diff options
| author | Gluzskiy Alexandr <sss123next@list.ru> | 2014-08-06 08:17:59 +0400 |
|---|---|---|
| committer | Gluzskiy Alexandr <sss123next@list.ru> | 2014-08-06 08:17:59 +0400 |
| commit | d9130a3aa7f0170ae01553a9ae73a0490c01e0db (patch) | |
| tree | 28dd26e65d44acc7719a0e2564b660bc6383a305 /net-analyzer/snort | |
| parent | 514e358216fdd0f17ec136d0ed9cec849367be7c (diff) | |
clean
Diffstat (limited to 'net-analyzer/snort')
| -rw-r--r-- | net-analyzer/snort/files/disabledynamic.patch | 110 | ||||
| -rw-r--r-- | net-analyzer/snort/files/snort.confd | 17 | ||||
| -rw-r--r-- | net-analyzer/snort/files/snort.confd.2 | 16 | ||||
| -rw-r--r-- | net-analyzer/snort/files/snort.rc10 | 50 | ||||
| -rw-r--r-- | net-analyzer/snort/files/snort.rc11 | 57 | ||||
| -rw-r--r-- | net-analyzer/snort/snort-2.9.3.1.ebuild | 264 |
6 files changed, 0 insertions, 514 deletions
diff --git a/net-analyzer/snort/files/disabledynamic.patch b/net-analyzer/snort/files/disabledynamic.patch deleted file mode 100644 index d1ace23..0000000 --- a/net-analyzer/snort/files/disabledynamic.patch +++ /dev/null @@ -1,110 +0,0 @@ -? cflags.out -? cppflags.out -? cscope.out -? disabledynamic.patch -? http.patch -? log -? make.out -? rules.work -? snort-build.sh -? snort.pc -? ylwrap -? etc/snort.conf.work -? src/dynamic-preprocessors/rzb_saac/Makefile -? tools/u2boat/u2boat -? tools/u2spewfoo/u2spewfoo -Index: src/fpcreate.c -=================================================================== -RCS file: /usr/cvsroot/sfeng/ims/sfsnort/snort/src/fpcreate.c,v -retrieving revision 1.107.2.2 -diff -u -p -r1.107.2.2 fpcreate.c ---- src/fpcreate.c 11 Jan 2011 22:54:40 -0000 1.107.2.2 -+++ src/fpcreate.c 17 Feb 2011 20:06:49 -0000 -@@ -70,6 +70,8 @@ - #include "dynamic-plugins/sp_preprocopt.h" - #endif - -+#include "dynamic-plugins/sf_dynamic_define.h" -+ - - /* - * Content flag values -@@ -1810,9 +1812,11 @@ static int fpAddPortGroupRule(PORT_GROUP - fpAddAllContents(pg->pgPms[PM_TYPE__CONTENT], otn, id, pmd, fp); - #endif - -+#ifdef DYNAMIC_PLUGIN - /* No content added */ - if (pmd == preproc_opt_pmds) - FreePmdList(pmd); -+#endif - - if (fpFinishPortGroupRule(pg, PM_TYPE__MAX, otn, NULL, fp) != 0) - return -1; -Index: src/dynamic-plugins/sf_dynamic_define.h -=================================================================== -RCS file: /usr/cvsroot/sfeng/ims/sfsnort/snort/src/dynamic-plugins/sf_dynamic_define.h,v -retrieving revision 1.15.4.1 -diff -u -p -r1.15.4.1 sf_dynamic_define.h ---- src/dynamic-plugins/sf_dynamic_define.h 3 Jan 2011 19:58:05 -0000 1.15.4.1 -+++ src/dynamic-plugins/sf_dynamic_define.h 17 Feb 2011 20:06:49 -0000 -@@ -96,5 +96,15 @@ typedef enum { - #endif - #endif - -+/* Parameters are rule info pointer, int to indicate URI or NORM, -+ * and list pointer */ -+#define CONTENT_NORMAL 0x01 -+#define CONTENT_HTTP_URI 0x02 -+#define CONTENT_HTTP_HEADER 0x04 -+#define CONTENT_HTTP_CLIENT_BODY 0x08 -+#define CONTENT_HTTP_METHOD 0x10 -+#define CONTENT_HTTP (CONTENT_HTTP_URI|CONTENT_HTTP_HEADER|\ -+ CONTENT_HTTP_CLIENT_BODY|CONTENT_HTTP_METHOD) -+ - #endif /* _SF_DYNAMIC_DEFINE_H_ */ - -Index: src/dynamic-plugins/sf_dynamic_engine.h -=================================================================== -RCS file: /usr/cvsroot/sfeng/ims/sfsnort/snort/src/dynamic-plugins/sf_dynamic_engine.h,v -retrieving revision 1.54.2.1 -diff -u -p -r1.54.2.1 sf_dynamic_engine.h ---- src/dynamic-plugins/sf_dynamic_engine.h 3 Jan 2011 19:58:06 -0000 1.54.2.1 -+++ src/dynamic-plugins/sf_dynamic_engine.h 17 Feb 2011 20:06:49 -0000 -@@ -77,15 +77,6 @@ typedef struct _FPContentInfo - - } FPContentInfo; - --/* Parameters are rule info pointer, int to indicate URI or NORM, -- * and list pointer */ --#define CONTENT_NORMAL 0x01 --#define CONTENT_HTTP_URI 