summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarkus Ullmann <jokey@gentoo.org>2007-01-17 01:40:58 +0000
committerMarkus Ullmann <jokey@gentoo.org>2007-01-17 01:40:58 +0000
commitaa0f540064138ea36b730cf31845a2cf176d6f8d (patch)
tree0de69e6a9ab4358886fa9102f66df23ab3ab3cc0 /net-analyzer/snort
parentFix for security bug #161632 and bug #161750 (diff)
downloadgentoo-2-aa0f540064138ea36b730cf31845a2cf176d6f8d.tar.gz
gentoo-2-aa0f540064138ea36b730cf31845a2cf176d6f8d.tar.bz2
gentoo-2-aa0f540064138ea36b730cf31845a2cf176d6f8d.zip
Fix for security bug #161632 and bug #161750
(Portage version: 2.1.2_rc4-r8) (Signed Manifest commit)
Diffstat (limited to 'net-analyzer/snort')
-rw-r--r--net-analyzer/snort/Manifest46
-rw-r--r--net-analyzer/snort/files/digest-snort-2.6.012
-rw-r--r--net-analyzer/snort/files/digest-snort-2.6.1.112
-rw-r--r--net-analyzer/snort/snort-2.6.0.ebuild180
-rw-r--r--net-analyzer/snort/snort-2.6.1.1.ebuild184
5 files changed, 26 insertions, 408 deletions
diff --git a/net-analyzer/snort/Manifest b/net-analyzer/snort/Manifest
index c0ea28bc572e..b52a4d579727 100644
--- a/net-analyzer/snort/Manifest
+++ b/net-analyzer/snort/Manifest
@@ -1,3 +1,10 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+AUX snort-2.6.1.1-gre.patch 1164 RMD160 c80be0a6286ad7f79bb22fa94148e2f77ce25a34 SHA1 f0b3e80f05a433a9182d038fe4a28bc37260337a SHA256 72df4c81f615a72a3d305ac236b38aee5a2c953ff1e5fa39e075a7ef2e6b82ef
+MD5 e83ddd6b75669ad58e2ce6cafedc0aaf files/snort-2.6.1.1-gre.patch 1164
+RMD160 c80be0a6286ad7f79bb22fa94148e2f77ce25a34 files/snort-2.6.1.1-gre.patch 1164
+SHA256 72df4c81f615a72a3d305ac236b38aee5a2c953ff1e5fa39e075a7ef2e6b82ef files/snort-2.6.1.1-gre.patch 1164
AUX snort-2.6.1.1-libnet.patch 8062 RMD160 fb42546b2efce968160afb0a0e0e96c8f0ad1471 SHA1 bcac8005327e016d8ffc1cf4b74aeb80228a2839 SHA256 ff36205cdd4554ff23c845383a82c9fdef6682a399072f3306f6aa3b74378b86
MD5 24315885b9f04323523e4fec8906888d files/snort-2.6.1.1-libnet.patch 8062
RMD160 fb42546b2efce968160afb0a0e0e96c8f0ad1471 files/snort-2.6.1.1-libnet.patch 8062
@@ -18,26 +25,21 @@ DIST Community-Rules-2.4.tar.gz 110044 RMD160 ecfb4444cb0152545d823692eb6e5e2347
DIST Community-Rules.tar.gz 11678 RMD160 a65b656e4dbf29f1c807622e865e945f509fe0c5 SHA1 de02fd44c58529795e0ab59b65aa08a608cffd95 SHA256 fd37a897455dcb4bace1f7f0af11747b5360e0e3896cd0b9649e5d19281bb2cf
DIST snort-2.4.0-genpatches.tar.bz2 6475 RMD160 9ea99c71892a2cbf409ead3514ae792210bdf3d0 SHA1 23d7ac5fb3e3fca5340a4f45ff6d64c4a4214e42 SHA256 8bf51a47b2a0db9ccad83a27105994befd9be381b41aeb02561882308f4c6dff
