- enable postgresql support by default.

- add a prelude flavor + instructions.
- regen patches.

team work with maintainer Rui Reis.

net/nepenthes/Makefile

@@ -1,9 +1,10 @@
-# $OpenBSD: Makefile,v 1.8 2007/03/17 21:50:11 jolan Exp $
+# $OpenBSD: Makefile,v 1.9 2007/04/15 11:58:25 aanriot Exp $
 SHARED_ONLY=	Yes
 
 COMMENT=	"determine the malware activity on a network"
 
 DISTNAME= 	nepenthes-0.2.0
+PKGNAME=	${DISTNAME}p0
 CATEGORIES=	net
 
 HOMEPAGE=	http://nepenthes.mwcollect.org/
@@ -32,14 +33,30 @@ FAKE_FLAGS+=	localstatedir='/var/nepenthes' \
 		sysconfdir='${PREFIX}/share/examples'
 
 CONFIGURE_STYLE=gnu
-CONFIGURE_ENV+=	CPPFLAGS="-I${LOCALBASE}/include"
+CONFIGURE_ENV+=	CPPFLAGS="-I${LOCALBASE}/include \
+		-I${LOCALBASE}/include/postgresql"
 CONFIGURE_ARGS+=--enable-debug-logging \
 		--disable-mysql \
-		--disable-postgre \
+		--enable-postgre \
 		--disable-capabilities \
 		--localstatedir='/var/nepenthes' \
 		--with-curl-lib=${PREFIX}/lib
 
+FLAVORS=        prelude
+FLAVOR?=
+
+.if ${FLAVOR:L:Mprelude}
+LIB_DEPENDS+=   prelude.>=8::security/prelude/libprelude
+CONFIGURE_ENV=  CPPFLAGS="-I${LOCALBASE}/include  \
+                -I${LOCALBASE}/include/libprelude/" \
+		LDFLAGS="-L${LOCALBASE}/lib -pthread"
+WANTLIB+=	gcrypt gnutls gpg-error iconv intl pthread
+CONFIGURE_ARGS+=--enable-prelude
+MESSAGE=        ${PKGDIR}/MESSAGE-prelude
+.else
+LIB_DEPENDS+=	pq.>=4::databases/postgresql
+.endif
+
 pre-configure:
 	@perl -pi -e "s,%%SYSCONFDIR%%,${SYSCONFDIR}," \
 		${WRKBUILD}/conf/nepenthes.conf.dist

net/nepenthes/patches/patch-conf_nepenthes_conf_dist

@@ -1,6 +1,6 @@
-$OpenBSD: patch-conf_nepenthes_conf_dist,v 1.1 2006/07/31 13:02:18 aanriot Exp $
---- conf/nepenthes.conf.dist.orig	Sun Jul 30 11:59:05 2006
-+++ conf/nepenthes.conf.dist	Sun Jul 30 12:04:09 2006
+$OpenBSD: patch-conf_nepenthes_conf_dist,v 1.2 2007/04/15 11:58:25 aanriot Exp $
+--- conf/nepenthes.conf.dist.orig	Mon Nov 13 19:40:03 2006
++++ conf/nepenthes.conf.dist	Sat Apr  7 22:14:09 2007
 @@ -3,8 +3,8 @@
  
  nepenthes
@@ -12,7 +12,29 @@ $OpenBSD: patch-conf_nepenthes_conf_dist,v 1.1 2006/07/31 13:02:18 aanriot Exp $
  
      modules(
  //  module name (in moduledir)      config file (in moduleconfigdir)
-@@ -91,8 +91,8 @@ nepenthes
+@@ -30,17 +30,20 @@ nepenthes
+     "downloadtftp.so",              "download-tftp.conf",           ""
+     "downloadrcp.so",	            ""			            ""
+ 
++//  "sqlhandlerpostgres.so"       ""      ""  // load sqlhandler
++
+ // submission handler
+     "submitfile.so",                "submit-file.conf",             ""  // save to disk
+ //  "submitnorman.so",              "submit-norman.conf",           ""
+ //  "submitnepenthes.so",           "submit-nepenthes.conf",        ""  // send to download-nepenthes in other nepenthes instances
+ //  "submitxmlrpc.so",        	    "submit-xmlrpc.conf",           ""  // submit files to a xmlrpc server
++//  "submitpostgres.so",  "submit-postgres.conf",	""	// submit to postgresql server
+ 
+ // logging
+     "logdownload.so",               "log-download.conf",            ""
+ //  "logirc.so",                    "log-irc.conf",                 ""  // needs configuration
++//  "logprelude.so",                "log-prelude.conf",             ""  // enables prelude logging
+ 
+-
+ // dumping and logging
+     "moduleportwatch.so",           "module-portwatch.conf",        ""
+ 
+@@ -88,8 +91,8 @@ nepenthes
  
      logmanager
      {
@@ -23,7 +45,7 @@ $OpenBSD: patch-conf_nepenthes_conf_dist,v 1.1 2006/07/31 13:02:18 aanriot Exp $
      };
  
      modulemanager
-@@ -104,7 +104,7 @@ nepenthes
+@@ -101,7 +104,7 @@ nepenthes
      {
          strictfiletype              "1";
          // where does submit-file write to? set this to the same dir
@@ -32,7 +54,7 @@ $OpenBSD: patch-conf_nepenthes_conf_dist,v 1.1 2006/07/31 13:02:18 aanriot Exp $
      };
  
