Bump to 2.8.4. Reworked ebuild thanks to Jason Wallace. Lots of changes, see bug #266288 for details.

Package-Manager: portage-2.2_rc30/cvs/Linux x86_64

9 files changed, 690 insertions, 11 deletions

diff --git a/net-analyzer/snort/ChangeLog b/net-analyzer/snort/ChangeLog
index c53b8051632d..2df80849eb86 100644
--- a/net-analyzer/snort/ChangeLog
+++ b/net-analyzer/snort/ChangeLog
@@ -1,6 +1,15 @@
 # ChangeLog for net-analyzer/snort
 # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.139 2009/03/01 19:16:21 patrick Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.140 2009/04/17 12:05:30 patrick Exp $
+
+*snort-2.8.4 (17 Apr 2009)
+
+  17 Apr 2009; Patrick Lauer <patrick@gentoo.org>
+  +files/snort-2.8.4-libnet.patch, +files/pcap_memory.patch,
+  files/snort.confd, +files/snort.rc9, +files/spo_database_fix.patch,
+  metadata.xml, +snort-2.8.4.ebuild:
+  Bump to 2.8.4. Reworked ebuild thanks to Jason Wallace. Lots of changes,
+  see bug #266288 for details.
 
 *snort-2.6.1.4-r1 (01 Mar 2009)
 
diff --git a/net-analyzer/snort/Manifest b/net-analyzer/snort/Manifest
index 3964bfdce07f..278cf632135a 100644
--- a/net-analyzer/snort/Manifest
+++ b/net-analyzer/snort/Manifest
@@ -1,12 +1,16 @@
+AUX pcap_memory.patch 563 RMD160 3d4ed78ee4588e09401753026e6766ebcf290743 SHA1 962cb1379af8a382cb31ac07fe21614bbe6e3f8b SHA256 fc73d20c8b414decaba2cccdb50168489e84ddf906cf3c1e9490235a15f3e065
 AUX snort-2.6.1.1-libnet.patch 8062 RMD160 fb42546b2efce968160afb0a0e0e96c8f0ad1471 SHA1 bcac8005327e016d8ffc1cf4b74aeb80228a2839 SHA256 ff36205cdd4554ff23c845383a82c9fdef6682a399072f3306f6aa3b74378b86
 AUX snort-2.6.1.2-libdir.patch 446 RMD160 7508ad071e9cc9746f3c501c2525d82df3fdd9d0 SHA1 04cc4ddbd4570175483a33ce0729eb156473a1a5 SHA256 252743e9e5ddf4867f64cfcf22ca6127d07e6c69285635c0b7025a606a5fedc8
 AUX snort-2.6.1.2-react.patch 952 RMD160 f5856ba63d63c20386af53b1e95db3d3ce758843 SHA1 b2c87c82b4c32af573b30fc39441d3f393afd284 SHA256 15cfb26179883a962612cdf54f283fd195199118328586595f001a750ad68ab1
 AUX snort-2.6.1.4-libdnet-ip6.patch 482 RMD160 9d420da94d42aacf1a4c8fabb1a9637f73dff8b3 SHA1 2ff42e316d5c49201b85e78f99b1cae4449b7656 SHA256 7f24211c9295a848d1d29effaab2f7f38459823acb83e2d78da3d45019139e14
 AUX snort-2.6.1.4-server_stats.patch 525 RMD160 8639c175a992090c4cbadc22b8a8b64624013e2f SHA1 39c6a95436707e58b2fc6cb22476405ef996692b SHA256 e2d012e25dca6de507e8b3fd019cb904b2a194a73ba5ffed210902a8960916fd
 AUX snort-2.8.3.1-libnet.patch 8954 RMD160 eb6a2eac6f6005bf8118afeeda6ea52675470156 SHA1 7370bc6c97417cf78a57f8d3f3c3bc3365ce2d56 SHA256 e3edce56ba0568d1db75accc7afb0b86d3de7034aba20daf0f61bf32770b3c2a
-AUX snort.confd 423 RMD160 8312bad7b271cc20a9eeb8f08f0cba5cd330eb2f SHA1 149a377477a43ff78c7b3c73c159773e41adf892 SHA256 d504cb31ffcce9acc8fc7b68123a31a53b491444c52730339ea9a4e986521f71
+AUX snort-2.8.4-libnet.patch 9037 RMD160 76854b43712d9d5375263ee4aeba7161658bba6b SHA1 24ff2aa83a680c158be7876acc88cb4f47ffd85f SHA256 4659a2e141e476b7dfcb627de3c8dc884014e601a9fd9fe57e4d0c0912193650
+AUX snort.confd 442 RMD160 439e885d43aacc474c41eeed5217a498b2917aac SHA1 87a3de61e218367b2239540b94c564b2c6729300 SHA256 40adf5e7b918d1feae6728c1445e879d4cc478f81d13e9f32a2de1be1345413a
 AUX snort.rc7 740 RMD160 f9b799730b2699bd12bea76b23be13979121a12d SHA1 9e177163520facfdd322dc20dd5bcc89388237d1 SHA256 97314f3c7273c7ecdbaaf16cc82ee291b550ed4b1c339aa333cfaa7c7af5d991
 AUX snort.rc8 764 RMD160 37ca479a48a97dfcade39f4756cadc15fa31b971 SHA1 f4b79149468ceb694526972da36bb1221c72b19d SHA256 b657ad099ce1df24cbc4c5b1f48718572bec65a14cd52c9f29b87e4f7f549693
+AUX snort.rc9 849 RMD160 d031761fff4cf8f7bc28a465d3b5ecc740579e21 SHA1 8c16b1f7f064ebf962ad469b55e5a6738939b8e4 SHA256 585c6e96fc2265861436347ddf52d44c1c049fe7083825e16253f7717c968ec4
