diff --git a/net-analyzer/snort/ChangeLog b/net-analyzer/snort/ChangeLog deleted file mode 100644 index 2239020..0000000 --- a/net-analyzer/snort/ChangeLog +++ /dev/null @@ -1,915 +0,0 @@ -# ChangeLog for net-analyzer/snort -# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.192 2012/04/04 09:39:53 patrick Exp $ - -*snort-2.9.2.2 (04 Apr 2012) - - 04 Apr 2012; Patrick Lauer +snort-2.9.2.2.ebuild: - Bump - - 11 Mar 2012; Joshua Kinard snort-2.9.1.ebuild, - snort-2.9.2.1.ebuild: - Both 2.9.1 and 2.9.2* should be using daq-0.6 or greater. - -*snort-2.9.2.1 (11 Mar 2012) - - 11 Mar 2012; Joshua Kinard - -files/snort-2.8.4-libnet.patch, -snort-2.8.5.1.ebuild, - -snort-2.8.5.3.ebuild, -snort-2.8.6.ebuild, -snort-2.8.6.1.ebuild, - -snort-2.9.0.4-r1.ebuild, snort-2.9.0.5.ebuild, snort-2.9.1.ebuild, - -snort-2.9.2.ebuild, +snort-2.9.2.1.ebuild, -files/pcap_memory.patch, - -files/snort.rc9, -files/snort.reload.rc1, metadata.xml: - Drop old versions and associated files, add 2.9.2.1, and tweak SRC_URI to use - a download URL specified on the Snort website that doesn't require manual - updating for each new release. - - 11 Mar 2012; Tim Harder snort-2.9.2.ebuild: - Fix multilib issue (bug #403725, patch by Rick Farina). - -*snort-2.9.2 (11 Jan 2012) - - 11 Jan 2012; Patrick Lauer +snort-2.9.2.ebuild: - Bump - - 29 Sep 2011; Peter Volkov snort-2.9.1.ebuild: - Fix inability to remove .la files, bug 384443 thank Juergen Rose for report - and Jason Wallace for fix. - -*snort-2.9.1 (22 Sep 2011) - - 22 Sep 2011; Patrick Lauer +snort-2.9.1.ebuild, - +files/snort.confd.2, +files/snort.rc11, metadata.xml: - Bump for #382851, thanks to Jason Wallace - - 21 Sep 2011; Tony Vroon snort-2.9.0.5.ebuild: - Marked stable on AMD64 based on arch testing by Agostino "ago" Sarubbo & - Elijah "Armageddon" El Lazkani in bug #382857. - - 24 Jul 2011; Kacper Kowalik snort-2.9.0.5.ebuild: - Marked ~ppc/~ppc64 wrt #351551 - - 24 Apr 2011; Raúl Porcel snort-2.9.0.4-r1.ebuild, - snort-2.9.0.5.ebuild: - Add ~sparc wrt #351551 - -*snort-2.9.0.5 (13 Apr 2011) - - 13 Apr 2011; Patrick Lauer +snort-2.9.0.5.ebuild: - Bump for #362417 - - 02 Apr 2011; Samuli Suominen snort-2.8.5.1.ebuild, - snort-2.8.5.3.ebuild, snort-2.8.6.ebuild, snort-2.8.6.1.ebuild: - Use net-libs/libpcap instead of virtual/libpcap wrt #358835. - - 17 Mar 2011; Patrick Lauer snort-2.9.0.4-r1.ebuild: - amd64 stable as I accidentally dropped .3 with stable keyword - - 17 Mar 2011; Patrick Lauer -snort-2.9.0.1.ebuild, - -snort-2.9.0.2.ebuild, -snort-2.9.0.3.ebuild, -snort-2.9.0.4.ebuild, - snort-2.9.0.4-r1.ebuild: - Push alpha keyword to .4 and remove old 2.9 versions - - 13 Mar 2011; Markus Meier snort-2.9.0.4-r1.ebuild: - add ~arm, bug #351551 - - 07 Mar 2011; Tobias Klausmann snort-2.9.0.3.ebuild: - Keyworded on alpha, bug #351551 - -*snort-2.9.0.4-r1 (01 Mar 2011) - - 01 Mar 2011; Joshua Kinard +snort-2.9.0.4-r1.ebuild: - Fix #356905, upstream released a patch to address a bug with partial HTTP URI - decoding and incremented the internal build number, but did not bump the - version number on the available tarball. Build is now 111 from 110. - - 28 Feb 2011; Jeroen Roovers snort-2.9.0.4.ebuild: - Do not install temporary log files (bug #356547). - - 26 Feb 2011; Thomas Kahle snort-2.9.0.4.ebuild: - x86 stable per bug 351549 - - 25 Feb 2011; Patrick Lauer files/disabledynamic.patch: - Fixing patch - - 25 Feb 2011; Patrick Lauer files/disabledynamic.patch: - Fixing confused patch - -*snort-2.9.0.4 (24 Feb 2011) - - 24 Feb 2011; Patrick Lauer +snort-2.9.0.4.ebuild, - +files/disabledynamic.patch, metadata.xml: - Bump for #355865, thanks to Jason Wallace - - 14 Jan 2011; Markos Chandras snort-2.9.0.3.ebuild: - Stable on amd64 wrt bug #351549 - -*snort-2.9.0.3 (13 Jan 2011) - - 13 Jan 2011; Patrick Lauer snort-2.8.5.1.ebuild, - +snort-2.9.0.3.ebuild: - Bump for #351459, dropping x86 stable keyword as libprelude dropped it. - -*snort-2.9.0.2 (03 Dec 2010) - - 03 Dec 2010; Patrick Lauer +snort-2.9.0.2.ebuild: - Bump for #347459 - -*snort-2.9.0.1 (02 Nov 2010) - - 02 Nov 2010; Patrick Lauer +snort-2.9.0.1.ebuild, - +files/snort.rc10, metadata.xml: - Bump for #341013, many ebuild improvements by Jason Wallace and pva - -*snort-2.8.6.1 (13 Aug 2010) - - 13 Aug 2010; Patrick Lauer +snort-2.8.6.1.ebuild: - Bump, ebuild cleanups by Jason Wallace, fixes #331069 - - 19 Jul 2010; Markus Meier snort-2.8.6.ebuild: - add ~arm, bug #301080 - - 11 Jul 2010; Patrick Lauer +snort-2.8.5.3.ebuild: - Readding last 2.8.5 release by popular request - - 18 Jun 2010; Patrick Lauer -snort-2.8.4.1.ebuild, - -snort-2.8.5.2.ebuild, -snort-2.8.5.3.ebuild: - Remove old - - 17 Jun 2010; Patrick Lauer snort-2.8.4.1.ebuild, - snort-2.8.5.1.ebuild, snort-2.8.5.2.ebuild, snort-2.8.5.3.ebuild, - snort-2.8.6.ebuild: - Migrating away from deprecated postgres virtuals - -*snort-2.8.6 (02 Jun 2010) - - 02 Jun 2010; Patrick Lauer +snort-2.8.6.ebuild, - metadata.xml: - Bump, fixes #319279. Thanks to Jason Wallace and Brett Edgar - -*snort-2.8.5.3 (02 Mar 2010) - - 02 Mar 2010; Patrick Lauer +snort-2.8.5.3.ebuild: - Bump for #307351, thanks to Jason Wallace - -*snort-2.8.5.2 (04 Jan 2010) - - 04 Jan 2010; Patrick Lauer +snort-2.8.5.2.ebuild: - Bump, thanks to Jason Wallace - - 26 Dec 2009; Raúl Porcel snort-2.8.5.1.ebuild: - Add ~sparc wrt #268620 - - 26 Nov 2009; Joseph Jezak snort-2.8.5.1.ebuild: - Marked ppc stable for bug #291357. - - 17 Nov 2009; Brent Baude snort-2.8.5.1.ebuild: - Marking snort-2.8.5.1 ppc64 for bug 291357 - - 07 Nov 2009; Tobias Klausmann snort-2.8.5.1.ebuild: - Stable on alpha, bug #291357 - - 04 Nov 2009; Markus Meier snort-2.8.5.1.ebuild: - amd64/x86 stable, bug #291357 - -*snort-2.8.5.1 (02 Nov 2009) - - 02 Nov 2009; Patrick Lauer +snort-2.8.5.1.ebuild, - +files/snort.reload.rc1, metadata.xml: - Bump, thanks to Jason Wallace. Fixes #291558 #291604 #291357 - - 12 Sep 2009; Víctor Ostorga - -files/snort-2.6.1.1-libnet.patch, -files/snort-2.6.1.2-libdir.patch, - -files/snort-2.6.1.2-react.patch, -files/snort-2.6.1.4-libdnet-ip6.patch, - -files/snort-2.6.1.4-server_stats.patch, - -files/snort-2.8.3.1-libnet.patch, -files/snort.rc7, -files/snort.rc8, - -files/spo_database_fix.patch: - Cleaning out unused files - - 17 Aug 2009; Patrick Lauer snort-2.8.4.1.ebuild: - Small typo fix, closes #279926 - - 31 May 2009; Patrick Lauer -snort-2.6.1.3-r1.ebuild, - -snort-2.6.1.4.ebuild, -snort-2.6.1.4-r1.ebuild, -snort-2.7.0.1.ebuild, - -snort-2.8.3.1.ebuild, -snort-2.8.4-r2.ebuild, metadata.xml: - Removing old - - 31 May 2009; Patrick Lauer -snort-2.4.5.ebuild: - Removing old for #271680 - - 25 May 2009; Peter Volkov snort-2.8.4.1.ebuild: - emake should have die at the end. - - 21 May 2009; Brent Baude snort-2.8.4.1.ebuild: - stable ppc, bug 268620 - - 13 May 2009; Markus Meier snort-2.8.4.1.ebuild: - amd64/x86 stable, bug #268620 - - 11 May 2009; Peter Volkov metadata.xml: - Added Jason Wallace to maintainers. - - 11 May 2009; Brent Baude snort-2.8.4.1.ebuild: - stable ppc64, bug 268620 - - 09 May 2009; Tobias Klausmann snort-2.8.4.1.ebuild: - Stable on alpha, bug #268620 - -*snort-2.8.4.1 (05 May 2009) - - 05 May 2009; Patrick Lauer +snort-2.8.4.1.ebuild: - Bump to 2.8.4.1, thanks to Jason Wallace. Closes #268620 - -*snort-2.8.4-r2 (30 Apr 2009) - - 30 Apr 2009; Patrick Lauer -snort-2.8.4.ebuild, - -snort-2.8.4-r1.ebuild, +snort-2.8.4-r2.ebuild: - Lots of small fixes thanks to Jason Wallace. Fixes #266930. - -*snort-2.8.4-r1 (18 Apr 2009) - - 18 Apr 2009; Patrick Lauer +snort-2.8.4-r1.ebuild: - Small compilation fix for ipv6+prelude useflag combo. Thanks to Jason - Wallace. - -*snort-2.8.4 (17 Apr 2009) - - 17 Apr 2009; Patrick Lauer - +files/snort-2.8.4-libnet.patch, +files/pcap_memory.patch, - files/snort.confd, +files/snort.rc9, +files/spo_database_fix.patch, - metadata.xml, +snort-2.8.4.ebuild: - Bump to 2.8.4. Reworked ebuild thanks to Jason Wallace. Lots of changes, - see bug #266288 for details. - -*snort-2.6.1.4-r1 (01 Mar 2009) - - 01 Mar 2009; Patrick Lauer - +files/snort-2.6.1.4-server_stats.patch, +snort-2.6.1.4-r1.ebuild: - Fixing snort 2.6.1.4 for gcc 4.3.3 / foritfy_sources. Fixes #258487. Patch - by Attila Fazekas. - - 26 Jan 2009; Mike Frysinger snort-2.8.3.1.ebuild: - Drop usage of USE=pic here. - - 02 Jan 2009; Tobias Scherbaum - snort-2.8.3.1.ebuild: - Fix postgres dep, #253429 - - 31 Dec 2008; Tobias Scherbaum metadata.xml, - snort-2.8.3.1.ebuild: - Various QA fixes, as requested by Mr_Bones_. Also describe local use-flags - (and switch pthreads to just threads), though those local use-flags do need - some better descriptions. Hey, at least I do care ... - -*snort-2.8.3.1 (23 Nov 2008) - - 23 Nov 2008; Marcelo Goes - +files/snort-2.8.3.1-libnet.patch, +snort-2.8.3.1.ebuild: - 2.8.3.1 version bump with many changes for bug 245752. Thanks to Jason - Wallace and Antixrict for the rewrite. Currently in package.mask for testing. - - 04 Aug 2008; Jeroen Roovers metadata.xml: - Describe local USE flags for GLEP 56. - - 21 May 2008; Tiziano Müller snort-2.4.5.ebuild, - snort-2.6.1.3-r1.ebuild, snort-2.6.1.4.ebuild, snort-2.7.0.1.ebuild: - Changed dependency for postgresql from dev-db/postgresql to - virtual/postgresql-server - - 19 May 2008; Tiziano Müller snort-2.4.5.ebuild, - snort-2.6.1.3-r1.ebuild, snort-2.6.1.4.ebuild, snort-2.7.0.1.ebuild: - Changed dependency for postgresql to virtual/postgresql-base - - 13 May 2008; Ferris McCormick snort-2.6.1.3-r1.ebuild, - snort-2.6.1.4.ebuild: - Making ~sparc again for testing, Bug #221917 - -*snort-2.7.0.1 (05 Sep 2007) - - 05 Sep 2007; Markus Ullmann +snort-2.7.0.1.ebuild: - Version bump wrt bug #185501, needs more testing - - 22 Apr 2007; Daniel Black +files/snort.rc7, - -files/snort.rc9, +snort-2.4.5.ebuild, snort-2.6.1.4.ebuild, - -snort-2.6.1.4-r1.ebuild: - snort.conf default to install to /etc/snort/snort.conf.distrib like the init - script says. No includes proper amd64 library paths too - - 07 Apr 2007; Raphael Marichez - +files/snort-2.6.1.4-libdnet-ip6.patch, snort-2.6.1.4.ebuild: - Fix #173594, ip6 header redeclaration if libdnet. - -*snort-2.6.1.4 (06 Apr 2007) - - 06 Apr 2007; Marcelo Goes +snort-2.6.1.4.ebuild: - 2.6.1.4 version bump. - - 28 Feb 2007; Daniel Black - snort-2.6.1.3-r1.ebuild: - ewarn fixed as per bug #168714 thanks to Toralf - -*snort-2.6.1.3-r1 (28 Feb 2007) - - 28 Feb 2007; Daniel Black -snort-2.6.1.3.ebuild, - +snort-2.6.1.3-r1.ebuild: - -m better default config thanks to Mike Gualtieri as per bug #166874 - - 27 Feb 2007; Tobias Scherbaum - snort-2.6.1.3.ebuild: - Stable on ppc wrt bug #167730. - - 27 Feb 2007; Steve Dibb snort-2.6.1.3.ebuild: - amd64 stable, security bug 167730 - - 21 Feb 2007; Daniel Black snort-2.6.1.2.ebuild, - snort-2.6.1.3.ebuild: - gre patches included in the latest. Fix ebuild error with USE=gre too. - Thanks Tobias bug #167730 - - 20 Feb 2007; Markus Rothe snort-2.6.1.3.ebuild: - Stable on ppc64; bug #167730 - - 20 Feb 2007; Markus Ullmann snort-2.6.1.3.ebuild: - Stable on x86 for bug #167730 - -*snort-2.6.1.3 (20 Feb 2007) - - 20 Feb 2007; Markus Ullmann +snort-2.6.1.3.ebuild: - Security bump wrt bug #167730 - - 11 Feb 2007; Simon Stelling - +files/snort-2.6.1.2-libdir.patch, snort-2.6.1.2.ebuild: - fix multilib-strict and mark stable on amd64; security bug 161632 - - 01 Feb 2007; Markus Ullmann - +files/snort-2.6.1.2-react.patch, snort-2.6.1.2.ebuild: - Add patch for react failure, see bug #162598 for details, thanks to - perry@csk.pl - - 31 Jan 2007; Tobias Scherbaum - snort-2.6.1.2.ebuild: - Stable on ppc wrt bug #161632. - - 27 Jan 2007; Raúl Porcel snort-2.6.1.2.ebuild: - x86 stable wrt bug 161632 - - 27 Jan 2007; Markus Rothe snort-2.6.1.2.ebuild: - Stable on ppc64; bug #161632 - -*snort-2.6.1.2 (17 Jan 2007) - - 17 Jan 2007; Markus Ullmann - +files/snort-2.6.1.1-gre.patch, -snort-2.6.0.ebuild, - -snort-2.6.1.1.ebuild, +snort-2.6.1.2.ebuild: - Fix for security bug #161632 and bug #161750 - - 25 Nov 2006; Cedric Krier snort-2.4.5.ebuild: - Fix bug #149496 - -*snort-2.6.1.1 (25 Nov 2006) - - 25 Nov 2006; Cedric Krier - +files/snort-2.6.1.1-libnet.patch, +files/snort.rc8, - +snort-2.6.1.1.ebuild: - Version bump thanks to Jason Wallace - - 23 Nov 2006; Francesco Riosa snort-2.4.5.ebuild, - snort-2.6.0.ebuild: - dev-db/mysql => virtual/mysql - - 31 Oct 2006; Markus Ullmann snort-2.6.0.ebuild: - Adding -j1 o fix parallel make issue - - 09 Oct 2006; Markus Ullmann snort-2.4.5.ebuild, - snort-2.6.0.ebuild: - Updating deps wrt bug #143033 - - 20 Sep 2006; Stefaan De Roeck snort-2.6.0.ebuild: - Keyworded ~alpha, as there seems to be no reason to keep -alpha - -*snort-2.6.0 (08 Jul 2006) - - 08 Jul 2006; Marcelo Goes +snort-2.6.0.ebuild: - 2.6.0 version bump for bug 136250. Thanks to Ed Davison , Andrew Ross , - Jason Wallace and Brett Edgar . Currently in package.mask for testing. - - 08 Jul 2006; Marcelo Goes - -files/2.3.0-libnet-1.0.patch, -files/snort-2.3.3-log.c.diff, - -files/snort-2.4.4-demarc-patch.diff, -files/snort.rc6, - -snort-2.3.3.ebuild, -snort-2.3.3-r1.ebuild, -snort-2.4.3.ebuild, - -snort-2.4.3-r1.ebuild, -snort-2.4.3-r2.ebuild, -snort-2.4.4.ebuild, - -snort-2.4.4-r1.ebuild: - Remove old ebuilds and unused files. - - 10 Jun 2006; Thomas Cort snort-2.4.5.ebuild: - Stable on amd64 wrt security Bug #135112. - - 07 Jun 2006; Mark Loeser snort-2.4.5.ebuild: - Stable on x86; bug #135112 - - 06 Jun 2006; Tobias Scherbaum snort-2.4.5.ebuild: - ppc stable, bug #135112 - - 06 Jun 2006; Markus Rothe snort-2.4.5.ebuild: - Stable on ppc64; bug #135112 - - 06 Jun 2006; Markus Ullmann snort-2.3.3.ebuild, - snort-2.3.3-r1.ebuild, snort-2.4.3.ebuild, snort-2.4.3-r1.ebuild, - snort-2.4.3-r2.ebuild, snort-2.4.4.ebuild, snort-2.4.4-r1.ebuild, - snort-2.4.5.ebuild: - Changing dep to virtual/libpcap wrt bug #117898 - -*snort-2.4.5 (06 Jun 2006) - - 06 Jun 2006; Markus Ullmann +snort-2.4.5.ebuild: - Version bump wrt bug #135112 - -*snort-2.4.4-r1 (01 Jun 2006) - - 01 Jun 2006; Markus Ullmann +snort-2.4.4-r1.ebuild: - Applying security patch from bug #135112 - - 30 Apr 2006; Simon Stelling snort-2.4.3-r1.ebuild: - stable on amd64 - -*snort-2.4.4 (09 Mar 2006) - - 09 Mar 2006; Marcelo Goes +snort-2.4.4.ebuild: - 2.4.4 version bump for bug 125607, requested by Ken Garland . - - 20 Feb 2006; Markus Rothe snort-2.4.3-r1.ebuild: - Stable on ppc64 - - 17 Feb 2006; Michael Hanselmann snort-2.4.3-r1.ebuild: - Stable on ppc. - -*snort-2.4.3-r2 (17 Feb 2006) - - 17 Feb 2006; Marcelo Goes +files/snort.rc7, - +snort-2.4.3-r2.ebuild: - Add --pidfile option to init script for bug 123169. Thanks to Eric Brown - . - - 15 Feb 2006; Markus Ullmann snort-2.3.3.ebuild, - snort-2.3.3-r1.ebuild, snort-2.4.3.ebuild, snort-2.4.3-r1.ebuild: - Removing virtual/libpcap wrt bug #117898 - - 14 Feb 2006; Mark Loeser snort-2.4.3-r1.ebuild: - Stable on x86; bug #118708 - -*snort-2.4.3-r1 (27 Jan 2006) - - 27 Jan 2006; Marcelo Goes -snort-2.4.1.ebuild, - -snort-2.4.1-r1.ebuild, +snort-2.4.3-r1.ebuild: - Install basic rules for bug 110103. Thanks to Mark Conway and Donald R. Gray Jr . - - 03 Dec 2005; Tom Gall snort-2.3.3-r1.ebuild: - stable on ppc64 - - 26 Nov 2005; Benjamin Smee files/snort.rc6: - Change to init script to accept CONF - -*snort-2.4.3 (19 Oct 2005) - - 19 Oct 2005; Benjamin Smee +snort-2.4.3.ebuild: - revbump for bug #109730 - -*snort-2.4.1-r1 (08 Oct 2005) - - 08 Oct 2005; Benjamin Smee +snort-2.4.1-r1.ebuild: - New conf.d and init.d files as well as sguil integration - - 25 Sep 2005; Marcelo Goes -snort-2.3.0-r1.ebuild, - -snort-2.3.2.ebuild, snort-2.3.3-r1.ebuild, snort-2.4.1.ebuild: - Remove old ebuilds, depend on >=dev-libs/libprelude-0.9.0. - - 21 Sep 2005; Mark Loeser snort-2.3.3.ebuild: - Stable on x86 - - 17 Sep 2005; Michael Hanselmann snort-2.3.3.ebuild: - Stable on ppc. - -*snort-2.4.1 (17 Sep 2005) - - 17 Sep 2005; Marcelo Goes - +files/snort-2.3.3-log.c.diff, snort-2.3.3.ebuild, snort-2.3.3-r1.ebuild, - -snort-2.4.0.ebuild, +snort-2.4.1.ebuild: - Add patch and 2.4.1 version bump for bug 105852. - - 03 Sep 2005; snort-2.4.0.ebuild: - Fixed ebuild as per bug #103482 thanks to yoann@prelude-ids.org - - 23 Aug 2005; Aaron Walker snort-2.3.0-r1.ebuild, - snort-2.3.2.ebuild, snort-2.3.3.ebuild, snort-2.3.3-r1.ebuild, - snort-2.4.0.ebuild: - Use -1 instead of /bin/false, bug #103421. - - 03 Aug 2005; Marcelo Goes snort-2.4.0.ebuild: - Install community rules. - - 01 Aug 2005; Marcelo Goes snort-2.4.0.ebuild: - In Soviet Russia, prelude enables you. Using use_enable instead of use_with - for prelude. Thanks to BaSS and dragonheart for pointing this out. - - 29 Jul 2005; Daniel Black snort-2.3.0-r1.ebuild, - snort-2.3.2.ebuild, snort-2.3.3.ebuild, snort-2.3.3-r1.ebuild, - snort-2.4.0.ebuild: - removed die from epatch || die. - - 29 Jul 2005; Marcelo Goes snort-2.4.0.ebuild: - Use Gentoo mirrors for patches instead of my dev space. - -*snort-2.4.0 (29 Jul 2005) - - 29 Jul 2005; Marcelo Goes - -files/2.0.6-libnet-1.0.patch, -files/2.1.2-libnet-1.0.patch, - -files/snort-2.0.6-gcc3.patch, -files/snort-2.1.2-gcc3.patch, - -files/snort-2.1.3-gcc3.patch, -files/snort-drop-calculation.diff, - -snort-2.0.6.ebuild, -snort-2.1.3.ebuild, -snort-2.2.0.ebuild, - -snort-2.3.0_rc2.ebuild, -snort-2.3.0.ebuild, +snort-2.4.0.ebuild, - -snort-2.4.20050508.ebuild: - Removing ebuilds prior to 2.3.0 and 2.4.0 version bump. - - 25 Jul 2005; Marcelo Goes snort-2.3.3-r1.ebuild: - Move snort user code from pkg_preinst to pkg_setup, changed it a bit. Fixes - bug 94161. Thanks to kakou and Marco Morales - . - - 24 Jul 2005; Marcelo Goes snort-2.3.3-r1.ebuild: - Fix RULEPATH in example config. Fixes bug 99397. Thanks to Marco Morales - . - - 27 Jun 2005; Markus Rothe snort-2.3.3-r1.ebuild, - snort-2.4.20050508.ebuild: - Added ~ppc64 - - 25 Jun 2005; Marcelo Goes snort-2.3.3-r1.ebuild: - Install rules in /etc/snort/rules for cleaner layout. Fixes bug 95368. - Thanks to Greg Watson . - - 26 May 2005; Marcelo Goes : - Took snort-2.3.3-r1 out of package.mask. - -*snort-2.3.3-r1 (08 May 2005) - - 08 May 2005; Marcelo Goes +snort-2.3.3-r1.ebuild, - +snort-2.4.20050508.ebuild: - Prelude patching fun. Making snort-2.3.3-r1 depend on >=libprelude-0.9.0_rc1 - and using patch from their mailing list, as pointed out by Yoann - Vandoorselaere . Also, I made a cvs snapshot of - snort-2.4, which does not require patching anymore, since prelude patches were - accepted in snort. Of course, both new ebuilds are in package.mask for testing - - I expect unexpected borks. This hopefully fixes bug 91820. Thanks to dago - for reporting. - -*snort-2.3.3 (07 May 2005) - - 07 May 2005; Aaron Walker +snort-2.3.3.ebuild: - Version bump for bug 91673. - - 19 Apr 2005; Aaron Walker snort-2.3.2.ebuild: - Marked stable on x86. - - 22 Mar 2005; Aaron Walker snort-2.3.2.ebuild: - Fix missing patch for bug 86219. - -*snort-2.3.2 (19 Mar 2005) - - 19 Mar 2005; Aaron Walker snort-2.3.0-r1.ebuild, - +snort-2.3.2.ebuild: - Version bump; marked 2.3.0-r1 stable on x86. - - 09 Feb 2005; Aaron Walker snort-2.3.0-r1.ebuild, - snort-2.3.0.ebuild, snort-2.3.0_rc2.ebuild: - Fix typo in pkg_postinst for bug 81415. - - 07 Feb 2005; Daniel Black snort-2.3.0-r1.ebuild: - ppc stable - -*snort-2.3.0-r1 (06 Feb 2005) - - 06 Feb 2005; Aaron Walker +snort-2.3.0-r1.ebuild, - snort-2.3.0.ebuild: - Revision bump for bug 80831; added sguil support. Marked 2.3.0 stable on x86. - - 29 Jan 2005; Daniel Black snort-2.0.6.ebuild, - snort-2.1.3.ebuild, snort-2.2.0.ebuild, snort-2.3.0.ebuild, - snort-2.3.0_rc2.ebuild: - changed net-libs/libpcap depend to virtual/libcap - -*snort-2.3.0 (27 Jan 2005) - - 27 Jan 2005; Aaron Walker - +files/2.3.0-libnet-1.0.patch, -files/2.3.0_rc2-libnet-1.0.patch, - +snort-2.3.0.ebuild, snort-2.3.0_rc2.ebuild: - 2.3.0 final; added support for snort-inline via USE=inline. Updated - libnet-1.0 patch to also patch inline.c. Closes bugs 79708 and 79664. - - 25 Jan 2005; Daniel Black snort-2.0.6.ebuild, - snort-2.1.3.ebuild, snort-2.2.0.ebuild, snort-2.3.0_rc2.ebuild: - change shell of snort user to /bin/false as per bug #79216. Thanks to Sascha - Nitsch - - 25 Jan 2005; Aaron Walker snort-2.3.0_rc2.ebuild: - Run autoreconf since it looks like autogen.sh is no longer provided; fixes - bug 79389. - - 11 Jan 2005; Jason Wever snort-2.0.6.ebuild, - snort-2.1.3.ebuild, snort-2.2.0.ebuild, snort-2.3.0_rc2.ebuild: - Masked on sparc wrt bugs #29661 and #75395. - - 11 Jan 2005; Daniel Black snort-2.3.0_rc2.ebuild: - unmasked and x86, ppc stable - -*snort-2.3.0_rc2 (11 Jan 2005) - - 11 Jan 2005; Daniel Black - +files/2.3.0_rc2-libnet-1.0.patch, +snort-2.3.0_rc2.ebuild: - Version bump as per security bug #75395. Still masked pending - further testing - - 28 Nov 2004; Eldad Zack snort-2.1.3.ebuild, - snort-2.2.0.ebuild: - Small post install info error. Thanks to John Barton - for reporting. Closes #72570. - - 30 Oct 2004; Eldad Zack -snort-2.1.2.ebuild, - snort-2.2.0.ebuild: - x86 stable. - - 29 Oct 2004; Eldad Zack snort-2.1.3.ebuild, - snort-2.2.0.ebuild: - Added einfo for MySQL/PostgreSQL usage. Closes #68922. - - 16 Aug 2004; Eldad Zack snort-2.1.3.ebuild, - snort-2.2.0.ebuild: - x86 stable. added ~ppc which was omitted between 2.1.2 and 2.1.3. - -*snort-2.2.0 (15 Aug 2004) - - 15 Aug 2004; Eldad Zack -snort-2.1.0-r1.ebuild, - -snort-2.1.0.ebuild, +snort-2.2.0.ebuild: - Version bump - - 01 Jul 2004; Jon Hood snort-2.0.6.ebuild, - snort-2.1.0-r1.ebuild, snort-2.1.0.ebuild, snort-2.1.1.ebuild, - snort-2.1.2.ebuild, snort-2.1.3.ebuild: - change virtual/glibc to virtual/libc - -*snort-2.1.3 (01 Jul 2004) - - 01 Jul 2004; Eldad Zack +files/snort-2.1.3-gcc3.patch, - +snort-2.1.3.ebuild: - Version bump, added snortsam support. - - 19 Jun 2004; Michael Hanselmann snort-2.0.6.ebuild: - Marked snort 2.0.6 as ~ppc - - 19 Jun 2004; David Holm snort-2.1.2.ebuild: - Added to ~ppc. - - 19 May 2004; Michael Boman snort-1.9.1-r3.ebuild, - snort-2.0.0.ebuild, snort-2.0.1-r1.ebuild, snort-2.0.2.ebuild, - snort-2.0.5-r1.ebuild, snort-2.0.5-r2.ebuild, snort-2.0.5.ebuild, - files/1.9.1-libnet-1.0.patch, files/2.0.0-libnet-1.0.patch, - files/2.0.1-libnet-1.0.patch, files/2.0.2-libnet-1.0.patch, - files/2.0.5-libnet-1.0.patch, files/snort-1.9.0-gentoo.diff, - files/snort-1.9.1-alpha-core_vuln.diff, files/snort-1.9.1-alpha.patch, - files/snort-1.9.1-configure.patch, files/snort-2.0.2-gcc3.patch, - files/snort-2.0.5-gcc3.patch: - Cleaning out old ebuilds - - 17 May 2004; Michael Boman snort-2.1.2.ebuild: - Mark 2.1.2 stable on x86 - - 14 Apr 2004; Jon Hood files/2.1.2-libnet-1.0.patch: - added patch, fixes #47229 - - 06 Apr 2004; Joshua Brindle snort-2.1.1.ebuild, - snort-2.1.2.ebuild: - added selinux policy to rdepend - - 01 Apr 2004; Michael Boman snort-2.1.1.ebuild: - Marked stable on x86 - -*snort-2.1.2 (01 Apr 2004) - - 01 Apr 2004; Michael Boman snort-2.1.2.ebuild, - files/snort-2.1.2-gcc3.patch: - New upstream version. - - 16 Mar 2004; Michael Boman snort-2.0.0.ebuild, - snort-2.0.1-r1.ebuild, snort-2.0.2.ebuild, snort-2.0.5-r1.ebuild, - snort-2.0.5.ebuild, snort-2.1.0.ebuild, snort-2.1.1.ebuild: - Changed ebuilds to use 'sed -i ...' instead of 'sed ... < file > file.new' - syntax. - -*snort-2.1.1 (09 Mar 2004) - - 09 Mar 2004; Michael Boman snort-2.1.1.ebuild, - files/2.1.1-libnet-1.0.patch, files/snort-2.1.1-gcc3.patch, - files/snort-2.1.1-pgsql.patch: - New upstream version. Closes #44067. - - 08 Mar 2004; Michael Boman files/2.0.6-libnet-1.0.patch: - Added missing file. Closing bug #43990. - - 04 Mar 2004; Jason Wever snort-2.0.6.ebuild: - Marked stable on sparc. If you have any problems on sparc, check gentoo bug - #29661. - -*snort-2.1.0-r1 (08 Jan 2004) - - 08 Jan 2004; Michael Boman snort-2.1.0-r1.ebuild, - files/snort-2.1.0-pgsql.patch: - Made use of 'doc' USE flag to install signature documentation. Patched - configure.in to solve bug #37436. - - 07 Jan 2004; Michael Boman snort-2.1.0.ebuild: - Forgot to include the threshold.conf file in the installation process. - -*snort-2.1.0 (06 Jan 2004) - - 06 Jan 2004; Michael Boman snort-2.1.0.ebuild, - files/2.1.0-libnet-1.0.patch, files/snort-2.1.0-gcc3.patch: - New upstream version. Breaks prelude support, samba support is now - obsoleted by upstream. Ebuild with prelude support will follow once - a updated patch is made availble. - -*snort-2.0.6 (21 Dec 2003) - - 21 Dec 2003; Michael Boman snort-2.0.6.ebuild: - New upstream version - - 20 Dec 2003; Michael Boman snort-2.0.5-r2.ebuild: - Bump to stable on x86 - Added ~amd64 to KEYWORDS (fixes bug #36098) - - 16 Dec 2003; Mike Frysinger : - Port the libnet-1.0 patch to snort-2.0.0 to help out the sparc peeps. - -*snort-2.0.5-r2 (09 Dec 2003) - - 09 Dec 2003; Michael Boman snort-2.0.5-r2.ebuild: - Forgot to add etc/prelude-classification.config to the files that should be in - /etc/snort if you are using prelude - - 09 Dec 2003; Michael Boman snort-2.0.5-r2.ebuild: - Added patch to fix drop packet calculations - -*snort-2.0.5-r1 (28 Nov 2003) - - 28 Nov 2003; Michael Boman snort-2.0.5-r1.ebuild: - - Made flexresp optional (controlled by "flexresp" local USE flag), closes #34150. - - Made smbalert optional (controlled by "samba" USE flag). - - Threading support was never officially supported in Snort, and has - been removed from ebuild now as the code is, if not already has been, - cleaned from the source tree. - - Updated prelude patch. - - Assigned myself as the primary maintainer of this ebuild, with the - hardened as the herd. - -*snort-2.0.5 (24 Nov 2003) - - 24 Nov 2003; Daniel Ahlberg snort-2.0.5.ebuild : - Version bump. Closing #29609 and #32950. - - 28 