      downloadmanager
-@@ -123,11 +123,11 @@ nepenthes
+@@ -120,11 +123,11 @@ nepenthes
      
      utilities
      {

net/nepenthes/patches/patch-modules_download-curl_download-curl_cpp

@@ -1,7 +1,7 @@
-$OpenBSD: patch-modules_download-curl_download-curl_cpp,v 1.1 2006/11/17 18:16:03 naddy Exp $
---- modules/download-curl/download-curl.cpp.orig	Fri Nov 17 18:18:57 2006
-+++ modules/download-curl/download-curl.cpp	Fri Nov 17 18:19:19 2006
-@@ -230,7 +230,6 @@ bool CurlDownloadHandler::download(Downl
+$OpenBSD: patch-modules_download-curl_download-curl_cpp,v 1.2 2007/04/15 11:58:25 aanriot Exp $
+--- modules/download-curl/download-curl.cpp.orig	Mon Nov 13 20:40:06 2006
++++ modules/download-curl/download-curl.cpp	Sat Apr  7 21:32:52 2007
+@@ -230,7 +230,6 @@ bool CurlDownloadHandler::download(Download *down)
  				 down->getDownloadUrl()->getPort(),
  				 down->getDownloadUrl()->getPath().c_str());
  //        string auth = down->getDownloadUrl()->getUser() + ":" + down->getDownloadUrl()->getPass();

net/nepenthes/pkg/DESCR

@@ -2,3 +2,6 @@ Nepenthes can determine the malware activity on a network
 by deploying a nepenthes sensor (i.e. honeypot). The programm
 emulates different well known vulnerabilities waiting for
 malicious connections trying to exploit them.
+
+Flavors:
+	* prelude - build with prelude support

net/nepenthes/pkg/MESSAGE-prelude

@@ -0,0 +1,13 @@
+To start with nepenthes as sensor for prelude, you have to create a
+starting profile, e.g. "nepenthes" by running on the manager side:
+ 
+# prelude-adduser registration-server prelude-manager \
+        --uid=564 --gid=564
+ 
+and on the sensor side:
+ 
+# prelude-adduser register nepenthes "idmef:w" \
+        <manager address> --uid 564 --gid 564
+ 
+Then, fill in ${SYSCONFDIR}/nepenthes/log-prelude.conf if needed, before
+starting nepenthes.

net/nepenthes/pkg/PLIST

@@ -1,4 +1,6 @@
-@comment $OpenBSD: PLIST,v 1.3 2007/03/17 21:50:11 jolan Exp $
+@comment $OpenBSD: PLIST,v 1.4 2007/04/15 11:58:25 aanriot Exp $
+@newgroup _nepenthes:584
+@newuser _nepenthes:584:584:daemon:nepenthes user:/nonexistent:/sbin/nologin
 %%SHARED%%
 bin/nepenthes
 lib/nepenthes/
@@ -90,6 +92,24 @@ share/examples/nepenthes/nepenthes.conf
 share/examples/nepenthes/nepenthes.conf.dist
 share/examples/nepenthes/shellcode-generic.conf
 @sample ${SYSCONFDIR}/nepenthes/shellcode-generic.conf
+@owner _nepenthes
+@group _nepenthes
+@sample /var/nepenthes/
+@sample /var/nepenthes/binaries/
+@sample /var/nepenthes/cache/
+@sample /var/nepenthes/cache/nepenthes/
+@sample /var/nepenthes/cache/nepenthes/geolocation/
+@sample /var/nepenthes/cache/nepenthes/signatures/
+@sample /var/nepenthes/hexdumps/
+@sample /var/nepenthes/log/
+@sample /var/nepenthes/spool/
+@sample /var/nepenthes/spool/nepenthes/
+@sample /var/nepenthes/spool/nepenthes/gotek/
+@sample /var/nepenthes/spool/nepenthes/submitpostgres/
+share/examples/nepenthes/shellcode-signatures.sc
+@sample /var/nepenthes/cache/nepenthes/signatures/shellcode-signatures.sc
+@owner
+@group
 share/examples/nepenthes/submit-file.conf
 @sample ${SYSCONFDIR}/nepenthes/submit-file.conf
 share/examples/nepenthes/submit-gotek.conf
@@ -142,17 +162,4 @@ share/examples/nepenthes/vuln-wins.conf
 @sample ${SYSCONFDIR}/nepenthes/vuln-wins.conf
 share/examples/nepenthes/x-2.conf
 @sample ${SYSCONFDIR}/nepenthes/x-2.conf
-@sample /var/nepenthes/
-@sample /var/nepenthes/binaries/
-@sample /var/nepenthes/cache/
-@sample /var/nepenthes/cache/nepenthes/
-@sample /var/nepenthes/cache/nepenthes/geolocation/
-@sample /var/nepenthes/cache/nepenthes/signatures/
-share/examples/nepenthes/shellcode-signatures.sc
-@sample /var/nepenthes/cache/nepenthes/signatures/shellcode-signatures.sc
-@sample /var/nepenthes/hexdumps/
-@sample /var/nepenthes/log/
-@sample /var/nepenthes/spool/
-@sample /var/nepenthes/spool/nepenthes/
-@sample /var/nepenthes/spool/nepenthes/gotek/
 @extraunexec rm -fr /var/nepenthes/