~alpine/devel

1

[alpine-devel] [PATCH 3/5] Initial APKBUILD for FWSNORT into testing

IT Offshore <developer@it-offshore.co.uk>
Details
Message ID
<1384077540-7914-4-git-send-email-developer@it-offshore.co.uk>
Sender timestamp
1384077538
DKIM signature
missing
Download raw message
10 years ago
Patch: +122 -0 
re-submitted complete patch for FWSNORT correcting:

periodic.daily - now updates the SNORT rules / PSAD signatures daily.

fwsnort.post-install - now just shows a message to update signatures manually
(to avoid any problems with installations on tmpfs). Now uses the system terminal
colours $STRONG $GREEN.

fwsnort.update - update script for FWSNORT & PSAD (if PSAD exists).

fwsnort.up - lives in /etc/network/if-pre-up.d/ to put the SNORT rules into iptables
every time networking comes up.
---
 testing/fwsnort/APKBUILD             | 81 ++++++++++++++++++++++++++++++++++++
 testing/fwsnort/fwsnort.post-install | 16 +++++++
 testing/fwsnort/fwsnort.up           |  5 +++
 testing/fwsnort/fwsnort.update       | 15 +++++++
 testing/fwsnort/periodic.daily       |  5 +++
 5 files changed, 122 insertions(+)
 create mode 100644 testing/fwsnort/APKBUILD
 create mode 100644 testing/fwsnort/fwsnort.post-install
 create mode 100644 testing/fwsnort/fwsnort.up
 create mode 100644 testing/fwsnort/fwsnort.update
 create mode 100644 testing/fwsnort/periodic.daily

diff --git a/testing/fwsnort/APKBUILD b/testing/fwsnort/APKBUILD
new file mode 100644
index 0000000..fcf7869
--- /dev/null
+++ b/testing/fwsnort/APKBUILD
@@ -0,0 +1,81 @@
# Contributor: IT Offshore <developer@it-offshore.co.uk>
# Maintainer:
pkgname=fwsnort
pkgver=1.6.3
pkgrel=0
pkgdesc="Application layer IDS/IPS by translating snort rules into iptables"
url="http://www.cipherdyne.org/fwsnort/"
arch="noarch"
license="GPL"
depends="perl perl-netaddr-ip perl-iptables-parse iptables ip6tables net-tools"
depends_dev="wget"
makedepends="$depends_dev"
install="$pkgname.post-install"
source="http://www.cipherdyne.org/$pkgname/download/$pkgname-nodeps-$pkgver.tar.gz
        fwsnort.up
        fwsnort.update
	periodic.daily
        "

_builddir="$srcdir"/$pkgname-$pkgver

build() {
	cd "$_builddir"

	#Disable Root requirement to build
        START=$(sed -n '/$< == 0 && $> == 0 or die "You need to be root (or equivalent UID 0",/=' ./install.pl)
        END=$(expr $START + 1)
        #Busybox sed does not support +1d
        sed -e ''$START','$END'd' ./install.pl -i

	#prevent chmod 0500 halting the build
    sed -e "s|0500|0755|" ./install.pl -i

	#change MAN path so package builds
    sed -e "s|/usr/share/man/man8|$pkgdir&|" ./install.pl -i

	# --install-test-dir sets the INSTALL_ROOT to $src/../test/fwsnort-test
	# avoids installation attempted into /etc /usr /var
	# -S disables dependency installs (we also build with the nodep sources)
	./install.pl -S --install-test-dir
}

package() {
	cd "$_builddir"

	#create destinations before fakeroot runs
	mkdir -p $pkgdir/etc \
                 $pkgdir/usr \
                 $pkgdir/usr

        cp -rf $srcdir/fwsnort-$pkgver/test/fwsnort-install/* $pkgdir

        # delete references to $pkgdir made by the installer
        cp -f $srcdir/fwsnort-$pkgver/fwsnort.conf $pkgdir/etc/fwsnort/fwsnort.conf

	#fix permissions
	chmod 0500 $pkgdir/etc/fwsnort $pkgdir/etc/fwsnort/snort_rules
	chmod 0500 $pkgdir/usr/sbin/fwsnort
	chmod 0600 $pkgdir/etc/fwsnort/fwsnort.conf

	# install rule / signature update script
        install -Dm755 "$srcdir"/fwsnort.update "$pkgdir"/usr/bin/update-fwsnort
	# install iptables rule splicing script
	install -Dm755 "$srcdir"/fwsnort.up "$pkgdir"/etc/network/if-pre-up.d/fwsnort
	# install daily cron
        install -Dm755 "$srcdir"/periodic.daily "$pkgdir"/etc/periodic/daily/fwsnort

