Ticket #42856: patch-bro-Portfile2.diff

net/bro/Portfile

@@ -1 +1 @@
 # -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4
-# $Id: Portfile 128545 2014-11-23 00:13:06Z ryandesign@macports.org $
+# $Id: Portfile 113683 2013-11-23 02:18:18Z ryandesign@macports.org $
 
 PortSystem          1.0
 
-name                bro
-version             2.2
+PortGroup           github 1.0
+
+github.setup        bro bro 2.3.1 v
 categories          net security
 platforms           darwin
 maintainers         gmail.com:tanawts openmaintainer
@@ -17 +18 @@
                     traffic and looks for suspicious activity.
 
 homepage            http://www.bro.org/
-master_sites        ${homepage}downloads/release/ \
-                    ${homepage}downloads/archive/
-
-checksums           rmd160  ad1820eae034062c0e1125e4a4ac1e61960ad126 \
-                    sha256  86909361c2d804681f314604a6ce763be663937b2f045c8d25d810528a633dc9
 
 depends_build       port:cmake \
                     port:libgeoip \
@@ -30 +26 @@
 # use the system-provided flex
 depends_lib         port:bison \
                     port:curl \
-                    port:libmagic \
                     port:libpcap \
                     port:openssl \
                     port:perl5 \
@@ -38 +33 @@
                     port:readline \
                     port:zlib
 
-patchfiles          patch-CMakeLists.txt.diff
-patchfiles-append   patch-htonll.diff
+variant universal {}
+configure.cflags-append "${configure.cflags} [get_canonical_archflags cc]"
+configure.universal_args
+## CCL.h:8:14: error: unknown type name 'ptr_compat_int'; did you mean 'ptr_compat_intList'? => ???
+
+test.run            yes
+test.target         test-all
 
-universal_variant   no
+## https://github.com/Homebrew/homebrew/blob/614a96fe0eb86b46587cce9332bb305299370943/Library/Formula/bro.rb
+## http://pdb.finkproject.org/pdb/browse.php?summary=bro = nothing
 
-configure.args      --enable-mobile-ipv6
+## FIXME! ${prefix}/etc/bro, ${prefix}/var/spool/bro, ${prefix}/var/log/bro
+configure.args      --enable-mobile-ipv6 --conf-files-dir=${prefix}/etc/bro
 
 post-destroot {
-    move ${destroot}${prefix}/etc/broccoli.conf ${destroot}${prefix}/etc/broccoli.conf.dist
+    xinstall -d ${destroot}${prefix}/share/examples/${name}
+    move ${destroot}${prefix}/etc/bro/broccoli.conf ${destroot}${prefix}/share/examples/${name}/
+    move ${destroot}${prefix}/etc/bro/node.cfg ${destroot}${prefix}/share/examples/${name}/
+    move ${destroot}${prefix}/etc/bro/networks.cfg ${destroot}${prefix}/share/examples/${name}/
+    move ${destroot}${prefix}/etc/bro/broctl.cfg ${destroot}${prefix}/share/examples/${name}/
+    reinplace "s|${prefix}/spool|${prefix}/var/spool/bro|" ${destroot}${prefix}/share/examples/${name}/broctl.cfg
+    reinplace "s|${prefix}/logs|${prefix}/var/log/bro|" ${destroot}${prefix}/share/examples/${name}/broctl.cfg
+
+    reinplace "s|/usr/bin/python|${prefix}/bin/python2.7|" ${destroot}${prefix}/bin/broctl
+    reinplace "s| /usr/bin/env python|${prefix}/bin/python2.7|" ${destroot}${prefix}/bin/trace-summary
+
+    xinstall -d ${destroot}${prefix}/Library/LaunchDaemons/
+    copy ${filespath}/org.macports.bro.plist ${destroot}${prefix}/Library/LaunchDaemons/
+    reinplace "s|%%PREFIX%%|${prefix}|g" ${destroot}${prefix}/Library/LaunchDaemons/org.macports.bro.plist
+
+    xinstall -d ${destroot}${prefix}/etc/${name}
+    xinstall -d ${destroot}${prefix}/var/log/${name}
+    destroot.keepdirs ${destroot}${prefix}/etc/${name} \
+        ${destroot}${prefix}/var/log/${name}
 }
 
