[alpine-devel] [PATCH] Initial APKBUILD for FWSNORT (Firewall SNORT)

IT Offshore
Details
Message ID
<1383363045-15568-1-git-send-email-developer@it-offshore.co.uk>
Sender timestamp
1383363045
DKIM signature
missing
Download raw message
Patch: +110 -0
Initial package into testing for 'FWSNORT':

http://www.cipherdyne.org/fwsnort/

fwsnort.post-install - adds daily cron to update rules / signatures

fwsnort.up - added to /etc/network/if-pre-up.d/ to splice rules into iptables

fwsnort.update - daily snort rule / psad signature update script (run by cron)
---
 testing/fwsnort/APKBUILD             | 74 ++++++++++++++++++++++++++++++++++++
 testing/fwsnort/fwsnort.post-install | 13 +++++++
 testing/fwsnort/fwsnort.up           |  5 +++
 testing/fwsnort/fwsnort.update       | 18 +++++++++
 4 files changed, 110 insertions(+)
 create mode 100644 testing/fwsnort/APKBUILD
 create mode 100644 testing/fwsnort/fwsnort.post-install
 create mode 100644 testing/fwsnort/fwsnort.up
 create mode 100644 testing/fwsnort/fwsnort.update

diff --git a/testing/fwsnort/APKBUILD b/testing/fwsnort/APKBUILD
new file mode 100644
index 0000000..853626b
--- /dev/null
+++ b/testing/fwsnort/APKBUILD
@@ -0,0 +1,74 @@
+# Contributor: IT Offshore <developer@it-offshore.co.uk>
+# Maintainer:
+pkgname=fwsnort
+pkgver=1.6.3
+pkgrel=0
+pkgdesc="Application layer IDS/IPS by translating snort rules into iptables"
+url="http://www.cipherdyne.org/fwsnort/"
+arch="noarch"
+license="GPL"
+depends="perl perl-netaddr-ip perl-iptables-parse iptables ip6tables net-tools"
+depends_dev="wget"
+makedepends="$depends_dev"
+install="$pkgname.post-install"
+source="http://www.cipherdyne.org/$pkgname/download/$pkgname-nodeps-$pkgver.tar.gz
+        fwsnort.up
+        fwsnort.update
+        "
+
+_builddir="$srcdir"/$pkgname-$pkgver
+
+build() {
+	cd "$_builddir"
+
+	#Disable Root requirement to build
+        START=$(sed -n '/$< == 0 && $> == 0 or die "You need to be root (or equivalent UID 0",/=' ./install.pl)
+        END=$(expr $START + 1)
+        #Busybox sed does not support +1d
+        sed -e ''$START','$END'd' ./install.pl -i
+
+	#prevent chmod 0500 halting the build
+    sed -e "s|0500|0755|" ./install.pl -i
+
+	#change MAN path so package builds
+    sed -e "s|/usr/share/man/man8|$pkgdir&|" ./install.pl -i
+
+  	# --install-test-dir sets the INSTALL_ROOT to $src/../test/fwsnort-test
+  	# avoids installation attempted into /etc /usr /var
+	# -S disables dependency installs (we also build with the nodep sources)
+  	./install.pl -S --install-test-dir   
+}
+
+package() {
+	cd "$_builddir"
+
+	#create destinations before fakeroot runs
+	mkdir -p $pkgdir/etc \
+                 $pkgdir/usr \
+                 $pkgdir/usr
+
+        cp -rf $srcdir/fwsnort-$pkgver/test/fwsnort-install/* $pkgdir
+
+        # delete references to $pkgdir made by the installer
+        cp -f $srcdir/fwsnort-$pkgver/fwsnort.conf $pkgdir/etc/fwsnort/fwsnort.conf
