[gentoo-commits] gentoo-x86 commit in net-analyzer/snort: metadata.xml ChangeLog snort-2.8.5.1.ebuild - gentoo-commits

From:	"Patrick Lauer (patrick)" <patrick@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] gentoo-x86 commit in net-analyzer/snort: metadata.xml ChangeLog snort-2.8.5.1.ebuild
Date:	Mon, 02 Nov 2009 17:24:42
Message-Id:	`E1N50dy-0007h9-Lx@stork.gentoo.org`

1

patrick     09/11/02 17:24:38

2

3

  Modified:             metadata.xml ChangeLog

4

  Added:                snort-2.8.5.1.ebuild

5

  Log:

6

  Bump, thanks to Jason Wallace. Fixes #291558 #291604 #291357

7

  (Portage version: 2.2_rc48/cvs/Linux x86_64)

8

9

Revision  Changes    Path

10

1.10                 net-analyzer/snort/metadata.xml

11

12

file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/metadata.xml?rev=1.10&view=markup

13

plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/metadata.xml?rev=1.10&content-type=text/plain

14

diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/metadata.xml?r1=1.9&r2=1.10

15

16

Index: metadata.xml

17

===================================================================

18

RCS file: /var/cvsroot/gentoo-x86/net-analyzer/snort/metadata.xml,v

19

retrieving revision 1.9

20

retrieving revision 1.10

21

diff -u -r1.9 -r1.10

22

--- metadata.xml	31 May 2009 22:39:54 -0000	1.9

23

+++ metadata.xml	2 Nov 2009 17:24:37 -0000	1.10

24

@@ -31,5 +31,7 @@

25

 <flag name='react'>Enable interception and termination of offending HTTP accesses</flag>

26

 <flag name='targetbased'>Enable targetbased support</flag>

27

 <flag name='timestats'>Enable TimeStats functionality</flag>

28

+<flag name='reload'>Enable reloading a configuration without restarting</flag>

29

+<flag name='reload-error-restart'>Enable restarting on reload error</flag>

30

 </use>

31

 </pkgmetadata>

1.154                net-analyzer/snort/ChangeLog

36

37

file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/ChangeLog?rev=1.154&view=markup

38

plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/ChangeLog?rev=1.154&content-type=text/plain

39

diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/ChangeLog?r1=1.153&r2=1.154

40

41

Index: ChangeLog

42

===================================================================

43

RCS file: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v

44

retrieving revision 1.153

45

retrieving revision 1.154

46

diff -u -r1.153 -r1.154

47

--- ChangeLog	12 Sep 2009 03:01:27 -0000	1.153

48

+++ ChangeLog	2 Nov 2009 17:24:37 -0000	1.154

49

@@ -1,6 +1,12 @@

50

 # ChangeLog for net-analyzer/snort

51

 # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2

52

-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.153 2009/09/12 03:01:27 vostorga Exp $

53

+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.154 2009/11/02 17:24:37 patrick Exp $

54

+

55

+*snort-2.8.5.1 (02 Nov 2009)

56

+

57

+  02 Nov 2009; Patrick Lauer <patrick@g.o> +snort-2.8.5.1.ebuild,

58

+  +files/snort.reload.rc1, metadata.xml:

59

+  Bump, thanks to Jason Wallace. Fixes #291558 #291604 #291357

60

61

   12 Sep 2009; Víctor Ostorga <vostorga@g.o>

62

   -files/snort-2.6.1.1-libnet.patch, -files/snort-2.6.1.2-libdir.patch,

1.1                  net-analyzer/snort/snort-2.8.5.1.ebuild

67

68

file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/snort-2.8.5.1.ebuild?rev=1.1&view=markup

69

plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/snort-2.8.5.1.ebuild?rev=1.1&content-type=text/plain

70

71

Index: snort-2.8.5.1.ebuild

72

===================================================================

73

# Copyright 1999-2009 Gentoo Foundation

74

# Distributed under the terms of the GNU General Public License v2

75

# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/snort-2.8.5.1.ebuild,v 1.1 2009/11/02 17:24:37 patrick Exp $

76

77

inherit eutils autotools multilib

78

79

DESCRIPTION="The de facto standard for intrusion detection/prevention"

80

HOMEPAGE="http://www.snort.org/"

81

SRC_URI="http://dl.snort.org/snort-current/${P}.tar.gz"

82

LICENSE="GPL-2"