 post-activate {
-    if {![file exists ${prefix}/etc/broccoli.conf]} {
-        copy ${prefix}/etc/broccoli.conf.dist ${prefix}/etc/broccoli.conf
+    if {![file exists ${prefix}/etc/bro/broccoli.conf]} {
+        copy ${prefix}/share/examples/${name}/broccoli.conf ${prefix}/etc/bro/broccoli.conf
+    }
+    if {![file exists ${prefix}/etc/bro/node.cfg]} {
+        copy ${prefix}/share/examples/${name}/node.cfg ${prefix}/etc/bro/node.cfg
+    }
+    if {![file exists ${prefix}/etc/bro/networks.cfg]} {
+        copy ${prefix}/share/examples/${name}/networks.cfg ${prefix}/etc/bro/networks.cfg
+    }
+    if {![file exists ${prefix}/etc/bro/broctl.cfg]} {
+        copy ${prefix}/share/examples/${name}/broctl.cfg ${prefix}/etc/bro/broctl.cfg
+    }
+}
+
+startupitem.create      yes
+startupitem.netchange   yes
+startupitem.start       "${prefix}/bin/broctl start"
+startupitem.stop        "${prefix}/bin/broctl stop"
+startupitem.restart     "${prefix}/bin/broctl restart"
+
+notes "
+You'll need to set your BROHOME to ${prefix}/share/bro and your
+BROPATH to ${prefix}/share/bro/site:${prefix}/share/bro/policy
+to use the provided policies. (which user?)
+
+Check online documentation to finish install
+http://www.bro.org/sphinx/quickstart/index.html
+
+1) review config: node.cfg, network.cfg, broctl.cfg
+   especially network interface, MailTo
+   Existing files have not been modified
+
+2) Run as root or w sudo
+     # broctl
+     \[BroControl\] > install
+     \[BroControl\] > start
+3) Use scheduled task for maintenance
+  # ln -s ${prefix}/Library/LaunchDaemons/org.macports.bro.plist /Library/LaunchDaemons/
+  # launchctl load -w /Library/LaunchDaemons/org.macports.bro.plist
+
+**** UPGRADING ****
+
+Paths have been changed to respect macports hierarchy
+${prefix}/etc -> ${prefix}/etc/bro
+${prefix}/spool -> ${prefix}/var/spool/bro
+${prefix}/logs -> ${prefix}/var/log/bro
+
+BUG: System App firewall ask at each launch if bro can accept incoming connections.
+BUG: eating cpu...
+
+"
+
+if {${subport} eq ${name}} {
+    master_sites        ${homepage}downloads/release/ \
+                        ${homepage}downloads/archive/
+    
+    checksums           bro-${version}.tar.gz \
+                        rmd160  c386e91d348600159a1ee14851b059a24a1861ed \
+                        sha256  ff32d21e335d2ddb3e2942527c3212de6ead4e7ffd6ac958497fa80e04e60800 \
+
+    depends_lib-append  port:libmagic
+
+    post-patch {
+        reinplace "s|\${BroBase}/spool|\${BroBase}/var/spool/bro|" ${worksrcpath}/aux/broctl/BroControl/options.py
+        reinplace "s|\${BroBase}/logs|\${BroBase}/var/log/bro|" ${worksrcpath}/aux/broctl/BroControl/options.py
+        reinplace "s|\${PREFIX}/logs|\${PREFIX}/var/log/bro|" ${worksrcpath}/aux/broctl/CMakeLists.txt
+        reinplace "s|{BroBase}/logs|{BroBase}/var/log/bro|" ${worksrcpath}/aux/broctl/doc/broctl.rst
+        reinplace "s|\${PREFIX}/spool|\${PREFIX}/var/spool/bro|" ${worksrcpath}/aux/broctl/CMakeLists.txt
+        reinplace "s|{BroBase}/spool|{BroBase}/var/spool/bro|" ${worksrcpath}/aux/broctl/doc/broctl.rst
+    }
+
+    conflicts  ${name}-devel
+}
+
+subport ${name}-devel {
+
+    version    20141024
+    #fetch.type git
+    #git.url    https://github.com/bro/bro.git
+    ## no support for tag, last one is release
+    #git.branch 80d7a1482cbf44be8bc6fc1a9b8f1901e33c0bca
+    patchfiles-delete   patch-CMakeLists.txt.diff
+    distname    087a9f975d23ef141ad331ca7dc39264402617f6
+    checksums           ${distname}.tar.gz \
+                        rmd160  ba3afe6da0b7771d6ea6f24fe8b23f89ab55aee1 \
+                        sha256  d67bcf993d29008fa6b6242ae6f8877e8c0dd8f03d9f7a9694f2844c040f1af4
+
+    post-patch {
+        ## FIXME! need to include subproject https://github.com/bro/cmake
+        ##        or git clone --recursive git://git.bro-ids.org/bro
+        ##        http://comments.gmane.org/gmane.comp.security.detection.bro/5044
+        #system "cd ${worksrcpath} && git clone https://github.com/bro/cmake" => NOK other subproject
+        foreach m { cmake aux/binpac aux/bro-aux aux/broccoli aux/broctl aux/btest src/3rdparty } {
+             system -W ${worksrcpath} "git submodule update --init --recursive ${m}"
+        }
+
+        reinplace "s|\${BroBase}/spool|\${BroBase}/var/spool/bro|" ${worksrcpath}/aux/broctl/BroControl/options.py
+        reinplace "s|\${BroBase}/logs|\${BroBase}/var/log/bro|" ${worksrcpath}/aux/broctl/BroControl/options.py
+        reinplace "s|\${PREFIX}/logs|\${PREFIX}/var/log/bro|" ${worksrcpath}/aux/broctl/CMakeLists.txt
+        reinplace "s|{BroBase}/logs|{BroBase}/var/log/bro|" ${worksrcpath}/aux/broctl/doc/broctl.rst
+        reinplace "s|\${PREFIX}/spool|\${PREFIX}/var/spool/bro|" ${worksrcpath}/aux/broctl/CMakeLists.txt
+        reinplace "s|{BroBase}/spool|{BroBase}/var/spool/bro|" ${worksrcpath}/aux/broctl/doc/broctl.rst
+    }
+
+    conflicts  ${name}
+    livecheck.type      none
+}
+
+default_variants      +mhr
+
+## Extra scripts? http://www.bro.org/sphinx/scripts/scripts.html
+variant mhr description { add plugin to query Team Cymru Malware Hash Registry } {
+    master_sites-append   http://www.bro.org/sphinx/_downloads/
+    distfiles-append    detect-MHR.bro
+    ## This file has changed at least once, but is not versioned
+    checksums-append    \
+                        detect-MHR.bro \
+                        rmd160  0a6f949e106bee07961864e4fefbb5396a5d3aab \
+                        sha256  a33d0da4e527c2759a8f8db32fd224974ad4c8bfe71bd25cbf7086fdaf1ad868
+
+    post-destroot {
+        ## no further actions needed. will be loaded by bro at next start
+        copy ${distpath}/detect-MHR.bro ${destroot}${prefix}/share/broctl/scripts/
     }
 }
 
-notes \
-"You'll need to set your BROHOME to ${prefix}/share/bro and your\
-BROPATH to ${prefix}/share/bro/site:${prefix}/share/bro/policy\
-to use the provided policies."
+## https://github.com/LiamRandall/bro-scripts/tree/master/fire-scripts
+## http://scrapbook.zscaler.com/2012/05/bro-script-to-extract-artifacts-from.html
+## web ui: http://brownian.bro-ids.org/ ? but "Error! Could not connect to server - please check ELASTICSEARCH_SERVER in settings.py "
 
 livecheck.type      regex
 livecheck.url       ${homepage}download/