notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)Want a good monitor light? See my photosAll times are UTC		 Ukraine
Port details
imds-filterd Provides per user/group access controls to the EC2 IMDS
0.1 security on this many watch lists=2 search for ports that depend on this port Find issues related to this port Report an issue related to this port View this port on Repology. pkg-fallout 0.1Version of this port present on the latest quarterly branch.
Maintainer: cperciva@FreeBSD.org search for ports maintained by this maintainer
Port Added: 2020-01-27 09:01:24
Last Update: 2022-09-07 21:58:51
Commit Hash: fb16dfe
People watching this port, also watch:: jdictionary, py311-Automat, py311-python-gdsii, py39-PyOpenGL, p5-Sane
License: BSD2CLAUSE
WWW:
https://github.com/cperciva/imds-filterd
Description:
imds-filterd (pronounced "I M D S Filter D") is a pair of utilities which work together to intercept and filter requests to the EC2 Instance Metadata Service -- or theoretically any other service at 169.254.169.254:80. It validates requests against a configured ruleset which specifies whether given users and groups should be allowed or denied access to certain prefixes in the Instance Metadata Service. For example, "root" could be granted access to everything; most unprivileged users granted access to everything except IAM role credentials; but the www user denied access to the entire Instance Metadata Service in order to guard against SSRF and similar attacks.
Homepage    cgit ¦ Codeberg ¦ GitHub ¦ GitLab ¦ SVNWeb

Manual pages:
FreshPorts has no man page information for this port.
pkg-plist: as obtained via: make generate-plist
Expand this list (10 items)
Collapse this list.
  1. etc/rc.d/imds-filterd
  2. etc/rc.d/imds-proxy
  3. sbin/imds-filterd
  4. sbin/imds-proxy
  5. @sample etc/newsyslog.conf.d/imds.conf.sample
  6. @sample etc/syslog.d/imds.conf.sample
  7. @sample etc/imds.conf.sample
  8. /usr/local/share/licenses/imds-filterd-0.1/catalog.mk
  9. /usr/local/share/licenses/imds-filterd-0.1/LICENSE
  10. /usr/local/share/licenses/imds-filterd-0.1/BSD2CLAUSE
Collapse this list.
Dependency lines:
  • imds-filterd>0:security/imds-filterd
To install the port:
cd /usr/ports/security/imds-filterd/ && make install clean
To add the package, run one of these commands:
  • pkg install security/imds-filterd
  • pkg install imds-filterd
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.
PKGNAME: imds-filterd
Flavors: there is no flavor information for this port.
distinfo:
TIMESTAMP = 1580074291 SHA256 (cperciva-imds-filterd-0.1_GH0.tar.gz) = e0e8b28046b2a917e110d1313242947aa6901635e81552107ab2f6a2fba83441 SIZE (cperciva-imds-filterd-0.1_GH0.tar.gz) = 64011
Packages (timestamps in pop-ups are UTC):
imds-filterd
ABIaarch64amd64armv6armv7i386powerpcpowerpc64powerpc64le
FreeBSD:13:latest0.10.10.10.10.1-0.1-
FreeBSD:13:quarterly0.10.10.10.10.10.10.10.1
FreeBSD:14:latest0.10.10.10.10.10.1-0.1
FreeBSD:14:quarterly0.10.1-0.10.10.10.10.1
FreeBSD:15:latest0.10.1n/a0.1n/a0.10.10.1
This port has no dependencies.
There are no ports dependent upon this port
Configuration Options:
===> The following configuration options are available for imds-filterd-0.1: DOCS=on: Build and/or install documentation ===> Use 'make config' to modify these settings
Options name:
security_imds-filterd
pkg-message:
For install:
To enable imds-filterd, add imds_filterd_enable=YES to /etc/rc.conf. To configure imds-filterd, edit $PREFIX/etc/imds.conf. imds-filterd ships with configurations for syslogd and newsyslog which log accesses to the Instance Metadata Service to /var/log/imds.log and rotate this file upon reaching 1 MB; these settings can be modified via $PREFIX/etc/{syslog.d, newsyslog.conf.d}/imds.conf.
Master Sites:
Expand this list (1 items)
Collapse this list.
  1. https://codeload.github.com/cperciva/imds-filterd/tar.gz/0.1?dummy=/
Collapse this list.

