kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

- update to v0.7.4

Browse source
This commit is contained in:
Olli Hauer 2020-09-27 10:50:22 +00:00
parent e779ccecac
commit c36356645f
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=550264
8 changed files with 16 additions and 462 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
security/pulledpork/Makefile
View file

@ -2,9 +2,9 @@
# $FreeBSD$
PORTNAME= pulledpork
PORTVERSION= 0.7.3
PORTVERSION= 0.7.4
DISTVERSIONPREFIX= v
PORTREVISION= 1
PORTREVISION= 0
CATEGORIES= security
MASTER_SITES= GHL
@ -55,7 +55,9 @@ do-install:
do-install-DOCS-on:
@${MKDIR} ${STAGEDIR}${DOCSDIR}
${INSTALL_DATA} ${WRKSRC}/README.md ${STAGEDIR}${DOCSDIR}/README
${INSTALL_DATA} ${WRKSRC}/CONTRIBUTING.md ${STAGEDIR}${DOCSDIR}
${INSTALL_DATA} ${WRKSRC}/README.md ${STAGEDIR}${DOCSDIR}
${INSTALL_DATA} ${WRKSRC}/SECURITY.md ${STAGEDIR}${DOCSDIR}
${INSTALL_DATA} ${WRKSRC}/doc/README.CATEGORIES ${STAGEDIR}${DOCSDIR}
${INSTALL_DATA} ${WRKSRC}/doc/README.CHANGES ${STAGEDIR}${DOCSDIR}
${INSTALL_DATA} ${WRKSRC}/doc/README.RULESET ${STAGEDIR}${DOCSDIR}

6
security/pulledpork/distinfo
View file

@ -1,3 +1,3 @@
TIMESTAMP = 1512908815
SHA256 (shirkdog-pulledpork-v0.7.3_GH0.tar.gz) = 48c66dc9abb7545186d4fba497263c1d1b247c0ea7f0953db4d515e7898461a2
SIZE (shirkdog-pulledpork-v0.7.3_GH0.tar.gz) = 43167
TIMESTAMP = 1600924961
SHA256 (shirkdog-pulledpork-v0.7.4_GH0.tar.gz) = f0149eb6f723b622024295e0ee00e1acade93fae464b9fdc323fdf15e99c388c
SIZE (shirkdog-pulledpork-v0.7.4_GH0.tar.gz) = 44122

253
security/pulledpork/files/patch-README.md
View file

@ -1,253 +0,0 @@
--- README.md.orig 2017-12-07 15:13:06 UTC
+++ README.md
@@ -1,13 +1,12 @@
-pulledpork
+PulledPork
==========
PulledPork for Snort and Suricata rule management (from Google code)
Find us on Freenode (IRC) [`#ppork`](https://webchat.freenode.net/?channels=ppork)
-Copyright (C) 2009-2017 JJ Cummings, Michael Shirk and the PulledPork Team!
+Copyright (C) 2009-2019 JJ Cummings, Michael Shirk and the PulledPork Team!
-
Thank you for choosing to use PulledPork! This file provides some basic
guidance on the usage of PulledPork. Please be sure to read this file
thoroughly so that you don't overlook something!
@@ -35,98 +34,75 @@ thoroughly so that you don't overlook something!
## Command Usage Reference
- Usage: ./pulledpork.pl [-dEgHklnRTPVvv? -help] -c <config filename> -o <rule output path>
- -O <oinkcode> -s <so_rule output directory> -D <Distro> -S <SnortVer>
- -p <path to your snort binary> -C <path to your snort.conf> -t <sostub output path>
- -h <changelog path> -H <signal_name> -I (security|connectivity|balanced) -i <path to disablesid.conf>
- -b <path to dropsid.conf> -e <path to enablesid.conf> -M <path to modifysid.conf>
- -r <path to docs folder> -K <directory for separate rules files>
+```
+Usage: pulledpork.pl [-dEgHklnRTPVvv? -help] -c <config filename> -o <rule output path>
+ -O <oinkcode> -s <so_rule output directory> -D <Distro> -S <SnortVer>
+ -p <path to your snort binary> -C <path to your snort.conf> -t <sostub output path>
+ -h <changelog path> -H <signal_name> -I (security|connectivity|balanced) -i <path to disablesid.conf>
+ -b <path to dropsid.conf> -e <path to enablesid.conf> -M <path to modifysid.conf>
+ -r <path to docs folder> -K <directory for separate rules files>
- Options:
-
- -help/? Print this help info.
