aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authoraaron <aaron@FreeBSD.org>2006-05-14 00:33:50 +0800
committeraaron <aaron@FreeBSD.org>2006-05-14 00:33:50 +0800
commit16a59f7a0e4fb2cf61dab545f7514fbf081a1dd6 (patch)
treef7e83079bba73b42d0d8dd9a8dddf21926aed29d /security
parent16dbbba8103fde72799cda90b616f997b0894591 (diff)
downloadfreebsd-ports-gnome-16a59f7a0e4fb2cf61dab545f7514fbf081a1dd6.tar.gz
freebsd-ports-gnome-16a59f7a0e4fb2cf61dab545f7514fbf081a1dd6.tar.zst
freebsd-ports-gnome-16a59f7a0e4fb2cf61dab545f7514fbf081a1dd6.zip
Add ipfwcount 0.2.1, summarise ipfw logs by counting and sorting the
fields. PR: ports/92454 Submitted by: Robert Archer <freebsd@deathbeforedecaf.net> Approved by: tobez
Diffstat (limited to 'security')
-rw-r--r--security/Makefile1
-rw-r--r--security/ipfwcount/Makefile55
-rw-r--r--security/ipfwcount/distinfo2
-rw-r--r--security/ipfwcount/files/pkg-message.in12
-rw-r--r--security/ipfwcount/pkg-descr10
5 files changed, 80 insertions, 0 deletions
diff --git a/security/Makefile b/security/Makefile
index 4344b2a4bd34..b13a018bc105 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -181,6 +181,7 @@
SUBDIR += ipfilter2dshield
SUBDIR += ipfmeta
SUBDIR += ipfw2dshield
+ SUBDIR += ipfwcount
SUBDIR += ipguard
SUBDIR += ipsec-tools
SUBDIR += isakmpd
diff --git a/security/ipfwcount/Makefile b/security/ipfwcount/Makefile
new file mode 100644
index 000000000000..93c77b0aad62
--- /dev/null
+++ b/security/ipfwcount/Makefile
@@ -0,0 +1,55 @@
+# New ports collection makefile for: ipfwcount
+# Date created: 22 February 2006
+# Whom: Robert Archer <freebsd@deathbeforedecaf.net>
+#
+# $FreeBSD$
+#
+
+PORTNAME= ipfwcount
+PORTVERSION= 0.2.1
+PORTREVISION= 1
+CATEGORIES= security
+MASTER_SITES= http://deathbeforedecaf.net/misc/ports/ \
+ http://users.netleader.com.au/~rob/
+
+MAINTAINER= freebsd@deathbeforedecaf.net
+COMMENT= Summarise ipfw logs by counting and sorting the fields
+
+PLIST_FILES= bin/ipfwcount
+MAN1= ipfwcount.1
+
+USE_PERL5= yes
+USE_REINPLACE= yes
+
+.if !defined(NOPORTDOCS)
+PLIST_DIRS= %%EXAMPLESDIR%%
+PLIST_FILES+= %%EXAMPLESDIR%%/100.ipfwcount
+SUB_FILES= pkg-message
+.endif
+
+.include <bsd.port.pre.mk>
+
+.if ${PERL_LEVEL} < 500600
+IGNORE= requires perl 5.6 or higher - see the lang/perl5.8 port
+.endif
+
+post-patch:
+ ${REINPLACE_CMD} -e '1s,^#![^ ]*,#!${PERL},' ${WRKSRC}/ipfwcount
+
+do-build:
+ cd ${WRKSRC} && pod2man ipfwcount > ipfwcount.1
+
+do-install:
+ ${INSTALL_SCRIPT} ${WRKSRC}/ipfwcount ${PREFIX}/bin
+ ${INSTALL_MAN} ${WRKSRC}/ipfwcount.1 ${PREFIX}/man/man1/ipfwcount.1
+.if !defined(NOPORTDOCS)
+ ${MKDIR} ${EXAMPLESDIR}
+ ${INSTALL_SCRIPT} ${WRKSRC}/100.ipfwcount ${EXAMPLESDIR}
+.endif
+
+post-install:
+.if !defined(NOPORTDOCS)
+ @${CAT} ${PKGMESSAGE}
+.endif
+
+.include <bsd.port.post.mk>
diff --git a/security/ipfwcount/distinfo b/security/ipfwcount/distinfo
new file mode 100644
index 000000000000..d06ebf0a35c0
--- /dev/null
+++ b/security/ipfwcount/distinfo
@@ -0,0 +1,2 @@
+MD5 (ipfwcount-0.2.1.tar.gz) = 57107133453a8defd628bfa9295de5c0
+SIZE (ipfwcount-0.2.1.tar.gz) = 3863
diff --git a/security/ipfwcount/files/pkg-message.in b/security/ipfwcount/files/pkg-message.in
new file mode 100644
index 000000000000..22130ffa702c
--- /dev/null
+++ b/security/ipfwcount/files/pkg-message.in
@@ -0,0 +1,12 @@
+
+ To summarise ipfw(8) logs in your daily security check:
+
+ * Copy %%EXAMPLESDIR%%/100.ipfwcount to
+ %%PREFIX%%/etc/periodic/security
+
+ * Add the line
+
+ daily_status_security_ipfwcount_enable="YES"
+
+ to /etc/periodic.conf
+
diff --git a/security/ipfwcount/pkg-descr b/security/ipfwcount/pkg-descr
new file mode 100644
index 000000000000..858a0c9f0163
--- /dev/null
+++ b/security/ipfwcount/pkg-descr
@@ -0,0 +1,10 @@
+ipfwcount reads ipfw(8) logs and extracts the following fields:
+
+ rule action proto type shost sport dhost dport dir iface
+
+You can then print lists like 'top <n> blocked ports', 'top <n> blocked hosts',
+or 'incoming connections sorted by interface and protocol'.
+
+For more sophisticated lists, you can filter the entries using Perl expressions.
+
+WWW: http://deathbeforedecaf.net/misc/ports