DIST snort-2.4.5.tar.gz 2817837 RMD160 1b697ccd84e1c10406ac20ccc0c46f79ea661e11 SHA1 3ba7dae8058aecf4e4eb1c7a816a7c8a4fb7c550 SHA256 84eb84da542d23e9f1c29b8eb319614c509fb19a745f1fa2a88d07c740645184
-DIST snort-2.6.0.tar.gz 3322826 RMD160 862cfd20b866b58dcc5a27cb3f4fcad90c1b7550 SHA1 502b68163ab378ea55e88d588f8a4784a589377d SHA256 0acbfedf728df3d63ed075a56259b81ab5e26099051ceb5808e0c87329fe588d
-DIST snort-2.6.1.1.tar.gz 3509132 RMD160 f49ac2f339303ccc48f343c21f0873e9ca49de2e SHA1 ce17e85725ba68b483d93c544872e6e8c6380a36 SHA256 01e21432ec5a60a3965ce3e3ebf9cdb4125c9dd5d218da22688857a6357e2a94
+DIST snort-2.6.1.2.tar.gz 3511538 RMD160 bd0ce3a4629a6e594a5f24723254e85d36597d04 SHA1 745f56806a0bae128a5c93c93c5eda9a4b80f593 SHA256 ca8bf1b1aa2fe23c9e8f8cb23482da123aac4b5842950b3cc2a40ba13da96b51
DIST snortrules-pr-2.4.tar.gz 789097 RMD160 dd2179b3ce8a55699d2e1b857426e5489191a121 SHA1 b8b59754ccb59b1dcf324d2faa399326117a60e9 SHA256 19d2545a2a150dff8b4dbcbd0def389b6865c4c70f5084172d08a7b151e1a504
DIST snortsam-20050110.tar.gz 29395 RMD160 ec80ce024ed7a013da35444ef1098ba3faa6cfc3 SHA1 46a274abeeea4e808849c65b9d510a5b5a221ba6 SHA256 dc428458f3c47684aabb89036ca7e601a6aa92864dbf23b31f33732b76c2a01e
EBUILD snort-2.4.5.ebuild 4425 RMD160 e0df6b4511ecd8ea5447d49963b32279981a2aa8 SHA1 730c173bfdf4a5b0cbc659e48f994844470a2e03 SHA256 8fcef1aae9797a4c5bd51f4810c17d4de69cfa6d351bb131f3f8fa1cfdc873c7
MD5 edd3367ef6795d519b1ae1cf237de552 snort-2.4.5.ebuild 4425
RMD160 e0df6b4511ecd8ea5447d49963b32279981a2aa8 snort-2.4.5.ebuild 4425
SHA256 8fcef1aae9797a4c5bd51f4810c17d4de69cfa6d351bb131f3f8fa1cfdc873c7 snort-2.4.5.ebuild 4425
-EBUILD snort-2.6.0.ebuild 5582 RMD160 c7fbda8bf032ff999b2e25416bedb9b577f2a16c SHA1 8ebc775b11a19f53c92c8db36b18dfb00ca1002f SHA256 8484ad4280601dcd6fad7b7af830d5084b8aaed97ba6611d8c7f59917d7a6031
-MD5 b584eb93be73ead6107524cee48f2c97 snort-2.6.0.ebuild 5582
-RMD160 c7fbda8bf032ff999b2e25416bedb9b577f2a16c snort-2.6.0.ebuild 5582
-SHA256 8484ad4280601dcd6fad7b7af830d5084b8aaed97ba6611d8c7f59917d7a6031 snort-2.6.0.ebuild 5582
-EBUILD snort-2.6.1.1.ebuild 5610 RMD160 400b265c44011f72978a67e29ff54450e9fa0aff SHA1 a8df9758f41c401453314bf689c7d2672d9ad055 SHA256 69cd84f4b5761b1a3925b4a67f2233fc18e3fcaba9f899387b9fc53c61ffd8a9
-MD5 5a9ab6ab68ef70bf0a31852fec6e395a snort-2.6.1.1.ebuild 5610
-RMD160 400b265c44011f72978a67e29ff54450e9fa0aff snort-2.6.1.1.ebuild 5610
