Initial commit

5 files changed, 153 insertions, 0 deletions

diff --git a/.SRCINFO b/.SRCINFO
new file mode 100644
index 000000000000..3f12020150ba
--- /dev/null
+++ b/.SRCINFO
@@ -0,0 +1,27 @@
+pkgbase = psad
+	pkgdesc = A collection of three lightweight system daemons (two main daemons and one helper daemon) that run on Linux machines and analyze iptables log messages to detect port scans and other suspicious traffic
+	pkgver = 2.2.3
+	pkgrel = 1
+	url = http://cipherdyne.org/psad/
+	arch = i686
+	arch = x86_64
+	license = GPL
+	depends = perl-bit-vector
+	depends = perl-date-calc
+	depends = perl-iptables-chainmgr
+	depends = perl-iptables-parse
+	depends = perl-net-ipv4addr
+	depends = perl-storable
+	depends = perl-unix-syslog
+	depends = net-tools
+	source = http://cipherdyne.org/psad/download/psad-2.2.3.tar.gz
+	source = responses
+	source = psad-systemdinit.archlinux
+	source = psad.patch1
+	md5sums = 4a944618c270c45df98540727b358859
+	md5sums = 2425986f9eaa44d983128ebea6c8baf4
+	md5sums = 29324f5fb0ccf69b443710c7d4c075fd
+	md5sums = f97cabd3c91e5037faf9a843206ba608
+
+pkgname = psad
+
diff --git a/PKGBUILD b/PKGBUILD
new file mode 100644
index 000000000000..dfb91326558c
--- /dev/null
+++ b/PKGBUILD
@@ -0,0 +1,70 @@
+# Maintainer: Artur Wojcik <xartii at gmail dot com>
+pkgname=psad
+pkgver=2.2.3
+pkgrel=1
+pkgdesc="A collection of three lightweight system daemons (two main daemons and one helper daemon) that run on Linux machines and analyze iptables log messages to detect port scans and other suspicious traffic"
+arch=(i686 x86_64)
+url="http://cipherdyne.org/psad/"
+license=('GPL')
+depends=('perl-bit-vector' 'perl-date-calc' 'perl-iptables-chainmgr' 'perl-iptables-parse' 'perl-net-ipv4addr' 'perl-storable' 'perl-unix-syslog' 'net-tools')
+source=("http://cipherdyne.org/psad/download/$pkgname-$pkgver.tar.gz" "responses" "psad-systemdinit.archlinux" "psad.patch1")
+md5sums=('4a944618c270c45df98540727b358859'
+         '2425986f9eaa44d983128ebea6c8baf4'
+         '29324f5fb0ccf69b443710c7d4c075fd'
+         'f97cabd3c91e5037faf9a843206ba608')
+
+build() {
+  cd "$srcdir/$pkgname-$pkgver"
+  if [ ! -e responses ]; then 
+    ln $srcdir/responses responses -s; 
+  fi
+  patch -p1 -i $srcdir/psad.patch1
+
+  #Set the config dirs
+  sed -e "s|'/usr/sbin'|'$pkgdir/usr/sbin'|" \
+      -e "s|'/usr/bin'|'$pkgdir/usr/bin'|" \
+      -e "s|my \$mpath = \"/usr/share/man/man\$section\";|my \$mpath = \"$pkgdir/usr/share/man/man\$section\";|" \
+          ./install.pl -i
+  sed -e "s|/var/log/psad|$pkgdir&|" \
+      -e "s|/var/run/psad|$pkgdir&|" \
+      -e "s|/var/lib/psad|$pkgdir&|" \
+      -e "s|/usr/lib/psad|$pkgdir&|" \
+      -e "s|/etc/psad|$pkgdir&|" \
+      -e "s|/usr/bin/whois_psad|$pkgdir&|" \
+      -e "s|/usr/sbin/fwcheck_psad|$pkgdir&|" \
+      -e "s|/usr/sbin/psadwatchd|$pkgdir&|" \
+      -e "s|/usr/sbin/kmsgsd|$pkgdir&|" \
+      -e "s|/usr/sbin/psad|$pkgdir&|" \
+        ./psad.conf -i
+
+
+}
+package () {
+  cd "$srcdir/$pkgname-$pkgver"