0x02 --#define CONTENT_HTTP_HEADER 0x04 --#define CONTENT_HTTP_CLIENT_BODY 0x08 --#define CONTENT_HTTP_METHOD 0x10 --#define CONTENT_HTTP (CONTENT_HTTP_URI|CONTENT_HTTP_HEADER|\ -- CONTENT_HTTP_CLIENT_BODY|CONTENT_HTTP_METHOD) - typedef int (*GetDynamicContentsFunction)(void *, int, FPContentInfo **); - typedef int (*GetDynamicPreprocOptFpContentsFunc)(void *, FPContentInfo **); - typedef void (*RuleFreeFunc)(void *); -Index: src/preprocessors/Stream5/snort_stream5_tcp.c -=================================================================== -RCS file: /usr/cvsroot/sfeng/ims/sfsnort/snort/src/preprocessors/Stream5/snort_stream5_tcp.c,v -retrieving revision 1.296.2.5 -diff -u -p -r1.296.2.5 snort_stream5_tcp.c ---- src/preprocessors/Stream5/snort_stream5_tcp.c 7 Jan 2011 20:06:05 -0000 1.296.2.5 -+++ src/preprocessors/Stream5/snort_stream5_tcp.c 17 Feb 2011 20:06:49 -0000 -@@ -816,12 +816,12 @@ void Stream5TcpRegisterRuleOptions(void) - RegisterPreprocessorRuleOption("stream_reassemble", &s5TcpStreamReassembleRuleOptionInit, - &s5TcpStreamReassembleRuleOptionEval, &s5TcpStreamReassembleRuleOptionCleanup, - NULL, NULL, NULL, NULL); --#endif - - #ifdef PERF_PROFILING - RegisterPreprocessorProfile("stream_size", &streamSizePerfStats, 4, &preprocRuleOptionPerfStats); - RegisterPreprocessorProfile("reassemble", &streamReassembleRuleOptionPerfStats, 4, &preprocRuleOptionPerfStats); - #endif -+#endif - - } - diff --git a/net-analyzer/snort/files/snort.confd b/net-analyzer/snort/files/snort.confd deleted file mode 100644 index c429ca6..0000000 --- a/net-analyzer/snort/files/snort.confd +++ /dev/null @@ -1,17 +0,0 @@ -# Config file for /etc/init.d/snort - -# This tell snort which interface to listen on (any for every interface) -IFACE="eth1" - -# You do NOT want to change this -PIDPATH="/var/run/snort" -PIDFILE="snort_$IFACE.pid" - -# You probably don't want to change this, but in case you do -LOGDIR="/var/log/snort" - -# Probably not this either -CONF="/etc/snort/snort.conf" - -# This pulls in the options above -SNORT_OPTS="-D -u snort -i $IFACE -l $LOGDIR -c $CONF" diff --git a/net-analyzer/snort/files/snort.confd.2 b/net-analyzer/snort/files/snort.confd.2 deleted file mode 100644 index 780c910..0000000 --- a/net-analyzer/snort/files/snort.confd.2 +++ /dev/null @@ -1,16 +0,0 @@ -# Config file for /etc/init.d/snort - -# The following options are now set in your snort.conf file: -# config set_gid: -# config set_uid: -# config snaplen: -# config bpf_file: -# config logdir: - -# The only options that should be set here are SNORT_IFACE and SNORT_CONF. - -# This tell snort which interface to listen on (any for every interface) -SNORT_IFACE="eth1" - -# Probably not this either -SNORT_CONF="/etc/snort/snort.conf" diff --git a/net-analyzer/snort/files/snort.rc10 b/net-analyzer/snort/files/snort.rc10 deleted file mode 100644 index fa88cbd..0000000 --- a/net-analyzer/snort/files/snort.rc10 +++ /dev/null @@ -1,50 +0,0 @@ -#!/sbin/runscript -# Copyright 1999-2010 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/files/snort.rc10,v 1.1 2010/11/02 18:22:10 patrick Exp $ - -opts="checkconfig reload" - -depend() { - need net - after mysql - after postgresql -} - -checkconfig() { - if [ ! -e $CONF ] ; then - eerror "You need a configuration file to run snort" - eerror "There is an example config in /etc/snort/snort.conf.distrib" - return 1 - fi -} - -start() { - checkconfig || return 1 - ebegin "Starting snort" - start-stop-daemon --start --quiet --exec /usr/bin/snort \ - -- --nolock-pidfile --pid-path ${PIDPATH} ${SNORT_OPTS} >/dev/null 2>&1 - eend $? -} - -stop() { - ebegin "Stopping snort" - start-stop-daemon --stop --quiet --pidfile ${PIDPATH}/${PIDFILE} - # Snort needs a few seconds to fully shutdown - sleep 15 - eend $? -} - -reload() { - if [ ! -f ${PIDPATH}/${PIDFILE} ]; then - eerror "Snort isn't running" - return 1 - fi - - checkconfig || return 1 - ebegin "Reloading Snort" - start-stop-daemon --stop --oknodo --signal HUP --pidfile ${PIDPATH}/${PIDFILE} - eend $? -} - - diff --git a/net-analyzer/snort/files/snort.rc11 b/net-analyzer/snort/files/snort.rc11 deleted file mode 100644 index 8277575..0000000 --- a/net-analyzer/snort/files/snort.rc11 +++ /dev/null @@ -1,57 +0,0 @@ -#!