+AUX spo_database_fix.patch 597 RMD160 fdde2eeede5ea32b79fbf16c49419874e37f5a37 SHA1 ab3210b047a253de8a2b83b33a627356ac88281c SHA256 1f76a2aed7839bb49e8ec4652ad41999c54fcba2788b971264e69b7d89bb7acf
 DIST Community-Rules-2.4.tar.gz 110044 RMD160 ecfb4444cb0152545d823692eb6e5e2347151b54 SHA1 cbb5e5e8183608145642b3a47eb0be7fc06423f6 SHA256 4c82f90c960626aae5804c2375540f2d7241524c31ae3c7ab69df6c46e295c4c
 DIST Community-Rules-CURRENT.tar.gz 112052 RMD160 089916a6bf6db1fe56516d996dd7e062f5e96837 SHA1 8cd478c75e85f5da82d0fc4ebd29572e13066c7d SHA256 4f30a63d6a1cb4a8016540dffef99269c031cbee7ffeedf34d5bfbcd96cea417
 DIST Community-Rules.tar.gz 11678 RMD160 a65b656e4dbf29f1c807622e865e945f509fe0c5 SHA1 de02fd44c58529795e0ab59b65aa08a608cffd95 SHA256 fd37a897455dcb4bace1f7f0af11747b5360e0e3896cd0b9649e5d19281bb2cf
@@ -16,6 +20,7 @@ DIST snort-2.6.1.3.tar.gz 3700149 RMD160 0c390bd7cdbe705ba43ce8c8894bfec53c3179f
 DIST snort-2.6.1.4.tar.gz 3716052 RMD160 b9768992698fd9967b66b89938d38555260660ab SHA1 2709f1ef0953029a8b9a23c94dea81bcd42b2906 SHA256 5f830d3c95b6fb96b8abaa5539e71c3cdcfd8df95b376c77323149436f7bbf70
 DIST snort-2.7.0.1.tar.gz 3905846 RMD160 c88b71231bfa65e2c1eabd8931f4d6121e92a26a SHA1 9b751a73c611126c32e2dccd0a0e99aaff4e9653 SHA256 c9337c2acb34e34904e3fff8a2c31e1a3a92aa7776a9263454fd4dc5503721fa
 DIST snort-2.8.3.1.tar.gz 4309333 RMD160 53ab2df684ba327718d3dac1c8efa21c3ae05248 SHA1 384203f68e2000c490bbc5a5a2724b0b74d10e74 SHA256 edda7a8c3fe96623729ba0f34c2bda23c15a47a063bafdfc1e397680c2538d86
+DIST snort-2.8.4.tar.gz 4603710 RMD160 3fae1b0a472a5ae73eea323f312364bc9d7e1e2a SHA1 2e400f34728613f0e285f28dc38a0ae38733ea22 SHA256 ccf182121277730b3c5dab2ddcac15d78e00a092c7741546fc2ed9d54bd3836c
 DIST snortrules-pr-2.4.tar.gz 789097 RMD160 dd2179b3ce8a55699d2e1b857426e5489191a121 SHA1 b8b59754ccb59b1dcf324d2faa399326117a60e9 SHA256 19d2545a2a150dff8b4dbcbd0def389b6865c4c70f5084172d08a7b151e1a504
 DIST snortsam-20050110.tar.gz 29395 RMD160 ec80ce024ed7a013da35444ef1098ba3faa6cfc3 SHA1 46a274abeeea4e808849c65b9d510a5b5a221ba6 SHA256 dc428458f3c47684aabb89036ca7e601a6aa92864dbf23b31f33732b76c2a01e
 EBUILD snort-2.4.5.ebuild 4416 RMD160 bacac50a4b25f8058772efca252d6b5e55df383e SHA1 aa6a406325a74ede990940596712573b0937e24e SHA256 02a75c07e7791fb9b67c00ab03e776bec2b08f965177b7c6e85b55e33be3f008
@@ -24,5 +29,6 @@ EBUILD snort-2.6.1.4-r1.ebuild 6032 RMD160 4e04385e15ac0da60eb33b6decef9ef75bee2
 EBUILD snort-2.6.1.4.ebuild 5984 RMD160 57047f39db0979462684f75775c876b1f3e737d2 SHA1 cc4340770104cd6ffdab42165b27bd149d68103d SHA256 ada6aa994e747869846bf6bf41e8579b0a8bda56b945a1409d0af0d3c3e99eb8
 EBUILD snort-2.7.0.1.ebuild 5408 RMD160 e9d46031bc510e0eb052e4d86906d549bd2265b9 SHA1 ef571fd63b0068b8aa86d5ca04360b6b66c1ec01 SHA256 194ec0bb0b17fa4bdd48451f1f7c940bed4454c88450833aa213207dc16a104e
 EBUILD snort-2.8.3.1.ebuild 8974 RMD160 6ef2f46e1c73fb775bd5bdff90260a364e1a0d4e SHA1 57f21974a405eb88146877dd0fa477150c568bde SHA256 82f8cb84bb3bbf6cab5715f3c0dd3fa6066ee5b1905f4200a9c31af4790613b5
-MISC ChangeLog 24968 RMD160 bd4b24886d88ca6bb7b2d49987d6a877218eae75 SHA1 8f90605fe9764e83fdc22471dfa40a24b18e1e09 SHA256 f3662d85ee62e15c92ccc51c68e94d87d70dbee6b3daf24957c4d12a9e39fe92
-MISC metadata.xml 1828 RMD160 939d3c643196173d5641e61f8fb12e264fa8c893 SHA1 5b2e23c4e4e83586ae45308a10f472c1c9d61a08 SHA256 e66e252ca16a7c44077b1f60772e55a2e3ae93eb85c6addd1f8997326a6bd16c
+EBUILD snort-2.8.4.ebuild 11997 RMD160 d737b724f7104a4800c1f6f77752414fd6901aaa SHA1 32c251d797bb777fcde4138e711907a53a90a831 SHA256 6e94a9de8be0878151dc57e769adf8f6e0cb7351e21126e132448f32f0ebd511
+MISC ChangeLog 25321 RMD160 6eaeae67d8f3b49a55340dfe8f96ed761efeeb52 SHA1 81cbcd4d95eb0e7c0e9ecbe63aad38ef971f7212 SHA256 852cd3323f87d39b21e700863d5dde550c67f9165ce9a606efdca06acc29390c
+MISC metadata.xml 2013 RMD160 f878a557e7fb8a6a0e5d5d723ccfe6706ecbbd01 SHA1 142b29b37edc0e531580c755299c4c330857ae46 SHA256 a92d498a6a793bd7df774c71561a845770a6daedc8c3114f3370d98e712d8c42
