diff options
Diffstat (limited to 'security')
-rw-r--r-- | security/snortreport/Makefile | 12 | ||||
-rw-r--r-- | security/snortreport/distinfo | 6 | ||||
-rw-r--r-- | security/snortreport/files/patch-ipdetail.php | 23 | ||||
-rw-r--r-- | security/snortreport/files/patch-sigdetail.php | 41 | ||||
-rw-r--r-- | security/snortreport/pkg-descr | 4 | ||||
-rw-r--r-- | security/snortreport/pkg-message | 4 | ||||
-rw-r--r-- | security/snortreport/pkg-plist | 12 |
7 files changed, 84 insertions, 18 deletions
diff --git a/security/snortreport/Makefile b/security/snortreport/Makefile index 56005ccb67b8..0b139e8b2306 100644 --- a/security/snortreport/Makefile +++ b/security/snortreport/Makefile @@ -1,16 +1,16 @@ # New ports collection makefile for: snortreport # Date created: 18 Jan 2004 -# Whom: Andrea Venturoli <a.ventu@flashnet.it> +# Whom: Andrea Venturoli <freebsd@netfence.it> # # $FreeBSD$ # PORTNAME= snortreport -PORTVERSION= 1.2 +PORTVERSION= 1.3.1 CATEGORIES= security www -MASTER_SITES= http://www.circuitsmaximus.com/snortreport/ +MASTER_SITES= http://www.symmetrixtech.com/ids/ -MAINTAINER= ports@FreeBSD.org +MAINTAINER= freebsd@netfence.it COMMENT= Add-on module for snort to generate real-time web reports .if !defined(WITHOUT_JPGRAPH) @@ -19,12 +19,12 @@ RUN_DEPENDS= ${LOCALBASE}/share/jpgraph/jpgraph.php:${PORTSDIR}/graphics/jpgraph USE_PHP= yes WANT_PHP_WEB= yes +IGNORE_WITH_PHP= 5 +DEFAULT_PHP_VER= 4 PKGMESSAGE= ${WRKDIR}/pkg-message NO_BUILD= yes -BROKEN= does not package; depends on multiple versions of PHP - pre-everything:: @${ECHO} "" @${ECHO} "You have to configure PHP either with MySQL or PostgreSQL" diff --git a/security/snortreport/distinfo b/security/snortreport/distinfo index b3dfd397665c..b5ff988c7d27 100644 --- a/security/snortreport/distinfo +++ b/security/snortreport/distinfo @@ -1,3 +1,3 @@ -MD5 (snortreport-1.2.tar.gz) = 856eb311abbc012e705fc8f6694cd814 -SHA256 (snortreport-1.2.tar.gz) = 3c9ce90f7ee69aab6c47533f689500dc9bb1cd3373153cc24e11278156bebca7 -SIZE (snortreport-1.2.tar.gz) = 42693 +MD5 (snortreport-1.3.1.tar.gz) = 82407df1de6ab03319b5e4b82ef725ee +SHA256 (snortreport-1.3.1.tar.gz) = 476008993100d11046ef34db68735b0e96cb3b939e431d2df592e6ffcf24de33 +SIZE (snortreport-1.3.1.tar.gz) = 43334 diff --git a/security/snortreport/files/patch-ipdetail.php b/security/snortreport/files/patch-ipdetail.php new file mode 100644 index 000000000000..4e35a5f57edf --- /dev/null +++ b/security/snortreport/files/patch-ipdetail.php @@ -0,0 +1,23 @@ +*** /usr/local/www/snortreport/ipdetail.php Thu Dec 22 06:07:07 2005 +--- ./ipdetail.php Thu Nov 9 14:28:57 2006 +*************** +*** 40,48 **** + + // set up the SQL query + if ($type == "src") { +! $query = "SELECT event.cid, event.sid, event.signature, event.timestamp, iphdr.ip_src, iphdr.ip_dst, iphdr.ip_ver, iphdr.ip_hlen, iphdr.ip_tos, iphdr.ip_len, iphdr.ip_id, iphdr.ip_flags, iphdr.ip_off, iphdr.ip_ttl, iphdr.ip_proto, iphdr.ip_csum, signature.sig_name, signature.sig_id, signature.sig_sid FROM event, iphdr, signature WHERE event.cid = iphdr.cid AND event.sid = iphdr.sid AND event.signature = signature.sig_id AND iphdr.ip_src = ".