83

SLOT="0"

84

KEYWORDS="~alpha ~amd64 ~ppc ~ppc64 -sparc ~x86"

85

IUSE="static dynamicplugin ipv6 gre mpls targetbased decoder-preprocessor-rules ppm timestats perfprofiling linux-smp-stats inline inline-init-failopen prelude threads debug reload reload-error-restart flexresp flexresp2 react aruba mysql odbc postgres selinux"

86

87

#flexresp, react, and inline _ONLY_ work with net-libs/libnet-1.0.2a

88

DEPEND="virtual/libpcap

89

	>=dev-libs/libpcre-6.0

90

	flexresp2? ( dev-libs/libdnet )

91

	flexresp? ( ~net-libs/libnet-1.0.2a )

92

	react? ( ~net-libs/libnet-1.0.2a )

93

	postgres? ( virtual/postgresql-base )

94

	mysql? ( virtual/mysql )

95

	odbc? ( dev-db/unixODBC )

96

	prelude? ( >=dev-libs/libprelude-0.9.0 )

97

	inline? ( ~net-libs/libnet-1.0.2a net-firewall/iptables )"

98

99

RDEPEND="${DEPEND}

100

	dev-lang/perl

101

	selinux? ( sec-policy/selinux-snort )"

102

103

pkg_setup() {

104

105

	if use flexresp && use flexresp2; then

106

		eerror

107

		eerror "You have both the 'flexresp' and 'flexresp2' USE flags set."

108

		eerror "You can use 'flexresp' OR 'flexresp2' but not both."

109

		eerror "flexresp2 is recommended."

110

die

111

	elif use flexresp && use react; then

112

		eerror

113

		eerror "You have both the 'react' and 'flexresp' USE flags set."

114

		eerror "'react' is enabled automaticly when the 'flexresp'"

115

		eerror "USE flag is set, but ./configure will fail if both are enabled."

116

		eerror

117

		eerror "This is an upstream issue and not a problem with this ebuild."

118

		eerror

119

		eerror "To enable both 'flexresp' and 'react' set USE="flexresp -react""

120

die

121

	elif use flexresp2 && use react; then

122

		eerror

123

		eerror "You have both the 'react' and 'flexresp2' USE flags set."

124

		eerror "You can use 'react' OR 'flexresp2' but not both."

125

die

126

	elif use inline-init-failopen && ! use inline; then

127

		eerror

128

		eerror "You have enabled the 'inline-init-failopen' USE flag"

129

		eerror "but not the 'inline' USE flag."

130

		eerror "'inline-init-failopen' requires 'inline' be enabled."

131

die

132

	elif use ipv6 && use prelude; then

133

		eerror

134

		eerror "You have both the 'prelude' and 'ipv6' USE flags set."

135

		eerror "The Prelude output plugin does not currently support IPv6."

136

die

137

	elif use reload-error-restart && ! use reload; then

138

		eerror

139

		eerror "You have enabled the 'reload-error-restart' USE flag"

140

		eerror "but not the 'reload' USE flag."

141

		eerror "'reload-error-restart' requires 'reload' be enabled."

142

die

143

fi

144

145

	# pre_inst() is a better place to put this

146

	# but we need it here for the 'fowners' statements in src_install()

147

	enewgroup snort

148

	enewuser snort -1 -1 /dev/null snort

149

150

}

151

152

src_unpack() {

153

154

	unpack ${A}

155

	cd "${S}"

156

157

	# Fix to allow parallel building. 

158

	# Thanks to Natanael Copa #291558

159

	einfo "Applying parallel building fix."

160

	sed -i -e 's/^all-local:.*/all-local: $(LTLIBRARIES)/' \

161

	                src/dynamic-preprocessors/*/Makefile.am \

162

					|| die "parallel builds fix Failed"

163

164

	#Replaces the libnet-1.0 patch for inline, flexresp, and react

165

	if use flexresp || use react || use inline; then

166

167

		einfo "Applying libnet-1.0 fix."