diff --git a/net-analyzer/snort/files/pcap_memory.patch b/net-analyzer/snort/files/pcap_memory.patch
new file mode 100644
index 000000000000..0f75e34dc60d
--- /dev/null
+++ b/net-analyzer/snort/files/pcap_memory.patch
@@ -0,0 +1,19 @@
+diff -ru snort-2.8.4.orig/src/snort.c snort-2.8.4/src/snort.c
+--- snort-2.8.4.orig/src/snort.c	2009-01-28 11:37:03.000000000 -0500
++++ snort-2.8.4/src/snort.c	2009-04-09 10:48:26.000000000 -0400
+@@ -1188,6 +1188,15 @@
+         LogMessage("Not Using PCAP_FRAMES\n" );
+     }
+ 
++    if( getenv("PCAP_MEMORY") )
++    {
++        LogMessage("Using PCAP_MEMORY = %s\n", getenv("PCAP_MEMORY") );
++    }
++    else
++    {
++        LogMessage("Not Using PCAP_MEMORY\n" );
++    }
++
+ #ifdef TIMESTATS
+     start_time = time(&start_time); /* start counting seconds */
+ #endif
diff --git a/net-analyzer/snort/files/snort-2.8.4-libnet.patch b/net-analyzer/snort/files/snort-2.8.4-libnet.patch
new file mode 100644
index 000000000000..b0f073a14d51
--- /dev/null
+++ b/net-analyzer/snort/files/snort-2.8.4-libnet.patch
@@ -0,0 +1,221 @@
+diff -ru snort-2.8.4.rc1/configure.in snort-2.8.4.rc1_gentoo/configure.in
+--- snort-2.8.4.rc1/configure.in	2009-04-06 08:54:54.000000000 -0400
++++ snort-2.8.4.rc1_gentoo/configure.in	2009-04-06 09:08:37.000000000 -0400
+@@ -1214,19 +1214,19 @@
+          else
+             libnet_dir="/usr/include /usr/local/include /sw/include"
+         fi
+-        AC_MSG_CHECKING("for libnet.h version 1.0.x")
++        AC_MSG_CHECKING("for libnet-1.0.h version 1.0.x")
+         for i in $libnet_dir; do
+-            if test -r "$i/libnet.h"; then
++            if test -r "$i/libnet-1.0.h"; then
+                 LIBNET_INC_DIR="$i"
+             fi
+         done
+ 
+         if test "$LIBNET_INC_DIR" != ""; then
+-            if eval "grep LIBNET_VERSION $LIBNET_INC_DIR/libnet.h | grep -v 1.0 >/dev/null"; then
+-                FAIL_MESSAGE("libnet 1.0.x (libnet.h)", $LIBNET_INC_DIR)
++            if eval "grep LIBNET_VERSION $LIBNET_INC_DIR/libnet-1.0.h | grep -v 1.0 >/dev/null"; then
++                FAIL_MESSAGE("libnet 1.0.x (libnet-1.0.h)", $LIBNET_INC_DIR)
+             fi
+-            CFLAGS="${CFLAGS} `libnet-config --defines` `libnet-config --cflags`"
+-            LIBS="${LIBS} `libnet-config --libs`"
++            CFLAGS="${CFLAGS} `libnet-1.0-config --defines` `libnet-1.0-config --cflags`"
++            LIBS="${LIBS} `libnet-1.0-config --libs`"
+             CPPFLAGS="${CPPFLAGS} -I${LIBNET_INC_DIR}"
+             AC_MSG_RESULT($i)
+         else
+@@ -1248,8 +1248,8 @@
+ [  --enable-flexresp        Flexible Responses on hostile connection attempts],
+        enable_flexresp="$enableval", enable_flexresp="no")
+ if test "x$enable_flexresp" = "xyes"; then
+-    CPPFLAGS="${CPPFLAGS} -DENABLE_RESPONSE `libnet-config --defines --cflags`"
+-    LDFLAGS="${LDFLAGS} `libnet-config --libs`"
++    CPPFLAGS="${CPPFLAGS} -DENABLE_RESPONSE `libnet-1.0-config --defines --cflags`"
++    LDFLAGS="${LDFLAGS} `libnet-1.0-config --libs`"
+ fi
+                 
+ if test "x$enable_flexresp" != "xno" -a "x$enable_flexresp" = "xyes"; then
+@@ -1259,21 +1259,21 @@
+         exit
+     fi
+ 
+-    if test `libnet-config --cflags | wc -c` = "1"; then
++    if test `libnet-1.0-config --cflags | wc -c` = "1"; then
+         CPPFLAGS="${CPPFLAGS} -I/usr/local/include -I/sw/include"
+         LIBNET_CONFIG_BROKEN_CFLAGS="yes"
+     fi
+ 
+-    if test `libnet-config --libs | wc -c` = "1"; then
+-        AC_MSG_WARN(libnet-config --libs is broken on your system.  If you)
++    if test `libnet-1.0-config --libs | wc -c` = "1"; then
++        AC_MSG_WARN(libnet-1.0-config --libs is broken on your system.  If you)
+         AC_MSG_WARN(are using a precompiled package please notify the) 
+         AC_MSG_WARN(maintainer.)