Oct 2003; Martin Holzer snort-2.0.2.ebuild: - adding gcc3 patch. Closes #30540. - - 08 Oct 2003; Jason Wever snort-2.0.2.ebuild: - masked on sparc until bug #30540 is fixed. - -*snort-2.0.2 (06 Oct 2003) - - 06 Oct 2003; Daniel Ahlberg snort-2.0.2.ebuild: - Version bump - -*snort-2.0.1-r1 (21 Aug 2003) - - 21 Aug 2003; Mike Frysinger : - Patch to compile against SLOT-ed libnet-1.0.x #17772. - Also fix user adding to enewuser/enewgroup and switch use - flags over to `use_enable`. - -*snort-1.9.1-r3 (21 Aug 2003) - - 21 Aug 2003; Mike Frysinger : - Patch to compile against SLOT-ed libnet-1.0.x #17772. - Also fix user adding to enewuser/enewgroup and switch use - flags over to `use_enable`. - -*snort-2.0.1 (09 Aug 2003) - - 11 Aug 2003; snort-2.0.1.ebuild, - files/snort-2.0.1+prelude.patch: - Snort 2.0.x does not support snmp bug #26310, Moved large prelude patch to - mirror:// - - 09 Aug 2003; snort-2.0.1.ebuild, - files/snort-2.0.1+prelude.patch: - Added libprelude support to snort. Closes bug 19672. - Upgraded to new upstream version (2.0.1) - -*snort-1.9.1-r2 (22 Apr 2003) - - 22 Apr 2003; Tavis Ormandy snort-1.9.1-r2.ebuild, - snort-2.0.0.ebuild, files/snort-1.9.1-alpha-core_vuln.diff: - snort 2.0.0 is broken on Alpha, backporting the integer overflow fix to snort - 1.9.1 while its being fixed, and bumping version - - 22 Apr 2003; Daniel Ahlberg snort-2.0.0.ebuild files/snort.confd : - Closing #11643. Unmasking becuse of GLSA. - -*snort-2.0.0 (16 Apr 2003) - - 16 Apr 2003; Joshua Brindle Manifest, - snort-2.0.0.ebuild: - 2.0.0 released, yay - -*snort-1.9.1-r1 (29 Mar 2003) - - 29 Mar 2003; Aron Griffis snort-1.9.1-r1.ebuild, - files/snort-1.9.1-alpha.patch: - Add patch and bump revision for alpha. Thanks to Tavis Ormandy for providing - this in bug #18258 - -*snort-1.9.1 (04 Mar 2003) - - 04 Mar 2003; Daniel Ahlberg : - Security update. - - 06 Dec 2002; Rodney Rees : changed sparc ~sparc keywords - -*snort-1.9.0 (24 Oct 2002) - - 24 Oct 2002; Daniel Ahlberg : - Version bump. Found by Torgeir Hansen in #8925. - Added support for specifying listening interface. Closes #6822. - Addes support for snmp, closes #7299. - Locked down dependency on libnet some more. - -*snort-1.8.7 (23 Jul 2002) - - 24 Oct 2002; Daniel Ahlberg files/snort.confd : - Added support for specifying listening interface. Closes #6822. - Locked down dependency on libnet some more. - - 30 Aug 2002; Seemant Kulleen snort-1.8.7.ebuild : - - /var/log/snort now has a .keep in it. Closes bug #7271 by - mcummings@gentoo.org (Michael Cummings) - - 26 Jul 2002; Daniel Ahlberg snort-1.8.7.ebuild snort-1.8.6.ebuild : - - Fix for bug #5592. - - 23 Jul 2002; Daniel Ahlberg snort-1.8.7.ebuild : - - New version. - -*snort-1.8.6 (11 Mar 2003) - - 13 Jul 2003; Daniel Ahlberg : - Added missing changelog entry. - -*snort-1.8.5 (6 Apr 2002) - - 18 Jul 2002; Kyle Manna snort-1.8.6.ebuild : - - Added KEYWORDS. - - 28 Jun 2002; Thilo Bangert : - - moved to net-analyzer - added SLOT - added LICENSE - - 6 Apr 2002; Matthew Kennedy ChangeLog, - snort-1.8.5.ebuild, files/digest-snort-1.8.5: - - Added dependency for PostgreSQL. Moved netlib dep from RDEPEND to - DEPEND (it is statically linked). Version bump to latest. - -*snort-1.8.3-r1 (8 Feb 2002) - - 8 Feb 2002; Donny Davies Changelog, - snort-1.8.3-r1.ebuild, files/digest-snort-1.8.3-r1, - files/snort.confd, files/snort.rc6 files/snort.conf : - - Fix for nonexistant /etc/conf.d/snort. Make user/group addition - a little smarter. - -*snort-1.8.3 (1 Feb 2002) - - 1 Feb 2002; G.Bevin ChangeLog : - - Added initial ChangeLog which should be updated whenever the package is - updated in any way. This changelog is targetted to users. This means that the - comments should well explained and written in clean English. The details about - writing correct changelogs are explained in the skel.ChangeLog file which you - can find in the root directory of the portage repository. - diff --git a/net-analyzer/snort/Manifest b/net-analyzer/snort/Manifest deleted file mode 100644 index 5bef353..0000000 --- a/net-analyzer/snort/Manifest +++ /dev/null @@ -1 +0,0 @@ -DIST snort-2.9.2.2.tar.gz 6529966 SHA256 63f4eeee24d79e4a4e4b573e085d0d2fd78fcf3b7ea730c37eab7b47fcd9b954 diff --git a/net-analyzer/snort/files/snort.confd.2 b/net-analyzer/snort/files/snort.confd.2 deleted file mode 100644 index 780c910..0000000 --- a/net-analyzer/snort/files/snort.confd.2 +++ /dev/null @@ -1,16 +0,0 @@ -# Config file for /etc/init.d/snort - -# The following options are now set in your snort.conf file: -# config set_gid: -# config set_uid: -# config snaplen: -# config bpf_file: -# config logdir: - -# The only options that should be set here are SNORT_IFACE and SNORT_CONF. - -# This tell snort which interface to listen on (any for every interface) -SNORT_IFACE="eth1" - -# Probably not this either -SNORT_CONF="/etc/snort/snort.conf" diff --git a/net-analyzer/snort/files/snort.rc11 b/net-analyzer/snort/files/snort.rc11 deleted file mode 100644 index 8277575..0000000 --- a/net-analyzer/snort/files/snort.rc11 +++ /dev/null @@ -1,57 +0,0 @@ -#!/sbin/runscript -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/files/snort.rc11,v 1.1 2011/09/22 17:39:51 patrick Exp $ - -opts="checkconfig reload" - -depend() { - need net - after mysql - after postgresql -} - -checkconfig() { - if [ ! -e ${SNORT_CONF} ] ; then - eerror "You need a configuration file to run snort" - eerror "There is an example config in /etc/snort/snort.conf.distrib" - return 1 - fi -} - -start() { - checkconfig || return 1 - ebegin "Starting snort" - start-stop-daemon --start --quiet --exec /usr/bin/snort \ - -- --nolock-pidfile --pid-path /var/run/snort -D -i ${SNORT_IFACE} \ - -c ${SNORT_CONF} >/dev/null 2>&1 - eend $? -} - -stop() { - ebegin "Stopping snort" - start-stop-daemon --stop --quiet --pidfile /var/run/snort/snort_${SNORT_IFACE}.pid - # Snort needs a few seconds to fully shutdown - sleep 15 - eend $? -} - -reload() { - - local SNORT_PID="`cat /var/run/snort/snort_${SNORT_IFACE}.pid`" - local SNORT_USER="`ps -p ${SNORT_PID} --no-headers -o user`" - - if [ ! -f /var/run/snort/snort_${SNORT_IFACE}.pid ]; then - eerror "Snort isn't running" - return 1 - elif [ ${SNORT_USER} != root ]; then - eerror "Snort must be running as root for reload to work!" - return 1 - else - checkconfig || return 1 - ebegin "Reloading Snort" - start-stop-daemon --signal HUP --pidfile /var/run/snort/snort_${SNORT_IFACE}.pid - fi -} - - diff --git a/net-analyzer/snort/files/snortsam-2.9.2.2.diff.gz b/net-analyzer/snort/files/snortsam-2.9.2.2.diff.gz deleted file mode 100644 index 2952ae8..0000000 Binary files a/net-analyzer/snort/files/snortsam-2.9.2.2.diff.gz and /dev/null differ diff --git a/net-analyzer/snort/files/snortsam-redirect-2.9.2.2.patch b/net-analyzer/snort/files/snortsam-redirect-2.9.2.2.patch deleted file mode 100644 index af02591..0000000 --- a/net-analyzer/snort/files/snortsam-redirect-2.9.2.2.patch +++ /dev/null @@ -1,94 +0,0 @@ -diff -ur snort-2.9.2.2-snortsam/src/output-plugins/spo_alert_fwsam.c snort-2.9.2.2/src/output-plugins/spo_alert_fwsam.c ---- snort-2.9.2.2-snortsam/src/output-plugins/spo_alert_fwsam.c 2012-05-20 18:33:57.271278999 +0400 -+++ snort-2.9.2.2/src/output-plugins/spo_alert_fwsam.c 2012-05-25 15:56:24.138470000 +0400 -@@ -456,10 +456,16 @@ - - /* Parses the duration of the argument, recognizing minutes, hours, etc.. - */ --unsigned long FWsamParseDuration(char *p) -+unsigned long FWsamParseDuration(char *param) - { unsigned long dur=0,tdu; - char *tok,c1,c2; - -+ // Protect input string from overwriting it -+ char tmpp[20]; -+ strncpy(tmpp,param,19); -+ tmpp[19]=(char)0; -+ char* p=tmpp; -+ - while(*p) - { tok=p; - while(*p && isdigit(*p)) -@@ -515,6 +521,7 @@ - optp->how=FWSAM_HOW_INOUT; /* inbound and outbound block */ - optp->who=FWSAM_WHO_SRC; /* the source */ - optp->loglevel=FWSAM_LOG_LONGALERT; /* the log level default */ -+ optp->action = FWSAM_STATUS_BLOCK; /* type of action */ - /* parse the fwsam keywords */ - - #ifdef FWSAMDEBUG -@@ -566,6 +573,17 @@ - optp->duration=0; - else - possprob=TRUE; -+ if (!possprob) -+ { -+ char* tok = ap; -+ char* action = strtok(tok, ","); -+ action = strtok(NULL, ","); -+ if (action != NULL) -+ { -+ // set our custom action for redirecting traffic instead of blocking -+ optp->action = FWSAM_STATUS_REDIRECT; -+ } -+ } - } - else if(!