diff --git a/net-analyzer/snort/ChangeLog b/net-analyzer/snort/ChangeLog new file mode 100644 index 0000000..2239020 --- /dev/null +++ b/net-analyzer/snort/ChangeLog @@ -0,0 +1,915 @@ +# ChangeLog for net-analyzer/snort +# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.192 2012/04/04 09:39:53 patrick Exp $ + +*snort-2.9.2.2 (04 Apr 2012) + + 04 Apr 2012; Patrick Lauer +snort-2.9.2.2.ebuild: + Bump + + 11 Mar 2012; Joshua Kinard snort-2.9.1.ebuild, + snort-2.9.2.1.ebuild: + Both 2.9.1 and 2.9.2* should be using daq-0.6 or greater. + +*snort-2.9.2.1 (11 Mar 2012) + + 11 Mar 2012; Joshua Kinard + -files/snort-2.8.4-libnet.patch, -snort-2.8.5.1.ebuild, + -snort-2.8.5.3.ebuild, -snort-2.8.6.ebuild, -snort-2.8.6.1.ebuild, + -snort-2.9.0.4-r1.ebuild, snort-2.9.0.5.ebuild, snort-2.9.1.ebuild, + -snort-2.9.2.ebuild, +snort-2.9.2.1.ebuild, -files/pcap_memory.patch, + -files/snort.rc9, -files/snort.reload.rc1, metadata.xml: + Drop old versions and associated files, add 2.9.2.1, and tweak SRC_URI to use + a download URL specified on the Snort website that doesn't require manual + updating for each new release. + + 11 Mar 2012; Tim Harder snort-2.9.2.ebuild: + Fix multilib issue (bug #403725, patch by Rick Farina). + +*snort-2.9.2 (11 Jan 2012) + + 11 Jan 2012; Patrick Lauer +snort-2.9.2.ebuild: + Bump + + 29 Sep 2011; Peter Volkov snort-2.9.1.ebuild: + Fix inability to remove .la files, bug 384443 thank Juergen Rose for report + and Jason Wallace for fix. + +*snort-2.9.1 (22 Sep 2011) + + 22 Sep 2011; Patrick Lauer +snort-2.9.1.ebuild, + +files/snort.confd.2, +files/snort.rc11, metadata.xml: + Bump for #382851, thanks to Jason Wallace + + 21 Sep 2011; Tony Vroon snort-2.9.0.5.ebuild: + Marked stable on AMD64 based on arch testing by Agostino "ago" Sarubbo & + Elijah "Armageddon" El Lazkani in bug #382857. + + 24 Jul 2011; Kacper Kowalik snort-2.9.0.5.ebuild: + Marked ~ppc/~ppc64 wrt #351551 + + 24 Apr 2011; Raúl Porcel snort-2.9.0.4-r1.ebuild, + snort-2.9.0.5.ebuild: + Add ~sparc wrt #351551 + +*snort-2.9.0.5 (13 Apr 2011) + + 13 Apr 2011; Patrick Lauer +snort-2.9.0.5.ebuild: + Bump for #362417 + + 02 Apr 2011; Samuli Suominen snort-2.8.5.1.ebuild, + snort-2.8.5.3.ebuild, snort-2.8.6.ebuild, snort-2.8.6.1.ebuild: + Use net-libs/libpcap instead of virtual/libpcap wrt #358835. + + 17 Mar 2011; Patrick Lauer snort-2.9.0.4-r1.ebuild: + amd64 stable as I accidentally dropped .3 with stable keyword + + 17 Mar 2011; Patrick Lauer -snort-2.9.0.1.ebuild, + -snort-2.9.0.2.ebuild, -snort-2.9.0.3.ebuild, -snort-2.9.0.4.ebuild, + snort-2.9.0.4-r1.ebuild: + Push alpha keyword to .4 and remove old 2.9 versions + + 13 Mar 2011; Markus Meier snort-2.9.0.4-r1.ebuild: + add ~arm, bug #351551 + + 07 Mar 2011; Tobias Klausmann snort-2.9.0.3.ebuild: + Keyworded on alpha, bug #351551 + +*snort-2.9.0.4-r1 (01 Mar 2011) + + 01 Mar 2011; Joshua Kinard +snort-2.9.0.4-r1.ebuild: + Fix #356905, upstream released a patch to address a bug with partial HTTP URI + decoding and incremented the internal build number, but did not bump the + version number on the available tarball. Build is now 111 from 110. + + 28 Feb 2011; Jeroen Roovers snort-2.9.0.4.ebuild: + Do not install temporary log files (bug #356547). + + 26 Feb 2011; Thomas Kahle snort-2.9.0.4.ebuild: + x86 stable per bug 351549 + + 25 Feb 2011; Patrick Lauer files/disabledynamic.patch: + Fixing patch + + 25 Feb 2011; Patrick Lauer files/disabledynamic.patch: + Fixing confused patch + +*snort-2.9.0.4 (24 Feb 2011) + + 24 Feb 2011; Patrick Lauer +snort-2.9.0.4.ebuild, + +files/disabledynamic.patch, metadata.xml: + Bump for #355865, thanks to Jason Wallace + + 14 Jan 2011; Markos Chandras snort-2.9.0.3.ebuild: + Stable on amd64 wrt bug #351549 + +*snort-2.9.0.3 (13 Jan 2011) + + 13 Jan 2011; Patrick Lauer snort-2.8.5.1.ebuild, + +snort-2.9.0.3.ebuild: + Bump for #351459, dropping x86 stable keyword as libprelude dropped it. + +*snort-2.9.0.2 (03 Dec 2010) + + 03 Dec 2010; Patrick Lauer +snort-2.9.0.2.ebuild: + Bump for #347459 + +*snort-2.9.0.1 (02 Nov 2010) + + 02 Nov 2010; Patrick Lauer +snort-2.9.0.1.ebuild, + +files/snort.rc10, metadata.xml: + Bump for #341013, many ebuild improvements by Jason Wallace and pva + +*snort-2.8.6.1 (13 Aug 2010) + + 13 Aug 2010; Patrick Lauer +snort-2.8.6.1.ebuild: + Bump, ebuild cleanups by Jason Wallace, fixes #331069 + + 19 Jul 2010; Markus Meier snort-2.8.6.ebuild: + add ~arm, bug #301080 + + 11 Jul 2010; Patrick Lauer +snort-2.8.5.3.ebuild: + Readding last 2.8.5 release by popular request + + 18 Jun 2010; Patrick Lauer -snort-2.8.4.1.ebuild, + -snort-2.8.5.2.ebuild, -snort-2.8.5.3.ebuild: + Remove old + + 17 Jun 2010; Patrick Lauer snort-2.8.4.1.ebuild, + snort-2.8.5.1.ebuild, snort-2.8.5.2.ebuild, snort-2.8.5.3.ebuild, + snort-2.8.6.ebuild: + Migrating away from deprecated postgres virtuals + +*snort-2.8.6 (02 Jun 2010) + + 02 Jun 2010; Patrick Lauer +snort-2.8.6.ebuild, + metadata.xml: + Bump, fixes #319279. Thanks to Jason Wallace and Brett Edgar + +*snort-2.8.5.3 (02 Mar 2010) + + 02 Mar 2010; Patrick Lauer +snort-2.8.5.3.ebuild: + Bump for #307351, thanks to Jason Wallace + +*snort-2.8.5.2 (04 Jan 2010) + + 04 Jan 2010; Patrick Lauer +snort-2.8.5.2.ebuild: + Bump, thanks to Jason Wallace + + 26 Dec 2009; Raúl Porcel snort-2.8.5.1.ebuild: + Add ~sparc wrt #268620 + + 26 Nov 2009; Joseph Jezak snort-2.8.5.1.ebuild: + Marked ppc stable for bug #291357. + + 17 Nov 2009; Brent Baude snort-2.8.5.1.ebuild: + Marking snort-2.8.5.1 ppc64 for bug 291357 + + 07 Nov 2009; Tobias Klausmann snort-2.8.5.1.ebuild: + Stable on alpha, bug #291357 + + 04 Nov 2009; Markus Meier snort-2.8.5.1.ebuild: + amd64/x86 stable, bug #291357 + +*snort-2.8.5.1 (02 Nov 2009) + + 02 Nov 