mirror/freebsd-ports
1
0
Fork 0
mirror of https://git.FreeBSD.org/ports.git synced 2024-11-23 00:43:28 +00:00
Code Issues Releases Activity

- Update to 0.8.0

Browse Source 
- Optionng
- Trim header

PR:		174591
Submitted by:	maintainer
This commit is contained in:
Martin Wilke 2013-02-18 01:01:11 +00:00
parent 8e694fbb17
commit 262e62789b
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=312467
12 changed files with 236 additions and 242 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

89
security/sguil-server/Makefile
View File

@ -1,13 +1,8 @@
# New ports collection makefile for: sguil-server
# Date created: 9 Oct 2006
# Whom: Paul Schmehl <pauls@utdallas.edu>
#
# Created by: Paul Schmehl <pauls@utdallas.edu>
# $FreeBSD$
#
PORTNAME= sguil-server
PORTVERSION= 0.7.0
PORTREVISION= 4
PORTVERSION= 0.8.0
CATEGORIES= security
MASTER_SITES= SF/sguil/sguil/sguil-${PORTVERSION}
@ -20,48 +15,40 @@ RUN_DEPENDS= p0f:${PORTSDIR}/net-mgmt/p0f \
${LOCALBASE}/lib/tclx8.4/tclx.tcl:${PORTSDIR}/lang/tclX
LIB_DEPENDS= tls:${PORTSDIR}/devel/tcltls
OPTIONS_DEFINE= MYSQL
MYSQL_DESC= Depend on databases/mysqltcl
LICENSE_NAME= QPLv1.0
LICENSE_FILE= ${WRKSRC}/doc/LICENSE.QPL
LICENSE_PERMS= auto-accept
IS_INTERACTIVE= yes
NO_BUILD= yes
USE_RC_SUBR= sguild
TCLSH_CMD?= ${PREFIX}/bin/tclsh8.4
SGUILDIR?= sguil-server
TCL_VER= 8.5
TCLSH= tclsh${TCL_VER}
MYSQLTCL_CMDS= cd ${PORTSDIR}/databases/mysqltcl && ${MAKE} -V PORTVERSION
SGUILDIR?= sguild
WRKSRC= ${WRKDIR}/sguil-${PORTVERSION}
PATCH_WRKSRC= ${WRKSRC}/server
PLIST_SUB= SGUILDIR=${SGUILDIR}
SUB_FILES= pkg-message pkg-install pkg-deinstall
SUB_LIST= SGUILDIR=${SGUILDIR} TCLSH=${TCLSH_CMD} CURDIR=${.CURDIR} \
WRKSRC=${WRKSRC} DOCSDIR=${DOCSDIR}
LIBRARIES= SguildAccess.tcl SguildGenericDB.tcl SguildReportBuilder.tcl \
SguildAutoCat.tcl SguildGenericEvent.tcl SguildSendComms.tcl \
SguildClientCmdRcvd.tcl SguildHealthChecks.tcl SguildSensorAgentComms.tcl \
SguildConnect.tcl SguildLoaderd.tcl SguildSensorCmdRcvd.tcl \
SguildCreateDB.tcl SguildMysqlMerge.tcl SguildTranscript.tcl \
SguildEmailEvent.tcl SguildPadsLib.tcl SguildUtils.tcl \
SguildEvent.tcl SguildQueryd.tcl
SCRIPTS= create_ruledb.sql update_0.7.tcl update_sguildb_v7-v8.sql \
create_sguildb.sql update_sguildb_v10-v11.sql update_sguildb_v8-v9.sql \
migrate_event.tcl update_sguildb_v11-v12.sql update_sguildb_v9-v10.sql \
migrate_sancp.tcl update_sguildb_v5-v6.sql sancp_cleanup.tcl update_sguildb_v6-v7.sql
CONFS= autocat.conf sguild.access sguild.conf sguild.email sguild.queries sguild.reports sguild.users
SUB_LIST= SGUILDIR=${SGUILDIR} TCLSH=${TCLSH}
CONFS= autocat.conf sguild.access sguild.email sguild.reports sguild.conf sguild.queries sguild.users
