update: net/nepenthes
nepenthes was released to public today, however i've been running this
for a long time.
ok?
cheers,
rui
Index: Makefile
===
RCS file: /cvs/ports/net/nepenthes/Makefile,v
retrieving revision 1.19
diff -u -r1.19 Makefile
--- Makefile14 Feb 2008 21:36:27 - 1.19
+++ Makefile14 Feb 2008 22:01:58 -
@@ -3,8 +3,7 @@
COMMENT= determine the malware activity on a network
-DISTNAME= nepenthes-20070830
-PKGNAME= ${DISTNAME}p4
+DISTNAME= nepenthes-0.2.2
CATEGORIES=net
HOMEPAGE= http://nepenthes.mwcollect.org/
@@ -17,7 +16,7 @@
PERMIT_DISTFILES_CDROM=Yes
PERMIT_DISTFILES_FTP= Yes
-MASTER_SITES= http://www.bsdfrog.org/OpenBSD/distfiles/
+MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=nepenthes/}
USE_LIBTOOL= Yes
LIBTOOL_FLAGS+=--tag=disable-static
Index: distinfo
===
RCS file: /cvs/ports/net/nepenthes/distinfo,v
retrieving revision 1.5
diff -u -r1.5 distinfo
--- distinfo2 Sep 2007 22:42:55 - 1.5
+++ distinfo14 Feb 2008 22:01:58 -
@@ -1,5 +1,5 @@
-MD5 (nepenthes-20070830.tar.gz) = SWGBdSlEWf8ScjCobcAo+w==
-RMD160 (nepenthes-20070830.tar.gz) = XAvJ5pp+3EI5xDG8yoJpnSccSpM=
-SHA1 (nepenthes-20070830.tar.gz) = ixI9s6wIPxeDfedCJnznRCf+ZRU=
-SHA256 (nepenthes-20070830.tar.gz) =
sDaTUSWXkrWPs+hzs04WZ+X1hvrLLQ4mjNAggxCKOxM=
-SIZE (nepenthes-20070830.tar.gz) = 1881994
+MD5 (nepenthes-0.2.2.tar.gz) = doFVfs5MBei2Afmcp9p5/w==
+RMD160 (nepenthes-0.2.2.tar.gz) = ubMMfYWansMpRaiRinUYfWciVas=
+SHA1 (nepenthes-0.2.2.tar.gz) = zJdAMYsGbk7whcnTYLJJMtO+ecg=
+SHA256 (nepenthes-0.2.2.tar.gz) = HqeWm0HvTGivaPRiBxeJlu/G4bXxBG8JDkUNUqH61k4=
+SIZE (nepenthes-0.2.2.tar.gz) = 936776
Index: patches/patch-Makefile_in
===
RCS file: /cvs/ports/net/nepenthes/patches/patch-Makefile_in,v
retrieving revision 1.4
diff -u -r1.4 patch-Makefile_in
--- patches/patch-Makefile_in 2 Sep 2007 22:42:55 - 1.4
+++ patches/patch-Makefile_in 14 Feb 2008 22:01:58 -
@@ -1,16 +1,16 @@
-$OpenBSD: patch-Makefile_in,v 1.4 2007/09/02 22:42:55 rui Exp $
Makefile.in.orig Sun Apr 29 14:29:35 2007
-+++ Makefile.inSun Apr 29 14:31:50 2007
-@@ -214,7 +214,7 @@ AUTOMAKE_OPTIONS = foreign
- SUBDIRS = nepenthes-core modules
- #tools
- EXTRA_DIST = configure.ac CHANGES doc/README.VFS doc/logo-shaded.svg
doc/nepenthes.8 conf/nepenthes.conf.dist
+$OpenBSD$
+--- Makefile.in.orig Thu Dec 13 22:02:56 2007
Makefile.inThu Dec 13 22:05:21 2007
+@@ -191,7 +191,7 @@ build_os = @build_os@
+ build_vendor = @build_vendor@
+ datadir = @datadir@
+ datarootdir = @datarootdir@
-docdir = $(prefix)/share/doc
+docdir = $(prefix)/share/doc/nepenthes
- doc_DATA = doc/README.VFS doc/logo-shaded.svg
-
- #sysconf_DATA = conf/nepenthes.conf.dist
-@@ -707,21 +707,9 @@ install-data-local:
+ dvidir = @dvidir@
+ exec_prefix = @exec_prefix@
+ host = @host@
+@@ -714,21 +714,9 @@ install-data-local:
$(mkinstalldirs) $(DESTDIR)$(mandir)
$(mkinstalldirs) $(DESTDIR)$(mandir)/man8
$(INSTALL_DATA) $(srcdir)/doc/nepenthes.8
$(DESTDIR)$(mandir)/man8/nepenthes.8;
Index: patches/patch-modules_download-ftp_CTRLDialogue_cpp
