5 files changed, 12 insertions, 4 deletions

diff --git a/security/ossec-hids-local/Makefile b/security/ossec-hids-local/Makefile
index 3b5dc17..de07d87 100644
--- a/security/ossec-hids-local/Makefile
+++ b/security/ossec-hids-local/Makefile
@@ -1,5 +1,7 @@
+PORTREVISION?=	1
 PKGNAMESUFFIX?=	-${OSSEC_TYPE}
 COMMENT?=	Security tool to monitor and check logs and intrusions - local (standalone) installation
+WWW=		https://ossec.github.io
 OSSEC_TYPE?=	local
 
 .include "${.CURDIR}/../ossec-hids/version.mk"
@@ -138,6 +140,10 @@ SAMPLE_FILES=		${OSSEC_HOME}/etc/local_internal_options.conf \
 			${OSSEC_HOME}/active-response/bin/ossec-slack.sh \
 			${OSSEC_HOME}/active-response/bin/ossec-tweeter.sh
 
+.if ${OSSEC_TYPE} != agent
+SAMPLE_FILES+=		${OSSEC_HOME}/rules/local_rules.xml
+.endif
+
 .if empty(USER)
 USER=$$(${ID} -un)
 .endif
diff --git a/security/ossec-hids-local/pkg-descr b/security/ossec-hids-local/pkg-descr
index 3156a70..31935c9 100644
--- a/security/ossec-hids-local/pkg-descr
+++ b/security/ossec-hids-local/pkg-descr
@@ -2,5 +2,3 @@ OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection
 System (HIDS). It has a powerful correlation and analysis engine, integrating
 log analysis, file integrity checking, Windows registry monitoring, centralized
 policy enforcement, rootkit detection, real-time alerting and active response.
-
-WWW: https://ossec.github.io
diff --git a/security/ossec-hids-local/pkg-plist-local b/security/ossec-hids-local/pkg-plist-local
index 630a2d4..55fa77b 100644
--- a/security/ossec-hids-local/pkg-plist-local
+++ b/security/ossec-hids-local/pkg-plist-local
@@ -119,7 +119,7 @@
 @(,ossec,0640) %%OSSEC_HOME%%/rules/last_rootlogin_rules.xml
 @(,ossec,0640) %%OSSEC_HOME%%/rules/lighttpd_rules.xml
 @(,ossec,0640) %%OSSEC_HOME%%/rules/linux_usbdetect_rules.xml
-@(,ossec,0640) %%OSSEC_HOME%%/rules/local_rules.xml
+@sample(,ossec,0640) %%OSSEC_HOME%%/rules/local_rules.xml.sample
 @(,ossec,0640) %%OSSEC_HOME%%/rules/mailscanner_rules.xml
 @(,ossec,0640) %%OSSEC_HOME%%/rules/mcafee_av_rules.xml
 @(,ossec,0640) %%OSSEC_HOME%%/rules/mhn_cowrie_rules.xml
diff --git a/security/ossec-hids-local/pkg-plist-server b/security/ossec-hids-local/pkg-plist-server
index 630a2d4..55fa77b 100644
--- a/security/ossec-hids-local/pkg-plist-server
+++ b/security/ossec-hids-local/pkg-plist-server
@@ -119,7 +119,7 @@
 @(,ossec,0640) %%OSSEC_HOME%%/rules/last_rootlogin_rules.xml
 @(,ossec,0640) %%OSSEC_HOME%%/rules/lighttpd_rules.xml
 @(,ossec,0640) %%OSSEC_HOME%%/rules/linux_usbdetect_rules.xml
-@(,ossec,0640) %%OSSEC_HOME%%/rules/local_rules.xml
+@sample(,ossec,0640) %%OSSEC_HOME%%/rules/local_rules.xml.sample
 @(,ossec,0640) %%OSSEC_HOME%%/rules/mailscanner_rules.xml
 @(,ossec,0640) %%OSSEC_HOME%%/rules/mcafee_av_rules.xml
 @(,ossec,0640) %%OSSEC_HOME%%/rules/mhn_cowrie_rules.xml
diff --git a/security/ossec-hids-local/scripts/plist.conf b/security/ossec-hids-local/scripts/plist.conf
index 7095978..756b49f 100644
--- a/security/ossec-hids-local/scripts/plist.conf
+++ b/security/ossec-hids-local/scripts/plist.conf
@@ -33,3 +33,7 @@ sample_paths="
 /active-response/bin/ossec-pagerduty.sh.sample
 /active-response/bin/ossec-slack.sh.sample
 /active-response/bin/ossec-tweeter.sh.sample"
+if [ "${OSSEC_TYPE}" != "agent" ]; then
+    sample_paths="${sample_paths}
+/rules/local_rules.xml.sample"
+fi