PORTDOCS= CHANGES FAQ INSTALL INSTALL.openbsd LICENSE.QPL \
OPENSSL.README TODO UPGRADE USAGE sguildb.dia
PORTDOCS1= README
PORTDOCS2= CHANGES FAQ INSTALL INSTALL.openbsd OPENSSL.README TODO UPGRADE USAGE sguildb.dia
OPTIONS= MYSQL50 "Install mysql50 server" off
.include <bsd.port.options.mk>
.include <bsd.port.pre.mk>
.if defined(WITH_MYSQL50)
RUN_DEPENDS+= ${LOCALBASE}/libexec/mysqld:${PORTSDIR}/databases/mysql50-server
.if ${PORT_OPTIONS:MMYSQL}
@${ECHO_CMD} $$(${MYSQLTCL_CMDS})
RUN_DEPENDS+= ${LOCALBASE}/lib/mysqltcl-${MYSQLTCL_VER}:${PORTSDIR}/databases/mysqltcl
.endif
MYSQLTCL_VER!= cd ${PORTSDIR}/databases/mysqltcl && ${MAKE} -V PORTVERSION
RUN_DEPENDS+= ${LOCALBASE}/lib/mysqltcl-${MYSQLTCL_VER}:${PORTSDIR}/databases/mysqltcl
post-patch:
.for f in archive_sguildb.tcl sguild contrib/incident_report.tcl
@${REINPLACE_CMD} -e 's:exec tclsh:exec ${TCLSH_CMD}:g' ${WRKSRC}/server/${f}
.endfor
@${REINPLACE_CMD} 's|/bin/sh|/usr/local/bin/${TCLSH}|' \
${PATCH_WRKSRC}/sguild
pre-install:
.if !defined(BATCH) && !defined(PACKAGE_BUILDING)
@ -71,33 +58,31 @@ pre-install:
@${MKDIR} ${PREFIX}/etc/${SGUILDIR}
@${MKDIR} ${PREFIX}/lib/${SGUILDIR}
@${MKDIR} ${PREFIX}/share/${SGUILDIR}
@${MKDIR} ${PREFIX}/share/${SGUILDIR}/contrib
@${MKDIR} /var/run/${SGUILDIR}
do-install:
.for f in archive_sguildb.tcl sguild
${INSTALL_SCRIPT} -m 751 ${WRKSRC}/server/${f} ${PREFIX}/bin/${f}
.endfor
.for f in incident_report.tcl
${INSTALL_SCRIPT} -m 751 ${WRKSRC}/server/contrib/${f} ${PREFIX}/bin/${f}
(cd ${WRKSRC}/server/lib && ${COPYTREE_BIN} \* ${PREFIX}/lib/${SGUILDIR})
(cd ${WRKSRC}/server/sql_scripts && ${COPYTREE_SHARE} \* ${PREFIX}/share/${SGUILDIR})
(cd ${WRKSRC}/server/contrib && ${COPYTREE_SHARE} \* ${PREFIX}/share/${SGUILDIR}/contrib)
.for f in sguild
${INSTALL_SCRIPT} -m 555 ${WRKSRC}/server/${f} ${PREFIX}/bin/${f}
.endfor
.for f in ${CONFS}
${INSTALL_DATA} ${WRKSRC}/server/${f} ${PREFIX}/etc/${SGUILDIR}/${f}-sample
.endfor
.for f in ${LIBRARIES}
${INSTALL_DATA} ${WRKSRC}/server/lib/${f} ${PREFIX}/lib/${SGUILDIR}/${f}
.endfor
.for f in ${SCRIPTS}
${INSTALL_DATA} ${WRKSRC}/server/sql_scripts/${f} ${PREFIX}/share/${SGUILDIR}/${f}
${INSTALL_DATA} -m 441 ${PATCH_WRKSRC}/${f} ${PREFIX}/etc/${SGUILDIR}/${f}-sample
.endfor
post-install:
.if !defined(BATCH) && !defined(PACKAGE_BUILDING)
@${SETENV} ${SCRIPTS_ENV} PKG_PREFIX=${PREFIX} \
${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
.endif
.if !defined(NOPORTDOCS)
.if ${PORT_OPTIONS:MDOCS}
@${MKDIR} ${DOCSDIR}
cd ${WRKSRC}/doc && ${INSTALL_DATA} ${PORTDOCS} ${DOCSDIR}
cd ${WRKSRC} && ${INSTALL_DATA} ${PORTDOCS1} ${DOCSDIR}
cd ${WRKSRC}/doc && ${INSTALL_DATA} ${PORTDOCS2} ${DOCSDIR}
.endif
@${CAT} ${PKGMESSAGE}
.include <bsd.port.post.mk>
.include <bsd.port.mk>

