1 |
patrick 10/03/02 02:22:29 |
2 |
|
3 |
Modified: ChangeLog |
4 |
Added: snort-2.8.5.3.ebuild |
5 |
Log: |
6 |
Bump for #307351, thanks to Jason Wallace |
7 |
(Portage version: 2.2_rc63/cvs/Linux x86_64) |
8 |
|
9 |
Revision Changes Path |
10 |
1.161 net-analyzer/snort/ChangeLog |
11 |
|
12 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/ChangeLog?rev=1.161&view=markup |
13 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/ChangeLog?rev=1.161&content-type=text/plain |
14 |
diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/ChangeLog?r1=1.160&r2=1.161 |
15 |
|
16 |
Index: ChangeLog |
17 |
=================================================================== |
18 |
RCS file: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v |
19 |
retrieving revision 1.160 |
20 |
retrieving revision 1.161 |
21 |
diff -u -r1.160 -r1.161 |
22 |
--- ChangeLog 4 Jan 2010 17:59:01 -0000 1.160 |
23 |
+++ ChangeLog 2 Mar 2010 02:22:28 -0000 1.161 |
24 |
@@ -1,6 +1,11 @@ |
25 |
# ChangeLog for net-analyzer/snort |
26 |
# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 |
27 |
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.160 2010/01/04 17:59:01 patrick Exp $ |
28 |
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.161 2010/03/02 02:22:28 patrick Exp $ |
29 |
+ |
30 |
+*snort-2.8.5.3 (02 Mar 2010) |
31 |
+ |
32 |
+ 02 Mar 2010; Patrick Lauer <patrick@g.o> +snort-2.8.5.3.ebuild: |
33 |
+ Bump for #307351, thanks to Jason Wallace |
34 |
|
35 |
*snort-2.8.5.2 (04 Jan 2010) |
36 |
|
37 |
|
38 |
|
39 |
|
40 |
1.1 net-analyzer/snort/snort-2.8.5.3.ebuild |
41 |
|
42 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/snort-2.8.5.3.ebuild?rev=1.1&view=markup |
43 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/snort-2.8.5.3.ebuild?rev=1.1&content-type=text/plain |
44 |
|
45 |
Index: snort-2.8.5.3.ebuild |
46 |
=================================================================== |
47 |
# Copyright 1999-2010 Gentoo Foundation |
48 |
# Distributed under the terms of the GNU General Public License v2 |
49 |
# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/snort-2.8.5.3.ebuild,v 1.1 2010/03/02 02:22:28 patrick Exp $ |
50 |
|
51 |
inherit eutils autotools multilib |
52 |
|
53 |
DESCRIPTION="The de facto standard for intrusion detection/prevention" |
54 |
HOMEPAGE="http://www.snort.org/" |
55 |
SRC_URI="http://dl.snort.org/snort-current/${P}.tar.gz" |
56 |
LICENSE="GPL-2" |
57 |
SLOT="0" |
58 |
KEYWORDS="~alpha ~amd64 ~ppc ~ppc64 ~sparc ~x86" |
59 |
IUSE="static dynamicplugin ipv6 gre mpls targetbased decoder-preprocessor-rules ppm timestats perfprofiling linux-smp-stats inline inline-init-failopen prelude threads debug reload reload-error-restart flexresp flexresp2 react aruba mysql odbc postgres selinux" |
60 |
|
61 |
#flexresp, react, and inline _ONLY_ work with net-libs/libnet-1.0.2a |
62 |
DEPEND="virtual/libpcap |
63 |
>=dev-libs/libpcre-6.0 |
64 |
flexresp2? ( dev-libs/libdnet ) |
65 |
flexresp? ( ~net-libs/libnet-1.0.2a ) |
66 |
react? ( ~net-libs/libnet-1.0.2a ) |
67 |
postgres? ( virtual/postgresql-base ) |
68 |
mysql? ( virtual/mysql ) |
69 |
odbc? ( dev-db/unixODBC ) |
70 |
prelude? ( >=dev-libs/libprelude-0.9.0 ) |
71 |
inline? ( ~net-libs/libnet-1.0.2a net-firewall/iptables )" |
72 |
|
73 |
RDEPEND="${DEPEND} |
74 |
dev-lang/perl |
75 |
selinux? ( sec-policy/selinux-snort )" |
76 |
|
77 |
pkg_setup() { |
78 |
|
79 |
if use flexresp && use flexresp2; then |
80 |
eerror |
81 |
eerror "You have both the 'flexresp' and 'flexresp2' USE flags set." |