+  #hope that things work
+  mkdir -p $pkgdir/etc/psad \
+           $pkgdir/etc/rc.d \
+           $pkgdir/usr/bin \
+           $pkgdir/usr/sbin \
+           $pkgdir/usr/share/man/man8 \
+           $pkgdir/var/lib/psad \
+           $pkgdir/var/log/psad \
+           $pkgdir/var/run/psad \
+           $pkgdir/usr/lib/psad \
+           $pkgdir/usr/lib/systemd/system
+ ./install.pl --init-dir "$pkgdir/etc/rc.d/" < responses
+ 
+ #Set correct permissions
+ chmod -R o+r $pkgdir/etc/psad
+ chmod -R o+r $pkgdir/usr/sbin/*
+ chmod 0700 $pkgdir/var/lib/psad
+
+ #add the systemd service file
+ cp $srcdir/psad-systemdinit.archlinux $pkgdir/usr/lib/systemd/system/psad.service
+
+ # Fix the config
+ sed -e "s|$pkgdir||" $pkgdir/etc/psad/psad.conf -i
+ sed -e "s|$pkgdir||" $pkgdir/var/log/psad/install.log -i
+}
+
+# vim:set ts=2 sw=2 et:
diff --git a/psad-systemdinit.archlinux b/psad-systemdinit.archlinux
new file mode 100644
index 000000000000..991aa74230da
--- /dev/null
+++ b/psad-systemdinit.archlinux
@@ -0,0 +1,12 @@
+[Unit]
+Description=Port scan attack detector
+After=iptables.service
+
+[Service]
+ExecStart=/usr/sbin/psad
+ExecStop=/usr/sbin/psad --Kill
+Type=oneshot
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target
diff --git a/psad.patch1 b/psad.patch1
new file mode 100644
index 000000000000..98ddd9a60a92
--- /dev/null
+++ b/psad.patch1
@@ -0,0 +1,37 @@
+--- psad-2.2/install.pl	2012-04-21 04:43:46.000000000 +0200
++++ psad-2.2/install.pl	2012-10-13 16:05:03.302818330 +0200
+@@ -752,6 +752,8 @@
+         $init_file = 'init-scripts/psad-init.fedora';
+     } elsif ($distro eq 'gentoo') {
+         $init_file = 'init-scripts/psad-init.gentoo';
++    } elsif ($distro eq 'archlinux') {
++        $init_file = 'init-scripts/psad-init.archlinux';
+     } else {
+         $init_file = 'init-scripts/psad-init.generic';
+     }
+@@ -773,13 +775,14 @@
+     if ($preserve_rv) {
+         &logr("\n[+] psad has been installed (with your original config merged).\n");
+     } else {
+-        &logr("\n[+] psad has been installed.\n");
++        &logr("\n[+] psad has been compiled.\n");
++        &logr("\n[+] use pacman -U to install.\n");
+     }
+     if ($installed_init_script) {
+         if ($init_dir) {
+-            &logr("\n[+] To start psad, run \"${init_dir}/psad start\"\n");
++            #&logr("\n[+] To start psad, run \"${init_dir}/psad start\"\n");
+         } else {
+-            &logr("\n[+] To start psad, run ${USRSBIN_DIR}/psad\"\n");
++            #&logr("\n[+] To start psad, run ${USRSBIN_DIR}/psad\"\n");
+         }
+     }
+ 
+@@ -1748,6 +1751,7 @@
+ 
+ sub get_distro() {
+     return 'gentoo' if -e '/etc/gentoo-release';
++    return 'archlinux' if -e '/etc/archlinux-release';
+     if (-e '/etc/issue') {
+         ### Red Hat Linux release 6.2 (Zoot)
+         open ISSUE, '< /etc/issue' or
diff --git a/responses b/responses
new file mode 100644
index 000000000000..715dfaf1a531
--- /dev/null
+++ b/responses
@@ -0,0 +1,7 @@
+n
+n
+y
+n
+n
+n
+