4
security/sguil-server/distinfo
View File

@ -1,2 +1,2 @@
SHA256 (sguil-server-0.7.0.tar.gz) = 8ed845779c516b7bcb092454d339a26bca69f52689f9f07831fb41a3efe58809
SIZE (sguil-server-0.7.0.tar.gz) = 103440
SHA256 (sguil-server-0.8.0.tar.gz) = faa7152ddbdc0ba797c79d6419bf3ae50bfd6dbba4b2cd28ccb04a55ef788360
SIZE (sguil-server-0.8.0.tar.gz) = 102236

20
security/sguil-server/files/patch-lib-SguildLoaderd.tcl
View File

@ -1,15 +1,15 @@
--- lib/SguildLoaderd.tcl.orig 2007-09-25 14:17:13.000000000 +0000
+++ lib/SguildLoaderd.tcl 2011-08-11 20:22:18.000000000 +0000
@@ -129,7 +129,7 @@
--- lib/SguildLoaderd.tcl.orig 2012-10-12 21:07:19.000000000 +0000
+++ lib/SguildLoaderd.tcl 2012-10-12 21:15:06.000000000 +0000
@@ -124,7 +124,7 @@
INDEX dst_port (dst_port), \
INDEX src_port (src_port), \
INDEX start_time (start_time) \
- ) \
+ ) ENGINE=MyISAM \
+ )ENGINE=MyISAM \
"
# Create the table
@@ -182,7 +182,7 @@
@@ -177,7 +177,7 @@
INDEX dst_port (dst_port), \
INDEX src_port (src_port), \
INDEX start_time (start_time) \
@ -18,12 +18,12 @@
"
# Create our MERGE sancp table
mysqlexec $dbSocketID $createQuery
@@ -225,7 +225,7 @@
@@ -220,7 +220,7 @@
} else {
# Make sure its a MERGE table and not the old monster
set tableStatus [mysqlsel $LOADERD_DB_ID {SHOW TABLE STATUS LIKE 'sancp'} -flatlist]
- if { [lindex $tableStatus 1] != "MRG_MyISAM" } {
+ if { [lindex $tableStatus 1] != "MRG_MYISAM" } {
- if { $tableStatus != "" && ![ string equal -nocase [lindex $tableStatus 1] "MRG_MyISAM" ] } {
+ if { $tableStatus != "" && ![ string equal -nocase [lindex $tableStatus 1] "MRG_MYISAM" ] } {
ErrorMessage "ERROR: loaderd: You appear to be using an old version of the\n\
sguil database schema that does not support the MERGE sancp\n\
table. Please see the CHANGES document for more information\n."

8
security/sguil-server/files/patch-lib-SguildMysqlMerge.tcl
View File

@ -1,11 +1,11 @@
--- lib/SguildMysqlMerge.tcl.bak 2009-07-06 14:53:27.000000000 -0500
+++ lib/SguildMysqlMerge.tcl 2009-07-06 14:54:26.000000000 -0500
--- lib/SguildMysqlMerge.tcl.orig 2012-10-12 21:18:22.000000000 +0000
+++ lib/SguildMysqlMerge.tcl 2012-10-12 21:19:41.000000000 +0000
@@ -9,7 +9,7 @@
set tmpQry "SHOW TABLE STATUS LIKE '$tableName'"
set tableStatus [mysqlsel $MAIN_DB_SOCKETID $tmpQry -flatlist]
- if { $tableStatus != "" && [lindex $tableStatus 1] != "MRG_MyISAM" } {
+ if { $tableStatus != "" && [lindex $tableStatus 1] != "MRG_MYISAM" } {
- if { $tableStatus != "" && ![ string equal -nocase [lindex $tableStatus 1] "MRG_MyISAM" ] } {
+ if { $tableStatus != "" && ![ string equal -nocase [lindex $tableStatus 1] "MRG_MYISAM" ] } {
# Non MERGE table found.
set errorMsg "\n*************************************************************\n

