Permalink
Browse files

merged from master

  • Loading branch information...
mrash committed Apr 20, 2012
2 parents 7fcf947 + e6cbaed commit d55ffd262c8776c18cd809daa612a0b370aa3d34
Showing with 894 additions and 19,295 deletions.
  1. +853 −18,371 ChangeLog
  2. +0 −907 ChangeLog.old
  3. +1 −1 VERSION
  4. +17 −10 install.pl
  5. +1 −1 nf2csv
  6. +1 −0 packaging/{psad-nobuildreqs.spec → psad-require-makemaker.spec}
  7. +0 −1 packaging/psad.spec
  8. +21 −4 psad
View
19,224 ChangeLog

Large diffs are not rendered by default.

Oops, something went wrong.
View

Large diffs are not rendered by default.

Oops, something went wrong.
View
@@ -1 +1 @@
-2.2
+2.2-pre2
View
@@ -223,7 +223,10 @@
copy $psad_conf_file, "${psad_conf_file}.orig" or die "[*] Could not ",
"copy $psad_conf_file -> $psad_conf_file.orig";
-$install_root = getcwd() . '/test/psad-install' if $install_test_dir;
+if ($install_test_dir) {
+ $install_root = getcwd() . '/test/psad-install';
+ $init_dir = $install_root . '/etc/init.d';
+}
### import paths from default psad.conf
&import_config();
@@ -273,7 +276,7 @@
$init_dir = '/etc/rc.d';
} else {
die "[*] Cannot find the init script directory, use ",
- "--init-dir <path>";
+ "--init-dir <path>" unless $install_test_dir;
}
}
}
@@ -614,7 +617,7 @@ ()
### get email address(es)
my $email_str = &query_email();
if ($email_str) {
- &put_string('EMAIL_ADDRESSES', $email_str,
+ &put_var('EMAIL_ADDRESSES', $email_str,
"$config{'PSAD_CONF_DIR'}/psad.conf");
}
@@ -657,7 +660,7 @@ ()
### see if the admin would like to have psad send info to
### DShield
if (&query_dshield()) {
- &put_string('ENABLE_DSHIELD_ALERTS', 'Y',
+ &put_var('ENABLE_DSHIELD_ALERTS', 'Y',
"$config{'PSAD_CONF_DIR'}/psad.conf");
}
@@ -668,7 +671,7 @@ ()
}
if ($install_syslog_fifo) {
- &put_string('SYSLOG_DAEMON', $syslog_str,
+ &put_var('SYSLOG_DAEMON', $syslog_str,
"$config{'PSAD_CONF_DIR'}/psad.conf");
if ($syslog_str ne 'ulogd') {
@@ -841,13 +844,17 @@ ()
$USRSBIN_DIR = $config{'INSTALL_ROOT'} . $USRSBIN_DIR;
$USRBIN_DIR = $config{'INSTALL_ROOT'} . $USRBIN_DIR;
- &put_string('INSTALL_ROOT', $install_root, $psad_conf_file);
+ &put_var('INSTALL_ROOT', $install_root, $psad_conf_file);
}
for my $dir ($install_root, $USRSBIN_DIR, $USRBIN_DIR) {
&full_mkdir($dir, 0755) unless -d $dir;
}
+ if ($install_test_dir) {
+ &full_mkdir($init_dir, 0755) unless -d $init_dir;
+ }
+
### resolve internal vars within variable values
&expand_vars();
@@ -1142,7 +1149,7 @@ ()
# }
### if we make it here, then the admin wants to completely enumerate the
### HOME_NET var, so we have to disable ENABLE_INTF_LOCAL_NETS
-# &put_string('ENABLE_INTF_LOCAL_NETS', 'N',
+# &put_var('ENABLE_INTF_LOCAL_NETS', 'N',
# "$config{'PSAD_CONF_DIR'}/psad.conf");
### get all interfaces; even those that are down since they may
@@ -1221,7 +1228,7 @@ ()
}
}
$home_net_str =~ s/\,\s*$//;
- &put_string('HOME_NET', $home_net_str, $file);
+ &put_var('HOME_NET', $home_net_str, $file);
return;
}
@@ -1848,7 +1855,7 @@ ()
### we are only searching for specific iptables log prefixes
- &put_string('FW_SEARCH_ALL', 'N',
+ &put_var('FW_SEARCH_ALL', 'N',
"$config{'PSAD_CONF_DIR'}/psad.conf");
my $str =
@@ -1994,7 +2001,7 @@ ()
return $ans;
}
-sub put_string() {
+sub put_var() {
my ($var, $value, $file) = @_;
open RF, "< $file" or die "[*] Could not open $file: $!";
View
2 nf2csv
@@ -36,7 +36,7 @@
use Getopt::Long 'GetOptions';
use strict;
-my $version = '2.2';
+my $version = '2.2-pre2';
### regex to match an ip address
my $ip_re = qr|(?:[0-2]?\d{1,2}\.){3}[0-2]?\d{1,2}|;
