diff options
| author | obraun <obraun@FreeBSD.org> | 2003-04-19 20:40:13 +0000 |
|---|---|---|
| committer | obraun <obraun@FreeBSD.org> | 2003-04-19 20:40:13 +0000 |
| commit | a6d4771d523bdd5fded4a499b132d592a2b9b319 (patch) | |
| tree | 0b239ba0541641a2ebf4315af87dbee4a43e468d /security/nessus-libraries | |
| parent | 996c50af473600b30871639b059a1621d8191646 (diff) | |
| download | FreeBSD-ports-a6d4771d523bdd5fded4a499b132d592a2b9b319.zip FreeBSD-ports-a6d4771d523bdd5fded4a499b132d592a2b9b319.tar.gz | |
- Update to 2.0.4.
- Add dependency on bpf for the server.
- Add "client only" knob.
PR: ports/51126
Submitted by: maintainer
Diffstat (limited to 'security/nessus-libraries')
| -rw-r--r-- | security/nessus-libraries/Makefile | 40 | ||||
| -rw-r--r-- | security/nessus-libraries/distinfo | 2 | ||||
| -rw-r--r-- | security/nessus-libraries/files/README.BPF | 46 | ||||
| -rw-r--r-- | security/nessus-libraries/files/patch-aa | 16 | ||||
| -rw-r--r-- | security/nessus-libraries/pkg-plist | 6 |
5 files changed, 97 insertions, 13 deletions
diff --git a/security/nessus-libraries/Makefile b/security/nessus-libraries/Makefile index 78798f4..c002b8b 100644 --- a/security/nessus-libraries/Makefile +++ b/security/nessus-libraries/Makefile @@ -5,8 +5,11 @@ # $FreeBSD$ # +# Define NESSUS_CLIENT_ONLY if you only want to build this for the nessus +# client. + PORTNAME= nessus-libraries -PORTVERSION= 1.2.7 +PORTVERSION= 2.0.4 CATEGORIES= security MASTER_SITES= ftp://ftp.nessus.org/pub/nessus/nessus-${PORTVERSION}/src/ \ ftp://ftp.gwdg.de/pub/linux/misc/nessus/nessus-${PORTVERSION}/src/ \ @@ -22,12 +25,47 @@ COMMENT= Libraries for Nessus, the security scanner DIST_SUBDIR= nessus WRKSRC= ${WRKDIR}/nessus-libraries +USE_BISON= YES USE_LIBTOOL= YES CONFIGURE_ARGS= --enable-cipher --sharedstatedir=${PREFIX}/etc/nessus/com \ --localstatedir=${PREFIX}/etc/nessus/var +.if defined(WITH_NESSUS_BPF_SHARE) +CONFIGURE_ARGS+= --enable-bpf-sharing +.endif INSTALLS_SHLIB= YES MAN1= nessus-config.1 +.if ! defined(NESSUS_CLIENT_ONLY) +pre-configure: + @if [ ! -c /dev/bpf1 ]; then \ + ${ECHO} "********************************************************";\ + ${ECHO} "* W a r n i n g *";\ + ${ECHO} "* *";\ + ${ECHO} "* Nessus needs Berkeley Packet Filter (bpf). *";\ + ${ECHO} "* To use nessus, your kernel must be rebuilt with bpf, *";\ + ${ECHO} "* and make bpf devices on /dev directory. *";\ + ${ECHO} "* *";\ + ${ECHO} "* Be sure to build as many bpf devices as you need. *";\ + ${ECHO} "* For more info on this read files/README.BPF *";\ + ${ECHO} "********************************************************";\ + ${FALSE}; \ + fi +.if ! defined(WITH_NESSUS_BPF_SHARE) + @if [ ! -c /dev/bpf40 ]; then \ + ${ECHO} "********************************************************";\ + ${ECHO} "* W a r n i n g *";\ + ${ECHO} "* *";\ + ${ECHO} "* Nessus needs many bpf devices. If you can't rebuild *";\ + ${ECHO} "* your kernel with more than 40 bpf devices (as *";\ + ${ECHO} "* described in files/README.BPF) then build this port *";\ + ${ECHO} "* with \"make -DWITH_NESSUS_BPF_SHARE\" *";\ + ${ECHO} "* *";\ + ${ECHO} "********************************************************";\ + ${FALSE}; \ + fi +.endif +.endif + .include <bsd.port.mk> diff --git a/security/nessus-libraries/distinfo b/security/nessus-libraries/distinfo index 02335ce..8e3990d 100644 --- a/security/nessus-libraries/distinfo +++ b/security/nessus-libraries/distinfo @@ -1 +1 @@ -MD5 (nessus/nessus-libraries-1.2.7.tar.gz) = f0daff274e11dac64c294cd57a59579f +MD5 (nessus/nessus-libraries-2.0.4.tar.gz) = bc33f4c5aeddc82a3443c5191f1b680b diff --git a/security/nessus-libraries/files/README.BPF b/security/nessus-libraries/files/README.BPF new file mode 100644 index 0000000..90185da --- /dev/null +++ b/security/nessus-libraries/files/README.BPF @@ -0,0 +1,46 @@ +Nessus uses the pcap library, which uses the +berkeley packet filter (bpf) to do its job. + +Since Nessus used multiple processes, several pcap-aware plugins will +need to access the the bpf at the same time. + +This means that you need to recompile your kernel with the +following option : + +For FreeBSD 5.x: +pseudo-device bpfilter + +For FreeBSD 4.x: +pseudo-device bpfilter NUM + +Where 'NUM' is the number of bpf you want -- it should be equal to +the 'max hosts number' option you enter in nessusd x the +'max plugins' option. + +If for instance you want to have 10 nessusd running at the same time, +each running 5 plugins in parallel, you should create 50 (10 * 5) bpfs +(as nessusd is extremely lightweight, you can expect to have this amount + of processes running at the same time) + +If you plan to scan a whole network, we recommand you create at least +100 of them. + +Once your kernel has been rebuilt, get root, cd to /dev +and do : + + i=0; while [ $i -lt 100]; + do + ./MAKEDEV bpf$i + let i=$i+1 + done + +On FreeBSD, you can directly do : + ./MAKEDEV bpf+100 + +(For FreeBSD 5.x this is not needed since the devfs creates devices when needed) + +If you can not recompile your kernel, you can try to run the configure +script with the option --enable-bpf-sharing. In this case, nessusd will +try to share one /dev/bpf among multiple processes and do the filtering +in userland. NOTE THAT THIS OPTION IS HIGHLY EXPERIMENTAL AND WE DO +NOT RECOMMAND ENABLING IT. diff --git a/security/nessus-libraries/files/patch-aa b/security/nessus-libraries/files/patch-aa index 9d914ce..2eca56c 100644 --- a/security/nessus-libraries/files/patch-aa +++ b/security/nessus-libraries/files/patch-aa @@ -1,10 +1,10 @@ ---- Makefile.orig Thu May 31 15:51:08 2001 -+++ Makefile Wed Oct 10 20:16:14 2001 -@@ -46,7 +46,6 @@ +--- Makefile.orig Tue Jan 21 15:25:01 2003 ++++ Makefile Wed Jan 22 08:40:19 2003 +@@ -51,7 +51,6 @@ cd libhosts_gatherer && ${MAKE} install - cd libpcap-nessus && ${MAKE} install -- $(INSTALL) -m 0444 include/includes.h ${includedir}/nessus - $(INSTALL) -m 0444 include/libnessus.h ${includedir}/nessus - $(INSTALL) -m 0444 include/harglists.h ${includedir}/nessus - $(INSTALL) -m 0444 include/libvers.h ${includedir}/nessus + +- $(INSTALL) -m 0444 include/includes.h $(DESTDIR)${includedir}/nessus + $(INSTALL) -m 0444 include/libnessus.h $(DESTDIR)${includedir}/nessus + $(INSTALL) -m 0444 include/harglists.h $(DESTDIR)${includedir}/nessus + $(INSTALL) -m 0444 include/libvers.h $(DESTDIR)${includedir}/nessus diff --git a/security/nessus-libraries/pkg-plist b/security/nessus-libraries/pkg-plist index 61a338b..57f8858 100644 --- a/security/nessus-libraries/pkg-plist +++ b/security/nessus-libraries/pkg-plist @@ -9,15 +9,15 @@ include/nessus/net/bpf.h lib/libhosts_gatherer.a lib/libhosts_gatherer.la lib/libhosts_gatherer.so -lib/libhosts_gatherer.so.3 +lib/libhosts_gatherer.so.2 lib/libnessus.a lib/libnessus.la lib/libnessus.so -lib/libnessus.so.3 +lib/libnessus.so.2 lib/libpcap-nessus.a lib/libpcap-nessus.la lib/libpcap-nessus.so -lib/libpcap-nessus.so.3 +lib/libpcap-nessus.so.2 sbin/uninstall-nessus @dirrm include/nessus/net @dirrm include/nessus |