2009; Patrick Lauer +snort-2.8.5.1.ebuild, + +files/snort.reload.rc1, metadata.xml: + Bump, thanks to Jason Wallace. Fixes #291558 #291604 #291357 + + 12 Sep 2009; Víctor Ostorga + -files/snort-2.6.1.1-libnet.patch, -files/snort-2.6.1.2-libdir.patch, + -files/snort-2.6.1.2-react.patch, -files/snort-2.6.1.4-libdnet-ip6.patch, + -files/snort-2.6.1.4-server_stats.patch, + -files/snort-2.8.3.1-libnet.patch, -files/snort.rc7, -files/snort.rc8, + -files/spo_database_fix.patch: + Cleaning out unused files + + 17 Aug 2009; Patrick Lauer snort-2.8.4.1.ebuild: + Small typo fix, closes #279926 + + 31 May 2009; Patrick Lauer -snort-2.6.1.3-r1.ebuild, + -snort-2.6.1.4.ebuild, -snort-2.6.1.4-r1.ebuild, -snort-2.7.0.1.ebuild, + -snort-2.8.3.1.ebuild, -snort-2.8.4-r2.ebuild, metadata.xml: + Removing old + + 31 May 2009; Patrick Lauer -snort-2.4.5.ebuild: + Removing old for #271680 + + 25 May 2009; Peter Volkov snort-2.8.4.1.ebuild: + emake should have die at the end. + + 21 May 2009; Brent Baude snort-2.8.4.1.ebuild: + stable ppc, bug 268620 + + 13 May 2009; Markus Meier snort-2.8.4.1.ebuild: + amd64/x86 stable, bug #268620 + + 11 May 2009; Peter Volkov metadata.xml: + Added Jason Wallace to maintainers. + + 11 May 2009; Brent Baude snort-2.8.4.1.ebuild: + stable ppc64, bug 268620 + + 09 May 2009; Tobias Klausmann snort-2.8.4.1.ebuild: + Stable on alpha, bug #268620 + +*snort-2.8.4.1 (05 May 2009) + + 05 May 2009; Patrick Lauer +snort-2.8.4.1.ebuild: + Bump to 2.8.4.1, thanks to Jason Wallace. Closes #268620 + +*snort-2.8.4-r2 (30 Apr 2009) + + 30 Apr 2009; Patrick Lauer -snort-2.8.4.ebuild, + -snort-2.8.4-r1.ebuild, +snort-2.8.4-r2.ebuild: + Lots of small fixes thanks to Jason Wallace. Fixes #266930. + +*snort-2.8.4-r1 (18 Apr 2009) + + 18 Apr 2009; Patrick Lauer +snort-2.8.4-r1.ebuild: + Small compilation fix for ipv6+prelude useflag combo. Thanks to Jason + Wallace. + +*snort-2.8.4 (17 Apr 2009) + + 17 Apr 2009; Patrick Lauer + +files/snort-2.8.4-libnet.patch, +files/pcap_memory.patch, + files/snort.confd, +files/snort.rc9, +files/spo_database_fix.patch, + metadata.xml, +snort-2.8.4.ebuild: + Bump to 2.8.4. Reworked ebuild thanks to Jason Wallace. Lots of changes, + see bug #266288 for details. + +*snort-2.6.1.4-r1 (01 Mar 2009) + + 01 Mar 2009; Patrick Lauer + +files/snort-2.6.1.4-server_stats.patch, +snort-2.6.1.4-r1.ebuild: + Fixing snort 2.6.1.4 for gcc 4.3.3 / foritfy_sources. Fixes #258487. Patch + by Attila Fazekas. + + 26 Jan 2009; Mike Frysinger snort-2.8.3.1.ebuild: + Drop usage of USE=pic here. + + 02 Jan 2009; Tobias Scherbaum + snort-2.8.3.1.ebuild: + Fix postgres dep, #253429 + + 31 Dec 2008; Tobias Scherbaum metadata.xml, + snort-2.8.3.1.ebuild: + Various QA fixes, as requested by Mr_Bones_. Also describe local use-flags + (and switch pthreads to just threads), though those local use-flags do need + some better descriptions. Hey, at least I do care ... + +*snort-2.8.3.1 (23 Nov 2008) + + 23 Nov 2008; Marcelo Goes + +files/snort-2.8.3.1-libnet.patch, +snort-2.8.3.1.ebuild: + 2.8.3.1 version bump with many changes for bug 245752. Thanks to Jason + Wallace and Antixrict for the rewrite. Currently in package.mask for testing. + + 04 Aug 2008; Jeroen Roovers metadata.xml: + Describe local USE flags for GLEP 56. + + 21 May 2008; Tiziano Müller snort-2.4.5.ebuild, + snort-2.6.1.3-r1.ebuild, snort-2.6.1.4.ebuild, snort-2.7.0.1.ebuild: + Changed dependency for postgresql from dev-db/postgresql to + virtual/postgresql-server + + 19 May 2008; Tiziano Müller snort-2.4.5.ebuild, + snort-2.6.1.3-r1.ebuild, snort-2.6.1.4.ebuild, snort-2.7.0.1.ebuild: + Changed dependency for postgresql to virtual/postgresql-base + + 13 May 2008; Ferris McCormick snort-2.6.1.3-r1.ebuild, + snort-2.6.1.4.ebuild: + Making ~sparc again for testing, Bug #221917 + +*snort-2.7.0.1 (05 Sep 2007) + + 05 Sep 2007; Markus Ullmann +snort-2.7.0.1.ebuild: + Version bump wrt bug #185501, needs more testing + + 22 Apr 2007; Daniel Black +files/snort.rc7, + -files/snort.rc9, +snort-2.4.5.ebuild, snort-2.6.1.4.ebuild, + -snort-2.6.1.4-r1.ebuild: + snort.conf default to install to /etc/snort/snort.conf.distrib like the init + script says. No includes proper amd64 library paths too + + 07 Apr 2007; Raphael Marichez + +files/snort-2.6.1.4-libdnet-ip6.patch, snort-2.6.1.4.ebuild: + Fix #173594, ip6 header redeclaration if libdnet. + +*snort-2.6.1.4 (06 Apr 2007) + + 06 Apr 2007; Marcelo Goes +snort-2.6.1.4.ebuild: + 2.6.1.4 version bump. + + 28 Feb 2007; Daniel Black + snort-2.6.1.3-r1.ebuild: + ewarn fixed as per bug #168714 thanks to Toralf + +*snort-2.6.1.3-r1 (28 Feb 2007) + + 28 Feb 2007; Daniel Black -snort-2.6.1.3.ebuild, + +snort-2.6.1.3-r1.ebuild: + -m better default config thanks to Mike Gualtieri as per bug #166874 + + 27 Feb 2007; Tobias Scherbaum + snort-2.6.1.3.ebuild: + Stable on ppc wrt bug #167730. + + 27 Feb 2007; Steve Dibb snort-2.6.1.3.ebuild: + amd64 stable, security bug 167730 + + 21 Feb 2007; Daniel Black snort-2.6.1.2.ebuild, + snort-2.6.1.3.ebuild: + gre patches included in the latest. Fix ebuild error with USE=gre too. + Thanks Tobias bug #167730 + + 20 Feb 2007; Markus Rothe snort-2.6.1.3.ebuild: + Stable on ppc64; bug #167730 + + 20 Feb 2007; Markus Ullmann snort-2.6.1.3.ebuild: + Stable on x86 for bug #167730 + +*snort-2.6.1.3 (20 Feb 2007) + + 20 Feb 2007; Markus Ullmann +snort-2.6.1.3.ebuild: + Security bump wrt bug #167730 + + 11 Feb 2007; Simon Stelling + +files/snort-2.6.1.2-libdir.patch, snort-2.6.1.2.ebuild: + fix multilib-strict and mark stable on amd64; security bug 161632 + + 01 Feb 2007; Markus Ullmann + +files/snort-2.6.1.2-react.patch, snort-2.6.1.2.ebuild: + Add patch for react failure, see bug #162598 for details, thanks to + perry@csk.pl + + 31 Jan 2007; Tobias Scherbaum + snort-2.6.1.2.ebuild: + Stable on ppc wrt bug #161632. + + 27 Jan 2007; Raúl Porcel snort-2.6.1.2.ebuild: + x86 stable wrt bug 161632 + + 27 Jan 2007; Markus Rothe snort-2.6.1.2.ebuild: + Stable on ppc64; bug #161632 + +*snort-2.6.1.2 (17 Jan 2007) + + 17 Jan 2007; Markus Ullmann + +files/snort-2.6.1.1-gre.patch, -snort-2.6.0.ebuild, + -snort-2.6.1.1.ebuild, +snort-2.6.1.2.ebuild: + Fix for security bug #161632 and bug #161750 + + 25 Nov 2006; Cedric Krier snort-2.4.5.ebuild: + Fix bug #149496 + +*snort-2.6.1.1 (25 Nov 2006) + + 25 Nov 2006; Cedric Krier + +files/snort-2.6.1.1-libnet.patch, +files/snort.rc8, + +snort-2.6.1.1.ebuild: + Version bump thanks to Jason Wallace + + 23 Nov 2006; Francesco Riosa snort-2.4.5.ebuild, + snort-2.6.0.ebuild: + dev-db/mysql => virtual/mysql + + 31 Oct 2006; Markus Ullmann snort-2.6.0.ebuild: + Adding -j1 o fix parallel make issue + + 09 Oct 2006; Markus Ullmann snort-2.4.5.ebuild, + snort-2.6.0.ebuild: + Updating deps wrt bug #143033 + + 20 Sep 2006; Stefaan De Roeck snort-2.6.0.ebuild: + Keyworded ~alpha, as there seems to be no reason to keep -alpha + +*snort-2.6.0 (08 Jul 2006) + + 08 Jul 2006; Marcelo Goes +snort-2.6.0.ebuild: + 2.6.0 version bump for bug 136250. Thanks to Ed Davison , Andrew Ross , + Jason Wallace and Brett Edgar . Currently in package.mask for testing. + + 08 Jul 2006; Marcelo Goes + -files/2.3.0-libnet-1.0.patch, -files/snort-2.3.3-log.c.diff, + -files/snort-2.4.4-demarc-patch.diff, -files/snort.rc6, + -snort-2.3.3.ebuild, -snort-2.3.3-r1.ebuild, -snort-2.4.3.ebuild, + -snort-2.4.3-r1.ebuild, -snort-2.4.3-r2.ebuild, -snort-2.4.4.ebuild, + -snort-2.4.4-r1.ebuild: + Remove old ebuilds and unused files. + + 10 Jun 2006; Thomas Cort snort-2.4.5.ebuild: + Stable on amd64 wrt security Bug #135112. + + 07 Jun 2006; Mark Loeser snort-2.4.5.ebuild: + Stable on x86; bug #135112 + + 06 Jun 2006; Tobias Scherbaum snort-2.4.5.ebuild: + ppc stable, bug #135112 + + 06 Jun 2006; Markus Rothe snort-2.4.5.ebuild: + Stable on ppc64; bug #135112 + + 06 Jun 2006; Markus Ullmann snort-2.3.3.ebuild, + snort-2.3.3-r1.ebuild, snort-2.4.3.ebuild, snort-2.4.3-r1.ebuild, + snort-2.4.3-r2.ebuild, snort-2.4.4.ebuild, snort-2.4.4-r1.ebuild, + snort-2.4.5.ebuild: + Changing dep to virtual/libpcap wrt bug #117898 + +*snort-2.4.5 (06 Jun 2006) + + 06 Jun 2006; Markus Ullmann +snort-2.4.5.ebuild: + Version bump wrt bug #135112 + +*snort-2.4.4-r1 (01 Jun 2006) + + 01 Jun 2006; Markus Ullmann +snort-2.4.4-r1.ebuild: + Applying security patch from bug #135112 + + 30 Apr 2006; Simon Stelling snort-2.4.3-r1.ebuild: + stable on amd64 + +*snort-2.4.4 (09 Mar 2006) + + 09 Mar 2006; Marcelo Goes +snort-2.4.4.ebuild: + 2.4.4 version bump for bug 125607, requested by Ken Garland . + + 20 Feb 2006; Markus Rothe snort-2.4.3-r1.ebuild: + Stable on ppc64 + + 17 Feb 2006; Michael Hanselmann snort-2.4.3-r1.ebuild: + Stable on ppc. + +*snort-2.4.3-r2 (17 Feb 2006) + + 17 Feb 2006; Marcelo Goes +files/snort.rc7, + +snort-2.4.3-r2.ebuild: + Add --pidfile option to init script for bug 123169. Thanks to Eric Brown + . + + 15 Feb 2006; Markus Ullmann snort-2.3.3.ebuild, + snort-2.3.3-r1.ebuild, snort-2.4.3.ebuild, snort-2.4.3-r1.ebuild: + Removing virtual/libpcap wrt bug #117898 + + 14 Feb 2006; Mark Loeser snort-2.4.3-r1.ebuild: + Stable on x86; bug #118708 + +*snort-2.4.3-r1 (27 Jan 2006) + + 27 Jan 2006; Marcelo Goes -snort-2.4.1.ebuild, + -snort-2.4.1-r1.ebuild, +snort-2.4.3-r1.ebuild: + Install basic rules for bug 110103. Thanks to Mark Conway and Donald R. Gray Jr . + + 03 Dec 2005; Tom Gall snort-2.3.3-r1.ebuild: + stable on ppc64 + + 26 Nov 2005; Benjamin Smee files/snort.rc6: + Change to init script to accept CONF + +*snort-2.4.3 (19 Oct 2005) + + 19 Oct 2005; Benjamin Smee +snort-2.4.3.ebuild: + revbump for bug #109730 + +*snort-2.4.1-r1 (08 Oct 2005) + + 08 Oct 2005; Benjamin Smee +snort-2.4.1-r1.ebuild: + New conf.d and init.d files as well as sguil integration + + 25 Sep 2005; Marcelo Goes -snort-2.3.0-r1.ebuild, + -snort-2.3.2.ebuild, snort-2.3.3-r1.ebuild, snort-2.4.1.ebuild: + Remove old ebuilds, depend on >=dev-libs/libprelude-0.9.0. + + 21 Sep 2005; Mark Loeser snort-2.3.3.ebuild: + Stable on x86 + + 17 Sep 2005; Michael Hanselmann snort-2.3.3.ebuild: + Stable on ppc. + +*snort-2.4.1 (17 Sep 2005) + + 17 Sep 2005; Marcelo Goes + +files/snort-2.3.3-log.c.diff, snort-2.3.3.ebuild, snort-2.3.3-r1.ebuild, + -snort-2.4.0.ebuild, +snort-2.4.1.ebuild: + Add patch and 2.4.1 version bump for bug 105852. + + 03 Sep 2005; snort-2.4.0.ebuild: + Fixed ebuild as per bug #103482 thanks to yoann@prelude-ids.org + + 23 Aug 2005; Aaron Walker snort-2.3.0-r1.ebuild, + snort-2.3.2.ebuild, snort-2.3.3.ebuild, snort-2.3.3-r1.ebuild, + snort-2.4.0.ebuild: + Use -1 instead of /bin/false, bug #103421. + + 03 Aug 2005; Marcelo Goes snort-2.4.0.ebuild: + Install community rules. + + 01 Aug 2005; Marcelo Goes snort-2.4.0.ebuild: + In Soviet Russia, prelude enables you. Using use_enable instead of use_with + for prelude. Thanks to BaSS and dragonheart for pointing this out. + + 29 Jul 2005; Daniel Black snort-2.3.0-r1.ebuild, + snort-2.3.2.ebuild, snort-2.3.3.ebuild, snort-2.3.3-r1.ebuild, + snort-2.4.0.ebuild: + removed die from epatch || die. + + 29 Jul 2005; Marcelo Goes snort-2.4.0.ebuild: + Use Gentoo mirrors for patches instead of my dev space. + +*snort-2.4.0 (29 Jul 2005) + + 29 Jul 2005; Marcelo Goes + -files/2.0.6-libnet-1.0.patch, -files/2.1.2-libnet-1.0.patch, + -files/snort-2.0.6-gcc3.patch, -files/snort-2.1.2-gcc3.patch, + -files/snort-2.1.3-gcc3.patch, -files/snort-drop-calculation.diff, + -snort-2.0.6.ebuild, -snort-2.1.3.ebuild, -snort-2.2.0.ebuild, + -snort-2.3.0_rc2.ebuild, -snort-2.3.0.ebuild, +snort-2.4.0.ebuild, + -snort-2.4.20050508.ebuild: + Removing ebuilds prior to 2.3.0 and 2.4.0 version bump. + + 25 Jul 2005; Marcelo Goes snort-2.3.3-r1.ebuild: + Move snort user code from pkg_preinst to pkg_setup, changed it a bit. Fixes + bug 94161. Thanks to kakou and Marco Morales + . + + 24 Jul 2005; Marcelo Goes snort-2.3.3-r1.ebuild: + Fix RULEPATH in example config. Fixes bug 99397. Thanks to Marco Morales + . + + 27 Jun 2005; Markus Rothe snort-2.3.3-r1.ebuild, + snort-2.4.20050508.ebuild: + Added ~ppc64 + + 25 Jun 2005; Marcelo Goes snort-2.3.3-r1.ebuild: + Install rules in /etc/snort/rules for cleaner layout. Fixes bug 95368. + Thanks to Greg Watson . + + 26 May 2005; Marcelo Goes : + Took snort-2.3.3-r1 out of package.mask. + +*snort-2.3.3-r1 (08 May 2005) + + 08 May 2005; Marcelo Goes +snort-2.3.3-r1.ebuild, + +snort-2.4.20050508.ebuild: + Prelude patching fun. Making snort-2.3.3-r1 depend on >=libprelude-0.9.0_rc1 + and using patch from their mailing list, as pointed out by Yoann + Vandoorselaere . Also, I made a cvs snapshot of + snort-2.4, which does not require patching anymore, since prelude patches were + accepted in snort. Of course, both new ebuilds are in package.mask for testing + - I expect unexpected borks. This hopefully fixes bug 91820. Thanks to dago + for reporting. + +*snort-2.3.3 (07 May 2005) + + 07 May 2005; Aaron Walker +snort-2.3.3.ebuild: + Version bump for bug 91673. + + 19 Apr 2005; Aaron Walker snort-2.3.2.ebuild: + Marked stable on x86. + + 22 Mar 2005; Aaron Walker snort-2.3.2.ebuild: + Fix missing patch for bug 86219. + +*snort-2.3.2 (19 Mar 2005) + + 19 Mar 2005; Aaron Walker snort-2.3.0-r1.ebuild, + +snort-2.3.2.ebuild: + Version bump; marked 2.3.0-r1 stable on x86. + + 09 Feb 2005; Aaron Walker snort-2.3.0-r1.ebuild, + snort-2.3.0.ebuild, snort-2.3.0_rc2.ebuild: + Fix typo in pkg_postinst for bug 81415. + + 07 Feb 2005; Daniel Black snort-2.3.0-r1.ebuild: + ppc stable + +*snort-2.3.0-r1 (06 Feb 2005) + + 06 Feb 2005; Aaron Walker +snort-2.3.0-r1.ebuild, + snort-2.3.0.ebuild: + Revision bump for bug 80831; added sguil support. Marked 2.3.0 stable on x86. + + 29 Jan 2005; Daniel Black snort-2.0.6.ebuild, + snort-2.1.3.ebuild, snort-2.2.0.ebuild, snort-2.3.0.ebuild, + snort-2.3.0_rc2.ebuild: + changed net-libs/libpcap depend to virtual/libcap + +*snort-2.3.0 (27 Jan 2005) + + 27 Jan 2005; Aaron Walker + +files/2.3.0-libnet-1.0.patch, -files/2.3.0_rc2-libnet-1.0.patch, + +snort-2.3.0.ebuild, snort-2.3.0_rc2.ebuild: + 2.3.0 final; added support for snort-inline via USE=inline. Updated + libnet-1.0 patch to also patch inline.c. Closes bugs 79708 and 79664. + + 25 Jan 2005; Daniel Black snort-2.0.6.ebuild, + snort-2.1.3.ebuild, snort-2.2.0.ebuild, snort-2.3.0_rc2.ebuild: + change shell of snort user to /bin/false as per bug #79216. Thanks to Sascha + Nitsch + + 25 Jan 2005; Aaron Walker snort-2.3.0_rc2.ebuild: + Run autoreconf since it looks like autogen.sh is no longer provided; fixes + bug 79389. + + 11 Jan 2005; Jason Wever snort-2.0.6.ebuild, + snort-2.1.3.ebuild, snort-2.2.0.ebuild, snort-2.3.0_rc2.ebuild: + Masked on sparc wrt bugs #29661 and #75395. + + 11 Jan 2005; Daniel Black snort-2.3.0_rc2.ebuild: + unmasked and x86, ppc stable + +*snort-2.3.0_rc2 (11 Jan 2005) + + 11 Jan 2005; Daniel Black + +files/2.3.0_rc2-libnet-1.0.patch, +snort-2.3.0_rc2.ebuild: + Version bump as per security bug #75395. Still masked pending + further testing + + 28 Nov 2004; Eldad Zack snort-2.1.3.ebuild, + snort-2.2.0.ebuild: + Small post install info error. Thanks to John Barton + for reporting. Closes #72570. + + 30 Oct 2004; Eldad Zack -snort-2.1.2.ebuild, + snort-2.2.0.ebuild: + x86 stable. + + 29 Oct 2004; Eldad Zack snort-2.1.3.ebuild, + snort-2.2.0.ebuild: + Added einfo for MySQL/PostgreSQL usage. Closes #68922. + + 16 Aug 2004; Eldad Zack snort-2.1.3.ebuild, + snort-2.2.0.ebuild: + x86 stable. added ~ppc which was omitted between 2.1.2 and 2.1.3. + +*snort-2.2.0 (15 Aug 2004) + + 15 Aug 2004; Eldad Zack -snort-2.1.0-r1.ebuild, + -snort-2.1.0.ebuild, +snort-2.2.0.ebuild: + Version bump + + 01 Jul 2004; Jon Hood snort-2.0.6.ebuild, + snort-2.1.0-r1.ebuild, snort-2.1.0.ebuild, snort-2.1.1.ebuild, + snort-2.1.2.ebuild, snort-2.1.3.ebuild: + change virtual/glibc to virtual/libc + +*snort-2.1.3 (01 Jul 2004) + + 01 Jul 2004; Eldad Zack +files/snort-2.1.3-gcc3.patch, + +snort-2.1.3.ebuild: + Version bump, added snortsam support. + + 19 Jun 2004; Michael Hanselmann snort-2.0.6.ebuild: + Marked snort 2.0.6 as ~ppc + + 19 Jun 2004; David Holm snort-2.1.2.ebuild: + Added to ~ppc. + + 19 May 2004; Michael Boman snort-1.9.1-r3.ebuild, + snort-2.0.0.ebuild, snort-2.0.1-r1.ebuild, snort-2.0.2.ebuild, + snort-2.0.5-r1.ebuild, snort-2.0.5-r2.ebuild, snort-2.0.5.ebuild, + files/1.9.1-libnet-1.0.patch, files/2.0.0-libnet-1.0.patch, + files/2.0.1-libnet-1.0.patch, files/2.0.2-libnet-1.0.patch, + files/2.0.5-libnet-1.0.patch, files/snort-1.9.0-gentoo.diff, + files/snort-1.9.1-alpha-core_vuln.diff, files/snort-1.9.1-alpha.patch, + files/snort-1.9.1-configure.patch, files/snort-2.0.2-gcc3.patch, + files/snort-2.0.5-gcc3.patch: + Cleaning out old ebuilds + + 17 May 2004; Michael Boman snort-2.1.2.ebuild: + Mark 2.1.2 stable on x86 + + 14 Apr 2004; Jon Hood files/2.1.2-libnet-1.0.patch: + added patch, fixes #47229 + + 06 Apr 2004; Joshua Brindle snort-2.1.1.ebuild, + snort-2.1.2.ebuild: + added selinux policy to rdepend + + 01 Apr 2004; Michael Boman snort-2.1.1.ebuild: + Marked stable on x86 + +*snort-2.1.2 (01 Apr 2004) + + 01 Apr 2004; Michael Boman snort-2.1.2.ebuild, + files/snort-2.1.2-gcc3.patch: + New upstream version. + + 16 Mar 2004; Michael Boman