-
- -b Where the dropsid config file lives.
-
- -C Path to your snort.conf
-
- -c Where the pulledpork config file lives.
-
- -d Do not verify signature of rules tarball, i.e. downloading fron non VRT or ET locations.
-
- -D What Distro are you running on, for the so_rules
- Valid Distro Types:
- Debian-6-0, Ubuntu-10-4, Ubuntu-12-04, Centos-5-4
- FC-12, FC-14, RHEL-5-5, RHEL-6-0
- FreeBSD-8-1, FreeBSD-9-0, FreeBSD-10-0, OpenBSD-5-2, OpenBSD-5-3
- OpenSUSE-11-4, OpenSUSE-12-1, Slackware-13-1
-
- -e Where the enablesid config file lives.
-
- -E Write ONLY the enabled rules to the output files.
-
- -g grabonly (download tarball rule file(s) and do NOT process)
-
- -h path to the sid_changelog if you want to keep one?
-
- -H Send signal_name to the pids listed in the config file (SIGHUP or SIGUSR2)
-
- -I Specify a base ruleset( -I security,connectivity,or balanced, see README.RULESET)
-
- -i Where the disablesid config file lives.
-
- -k Keep the rules in separate files (using same file names as found when reading)
-
- -K Where (what directory) do you want me to put the separate rules files?
-
- -l Log Important Info to Syslog (Errors, Successful run etc, all items logged as WARN or higher)
-
- -L Where do you want me to read your local.rules for inclusion in sid-msg.map
-
- -m where do you want me to put the sid-msg.map file?
-
- -M where the modifysid config file lives.
-
- -n Do everything other than download of new files (disablesid, etc)
-
- -o Where do you want me to put generic rules file?
-
- -p Path to your Snort binary
-
- -P Process rules even if no new rules were downloaded
-
- -R When processing enablesid, return the rules to their ORIGINAL state
-
- -r Where do you want me to put the reference docs (xxxx.txt)
-
- -S What version of snort are you using
-
- -s Where do you want me to put the so_rules?
-
- -T Process text based rules files only, i.e. DO NOT process so_rules
-
- -u Where do you want me to pull the rules tarball from
+ Options:
+ -help/? Print this help info.
+ -b Where the dropsid config file lives.
+ -C Path to your snort.conf
+ -c Where the pulledpork config file lives.
+ -d Do not verify signature of rules tarball, i.e. downloading fron non VRT or ET locations.
+ -D What Distro are you running on, for the so_rules
+ For latest supported options see http://www.snort.org/snort-rules/shared-object-rules
+ Valid Distro Types:
+ Centos-5-4, Centos-6, Centos-7
+ Debian-7, Debian-8, Debian-9
+ FC-25, FC-26, FC-27, FC-30
+ FreeBSD-8-1, FreeBSD-9-0, FreeBSD-10-0, FreeBSD-11, FreeBSD-12
+ OpenBSD-5-2, OpenBSD-5-3, OpenBSD-6-2, OpenSUSE-15-0, OpenSUSE-42-3
+ RHEL-5-5, RHEL-6, RHEL-6-0, RHEL-7
+ Slackware-13-1, Slackware-14-2
+ Ubuntu-14-4, Ubuntu-16-4, Ubuntu-17-10, Ubuntu-18-4
+ -e Where the enablesid config file lives.
+ -E Write ONLY the enabled rules to the output files.
+ -g grabonly (download tarball rule file(s) and do NOT process)
+ -h path to the sid_changelog if you want to keep one?
+ -H Send signal_name to the pids listed in the config file (SIGHUP or SIGUSR2)
+ -I Specify a base ruleset( -I security,connectivity,or balanced, see README.RULESET)
+ -i Where the disablesid config file lives.
+ -k Keep the rules in separate files (using same file names as found when reading)
+ -K Where (what directory) do you want me to put the separate rules files?
+ -l Log Important Info to Syslog (Errors, Successful run etc, all items logged as WARN or higher)
+ -L Where do you want me to read your local.rules for inclusion in sid-msg.map
+ -m where do you want me to put the sid-msg.map file?
+ -M where the modifysid config file lives.
+ -n Do everything other than download of new files (disablesid, etc)
+ -o Where do you want me to put generic rules file?
