Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Patrick Lauer (patrick)" <patrick@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo-x86 commit in net-analyzer/snort: ChangeLog snort-2.8.5.2.ebuild
Date: Mon, 04 Jan 2010 17:59:05
Message-Id: E1NRrCo-0000Ue-7U@stork.gentoo.org
1 patrick 10/01/04 17:59:02
2
3 Modified: ChangeLog
4 Added: snort-2.8.5.2.ebuild
5 Log:
6 Bump, thanks to Jason Wallace
7 (Portage version: 2.2_rc61/cvs/Linux x86_64)
8
9 Revision Changes Path
10 1.160 net-analyzer/snort/ChangeLog
11
12 file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/ChangeLog?rev=1.160&view=markup
13 plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/ChangeLog?rev=1.160&content-type=text/plain
14 diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/ChangeLog?r1=1.159&r2=1.160
15
16 Index: ChangeLog
17 ===================================================================
18 RCS file: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v
19 retrieving revision 1.159
20 retrieving revision 1.160
21 diff -u -r1.159 -r1.160
22 --- ChangeLog 26 Dec 2009 12:20:33 -0000 1.159
23 +++ ChangeLog 4 Jan 2010 17:59:01 -0000 1.160
24 @@ -1,6 +1,11 @@
25 # ChangeLog for net-analyzer/snort
26 -# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
27 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.159 2009/12/26 12:20:33 armin76 Exp $
28 +# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
29 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.160 2010/01/04 17:59:01 patrick Exp $
30 +
31 +*snort-2.8.5.2 (04 Jan 2010)
32 +
33 + 04 Jan 2010; Patrick Lauer <patrick@g.o> +snort-2.8.5.2.ebuild:
34 + Bump, thanks to Jason Wallace
35
36 26 Dec 2009; Raúl Porcel <armin76@g.o> snort-2.8.5.1.ebuild:
37 Add ~sparc wrt #268620
38
39
40
41 1.1 net-analyzer/snort/snort-2.8.5.2.ebuild
42
43 file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/snort-2.8.5.2.ebuild?rev=1.1&view=markup
44 plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/snort/snort-2.8.5.2.ebuild?rev=1.1&content-type=text/plain
45
46 Index: snort-2.8.5.2.ebuild
47 ===================================================================
48 # Copyright 1999-2010 Gentoo Foundation
49 # Distributed under the terms of the GNU General Public License v2
50 # $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/snort-2.8.5.2.ebuild,v 1.1 2010/01/04 17:59:01 patrick Exp $
51
52 inherit eutils autotools multilib
53
54 DESCRIPTION="The de facto standard for intrusion detection/prevention"
55 HOMEPAGE="http://www.snort.org/"
56 SRC_URI="http://dl.snort.org/snort-current/${P}.tar.gz"
57 LICENSE="GPL-2"
58 SLOT="0"
59 KEYWORDS="~alpha ~amd64 ~ppc ~ppc64 ~sparc ~x86"
60 IUSE="static dynamicplugin ipv6 gre mpls targetbased decoder-preprocessor-rules ppm timestats perfprofiling linux-smp-stats inline inline-init-failopen prelude threads debug reload reload-error-restart flexresp flexresp2 react aruba mysql odbc postgres selinux"
61
62 #flexresp, react, and inline _ONLY_ work with net-libs/libnet-1.0.2a
63 DEPEND="virtual/libpcap
64 >=dev-libs/libpcre-6.0
65 flexresp2? ( dev-libs/libdnet )
66 flexresp? ( ~net-libs/libnet-1.0.2a )
67 react? ( ~net-libs/libnet-1.0.2a )
68 postgres? ( virtual/postgresql-base )
69 mysql? ( virtual/mysql )
70 odbc? ( dev-db/unixODBC )
71 prelude? ( >=dev-libs/libprelude-0.9.0 )
72 inline? ( ~net-libs/libnet-1.0.2a net-firewall/iptables )"
73
74 RDEPEND="${DEPEND}
75 dev-lang/perl
76 selinux? ( sec-policy/selinux-snort )"
77
78 pkg_setup() {
79
80 if use flexresp && use flexresp2; then
81 eerror
82 eerror "You have both the 'flexresp' and 'flexresp2' USE flags set."
