1 |
patrick 10/06/02 12:18:49 |
2 |
|
3 |
Modified: metadata.xml ChangeLog |
4 |
Added: snort-2.8.6.ebuild |
5 |
Log: |
6 |
Bump, fixes #319279. Thanks to Jason Wallace and Brett Edgar |
7 |
(Portage version: 2.2_rc67/cvs/Linux x86_64) |
8 |
|
9 |
Revision Changes Path |
10 |
1.11 net-analyzer/snort/metadata.xml |
11 |
|
12 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/snort/metadata.xml?rev=1.11&view=markup |
13 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/snort/metadata.xml?rev=1.11&content-type=text/plain |
14 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/snort/metadata.xml?r1=1.10&r2=1.11 |
15 |
|
16 |
Index: metadata.xml |
17 |
=================================================================== |
18 |
RCS file: /var/cvsroot/gentoo-x86/net-analyzer/snort/metadata.xml,v |
19 |
retrieving revision 1.10 |
20 |
retrieving revision 1.11 |
21 |
diff -u -r1.10 -r1.11 |
22 |
--- metadata.xml 2 Nov 2009 17:24:37 -0000 1.10 |
23 |
+++ metadata.xml 2 Jun 2010 12:18:49 -0000 1.11 |
24 |
@@ -33,5 +33,6 @@ |
25 |
<flag name='timestats'>Enable TimeStats functionality</flag> |
26 |
<flag name='reload'>Enable reloading a configuration without restarting</flag> |
27 |
<flag name='reload-error-restart'>Enable restarting on reload error</flag> |
28 |
+<flag name='zlib'>Enable Http Response Decompression</flag> |
29 |
</use> |
30 |
</pkgmetadata> |
31 |
|
32 |
|
33 |
|
34 |
1.162 net-analyzer/snort/ChangeLog |
35 |
|
36 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/snort/ChangeLog?rev=1.162&view=markup |
37 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/snort/ChangeLog?rev=1.162&content-type=text/plain |
38 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/snort/ChangeLog?r1=1.161&r2=1.162 |
39 |
|
40 |
Index: ChangeLog |
41 |
=================================================================== |
42 |
RCS file: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v |
43 |
retrieving revision 1.161 |
44 |
retrieving revision 1.162 |
45 |
diff -u -r1.161 -r1.162 |
46 |
--- ChangeLog 2 Mar 2010 02:22:28 -0000 1.161 |
47 |
+++ ChangeLog 2 Jun 2010 12:18:49 -0000 1.162 |
48 |
@@ -1,6 +1,12 @@ |
49 |
# ChangeLog for net-analyzer/snort |
50 |
# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 |
51 |
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.161 2010/03/02 02:22:28 patrick Exp $ |
52 |
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.162 2010/06/02 12:18:49 patrick Exp $ |
53 |
+ |
54 |
+*snort-2.8.6 (02 Jun 2010) |
55 |
+ |
56 |
+ 02 Jun 2010; Patrick Lauer <patrick@g.o> +snort-2.8.6.ebuild, |
57 |
+ metadata.xml: |
58 |
+ Bump, fixes #319279. Thanks to Jason Wallace and Brett Edgar |
59 |
|
60 |
*snort-2.8.5.3 (02 Mar 2010) |
61 |
|
62 |
|
63 |
|
64 |
|
65 |
1.1 net-analyzer/snort/snort-2.8.6.ebuild |
66 |
|
67 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/snort/snort-2.8.6.ebuild?rev=1.1&view=markup |
68 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/snort/snort-2.8.6.ebuild?rev=1.1&content-type=text/plain |
69 |
|
70 |
Index: snort-2.8.6.ebuild |
71 |