+ -O Define the oinkcode on the command line (necessary for some users)
+ -p Path to your Snort binary
+ -P Process rules even if no new rules were downloaded
+ -R When processing enablesid, return the rules to their ORIGINAL state
+ -r Where do you want me to put the reference docs (xxxx.txt)
+ -S What version of snort are you using (2.8.6 or 2.9.0) are valid values
+ -s Where do you want me to put the so_rules?
+ -T Process text based rules files only, i.e. DO NOT process so_rules
+ -u Where do you want me to pull the rules tarball from
** E.g., ET, Snort.org. See pulledpork config rule_url option for value ideas
+ -V Print Version and exit
+ -v Verbose mode, you know.. for troubleshooting and such nonsense.
+ -vv EXTRA Verbose mode, you know.. for in-depth troubleshooting and other such nonsense.
+ -w Skip the SSL verification (if there are issues pulling down rule files)
+ -W Where you want to work around the issue where some implementations of LWP do not work with pulledpork's proxy configuration.
+ ```
- -V Print Version and exit
- -v Verbose mode, you know.. for troubleshooting and such nonsense.
-
- -vv EXTRA Verbose mode, you know.. for in-depth troubleshooting and other such nonsense.
-
- -w Skip the SSL verification (if there are issues pulling down rule files)
-
- -W Where you want to work around the issue where some implementations of LWP do not work with pulledpork's proxy configuration.
-
-
## Basic Usage Examples
A simple example of how to use PulledPork would be to specify all of your configuration directives inside of the
`PulledPork.conf` file. Specifically for minimal function, i.e. NO Shared Object rule processing you must define
at a minimum the `rule_file`, `oinkcode`, `temp_path`, `tar_path`, and `rule_path` values. Below are some examples of this.
- ./pulledpork.pl -o /usr/local/etc/snort/rules/ -O 12345667778523452344234234 \
- -u http://www.snort.org/reg-rules/snortrules-snapshot-2973.tar.gz -i disablesid.conf -T -H
+```bash
+./pulledpork.pl -o /usr/local/etc/snort/rules/ -O 12345667778523452344234234 \
+ -u http://www.snort.org/reg-rules/snortrules-snapshot-2973.tar.gz \
+ -i disablesid.conf -T -H
+```
The above will fetch the `snortrules-snapshot-2973.tar.gz` tarball from snort.org using the specified `oinkcode` of
`12345667778523452344234234` and put the rules files from that tarball into the output path of
@@ -134,11 +110,16 @@ The above will fetch the `snortrules-snapshot-2973.tar
`disablesid.conf` lives, and the `-T` option tells pulledpork to not process for any shared object rules and the final
`-H` option tells pulledpork to send a `Hangup` signal to the snort pid that you defined in the `pulledpork.conf`.
- ./pulledpork.pl -c pulledpork.conf -i disablesid.conf -T -H
+```bash
+./pulledpork.pl -c pulledpork.conf -i disablesid.conf -T -H
+```
Similar to the first example but all options specified in the `pulledpork.conf` file (other than `disablesid` and `-H`)...
- ./pulledpork.pl -c pulledpork.conf -i disablesid.conf -m /usr/local/etc/snort/sid-msg.map -Hn
+```bash
+./pulledpork.pl -c pulledpork.conf -i disablesid.conf \
+ -m /usr/local/etc/snort/sid-msg.map -Hn
+```
The above will simply read the disablesid and disable as defined, then send a `Hangup` signal after generating the `sid-msg.map`
at the specified location without downloading anything.
@@ -147,25 +128,35 @@ Highly useful when tuning / making changes etc..
Next example, snort inline with rules that we want to drop and disable, then `HUP` our daemons after creating a `sid-msg.map`
and writing change info to `sid_changes.log`!
- ./pulledpork.pl -c pulledpork.conf -i disablesid.conf -b dropsid.conf -m /usr/local/etc/snort/sid-msg.map \
- -h /var/log/sid_changes.log -H
+```bash
+./pulledpork.pl -c pulledpork.conf -i disablesid.conf -b dropsid.conf \
+ -m /usr/local/etc/snort/sid-msg.map -h /var/log/sid_changes.log -H
+```
Next example, same as the previous but specifying that we want to run the default "security" based ruleset
and that we want to enable rules specified in `enablesid.conf`.