82 |
eerror "You can use 'flexresp' OR 'flexresp2' but not both." |
83 |
eerror "flexresp2 is recommended." |
84 |
die |
85 |
elif use flexresp && use react; then |
86 |
eerror |
87 |
eerror "You have both the 'react' and 'flexresp' USE flags set." |
88 |
eerror "'react' is enabled automaticly when the 'flexresp'" |
89 |
eerror "USE flag is set, but ./configure will fail if both are enabled." |
90 |
eerror |
91 |
eerror "This is an upstream issue and not a problem with this ebuild." |
92 |
eerror |
93 |
eerror "To enable both 'flexresp' and 'react' set USE="flexresp -react"" |
94 |
die |
95 |
elif use flexresp2 && use react; then |
96 |
eerror |
97 |
eerror "You have both the 'react' and 'flexresp2' USE flags set." |
98 |
eerror "You can use 'react' OR 'flexresp2' but not both." |
99 |
die |
100 |
elif use inline-init-failopen && ! use inline; then |
101 |
eerror |
102 |
eerror "You have enabled the 'inline-init-failopen' USE flag" |
103 |
eerror "but not the 'inline' USE flag." |
104 |
eerror "'inline-init-failopen' requires 'inline' be enabled." |
105 |
die |
106 |
elif use reload-error-restart && ! use reload; then |
107 |
eerror |
108 |
eerror "You have enabled the 'reload-error-restart' USE flag" |
109 |
eerror "but not the 'reload' USE flag." |
110 |
eerror "'reload-error-restart' requires 'reload' be enabled." |
111 |
die |
112 |
fi |
113 |
|
114 |
# pre_inst() is a better place to put this |
115 |
# but we need it here for the 'fowners' statements in src_install() |
116 |
enewgroup snort |
117 |
enewuser snort -1 -1 /dev/null snort |
118 |
|
119 |
} |
120 |
|
121 |
src_unpack() { |
122 |
|
123 |
unpack ${A} |
124 |
cd "${S}" |
125 |
|
126 |
# Fix to prevent the docs Makefile from being used. |
127 |
# Fixes #297190. |
128 |
einfo "Applying documentation fix." |
129 |
sed -i -e 's:src doc etc:src etc:g' \ |
130 |
"${WORKDIR}/${P}/Makefile.am" || die "Doc fix Failed" |
131 |
|
132 |
# Fix to allow parallel building. |
133 |
# Thanks to Natanael Copa #291558 |
134 |
einfo "Applying parallel building fix." |
135 |
sed -i -e 's/^all-local:.*/all-local: $(LTLIBRARIES)/' \ |
136 |
src/dynamic-preprocessors/*/Makefile.am \ |
137 |
|| die "parallel builds fix Failed" |
138 |
|
139 |
#Replaces the libnet-1.0 patch for inline, flexresp, and react |
140 |
if use flexresp || use react || use inline; then |
141 |
|
142 |
einfo "Applying libnet-1.0 fix." |
143 |
sed -i -e 's:libnet.h:libnet-1.0.h:g' \ |
144 |
"${WORKDIR}/${P}/configure.in" \ |
145 |
"${WORKDIR}/${P}/src/detection-plugins/sp_react.c" \ |
146 |
"${WORKDIR}/${P}/src/detection-plugins/sp_respond.c" \ |
147 |
"${WORKDIR}/${P}/src/inline.c" || die "sed for libnet-1.0.h failed" |
148 |
|
149 |
sed -i -e 's:libnet-config:libnet-1.0-config:g' \ |
150 |
"${WORKDIR}/${P}/configure.in" || die "sed for libnet-1.0-config failed" |
151 |
|
152 |
sed -i -e 's:-lnet:-lnet-1.0:g' \ |
153 |
"${WORKDIR}/${P}/configure.in" || die "sed for -lnet-1.0 failed" |
154 |
|
155 |
sed -i -e 's:AC_CHECK_LIB(net:AC_CHECK_LIB(net-1.0:g' \ |
156 |
"${WORKDIR}/${P}/configure.in" || die "sed for net-1.0 failed" |
157 |
|
158 |
fi |
159 |
|
160 |
#Multilib fix for the sf_engine |
161 |
einfo "Applying multilib fix." |
162 |
sed -i -e 's:${exec_prefix}/lib:${exec_prefix}/'$(get_libdir)':g' \ |
163 |
"${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ |
164 |
|| die "sed for sf_engine failed" |
165 |
|
166 |
#Multilib fix for the curent set of dynamic-preprocessors |
167 |
for i in ftptelnet smtp ssh dcerpc dns ssl dcerpc2; do |