84
security/sguil-server/files/patch-sguild
View File

@ -1,105 +1,99 @@
--- sguild.orig 2008-04-08 22:02:24.000000000 -0500
+++ sguild 2008-04-08 22:09:11.000000000 -0500
@@ -235,7 +235,7 @@
--- sguild.orig 2012-12-17 20:54:14.000000000 +0000
+++ sguild 2012-12-17 20:56:47.000000000 +0000
@@ -1,6 +1,4 @@
#!/bin/sh
-# Run tcl from users PATH \
-exec tclsh "$0" "$@"
# $Id: sguild,v 1.193 2011/05/29 15:41:16 bamm Exp $ #
@@ -218,7 +216,7 @@
##################################
# Do all priv account actions here.
-# Open log files/etc. Privs will be dropped after.
+# Open log files/usr/local/etc. Privs will be dropped after.
if { ![info exists LOG_PATH] } { set LOG_PATH /var/log/sguild }
@@ -318,7 +316,7 @@
# Check for certs
if {![info exists CERTS_PATH]} {
- set CERTS_PATH /etc/sguild/certs
+ set CERTS_PATH /usr/local/etc/sguil-server/certs
+ set CERTS_PATH /usr/local/etc/sguild/certs
}
@@ -265,13 +265,13 @@
@@ -348,13 +346,13 @@
if { ![info exists CONF_FILE] } {
# No conf file specified check the defaults
- if { [file exists /etc/sguild/sguild.conf] } {
- set CONF_FILE /etc/sguild/sguild.conf
+ if { [file exists /usr/local/etc/sguil-server/sguild.conf] } {
+ set CONF_FILE /usr/local/etc/sguil-server/sguild.conf
+ if { [file exists /usr/local/etc/sguild/sguild.conf] } {
+ set CONF_FILE /usr/local/etc/sguild/sguild.conf
} elseif { [file exists ./sguild.conf] } {
set CONF_FILE ./sguild.conf
} else {
puts "Couldn't determine where the sguil config file is"
- puts "Looked for ./sguild.conf and /etc/sguild/sguild.conf."
+ puts "Looked for ./sguild.conf and /usr/local/etc/sguil-server/sguild.conf."
+ puts "Looked for ./sguild.conf and /usr/local/etc/sguild/sguild.conf."
DisplayUsage $argv0
}
}
@@ -354,17 +354,17 @@
# Check for a valid USERS file
if { ![info exists USERS_FILE] } {
# No users file was specified. Go with the defaults
- if { [file exists /etc/sguild/sguild.users] } {
- set USERS_FILE "/etc/sguild/sguild.users"
+ if { [file exists /usr/local/etc/sguil-server/sguild.users] } {
+ set USERS_FILE "/usr/local/etc/sguil-server/sguild.users"
} elseif { [file exists ./sguild.users] } {
set USERS_FILE "./sguild.users"
} else {
if { [info exists ADDUSER] && $ADDUSER } {
- CreateUsersFile "/etc/sguild/sguild.users"
+ CreateUsersFile "/usr/local/etc/sguil-server/sguild.users"
} else {
set DEBUG 2
LogMessage "ERROR: Could not find a sguild.users file."
- LogMessage " Checked in ./ and /etc/sguild/"
+ LogMessage " Checked in ./ and /usr/local/etc/sguil-server/"
DisplayUsage $argv0
}
}
@@ -392,8 +392,8 @@
@@ -476,8 +474,8 @@
# Load accessfile
if { ![info exists ACCESS_FILE] } {
# Check the defaults
- if { [file exists /etc/sguild/sguild.access] } {
- set ACCESS_FILE "/etc/sguild/sguild.access"
+ if { [file exists /usr/local/etc/sguil-server/sguild.access] } {
+ set ACCESS_FILE "/usr/local/etc/sguil-server/sguild.access"
+ if { [file exists /usr/local/etc/sguild/sguild.access] } {
+ set ACCESS_FILE "/usr/local/etc/sguild/sguild.access"
} elseif { [file exists ./sguild.access] } {
set ACCESS_FILE "./sguild.access"
} else {
@@ -407,8 +407,8 @@
@@ -491,8 +489,8 @@
}
# Load auto cat config
if { ![info exists AUTOCAT_FILE] } {
- if { [file exists /etc/sguild/autocat.conf] } {
- set AUTOCAT_FILE "/etc/sguild/autocat.conf"
+ if { [file exists /usr/local/etc/sguil-server/autocat.conf] } {
+ set AUTOCAT_FILE "/usr/local/etc/sguil-server/autocat.conf"
+ if { [file exists /usr/local/etc/sguild/autocat.conf] } {
+ set AUTOCAT_FILE "/usr/local/etc/sguild/autocat.conf"
} else {
set AUTOCAT_FILE "./autocat.conf"
}
@@ -418,8 +418,8 @@
@@ -502,8 +500,8 @@
}
# Load email config file
if { ![info exists EMAIL_FILE] } {
- if { [file exists /etc/sguild/sguild.email] } {
- set EMAIL_FILE "/etc/sguild/sguild.email"
+ if { [file exists /usr/local/etc/sguil-server/sguild.email] } {
+ set EMAIL_FILE "/usr/local/etc/sguil-server/sguild.email"
+ if { [file exists /usr/local/etc/sguild/sguild.email] } {
+ set EMAIL_FILE "/usr/local/etc/sguild/sguild.email"
} else {
set EMAIL_FILE "./sguild.email"
}
@@ -431,8 +431,8 @@
@@ -515,8 +513,8 @@
}
# Load global queries.
if { ![info exists GLOBAL_QRY_FILE] } {
- if { [file exists /etc/sguild/sguild.queries] } {
- set GLOBAL_QRY_FILE "/etc/sguild/sguild.queries"
+ if { [file exists /usr/local/etc/sguil-server/sguild.queries] } {
+ set GLOBAL_QRY_FILE "/usr/local/etc/sguil-server/sguild.queries"
+ if { [file exists /usr/local/etc/sguild/sguild.queries] } {
+ set GLOBAL_QRY_FILE "/usr/local/etc/sguild/sguild.queries"
} else {
set GLOBAL_QRY_FILE "./sguild.queries"
}
@@ -444,8 +444,8 @@
@@ -528,8 +526,8 @@
}
# Load report queries.
if { ![info exists REPORT_QRY_FILE] } {
- if { [file exists /etc/sguild/sguild.reports] } {
- set REPORT_QRY_FILE "/etc/sguild/sguild.reports"
+ if { [file exists /usr/local/etc/sguil-server/sguild.reports] } {
+ set REPORT_QRY_FILE "/usr/local/etc/sguil-server/sguild.reports"
+ if { [file exists /usr/local/etc/sguild/sguild.reports] } {
+ set REPORT_QRY_FILE "/usr/local/etc/sguild/sguild.reports"
} else {
set REPORT_QRY_FILE "./sguild.reports"
}