- ./pulledpork.pl -c pulledpork.conf -i disablesid.conf -b dropsid.conf -e enablesid.conf -m /usr/local/etc/snort/sid-msg.map \
- -h /var/log/sid_changes.log -I security -H
+```bash
+./pulledpork.pl -c pulledpork.conf -i disablesid.conf -b dropsid.conf \
+ -e enablesid.conf -m /usr/local/etc/snort/sid-msg.map \
+ -h /var/log/sid_changes.log -I security -H
+```
Next example, same as the previous but specifying that we want to `-K` (Keep) the originationg tarball names.
and write them to `/usr/local/etc/snort/rules/`
- ./pulledpork.pl -c pulledpork.conf -i disablesid.conf -b dropsid.conf -e enablesid.conf -m /usr/local/etc/snort/sid-msg.map \
- -h /var/log/sid_changes.log -I security -H -K /usr/local/etc/snort/rules/
+```bash
+./pulledpork.pl -c pulledpork.conf -i disablesid.conf -b dropsid.conf \
+ -e enablesid.conf -m /usr/local/etc/snort/sid-msg.map \
+ -h /var/log/sid_changes.log -I security -H -K /usr/local/etc/snort/rules/
+```
For users of Suricata, the same steps are necessary for where your installation files reside, but all that pulledpork needs to process
rule files is the `-S` flag being set to `suricata-3.1.3` or whatever version of suricata you are using
- ./pulledpork.pl -c pulledpork.conf -S suricata-3.1.3
+```bash
+./pulledpork.pl -c pulledpork.conf -S suricata-3.1.3
+```
Pulledpork "should" work with Suricata and ET/ETPro rules. However there is no support for Talos rules to run on Suricata.
@@ -173,11 +164,9 @@ Pulledpork "should" work with Suricata and ET/ETPro ru
Please note that pulledpork runs rule modification (enable, drop, disable, modify) in that order by default..
-1: enable
-
-2: drop
-
-3: disable
+1. enable
+2. drop
+3. disable
This means that disable rules will always take precedence.. thusly if you specify the same `gid:sid`
in enable and disable configuration files, then that sid will be disabled.. keep this in mind

23
security/pulledpork/files/patch-etc_modifysid.conf
View file

@ -1,23 +0,0 @@
--- etc/modifysid.conf.orig 2017-12-07 15:13:06 UTC
+++ etc/modifysid.conf
@@ -2,6 +2,9 @@
#
# Change history:
# -----------------------------------------------
+# v1.2 2/28/2018 Scott Savarese
+# - Insert comments around using regex to match rules
+#
# v1.1 2/18/2011 Alan Ptak
# - Inserted comments around example elements that would otherwise modify rules
#
@@ -38,3 +41,10 @@
# that it is a SNORTSAM block rule!
# 17803 "\(msg:"" "\(msg:"SNORTSAM ";
# 17803 "^\s*alert" "BLOCK";
+
+# A new regex formatting syntax is available:
+# regex:'PUT_REGEX_HERE' "what I'm replacing" "what I'm replacing it with"
+# This would allow users to manipulate groups of rules. This works the same
+# way as the signature based rules, but instead of matching a hardcoded set of
+# SID, it will go through all rules in GID:1 matching the regex against the
+# rule. Be sure to escape things like ( and '

34
security/pulledpork/files/patch-etc_pulledpork.conf
View file

@ -1,34 +0,0 @@
--- etc/pulledpork.conf.orig 2017-12-07 15:13:06 UTC
+++ etc/pulledpork.conf
@@ -123,14 +123,17 @@ config_path=/usr/local/etc/snort/snort.conf
# Define your distro, this is for the precompiled shared object libs!
# Valid Distro Types:
-# Debian-6-0, Ubuntu-10-4
-# Ubuntu-12-04, Centos-5-4
-# FC-12, FC-14, RHEL-5-5, RHEL-6-0
-# FreeBSD-8-1, FreeBSD-9-0, FreeBSD-10-0
-# OpenBSD-5-2, OpenBSD-5-3
-# OpenSUSE-11-4, OpenSUSE-12-1
-# Slackware-13-1
-distro=FreeBSD-8-1
+# Alpine-3-10
+# Centos-6 Centos-7 Centos-8
+# Debian-8 Debian-9 Debian-10
+# FC-27 FC-30 FC-31
+# FreeBSD-11 FreeBSD-12
+# OpenBSD-6-2 OpenBSD-6-4 OpenBSD-6-5
+# OpenSUSE-15-0 OpenSUSE-15-1 OpenSUSE-42-3
+# RHEL-6 RHEL-7 RHEL-8
+# Slackware-14-2
+# Ubuntu-14-4 Ubuntu-16-4 Ubuntu-17-10 Ubuntu-18-4 Ubuntu-19-10
+distro=FreeBSD-12
####### This next section is optional, but probably pretty useful to you.
