blob: 69b13fff929cf8d6760edc216e492a5d2d23016c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
|
/var/paludis/repositories/gentoo/net-analyzer/snort/filese/doc/${PF}/schemas/create_mysql.bz2 | mysql -p snort"
elog
elog " PostgreSQL: import /usr/share/doc/${PF}/schemas/create_postgresql.bz2"
elog
elog " ODBC: look at /usr/share/doc/${PF}/schemas/"
elog
elog "Users using the unified output plugin and barnyard do not need to"
elog "compile database support into snort, but still need to set up their"
elog "database as shown above."
elog
ewarn "Only a basic set of rules was installed."
ewarn "Please add your other sets of rules to /etc/snort/rules."
ewarn "For more information on rules, visit ${HOMEPAGE}."
if use sguil ; then
elog "SGUIL needs to catch up with recent snort. If you plan on using SGUIL"
elog "you should unmerge ${P} and emerge snort-2.4.x"
fi
}
cap
flexresp2? ( dev-libs/libdnet )
react? ( ~net-libs/libnet-1.0.2a )
postgres? ( || ( dev-db/postgresql dev-db/libpq ) )
mysql? ( virtual/mysql )
prelude? ( >=dev-libs/libprelude-0.9.0 )
odbc? ( dev-db/unixODBC )
>=sys-devel/libtool-1.4
inline? (
~net-libs/libnet-1.0.2a
net-firewall/iptables
)"
RDEPEND="${DEPEND}
dev-lang/perl
selinux? ( sec-policy/selinux-snort )"
pkg_setup() {
enewgroup snort
enewuser snort -1 -1 /dev/null snort
if use flexresp && use flexresp2 ; then
ewarn
ewarn "You have both the 'flexresp' and 'flexresp2' USE"
ewarn "flags set. You can use 'flexresp' or 'flexresp2'"
ewarn "but not both."
ewarn
ewarn "Defaulting to flexresp2..."
fi
}
src_unpack() {
unpack ${A}
cd "${S}"
epatch "${FILESDIR}/${PN}-2.6.1.2-libdir.patch"
epatch "${FILESDIR}/${PN}-2.8.2-libnet.patch"
sed -i "s:var RULE_PATH ../rules:var RULE_PATH /etc/snort/rules:" \
etc/snort.conf
if use prelude ; then
sed -i -e "s:AC_PROG_RANLIB:AC_PROG_LIBTOOL:" configure.in
fi
einfo "Regenerating autoconf/automake files"
eautoreconf
}
src_compile() {
local myconf
if use flexresp2; then
myconf="${myconf} --enable-flexresp2"
elif use flexresp; then
myconf="${myconf} --enable-flexresp"
fi
if use react && ! use flexresp; then
myconf="${myconf} --enable-react"
fi
use gre && myconf="${myconf} --enable-gre"
myconf="${myconf} --with-libipq-includes=/usr/include/libipq"
econf \
--without-oracle \
$(use_with postgres postgresql) \
$(use_with mysql) \
$(use_with odbc) \
$(use_enable prelude) \
$(use_enable inline) \
$(use_enable dynamicplugin) \
$(use_enable timestats) \
$(use_enable perfprofiling) \
$(use_enable linux-smp-stats) \
${myconf} || die "econf failed"
# limit to single as reported by jforman on irc
emake -j1 || die "emake failed"
}
src_install() {
emake DESTDIR="${D}" install || die "make install failed"
keepdir /var/log/snort/
dodoc doc/*
dodoc ./RELEASE.NOTES
docinto schemas ; dodoc schemas/*
insinto /etc/snort
doins etc/reference.config etc/classification.config \
etc/*.map etc/threshold.conf
use dynamicplugin || sed -i -e 's:^dynamic:# dynamic:g' etc/snort.conf
sed -e "s:/usr/local/lib:/usr/$(get_libdir):g" -e 's:/usr/local/:/usr/:g' \
etc/snort.conf > "${D}"/etc/snort/snort.conf.distrib
newinitd "${FILESDIR}/snort.rc8" snort
newconfd "${FILESDIR}/snort.confd" snort
fowners snort:snort /var/log/snort
fperms 0770 /var/log/snort
# install rules
insinto /etc/snort/rules
doins -r "${WORKDIR}"/rules/*
}
pkg_postinst() {
ewarn
ewarn "If you find that snort is using too much memory, your system"
ewarn "freezes, or snort crashes after a few minutes try adding the"
ewarn "following to your snort.conf..."
ewarn
ewarn "'config detection: searcp
|