2
security/sguil-server/files/patch-sguild.conf
View File

@ -5,7 +5,7 @@
# Path the sguild libs
-set SGUILD_LIB_PATH ./lib
+set SGUILD_LIB_PATH /usr/local/lib/sguil-server
+set SGUILD_LIB_PATH /usr/local/lib/sguild
# DEBUG 0=off 1=important stuff 2=everything. Option 2 is VERY chatty.
set DEBUG 2

179
security/sguil-server/files/patch-sql_scripts-create_sguildb.sql
View File

@ -1,52 +1,63 @@
--- sql_scripts/create_sguildb.sql.orig 2007-03-17 02:43:37.000000000 +0000
+++ sql_scripts/create_sguildb.sql 2011-08-09 22:21:09.000000000 +0000
@@ -52,10 +52,10 @@
--- sql_scripts/create_sguildb.sql.orig 2012-10-12 21:39:20.000000000 +0000
+++ sql_scripts/create_sguildb.sql 2012-10-12 21:53:42.000000000 +0000
@@ -3,7 +3,7 @@
-- CREATE DATABASE IF NOT EXISTS sguildb;
-- USE sguildb;
--- Depreciated for MRG_MyISAM tables
+-- Deprecated for MRG_MyISAM tables
-- CREATE TABLE event
-- (
-- sid INT UNSIGNED NOT NULL,
@@ -52,7 +52,7 @@
-- INDEX status (status),
-- INDEX abuse_queue (abuse_queue),
-- INDEX abuse_sent (abuse_sent)
---);
+-- );
---CREATE TABLE tcphdr
---(
+-- CREATE TABLE tcphdr
+-- (
-- sid INT UNSIGNED NOT NULL,
-- cid INT UNSIGNED NOT NULL,
-- tcp_seq INT UNSIGNED,
@@ -68,16 +68,16 @@
--- );
+-- )ENGINE=MyISAM;
-- CREATE TABLE tcphdr
-- (
@@ -66,7 +66,8 @@
-- tcp_win SMALLINT UNSIGNED,
-- tcp_csum SMALLINT UNSIGNED,
-- tcp_urp SMALLINT UNSIGNED,
-- PRIMARY KEY (sid,cid));
--- PRIMARY KEY (sid,cid));
+-- PRIMARY KEY (sid,cid)
+-- )ENGINE=MyISAM;
--
---CREATE TABLE udphdr
---(
+-- CREATE TABLE udphdr
+-- (
-- sid INT UNSIGNED NOT NULL,
-- CREATE TABLE udphdr
-- (
@@ -74,7 +75,8 @@
-- cid INT UNSIGNED NOT NULL,
-- udp_len SMALLINT UNSIGNED,
-- udp_csum SMALLINT UNSIGNED,
-- PRIMARY KEY (sid,cid));
--- PRIMARY KEY (sid,cid));
+-- PRIMARY KEY (sid,cid)
+-- )ENGINE=MyISAM;
--
---CREATE TABLE icmphdr
---(
+-- CREATE TABLE icmphdr
+-- (
-- sid INT UNSIGNED NOT NULL,
-- cid INT UNSIGNED NOT NULL,
-- CREATE TABLE icmphdr
-- (
@@ -83,14 +85,16 @@
-- icmp_csum SMALLINT UNSIGNED,
@@ -85,8 +85,8 @@
-- icmp_id SMALLINT UNSIGNED,
-- icmp_seq SMALLINT UNSIGNED,
-- PRIMARY KEY (sid,cid));
--- PRIMARY KEY (sid,cid));
+-- PRIMARY KEY (sid,cid)
+-- )ENGINE=MyISAM;
--
---CREATE TABLE data
---(
+-- CREATE TABLE data
+-- (
-- CREATE TABLE data
-- (
-- sid INT UNSIGNED NOT NULL,
-- cid INT UNSIGNED NOT NULL,
-- data_payload TEXT,
@@ -101,13 +101,13 @@
--- PRIMARY KEY (sid,cid));
+-- PRIMARY KEY (sid,cid)
+-- )ENGINE=MyISAM;
CREATE TABLE sensor
(
@@ -101,13 +105,13 @@
interface VARCHAR(255),
description TEXT,
bpf_filter TEXT,
@ -58,100 +69,108 @@
PRIMARY KEY (sid),
INDEX hostname_idx (hostname)
-);
+) ENGINE=MyISAM;
+)ENGINE=MyISAM;
CREATE TABLE portscan
(
@@ -119,7 +119,8 @@
@@ -119,9 +123,10 @@
dst_port INT UNSIGNED,
data TEXT,
INDEX ps_src_ip (src_ip),
- INDEX ps_timestamp (timestamp));
+ INDEX ps_timestamp (timestamp)
+) ENGINE=MyISAM;
-- Depreciated
-- CREATE TABLE sessions (
@@ -150,7 +151,7 @@
+)ENGINE=MyISAM;
--- Depreciated
+-- Deprecated
-- CREATE TABLE sessions (
-- sid INT UNSIGNED NOT NULL,
-- xid BIGINT UNSIGNED NOT NULL,
@@ -142,7 +147,8 @@
-- INDEX server (src_ip),
-- INDEX client (dst_ip),
-- INDEX sport (src_port),
--- INDEX cport (dst_port));
+-- INDEX cport (dst_port)
+-- )ENGINE=MyISAM;
CREATE TABLE status
(
@@ -150,7 +156,7 @@
description VARCHAR(255) NOT NULL,
long_desc VARCHAR(255),
PRIMARY KEY (status_id)
-);
+) ENGINE=MyISAM;
+)ENGINE=MyISAM;
CREATE TABLE history
(
@@ -161,7 +162,7 @@
@@ -161,7 +167,7 @@
status SMALLINT UNSIGNED NOT NULL,
comment VARCHAR(255),
INDEX log_time (timestamp)
-);
+) ENGINE=MyISAM;
+)ENGINE=MyISAM;
CREATE TABLE user_info
(
@@ -169,7 +170,7 @@
username VARCHAR(16) NOT NULL,
last_login DATETIME NOT NULL,
@@ -170,7 +176,7 @@
last_login DATETIME,
password VARCHAR(42),
PRIMARY KEY (uid)
-);
+) ENGINE=MyISAM;
+)ENGINE=MyISAM;
CREATE TABLE nessus_data
(
@@ -178,7 +179,8 @@
@@ -179,7 +185,8 @@
nessus_id INT UNSIGNED,
level VARCHAR(20),
description TEXT,
- INDEX rid (rid));
+ INDEX rid (rid)
+) ENGINE=MyISAM;
+)ENGINE=MyISAM;
CREATE TABLE nessus
(
@@ -188,7 +190,8 @@
@@ -189,7 +196,8 @@
timestart DATETIME,
timeend DATETIME,
PRIMARY KEY (rid),
- INDEX ip (ip));
+ INDEX ip (ip)
+) ENGINE=MyISAM;
+)ENGINE=MyISAM;
CREATE TABLE IF NOT EXISTS `pads`
(
@@ -203,12 +206,12 @@
@@ -204,10 +212,10 @@
application VARCHAR(255) NOT NULL,
hex_payload VARCHAR(255),
PRIMARY KEY (sid,asset_id)
-);
+) ENGINE=MyISAM;
+)ENGINE=MyISAM;
--
-- Depreciated for MERGE tables
---CREATE TABLE sancp
---(
+-- CREATE TABLE sancp
+-- (
--- Depreciated for MERGE tables
+-- Deprecated for MERGE tables
-- CREATE TABLE sancp
-- (
-- sid INT UNSIGNED NOT NULL,
-- sancpid BIGINT UNSIGNED NOT NULL,
-- start_time DATETIME NOT NULL,
@@ -231,8 +234,8 @@
@@ -232,7 +240,7 @@
-- INDEX dst_port (dst_port),
-- INDEX src_port (src_port),
-- INDEX start_time (start_time)
---);
---
+-- );
+--
--- );
+-- )ENGINE=MyISAM;
--
INSERT INTO status (status_id, description, long_desc) VALUES (0, "New", "Real Time Event");
INSERT INTO status (status_id, description, long_desc) VALUES (1, "No Further Action Required", "No Further Action Required");
@@ -250,7 +253,7 @@
@@ -251,7 +259,7 @@
(
version VARCHAR(32),
installed DATETIME
-);
+) ENGINE=MyISAM;
INSERT INTO version (version, installed) VALUES ("0.12", now());
+)ENGINE=MyISAM;
INSERT INTO version (version, installed) VALUES ("0.13", now());

