1 |
commit: d6decd0b6afe44822b4342f63e715dd4bae4b335 |
2 |
Author: Sergei Trofimovich <slyfox <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sat Jan 19 17:09:49 2019 +0000 |
4 |
Commit: Sergei Trofimovich <slyfox <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Jan 19 17:10:23 2019 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d6decd0b |
7 |
|
8 |
net-analyzer/snort: drop old |
9 |
|
10 |
Main target here is snort-2.9.4.6-r1 which OOMs m4 at src_prepare(). |
11 |
While at it drop EAPI=5 ebuilds and a few older revbumps. |
12 |
|
13 |
Package-Manager: Portage-2.3.56, Repoman-2.3.12 |
14 |
Signed-off-by: Sergei Trofimovich <slyfox <AT> gentoo.org> |
15 |
|
16 |
net-analyzer/snort/Manifest | 7 - |
17 |
net-analyzer/snort/metadata.xml | 30 ---- |
18 |
net-analyzer/snort/snort-2.9.4.6-r1.ebuild | 251 ----------------------------- |
19 |
net-analyzer/snort/snort-2.9.7.0.ebuild | 249 ---------------------------- |
20 |
net-analyzer/snort/snort-2.9.7.2.ebuild | 249 ---------------------------- |
21 |
net-analyzer/snort/snort-2.9.7.3.ebuild | 249 ---------------------------- |
22 |
net-analyzer/snort/snort-2.9.7.5.ebuild | 249 ---------------------------- |
23 |
net-analyzer/snort/snort-2.9.8.0.ebuild | 249 ---------------------------- |
24 |
net-analyzer/snort/snort-2.9.8.2.ebuild | 249 ---------------------------- |
25 |
net-analyzer/snort/snort-2.9.8.3-r1.ebuild | 248 ---------------------------- |
26 |
net-analyzer/snort/snort-2.9.8.3.ebuild | 249 ---------------------------- |
27 |
11 files changed, 2279 deletions(-) |
28 |
|
29 |
diff --git a/net-analyzer/snort/Manifest b/net-analyzer/snort/Manifest |
30 |
index 4664a2116c3..dee8cd9c2d8 100644 |
31 |
--- a/net-analyzer/snort/Manifest |
32 |
+++ b/net-analyzer/snort/Manifest |
33 |
@@ -1,9 +1,2 @@ |
34 |
DIST snort-2.9.12.tar.gz 6456877 BLAKE2B af5584fe01caf9af2f2188e1362bd927a884354ddcb3026af514dddc1264b557691e1644d3c24e85c3b5b5f515dd9fccdd8d38ebc7c28d2f384fb822e27d8bb8 SHA512 6f759b321ca5496abf27c9e4f4fa003cd5167f8c8a160bf5f0b1aee1a93aa8d27de89b84bdf993a0bfb3a93c6315cb2bdbdc3fdb3b09b8d4d1d3c22b69c6783f |
35 |
-DIST snort-2.9.4.6.tar.gz 5338762 BLAKE2B d7d663028fcfeffd2f2996a4ebf81aa723b4564a0aa38158f5fef104385866164d8ddd538d920f08e4102da0b055157c8574e42f2e306187eb82283db5ad2c78 SHA512 e35e22cab3b98bbd42ffb4b88c4c4cc9b1c11e35952a9f3f4f684c02c81ca8604b45d16f42b3d0a6c792eeab86a8e319d8ebdd7b1a5215f93ec0e70b6ef53f98 |
36 |
-DIST snort-2.9.7.0.tar.gz 6340553 BLAKE2B 97fc2699fd93278edd5b350db498733f60ea9a78fe8f9f755c153380be77b3b97caec3aa7cce633650dd0e5d193deab675855aa68c2efcb04dc6df04b77ccb4c SHA512 f2cbdd2cf2ad15bd4cf3f8658c2a4880ee2069589db89c11aaea637984dde270ef6242c6dd43d5e12f829ed2464388950ee791dbbfa8df796843942c415fbc2f |
37 |
-DIST snort-2.9.7.2.tar.gz 6352738 BLAKE2B c2c67395d9a214886ecf033b692f841da58284d0687ee4c219f77850246b1c2e134b874aba6dfd30dcb1f3c71d54a6c4e5dc70e613eb28a59c51f31dc9498b41 SHA512 4732014d0049671b1a81857e25a5ffbc3cbccb698be2b3406f69a45603a6b9f34343469ee14fa513199cf9b890a278cc777b42493850cff6fcb3493bb9b73dce |
38 |
-DIST snort-2.9.7.3.tar.gz 6300073 BLAKE2B f81611aadd282ebf01e92c7a62c28fad980dab36d86635c32b89fb4691b3723c4cdfaf123f7b703bdf1132419bed4b55533861c1665012af310bf916665b8bf2 SHA512 949213d44d08c7f70bd45bc4947c9c35bfcd2ca3a54ec8a28d0c03e3868a485d2c208ec7850398f69d706c74fbad1389af445eb1107e678ff95714b5696f27b7 |
39 |
-DIST snort-2.9.7.5.tar.gz 6312847 BLAKE2B a8ef86fd5fded47495fe50ee5fcc81d9f066b6ce099fd17496707ea01c77c9581526444ad3601d4025c1be8ada533bfc34e7aca7c616bf4f43c3f940742d0272 SHA512 fa1b299c72a44a8cb64361e8dab9fad5bfec36bbb05ebed2407002b2c5d97256d7d67599cb1f29406b5ee0916f2f85a173610d403cd34c57f74f7049c10eb038 |
40 |
-DIST snort-2.9.8.0.tar.gz 6323095 BLAKE2B f1febbc585e1921af5c599e3d0a4035f38045dd7ea6dd001a6aa9f887a7632e7ad0aecc3fe45f7ba0b44e87dfa50eceeb51df044483baf55ff60ded66cad6867 SHA512 46e5f19be5eccad2d5b4d3d55ce42fe616cd5f605b7178ed98e86cc8f2f4cf0f796fad80033d81b71bea7da2abfb6d0b340815ee158190f9b974f671045bf002 |
41 |
-DIST snort-2.9.8.2.tar.gz 6311793 BLAKE2B 82b4587221a43ade2d6c1d9c38889a5d329d0eb5894bdbd84fac5fa2965ddafc0b1b15f286719a82a8a4df3daf3c20847a298eeae84422867ccefb2d50a7ea71 SHA512 60f660b2093ae88211dcef9256edf35441c0ffc61ec8240b6d25e947b55b0fdb23482913246e2288a8a533dbaff4e5ea2d8f51298ab9aa67baa1ab74d1c4f7a4 |
42 |
DIST snort-2.9.8.3.tar.gz 6244304 BLAKE2B cb77c80dde0b5b32ba0fe36cd07e1f6f465127e4be207ba6cd3b7c7dff75f4537c86c6a88d744a924b99d0b4ac864add2c9111c63e51dc4c7dc23f8d19a6c792 SHA512 2f3dfe46e14a5106a02ca60b2d334549f4924ff916de0804b2b7792cdd31e104fbb454b4b932855b5f25a861698db0f8988844782b12b0e5fa132d88d4a7a687 |
43 |
|
44 |
diff --git a/net-analyzer/snort/metadata.xml b/net-analyzer/snort/metadata.xml |
45 |
index 4478a084a21..be9d2aed013 100644 |
46 |
--- a/net-analyzer/snort/metadata.xml |
47 |
+++ b/net-analyzer/snort/metadata.xml |
48 |
@@ -30,11 +30,6 @@ |
49 |
<flag name="control-socket"> |
50 |
Enables Snort's control socket. |
51 |
</flag> |
52 |
- <flag name="dynamicplugin"> |
53 |
- Enable ability to dynamically load preprocessors, detection engine, |
54 |
- and rules library. This is required if you want to use shared |
55 |
- object (SO) snort rules. |
56 |
- </flag> |
57 |
<flag name="file-inspect"> |
58 |
Enables extended file inspection capabilities. |
59 |
</flag> |
60 |
@@ -57,11 +52,6 @@ |
61 |
Enable accurate statistics reporting through /proc on systems with |
62 |
multipule processors. |
63 |
</flag> |
64 |
- <flag name="mpls"> |
65 |
- Enables support for processing and inspecting Multiprotocol Label |
66 |
- Switching MPLS network network traffic. Only needed if you are |
67 |
- monitoring an MPLS network. |
68 |
- </flag> |
69 |
<flag name="non-ether-decoders"> |
70 |
Enable decoding of non-ethernet protocols such as TokenRing, FDDI, |
71 |
IPX, etc. |
72 |
@@ -95,40 +85,20 @@ |
73 |
Enables Sourcefire specific build options, which include |
74 |
--enable-perfprofiling and --enable-ppm. |
75 |
</flag> |
76 |
- <flag name="targetbased"> |
77 |
- Enables support in snort for using a host attibute XML file |
78 |
- (attribute_table.dtd). This file needs to be created by the user |
79 |
- and should define the IP address, operating system, and services |
80 |
- for all hosts on the monitored network. This is cumbersome, but |
81 |
- can improve intrusion detection accuracy. |
82 |
- </flag> |
83 |
<flag name="reload-error-restart"> |
84 |
Enables support for completely restarting snort if an error is |
85 |
detected durring a reload. |
86 |
</flag> |
87 |
- <flag name="zlib"> |
88 |
- Enables HTTP inspection of compressed web traffic. Requires |
89 |
- dynamicplugin be enabled. |
90 |
- </flag> |
91 |
<flag name="active-response"> |
92 |
Enables support for automatically sending TCP resets and ICMP |
93 |
unreachable messages to terminate connections. Used with inline |
94 |
deployments. |
95 |
</flag> |
96 |
- <flag name="normalizer"> |
97 |
- Enables support for normalizing packets in inline deployments to |
98 |
- help minimize the chances of detection evasion. |
99 |
- </flag> |
100 |
<flag name="flexresp3"> |
101 |
Enables support for new flexable response preprocessor for enabling |
102 |
connection tearing for inline deployments. Replaces flexresp and |
103 |
flexresp2. |
104 |
</flag> |
105 |
- <flag name="paf"> |
106 |
- Enables support for Protocol Aware Flushing. This allows Snort to |
107 |
- statefully scan a stream and reassemble a complete protocol data |
108 |
- unit regardless of segmentation. |
109 |
- </flag> |
110 |
<flag name="large-pcap-64bit"> |
111 |
Allows Snort to read pcap files that are larger than 2 GB. ONLY |
112 |
VALID FOR 64bit SYSTEMS! |
113 |
|
114 |
diff --git a/net-analyzer/snort/snort-2.9.4.6-r1.ebuild b/net-analyzer/snort/snort-2.9.4.6-r1.ebuild |
115 |
deleted file mode 100644 |
116 |
index 4b7042f7576..00000000000 |
117 |
--- a/net-analyzer/snort/snort-2.9.4.6-r1.ebuild |
118 |
+++ /dev/null |
119 |
@@ -1,251 +0,0 @@ |
120 |
-# Copyright 1999-2018 Gentoo Foundation |
121 |
-# Distributed under the terms of the GNU General Public License v2 |
122 |
- |
123 |
-EAPI="5" |
124 |
-inherit autotools multilib user |
125 |
- |
126 |
-DESCRIPTION="The de facto standard for intrusion detection/prevention" |
127 |
-HOMEPAGE="https://www.snort.org" |
128 |
-SRC_URI="https://www.snort.org/downloads/archive/${PN}/${P}.tar.gz" |
129 |
-LICENSE="GPL-2" |
130 |
-SLOT="0" |
131 |
-KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86" |
132 |
-IUSE="static +dynamicplugin +zlib +gre +mpls +targetbased |
133 |
-+ppm +perfprofiling +non-ether-decoders control-socket |
134 |
-shared-rep sourcefire linux-smp-stats inline-init-failopen |
135 |
-+threads debug +active-response +normalizer reload-error-restart |
136 |
-+react +flexresp3 +paf large-pcap-64bit selinux" |
137 |
- |
138 |
-DEPEND=">=net-libs/libpcap-1.3.0 |
139 |
- >=net-libs/daq-2.0.0 |
140 |
- >=dev-libs/libpcre-8.33 |
141 |
- dev-libs/libdnet |
142 |
- zlib? ( sys-libs/zlib )" |
143 |
- |
144 |
-RDEPEND="${DEPEND} |
145 |
- selinux? ( sec-policy/selinux-snort )" |
146 |
- |
147 |
-REQUIRED_USE="zlib? ( dynamicplugin ) |
148 |
- !kernel_linux? ( !shared-rep )" |
149 |
- |
150 |
-pkg_setup() { |
151 |
- |
152 |
- # pre_inst() is a better place to put this |
153 |
- # but we need it here for the 'fowners' statements in src_install() |
154 |
- enewgroup snort |
155 |
- enewuser snort -1 -1 /dev/null snort |
156 |
- |
157 |
-} |
158 |
- |
159 |
-src_prepare() { |
160 |
- |
161 |
- # Multilib fix for the sf_engine |
162 |
- ebegin "Applying multilib fix" |
163 |
- sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ |
164 |
- "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ |
165 |
- || die "sed for sf_engine failed" |
166 |
- |
167 |
- # Multilib fix for the curent set of dynamic-preprocessors |
168 |
- for i in ftptelnet smtp ssh dns ssl dcerpc2 sdf imap pop rzb_saac sip reputation gtp modbus dnp3; do |
169 |
- sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ |
170 |
- "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ |
171 |
- || die "sed for $i failed." |
172 |
- done |
173 |
- eend |
174 |
- |
175 |
- AT_M4DIR=m4 eautoreconf |
176 |
-} |
177 |
- |
178 |
-src_configure() { |
179 |
- |
180 |
- econf \ |
181 |
- $(use_enable !static shared) \ |
182 |
- $(use_enable static) \ |
183 |
- $(use_enable static so-with-static-lib) \ |
184 |
- $(use_enable dynamicplugin) \ |
185 |
- $(use_enable zlib) \ |
186 |
- $(use_enable gre) \ |
187 |
- $(use_enable mpls) \ |
188 |
- $(use_enable targetbased) \ |
189 |
- $(use_enable control-socket) \ |
190 |
- $(use_enable non-ether-decoders) \ |
191 |
- $(use_enable shared-rep) \ |
192 |
- $(use_enable sourcefire) \ |
193 |
- $(use_enable ppm) \ |
194 |
- $(use_enable perfprofiling) \ |
195 |
- $(use_enable linux-smp-stats) \ |
196 |
- $(use_enable inline-init-failopen) \ |
197 |
- $(use_enable threads pthread) \ |
198 |
- $(use_enable debug) \ |
199 |
- $(use_enable debug debug-msgs) \ |
200 |
- $(use_enable debug corefiles) \ |
201 |
- $(use_enable !debug dlclose) \ |
202 |
- $(use_enable active-response) \ |
203 |
- $(use_enable normalizer) \ |
204 |
- $(use_enable reload-error-restart) \ |
205 |
- $(use_enable react) \ |
206 |
- $(use_enable flexresp3) \ |
207 |
- $(use_enable paf) \ |
208 |
- $(use_enable large-pcap-64bit large-pcap) \ |
209 |
- --enable-reload \ |
210 |
- --disable-build-dynamic-examples \ |
211 |
- --disable-profile \ |
212 |
- --disable-ppm-test \ |
213 |
- --disable-intel-soft-cpm \ |
214 |
- --disable-static-daq \ |
215 |
- --disable-rzb-saac |
216 |
-} |
217 |
- |
218 |
-src_install() { |
219 |
- |
220 |
- emake DESTDIR="${D}" install |
221 |
- |
222 |
- dodir /var/log/snort \ |
223 |
- /var/run/snort \ |
224 |
- /etc/snort/rules \ |
225 |
- /etc/snort/so_rules \ |
226 |
- /usr/$(get_libdir)/snort_dynamicrules |
227 |
- |
228 |
- # config.log and build.log are needed by Sourcefire |
229 |
- # to trouble shoot build problems and bug reports so we are |
230 |
- # perserving them incase the user needs upstream support. |
231 |
- dodoc RELEASE.NOTES ChangeLog \ |
232 |
- doc/* \ |
233 |
- tools/u2boat/README.u2boat |
234 |
- |
235 |
- insinto /etc/snort |
236 |
- doins etc/attribute_table.dtd \ |
237 |
- etc/classification.config \ |
238 |
- etc/gen-msg.map \ |
239 |
- etc/reference.config \ |
240 |
- etc/threshold.conf \ |
241 |
- etc/unicode.map |
242 |
- |
243 |
- # We use snort.conf.distrib because the config file is complicated |
244 |
- # and the one shipped with snort can change drastically between versions. |
245 |
- # Users should migrate setting by hand and not with etc-update. |
246 |
- newins etc/snort.conf snort.conf.distrib |
247 |
- |
248 |
- # config.log and build.log are needed by Sourcefire |
249 |
- # to troubleshoot build problems and bug reports so we are |
250 |
- # preserving them incase the user needs upstream support. |
251 |
- if [ -f "${WORKDIR}/${PF}/config.log" ]; then |
252 |
- dodoc "${WORKDIR}/${PF}/config.log" |
253 |
- fi |
254 |
- if [ -f "${T}/build.log" ]; then |
255 |
- dodoc "${T}/build.log" |
256 |
- fi |
257 |
- |
258 |
- insinto /etc/snort/preproc_rules |
259 |
- doins preproc_rules/decoder.rules \ |
260 |
- preproc_rules/preprocessor.rules \ |
261 |
- preproc_rules/sensitive-data.rules |
262 |
- |
263 |
- fowners -R snort:snort \ |
264 |
- /var/log/snort \ |
265 |
- /var/run/snort \ |
266 |
- /etc/snort |
267 |
- |
268 |
- newinitd "${FILESDIR}/snort.rc12" snort |
269 |
- newconfd "${FILESDIR}/snort.confd.2" snort |
270 |
- |
271 |
- # Sourcefire uses Makefiles to install docs causing Bug #297190. |
272 |
- # This removes the unwanted doc directory and rogue Makefiles. |
273 |
- rm -rf "${D}"usr/share/doc/snort || die "Failed to remove SF doc directories" |
274 |
- rm "${D}"usr/share/doc/"${PF}"/Makefile* || die "Failed to remove doc make files" |
275 |
- |
276 |
- #Remove unneeded .la files (Bug #382863) |
277 |
- rm "${D}"usr/$(get_libdir)/snort_dynamicengine/libsf_engine.la || die |
278 |
- rm "${D}"usr/$(get_libdir)/snort_dynamicpreprocessor/libsf_*_preproc.la || die "Failed to remove libsf_?_preproc.la" |
279 |
- |
280 |
- # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection |
281 |
- sed -i -e 's|/usr/local/lib|/usr/'$(get_libdir)'|g' \ |
282 |
- "${D}etc/snort/snort.conf.distrib" || die |
283 |
- |
284 |
- # Set the correct rule location in the config |
285 |
- sed -i -e 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|g' \ |
286 |
- "${D}etc/snort/snort.conf.distrib" || die |
287 |
- |
288 |
- # Set the correct preprocessor/decoder rule location in the config |
289 |
- sed -i -e 's|PREPROC_RULE_PATH ../preproc_rules|PREPROC_RULE_PATH /etc/snort/preproc_rules|g' \ |
290 |
- "${D}etc/snort/snort.conf.distrib" || die |
291 |
- |
292 |
- # Enable the preprocessor/decoder rules |
293 |
- sed -i -e 's|^# include $PREPROC_RULE_PATH|include $PREPROC_RULE_PATH|g' \ |
294 |
- "${D}etc/snort/snort.conf.distrib" || die |
295 |
- |
296 |
- sed -i -e 's|^# dynamicdetection directory|dynamicdetection directory|g' \ |
297 |
- "${D}etc/snort/snort.conf.distrib" || die |
298 |
- |
299 |
- # Just some clean up of trailing /'s in the config |
300 |
- sed -i -e 's|snort_dynamicpreprocessor/$|snort_dynamicpreprocessor|g' \ |
301 |
- "${D}etc/snort/snort.conf.distrib" || die |
302 |
- |
303 |
- # Make it clear in the config where these are... |
304 |
- sed -i -e 's|^include classification.config|include /etc/snort/classification.config|g' \ |
305 |
- "${D}etc/snort/snort.conf.distrib" || die |
306 |
- |
307 |
- sed -i -e 's|^include reference.config|include /etc/snort/reference.config|g' \ |
308 |
- "${D}etc/snort/snort.conf.distrib" || die |
309 |
- |
310 |
- # Disable all rule files by default. |
311 |
- sed -i -e 's|^include $RULE_PATH|# include $RULE_PATH|g' \ |
312 |
- "${D}etc/snort/snort.conf.distrib" || die |
313 |
- |
314 |
- # Disable normalizer preprocessor config if normalizer USE flag not set. |
315 |
- if ! use normalizer; then |
316 |
- sed -i -e 's|^preprocessor normalize|#preprocessor normalize|g' \ |
317 |
- "${D}etc/snort/snort.conf.distrib" || die |
318 |
- fi |
319 |
- |
320 |
- # Set the configured DAQ to afpacket |
321 |
- sed -i -e 's|^# config daq: <type>|config daq: afpacket|g' \ |
322 |
- "${D}etc/snort/snort.conf.distrib" || die |
323 |
- |
324 |
- # Set the location of the DAQ modules |
325 |
- sed -i -e 's|^# config daq_dir: <dir>|config daq_dir: /usr/'$(get_libdir)'/daq|g' \ |
326 |
- "${D}etc/snort/snort.conf.distrib" || die |
327 |
- |
328 |
- # Set the DAQ mode to passive |
329 |
- sed -i -e 's|^# config daq_mode: <mode>|config daq_mode: passive|g' \ |
330 |
- "${D}etc/snort/snort.conf.distrib" || die |
331 |
- |
332 |
- # Set snort to run as snort:snort |
333 |
- sed -i -e 's|^# config set_gid:|config set_gid: snort|g' \ |
334 |
- "${D}etc/snort/snort.conf.distrib" || die |
335 |
- sed -i -e 's|^# config set_uid:|config set_uid: snort|g' \ |
336 |
- "${D}etc/snort/snort.conf.distrib" || die |
337 |
- |
338 |
- # Set the default log dir |
339 |
- sed -i -e 's|^# config logdir:|config logdir: /var/log/snort/|g' \ |
340 |
- "${D}etc/snort/snort.conf.distrib" || die |
341 |
- |
342 |
- # Set the correct so_rule location in the config |
343 |
- sed -i -e 's|SO_RULE_PATH ../so_rules|SO_RULE_PATH /etc/snort/so_rules|g' \ |
344 |
- "${D}etc/snort/snort.conf.distrib" || die |
345 |
-} |
346 |
- |
347 |
-pkg_postinst() { |
348 |
- |
349 |
- einfo "There have been a number of improvements and new features" |
350 |
- einfo "added to ${P}. Please review the RELEASE.NOTES and" |
351 |
- einfo "ChangLog located in /usr/share/doc/${PF}." |
352 |
- einfo |
353 |
- elog "The Sourcefire Vulnerability Research Team (VRT) recommends that" |
354 |
- elog "users migrate their snort.conf customizations to the latest config" |
355 |
- elog "file released by the VRT. You can find the latest version of the" |
356 |
- elog "Snort config file in /etc/snort/snort.conf.distrib." |
357 |
- elog |
358 |
- elog "!! It is important that you migrate to this new snort.conf file !!" |
359 |
- elog |
360 |
- elog "This version of the ebuild includes an updated init.d file and" |
361 |
- elog "conf.d file that rely on options found in the latest Snort" |
362 |
- elog "config file provided by the VRT." |
363 |
- |
364 |
- if use debug; then |
365 |
- elog "You have the 'debug' USE flag enabled. If this has been done to" |
366 |
- elog "troubleshoot an issue by producing a core dump or a back trace," |
367 |
- elog "then you need to also ensure the FEATURES variable in make.conf" |
368 |
- elog "contains the 'nostrip' option." |
369 |
- fi |
370 |
-} |
371 |
|
372 |
diff --git a/net-analyzer/snort/snort-2.9.7.0.ebuild b/net-analyzer/snort/snort-2.9.7.0.ebuild |
373 |
deleted file mode 100644 |
374 |
index a22c0902ec3..00000000000 |
375 |
--- a/net-analyzer/snort/snort-2.9.7.0.ebuild |
376 |
+++ /dev/null |
377 |
@@ -1,249 +0,0 @@ |
378 |
-# Copyright 1999-2018 Gentoo Foundation |
379 |
-# Distributed under the terms of the GNU General Public License v2 |
380 |
- |
381 |
-EAPI="5" |
382 |
-inherit autotools multilib user |
383 |
- |
384 |
-DESCRIPTION="The de facto standard for intrusion detection/prevention" |
385 |
-HOMEPAGE="https://www.snort.org" |
386 |
-SRC_URI="https://www.snort.org/downloads/archive/${PN}/${P}.tar.gz" |
387 |
-LICENSE="GPL-2" |
388 |
-SLOT="0" |
389 |
-KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86" |
390 |
-IUSE="static +gre +mpls +targetbased +ppm +perfprofiling |
391 |
-+non-ether-decoders control-socket file-inspect high-availability |
392 |
-shared-rep side-channel sourcefire linux-smp-stats inline-init-failopen |
393 |
-+threads debug +active-response +normalizer reload-error-restart |
394 |
-+react +flexresp3 large-pcap-64bit selinux" |
395 |
- |
396 |
-DEPEND=">=net-libs/libpcap-1.3.0 |
397 |
- >=net-libs/daq-2.0.2 |
398 |
- >=dev-libs/libpcre-8.33 |
399 |
- dev-libs/libdnet |
400 |
- sys-libs/zlib" |
401 |
- |
402 |
-RDEPEND="${DEPEND} |
403 |
- selinux? ( sec-policy/selinux-snort )" |
404 |
- |
405 |
-REQUIRED_USE="!kernel_linux? ( !shared-rep )" |
406 |
- |
407 |
-pkg_setup() { |
408 |
- |
409 |
- # pre_inst() is a better place to put this |
410 |
- # but we need it here for the 'fowners' statements in src_install() |
411 |
- enewgroup snort |
412 |
- enewuser snort -1 -1 /dev/null snort |
413 |
- |
414 |
-} |
415 |
- |
416 |
-src_prepare() { |
417 |
- |
418 |
- # Multilib fix for the sf_engine |
419 |
- ebegin "Applying multilib fix" |
420 |
- sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ |
421 |
- "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ |
422 |
- || die "sed for sf_engine failed" |
423 |
- |
424 |
- # Multilib fix for the curent set of dynamic-preprocessors |
425 |
- for i in file ftptelnet smtp ssh dns ssl dcerpc2 sdf imap pop sip reputation gtp modbus dnp3; do |
426 |
- sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ |
427 |
- "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ |
428 |
- || die "sed for $i failed." |
429 |
- done |
430 |
- eend |
431 |
- |
432 |
- AT_M4DIR=m4 eautoreconf |
433 |
-} |
434 |
- |
435 |
-src_configure() { |
436 |
- |
437 |
- econf \ |
438 |
- $(use_enable !static shared) \ |
439 |
- $(use_enable static) \ |
440 |
- $(use_enable static so-with-static-lib) \ |
441 |
- $(use_enable gre) \ |
442 |
- $(use_enable mpls) \ |
443 |
- $(use_enable targetbased) \ |
444 |
- $(use_enable control-socket) \ |
445 |
- $(use_enable file-inspect) \ |
446 |
- $(use_enable high-availability ha) \ |
447 |
- $(use_enable non-ether-decoders) \ |
448 |
- $(use_enable shared-rep) \ |
449 |
- $(use_enable side-channel) \ |
450 |
- $(use_enable sourcefire) \ |
451 |
- $(use_enable ppm) \ |
452 |
- $(use_enable perfprofiling) \ |
453 |
- $(use_enable linux-smp-stats) \ |
454 |
- $(use_enable inline-init-failopen) \ |
455 |
- $(use_enable threads pthread) \ |
456 |
- $(use_enable debug) \ |
457 |
- $(use_enable debug debug-msgs) \ |
458 |
- $(use_enable debug corefiles) \ |
459 |
- $(use_enable !debug dlclose) \ |
460 |
- $(use_enable active-response) \ |
461 |
- $(use_enable normalizer) \ |
462 |
- $(use_enable reload-error-restart) \ |
463 |
- $(use_enable react) \ |
464 |
- $(use_enable flexresp3) \ |
465 |
- $(use_enable large-pcap-64bit large-pcap) \ |
466 |
- --enable-reload \ |
467 |
- --disable-build-dynamic-examples \ |
468 |
- --disable-profile \ |
469 |
- --disable-ppm-test \ |
470 |
- --disable-intel-soft-cpm \ |
471 |
- --disable-static-daq |
472 |
-} |
473 |
- |
474 |
-src_install() { |
475 |
- |
476 |
- emake DESTDIR="${D}" install |
477 |
- |
478 |
- dodir /var/log/snort \ |
479 |
- /var/run/snort \ |
480 |
- /etc/snort/rules \ |
481 |
- /etc/snort/so_rules \ |
482 |
- /usr/$(get_libdir)/snort_dynamicrules |
483 |
- |
484 |
- # config.log and build.log are needed by Sourcefire |
485 |
- # to trouble shoot build problems and bug reports so we are |
486 |
- # perserving them incase the user needs upstream support. |
487 |
- dodoc RELEASE.NOTES ChangeLog \ |
488 |
- doc/* \ |
489 |
- tools/u2boat/README.u2boat |
490 |
- |
491 |
- insinto /etc/snort |
492 |
- doins etc/attribute_table.dtd \ |
493 |
- etc/classification.config \ |
494 |
- etc/gen-msg.map \ |
495 |
- etc/reference.config \ |
496 |
- etc/threshold.conf \ |
497 |
- etc/unicode.map |
498 |
- |
499 |
- # We use snort.conf.distrib because the config file is complicated |
500 |
- # and the one shipped with snort can change drastically between versions. |
501 |
- # Users should migrate setting by hand and not with etc-update. |
502 |
- newins etc/snort.conf snort.conf.distrib |
503 |
- |
504 |
- # config.log and build.log are needed by Sourcefire |
505 |
- # to troubleshoot build problems and bug reports so we are |
506 |
- # preserving them incase the user needs upstream support. |
507 |
- if [ -f "${WORKDIR}/${PF}/config.log" ]; then |
508 |
- dodoc "${WORKDIR}/${PF}/config.log" |
509 |
- fi |
510 |
- if [ -f "${T}/build.log" ]; then |
511 |
- dodoc "${T}/build.log" |
512 |
- fi |
513 |
- |
514 |
- insinto /etc/snort/preproc_rules |
515 |
- doins preproc_rules/decoder.rules \ |
516 |
- preproc_rules/preprocessor.rules \ |
517 |
- preproc_rules/sensitive-data.rules |
518 |
- |
519 |
- fowners -R snort:snort \ |
520 |
- /var/log/snort \ |
521 |
- /var/run/snort \ |
522 |
- /etc/snort |
523 |
- |
524 |
- newinitd "${FILESDIR}/snort.rc12" snort |
525 |
- newconfd "${FILESDIR}/snort.confd.2" snort |
526 |
- |
527 |
- # Sourcefire uses Makefiles to install docs causing Bug #297190. |
528 |
- # This removes the unwanted doc directory and rogue Makefiles. |
529 |
- rm -rf "${D}"usr/share/doc/snort || die "Failed to remove SF doc directories" |
530 |
- rm "${D}"usr/share/doc/"${PF}"/Makefile* || die "Failed to remove doc make files" |
531 |
- |
532 |
- # Remove unneeded .la files (Bug #382863) |
533 |
- rm "${D}"usr/$(get_libdir)/snort_dynamicengine/libsf_engine.la || die |
534 |
- rm "${D}"usr/$(get_libdir)/snort_dynamicpreprocessor/libsf_*_preproc.la || die "Failed to remove libsf_?_preproc.la" |
535 |
- |
536 |
- # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection |
537 |
- sed -i -e 's|/usr/local/lib|/usr/'$(get_libdir)'|g' \ |
538 |
- "${D}etc/snort/snort.conf.distrib" || die |
539 |
- |
540 |
- # Set the correct rule location in the config |
541 |
- sed -i -e 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|g' \ |
542 |
- "${D}etc/snort/snort.conf.distrib" || die |
543 |
- |
544 |
- # Set the correct preprocessor/decoder rule location in the config |
545 |
- sed -i -e 's|PREPROC_RULE_PATH ../preproc_rules|PREPROC_RULE_PATH /etc/snort/preproc_rules|g' \ |
546 |
- "${D}etc/snort/snort.conf.distrib" || die |
547 |
- |
548 |
- # Enable the preprocessor/decoder rules |
549 |
- sed -i -e 's|^# include $PREPROC_RULE_PATH|include $PREPROC_RULE_PATH|g' \ |
550 |
- "${D}etc/snort/snort.conf.distrib" || die |
551 |
- |
552 |
- sed -i -e 's|^# dynamicdetection directory|dynamicdetection directory|g' \ |
553 |
- "${D}etc/snort/snort.conf.distrib" || die |
554 |
- |
555 |
- # Just some clean up of trailing /'s in the config |
556 |
- sed -i -e 's|snort_dynamicpreprocessor/$|snort_dynamicpreprocessor|g' \ |
557 |
- "${D}etc/snort/snort.conf.distrib" || die |
558 |
- |
559 |
- # Make it clear in the config where these are... |
560 |
- sed -i -e 's|^include classification.config|include /etc/snort/classification.config|g' \ |
561 |
- "${D}etc/snort/snort.conf.distrib" || die |
562 |
- |
563 |
- sed -i -e 's|^include reference.config|include /etc/snort/reference.config|g' \ |
564 |
- "${D}etc/snort/snort.conf.distrib" || die |
565 |
- |
566 |
- # Disable all rule files by default. |
567 |
- sed -i -e 's|^include $RULE_PATH|# include $RULE_PATH|g' \ |
568 |
- "${D}etc/snort/snort.conf.distrib" || die |
569 |
- |
570 |
- # Disable normalizer preprocessor config if normalizer USE flag not set. |
571 |
- if ! use normalizer; then |
572 |
- sed -i -e 's|^preprocessor normalize|#preprocessor normalize|g' \ |
573 |
- "${D}etc/snort/snort.conf.distrib" || die |
574 |
- fi |
575 |
- |
576 |
- # Set the configured DAQ to afpacket |
577 |
- sed -i -e 's|^# config daq: <type>|config daq: afpacket|g' \ |
578 |
- "${D}etc/snort/snort.conf.distrib" || die |
579 |
- |
580 |
- # Set the location of the DAQ modules |
581 |
- sed -i -e 's|^# config daq_dir: <dir>|config daq_dir: /usr/'$(get_libdir)'/daq|g' \ |
582 |
- "${D}etc/snort/snort.conf.distrib" || die |
583 |
- |
584 |
- # Set the DAQ mode to passive |
585 |
- sed -i -e 's|^# config daq_mode: <mode>|config daq_mode: passive|g' \ |
586 |
- "${D}etc/snort/snort.conf.distrib" || die |
587 |
- |
588 |
- # Set snort to run as snort:snort |
589 |
- sed -i -e 's|^# config set_gid:|config set_gid: snort|g' \ |
590 |
- "${D}etc/snort/snort.conf.distrib" || die |
591 |
- sed -i -e 's|^# config set_uid:|config set_uid: snort|g' \ |
592 |
- "${D}etc/snort/snort.conf.distrib" || die |
593 |
- |
594 |
- # Set the default log dir |
595 |
- sed -i -e 's|^# config logdir:|config logdir: /var/log/snort/|g' \ |
596 |
- "${D}etc/snort/snort.conf.distrib" || die |
597 |
- |
598 |
- # Set the correct so_rule location in the config |
599 |
- sed -i -e 's|SO_RULE_PATH ../so_rules|SO_RULE_PATH /etc/snort/so_rules|g' \ |
600 |
- "${D}etc/snort/snort.conf.distrib" || die |
601 |
-} |
602 |
- |
603 |
-pkg_postinst() { |
604 |
- |
605 |
- einfo "There have been a number of improvements and new features" |
606 |
- einfo "added to ${P}. Please review the RELEASE.NOTES and" |
607 |
- einfo "ChangLog located in /usr/share/doc/${PF}." |
608 |
- einfo |
609 |
- elog "The Sourcefire Vulnerability Research Team (VRT) recommends that" |
610 |
- elog "users migrate their snort.conf customizations to the latest config" |
611 |
- elog "file released by the VRT. You can find the latest version of the" |
612 |
- elog "Snort config file in /etc/snort/snort.conf.distrib." |
613 |
- elog |
614 |
- elog "!! It is important that you migrate to this new snort.conf file !!" |
615 |
- elog |
616 |
- elog "This version of the ebuild includes an updated init.d file and" |
617 |
- elog "conf.d file that rely on options found in the latest Snort" |
618 |
- elog "config file provided by the VRT." |
619 |
- |
620 |
- if use debug; then |
621 |
- elog "You have the 'debug' USE flag enabled. If this has been done to" |
622 |
- elog "troubleshoot an issue by producing a core dump or a back trace," |
623 |
- elog "then you need to also ensure the FEATURES variable in make.conf" |
624 |
- elog "contains the 'nostrip' option." |
625 |
- fi |
626 |
-} |
627 |
|
628 |
diff --git a/net-analyzer/snort/snort-2.9.7.2.ebuild b/net-analyzer/snort/snort-2.9.7.2.ebuild |
629 |
deleted file mode 100644 |
630 |
index a22c0902ec3..00000000000 |
631 |
--- a/net-analyzer/snort/snort-2.9.7.2.ebuild |
632 |
+++ /dev/null |
633 |
@@ -1,249 +0,0 @@ |
634 |
-# Copyright 1999-2018 Gentoo Foundation |
635 |
-# Distributed under the terms of the GNU General Public License v2 |
636 |
- |
637 |
-EAPI="5" |
638 |
-inherit autotools multilib user |
639 |
- |
640 |
-DESCRIPTION="The de facto standard for intrusion detection/prevention" |
641 |
-HOMEPAGE="https://www.snort.org" |
642 |
-SRC_URI="https://www.snort.org/downloads/archive/${PN}/${P}.tar.gz" |
643 |
-LICENSE="GPL-2" |
644 |
-SLOT="0" |
645 |
-KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86" |
646 |
-IUSE="static +gre +mpls +targetbased +ppm +perfprofiling |
647 |
-+non-ether-decoders control-socket file-inspect high-availability |
648 |
-shared-rep side-channel sourcefire linux-smp-stats inline-init-failopen |
649 |
-+threads debug +active-response +normalizer reload-error-restart |
650 |
-+react +flexresp3 large-pcap-64bit selinux" |
651 |
- |
652 |
-DEPEND=">=net-libs/libpcap-1.3.0 |
653 |
- >=net-libs/daq-2.0.2 |
654 |
- >=dev-libs/libpcre-8.33 |
655 |
- dev-libs/libdnet |
656 |
- sys-libs/zlib" |
657 |
- |
658 |
-RDEPEND="${DEPEND} |
659 |
- selinux? ( sec-policy/selinux-snort )" |
660 |
- |
661 |
-REQUIRED_USE="!kernel_linux? ( !shared-rep )" |
662 |
- |
663 |
-pkg_setup() { |
664 |
- |
665 |
- # pre_inst() is a better place to put this |
666 |
- # but we need it here for the 'fowners' statements in src_install() |
667 |
- enewgroup snort |
668 |
- enewuser snort -1 -1 /dev/null snort |
669 |
- |
670 |
-} |
671 |
- |
672 |
-src_prepare() { |
673 |
- |
674 |
- # Multilib fix for the sf_engine |
675 |
- ebegin "Applying multilib fix" |
676 |
- sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ |
677 |
- "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ |
678 |
- || die "sed for sf_engine failed" |
679 |
- |
680 |
- # Multilib fix for the curent set of dynamic-preprocessors |
681 |
- for i in file ftptelnet smtp ssh dns ssl dcerpc2 sdf imap pop sip reputation gtp modbus dnp3; do |
682 |
- sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ |
683 |
- "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ |
684 |
- || die "sed for $i failed." |
685 |
- done |
686 |
- eend |
687 |
- |
688 |
- AT_M4DIR=m4 eautoreconf |
689 |
-} |
690 |
- |
691 |
-src_configure() { |
692 |
- |
693 |
- econf \ |
694 |
- $(use_enable !static shared) \ |
695 |
- $(use_enable static) \ |
696 |
- $(use_enable static so-with-static-lib) \ |
697 |
- $(use_enable gre) \ |
698 |
- $(use_enable mpls) \ |
699 |
- $(use_enable targetbased) \ |
700 |
- $(use_enable control-socket) \ |
701 |
- $(use_enable file-inspect) \ |
702 |
- $(use_enable high-availability ha) \ |
703 |
- $(use_enable non-ether-decoders) \ |
704 |
- $(use_enable shared-rep) \ |
705 |
- $(use_enable side-channel) \ |
706 |
- $(use_enable sourcefire) \ |
707 |
- $(use_enable ppm) \ |
708 |
- $(use_enable perfprofiling) \ |
709 |
- $(use_enable linux-smp-stats) \ |
710 |
- $(use_enable inline-init-failopen) \ |
711 |
- $(use_enable threads pthread) \ |
712 |
- $(use_enable debug) \ |
713 |
- $(use_enable debug debug-msgs) \ |
714 |
- $(use_enable debug corefiles) \ |
715 |
- $(use_enable !debug dlclose) \ |
716 |
- $(use_enable active-response) \ |
717 |
- $(use_enable normalizer) \ |
718 |
- $(use_enable reload-error-restart) \ |
719 |
- $(use_enable react) \ |
720 |
- $(use_enable flexresp3) \ |
721 |
- $(use_enable large-pcap-64bit large-pcap) \ |
722 |
- --enable-reload \ |
723 |
- --disable-build-dynamic-examples \ |
724 |
- --disable-profile \ |
725 |
- --disable-ppm-test \ |
726 |
- --disable-intel-soft-cpm \ |
727 |
- --disable-static-daq |
728 |
-} |
729 |
- |
730 |
-src_install() { |
731 |
- |
732 |
- emake DESTDIR="${D}" install |
733 |
- |
734 |
- dodir /var/log/snort \ |
735 |
- /var/run/snort \ |
736 |
- /etc/snort/rules \ |
737 |
- /etc/snort/so_rules \ |
738 |
- /usr/$(get_libdir)/snort_dynamicrules |
739 |
- |
740 |
- # config.log and build.log are needed by Sourcefire |
741 |
- # to trouble shoot build problems and bug reports so we are |
742 |
- # perserving them incase the user needs upstream support. |
743 |
- dodoc RELEASE.NOTES ChangeLog \ |
744 |
- doc/* \ |
745 |
- tools/u2boat/README.u2boat |
746 |
- |
747 |
- insinto /etc/snort |
748 |
- doins etc/attribute_table.dtd \ |
749 |
- etc/classification.config \ |
750 |
- etc/gen-msg.map \ |
751 |
- etc/reference.config \ |
752 |
- etc/threshold.conf \ |
753 |
- etc/unicode.map |
754 |
- |
755 |
- # We use snort.conf.distrib because the config file is complicated |
756 |
- # and the one shipped with snort can change drastically between versions. |
757 |
- # Users should migrate setting by hand and not with etc-update. |
758 |
- newins etc/snort.conf snort.conf.distrib |
759 |
- |
760 |
- # config.log and build.log are needed by Sourcefire |
761 |
- # to troubleshoot build problems and bug reports so we are |
762 |
- # preserving them incase the user needs upstream support. |
763 |
- if [ -f "${WORKDIR}/${PF}/config.log" ]; then |
764 |
- dodoc "${WORKDIR}/${PF}/config.log" |
765 |
- fi |
766 |
- if [ -f "${T}/build.log" ]; then |
767 |
- dodoc "${T}/build.log" |
768 |
- fi |
769 |
- |
770 |
- insinto /etc/snort/preproc_rules |
771 |
- doins preproc_rules/decoder.rules \ |
772 |
- preproc_rules/preprocessor.rules \ |
773 |
- preproc_rules/sensitive-data.rules |
774 |
- |
775 |
- fowners -R snort:snort \ |
776 |
- /var/log/snort \ |
777 |
- /var/run/snort \ |
778 |
- /etc/snort |
779 |
- |
780 |
- newinitd "${FILESDIR}/snort.rc12" snort |
781 |
- newconfd "${FILESDIR}/snort.confd.2" snort |
782 |
- |
783 |
- # Sourcefire uses Makefiles to install docs causing Bug #297190. |
784 |
- # This removes the unwanted doc directory and rogue Makefiles. |
785 |
- rm -rf "${D}"usr/share/doc/snort || die "Failed to remove SF doc directories" |
786 |
- rm "${D}"usr/share/doc/"${PF}"/Makefile* || die "Failed to remove doc make files" |
787 |
- |
788 |
- # Remove unneeded .la files (Bug #382863) |
789 |
- rm "${D}"usr/$(get_libdir)/snort_dynamicengine/libsf_engine.la || die |
790 |
- rm "${D}"usr/$(get_libdir)/snort_dynamicpreprocessor/libsf_*_preproc.la || die "Failed to remove libsf_?_preproc.la" |
791 |
- |
792 |
- # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection |
793 |
- sed -i -e 's|/usr/local/lib|/usr/'$(get_libdir)'|g' \ |
794 |
- "${D}etc/snort/snort.conf.distrib" || die |
795 |
- |
796 |
- # Set the correct rule location in the config |
797 |
- sed -i -e 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|g' \ |
798 |
- "${D}etc/snort/snort.conf.distrib" || die |
799 |
- |
800 |
- # Set the correct preprocessor/decoder rule location in the config |
801 |
- sed -i -e 's|PREPROC_RULE_PATH ../preproc_rules|PREPROC_RULE_PATH /etc/snort/preproc_rules|g' \ |
802 |
- "${D}etc/snort/snort.conf.distrib" || die |
803 |
- |
804 |
- # Enable the preprocessor/decoder rules |
805 |
- sed -i -e 's|^# include $PREPROC_RULE_PATH|include $PREPROC_RULE_PATH|g' \ |
806 |
- "${D}etc/snort/snort.conf.distrib" || die |
807 |
- |
808 |
- sed -i -e 's|^# dynamicdetection directory|dynamicdetection directory|g' \ |
809 |
- "${D}etc/snort/snort.conf.distrib" || die |
810 |
- |
811 |
- # Just some clean up of trailing /'s in the config |
812 |
- sed -i -e 's|snort_dynamicpreprocessor/$|snort_dynamicpreprocessor|g' \ |
813 |
- "${D}etc/snort/snort.conf.distrib" || die |
814 |
- |
815 |
- # Make it clear in the config where these are... |
816 |
- sed -i -e 's|^include classification.config|include /etc/snort/classification.config|g' \ |
817 |
- "${D}etc/snort/snort.conf.distrib" || die |
818 |
- |
819 |
- sed -i -e 's|^include reference.config|include /etc/snort/reference.config|g' \ |
820 |
- "${D}etc/snort/snort.conf.distrib" || die |
821 |
- |
822 |
- # Disable all rule files by default. |
823 |
- sed -i -e 's|^include $RULE_PATH|# include $RULE_PATH|g' \ |
824 |
- "${D}etc/snort/snort.conf.distrib" || die |
825 |
- |
826 |
- # Disable normalizer preprocessor config if normalizer USE flag not set. |
827 |
- if ! use normalizer; then |
828 |
- sed -i -e 's|^preprocessor normalize|#preprocessor normalize|g' \ |
829 |
- "${D}etc/snort/snort.conf.distrib" || die |
830 |
- fi |
831 |
- |
832 |
- # Set the configured DAQ to afpacket |
833 |
- sed -i -e 's|^# config daq: <type>|config daq: afpacket|g' \ |
834 |
- "${D}etc/snort/snort.conf.distrib" || die |
835 |
- |
836 |
- # Set the location of the DAQ modules |
837 |
- sed -i -e 's|^# config daq_dir: <dir>|config daq_dir: /usr/'$(get_libdir)'/daq|g' \ |
838 |
- "${D}etc/snort/snort.conf.distrib" || die |
839 |
- |
840 |
- # Set the DAQ mode to passive |
841 |
- sed -i -e 's|^# config daq_mode: <mode>|config daq_mode: passive|g' \ |
842 |
- "${D}etc/snort/snort.conf.distrib" || die |
843 |
- |
844 |
- # Set snort to run as snort:snort |
845 |
- sed -i -e 's|^# config set_gid:|config set_gid: snort|g' \ |
846 |
- "${D}etc/snort/snort.conf.distrib" || die |
847 |
- sed -i -e 's|^# config set_uid:|config set_uid: snort|g' \ |
848 |
- "${D}etc/snort/snort.conf.distrib" || die |
849 |
- |
850 |
- # Set the default log dir |
851 |
- sed -i -e 's|^# config logdir:|config logdir: /var/log/snort/|g' \ |
852 |
- "${D}etc/snort/snort.conf.distrib" || die |
853 |
- |
854 |
- # Set the correct so_rule location in the config |
855 |
- sed -i -e 's|SO_RULE_PATH ../so_rules|SO_RULE_PATH /etc/snort/so_rules|g' \ |
856 |
- "${D}etc/snort/snort.conf.distrib" || die |
857 |
-} |
858 |
- |
859 |
-pkg_postinst() { |
860 |
- |
861 |
- einfo "There have been a number of improvements and new features" |
862 |
- einfo "added to ${P}. Please review the RELEASE.NOTES and" |
863 |
- einfo "ChangLog located in /usr/share/doc/${PF}." |
864 |
- einfo |
865 |
- elog "The Sourcefire Vulnerability Research Team (VRT) recommends that" |
866 |
- elog "users migrate their snort.conf customizations to the latest config" |
867 |
- elog "file released by the VRT. You can find the latest version of the" |
868 |
- elog "Snort config file in /etc/snort/snort.conf.distrib." |
869 |
- elog |
870 |
- elog "!! It is important that you migrate to this new snort.conf file !!" |
871 |
- elog |
872 |
- elog "This version of the ebuild includes an updated init.d file and" |
873 |
- elog "conf.d file that rely on options found in the latest Snort" |
874 |
- elog "config file provided by the VRT." |
875 |
- |
876 |
- if use debug; then |
877 |
- elog "You have the 'debug' USE flag enabled. If this has been done to" |