$ipAddress." AND event.timestamp > ".$db->timestamp($beginTime)." AND event.timestamp < ".$db->timestamp($endTime) or die("Error in query"); + } else { +! $query = "SELECT event.cid, event.sid, event.signature, event.timestamp, iphdr.ip_src, iphdr.ip_dst, iphdr.ip_ver, iphdr.ip_hlen, iphdr.ip_tos, iphdr.ip_len, iphdr.ip_id, iphdr.ip_flags, iphdr.ip_off, iphdr.ip_ttl, iphdr.ip_proto, iphdr.ip_csum, signature.sig_name, signature.sig_id, signature.sig_sid FROM event, iphdr, signature WHERE event.cid = iphdr.cid AND event.sid = iphdr.sid AND event.signature = signature.sig_id AND iphdr.ip_dst = ".$ipAddress." AND event.timestamp > ".$db->timestamp($beginTime)." AND event.timestamp < ".$db->timestamp($endTime) or die("Error in query"); + } + + // run the query on the database +--- 40,48 ---- + + // set up the SQL query + if ($type == "src") { +! $query = "SELECT event.cid, event.sid, event.signature, ".$db->timeSinceEpoch('event.timestamp').", iphdr.ip_src, iphdr.ip_dst, iphdr.ip_ver, iphdr.ip_hlen, iphdr.ip_tos, iphdr.ip_len, iphdr.ip_id, iphdr.ip_flags, iphdr.ip_off, iphdr.ip_ttl, iphdr.ip_proto, iphdr.ip_csum, signature.sig_name, signature.sig_id, signature.sig_sid FROM event, iphdr, signature WHERE event.cid = iphdr.cid AND event.sid = iphdr.sid AND event.signature = signature.sig_id AND iphdr.ip_src = ".$ipAddress." AND ".$db->timeSinceEpoch('event.timestamp')." > ".$db->timestamp($beginTime)." AND ".$db->timeSinceEpoch("event.timestamp")." < ".$db->timestamp($endTime) or die("Error in query"); + } else { +! $query = "SELECT event.cid, event.sid, event.signature, ".$db->timeSinceEpoch("event.timestamp").", iphdr.ip_src, iphdr.ip_dst, iphdr.ip_ver, iphdr.ip_hlen, iphdr.ip_tos, iphdr.ip_len, iphdr.ip_id, iphdr.ip_flags, iphdr.ip_off, iphdr.ip_ttl, iphdr.ip_proto, iphdr.ip_csum, signature.sig_name, signature.sig_id, signature.sig_sid FROM event, iphdr, signature WHERE event.cid = iphdr.cid AND event.sid = iphdr.sid AND event.signature = signature.sig_id AND iphdr.ip_dst = ".$ipAddress." AND ".$db->timeSinceEpoch("event.timestamp")." > ".$db->timestamp($beginTime)." AND ".$db->timeSinceEpoch("event.timestamp")." < ".$db->timestamp($endTime) or die("Error in query"); + } + + // run the query on the database diff --git a/security/snortreport/files/patch-sigdetail.php b/security/snortreport/files/patch-sigdetail.php new file mode 100644 index 000000000000..cb933069a20a --- /dev/null +++ b/security/snortreport/files/patch-sigdetail.php @@ -0,0 +1,41 @@ +*** /usr/local/www/snortreport/sigdetail.php Thu Dec 22 06:07:07 2005 +--- ./sigdetail.php Thu Nov 9 14:28:57 2006 +*************** +*** 38,44 **** + assert($beginTime < $endTime); + + $URLTimeConstraint = "beginTime=$beginTime&endTime=$endTime"; +! $DBTimeConstraint = "(event.timestamp > " . $db->timestamp($beginTime) . " AND event.timestamp < " . $db->timestamp($endTime) . ")"; + + $sigid = intval($sigid) or die("Invalid signature ID"); + +--- 38,44 ---- + assert($beginTime < $endTime); + + $URLTimeConstraint = "beginTime=$beginTime&endTime=$endTime"; +! $DBTimeConstraint = "(".