4
security/sguil-server/files/pkg-deinstall.in
View File

@ -8,8 +8,8 @@ USER="sguil"
# Make sure we're in the right stage of the process
if [ "$2" = "DEINSTALL" ]; then
echo "Stopping sguild......"
%%PREFIX%%/etc/rc.d/sguild stop
%%PREFIX%%/etc/rc.d/sguild poll
%%PREFIX%%/etc/rc.d/sguild onestop
%%PREFIX%%/etc/rc.d/sguild onepoll
if [ ! ${BATCH} ]; then
echo "Would you like to remove the sguild certs?" ; read ans
case "$ans" in

2
security/sguil-server/files/pkg-install.in
View File

@ -396,6 +396,8 @@ esac
chown ${sguil_user}:${sguil_group} %%PREFIX%%/bin/${files}
fi
done
chown -R ${sguil_user}:${sguil_group} %%PREFIX%%/etc/%%SGUILDIR%%
chown -R ${sguil_user}:${sguil_group} %%PREFIX%%/lib/%%SGUILDIR%%
if [ ! -f %%PREFIX%%/bin/sguild ]; then
echo "Sguild is missing! Please correct the problem before continuing!"
exit 1

17
security/sguil-server/files/pkg-message.in
View File

@ -2,15 +2,6 @@
* !!!!!!!!!!! WARNING !!!!!!!!!!! *
***********************************
PLEASE NOTE: If you are upgrading from a previous version,
read the UPGRADE doc (in %%DOCSDIR%%) before proceeding!!!
Some noteworthy changes in version 0.7.0:
SSL is now required for server, sensor and client.
The sguild.conf and sguild.email files have changed.
You MUST run the upgrade_0.7.tcl script to clean up and
prepare the database before running the new version. BE SURE
TO BACK UP YOUR DATABASE BEFORE PROCEEDING!!!
If you had existing config files in %%PREFIX%%/etc/%%SGUILDIR%%
they were not overwritten. If this is a first time install, you
must copy the sample files to the corresponding conf file and
@ -24,10 +15,10 @@ NOTE: LOG_DIR is not set by this install. You MUST create the
correct LOG_DIRS and put a copy of the snort rules you use in
LOG_DIR/rules.
The sguild, archive_sguildb.tcl and incident_report.tcl scripts
were placed in %%PREFIX%%/bin/. The incident_report.tcl
script is from the contrib section. There is no documentation
and the script's variables must be edited before it is used.
The sguild program was placed in %%PREFIX%%/bin/.
Some contributed scripts were placed in
%%PREFIX%%/share/%%SGUILDIR%%/contrib
A startup script, named sguild.sh was installed in
%%PREFIX%%/etc/rc.d/. To enable it, edit /etc/rc.conf

36
security/sguil-server/files/sguild.in
View File

@ -9,43 +9,27 @@
# Add the following lines to /etc/rc.conf to enable sguild:
# sguild_enable (bool): Set to YES to enable sguild
# Default: NO
# The following commandline arguments are available for sguild
# " -c <filename>: PATH to the sguild config (sguild.conf) file."
# " -a <filename>: PATH to the autocat config (autocat.conf) file."
# " -g <filename>: PATH to the sguild global queries (sguild.queries) file."
# " -u <filename>: PATH to the sguild users (sguild.users) file."
# " -P <filename>: Name of file to write the PID to."
# " Default is /var/run/%%SGUILDIR%%/sguild.pid"
# " -l <filepath>: PATH to sguild libraries."
# " -O <filename>: Define PATH to tls (tcl openssl) lib (libtls1.x.so)"
# " -C <directory>: Directory that contains sguild.pem and sguild.key"
# " -D Runs sguild in daemon mode."
# " -A <filename>: PATH to sguild.access file."
# " -d <0|1|2>: Set DEBUG level"
# sguild_flags (str): Extra flags passed to sguild
# Default: -D -P ${pid}
# sguild_conf (str): Sguild configuration file
# Default: %%PREFIX%%/etc/%%SGUILDIR%%/sguild.conf
# sguild_user (str): Default: sguild
# sguild_user (str): Default: sguil
# Note: this value MUST be set in /etc/rc.conf if you do not accept the default
# user created by the pkg-install script
. /etc/rc.subr
load_rc_config sguild
# set some defaults
sguild_enable=${sguild_enable:-"NO"}
sguild_conf=${sguild_conf:-"/%%PREFIX%%/etc/%%SGUILDIR%%/sguild.conf"}
pid=${pid:-"/var/run/%%SGUILDIR%%/sguild.pid"}
sguild_flags=${sguild_flags:-"-D -P ${pid}"}
sguild_user=${sguild_user:-"sguil"}
name="sguild"
rcvar=sguild_enable
load_rc_config sguild
# set some defaults
: ${sguild_enable:="NO"}
: ${sguild_conf:="%%PREFIX%%/etc/%%SGUILDIR%%/sguild.conf"}
: ${pid:="/var/run/%%SGUILDIR%%/sguild.pid"}
: ${sguild_flags:="-D -P ${pid}"}
: ${sguild_user:="sguil"}
command="%%PREFIX%%/bin/${name}"
command_args="-c ${sguild_conf} ${sguild_flags}"
procname="%%TCLSH%%"
check_process="${procname}"
sguild_user="sguil"
procname="%%PREFIX%%/bin/%%TCLSH%%"
run_rc_command "$1"