168

		sed -i -e 's:libnet.h:libnet-1.0.h:g' \

169

			"${WORKDIR}/${P}/configure.in" \

170

			"${WORKDIR}/${P}/src/detection-plugins/sp_react.c" \

171

			"${WORKDIR}/${P}/src/detection-plugins/sp_respond.c" \

172

			"${WORKDIR}/${P}/src/inline.c" || die "sed for libnet-1.0.h failed"

173

174

		sed -i -e 's:libnet-config:libnet-1.0-config:g' \

175

			"${WORKDIR}/${P}/configure.in" || die "sed for libnet-1.0-config failed"

176

177

		sed -i -e 's:-lnet:-lnet-1.0:g' \

178

			"${WORKDIR}/${P}/configure.in" || die "sed for -lnet-1.0 failed"

179

180

		sed -i -e 's:AC_CHECK_LIB(net:AC_CHECK_LIB(net-1.0:g' \

181

			"${WORKDIR}/${P}/configure.in" || die "sed for net-1.0 failed"

182

183

fi

184

185

	#Multilib fix for the sf_engine

186

	einfo "Applying multilib fix."

187

	sed -i -e 's:${exec_prefix}/lib:${exec_prefix}/'$(get_libdir)':g' \

188

		"${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \

189

		|| die "sed for sf_engine failed"

190

191

	#Multilib fix for the curent set of dynamic-preprocessors

192

	for i in ftptelnet smtp ssh dcerpc dns ssl dcerpc2; do

193

		sed -i -e 's:${exec_prefix}/lib:${exec_prefix}/'$(get_libdir)':g' \

194

			"${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \

195

			|| die "sed for $i failed."

196

	done

197

198

	#This sed will prevent the example dynamic code from being compiled/installed

199

	einfo "Disabling sample code."

200

	sed -i -e 's:$(EXAMPLES_DIR)::g' "${WORKDIR}/${P}/src/Makefile.am"

201

202

	if use prelude; then

203

		einfo "Applying prelude fix."

204

		sed -i -e "s:AC_PROG_RANLIB:AC_PROG_LIBTOOL:" configure.in

205

fi

206

207

	AT_M4DIR=m4 eautoreconf

208

}

209

210

src_compile() {

211

212

	local myconf

213

214

	#targetbased and inline-init-failopen automaticly enable pthread

215

	if use threads || use targetbased || use inline-init-failopen; then

216

		myconf="${myconf} --enable-pthread"

217

fi

218

219

	#Tell flexresp, react, and inline where libipq is

220

	if use flexresp || use react || use inline; then

221

		myconf="${myconf} --with-libipq-includes=/usr/include/libipq"

222

fi

223

224

	econf \

225

		$(use_enable !static shared) \

226

		$(use_enable static) \

227

		$(use_enable dynamicplugin) \

228

		$(use_enable ipv6) \

229

		$(use_enable gre) \

230

		$(use_enable mpls) \

231

		$(use_enable targetbased) \

232

		$(use_enable decoder-preprocessor-rules) \

233

		$(use_enable ppm) \

234

		$(use_enable timestats) \

235

		$(use_enable perfprofiling) \

236

		$(use_enable linux-smp-stats) \

237

		$(use_enable inline) \

238

		$(use_enable inline-init-failopen) \

239

		$(use_enable prelude) \

240

		$(use_enable debug) \

241

		$(use_enable reload) \

242

		$(use_enable reload-error-restart) \

243

		$(use_enable flexresp) \

244

		$(use_enable flexresp2) \

245

		$(use_enable react) \

246

		$(use_enable aruba) \

247

		$(use_with mysql) \

248

		$(use_with odbc) \

249

		$(use_with postgres postgresql) \

250

		--disable-ipfw \

251

		--disable-profile \

252

		--disable-ppm-test \

253

		--without-oracle \

254

		${myconf}

255

256

	emake || die "make failed"

257

258

}

259

260

src_install() {

261

262

	emake DESTDIR="${D}" install || die "make install failed"

263

264

	keepdir /var/log/snort/

265

	fowners snort:snort /var/log/snort

266

267

	keepdir /var/run/snort/

268

	fowners snort:snort /var/run/snort/

269

270

	dodoc doc/*

271

	dodoc ./RELEASE.NOTES

272

	docinto schemas

273

	dodoc schemas/*

274

275

	insinto /etc/snort

276

	doins etc/attribute_table.dtd \

277

		etc/classification.config \

278

		etc/gen-msg.map \

279

		etc/reference.config \

280

		etc/sid-msg.map \

281

		etc/threshold.conf \

282

		etc/unicode.map \

283

		|| die "Failed to add files in /etc/snort"