$db->timeSinceEpoch("event.timestamp")." > " . $db->timestamp($beginTime) . " AND ".$db->timeSinceEpoch("event.timestamp")." < " . $db->timestamp($endTime) . ")"; + + $sigid = intval($sigid) or die("Invalid signature ID"); + +*************** +*** 101,106 **** +--- 101,108 ---- + } + } + ++ if (!empty($Sources)) { ++ + if (PROFILING) elapsedTimer(__FILE__ . ": " . __LINE__); + // Get the total number of alerts for each source + +*************** +*** 327,332 **** +--- 329,336 ---- + print "<b><a href=\"sigdetail.php?$qs\">$anchor</a></b><br>\n"; + + if (PROFILING) elapsedTimer(__FILE__ . ": " . __LINE__); ++ ++ } + + require_once("page_bottom.php"); + diff --git a/security/snortreport/pkg-descr b/security/snortreport/pkg-descr index f06f12f340d6..9a5994c230b5 100644 --- a/security/snortreport/pkg-descr +++ b/security/snortreport/pkg-descr @@ -3,7 +3,7 @@ Snort Report is an add-on module for the Snort Intrusion Detection System. It generates real-time intrusion detection reports in an easy to read format based on data collected from a MySQL or PostgreSQL database. -WWW: http://www.circuitsmaximus.com/download.html +WWW: http://www.symmetrixtech.com/download.html - Andrea Venturoli -a.ventu@flashnet.it +freebsd@netfence.it diff --git a/security/snortreport/pkg-message b/security/snortreport/pkg-message index 0f7557c116d5..6fa9c651fc19 100644 --- a/security/snortreport/pkg-message +++ b/security/snortreport/pkg-message @@ -1,7 +1,7 @@ *************************************************************** Snortreport has been installed in %%PREFIX%%/www/snortreport. -Change into this directory and make changes to the config -file (srconf.php). +Change into this directory and make any necessary change to +the config file (srconf.php). Also modify your web server configuration to let access to this directory. *************************************************************** diff --git a/security/snortreport/pkg-plist b/security/snortreport/pkg-plist index 640fe4d3a915..ed6a0c3be74b 100644 --- a/security/snortreport/pkg-plist +++ b/security/snortreport/pkg-plist @@ -3,10 +3,16 @@ www/snortreport/DB_mysql.php www/snortreport/DB_pgsql.php www/snortreport/alertchart.php www/snortreport/alerts.php +www/snortreport/default.css www/snortreport/functions.php +www/snortreport/go.png www/snortreport/index.php www/snortreport/info-retrieval.php www/snortreport/ipdetail.php +www/snortreport/menu.html +www/snortreport/nbtscan.php +www/snortreport/nmap.php +www/snortreport/nodata.png www/snortreport/page_bottom.php www/snortreport/page_top.php www/snortreport/portscan.php @@ -15,14 +21,10 @@ www/snortreport/psdetail.php www/snortreport/sig-by-time-chart.php www/snortreport/sigdetail.php www/snortreport/srconf.php -www/snortreport/timespan.php -www/snortreport/default.css -www/snortreport/go.png -www/snortreport/nodata.png www/snortreport/srlogo.png -www/snortreport/menu.html www/snortreport/ssm.js www/snortreport/ssmItems.js +www/snortreport/timespan.php %%PORTDOCS%%%%DOCSDIR%%/INSTALL %%PORTDOCS%%%%DOCSDIR%%/LICENSE %%PORTDOCS%%%%DOCSDIR%%/Performance.txt |