/sbin/runscript -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/files/snort.rc11,v 1.1 2011/09/22 17:39:51 patrick Exp $ - -opts="checkconfig reload" - -depend() { - need net - after mysql - after postgresql -} - -checkconfig() { - if [ ! -e ${SNORT_CONF} ] ; then - eerror "You need a configuration file to run snort" - eerror "There is an example config in /etc/snort/snort.conf.distrib" - return 1 - fi -} - -start() { - checkconfig || return 1 - ebegin "Starting snort" - start-stop-daemon --start --quiet --exec /usr/bin/snort \ - -- --nolock-pidfile --pid-path /var/run/snort -D -i ${SNORT_IFACE} \ - -c ${SNORT_CONF} >/dev/null 2>&1 - eend $? -} - -stop() { - ebegin "Stopping snort" - start-stop-daemon --stop --quiet --pidfile /var/run/snort/snort_${SNORT_IFACE}.pid - # Snort needs a few seconds to fully shutdown - sleep 15 - eend $? -} - -reload() { - - local SNORT_PID="`cat /var/run/snort/snort_${SNORT_IFACE}.pid`" - local SNORT_USER="`ps -p ${SNORT_PID} --no-headers -o user`" - - if [ ! -f /var/run/snort/snort_${SNORT_IFACE}.pid ]; then - eerror "Snort isn't running" - return 1 - elif [ ${SNORT_USER} != root ]; then - eerror "Snort must be running as root for reload to work!" - return 1 - else - checkconfig || return 1 - ebegin "Reloading Snort" - start-stop-daemon --signal HUP --pidfile /var/run/snort/snort_${SNORT_IFACE}.pid - fi -} - - diff --git a/net-analyzer/snort/snort-2.9.3.1.ebuild b/net-analyzer/snort/snort-2.9.3.1.ebuild deleted file mode 100644 index 35a2583..0000000 --- a/net-analyzer/snort/snort-2.9.3.1.ebuild +++ /dev/null @@ -1,264 +0,0 @@ -# Copyright 1999-2012 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/snort-2.9.2.3.ebuild,v 1.4 2012/06/27 18:18:52 maekke Exp $ - -EAPI="2" -inherit autotools multilib user - -DESCRIPTION="The de facto standard for intrusion detection/prevention" -HOMEPAGE="http://www.snort.org/" -SRC_URI="http://www.snort.org/dl/snort-current/${P}.tar.gz" -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~arm ~mips ~ppc ~x86" -IUSE="static +dynamicplugin +zlib +gre +mpls +targetbased +decoder-preprocessor-rules -+ppm +perfprofiling linux-smp-stats inline-init-failopen +threads debug +active-response -+normalizer reload-error-restart +react +flexresp3 +paf large-pcap-64bit -aruba mysql odbc postgres selinux" - -DEPEND=">=net-libs/libpcap-1.0.0 - >=net-libs/daq-0.6 - >=dev-libs/libpcre-6.0 - dev-libs/libdnet - postgres? ( dev-db/postgresql-base ) - mysql? ( virtual/mysql ) - odbc? ( dev-db/unixODBC ) - zlib? ( sys-libs/zlib )" - -RDEPEND="${DEPEND} - selinux? ( sec-policy/selinux-snort )" - -pkg_setup() { - - if use zlib && ! use dynamicplugin; then - eerror "You have enabled the 'zlib' USE flag but not the 'dynamicplugin' USE flag." - eerror "'zlib' requires 'dynamicplugin' be enabled." - die - fi - - # pre_inst() is a better place to put this - # but we need it here for the 'fowners' statements in src_install() - enewgroup snort - enewuser snort -1 -1 /dev/null snort - -} - -src_prepare() { - - #Multilib fix for the sf_engine - einfo "Applying multilib fix." - sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ - "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ - || die "sed for sf_engine failed" - - #Multilib fix for the curent set of dynamic-preprocessors - for