*ap) - possprob=TRUE; -@@ -879,7 +897,7 @@ - sampacket.snortseqno[1]=(char)(station->myseqno>>8); - sampacket.fwseqno[0]=(char)station->stationseqno;/* fill station seqno */ - sampacket.fwseqno[1]=(char)(station->stationseqno>>8); -- sampacket.status=FWSAM_STATUS_BLOCK; /* set block mode */ -+ sampacket.status=optp->action; /* set action mode */ - sampacket.version=FWSAM_PACKETVERSION; /* set packet version */ - sampacket.duration[0]=(char)optp->duration; /* set duration */ - sampacket.duration[1]=(char)(optp->duration>>8); -@@ -912,10 +930,13 @@ - sampacket.sig_id[3]=(char)(event->sig_id>>24); - - #ifdef FWSAMDEBUG -- LogMessage("DEBUG => [Alert_FWsam] Sending BLOCK\n"); -+ if (optp->action==FWSAM_STATUS_REDIRECT) -+ LogMessage("DEBUG => [Alert_FWsam] Sending REDIRECT\n"); -+ else -+ LogMessage("DEBUG => [Alert_FWsam] Sending BLOCK\n"); - LogMessage("DEBUG => [Alert_FWsam] Snort SeqNo: %x\n",station->myseqno); - LogMessage("DEBUG => [Alert_FWsam] Mgmt SeqNo : %x\n",station->stationseqno); -- LogMessage("DEBUG => [Alert_FWsam] Status : %i\n",FWSAM_STATUS_BLOCK); -+ LogMessage("DEBUG => [Alert_FWsam] Status : %i\n",optp->action); - LogMessage("DEBUG => [Alert_FWsam] Mode : %i\n",optp->how|optp->who|optp->loglevel); - LogMessage("DEBUG => [Alert_FWsam] Duration : %li\n",optp->duration); - LogMessage("DEBUG => [Alert_FWsam] Protocol : %i\n",GET_IPH_PROTO(p)); -diff -ur snort-2.9.2.2-snortsam/src/output-plugins/spo_alert_fwsam.h snort-2.9.2.2/src/output-plugins/spo_alert_fwsam.h ---- snort-2.9.2.2-snortsam/src/output-plugins/spo_alert_fwsam.h 2012-05-20 18:33:57.270278999 +0400 -+++ snort-2.9.2.2/src/output-plugins/spo_alert_fwsam.h 2012-05-20 19:02:01.695332482 +0400 -@@ -107,6 +107,10 @@ - #define FWSAM_STATUS_BLOCK 3 - #define FWSAM_STATUS_UNBLOCK 9 - -+// Custom action to redirect traffic instead of drop -+#define FWSAM_STATUS_REDIRECT 10 -+ -+ - #define FWSAM_STATUS_OK 4 /* fw to snort */ - #define FWSAM_STATUS_ERROR 5 - #define FWSAM_STATUS_NEWKEY 6 -@@ -186,6 +190,7 @@ - unsigned char who; - unsigned char how; - unsigned char loglevel; -+ unsigned char action; // type of action - } FWsamOptions; - - typedef struct _FWsamlistpointer diff --git a/net-analyzer/snort/snort-2.9.2.2-r9999.ebuild b/net-analyzer/snort/snort-2.9.2.2-r9999.ebuild deleted file mode 100644 index ae0c515..0000000 --- a/net-analyzer/snort/snort-2.9.2.2-r9999.ebuild +++ /dev/null @@ -1,272 +0,0 @@ -# Copyright 1999-2012 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/snort-2.9.2.2.ebuild,v 1.1 2012/04/04 09:39:53 patrick Exp $ - -EAPI="2" -inherit eutils autotools flag-o-matic multilib - -DESCRIPTION="The de facto standard for intrusion detection/prevention" -HOMEPAGE="http://www.snort.org/" -SRC_URI="http://www.snort.org/dl/snort-current/${P}.tar.gz" -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~x86 ~mips" -IUSE="static +dynamicplugin +zlib +gre +mpls +targetbased +decoder-preprocessor-rules -+ppm +perfprofiling linux-smp-stats inline-init-failopen +threads debug +active-response -+normalizer reload-error-restart +react +flexresp3 +paf large-pcap-64bit -aruba mysql odbc postgres selinux -snortsam" - -DEPEND=">=net-libs/libpcap-1.0.0 - >=net-libs/daq-0.6 - >=dev-libs/libpcre-6.0 - dev-libs/libdnet - postgres? ( dev-db/postgresql-base ) - mysql? ( virtual/mysql ) - odbc? ( dev-db/unixODBC ) - zlib? ( sys-libs/zlib )" - -RDEPEND="${DEPEND} - selinux? ( sec-policy/selinux-snort )" - -pkg_setup() { - - if use zlib && ! use dynamicplugin; then - eerror "You have enabled the 'zlib' USE flag but not the 'dynamicplugin' USE flag." - eerror "'zlib' requires 'dynamicplugin' be enabled." - die - fi - - # pre_inst() is a better place to put this - # but we need it here for the 'fowners' statements in src_install() - enewgroup snort - enewuser snort -1 -1 /dev/null snort - -} - -src_prepare() { - - #Multilib fix for the sf_engine - einfo "Applying multilib fix." - sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ - "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ - || die "sed for sf_engine failed" - - #Multilib fix for the curent set of dynamic-preprocessors - for i in ftptelnet smtp ssh dns ssl dcerpc2 sdf imap pop rzb_saac sip reputation gtp modbus dnp3; do - sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ - "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ - || die "sed for $i failed." - done - - # Pinkbyte: add patch for snortsam support - if use snortsam; then - epatch "${FILESDIR}/snortsam-${PV}.diff.gz" - epatch "${FILESDIR}/snortsam-redirect-${PV}.patch" - use debug && append-flags "-DFWSAMDEBUG" - fi - # - - AT_M4DIR=m4 eautoreconf -} - -src_configure() { - econf \ - $(use_enable !static shared) \ - $(use_enable static) \ - $(use_enable static so-with-static-lib) \ - $(use_enable dynamicplugin) \ - $(use_enable zlib) \ - $(use_enable gre) \ - $(use_enable mpls) \ - $(use_enable targetbased) \ - $(use_enable decoder-preprocessor-rules) \ - $(use_enable ppm) \ - $(use_enable perfprofiling) \ - $(use_enable linux-smp-stats) \ - $(use_enable inline-init-failopen) \ - $(use_enable threads pthread) \ - $(use_enable debug) \ - $(use_enable debug debug-msgs) \ - $(use_enable debug corefiles) \ - $(use_enable !debug dlclose) \ - $(use_enable active-response) \ - $(use_enable normalizer) \ - $(use_enable reload-error-restart) \ - $(use_enable react) \ - $(use_enable flexresp3) \ - $(use_enable paf) \ - $(use_enable large-pcap-64bit large-pcap) \ - $(use_enable aruba) \ - $(use_with mysql) \ - $(use_with odbc) \ - $(use_with postgres postgresql) \ - --enable-ipv6 \ - --enable-reload \ - --disable-prelude \ - --disable-build-dynamic-examples \ - --disable-profile \ - --disable-ppm-test \ - --disable-intel-soft-cpm \ - --disable-static-daq \ - --disable-rzb-saac \ - --without-oracle -} - -src_install() { - - emake DESTDIR="${D}" install || die "emake failed" - - dodir /var/log/snort \ - /var/run/snort \ - /etc/snort/rules \ - /etc/snort/so_rules \ - /usr/$(get_libdir)/snort_dynamicrules \ - || die "Failed to create core directories" - - # config.log and build.log are needed by Sourcefire - # to trouble shoot build problems and bug reports so we are - # perserving them incase the user needs upstream support. - dodoc RELEASE.NOTES ChangeLog \ - doc/* \ - tools/u2boat/README.u2boat \ - schemas/* || die "Failed to install snort docs" - - insinto /etc/snort - doins etc/attribute_table.dtd \ - etc/classification.config \ - etc/gen-msg.map \ - etc/reference.config \ - etc/threshold.conf \ - etc/unicode.map || die "Failed to install docs in etc" - - # We use snort.conf.distrib because the config file is complicated - # and the one shipped with snort can change drastically between versions. - # Users should migrate setting by hand and not with etc-update. - newins etc/snort.conf snort.conf.distrib \ - || die "Failed to add snort.conf.distrib" - - # config.log and build.log are needed by Sourcefire - # to troubleshoot build problems and bug reports so we are - # perserving them incase the user needs upstream support. - # 'die' was intentionally not added here. - if [ -f "${WORKDIR}/${PF}/config.log" ]; then - dodoc "${WORKDIR}/${PF}/config.log" - fi - if [ -f "${T}/build.log" ]; then - dodoc "${T}/build.log" - fi - - insinto /etc/snort/preproc_rules - doins preproc_rules/decoder.rules \ - preproc_rules/preprocessor.rules \ - preproc_rules/sensitive-data.rules || die "Failed to install preproc rule files" - - fowners -R snort:snort \ - /var/log/snort \ - /var/run/snort \ - /etc/snort || die - - newinitd "${FILESDIR}/snort.rc11" snort || die "Failed to install snort init script" - newconfd "${FILESDIR}/snort.confd.2" snort || die "Failed to install snort confd file" - - # Sourcefire uses Makefiles to install docs causing Bug #297190. - # This removes the unwanted doc directory and rogue Makefiles. - rm -rf "${D}"usr/share/doc/snort || die "Failed to remove SF doc directories" - rm "${D}"usr/share/doc/"${PF}"/Makefile* || die "Failed to remove doc make files" - - #Remove unneeded .la files (Bug #382863) - rm "${D}"usr/$(get_libdir)/snort_dynamicengine/libsf_engine.la || die - rm "${D}"usr/$(get_libdir)/snort_dynamicpreprocessor/libsf_*_preproc.la || die "Failed to remove libsf_?