+         LDFLAGS="${LDFLAGS} -L/usr/local/lib -L/sw/lib"
+-        LIBS="${LIBS} -lnet"
++        LIBS="${LIBS} -lnet-1.0"
+     fi
+ 
+     LNET=""
+-    AC_CHECK_HEADERS(libnet.h,, LNET="no")
++    AC_CHECK_HEADERS(libnet-1.0.h,, LNET="no")
+     if test "x$LNET" = "xno"; then
+         echo
+         echo "   ERROR!  Libnet header not found, go get it from"
+@@ -1291,33 +1291,33 @@
+             libnet_dir="/usr/include /usr/local/include /sw/include"
+         fi
+     else
+-        libnet_dir=`libnet-config --cflags | cut -dI -f2`
++        libnet_dir=`libnet-1.0-config --cflags | cut -dI -f2`
+     fi
+ 
+     LIBNET_INC_DIR=""
+     for i in $libnet_dir; do
+-        if test -r "$i/libnet.h"; then
++        if test -r "$i/libnet-1.0.h"; then
+             LIBNET_INC_DIR="$i"
+         fi
+     done
+ 
+     if test "x$LIBNET_INC_DIR" != "x"; then
+-        if eval "grep LIBNET_VERSION $LIBNET_INC_DIR/libnet.h | grep -v 1.0.2a >/dev/null"; then
++        if eval "grep LIBNET_VERSION $LIBNET_INC_DIR/libnet-1.0.h | grep -v 1.0.2a >/dev/null"; then
+             AC_MSG_RESULT(no)
+             echo
+             echo "   ERROR!  Snort with --enable-flexresp will *only* work with"
+             echo "   libnet version 1.0.2a, go get it from"
+             echo "   http://www.packetfactory.net/projects/libnet/"
+-            FAIL_MESSAGE("libnet 1.0.2a (libnet.h)", $LIBNET_INC_DIR)
++            FAIL_MESSAGE("libnet 1.0.2a (libnet-1.0.h)", $LIBNET_INC_DIR)
+         fi
+         AC_MSG_RESULT(yes)
+     else
+         AC_MSG_RESULT(no)
+-        FAIL_MESSAGE("libnet 1.0.2a (libnet.h)", $libnet_dir)
++        FAIL_MESSAGE("libnet 1.0.2a (libnet-1.0.h)", $libnet_dir)
+     fi
+ 
+     LNET=""
+-    AC_CHECK_LIB(net, libnet_build_ip,, LNET="no")
++    AC_CHECK_LIB(net-1.0, libnet_build_ip,, LNET="no")
+     if test "x$LNET" = "xno"; then
+         echo
+         echo "   ERROR!  Libnet library not found, go get it from"
+@@ -1368,8 +1368,8 @@
+ [  --enable-react           Intercept and terminate offending HTTP accesses],
+        enable_react="$enableval", enable_react="no")
+ if test "x$enable_react" = "xyes"; then
+-    CPPFLAGS="${CPPFLAGS} -DENABLE_REACT `libnet-config --defines --cflags`"
+-    LDFLAGS="${LDFLAGS} `libnet-config --libs`"
++    CPPFLAGS="${CPPFLAGS} -DENABLE_REACT `libnet-1.0-config --defines --cflags`"
++    LDFLAGS="${LDFLAGS} `libnet-1.0-config --libs`"
+ fi
+ 
+ if test "x$enable_react" != "xno" -a "x$enable_react" = "xyes"; then
+@@ -1380,13 +1380,13 @@
+         exit
+     fi
+ 
+-    if test `libnet-config --cflags | wc -c` = "1"; then
++    if test `libnet-1.0-config --cflags | wc -c` = "1"; then
+         CPPFLAGS="${CPPFLAGS} -I/usr/local/include -I/sw/include"
+         LIBNET_CONFIG_BROKEN_CFLAGS="yes"
+     fi
+ 
+-    if test `libnet-config --libs | wc -c` = "1"; then
+-        AC_MSG_WARN(libnet-config --libs is broken on your system.  If you)
++    if test `libnet-1.0-config --libs | wc -c` = "1"; then
++        AC_MSG_WARN(libnet-1.0-config --libs is broken on your system.  If you)
+         AC_MSG_WARN(are using a precompiled package please notify the)
+         AC_MSG_WARN(maintainer.)
