File portsentry.diff of Package portsentry

Overview Repositories Revisions Requests Users Attributes Meta

File portsentry.diff of Package portsentry

diff -urN portsentry_beta.orig/ignore.csh portsentry_beta/ignore.csh
--- portsentry_beta.orig/ignore.csh	2003-05-23 20:10:13.000000000 +0200
+++ portsentry_beta/ignore.csh	2012-01-06 22:13:39.789819286 +0100
@@ -35,7 +35,7 @@
 endif
   
 # Safe directory 
-set SENTRYDIR=/usr/local/psionic/portsentry
+set SENTRYDIR=/etc/portsentry
 set TMPFILE=portsentry.ignore.tmp
  
 if (-f $SENTRYDIR/portsentry.ignore) then 
diff -urN portsentry_beta.orig/Makefile portsentry_beta/Makefile
--- portsentry_beta.orig/Makefile	2003-05-23 20:10:13.000000000 +0200
+++ portsentry_beta/Makefile	2012-01-06 22:13:39.790819312 +0100
@@ -20,13 +20,13 @@
 #
 #
 # Generic compiler (usually linked to gcc on most platforms)
-CC = cc
+#CC = cc
 
 # GNU..
-#CC = gcc 
+CC = gcc 
 
 # Normal systems flags
-CFLAGS = -O -Wall
+CFLAGS = $(RPM_OPT_FLAGS)
 
 # Debug mode for portsentry
 #CFLAGS = -Wall -g -DNODAEMON -DDEBUG
@@ -37,8 +37,8 @@
 #CFLAGS = -pg -O -Wall -DNODAEMON
 #LIBS = /usr/lib/libefence.a
 
-INSTALLDIR = /usr/local/psionic
-CHILDDIR=/portsentry
+INSTALLDIR = $(RPM_BUILD_ROOT)/usr/sbin
+CONFIGDIR = $(RPM_BUILD_ROOT)/etc/portsentry
 
 all:
 		@echo "Usage: make <systype>"
@@ -68,31 +68,33 @@
 
 install:	
 		@echo "Creating psionic directory $(INSTALLDIR)"
-		@if [ ! -d $(INSTALLDIR) ]; then /bin/mkdir $(INSTALLDIR); fi
+		@if [ ! -d $(INSTALLDIR) ]; then /bin/mkdir -p $(INSTALLDIR); fi
 		@echo "Setting directory permissions"
-		@if [ "$(INSTALLDIR)" = "/usr/local/psionic" ]; then /bin/chmod 700 $(INSTALLDIR) ; fi
-		@echo "Creating portsentry directory $(INSTALLDIR)$(CHILDDIR)"
-		@if [ ! -d $(INSTALLDIR)$(CHILDDIR) ]; then /bin/mkdir\
-			$(INSTALLDIR)$(CHILDDIR); fi
+		@echo "Creating portsentry directory $(CONFIGDIR)"
+		@if [ ! -d $(CONFIGDIR) ]; then /bin/mkdir -p \
+			$(CONFIGDIR); fi
+		@echo "Creating portsentry directory $(INSTALLDIR)"
+		@if [ ! -d $(INSTALLDIR) ]; then /bin/mkdir -p \
+			$(INSTALLDIR); fi
 		@echo "Setting directory permissions"
-		chmod 700 $(INSTALLDIR)$(CHILDDIR)
+		chmod 700 $(CONFIGDIR)
 		@echo "Copying files"
-		cp ./portsentry.conf $(INSTALLDIR)$(CHILDDIR)
-		cp ./portsentry.ignore $(INSTALLDIR)$(CHILDDIR)
-		cp ./portsentry $(INSTALLDIR)$(CHILDDIR)
+		cp ./portsentry.conf $(CONFIGDIR)
+		cp ./portsentry.ignore $(CONFIGDIR)
+		cp ./portsentry $(INSTALLDIR)
 		@echo "Setting permissions"
-		chmod 600 $(INSTALLDIR)$(CHILDDIR)/portsentry.ignore
-		chmod 600 $(INSTALLDIR)$(CHILDDIR)/portsentry.conf
-		chmod 700 $(INSTALLDIR)$(CHILDDIR)/portsentry
+		chmod 600 $(CONFIGDIR)/portsentry.ignore
+		chmod 600 $(CONFIGDIR)/portsentry.conf
+		chmod 700 $(INSTALLDIR)/portsentry
 		@echo ""
 		@echo ""
-		@echo "Edit $(INSTALLDIR)$(CHILDDIR)/portsentry.conf and change"
+		@echo "Edit $(CONFIGDIR)/portsentry.conf and change"
 		@echo "your settings if you haven't already. (route, etc)" 
 		@echo ""
 		@echo ""
 		@echo "WARNING: This version and above now use a new"
 		@echo "directory structure for storing the program"
-		@echo "and config files ($(INSTALLDIR)$(CHILDDIR))."
+		@echo "and config files ($(CONFIGDIR))."
 		@echo "Please make sure you delete the old files when" 
 		@echo "the testing of this install is complete."
 		@echo ""
diff -urN portsentry_beta.orig/portsentry.c portsentry_beta/portsentry.c
--- portsentry_beta.orig/portsentry.c	2003-05-23 20:10:13.000000000 +0200
+++ portsentry_beta/portsentry.c	2012-01-06 22:13:39.791819334 +0100
@@ -1581,8 +1581,7 @@
 Usage (void)
 {
   printf ("PortSentry - Port Scan Detector.\n");
-  printf ("Copyright 1997-2003 Craig H. Rowland <craigrowland at users dot 
-sourceforget dot net>\n");
+  printf ("Copyright 1997-2003 Craig H. Rowland <craigrowland at users dot sourceforget dot net>\n");
   printf ("Licensing restrictions apply. Please see documentation\n");
   printf ("Version: %s\n\n", VERSION);
 #ifdef SUPPORT_STEALTH
diff -urN portsentry_beta.orig/portsentry.conf portsentry_beta/portsentry.conf
--- portsentry_beta.orig/portsentry.conf	2003-05-23 20:10:13.000000000 +0200
+++ portsentry_beta/portsentry.conf	2012-01-06 22:43:29.833779514 +0100
@@ -70,7 +70,7 @@
 # all but the most isolated systems/networks.
 #
 # Default TCP ident and NetBIOS service
-ADVANCED_EXCLUDE_TCP="113,139"
+ADVANCED_EXCLUDE_TCP="113,13"
 # Default UDP route (RIP), NetBIOS, bootp broadcasts.
 ADVANCED_EXCLUDE_UDP="520,138,137,67"
 
