diff options
Diffstat (limited to 'net-analyzer/honeytrap/honeytrap-1.0.0.ebuild')
-rw-r--r-- | net-analyzer/honeytrap/honeytrap-1.0.0.ebuild | 135 |
1 files changed, 0 insertions, 135 deletions
diff --git a/net-analyzer/honeytrap/honeytrap-1.0.0.ebuild b/net-analyzer/honeytrap/honeytrap-1.0.0.ebuild deleted file mode 100644 index 124850cc4..000000000 --- a/net-analyzer/honeytrap/honeytrap-1.0.0.ebuild +++ /dev/null @@ -1,135 +0,0 @@ -# Copyright 1999-2008 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: $ - -inherit eutils autotools linux-info - -DESCRIPTION="Network security tool for observing network services via low-interactive honeypot" -HOMEPAGE="http://honeytrap.mwcollect.org/" -SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~x86" -IUSE="pcap-mon ipq-mon nfq-mon clamav postgres spamsum cspm efence debug profile" - -RDEPEND="pcap-mon? ( virtual/libpcap ) - ipq-mon? ( net-firewall/iptables ) - nfq-mon? ( net-firewall/iptables net-libs/libnetfilter_queue ) - !pcap-mon? ( !nfq-mon? ( !ipq-mon? ( net-firewall/iptables ) ) ) - clamav? ( app-antivirus/clamav ) - postgres? ( dev-db/postgresql ) - cspm? ( dev-libs/libpcre )" -DEPEND="${RDEPEND} - efence? ( dev-util/efence )" - -pkg_setup() { - enewgroup honeytrap - enewuser honeytrap -1 -1 -1 honeytrap - - if ! use pcap-mon && ! use ipq-mon && ! use nfq-mon ; then - ewarn "You did not choose any connection monitor." - ewarn "Currently pcap-based, ip_queue-based and nf_queue-based monitors are supported." - ewarn "Defaulting to ip_queue; if this is not what you want, you should add either" - ewarn "pcap-mon or nfq-mon to your USE flags and re-emerge this ebuild." - epause 3 - fi - - if use efence ; then - ewarn "You have enabled a link with Electric Fence malloc debugger." - ewarn "It is known that honeytrap will not work with efence and xen-sources." - epause 3 - fi - - if use cspm ; then - ewarn "You have enabled CSPM, shellcode pattern matching plugin." - ewarn "The CSPM plugin is still unstable and should not be used in production setups." - epause 3 - fi - - use ipq-mon && CONFIG_CHECK="IP_NF_QUEUE" - use nfq-mon && CONFIG_CHECK="NETFILTER_NETLINK_QUEUE" - linux-info_pkg_setup -} - -src_unpack() { - unpack ${A} - cd "${S}" - - # Automake files are a mess; a review of these is in the upstream todo-list. - # This patch could be nicer, but at least it prevents ugly things from happening with use_enable. - epatch "${FILESDIR}/${PN}-1.0.0-autoconf.patch" - - einfo "Regenerating autoconf/automake files." - eautoreconf -} - -src_compile() { - local myconf - - if use pcap-mon ; then - myconf="${myconf} --with-stream-mon=pcap" - elif use ipq-mon ; then - myconf="${myconf} --with-stream-mon=ipq --with-libipq-includes=/usr/include/libipq" - elif use nfq-mon ; then - myconf="${myconf} --with-stream-mon=nfq --with-libnfq-includes=/usr/include/libnetfilter_queue" - elif ! use pcap-mon && ! use ipq-mon && ! use nfq-mon ; then - myconf="${myconf} --with-stream-mon=ipq --with-libipq-includes=/usr/include/libipq" - fi - - # Note: enabling --devmodules replaces also CFLAGS; keep it this way. - if use cspm ; then - myconf="${myconf} --enable-devmodules" - fi - - econf \ - $(use_with clamav) \ - $(use_with postgres) \ - $(use_with spamsum) \ - $(use_with cspm) \ - $(use_with efence) \ - $(use_enable debug) \ - $(use_enable profile) \ - ${myconf} || die "econf failed" - - emake || die "emake failed" -} - -src_install() { - emake DESTDIR="${D}" install || die "emake install failed" - - # Unfortunately the dynamic shared plugins are installed into /etc/honeytrap/plugins by default. - # The easiest way is to just move them and put them into /usr/src/honeytrap_dynamicsrc (cf. Snort). - dodir /usr/src - mv "${D}"/etc/honeytrap/plugins "${D}"/usr/src/honeytrap_dynamicsrc || die - - # As the ebuild includes a modified version of this file, no need to copy this into the live system. - rm -f "${D}"/etc/honeytrap/honeytrap.conf* - - mv "${D}"/etc/honeytrap/ports.conf.dist "${D}"/etc/honeytrap/ports.conf - - # Note: NEWS is empty, so no need for it; man-file is installed without doman. - dodoc README TODO ChangeLog - - newinitd "${FILESDIR}"/${PN}.initd ${PN} - newconfd "${FILESDIR}"/${PN}.confd ${PN} - cp "${FILESDIR}"/honeytrap.conf "${D}"/etc/honeytrap/honeytrap.conf - - keepdir /var/log/honeytrap - keepdir /var/log/honeytrap/attacks - keepdir /var/log/honeytrap/downloads - - fowners -R honeytrap:honeytrap /var/log/honeytrap - fperms 0700 -R /var/log/honeytrap -} - -pkg_postinst() { - ewarn - ewarn "WARNING (from the README):" - ewarn "Honeytrap is a low-interactive honeypot and therefore detectable." - ewarn "It is written in C and thus potentially vulnerable to buffer" - ewarn "overflow attacks. Take care. Running in mirror mode is dangerous." - ewarn "Attacks may be directed to the attacker, appearing to come from" - ewarn "your system. Use with caution." - ewarn -} |