-SHA256 69cd84f4b5761b1a3925b4a67f2233fc18e3fcaba9f899387b9fc53c61ffd8a9 snort-2.6.1.1.ebuild 5610
-MISC ChangeLog 20373 RMD160 b44167ba5c74d44a1a35cbd9611ec6a8964b2e6c SHA1 a632462ffa1c4ec6627c714a28ad34be9a374224 SHA256 33bcc4977e168e52b83eed6948b872448133f188ba001b12182fd9bc884a4872
-MD5 26a6d9db796eea42fb5d083703ec2d09 ChangeLog 20373
-RMD160 b44167ba5c74d44a1a35cbd9611ec6a8964b2e6c ChangeLog 20373
-SHA256 33bcc4977e168e52b83eed6948b872448133f188ba001b12182fd9bc884a4872 ChangeLog 20373
+EBUILD snort-2.6.1.2.ebuild 5707 RMD160 e307cbc27bf21889927ba51438c002f5e1bab714 SHA1 86b6497ef27760372d3a0b2c250566a9e099805e SHA256 8f410634c07d9927a29d60c39a7ece2eaf31ef3fc31944baac4f9055c1a35c51
+MD5 7869847f77d299d42c053c1d673fca43 snort-2.6.1.2.ebuild 5707
+RMD160 e307cbc27bf21889927ba51438c002f5e1bab714 snort-2.6.1.2.ebuild 5707
+SHA256 8f410634c07d9927a29d60c39a7ece2eaf31ef3fc31944baac4f9055c1a35c51 snort-2.6.1.2.ebuild 5707
+MISC ChangeLog 20604 RMD160 f15116f9a7cd5a6dab7bd7208733167c36d3f710 SHA1 acd838a4b4d2d7f093a20de008b605f10c02d99e SHA256 f9810c8e118dffb2552b6ca855cf1c29bcae790134e5252d12de4d329c895c43
+MD5 3d9bf6096072e2fbd1106f938e484168 ChangeLog 20604
+RMD160 f15116f9a7cd5a6dab7bd7208733167c36d3f710 ChangeLog 20604
+SHA256 f9810c8e118dffb2552b6ca855cf1c29bcae790134e5252d12de4d329c895c43 ChangeLog 20604
MISC metadata.xml 246 RMD160 427cf3e9767d777650d905a7b4fcad57259908bb SHA1 470a19ab011412f7f219d654304b7a43876082ae SHA256 843ac8d26d6f2f01b254d963268d1b4dc7ec515e5ce16daf47f7c68f2c47584e
MD5 53edc4328d9adeaf087c65ea94b1594b metadata.xml 246
RMD160 427cf3e9767d777650d905a7b4fcad57259908bb metadata.xml 246
@@ -45,9 +47,13 @@ SHA256 843ac8d26d6f2f01b254d963268d1b4dc7ec515e5ce16daf47f7c68f2c47584e metadata
MD5 8ab79a3b3485b8028ffc95ef22f0e4a7 files/digest-snort-2.4.5 1250
RMD160 9f1bbc6e281b0a46b8dad256d91b2c7898d21d4e files/digest-snort-2.4.5 1250
SHA256 eca549eac2e372a4307f224ffb2150f9fd940540134ecae1c73621c81f61d826 files/digest-snort-2.4.5 1250
-MD5 2f9a1287ed8f1232c7b5eb58142e97f1 files/digest-snort-2.6.0 985
-RMD160 1ffee6de223e8608f77c9cb592cb93c80f31680b files/digest-snort-2.6.0 985
-SHA256 eaf927c4c17b7e2ecf529a6cc28ad697600962f607caaf6e7b755003f9fd7cb7 files/digest-snort-2.6.0 985
-MD5 2e5c4d33b57f408c8ff2d95cc66316b0 files/digest-snort-2.6.1.1 1006
-RMD160 31dde0e210e56d041c915b821a964097f222d0bf files/digest-snort-2.6.1.1 1006
-SHA256 40c3978f7683528e809ce58a9ec64543e828cd42be3f701a5a003a2c6de86d92 files/digest-snort-2.6.1.1 1006
+MD5 815d00c6b73946345b8c4860388db41d files/digest-snort-2.6.1.2 1006