284

285

	newins etc/snort.conf snort.conf.distrib

286

287

	insinto /etc/snort/preproc_rules

288

	doins preproc_rules/decoder.rules \

289

		preproc_rules/preprocessor.rules \

290

		|| die "Failed to add files in /etc/snort/preproc_rules"

291

292

	keepdir /etc/snort/rules/

293

294

	keepdir /usr/$(get_libdir)/snort_dynamicrule

295

296

	fowners -R snort:snort /etc/snort/

297

298

	if use reload; then

299

		newinitd "${FILESDIR}/snort.reload.rc1" snort \

300

			|| die "Failed to add snort.reload.rc1"

301

	else

302

		newinitd "${FILESDIR}/snort.rc9" snort || die "Failed to add snort.rc9"

303

fi

304

305

	newconfd "${FILESDIR}/snort.confd" snort || die "Failed to add snort.confd"

306

307

	# Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection

308

	sed -i -e 's:/usr/local/lib:/usr/'$(get_libdir)':g' \

309

		"${D}etc/snort/snort.conf.distrib"

310

311

	#Set the correct rule location in the config

312

	sed -i -e 's:RULE_PATH ../rules:RULE_PATH /etc/snort/rules:g' \

313

		"${D}etc/snort/snort.conf.distrib"

314

315

	#Set the correct preprocessor/decoder rule location in the config

316

	sed -i -e 's:PREPROC_RULE_PATH ../preproc_rules:PREPROC_RULE_PATH /etc/snort/preproc_rules:g' \

317

		"${D}etc/snort/snort.conf.distrib"

318

319

	#Enable the preprocessor/decoder rules

320

	sed -i -e 's:^# include $PREPROC_RULE_PATH:include $PREPROC_RULE_PATH:g' \

321

		"${D}etc/snort/snort.conf.distrib"

322

	sed -i -e 's:^# dynamicdetection directory:dynamicdetection directory:g' \

323

		"${D}etc/snort/snort.conf.distrib"

324

325

	#Just some clean up of trailing /'s in the config

326

	sed -i -e 's:snort_dynamicpreprocessor/$:snort_dynamicpreprocessor:g' \

327

		"${D}etc/snort/snort.conf.distrib"

328

	sed -i -e 's:snort_dynamicrule/$:snort_dynamicrule:g' \

329

		"${D}etc/snort/snort.conf.distrib"

330

331

	#Make it clear in the config where these are...

332

	sed -i -e 's:^include classification.config:include /etc/snort/classification.config:g' \

333

		"${D}etc/snort/snort.conf.distrib"

334

	sed -i -e 's:^include reference.config:include /etc/snort/reference.config:g' \

335

		"${D}etc/snort/snort.conf.distrib"

336

337

	#Disable all rule files by default.

338

	#Users need to choose what they want enabled.

339

	sed -i -e 's:^include $RULE_PATH:# include $RULE_PATH:g' \

340

		"${D}etc/snort/snort.conf.distrib"

341

342

}

343

344

pkg_postinst() {

345

	einfo

346

	einfo "Snort is a libpcap based packet capture tool which can be used in"

347

	einfo "three modes Sniffer Mode, Packet Logger Mode, or Network Intrusion"

348

	einfo "Detection/Prevention System Mode."

349

	einfo

350

	einfo "To learn more about these modes review the Snort User Manual at..."

351

	einfo

352

	einfo "http://www.snort.org/docs/"

353

	einfo

354

	einfo "See /usr/share/doc/${PF} and /etc/snort/snort.conf.distrib for"

355

	einfo "information on configuring snort."

356

	einfo

357

	einfo "Joining the Snort-Users and Snort-Sigs mailing list is highly"

358

	einfo "recommended for all users..."

359

	einfo

360

	einfo "http://www.snort.org/community/mailing-lists/"

361

	einfo

362

	einfo "To download rules for use with Snort please, see the following"

363

	einfo

364

	einfo "Sourcefire's VRT Rules and older Community Rules:"

365

	einfo "http://www.snort.org/pub-bin/downloads.cgi"

366

	einfo

367

	einfo "Emerging Threats Rules:"

368

	einfo "http://www.emergingthreats.net/"

369

	einfo

370

	einfo "To manage updates to your rules please visit..."

371

	einfo

372

	einfo "http://oinkmaster.sourceforge.net/"

373

	einfo

374

	einfo "and then 'emerge oinkmaster'."

375

	elog

376

	elog "Snort-2.8.5.1 Notes:"

377

	elog

378

	elog "Ebuild Notes"

379

	elog "The 'memory-cleanup' USE flag has been removed."