snort-2.0.0.ebuild, + snort-2.0.1-r1.ebuild, snort-2.0.2.ebuild, snort-2.0.5-r1.ebuild, + snort-2.0.5.ebuild, snort-2.1.0.ebuild, snort-2.1.1.ebuild: + Changed ebuilds to use 'sed -i ...' instead of 'sed ... < file > file.new' + syntax. + +*snort-2.1.1 (09 Mar 2004) + + 09 Mar 2004; Michael Boman snort-2.1.1.ebuild, + files/2.1.1-libnet-1.0.patch, files/snort-2.1.1-gcc3.patch, + files/snort-2.1.1-pgsql.patch: + New upstream version. Closes #44067. + + 08 Mar 2004; Michael Boman files/2.0.6-libnet-1.0.patch: + Added missing file. Closing bug #43990. + + 04 Mar 2004; Jason Wever snort-2.0.6.ebuild: + Marked stable on sparc. If you have any problems on sparc, check gentoo bug + #29661. + +*snort-2.1.0-r1 (08 Jan 2004) + + 08 Jan 2004; Michael Boman snort-2.1.0-r1.ebuild, + files/snort-2.1.0-pgsql.patch: + Made use of 'doc' USE flag to install signature documentation. Patched + configure.in to solve bug #37436. + + 07 Jan 2004; Michael Boman snort-2.1.0.ebuild: + Forgot to include the threshold.conf file in the installation process. + +*snort-2.1.0 (06 Jan 2004) + + 06 Jan 2004; Michael Boman snort-2.1.0.ebuild, + files/2.1.0-libnet-1.0.patch, files/snort-2.1.0-gcc3.patch: + New upstream version. Breaks prelude support, samba support is now + obsoleted by upstream. Ebuild with prelude support will follow once + a updated patch is made availble. + +*snort-2.0.6 (21 Dec 2003) + + 21 Dec 2003; Michael Boman snort-2.0.6.ebuild: + New upstream version + + 20 Dec 2003; Michael Boman snort-2.0.5-r2.ebuild: + Bump to stable on x86 + Added ~amd64 to KEYWORDS (fixes bug #36098) + + 16 Dec 2003; Mike Frysinger : + Port the libnet-1.0 patch to snort-2.0.0 to help out the sparc peeps. + +*snort-2.0.5-r2 (09 Dec 2003) + + 09 Dec 2003; Michael Boman snort-2.0.5-r2.ebuild: + Forgot to add etc/prelude-classification.config to the files that should be in + /etc/snort if you are using prelude + + 09 Dec 2003; Michael Boman snort-2.0.5-r2.ebuild: + Added patch to fix drop packet calculations + +*snort-2.0.5-r1 (28 Nov 2003) + + 28 Nov 2003; Michael Boman snort-2.0.5-r1.ebuild: + - Made flexresp optional (controlled by "flexresp" local USE flag), closes #34150. + - Made smbalert optional (controlled by "samba" USE flag). + - Threading support was never officially supported in Snort, and has + been removed from ebuild now as the code is, if not already has been, + cleaned from the source tree. + - Updated prelude patch. + - Assigned myself as the primary maintainer of this ebuild, with the + hardened as the herd. + +*snort-2.0.5 (24 Nov 2003) + + 24 Nov 2003; Daniel Ahlberg snort-2.0.5.ebuild : + Version bump. Closing #29609 and #32950. + + 28 Oct 2003; Martin Holzer snort-2.0.2.ebuild: + adding gcc3 patch. Closes #30540. + + 08 Oct 2003; Jason Wever snort-2.0.2.ebuild: + masked on sparc until bug #30540 is fixed. + +*snort-2.0.2 (06 Oct 2003) + + 06 Oct 2003; Daniel Ahlberg snort-2.0.2.ebuild: + Version bump + +*snort-2.0.1-r1 (21 Aug 2003) + + 21 Aug 2003; Mike Frysinger : + Patch to compile against SLOT-ed libnet-1.0.x #17772. + Also fix user adding to enewuser/enewgroup and switch use + flags over to `use_enable`. + +*snort-1.9.1-r3 (21 Aug 2003) + + 21 Aug 2003; Mike Frysinger : + Patch to compile against SLOT-ed libnet-1.0.x #17772. + Also fix user adding to enewuser/enewgroup and switch use + flags over to `use_enable`. + +*snort-2.0.1 (09 Aug 2003) + + 11 Aug 2003; snort-2.0.1.ebuild, + files/snort-2.0.1+prelude.patch: + Snort 2.0.x does not support snmp bug #26310, Moved large prelude patch to + mirror:// + + 09 Aug 2003; snort-2.0.1.ebuild, + files/snort-2.0.1+prelude.patch: + Added libprelude support to snort. Closes bug 19672. + Upgraded to new upstream version (2.0.1) + +*snort-1.9.1-r2 (22 Apr 2003) + + 22 Apr 2003; Tavis Ormandy snort-1.9.1-r2.ebuild, + snort-2.0.0.ebuild, files/snort-1.9.1-alpha-core_vuln.diff: + snort 2.0.0 is broken on Alpha, backporting the integer overflow fix to snort + 1.9.1 while its being fixed, and bumping version + + 22 Apr 2003; Daniel Ahlberg snort-2.0.0.ebuild files/snort.confd : + Closing #11643. Unmasking becuse of GLSA. + +*snort-2.0.0 (16 Apr 2003) + + 16 Apr 2003; Joshua Brindle Manifest, + snort-2.0.0.ebuild: + 2.0.0 released, yay + +*snort-1.9.1-r1 (29 Mar 2003) + + 29 Mar 2003; Aron Griffis snort-1.9.1-r1.ebuild, + files/snort-1.9.1-alpha.patch: + Add patch and bump revision for alpha. Thanks to Tavis Ormandy for providing + this in bug #18258 + +*snort-1.9.1 (04 Mar 2003) + + 04 Mar 2003; Daniel Ahlberg : + Security update. + + 06 Dec 2002; Rodney Rees : changed sparc ~sparc keywords + +*snort-1.9.0 (24 Oct 2002) + + 24 Oct 2002; Daniel Ahlberg : + Version bump. Found by Torgeir Hansen in #8925. + Added support for specifying listening interface. Closes #6822. + Addes support for snmp, closes #7299. + Locked down dependency on libnet some more. + +*snort-1.8.7 (23 Jul 2002) + + 24 Oct 2002; Daniel Ahlberg files/snort.confd : + Added support for specifying listening interface. Closes #6822. + Locked down dependency on libnet some more. + + 30 Aug 2002; Seemant Kulleen snort-1.8.7.ebuild : + + /var/log/snort now has a .keep in it. Closes bug #7271 by + mcummings@gentoo.org (Michael Cummings) + + 26 Jul 2002; Daniel Ahlberg snort-1.8.7.ebuild snort-1.8.6.ebuild : + + Fix for bug #5592. + + 23 Jul 2002; Daniel Ahlberg snort-1.8.7.ebuild : + + New version. + +*snort-1.8.6 (11 Mar 2003) + + 13 Jul 2003; Daniel Ahlberg : + Added missing changelog entry. + +*snort-1.8.5 (6 Apr 2002) + + 18 Jul 2002; Kyle Manna snort-1.8.6.ebuild : + + Added KEYWORDS. + + 28 Jun 2002; Thilo Bangert : + + moved to net-analyzer - added SLOT - added LICENSE + + 6 Apr 2002; Matthew Kennedy ChangeLog, + snort-1.8.5.ebuild, files/digest-snort-1.8.5: + + Added dependency for PostgreSQL. Moved netlib dep from RDEPEND to + DEPEND (it is statically linked). Version bump to latest. + +*snort-1.8.3-r1 (8 Feb 2002) + + 8 Feb 2002; Donny Davies Changelog, + snort-1.8.3-r1.ebuild, files/digest-snort-1.8.3-r1, + files/snort.confd, files/snort.rc6 files/snort.conf : + + Fix for nonexistant /etc/conf.d/snort. Make user/group addition + a little smarter. + +*snort-1.8.3 (1 Feb 2002) + + 1 Feb 2002; G.Bevin ChangeLog : + + Added initial ChangeLog which should be updated whenever the package is + updated in any way. This changelog is targetted to users. This means that the + comments should well explained and written in clean English. The details about + writing correct changelogs are explained in the skel.ChangeLog file which you + can find in the root directory of the portage repository. + diff --git a/net-analyzer/snort/Manifest b/net-analyzer/snort/Manifest new file mode 100644 index 0000000..a9544ee --- /dev/null +++ b/net-analyzer/snort/Manifest @@ -0,0 +1,7 @@ +AUX snort.confd.2 420 RMD160 66bead70bfb5752d7f9779803453bdecf2694fee SHA1 d4917da66def50d09430a0dff4b2e86103a4834a SHA256 337378f098e0cd59fb5c28a26b5b74b32168cf48596064469e6a5ba04fe3a36f +AUX snort.rc11 1473 RMD160 f9d1a9bfbe88b0bcb5dbecbab3ee3fc647f0a9ff SHA1 cf97f12c9560b85d6ac12492020c5222eb4613b3 SHA256 280ed4fb18c871ca83469a4dd1485f47d422b9d4476613711707c627176e4774 +AUX snortsam-2.9.2.2.diff.gz 28987 RMD160 b09a856bffa47300d3421029ce55375e96eeadf1 SHA1 403ffb76323be7ffee57062fad0cfd61cce755ab SHA256 61c6104778a1cd2d0795be0a7b3d67460955e5ffab392852a930b167c1fe27f2 +AUX snortsam-redirect-2.9.2.2.patch 2370 RMD160 e289bee7423286d287d876792bc47ea6e447cd11 SHA1 00e35d6c10f8eb61b2d348567d9d1fbee931a2aa SHA256 f5111fce50d5578446bd4eb788a9d974ee4ee3c3a27c8e3e2e5a148c59491d3c +DIST snort-2.9.2.2.tar.gz 6529966 RMD160 2c5f3d9d28de860f906c6f229721833b856705c8 SHA1 5b1e9bd527ecba7e42c007ae1a62ff51a4adb2c6 SHA256 63f4eeee24d79e4a4e4b573e085d0d2fd78fcf3b7ea730c37eab7b47fcd9b954 +EBUILD snort-2.9.2.2-r9999.ebuild 9536 RMD160 6eaa6ccae82ac0e752316a646f3c16b094e40354 SHA1 3d8e60f92a7aba3150427446244aeb8625ccbdea SHA256 bad1c917896d45db4649ce70d7003e1e46e5490c9bd8b6820d7eb3186c398f44 +MISC ChangeLog 33624 RMD160 a39244fe968467d72330e62b4e54aaae363a650f SHA1 767a852c3f3a1e3905406ebed2da5b138ff0b543 SHA256 b9d25fcbc4f88b0aa35f78dfd776fa1a673461f4e20fa19a2245e0ac703b0f25 diff --git a/net-analyzer/snort/files/snort.confd.2 b/net-analyzer/snort/files/snort.confd.2 new file mode 100644 index 0000000..780c910 --- /dev/null +++ b/net-analyzer/snort/files/snort.confd.2 @@ -0,0 +1,16 @@ +# Config file for /etc/init.d/snort + +# The following options are now set in your snort.conf file: +# config set_gid: +# config set_uid: +# config snaplen: +# config bpf_file: +# config logdir: + +# The only options that should be set here are SNORT_IFACE and SNORT_CONF. + +# This tell snort which interface to listen on (any for every interface) +SNORT_IFACE="eth1" + +# Probably not this either +SNORT_CONF="/etc/snort/snort.conf" diff --git a/net-analyzer/snort/files/snort.rc11 b/net-analyzer/snort/files/snort.rc11 new file mode 100644 index 0000000..8277575 --- /dev/null +++ b/net-analyzer/snort/files/snort.rc11 @@ -0,0 +1,57 @@ +#!/sbin/runscript +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/files/snort.rc11,v 1.1 2011/09/22 17:39:51 patrick Exp $ + +opts="checkconfig reload" + +depend() { + need net + after mysql + after postgresql +} + +checkconfig() { + if [ ! -e ${SNORT_CONF} ] ; then + eerror "You need a configuration file to run snort" + eerror "There is an example config in /etc/snort/snort.conf.distrib" + return 1 + fi +} + +start() { + checkconfig || return 1 + ebegin "Starting snort" + start-stop-daemon --start --quiet --exec /usr/bin/snort \ + -- --nolock-pidfile --pid-path /var/run/snort -D -i ${SNORT_IFACE} \ + -c ${SNORT_CONF} >/dev/null 2>&1 + eend $? +} + +stop() { + ebegin "Stopping snort" + start-stop-daemon --stop --quiet --pidfile /var/run/snort/snort_${SNORT_IFACE}.pid + # Snort needs a few seconds to fully shutdown + sleep 15 + eend $? +} + +reload() { + + local SNORT_PID="`cat /var/run/snort/snort_${SNORT_IFACE}.pid`" + local SNORT_USER="`ps -p ${SNORT_PID} --no-headers -o user`" + + if [ ! -f /var/run/snort/snort_${SNORT_IFACE}.pid ]; then + eerror "Snort isn't running" + return 1 + elif [ ${SNORT_USER} != root ]; then + eerror "Snort must be running as root for reload to work!" + return 1 + else + checkconfig || return 1 + ebegin "Reloading Snort" + start-stop-daemon --signal HUP --pidfile /var/run/snort/snort_${SNORT_IFACE}.pid + fi +} + + diff --git a/net-analyzer/snort/files/snortsam-2.9.2.2.diff.gz b/net-analyzer/snort/files/snortsam-2.9.2.2.diff.gz new file mode 100644 index 0000000..2952ae8 Binary files /dev/null and b/net-analyzer/snort/files/snortsam-2.9.2.2.diff.gz differ diff --git a/net-analyzer/snort/files/snortsam-redirect-2.9.2.2.patch b/net-analyzer/snort/files/snortsam-redirect-2.9.2.2.patch new file mode 100644 index 0000000..fb48d53 --- /dev/null +++ b/net-analyzer/snort/files/snortsam-redirect-2.9.2.2.patch @@ -0,0 +1,60 @@ +diff -ur snort-2.9.2.2-snortsam/src/output-plugins/spo_alert_fwsam.c snort-2.9.2.2/src/output-plugins/spo_alert_fwsam.c +--- snort-2.9.2.2-snortsam/src/output-plugins/spo_alert_fwsam.c 2012-05-20 18:33:57.271278999 +0400 ++++ snort-2.9.2.2/src/output-plugins/spo_alert_fwsam.c 2012-05-20 19:18:47.383364414 +0400 +@@ -515,6 +515,7 @@ + optp->how=FWSAM_HOW_INOUT; /* inbound and outbound block */ + optp->who=FWSAM_WHO_SRC; /* the source */ + optp->loglevel=FWSAM_LOG_LONGALERT; /* the log level default */ ++ optp->action = FWSAM_STATUS_BLOCK; /* type of action */ + /* parse the fwsam keywords */ + + #ifdef FWSAMDEBUG +@@ -566,6 +567,17 @@ + optp->duration=0; + else + possprob=TRUE; ++ if (!possprob) ++ { ++ char* tok = ap; ++ char* action = strtok(tok, ","); ++ action = strtok(NULL, ","); ++ if (action != NULL) ++ { ++ // set our custom action for redirecting traffic instead of blocking ++ optp->action = FWSAM_STATUS_REDIRECT; ++ } ++ } + } + else if(!