+         LDFLAGS="${LDFLAGS} -L/usr/local/lib -L/sw/lib"
+@@ -1394,7 +1394,7 @@
+     fi
+ 
+     LNET=""
+-    AC_CHECK_HEADERS(libnet.h,, LNET="no")
++    AC_CHECK_HEADERS(libnet-1.0.h,, LNET="no")
+     if test "x$LNET" = "xno"; then
+         echo
+         echo "   ERROR!  Libnet header not found, go get it from"
+@@ -1412,33 +1412,33 @@
+             libnet_dir="/usr/include /usr/local/include /sw/include"
+         fi
+     else
+-        libnet_dir=`libnet-config --cflags | cut -dI -f2`
++        libnet_dir=`libnet-1.0-config --cflags | cut -dI -f2`
+     fi
+ 
+     LIBNET_INC_DIR=""
+     for i in $libnet_dir; do
+-        if test -r "$i/libnet.h"; then
++        if test -r "$i/libnet-1.0.h"; then
+             LIBNET_INC_DIR="$i"
+         fi
+     done
+ 
+     if test "x$LIBNET_INC_DIR" != "x"; then
+-        if eval "grep LIBNET_VERSION $LIBNET_INC_DIR/libnet.h | grep -v 1.0.2a >/dev/null"; then
++        if eval "grep LIBNET_VERSION $LIBNET_INC_DIR/libnet-1.0.h | grep -v 1.0.2a >/dev/null"; then
+             AC_MSG_RESULT(no)
+             echo
+             echo "   ERROR!  Snort with --enable-react will *only* work with"
+             echo "   libnet version 1.0.2a, go get it from"
+             echo "   http://www.packetfactory.net/projects/libnet/"
+-            FAIL_MESSAGE("libnet 1.0.2a (libnet.h)", $LIBNET_INC_DIR)
++            FAIL_MESSAGE("libnet 1.0.2a (libnet-1.0.h)", $LIBNET_INC_DIR)
+         fi
+         AC_MSG_RESULT(yes)
+     else
+         AC_MSG_RESULT(no)
+-        FAIL_MESSAGE("libnet 1.0.2a (libnet.h)", $libnet_dir)
++        FAIL_MESSAGE("libnet 1.0.2a (libnet-1.0.h)", $libnet_dir)
+     fi
+ 
+     LNET=""
+-    AC_CHECK_LIB(net, libnet_build_ip,, LNET="no")
++    AC_CHECK_LIB(net-1.0, libnet_build_ip,, LNET="no")
+     if test "x$LNET" = "xno"; then
+         echo
+         echo "   ERROR!  Libnet library not found, go get it from"
+Only in snort-2.8.4.rc1_gentoo/: configure.in.orig
+diff -ru snort-2.8.4.rc1/src/detection-plugins/sp_react.c snort-2.8.4.rc1_gentoo/src/detection-plugins/sp_react.c
+--- snort-2.8.4.rc1/src/detection-plugins/sp_react.c	2009-04-06 08:54:54.000000000 -0400
++++ snort-2.8.4.rc1_gentoo/src/detection-plugins/sp_react.c	2009-04-06 09:08:37.000000000 -0400
+@@ -59,7 +59,7 @@
+ #include <stdlib.h>
+ #include <string.h>
+ #include <ctype.h>
+-#include <libnet.h>
++#include <libnet-1.0.h>
+ 
+ #include "rules.h"
+ #include "decode.h"
+diff -ru snort-2.8.4.rc1/src/detection-plugins/sp_respond.c snort-2.8.4.rc1_gentoo/src/detection-plugins/sp_respond.c
+--- snort-2.8.4.rc1/src/detection-plugins/sp_respond.c	2009-04-06 08:54:54.000000000 -0400
++++ snort-2.8.4.rc1_gentoo/src/detection-plugins/sp_respond.c	2009-04-06 09:08:37.000000000 -0400
+@@ -36,7 +36,7 @@
+ 
+ 
+ #if defined(ENABLE_RESPONSE) && !defined(ENABLE_RESPONSE2)
+-#include <libnet.h>
++#include <libnet-1.0.h>
+ 
+ #include "decode.h"
+ #include "rules.h"
+diff -ru snort-2.8.4.rc1/src/inline.c snort-2.8.4.rc1_gentoo/src/inline.c
+--- snort-2.8.4.rc1/src/inline.c	2009-04-06 08:54:54.000000000 -0400
++++ snort-2.8.4.rc1_gentoo/src/inline.c	2009-04-06 09:08:37.000000000 -0400
+@@ -20,7 +20,7 @@
+ #include <stdlib.h>
+ #include <string.h>
+ #include <pcap.h>
+-#include <libnet.h>
++#include <libnet-1.0.h>
+ 
+ #include "decode.h"
+ #include "inline.h"
diff --git a/net-analyzer/snort/files/snort.confd b/net-analyzer/snort/files/snort.confd
index d4d240ac966b..c429ca61b2cb 100644
--- a/net-analyzer/snort/files/snort.confd
+++ b/net-analyzer/snort/files/snort.confd
@@ -1,16 +1,17 @@
 # Config file for /etc/init.d/snort
 
 # This tell snort which interface to listen on (any for every interface)
-IFACE=eth0
+IFACE="eth1"
 
-# Make sure this matches your IFACE
-PIDFILE=/var/run/snort_$IFACE.pid
+# You do NOT want to change this
+PIDPATH="/var/run/snort"
+PIDFILE="snort_$IFACE.pid"
 
 # You probably don't want to change this, but in case you do
 LOGDIR="/var/log/snort"
 
 # Probably not this either
-CONF=/etc/snort/snort.conf
+CONF="/etc/snort/snort.conf"
 
 # This pulls in the options above
 SNORT_OPTS="-D -u snort -i $IFACE -l $LOGDIR -c $CONF"
diff --git a/net-analyzer/snort/files/snort.rc9 b/net-analyzer/snort/files/snort.rc9
new file mode 100644
index 000000000000..6c65a353adc8
--- /dev/null
+++ b/net-analyzer/snort/files/snort.rc9
@@ -0,0 +1,34 @@
+#!/sbin/runscript
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/files/snort.rc9,v 1.3 2009/04/17 12:05:29 patrick Exp $
+
+depend() {
+	need net
+	after mysql
+	after postgresql
+}
+
+checkconfig() {
+	if [ ! -e $CONF ] ; then
+		eerror "You need a configuration file to run snort"
+		eerror "There is an example config in /etc/snort/snort.conf.distrib"
+		return 1
+	fi
+}
+
+start() {
+	checkconfig || return 1
+	ebegin "Starting snort"
+	start-stop-daemon --start --quiet --exec /usr/bin/snort \
+		-- --nolock-pidfile --pid-path ${PIDPATH} ${SNORT_OPTS} >/dev/null 2>&1
+	eend $?
+}
+
+stop() {
+	ebegin "Stopping snort"
+	start-stop-daemon --stop --quiet --pidfile ${PIDPATH}/${PIDFILE}
+	# Snort needs a few seconds to fully shutdown
+	sleep 15
+	eend $?