+RMD160 a5a63f7a2ddef96a836bb966b98d7d71431965e0 files/digest-snort-2.6.1.2 1006
+SHA256 c776d126ad4060bf4566a1457d753418cf16c4014207e82aa3b34d7c834cefb0 files/digest-snort-2.6.1.2 1006
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.1 (GNU/Linux)
+
+iD8DBQFFrX59z974XjDVpbkRAlbfAJ94EQX+5yyzOrdIHPLXw3pN9+xjigCeMjWE
+4xUWMNQYe5mvayaFhJ+uAXA=
+=G/A+
+-----END PGP SIGNATURE-----
diff --git a/net-analyzer/snort/files/digest-snort-2.6.0 b/net-analyzer/snort/files/digest-snort-2.6.0
deleted file mode 100644
index 3d477d1d625e..000000000000
--- a/net-analyzer/snort/files/digest-snort-2.6.0
+++ /dev/null
@@ -1,12 +0,0 @@
-MD5 39d8250f47a33aaec4712e29c0dcd1d0 Community-Rules.tar.gz 11678
-RMD160 a65b656e4dbf29f1c807622e865e945f509fe0c5 Community-Rules.tar.gz 11678
-SHA256 fd37a897455dcb4bace1f7f0af11747b5360e0e3896cd0b9649e5d19281bb2cf Community-Rules.tar.gz 11678
-MD5 88bb7f628e5bf1edc6409fbb126eaed0 snort-2.6.0.tar.gz 3322826
-RMD160 862cfd20b866b58dcc5a27cb3f4fcad90c1b7550 snort-2.6.0.tar.gz 3322826
-SHA256 0acbfedf728df3d63ed075a56259b81ab5e26099051ceb5808e0c87329fe588d snort-2.6.0.tar.gz 3322826
-MD5 35d9a2486f8c0280bb493aa03c011927 snortrules-pr-2.4.tar.gz 789097
-RMD160 dd2179b3ce8a55699d2e1b857426e5489191a121 snortrules-pr-2.4.tar.gz 789097
-SHA256 19d2545a2a150dff8b4dbcbd0def389b6865c4c70f5084172d08a7b151e1a504 snortrules-pr-2.4.tar.gz 789097
-MD5 2eeef1a7a040d67c3afaf9d749905e47 snortsam-20050110.tar.gz 29395
-RMD160 ec80ce024ed7a013da35444ef1098ba3faa6cfc3 snortsam-20050110.tar.gz 29395
-SHA256 dc428458f3c47684aabb89036ca7e601a6aa92864dbf23b31f33732b76c2a01e snortsam-20050110.tar.gz 29395
diff --git a/net-analyzer/snort/files/digest-snort-2.6.1.1 b/net-analyzer/snort/files/digest-snort-2.6.1.1
deleted file mode 100644
index cf0dc3541e03..000000000000
--- a/net-analyzer/snort/files/digest-snort-2.6.1.1
+++ /dev/null
@@ -1,12 +0,0 @@
-MD5 52c0c6bc60d7123cb048e562d25bc34a Community-Rules-2.4.tar.gz 110044
-RMD160 ecfb4444cb0152545d823692eb6e5e2347151b54 Community-Rules-2.4.tar.gz 110044
-SHA256 4c82f90c960626aae5804c2375540f2d7241524c31ae3c7ab69df6c46e295c4c Community-Rules-2.4.tar.gz 110044
-MD5 a7313ff4346317c301af361e211a7cd4 snort-2.6.1.1.tar.gz 3509132
-RMD160 f49ac2f339303ccc48f343c21f0873e9ca49de2e snort-2.6.1.1.tar.gz 3509132
-SHA256 01e21432ec5a60a3965ce3e3ebf9cdb4125c9dd5d218da22688857a6357e2a94 snort-2.6.1.1.tar.gz 3509132
-MD5 35d9a2486f8c0280bb493aa03c011927 snortrules-pr-2.4.tar.gz 789097
-RMD160 dd2179b3ce8a55699d2e1b857426e5489191a121 snortrules-pr-2.4.tar.gz 789097