168 |
sed -i -e 's:${exec_prefix}/lib:${exec_prefix}/'$(get_libdir)':g' \ |
169 |
"${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ |
170 |
|| die "sed for $i failed." |
171 |
done |
172 |
|
173 |
#This sed will prevent the example dynamic code from being compiled/installed |
174 |
einfo "Disabling sample code." |
175 |
sed -i -e 's:$(EXAMPLES_DIR)::g' "${WORKDIR}/${P}/src/Makefile.am" |
176 |
|
177 |
if use prelude; then |
178 |
einfo "Applying prelude fix." |
179 |
sed -i -e "s:AC_PROG_RANLIB:AC_PROG_LIBTOOL:" configure.in |
180 |
fi |
181 |
|
182 |
AT_M4DIR=m4 eautoreconf |
183 |
} |
184 |
|
185 |
src_compile() { |
186 |
|
187 |
local myconf |
188 |
|
189 |
#targetbased and inline-init-failopen automaticly enable pthread |
190 |
if use threads || use targetbased || use inline-init-failopen; then |
191 |
myconf="${myconf} --enable-pthread" |
192 |
fi |
193 |
|
194 |
#Tell flexresp, react, and inline where libipq is |
195 |
if use flexresp || use react || use inline; then |
196 |
myconf="${myconf} --with-libipq-includes=/usr/include/libipq" |
197 |
fi |
198 |
|
199 |
econf \ |
200 |
$(use_enable !static shared) \ |
201 |
$(use_enable static) \ |
202 |
$(use_enable dynamicplugin) \ |
203 |
$(use_enable ipv6) \ |
204 |
$(use_enable gre) \ |
205 |
$(use_enable mpls) \ |
206 |
$(use_enable targetbased) \ |
207 |
$(use_enable decoder-preprocessor-rules) \ |
208 |
$(use_enable ppm) \ |
209 |
$(use_enable timestats) \ |
210 |
$(use_enable perfprofiling) \ |
211 |
$(use_enable linux-smp-stats) \ |
212 |
$(use_enable inline) \ |
213 |
$(use_enable inline-init-failopen) \ |
214 |
$(use_enable prelude) \ |
215 |
$(use_enable debug) \ |
216 |
$(use_enable reload) \ |
217 |
$(use_enable reload-error-restart) \ |
218 |
$(use_enable flexresp) \ |
219 |
$(use_enable flexresp2) \ |
220 |
$(use_enable react) \ |
221 |
$(use_enable aruba) \ |
222 |
$(use_with mysql) \ |
223 |
$(use_with odbc) \ |
224 |
$(use_with postgres postgresql) \ |
225 |
--disable-ipfw \ |
226 |
--disable-profile \ |
227 |
--disable-ppm-test \ |
228 |
--without-oracle \ |
229 |
${myconf} |
230 |
|
231 |
emake || die "make failed" |
232 |
|
233 |
} |
234 |
|
235 |
src_install() { |
236 |
|
237 |
emake DESTDIR="${D}" install || die "make install failed" |
238 |
|
239 |
keepdir /var/log/snort/ |
240 |
fowners snort:snort /var/log/snort |
241 |
|
242 |
keepdir /var/run/snort/ |
243 |
fowners snort:snort /var/run/snort/ |
244 |
|
245 |
dodoc doc/* |
246 |
dodoc ./RELEASE.NOTES |
247 |
docinto schemas |
248 |
dodoc schemas/* |
249 |
|
250 |
insinto /etc/snort |
251 |
doins etc/attribute_table.dtd \ |
252 |
etc/classification.config \ |
253 |
etc/gen-msg.map \ |
254 |
etc/reference.config \ |
255 |
etc/sid-msg.map \ |
256 |
etc/threshold.conf \ |
257 |
etc/unicode.map \ |
258 |
|| die "Failed to add files in /etc/snort" |
259 |
|
260 |
newins etc/snort.conf snort.conf.distrib |
261 |
|
262 |
insinto /etc/snort/preproc_rules |
263 |
doins preproc_rules/decoder.rules \ |
264 |
preproc_rules/preprocessor.rules \ |
265 |
|| die "Failed to add files in /etc/snort/preproc_rules" |
266 |
|
267 |
keepdir /etc/snort/rules/ |
268 |
|
269 |
keepdir /usr/$(get_libdir)/snort_dynamicrule |
270 |
|
271 |
fowners -R snort:snort /etc/snort/ |
272 |
|
273 |
if use reload; then |
274 |
newinitd "${FILESDIR}/snort.reload.rc1" snort \ |
275 |
|| die "Failed to add snort.reload.rc1" |
276 |
else |
277 |
newinitd "${FILESDIR}/snort.rc9" snort || die "Failed to add snort.rc9" |
278 |
fi |
279 |
|
280 |