_preproc.la" - - # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection - sed -i -e 's|/usr/local/lib|/usr/'$(get_libdir)'|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct rule location in the config - sed -i -e 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct preprocessor/decoder rule location in the config - sed -i -e 's|PREPROC_RULE_PATH ../preproc_rules|PREPROC_RULE_PATH /etc/snort/preproc_rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Enable the preprocessor/decoder rules - sed -i -e 's|^# include $PREPROC_RULE_PATH|include $PREPROC_RULE_PATH|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - sed -i -e 's|^# dynamicdetection directory|dynamicdetection directory|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Just some clean up of trailing /'s in the config - sed -i -e 's|snort_dynamicpreprocessor/$|snort_dynamicpreprocessor|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Make it clear in the config where these are... - sed -i -e 's|^include classification.config|include /etc/snort/classification.config|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - sed -i -e 's|^include reference.config|include /etc/snort/reference.config|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Disable all rule files by default. - sed -i -e 's|^include $RULE_PATH|# include $RULE_PATH|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Disable normalizer preprocessor config if normalizer USE flag not set. - if ! use normalizer; then - sed -i -e 's|^preprocessor normalize|#preprocessor normalize|g' \ - "${D}etc/snort/snort.conf.distrib" || die - fi - - # Set the configured DAQ to afpacket - sed -i -e 's|^# config daq: |config daq: afpacket|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the location of the DAQ modules - sed -i -e 's|^# config daq_dir: |config daq_dir: /usr/'$(get_libdir)'/daq|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the DAQ mode to passive - sed -i -e 's|^# config daq_mode: |config daq_mode: passive|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set snort to run as snort:snort - sed -i -e 's|^# config set_gid:|config set_gid: snort|g' \ - "${D}etc/snort/snort.conf.distrib" || die - sed -i -e 's|^# config set_uid:|config set_uid: snort|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the default log dir - sed -i -e 's|^# config logdir:|config logdir: /var/log/snort/|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct so_rule location in the config - sed -i -e 's|SO_RULE_PATH ../so_rules|SO_RULE_PATH /etc/snort/so_rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die -} - -pkg_postinst() { - - einfo "There have been a number of improvements and new features" - einfo "added to ${P}. Please review the RELEASE.NOTES and" - einfo "ChangLog located in /usr/share/doc/${PF}." - einfo - elog "The Sourcefire Vulnerability Research Team (VRT) recommends that" - elog "users migrate their snort.conf customizations to the latest config" - elog "file released by the VRT. You can find the latest version of the" - elog "Snort config file in /etc/snort/snort.conf.distrib." - elog - elog "!! It is important that you migrate to this new snort.conf file !!" - elog - elog "This version of the ebuild includes an updated init.d file and" - elog "conf.d file that rely on options found in the latest Snort" - elog "config file provided by the VRT." - - if use debug; then - elog "You have the 'debug' USE flag enabled. If this has been done to" - elog "troubleshoot an issue by producing a core dump or a back trace," - elog "then you need to also ensure the FEATURES variable in make.conf" - elog "contains the 'nostrip' option." - fi -} diff --git a/net-analyzer/snortsam/Manifest b/net-analyzer/snortsam/Manifest deleted file mode 100644 index 07c8547..0000000 --- a/net-analyzer/snortsam/Manifest +++ /dev/null @@ -1,2 +0,0 @@ -DIST snortsam-2.50-ciscoacl.diff.bz2 7295 SHA256 a4f39789e9f10b95e6db1bbce5f9d26f7393161311f5c955a4b8380186a2cb6b -DIST snortsam-src-2.70.tar.gz 1971624 SHA256 442040a7281a641008f6410b7f6528d709f17d5041fd3752011075f8a38d19bc diff --git a/net-analyzer/snortsam/files/snortsam-2.70-redirect.patch b/net-analyzer/snortsam/files/snortsam-2.70-redirect.patch deleted file mode 100644 index 4cc3a7e..0000000 --- a/net-analyzer/snortsam/files/snortsam-2.70-redirect.patch +++ /dev/null @@ -1,513 +0,0 @@ -diff -ur snortsam-2.7.0-orig/src/snortsam.c snortsam/src/snortsam.c ---- snortsam-2.7.0-orig/src/snortsam.c 2012-05-20 20:59:46.277029000 +0400 -+++ snortsam/src/snortsam.c 2012-06-15 18:23:29.653032000 +0400 -@@ -1971,7 +1971,7 @@ - void block(SENSORLIST *snortbox,unsigned long bsip,unsigned short bsport, - unsigned long bdip,unsigned short bdport, - unsigned short bproto,time_t bduration,unsigned char bmode, -- time_t btime,unsigned long bsig_id) -+ time_t btime,unsigned long bsig_id,char packstat) - { unsigned long peerip,blockip; - unsigned short blockport; - time_t t; -@@ -2022,6 +2022,8 @@ - blockdata.blocktime=btime; - blockdata.sig_id=bsig_id; - blockdata.block=TRUE; -+ // Add type of block(simple block or redirect) -+ blockdata.type=packstat; - - /* check for and get a blocktime limit out of the limit list based on the sensor*/ - blockdata.duration=limit_duration_on_sensor(snortbox->snortip.s_addr,bduration); -@@ -2467,6 +2469,7 @@ - printf("Debug: Received Packet: %s\n",packet.status==FWSAM_STATUS_CHECKIN?"CHECKIN": - packet.status==FWSAM_STATUS_CHECKOUT?"CHECKOUT": - packet.status==FWSAM_STATUS_BLOCK?"BLOCK": -+ packet.status==FWSAM_STATUS_REDIRECT?"REDIRECT": - packet.status==FWSAM_STATUS_UNBLOCK?"UNBLOCK":"**UNKNOWN**"); - printf("Debug: Snort SeqNo: %x\n",packet.snortseqno[0]|(packet.snortseqno[1]<<8)); - printf("Debug: Mgmt SeqNo : %x\n",packet.fwseqno[0]|(packet.fwseqno[1]<<8)); -@@ -2512,11 +2515,12 @@ - snortbox->toberemoved=TRUE; /* Mark sensor for removal from list. */ - ret=FALSE; - } -- else if(packet.status==FWSAM_STATUS_BLOCK || packet.status==FWSAM_STATUS_UNBLOCK) /* if we received a blocking request */ -+ else if(packet.status==FWSAM_STATUS_BLOCK || packet.status==FWSAM_STATUS_REDIRECT || packet.status==FWSAM_STATUS_UNBLOCK) /* if we received a blocking or redirecting request */ - { if((( (packet.fwseqno[0]|(packet.fwseqno[1]<<8)) ==snortbox->myseqno) && ( (packet.snortseqno[0]|(packet.snortseqno[1]<<8)) ==((snortbox->snortseqno+snortbox->myseqno)&0xffff) )) || disableseqnocheck) - { packstat=packet.status; - #ifdef FWSAMDEBUG -- printf("Debug: %s request received...\n",packet.status==FWSAM_STATUS_BLOCK?"Blocking":"Unblocking"); -+ printf("Debug: %s request received...\n",packet.status==FWSAM_STATUS_BLOCK?"Blocking": -+ packet.status==FWSAM_STATUS_REDIRECT?"Redirecting":"Unblocking"); - #endif - bmode=packet.fwmode; /* save parameters from packet */ - if(packet.endiancheck==1) /* Check if peer has the same endianess */ -@@ -2604,9 +2608,9 @@ - } - else - { -- if(packstat==FWSAM_STATUS_BLOCK) -+ if(packstat==FWSAM_STATUS_BLOCK || packstat==FWSAM_STATUS_REDIRECT) - { /* call block, which performs checks */ -- block(snortbox,bsip,bsport,bdip,bdport,bproto,bduration,bmode,mytime,bsig_id); -+ block(snortbox,bsip,bsport,bdip,bdport,bproto,bduration,bmode,mytime,bsig_id,packstat); - } - else - { -diff -ur snortsam-2.7.0-orig/src/snortsam.h snortsam/src/snortsam.h ---- snortsam-2.7.0-orig/src/snortsam.h 2012-05-20 20:59:46.278524000 +0400 -+++ snortsam/src/snortsam.h 2012-06-15 18:30:41.524502000 +0400 -@@ -242,6 +242,7 @@ - #define FWSAM_STATUS_CHECKOUT 2 - #define FWSAM_STATUS_BLOCK 3 - #define FWSAM_STATUS_UNBLOCK 9 -+#define FWSAM_STATUS_REDIRECT 10 - - #define FWSAM_STATUS_OK 4 /* fw to snort */ - #define FWSAM_STATUS_ERROR 5 -@@ -291,6 +292,7 @@ - unsigned short proto; /* Protocol (if connection) */ - unsigned short mode; /* Blocking mode (src, dst, connection) */ - short block; /* block or unblock flag --- this flag is dynamically changed */ -+ char type; /* Type of block - simple block or redirect. Taken from incoming packet status */ - } BLOCKINFO; - - typedef struct _oldblockinfo /* Block info structure */ -@@ -495,7 +497,7 @@ - void block(SENSORLIST *snortbox,unsigned long bsip,unsigned short bsport, - unsigned long bdip,unsigned short bdport, - unsigned short bproto,time_t bduration,unsigned char bmode, -- time_t btime,unsigned long bsig_id); -+ time_t btime,unsigned long bsig_id,char packstat); - void unblock(BLOCKINFO *bhp,char *comment,unsigned long reqip,int force); - void addtohistory(BLOCKHISTORY *,int); - void clearhistory(void); -diff -ur snortsam-2.7.0-orig/src/ssp_iptables.c snortsam/src/ssp_iptables.c ---- snortsam-2.7.0-orig/src/ssp_iptables.c 2012-05-20 20:59:46.275601000 +0400 -+++ snortsam/src/ssp_iptables.c 2012-06-16 16:53:06.430453000 +0400 -@@ -123,204 +123,227 @@ - printf("Debug: [iptables][%lx] Plugin Blocking...