From root@utd65257.utdallas.edu  Fri May 23 02:51:14 2008
Return-Path: <root@utd65257.utdallas.edu>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 90281106564A
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 23 May 2008 02:51:14 +0000 (UTC)
	(envelope-from root@utd65257.utdallas.edu)
Received: from utd65257.utdallas.edu (utd65257.utdallas.edu [129.110.3.28])
	by mx1.freebsd.org (Postfix) with ESMTP id 79D118FC1D
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 23 May 2008 02:51:14 +0000 (UTC)
	(envelope-from root@utd65257.utdallas.edu)
Received: by utd65257.utdallas.edu (Postfix, from userid 0)
	id 7D6A234781C; Thu, 22 May 2008 21:51:14 -0500 (CDT)
Message-Id: <20080523025114.7D6A234781C@utd65257.utdallas.edu>
Date: Thu, 22 May 2008 21:51:14 -0500 (CDT)
From: Paul Schmehl <pauls@utdallas.edu>
Reply-To: Paul Schmehl <pauls@utdallas.edu>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: security/sancp, improve startup script
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         123916
>Category:       ports
>Synopsis:       security/sancp, improve startup script
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    rafan
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Fri May 23 03:00:08 UTC 2008
>Closed-Date:    Sat May 24 05:33:21 UTC 2008
>Last-Modified:  Sat May 24 05:40:01 UTC 2008
>Originator:     Paul Schmehl
>Release:        FreeBSD 7.0-STABLE i386
>Organization:
The University of Texas at Dallas
>Environment:
System: FreeBSD hostname.utdallas.edu 7.0-STABLE FreeBSD 7.0-STABLE #6: Wed Apr 16 17:14:28 CDT 2008 root@hostname.utdallas.edu:/usr/obj/usr/src/sys/GENERIC i386


	
>Description:
	security/sancp, this PR improves the startup script by bringing it
	more in alignment with the rc.subr way of doing things.  It increments
	PORTREVISION and makes some minor changes to pkg-message as well
>How-To-Repeat:
	
>Fix:

	

--- patch-Makefile begins here ---
--- Makefile.orig	2008-05-22 21:39:05.000000000 -0500
+++ Makefile	2008-05-22 21:39:21.000000000 -0500
@@ -8,7 +8,7 @@
 PORTNAME=	sancp
 PORTVERSION=	1.6.1
 DISTVERSIONSUFFIX=	-stable
-PORTREVISION=	2
+PORTREVISION=	3
 CATEGORIES=	security
 MASTER_SITES=	SF
 
--- patch-Makefile ends here ---

--- patch-files-pkg-mesage.in begins here ---
--- files/pkg-message.in.orig	2008-05-22 21:40:40.000000000 -0500
+++ files/pkg-message.in	2008-05-22 21:30:46.000000000 -0500
@@ -20,18 +20,9 @@
 new conf file, named sguil-sancp.conf-sample will be installed in the
 %%PREFIX%%/etc directory.  You should use that one for sguil.
 
-Some of the configuration options for sancp are:
+All of the configuration options for sancp are documented in the 
+startup script in %%PREFIX%%/etc/rc.d (don't forget to specify interface
+in /etc/rc.conf)
 
--? or -h  this help screen
--c <filename>  specify the configuration/rules filename
--d <directory>  specify the directory for output files
--i <device>  set the network device to listen on (default: 'any')
--g <gid>   set a group identity
--u <uid>   set a user identity
--D (daemon) forks, prints msgs to syslog only and overrides -C option
--F <bpf filename>  file containing a bpf filter expression, overrides (alternative to -B)
--V  display version
-
-If you're running sguil, you probably want to use the following flags:
+If you're running sguil, you probably want to use at least the following flags:
 sancp_flags="-D -P -R -u sancp -g sancp -d /var/log/sancp"
-(don't forget to specify the conf file and interface as well)
--- patch-files-pkg-mesage.in ends here ---