83 eerror "You can use 'flexresp' OR 'flexresp2' but not both."
84 eerror "flexresp2 is recommended."
85 die
86 elif use flexresp && use react; then
87 eerror
88 eerror "You have both the 'react' and 'flexresp' USE flags set."
89 eerror "'react' is enabled automaticly when the 'flexresp'"
90 eerror "USE flag is set, but ./configure will fail if both are enabled."
91 eerror
92 eerror "This is an upstream issue and not a problem with this ebuild."
93 eerror
94 eerror "To enable both 'flexresp' and 'react' set USE="flexresp -react""
95 die
96 elif use flexresp2 && use react; then
97 eerror
98 eerror "You have both the 'react' and 'flexresp2' USE flags set."
99 eerror "You can use 'react' OR 'flexresp2' but not both."
100 die
101 elif use inline-init-failopen && ! use inline; then
102 eerror
103 eerror "You have enabled the 'inline-init-failopen' USE flag"
104 eerror "but not the 'inline' USE flag."
105 eerror "'inline-init-failopen' requires 'inline' be enabled."
106 die
107 elif use ipv6 && use prelude; then
108 eerror
109 eerror "You have both the 'prelude' and 'ipv6' USE flags set."
110 eerror "The Prelude output plugin does not currently support IPv6."
111 die
112 elif use reload-error-restart && ! use reload; then
113 eerror
114 eerror "You have enabled the 'reload-error-restart' USE flag"
115 eerror "but not the 'reload' USE flag."
116 eerror "'reload-error-restart' requires 'reload' be enabled."
117 die
118 fi
119
120 # pre_inst() is a better place to put this
121 # but we need it here for the 'fowners' statements in src_install()
122 enewgroup snort
123 enewuser snort -1 -1 /dev/null snort
124
125 }
126
127 src_unpack() {
128
129 unpack ${A}
130 cd "${S}"
131
132 # Fix to prevent the docs Makefile from being used.
133 # Fixes #297190.
134 einfo "Applying documentation fix."
135 sed -i -e 's:src doc etc:src etc:g' \
136 "${WORKDIR}/${P}/Makefile.am" || die "Doc fix Failed"
137
138
139 # Fix to allow parallel building.
140 # Thanks to Natanael Copa #291558
141 einfo "Applying parallel building fix."
142 sed -i -e 's/^all-local:.*/all-local: $(LTLIBRARIES)/' \
143 src/dynamic-preprocessors/*/Makefile.am \
144 || die "parallel builds fix Failed"
145
146 #Replaces the libnet-1.0 patch for inline, flexresp, and react
147 if use flexresp || use react || use inline; then
148
149 einfo "Applying libnet-1.0 fix."
150 sed -i -e 's:libnet.h:libnet-1.0.h:g' \
151 "${WORKDIR}/${P}/configure.in" \
152 "${WORKDIR}/${P}/src/detection-plugins/sp_react.c" \
153 "${WORKDIR}/${P}/src/detection-plugins/sp_respond.c" \
154 "${WORKDIR}/${P}/src/inline.c" || die "sed for libnet-1.0.h failed"
155
156 sed -i -e 's:libnet-config:libnet-1.0-config:g' \
157 "${WORKDIR}/${P}/configure.in" || die "sed for libnet-1.0-config failed"
158
159 sed -i -e 's:-lnet:-lnet-1.0:g' \
160 "${WORKDIR}/${P}/configure.in" || die "sed for -lnet-1.0 failed"
161
162 sed -i -e 's:AC_CHECK_LIB(net:AC_CHECK_LIB(net-1.0:g' \
163 "${WORKDIR}/${P}/configure.in" || die "sed for net-1.0 failed"
164
165 fi
166
167 #Multilib fix for the sf_engine
168 einfo "Applying multilib fix."
