scanlogd is a TCP port scan detection tool by Solar Designer.

From Joshua Stein <jcs@rt.fm>

security/scanlogd/Makefile

@@ -0,0 +1,27 @@
+# $OpenBSD: Makefile,v 1.1.1.1 2000/08/16 07:32:44 camield Exp $
+
+DISTNAME=	scanlogd-2.1
+HOMEPAGE=	http://www.openwall.com/scanlogd/
+
+CATEGORIES=	security
+NEED_VERSION=	1.313
+MAINTAINER=	jcs@rt.fm
+
+MASTER_SITES=	ftp://ftp.openwall.com/scanlogd/ \
+		ftp://rt.fm/pub/scanlogd/
+
+PERMIT_PACKAGE_CDROM=	Yes
+PERMIT_PACKAGE_FTP=	Yes
+PERMIT_DISTFILES_CDROM=	Yes
+PERMIT_DISTFILES_FTP=	Yes
+
+BUILD_DEPENDS=	${PREFIX}/lib/libnet.a::net/libnet \
+		${PREFIX}/lib/libnids.a::net/libnids
+
+ALL_TARGET=	libnids
+
+do-install:
+	${INSTALL_PROGRAM} ${WRKSRC}/scanlogd   ${PREFIX}/sbin/scanlogd
+	${INSTALL_MAN}     ${WRKSRC}/scanlogd.8 ${PREFIX}/man/man8/scanlogd.8
+
+.include <bsd.port.mk>

security/scanlogd/files/md5

@@ -0,0 +1,3 @@
+MD5 (scanlogd-2.1.tar.gz) = 63ffab643c61f932faabed8c6aa2b68e
+RMD160 (scanlogd-2.1.tar.gz) = 221b2b87ca277de0a0332c16daf75d5af510ba67
+SHA1 (scanlogd-2.1.tar.gz) = c33515a8e9e7dc781b0c66529008ad5713531c55

security/scanlogd/patches/patch-Makefile

@@ -0,0 +1,15 @@
+$OpenBSD: patch-Makefile,v 1.1.1.1 2000/08/16 07:32:44 camield Exp $
+
+libnids needs libnet to compile.
+
+--- Makefile.orig	Mon Aug 14 09:37:37 2000
++++ Makefile	Mon Aug 14 09:37:52 2000
+@@ -8,7 +8,7 @@
+ PCAP_L = -lpcap
+ 
+ NIDS_H = -I/usr/local/include
+-NIDS_L = -L/usr/local/lib -lnids -lpcap
++NIDS_L = -L/usr/local/lib -lnids -lpcap -lnet
+ 
+ PROJ = scanlogd
+ 

security/scanlogd/pkg/COMMENT

@@ -0,0 +1 @@
+TCP port scan detection tool

security/scanlogd/pkg/DESCR

@@ -0,0 +1,7 @@
+scanlogd is a TCP port scan detection tool by Solar Designer.
+
+From the webpage:
+   "scanlogd is a TCP port scan detection tool, originally designed to
+    illustrate various attacks an IDS developer has to deal with.  Thus, 
+    unlike some of the other port scan detection tools out there, scanlogd
+    is designed to be totally safe to use."

security/scanlogd/pkg/MESSAGE

@@ -0,0 +1,22 @@
+
+scanlogd requires a seperate user and group named 'scanlogd' to run.  You
+will need to create these manually.
+
+Add a group:
+
+   groupadd scanlogd
+
+then find its gid:
+
+   grep scanlogd /etc/group | cut -f3 -d':'
+
+Now list all the uids to find the highest in use:
+
+   cut -f3 -d':' /etc/passwd
+
+add 1, and add the user with that uid and the gid added above:
+
+  chpass -l -a "scanlogd:*:$uid:$gid:::::/nonexistent:/sbin/nologin"
+
+The scanlogd program will automatically switch to this user upon startup.
+

security/scanlogd/pkg/PLIST

@@ -0,0 +1,3 @@
+@comment $OpenBSD: PLIST,v 1.1.1.1 2000/08/16 07:32:45 camield Exp $
+sbin/scanlogd
+man/man8/scanlogd.8