=================================================================== |
72 |
# Copyright 1999-2010 Gentoo Foundation |
73 |
# Distributed under the terms of the GNU General Public License v2 |
74 |
# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/snort-2.8.6.ebuild,v 1.1 2010/06/02 12:18:49 patrick Exp $ |
75 |
|
76 |
inherit eutils autotools multilib |
77 |
|
78 |
DESCRIPTION="The de facto standard for intrusion detection/prevention" |
79 |
HOMEPAGE="http://www.snort.org/" |
80 |
SRC_URI="http://dl.snort.org/snort-current/${P}.tar.gz" |
81 |
LICENSE="GPL-2" |
82 |
SLOT="0" |
83 |
KEYWORDS="~alpha ~amd64 ~ppc ~ppc64 ~sparc ~x86" |
84 |
IUSE="static dynamicplugin ipv6 gre mpls targetbased decoder-preprocessor-rules |
85 |
ppm timestats perfprofiling linux-smp-stats inline inline-init-failopen prelude |
86 |
threads debug reload reload-error-restart flexresp flexresp2 react aruba mysql |
87 |
odbc postgres selinux zlib" |
88 |
|
89 |
#flexresp, react, and inline _ONLY_ work with net-libs/libnet-1.0.2a |
90 |
DEPEND="virtual/libpcap |
91 |
>=dev-libs/libpcre-6.0 |
92 |
flexresp2? ( dev-libs/libdnet ) |
93 |
flexresp? ( ~net-libs/libnet-1.0.2a ) |
94 |
react? ( ~net-libs/libnet-1.0.2a ) |
95 |
postgres? ( virtual/postgresql-base ) |
96 |
mysql? ( virtual/mysql ) |
97 |
odbc? ( dev-db/unixODBC ) |
98 |
prelude? ( >=dev-libs/libprelude-0.9.0 ) |
99 |
inline? ( ~net-libs/libnet-1.0.2a net-firewall/iptables ) |
100 |
zlib? ( sys-libs/zlib )" |
101 |
|
102 |
RDEPEND="${DEPEND} |
103 |
dev-lang/perl |
104 |
selinux? ( sec-policy/selinux-snort )" |
105 |
|
106 |
pkg_setup() { |
107 |
|
108 |
if use flexresp && use flexresp2; then |
109 |
eerror |
110 |
eerror "You have both the 'flexresp' and 'flexresp2' USE flags set." |
111 |
eerror "You can use 'flexresp' OR 'flexresp2' but not both." |
112 |
eerror "flexresp2 is recommended." |
113 |
eerror |
114 |
eerror |
115 |
die |
116 |
elif use flexresp && use react; then |
117 |
eerror |
118 |
eerror "You have both the 'react' and 'flexresp' USE flags set." |
119 |
eerror "'react' is enabled automaticly when the 'flexresp'" |
120 |
eerror "USE flag is set, but ./configure will fail if both are enabled." |
121 |
eerror |
122 |
eerror "This is an upstream issue and not a problem with this ebuild." |
123 |
eerror |
124 |
eerror "To enable both 'flexresp' and 'react' set USE="flexresp -react"" |
125 |
eerror |
126 |
eerror |
127 |
die |
128 |
elif use flexresp2 && use react; then |
129 |
eerror |
130 |
eerror "You have both the 'react' and 'flexresp2' USE flags set." |
131 |
eerror "You can use 'react' OR 'flexresp2' but not both." |
132 |
eerror |
133 |
eerror |
134 |
die |
135 |
elif use inline-init-failopen && ! use inline; then |
136 |
eerror |
137 |
eerror "You have enabled the 'inline-init-failopen' USE flag" |
138 |
eerror "but not the 'inline' USE flag." |
139 |
eerror "'inline-init-failopen' requires 'inline' be enabled." |
140 |
eerror |
141 |
eerror |
142 |
die |
143 |
elif use reload-error-restart && ! use reload; then |
144 |
eerror |
145 |
eerror "You have enabled the 'reload-error-restart' USE flag" |