}

md5sums="7a61a03c4b523b4fb2b1cc73bcb3bac7  fwsnort-nodeps-1.6.3.tar.gz
442039bc04d553c7c5f9d3fc4269cc71  fwsnort.up
57afe59d948bd559e9728cee34bfd721  fwsnort.update
80bd0a7b0c1392e8a279d95e06120ca4  periodic.daily"
sha256sums="d2110508f61c31d5ca5ddbb2452d0b10ae533e094499bc287f3382371c8bd5f2  fwsnort-nodeps-1.6.3.tar.gz
8caf113ff779a02fe97288d545f029111151fac9f342be9b40aa9f80e49dd359  fwsnort.up
f0be3ec5846f075537c05389874cb66babff942d618bef7964511199563fbdd7  fwsnort.update
f080f4cb0b8e915a5d3af798b46b13fee0d2258d9c8c9dffafa4ecc0b9e1bbe6  periodic.daily"
sha512sums="abf03d9c42b24abdb5798f7e9becffd203eb4579eb3682fc975ff51714010c3ee4541da1675efee9a03e09323089219c57c58574ef6c5b587c38761c167eac48  fwsnort-nodeps-1.6.3.tar.gz
3c97b5f4bb922086acd62305baae4ba1d91e6e627d063f131f98e08da3f57b607b35558eae2cf292b3997d25f09147039f95123161f8f29c5b97b71c80811e9f  fwsnort.up
bfcb2a4c5dd91eea6e1983ec660e6c5f8915dc87ce1e7650dd6a92fdc7a52e207f710792d75d470a16fe83da223b6aa45b95e4d53c912144ae2a306855b70fa6  fwsnort.update
763b459d43319e9b6678a5addd96b3542c629379f9f11095bc158b1ef08b039cd776ceedd6207953ab01000804d7580a3a8223b352b407d3cc6a05c27d96fcb0  periodic.daily"
diff --git a/testing/fwsnort/fwsnort.post-install b/testing/fwsnort/fwsnort.post-install
new file mode 100644
index 0000000..b4e80d6
--- /dev/null
+++ b/testing/fwsnort/fwsnort.post-install
@@ -0,0 +1,16 @@
#!/bin/sh
# fwsnort post install script
#############################

NORMAL="\033[1;0m"
STRONG="\033[1;1m"
GREEN="\033[1;32m"

print_strong() {
        local prompt="${STRONG}$1 ${GREEN}$2${NORMAL}"
        printf "${prompt} %s\n"
}

print_strong "\nFWSNORT installed & daily signature updates configured.\n\nTo update now run:" "\t/usr/bin/update-fwsnort\n"
exit 0

diff --git a/testing/fwsnort/fwsnort.up b/testing/fwsnort/fwsnort.up
new file mode 100644
index 0000000..b750f59
--- /dev/null
+++ b/testing/fwsnort/fwsnort.up
@@ -0,0 +1,5 @@
#!/bin/sh

#splice fwsnort rules into iptables whenever the network comes up
/var/lib/fwsnort/fwsnort.sh

diff --git a/testing/fwsnort/fwsnort.update b/testing/fwsnort/fwsnort.update
new file mode 100644
index 0000000..41dc608
--- /dev/null
+++ b/testing/fwsnort/fwsnort.update
@@ -0,0 +1,15 @@
#!/bin/sh

# update fwsnort rules / psad signatures
/usr/sbin/fwsnort --update-rules
#generate iptables ruleset
/usr/sbin/fwsnort
#splice rules into iptables
/var/lib/fwsnort/fwsnort.sh

if ps aux | grep psad; then
   psad --sig-update
   echo "running 'psad -H'"
   psad -H
fi

diff --git a/testing/fwsnort/periodic.daily b/testing/fwsnort/periodic.daily
new file mode 100644
index 0000000..ffc785d
--- /dev/null
+++ b/testing/fwsnort/periodic.daily
@@ -0,0 +1,5 @@
#!/bin/sh
#update FWSNORT Rules & PSAD signatures daily
/usr/bin/update-fwsnort
exit 0

-- 
1.8.4.2



---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---
Natanael Copa <ncopa@alpinelinux.org>
Details
Message ID
<20131115164732.509fd0db@ncopa-desktop.alpinelinux.org>
In-Reply-To
<1384077540-7914-4-git-send-email-developer@it-offshore.co.uk> (view parent)
Sender timestamp
1384530452
DKIM signature
missing
Download raw message
10 years ago 
On Sun, 10 Nov 2013 09:58:58 +0000
IT Offshore <developer@it-offshore.co.uk> wrote:

> re-submitted complete patch for FWSNORT correcting:
> 
> periodic.daily - now updates the SNORT rules / PSAD signatures daily.
> 
> fwsnort.post-install - now just shows a message to update signatures manually
> (to avoid any problems with installations on tmpfs). Now uses the system terminal
> colours $STRONG $GREEN.

in this case i think an informal message is nice.
...

> +57afe59d948bd559e9728cee34bfd721  fwsnort.update

some checksum was wrong... I updated it

> diff --git a/testing/fwsnort/fwsnort.up b/testing/fwsnort/fwsnort.up
> new file mode 100644
> index 0000000..b750f59
> --- /dev/null
> +++ b/testing/fwsnort/fwsnort.up
> @@ -0,0 +1,5 @@
> +#!/bin/sh
> +
> +#splice fwsnort rules into iptables whenever the network comes up
> +/var/lib/fwsnort/fwsnort.sh
> +

It looks wrong to have a script in /var/lib...

I applied it as is otherwise, with the checksum fix and commit message change.

Thanks!

-nc


---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---
Reply to thread Export thread (mbox)