i in ftptelnet smtp ssh dns ssl dcerpc2 sdf imap pop rzb_saac sip reputation gtp modbus dnp3; do - sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ - "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ - || die "sed for $i failed." - done - - AT_M4DIR=m4 eautoreconf -} - -src_configure() { - - econf \ - $(use_enable !static shared) \ - $(use_enable static) \ - $(use_enable static so-with-static-lib) \ - $(use_enable dynamicplugin) \ - $(use_enable zlib) \ - $(use_enable gre) \ - $(use_enable mpls) \ - $(use_enable targetbased) \ - $(use_enable decoder-preprocessor-rules) \ - $(use_enable ppm) \ - $(use_enable perfprofiling) \ - $(use_enable linux-smp-stats) \ - $(use_enable inline-init-failopen) \ - $(use_enable threads pthread) \ - $(use_enable debug) \ - $(use_enable debug debug-msgs) \ - $(use_enable debug corefiles) \ - $(use_enable !debug dlclose) \ - $(use_enable active-response) \ - $(use_enable normalizer) \ - $(use_enable reload-error-restart) \ - $(use_enable react) \ - $(use_enable flexresp3) \ - $(use_enable paf) \ - $(use_enable large-pcap-64bit large-pcap) \ - $(use_enable aruba) \ - $(use_with mysql) \ - $(use_with odbc) \ - $(use_with postgres postgresql) \ - --enable-ipv6 \ - --enable-reload \ - --disable-prelude \ - --disable-build-dynamic-examples \ - --disable-profile \ - --disable-ppm-test \ - --disable-intel-soft-cpm \ - --disable-static-daq \ - --disable-rzb-saac \ - --without-oracle -} - -src_install() { - - emake DESTDIR="${D}" install || die "emake failed" - - dodir /var/log/snort \ - /var/run/snort \ - /etc/snort/rules \ - /etc/snort/so_rules \ - /usr/$(get_libdir)/snort_dynamicrules \ - || die "Failed to create core directories" - - # config.log and build.log are needed by Sourcefire - # to trouble shoot build problems and bug reports so we are - # perserving them incase the user needs upstream support. - dodoc RELEASE.NOTES ChangeLog \ - doc/* \ - tools/u2boat/README.u2boat \ - || die "Failed to install snort docs" - - insinto /etc/snort - doins etc/attribute_table.dtd \ - etc/classification.config \ - etc/gen-msg.map \ - etc/reference.config \ - etc/threshold.conf \ - etc/unicode.map || die "Failed to install docs in etc" - - # We use snort.conf.distrib because the config file is complicated - # and the one shipped with snort can change drastically between versions. - # Users should migrate setting by hand and not with etc-update. - newins etc/snort.conf snort.conf.distrib \ - || die "Failed to add snort.conf.distrib" - - # config.log and build.log are needed by Sourcefire - # to troubleshoot build problems and bug reports so we are - # perserving them incase the user needs upstream support. - # 'die' was intentionally not added here. - if [ -f "${WORKDIR}/${PF}/config.log" ]; then - dodoc "${WORKDIR}/${PF}/config.log" - fi - if [ -f "${T}/build.log" ]; then - dodoc "${T}/build.log" - fi - - insinto /etc/snort/preproc_rules - doins preproc_rules/decoder.rules \ - preproc_rules/preprocessor.rules \ - preproc_rules/sensitive-data.rules || die "Failed to install preproc rule files" - - fowners -R snort:snort \ - /var/log/snort \ - /var/run/snort \ - /etc/snort || die - - newinitd "${FILESDIR}/snort.rc11" snort || die "Failed to install snort init script" - newconfd "${FILESDIR}/snort.confd.2" snort || die "Failed to install snort confd file" - - # Sourcefire uses Makefiles to install docs causing Bug #297190. - # This removes the unwanted doc directory and rogue Makefiles. - rm -rf "${D}"usr/share/doc/snort || die "Failed to remove SF doc directories" - rm "${D}"usr/share/doc/"${PF}"/Makefile* || die "Failed to remove doc make files" - - #Remove unneeded .la files (Bug #382863) - rm "${D}"usr/$(get_libdir)/snort_dynamicengine/libsf_engine.la || die - rm "${D}"usr/$(get_libdir)/snort_dynamicpreprocessor/libsf_*_preproc.la || die "Failed to remove libsf_?