380

	elog "Snort will now always clean memory now at exit."

381

	elog

382

	elog "Snort Release Notes:"

383

	elog "http://dl.snort.org/snort-current/release_notes_285.txt"

384

	elog "http://dl.snort.org/snort-current/release_notes_2851.txt"

385

	elog

386

	elog "Make sure to check snort.conf.distrib for new features/options."

387

	elog

388

}

1	patrick 09/11/02 17:24:38
2
3	Modified: metadata.xml ChangeLog
4	Added: snort-2.8.5.1.ebuild
5	Log:
6	Bump, thanks to Jason Wallace. Fixes #291558 #291604 #291357
7	(Portage version: 2.2_rc48/cvs/Linux x86_64)
8
9	Revision Changes Path
10	1.10 net-analyzer/snort/metadata.xml
11
12	file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/metadata.xml?rev=1.10&view=markup
13	plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/metadata.xml?rev=1.10&content-type=text/plain
14	diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/metadata.xml?r1=1.9&r2=1.10
15
16	Index: metadata.xml
17	===================================================================
18	RCS file: /var/cvsroot/gentoo-x86/net-analyzer/snort/metadata.xml,v
19	retrieving revision 1.9
20	retrieving revision 1.10
21	diff -u -r1.9 -r1.10
22	--- metadata.xml 31 May 2009 22:39:54 -0000 1.9
23	+++ metadata.xml 2 Nov 2009 17:24:37 -0000 1.10
24	@@ -31,5 +31,7 @@
25	<flag name='react'>Enable interception and termination of offending HTTP accesses</flag>
26	<flag name='targetbased'>Enable targetbased support</flag>
27	<flag name='timestats'>Enable TimeStats functionality</flag>
28	+<flag name='reload'>Enable reloading a configuration without restarting</flag>
29	+<flag name='reload-error-restart'>Enable restarting on reload error</flag>
30	</use>
31	</pkgmetadata>
32
33
34
35	1.154 net-analyzer/snort/ChangeLog
36
37	file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/ChangeLog?rev=1.154&view=markup
38	plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/ChangeLog?rev=1.154&content-type=text/plain
39	diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/ChangeLog?r1=1.153&r2=1.154
40
41	Index: ChangeLog
42	===================================================================
43	RCS file: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v
44	retrieving revision 1.153
45	retrieving revision 1.154
46	diff -u -r1.153 -r1.154
47	--- ChangeLog 12 Sep 2009 03:01:27 -0000 1.153
48	+++ ChangeLog 2 Nov 2009 17:24:37 -0000 1.154
49	@@ -1,6 +1,12 @@
50	# ChangeLog for net-analyzer/snort
51	# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
52	-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.153 2009/09/12 03:01:27 vostorga Exp $
53	+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.154 2009/11/02 17:24:37 patrick Exp $
54	+
55	+*snort-2.8.5.1 (02 Nov 2009)
56	+
57	+ 02 Nov 2009; Patrick Lauer <patrick@g.o> +snort-2.8.5.1.ebuild,
58	+ +files/snort.reload.rc1, metadata.xml:
59	+ Bump, thanks to Jason Wallace. Fixes #291558 #291604 #291357
60
61	12 Sep 2009; Víctor Ostorga <vostorga@g.o>
62	-files/snort-2.6.1.1-libnet.patch, -files/snort-2.6.1.2-libdir.patch,
63
64
65
66	1.1 net-analyzer/snort/snort-2.8.5.1.ebuild
67
68	file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/snort-2.8.5.1.ebuild?rev=1.1&view=markup
69	plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/snort-2.8.5.1.ebuild?rev=1.1&content-type=text/plain
70
71	Index: snort-2.8.5.1.ebuild
72	===================================================================
73	# Copyright 1999-2009 Gentoo Foundation
74	# Distributed under the terms of the GNU General Public License v2
75	# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/snort-2.8.5.1.ebuild,v 1.1 2009/11/02 17:24:37 patrick Exp $