146 |
eerror "but not the 'reload' USE flag." |
147 |
eerror "'reload-error-restart' requires 'reload' be enabled." |
148 |
eerror |
149 |
eerror |
150 |
die |
151 |
elif use zlib && ! use dynamicplugin; then |
152 |
eerror |
153 |
eerror "You have enabled the 'zlib' USE flag but not the 'dynamicplugin' USE flag." |
154 |
eerror "'zlib' requires 'dynamicplugin' be enabled." |
155 |
eerror |
156 |
eerror |
157 |
die |
158 |
fi |
159 |
|
160 |
# pre_inst() is a better place to put this |
161 |
# but we need it here for the 'fowners' statements in src_install() |
162 |
enewgroup snort |
163 |
enewuser snort -1 -1 /dev/null snort |
164 |
|
165 |
} |
166 |
|
167 |
src_unpack() { |
168 |
|
169 |
unpack ${A} |
170 |
cd "${S}" |
171 |
|
172 |
# Fix to prevent the docs Makefile from being used. |
173 |
# Fixes #297190. |
174 |
einfo "Applying documentation fix." |
175 |
sed -i -e 's:src doc etc:src etc:g' \ |
176 |
"${WORKDIR}/${P}/Makefile.am" || die "Doc fix Failed" |
177 |
|
178 |
#Replaces the libnet-1.0 patch for inline, flexresp, and react |
179 |
if use flexresp || use react || use inline; then |
180 |
|
181 |
einfo "Applying libnet-1.0 fix." |
182 |
sed -i -e 's:libnet.h:libnet-1.0.h:g' \ |
183 |
"${WORKDIR}/${P}/configure.in" \ |
184 |
"${WORKDIR}/${P}/src/detection-plugins/sp_react.c" \ |
185 |
"${WORKDIR}/${P}/src/detection-plugins/sp_respond.c" \ |
186 |
"${WORKDIR}/${P}/src/inline.c" || die "sed for libnet-1.0.h failed" |
187 |
|
188 |
sed -i -e 's:libnet-config:libnet-1.0-config:g' \ |
189 |
"${WORKDIR}/${P}/configure.in" || die "sed for libnet-1.0-config failed" |
190 |
|
191 |
sed -i -e 's:-lnet:-lnet-1.0:g' \ |
192 |
"${WORKDIR}/${P}/configure.in" || die "sed for -lnet-1.0 failed" |
193 |
|
194 |
sed -i -e 's:AC_CHECK_LIB(net:AC_CHECK_LIB(net-1.0:g' \ |
195 |
"${WORKDIR}/${P}/configure.in" || die "sed for net-1.0 failed" |
196 |
|
197 |
fi |
198 |
|
199 |
#Multilib fix for the sf_engine |
200 |
einfo "Applying multilib fix." |
201 |
sed -i -e 's:${exec_prefix}/lib:${exec_prefix}/'$(get_libdir)':g' \ |
202 |
"${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ |
203 |
|| die "sed for sf_engine failed" |
204 |
|
205 |
#Multilib fix for the curent set of dynamic-preprocessors |
206 |
for i in ftptelnet smtp ssh dcerpc dns ssl dcerpc2 sdf; do |
207 |
sed -i -e 's:${exec_prefix}/lib:${exec_prefix}/'$(get_libdir)':g' \ |
208 |
"${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ |
209 |
|| die "sed for $i failed." |
210 |
done |
211 |
|
212 |
if use prelude; then |
213 |
einfo "Applying prelude fix." |
214 |
sed -i -e "s:AC_PROG_RANLIB:AC_PROG_LIBTOOL:" configure.in |
215 |
fi |
216 |
|
217 |
AT_M4DIR=m4 eautoreconf |
218 |
} |
219 |
|
220 |
src_compile() { |
221 |
|
222 |
local myconf |
223 |
|
224 |
#targetbased and inline-init-failopen automaticly enable pthread |
225 |
if use threads || use targetbased || use inline-init-failopen; then |
226 |
myconf="${myconf} --enable-pthread" |
227 |
fi |
228 |
|
229 |
#Tell flexresp, react, and inline where libipq is |
230 |
