/[gentoo-x86]/net-firewall/psad/psad-2.1.7.ebuild
Gentoo

Contents of /net-firewall/psad/psad-2.1.7.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.5 - (show annotations) (download)
Tue Dec 21 13:52:48 2010 UTC (3 years, 7 months ago) by klausman
Branch: MAIN
Changes since 1.4: +2 -2 lines
Stable on alpha, bug #340777

(Portage version: 2.1.9.25/cvs/Linux x86_64)

1 # Copyright 1999-2010 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License v2
3 # $Header: /var/cvsroot/gentoo-x86/net-firewall/psad/psad-2.1.7.ebuild,v 1.4 2010/10/15 19:07:13 ranger Exp $
4
5 inherit eutils perl-app
6
7 IUSE=""
8
9 DESCRIPTION="Port Scanning Attack Detection daemon"
10 SRC_URI="http://www.cipherdyne.org/psad/download/${P}.tar.bz2"
11 HOMEPAGE="http://www.cipherdyne.org/psad"
12
13 SLOT="0"
14 LICENSE="GPL-2"
15 KEYWORDS="alpha amd64 ppc ~sparc x86"
16
17 DEPEND="${DEPEND}
18 dev-lang/perl"
19
20 RDEPEND="virtual/logger
21 dev-perl/Unix-Syslog
22 dev-perl/Date-Calc
23 virtual/mailx
24 net-firewall/iptables
25 net-misc/whois"
26
27 src_compile() {
28 cd "${S}"/deps/Net-IPv4Addr
29 SRC_PREP="no" perl-module_src_compile
30 emake test
31
32 cd "${S}"/deps/IPTables-Parse
33 SRC_PREP="no" perl-module_src_compile
34 emake test
35
36 cd "${S}"/deps/IPTables-ChainMgr
37 SRC_PREP="no" perl-module_src_compile
38 emake test
39
40 cd "${S}"
41 # We'll use the C binaries
42 emake || die "Make failed: daemons"
43 }
44
45 src_install() {
46 local myhostname=
47 local mydomain=
48
49 doman *.8
50
51 keepdir /var/lib/psad /var/log/psad /var/run/psad /var/lock/subsys/${PN}
52 dodir /etc/psad
53
54 cd "${S}"/deps/Net-IPv4Addr
55 perl-module_src_install
56
57 cd "${S}"/deps/IPTables-ChainMgr
58 perl-module_src_install
59
60 cd "${S}"/deps/IPTables-Parse
61 perl-module_src_install
62
63 cd "${S}"
64 insinto /usr
65 dosbin kmsgsd psad psadwatchd
66 newsbin fwcheck_psad.pl fwcheck_psad
67 newbin pscan psad-pscan
68
69 cd "${S}"
70
71 insinto /etc/psad
72 doins *.conf
73 doins psad_*
74 doins auto_dl icmp_types ip_options posf signatures pf.os
75
76 cd "${S}"/init-scripts
77 newinitd psad-init.gentoo psad
78
79 cd "${S}"/deps/snort_rules
80 dodir /etc/psad/snort_rules
81 insinto /etc/psad/snort_rules
82 doins *.rules
83
84 cd "${S}"
85 dodoc BENCHMARK CREDITS Change* FW_EXAMPLE_RULES README SCAN_LOG
86 }
87
88 pkg_preinst() {
89 cd "${S}"
90
91 # Set sane defaults in config file.
92 fix_psad_conf
93 }
94
95 pkg_postinst() {
96 if [ ! -p "${ROOT}"/var/lib/psad/psadfifo ]
97 then
98 ebegin "Creating syslog FIFO for PSAD"
99 mknod -m 600 "${ROOT}"/var/lib/psad/psadfifo p
100 eend $?
101 fi
102
103 echo
104 elog "Please be sure to edit /etc/psad/psad.conf to reflect your system's"
105 elog "configuration or it may not work correctly or start up. Specifically, check"
106 elog "the validity of the HOSTNAME setting and replace the EMAIL_ADDRESSES and"
107 elog "HOME_NET settings at the least."
108 elog
109 if has_version ">=app-admin/syslog-ng-0.0.0"
110 then
111 ewarn "You appear to have installed syslog-ng. If you are using syslog-ng as your"
112 ewarn "default system logger, please change the SYSLOG_DAEMON entry in"
113 ewarn "/etc/psad/psad.conf to the following (per examples in psad.conf):"
114 ewarn " SYSLOG_DAEMON syslog-ng;"
115 ewarn
116 fi
117 if has_version ">=app-admin/sysklogd-0.0.0"
118 then
119 elog "You have sysklogd installed. If this is your default system logger, no"
120 elog "special configuration is needed. If it is not, please set SYSLOG_DAEMON"
121 elog "in /etc/psad/psad.conf accordingly."
122 elog
123 fi
124 if has_version ">=app-admin/metalog-0.0"
125 then
126 ewarn "You appear to have installed metalog. If you are using metalog as your"
127 ewarn "default system logger, please change the SYSLOG_DAEMON entry in"
128 ewarn "/etc/psad/psad.conf to the following (per examples in psad.conf):"
129 ewarn " SYSLOG_DAEMON metalog"
130 fi
131
132 ewarn "NOTE: You need firewall rules to log dropped packets. Otherwise PSAD will"
133 ewarn "not be aware of any port scan attacks. Please see FW_EXAMPLE_RULES in the"
134 ewarn "psad documentation directory (ie /usr/share/doc/${P}) for the criteria and"
135 ewarn "sample rules."
136 }
137
138 fix_psad_conf() {
139 cp psad.conf psad.conf.orig
140
141 # Ditch the _CHANGEME_ for hostname, substituting in our real hostname
142 [ -e /etc/hostname ] && myhostname="$(< /etc/hostname)"
143 [ "${myhostname}" == "" ] && myhostname="$HOSTNAME"
144 mydomain=".$(grep ^domain /etc/resolv.conf | cut -d" " -f2)"
145 sed -i "s:HOSTNAME\(.\+\)\_CHANGEME\_;:HOSTNAME\1${myhostname}${mydomain};:" psad.conf || die "fix_psad_conf failed"
146
147 # Fix up paths
148 sed -i "s:/sbin/syslogd:/usr/sbin/syslogd:g" psad.conf || die "fix_psad_conf failed"
149 sed -i "s:/sbin/syslog-ng:/usr/sbin/syslog-ng:g" psad.conf || die "fix_psad_conf failed"
150 sed -i "s:/usr/bin/whois_psad:/usr/bin/whois:g" psad.conf || die "fix_psad_conf failed"
151 }

  ViewVC Help
Powered by ViewVC 1.1.20