===
RCS file: patches/patch-modules_download-ftp_CTRLDialogue_cpp
diff -N patches/patch-modules_download-ftp_CTRLDialogue_cpp
--- patches/patch-modules_download-ftp_CTRLDialogue_cpp 13 Dec 2007 21:47:32
- 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -
@@ -1,29 +0,0 @@
-$OpenBSD: patch-modules_download-ftp_CTRLDialogue_cpp,v 1.1 2007/12/13
21:47:32 rui Exp $
modules/download-ftp/CTRLDialogue.cpp.orig Sat Dec 8 19:52:46 2007
-+++ modules/download-ftp/CTRLDialogue.cpp Sat Dec 8 19:57:35 2007
-@@ -28,6 +28,7 @@
- /* $Id: patch-modules_download-ftp_CTRLDialogue_cpp,v 1.1 2007/12/13
21:47:32 rui Exp $ */
-
- #include sys/types.h
-+#include sys/param.h
- #include sys/socket.h
- #include netinet/in.h
- #include arpa/inet.h
-@@ -455,10 +456,17 @@ void CTRLDialogue::sendPort()
-
-
- asprintf(nmsg,PORT %d,%d,%d,%d,%d,%d\r\n,
-+#if BYTE_ORDER == BIG_ENDIAN
-+ (int32_t)(ip 24) 0xff,
-+ (int32_t)(ip 16) 0xff,
-+ (int32_t)(ip 8) 0xff,
- (int32_t)ip 0xff,
-+#else
-+ (int32_t)ip 0xff,
- (int32_t)(ip 8) 0xff,
- (int32_t)(ip 16) 0xff,
- (int32_t)(ip 24) 0xff,
-+#endif
- (int32_t)(port 8) 0xff,
- (int32_t)port 0xff);
- logDebug(FTPSEND: '%s'\n,nmsg);
Index: patches/patch-modules_shellcode-signatures_sch_namespace_cpp
===
RCS file:
update: net/nepenthes
The following diff updates nepenthes to a recent svn snapshot so that
we can fix prelude flavor as pointed by aanriot@ here:
http://marc.info/?l=openbsd-ports-cvsm=118858844120340w=2
ajacoutot@ was kind enough to host the distfile, thanks.
please test.
ok?
cheers,
rui
Index: Makefile
===
RCS file: /cvs/ports/net/nepenthes/Makefile,v
retrieving revision 1.12
diff -u -r1.12 Makefile
--- Makefile27 May 2007 20:49:26 - 1.12
+++ Makefile31 Aug 2007 09:53:07 -
@@ -1,10 +1,9 @@
# $OpenBSD: Makefile,v 1.12 2007/05/27 20:49:26 aanriot Exp $
SHARED_ONLY= Yes
-COMMENT= determine the malware activity on a network
+COMMENT= determine the malware activity on a network
-DISTNAME= nepenthes-0.2.0
-PKGNAME= ${DISTNAME}p2
+DISTNAME= nepenthes-20070830
CATEGORIES=net
HOMEPAGE= http://nepenthes.mwcollect.org/
@@ -17,7 +16,7 @@
PERMIT_DISTFILES_CDROM=Yes
PERMIT_DISTFILES_FTP= Yes
-MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=nepenthes/}
+MASTER_SITES= http://www.obsd.fr/OpenBSD/distfiles/
USE_LIBTOOL= Yes
LIBTOOL_FLAGS+=--tag=disable-static
@@ -46,8 +45,6 @@
FLAVOR?=
.if ${FLAVOR:L:Mprelude}
-BROKEN=phreading issues
-
LIB_DEPENDS+= prelude.=8::security/prelude/libprelude
CONFIGURE_ENV= CPPFLAGS=-I${LOCALBASE}/include \
-I${LOCALBASE}/include/libprelude/ \
Index: distinfo
===
RCS file: /cvs/ports/net/nepenthes/distinfo,v
retrieving revision 1.4
diff -u -r1.4 distinfo
--- distinfo5 Apr 2007 16:20:11 - 1.4
+++ distinfo31 Aug 2007 09:53:07 -
@@ -1,5 +1,5 @@
-MD5 (nepenthes-0.2.0.tar.gz) = MSO2JwBAOouutZeynQdXeQ==
-RMD160 (nepenthes-0.2.0.tar.gz) = vWzA17aLWbgMeykU2xCydRVqq+w=
-SHA1 (nepenthes-0.2.0.tar.gz) = c3RKtNN0SHeRbO5b0djp5+O0M9U=