--- patch-files-sancp.sh.in begins here ---
--- files/sancp.sh.in.orig	2008-05-22 20:48:56.000000000 -0500
+++ files/sancp.sh.in	2008-05-22 21:37:09.000000000 -0500
@@ -11,26 +11,59 @@
 # 				Default: NO
 # sancp_flags (str):		Extra flags passed to sancp
 #				Default: -D
-# sancp_interface (str):        Network interface to sniff
-#                               Default: ""
 # sancp_conf (str):		Sancp configuration file
 #				Default: %%PREFIX%%/etc/sancp.conf
+# sancp_interface (str):	Default: none - MUST BE SET
 #
+# Command Line Options: (cmdline)
+#   ---------------------
+#
+#	-? or -h  this help screen
+#	-c <filename>  specify the configuration/rules filename
+#	-d <directory>  specify the directory for output files
+#	-i <device>  set the network device to listen on (default: 'any')
+#	-g <gid>   set a group identity
+#	-u <uid>   set a user identity
+#	-r <pcapfile>  pcap file to read (overrides -i)
+#	-B "<bpf expression>"  set a bpf expression (alternative to -F <filename>)
+#	-D (daemon) forks, prints msgs to syslog only and overrides -C option
+#	-K (console) enable additional printing of 'realtimes' to stdout (suppressed by option -D)
+#	-F <bpf filename>  file containing a bpf filter expression, overrides (alternative to -B)
+#	-H --human-readable  write IP addresses in dotted notation and TCPflag fields in hex 
+#	-R  Set default for realtime to 'pass' (default is 'log') disables realtime, but rules can override
+#	-S  Set default for stats to 'pass' (default is 'log') disables stats, but rules can override
+#	-P  Set default for pcap to 'pass' (default is 'log') disables pcap, but rules can override
+#	-I or --enable_icmp_mixed  record 'code' and 'type' fields for ICMP
+#		to the fields 's_port' and 'd_port'.
+#		note: affects how related icmp packets are correlated 
+#	-V  display version
+#    --shift  (debug) force interpretation of packet starting at byte[2] 
+#                    normally performed when reading from the 'any' interface
+#	--strip-80211  strip 802.1Q headers from 802.1Q packets; used to 
+# 	  decode 802.1Q encapsulated packets - affects -A option, 
+#	--log-facility <facility>  where facility can be 'LOCAL1' - 'LOCAL7'
+#		The default log facility used by SANCP is LOG_DAEMON 
+#
+#      Debug mode for pcap data logging
+#	-A  records ALL traffic frames to a pcap file named 'debug_pcap_raw'
+#	  (despite rules). Packets are logged here prior to decoding or handling. 
+#	  Use -F or -B option to restrict what is collectedi.
+#	  Pcap data logged using this option is affected by the --strip-80211 cmdline option
+#	  The configuration file equivalent to this is 'default debug_pcap_raw enable'
 
 . %%RC_SUBR%%
 
+# set some defaults
+sancp_enable="NO"
+sancp_flags="-D"
+sancp_conf="%%PREFIX%%/etc/sancp.conf"
+sancp_interface=""
+
 name="sancp"
+load_rc_config sancp
 rcvar=`set_rcvar`
 
 command="%%PREFIX%%/bin/sancp"
-
-load_rc_config $name
-
-[ -z "$sancp_enable" ]    && sancp_enable="NO"
-[ -z "$sancp_conf" ]      && sancp_conf="%%PREFIX%%/etc/sancp.conf"
-[ -z "$sancp_flags" ]     && sancp_flags="-D"
-
-[ -n "$sancp_interface" ] && sancp_flags="$sancp_flags -i $sancp_interface"
-[ -n "$sancp_conf" ]      && sancp_flags="$sancp_flags -c $sancp_conf"
+command_args="${sancp_flags} -c ${sancp_conf} -i ${sancp_interface}"
 
 run_rc_command "$1"
--- patch-files-sancp.sh.in ends here ---


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->rafan 
Responsible-Changed-By: rafan 
Responsible-Changed-When: Fri May 23 05:51:37 UTC 2008 
Responsible-Changed-Why:  
I like rc script PR. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=123916 
State-Changed-From-To: open->closed 
State-Changed-By: rafan 
State-Changed-When: Sat May 24 05:33:20 UTC 2008 
State-Changed-Why:  
Committed. Thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=123916 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/123916: commit references a PR
Date: Sat, 24 May 2008 05:33:21 +0000 (UTC)

 rafan       2008-05-24 05:33:14 UTC
 
   FreeBSD ports repository
 
   Modified files:
     security/sancp       Makefile 
     security/sancp/files pkg-message.in sancp.sh.in 
   Log:
   - Use the preferred way of setting default rc parameters
   - Move startup options to rc script
   - Bump PORTREVISION
   
   PR:             ports/123916 (based on)
   Submitted by:   Paul Schmehl <pauls at utdallas.edu> (maintainer)
   
   Revision  Changes    Path
   1.5       +1 -1      ports/security/sancp/Makefile
   1.2       +4 -13     ports/security/sancp/files/pkg-message.in
   1.3       +51 -7     ports/security/sancp/files/sancp.sh.in
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
>Unformatted:
