Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Patrick Lauer (patrick)" <patrick@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo-x86 commit in net-analyzer/snort: metadata.xml ChangeLog snort-2.8.6.ebuild
Date: Wed, 02 Jun 2010 12:18:56
Message-Id: 20100602121849.516B52CE14@corvid.gentoo.org
1 patrick 10/06/02 12:18:49
2
3 Modified: metadata.xml ChangeLog
4 Added: snort-2.8.6.ebuild
5 Log:
6 Bump, fixes #319279. Thanks to Jason Wallace and Brett Edgar
7 (Portage version: 2.2_rc67/cvs/Linux x86_64)
8
9 Revision Changes Path
10 1.11 net-analyzer/snort/metadata.xml
11
12 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/snort/metadata.xml?rev=1.11&view=markup
13 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/snort/metadata.xml?rev=1.11&content-type=text/plain
14 diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/snort/metadata.xml?r1=1.10&r2=1.11
15
16 Index: metadata.xml
17 ===================================================================
18 RCS file: /var/cvsroot/gentoo-x86/net-analyzer/snort/metadata.xml,v
19 retrieving revision 1.10
20 retrieving revision 1.11
21 diff -u -r1.10 -r1.11
22 --- metadata.xml 2 Nov 2009 17:24:37 -0000 1.10
23 +++ metadata.xml 2 Jun 2010 12:18:49 -0000 1.11
24 @@ -33,5 +33,6 @@
25 <flag name='timestats'>Enable TimeStats functionality</flag>
26 <flag name='reload'>Enable reloading a configuration without restarting</flag>
27 <flag name='reload-error-restart'>Enable restarting on reload error</flag>
28 +<flag name='zlib'>Enable Http Response Decompression</flag>
29 </use>
30 </pkgmetadata>
31
32
33
34 1.162 net-analyzer/snort/ChangeLog
35
36 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/snort/ChangeLog?rev=1.162&view=markup
37 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/snort/ChangeLog?rev=1.162&content-type=text/plain
38 diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/snort/ChangeLog?r1=1.161&r2=1.162
39
40 Index: ChangeLog
41 ===================================================================
42 RCS file: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v
43 retrieving revision 1.161
44 retrieving revision 1.162
45 diff -u -r1.161 -r1.162
46 --- ChangeLog 2 Mar 2010 02:22:28 -0000 1.161
47 +++ ChangeLog 2 Jun 2010 12:18:49 -0000 1.162
48 @@ -1,6 +1,12 @@
49 # ChangeLog for net-analyzer/snort
50 # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
51 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.161 2010/03/02 02:22:28 patrick Exp $
52 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.162 2010/06/02 12:18:49 patrick Exp $
53 +
54 +*snort-2.8.6 (02 Jun 2010)
55 +
56 + 02 Jun 2010; Patrick Lauer <patrick@g.o> +snort-2.8.6.ebuild,
57 + metadata.xml:
58 + Bump, fixes #319279. Thanks to Jason Wallace and Brett Edgar
59
60 *snort-2.8.5.3 (02 Mar 2010)
61
62
63
64
65 1.1 net-analyzer/snort/snort-2.8.6.ebuild
66
67 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/snort/snort-2.8.6.ebuild?rev=1.1&view=markup
68 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/snort/snort-2.8.6.ebuild?rev=1.1&content-type=text/plain
69
70 Index: snort-2.8.6.ebuild
71 ===================================================================
72 # Copyright 1999-2010 Gentoo Foundation
73 # Distributed under the terms of the GNU General Public License v2
74 # $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/snort-2.8.6.ebuild,v 1.1 2010/06/02 12:18:49 patrick Exp $
75
76 inherit eutils autotools multilib
77
78 DESCRIPTION="The de facto standard for intrusion detection/prevention"
79 HOMEPAGE="http://www.snort.org/"
80 SRC_URI="http://dl.snort.org/snort-current/${P}.tar.gz"
81 LICENSE="GPL-2"
82 SLOT="0"
83 KEYWORDS="~alpha ~amd64 ~ppc ~ppc64 ~sparc ~x86"
84 IUSE="static dynamicplugin ipv6 gre mpls targetbased decoder-preprocessor-rules
85 ppm timestats perfprofiling linux-smp-stats inline inline-init-failopen prelude
86 threads debug reload reload-error-restart flexresp flexresp2 react aruba mysql
87 odbc postgres selinux zlib"
88
89 #flexresp, react, and inline _ONLY_ work with net-libs/libnet-1.0.2a
90 DEPEND="virtual/libpcap
91 >=dev-libs/libpcre-6.0
92 flexresp2? ( dev-libs/libdnet )
93 flexresp? ( ~net-libs/libnet-1.0.2a )
94 react? ( ~net-libs/libnet-1.0.2a )
95 postgres? ( virtual/postgresql-base )
96 mysql? ( virtual/mysql )
97 odbc? ( dev-db/unixODBC )
98 prelude? ( >=dev-libs/libprelude-0.9.0 )
99 inline? ( ~net-libs/libnet-1.0.2a net-firewall/iptables )
100 zlib? ( sys-libs/zlib )"
101
102 RDEPEND="${DEPEND}
103 dev-lang/perl
104 selinux? ( sec-policy/selinux-snort )"
105
106 pkg_setup() {
107
108 if use flexresp && use flexresp2; then
109 eerror
110 eerror "You have both the 'flexresp' and 'flexresp2' USE flags set."
111 eerror "You can use 'flexresp' OR 'flexresp2' but not both."
112 eerror "flexresp2 is recommended."
113 eerror
114 eerror
115 die
116 elif use flexresp && use react; then
117 eerror
118 eerror "You have both the 'react' and 'flexresp' USE flags set."
119 eerror "'react' is enabled automaticly when the 'flexresp'"
120 eerror "USE flag is set, but ./configure will fail if both are enabled."
121 eerror
122 eerror "This is an upstream issue and not a problem with this ebuild."
123 eerror
124 eerror "To enable both 'flexresp' and 'react' set USE="flexresp -react""
125 eerror
126 eerror
127 die
128 elif use flexresp2 && use react; then
129 eerror
130 eerror "You have both the 'react' and 'flexresp2' USE flags set."
131 eerror "You can use 'react' OR 'flexresp2' but not both."
132 eerror
133 eerror
134 die
135 elif use inline-init-failopen && ! use inline; then
136 eerror
137 eerror "You have enabled the 'inline-init-failopen' USE flag"
138 eerror "but not the 'inline' USE flag."
139 eerror "'inline-init-failopen' requires 'inline' be enabled."
140 eerror
141 eerror
142 die
143 elif use reload-error-restart && ! use reload; then
144 eerror
145 eerror "You have enabled the 'reload-error-restart' USE flag"
146 eerror "but not the 'reload' USE flag."
147 eerror "'reload-error-restart' requires 'reload' be enabled."
148 eerror
149 eerror
150 die
151 elif use zlib && ! use dynamicplugin; then
152 eerror
153 eerror "You have enabled the 'zlib' USE flag but not the 'dynamicplugin' USE flag."
154 eerror "'zlib' requires 'dynamicplugin' be enabled."
155 eerror
156 eerror
157 die
158 fi
159
160 # pre_inst() is a better place to put this
161 # but we need it here for the 'fowners' statements in src_install()
162 enewgroup snort
163 enewuser snort -1 -1 /dev/null snort
164
165 }
166
167 src_unpack() {
168
169 unpack ${A}
170 cd "${S}"
171
172 # Fix to prevent the docs Makefile from being used.
173 # Fixes #297190.
174 einfo "Applying documentation fix."
175 sed -i -e 's:src doc etc:src etc:g' \
176 "${WORKDIR}/${P}/Makefile.am" || die "Doc fix Failed"
177
178 #Replaces the libnet-1.0 patch for inline, flexresp, and react
179 if use flexresp || use react || use inline; then
180
181 einfo "Applying libnet-1.0 fix."
182 sed -i -e 's:libnet.h:libnet-1.0.h:g' \
183 "${WORKDIR}/${P}/configure.in" \
184 "${WORKDIR}/${P}/src/detection-plugins/sp_react.c" \
185 "${WORKDIR}/${P}/src/detection-plugins/sp_respond.c" \
186 "${WORKDIR}/${P}/src/inline.c" || die "sed for libnet-1.0.h failed"
187
188 sed -i -e 's:libnet-config:libnet-1.0-config:g' \
189 "${WORKDIR}/${P}/configure.in" || die "sed for libnet-1.0-config failed"
190
191 sed -i -e 's:-lnet:-lnet-1.0:g' \
192 "${WORKDIR}/${P}/configure.in" || die "sed for -lnet-1.0 failed"
193
194 sed -i -e 's:AC_CHECK_LIB(net:AC_CHECK_LIB(net-1.0:g' \
195 "${WORKDIR}/${P}/configure.in" || die "sed for net-1.0 failed"
196
197 fi
198
199 #Multilib fix for the sf_engine
200 einfo "Applying multilib fix."
201 sed -i -e 's:${exec_prefix}/lib:${exec_prefix}/'$(get_libdir)':g' \
202 "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \
203 || die "sed for sf_engine failed"
204
205 #Multilib fix for the curent set of dynamic-preprocessors
206 for i in ftptelnet smtp ssh dcerpc dns ssl dcerpc2 sdf; do
207 sed -i -e 's:${exec_prefix}/lib:${exec_prefix}/'$(get_libdir)':g' \
208 "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \
209 || die "sed for $i failed."
210 done
211
212 if use prelude; then
213 einfo "Applying prelude fix."
214 sed -i -e "s:AC_PROG_RANLIB:AC_PROG_LIBTOOL:" configure.in
215 fi
216
217 AT_M4DIR=m4 eautoreconf
218 }
219
220 src_compile() {
221
222 local myconf
223
224 #targetbased and inline-init-failopen automaticly enable pthread
225 if use threads || use targetbased || use inline-init-failopen; then
226 myconf="${myconf} --enable-pthread"
227 fi
228
229 #Tell flexresp, react, and inline where libipq is
230 if use flexresp || use react || use inline; then
231 myconf="${myconf} --with-libipq-includes=/usr/include/libipq"
232 fi
233
234 econf \
235 $(use_enable !static shared) \
236 $(use_enable static) \
237 $(use_enable dynamicplugin) \
238 $(use_enable ipv6) \
239 $(use_enable gre) \
240 $(use_enable mpls) \
241 $(use_enable targetbased) \
242 $(use_enable decoder-preprocessor-rules) \
243 $(use_enable ppm) \
244 $(use_enable timestats) \
245 $(use_enable perfprofiling) \
246 $(use_enable linux-smp-stats) \
247 $(use_enable inline) \
248 $(use_enable inline-init-failopen) \
249 $(use_enable prelude) \
250 $(use_enable debug) \
251 $(use_enable reload) \
252 $(use_enable reload-error-restart) \
253 $(use_enable flexresp) \
254 $(use_enable flexresp2) \
255 $(use_enable react) \
256 $(use_enable aruba) \
257 $(use_enable zlib) \
258 $(use_with mysql) \
259 $(use_with odbc) \
260 $(use_with postgres postgresql) \
261 --disable-build-dynamic-examples \
262 --disable-corefiles \
263 --disable-ipfw \
264 --disable-profile \
265 --disable-ppm-test \
266 --without-oracle \
267 ${myconf}
268
269 emake || die "make failed"
270
271 }
272
273 src_install() {
274
275 emake DESTDIR="${D}" install || die "make install failed"
276
277 keepdir /var/log/snort/
278 fowners snort:snort /var/log/snort
279
280 keepdir /var/run/snort/
281 fowners snort:snort /var/run/snort/
282
283 dodoc doc/*
284 dodoc ./RELEASE.NOTES
285 docinto schemas
286 dodoc schemas/*
287
288 insinto /etc/snort
289 doins etc/attribute_table.dtd \
290 etc/classification.config \
291 etc/gen-msg.map \
292 etc/reference.config \
293 etc/sid-msg.map \
294 etc/threshold.conf \
295 etc/unicode.map \
296 || die "Failed to add files in /etc/snort"
297
298 newins etc/snort.conf snort.conf.distrib
299
300 insinto /etc/snort/preproc_rules
301 doins preproc_rules/decoder.rules \
302 preproc_rules/preprocessor.rules \
303 || die "Failed to add files in /etc/snort/preproc_rules"
304
305 keepdir /etc/snort/rules/
306
307 keepdir /usr/$(get_libdir)/snort_dynamicrule
308
309 fowners -R snort:snort /etc/snort/
310
311 if use reload; then
312 newinitd "${FILESDIR}/snort.reload.rc1" snort \
313 || die "Failed to add snort.reload.rc1"
314 else
315 newinitd "${FILESDIR}/snort.rc9" snort || die "Failed to add snort.rc9"
316 fi
317
318 newconfd "${FILESDIR}/snort.confd" snort || die "Failed to add snort.confd"
319
320 # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection
321 sed -i -e 's:/usr/local/lib:/usr/'$(get_libdir)':g' \
322 "${D}etc/snort/snort.conf.distrib"
323
324 #Set the correct rule location in the config
325 sed -i -e 's:RULE_PATH ../rules:RULE_PATH /etc/snort/rules:g' \
326 "${D}etc/snort/snort.conf.distrib"
327
328 #Set the correct preprocessor/decoder rule location in the config
329 sed -i -e 's:PREPROC_RULE_PATH ../preproc_rules:PREPROC_RULE_PATH /etc/snort/preproc_rules:g' \
330 "${D}etc/snort/snort.conf.distrib"
331
332 #Enable the preprocessor/decoder rules
333 sed -i -e 's:^# include $PREPROC_RULE_PATH:include $PREPROC_RULE_PATH:g' \
334 "${D}etc/snort/snort.conf.distrib"
335 sed -i -e 's:^# dynamicdetection directory:dynamicdetection directory:g' \
336 "${D}etc/snort/snort.conf.distrib"
337
338 #Just some clean up of trailing /'s in the config
339 sed -i -e 's:snort_dynamicpreprocessor/$:snort_dynamicpreprocessor:g' \
340 "${D}etc/snort/snort.conf.distrib"
341
342 #Make it clear in the config where these are...
343 sed -i -e 's:^include classification.config:include /etc/snort/classification.config:g' \
344 "${D}etc/snort/snort.conf.distrib"
345 sed -i -e 's:^include reference.config:include /etc/snort/reference.config:g' \
346 "${D}etc/snort/snort.conf.distrib"
347
348 #Disable all rule files by default.
349 #Users need to choose what they want enabled.
350 sed -i -e 's:^include $RULE_PATH:# include $RULE_PATH:g' \
351 "${D}etc/snort/snort.conf.distrib"
352
353 }
354
355 pkg_postinst() {
356 einfo
357 einfo "Snort is a libpcap based packet capture tool which can be used in"
358 einfo "three modes Sniffer Mode, Packet Logger Mode, or Network Intrusion"
359 einfo "Detection/Prevention System Mode."
360 einfo
361 einfo "To learn more about these modes review the Snort User Manual at..."
362 einfo
363 einfo "http://www.snort.org/docs/"
364 einfo
365 einfo "See /usr/share/doc/${PF} and /etc/snort/snort.conf.distrib for"
366 einfo "information on configuring snort."
367 einfo
368 einfo "Joining the Snort-Users and Snort-Sigs mailing list is highly"
369 einfo "recommended for all users..."
370 einfo
371 einfo "http://www.snort.org/community/mailing-lists/"
372 einfo
373 einfo "To download rules for use with Snort please, see the following"
374 einfo
375 einfo "Sourcefire's VRT Rules and older Community Rules:"
376 einfo "http://www.snort.org/pub-bin/downloads.cgi"
377 einfo
378 einfo "Emerging Threats Rules:"
379 einfo "http://www.emergingthreats.net/"
380 einfo
381 einfo "To manage updates to your rules please visit..."
382 einfo
383 einfo "http://oinkmaster.sourceforge.net/"
384 einfo
385 einfo "and then 'emerge oinkmaster'."
386 elog
387 elog "Snort Release Notes:"
388 elog "http://dl.snort.org/snort-current/release_notes_286.txt"
389 elog
390 elog "!! IMPORTANT !!"
391 elog
392 elog "There have been some changes to the config file shipped"
393 elog "with snort. Users should migrate their current snort.conf"
394 elog "to the new config file. The config file shipped with snort"
395 elog "is located in /etc/snort/snort.conf.distrib."
396 elog
397 }
Report Message
Find on MARC Find on Google Groups