-SHA256 19d2545a2a150dff8b4dbcbd0def389b6865c4c70f5084172d08a7b151e1a504 snortrules-pr-2.4.tar.gz 789097
-MD5 2eeef1a7a040d67c3afaf9d749905e47 snortsam-20050110.tar.gz 29395
-RMD160 ec80ce024ed7a013da35444ef1098ba3faa6cfc3 snortsam-20050110.tar.gz 29395
-SHA256 dc428458f3c47684aabb89036ca7e601a6aa92864dbf23b31f33732b76c2a01e snortsam-20050110.tar.gz 29395
diff --git a/net-analyzer/snort/snort-2.6.0.ebuild b/net-analyzer/snort/snort-2.6.0.ebuild
deleted file mode 100644
index dfcfc2497548..000000000000
--- a/net-analyzer/snort/snort-2.6.0.ebuild
+++ /dev/null
@@ -1,180 +0,0 @@
-# Copyright 1999-2006 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/snort-2.6.0.ebuild,v 1.5 2006/11/23 19:54:19 vivo Exp $
-
-WANT_AUTOCONF="latest"
-WANT_AUTOMAKE="latest"
-inherit eutils flag-o-matic autotools
-
-DESCRIPTION="Libpcap-based packet sniffer/logger/lightweight IDS"
-HOMEPAGE="http://www.snort.org/"
-SRC_URI="http://www.snort.org/dl/current/${P}.tar.gz
- http://www.snort.org/pub-bin/downloads.cgi/Download/comm_rules/Community-Rules.tar.gz
- http://www.snort.org/pub-bin/downloads.cgi/Download/vrt_pr/snortrules-pr-2.4.tar.gz
- snortsam? ( mirror://gentoo/snortsam-20050110.tar.gz )"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~ppc ~ppc64 -sparc ~x86"
-IUSE="ssl postgres mysql flexresp selinux snortsam odbc prelude inline sguil dynamicplugin timestats perfprofiling linux-smp-stats"
-
-DEPEND="virtual/libc
- >=dev-libs/libpcre-4.2-r1
- virtual/libpcap
- flexresp? ( ~net-libs/libnet-1.0.2a )
- postgres? ( || ( dev-db/postgresql dev-db/libpq ) )
- mysql? ( virtual/mysql )
- ssl? ( dev-libs/openssl )
- prelude? ( >=dev-libs/libprelude-0.9.0 )
- odbc? ( dev-db/unixODBC )
- >=sys-devel/libtool-1.4
- inline? (
- ~net-libs/libnet-1.0.2a
- net-firewall/iptables
- )"
-
-RDEPEND="${DEPEND}
- dev-lang/perl
- selinux? ( sec-policy/selinux-snort )
- snortsam? ( net-analyzer/snortsam )"
-
-pkg_setup() {
- enewgroup snort
- enewuser snort -1 -1 /dev/null snort
-}
-
-src_unpack() {
- unpack ${A}
- cd "${S}"
-
- if use flexresp || use inline ; then
- epatch "${WORKDIR}/2.4.0-libnet-1.0.patch"
- fi
-
- sed -i "s:var RULE_PATH ../rules:var RULE_PATH /etc/snort/rules:" \
- etc/snort.conf
-
- if use prelude ; then
- sed -i -e "s:AC_PROG_RANLIB:AC_PROG_LIBTOOL:" configure.in
- fi
-
- if use sguil ; then
- epatch "${WORKDIR}/2.4.0-spp_portscan_sguil.patch"
- epatch "${WORKDIR}/2.4.0-spp_stream4_sguil.patch"
- fi
-
- if use snortsam ; then
- cd ..