@@ -80,11 +80,11 @@
 ######################
 #
 # Hosts to ignore
-IGNORE_FILE="/usr/local/psionic/portsentry/portsentry.ignore"
+IGNORE_FILE="/etc/portsentry/portsentry.ignore"
 # Hosts that have been denied (running history)
-HISTORY_FILE="/usr/local/psionic/portsentry/portsentry.history"
+HISTORY_FILE="/var/log/portsentry/portsentry.history"
 # Hosts that have been denied this session only (temporary until next restart)
-BLOCKED_FILE="/usr/local/psionic/portsentry/portsentry.blocked"
+BLOCKED_FILE="/var/log/portsentry/portsentry.blocked"
 
 ##############################
 # Misc. Configuration Options#
@@ -203,8 +203,8 @@
 #KILL_ROUTE="/sbin/ipchains -I input -s $TARGET$ -j DENY"
 #
 # iptables support for Linux
-#KILL_ROUTE="/usr/local/bin/iptables -I INPUT -s $TARGET$ -j DROP"
-#
+KILL_ROUTE="/sbin/iptables -I INPUT -s $TARGET$ -j DROP"
+
 # For those of you running FreeBSD (and compatible) you can
 # use their built in firewalling as well. 
 #
@@ -226,7 +226,7 @@
 # Format One: Old Style - The default when extended host processing
 # options are not enabled.
 #
-KILL_HOSTS_DENY="ALL: $TARGET$"
+#KILL_HOSTS_DENY="ALL: $TARGET$"
 
 # Format Two: New Style - The format used when extended option
 # processing is enabled. You can drop in extended processing
@@ -259,6 +259,7 @@
 #
 #
 #KILL_RUN_CMD="/some/path/here/script $TARGET$ $PORT$"
+#KILL_RUN_CMD="/bin/mail -s 'Portscan from $TARGET$ on port $PORT$' user@host < /dev/null"
 
 
 #####################
@@ -278,7 +279,7 @@
 # SSL [TCP port 443] and you immediately block them). Some of you
 # may even want this though. Just be careful.
 #
-SCAN_TRIGGER="0"
+SCAN_TRIGGER="1"
 