\n",threadid); - #endif - -- if(bd->block) -- { snprintf(msg,sizeof(msg)-1,"Info: Blocking ip %s", inettoa(bd->blockip)); -- logmessage(3,msg,"iptables",0); -- -- switch(bd->mode&FWSAM_HOW) -- { case FWSAM_HOW_IN: -- /* Assemble command */ -- if (snprintf(iptcmd,sizeof(iptcmd)-1, -- "/sbin/iptables -I FORWARD -i %s -s %s -j DROP", -- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) { -- snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd); -- logmessage(1,msg,"iptables",0); -- return; -- } -- if (snprintf(iptcmd2,sizeof(iptcmd2)-1, -- "/sbin/iptables -I INPUT -i %s -s %s -j DROP", -- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) { -- snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2); -- logmessage(1,msg,"iptables",0); -- return; -- } -- break; -- case FWSAM_HOW_OUT: -- /* Assemble command */ -- if (snprintf(iptcmd,sizeof(iptcmd)-1, -- "/sbin/iptables -I FORWARD -i %s -d %s -j DROP", -- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) { -- snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd); -- logmessage(1,msg,"iptables",0); -- return; -- } -- if (snprintf(iptcmd2,sizeof(iptcmd2)-1, -- "/sbin/iptables -I INPUT -i %s -d %s -j DROP", -- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) { -- snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2); -- logmessage(1,msg,"iptables",0); -- return; -- } -- break; -- case FWSAM_HOW_INOUT: -- /* Assemble command - block src*/ -- if ((snprintf(iptcmd,sizeof(iptcmd)-1, -- "/sbin/iptables -I FORWARD -i %s -s %s -j DROP", -- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) || (snprintf(iptcmd1,sizeof(iptcmd1)-1, -- "/sbin/iptables -I FORWARD -i %s -d %s -j DROP", -- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd1))) { -- snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd); -- logmessage(1,msg,"iptables",0); -- return; -- } -- if ((snprintf(iptcmd2,sizeof(iptcmd2)-1, -- "/sbin/iptables -I INPUT -i %s -s %s -j DROP", -- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) || (snprintf(iptcmd4,sizeof(iptcmd4)-1, -- "/sbin/iptables -I INPUT -i %s -d %s -j DROP", -- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd4))) { -- snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2); -- logmessage(1,msg,"iptables",0); -- return; -- } -- break; -- case FWSAM_HOW_THIS: -- /* Assemble command */ -- if (snprintf(iptcmd,sizeof(iptcmd)-1, -- "/sbin/iptables -I FORWARD -i %s -s %s -d %s -p %d --dport %d -j DROP", -- iptp->iface, inettoa(bd->blockip), inettoa(bd->peerip), bd->proto, bd->port) >= sizeof(iptcmd)) { -- snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd); -- logmessage(1,msg,"iptables",0); -- return; -- } -- if (snprintf(iptcmd2,sizeof(iptcmd2)-1, -- "/sbin/iptables -I INPUT -i %s -s %s -d %s -p %d --dport %d -j DROP", -- iptp->iface, inettoa(bd->blockip), inettoa(bd->peerip), bd->proto, bd->port) >= sizeof(iptcmd2)) { -- snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2); -- logmessage(1,msg,"iptables",0); -- return; -- } -- break; -- } -- } -- else -- { -- snprintf(msg,sizeof(msg)-1,"Info: UnBlocking ip %s", inettoa(bd->blockip)); -- logmessage(1,msg,"iptables",0); --switch(bd->mode&FWSAM_HOW) -- { case FWSAM_HOW_IN: -- /* Assemble command */ -- if (snprintf(iptcmd,sizeof(iptcmd)-1, -- "/sbin/iptables -D FORWARD -i %s -s %s -j DROP", -- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) { -- snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd); -- logmessage(1,msg,"iptables",0); -- return; -- } -- if (snprintf(iptcmd2,sizeof(iptcmd2)-1, -- "/sbin/iptables -D INPUT -i %s -s %s -j DROP", -- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) { -- snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2); -- logmessage(1,msg,"iptables",0); -- return; -- } -- break; -- case FWSAM_HOW_OUT: -- /* Assemble command */ -- if (snprintf(iptcmd,sizeof(iptcmd)-1, -- "/sbin/iptables -D FORWARD -i %s -d %s -j DROP", -- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) { -- snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd); -- logmessage(1,msg,"iptables",0); -- return; -- } -- if (snprintf(iptcmd2,sizeof(iptcmd2)-1, -- "/sbin/iptables -D INPUT -i %s -d %s -j DROP", -- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) { -- snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2); -- logmessage(1,msg,"iptables",0); -- return; -- } -- break; -- case FWSAM_HOW_INOUT: -- /* Assemble command - block src*/ -- if ((snprintf(iptcmd,sizeof(iptcmd)-1, -- "/sbin/iptables -D FORWARD -i %s -s %s -j DROP", -- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) || (snprintf(iptcmd1,sizeof(iptcmd1)-1, -- "/sbin/iptables -D FORWARD -i %s -d %s -j DROP", -- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd1))) { -- snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd); -- logmessage(1,msg,"iptables",0); -- return; -- } -- if ((snprintf(iptcmd2,sizeof(iptcmd2)-1, -- "/sbin/iptables -D INPUT -i %s -s %s -j DROP", -- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) || (snprintf(iptcmd4,sizeof(iptcmd4)-1, -- "/sbin/iptables -D INPUT -i %s -d %s -j DROP", -- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd4))) { -- snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2); -- logmessage(1,msg,"iptables",0); -- return; -- } -- break; -- case FWSAM_HOW_THIS: -- /* Assemble command */ -- if (snprintf(iptcmd,sizeof(iptcmd)-1, -- "/sbin/iptables -D FORWARD -i %s -s %s -d %s -p %d --dport %d -j DROP", -- iptp->iface, inettoa(bd->blockip), inettoa(bd->peerip), bd->proto, bd->port) >= sizeof(iptcmd)) { -- snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd); -- logmessage(1,msg,"iptables",0); -- return; -- } -- if (snprintf(iptcmd2,sizeof(iptcmd2)-1, -- "/sbin/iptables -D INPUT -i %s -s %s -d %s -p %d --dport %d -j DROP", -- iptp->iface, inettoa(bd->blockip), inettoa(bd->peerip), bd->proto, bd->port) >= sizeof(iptcmd)) { -- snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2); -- logmessage(1,msg,"iptables",0); -- return; -- } -- break; -- } -- } --#ifdef FWSAMDEBUG -- printf("Debug: [iptables][%lx] command %s\n", threadid, iptcmd); -- printf("Debug: [iptables][%lx] command2 %s\n", threadid, iptcmd2); --#endif -- /* Run the command */ -- if (system(iptcmd) != 0) { -- snprintf(msg,sizeof(msg)-1,"Error: Command %s Failed", iptcmd); -- logmessage(3,msg,"iptables",0); -- } else { -- snprintf(msg,sizeof(msg)-1,"Info: Command %s Executed Successfully", iptcmd); -- logmessage(3,msg,"iptables",0); -- } -- if (system(iptcmd2) != 0) { -- snprintf(msg,sizeof(msg)-1,"Error: Command2 %s Failed", iptcmd2); -- logmessage(1,msg,"iptables",0); -- } else { -- snprintf(msg,sizeof(msg)-1,"Info: Command2 %s Executed Successfully", iptcmd2); -- logmessage(3,msg,"iptables",0); -- } -- --/*inventiva-recorte*/ -- if((bd->mode&FWSAM_HOW)==FWSAM_HOW_INOUT) -- { -- if (system(iptcmd1) != 0) { -- snprintf(msg,sizeof(msg)-1,"Error: Command %s Failed", iptcmd1); -- logmessage(3,msg,"iptables",0); -- } else { -- snprintf(msg,sizeof(msg)-1,"Info: Command %s Executed Successfully", iptcmd1); -- logmessage(3,msg,"iptables",0); -- } -- if (system(iptcmd4) != 0) { -- snprintf(msg,sizeof(msg)-1,"Error: Command2 %s Failed", iptcmd4); -- logmessage(1,msg,"iptables",0); -- } else { -- snprintf(msg,sizeof(msg)-1,"Info: Command2 %s Executed Successfully", iptcmd4); -- logmessage(3,msg,"iptables",0); -- } -- } -- -- -+ if(bd->block) -+ { snprintf(msg,sizeof(msg)-1,"Info: Blocking ip %s", inettoa(bd->blockip)); -+ logmessage(3,msg,"iptables",0); -+ -+ switch(bd->mode&FWSAM_HOW) -+ { case FWSAM_HOW_IN: -+ /* Assemble command */ -+ if (snprintf(iptcmd,sizeof(iptcmd)-1, -+ "/sbin/iptables -I FORWARD -i %s -s %s -j DROP", -+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) { -+ snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd); -+ logmessage(1,msg,"iptables",0); -+ return; -+ } -+ if (snprintf(iptcmd2,sizeof(iptcmd2)-1, -+ "/sbin/iptables -I INPUT -i %s -s %s -j DROP", -+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) { -+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2); -+ logmessage(1,msg,"iptables",0); -+ return; -+ } -+ break; -+ case FWSAM_HOW_OUT: -+ /* Assemble command */ -+ if (snprintf(iptcmd,sizeof(iptcmd)-1, -+ "/sbin/iptables -I FORWARD -i %s -d %s -j DROP", -+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) { -+ snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd); -+ logmessage(1,msg,"iptables",0); -+ return; -+ } -+ if (snprintf(iptcmd2,sizeof(iptcmd2)-1, -+ "/sbin/iptables -I INPUT -i %s -d %s -j DROP", -+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) { -+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2); -+ logmessage(1,msg,"iptables",0); -+ return; -+ } -+ break; -+ case FWSAM_HOW_INOUT: -+{ -+ char* cmdstr_fwd; -+ char cmdstr_fwd_redirect[]="/sbin/iptables -t mangle -I PREROUTING -i %s -s %s -j MARK --set-mark 255"; -+ char cmdstr_fwd_block[]="/sbin/iptables -I FORWARD -i %s -s %s -j DROP"; -+ if (bd->type==FWSAM_STATUS_BLOCK) -+ cmdstr_fwd=cmdstr_fwd_block; -+ else -+ cmdstr_fwd=cmdstr_fwd_redirect; -+ /* Assemble command - block src*/ -+ if ((snprintf(iptcmd,sizeof(iptcmd)-1, -+ cmdstr_fwd, -+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) || (snprintf(iptcmd1,sizeof(iptcmd1)-1, -+ "/sbin/iptables -I FORWARD -i %s -d %s -j DROP", -+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd1))) { -+ snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd); -+ logmessage(1,msg,"iptables",0); -+ return; -+ } -+ if (bd->type==FWSAM_STATUS_BLOCK) -+ if ((snprintf(iptcmd2,sizeof(iptcmd2)-1, -+ "/sbin/iptables -I INPUT -i %s -s %s -j DROP", -+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) || (snprintf(iptcmd4,sizeof(iptcmd4)-1, -+ "/sbin/iptables -I INPUT -i %s -d %s -j DROP", -+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd4))) { -+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2); -+ logmessage(1,msg,"iptables",0); -+ return; -+ } -+} -+ break; -+ case FWSAM_HOW_THIS: -+ /* Assemble command */ -+ if (snprintf(iptcmd,sizeof(iptcmd)-1, -+ "/sbin/iptables -I FORWARD -i %s -s %s -d %s -p %d --dport %d -j DROP", -+ iptp->iface, inettoa(bd->blockip), inettoa(bd->peerip), bd->proto, bd->port) >= sizeof(iptcmd)) { -+ snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd); -+ logmessage(1,msg,"iptables",0); -+ return; -+ } -+ if (snprintf(iptcmd2,sizeof(iptcmd2)-1, -+ "/sbin/iptables -I INPUT -i %s -s %s -d %s -p %d --dport %d -j DROP", -+ iptp->iface, inettoa(bd->blockip), inettoa(bd->peerip), bd->proto, bd->port) >= sizeof(iptcmd2)) { -+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2); -+ logmessage(1,msg,"iptables",0); -+ return; -+ } -+ break; -+ } -+ } -+ else -+ { -+ snprintf(msg,sizeof(msg)-1,"Info: UnBlocking ip %s", inettoa(bd->blockip)); -+ logmessage(1,msg,"iptables",0); -+ -+switch(bd->mode&FWSAM_HOW) -+ { case FWSAM_HOW_IN: -+ /* Assemble command */ -+ if (snprintf(iptcmd,sizeof(iptcmd)-1, -+ "/sbin/iptables -D FORWARD -i %s -s %s -j DROP", -+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) { -+ snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd); -+ logmessage(1,msg,"iptables",0); -+ return; -+ } -+ if (snprintf(iptcmd2,sizeof(iptcmd2)-1, -+ "/sbin/iptables -D INPUT -i %s -s %s -j DROP", -+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) { -+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2); -+ logmessage(1,msg,"iptables",0); -+ return; -+ } -+ break; -+ case FWSAM_HOW_OUT: -+ /* Assemble command */ -+ if (snprintf(iptcmd,sizeof(iptcmd)-1, -+ "/sbin/iptables -D FORWARD -i %s -d %s -j DROP", -+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) { -+ snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd); -+ logmessage(1,msg,"iptables",0); -+ return; -+ } -+ if (snprintf(iptcmd2,sizeof(iptcmd2)-1, -+ "/sbin/iptables -D INPUT -i %s -d %s -j DROP", -+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) { -+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2); -+ logmessage(1,msg,"iptables",0); -+ return; -+ } -+ break; -+ case FWSAM_HOW_INOUT: -+{ -+ char* cmdstr_fwd; -+ char cmdstr_fwd_unredirect[]="/sbin/iptables -t mangle -D PREROUTING -i %s -s %s -j MARK --set-mark 255"; -+ char cmdstr_fwd_unblock[]="/sbin/iptables -D FORWARD -i %s -s %s -j DROP"; -+ if (bd->type==FWSAM_STATUS_BLOCK) -+ cmdstr_fwd=cmdstr_fwd_unblock; -+ else -+ cmdstr_fwd=cmdstr_fwd_unredirect; -+ /* Assemble command - block src*/ -+ if ((snprintf(iptcmd,sizeof(iptcmd)-1, -+ cmdstr_fwd, -+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) || (snprintf(iptcmd1,sizeof(iptcmd1)-1, -+ "/sbin/iptables -D FORWARD -i %s -d %s -j DROP", -+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd1))) { -+ snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd); -+ logmessage(1,msg,"iptables",0); -+ return; -+ } -+ if (bd->type==FWSAM_STATUS_BLOCK) -+ if ((snprintf(iptcmd2,sizeof(iptcmd2)-1, -+ "/sbin/iptables -D INPUT -i %s -s %s -j DROP", -+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) || (snprintf(iptcmd4,sizeof(iptcmd4)-1, -+ "/sbin/iptables -D INPUT -i %s -d %s -j DROP", -+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd4))) { -+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2); -+ logmessage(1,msg,"iptables",0); -+ return; -+ } -+} -+ break; -+ case FWSAM_HOW_THIS: -+ /* Assemble command */ -+ if (snprintf(iptcmd,sizeof(iptcmd)-1, -+ "/sbin/iptables -D FORWARD -i %s -s %s -d %s -p %d --dport %d -j DROP", -+ iptp->iface, inettoa(bd->blockip), inettoa(bd->peerip), bd->proto, bd->port) >= sizeof(iptcmd)) { -+ snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd); -+ logmessage(1,msg,"iptables",0); -+ return; -+ } -+ if (snprintf(iptcmd2,sizeof(iptcmd2)-1, -+ "/sbin/iptables -D INPUT -i %s -s %s -d %s -p %d --dport %d -j DROP", -+ iptp->iface, inettoa(bd->blockip), inettoa(bd->peerip), bd->proto, bd->port) >= sizeof(iptcmd)) { -+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2); -+ logmessage(1,msg,"iptables",0); -+ return; -+ } -+ break; -+ } -+ } -+#ifdef FWSAMDEBUG -+ printf("Debug: [iptables][%lx] command %s\n", threadid, iptcmd); -+ printf("Debug: [iptables][%lx] command2 %s\n", threadid, iptcmd2); -+#endif -+ /* Run the command */ -+ if (system(iptcmd) != 0) { -+ snprintf(msg,sizeof(msg)-1,"Error: Command %s Failed", iptcmd); -+ logmessage(3,msg,"iptables",0); -+ } else { -+ snprintf(msg,sizeof(msg)-1,"Info: Command %s Executed Successfully", iptcmd); -+ logmessage(3,msg,"iptables",0); -+ } -+ if (bd->type==FWSAM_STATUS_BLOCK) -+ if (system(iptcmd2) != 0) { -+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s Failed", iptcmd2); -+ logmessage(1,msg,"iptables",0); -+ } else { -+ snprintf(msg,sizeof(msg)-1,"Info: Command2 %s Executed Successfully", iptcmd2); -+ logmessage(3,msg,"iptables",0); -+ } -+ -+/*inventiva-recorte*/ -+ if((bd->mode&FWSAM_HOW)==FWSAM_HOW_INOUT) -+ { -+ if (system(iptcmd1) != 0) { -+ snprintf(msg,sizeof(msg)-1,"Error: Command %s Failed", iptcmd1); -+ logmessage(3,msg,"iptables",0); -+ } else { -+ snprintf(msg,sizeof(msg)-1,"Info: Command %s Executed Successfully", iptcmd1); -+ logmessage(3,msg,"iptables",0); -+ } -+ if (bd->type==FWSAM_STATUS_BLOCK) -+ if (system(iptcmd4) != 0) { -+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s Failed", iptcmd4); -+ logmessage(1,msg,"iptables",0); -+ } else { -+ snprintf(msg,sizeof(msg)-1,"Info: Command2 %s Executed Successfully", iptcmd4); -+ logmessage(3,msg,"iptables",0); -+ } -+ } -+ -+ - #ifdef SAVETABLES - /* Save command */ - if (system(savecmd) != 0) { diff --git a/net-analyzer/snortsam/snortsam-2.70-r9999.ebuild b/net-analyzer/snortsam/snortsam-2.70-r9999.ebuild deleted file mode 100644 index 45f6e3d..0000000 --- a/net-analyzer/snortsam/snortsam-2.70-r9999.ebuild +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snortsam/snortsam-2.70.ebuild,v 1.3 2011/11/18 05:09:16 jer Exp $ - -EAPI="4" - -inherit eutils toolchain-funcs - -MY_P="${PN}-src-${PV}" -DESCRIPTION="Snort plugin that allows automated blocking of IP addresses on several firewalls" -HOMEPAGE="http://www.snortsam.net/" -SRC_URI="http://www.snortsam.net/files/snortsam/${MY_P}.tar.gz - mirror://gentoo/${PN}-2.50-ciscoacl.diff.bz2" - -LICENSE="as-is" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~ppc ~ppc64 ~sparc ~x86" -IUSE="debug" - -S=${WORKDIR}/${PN} - -src_prepare() { - sed -i makesnortsam.sh \ - -e "s:sbin/functions.sh:etc/init.d/functions.sh:" \ - -e "s:-O2 : ${CFLAGS} :" \ - -e "s:gcc :$(tc-getCC) :" \ - -e "/^LDFLAGS=/d" \ - -e "s:\( -o ../snortsam\): ${LDFLAGS}\1:" \ - -e "s:\${SSP_LINUX_SRC} -o \${SNORTSAM}:& \${LINUX_LDFLAGS}:" \ - || die "sed failed" - - find "${S}" -depth -type d -name CVS -exec rm -rf \{\} \; -} - -src_compile() { - # Pinkbyte: patch for traffic redirection support - epatch "${FILESDIR}/${P}-redirect.patch" - # - sh makesnortsam.sh || die "makesnortsam.sh failed" -} - -src_install() { - if use debug; then - newbin snortsam-debug snortsam - else - dobin snortsam - fi - find "${S}" -depth -type f -name "*.asc" -exec rm -f {} \; - dodoc -r docs/ conf/ -} - -pkg_postinst() { - elog - elog "To use snortsam with snort, you'll have to compile snort with USE=snortsam." - elog "Read the INSTALL file to configure snort for snortsam, and configure" - elog "snortsam for your particular firewall." - elog -}