Number of commits found: 5

Commit History - (may be incomplete: for full details, see links to repositories near top of page)
CommitCreditsLog message
07 Sep 2022 21:58:51
commit hash: fb16dfecae4a6efac9f3a78e0b759fb7a3c53de4commit hash: fb16dfecae4a6efac9f3a78e0b759fb7a3c53de4commit hash: fb16dfecae4a6efac9f3a78e0b759fb7a3c53de4commit hash: fb16dfecae4a6efac9f3a78e0b759fb7a3c53de4 files touched by this commit		 Stefan Eßer (se) search for other commits by this committer 
Remove WWW entries moved into port Makefiles

Commit b7f05445c00f has added WWW entries to port Makefiles based on
WWW: lines in pkg-descr files.

This commit removes the WWW: lines of moved-over URLs from these
pkg-descr files.

Approved by:		portmgr (tcberner)
0.1
07 Sep 2022 21:10:59
commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52 files touched by this commit		 Stefan Eßer (se) search for other commits by this committer 
Add WWW entries to port Makefiles

It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.

Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.

There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
0.1
07 Apr 2021 08:09:01
commit hash: cf118ccf875508b9a1c570044c93cfcc82bd455ccommit hash: cf118ccf875508b9a1c570044c93cfcc82bd455ccommit hash: cf118ccf875508b9a1c570044c93cfcc82bd455ccommit hash: cf118ccf875508b9a1c570044c93cfcc82bd455c files touched by this commit		 Mathieu Arnold (mat) search for other commits by this committer 
One more small cleanup, forgotten yesterday.
Reported by:	lwhsu
0.1
06 Apr 2021 14:31:07
commit hash: 305f148f482daf30dcf728039d03d019f88344ebcommit hash: 305f148f482daf30dcf728039d03d019f88344ebcommit hash: 305f148f482daf30dcf728039d03d019f88344ebcommit hash: 305f148f482daf30dcf728039d03d019f88344eb files touched by this commit		 Mathieu Arnold (mat) search for other commits by this committer 
Remove # $FreeBSD$ from Makefiles.
0.1
27 Jan 2020 09:01:16
Revision:524248Original commit files touched by this commit		 cperciva search for other commits by this committer 
Add imds-filterd.

The imds-filterd tool allows administrators of EC2 instances to lock down
which data from the Instance Metadata Service can be accessed by specified
system users and groups, thereby making the EC2 Instance Metadata Service
compatible with traditional UNIX privilege separation.

Reviewed by:	otis, dizzy, lwhsu
Sponsored by:	Tarsnap Backup Inc.

Number of commits found: 5
Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
Security Policy
Privacy
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
firefoxFeb 07
firefoxFeb 07
firefox-esrFeb 07
firefox-esrFeb 07
libcacaFeb 07
mariadb1011-serverFeb 07
mariadb105-serverFeb 07
mariadb106-serverFeb 07
mariadb114-serverFeb 07
thunderbirdFeb 07
thunderbirdFeb 07
nginxFeb 05
nginx-develFeb 05
qt6-webengineFeb 02
chromiumJan 31

16 vulnerabilities affecting 272 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities

Last processed:
2025-02-07 16:55:44 UTC


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)

Calculated hourly:
Port count 33199
Broken 103
Deprecated 225
Ignore 223
Forbidden 1
Restricted 1
No CDROM 1
Vulnerable 29
Expired 12
Set to expire 180
Interactive 0
new 24 hours 2
new 48 hours2
new 7 days54
new fortnight110
new month143
Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD 		Valid HTML, CSS, and RSS. Copyright © 2000-2025 Dan Langille. All rights reserved.