+}
diff --git a/net-analyzer/snort/files/spo_database_fix.patch b/net-analyzer/snort/files/spo_database_fix.patch
new file mode 100644
index 000000000000..944b3ee49e14
--- /dev/null
+++ b/net-analyzer/snort/files/spo_database_fix.patch
@@ -0,0 +1,18 @@
+diff -ru snort-2.8.4.orig/src/output-plugins/spo_database.c snort-2.8.4/src/output-plugins/spo_database.c
+--- snort-2.8.4.orig/src/output-plugins/spo_database.c	2009-01-26 16:50:26.000000000 -0500
++++ snort-2.8.4/src/output-plugins/spo_database.c	2009-04-14 10:43:28.000000000 -0400
+@@ -2798,6 +2798,14 @@
+                     {
+                         result = atoi(data->m_row[0]);
+                     }
++		      else
++		      {
++		    	result = 0;
++		      }
++		    }
++		    else
++		    {
++		      result = 0;
+                 }
+             }
+             mysql_free_result(data->m_result);
diff --git a/net-analyzer/snort/metadata.xml b/net-analyzer/snort/metadata.xml
index d76e098fcf6a..3bd53ba25071 100644
--- a/net-analyzer/snort/metadata.xml
+++ b/net-analyzer/snort/metadata.xml
@@ -1,17 +1,24 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
 <pkgmetadata>
+<maintainer>
+  <email>patrick@gentoo.org</email>
+  <name>Patrick Lauer</name>
+</maintainer>
+
 <herd>netmon</herd>
 <longdescription>Libpcap-based packet sniffer/logger/lightweight IDS</longdescription>
 <use>
-<flag name='aruba'>Enable Aruba support</flag>
-<flag name='community-rules'>Include Community rules</flag>
+
+<flag name='aruba'>Enable Aruba support</flag>                                                   
+<flag name='community-rules'>Include Community rules</flag>                                      
 <flag name='decoder-preprocessor-rules'></flag>
 <flag name='dynamicplugin'>Enable ability to dynamically load preprocessors, detection engine, and rules library</flag>
 <flag name='flexresp'>Enable new connection tearing (not recommended)</flag>
 <flag name='flexresp2'>Enable new connection tearing</flag>
 <flag name='gre'>Enable GRE support</flag>
-<flag name='inline'>Enable snort-inline for accepting packets from <pkg>net-firewall/iptables</pkg>, via libipq, rather than <pkg>net-libs/libpcap</pkg>.</flag>
+<flag name='inline'>Enable snort-inline for accepting packets from <pkg>net-firewall/iptables</pkg>, via libipq, rather than 
+	<pkg>net-libs/libpcap</pkg>.</flag>
 <flag name='inline-init-failopen'>Enable inline-init-failopen support</flag>
 <flag name='linux-smp-stats'>Enable statistics reporting through proc on smp systems</flag>
 <flag name='memory-cleanup'>Enable memory-cleanup support</flag>
diff --git a/net-analyzer/snort/snort-2.8.4.ebuild b/net-analyzer/snort/snort-2.8.4.ebuild
new file mode 100644
index 000000000000..3e71d69bf439
--- /dev/null
+++ b/net-analyzer/snort/snort-2.8.4.ebuild
@@ -0,0 +1,364 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/snort-2.8.4.ebuild,v 1.1 2009/04/17 12:05:30 patrick Exp $
+
+AT_M4DIR=m4
+
+inherit eutils autotools multilib
+
+DESCRIPTION="The de facto standard for intrusion detection/prevention"
+HOMEPAGE="http://www.snort.org/"
+SRC_URI="http://www.snort.org/dl/${P}.tar.gz"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~ppc ~ppc64 -sparc ~x86"
+IUSE="static debug threads prelude memory-cleanup dynamicplugin decoder-preprocessor-rules ipv6 targetbased timestats ppm perfprofiling linux-smp-stats inline inline-init-failopen flexresp flexresp2 react aruba gre mpls postgres mysql odbc selinux"
+
+#flexresp, react, and inline _ONLY_ work with net-libs/libnet-1.0.2a
+DEPEND="virtual/libc
+	virtual/libpcap
+	>=dev-libs/libpcre-6.0
+	flexresp2? ( dev-libs/libdnet )
+	flexresp? ( ~net-libs/libnet-1.0.2a )
+	react? ( ~net-libs/libnet-1.0.2a )
+	postgres? ( virtual/postgresql-base )
+	mysql? ( virtual/mysql )
+	odbc? ( dev-db/unixODBC )
+	prelude? ( >=dev-libs/libprelude-0.9.0 )
+	inline? ( ~net-libs/libnet-1.0.2a net-firewall/iptables )"
+
+RDEPEND="${DEPEND}
+	dev-lang/perl
+	selinux? ( sec-policy/selinux-snort )"
+
+pkg_setup() {
+	enewgroup snort
+	enewuser snort -1 -1 /dev/null snort
+
+	if use flexresp && use flexresp2 ; then
+		ewarn
+		ewarn
+		ewarn "You have both the 'flexresp' and 'flexresp2' USE"
+		ewarn "flags set. You can use 'flexresp' OR 'flexresp2'"
+		ewarn "but not both."
+		ewarn
+		ewarn "Defaulting to flexresp2..."
+		ewarn
+		ewarn
+		epause
+	fi
+
+	if use memory-cleanup && ! use dynamicplugin; then
+		ewarn
+		ewarn
+		ewarn "You have enabled 'memory-cleanup' but not 'dynamicplugin'."
+		ewarn "'memory-cleanup' requires 'dynamicplugin' to compile."
+		ewarn
+		ewarn "Enabling dynamicplugin..."
+		ewarn
+		ewarn
+		epause
+	fi
+
+	if use inline-init-failopen && ! use inline; then
+		ewarn
+		ewarn
+		ewarn "You have enabled 'inline-init-failopen' but not 'inline'."
+		ewarn "'inline-init-failopen' is an 'inline' only function."
+		ewarn
+		ewarn "Enabling inline mode..."
+		ewarn
+		ewarn
+		epause
+	fi
+}
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}"
+
+	#Dont monkey with the original source if you don't need to.