169 sed -i -e 's:${exec_prefix}/lib:${exec_prefix}/'$(get_libdir)':g' \
170 "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \
171 || die "sed for sf_engine failed"
172
173 #Multilib fix for the curent set of dynamic-preprocessors
174 for i in ftptelnet smtp ssh dcerpc dns ssl dcerpc2; do
175 sed -i -e 's:${exec_prefix}/lib:${exec_prefix}/'$(get_libdir)':g' \
176 "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \
177 || die "sed for $i failed."
178 done
179
180 #This sed will prevent the example dynamic code from being compiled/installed
181 einfo "Disabling sample code."
182 sed -i -e 's:$(EXAMPLES_DIR)::g' "${WORKDIR}/${P}/src/Makefile.am"
183
184 if use prelude; then
185 einfo "Applying prelude fix."
186 sed -i -e "s:AC_PROG_RANLIB:AC_PROG_LIBTOOL:" configure.in
187 fi
188
189 AT_M4DIR=m4 eautoreconf
190 }
191
192 src_compile() {
193
194 local myconf
195
196 #targetbased and inline-init-failopen automaticly enable pthread
197 if use threads || use targetbased || use inline-init-failopen; then
198 myconf="${myconf} --enable-pthread"
199 fi
200
201 #Tell flexresp, react, and inline where libipq is
202 if use flexresp || use react || use inline; then
203 myconf="${myconf} --with-libipq-includes=/usr/include/libipq"
204 fi
205
206 econf \
207 $(use_enable !static shared) \
208 $(use_enable static) \
209 $(use_enable dynamicplugin) \
210 $(use_enable ipv6) \
211 $(use_enable gre) \
212 $(use_enable mpls) \
213 $(use_enable targetbased) \
214 $(use_enable decoder-preprocessor-rules) \
215 $(use_enable ppm) \
216 $(use_enable timestats) \
217 $(use_enable perfprofiling) \
218 $(use_enable linux-smp-stats) \
219 $(use_enable inline) \
220 $(use_enable inline-init-failopen) \
221 $(use_enable prelude) \
222 $(use_enable debug) \
223 $(use_enable reload) \
224 $(use_enable reload-error-restart) \
225 $(use_enable flexresp) \
226 $(use_enable flexresp2) \
227 $(use_enable react) \
228 $(use_enable aruba) \
229 $(use_with mysql) \
230 $(use_with odbc) \
231 $(use_with postgres postgresql) \
232 --disable-ipfw \
233 --disable-profile \
234 --disable-ppm-test \
235 --without-oracle \
236 ${myconf}
237
238 emake || die "make failed"
239
240 }
241
242 src_install() {
243
244 emake DESTDIR="${D}" install || die "make install failed"
245
246 keepdir /var/log/snort/
247 fowners snort:snort /var/log/snort
248
249 keepdir /var/run/snort/
250 fowners snort:snort /var/run/snort/
251
252 dodoc doc/*
253 dodoc ./RELEASE.NOTES
254 docinto schemas
255 dodoc schemas/*
256
257 insinto /etc/snort
258 doins etc/attribute_table.dtd \
259 etc/classification.config \
260 etc/gen-msg.map \
261 etc/reference.config \
262 etc/sid-msg.map \
263 etc/threshold.conf \
264 etc/unicode.map \
265 || die "Failed to add files in /etc/snort"
266
267 newins etc/snort.conf snort.conf.distrib
268
269 insinto /etc/snort/preproc_rules
270 doins preproc_rules/decoder.rules \
271 preproc_rules/preprocessor.rules \
272 || die "Failed to add files in /etc/snort/preproc_rules"
273
274 keepdir /etc/snort/rules/
275
276 keepdir /usr/$(get_libdir)/snort_dynamicrule
277
278 fowners -R snort:snort /etc/snort/
279
280 if use reload; then
281 newinitd "${FILESDIR}/snort.reload.rc1" snort \
282 || die "Failed to add snort.reload.rc1"
283 else