76
77	inherit eutils autotools multilib
78
79	DESCRIPTION="The de facto standard for intrusion detection/prevention"
80	HOMEPAGE="http://www.snort.org/"
81	SRC_URI="http://dl.snort.org/snort-current/${P}.tar.gz"
82	LICENSE="GPL-2"
83	SLOT="0"
84	KEYWORDS="~alpha ~amd64 ~ppc ~ppc64 -sparc ~x86"
85	IUSE="static dynamicplugin ipv6 gre mpls targetbased decoder-preprocessor-rules ppm timestats perfprofiling linux-smp-stats inline inline-init-failopen prelude threads debug reload reload-error-restart flexresp flexresp2 react aruba mysql odbc postgres selinux"
86
87	#flexresp, react, and inline _ONLY_ work with net-libs/libnet-1.0.2a
88	DEPEND="virtual/libpcap
89	>=dev-libs/libpcre-6.0
90	flexresp2? ( dev-libs/libdnet )
91	flexresp? ( ~net-libs/libnet-1.0.2a )
92	react? ( ~net-libs/libnet-1.0.2a )
93	postgres? ( virtual/postgresql-base )
94	mysql? ( virtual/mysql )
95	odbc? ( dev-db/unixODBC )
96	prelude? ( >=dev-libs/libprelude-0.9.0 )
97	inline? ( ~net-libs/libnet-1.0.2a net-firewall/iptables )"
98
99	RDEPEND="${DEPEND}
100	dev-lang/perl
101	selinux? ( sec-policy/selinux-snort )"
102
103	pkg_setup() {
104
105	if use flexresp && use flexresp2; then
106	eerror
107	eerror "You have both the 'flexresp' and 'flexresp2' USE flags set."
108	eerror "You can use 'flexresp' OR 'flexresp2' but not both."
109	eerror "flexresp2 is recommended."
110	die
111	elif use flexresp && use react; then
112	eerror
113	eerror "You have both the 'react' and 'flexresp' USE flags set."
114	eerror "'react' is enabled automaticly when the 'flexresp'"
115	eerror "USE flag is set, but ./configure will fail if both are enabled."
116	eerror
117	eerror "This is an upstream issue and not a problem with this ebuild."
118	eerror
119	eerror "To enable both 'flexresp' and 'react' set USE="flexresp -react""
120	die
121	elif use flexresp2 && use react; then
122	eerror
123	eerror "You have both the 'react' and 'flexresp2' USE flags set."
124	eerror "You can use 'react' OR 'flexresp2' but not both."
125	die
126	elif use inline-init-failopen && ! use inline; then
127	eerror
128	eerror "You have enabled the 'inline-init-failopen' USE flag"
129	eerror "but not the 'inline' USE flag."
130	eerror "'inline-init-failopen' requires 'inline' be enabled."
131	die
132	elif use ipv6 && use prelude; then
133	eerror
134	eerror "You have both the 'prelude' and 'ipv6' USE flags set."
135	eerror "The Prelude output plugin does not currently support IPv6."
136	die
137	elif use reload-error-restart && ! use reload; then
138	eerror
139	eerror "You have enabled the 'reload-error-restart' USE flag"
140	eerror "but not the 'reload' USE flag."
141	eerror "'reload-error-restart' requires 'reload' be enabled."
142	die
143	fi
144
145	# pre_inst() is a better place to put this
146	# but we need it here for the 'fowners' statements in src_install()
147	enewgroup snort
148	enewuser snort -1 -1 /dev/null snort
149
150	}
151
152	src_unpack() {
153
154	unpack ${A}
155	cd "${S}"
156
157	# Fix to allow parallel building.
158	# Thanks to Natanael Copa #291558
159	einfo "Applying parallel building fix."
160	sed -i -e 's/^all-local:.*/all-local: $(LTLIBRARIES)/' \
161	src/dynamic-preprocessors/*/Makefile.am \
162	\|\| die "parallel builds fix Failed"
163
164	#Replaces the libnet-1.0 patch for inline, flexresp, and react
165	if use flexresp \|\| use react \|\| use inline; then
166
167	einfo "Applying libnet-1.0 fix."
168	sed -i -e 's:libnet.h:libnet-1.0.h:g' \
169	"${WORKDIR}/${P}/configure.in" \
170	"${WORKDIR}/${P}/src/detection-plugins/sp_react.c" \
171	"${WORKDIR}/${P}/src/detection-plugins/sp_respond.c" \
