diff options
| author |   Patrick Lauer <patrick@gentoo.org> | 2010-08-13 11:12:02 +0000 |
|---|---|---|
| committer | Patrick Lauer <patrick@gentoo.org> | 2010-08-13 11:12:02 +0000 |
| commit | a50e2d0606872f7a867562e6d0188959a6fbcdd0 (patch) | |
| tree | 3886ae5ded97b1219f8db2541256089cec7e94d3 /net-analyzer | |
| parent | Version bump: XEmacs compatibility fixes. (diff) | |
| download | historical-a50e2d0606872f7a867562e6d0188959a6fbcdd0.tar.gz historical-a50e2d0606872f7a867562e6d0188959a6fbcdd0.tar.bz2 historical-a50e2d0606872f7a867562e6d0188959a6fbcdd0.zip | |
Bump, ebuild cleanups by Jason Wallace, fixes #331069
Package-Manager: portage-2.2_rc67/cvs/Linux x86_64
Diffstat (limited to 'net-analyzer')
| -rw-r--r-- | net-analyzer/snort/ChangeLog | 7 | ||||
| -rw-r--r-- | net-analyzer/snort/Manifest | 14 | ||||
| -rw-r--r-- | net-analyzer/snort/snort-2.8.6.1.ebuild | 339 |
3 files changed, 348 insertions, 12 deletions
diff --git a/net-analyzer/snort/ChangeLog b/net-analyzer/snort/ChangeLog index dfec0c606be3..d6b6835f875e 100644 --- a/net-analyzer/snort/ChangeLog +++ b/net-analyzer/snort/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for net-analyzer/snort # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.166 2010/07/19 21:39:10 maekke Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.167 2010/08/13 11:12:02 patrick Exp $ + +*snort-2.8.6.1 (13 Aug 2010) + + 13 Aug 2010; Patrick Lauer <patrick@gentoo.org> +snort-2.8.6.1.ebuild: + Bump, ebuild cleanups by Jason Wallace, fixes #331069 19 Jul 2010; Markus Meier <maekke@gentoo.org> snort-2.8.6.ebuild: add ~arm, bug #301080 diff --git a/net-analyzer/snort/Manifest b/net-analyzer/snort/Manifest index 62604671ad5b..e581fd869756 100644 --- a/net-analyzer/snort/Manifest +++ b/net-analyzer/snort/Manifest @@ -1,6 +1,3 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - AUX pcap_memory.patch 563 RMD160 3d4ed78ee4588e09401753026e6766ebcf290743 SHA1 962cb1379af8a382cb31ac07fe21614bbe6e3f8b SHA256 fc73d20c8b414decaba2cccdb50168489e84ddf906cf3c1e9490235a15f3e065 AUX snort-2.8.4-libnet.patch 9037 RMD160 76854b43712d9d5375263ee4aeba7161658bba6b SHA1 24ff2aa83a680c158be7876acc88cb4f47ffd85f SHA256 4659a2e141e476b7dfcb627de3c8dc884014e601a9fd9fe57e4d0c0912193650 AUX snort.confd 442 RMD160 439e885d43aacc474c41eeed5217a498b2917aac SHA1 87a3de61e218367b2239540b94c564b2c6729300 SHA256 40adf5e7b918d1feae6728c1445e879d4cc478f81d13e9f32a2de1be1345413a @@ -8,16 +5,11 @@ AUX snort.rc9 849 RMD160 d031761fff4cf8f7bc28a465d3b5ecc740579e21 SHA1 8c16b1f7f AUX snort.reload.rc1 1190 RMD160 cbe18ddc93f3091f0faef317d96211b8d7d3798d SHA1 f7b4aff2b7b25b1c8d5886e1fab63856e1ccfe06 SHA256 c6af6ff89034872a7192af360a24de811aeba7fb06704ebe758eea9dcde933e9 DIST snort-2.8.5.1.tar.gz 4715078 RMD160 fbfab45f1d7d815516043592eab8cf1cc6ec93d0 SHA1 b971052cdd4b3527a0603854953103fe9ad8a45b SHA256 ade1b0f4ae74fd623c633d28b6f1429187751b35b36a3f8a0c197d2104b5e5ae DIST snort-2.8.5.3.tar.gz 4730637 RMD160 57e897b90cb177c2ef2c0cb2ad3b7494c92c6d99 SHA1 e376f546977c695b21b9a5253e5d7c69cd53c63c SHA256 a7d9eb16427514d00926e9892c4a92b6ff1fd0f79555d8f8dce91dfa14112e6a +DIST snort-2.8.6.1.tar.gz 4939019 RMD160 