*ap) + possprob=TRUE; +@@ -879,7 +891,7 @@ + sampacket.snortseqno[1]=(char)(station->myseqno>>8); + sampacket.fwseqno[0]=(char)station->stationseqno;/* fill station seqno */ + sampacket.fwseqno[1]=(char)(station->stationseqno>>8); +- sampacket.status=FWSAM_STATUS_BLOCK; /* set block mode */ ++ sampacket.status=optp->action; /* set action mode */ + sampacket.version=FWSAM_PACKETVERSION; /* set packet version */ + sampacket.duration[0]=(char)optp->duration; /* set duration */ + sampacket.duration[1]=(char)(optp->duration>>8); +diff -ur snort-2.9.2.2-snortsam/src/output-plugins/spo_alert_fwsam.h snort-2.9.2.2/src/output-plugins/spo_alert_fwsam.h +--- snort-2.9.2.2-snortsam/src/output-plugins/spo_alert_fwsam.h 2012-05-20 18:33:57.270278999 +0400 ++++ snort-2.9.2.2/src/output-plugins/spo_alert_fwsam.h 2012-05-20 19:02:01.695332482 +0400 +@@ -107,6 +107,10 @@ + #define FWSAM_STATUS_BLOCK 3 + #define FWSAM_STATUS_UNBLOCK 9 + ++// Custom action to redirect traffic instead of drop ++#define FWSAM_STATUS_REDIRECT 10 ++ ++ + #define FWSAM_STATUS_OK 4 /* fw to snort */ + #define FWSAM_STATUS_ERROR 5 + #define FWSAM_STATUS_NEWKEY 6 +@@ -186,6 +190,7 @@ + unsigned char who; + unsigned char how; + unsigned char loglevel; ++ unsigned char action; // type of action + } FWsamOptions; + + typedef struct _FWsamlistpointer diff --git a/net-analyzer/snort/snort-2.9.2.2-r9999.ebuild b/net-analyzer/snort/snort-2.9.2.2-r9999.ebuild new file mode 100644 index 0000000..deac581 --- /dev/null +++ b/net-analyzer/snort/snort-2.9.2.2-r9999.ebuild @@ -0,0 +1,272 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/snort-2.9.2.2.ebuild,v 1.1 2012/04/04 09:39:53 patrick Exp $ + +EAPI="2" +inherit eutils autotools multilib + +DESCRIPTION="The de facto standard for intrusion detection/prevention" +HOMEPAGE="http://www.snort.org/" +SRC_URI="http://www.snort.org/dl/snort-current/${P}.tar.gz" +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86 ~mips" +IUSE="static +dynamicplugin +zlib +gre +mpls +targetbased +decoder-preprocessor-rules ++ppm +perfprofiling linux-smp-stats inline-init-failopen +threads debug +active-response ++normalizer reload-error-restart +react +flexresp3 +paf large-pcap-64bit +aruba mysql odbc postgres selinux +snortsam" + +DEPEND=">=net-libs/libpcap-1.0.0 + >=net-libs/daq-0.6 + >=dev-libs/libpcre-6.0 + dev-libs/libdnet + postgres? ( dev-db/postgresql-base ) + mysql? ( virtual/mysql ) + odbc? ( dev-db/unixODBC ) + zlib? ( sys-libs/zlib )" + +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-snort )" + +pkg_setup() { + + if use zlib && ! use dynamicplugin; then + eerror "You have enabled the 'zlib' USE flag but not the 'dynamicplugin' USE flag." + eerror "'zlib' requires 'dynamicplugin' be enabled." + die + fi + + # pre_inst() is a better place to put this + # but we need it here for the 'fowners' statements in src_install() + enewgroup snort + enewuser snort -1 -1 /dev/null snort + +} + +src_prepare() { + + #Multilib fix for the sf_engine + einfo "Applying multilib fix." + sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ + "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ + || die "sed for sf_engine failed" + + #Multilib fix for the curent set of dynamic-preprocessors + for i in ftptelnet smtp ssh dns ssl dcerpc2 sdf imap pop rzb_saac sip reputation gtp modbus dnp3; do + sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ + "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ + || die "sed for $i failed." + done + + # Pinkbyte: add patch for snortsam support + if use snortsam; then + epatch "${FILESDIR}/snortsam-${PV}.diff.gz" + epatch "${FILESDIR}/snortsam-redirect-${PV}.patch" + fi + # + + AT_M4DIR=m4 eautoreconf +} + +src_configure() { + econf \ + $(use_enable !static shared) \ + $(use_enable static) \ + $(use_enable static so-with-static-lib) \ + $(use_enable dynamicplugin) \ + $(use_enable zlib) \ + $(use_enable gre) \ + $(use_enable mpls) \ + $(use_enable targetbased) \ + $(use_enable decoder-preprocessor-rules) \ + $(use_enable ppm) \ + $(use_enable perfprofiling) \ + $(use_enable linux-smp-stats) \ + $(use_enable inline-init-failopen) \ + $(use_enable threads pthread) \ + $(use_enable debug) \ + $(use_enable debug debug-msgs) \ + $(use_enable debug corefiles) \ + $(use_enable !debug dlclose) \ + $(use_enable active-response) \ + $(use_enable normalizer) \ + $(use_enable reload-error-restart) \ + $(use_enable react) \ + $(use_enable flexresp3) \ + $(use_enable paf) \ + $(use_enable large-pcap-64bit large-pcap) \ + $(use_enable aruba) \ + $(use_with mysql) \ + $(use_with odbc) \ + $(use_with postgres postgresql) \ + --enable-ipv6 \ + --enable-reload \ + --disable-prelude \ + --disable-build-dynamic-examples \ + --disable-profile \ + --disable-ppm-test \ + --disable-intel-soft-cpm \ + --disable-static-daq \ + --disable-rzb-saac \ + --without-oracle \ + --enable-sourcefire +} + +src_install() { + + emake DESTDIR="${D}" install || die "emake failed" + + dodir /var/log/snort \ + /var/run/snort \ + /etc/snort/rules \ + /etc/snort/so_rules \ + /usr/$(get_libdir)/snort_dynamicrules \ + || die "Failed to create core directories" + + # config.log and build.log are needed by Sourcefire + # to trouble shoot build problems and bug reports so we are + # perserving them incase the user needs upstream support. + dodoc RELEASE.NOTES