+
+	#fix permissions
+	chmod 0500 $pkgdir/etc/fwsnort $pkgdir/etc/fwsnort/snort_rules
+	chmod 0500 $pkgdir/usr/sbin/fwsnort
+	chmod 0600 $pkgdir/etc/fwsnort/fwsnort.conf
+
+	# install rule / signature update script
+        install -Dm755 "$srcdir"/fwsnort.update "$pkgdir"/usr/bin/update-fwsnort
+	# install iptables rule splicing script
+	install -Dm755 "$srcdir"/fwsnort.up "$pkgdir"/etc/network/if-pre-up.d/fwsnort
+}
+
+md5sums="7a61a03c4b523b4fb2b1cc73bcb3bac7  fwsnort-nodeps-1.6.3.tar.gz
+442039bc04d553c7c5f9d3fc4269cc71  fwsnort.up
+4866ff4610b5f2aa56fa15a827b22179  fwsnort.update"
+sha256sums="d2110508f61c31d5ca5ddbb2452d0b10ae533e094499bc287f3382371c8bd5f2  fwsnort-nodeps-1.6.3.tar.gz
+8caf113ff779a02fe97288d545f029111151fac9f342be9b40aa9f80e49dd359  fwsnort.up
+b9753c29cace84014876f0d3b18c1c4c76ac1cbe1c83dd295b341b9e2897f61d  fwsnort.update"
+sha512sums="abf03d9c42b24abdb5798f7e9becffd203eb4579eb3682fc975ff51714010c3ee4541da1675efee9a03e09323089219c57c58574ef6c5b587c38761c167eac48  fwsnort-nodeps-1.6.3.tar.gz
+3c97b5f4bb922086acd62305baae4ba1d91e6e627d063f131f98e08da3f57b607b35558eae2cf292b3997d25f09147039f95123161f8f29c5b97b71c80811e9f  fwsnort.up
+0944c226600b380c504d36038948ef0c421a3d412a06d85cbb0b8397b4226ae966c5d94fe2f661c72865fed2afae1d698279c6a4e95fc8637281ddb6cb01b14d  fwsnort.update"
diff --git a/testing/fwsnort/fwsnort.post-install b/testing/fwsnort/fwsnort.post-install
new file mode 100644
index 0000000..9b3fa0cb
--- /dev/null
+++ b/testing/fwsnort/fwsnort.post-install
@@ -0,0 +1,13 @@
+#!/bin/sh
+# fwsnort post install script
+#############################
+
+/usr/bin/update-fwsnort
+
+#setup cron to update signatures daily
+echo "0 15 * * * /usr/bin/update-fwsnort 2>&1 >> /var/log/fwsnort_update.log" >> /etc/crontabs/root
+
+echo "Daily root cron job created to update PSAD signatures & SNORT rules"
+echo "/etc/network/pre-if-up.d/fwsnort created to add SNORT rules to iptables automatically"
+
+exit 0
diff --git a/testing/fwsnort/fwsnort.up b/testing/fwsnort/fwsnort.up
new file mode 100644
index 0000000..b750f59
--- /dev/null
+++ b/testing/fwsnort/fwsnort.up
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+#splice fwsnort rules into iptables whenever the network comes up
+/var/lib/fwsnort/fwsnort.sh
+
diff --git a/testing/fwsnort/fwsnort.update b/testing/fwsnort/fwsnort.update
new file mode 100644
index 0000000..e94e1eb
--- /dev/null
+++ b/testing/fwsnort/fwsnort.update
@@ -0,0 +1,18 @@
+#!/bin/sh
+# update fwsnort & psad signatures
+
+# clear update log (rewritten daily by cron)
+if [ -f /var/log/fwsnort_update.log ]; then
+   rm -rf /var/log/fwsnort_update.log
+fi
+
+/usr/sbin/fwsnort --update-rules
+/usr/sbin/fwsnort
+/var/lib/fwsnort/fwsnort.sh
+
+if ps aux | grep psad; then
+   psad --sig-update
+   echo "running 'psad -H'"
+   psad -H
+fi
+
-- 
1.8.4.2



---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---