172	"${WORKDIR}/${P}/src/inline.c" \|\| die "sed for libnet-1.0.h failed"
173
174	sed -i -e 's:libnet-config:libnet-1.0-config:g' \
175	"${WORKDIR}/${P}/configure.in" \|\| die "sed for libnet-1.0-config failed"
176
177	sed -i -e 's:-lnet:-lnet-1.0:g' \
178	"${WORKDIR}/${P}/configure.in" \|\| die "sed for -lnet-1.0 failed"
179
180	sed -i -e 's:AC_CHECK_LIB(net:AC_CHECK_LIB(net-1.0:g' \
181	"${WORKDIR}/${P}/configure.in" \|\| die "sed for net-1.0 failed"
182
183	fi
184
185	#Multilib fix for the sf_engine
186	einfo "Applying multilib fix."
187	sed -i -e 's:${exec_prefix}/lib:${exec_prefix}/'$(get_libdir)':g' \
188	"${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \
189	\|\| die "sed for sf_engine failed"
190
191	#Multilib fix for the curent set of dynamic-preprocessors
192	for i in ftptelnet smtp ssh dcerpc dns ssl dcerpc2; do
193	sed -i -e 's:${exec_prefix}/lib:${exec_prefix}/'$(get_libdir)':g' \
194	"${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \
195	\|\| die "sed for $i failed."
196	done
197
198	#This sed will prevent the example dynamic code from being compiled/installed
199	einfo "Disabling sample code."
200	sed -i -e 's:$(EXAMPLES_DIR)::g' "${WORKDIR}/${P}/src/Makefile.am"
201
202	if use prelude; then
203	einfo "Applying prelude fix."
204	sed -i -e "s:AC_PROG_RANLIB:AC_PROG_LIBTOOL:" configure.in
205	fi
206
207	AT_M4DIR=m4 eautoreconf
208	}
209
210	src_compile() {
211
212	local myconf
213
214	#targetbased and inline-init-failopen automaticly enable pthread
215	if use threads \|\| use targetbased \|\| use inline-init-failopen; then
216	myconf="${myconf} --enable-pthread"
217	fi
218
219	#Tell flexresp, react, and inline where libipq is
220	if use flexresp \|\| use react \|\| use inline; then
221	myconf="${myconf} --with-libipq-includes=/usr/include/libipq"
222	fi
223
224	econf \
225	$(use_enable !static shared) \
226	$(use_enable static) \
227	$(use_enable dynamicplugin) \
228	$(use_enable ipv6) \
229	$(use_enable gre) \
230	$(use_enable mpls) \
231	$(use_enable targetbased) \
232	$(use_enable decoder-preprocessor-rules) \
233	$(use_enable ppm) \
234	$(use_enable timestats) \
235	$(use_enable perfprofiling) \
236	$(use_enable linux-smp-stats) \
237	$(use_enable inline) \
238	$(use_enable inline-init-failopen) \
239	$(use_enable prelude) \
240	$(use_enable debug) \
241	$(use_enable reload) \
242	$(use_enable reload-error-restart) \
243	$(use_enable flexresp) \
244	$(use_enable flexresp2) \
245	$(use_enable react) \
246	$(use_enable aruba) \
247	$(use_with mysql) \
248	$(use_with odbc) \
249	$(use_with postgres postgresql) \
250	--disable-ipfw \
251	--disable-profile \
252	--disable-ppm-test \
253	--without-oracle \
254	${myconf}
255
256	emake \|\| die "make failed"
257
258	}
259
260	src_install() {
261
262	emake DESTDIR="${D}" install \|\| die "make install failed"
263
264	keepdir /var/log/snort/
265	fowners snort:snort /var/log/snort
266
267	keepdir /var/run/snort/
268	fowners snort:snort /var/run/snort/
269
270	dodoc doc/*
271	dodoc ./RELEASE.NOTES
272	docinto schemas
273	dodoc schemas/*
274
275	insinto /etc/snort
276	doins etc/attribute_table.dtd \
277	etc/classification.config \
278	etc/gen-msg.map \
279	etc/reference.config \
280	etc/sid-msg.map \
281	etc/threshold.conf \
282	etc/unicode.map \
283	\|\| die "Failed to add files in /etc/snort"
284
285	newins etc/snort.conf snort.conf.distrib
286
287	insinto /etc/snort/preproc_rules
288	doins preproc_rules/decoder.rules \
289	preproc_rules/preprocessor.rules \
290	\|\| die "Failed to add files in /etc/snort/preproc_rules"
291
292	keepdir /etc/snort/rules/
293
294	keepdir /usr/$(get_libdir)/snort_dynamicrule
295