_preproc.la" - - # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection - sed -i -e 's|/usr/local/lib|/usr/'$(get_libdir)'|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct rule location in the config - sed -i -e 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct preprocessor/decoder rule location in the config - sed -i -e 's|PREPROC_RULE_PATH ../preproc_rules|PREPROC_RULE_PATH /etc/snort/preproc_rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Enable the preprocessor/decoder rules - sed -i -e 's|^# include $PREPROC_RULE_PATH|include $PREPROC_RULE_PATH|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - sed -i -e 's|^# dynamicdetection directory|dynamicdetection directory|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Just some clean up of trailing /'s in the config - sed -i -e 's|snort_dynamicpreprocessor/$|snort_dynamicpreprocessor|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Make it clear in the config where these are... - sed -i -e 's|^include classification.config|include /etc/snort/classification.config|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - sed -i -e 's|^include reference.config|include /etc/snort/reference.config|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Disable all rule files by default. - sed -i -e 's|^include $RULE_PATH|# include $RULE_PATH|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Disable normalizer preprocessor config if normalizer USE flag not set. - if ! use normalizer; then - sed -i -e 's|^preprocessor normalize|#preprocessor normalize|g' \ - "${D}etc/snort/snort.conf.distrib" || die - fi - - # Set the configured DAQ to afpacket - sed -i -e 's|^# config daq: <type>|config daq: afpacket|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the location of the DAQ modules - sed -i -e 's|^# config daq_dir: <dir>|config daq_dir: /usr/'$(get_libdir)'/daq|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the DAQ mode to passive - sed -i -e 's|^# config daq_mode: <mode>|config daq_mode: passive|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set snort to run as snort:snort - sed -i -e 's|^# config set_gid:|config set_gid: snort|g' \ - "${D}etc/snort/snort.conf.distrib" || die - sed -i -e 's|^# config set_uid:|config set_uid: snort|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the default log dir - sed -i -e 's|^# config logdir:|config logdir: /var/log/snort/|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct so_rule location in the config - sed -i -e 's|SO_RULE_PATH ../so_rules|SO_RULE_PATH /etc/snort/so_rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die -} - -pkg_postinst() { - - einfo "There have been a number of improvements and new features" - einfo "added to ${P}. Please review the RELEASE.NOTES and" - einfo "ChangLog located in /usr/share/doc/${PF}." - einfo - elog "The Sourcefire Vulnerability Research Team (VRT) recommends that" - elog "users migrate their snort.conf customizations to the latest config" - elog "file released by the VRT. You can find the latest version of the" - elog "Snort config file in /etc/snort/snort.conf.distrib." - elog - elog "!! It is important that you migrate to this new snort.conf file !!" - elog - elog "This version of the ebuild includes an updated init.d file and" - elog "conf.d file that rely on options found in the latest Snort" - elog "config file provided by the VRT." - - if use debug; then - elog "You have the 'debug' USE flag enabled. If this has been done to" - elog "troubleshoot an issue by producing a core dump or a back trace," - elog "then you need to also ensure the FEATURES variable in make.conf" - elog "contains the 'nostrip' option." - fi -} |