-SHA256 (nepenthes-0.2.0.tar.gz) = ozpWt5G/txVZ4SEXUQZ4MIeuMdFHNiyfF+oReWpok4o=
-SIZE (nepenthes-0.2.0.tar.gz) = 913270
+MD5 (nepenthes-20070830.tar.gz) = SWGBdSlEWf8ScjCobcAo+w==
+RMD160 (nepenthes-20070830.tar.gz) = XAvJ5pp+3EI5xDG8yoJpnSccSpM=
+SHA1 (nepenthes-20070830.tar.gz) = ixI9s6wIPxeDfedCJnznRCf+ZRU=
+SHA256 (nepenthes-20070830.tar.gz) =
sDaTUSWXkrWPs+hzs04WZ+X1hvrLLQ4mjNAggxCKOxM=
+SIZE (nepenthes-20070830.tar.gz) = 1881994
Index: patches/patch-Makefile_in
===
RCS file: /cvs/ports/net/nepenthes/patches/patch-Makefile_in,v
retrieving revision 1.3
diff -u -r1.3 patch-Makefile_in
--- patches/patch-Makefile_in 17 Mar 2007 21:50:11 - 1.3
+++ patches/patch-Makefile_in 31 Aug 2007 09:53:07 -
@@ -1,16 +1,16 @@
-$OpenBSD: patch-Makefile_in,v 1.3 2007/03/17 21:50:11 jolan Exp $
Makefile.in.orig Mon Nov 13 19:51:10 2006
-+++ Makefile.inWed Nov 15 20:16:05 2006
-@@ -188,7 +188,7 @@ build_os = @build_os@
- build_vendor = @build_vendor@
- datadir = @datadir@
- datarootdir = @datarootdir@
+$OpenBSD$
+--- Makefile.in.orig Sun Apr 29 14:29:35 2007
Makefile.inSun Apr 29 14:31:50 2007
+@@ -214,7 +214,7 @@ AUTOMAKE_OPTIONS = foreign
+ SUBDIRS = nepenthes-core modules
+ #tools
+ EXTRA_DIST = configure.ac CHANGES doc/README.VFS doc/logo-shaded.svg
doc/nepenthes.8 conf/nepenthes.conf.dist
-docdir = $(prefix)/share/doc
+docdir = $(prefix)/share/doc/nepenthes
- dvidir = @dvidir@
- exec_prefix = @exec_prefix@
- host = @host@
-@@ -711,21 +711,9 @@ install-data-local:
+ doc_DATA = doc/README.VFS doc/logo-shaded.svg
+
+ #sysconf_DATA = conf/nepenthes.conf.dist
+@@ -707,21 +707,9 @@ install-data-local:
$(mkinstalldirs) $(DESTDIR)$(mandir)
$(mkinstalldirs) $(DESTDIR)$(mandir)/man8
$(INSTALL_DATA) $(srcdir)/doc/nepenthes.8
$(DESTDIR)$(mandir)/man8/nepenthes.8;
Index: patches/patch-conf_nepenthes_conf_dist
===
RCS file: /cvs/ports/net/nepenthes/patches/patch-conf_nepenthes_conf_dist,v
retrieving revision 1.2
diff -u -r1.2 patch-conf_nepenthes_conf_dist
--- patches/patch-conf_nepenthes_conf_dist 15 Apr 2007 11:58:25 -
1.2
+++ patches/patch-conf_nepenthes_conf_dist 31 Aug 2007 09:53:07 -
@@ -1,6 +1,6 @@
-$OpenBSD: patch-conf_nepenthes_conf_dist,v 1.2 2007/04/15 11:58:25 aanriot Exp
$
conf/nepenthes.conf.dist.orig Mon Nov 13 19:40:03 2006
-+++ conf/nepenthes.conf.dist Sat Apr 7 22:14:09 2007
+$OpenBSD$
+--- conf/nepenthes.conf.dist.orig Sat May 26 01:50:10 2007
conf/nepenthes.conf.dist Sat May 26 01:53:31 2007
@@ -3,8 +3,8 @@
nepenthes
@@ -12,7 +12,7 @@
modules(
// module name (in moduledir) config file (in moduleconfigdir)
-@@ -30,17 +30,20 @@ nepenthes
+@@ -30,6 +30,8 @@ nepenthes
downloadtftp.so, download-tftp.conf,
downloadrcp.so,
@@ -21,40 +21,27 @@
// submission handler
update: net/nepenthes
