From: Dinko Korunic Date: Sun, 21 Oct 2007 16:02:05 +0000 (+0000) Subject: r1: [svn-inject] Installing original source of ossec-hids-cn X-Git-Tag: v2.5.1-1~6 X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=commitdiff_plain;h=ad6aedb9016c5ab9dbc0ac73830206dc71025930;p=ossec-hids-cn.git r1: [svn-inject] Installing original source of ossec-hids-cn --- ad6aedb9016c5ab9dbc0ac73830206dc71025930 diff --git a/README.CARNet b/README.CARNet new file mode 100644 index 0000000..0ae07bc --- /dev/null +++ b/README.CARNet @@ -0,0 +1,7 @@ +ossec-hids-cn +~~~~~~~~~~~~~ + +Ovaj paket donosi neka dodatna pravila i iznimke za CARNet pakete, odnosno +OSSEC detekciju problema vezanih uz CARNet pakete. + + -- Dinko Korunic Sun, 21 Oct 2007 17:32:00 +0200 diff --git a/changelog.CARNet b/changelog.CARNet new file mode 120000 index 0000000..194579e --- /dev/null +++ b/changelog.CARNet @@ -0,0 +1 @@ +changelog.Debian \ No newline at end of file diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..c730abc --- /dev/null +++ b/debian/changelog @@ -0,0 +1,5 @@ +ossec-hids-cn (1.3-1) stable; urgency=low + + * inicijalna verzija paketa + + -- Dinko Korunic Sun, 21 Oct 2007 17:50:14 +0200 diff --git a/debian/compat b/debian/compat new file mode 100644 index 0000000..b8626c4 --- /dev/null +++ b/debian/compat @@ -0,0 +1 @@ +4 diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..fb76baf --- /dev/null +++ b/debian/control @@ -0,0 +1,23 @@ +Source: ossec-hids-cn +Section: net +Priority: optional +Maintainer: Dinko Korunic +Build-Depends: debhelper (>= 4) +Standards-Version: 3.7.2 + +Package: ossec-hids-cn +Architecture: all +Depends: ossec-hids (>= 1.3-1), carnet-tools-cn (>= 2.1.8) +Description: OSSEC HIDS CARNetization + OSSEC is a scalable, multi-platform, open source Host-based Intrusion + Detection System (HIDS). It has a powerful correlation and analysis + engine, integrating log analysis, file integrity checking, Windows + registry monitoring, centralized policy enforcement, rootkit detection, + real-time alerting and active response. + . + It runs on most operating systems, including Linux, OpenBSD, FreeBSD, + MacOS, Solaris and Windows. + . + More information on OSSEC is available at: http://www.ossec.net/ . + . + This package brings CARNet-related configuration for OSSEC. diff --git a/debian/docs b/debian/docs new file mode 100644 index 0000000..ef5ce6c --- /dev/null +++ b/debian/docs @@ -0,0 +1,2 @@ +changelog.CARNet +README.CARNet diff --git a/debian/postinst b/debian/postinst new file mode 100755 index 0000000..eb8c4f2 --- /dev/null +++ b/debian/postinst @@ -0,0 +1,114 @@ +#!/bin/sh +# postinst script for bind9-cn +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `configure' +# * `abort-upgrade' +# * `abort-remove' `in-favour' +# +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see http://www.debian.org/doc/debian-policy/ or +# the debian-policy package +# + +case "$1" in + configure|reconfigure) + # continue below + ;; + + *) + exit 0 + ;; +esac + +# import CN-functions +. /usr/share/carnet-tools/functions.sh + +# get installation directory +. /etc/ossec-init.conf +if [ "X${DIRECTORY}" = "X" ]; then + DIRECTORY="/var/ossec" +fi + +# sanity check +if [ ! -d "$DIRECTORY/rules" ]; then + echo "CN: There is no "$DIRECTORY/rules" directory, exiting..." + echo "CN: Please reinstall ossec-hids package" + exit 1 +fi + +# find first available sid +local_rules="$DIRECTORY/rules/local_rules.xml" +script=' +BEGIN { + FS = "\"" +} +/^[ \t]*/ { + if (max < $2) + max = $2 +} +END { + print max +}; +' +sid=100000 +if [ -e "$local_rules" ]; then + sid=$(awk "$script" "$local_rules") +fi + +# update local rules with our policy +if [ -e "$local_rules" ]; then + cp "$local_rules" "$local_rules.$$" +else + touch "$local_rules.$$" +fi + +cp-update --comment '' \ + ossec-hids-cn "$local_rules.$$" < + + 1002 + rsync + Events ignored + + + + 1002 + ^sophie|^smartd + Events ignored + + + + + + 3303 + Events ignored + + + + 3356 + Ignore blacklisted mail... + + +EOF +cp_mv "$local_rules.$$" "$local_rules" + +# and restart the service +if [ -x /usr/sbin/invoke-rc.d ]; then + invoke-rc.d ossec-hids restart +else + /etc/init.d/ossec-hids restart +fi + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 diff --git a/debian/postrm b/debian/postrm new file mode 100755 index 0000000..536075c --- /dev/null +++ b/debian/postrm @@ -0,0 +1,58 @@ +#!/bin/sh +# postrm script for bind9-cn +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `remove' +# * `purge' +# * `upgrade' +# * `failed-upgrade' +# * `abort-install' +# * `abort-install' +# * `abort-upgrade' +# * `disappear' overwrit>r> +# for details, see http://www.debian.org/doc/debian-policy/ or +# the debian-policy package + +case "$1" in + purge) + # continue below + ;; + + *) + exit 0 + ;; +esac + +# import CN-functions +. /usr/share/carnet-tools/functions.sh + +# get installation directory +. /etc/ossec-init.conf +if [ "X${DIRECTORY}" = "X" ]; then + DIRECTORY="/var/ossec" +fi + +# remove our block +local_rules="$DIRECTORY/rules/local_rules.xml" +if [ -e "$local_rules" ]; then + cp-update --comment '' \ + -r ossec-hids-cn "$local_rules" +fi + +# and start the service +if [ -x /usr/sbin/invoke-rc.d ]; then + invoke-rc.d ossec-hids restart +else + /etc/init.d/ossec-hids restart +fi + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..ec73f03 --- /dev/null +++ b/debian/rules @@ -0,0 +1,73 @@ +#!/usr/bin/make -f +# Sample debian/rules that uses debhelper. +# This file is public domain software, originally written by Joey Hess. +# +# This version is for packages that are architecture independent. + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +build: build-stamp +build-stamp: + dh_testdir + + # Add here commands to compile the package. + #$(MAKE) + + touch build-stamp + +clean: + dh_testdir + dh_testroot + rm -f build-stamp + + # Add here commands to clean up after the build process. + #-$(MAKE) clean + #-$(MAKE) distclean + + dh_clean + +install: build + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs + + # Add here commands to install the package into debian/. + #$(MAKE) prefix=`pwd`/debian/`dh_listpackages`/usr install + +# Build architecture-independent files here. +binary-indep: build install + dh_testdir + dh_testroot + dh_installchangelogs + dh_installdocs +# dh_installexamples +# dh_installmenu +# dh_installdebconf +# dh_installlogrotate +# dh_installemacsen +# dh_installcatalogs +# dh_installpam +# dh_installmime +# dh_installinit +# dh_installcron +# dh_installinfo +# dh_undocumented + dh_installman + dh_link + dh_compress + dh_fixperms +# dh_perl +# dh_python + dh_installdeb + dh_gencontrol + dh_md5sums + dh_builddeb + +# Build architecture-dependent files here. +binary-arch: build install +# We have nothing to do by default. + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary install