Bump to 3.0.9, fixing various bugs. Remove old, broken versions.

Package-Manager: portage-2.2_rc20/cvs/Linux 2.6.28 x86_64
author: Bryan Stine <battousai@gentoo.org> 2009-01-09 00:36:14 +0000
committer: Bryan Stine <battousai@gentoo.org> 2009-01-09 00:36:14 +0000
commit: fbb0d7967d1eb1e758462468f93947ea41336f7f (patch)
tree: 58edaf80047250f05f2a05f989a87aa6e4fd9132 /app-admin/bastille
parent: Add tk to IUSE. (diff)
download: historical-fbb0d7967d1eb1e758462468f93947ea41336f7f.tar.gz
historical-fbb0d7967d1eb1e758462468f93947ea41336f7f.tar.bz2
historical-fbb0d7967d1eb1e758462468f93947ea41336f7f.zip
8 files changed, 27 insertions, 365 deletions
diff --git a/app-admin/bastille/ChangeLog b/app-admin/bastille/ChangeLog
index 219046522e28..201d5606aa73 100644
--- a/app-admin/bastille/ChangeLog
+++ b/app-admin/bastille/ChangeLog
@@ -1,6 +1,21 @@
 # ChangeLog for app-admin/bastille
-# Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-admin/bastille/ChangeLog,v 1.21 2007/10/28 12:46:02 phreak Exp $
+# Copyright 2000-2009 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/app-admin/bastille/ChangeLog,v 1.22 2009/01/09 00:36:14 battousai Exp $
+
+*bastille-3.0.9 (08 Jan 2009)
+
+  08 Jan 2009; Bryan Stine <battousai@gentoo.org>
+  -files/bastille-2.1.1-firewall.init,
+  -files/bastille-2.1.1-hlist-fix.patch,
+  -files/bastille-3.0.2-firewall.init, -files/bastille-firewall-imap.patch,
+  -bastille-2.1.1-r3.ebuild, -bastille-3.0.2.ebuild, +bastille-3.0.9.ebuild:
+  Version bump to 3.0.9. Restores compatibility with various distribution
+  changes, such as coreutils program locations, etc. Also added many little
+  fixes. Moved firewall init script into patch distribution, so no future
+  versions will require FILESDIR. This version should bring the package out
+  of p.mask, fixing version bump bug #157187 and issues bug #154002. Removed
+  old versions that no longer work with those distribution changes mentioned
+  above.
 
   28 Oct 2007; Christian Heim <phreak@gentoo.org> bastille-2.1.1-r1.ebuild,
   bastille-2.1.1-r2.ebuild, bastille-2.1.1-r3.ebuild, bastille-3.0.2.ebuild:
diff --git a/app-admin/bastille/Manifest b/app-admin/bastille/Manifest
index ca7ebd8117a7..ed68d189c9bf 100644
--- a/app-admin/bastille/Manifest
+++ b/app-admin/bastille/Manifest
@@ -1,12 +1,5 @@
-AUX bastille-2.1.1-firewall.init 1340 RMD160 8cbf5f84f7579b0fab349a6502ef88cfeadd5d1a SHA1 6863a444897e91f2f0c791561dd077faedbfaccd SHA256 26c30596854d42889296c1ffca6d301574e1525d0d2e9096590e1a77dfc1f498
-AUX bastille-2.1.1-hlist-fix.patch 463 RMD160 70d37c6b4e0d217cafe0ca84682567f6a80fd039 SHA1 8503ad759c3116893d7b797ee401bb414362a245 SHA256 abea73ee720e040d94fffde09478dc46d0774d2cfe5c2078521ce906167a95b3
-AUX bastille-3.0.2-firewall.init 1450 RMD160 0e884c26c33bfdb033d24246bbfc370da3f3d43a SHA1 47561c1ef337edca90c44ec36038128e8aedbb0c SHA256 d4026621bfb3105a03bdbf46d692e18cc203bb4362c86fbe303ca7e9ed2c6002
-AUX bastille-firewall-imap.patch 8660 RMD160 d65c3babd5289f4526ebf9b2214b5e55337a3dd8 SHA1 74566c5ddd6bbb0aa11a4731b318244a13f459c1 SHA256 8f26646dbdff1e0ed08cddaf9cc2d28bab7628d6d77db63eec18f0d00f8a6e3e
-DIST Bastille-2.1.1.tar.bz2 338227 RMD160 4592c2b88f32fe85bf1e9e7984359fba0abb9693 SHA1 4e040442970912590d953fe0f69340b4194526cb SHA256 70cb45f7eddf7ce46c535952e888e50c2423e9beed1549db74ddebc24ed28127
-DIST Bastille-3.0.2.tar.bz2 328161 RMD160 8602b6c5abc3d35c1fe2a956580a22b1147c3592 SHA1 26a47a9e344781a844cfa36cc98890e15589eb5a SHA256 4c916f294fa2168405a475ce0c7197a60bf0e3f814edc3ae95dc42b732c87436
-DIST bastille-2.1.1-gentoo-0.1.patch.bz2 15312 RMD160 02986c3430a628fe32ec93ad1dec539a5a9cb345 SHA1 a502b6717971564481151d36e6aeca9271c44c40 SHA256 df5e3381282592a7587622925b77b43660814a2c4eacda77931ca0cd4ef113fb
-DIST bastille-3.0.2-gentoo-0.1.patch.bz2 16334 RMD160 64fb3c4801eccf1af1100571813668acb12ae3d6 SHA1 201ce08b5707ed3b73553c51fa50080df3270cd1 SHA256 d9cd942f9c3fdf9489a20005e490380577935729c3cf409155bb3253d51d7277
-EBUILD bastille-2.1.1-r3.ebuild 2664 RMD160 fb6e5e7a4bffa76d5761ff4066083ea193285b0b SHA1 825518ff610ed01dafa875f1e714adf3afb62386 SHA256 9c21d7bf26800631ce9b43f0efdeec4da8cfb2fe35fcc6beed71a3d7b8f0f2ca
-EBUILD bastille-3.0.2.ebuild 1506 RMD160 d15b015c71e950084d88d6e3cc63b5c69014081c SHA1 5d1923a8e5b59c8c284405d8a9c13b2e5c04dd6a SHA256 00d90d7ca35b7f1f7dfd6d9c059240f47da5db9ebcbcc11e91d562ce7a04dc91
-MISC ChangeLog 4349 RMD160 c0f19a228a5f191a680b1bdd56594a1118afd91f SHA1 42599b118ef211d4678b011dbb60ea6b36fefd3b SHA256 fe95ad91e2c2d44ffd1b5d7008006fa7b4af212055570c43bbd2b4088a6f3036
+DIST Bastille-3.0.9.tar.bz2 319045 RMD160 853bec2e007d3084cb4df9d509a316523c4dc467 SHA1 389f13d9c6c7b14b91b30bda7285238c74758e0d SHA256 1fd66ef724441a36459d5f937ce76c3bb9f7ccc9584d318a916ff59f709fc02d
+DIST bastille-3.0.9-gentoo-0.2.patch.bz2 14117 RMD160 44ee370fa924b54d7039c460cec07e58997d8bda SHA1 d7cfb1f3f05f50a568b140f511452fc74384f635 SHA256 91773f8fda6aa67dd87c4451f04ed525965c7408590281b960a3e717ff57880c
+EBUILD bastille-3.0.9.ebuild 1464 RMD160 ec04968d7a7682f3b1c72032dc6358dadc7fcc42 SHA1 99885299c82187489e4e768ccfd0c0a51a79c21a SHA256 710d74cfab1e8c462f7e53d2e23cec48cdb20fff67d047d18a181aeac194f317
+MISC ChangeLog 5130 RMD160 38ef1f9377a3d2954da34075ae84372eb421713b SHA1 aebbbac4730285f566a7929a804c21908b32aa1c SHA256 76b1e02e6f23c28a4210496df6820aae7366c8c173f952b176a9f1dd25066763
 MISC metadata.xml 353 RMD160 6fa2f9e9b45804b19212538831af1d2ac58590ac SHA1 f16c6d969a3d810f1cffac6860453b0324a84bee SHA256 d5c8da8d2eceeb617bd143924f19d893c87ceef621a562c14108c97d81bf433a
diff --git a/app-admin/bastille/bastille-2.1.1-r3.ebuild b/app-admin/bastille/bastille-2.1.1-r3.ebuild
deleted file mode 100644
index d2585de5c225..000000000000
--- a/app-admin/bastille/bastille-2.1.1-r3.ebuild
+++ /dev/null
@@ -1,98 +0,0 @@
-# Copyright 1999-2008 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-admin/bastille/bastille-2.1.1-r3.ebuild,v 1.6 2008/06/16 15:40:49 drac Exp $
-
-inherit perl-app eutils
-
-PATCHVER=0.1
-MY_PN=${PN/b/B}
-MY_P=${MY_PN}-${PV}
-S=${WORKDIR}/${MY_PN}
-DESCRIPTION="Bastille-Linux is a security hardening tool"
-HOMEPAGE="http://bastille-linux.org/"
-SRC_URI="mirror://sourceforge/${PN}-linux/${MY_P}.tar.bz2
-	mirror://gentoo/${P}-gentoo-${PATCHVER}.patch.bz2"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="x86 ppc ~sparc alpha amd64"
-IUSE="X"
-
-RDEPEND="net-firewall/iptables
-	app-admin/logrotate
-	dev-perl/Curses
-	net-firewall/psad
-	X? ( dev-perl/perl-tk )
-	virtual/logger"
-
-src_unpack() {
-	unpack ${A}
-	epatch "${WORKDIR}"/${P}-gentoo-${PATCHVER}.patch
-	epatch "${FILESDIR}"/bastille-firewall-imap.patch
-	epatch "${FILESDIR}"/${P}-hlist-fix.patch
-}
-
-src_compile() {
-	cp "${FILESDIR}"/bastille-${PV}-firewall.init ./bastille-firewall
-
-	cd "${S}"/psad/Psad.pm
-	perl-module_src_compile
-}
-
-src_install() {
-	keepdir /var/lock/subsys/${PN}
-	dodir /etc/Bastille
-
-	into /usr
-	dosbin bastille AutomatedBastille InteractiveBastille \
-		BastilleBackEnd RevertBastille *.pl
-
-	dosym RevertBastille /usr/sbin/UndoBastille
-
-	insinto /usr/share/Bastille
-	doins Questions* Credits bastille-* *.xbm *.config
-
-	insinto /usr/share/Bastille
-	doins Questions.txt Credits complete.xbm incomplete.xbm \
-		ifup-local hosts.allow
-
-	exeinto /usr/share/Bastille
-	doexe bastille-firewall* bastille-tmpdir* \
-		bastille-ipchains bastille-netfilter \
-		firewall/*.sh
-
-	perlinfo
-	insinto ${SITE_LIB}
-	doins Bastille_Curses.pm
-	use X && doins Bastille_Tk.pm
-	insinto ${SITE_LIB}/Curses
-	doins Curses/Widgets.pm
-
-	doman docs/bastille.1m
-	dodoc docs/* firewall/*.txt
-
-	cd "${S}"/Bastille
-
-	insinto /usr/lib/Bastille
-	doins AccountSecurity.pm Apache.pm API.pm OSX_API.pm BootSecurity.pm \
-		ConfigureMiscPAM.pm DisableUserTools.pm DNS.pm \
-		FilePermissions.pm FTP.pm Firewall.pm HP_API.pm HP_UX.pm \
-		IOLoader.pm Patches.pm Logging.pm \
-		MiscellaneousDaemons.pm PatchDownload.pm Printing.pm \
-		RemoteAccess.pm SecureInetd.pm Sendmail.pm TMPDIR.pm  \
-		test_AccountSecurity.pm test_Apache.pm test_DNS.pm \
-		test_FTP.pm test_HP_UX.pm test_MiscellaneousDaemons.pm \
-		test_SecureInetd.pm test_Sendmail.pm TestAPI.pm IPFilter.pm
-
-	# psad interface module
-	cd "${S}"/psad/Psad.pm
-	newins Psad.pm PSAD.pm
-
-	# Documentation
-	cd "${S}"
-	dodoc *.txt BUGS Change* README*
-}
-
-pkg_postinst() {
-	use X || elog "When not using the Tk interface you will need to start use the -c flag when calling ${PN} from command line. example ${PN} -c --os GE1.4"
-}
diff --git a/app-admin/bastille/bastille-3.0.2.ebuild b/app-admin/bastille/bastille-3.0.9.ebuild
index 19c83478513d..6ba1d8fb6c86 100644
--- a/app-admin/bastille/bastille-3.0.2.ebuild
+++ b/app-admin/bastille/bastille-3.0.9.ebuild
@@ -1,10 +1,10 @@
-# Copyright 1999-2007 Gentoo Foundation
+# Copyright 1999-2009 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-admin/bastille/bastille-3.0.2.ebuild,v 1.5 2007/10/28 12:46:02 phreak Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-admin/bastille/bastille-3.0.9.ebuild,v 1.1 2009/01/09 00:36:14 battousai Exp $
 
 inherit eutils
 
-PATCHVER=0.1
+PATCHVER=0.2
 MY_PN=${PN/b/B}
 MY_P=${MY_PN}-${PV}
 S=${WORKDIR}/${MY_PN}
@@ -30,7 +30,6 @@ src_unpack() {
 	epatch "${WORKDIR}"/${P}-gentoo-${PATCHVER}.patch
 
 	cd "${S}"
-	cp "${FILESDIR}"/bastille-${PV}-firewall.init ./bastille-firewall
 	chmod a+x Install.sh bastille-ipchains bastille-netfilter
 }
 
@@ -44,11 +43,13 @@ src_install() {
 	insinto /usr/share/Bastille
 	doins *.config
 
-	newinitd "${FILESDIR}"/${P}-firewall.init ${PN}-firewall
+	newinitd ${PN}-firewall.gentoo-init ${PN}-firewall
 
 	# Documentation
 	cd "${S}"
 	dodoc *.txt BUGS Change* README*
+	cd "${S}"/docs
+	doman *.1m
 }
 
 pkg_postinst() {
diff --git a/app-admin/bastille/files/bastille-2.1.1-firewall.init b/app-admin/bastille/files/bastille-2.1.1-firewall.init
deleted file mode 100644
index 5dd9bfbc757a..000000000000
--- a/app-admin/bastille/files/bastille-2.1.1-firewall.init
+++ /dev/null
@@ -1,41 +0,0 @@
-#!/sbin/runscript
-# Copyright 1999-2004 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2         
-# $Header: /var/cvsroot/gentoo-x86/app-admin/bastille/files/bastille-2.1.1-firewall.init,v 1.2 2004/07/14 21:09:15 agriffis Exp $
-
-opts="start stop"
-
-depend() {
-        need logger
-}
-
-start() {
-	# "Borrowed" from the original bastille-firewall init script ((c) P. Watkins)
-	REALSCRIPT=/sbin/bastille-ipchains
-	if [ -n "$(uname -r | awk -F. ' $1 == 2 && $2 > 2 {print}')" ]; then
-	        # We are using Linux 2.3 or newer; use the netfilter script if available
-	        if [ -x /sbin/bastille-netfilter ]; then
-	                REALSCRIPT=/sbin/bastille-netfilter
-	        fi
-	fi
-	
-        ebegin "Starting bastille-firewall"
-        $REALSCRIPT start
-        eend $? "Failed to start bastille-firewall"
-}
-
-stop() {
-	# "Borrowed" from the original bastille-firewall init script ((c) P. Watkins)
-	REALSCRIPT=/sbin/bastille-ipchains
-	if [ -n "$(uname -r | awk -F. ' $1 == 2 && $2 > 2 {print}')" ]; then
-	        # We are using Linux 2.3 or newer; use the netfilter script if available
-	        if [ -x /sbin/bastille-netfilter ]; then
-	                REALSCRIPT=/sbin/bastille-netfilter
-	        fi
-	fi
-	
-	ebegin "Stopping bastille-firewall"
-	$REALSCRIPT stop
-	eend $? "Failed to stop bastille-firewall"
-}
-
diff --git a/app-admin/bastille/files/bastille-2.1.1-hlist-fix.patch b/app-admin/bastille/files/bastille-2.1.1-hlist-fix.patch
deleted file mode 100644
index ad4de0abb836..000000000000
--- a/app-admin/bastille/files/bastille-2.1.1-hlist-fix.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff -urN Bastille.orig/Bastille_Tk.pm Bastille/Bastille_Tk.pm
---- Bastille.orig/Bastille_Tk.pm	2005-04-05 12:28:47.000000000 -0400
-+++ Bastille/Bastille_Tk.pm	2005-04-05 12:27:19.000000000 -0400
-@@ -734,7 +734,7 @@
- # This is the listbox callback
- #
- sub hlist_callback {
--    my $sel = $list->info(selection);
-+    my ($sel) = $list->info(selection);
-     if($sel ne ""){
- 	$list->selectionClear('0', $reverse_module_index{"End"});
- 	$list->selectionSet($sel);
diff --git a/app-admin/bastille/files/bastille-3.0.2-firewall.init b/app-admin/bastille/files/bastille-3.0.2-firewall.init
deleted file mode 100644
index 5537418db804..000000000000
--- a/app-admin/bastille/files/bastille-3.0.2-firewall.init
+++ /dev/null
@@ -1,42 +0,0 @@
-#!/sbin/runscript
-# Copyright 1999-2004 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2         
-# $Header: /var/cvsroot/gentoo-x86/app-admin/bastille/files/bastille-3.0.2-firewall.init,v 1.1 2005/07/31 05:21:10 battousai Exp $
-
-opts="start stop"
-BASTILLEPREFIX="/usr/share/Bastille"
-
-depend() {
-        need logger
-}
-
-start() {
-	# "Borrowed" from the original bastille-firewall init script ((c) P. Watkins)
-	REALSCRIPT=${BASTILLEPREFIX}/bastille-ipchains
-	if [ -n "$(uname -r | awk -F. ' $1 == 2 && $2 > 2 {print}')" ]; then
-	        # We are using Linux 2.3 or newer; use the netfilter script if available
-	        if [ -x ${BASTILLEPREFIX}/bastille-netfilter ]; then
-	                REALSCRIPT=${BASTILLEPREFIX}/bastille-netfilter
-	        fi
-	fi
-	
-        ebegin "Starting bastille-firewall"
-        $REALSCRIPT start
-        eend $? "Failed to start bastille-firewall"
-}
-
-stop() {
-	# "Borrowed" from the original bastille-firewall init script ((c) P. Watkins)
-	REALSCRIPT=${BASTILLEPREFIX}/bastille-ipchains
-	if [ -n "$(uname -r | awk -F. ' $1 == 2 && $2 > 2 {print}')" ]; then
-	        # We are using Linux 2.3 or newer; use the netfilter script if available
-	        if [ -x ${BASTILLEPREFIX}/bastille-netfilter ]; then
-	                REALSCRIPT=${BASTILLEPREFIX}/bastille-netfilter
-	        fi
-	fi
-	
-	ebegin "Stopping bastille-firewall"
-	$REALSCRIPT stop
-	eend $? "Failed to stop bastille-firewall"
-}
-
diff --git a/app-admin/bastille/files/bastille-firewall-imap.patch b/app-admin/bastille/files/bastille-firewall-imap.patch
deleted file mode 100644
index ebde15524341..000000000000
--- a/app-admin/bastille/files/bastille-firewall-imap.patch
+++ /dev/null
@@ -1,154 +0,0 @@
-diff -urN Bastille-orig/Bastille/Firewall.pm Bastille/Bastille/Firewall.pm
---- Bastille-orig/Bastille/Firewall.pm	2004-03-22 18:45:36.376652656 -0500
-+++ Bastille/Bastille/Firewall.pm	2004-03-22 18:47:57.909136448 -0500
-@@ -71,7 +71,7 @@
- 
- 	{
- 	'varname' => "TCP_AUDIT_SERVICES",
--	'default' => "telnet ftp imap pop3 finger sunrpc exec login linuxconf ssh",
-+	'default' => "telnet ftp imap2 pop3 finger sunrpc exec login linuxconf ssh",
- 	'stanza' => "2",
- 	'configname' => 'ip_s_tcpaudit',
- 	},
-diff -urN Bastille-orig/Questions.txt Bastille/Questions.txt
---- Bastille-orig/Questions.txt	2004-03-22 18:45:36.367654024 -0500
-+++ Bastille/Questions.txt	2004-03-22 18:46:13.815961016 -0500
-@@ -1584,7 +1584,7 @@
- some standalone services like OpenSSH, and --unless otherwise configured--
- services running under Red Hat's xinetd super-server, you can configure
- restrictions based on network address in /etc/hosts.allow. The services
--using inetd or xinetd typically include telnet, ftp, pop, imap, finger,
-+using inetd or xinetd typically include telnet, ftp, pop, imap2, finger,
- and a number of other services.
- 
- If you would like, Bastille can configure a default policy for all inetd,
-@@ -4119,11 +4119,11 @@
- interfaces (only the \"public\" interfaces) to these ports and/or services. This is
- useful to spot possible probes or attacks. The default setting records connection
- attempts to several services, although you may not have them installed or enabled. "
--QUESTION: "TCP services to audit: [telnet ftp imap pop3 finger sunrpc exec login
-+QUESTION: "TCP services to audit: [telnet ftp imap2 pop3 finger sunrpc exec login
- linuxconf ssh]"
- REQUIRE_DISTRO: LINUX DB SE TB GE
- SKIP_CHILD: ip_s_udpaudit
--DEFAULT_ANSWER: telnet ftp imap pop3 finger sunrpc exec login linuxconf ssh
-+DEFAULT_ANSWER: telnet ftp imap2 pop3 finger sunrpc exec login linuxconf ssh
- CONFIRM_TEXT: " \nY"
- YN_TOGGLE: 0
- YES_EXP:
-@@ -4237,8 +4237,8 @@
- 
- For instance, a corporate firewall/mailserver might have \"smtp\" enabled
- on the public side to accept outside mail, and for \"internal\" interfaces it might
--allow both \"smtp\" and \"imap\" so local users can both send and get mail; in that
--case you would set this value to \"smtp imap\". This does not affect IP Masquerading's
-+allow both \"smtp\" and \"imap2\" so local users can both send and get mail; in that
-+case you would set this value to \"smtp imap2\". This does not affect IP Masquerading's
- ability to let masq'ed users access any services on outside/Internet hosts. "
- QUESTION: "TCP service names or port numbers to allow on private interfaces: [ ]"
- REQUIRE_DISTRO: LINUX DB SE TB GE
-@@ -4651,11 +4651,11 @@
- interfaces (only the \"public\" interfaces) to these ports and/or services. This is
- useful to spot possible probes or attacks. The default setting records connection
- attempts to several services, although you may not have them installed or enabled. "
--QUESTION: "TCP services to audit: [telnet ftp imap pop3 finger sunrpc exec login
-+QUESTION: "TCP services to audit: [telnet ftp imap2 pop3 finger sunrpc exec login
- linuxconf ssh]"
- REQUIRE_DISTRO: LINUX DB SE TB GE
- SKIP_CHILD: ip_b_udpaudit
--DEFAULT_ANSWER: telnet ftp imap pop3 finger sunrpc exec login linuxconf ssh
-+DEFAULT_ANSWER: telnet ftp imap2 pop3 finger sunrpc exec login linuxconf ssh
- CONFIRM_TEXT: " \nY"
- YN_TOGGLE: 0
- YES_EXP:
-diff -urN Bastille-orig/Server-modify-by-Spong Bastille/Server-modify-by-Spong
---- Bastille-orig/Server-modify-by-Spong	2004-03-22 18:45:36.363654632 -0500
-+++ Bastille/Server-modify-by-Spong	2004-03-22 18:46:31.595258152 -0500
-@@ -10,8 +10,8 @@
- IPChains.ip_b_trustiface="lo"
- # Q: Public interfaces: [eth+ ppp+ slip+]
- IPChains.ip_b_publiciface="eth+ ppp+ slip+"
--# Q: TCP services to audit: [telnet ftp imap pop3 finger sunrpc exec login linuxconf ssh]
--IPChains.ip_b_tcpaudit="telnet ftp imap pop3 finger sunrpc exec login linuxconf ssh"
-+# Q: TCP services to audit: [telnet ftp imap2 pop3 finger sunrpc exec login linuxconf ssh]
-+IPChains.ip_b_tcpaudit="telnet ftp imap2 pop3 finger sunrpc exec login linuxconf ssh"
- # Q: UDP services to audit: [31337]
- IPChains.ip_b_udpaudit="31337"
- # Q: TCP service names or port numbers to allow on public interfaces: [ ]
-diff -urN Bastille-orig/ServerModerate.config Bastille/ServerModerate.config
---- Bastille-orig/ServerModerate.config	2004-03-22 18:45:36.361654936 -0500
-+++ Bastille/ServerModerate.config	2004-03-22 18:46:41.919688600 -0500
-@@ -10,8 +10,8 @@
- IPChains.ip_b_trustiface="lo"
- # Q: Public interfaces: [eth+ ppp+ slip+]
- IPChains.ip_b_publiciface="eth+ ppp+ slip+"
--# Q: TCP services to audit: [telnet ftp imap pop3 finger sunrpc exec login linuxconf ssh]
--IPChains.ip_b_tcpaudit="telnet ftp imap pop3 finger sunrpc exec login linuxconf ssh"
-+# Q: TCP services to audit: [telnet ftp imap2 pop3 finger sunrpc exec login linuxconf ssh]
-+IPChains.ip_b_tcpaudit="telnet ftp imap2 pop3 finger sunrpc exec login linuxconf ssh"
- # Q: UDP services to audit: [31337]
- IPChains.ip_b_udpaudit="31337"
- # Q: TCP service names or port numbers to allow on public interfaces: [ ]
-diff -urN Bastille-orig/ServerParanoia.config Bastille/ServerParanoia.config
---- Bastille-orig/ServerParanoia.config	2004-03-22 18:45:36.379652200 -0500
-+++ Bastille/ServerParanoia.config	2004-03-22 18:46:50.680356776 -0500
-@@ -10,8 +10,8 @@
- IPChains.ip_b_trustiface="lo"
- # Q: Public interfaces: [eth+ ppp+ slip+]
- IPChains.ip_b_publiciface="eth+ ppp+ slip+"
--# Q: TCP services to audit: [telnet ftp imap pop3 finger sunrpc exec login linuxconf ssh]
--IPChains.ip_b_tcpaudit="telnet ftp imap pop3 finger sunrpc exec login linuxconf ssh"
-+# Q: TCP services to audit: [telnet ftp imap2 pop3 finger sunrpc exec login linuxconf ssh]
-+IPChains.ip_b_tcpaudit="telnet ftp imap2 pop3 finger sunrpc exec login linuxconf ssh"
- # Q: UDP services to audit: [31337]
- IPChains.ip_b_udpaudit="31337"
- # Q: TCP service names or port numbers to allow on public interfaces: [ ]
-diff -urN Bastille-orig/WorkstationModerate.config Bastille/WorkstationModerate.config
---- Bastille-orig/WorkstationModerate.config	2004-03-22 18:45:36.359655240 -0500
-+++ Bastille/WorkstationModerate.config	2004-03-22 18:46:59.968944696 -0500
-@@ -10,8 +10,8 @@
- IPChains.ip_b_trustiface="lo"
- # Q: Public interfaces: [eth+ ppp+ slip+]
- IPChains.ip_b_publiciface="eth+ ppp+ slip+"
--# Q: TCP services to audit: [telnet ftp imap pop3 finger sunrpc exec login linuxconf ssh]
--IPChains.ip_b_tcpaudit="telnet ftp imap pop3 finger sunrpc exec login linuxconf ssh"
-+# Q: TCP services to audit: [telnet ftp imap2 pop3 finger sunrpc exec login linuxconf ssh]
-+IPChains.ip_b_tcpaudit="telnet ftp imap2 pop3 finger sunrpc exec login linuxconf ssh"
- # Q: UDP services to audit: [31337]
- IPChains.ip_b_udpaudit="31337"
- # Q: TCP service names or port numbers to allow on public interfaces: [ ]
-diff -urN Bastille-orig/WorkstationParanoia.config Bastille/WorkstationParanoia.config
---- Bastille-orig/WorkstationParanoia.config	2004-03-22 18:45:36.379652200 -0500
-+++ Bastille/WorkstationParanoia.config	2004-03-22 18:47:08.842595696 -0500
-@@ -10,8 +10,8 @@
- IPChains.ip_b_trustiface="lo"
- # Q: Public interfaces: [eth+ ppp+ slip+]
- IPChains.ip_b_publiciface="eth+ ppp+ slip+"
--# Q: TCP services to audit: [telnet ftp imap pop3 finger sunrpc exec login linuxconf ssh]
--IPChains.ip_b_tcpaudit="telnet ftp imap pop3 finger sunrpc exec login linuxconf ssh"
-+# Q: TCP services to audit: [telnet ftp imap2 pop3 finger sunrpc exec login linuxconf ssh]
-+IPChains.ip_b_tcpaudit="telnet ftp imap2 pop3 finger sunrpc exec login linuxconf ssh"
- # Q: UDP services to audit: [31337]
- IPChains.ip_b_udpaudit="31337"
- # Q: TCP service names or port numbers to allow on public interfaces: [ ]
-diff -urN Bastille-orig/bastille-firewall.cfg Bastille/bastille-firewall.cfg
---- Bastille-orig/bastille-firewall.cfg	2004-03-22 18:45:36.378652352 -0500
-+++ Bastille/bastille-firewall.cfg	2004-03-22 18:47:24.028287120 -0500
-@@ -84,7 +84,7 @@
- #
- #	Also see item 12, LOG_FAILURES
- #
--#TCP_AUDIT_SERVICES="telnet ftp imap pop3 finger sunrpc exec login linuxconf ssh" 
-+#TCP_AUDIT_SERVICES="telnet ftp imap2 pop3 finger sunrpc exec login linuxconf ssh" 
- # anyone probing for BackOrifice?
- #UDP_AUDIT_SERVICES="31337"
- # how about ICMP?
-@@ -102,7 +102,7 @@
- # Please make sure variable assignments are on single lines; do NOT
- # use the "\" continuation character (so Bastille can change the
- # values if it is run more than once)
--TCP_AUDIT_SERVICES="telnet ftp imap pop3 finger sunrpc exec login linuxconf ssh" 
-+TCP_AUDIT_SERVICES="telnet ftp imap2 pop3 finger sunrpc exec login linuxconf ssh" 
- UDP_AUDIT_SERVICES="31337"
- ICMP_AUDIT_TYPES=""
-
author	Bryan Stine <battousai@gentoo.org>	2009-01-09 00:36:14 +0000
committer	Bryan Stine <battousai@gentoo.org>	2009-01-09 00:36:14 +0000
commit	fbb0d7967d1eb1e758462468f93947ea41336f7f (patch)
tree	58edaf80047250f05f2a05f989a87aa6e4fd9132 /app-admin/bastille
parent	Add tk to IUSE. (diff)
download	historical-fbb0d7967d1eb1e758462468f93947ea41336f7f.tar.gz historical-fbb0d7967d1eb1e758462468f93947ea41336f7f.tar.bz2 historical-fbb0d7967d1eb1e758462468f93947ea41336f7f.zip