Add security/ipfilter2dshield:

This perl script is an official DShield client whose purpose is to
read your FreeBSD ipfilter firewall ipmon log file and convert the
log records to the standard DShield reporting record format, and
embed the converted log records into the body of an email that gets
sent to DShield for automatic addition to their database and abuse
reporting to the offenders ISP if you are an subscribed DShield member.

PR:		ports/68661
Submitted by:	Joe Barbish <fbsd_user@a1poweruser.com>

7 files changed, 117 insertions, 0 deletions

diff --git a/security/Makefile b/security/Makefile
index 4fdaf73ad55d..65998f0dfcd4 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -145,6 +145,7 @@
     SUBDIR += ifd-slb_rf60
     SUBDIR += ike-scan
     SUBDIR += integrit
+    SUBDIR += ipfilter2dshield
     SUBDIR += ipfmeta
     SUBDIR += ipfw2dshield
     SUBDIR += isakmpd
diff --git a/security/ipfilter2dshield/Makefile b/security/ipfilter2dshield/Makefile
new file mode 100644
index 000000000000..e396bf2dddbe
--- /dev/null
+++ b/security/ipfilter2dshield/Makefile
@@ -0,0 +1,55 @@
+# New ports collection makefile for:	ipfilter2dshield
+# Date created:		2004-06-18
+# Whom:			Frank W. Josellis <frank@dynamical-systems.org>
+#
+# $FreeBSD$
+#
+
+PORTNAME=	ipfilter2dshield
+PORTVERSION=	1.0
+CATEGORIES=	security
+MASTER_SITES=	http://www.dshield.org/clients/
+DISTNAME=	dshield-freebsd.pl
+EXTRACT_SUFX=	.txt
+
+MAINTAINER=	fbsd_user@a1poweruser.com
+COMMENT=	Official DShield client for ipfilter firewall logs
+
+RUN_DEPENDS=	${SITE_PERL}/Net/Netmask.pm:${PORTSDIR}/net-mgmt/p5-Net-Netmask
+
+USE_PERL5=	yes
+
+PKGMESSAGE=	${WRKDIR}/pkg-message
+PKGDEINSTALL=	${WRKDIR}/pkg-deinstall
+
+.include <bsd.port.pre.mk>
+
+.if ${OSVERSION} < 490000
+IGNORE=		"Not supported on releases prior to 4.9"
+.endif
+
+do-extract:
+	[ -d ${WRKDIR} ] || ${MKDIR} ${WRKDIR}
+	${CP} ${DISTDIR}/${DISTFILES} ${WRKDIR}/${DISTNAME}
+
+do-build:
+
+pre-install:
+	@${SED} -e "s=%%PREFIX%%=${PREFIX}=g" \
+		-e "s=%%DISTNAME%%=${DISTNAME}=g" \
+		pkg-message > ${PKGMESSAGE}
+	@${SED} -e "s=%%PREFIX%%=${PREFIX}=g" \
+		-e "s=%%PORTNAME%%=${PORTNAME}=g" \
+		-e "s=%%DISTNAME%%=${DISTNAME}=g" \
+		pkg-deinstall > ${PKGDEINSTALL}
+
+do-install:
+	[ -d ${PREFIX}/etc/${PORTNAME} ] || ${MKDIR} ${PREFIX}/etc/${PORTNAME}
+	${INSTALL} -o root -g wheel -m 644 ${WRKDIR}/${DISTNAME} \
+		${PREFIX}/etc/${PORTNAME}/${DISTNAME}.dist
+	${INSTALL} -o root -g wheel -m 760 ${WRKDIR}/${DISTNAME} ${PREFIX}/sbin
+
+post-install:
+	@${CAT} ${PKGMESSAGE}
+
+.include <bsd.port.post.mk>
diff --git a/security/ipfilter2dshield/distinfo b/security/ipfilter2dshield/distinfo
new file mode 100644
index 000000000000..132acf439bb1
--- /dev/null
+++ b/security/ipfilter2dshield/distinfo
@@ -0,0 +1,2 @@
+MD5 (dshield-freebsd.pl.txt) = 883d9f1516dfefe3ec01c0dab9df9917
+SIZE (dshield-freebsd.pl.txt) = 15458
diff --git a/security/ipfilter2dshield/pkg-deinstall b/security/ipfilter2dshield/pkg-deinstall
new file mode 100644
index 000000000000..149470f97518
--- /dev/null
+++ b/security/ipfilter2dshield/pkg-deinstall
