Add acid to our ports tree. (not out, sorry)

This is acid v0.9.4, Analysis Console for Intrusion Databases (ACID) with
Snort and MySQL. Before someone complain about it, I need to say portlint
doesn't like this port so much. That's because the naming rule of
DISTFILES(from the author) has a bad style.

ACID needs snort 1.6.3(maybe higher) and php3/mysql, we are waitng for
upgrading the development version of snort to make this port happy.

Submitted by: Yen-Ming Chen <yenming.chen@foundstone.com>

6 files changed, 106 insertions, 0 deletions

diff --git a/security/acid/Makefile b/security/acid/Makefile
new file mode 100644
index 000000000000..1224cc7074f5
--- /dev/null
+++ b/security/acid/Makefile
@@ -0,0 +1,38 @@
+# New ports collection makefile for:	acid
+# Date created:		Mon Sep 25 16:05:01 CST 2000
+# Whom:			Foxfair Hu <foxfair@FreeBSD.org>
+#
+# $FreeBSD$
+#
+
+PORTNAME=	acid
+PORTVERSION=	0.9.4
+CATEGORIES=	security
+MASTER_SITES=	http://www.cert.org/kb/acid/
+DISTFILES=	acid.0.9.4.tar.gz
+WRKSRC=		${WRKDIR}/${PORTNAME}
+
+MAINTAINER=	foxfair@FreeBSD.org
+
+RUN_DEPENDS=	${LOCALBASE}/sbin/httpd:${PORTSDIR}/www/apache13 \
+		${LOCALBASE}/libexec/apache/libphp3.so:${PORTSDIR}/www/mod_php3 \
+		${LOCALBASE}/libexec/mysqld:${PORTSDIR}/databases/mysql322-server \
+		${LOCALBASE}/bin/snort:${PORTSDIR}/security/snort
+
+post-configure:
+	${MKDIR} ${LOCALBASE}/share/doc/apache/acid
+	${CP} ${FILESDIR}/Makefile.acid ${WRKSRC}/Makefile
+
+post-install:
+	@${ECHO} "*****************************************************************************"
+	@${ECHO} "Please modify the file '${LOCALBASE}/share/doc/apache/acid/acid_conf.php',   "
+	@${ECHO} "and customize the following variables to fit your system:		       "
+	@${ECHO} "									       "
+	@${ECHO} "'alert_dbname'    : MySQL database name where the alerts are stored 	       "
+	@${ECHO} "'alert_host'      : host where the database is stored		       	       "
+	@${ECHO} "'alert_port'      : port where the database is stored		               "
+	@${ECHO} "'alert_user'      : username into the database			       "
+	@${ECHO} "'alert_password'  : password for the username				       "
+	@${ECHO} "*****************************************************************************"
+
+.include <bsd.port.mk>
diff --git a/security/acid/distinfo b/security/acid/distinfo
new file mode 100644
index 000000000000..4ec2549806e7
--- /dev/null
+++ b/security/acid/distinfo
@@ -0,0 +1 @@
+MD5 (acid.0.9.4.tar.gz) = e3f4aaefc7a1fc9a4042b5fab396ff07
diff --git a/security/acid/files/Makefile.acid b/security/acid/files/Makefile.acid
new file mode 100644
index 000000000000..b1ef1a723531
--- /dev/null
+++ b/security/acid/files/Makefile.acid
@@ -0,0 +1,32 @@
+# This is a dummy Makefile for FreeBSD ports system, not from the author.
+# We don't need to compile anything but just copy these files to finish
+# the installation.
+#
+# Foxfair. <foxfair@FreeBSD.org>
+ACIDDIR=/usr/local/share/doc/apache/acid
+INSTALL=install
+
+ACIDFILES=\
+	README \
+	acid_common.php \
+	acid_conf.php \
+	acid_footer.html \
+	acid_hdr1.html \
+        acid_hdr2.html \
+	acid_main.php \
+	acid_pkt_form.php \
+	acid_pkt_main.php \
+        acid_pkt_sqlcalls.php \
+	acid_stat_alerts.php \
+	acid_stat_common.php \
+        acid_stat_time.php \
+	acid_style.css \
+	index.html
+
+all: install
+
+install: ${ACIDFILES}
+	[ -d ${ACIDDIR} ] || mkdir ${ACIDDIR}
+	for i in ${ACIDFILES}; do \
+	    ${INSTALL} -c -m 444 $$i ${ACIDDIR} ; \
+	done
diff --git a/security/acid/pkg-comment b/security/acid/pkg-comment
new file mode 100644
index 000000000000..e3b041476353
--- /dev/null
+++ b/security/acid/pkg-comment
@@ -0,0 +1 @@
+Analysis Console for Intrusion Databases (ACID) with Snort and MySQL
diff --git a/security/acid/pkg-descr b/security/acid/pkg-descr
new file mode 100644
index 000000000000..1ad915b6fa48
--- /dev/null
+++ b/security/acid/pkg-descr
@@ -0,0 +1,18 @@
+ACID is a PHP-based analysis engine to search and process a database of 
+security incidents generated by the NDIS Snort.  The features currently
+include:
+
+ - Search interface for finding alerts matching practically any criteria.
+   This includes arrival time, signature time, source/dest address/port,
+   flags, payload, etc.  Furthermore, these queries can be made arbitrarily
+   complex to satsify almost any parameters.
+
+ - Statistics:
+     - % of traffic for each protocol
+     - Alerts: # of src/dst IP, last/first arrival time
+     - Graph # of arrived alert over a period of time
+     - last x-number of alerts by protocol
+
+ - All features are provided in real-time 
+
+WWW: http://www.cert.org/kb/acid/
diff --git a/security/acid/pkg-plist b/security/acid/pkg-plist
new file mode 100644
index 000000000000..3197d5f60353
--- /dev/null
+++ b/security/acid/pkg-plist
@@ -0,0 +1,16 @@
+share/doc/apache/acid/README
+share/doc/apache/acid/acid_common.php
+share/doc/apache/acid/acid_conf.php
+share/doc/apache/acid/acid_footer.html
+share/doc/apache/acid/acid_hdr1.html
+share/doc/apache/acid/acid_hdr2.html
+share/doc/apache/acid/acid_main.php
+share/doc/apache/acid/acid_pkt_form.php
+share/doc/apache/acid/acid_pkt_main.php
+share/doc/apache/acid/acid_pkt_sqlcalls.php
+share/doc/apache/acid/acid_stat_alerts.php
+share/doc/apache/acid/acid_stat_common.php
+share/doc/apache/acid/acid_stat_time.php
+share/doc/apache/acid/acid_style.css
+share/doc/apache/acid/index.html
+@dirrm share/doc/apache/acid