- einfo "Applying snortsam patch"
- ./patchsnort.sh "${S}" || die "snortsam patch failed"
- cd "${S}"
- fi
-
- einfo "Regenerating autoconf/automake files"
- AT_M4DIR=m4 eautoreconf
-}
-
-src_compile() {
- local myconf
-
- # There is no --disable-flexresp, cannot use use_enable
- use flexresp && myconf="${myconf} --enable-flexresp"
-
- use inline && append-flags -I/usr/include/libipq
-
- econf \
- --without-oracle \
- $(use_with postgres postgresql) \
- $(use_with mysql) \
- $(use_with ssl openssl) \
- $(use_with odbc) \
- $(use_enable prelude) \
- $(use_with sguil) \
- $(use_enable inline) \
- $(use_enable dynamicplugin) \
- $(use_enable timestats) \
- $(use_enable perfprofiling) \
- $(use_enable linux-smp-stats) \
- ${myconf} || die "econf failed"
-
- # limit to single as reported by jforman on irc
- emake -j1 || die "emake failed"
-}
-
-src_install() {
- make DESTDIR="${D}" install || die "make install failed"
-
- keepdir /var/log/snort/
-
- dodoc doc/*
- dodoc ./RELEASE.NOTES
- docinto schemas ; dodoc schemas/*
-
- insinto /etc/snort
- doins etc/reference.config etc/classification.config \
- etc/*.map etc/threshold.conf
- newins etc/snort.conf snort.conf
- if use sguil ; then
- sed -i -e "/^# output log_unified/s:# ::" \
- -e "s:snort.log:snort_unified.log:" \
- "${D}/etc/snort/snort.conf" || die "sed failed"
- fi
-
- newinitd "${FILESDIR}/snort.rc7" snort
- newconfd "${FILESDIR}/snort.confd" snort
- if use sguil ; then
- sed -i -e "s:/var/log/snort:/var/lib/sguil/$(hostname):" \
- -e "/^SNORT_OPTS/s%-u snort%-m 122 -u sguil -g sguil -A none%" \
- "${D}/etc/conf.d/snort" || die "sed failed"
- fi
-
- fowners snort:snort /var/log/snort
- fperms 0770 /var/log/snort
-
- # install rules
- dodir /etc/snort/rules
- mv "${WORKDIR}"/rules/* "${D}/etc/snort/rules/"
-}
-
-pkg_postinst() {
- ewarn
- ewarn "Users upgrading from snort 2.4.x should take care when updating"
- ewarn "their snort.conf. A number of significant changes have been"
- ewarn "have been added to snort 2.6 including the addition of"
- ewarn "dynamically loadable preprocessors, detection engine and rules."
- ewarn "Snort 2.6 also includes the addition of performance profiling"
- ewarn "for rules & preprocessors and uses a new default pattern matcher"
- ewarn "which provides faster matching at the expense of being very"
- ewarn "memory intensive."
- ewarn
- ewarn "If you find that snort is using too much memory, your system"
- ewarn "freezes, or snort crashes after a few minutes try adding the"
- ewarn "following to your snort.conf..."
- ewarn
- ewarn "'config detection: search-method ac-sparsebands'"
- ewarn
- ewarn "This will provide high pattern matching performance at a much"
- ewarn "lower cost to memory. For more information on the new features"
- ewarn "in snort 2.6, please take a look at the release notes located in..."
- ewarn
- ewarn " /usr/share/doc/${PF}/RELEASE.NOTES.gz"
- ewarn
- einfo "To use a database as a backend for snort you will have to"
- einfo "import the correct tables to the database."
- einfo "You will have to setup a database called snort before doing the"
- einfo "following..."