if use flexresp || use react || use inline; then |
231 |
myconf="${myconf} --with-libipq-includes=/usr/include/libipq" |
232 |
fi |
233 |
|
234 |
econf \ |
235 |
$(use_enable !static shared) \ |
236 |
$(use_enable static) \ |
237 |
$(use_enable dynamicplugin) \ |
238 |
$(use_enable ipv6) \ |
239 |
$(use_enable gre) \ |
240 |
$(use_enable mpls) \ |
241 |
$(use_enable targetbased) \ |
242 |
$(use_enable decoder-preprocessor-rules) \ |
243 |
$(use_enable ppm) \ |
244 |
$(use_enable timestats) \ |
245 |
$(use_enable perfprofiling) \ |
246 |
$(use_enable linux-smp-stats) \ |
247 |
$(use_enable inline) \ |
248 |
$(use_enable inline-init-failopen) \ |
249 |
$(use_enable prelude) \ |
250 |
$(use_enable debug) \ |
251 |
$(use_enable reload) \ |
252 |
$(use_enable reload-error-restart) \ |
253 |
$(use_enable flexresp) \ |
254 |
$(use_enable flexresp2) \ |
255 |
$(use_enable react) \ |
256 |
$(use_enable aruba) \ |
257 |
$(use_enable zlib) \ |
258 |
$(use_with mysql) \ |
259 |
$(use_with odbc) \ |
260 |
$(use_with postgres postgresql) \ |
261 |
--disable-build-dynamic-examples \ |
262 |
--disable-corefiles \ |
263 |
--disable-ipfw \ |
264 |
--disable-profile \ |
265 |
--disable-ppm-test \ |
266 |
--without-oracle \ |
267 |
${myconf} |
268 |
|
269 |
emake || die "make failed" |
270 |
|
271 |
} |
272 |
|
273 |
src_install() { |
274 |
|
275 |
emake DESTDIR="${D}" install || die "make install failed" |
276 |
|
277 |
keepdir /var/log/snort/ |
278 |
fowners snort:snort /var/log/snort |
279 |
|
280 |
keepdir /var/run/snort/ |
281 |
fowners snort:snort /var/run/snort/ |
282 |
|
283 |
dodoc doc/* |
284 |
dodoc ./RELEASE.NOTES |
285 |
docinto schemas |
286 |
dodoc schemas/* |
287 |
|
288 |
insinto /etc/snort |
289 |
doins etc/attribute_table.dtd \ |
290 |
etc/classification.config \ |
291 |
etc/gen-msg.map \ |
292 |
etc/reference.config \ |
293 |
etc/sid-msg.map \ |
294 |
etc/threshold.conf \ |
295 |
etc/unicode.map \ |
296 |
|| die "Failed to add files in /etc/snort" |
297 |
|
298 |
newins etc/snort.conf snort.conf.distrib |
299 |
|
300 |
insinto /etc/snort/preproc_rules |
301 |
doins preproc_rules/decoder.rules \ |
302 |
preproc_rules/preprocessor.rules \ |
303 |
|| die "Failed to add files in /etc/snort/preproc_rules" |
304 |
|
305 |
keepdir /etc/snort/rules/ |
306 |
|
307 |
keepdir /usr/$(get_libdir)/snort_dynamicrule |
308 |
|
309 |
fowners -R snort:snort /etc/snort/ |
310 |
|
311 |
if use reload; then |
312 |
newinitd "${FILESDIR}/snort.reload.rc1" snort \ |
313 |
|| die "Failed to add snort.reload.rc1" |
314 |
else |
315 |
newinitd "${FILESDIR}/snort.rc9" snort || die "Failed to add snort.rc9" |
316 |
fi |
317 |
|
318 |
newconfd "${FILESDIR}/snort.confd" snort || die "Failed to add snort.confd" |
319 |
|
320 |
# Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection |
321 |
sed -i -e 's:/usr/local/lib:/usr/'$(get_libdir)':g' \ |
322 |
"${D}etc/snort/snort.conf.distrib" |
323 |
|
324 |
#Set the correct rule location in the config |
325 |
sed -i -e 's:RULE_PATH ../rules:RULE_PATH /etc/snort/rules:g' \ |
326 |
"${D}etc/snort/snort.conf.distrib" |
327 |