 ######################
 # Port Banner Section#
diff -urN portsentry_beta.orig/portsentry_config.h portsentry_beta/portsentry_config.h
--- portsentry_beta.orig/portsentry_config.h	2003-05-23 20:10:13.000000000 +0200
+++ portsentry_beta/portsentry_config.h	2012-01-06 22:13:39.794819382 +0100
@@ -22,7 +22,7 @@
 
 /* These are probably ok. Be sure you change the Makefile if you */
 /* change the path */
-#define CONFIG_FILE "/usr/local/psionic/portsentry/portsentry.conf"
+#define CONFIG_FILE "/etc/portsentry/portsentry.conf"
 
 /* The location of Wietse Venema's TCP Wrapper hosts.deny file */
 #define WRAPPER_HOSTS_DENY "/etc/hosts.deny"
diff -urN portsentry_beta.orig/portsentry.cron portsentry_beta/portsentry.cron
--- portsentry_beta.orig/portsentry.cron	1970-01-01 01:00:00.000000000 +0100
+++ portsentry_beta/portsentry.cron	2012-01-07 00:12:07.678663816 +0100
@@ -0,0 +1,5 @@
+# Restart portsentry to reset the history file
+# Flush the entries added by portsentry in iptables
+
+03,23,43 * * * *	root	/sbin/rcportsentry restart >/dev/null && /sbin/SuSEfirewall2 restart >/dev/null
+
diff -urN portsentry_beta.orig/portsentry.init portsentry_beta/portsentry.init
--- portsentry_beta.orig/portsentry.init	1970-01-01 01:00:00.000000000 +0100
+++ portsentry_beta/portsentry.init	2012-01-07 00:12:07.678663816 +0100
@@ -0,0 +1,80 @@
+#! /bin/bash
+#
+# /etc/init.d/portsentry
+#
+### BEGIN INIT INFO
+# Provides: 		portsentry
+# Required-Start: 	$network $remote_fs
+# Should-Start:   	$ALL network-remotefs ypbind nfs nfsserver rpcbind
+# Required-Stop:  	$remote_fs
+# Should-Stop:    	$null
+# Default-Start:  	3 5
+# Default-Stop:   	0 1 2 6
+# Short-Description: 	portsentry
+# Description: 		Port scan detection and active defense
+### END INIT INFO
+
+. /etc/rc.status
+rc_reset
+
+prog="/usr/sbin/portsentry"
+IGNORE_FILE="/etc/portsentry/portsentry.ignore"
+TMPFILE="/etc/portsentry/portsentry.ignore.tmp"
+MODES="tcp udp"
+
+case "$1" in
+    start)
+	echo "Start portsentry "
+		echo '#########################################' >> $TMPFILE
+		echo '# Do NOT edit below this line, if you   #' >> $TMPFILE
+		echo '# do, your changes will be lost when    #' >> $TMPFILE
+		echo '# portsentry is restarted via the       #' >> $TMPFILE
+		echo '# initscript.                           #' >> $TMPFILE
+		echo '#########################################' >> $TMPFILE
+		echo '' >> $TMPFILE
+		echo '# Exclude all local interfaces' >> $TMPFILE
+		for i in `/sbin/ifconfig -a | grep inet | awk '{print $2}' | sed 's/addr://'`
+		do
+			echo $i >> $TMPFILE
+		done
+		echo '' >> $TMPFILE
+		echo '# And last but not least...' >> $TMPFILE
+		echo '0.0.0.0' >> $TMPFILE
+		echo '' >> $TMPFILE
+		cp -f $TMPFILE $IGNORE_FILE
+		rm -f $TMPFILE
+		for i in $MODES
+		do
+			echo -n "Start portsentry ($i) "
+			$prog -$i
+			$RET=$?
+			rc_status -v
+		done
+		[ $RET -eq 0 ] && touch /var/lock/portsentry
+	;;
+    stop)
+    	echo -n "Stop portsentry "
+		killproc portsentry
+		$RET=$?
+		[ $RET -eq 0 ] && rm -f /var/lock/portsentry
+	rc_status -v
+	;;
+    status)
+	echo -n "Checking the status of portsentry "
+	echo "later ... ;)"
+	#{ test -e /proc/net/ip_tables_names && iptables -nL reject_func >/dev/null 2>&1; } || rc_failed 3
+	rc_status -v
+	;;
+    restart)
+	echo -n "Restart portsentry "
+	$0 stop && $0 start
+	rc_status -v
+	;;
+    *)
+	echo "Usage: $0 {start|stop|status|restart}"
+	exit 1
+	;;
+esac
+
+# Set exit status
+rc_exit

Places

File portsentry.diff of Package portsentry

Places