newconfd "${FILESDIR}/snort.confd" snort || die "Failed to add snort.confd" |
281 |
|
282 |
# Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection |
283 |
sed -i -e 's:/usr/local/lib:/usr/'$(get_libdir)':g' \ |
284 |
"${D}etc/snort/snort.conf.distrib" |
285 |
|
286 |
#Set the correct rule location in the config |
287 |
sed -i -e 's:RULE_PATH ../rules:RULE_PATH /etc/snort/rules:g' \ |
288 |
"${D}etc/snort/snort.conf.distrib" |
289 |
|
290 |
#Set the correct preprocessor/decoder rule location in the config |
291 |
sed -i -e 's:PREPROC_RULE_PATH ../preproc_rules:PREPROC_RULE_PATH /etc/snort/preproc_rules:g' \ |
292 |
"${D}etc/snort/snort.conf.distrib" |
293 |
|
294 |
#Enable the preprocessor/decoder rules |
295 |
sed -i -e 's:^# include $PREPROC_RULE_PATH:include $PREPROC_RULE_PATH:g' \ |
296 |
"${D}etc/snort/snort.conf.distrib" |
297 |
sed -i -e 's:^# dynamicdetection directory:dynamicdetection directory:g' \ |
298 |
"${D}etc/snort/snort.conf.distrib" |
299 |
|
300 |
#Just some clean up of trailing /'s in the config |
301 |
sed -i -e 's:snort_dynamicpreprocessor/$:snort_dynamicpreprocessor:g' \ |
302 |
"${D}etc/snort/snort.conf.distrib" |
303 |
sed -i -e 's:snort_dynamicrule/$:snort_dynamicrule:g' \ |
304 |
"${D}etc/snort/snort.conf.distrib" |
305 |
|
306 |
#Make it clear in the config where these are... |
307 |
sed -i -e 's:^include classification.config:include /etc/snort/classification.config:g' \ |
308 |
"${D}etc/snort/snort.conf.distrib" |
309 |
sed -i -e 's:^include reference.config:include /etc/snort/reference.config:g' \ |
310 |
"${D}etc/snort/snort.conf.distrib" |
311 |
|
312 |
#Disable all rule files by default. |
313 |
#Users need to choose what they want enabled. |
314 |
sed -i -e 's:^include $RULE_PATH:# include $RULE_PATH:g' \ |
315 |
"${D}etc/snort/snort.conf.distrib" |
316 |
|
317 |
} |
318 |
|
319 |
pkg_postinst() { |
320 |
einfo |
321 |
einfo "Snort is a libpcap based packet capture tool which can be used in" |
322 |
einfo "three modes Sniffer Mode, Packet Logger Mode, or Network Intrusion" |
323 |
einfo "Detection/Prevention System Mode." |
324 |
einfo |
325 |
einfo "To learn more about these modes review the Snort User Manual at..." |
326 |
einfo |
327 |
einfo "http://www.snort.org/docs/" |
328 |
einfo |
329 |
einfo "See /usr/share/doc/${PF} and /etc/snort/snort.conf.distrib for" |
330 |
einfo "information on configuring snort." |
331 |
einfo |
332 |
einfo "Joining the Snort-Users and Snort-Sigs mailing list is highly" |
333 |
einfo "recommended for all users..." |
334 |
einfo |
335 |
einfo "http://www.snort.org/community/mailing-lists/" |
336 |
einfo |
337 |
einfo "To download rules for use with Snort please, see the following" |
338 |
einfo |
339 |
einfo "Sourcefire's VRT Rules and older Community Rules:" |
340 |
einfo "http://www.snort.org/pub-bin/downloads.cgi" |
341 |
einfo |
342 |
einfo "Emerging Threats Rules:" |
343 |
einfo "http://www.emergingthreats.net/" |
344 |
einfo |
345 |
einfo "To manage updates to your rules please visit..." |
346 |
einfo |
347 |
einfo "http://oinkmaster.sourceforge.net/" |
348 |
einfo |
349 |
einfo "and then 'emerge oinkmaster'." |
350 |
elog |
351 |
elog "Snort-2.8.5.3 Notes:" |
352 |
elog |
353 |
elog "Ebuild Notes" |
354 |
elog "The USE flags 'prelude' and 'ipv6' now work when used together." |
355 |
elog |
356 |
elog "Snort Release Notes:" |
357 |
elog "http://dl.snort.org/snort-current/release_notes_2853.txt" |
358 |
elog |
359 |
elog "Make sure to check snort.conf.distrib for new features/options." |
360 |
elog |
361 |
} |