878 |
- elog "troubleshoot an issue by producing a core dump or a back trace," |
879 |
- elog "then you need to also ensure the FEATURES variable in make.conf" |
880 |
- elog "contains the 'nostrip' option." |
881 |
- fi |
882 |
-} |
883 |
|
884 |
diff --git a/net-analyzer/snort/snort-2.9.7.3.ebuild b/net-analyzer/snort/snort-2.9.7.3.ebuild |
885 |
deleted file mode 100644 |
886 |
index a22c0902ec3..00000000000 |
887 |
--- a/net-analyzer/snort/snort-2.9.7.3.ebuild |
888 |
+++ /dev/null |
889 |
@@ -1,249 +0,0 @@ |
890 |
-# Copyright 1999-2018 Gentoo Foundation |
891 |
-# Distributed under the terms of the GNU General Public License v2 |
892 |
- |
893 |
-EAPI="5" |
894 |
-inherit autotools multilib user |
895 |
- |
896 |
-DESCRIPTION="The de facto standard for intrusion detection/prevention" |
897 |
-HOMEPAGE="https://www.snort.org" |
898 |
-SRC_URI="https://www.snort.org/downloads/archive/${PN}/${P}.tar.gz" |
899 |
-LICENSE="GPL-2" |
900 |
-SLOT="0" |
901 |
-KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86" |
902 |
-IUSE="static +gre +mpls +targetbased +ppm +perfprofiling |
903 |
-+non-ether-decoders control-socket file-inspect high-availability |
904 |
-shared-rep side-channel sourcefire linux-smp-stats inline-init-failopen |
905 |
-+threads debug +active-response +normalizer reload-error-restart |
906 |
-+react +flexresp3 large-pcap-64bit selinux" |
907 |
- |
908 |
-DEPEND=">=net-libs/libpcap-1.3.0 |
909 |
- >=net-libs/daq-2.0.2 |
910 |
- >=dev-libs/libpcre-8.33 |
911 |
- dev-libs/libdnet |
912 |
- sys-libs/zlib" |
913 |
- |
914 |
-RDEPEND="${DEPEND} |
915 |
- selinux? ( sec-policy/selinux-snort )" |
916 |
- |
917 |
-REQUIRED_USE="!kernel_linux? ( !shared-rep )" |
918 |
- |
919 |
-pkg_setup() { |
920 |
- |
921 |
- # pre_inst() is a better place to put this |
922 |
- # but we need it here for the 'fowners' statements in src_install() |
923 |
- enewgroup snort |
924 |
- enewuser snort -1 -1 /dev/null snort |
925 |
- |
926 |
-} |
927 |
- |
928 |
-src_prepare() { |
929 |
- |
930 |
- # Multilib fix for the sf_engine |
931 |
- ebegin "Applying multilib fix" |
932 |
- sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ |
933 |
- "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ |
934 |
- || die "sed for sf_engine failed" |
935 |
- |
936 |
- # Multilib fix for the curent set of dynamic-preprocessors |
937 |
- for i in file ftptelnet smtp ssh dns ssl dcerpc2 sdf imap pop sip reputation gtp modbus dnp3; do |
938 |
- sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ |
939 |
- "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ |
940 |
- || die "sed for $i failed." |
941 |
- done |
942 |
- eend |
943 |
- |
944 |
- AT_M4DIR=m4 eautoreconf |
945 |
-} |
946 |
- |
947 |
-src_configure() { |
948 |
- |
949 |
- econf \ |
950 |
- $(use_enable !static shared) \ |
951 |
- $(use_enable static) \ |
952 |
- $(use_enable static so-with-static-lib) \ |
953 |
- $(use_enable gre) \ |
954 |
- $(use_enable mpls) \ |
955 |
- $(use_enable targetbased) \ |
956 |
- $(use_enable control-socket) \ |
957 |
- $(use_enable file-inspect) \ |
958 |
- $(use_enable high-availability ha) \ |
959 |
- $(use_enable non-ether-decoders) \ |
960 |
- $(use_enable shared-rep) \ |
961 |
- $(use_enable side-channel) \ |
962 |
- $(use_enable sourcefire) \ |
963 |
- $(use_enable ppm) \ |
964 |
- $(use_enable perfprofiling) \ |
965 |
- $(use_enable linux-smp-stats) \ |
966 |
- $(use_enable inline-init-failopen) \ |
967 |
- $(use_enable threads pthread) \ |
968 |
- $(use_enable debug) \ |
969 |
- $(use_enable debug debug-msgs) \ |
970 |
- $(use_enable debug corefiles) \ |
971 |
- $(use_enable !debug dlclose) \ |
972 |
- $(use_enable active-response) \ |
973 |
- $(use_enable normalizer) \ |
974 |
- $(use_enable reload-error-restart) \ |
975 |
- $(use_enable react) \ |
976 |
- $(use_enable flexresp3) \ |
977 |
- $(use_enable large-pcap-64bit large-pcap) \ |
978 |
- --enable-reload \ |
979 |
- --disable-build-dynamic-examples \ |
980 |
- --disable-profile \ |
981 |
- --disable-ppm-test \ |
982 |
- --disable-intel-soft-cpm \ |
983 |
- --disable-static-daq |
984 |
-} |
985 |
- |
986 |
-src_install() { |
987 |
- |
988 |
- emake DESTDIR="${D}" install |
989 |
- |
990 |
- dodir /var/log/snort \ |
991 |
- /var/run/snort \ |
992 |
- /etc/snort/rules \ |
993 |
- /etc/snort/so_rules \ |
994 |
- /usr/$(get_libdir)/snort_dynamicrules |
995 |
- |
996 |
- # config.log and build.log are needed by Sourcefire |
997 |
- # to trouble shoot build problems and bug reports so we are |
998 |
- # perserving them incase the user needs upstream support. |
999 |
- dodoc RELEASE.NOTES ChangeLog \ |
1000 |
- doc/* \ |
1001 |
- tools/u2boat/README.u2boat |
1002 |
- |
1003 |
- insinto /etc/snort |
1004 |
- doins etc/attribute_table.dtd \ |
1005 |
- etc/classification.config \ |
1006 |
- etc/gen-msg.map \ |
1007 |
- etc/reference.config \ |
1008 |
- etc/threshold.conf \ |
1009 |
- etc/unicode.map |
1010 |
- |
1011 |
- # We use snort.conf.distrib because the config file is complicated |
1012 |
- # and the one shipped with snort can change drastically between versions. |
1013 |
- # Users should migrate setting by hand and not with etc-update. |
1014 |
- newins etc/snort.conf snort.conf.distrib |
1015 |
- |
1016 |
- # config.log and build.log are needed by Sourcefire |
1017 |
- # to troubleshoot build problems and bug reports so we are |
1018 |
- # preserving them incase the user needs upstream support. |
1019 |
- if [ -f "${WORKDIR}/${PF}/config.log" ]; then |
1020 |
- dodoc "${WORKDIR}/${PF}/config.log" |
1021 |
- fi |
1022 |
- if [ -f "${T}/build.log" ]; then |
1023 |
- dodoc "${T}/build.log" |
1024 |
- fi |
1025 |
- |
1026 |
- insinto /etc/snort/preproc_rules |
1027 |
- doins preproc_rules/decoder.rules \ |
1028 |
- preproc_rules/preprocessor.rules \ |
1029 |
- preproc_rules/sensitive-data.rules |
1030 |
- |
1031 |
- fowners -R snort:snort \ |
1032 |
- /var/log/snort \ |
1033 |
- /var/run/snort \ |
1034 |
- /etc/snort |
1035 |
- |
1036 |
- newinitd "${FILESDIR}/snort.rc12" snort |
1037 |
- newconfd "${FILESDIR}/snort.confd.2" snort |
1038 |
- |
1039 |
- # Sourcefire uses Makefiles to install docs causing Bug #297190. |
1040 |
- # This removes the unwanted doc directory and rogue Makefiles. |
1041 |
- rm -rf "${D}"usr/share/doc/snort || die "Failed to remove SF doc directories" |
1042 |
- rm "${D}"usr/share/doc/"${PF}"/Makefile* || die "Failed to remove doc make files" |
1043 |
- |
1044 |
- # Remove unneeded .la files (Bug #382863) |
1045 |
- rm "${D}"usr/$(get_libdir)/snort_dynamicengine/libsf_engine.la || die |
1046 |
- rm "${D}"usr/$(get_libdir)/snort_dynamicpreprocessor/libsf_*_preproc.la || die "Failed to remove libsf_?_preproc.la" |
1047 |
- |
1048 |
- # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection |
1049 |
- sed -i -e 's|/usr/local/lib|/usr/'$(get_libdir)'|g' \ |
1050 |
- "${D}etc/snort/snort.conf.distrib" || die |
1051 |
- |
1052 |
- # Set the correct rule location in the config |
1053 |
- sed -i -e 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|g' \ |
1054 |
- "${D}etc/snort/snort.conf.distrib" || die |
1055 |
- |
1056 |
- # Set the correct preprocessor/decoder rule location in the config |
1057 |
- sed -i -e 's|PREPROC_RULE_PATH ../preproc_rules|PREPROC_RULE_PATH /etc/snort/preproc_rules|g' \ |
1058 |
- "${D}etc/snort/snort.conf.distrib" || die |
1059 |
- |
1060 |
- # Enable the preprocessor/decoder rules |
1061 |
- sed -i -e 's|^# include $PREPROC_RULE_PATH|include $PREPROC_RULE_PATH|g' \ |
1062 |
- "${D}etc/snort/snort.conf.distrib" || die |
1063 |
- |
1064 |
- sed -i -e 's|^# dynamicdetection directory|dynamicdetection directory|g' \ |
1065 |
- "${D}etc/snort/snort.conf.distrib" || die |
1066 |
- |
1067 |
- # Just some clean up of trailing /'s in the config |
1068 |
- sed -i -e 's|snort_dynamicpreprocessor/$|snort_dynamicpreprocessor|g' \ |
1069 |
- "${D}etc/snort/snort.conf.distrib" || die |
1070 |
- |
1071 |
- # Make it clear in the config where these are... |
1072 |
- sed -i -e 's|^include classification.config|include /etc/snort/classification.config|g' \ |
1073 |
- "${D}etc/snort/snort.conf.distrib" || die |
1074 |
- |
1075 |
- sed -i -e 's|^include reference.config|include /etc/snort/reference.config|g' \ |
1076 |
- "${D}etc/snort/snort.conf.distrib" || die |
1077 |
- |
1078 |
- # Disable all rule files by default. |
1079 |
- sed -i -e 's|^include $RULE_PATH|# include $RULE_PATH|g' \ |
1080 |
- "${D}etc/snort/snort.conf.distrib" || die |
1081 |
- |
1082 |
- # Disable normalizer preprocessor config if normalizer USE flag not set. |
1083 |
- if ! use normalizer; then |
1084 |
- sed -i -e 's|^preprocessor normalize|#preprocessor normalize|g' \ |
1085 |
- "${D}etc/snort/snort.conf.distrib" || die |
1086 |
- fi |
1087 |
- |
1088 |
- # Set the configured DAQ to afpacket |
1089 |
- sed -i -e 's|^# config daq: <type>|config daq: afpacket|g' \ |
1090 |
- "${D}etc/snort/snort.conf.distrib" || die |
1091 |
- |
1092 |
- # Set the location of the DAQ modules |
1093 |
- sed -i -e 's|^# config daq_dir: <dir>|config daq_dir: /usr/'$(get_libdir)'/daq|g' \ |
1094 |
- "${D}etc/snort/snort.conf.distrib" || die |
1095 |
- |
1096 |
- # Set the DAQ mode to passive |
1097 |
- sed -i -e 's|^# config daq_mode: <mode>|config daq_mode: passive|g' \ |
1098 |
- "${D}etc/snort/snort.conf.distrib" || die |
1099 |
- |
1100 |
- # Set snort to run as snort:snort |
1101 |
- sed -i -e 's|^# config set_gid:|config set_gid: snort|g' \ |
1102 |
- "${D}etc/snort/snort.conf.distrib" || die |
1103 |
- sed -i -e 's|^# config set_uid:|config set_uid: snort|g' \ |
1104 |
- "${D}etc/snort/snort.conf.distrib" || die |
1105 |
- |
1106 |
- # Set the default log dir |
1107 |
- sed -i -e 's|^# config logdir:|config logdir: /var/log/snort/|g' \ |
1108 |
- "${D}etc/snort/snort.conf.distrib" || die |
1109 |
- |
1110 |
- # Set the correct so_rule location in the config |
1111 |
- sed -i -e 's|SO_RULE_PATH ../so_rules|SO_RULE_PATH /etc/snort/so_rules|g' \ |
1112 |
- "${D}etc/snort/snort.conf.distrib" || die |
1113 |
-} |
1114 |
- |
1115 |
-pkg_postinst() { |
1116 |
- |
1117 |
- einfo "There have been a number of improvements and new features" |
1118 |
- einfo "added to ${P}. Please review the RELEASE.NOTES and" |
1119 |
- einfo "ChangLog located in /usr/share/doc/${PF}." |
1120 |
- einfo |
1121 |
- elog "The Sourcefire Vulnerability Research Team (VRT) recommends that" |
1122 |
- elog "users migrate their snort.conf customizations to the latest config" |
1123 |
- elog "file released by the VRT. You can find the latest version of the" |
1124 |
- elog "Snort config file in /etc/snort/snort.conf.distrib." |
1125 |
- elog |
1126 |
- elog "!! It is important that you migrate to this new snort.conf file !!" |
1127 |
- elog |
1128 |
- elog "This version of the ebuild includes an updated init.d file and" |
1129 |
- elog "conf.d file that rely on options found in the latest Snort" |
1130 |
- elog "config file provided by the VRT." |
1131 |
- |
1132 |
- if use debug; then |
1133 |
- elog "You have the 'debug' USE flag enabled. If this has been done to" |
1134 |
- elog "troubleshoot an issue by producing a core dump or a back trace," |
1135 |
- elog "then you need to also ensure the FEATURES variable in make.conf" |
1136 |
- elog "contains the 'nostrip' option." |
1137 |
- fi |
1138 |
-} |
1139 |
|
1140 |
diff --git a/net-analyzer/snort/snort-2.9.7.5.ebuild b/net-analyzer/snort/snort-2.9.7.5.ebuild |
1141 |
deleted file mode 100644 |
1142 |
index a22c0902ec3..00000000000 |
1143 |
--- a/net-analyzer/snort/snort-2.9.7.5.ebuild |
1144 |
+++ /dev/null |
1145 |
@@ -1,249 +0,0 @@ |
1146 |
-# Copyright 1999-2018 Gentoo Foundation |
1147 |
-# Distributed under the terms of the GNU General Public License v2 |
1148 |
- |
1149 |
-EAPI="5" |
1150 |
-inherit autotools multilib user |
1151 |
- |
1152 |
-DESCRIPTION="The de facto standard for intrusion detection/prevention" |
1153 |
-HOMEPAGE="https://www.snort.org" |
1154 |
-SRC_URI="https://www.snort.org/downloads/archive/${PN}/${P}.tar.gz" |
1155 |
-LICENSE="GPL-2" |
1156 |
-SLOT="0" |
1157 |
-KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86" |
1158 |
-IUSE="static +gre +mpls +targetbased +ppm +perfprofiling |
1159 |
-+non-ether-decoders control-socket file-inspect high-availability |
1160 |
-shared-rep side-channel sourcefire linux-smp-stats inline-init-failopen |
1161 |
-+threads debug +active-response +normalizer reload-error-restart |
1162 |
-+react +flexresp3 large-pcap-64bit selinux" |
1163 |
- |
1164 |
-DEPEND=">=net-libs/libpcap-1.3.0 |
1165 |
- >=net-libs/daq-2.0.2 |
1166 |
- >=dev-libs/libpcre-8.33 |
1167 |
- dev-libs/libdnet |
1168 |
- sys-libs/zlib" |
1169 |
- |
1170 |
-RDEPEND="${DEPEND} |
1171 |
- selinux? ( sec-policy/selinux-snort )" |
1172 |
- |
1173 |
-REQUIRED_USE="!kernel_linux? ( !shared-rep )" |
1174 |
- |
1175 |
-pkg_setup() { |
1176 |
- |
1177 |
- # pre_inst() is a better place to put this |
1178 |
- # but we need it here for the 'fowners' statements in src_install() |
1179 |
- enewgroup snort |
1180 |
- enewuser snort -1 -1 /dev/null snort |
1181 |
- |
1182 |
-} |
1183 |
- |
1184 |
-src_prepare() { |
1185 |
- |
1186 |
- # Multilib fix for the sf_engine |
1187 |
- ebegin "Applying multilib fix" |
1188 |
- sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ |
1189 |
- "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ |
1190 |
- || die "sed for sf_engine failed" |
1191 |
- |
1192 |
- # Multilib fix for the curent set of dynamic-preprocessors |
1193 |
- for i in file ftptelnet smtp ssh dns ssl dcerpc2 sdf imap pop sip reputation gtp modbus dnp3; do |
1194 |
- sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ |
1195 |
- "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ |
1196 |
- || die "sed for $i failed." |
1197 |
- done |
1198 |
- eend |
1199 |
- |
1200 |
- AT_M4DIR=m4 eautoreconf |
1201 |
-} |
1202 |
- |
1203 |
-src_configure() { |
1204 |
- |
1205 |
- econf \ |
1206 |
- $(use_enable !static shared) \ |
1207 |
- $(use_enable static) \ |
1208 |
- $(use_enable static so-with-static-lib) \ |
1209 |
- $(use_enable gre) \ |
1210 |
- $(use_enable mpls) \ |
1211 |
- $(use_enable targetbased) \ |
1212 |
- $(use_enable control-socket) \ |
1213 |
- $(use_enable file-inspect) \ |
1214 |
- $(use_enable high-availability ha) \ |
1215 |
- $(use_enable non-ether-decoders) \ |
1216 |
- $(use_enable shared-rep) \ |
1217 |
- $(use_enable side-channel) \ |
1218 |
- $(use_enable sourcefire) \ |
1219 |
- $(use_enable ppm) \ |
1220 |
- $(use_enable perfprofiling) \ |
1221 |
- $(use_enable linux-smp-stats) \ |
1222 |
- $(use_enable inline-init-failopen) \ |
1223 |
- $(use_enable threads pthread) \ |
1224 |
- $(use_enable debug) \ |
1225 |
- $(use_enable debug debug-msgs) \ |
1226 |
- $(use_enable debug corefiles) \ |
1227 |
- $(use_enable !debug dlclose) \ |
1228 |
- $(use_enable active-response) \ |
1229 |
- $(use_enable normalizer) \ |
1230 |
- $(use_enable reload-error-restart) \ |
1231 |
- $(use_enable react) \ |
1232 |
- $(use_enable flexresp3) \ |
1233 |
- $(use_enable large-pcap-64bit large-pcap) \ |
1234 |
- --enable-reload \ |
1235 |
- --disable-build-dynamic-examples \ |
1236 |
- --disable-profile \ |
1237 |
- --disable-ppm-test \ |
1238 |
- --disable-intel-soft-cpm \ |
1239 |
- --disable-static-daq |
1240 |
-} |
1241 |
- |
1242 |
-src_install() { |
1243 |
- |
1244 |
- emake DESTDIR="${D}" install |
1245 |
- |
1246 |
- dodir /var/log/snort \ |
1247 |
- /var/run/snort \ |
1248 |
- /etc/snort/rules \ |
1249 |
- /etc/snort/so_rules \ |
1250 |
- /usr/$(get_libdir)/snort_dynamicrules |
1251 |
- |
1252 |
- # config.log and build.log are needed by Sourcefire |
1253 |
- # to trouble shoot build problems and bug reports so we are |
1254 |
- # perserving them incase the user needs upstream support. |
1255 |
- dodoc RELEASE.NOTES ChangeLog \ |
1256 |
- doc/* \ |
1257 |
- tools/u2boat/README.u2boat |
1258 |
- |
1259 |
- insinto /etc/snort |
1260 |
- doins etc/attribute_table.dtd \ |
1261 |
- etc/classification.config \ |
1262 |
- etc/gen-msg.map \ |
1263 |
- etc/reference.config \ |
1264 |
- etc/threshold.conf \ |
1265 |
- etc/unicode.map |
1266 |
- |
1267 |
- # We use snort.conf.distrib because the config file is complicated |
1268 |
- # and the one shipped with snort can change drastically between versions. |
1269 |
- # Users should migrate setting by hand and not with etc-update. |
1270 |
- newins etc/snort.conf snort.conf.distrib |
1271 |
- |
1272 |
- # config.log and build.log are needed by Sourcefire |
1273 |
- # to troubleshoot build problems and bug reports so we are |
1274 |
- # preserving them incase the user needs upstream support. |
1275 |
- if [ -f "${WORKDIR}/${PF}/config.log" ]; then |
1276 |
- dodoc "${WORKDIR}/${PF}/config.log" |
1277 |
- fi |
1278 |
- if [ -f "${T}/build.log" ]; then |
1279 |
- dodoc "${T}/build.log" |
1280 |
- fi |
1281 |
- |
1282 |
- insinto /etc/snort/preproc_rules |
1283 |
- doins preproc_rules/decoder.rules \ |
1284 |
- preproc_rules/preprocessor.rules \ |
1285 |
- preproc_rules/sensitive-data.rules |
1286 |
- |
1287 |
- fowners -R snort:snort \ |
1288 |
- /var/log/snort \ |
1289 |
- /var/run/snort \ |
1290 |
- /etc/snort |
1291 |
- |
1292 |
- newinitd "${FILESDIR}/snort.rc12" snort |
1293 |
- newconfd "${FILESDIR}/snort.confd.2" snort |
1294 |
- |
1295 |
- # Sourcefire uses Makefiles to install docs causing Bug #297190. |
1296 |
- # This removes the unwanted doc directory and rogue Makefiles. |
1297 |
- rm -rf "${D}"usr/share/doc/snort || die "Failed to remove SF doc directories" |
1298 |
- rm "${D}"usr/share/doc/"${PF}"/Makefile* || die "Failed to remove doc make files" |
1299 |
- |
1300 |
- # Remove unneeded .la files (Bug #382863) |
1301 |
- rm "${D}"usr/$(get_libdir)/snort_dynamicengine/libsf_engine.la || die |
1302 |
- rm "${D}"usr/$(get_libdir)/snort_dynamicpreprocessor/libsf_*_preproc.la || die "Failed to remove libsf_?_preproc.la" |
1303 |
- |
1304 |
- # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection |
1305 |
- sed -i -e 's|/usr/local/lib|/usr/'$(get_libdir)'|g' \ |
1306 |
- "${D}etc/snort/snort.conf.distrib" || die |
1307 |
- |
1308 |
- # Set the correct rule location in the config |
1309 |
- sed -i -e 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|g' \ |
1310 |
- "${D}etc/snort/snort.conf.distrib" || die |
1311 |
- |
1312 |
- # Set the correct preprocessor/decoder rule location in the config |
1313 |
- sed -i -e 's|PREPROC_RULE_PATH ../preproc_rules|PREPROC_RULE_PATH /etc/snort/preproc_rules|g' \ |
1314 |
- "${D}etc/snort/snort.conf.distrib" || die |
1315 |
- |
1316 |
- # Enable the preprocessor/decoder rules |
1317 |
- sed -i -e 's|^# include $PREPROC_RULE_PATH|include $PREPROC_RULE_PATH|g' \ |
1318 |
- "${D}etc/snort/snort.conf.distrib" || die |
1319 |
- |
1320 |
- sed -i -e 's|^# dynamicdetection directory|dynamicdetection directory|g' \ |
1321 |
- "${D}etc/snort/snort.conf.distrib" || die |
1322 |
- |
1323 |
- # Just some clean up of trailing /'s in the config |
1324 |
- sed -i -e 's|snort_dynamicpreprocessor/$|snort_dynamicpreprocessor|g' \ |
1325 |
- "${D}etc/snort/snort.conf.distrib" || die |
1326 |
- |
1327 |
- # Make it clear in the config where these are... |
1328 |
- sed -i -e 's|^include classification.config|include /etc/snort/classification.config|g' \ |
1329 |
- "${D}etc/snort/snort.conf.distrib" || die |
1330 |
- |
1331 |
- sed -i -e 's|^include reference.config|include /etc/snort/reference.config|g' \ |
1332 |
- "${D}etc/snort/snort.conf.distrib" || die |
1333 |
- |
1334 |
- # Disable all rule files by default. |
1335 |
- sed -i -e 's|^include $RULE_PATH|# include $RULE_PATH|g' \ |
1336 |
- "${D}etc/snort/snort.conf.distrib" || die |
1337 |
- |
1338 |
- # Disable normalizer preprocessor config if normalizer USE flag not set. |
1339 |
- if ! use normalizer; then |
1340 |
- sed -i -e 's|^preprocessor normalize|#preprocessor normalize|g' \ |
1341 |
- "${D}etc/snort/snort.conf.distrib" || die |
1342 |
- fi |
1343 |
- |
1344 |
- # Set the configured DAQ to afpacket |
1345 |
- sed -i -e 's|^# config daq: <type>|config daq: afpacket|g' \ |
1346 |
- "${D}etc/snort/snort.conf.distrib" || die |
1347 |
- |
1348 |
- # Set the location of the DAQ modules |
1349 |
- sed -i -e 's|^# config daq_dir: <dir>|config daq_dir: /usr/'$(get_libdir)'/daq|g' \ |
1350 |
- "${D}etc/snort/snort.conf.distrib" || die |
1351 |
- |
1352 |
- # Set the DAQ mode to passive |
1353 |
- sed -i -e 's|^# config daq_mode: <mode>|config daq_mode: passive|g' \ |
1354 |
- "${D}etc/snort/snort.conf.distrib" || die |
1355 |
- |
1356 |
- # Set snort to run as snort:snort |
1357 |
- sed -i -e 's|^# config set_gid:|config set_gid: snort|g' \ |
1358 |
- "${D}etc/snort/snort.conf.distrib" || die |
1359 |
- sed -i -e 's|^# config set_uid:|config set_uid: snort|g' \ |
1360 |
- "${D}etc/snort/snort.conf.distrib" || die |
1361 |
- |
1362 |
- # Set the default log dir |
1363 |
- sed -i -e 's|^# config logdir:|config logdir: /var/log/snort/|g' \ |
1364 |
- "${D}etc/snort/snort.conf.distrib" || die |
1365 |
- |
1366 |
- # Set the correct so_rule location in the config |
1367 |
- sed -i -e 's|SO_RULE_PATH ../so_rules|SO_RULE_PATH /etc/snort/so_rules|g' \ |
1368 |
- "${D}etc/snort/snort.conf.distrib" || die |
1369 |
-} |
1370 |
- |
1371 |
-pkg_postinst() { |
1372 |
- |
1373 |
- einfo "There have been a number of improvements and new features" |
1374 |
- einfo "added to ${P}. Please review the RELEASE.NOTES and" |
1375 |
- einfo "ChangLog located in /usr/share/doc/${PF}." |
1376 |
- einfo |
1377 |
- elog "The Sourcefire Vulnerability Research Team (VRT) recommends that" |
1378 |
- elog "users migrate their snort.conf customizations to the latest config" |
1379 |
- elog "file released by the VRT. You can find the latest version of the" |
1380 |
- elog "Snort config file in /etc/snort/snort.conf.distrib." |
1381 |
- elog |
1382 |
- elog "!! It is important that you migrate to this new snort.conf file !!" |
1383 |
- elog |
1384 |
- elog "This version of the ebuild includes an updated init.d file and" |
1385 |
- elog "conf.d file that rely on options found in the latest Snort" |
1386 |
- elog "config file provided by the VRT." |
1387 |
- |
1388 |
- if use debug; then |
1389 |
- elog "You have the 'debug' USE flag enabled. If this has been done to" |
1390 |
- elog "troubleshoot an issue by producing a core dump or a back trace," |
1391 |
- elog "then you need to also ensure the FEATURES variable in make.conf" |
1392 |
- elog "contains the 'nostrip' option." |
1393 |
- fi |
1394 |
-} |
1395 |
|
1396 |
diff --git a/net-analyzer/snort/snort-2.9.8.0.ebuild b/net-analyzer/snort/snort-2.9.8.0.ebuild |
1397 |
deleted file mode 100644 |
1398 |
index a22c0902ec3..00000000000 |
1399 |
--- a/net-analyzer/snort/snort-2.9.8.0.ebuild |
1400 |
+++ /dev/null |
1401 |
@@ -1,249 +0,0 @@ |
1402 |
-# Copyright 1999-2018 Gentoo Foundation |
1403 |
-# Distributed under the terms of the GNU General Public License v2 |
1404 |
- |
1405 |
-EAPI="5" |
1406 |
-inherit autotools multilib user |
1407 |
- |
1408 |
-DESCRIPTION="The de facto standard for intrusion detection/prevention" |
1409 |
-HOMEPAGE="https://www.snort.org" |
1410 |
-SRC_URI="https://www.snort.org/downloads/archive/${PN}/${P}.tar.gz" |
1411 |
-LICENSE="GPL-2" |
1412 |
-SLOT="0" |
1413 |
-KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86" |
1414 |
-IUSE="static +gre +mpls +targetbased +ppm +perfprofiling |
1415 |
-+non-ether-decoders control-socket file-inspect high-availability |
1416 |
-shared-rep side-channel sourcefire linux-smp-stats inline-init-failopen |
1417 |
-+threads debug +active-response +normalizer reload-error-restart |
1418 |
-+react +flexresp3 large-pcap-64bit selinux" |
1419 |
- |
1420 |
-DEPEND=">=net-libs/libpcap-1.3.0 |
1421 |
- >=net-libs/daq-2.0.2 |
1422 |
- >=dev-libs/libpcre-8.33 |
1423 |
- dev-libs/libdnet |
1424 |
- sys-libs/zlib" |
1425 |
- |
1426 |
-RDEPEND="${DEPEND} |
1427 |
- selinux? ( sec-policy/selinux-snort )" |
1428 |
- |
1429 |
-REQUIRED_USE="!kernel_linux? ( !shared-rep )" |
1430 |
- |
1431 |
-pkg_setup() { |
1432 |
- |
1433 |
- # pre_inst() is a better place to put this |
1434 |
- # but we need it here for the 'fowners' statements in src_install() |
1435 |
- enewgroup snort |
1436 |
- enewuser snort -1 -1 /dev/null snort |
1437 |
- |
1438 |
-} |
1439 |
- |
1440 |
-src_prepare() { |
1441 |
- |
1442 |
- # Multilib fix for the sf_engine |
1443 |
- ebegin "Applying multilib fix" |
1444 |
- sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ |
1445 |
- "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ |
1446 |
- || die "sed for sf_engine failed" |
1447 |
- |
1448 |
- # Multilib fix for the curent set of dynamic-preprocessors |
1449 |
- for i in file ftptelnet smtp ssh dns ssl dcerpc2 sdf imap pop sip reputation gtp modbus dnp3; do |
1450 |
- sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ |
1451 |
- "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ |
1452 |
- || die "sed for $i failed." |
1453 |
- done |
1454 |
- eend |
1455 |
- |
1456 |
- AT_M4DIR=m4 eautoreconf |
1457 |
-} |
1458 |
- |
1459 |
-src_configure() { |
1460 |
- |
1461 |
- econf \ |
1462 |
- $(use_enable !static shared) \ |
1463 |
- $(use_enable static) \ |
1464 |
- $(use_enable static so-with-static-lib) \ |
1465 |
- $(use_enable gre) \ |
1466 |
- $(use_enable mpls) \ |
1467 |
- $(use_enable targetbased) \ |
1468 |
- $(use_enable control-socket) \ |
1469 |
- $(use_enable file-inspect) \ |
1470 |
- $(use_enable high-availability ha) \ |
1471 |
- $(use_enable non-ether-decoders) \ |
1472 |
- $(use_enable shared-rep) \ |
1473 |
- $(use_enable side-channel) \ |
1474 |
- $(use_enable sourcefire) \ |
1475 |
- $(use_enable ppm) \ |
1476 |
- $(use_enable perfprofiling) \ |
1477 |
- $(use_enable linux-smp-stats) \ |
1478 |
- $(use_enable inline-init-failopen) \ |
1479 |
- $(use_enable threads pthread) \ |
1480 |
- $(use_enable debug) \ |
1481 |
- $(use_enable debug debug-msgs) \ |
1482 |
- $(use_enable debug corefiles) \ |
1483 |
- $(use_enable !debug dlclose) \ |
1484 |
- $(use_enable active-response) \ |
1485 |
- $(use_enable normalizer) \ |
1486 |
- $(use_enable reload-error-restart) \ |
1487 |
- $(use_enable react) \ |
1488 |
- $(use_enable flexresp3) \ |
1489 |
- $(use_enable large-pcap-64bit large-pcap) \ |
1490 |
- --enable-reload \ |
1491 |
- --disable-build-dynamic-examples \ |
1492 |
- --disable-profile \ |
1493 |
- --disable-ppm-test \ |
1494 |
- --disable-intel-soft-cpm \ |
1495 |
- --disable-static-daq |
1496 |
-} |
1497 |
- |
1498 |
-src_install() { |
1499 |
- |
1500 |
- emake DESTDIR="${D}" install |
1501 |
- |
1502 |
- dodir /var/log/snort \ |
1503 |
- /var/run/snort \ |
1504 |
- /etc/snort/rules \ |
1505 |
- /etc/snort/so_rules \ |
1506 |
- /usr/$(get_libdir)/snort_dynamicrules |
1507 |
- |
1508 |
- # config.log and build.log are needed by Sourcefire |
1509 |
- # to trouble shoot build problems and bug reports so we are |
1510 |
- # perserving them incase the user needs upstream support. |
1511 |
- dodoc RELEASE.NOTES ChangeLog \ |
1512 |
- doc/* \ |
1513 |
- tools/u2boat/README.u2boat |
1514 |
- |
1515 |
- insinto /etc/snort |
1516 |
- doins etc/attribute_table.dtd \ |
1517 |
- etc/classification.config \ |
1518 |
- etc/gen-msg.map \ |
1519 |
- etc/reference.config \ |
1520 |
- etc/threshold.conf \ |
1521 |
- etc/unicode.map |
1522 |
- |
1523 |
- # We use snort.conf.distrib because the config file is complicated |
1524 |
- # and the one shipped with snort can change drastically between versions. |
1525 |
- # Users should migrate setting by hand and not with etc-update. |
1526 |
- newins etc/snort.conf snort.conf.distrib |
1527 |
- |
1528 |
- # config.log and build.log are needed by Sourcefire |
1529 |
- # to troubleshoot build problems and bug reports so we are |
1530 |
- # preserving them incase the user needs upstream support. |
1531 |
- if [ -f "${WORKDIR}/${PF}/config.log" ]; then |
1532 |
- dodoc "${WORKDIR}/${PF}/config.log" |
1533 |
- fi |
1534 |
- if [ -f "${T}/build.log" ]; then |
1535 |
- dodoc "${T}/build.log" |
1536 |
- fi |
1537 |
- |
1538 |
- insinto /etc/snort/preproc_rules |
1539 |
- doins preproc_rules/decoder.rules \ |
1540 |
- preproc_rules/preprocessor.rules \ |
1541 |
- preproc_rules/sensitive-data.rules |
1542 |
- |
1543 |
- fowners -R snort:snort \ |
1544 |
- /var/log/snort \ |
1545 |
- /var/run/snort \ |
1546 |
- /etc/snort |
1547 |
- |
1548 |
- newinitd "${FILESDIR}/snort.rc12" snort |
1549 |
- newconfd "${FILESDIR}/snort.confd.2" snort |
1550 |
- |
1551 |
- # Sourcefire uses Makefiles to install docs causing Bug #297190. |
1552 |
- # This removes the unwanted doc directory and rogue Makefiles. |
1553 |
- rm -rf "${D}"usr/share/doc/snort || die "Failed to remove SF doc directories" |
1554 |
- rm "${D}"usr/share/doc/"${PF}"/Makefile* || die "Failed to remove doc make files" |
1555 |
- |
1556 |
- # Remove unneeded .la files (Bug #382863) |
1557 |
- rm "${D}"usr/$(get_libdir)/snort_dynamicengine/libsf_engine.la || die |
1558 |
- rm "${D}"usr/$(get_libdir)/snort_dynamicpreprocessor/libsf_*_preproc.la || die "Failed to remove libsf_?_preproc.la" |
1559 |
- |
1560 |
- # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection |
1561 |
- sed -i -e 's|/usr/local/lib|/usr/'$(get_libdir)'|g' \ |
1562 |
- "${D}etc/snort/snort.conf.distrib" || die |
1563 |
- |
1564 |
- # Set the correct rule location in the config |
1565 |
- sed -i -e 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|g' \ |
1566 |
- "${D}etc/snort/snort.conf.distrib" || die |
1567 |
- |
1568 |
- # Set the correct preprocessor/decoder rule location in the config |
1569 |
- sed -i -e 's|PREPROC_RULE_PATH ../preproc_rules|PREPROC_RULE_PATH /etc/snort/preproc_rules|g' \ |
1570 |
- "${D}etc/snort/snort.conf.distrib" || die |
1571 |
- |
1572 |
- # Enable the preprocessor/decoder rules |
1573 |
- sed -i -e 's|^# include $PREPROC_RULE_PATH|include $PREPROC_RULE_PATH|g' \ |
1574 |
- "${D}etc/snort/snort.conf.distrib" || die |
1575 |
- |
1576 |
- sed -i -e 's|^# dynamicdetection directory|dynamicdetection directory|g' \ |
1577 |
- "${D}etc/snort/snort.conf.distrib" || die |
1578 |
- |
1579 |
- # Just some clean up of trailing /'s in the config |
1580 |
- sed -i -e 's|snort_dynamicpreprocessor/$|snort_dynamicpreprocessor|g' \ |
1581 |
- "${D}etc/snort/snort.conf.distrib" || die |
1582 |
- |
1583 |
- # Make it clear in the config where these are... |
1584 |
- sed -i -e 's|^include classification.config|include /etc/snort/classification.config|g' \ |
1585 |
- "${D}etc/snort/snort.conf.distrib" || die |
1586 |
- |
1587 |
- sed -i -e 's|^include reference.config|include /etc/snort/reference.config|g' \ |
1588 |
- "${D}etc/snort/snort.conf.distrib" || die |
1589 |
- |
1590 |
- # Disable all rule files by default. |
1591 |
- sed -i -e 's|^include $RULE_PATH|# include $RULE_PATH|g' \ |
1592 |
- "${D}etc/snort/snort.conf.distrib" || die |
1593 |
- |
1594 |
- # Disable normalizer preprocessor config if normalizer USE flag not set. |
1595 |
- if ! use normalizer; then |
1596 |
- sed -i -e 's|^preprocessor normalize|#preprocessor normalize|g' \ |
1597 |
- "${D}etc/snort/snort.conf.distrib" || die |
1598 |
- fi |
1599 |
- |
1600 |
- # Set the configured DAQ to afpacket |
1601 |
- sed -i -e 's|^# config daq: <type>|config daq: afpacket|g' \ |
1602 |
- "${D}etc/snort/snort.conf.distrib" || die |
1603 |
- |
1604 |
- # Set the location of the DAQ modules |
1605 |
- sed -i -e 's|^# config daq_dir: <dir>|config daq_dir: /usr/'$(get_libdir)'/daq|g' \ |
1606 |
- "${D}etc/snort/snort.conf.distrib" || die |
1607 |
- |
1608 |
- # Set the DAQ mode to passive |
1609 |
- sed -i -e 's|^# config daq_mode: <mode>|config daq_mode: passive|g' \ |
1610 |
- "${D}etc/snort/snort.conf.distrib" || die |
1611 |
- |
1612 |
- # Set snort to run as snort:snort |
1613 |
- sed -i -e 's|^# config set_gid:|config set_gid: snort|g' \ |
1614 |
- "${D}etc/snort/snort.conf.distrib" || die |
1615 |
- sed -i -e 's|^# config set_uid:|config set_uid: snort|g' \ |
1616 |
- "${D}etc/snort/snort.conf.distrib" || die |
1617 |
- |
1618 |
- # Set the default log dir |
1619 |
- sed -i -e 's|^# config logdir:|config logdir: /var/log/snort/|g' \ |
1620 |
- "${D}etc/snort/snort.conf.distrib" || die |
1621 |
- |
1622 |
- # Set the correct so_rule location in the config |
1623 |
- sed -i -e 's|SO_RULE_PATH ../so_rules|SO_RULE_PATH /etc/snort/so_rules|g' \ |
1624 |
- "${D}etc/snort/snort.conf.distrib" || die |
1625 |
-} |
1626 |
- |
1627 |
-pkg_postinst() { |
1628 |
- |
1629 |
- einfo "There have been a number of improvements and new features" |
1630 |
- einfo "added to ${P}. Please review the RELEASE.NOTES and" |
1631 |
- einfo "ChangLog located in /usr/share/doc/${PF}." |
1632 |
- einfo |
1633 |
- elog "The Sourcefire Vulnerability Research Team (VRT) recommends that" |
1634 |
- elog "users migrate their snort.conf customizations to the latest config" |
1635 |
- elog "file released by the VRT. You can find the latest version of the" |
1636 |
- elog "Snort config file in /etc/snort/snort.conf.distrib." |
1637 |
- elog |
1638 |
- elog "!! It is important that you migrate to this new snort.conf file !!" |
1639 |
- elog |
1640 |
- elog "This version of the ebuild includes an updated init.d file and" |
1641 |
- elog "conf.d file that rely on options found in the latest Snort" |
1642 |
- elog "config file provided by the VRT." |
1643 |
- |
1644 |
- if use debug; then |
1645 |
- elog "You have the 'debug' USE flag enabled. If this has been done to" |
1646 |
- elog "troubleshoot an issue by producing a core dump or a back trace," |
1647 |
- elog "then you need to also ensure the FEATURES variable in make.conf" |
1648 |
- elog "contains the 'nostrip' option." |
1649 |
- fi |
1650 |
-} |
1651 |
|
1652 |
diff --git a/net-analyzer/snort/snort-2.9.8.2.ebuild b/net-analyzer/snort/snort-2.9.8.2.ebuild |
1653 |
deleted file mode 100644 |
1654 |
index a22c0902ec3..00000000000 |
1655 |
--- a/net-analyzer/snort/snort-2.9.8.2.ebuild |
1656 |
+++ /dev/null |
1657 |
@@ -1,249 +0,0 @@ |
1658 |
-# Copyright 1999-2018 Gentoo Foundation |
1659 |
-# Distributed under the terms of the GNU General Public License v2 |
1660 |
- |
1661 |
-EAPI="5" |
1662 |
-inherit autotools multilib user |
1663 |
- |
1664 |
-DESCRIPTION="The de facto standard for intrusion detection/prevention" |
1665 |
-HOMEPAGE="https://www.snort.org" |
1666 |
-SRC_URI="https://www.snort.org/downloads/archive/${PN}/${P}.tar.gz" |
1667 |
-LICENSE="GPL-2" |
1668 |
-SLOT="0" |
1669 |
-KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86" |
1670 |
-IUSE="static +gre +mpls +targetbased +ppm +perfprofiling |
1671 |
-+non-ether-decoders control-socket file-inspect high-availability |
1672 |
-shared-rep side-channel sourcefire linux-smp-stats inline-init-failopen |
1673 |
-+threads debug +active-response +normalizer reload-error-restart |
1674 |
-+react +flexresp3 large-pcap-64bit selinux" |
1675 |
- |
1676 |
-DEPEND=">=net-libs/libpcap-1.3.0 |
1677 |
- >=net-libs/daq-2.0.2 |
1678 |
- >=dev-libs/libpcre-8.33 |
1679 |
- dev-libs/libdnet |
1680 |
- sys-libs/zlib" |
1681 |
- |
1682 |
-RDEPEND="${DEPEND} |
1683 |
- selinux? ( sec-policy/selinux-snort )" |
1684 |
- |
1685 |
-REQUIRED_USE="!kernel_linux? ( !shared-rep )" |
1686 |
- |
1687 |
-pkg_setup() { |
1688 |
- |
1689 |
- # pre_inst() is a better place to put this |
1690 |
- # but we need it here for the 'fowners' statements in src_install() |
1691 |
- enewgroup snort |
1692 |
- enewuser snort -1 -1 /dev/null snort |
1693 |
- |
1694 |
-} |
1695 |
- |
1696 |
-src_prepare() { |
1697 |
- |
1698 |
- # Multilib fix for the sf_engine |
1699 |
- ebegin "Applying multilib fix" |
1700 |
- sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ |
1701 |
- "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ |
1702 |
- || die "sed for sf_engine failed" |
1703 |
- |
1704 |
- # Multilib fix for the curent set of dynamic-preprocessors |
1705 |
- for i in file ftptelnet smtp ssh dns ssl dcerpc2 sdf imap pop sip reputation gtp modbus dnp3; do |
1706 |
- sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ |
1707 |
- "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ |
1708 |
- || die "sed for $i failed." |
1709 |
- done |
1710 |
- eend |
1711 |
- |
1712 |
- AT_M4DIR=m4 eautoreconf |
1713 |
-} |
1714 |
- |
1715 |
-src_configure() { |
1716 |
- |
1717 |
- econf \ |
1718 |
- $(use_enable !static shared) \ |
1719 |
- $(use_enable static) \ |
1720 |
- $(use_enable static so-with-static-lib) \ |
1721 |
- $(use_enable gre) \ |
1722 |
- $(use_enable mpls) \ |
1723 |
- $(use_enable targetbased) \ |
1724 |
- $(use_enable control-socket) \ |
1725 |
- $(use_enable file-inspect) \ |
1726 |
- $(use_enable high-availability ha) \ |
1727 |
- $(use_enable non-ether-decoders) \ |
1728 |
- $(use_enable shared-rep) \ |
1729 |
- $(use_enable side-channel) \ |
1730 |
- $(use_enable sourcefire) \ |
1731 |
- $(use_enable ppm) \ |
1732 |
- $(use_enable perfprofiling) \ |
1733 |
- $(use_enable linux-smp-stats) \ |
1734 |
- $(use_enable inline-init-failopen) \ |
1735 |
- $(use_enable threads pthread) \ |
1736 |
- $(use_enable debug) \ |
1737 |
- $(use_enable debug debug-msgs) \ |
1738 |
- $(use_enable debug corefiles) \ |
1739 |
- $(use_enable !debug dlclose) \ |
1740 |
- $(use_enable active-response) \ |
1741 |
- $(use_enable normalizer) \ |
1742 |
- $(use_enable reload-error-restart) \ |
1743 |
- $(use_enable react) \ |
1744 |
- $(use_enable flexresp3) \ |
1745 |
- $(use_enable large-pcap-64bit large-pcap) \ |
1746 |
- --enable-reload \ |
1747 |
- --disable-build-dynamic-examples \ |
1748 |
- --disable-profile \ |
1749 |
- --disable-ppm-test \ |
1750 |
- --disable-intel-soft-cpm \ |
1751 |
- --disable-static-daq |
1752 |
-} |
1753 |
- |
1754 |
-src_install() { |
1755 |
- |
1756 |
- emake DESTDIR="${D}" install |
1757 |
- |
1758 |
- dodir /var/log/snort \ |
1759 |
- /var/run/snort \ |
1760 |
- /etc/snort/rules \ |
1761 |
- /etc/snort/so_rules \ |
1762 |
- /usr/$(get_libdir)/snort_dynamicrules |
1763 |
- |
1764 |
- # config.log and build.log are needed by Sourcefire |
1765 |
- # to trouble shoot build problems and bug reports so we are |
1766 |
- # perserving them incase the user needs upstream support. |
1767 |
- dodoc RELEASE.NOTES ChangeLog \ |
1768 |
- doc/* \ |
1769 |
- tools/u2boat/README.u2boat |
1770 |
- |
1771 |
- insinto /etc/snort |
1772 |
- doins etc/attribute_table.dtd \ |
1773 |
- etc/classification.config \ |
1774 |
- etc/gen-msg.map \ |
1775 |
- etc/reference.config \ |
1776 |
- etc/threshold.conf \ |
1777 |
- etc/unicode.map |
1778 |
- |
1779 |
- # We use snort.conf.distrib because the config file is complicated |
1780 |
- # and the one shipped with snort can change drastically between versions. |
1781 |
- # Users should migrate setting by hand and not with etc-update. |
1782 |
- newins etc/snort.conf snort.conf.distrib |
1783 |
- |
1784 |
- # config.log and build.log are needed by Sourcefire |
1785 |
- # to troubleshoot build problems and bug reports so we are |
1786 |
- # preserving them incase the user needs upstream support. |
1787 |
- if [ -f "${WORKDIR}/${PF}/config.log" ]; then |
1788 |
- dodoc "${WORKDIR}/${PF}/config.log" |
1789 |
- fi |
1790 |
- if [ -f "${T}/build.log" ]; then |
1791 |
- dodoc "${T}/build.log" |
1792 |
- fi |
1793 |
- |
1794 |
- insinto /etc/snort/preproc_rules |
1795 |
- doins preproc_rules/decoder.rules \ |
1796 |
- preproc_rules/preprocessor.rules \ |
1797 |
- preproc_rules/sensitive-data.rules |
1798 |
- |
1799 |
- fowners -R snort:snort \ |
1800 |
- /var/log/snort \ |
1801 |
- /var/run/snort \ |
1802 |
- /etc/snort |
1803 |
- |
1804 |
- newinitd "${FILESDIR}/snort.rc12" snort |
1805 |
- newconfd "${FILESDIR}/snort.confd.2" snort |
1806 |
- |
1807 |
- # Sourcefire uses Makefiles to install docs causing Bug #297190. |
1808 |
- # This removes the unwanted doc directory and rogue Makefiles. |
1809 |
- rm -rf "${D}"usr/share/doc/snort || die "Failed to remove SF doc directories" |
1810 |
- rm "${D}"usr/share/doc/"${PF}"/Makefile* || die "Failed to remove doc make files" |
1811 |
- |
1812 |
- # Remove unneeded .la files (Bug #382863) |
1813 |
- rm "${D}"usr/$(get_libdir)/snort_dynamicengine/libsf_engine.la || die |
1814 |
- rm "${D}"usr/$(get_libdir)/snort_dynamicpreprocessor/libsf_*_preproc.la || die "Failed to remove libsf_?_preproc.la" |
1815 |
- |
1816 |
- # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection |
1817 |
- sed -i -e 's|/usr/local/lib|/usr/'$(get_libdir)'|g' \ |
1818 |
- "${D}etc/snort/snort.conf.distrib" || die |
1819 |
- |
1820 |
- # Set the correct rule location in the config |
1821 |
- sed -i -e 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|g' \ |
1822 |
- "${D}etc/snort/snort.conf.distrib" || die |
1823 |
- |
1824 |
- # Set the correct preprocessor/decoder rule location in the config |
1825 |
- sed -i -e 's|PREPROC_RULE_PATH ../preproc_rules|PREPROC_RULE_PATH /etc/snort/preproc_rules|g' \ |
1826 |
- "${D}etc/snort/snort.conf.distrib" || die |
1827 |
- |
1828 |
- # Enable the preprocessor/decoder rules |
1829 |
- sed -i -e 's|^# include $PREPROC_RULE_PATH|include $PREPROC_RULE_PATH|g' \ |
1830 |
- "${D}etc/snort/snort.conf.distrib" || die |
1831 |
- |
1832 |
- sed -i -e 's|^# dynamicdetection directory|dynamicdetection directory|g' \ |
1833 |
- "${D}etc/snort/snort.conf.distrib" || die |
1834 |
- |
1835 |
- # Just some clean up of trailing /'s in the config |
1836 |
- sed -i -e 's|snort_dynamicpreprocessor/$|snort_dynamicpreprocessor|g' \ |
1837 |
- "${D}etc/snort/snort.conf.distrib" || die |
1838 |
- |
1839 |
- # Make it clear in the config where these are... |
1840 |
- sed -i -e 's|^include classification.config|include /etc/snort/classification.config|g' \ |
1841 |
- "${D}etc/snort/snort.conf.distrib" || die |
1842 |
- |
1843 |
- sed -i -e 's|^include reference.config|include /etc/snort/reference.config|g' \ |
1844 |
- "${D}etc/snort/snort.conf.distrib" || die |
1845 |
- |
1846 |
- # Disable all rule files by default. |
1847 |
- sed -i -e 's|^include $RULE_PATH|# include $RULE_PATH|g' \ |
1848 |
- "${D}etc/snort/snort.conf.distrib" || die |
1849 |
- |
1850 |
- # Disable normalizer preprocessor config if normalizer USE flag not set. |
1851 |
- if ! use normalizer; then |
1852 |
- sed -i -e 's|^preprocessor normalize|#preprocessor normalize|g' \ |
1853 |
- "${D}etc/snort/snort.conf.distrib" || die |
1854 |
- fi |
1855 |
- |
1856 |
- # Set the configured DAQ to afpacket |
1857 |
- sed -i -e 's|^# config daq: <type>|config daq: afpacket|g' \ |
1858 |
- "${D}etc/snort/snort.conf.distrib" || die |
1859 |
- |
1860 |
- # Set the location of the DAQ modules |
1861 |
- sed -i -e 's|^# config daq_dir: <dir>|config daq_dir: /usr/'$(get_libdir)'/daq|g' \ |
1862 |
- "${D}etc/snort/snort.conf.distrib" || die |
1863 |
- |
1864 |
- # Set the DAQ mode to passive |
1865 |
- sed -i -e 's|^# config daq_mode: <mode>|config daq_mode: passive|g' \ |
1866 |
- "${D}etc/snort/snort.conf.distrib" || die |
1867 |
- |
1868 |
- # Set snort to run as snort:snort |
1869 |
- sed -i -e 's|^# config set_gid:|config set_gid: snort|g' \ |
1870 |
- "${D}etc/snort/snort.conf.distrib" || die |
1871 |
- sed -i -e 's|^# config set_uid:|config set_uid: snort|g' \ |
1872 |
- "${D}etc/snort/snort.conf.distrib" || die |
1873 |
- |
1874 |
- # Set the default log dir |
1875 |
- sed -i -e 's|^# config logdir:|config logdir: /var/log/snort/|g' \ |
1876 |
- "${D}etc/snort/snort.conf.distrib" || die |
1877 |
- |
1878 |
- # Set the correct so_rule location in the config |
1879 |
- sed -i -e 's|SO_RULE_PATH ../so_rules|SO_RULE_PATH /etc/snort/so_rules|g' \ |
1880 |
- "${D}etc/snort/snort.conf.distrib" || die |
1881 |
-} |
1882 |
- |
1883 |
-pkg_postinst() { |
1884 |
- |
1885 |
- einfo "There have been a number of improvements and new features" |
1886 |
- einfo "added to ${P}. Please review the RELEASE.NOTES and" |
1887 |
- einfo "ChangLog located in /usr/share/doc/${PF}." |
1888 |
- einfo |
1889 |
- elog "The Sourcefire Vulnerability Research Team (VRT) recommends that" |
1890 |
- elog "users migrate their snort.conf customizations to the latest config" |
1891 |
- elog "file released by the VRT. You can find the latest version of the" |
1892 |
- elog "Snort config file in /etc/snort/snort.conf.distrib." |
1893 |
- elog |
1894 |
- elog "!! It is important that you migrate to this new snort.conf file !!" |
1895 |
- elog |
1896 |
- elog "This version of the ebuild includes an updated init.d file and" |
1897 |
- elog "conf.d file that rely on options found in the latest Snort" |
1898 |
- elog "config file provided by the VRT." |
1899 |
- |
1900 |
- if use debug; then |
1901 |
- elog "You have the 'debug' USE flag enabled. If this has been done to" |
1902 |
- elog "troubleshoot an issue by producing a core dump or a back trace," |
1903 |
- elog "then you need to also ensure the FEATURES variable in make.conf" |
1904 |
- elog "contains the 'nostrip' option." |
1905 |
- fi |
1906 |
-} |
1907 |
|
1908 |
diff --git a/net-analyzer/snort/snort-2.9.8.3-r1.ebuild b/net-analyzer/snort/snort-2.9.8.3-r1.ebuild |
1909 |
deleted file mode 100644 |
1910 |
index af7a8f5ec0c..00000000000 |
1911 |
--- a/net-analyzer/snort/snort-2.9.8.3-r1.ebuild |
1912 |
+++ /dev/null |
1913 |
@@ -1,248 +0,0 @@ |
1914 |
-# Copyright 1999-2018 Gentoo Foundation |
1915 |
-# Distributed under the terms of the GNU General Public License v2 |
1916 |
- |
1917 |
-EAPI=6 |
1918 |
-inherit autotools multilib user |
1919 |
- |
1920 |
-DESCRIPTION="The de facto standard for intrusion detection/prevention" |
1921 |
-HOMEPAGE="https://www.snort.org" |
1922 |
-SRC_URI="https://www.snort.org/downloads/archive/${PN}/${P}.tar.gz" |
1923 |
-LICENSE="GPL-2" |
1924 |
-SLOT="0" |
1925 |
-KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86" |
1926 |
-IUSE="static +gre +ppm +perfprofiling |
1927 |
-+non-ether-decoders control-socket file-inspect high-availability |
1928 |
-shared-rep side-channel sourcefire linux-smp-stats inline-init-failopen |
1929 |
-+threads debug +active-response reload-error-restart |
1930 |
-+react +flexresp3 large-pcap-64bit selinux" |
1931 |
- |
1932 |
-DEPEND=">=net-libs/libpcap-1.3.0 |
1933 |
- >=net-libs/daq-2.0.2 |
1934 |
- >=dev-libs/libpcre-8.33 |
1935 |
- dev-libs/libdnet |
1936 |
- sys-libs/zlib" |
1937 |
- |
1938 |
-RDEPEND="${DEPEND} |
1939 |
- selinux? ( sec-policy/selinux-snort )" |
1940 |
- |
1941 |
-REQUIRED_USE="!kernel_linux? ( !shared-rep )" |
1942 |
- |
1943 |
-PATCHES=( |
1944 |
- "${FILESDIR}"/${P}-no-implicit.patch |
1945 |
-) |
1946 |
- |
1947 |
-pkg_setup() { |
1948 |
- |
1949 |
- # pre_inst() is a better place to put this |
1950 |
- # but we need it here for the 'fowners' statements in src_install() |
1951 |
- enewgroup snort |
1952 |
- enewuser snort -1 -1 /dev/null snort |
1953 |
- |
1954 |
-} |
1955 |
- |
1956 |
-src_prepare() { |
1957 |
- default |
1958 |
- |
1959 |
- # Multilib fix for the sf_engine |
1960 |
- ebegin "Applying multilib fix" |
1961 |
- sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ |
1962 |
- "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ |
1963 |
- || die "sed for sf_engine failed" |
1964 |
- |
1965 |
- # Multilib fix for the curent set of dynamic-preprocessors |
1966 |
- for i in file ftptelnet smtp ssh dns ssl dcerpc2 sdf imap pop sip reputation gtp modbus dnp3; do |
1967 |
- sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ |
1968 |
- "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ |
1969 |
- || die "sed for $i failed." |
1970 |
- done |
1971 |
- eend |
1972 |
- |
1973 |
- AT_M4DIR=m4 eautoreconf |
1974 |
-} |
1975 |
- |
1976 |
-src_configure() { |
1977 |
- |
1978 |
- econf \ |
1979 |
- $(use_enable !static shared) \ |
1980 |
- $(use_enable static) \ |
1981 |
- $(use_enable static so-with-static-lib) \ |
1982 |
- $(use_enable gre) \ |
1983 |
- $(use_enable control-socket) \ |
1984 |
- $(use_enable file-inspect) \ |
1985 |
- $(use_enable high-availability ha) \ |
1986 |
- $(use_enable non-ether-decoders) \ |
1987 |
- $(use_enable shared-rep) \ |
1988 |
- $(use_enable side-channel) \ |
1989 |
- $(use_enable sourcefire) \ |
1990 |
- $(use_enable ppm) \ |
1991 |
- $(use_enable perfprofiling) \ |
1992 |
- $(use_enable linux-smp-stats) \ |
1993 |
- $(use_enable inline-init-failopen) \ |
1994 |
- $(use_enable threads pthread) \ |
1995 |
- $(use_enable debug) \ |
1996 |
- $(use_enable debug debug-msgs) \ |
1997 |
- $(use_enable debug corefiles) \ |
1998 |
- $(use_enable !debug dlclose) \ |
1999 |
- $(use_enable active-response) \ |
2000 |
- $(use_enable reload-error-restart) \ |
2001 |
- $(use_enable react) \ |
2002 |
- $(use_enable flexresp3) \ |
2003 |
- $(use_enable large-pcap-64bit large-pcap) \ |
2004 |
- --enable-mpls \ |
2005 |
- --enable-normalizer \ |
2006 |
- --enable-reload \ |
2007 |
- --enable-targetbased \ |
2008 |
- --disable-build-dynamic-examples \ |
2009 |
- --disable-profile \ |
2010 |
- --disable-ppm-test \ |
2011 |
- --disable-intel-soft-cpm \ |
2012 |
- --disable-static-daq |
2013 |
-} |
2014 |
- |
2015 |
-src_install() { |
2016 |
- |
2017 |
- emake DESTDIR="${D}" install |
2018 |
- |
2019 |
- dodir /var/log/snort \ |
2020 |
- /var/run/snort \ |
2021 |
- /etc/snort/rules \ |
2022 |
- /etc/snort/so_rules \ |
2023 |
- /usr/$(get_libdir)/snort_dynamicrules |
2024 |
- |
2025 |
- # config.log and build.log are needed by Sourcefire |
2026 |
- # to trouble shoot build problems and bug reports so we are |
2027 |
- # perserving them incase the user needs upstream support. |
2028 |
- dodoc RELEASE.NOTES ChangeLog \ |
2029 |
- doc/* \ |
2030 |
- tools/u2boat/README.u2boat |
2031 |
- |
2032 |
- insinto /etc/snort |
2033 |
- doins etc/attribute_table.dtd \ |
2034 |
- etc/classification.config \ |
2035 |
- etc/gen-msg.map \ |
2036 |
- etc/reference.config \ |
2037 |
- etc/threshold.conf \ |
2038 |
- etc/unicode.map |
2039 |
- |
2040 |
- # We use snort.conf.distrib because the config file is complicated |
2041 |
- # and the one shipped with snort can change drastically between versions. |
2042 |
- # Users should migrate setting by hand and not with etc-update. |
2043 |
- newins etc/snort.conf snort.conf.distrib |
2044 |
- |
2045 |
- # config.log and build.log are needed by Sourcefire |
2046 |
- # to troubleshoot build problems and bug reports so we are |
2047 |
- # preserving them incase the user needs upstream support. |
2048 |
- if [ -f "${WORKDIR}/${PF}/config.log" ]; then |
2049 |
- dodoc "${WORKDIR}/${PF}/config.log" |
2050 |
- fi |
2051 |
- if [ -f "${T}/build.log" ]; then |
2052 |
- dodoc "${T}/build.log" |
2053 |
- fi |
2054 |
- |
2055 |
- insinto /etc/snort/preproc_rules |
2056 |
- doins preproc_rules/decoder.rules \ |
2057 |
- preproc_rules/preprocessor.rules \ |
2058 |
- preproc_rules/sensitive-data.rules |
2059 |
- |
2060 |
- fowners -R snort:snort \ |
2061 |
- /var/log/snort \ |
2062 |
- /var/run/snort \ |
2063 |
- /etc/snort |
2064 |
- |
2065 |
- newinitd "${FILESDIR}/snort.rc12" snort |
2066 |
- newconfd "${FILESDIR}/snort.confd.2" snort |
2067 |
- |
2068 |
- # Sourcefire uses Makefiles to install docs causing Bug #297190. |
2069 |
- # This removes the unwanted doc directory and rogue Makefiles. |
2070 |
- rm -rf "${D}"usr/share/doc/snort || die "Failed to remove SF doc directories" |
2071 |
- rm "${D}"usr/share/doc/"${PF}"/Makefile* || die "Failed to remove doc make files" |
2072 |
- |
2073 |
- # Remove unneeded .la files (Bug #382863) |
2074 |
- rm "${D}"usr/$(get_libdir)/snort_dynamicengine/libsf_engine.la || die |
2075 |
- rm "${D}"usr/$(get_libdir)/snort_dynamicpreprocessor/libsf_*_preproc.la || die "Failed to remove libsf_?_preproc.la" |
2076 |
- |
2077 |
- # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection |
2078 |
- sed -i -e 's|/usr/local/lib|/usr/'$(get_libdir)'|g' \ |
2079 |
- "${D}etc/snort/snort.conf.distrib" || die |
2080 |
- |
2081 |
- # Set the correct rule location in the config |
2082 |
- sed -i -e 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|g' \ |
2083 |
- "${D}etc/snort/snort.conf.distrib" || die |
2084 |
- |
2085 |
- # Set the correct preprocessor/decoder rule location in the config |
2086 |
- sed -i -e 's|PREPROC_RULE_PATH ../preproc_rules|PREPROC_RULE_PATH /etc/snort/preproc_rules|g' \ |
2087 |
- "${D}etc/snort/snort.conf.distrib" || die |
2088 |
- |
2089 |
- # Enable the preprocessor/decoder rules |
2090 |
- sed -i -e 's|^# include $PREPROC_RULE_PATH|include $PREPROC_RULE_PATH|g' \ |
2091 |
- "${D}etc/snort/snort.conf.distrib" || die |
2092 |
- |
2093 |
- sed -i -e 's|^# dynamicdetection directory|dynamicdetection directory|g' \ |
2094 |
- "${D}etc/snort/snort.conf.distrib" || die |
2095 |
- |
2096 |
- # Just some clean up of trailing /'s in the config |
2097 |
- sed -i -e 's|snort_dynamicpreprocessor/$|snort_dynamicpreprocessor|g' \ |
2098 |
- "${D}etc/snort/snort.conf.distrib" || die |
2099 |
- |
2100 |
- # Make it clear in the config where these are... |
2101 |
- sed -i -e 's|^include classification.config|include /etc/snort/classification.config|g' \ |
2102 |
- "${D}etc/snort/snort.conf.distrib" || die |
2103 |
- |
2104 |
- sed -i -e 's|^include reference.config|include /etc/snort/reference.config|g' \ |
2105 |
- "${D}etc/snort/snort.conf.distrib" || die |
2106 |
- |
2107 |
- # Disable all rule files by default. |
2108 |
- sed -i -e 's|^include $RULE_PATH|# include $RULE_PATH|g' \ |
2109 |
- "${D}etc/snort/snort.conf.distrib" || die |
2110 |
- |
2111 |
- # Set the configured DAQ to afpacket |
2112 |
- sed -i -e 's|^# config daq: <type>|config daq: afpacket|g' \ |
2113 |
- "${D}etc/snort/snort.conf.distrib" || die |
2114 |
- |
2115 |
- # Set the location of the DAQ modules |
2116 |
- sed -i -e 's|^# config daq_dir: <dir>|config daq_dir: /usr/'$(get_libdir)'/daq|g' \ |