284 newinitd "${FILESDIR}/snort.rc9" snort || die "Failed to add snort.rc9"
285 fi
286
287 newconfd "${FILESDIR}/snort.confd" snort || die "Failed to add snort.confd"
288
289 # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection
290 sed -i -e 's:/usr/local/lib:/usr/'$(get_libdir)':g' \
291 "${D}etc/snort/snort.conf.distrib"
292
293 #Set the correct rule location in the config
294 sed -i -e 's:RULE_PATH ../rules:RULE_PATH /etc/snort/rules:g' \
295 "${D}etc/snort/snort.conf.distrib"
296
297 #Set the correct preprocessor/decoder rule location in the config
298 sed -i -e 's:PREPROC_RULE_PATH ../preproc_rules:PREPROC_RULE_PATH /etc/snort/preproc_rules:g' \
299 "${D}etc/snort/snort.conf.distrib"
300
301 #Enable the preprocessor/decoder rules
302 sed -i -e 's:^# include $PREPROC_RULE_PATH:include $PREPROC_RULE_PATH:g' \
303 "${D}etc/snort/snort.conf.distrib"
304 sed -i -e 's:^# dynamicdetection directory:dynamicdetection directory:g' \
305 "${D}etc/snort/snort.conf.distrib"
306
307 #Just some clean up of trailing /'s in the config
308 sed -i -e 's:snort_dynamicpreprocessor/$:snort_dynamicpreprocessor:g' \
309 "${D}etc/snort/snort.conf.distrib"
310 sed -i -e 's:snort_dynamicrule/$:snort_dynamicrule:g' \
311 "${D}etc/snort/snort.conf.distrib"
312
313 #Make it clear in the config where these are...
314 sed -i -e 's:^include classification.config:include /etc/snort/classification.config:g' \
315 "${D}etc/snort/snort.conf.distrib"
316 sed -i -e 's:^include reference.config:include /etc/snort/reference.config:g' \
317 "${D}etc/snort/snort.conf.distrib"
318
319 #Disable all rule files by default.
320 #Users need to choose what they want enabled.
321 sed -i -e 's:^include $RULE_PATH:# include $RULE_PATH:g' \
322 "${D}etc/snort/snort.conf.distrib"
323
324 }
325
326 pkg_postinst() {
327 einfo
328 einfo "Snort is a libpcap based packet capture tool which can be used in"
329 einfo "three modes Sniffer Mode, Packet Logger Mode, or Network Intrusion"
330 einfo "Detection/Prevention System Mode."
331 einfo
332 einfo "To learn more about these modes review the Snort User Manual at..."
333 einfo
334 einfo "http://www.snort.org/docs/"
335 einfo
336 einfo "See /usr/share/doc/${PF} and /etc/snort/snort.conf.distrib for"
337 einfo "information on configuring snort."
338 einfo
339 einfo "Joining the Snort-Users and Snort-Sigs mailing list is highly"
340 einfo "recommended for all users..."
341 einfo
342 einfo "http://www.snort.org/community/mailing-lists/"
343 einfo
344 einfo "To download rules for use with Snort please, see the following"
345 einfo
346 einfo "Sourcefire's VRT Rules and older Community Rules:"
347 einfo "http://www.snort.org/pub-bin/downloads.cgi"
348 einfo
349 einfo "Emerging Threats Rules:"
350 einfo "http://www.emergingthreats.net/"
351 einfo
352 einfo "To manage updates to your rules please visit..."
353 einfo
354 einfo "http://oinkmaster.sourceforge.net/"
355 einfo
356 einfo "and then 'emerge oinkmaster'."
357 elog
358 elog "Snort-2.8.5.2 Notes:"
359 elog
360 elog "Ebuild Notes"
361 elog "Fixes Bug #297190"
362 elog
363 elog "Snort Release Notes:"
364 elog "http://dl.snort.org/snort-current/release_notes_2852.txt"
365 elog
366 elog "Make sure to check snort.conf.distrib for new features/options."
367 elog
368 }
Report Message
Find on MARC Find on Google Groups