|
328 |
#Set the correct preprocessor/decoder rule location in the config |
329 |
sed -i -e 's:PREPROC_RULE_PATH ../preproc_rules:PREPROC_RULE_PATH /etc/snort/preproc_rules:g' \ |
330 |
"${D}etc/snort/snort.conf.distrib" |
331 |
|
332 |
#Enable the preprocessor/decoder rules |
333 |
sed -i -e 's:^# include $PREPROC_RULE_PATH:include $PREPROC_RULE_PATH:g' \ |
334 |
"${D}etc/snort/snort.conf.distrib" |
335 |
sed -i -e 's:^# dynamicdetection directory:dynamicdetection directory:g' \ |
336 |
"${D}etc/snort/snort.conf.distrib" |
337 |
|
338 |
#Just some clean up of trailing /'s in the config |
339 |
sed -i -e 's:snort_dynamicpreprocessor/$:snort_dynamicpreprocessor:g' \ |
340 |
"${D}etc/snort/snort.conf.distrib" |
341 |
|
342 |
#Make it clear in the config where these are... |
343 |
sed -i -e 's:^include classification.config:include /etc/snort/classification.config:g' \ |
344 |
"${D}etc/snort/snort.conf.distrib" |
345 |
sed -i -e 's:^include reference.config:include /etc/snort/reference.config:g' \ |
346 |
"${D}etc/snort/snort.conf.distrib" |
347 |
|
348 |
#Disable all rule files by default. |
349 |
#Users need to choose what they want enabled. |
350 |
sed -i -e 's:^include $RULE_PATH:# include $RULE_PATH:g' \ |
351 |
"${D}etc/snort/snort.conf.distrib" |
352 |
|
353 |
} |
354 |
|
355 |
pkg_postinst() { |
356 |
einfo |
357 |
einfo "Snort is a libpcap based packet capture tool which can be used in" |
358 |
einfo "three modes Sniffer Mode, Packet Logger Mode, or Network Intrusion" |
359 |
einfo "Detection/Prevention System Mode." |
360 |
einfo |
361 |
einfo "To learn more about these modes review the Snort User Manual at..." |
362 |
einfo |
363 |
einfo "http://www.snort.org/docs/" |
364 |
einfo |
365 |
einfo "See /usr/share/doc/${PF} and /etc/snort/snort.conf.distrib for" |
366 |
einfo "information on configuring snort." |
367 |
einfo |
368 |
einfo "Joining the Snort-Users and Snort-Sigs mailing list is highly" |
369 |
einfo "recommended for all users..." |
370 |
einfo |
371 |
einfo "http://www.snort.org/community/mailing-lists/" |
372 |
einfo |
373 |
einfo "To download rules for use with Snort please, see the following" |
374 |
einfo |
375 |
einfo "Sourcefire's VRT Rules and older Community Rules:" |
376 |
einfo "http://www.snort.org/pub-bin/downloads.cgi" |
377 |
einfo |
378 |
einfo "Emerging Threats Rules:" |
379 |
einfo "http://www.emergingthreats.net/" |
380 |
einfo |
381 |
einfo "To manage updates to your rules please visit..." |
382 |
einfo |
383 |
einfo "http://oinkmaster.sourceforge.net/" |
384 |
einfo |
385 |
einfo "and then 'emerge oinkmaster'." |
386 |
elog |
387 |
elog "Snort Release Notes:" |
388 |
elog "http://dl.snort.org/snort-current/release_notes_286.txt" |
389 |
elog |
390 |
elog "!! IMPORTANT !!" |
391 |
elog |
392 |
elog "There have been some changes to the config file shipped" |
393 |
elog "with snort. Users should migrate their current snort.conf" |
394 |
elog "to the new config file. The config file shipped with snort" |
395 |
elog "is located in /etc/snort/snort.conf.distrib." |
396 |
elog |
397 |
} |