Here's an update to net/nepenthes: http://rui.cx/ports/nepenthes-0.2.0p0.diff This update brings some changes: * prelude flavor added * postgresql is enabled by default * adds user and group _nepenthes Prelude is an opensource Hybrid IDS framework, which is able to use different sensors like snort or nepenthes. This flavor wasn't added before because it was broken till nepenthes 0.2.0. Prelude flavor was already tested with the latest prelude version, with diffs from aanriot@, that is with: prelude-libprelude-0.9.13.2 prelude-libpreludedb-0.9.12 prelude-libpreludedb-pgsql-0.9.12 prelude-manager-0.9.7.2 prelude-prewikka-0.9.9 libprelude, libpreludedb, prelude-manager, prelude-prewikka and nepenthes work for me on i386, amd64 and sparc64. Rui Reis
Re: update: net/nepenthes
prelude-libprelude-0.9.13.2 prelude-libpreludedb-0.9.12 prelude-libpreludedb-pgsql-0.9.12 prelude-manager-0.9.7.2 prelude-prewikka-0.9.9 If you are using prelude, you can test updates located at: http://www.atlantilde.com/~aanriot/ports/ It will be commited with the nepenthes changes in the next few days.
Update: net/nepenthes
Here's an update for nepenthes 0.2.0, works fine for me on i386, amd64 and macppc. http://rui.cx/ports/nepenthes-0.2.0.diff Changelog available here: https://sourceforge.net/project/shownotes.php?release_id=463351group_id=137598 Test and comment. Rui Reis
Re: Update: net/nepenthes
Works for me on i386 and amd64. On Fri, Mar 16, 2007 at 09:11:04PM +, Rui Reis wrote: Here's an update for nepenthes 0.2.0, works fine for me on i386, amd64 and macppc. http://rui.cx/ports/nepenthes-0.2.0.diff Changelog available here: https://sourceforge.net/project/shownotes.php?release_id=463351group_id=137598 Test and comment. Rui Reis
Re: Update: net/nepenthes
On Fri, Mar 16, 2007 at 09:11:04PM +, Rui Reis wrote: Here's an update for nepenthes 0.2.0, works fine for me on i386, amd64 and macppc. http://rui.cx/ports/nepenthes-0.2.0.diff works for me on sparc64. If you have an uptodate bsd.port.mk you may run make makesum to regenerate the checksums. The sha256 checksum is currently missing in distinfo. Changelog available here: https://sourceforge.net/project/shownotes.php?release_id=463351group_id=137598 Test and comment. Rui Reis Regards, Markus
Re: Update: net/nepenthes
On Sat, 17 Mar 2007 00:36:43 +0100 Markus Lude [EMAIL PROTECTED] wrote: On Fri, Mar 16, 2007 at 09:11:04PM +, Rui Reis wrote: Here's an update for nepenthes 0.2.0, works fine for me on i386, amd64 and macppc. http://rui.cx/ports/nepenthes-0.2.0.diff works for me on sparc64. If you have an uptodate bsd.port.mk you may run make makesum to regenerate the checksums. The sha256 checksum is currently missing in distinfo. oops, sure, diff pending for a long time... forgot distinfo. fixed. thanks! Regards, Rui Reis Changelog available here: https://sourceforge.net/project/shownotes.php?release_id=463351group_id=137598 Test and comment. Rui Reis Regards, Markus
Update: net/nepenthes
Here's an update for nepenthes 0.1.7, works fine for me on i386, amd64, macppc and sparc64. http://www.openbsd-pt.com/ports/nepenthes-0.1.7.diff Changelog available here: http://sourceforge.net/project/shownotes.php?release_id=412256group_id=137598 Test and comment. Rui Reis
