnarf/SnortSnarf/MemStorage.pm
+libdata/snortsnarf/SnortSnarf/MemTimeBase.pm
+libdata/snortsnarf/SnortSnarf/MultiStore.pm
+libdata/snortsnarf/SnortSnarf/PacketBase.pm
+libdata/snortsnarf/SnortSnarf/SnortFileInput.pm
+libdata/snortsnarf/SnortSnarf/SnortRules.pm
+libdata/snortsnarf/SnortSnarf/Sort.pm
+libdata/snortsnarf/SnortSnarf/SorterBase.pm
+libdata/snortsnarf/SnortSnarf/StorageBase.pm
+libdata/snortsnarf/ann_xml.pl
+libdata/snortsnarf/web_utils.pl
+libdata/snortsnarf/xml_help.pl
+%%PORTDOCS%%share/doc/snortsnarf/README
+%%PORTDOCS%%share/doc/snortsnarf/Usage
+%%PORTDOCS%%@dirrm share/doc/snortsnarf
+@dirrm libdata/snortsnarf/SnortSnarf
+@dirrm libdata/snortsnarf
				`@ -0,0 +1 @@`
				`MD5 (SnortSnarf-052301.1.tar.gz) = 4c5d229abcfaa740d40720376eb70d52`
				`@ -0,0 +1 @@`
				`Generate HTML report summaries from snort incident alerts`