####### Please read thoroughly!
@@ -211,4 +214,4 @@ snort_control=/usr/local/bin/snort_control
####### need to process so_rules, simply comment out the so_rule section
####### you can also specify -T at runtime to process only GID 1 rules.
-version=0.7.3
+version=0.7.4

144
security/pulledpork/files/patch-pulledpork.pl
View file

@ -1,34 +1,6 @@
--- pulledpork.pl.orig 2020-07-02 11:46:17 UTC
--- pulledpork.pl.orig 2020-09-01 15:08:32 UTC
+++ pulledpork.pl
@@ -2,7 +2,7 @@
## pulledpork v(whatever it says below!)
-# Copyright (C) 2009-2017 JJ Cummings, Michael Shirk and the PulledPork Team!
+# Copyright (C) 2009-2019 JJ Cummings, Michael Shirk and the PulledPork Team!
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@@ -24,6 +24,7 @@ use File::Copy;
use LWP::UserAgent;
use HTTP::Request::Common;
use HTTP::Status qw (is_success);
+
#use Crypt::SSLeay;
use Sys::Syslog;
use Digest::MD5;
@@ -41,8 +42,8 @@ use Data::Dumper;
# we are gonna need these!
my ($oinkcode, $temp_path, $rule_file, $Syslogging);
-my $VERSION = "PulledPork v0.7.3";
-my $HUMOR = "Making signature updates great again!";
+my $VERSION = "PulledPork v0.7.4";
+my $HUMOR = "Helping you protect your bitcoin wallet!";
my $ua = LWP::UserAgent->new;
#Read in proxy settings from the environment
@@ -90,9 +91,24 @@ if ($oSystem =~ /freebsd/i) {
@@ -91,9 +91,24 @@ if ($oSystem =~ /freebsd/i) {
exit(1);
}
}
@ -54,115 +26,3 @@
syslogit('err|local0',
"FATAL: cert file does not exist. Ensure that the ca_root_nss port/pkg is installed, or use -w to skip SSL verification\n"
) if $Syslogging;
@@ -201,10 +217,16 @@ sub Help {
-D What Distro are you running on, for the so_rules
For latest supported options see http://www.snort.org/snort-rules/shared-object-rules
Valid Distro Types:
- Debian-6-0, Ubuntu-10-4, Ubuntu-12-04, Centos-5-4
- FC-12, FC-14, RHEL-5-5, RHEL-6-0
- FreeBSD-8-1, FreeBSD-9-0, FreeBSD-10-0, OpenBSD-5-2, OpenBSD-5-3
- OpenSUSE-11-4, OpenSUSE-12-1, Slackware-13-1
+ Alpine-3-10
+ Centos-6 Centos-7 Centos-8 Debian-8 Debian-9
+ Debian-10
+ FC-27 FC-30 FC-31
+ FreeBSD-11 FreeBSD-12
+ OpenBSD-6-2 OpenBSD-6-4 OpenBSD-6-5
+ OpenSUSE-15-0 OpenSUSE-15-1 OpenSUSE-42-3
+ RHEL-6 RHEL-7 RHEL-8
+ Slackware-14-2
+ Ubuntu-14-4 Ubuntu-16-4 Ubuntu-17-10 Ubuntu-18-4 Ubuntu-19-10
-e Where the enablesid config file lives.
-E Write ONLY the enabled rules to the output files.