- einfo
- einfo " MySQL: zcat /usr/share/doc/${PF}/schemas/create_mysql.gz | mysql -p snort"
- einfo
- einfo " PostgreSQL: import /usr/share/doc/${PF}/schemas/create_postgresql.gz"
- einfo
- einfo " ODBC: look at /usr/share/doc/${PF}/schemas/"
- einfo
- einfo "Users using the unified output plugin and barnyard do not need to"
- einfo "compile database support into snort, but still need to set up their"
- einfo "database as shown above."
- einfo
- ewarn "Only a basic set of rules was installed."
- ewarn "Please add your other sets of rules to /etc/snort/rules."
- ewarn "For more information on rules, visit ${HOMEPAGE}."
-}
diff --git a/net-analyzer/snort/snort-2.6.1.1.ebuild b/net-analyzer/snort/snort-2.6.1.1.ebuild
deleted file mode 100644
index 09218a898a53..000000000000
--- a/net-analyzer/snort/snort-2.6.1.1.ebuild
+++ /dev/null
@@ -1,184 +0,0 @@
-# Copyright 1999-2006 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/snort-2.6.1.1.ebuild,v 1.1 2006/11/25 16:39:42 cedk Exp $
-
-WANT_AUTOCONF="latest"
-WANT_AUTOMAKE="latest"
-inherit eutils autotools
-
-DESCRIPTION="Libpcap-based packet sniffer/logger/lightweight IDS"
-HOMEPAGE="http://www.snort.org/"
-SRC_URI="http://www.snort.org/dl/current/${P}.tar.gz
- http://www.snort.org/pub-bin/downloads.cgi/Download/comm_rules/Community-Rules-2.4.tar.gz
- http://www.snort.org/pub-bin/downloads.cgi/Download/vrt_pr/snortrules-pr-2.4.tar.gz
- snortsam? ( mirror://gentoo/snortsam-20050110.tar.gz )"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~ppc ~ppc64 -sparc ~x86"
-IUSE="postgres mysql flexresp selinux snortsam odbc prelude inline dynamicplugin
-timestats perfprofiling linux-smp-stats flexresp2 react sguil"
-
-DEPEND="virtual/libc
- >=dev-libs/libpcre-4.2-r1
- virtual/libpcap
- flexresp? ( ~net-libs/libnet-1.0.2a )
- flexresp2? ( dev-libs/libdnet )
- react? ( ~net-libs/libnet-1.0.2a )
- postgres? ( || ( dev-db/postgresql dev-db/libpq ) )
- mysql? ( virtual/mysql )
- prelude? ( >=dev-libs/libprelude-0.9.0 )
- odbc? ( dev-db/unixODBC )
- >=sys-devel/libtool-1.4
- inline? (
- ~net-libs/libnet-1.0.2a
- net-firewall/iptables
- )"
-
-RDEPEND="${DEPEND}
- dev-lang/perl
- selinux? ( sec-policy/selinux-snort )
- snortsam? ( net-analyzer/snortsam )"
-
-pkg_setup() {
- enewgroup snort
- enewuser snort -1 -1 /dev/null snort
-
- if use flexresp && use flexresp2 ; then
- ewarn
- ewarn "You have both the 'flexresp' and 'flexresp2' USE"
- ewarn "flags set. You can use 'flexresp' or 'flexresp2'"
- ewarn "but not both."
- ewarn
- ewarn "Defaulting to flexresp2..."
- fi
-}
-
-src_unpack() {
- unpack ${A}
- cd "${S}"
-
- epatch "${FILESDIR}/${P}-libnet.patch"
-
- sed -i "s:var RULE_PATH ../rules:var RULE_PATH /etc/snort/rules:" \
- etc/snort.conf
-
- if use prelude ; then
- sed -i -e "s:AC_PROG_RANLIB:AC_PROG_LIBTOOL:" configure.in
- fi
-
- if use snortsam ; then
- cd ..