27925c0df9debc9e60e19a0c989db28c8d1ca7f0 SHA1 66e991f151f6aae5dcdee92abc8092cd508a2aaa SHA256 7a948ef235c59b193ca0883b04a0d3ef4cc5250f933cafc4d06feed57150ae23 DIST snort-2.8.6.tar.gz 4960740 RMD160 5b549eab39a6e0a0f182f6d2ee46fd60995c822e SHA1 e463c99994e52171439623e1b05b9e1bcf01ac8f SHA256 6064d7bb78d6438b455ff349b93d52f40d3977f1fecb1d7958c87881b0030358 EBUILD snort-2.8.5.1.ebuild 10250 RMD160 9b608cdf3c04ac3099fa9f4825a567e9fcd1f22e SHA1 8da5d7002564121c2a786d98c204022e97ad3ea2 SHA256 fa24db38ba95feb58c67a5a3befc278f0ac19f4beaaa0a0be34bb3289a0500a5 EBUILD snort-2.8.5.3.ebuild 10252 RMD160 2e2441d222c10a27d273ca38961529035acb48a3 SHA1 27b27bf104c9d42813be1df397653b2e109cedda SHA256 67ff9ad9aa392748361d0ab6da671a5a48e09538024cf1ef01f5d1fcb21de6a7 +EBUILD snort-2.8.6.1.ebuild 10450 RMD160 ba7f868b94cbd20b3c04baf71d5234734474b836 SHA1 b73c0b2aa0544a7d9563b8da2bfc5ba0aa5a1fdf SHA256 54648baae9882f7128ffae83c69d372af1c058773458ae005476218c11f59110 EBUILD snort-2.8.6.ebuild 10126 RMD160 45bf6958f0b51098bebc54b90cf6660467b044b1 SHA1 2159a71f642ed28a9f1e1651339815b98ed6f2ad SHA256 4426ce97a4def8f6671ec123c900387e8f62711d54f24c0526af6ac20a7532a4 -MISC ChangeLog 29072 RMD160 208b6d1ff316324b8307886d5b9545bfa3266562 SHA1 7324450d13a83236f6d1a07f3cd1180e842f84c4 SHA256 227cb9e845273362d0440f236ed3df5f457bddbb351ee1957b57c6398ba08eec +MISC ChangeLog 29233 RMD160 7eaa262b42b26d799f3a72ac4e42f60c1a2ca212 SHA1 4fe513cba30e75f1eb6517d9a25e1307081f957a SHA256 313ef9b31712617c79f77f17888dc790e2475fc88bc1bf45dab0935ba3899ef1 MISC metadata.xml 1839 RMD160 b7331fb2b64fe348c875d9a8239a23cf8ab22eba SHA1 cd684fc20f56c2f5305c489be18010633eaac1b0 SHA256 e9f59e49d6cec549879ccab88c50403bb0882a016d3cc2772c58b566b0b3b13b ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.16 (GNU/Linux) - -iEYEARECAAYFAkxExjEACgkQkKaRLQcq0GKOyACgsw5LAtZEFPwCZgOXPYU+idxa -qmMAn2QBXzHqLE4tAW0MttShKthvRp4/ -=QMFn ------END PGP SIGNATURE----- diff --git a/net-analyzer/snort/snort-2.8.6.1.ebuild b/net-analyzer/snort/snort-2.8.6.1.ebuild new file mode 100644 index 000000000000..297350952c0b --- /dev/null +++ b/net-analyzer/snort/snort-2.8.6.1.ebuild @@ -0,0 +1,339 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/snort-2.8.6.1.ebuild,v 1.1 2010/08/13 11:12:02 patrick Exp $ + +EAPI="2" +inherit eutils autotools multilib + +DESCRIPTION="The de facto standard for intrusion detection/prevention" +HOMEPAGE="http://www.snort.org/" +SRC_URI="http://www.snort.org/downloads/116 -> ${P}.tar.gz" +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~ppc ~ppc64 ~sparc ~x86" +IUSE="static dynamicplugin ipv6 gre mpls targetbased decoder-preprocessor-rules +ppm timestats perfprofiling linux-smp-stats inline inline-init-failopen prelude +threads debug reload reload-error-restart flexresp flexresp2 react aruba mysql +odbc postgres selinux zlib" + +#flexresp, react, and inline _ONLY_ work with net-libs/libnet-1.0.2a +DEPEND="virtual/libpcap + >=dev-libs/libpcre-6.0 + flexresp2? ( dev-libs/libdnet ) + flexresp? ( ~net-libs/libnet-1.0.2a ) + react? ( ~net-libs/libnet-1.0.2a ) + postgres? ( dev-db/postgresql-base ) + mysql? ( virtual/mysql ) + odbc? ( dev-db/unixODBC ) + prelude? ( >=dev-libs/libprelude-0.9.0 ) + inline? ( ~net-libs/libnet-1.0.2a net-firewall/iptables ) + zlib? ( sys-libs/zlib )" + +RDEPEND="${DEPEND} + dev-lang/perl + selinux? ( sec-policy/selinux-snort )" + +pkg_setup() { + + if use flexresp && use flexresp2; then + eerror + eerror "You have both the 'flexresp' and 'flexresp2' USE flags set." + eerror "You can use 'flexresp' OR 'flexresp2' but not both." + eerror "flexresp2 is recommended." + eerror + eerror + die + elif use flexresp && use react; then + eerror + eerror "You have both the 'react' and 'flexresp' USE flags set." + eerror "'react' is enabled automaticly when the 'flexresp'" + eerror "USE flag is set, but ./configure will fail if both are enabled." + eerror + eerror "This is an upstream issue and not a problem with this ebuild." + eerror + eerror "To enable both 'flexresp' and 'react' set USE="flexresp -react"" + eerror + eerror + die + elif use flexresp2 && use react; then + eerror + eerror "You have both the 'react' and 'flexresp2' USE flags set." + eerror "You can use 'react' OR 'flexresp2' but not both." + eerror + eerror + die + elif use inline-init-failopen && ! use inline; then + eerror + eerror "You have enabled the 'inline-init-failopen' USE flag" + eerror "but not the 'inline' USE flag." + eerror "'inline-init-failopen' requires 'inline' be enabled." + eerror + eerror + die + elif use reload-error-restart && ! use reload; then + eerror + eerror "You have enabled the 'reload-error-restart' USE flag" + eerror "but not the 'reload' USE flag." + eerror "'reload-error-restart' requires 'reload' be enabled." + eerror + eerror + die + elif use zlib && ! use dynamicplugin; then + eerror + eerror "You have enabled the 'zlib' USE flag but not the 'dynamicplugin' USE flag." + eerror "'zlib' requires 'dynamicplugin' be enabled." + eerror + eerror + die + fi + + # pre_inst() is a better place to put this + # but we need it here for the 'fowners' statements in src_install() + enewgroup snort + enewuser snort -1 -1 /dev/null snort + +} + +src_unpack() { + + unpack ${A} + cd "${S}" + +} + +src_prepare() { + + # Fix to prevent the docs Makefile from being used. + # Fixes #297190. + einfo "Applying documentation fix." + sed -i -e 's:src doc etc:src etc:g' \ + "${WORKDIR}/${P}/Makefile.am" || die "Doc fix Failed" + + #Replaces the libnet-1.0 patch for inline, flexresp, and react + if use flexresp || use react || use inline; then + + einfo "Applying libnet-1.0 fix." + sed -i -e 's:libnet.h:libnet-1.0.h:g' \ + "${WORKDIR}/${P}/configure.in" \ + "${WORKDIR}/${P}/src/detection-plugins/sp_react.c" \ + "${WORKDIR}/${P}/src/detection-plugins/sp_respond.c" \ + "${WORKDIR}/${P}/src/inline.c" || die "sed for libnet-1.0.h failed" + + sed -i -e 's:libnet-config:libnet-1.0-config:g' \ + "${WORKDIR}/${P}/configure.in" || die "sed for libnet-1.0-config failed" + + sed -i -e 's:-lnet:-lnet-1.0:g' \ + "${WORKDIR}/${P}/configure.in" || die "sed for -lnet-1.0 failed" + + sed -i -e 's:AC_CHECK_LIB(net:AC_CHECK_LIB(net-1.0:g' \ + "${WORKDIR}/${P}/configure.in" || die "sed for net-1.0 failed" + + fi + + #Multilib fix for the sf_engine + einfo "Applying multilib fix." + sed -i -e 's:${exec_prefix}/lib:${exec_prefix}/'$(get_libdir)':g' \ + "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ + || die "sed for sf_engine failed" + + #Multilib fix for the curent set of dynamic-preprocessors + for i in ftptelnet smtp ssh dcerpc dns ssl dcerpc2 sdf; do + sed -i -e 's:${exec_prefix}/lib:${exec_prefix}/'$(get_libdir)':g' \ + "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ + || die "sed for $i failed." + done + + if use prelude; then + einfo "Applying prelude fix." + sed -i -e "s:AC_PROG_RANLIB:AC_PROG_LIBTOOL:" configure.in + fi + + AT_M4DIR=m4 eautoreconf +} + +src_configure() { + + local myconf + + #targetbased and inline-init-failopen automaticly enable pthread + if use threads || use targetbased || use inline-init-failopen; then + myconf="${myconf} --enable-pthread" + fi + + #Tell flexresp, react, and inline where libipq is + if use flexresp || use react || use inline; then + myconf="${myconf} --with-libipq-includes=/usr/include/libipq" + fi + + econf \ + $(use_enable !static shared) \ + $(use_enable static) \ + $(use_enable dynamicplugin) \ + $(use_enable ipv6) \ + $(use_enable gre) \ + $(use_enable mpls) \ + $(use_enable targetbased) \ + $(use_enable decoder-preprocessor-rules) \ + $(use_enable ppm) \ + $(use_enable timestats) \ + $(use_enable perfprofiling) \ + $(use_enable linux-smp-stats) \ + $(use_enable inline) \ + $(use_enable inline-init-failopen) \ + $(use_enable prelude) \ + $(use_enable debug) \ + $(use_enable reload) \ + $(use_enable reload-error-restart) \ + $(use_enable flexresp) \ + $(use_enable flexresp2) \ + $(use_enable react) \ + $(use_enable aruba) \ + $(use_enable zlib) \ + $(use_with mysql) \ + $(use_with odbc) \ + $(use_with postgres postgresql) \ + --disable-build-dynamic-examples \ + --disable-corefiles \ + --disable-ipfw \ + --disable-profile \ + --disable-ppm-test \ + --without-oracle \ + ${myconf} + +} + +src_compile() { + + emake || die "make failed" + +} + +src_install() { + + emake DESTDIR="${D}" install || die "make install failed" + + keepdir /var/log/snort/ + fowners snort:snort /var/log/snort + + keepdir /var/run/snort/ + fowners snort:snort /var/run/snort/ + + dodoc doc/* + dodoc ./RELEASE.NOTES + docinto schemas + dodoc schemas/* + + insinto /etc/snort + doins etc/attribute_table.dtd \ + etc/classification.config \ + etc/gen-msg.map \ + etc/reference.config \ + etc/sid-msg.map \ + etc/threshold.conf \ + etc/unicode.map \ + || die "Failed to add files in /etc/snort" + + newins etc/snort.conf snort.conf.distrib + + insinto /etc/snort/preproc_rules + doins preproc_rules/decoder.rules \ + preproc_rules/preprocessor.rules \ + || die "Failed to add files in /etc/snort/preproc_rules" + + keepdir /etc/snort/rules/ + + keepdir /usr/$(get_libdir)/snort_dynamicrule + + fowners -R snort:snort /etc/snort/ + + if use reload; then + newinitd "${FILESDIR}/snort.reload.rc1" snort \ + || die "Failed to add snort.reload.rc1" + else + newinitd "${FILESDIR}/snort.rc9" snort || die "Failed to add snort.rc9" + fi + + newconfd "${FILESDIR}/snort.confd" snort || die "Failed to add snort.confd" + + # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection + sed -i -e 's:/usr/local/lib:/usr/'$(get_libdir)':g' \ + "${D}etc/snort/snort.conf.distrib" + + #Set the correct rule location in the config + sed -i -e 's:RULE_PATH ../rules:RULE_PATH /etc/snort/rules:g' \ + "${D}etc/snort/snort.conf.distrib" + + #Set the correct preprocessor/decoder rule location in the config + sed -i -e 's:PREPROC_RULE_PATH ../preproc_rules:PREPROC_RULE_PATH /etc/snort/preproc_rules:g' \ + "${D}etc/snort/snort.conf.distrib" + + #Enable the preprocessor/decoder rules + sed -i -e 's:^# include $PREPROC_RULE_PATH:include $PREPROC_RULE_PATH:g' \ + "${D}etc/snort/snort.conf.distrib" + sed -i -e 's:^# dynamicdetection directory:dynamicdetection directory:g' \ + "${D}etc/snort/snort.conf.distrib" + + #Just some clean up of trailing /'s in the config + sed -i -e 's:snort_dynamicpreprocessor/$:snort_dynamicpreprocessor:g' \ + "${D}etc/snort/snort.conf.distrib" + + #Make it clear in the config where these are... + sed -i -e 's:^include classification.config:include /etc/snort/classification.config:g' \ + "${D}etc/snort/snort.conf.distrib" + sed -i -e 's:^include reference.config:include /etc/snort/reference.config:g' \ + "${D}etc/snort/snort.conf.distrib" + + #Disable all rule files by default. + #Users need to choose what they want enabled. + sed -i -e 's:^include $RULE_PATH:# include $RULE_PATH:g' \ + "${D}etc/snort/snort.conf.distrib" + +} + +pkg_postinst() { + einfo + einfo "Snort is a libpcap based packet capture tool which can be used in" + einfo "three modes Sniffer Mode, Packet Logger Mode, or Network Intrusion" + einfo "Detection/Prevention System Mode." + einfo + einfo "To learn more about these modes review the Snort User Manual at..." + einfo + einfo "http://www.snort.org/docs/" + einfo + einfo "See /usr/share/doc/${PF} and /etc/snort/snort.conf.distrib for" + einfo "information on configuring snort." + einfo + einfo "Joining the Snort-Users and Snort-Sigs mailing list is highly" + einfo "recommended for all users..." + einfo + einfo "http://www.snort.org/community/mailing-lists/" + einfo + einfo "To download rules for use with Snort please, see the following" + einfo + einfo "Sourcefire's VRT Rules and older Community Rules:" + einfo "http://www.snort.org/pub-bin/downloads.cgi" + einfo + einfo "Emerging Threats Rules:" + einfo "http://www.emergingthreats.net/" + einfo + einfo "To manage updates to your rules please visit..." + einfo + einfo "http://code.google.com/p/pulledpork/" + einfo + elog + elog "Snort Release Notes:" + elog "http://www.snort.org/snort-downloads" + elog + elog + elog "Shared Object (SO) rules and registered (non-subscription) rule users:" + elog + elog "Please note, you can not use Snort-2.8.6.1 with the SO rules from" + elog "the 2.8.6.0 rule tarball. If you do not have a subscription to the VRT ruleset" + elog "and you wish to continue using SO rules you will need to downgrade to" + elog "Snort-2.8.6. The SO rules will be made available to registered" + elog "(non-subscription) rule users on Sept. 22, 2010 (30 days after" + elog "being released to subscription users)." + elog + elog "Please see http://www.snort.org/snort-rules/#rules for more details." + elog +} |