From a346b48e630e1747387dbbc77db3a8843e1b40df Mon Sep 17 00:00:00 2001 From: kevlo Date: Wed, 17 Dec 2008 01:34:53 +0000 Subject: [PATCH] initial import of bro-1.4 Bro is an open-source, Unix-based Network Intrusion Detection System (NIDS) that passively monitors network traffic and looks for suspicious activity. ok ajacoutot@ --- net/bro/Makefile | 39 +++++ net/bro/distinfo | 5 + net/bro/patches/patch-policy_Makefile_in | 12 ++ net/bro/pkg/DESCR | 3 + net/bro/pkg/PFRAG.shared | 2 + net/bro/pkg/PLIST | 190 +++++++++++++++++++++++ 6 files changed, 251 insertions(+) create mode 100644 net/bro/Makefile create mode 100644 net/bro/distinfo create mode 100644 net/bro/patches/patch-policy_Makefile_in create mode 100644 net/bro/pkg/DESCR create mode 100644 net/bro/pkg/PFRAG.shared create mode 100644 net/bro/pkg/PLIST diff --git a/net/bro/Makefile b/net/bro/Makefile new file mode 100644 index 00000000000..9050c8a95a4 --- /dev/null +++ b/net/bro/Makefile @@ -0,0 +1,39 @@ +# $OpenBSD: Makefile,v 1.1.1.1 2008/12/17 01:34:53 kevlo Exp $ + +COMMENT= highly flexible sniffer/NIDS + +V= 1.4 +DISTNAME= bro-${V}-release +PKGNAME= bro-${V} + +SHARED_LIBS= broccoli 0.0 # .2.0 + +CATEGORIES= net security + +HOMEPAGE= http://www.bro-ids.org/ + +MAINTAINER= Kevin Lo + +# BSD +PERMIT_PACKAGE_CDROM= Yes +PERMIT_PACKAGE_FTP= Yes +PERMIT_DISTFILES_CDROM= Yes +PERMIT_DISTFILES_FTP= Yes + +WANTLIB= c crypto m pcap ssl stdc++ termcap z + +MASTER_SITES= ftp://bro-ids.org/ + +LIB_DEPENDS= GeoIP.>=5::net/GeoIP \ + magic.>=1::devel/libmagic + +USE_LIBTOOL= Yes +CONFIGURE_STYLE=gnu + +WRKDIST= ${WRKDIR}/bro-${V} + +FAKE_FLAGS= sysconfdir=${PREFIX}/share/examples/bro + +NO_REGRESS= Yes + +.include diff --git a/net/bro/distinfo b/net/bro/distinfo new file mode 100644 index 00000000000..5e23d3d2276 --- /dev/null +++ b/net/bro/distinfo @@ -0,0 +1,5 @@ +MD5 (bro-1.4-release.tar.gz) = NgeuZcWZPKJQmyZ688gw8A== +RMD160 (bro-1.4-release.tar.gz) = TvG5YaY300vJAunf2u+D0P72cIc= +SHA1 (bro-1.4-release.tar.gz) = SVE2HhXUA+grqWgZ6Wq4/ZxT8J8= +SHA256 (bro-1.4-release.tar.gz) = xYX5gHfKNxtZ0S6+IJQY+Yq2FHU/TLY2jbr8fyKOeEo= +SIZE (bro-1.4-release.tar.gz) = 4203949 diff --git a/net/bro/patches/patch-policy_Makefile_in b/net/bro/patches/patch-policy_Makefile_in new file mode 100644 index 00000000000..77c870f9cce --- /dev/null +++ b/net/bro/patches/patch-policy_Makefile_in @@ -0,0 +1,12 @@ +$OpenBSD: patch-policy_Makefile_in,v 1.1.1.1 2008/12/17 01:34:53 kevlo Exp $ +--- policy/Makefile.in.orig Mon Dec 15 12:43:31 2008 ++++ policy/Makefile.in Mon Dec 15 12:43:44 2008 +@@ -436,7 +436,7 @@ install-data-hook: + $(INSTALL_DATA) smb-rw.bif.bro $(DESTDIR)${bropolicydir}/smb-rw.bif.bro + $(INSTALL_DATA) smtp-rw.bif.bro $(DESTDIR)${bropolicydir}/smtp-rw.bif.bro + $(INSTALL_DATA) strings.bif.bro $(DESTDIR)${bropolicydir}/strings.bif.bro +- test -d ${bropolicydir}/site || mkdir ${bropolicydir}/site ++ test -d $(DESTDIR)${bropolicydir}/site || mkdir $(DESTDIR)${bropolicydir}/site + + uninstall-local: + rm -f ${bropolicydir}/bro.bif.bro diff --git a/net/bro/pkg/DESCR b/net/bro/pkg/DESCR new file mode 100644 index 00000000000..6509b26e106 --- /dev/null +++ b/net/bro/pkg/DESCR @@ -0,0 +1,3 @@ +Bro is an open-source, Unix-based Network Intrusion Detection +System (NIDS) that passively monitors network traffic and looks +for suspicious activity. diff --git a/net/bro/pkg/PFRAG.shared b/net/bro/pkg/PFRAG.shared new file mode 100644 index 00000000000..98ff1216fa2 --- /dev/null +++ b/net/bro/pkg/PFRAG.shared @@ -0,0 +1,2 @@ +@comment $OpenBSD: PFRAG.shared,v 1.1.1.1 2008/12/17 01:34:53 kevlo Exp $ +@lib lib/libbroccoli.so.${LIBbroccoli_VERSION} diff --git a/net/bro/pkg/PLIST b/net/bro/pkg/PLIST new file mode 100644 index 00000000000..a02e6f6cdd8 --- /dev/null +++ b/net/bro/pkg/PLIST @@ -0,0 +1,190 @@ +@comment $OpenBSD: PLIST,v 1.1.1.1 2008/12/17 01:34:53 kevlo Exp $ +%%SHARED%% +@bin bin/bro +bin/broccoli-config +include/broccoli.h +lib/libbroccoli.a +lib/libbroccoli.la +share/bro/ +share/bro/OS-fingerprint.bro +share/bro/adu.bro +share/bro/alarm.bro +share/bro/analy.bro +share/bro/anon.bro +share/bro/arp.bro +share/bro/backdoor.bro +share/bro/bittorrent.bro +share/bro/blaster.bro +share/bro/bro.bif.bro +share/bro/bro.init +share/bro/brolite-backdoor.bro +share/bro/brolite-sigs.bro +share/bro/brolite.bro +share/bro/bt-tracker.bro +share/bro/capture-events.bro +share/bro/capture-state-updates.bro +share/bro/checkpoint.bro +share/bro/clear-passwords.bro +share/bro/common-rw.bif.bro +share/bro/conn-flood.bro +share/bro/conn-id.bro +share/bro/conn.bro +share/bro/const.bif.bro +share/bro/contents.bro +share/bro/cpu-adapt.bro +share/bro/demux.bro +share/bro/detect-protocols-http.bro +share/bro/detect-protocols.bro +share/bro/dhcp.bro +share/bro/dns-anonymizer.bro +share/bro/dns-info.bro +share/bro/dns-lookup.bro +share/bro/dns-rw.bif.bro +share/bro/dns.bro +share/bro/dpd.bro +share/bro/drop-adapt.bro +share/bro/drop.bro +share/bro/dyn-disable.bro +share/bro/event.bif.bro +share/bro/file-flush.bro +share/bro/finger-rw.bif.bro +share/bro/finger.bro +share/bro/firewall.bro +share/bro/flag-irc.bro +share/bro/flag-warez.bro +share/bro/frag.bro +share/bro/ftp-anonymizer.bro +share/bro/ftp-cmd-arg.bro +share/bro/ftp-reply-pattern.bro +share/bro/ftp-rw.bif.bro +share/bro/ftp-safe-words.bro +share/bro/ftp.bro +share/bro/gnutella.bro +share/bro/hand-over.bro +share/bro/heavy-analysis.bro +share/bro/heavy.http.bro +share/bro/heavy.irc.bro +share/bro/heavy.scan.bro +share/bro/heavy.software.bro +share/bro/heavy.trw.bro +share/bro/hot-ids.bro +share/bro/hot.bro +share/bro/http-abstract.bro +share/bro/http-anon-server.bro +share/bro/http-anon-useragent.bro +share/bro/http-anon-utils.bro +share/bro/http-anonymizer.bro +share/bro/http-body.bro +share/bro/http-entity.bro +share/bro/http-event.bro +share/bro/http-extract-items.bro +share/bro/http-header.bro +share/bro/http-identified-files.bro +share/bro/http-reply.bro +share/bro/http-request.bro +share/bro/http-rewriter.bro +share/bro/http-rw.bif.bro +share/bro/http.bro +share/bro/icmp.bro +share/bro/ident-rewriter.bro +share/bro/ident-rw.bif.bro +share/bro/ident.bro +share/bro/inactivity.bro +share/bro/interconn.bro +share/bro/irc-bot.bro +share/bro/irc.bro +share/bro/large-conns.bro +share/bro/listen-clear.bro +share/bro/listen-ssl.bro +share/bro/load-level.bro +share/bro/load-sample.bro +share/bro/log-append.bro +share/bro/login.bro +share/bro/mime-pop.bro +share/bro/mime.bro +share/bro/mt.bro +share/bro/netflow.bro +share/bro/netstats.bro +share/bro/nfs.bro +share/bro/notice-action-filters.bro +share/bro/notice-policy.bro +share/bro/notice.bro +share/bro/ntp.bro +share/bro/passwords.bro +share/bro/pcap.bro +share/bro/peer-status.bro +share/bro/pkt-profile.bro +share/bro/pop3.bro +share/bro/port-name.bro +share/bro/portmapper.bro +share/bro/print-filter.bro +share/bro/print-globals.bro +share/bro/print-resources.bro +share/bro/print-sig-states.bro +share/bro/profiling.bro +share/bro/proxy.bro +share/bro/remote-pcap.bro +share/bro/remote-ping.bro +share/bro/remote-print-id-reply.bro +share/bro/remote-print-id.bro +share/bro/remote-print.bro +share/bro/remote-report-notices.bro +share/bro/remote-send-id.bro +share/bro/remote.bro +share/bro/rotate-logs.bro +share/bro/rsh.bro +share/bro/scan.bro +share/bro/secondary-filter.bro +share/bro/sensor-sshd.bro +share/bro/server-ports.bro +share/bro/service-probe.bro +share/bro/signatures.bro +share/bro/sigs/ +share/bro/sigs/dpd.sig +share/bro/sigs/ex.web-rules.sig +share/bro/sigs/p0fsyn.osf +share/bro/sigs/snort-default.sig +share/bro/sigs/ssl-worm.sig +share/bro/sigs/worm.sig +share/bro/site/ +share/bro/site.bro +share/bro/smb-rw.bif.bro +share/bro/smtp-relay.bro +share/bro/smtp-rewriter.bro +share/bro/smtp-rw.bif.bro +share/bro/smtp.bro +share/bro/snort.bro +share/bro/software.bro +share/bro/ssh-stepping.bro +share/bro/ssh.bro +share/bro/ssl-alerts.bro +share/bro/ssl-ciphers.bro +share/bro/ssl-errors.bro +share/bro/ssl-worm.bro +share/bro/ssl.bro +share/bro/stats.bro +share/bro/stepping.bro +share/bro/strings.bif.bro +share/bro/synflood.bro +share/bro/targeted-scan.bro +share/bro/tcp.bro +share/bro/terminate-connection.bro +share/bro/tftp.bro +share/bro/time-machine/ +share/bro/time-machine/time-machine.bro +share/bro/time-machine/tm-capture.bro +share/bro/time-machine/tm-class.bro +share/bro/time-machine/tm-contents.bro +share/bro/time-machine/tm-ftp.bro +share/bro/time-machine/tm-gap.bro +share/bro/time-machine/tm-http.bro +share/bro/trw-impl.bro +share/bro/trw.bro +share/bro/udp-common.bro +share/bro/udp.bro +share/bro/vlan.bro +share/bro/weird.bro +share/bro/worm.bro +share/examples/bro/ +share/examples/bro/broccoli.conf +@sample ${SYSCONFDIR}/broccoli.conf