@@ -20,6 +20,7 @@ URL: http://www.cipherdyne.org/psad/
Source: %name-%version.tar.gz
BuildRoot: %_tmppath/%{name}-buildroot
Requires: iptables
+BuildRequires: perl-ExtUtils-MakeMaker
#Prereq: rpm-helper
%description
View
@@ -20,7 +20,6 @@ URL: http://www.cipherdyne.org/psad/
Source: %name-%version.tar.gz
BuildRoot: %_tmppath/%{name}-buildroot
Requires: iptables
-BuildRequires: perl-ExtUtils-MakeMaker
#Prereq: rpm-helper
%description
View
25 psad
@@ -20,7 +20,7 @@
#
# Credits: (see the CREDITS file bundled with the psad sources.)
#
-# Version: 2.2
+# Version: 2.2-pre2
#
# Copyright (C) 1999-2012 Michael Rash (mbr@cipherdyne.org)
#
@@ -143,8 +143,8 @@ use strict;
### ========================== main =================================
-### set the current psad version and file revision numbers
-my $version = '2.2';
+### set the current version
+my $version = '2.2-pre2';
### default config file for psad (can be changed with
### --config switch)
@@ -3326,6 +3326,7 @@ sub import_perl_modules() {
require NetAddr::IP;
require Date::Calc;
require Unix::Syslog;
+ require Cwd;
require Storable if $store_file;
Date::Calc->import(qw(Timezone This_Year Decode_Month
@@ -9108,6 +9109,8 @@ sub import_ip_dirs() {
closedir D;
my $import_ctr = 0;
+
+ my $curr_pwd = getcwd();
chdir $config{'PSAD_DIR'} or die $!;
SRCIP: for my $src (@files) {
@@ -9273,6 +9276,8 @@ sub import_ip_dirs() {
}
$import_ctr++;
}
+ chdir $curr_pwd or die $!;
+
return;
}
@@ -9540,12 +9545,14 @@ sub remove_old_scans() {
my @files = readdir D;
closedir D;
+ my $curr_pwd = getcwd();
chdir $config{'PSAD_DIR'} or die $!;
SRCIP: for my $src (@files) {
next SRCIP unless ($src =~ /$ipv4_re/ and -d $src);
rmtree $src or die
"[*] Could not remove $config{'PSAD_DIR'}/$src: $!";
}
+ chdir $curr_pwd or die $!;
return;
}
@@ -9635,6 +9642,8 @@ sub warn_handler() {
}
sub archive_data() {
+
+ my $curr_pwd = getcwd();
chdir $config{'PSAD_DIR'} or die "[*] Could not chdir ",
"$config{'PSAD_DIR'}: $!";
unless (-d $config{'SCAN_DATA_ARCHIVE_DIR'}) {
@@ -9684,6 +9693,7 @@ sub archive_data() {
&truncate_file($fwarchive) unless $config{'ENABLE_SYSLOG_FILE'} eq 'Y';
}
unless (-e $fwdata) {
+ chdir $curr_pwd or die $!;
return;
}
open FW, "< $fwdata" or die "$fwdata exists but couldn't open it: $!";
@@ -9692,6 +9702,8 @@ sub archive_data() {
open AR, ">> $fwarchive" or die "Could not open $fwarchive: $!";
print AR $_ for @fwlines;
close AR;
+
+ chdir $curr_pwd or die $!;
return;
}
@@ -10057,6 +10069,8 @@ sub truncate_file() {
}
sub disk_space_exceeded() {
+
+ my $curr_pwd = getcwd();
my @df_data = @{&run_command($cmds{'df'}, $config{'PSAD_DIR'})};
my ($prcnt) = ($df_data[$#df_data] =~ /(\d+)%/);
my $rv = 0;
@@ -10126,6 +10140,7 @@ sub disk_space_exceeded() {
### the disk check interval was exceeded but the utilization is ok.
$rm_data_ctr = 0;
}
+ chdir $curr_pwd or die $!;
return $rv;
}
@@ -10392,6 +10407,7 @@ sub download_signatures() {
### for wget
&check_commands({'sendmail'=>'', 'mail'=>''});
+ my $curr_pwd = getcwd();
chdir '/tmp' or die $!;
print "[+] Downloading latest signatures from:\n",
@@ -10412,6 +10428,8 @@ sub download_signatures() {
" place. You can restart psad (or use 'psad -H') to import the\n",
" new sigs.\n";
+ chdir $curr_pwd or die $!;
+
return 0;
}
@@ -10446,7 +10464,6 @@ sub date_time() {
sub archive_conf() {
my $file = shift;
- require Cwd;
my $curr_pwd = getcwd();
chdir $config{'CONF_ARCHIVE_DIR'} or die $!;
my ($filename) = ($file =~ m|.*/(.*)|);

0 comments on commit d55ffd2

Please sign in to comment.