ChangeLog \ + doc/* \ + tools/u2boat/README.u2boat \ + schemas/* || die "Failed to install snort docs" + + insinto /etc/snort + doins etc/attribute_table.dtd \ + etc/classification.config \ + etc/gen-msg.map \ + etc/reference.config \ + etc/threshold.conf \ + etc/unicode.map || die "Failed to install docs in etc" + + # We use snort.conf.distrib because the config file is complicated + # and the one shipped with snort can change drastically between versions. + # Users should migrate setting by hand and not with etc-update. + newins etc/snort.conf snort.conf.distrib \ + || die "Failed to add snort.conf.distrib" + + # config.log and build.log are needed by Sourcefire + # to troubleshoot build problems and bug reports so we are + # perserving them incase the user needs upstream support. + # 'die' was intentionally not added here. + if [ -f "${WORKDIR}/${PF}/config.log" ]; then + dodoc "${WORKDIR}/${PF}/config.log" + fi + if [ -f "${T}/build.log" ]; then + dodoc "${T}/build.log" + fi + + insinto /etc/snort/preproc_rules + doins preproc_rules/decoder.rules \ + preproc_rules/preprocessor.rules \ + preproc_rules/sensitive-data.rules || die "Failed to install preproc rule files" + + fowners -R snort:snort \ + /var/log/snort \ + /var/run/snort \ + /etc/snort || die + + newinitd "${FILESDIR}/snort.rc11" snort || die "Failed to install snort init script" + newconfd "${FILESDIR}/snort.confd.2" snort || die "Failed to install snort confd file" + + # Sourcefire uses Makefiles to install docs causing Bug #297190. + # This removes the unwanted doc directory and rogue Makefiles. + rm -rf "${D}"usr/share/doc/snort || die "Failed to remove SF doc directories" + rm "${D}"usr/share/doc/"${PF}"/Makefile* || die "Failed to remove doc make files" + + #Remove unneeded .la files (Bug #382863) + rm "${D}"usr/$(get_libdir)/snort_dynamicengine/libsf_engine.la || die + rm "${D}"usr/$(get_libdir)/snort_dynamicpreprocessor/libsf_*_preproc.la || die "Failed to remove libsf_?_preproc.la" + + # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection + sed -i -e 's|/usr/local/lib|/usr/'$(get_libdir)'|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + # Set the correct rule location in the config + sed -i -e 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + # Set the correct preprocessor/decoder rule location in the config + sed -i -e 's|PREPROC_RULE_PATH ../preproc_rules|PREPROC_RULE_PATH /etc/snort/preproc_rules|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + # Enable the preprocessor/decoder rules + sed -i -e 's|^# include $PREPROC_RULE_PATH|include $PREPROC_RULE_PATH|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + sed -i -e 's|^# dynamicdetection directory|dynamicdetection directory|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + # Just some clean up of trailing /'s in the config + sed -i -e 's|snort_dynamicpreprocessor/$|snort_dynamicpreprocessor|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + # Make it clear in the config where these are... + sed -i -e 's|^include classification.config|include /etc/snort/classification.config|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + sed -i -e 's|^include reference.config|include /etc/snort/reference.config|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + # Disable all rule files by default. + sed -i -e 's|^include $RULE_PATH|# include $RULE_PATH|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + # Disable normalizer preprocessor config if normalizer USE flag not set. + if ! use normalizer; then + sed -i -e 's|^preprocessor normalize|#preprocessor normalize|g' \ + "${D}etc/snort/snort.conf.distrib" || die + fi + + # Set the configured DAQ to afpacket + sed -i -e 's|^# config daq: |config daq: afpacket|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + # Set the location of the DAQ modules + sed -i -e 's|^# config daq_dir: |config daq_dir: /usr/'$(get_libdir)'/daq|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + # Set the DAQ mode to passive + sed -i -e 's|^# config daq_mode: |config daq_mode: passive|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + # Set snort to run as snort:snort + sed -i -e 's|^# config set_gid:|config set_gid: snort|g' \ + "${D}etc/snort/snort.conf.distrib" || die + sed -i -e 's|^# config set_uid:|config set_uid: snort|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + # Set the default log dir + sed -i -e 's|^# config logdir:|config logdir: /var/log/snort/|g' \ + "${D}etc/snort/snort.conf.distrib" || die + + # Set the correct so_rule location in the config + sed -i -e 's|SO_RULE_PATH ../so_rules|SO_RULE_PATH /etc/snort/so_rules|g' \ + "${D}etc/snort/snort.conf.distrib" || die +} + +pkg_postinst() { + + einfo "There have been a number of improvements and new features" + einfo "added to ${P}. Please review the RELEASE.NOTES and" + einfo "ChangLog located in /usr/share/doc/${PF}." + einfo + elog "The Sourcefire Vulnerability Research Team (VRT) recommends that" + elog "users migrate their snort.conf customizations to the latest config" + elog "file released by the VRT. You can find the latest version of the" + elog "Snort config file in /etc/snort/snort.conf.distrib." + elog + elog "!! It is important that you migrate to this new snort.conf file !!" + elog + elog "This version of the ebuild includes an updated init.d file and" + elog "conf.d file that rely on options found in the latest Snort" + elog "config file provided by the VRT." + + if use debug; then + elog "You have the 'debug' USE flag enabled. If this has been done to" + elog "troubleshoot an issue by producing a core dump or a back trace," + elog "then you need to also ensure the FEATURES variable in make.conf" + elog "contains the 'nostrip' option." + fi +}