@@ -0,0 +1,15 @@
+#!/bin/sh
+
+PREFIX=%%PREFIX%%
+PORTNAME=%%PORTNAME%%
+DISTNAME=%%DISTNAME%%
+
+# Restore the original script to undo any customization and thus 
+# to allow clean deinstallation. 
+# 
+if [ -f ${PREFIX}/etc/${PORTNAME}/${DISTNAME}.dist ]; then
+    install -o root -g wheel -m 760 \
+	${PREFIX}/etc/${PORTNAME}/${DISTNAME}.dist ${PREFIX}/sbin/${DISTNAME}
+fi
+
+exit 0
diff --git a/security/ipfilter2dshield/pkg-descr b/security/ipfilter2dshield/pkg-descr
new file mode 100644
index 000000000000..94cc0d4de97c
--- /dev/null
+++ b/security/ipfilter2dshield/pkg-descr
@@ -0,0 +1,17 @@
+This perl script is an official DShield client who's purpose is to 
+read your FreeBSD ipfilter firewall ipmon log file and convert the
+log records to the standard DShield reporting record format, and 
+imbed the converted log records into the body of an email that gets 
+sent to DShield for automatic addition to their database and abuse 
+reporting to the offenders ISP if you are an subscribed DShield member.
+
+Script contains user customable defaults which can be overridden with
+command line flags. (visit http://www.dshield.org for details).
+
+Script is installed into /usr/local/sbin where you can edit the
+defaults to meet your requirements. Issue rehash command to enable.
+
+WWW: http://www.dshield.org/linux_clients.php#freebsd
+
+Joe Barbish
+fbsd_user@a1poweruser.com
diff --git a/security/ipfilter2dshield/pkg-message b/security/ipfilter2dshield/pkg-message
new file mode 100644
index 000000000000..ce8a02fc531c
--- /dev/null
+++ b/security/ipfilter2dshield/pkg-message
@@ -0,0 +1,24 @@
+***************************************************************************
+
+Installer instructions.  This port has installed the
+%%DISTNAME%% script into %%PREFIX%%/sbin directory.
+
+You have to edit the script and change the default email address in
+the script source. Script contains comments explaining what needs to
+be changed. You also have to create an exclude file, follow
+instructions in the script about the syntax of the exclude file
+content.
+
+To receive feedback reports and see your submitted log data online
+at dshield.org you have to sign up for free membership. See
+www.dshield.org for details.
+
+This script is part of the "proactive probing abuse reporting
+system"  port ppars-1.0 which has scripts that report abuse to your
+ISP and to the owning ISP from which the probe packets came from.
+Also contained in the ppars-1.0 port is instructions on how to auto
+launch the scripts only when the ipfilter log is rotated by
+newsyslog, which you may find useful for launching the dshield
+script installed by this port.
+
+***************************************************************************
diff --git a/security/ipfilter2dshield/pkg-plist b/security/ipfilter2dshield/pkg-plist
new file mode 100644
index 000000000000..f329b7548949
--- /dev/null
+++ b/security/ipfilter2dshield/pkg-plist
@@ -0,0 +1,3 @@
+etc/ipfilter2dshield/dshield-freebsd.pl.dist
+sbin/dshield-freebsd.pl
+@dirrm etc/ipfilter2dshield