- einfo "Applying snortsam patch"
- sed -i "s/PLUGIN_FWSAM/PLUGIN_FWSAM,/" snortpatch9 || die "sed failed"
- ./patchsnort.sh "${S}" || die "snortsam patch failed"
- cd "${S}"
- fi
-
- einfo "Regenerating autoconf/automake files"
- AT_M4DIR=m4 eautoreconf
-}
-
-src_compile() {
- local myconf
-
- if use flexresp2; then
- myconf="${myconf} --enable-flexresp2"
- elif use flexresp; then
- myconf="${myconf} --enable-flexresp"
- fi
-
- if use react && ! use flexresp; then
- myconf="${myconf} --enable-react"
- fi
-
- myconf="${myconf} --with-libipq-includes=/usr/include/libipq"
-
- econf \
- --without-oracle \
- $(use_with postgres postgresql) \
- $(use_with mysql) \
- $(use_with odbc) \
- $(use_enable prelude) \
- $(use_enable inline) \
- $(use_enable dynamicplugin) \
- $(use_enable timestats) \
- $(use_enable perfprofiling) \
- $(use_enable linux-smp-stats) \
- ${myconf} || die "econf failed"
-
- # limit to single as reported by jforman on irc
- emake -j1 || die "emake failed"
-}
-
-src_install() {
- emake DESTDIR="${D}" install || die "make install failed"
-
- keepdir /var/log/snort/
-
- dodoc doc/*
- dodoc ./RELEASE.NOTES
- docinto schemas ; dodoc schemas/*
-
- insinto /etc/snort
- doins etc/reference.config etc/classification.config \
- etc/*.map etc/threshold.conf
- newins etc/snort.conf snort.conf
-
- newinitd "${FILESDIR}/snort.rc8" snort
- newconfd "${FILESDIR}/snort.confd" snort
-
- fowners snort:snort /var/log/snort
- fperms 0770 /var/log/snort
-
- # install rules
- insinto /etc/snort/rules
- doins -r "${WORKDIR}"/rules/*
-}
-
-pkg_postinst() {
- ewarn
- ewarn "Users upgrading from snort 2.4.x should take care when updating"
- ewarn "their snort.conf. A number of significant changes have been"
- ewarn "have been added to snort 2.6 including the addition of"
- ewarn "dynamically loadable preprocessors, detection engine and rules."
- ewarn "Snort 2.6 also includes the addition of performance profiling"
- ewarn "for rules & preprocessors and uses a new default pattern matcher"
- ewarn "which provides faster matching at the expense of being very"
- ewarn "memory intensive."
- ewarn
- ewarn "If you find that snort is using too much memory, your system"
- ewarn "freezes, or snort crashes after a few minutes try adding the"
- ewarn "following to your snort.conf..."
- ewarn
- ewarn "'config detection: search-method ac-sparsebands'"
- ewarn
- ewarn "This will provide high pattern matching performance at a much"
- ewarn "lower cost to memory. For more information on the new features"
- ewarn "in snort 2.6, please take a look at the release notes located in..."
- ewarn
- ewarn " /usr/share/doc/${PF}/RELEASE.NOTES.gz"
- ewarn
- einfo "To use a database as a backend for snort you will have to"
- einfo "import the correct tables to the database."
- einfo "You will have to setup a database called snort before doing the"
- einfo "following..."
- einfo
- einfo " MySQL: zcat /usr/share/doc/${PF}/schemas/create_mysql.gz | mysql -p snort"
- einfo
- einfo " PostgreSQL: import /usr/share/doc/${PF}/schemas/create_postgresql.gz"
- einfo
- einfo " ODBC: look at /usr/share/doc/${PF}/schemas/"
- einfo
- einfo "Users using the unified output plugin and barnyard do not need to"
- einfo "compile database support into snort, but still need to set up their"
- einfo "database as shown above."
- einfo
- ewarn "Only a basic set of rules was installed."
- ewarn "Please add your other sets of rules to /etc/snort/rules."
- ewarn "For more information on rules, visit ${HOMEPAGE}."
- if use sguil ; then
- elog "SGUIL needs to catch up with snort 2.6.x. If you plan on using SGUIL"
- elog "you should unmerge ${P} and emerge snort-2.4.x"
- fi
-}