+	if use flexresp || use react || use inline || use inline-init-failopen; then
+	        epatch "${FILESDIR}/${PN}-2.8.4-libnet.patch"
+	fi
+
+	#Added patch to print the value of PCAP_MEMORY
+	epatch "${FILESDIR}/pcap_memory.patch"
+
+	#Added patch to fix problem with the DB output plugin
+	#This will be included upstream in the next version released
+	epatch "${FILESDIR}/spo_database_fix.patch"
+
+	if use prelude ; then
+		sed -i -e "s:AC_PROG_RANLIB:AC_PROG_LIBTOOL:" configure.in
+	fi
+
+	einfo "Regenerating autoconf/automake files"
+	eautoreconf
+}
+
+src_compile() {
+	local myconf
+
+	#Both shared and static are enable by defaut so we need to be specific
+	if use static; then
+		myconf="${myconf} --enable-static --disable-shared"
+	else
+		myconf="${myconf} --disable-static --enable-shared"
+	fi
+
+	#Added in ebuild version snort-2.8.3.1. Should be rechecked in updated versions.
+	#Use 'die' because ./configure will die any ways with the same error message...
+	if use ipv6 && use targetbased; then
+		die "Support for target-based and IPv6 cannot be enabled simultaneously in this version."
+	fi
+
+	#Sourcefire is often not clear about what is and is not enabled by default
+	#To avoid undesired results we should be very specific
+	#Also, See the next 'if' for "react"
+	if ! use react && use flexresp && ! use flexresp2; then
+		myconf="${myconf} --enable-flexresp --disable-flexresp2"
+	elif ! use react && ! use flexresp && use flexresp2; then
+		myconf="${myconf} --disable-flexresp --enable-flexresp2"
+	elif ! use react && use flexresp && use flexresp2; then
+		myconf="${myconf} --disable-flexresp --enable-flexresp2"
+	elif ! use react && ! use flexresp && ! use flexresp2; then
+		myconf="${myconf} --disable-flexresp --disable-flexresp2"
+	fi
+
+	#We need to do this becaue 'react' automaticly enables 'flexresp'
+	#but ./configure fails if both --enable-react and --enable-flexresp
+	#are used. Here is the error...
+	#ERROR!  --enable-react cannot be used with --enable-flexresp
+	#because it is AUTOMATICALLY enabled with --enable-flexresp
+	#Given that --enable-flexresp is enable we know that 
+	#--disable-flexresp2 should be used
+	if use react; then
+		myconf="${myconf} --enable-react --disable-flexresp2"
+	fi
+
+	#USE flag memory-cleanup requires dynamicplugin
+	#Only 'dynamicplugin' is set here, 'memory-cleanup' is set below via econf.
+	if use memory-cleanup || use dynamicplugin; then
+		myconf="${myconf} --enable-dynamicplugin"
+	else
+		myconf="${myconf} --disable-dynamicplugin"
+	fi
+
+
+	# USE flages 'targetbased' and 'inline-init-failopen' require threads
+	#Only 'threads' is set here. 'targetbased' and 'inline-init-failopen' are set below via econf.
+	if use targetbased || use inline-init-failopen || use threads; then
+		myconf="${myconf} --enable-pthread"
+	else
+		myconf="${myconf} --disable-pthread"
+	fi
+
+	#Only needed if...
+	if use flexresp || use react || use inline; then
+		myconf="${myconf} --with-libipq-includes=/usr/include/libipq"
+	fi
+
+	#'inline-init-failopen' requires 'inline'
+	if use inline-init-failopen || use inline; then
+		myconf="${myconf} --enable-inline"
+	else
+		myconf="${myconf} --disable-inline"
+	fi
+
+#The --enable-<feature> options... 
+#'static' 'threads' 'react' 'flexresp' 'flexresp2' 'inline' 'dynamicplugin'
+# are configured above due to dependancy/conflict issues.
+
+#All others are handled the standard ebuild way via econf
+
+	econf \
+		--without-oracle \
+		$(use_with postgres postgresql) \
+		$(use_with mysql) \
+		$(use_with odbc) \
+		--with-pic \
+		--disable-ipfw \
+		--disable-profile \
+		--disable-ppm-test \
+		$(use_enable debug) \
+		$(use_enable prelude) \
+		$(use_enable memory-cleanup) \
+		$(use_enable decoder-preprocessor-rules) \
+		$(use_enable ipv6) \
+		$(use_enable targetbased) \
+		$(use_enable timestats) \
+		$(use_enable ppm) \
+		$(use_enable perfprofiling) \
+		$(use_enable linux-smp-stats) \
+		$(use_enable inline-init-failopen) \
+		$(use_enable aruba) \
+		$(use_enable gre) \
+		$(use_enable mpls) \
+		${myconf} || die "econf failed"
+
+	# limit to single as reported by jforman on irc
+	emake -j1 || die "emake failed"
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die "make install failed"
+
+	dodir /var/log/snort/
+	keepdir /var/log/snort/
+	fowners snort:snort /var/log/snort
+
+	dodir /var/run/snort/
+	fowners snort:snort /var/run/snort/
+
+	dodoc doc/*
+	dodoc ./RELEASE.NOTES
+	docinto schemas
+	dodoc schemas/*
+
+	insinto /etc/snort
+	doins etc/attribute_table.dtd \
+		etc/classification.config \
+		etc/gen-msg.map \
+		etc/reference.config \
+		etc/sid-msg.map \
+		etc/threshold.conf \
+		etc/unicode.map
+
+	newins etc/snort.conf snort.conf.distrib
+
+	insinto /etc/snort/preproc_rules
+	doins preproc_rules/decoder.rules \
+		preproc_rules/preprocessor.rules
+
+	dodir /etc/snort/rules/
+	keepdir /etc/snort/rules/
+
+	fowners -R snort:snort /etc/snort/
+	keepdir /etc/snort/
+
+	newinitd "${FILESDIR}/snort.rc9" snort