-g grabonly (download tarball rule file(s) and do NOT process)
@@ -277,14 +299,27 @@ sub rule_extract {
$rule_file, $temp_path, $Distro, $arch, $Snort,
$Sorules, $ignore, $docs, $prefix
) = @_;
- print "Prepping rules from $rule_file for work....\n" if !$Quiet;
- print "\textracting contents of $temp_path$rule_file...\n"
- if ($Verbose && !$Quiet);
+
+ #special case to bypass file operations when -nPT are specified
+ my $BypassTar = 0;
+ if ($Textonly && $NoDownload && $Process) {
+ if ($rule_file =~ /opensource\.gz/) {
+ print "Skipping opensource.gz as -nPT was specified\n" if !$Quiet;
+ $BypassTar = 1;
+ }
+ }
+ if (!$BypassTar) {
+ print "Prepping rules from $rule_file for work....\n" if !$Quiet;
+ print "\textracting contents of $temp_path$rule_file...\n"
+ if ($Verbose && !$Quiet);
+ }
mkpath($temp_path . "tha_rules");
mkpath($temp_path . "tha_rules/so_rules");
my $tar = Archive::Tar->new();
- $tar->read($temp_path . $rule_file);
- $tar->setcwd(cwd());
+ if (!$BypassTar) {
+ $tar->read($temp_path . $rule_file);
+ $tar->setcwd(cwd());
+ }
local $Archive::Tar::CHOWN = 0;
my @ignores = split(/,/, $ignore) if (defined $ignore);
@@ -345,7 +380,8 @@ sub rule_extract {
}
elsif ($docs
&& $filename =~ /^(doc\/signatures\/)?.*\.txt/
- && -d $docs)
+ && -d $docs
+ && !$BypassTar)
{
$singlefile =~ s/^doc\/signatures\///;
$tar->extract_file("doc/signatures/$filename",
@@ -928,7 +964,21 @@ sub modify_sid {
}
undef @arry;
}
+
+ # Handle use case where we want to modify multiple sids based on
+ # comment in rule (think multiple rules with same or similar comment)
+ if ( $_ =~ /^regex:'([^']+)'\s+"(.+)"\s+"(.*)"/ ) {
+ my ( $regex, $from, $to ) = ( $1, $2, $3 );
+ # Go through each rule in gid:1 and look for matching rules
+ foreach my $sid ( sort keys( %{ $$href{1} } ) ) {
+ next unless ( $$href{1}{$sid}{'rule'} =~ /$regex/ );
+ print "\tModifying SID:$sid from:$from to:$to\n"
+ if ( $Verbose && !$Quiet );
+ $$href{1}{$sid}{'rule'} =~ s/$from/$to/;
+ }
+ }
}
+
print "\tDone!\n" if !$Quiet;
close(FH);
}
@@ -1277,7 +1327,7 @@ sub rule_category_write {
## write our blacklist and blacklist version file!
sub blacklist_write {
my ($href, $path) = @_;
- my $blv = $Config_info{'IPRVersion'} . "IPRVersion.dat";
+ my $blv = $Config_info{'IPRVersion'} . "/IPRVersion.dat";
my $blver = 0;
# First lets be sure that our data is new, if not skip the rest of it!
@@ -1769,7 +1819,7 @@ if ($Verbose && !$Quiet) {
if (exists $Config_info{'version'}) {
croak "You are not using the current version of pulledpork.conf!\n",
"Please use the version of pulledpork.conf that shipped with $VERSION!\n\n"
- if $Config_info{'version'} ne "0.7.3";
+ if $Config_info{'version'} ne "0.7.4";
}
else {
croak
@@ -2118,6 +2168,7 @@ if (@base_url && -d $temp_path) {
}
}
elsif ($base_url =~ /emergingthreatspro.com/) {
+ $prefix = "ET-";
# These have to be handled separately, as emerginthreatspro will
# support a full version, but emergingthreats only supports the

6
security/pulledpork/files/pkg-message.in
View file

@ -22,10 +22,10 @@ EOM
{
type: upgrade
message: <<EOM
Please compare existing files under %%ETCDIR%%
with the new *.sample files and if required adjust
the line 'version='
In release 0.7.4 blacklist was renamed to blocklist.
Please compare existing files under %%ETCDIR%%
with the new *.sample files adjust them if required.
EOM
}
]

4
security/pulledpork/pkg-plist
View file

@ -4,11 +4,13 @@ bin/pulledpork.pl
%%ETCDIR%%/enablesid.conf.sample
%%ETCDIR%%/modifysid.conf.sample
@(,,0640) %%ETCDIR%%/pulledpork.conf.sample
%%PORTDOCS%%%%DOCSDIR%%/README
%%PORTDOCS%%%%DOCSDIR%%/CONTRIBUTING.md
%%PORTDOCS%%%%DOCSDIR%%/README.CATEGORIES
%%PORTDOCS%%%%DOCSDIR%%/README.CHANGES
%%PORTDOCS%%%%DOCSDIR%%/README.RULESET
%%PORTDOCS%%%%DOCSDIR%%/README.SHAREDOBJECTS
%%PORTDOCS%%%%DOCSDIR%%/README.md
%%PORTDOCS%%%%DOCSDIR%%/SECURITY.md
%%DATADIR%%/README.CONTRIB
%%DATADIR%%/oink-conv.pl
@dir(,,0750) %%ETCDIR%%