296	fowners -R snort:snort /etc/snort/
297
298	if use reload; then
299	newinitd "${FILESDIR}/snort.reload.rc1" snort \
300	\|\| die "Failed to add snort.reload.rc1"
301	else
302	newinitd "${FILESDIR}/snort.rc9" snort \|\| die "Failed to add snort.rc9"
303	fi
304
305	newconfd "${FILESDIR}/snort.confd" snort \|\| die "Failed to add snort.confd"
306
307	# Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection
308	sed -i -e 's:/usr/local/lib:/usr/'$(get_libdir)':g' \
309	"${D}etc/snort/snort.conf.distrib"
310
311	#Set the correct rule location in the config
312	sed -i -e 's:RULE_PATH ../rules:RULE_PATH /etc/snort/rules:g' \
313	"${D}etc/snort/snort.conf.distrib"
314
315	#Set the correct preprocessor/decoder rule location in the config
316	sed -i -e 's:PREPROC_RULE_PATH ../preproc_rules:PREPROC_RULE_PATH /etc/snort/preproc_rules:g' \
317	"${D}etc/snort/snort.conf.distrib"
318
319	#Enable the preprocessor/decoder rules
320	sed -i -e 's:^# include $PREPROC_RULE_PATH:include $PREPROC_RULE_PATH:g' \
321	"${D}etc/snort/snort.conf.distrib"
322	sed -i -e 's:^# dynamicdetection directory:dynamicdetection directory:g' \
323	"${D}etc/snort/snort.conf.distrib"
324
325	#Just some clean up of trailing /'s in the config
326	sed -i -e 's:snort_dynamicpreprocessor/$:snort_dynamicpreprocessor:g' \
327	"${D}etc/snort/snort.conf.distrib"
328	sed -i -e 's:snort_dynamicrule/$:snort_dynamicrule:g' \
329	"${D}etc/snort/snort.conf.distrib"
330
331	#Make it clear in the config where these are...
332	sed -i -e 's:^include classification.config:include /etc/snort/classification.config:g' \
333	"${D}etc/snort/snort.conf.distrib"
334	sed -i -e 's:^include reference.config:include /etc/snort/reference.config:g' \
335	"${D}etc/snort/snort.conf.distrib"
336
337	#Disable all rule files by default.
338	#Users need to choose what they want enabled.
339	sed -i -e 's:^include $RULE_PATH:# include $RULE_PATH:g' \
340	"${D}etc/snort/snort.conf.distrib"
341
342	}
343
344	pkg_postinst() {
345	einfo
346	einfo "Snort is a libpcap based packet capture tool which can be used in"
347	einfo "three modes Sniffer Mode, Packet Logger Mode, or Network Intrusion"
348	einfo "Detection/Prevention System Mode."
349	einfo
350	einfo "To learn more about these modes review the Snort User Manual at..."
351	einfo
352	einfo "http://www.snort.org/docs/"
353	einfo
354	einfo "See /usr/share/doc/${PF} and /etc/snort/snort.conf.distrib for"
355	einfo "information on configuring snort."
356	einfo
357	einfo "Joining the Snort-Users and Snort-Sigs mailing list is highly"
358	einfo "recommended for all users..."
359	einfo
360	einfo "http://www.snort.org/community/mailing-lists/"
361	einfo
362	einfo "To download rules for use with Snort please, see the following"
363	einfo
364	einfo "Sourcefire's VRT Rules and older Community Rules:"
365	einfo "http://www.snort.org/pub-bin/downloads.cgi"
366	einfo
367	einfo "Emerging Threats Rules:"
368	einfo "http://www.emergingthreats.net/"
369	einfo
370	einfo "To manage updates to your rules please visit..."
371	einfo
372	einfo "http://oinkmaster.sourceforge.net/"
373	einfo
374	einfo "and then 'emerge oinkmaster'."
375	elog
376	elog "Snort-2.8.5.1 Notes:"
377	elog
378	elog "Ebuild Notes"
379	elog "The 'memory-cleanup' USE flag has been removed."
380	elog "Snort will now always clean memory now at exit."
381	elog
382	elog "Snort Release Notes:"
383	elog "http://dl.snort.org/snort-current/release_notes_285.txt"
384	elog "http://dl.snort.org/snort-current/release_notes_2851.txt"
385	elog
386	elog "Make sure to check snort.conf.distrib for new features/options."
387	elog
388	}

Gentoo Archives: gentoo-commits