33
security/sguil-server/pkg-plist
View File

@ -1,5 +1,3 @@
bin/archive_sguildb.tcl
bin/incident_report.tcl
bin/sguild
etc/%%SGUILDIR%%/autocat.conf-sample
etc/%%SGUILDIR%%/sguild.access-sample
@ -19,7 +17,9 @@ lib/%%SGUILDIR%%/SguildGenericDB.tcl
lib/%%SGUILDIR%%/SguildGenericEvent.tcl
lib/%%SGUILDIR%%/SguildHealthChecks.tcl
lib/%%SGUILDIR%%/SguildLoaderd.tcl
lib/%%SGUILDIR%%/SguildLoaderd.tcl.orig
lib/%%SGUILDIR%%/SguildMysqlMerge.tcl
lib/%%SGUILDIR%%/SguildMysqlMerge.tcl.orig
lib/%%SGUILDIR%%/SguildPadsLib.tcl
lib/%%SGUILDIR%%/SguildQueryd.tcl
lib/%%SGUILDIR%%/SguildReportBuilder.tcl
@ -28,20 +28,39 @@ lib/%%SGUILDIR%%/SguildSensorAgentComms.tcl
lib/%%SGUILDIR%%/SguildSensorCmdRcvd.tcl
lib/%%SGUILDIR%%/SguildTranscript.tcl
lib/%%SGUILDIR%%/SguildUtils.tcl
%%PORTDOCS%%%%DOCSDIR%%/CHANGES
%%PORTDOCS%%%%DOCSDIR%%/FAQ
%%PORTDOCS%%%%DOCSDIR%%/INSTALL
%%PORTDOCS%%%%DOCSDIR%%/INSTALL.openbsd
%%PORTDOCS%%%%DOCSDIR%%/OPENSSL.README
%%PORTDOCS%%%%DOCSDIR%%/README
%%PORTDOCS%%%%DOCSDIR%%/TODO
%%PORTDOCS%%%%DOCSDIR%%/UPGRADE
%%PORTDOCS%%%%DOCSDIR%%/USAGE
%%PORTDOCS%%%%DOCSDIR%%/sguildb.dia
share/%%SGUILDIR%%/contrib/incident_report.tcl
share/%%SGUILDIR%%/contrib/init/sguil
share/%%SGUILDIR%%/contrib/init/sguild
share/%%SGUILDIR%%/create_ruledb.sql
share/%%SGUILDIR%%/create_sguildb.sql
share/%%SGUILDIR%%/create_sguildb.sql.orig
share/%%SGUILDIR%%/migrate_event.tcl
share/%%SGUILDIR%%/migrate_sancp.tcl
share/%%SGUILDIR%%/sancp_cleanup.tcl
share/%%SGUILDIR%%/sancp_cleanup.tcl.orig
share/%%SGUILDIR%%/update_0.7.tcl
share/%%SGUILDIR%%/update_0.8.tcl
share/%%SGUILDIR%%/update_sguildb_v10-v11.sql
share/%%SGUILDIR%%/update_sguildb_v11-v12.sql
share/%%SGUILDIR%%/update_sguildb_v12-v13.sql
share/%%SGUILDIR%%/update_sguildb_v5-v6.sql
share/%%SGUILDIR%%/update_sguildb_v6-v7.sql
share/%%SGUILDIR%%/update_sguildb_v7-v8.sql
share/%%SGUILDIR%%/update_sguildb_v8-v9.sql
share/%%SGUILDIR%%/update_sguildb_v9-v10.sql
share/%%SGUILDIR%%/update_sguildb_v10-v11.sql
share/%%SGUILDIR%%/update_sguildb_v11-v12.sql
@dirrmtry etc/%%SGUILDIR%%/certs
@unexec if [ ! -f %D/etc/%%SGUILDIR%%/sguild.conf ] && [ ! -d %D/etc/%%SGUILDIR%%/certs ] ; then rmdir %D/etc/%%SGUILDIR%%; fi
@dirrm lib/%%SGUILDIR%%
@dirrm share/%%SGUILDIR%%/contrib/init
@dirrm share/%%SGUILDIR%%/contrib
@dirrm share/%%SGUILDIR%%
@dirrm lib/%%SGUILDIR%%
@dirrm etc/%%SGUILDIR%%
%%PORTDOCS%%@dirrm %%DOCSDIR%%