import snort2pf 4.5

Snort2Pf is a small Perl daemon which greps Snort's alertfile and blocks the "naughty" hosts for a given amount of time using pfctl. feedback/ok aja@
2011-03-10 13:42:30 +00:00 · 2011-03-10 13:42:30 +00:00 · 1aea35ae9b
commit 1aea35ae9b
parent 6f29f141ba
6 changed files with 74 additions and 0 deletions
--- a/security/snort2pf/Makefile
+++ b/security/snort2pf/Makefile
@ -0,0 +1,32 @@
+# $OpenBSD: Makefile,v 1.1.1.1 2011/03/10 13:42:30 jasper Exp $
+
+COMMENT=		block "nasty" hosts with pf(4) based on Snort's rules
+
+DISTNAME=		snort2pf-4.5
+CATEGORIES=		security net
+
+HOMEPAGE=		http://sourceforge.net/projects/snort2pf/
+
+# BSD
+PERMIT_DISTFILES_FTP=   Yes
+PERMIT_DISTFILES_CDROM= Yes
+PERMIT_PACKAGE_FTP=     Yes
+PERMIT_PACKAGE_CDROM=   Yes
+
+MASTER_SITES=		${MASTER_SITE_SOURCEFORGE:=snort2pf/}
+
+PKG_ARCH=		*
+NO_BUILD=		Yes
+NO_REGRESS=		Yes
+
+RUN_DEPENDS=		net/p5-Net-Patricia
+
+do-configure:
+	@perl -pi -e 's,/usr/local,${TRUEPREFIX},g' \
+		${WRKSRC}/snort2pf.8
+
+do-install:
+	${INSTALL_SCRIPT} ${WRKSRC}/snort2pf{,mon} ${PREFIX}/sbin/
+	${INSTALL_MAN} ${WRKSRC}/*.8 ${PREFIX}/man/man8/
+
+.include <bsd.port.mk>
--- a/security/snort2pf/distinfo
+++ b/security/snort2pf/distinfo
@ -0,0 +1,5 @@
+MD5 (snort2pf-4.5.tar.gz) = ShR4yY7z4COuWSCW4j8mTw==
+RMD160 (snort2pf-4.5.tar.gz) = CkT54bXNpbUkzfMs7gBK+7VP+Tw=
+SHA1 (snort2pf-4.5.tar.gz) = 2KHP8Imugsf7jihsDtr/EMKlEVQ=
+SHA256 (snort2pf-4.5.tar.gz) = Gk9MbY23g5LADSY9LS9gBCCOVrAv3io5URPGn263JII=
+SIZE (snort2pf-4.5.tar.gz) = 11283
--- a/security/snort2pf/pkg/DESCR
+++ b/security/snort2pf/pkg/DESCR
@ -0,0 +1,2 @@
+Snort2Pf is a small Perl daemon which greps Snort's alertfile and blocks
+the "naughty" hosts for a given amount of time using pfctl.
--- a/security/snort2pf/pkg/PLIST
+++ b/security/snort2pf/pkg/PLIST
@ -0,0 +1,6 @@
+@comment $OpenBSD: PLIST,v 1.1.1.1 2011/03/10 13:42:30 jasper Exp $
+@man man/man8/snort2pf.8
+@man man/man8/snort2pfmon.8
+sbin/snort2pf
+sbin/snort2pfmon
+@rcscript ${RCDIR}/snort2pf
--- a/security/snort2pf/pkg/README
+++ b/security/snort2pf/pkg/README
@ -0,0 +1,15 @@
+$OpenBSD: README,v 1.1.1.1 2011/03/10 13:42:30 jasper Exp $
+
+Running snort2pf on OpenBSD
+==============================
+
+Adjusting pf.conf(5)
+--------------------
+In order to make use of snort2pf, one must add an anchor for in your pf.conf(5)
+file, like:
+
+  anchor snort2pf
+
+Or you can use a table, which is allows for more flexibility:
+
+  block in quick from <snort2pf>
--- a/security/snort2pf/pkg/snort2pf.rc
+++ b/security/snort2pf/pkg/snort2pf.rc
@ -0,0 +1,14 @@
+#!/bin/sh
+#
+# $OpenBSD: snort2pf.rc,v 1.1.1.1 2011/03/10 13:42:30 jasper Exp $
+
+daemon="${TRUEPREFIX}/sbin/snort2pf"
+
+. /etc/rc.d/rc.subr
+
+pexp="perl: snort2pf"
+
+rc_bg=YES
+rc_reload=NO
+
+rc_cmd $1