+	newconfd "${FILESDIR}/snort.confd" snort
+
+}
+
+pkg_preinst() {
+
+	#Remove the example dunamic rule
+	rm "${D}usr/"$(get_libdir)"/snort_dynamicrules/lib_sfdynamic_example_rule.la"
+	rm "${D}usr/"$(get_libdir)"/snort_dynamicrules/lib_sfdynamic_example_rule.so"
+	rm "${D}usr/"$(get_libdir)"/snort_dynamicrules/lib_sfdynamic_example_rule.so.0"
+	rm "${D}usr/"$(get_libdir)"/snort_dynamicrules/lib_sfdynamic_example_rule.so.0.0.0"
+
+	# Make some changes to snort.conf.distrib
+
+	# Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection
+	sed -i -e 's:/usr/local/lib:/usr/'$(get_libdir)':g' \
+		"${D}etc/snort/snort.conf.distrib"
+
+	#Set the correct rule location in the config
+	sed -i -e 's:RULE_PATH ../rules:RULE_PATH /etc/snort/rules:g' \
+		"${D}etc/snort/snort.conf.distrib"
+
+	#Set the correct preprocessor/decoder rule location in the config
+	sed -i -e 's:PREPROC_RULE_PATH ../preproc_rules:PREPROC_RULE_PATH /etc/snort/preproc_rules:g' \
+		"${D}etc/snort/snort.conf.distrib"
+
+	#Enable the preprocessor/decoder rules
+	sed -i -e 's:^# include $PREPROC_RULE_PATH:include $PREPROC_RULE_PATH:g' \
+		"${D}etc/snort/snort.conf.distrib"
+	sed -i -e 's:^# dynamicdetection directory:dynamicdetection directory:g' \
+		"${D}etc/snort/snort.conf.distrib"
+
+	#Just some clean up of trailing /'s in the config
+	sed -i -e 's:snort_dynamicpreprocessor/$:snort_dynamicpreprocessor:g' \
+		"${D}etc/snort/snort.conf.distrib"
+	sed -i -e 's:snort_dynamicrule/$:snort_dynamicrules:g' \
+		"${D}etc/snort/snort.conf.distrib"
+
+	#Make it clear in the config where these are...
+	sed -i -e 's:^include classification.config:include /etc/snort/classification.config:g' \
+		"${D}etc/snort/snort.conf.distrib"
+	sed -i -e 's:^include reference.config:include /etc/snort/reference.config:g' \
+		"${D}etc/snort/snort.conf.distrib"
+
+	#Disable all rule files by default.
+	#Users need to chose what they want enabled.
+	sed -i -e 's:^include $RULE_PATH:# include $RULE_PATH:g' \
+		"${D}etc/snort/snort.conf.distrib"
+
+}
+
+pkg_postinst() {
+	einfo
+	einfo "Snort is a libpcap based packet capture tool which can be used in"
+	einfo "three modes Sniffer Mode, Packet Logger Mode, or Network Intrusion"
+	einfo "Detection System Mode."
+	einfo
+	einfo "To learn more about these modes review the Snort User Manual at..."
+	einfo
+	einfo "http://www.snort.org/docs/"
+	einfo
+	einfo "See /usr/share/doc/${PF} and /etc/snort/snort.conf.distrib for"
+	einfo "information on configuring snort."
+	einfo
+	einfo "Joining the Snort Users and Snort Sigs mailing list is highly"
+	einfo "recommended for all users..."
+	einfo
+	einfo "http://www.snort.org/community/lists.html"
+	einfo
+	elog "Snort-2.8.4-r1 Notes:"
+	elog "The 'ruleperf' USE flag has been removed. The Snort Dev's have"
+	elog "included it in the build by default now."
+	elog
+	elog "The 'stream4udp' USE flag has been removed. It is no"
+	elog "longer a valid compile time option."
+	elog "If you are still using Stream4, you should switch to using Stream5."
+	elog
+	elog "/etc/init.d/snort and /etc/conf.d/snort have been updated to"
+	elog "resolve some bugs with starting and stopping snort."
+	elog "It is important that you update these when you run 'etc-update'"
+	elog
+	elog "The 'community-rules' USE flag has been removed."
+	elog
+	elog "We are no longer distributing rule files via the snort ebuild."
+	elog "There are a couple of reasons for this change..."
+	elog
+	elog "1. Rule files are not versioned making it impossible to use"
+	elog "   portage to update them properly."
+	elog "2. Although some of the rules are still useful, the"
+	elog "   Community Rules are quite old (RELEASED: 2007-04-27) and"
+	elog "   should only be used to supplement the VRT rule set."
+	elog "3. Sourcefire's VRT rule set requires users to register (for free)"
+	elog "   to download them."
+	elog "4. Certain versions of Snort require specific rule set versions"
+	elog "   for proper detection and to prevent Snort from breaking."
+	elog "  (See below.)"
+	elog
+	elog "To download rules for use with Snort please, see the following"
+	elog
+	elog "Sourcefire's VRT Rules and older Community Rules:"
+	elog "http://www.snort.org/pub-bin/downloads.cgi"
+	elog
+	elog "Emerging Threats Rules:"
+	elog "http://www.emergingthreats.net/"
+	elog
+	elog "A good place to put your downloaded rules would be..."
+	elog "/etc/snort/rules"
+	elog
+	elog "To manage updates to your rules please visit..."
+	elog
+	elog "http://oinkmaster.sourceforge.net/"
+	elog
+	elog "and then 'emerge oinkmaster'."
+	elog
+	elog "!!!IMPORTANT!!!"
+	elog "Users upgrading from versions prior to Snort-2.8.4 and are using"
+	elog "the dcerpc or dcerpc2 preprocessor in your snort.conf file"
+	elog "with the netbios rules should be aware of the following"
+	elog "announcements..."
+	elog
+	elog "http://vrt-sourcefire.blogspot.com/2009/04/snort-284-is-nigh.html"
+	elog "http://vrt-sourcefire.blogspot.com/2009/02/important-snort-rule-changes-and-new.html"
+	elog
+}