2117 |
- "${D}etc/snort/snort.conf.distrib" || die |
2118 |
- |
2119 |
- # Set the DAQ mode to passive |
2120 |
- sed -i -e 's|^# config daq_mode: <mode>|config daq_mode: passive|g' \ |
2121 |
- "${D}etc/snort/snort.conf.distrib" || die |
2122 |
- |
2123 |
- # Set snort to run as snort:snort |
2124 |
- sed -i -e 's|^# config set_gid:|config set_gid: snort|g' \ |
2125 |
- "${D}etc/snort/snort.conf.distrib" || die |
2126 |
- sed -i -e 's|^# config set_uid:|config set_uid: snort|g' \ |
2127 |
- "${D}etc/snort/snort.conf.distrib" || die |
2128 |
- |
2129 |
- # Set the default log dir |
2130 |
- sed -i -e 's|^# config logdir:|config logdir: /var/log/snort/|g' \ |
2131 |
- "${D}etc/snort/snort.conf.distrib" || die |
2132 |
- |
2133 |
- # Set the correct so_rule location in the config |
2134 |
- sed -i -e 's|SO_RULE_PATH ../so_rules|SO_RULE_PATH /etc/snort/so_rules|g' \ |
2135 |
- "${D}etc/snort/snort.conf.distrib" || die |
2136 |
-} |
2137 |
- |
2138 |
-pkg_postinst() { |
2139 |
- |
2140 |
- einfo "There have been a number of improvements and new features" |
2141 |
- einfo "added to ${P}. Please review the RELEASE.NOTES and" |
2142 |
- einfo "ChangLog located in /usr/share/doc/${PF}." |
2143 |
- einfo |
2144 |
- elog "The Sourcefire Vulnerability Research Team (VRT) recommends that" |
2145 |
- elog "users migrate their snort.conf customizations to the latest config" |
2146 |
- elog "file released by the VRT. You can find the latest version of the" |
2147 |
- elog "Snort config file in /etc/snort/snort.conf.distrib." |
2148 |
- elog |
2149 |
- elog "!! It is important that you migrate to this new snort.conf file !!" |
2150 |
- elog |
2151 |
- elog "This version of the ebuild includes an updated init.d file and" |
2152 |
- elog "conf.d file that rely on options found in the latest Snort" |
2153 |
- elog "config file provided by the VRT." |
2154 |
- |
2155 |
- if use debug; then |
2156 |
- elog "You have the 'debug' USE flag enabled. If this has been done to" |
2157 |
- elog "troubleshoot an issue by producing a core dump or a back trace," |
2158 |
- elog "then you need to also ensure the FEATURES variable in make.conf" |
2159 |
- elog "contains the 'nostrip' option." |
2160 |
- fi |
2161 |
-} |
2162 |
|
2163 |
diff --git a/net-analyzer/snort/snort-2.9.8.3.ebuild b/net-analyzer/snort/snort-2.9.8.3.ebuild |
2164 |
deleted file mode 100644 |
2165 |
index a22c0902ec3..00000000000 |
2166 |
--- a/net-analyzer/snort/snort-2.9.8.3.ebuild |
2167 |
+++ /dev/null |
2168 |
@@ -1,249 +0,0 @@ |
2169 |
-# Copyright 1999-2018 Gentoo Foundation |
2170 |
-# Distributed under the terms of the GNU General Public License v2 |
2171 |
- |
2172 |
-EAPI="5" |
2173 |
-inherit autotools multilib user |
2174 |
- |
2175 |
-DESCRIPTION="The de facto standard for intrusion detection/prevention" |
2176 |
-HOMEPAGE="https://www.snort.org" |
2177 |
-SRC_URI="https://www.snort.org/downloads/archive/${PN}/${P}.tar.gz" |
2178 |
-LICENSE="GPL-2" |
2179 |
-SLOT="0" |
2180 |
-KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86" |
2181 |
-IUSE="static +gre +mpls +targetbased +ppm +perfprofiling |
2182 |
-+non-ether-decoders control-socket file-inspect high-availability |
2183 |
-shared-rep side-channel sourcefire linux-smp-stats inline-init-failopen |
2184 |
-+threads debug +active-response +normalizer reload-error-restart |
2185 |
-+react +flexresp3 large-pcap-64bit selinux" |
2186 |
- |
2187 |
-DEPEND=">=net-libs/libpcap-1.3.0 |
2188 |
- >=net-libs/daq-2.0.2 |
2189 |
- >=dev-libs/libpcre-8.33 |
2190 |
- dev-libs/libdnet |
2191 |
- sys-libs/zlib" |
2192 |
- |
2193 |
-RDEPEND="${DEPEND} |
2194 |
- selinux? ( sec-policy/selinux-snort )" |
2195 |
- |
2196 |
-REQUIRED_USE="!kernel_linux? ( !shared-rep )" |
2197 |
- |
2198 |
-pkg_setup() { |
2199 |
- |
2200 |
- # pre_inst() is a better place to put this |
2201 |
- # but we need it here for the 'fowners' statements in src_install() |
2202 |
- enewgroup snort |
2203 |
- enewuser snort -1 -1 /dev/null snort |
2204 |
- |
2205 |
-} |
2206 |
- |
2207 |
-src_prepare() { |
2208 |
- |
2209 |
- # Multilib fix for the sf_engine |
2210 |
- ebegin "Applying multilib fix" |
2211 |
- sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ |
2212 |
- "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ |
2213 |
- || die "sed for sf_engine failed" |
2214 |
- |
2215 |
- # Multilib fix for the curent set of dynamic-preprocessors |
2216 |
- for i in file ftptelnet smtp ssh dns ssl dcerpc2 sdf imap pop sip reputation gtp modbus dnp3; do |
2217 |
- sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ |
2218 |
- "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ |
2219 |
- || die "sed for $i failed." |
2220 |
- done |
2221 |
- eend |
2222 |
- |
2223 |
- AT_M4DIR=m4 eautoreconf |
2224 |
-} |
2225 |
- |
2226 |
-src_configure() { |
2227 |
- |
2228 |
- econf \ |
2229 |
- $(use_enable !static shared) \ |
2230 |
- $(use_enable static) \ |
2231 |
- $(use_enable static so-with-static-lib) \ |
2232 |
- $(use_enable gre) \ |
2233 |
- $(use_enable mpls) \ |
2234 |
- $(use_enable targetbased) \ |
2235 |
- $(use_enable control-socket) \ |
2236 |
- $(use_enable file-inspect) \ |
2237 |
- $(use_enable high-availability ha) \ |
2238 |
- $(use_enable non-ether-decoders) \ |
2239 |
- $(use_enable shared-rep) \ |
2240 |
- $(use_enable side-channel) \ |
2241 |
- $(use_enable sourcefire) \ |
2242 |
- $(use_enable ppm) \ |
2243 |
- $(use_enable perfprofiling) \ |
2244 |
- $(use_enable linux-smp-stats) \ |
2245 |
- $(use_enable inline-init-failopen) \ |
2246 |
- $(use_enable threads pthread) \ |
2247 |
- $(use_enable debug) \ |
2248 |
- $(use_enable debug debug-msgs) \ |
2249 |
- $(use_enable debug corefiles) \ |
2250 |
- $(use_enable !debug dlclose) \ |
2251 |
- $(use_enable active-response) \ |
2252 |
- $(use_enable normalizer) \ |
2253 |
- $(use_enable reload-error-restart) \ |
2254 |
- $(use_enable react) \ |
2255 |
- $(use_enable flexresp3) \ |
2256 |
- $(use_enable large-pcap-64bit large-pcap) \ |
2257 |
- --enable-reload \ |
2258 |
- --disable-build-dynamic-examples \ |
2259 |
- --disable-profile \ |
2260 |
- --disable-ppm-test \ |
2261 |
- --disable-intel-soft-cpm \ |
2262 |
- --disable-static-daq |
2263 |
-} |
2264 |
- |
2265 |
-src_install() { |
2266 |
- |
2267 |
- emake DESTDIR="${D}" install |
2268 |
- |
2269 |
- dodir /var/log/snort \ |
2270 |
- /var/run/snort \ |
2271 |
- /etc/snort/rules \ |
2272 |
- /etc/snort/so_rules \ |
2273 |
- /usr/$(get_libdir)/snort_dynamicrules |
2274 |
- |
2275 |
- # config.log and build.log are needed by Sourcefire |
2276 |
- # to trouble shoot build problems and bug reports so we are |
2277 |
- # perserving them incase the user needs upstream support. |
2278 |
- dodoc RELEASE.NOTES ChangeLog \ |
2279 |
- doc/* \ |
2280 |
- tools/u2boat/README.u2boat |
2281 |
- |
2282 |
- insinto /etc/snort |
2283 |
- doins etc/attribute_table.dtd \ |
2284 |
- etc/classification.config \ |
2285 |
- etc/gen-msg.map \ |
2286 |
- etc/reference.config \ |
2287 |
- etc/threshold.conf \ |
2288 |
- etc/unicode.map |
2289 |
- |
2290 |
- # We use snort.conf.distrib because the config file is complicated |
2291 |
- # and the one shipped with snort can change drastically between versions. |
2292 |
- # Users should migrate setting by hand and not with etc-update. |
2293 |
- newins etc/snort.conf snort.conf.distrib |
2294 |
- |
2295 |
- # config.log and build.log are needed by Sourcefire |
2296 |
- # to troubleshoot build problems and bug reports so we are |
2297 |
- # preserving them incase the user needs upstream support. |
2298 |
- if [ -f "${WORKDIR}/${PF}/config.log" ]; then |
2299 |
- dodoc "${WORKDIR}/${PF}/config.log" |
2300 |
- fi |
2301 |
- if [ -f "${T}/build.log" ]; then |
2302 |
- dodoc "${T}/build.log" |
2303 |
- fi |
2304 |
- |
2305 |
- insinto /etc/snort/preproc_rules |
2306 |
- doins preproc_rules/decoder.rules \ |
2307 |
- preproc_rules/preprocessor.rules \ |
2308 |
- preproc_rules/sensitive-data.rules |
2309 |
- |
2310 |
- fowners -R snort:snort \ |
2311 |
- /var/log/snort \ |
2312 |
- /var/run/snort \ |
2313 |
- /etc/snort |
2314 |
- |
2315 |
- newinitd "${FILESDIR}/snort.rc12" snort |
2316 |
- newconfd "${FILESDIR}/snort.confd.2" snort |
2317 |
- |
2318 |
- # Sourcefire uses Makefiles to install docs causing Bug #297190. |
2319 |
- # This removes the unwanted doc directory and rogue Makefiles. |
2320 |
- rm -rf "${D}"usr/share/doc/snort || die "Failed to remove SF doc directories" |
2321 |
- rm "${D}"usr/share/doc/"${PF}"/Makefile* || die "Failed to remove doc make files" |
2322 |
- |
2323 |
- # Remove unneeded .la files (Bug #382863) |
2324 |
- rm "${D}"usr/$(get_libdir)/snort_dynamicengine/libsf_engine.la || die |
2325 |
- rm "${D}"usr/$(get_libdir)/snort_dynamicpreprocessor/libsf_*_preproc.la || die "Failed to remove libsf_?_preproc.la" |
2326 |
- |
2327 |
- # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection |
2328 |
- sed -i -e 's|/usr/local/lib|/usr/'$(get_libdir)'|g' \ |
2329 |
- "${D}etc/snort/snort.conf.distrib" || die |
2330 |
- |
2331 |
- # Set the correct rule location in the config |
2332 |
- sed -i -e 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|g' \ |
2333 |
- "${D}etc/snort/snort.conf.distrib" || die |
2334 |
- |
2335 |
- # Set the correct preprocessor/decoder rule location in the config |
2336 |
- sed -i -e 's|PREPROC_RULE_PATH ../preproc_rules|PREPROC_RULE_PATH /etc/snort/preproc_rules|g' \ |
2337 |
- "${D}etc/snort/snort.conf.distrib" || die |
2338 |
- |
2339 |
- # Enable the preprocessor/decoder rules |
2340 |
- sed -i -e 's|^# include $PREPROC_RULE_PATH|include $PREPROC_RULE_PATH|g' \ |
2341 |
- "${D}etc/snort/snort.conf.distrib" || die |
2342 |
- |
2343 |
- sed -i -e 's|^# dynamicdetection directory|dynamicdetection directory|g' \ |
2344 |
- "${D}etc/snort/snort.conf.distrib" || die |
2345 |
- |
2346 |
- # Just some clean up of trailing /'s in the config |
2347 |
- sed -i -e 's|snort_dynamicpreprocessor/$|snort_dynamicpreprocessor|g' \ |
2348 |
- "${D}etc/snort/snort.conf.distrib" || die |
2349 |
- |
2350 |
- # Make it clear in the config where these are... |
2351 |
- sed -i -e 's|^include classification.config|include /etc/snort/classification.config|g' \ |
2352 |
- "${D}etc/snort/snort.conf.distrib" || die |
2353 |
- |
2354 |
- sed -i -e 's|^include reference.config|include /etc/snort/reference.config|g' \ |
2355 |
- "${D}etc/snort/snort.conf.distrib" || die |
2356 |
- |
2357 |
- # Disable all rule files by default. |
2358 |
- sed -i -e 's|^include $RULE_PATH|# include $RULE_PATH|g' \ |
2359 |
- "${D}etc/snort/snort.conf.distrib" || die |
2360 |
- |
2361 |
- # Disable normalizer preprocessor config if normalizer USE flag not set. |
2362 |
- if ! use normalizer; then |
2363 |
- sed -i -e 's|^preprocessor normalize|#preprocessor normalize|g' \ |
2364 |
- "${D}etc/snort/snort.conf.distrib" || die |
2365 |
- fi |
2366 |
- |
2367 |
- # Set the configured DAQ to afpacket |
2368 |
- sed -i -e 's|^# config daq: <type>|config daq: afpacket|g' \ |
2369 |
- "${D}etc/snort/snort.conf.distrib" || die |
2370 |
- |
2371 |
- # Set the location of the DAQ modules |
2372 |
- sed -i -e 's|^# config daq_dir: <dir>|config daq_dir: /usr/'$(get_libdir)'/daq|g' \ |
2373 |
- "${D}etc/snort/snort.conf.distrib" || die |
2374 |
- |
2375 |
- # Set the DAQ mode to passive |
2376 |
- sed -i -e 's|^# config daq_mode: <mode>|config daq_mode: passive|g' \ |
2377 |
- "${D}etc/snort/snort.conf.distrib" || die |
2378 |
- |
2379 |
- # Set snort to run as snort:snort |
2380 |
- sed -i -e 's|^# config set_gid:|config set_gid: snort|g' \ |
2381 |
- "${D}etc/snort/snort.conf.distrib" || die |
2382 |
- sed -i -e 's|^# config set_uid:|config set_uid: snort|g' \ |
2383 |
- "${D}etc/snort/snort.conf.distrib" || die |
2384 |
- |
2385 |
- # Set the default log dir |
2386 |
- sed -i -e 's|^# config logdir:|config logdir: /var/log/snort/|g' \ |
2387 |
- "${D}etc/snort/snort.conf.distrib" || die |
2388 |
- |
2389 |
- # Set the correct so_rule location in the config |
2390 |
- sed -i -e 's|SO_RULE_PATH ../so_rules|SO_RULE_PATH /etc/snort/so_rules|g' \ |
2391 |
- "${D}etc/snort/snort.conf.distrib" || die |
2392 |
-} |
2393 |
- |
2394 |
-pkg_postinst() { |
2395 |
- |
2396 |
- einfo "There have been a number of improvements and new features" |
2397 |
- einfo "added to ${P}. Please review the RELEASE.NOTES and" |
2398 |
- einfo "ChangLog located in /usr/share/doc/${PF}." |
2399 |
- einfo |
2400 |
- elog "The Sourcefire Vulnerability Research Team (VRT) recommends that" |
2401 |
- elog "users migrate their snort.conf customizations to the latest config" |
2402 |
- elog "file released by the VRT. You can find the latest version of the" |
2403 |
- elog "Snort config file in /etc/snort/snort.conf.distrib." |
2404 |
- elog |
2405 |
- elog "!! It is important that you migrate to this new snort.conf file !!" |
2406 |
- elog |
2407 |
- elog "This version of the ebuild includes an updated init.d file and" |
2408 |
- elog "conf.d file that rely on options found in the latest Snort" |
2409 |
- elog "config file provided by the VRT." |
2410 |
- |
2411 |
- if use debug; then |
2412 |
- elog "You have the 'debug' USE flag enabled. If this has been done to" |
2413 |
- elog "troubleshoot an issue by producing a core dump or a back trace," |
2414 |
- elog "then you need to also ensure the FEATURES variable in make.conf" |
2415 |
- elog "contains the 'nostrip' option." |
2416 |
- fi |
2417 |
-} |