Add snortsnarf-010523 (version numbering changed from the vendor scheme of

MMDDYY to make it monotonic).  This is a utility for generating a set of
HTML reports/summaries based on snort alert files.

At the moment we only enable the HTML generation features.  There are other
features such as the ability to annotate incidents in the report which
are not currently enabled.

6 files changed, 94 insertions, 0 deletions

diff --git a/security/snortsnarf/Makefile b/security/snortsnarf/Makefile
new file mode 100644
index 000000000000..496eccec949f
--- /dev/null
+++ b/security/snortsnarf/Makefile
@@ -0,0 +1,43 @@
+# New ports collection makefile for:	snortsnarf
+# Date created:		29 July 2001
+# Whom:			Kris Kennaway <kris@FreeBSD.org>
+#
+# $FreeBSD$
+#
+
+PORTNAME=	snortsnarf
+PORTVERSION=	010523
+CATEGORIES=	security
+MASTER_SITES=	http://www.silicondefense.com/software/snortsnarf/
+DISTNAME=	SnortSnarf-052301.1
+
+MAINTAINER=	kris@FreeBSD.org
+
+RUN_DEPENDS=	${LOCALBASE}/lib/perl5/site_perl/${PERL_VER}/Time/JulianDay.pm:${PORTSDIR}/devel/p5-Time
+
+NO_BUILD=	yes
+
+do-install:
+	${SED} s,%LOCALBASE%,${LOCALBASE}, < ${WRKSRC}/snortsnarf.pl > ${WRKSRC}/snortsnarf
+	${INSTALL_SCRIPT} ${WRKSRC}/snortsnarf ${LOCALBASE}/bin/snortsnarf
+	${MKDIR} ${LOCALBASE}/libdata/snortsnarf
+	${MKDIR} ${LOCALBASE}/libdata/snortsnarf/SnortSnarf
+.for i in IPAddrContact.pm ann_xml.pl web_utils.pl xml_help.pl
+	${INSTALL_DATA} ${WRKSRC}/include/${i} ${LOCALBASE}/libdata/snortsnarf/
+.endfor
+.for i in AlertBase.pm HTMLOutput.pm MemTimeBase.pm MultiStore.pm \
+	MemPacket.pm HTMLMemStorage.pm Filtering.pm PacketBase.pm \
+	AllMods.pm BasicFilters.pm KnownEquiv.pm SnortFileInput.pm \
+	HTMLAnomMemStorage.pm Input.pm SorterBase.pm Sort.pm \
+	StorageBase.pm MemAlert.pm BasicSorters.pm Filter.pm \
+	SnortRules.pm MemStorage.pm
+	${INSTALL_DATA} ${WRKSRC}/include/SnortSnarf/${i} ${LOCALBASE}/libdata/snortsnarf/SnortSnarf/
+.endfor
+.if !defined(NOPORTDOCS)
+	${MKDIR} ${LOCALBASE}/share/doc/snortsnarf
+.for i in README Usage
+	${INSTALL_DATA} ${WRKSRC}/${i} ${LOCALBASE}/share/doc/snortsnarf
+.endfor
+.endif
+
+.include <bsd.port.mk>
diff --git a/security/snortsnarf/distinfo b/security/snortsnarf/distinfo
new file mode 100644
index 000000000000..163cbef86a74
--- /dev/null
+++ b/security/snortsnarf/distinfo
@@ -0,0 +1 @@
+MD5 (SnortSnarf-052301.1.tar.gz) = 4c5d229abcfaa740d40720376eb70d52
diff --git a/security/snortsnarf/files/patch-aa b/security/snortsnarf/files/patch-aa
new file mode 100644
index 000000000000..ef2e28a268ad
--- /dev/null
+++ b/security/snortsnarf/files/patch-aa
@@ -0,0 +1,11 @@
+--- snortsnarf.pl.orig	Sun Jul 29 16:53:40 2001
++++ snortsnarf.pl	Sun Jul 29 16:56:20 2001
+@@ -199,7 +199,7 @@
+ 
+ # Version control info: $Id: snortsnarf.pl,v 1.16 2000/06/14 18:40:45 jim Exp $
+ 
+-use lib qw(./include);
++use lib qw(%LOCALBASE%/libdata/snortsnarf/);
+ use Cwd;
+ 
+ # avoid needing to refer to SnortSnarf packages as SnortSnarf::*, even if
diff --git a/security/snortsnarf/pkg-comment b/security/snortsnarf/pkg-comment
new file mode 100644
index 000000000000..d7db98ad4fd2
--- /dev/null
+++ b/security/snortsnarf/pkg-comment
@@ -0,0 +1 @@
+Generate HTML report summaries from snort incident alerts
diff --git a/security/snortsnarf/pkg-descr b/security/snortsnarf/pkg-descr
new file mode 100644
index 000000000000..f1c02c6b4ff2
--- /dev/null
+++ b/security/snortsnarf/pkg-descr
@@ -0,0 +1,6 @@
+This program creates a set of HTML pages to allow you to quickly and
+conveniently navigate around output files of the Snort intrusion
+detection system (http://www.snort.org/).  The reports summarize the
+incidents logged in the snort alert file.
+
+WWW: http://www.silicondefense.com/software/snortsnarf/
diff --git a/security/snortsnarf/pkg-plist b/security/snortsnarf/pkg-plist
new file mode 100644
index 000000000000..76950fc563b1
--- /dev/null
+++ b/security/snortsnarf/pkg-plist
@@ -0,0 +1,32 @@
+bin/snortsnarf
+libdata/snortsnarf/IPAddrContact.pm
+libdata/snortsnarf/SnortSnarf/AlertBase.pm
+libdata/snortsnarf/SnortSnarf/AllMods.pm
+libdata/snortsnarf/SnortSnarf/BasicFilters.pm
+libdata/snortsnarf/SnortSnarf/BasicSorters.pm
+libdata/snortsnarf/SnortSnarf/Filter.pm
+libdata/snortsnarf/SnortSnarf/Filtering.pm
+libdata/snortsnarf/SnortSnarf/HTMLAnomMemStorage.pm
+libdata/snortsnarf/SnortSnarf/HTMLMemStorage.pm
+libdata/snortsnarf/SnortSnarf/HTMLOutput.pm
+libdata/snortsnarf/SnortSnarf/Input.pm
+libdata/snortsnarf/SnortSnarf/KnownEquiv.pm
+libdata/snortsnarf/SnortSnarf/MemAlert.pm
+libdata/snortsnarf/SnortSnarf/MemPacket.pm
+libdata/snortsnarf/SnortSnarf/MemStorage.pm
+libdata/snortsnarf/SnortSnarf/MemTimeBase.pm
+libdata/snortsnarf/SnortSnarf/MultiStore.pm
+libdata/snortsnarf/SnortSnarf/PacketBase.pm
+libdata/snortsnarf/SnortSnarf/SnortFileInput.pm
+libdata/snortsnarf/SnortSnarf/SnortRules.pm
+libdata/snortsnarf/SnortSnarf/Sort.pm
+libdata/snortsnarf/SnortSnarf/SorterBase.pm
+libdata/snortsnarf/SnortSnarf/StorageBase.pm
+libdata/snortsnarf/ann_xml.pl
+libdata/snortsnarf/web_utils.pl
+libdata/snortsnarf/xml_help.pl
+%%PORTDOCS%%share/doc/snortsnarf/README
+%%PORTDOCS%%share/doc/snortsnarf/Usage
+%%PORTDOCS%%@dirrm share/doc/snortsnarf
+@dirrm libdata/snortsnarf/SnortSnarf
+@dirrm libdata/snortsnarf