add snort ebuild with snortsam support and initial patch for traffic redirection action

net-analyzer/snort/ChangeLog

@@ -0,0 +1,915 @@
+# ChangeLog for net-analyzer/snort
+# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.192 2012/04/04 09:39:53 patrick Exp $
+
+*snort-2.9.2.2 (04 Apr 2012)
+
+  04 Apr 2012; Patrick Lauer <patrick@gentoo.org> +snort-2.9.2.2.ebuild:
+  Bump
+
+  11 Mar 2012; Joshua Kinard <kumba@gentoo.org> snort-2.9.1.ebuild,
+  snort-2.9.2.1.ebuild:
+  Both 2.9.1 and 2.9.2* should be using daq-0.6 or greater.
+
+*snort-2.9.2.1 (11 Mar 2012)
+
+  11 Mar 2012; Joshua Kinard <kumba@gentoo.org>
+  -files/snort-2.8.4-libnet.patch, -snort-2.8.5.1.ebuild,
+  -snort-2.8.5.3.ebuild, -snort-2.8.6.ebuild, -snort-2.8.6.1.ebuild,
+  -snort-2.9.0.4-r1.ebuild, snort-2.9.0.5.ebuild, snort-2.9.1.ebuild,
+  -snort-2.9.2.ebuild, +snort-2.9.2.1.ebuild, -files/pcap_memory.patch,
+  -files/snort.rc9, -files/snort.reload.rc1, metadata.xml:
+  Drop old versions and associated files, add 2.9.2.1, and tweak SRC_URI to use
+  a download URL specified on the Snort website that doesn't require manual
+  updating for each new release.
+
+  11 Mar 2012; Tim Harder <radhermit@gentoo.org> snort-2.9.2.ebuild:
+  Fix multilib issue (bug #403725, patch by Rick Farina).
+
+*snort-2.9.2 (11 Jan 2012)
+
+  11 Jan 2012; Patrick Lauer <patrick@gentoo.org> +snort-2.9.2.ebuild:
+  Bump
+
+  29 Sep 2011; Peter Volkov <pva@gentoo.org> snort-2.9.1.ebuild:
+  Fix inability to remove .la files, bug 384443 thank Juergen Rose for report
+  and Jason Wallace for fix.
+
+*snort-2.9.1 (22 Sep 2011)
+
+  22 Sep 2011; Patrick Lauer <patrick@gentoo.org> +snort-2.9.1.ebuild,
+  +files/snort.confd.2, +files/snort.rc11, metadata.xml:
+  Bump for #382851, thanks to Jason Wallace
+
+  21 Sep 2011; Tony Vroon <chainsaw@gentoo.org> snort-2.9.0.5.ebuild:
+  Marked stable on AMD64 based on arch testing by Agostino "ago" Sarubbo &
+  Elijah "Armageddon" El Lazkani in bug #382857.
+
+  24 Jul 2011; Kacper Kowalik <xarthisius@gentoo.org> snort-2.9.0.5.ebuild:
+  Marked ~ppc/~ppc64 wrt #351551
+
+  24 Apr 2011; Raúl Porcel <armin76@gentoo.org> snort-2.9.0.4-r1.ebuild,
+  snort-2.9.0.5.ebuild:
+  Add ~sparc wrt #351551
+
+*snort-2.9.0.5 (13 Apr 2011)
+
+  13 Apr 2011; Patrick Lauer <patrick@gentoo.org> +snort-2.9.0.5.ebuild:
+  Bump for #362417
+
+  02 Apr 2011; Samuli Suominen <ssuominen@gentoo.org> snort-2.8.5.1.ebuild,
+  snort-2.8.5.3.ebuild, snort-2.8.6.ebuild, snort-2.8.6.1.ebuild:
+  Use net-libs/libpcap instead of virtual/libpcap wrt #358835.
+
+  17 Mar 2011; Patrick Lauer <patrick@gentoo.org> snort-2.9.0.4-r1.ebuild:
+  amd64 stable as I accidentally dropped .3 with stable keyword
+
+  17 Mar 2011; Patrick Lauer <patrick@gentoo.org> -snort-2.9.0.1.ebuild,
+  -snort-2.9.0.2.ebuild, -snort-2.9.0.3.ebuild, -snort-2.9.0.4.ebuild,
+  snort-2.9.0.4-r1.ebuild:
+  Push alpha keyword to .4 and remove old 2.9 versions
+
+  13 Mar 2011; Markus Meier <maekke@gentoo.org> snort-2.9.0.4-r1.ebuild:
+  add ~arm, bug #351551
+
+  07 Mar 2011; Tobias Klausmann <klausman@gentoo.org> snort-2.9.0.3.ebuild:
+  Keyworded on alpha, bug #351551
+
+*snort-2.9.0.4-r1 (01 Mar 2011)
+
+  01 Mar 2011; Joshua Kinard <kumba@gentoo.org>  +snort-2.9.0.4-r1.ebuild:
+  Fix #356905, upstream released a patch to address a bug with partial HTTP URI
+  decoding and incremented the internal build number, but did not bump the
+  version number on the available tarball. Build is now 111 from 110.
+
+  28 Feb 2011; Jeroen Roovers <jer@gentoo.org> snort-2.9.0.4.ebuild:
+  Do not install temporary log files (bug #356547).
+
+  26 Feb 2011; Thomas Kahle <tomka@gentoo.org> snort-2.9.0.4.ebuild:
+  x86 stable per bug 351549
+
+  25 Feb 2011; Patrick Lauer <patrick@gentoo.org> files/disabledynamic.patch:
+  Fixing patch
+
+  25 Feb 2011; Patrick Lauer <patrick@gentoo.org> files/disabledynamic.patch:
+  Fixing confused patch
+
+*snort-2.9.0.4 (24 Feb 2011)
+
+  24 Feb 2011; Patrick Lauer <patrick@gentoo.org> +snort-2.9.0.4.ebuild,
+  +files/disabledynamic.patch, metadata.xml:
+  Bump for #355865, thanks to Jason Wallace
+
+  14 Jan 2011; Markos Chandras <hwoarang@gentoo.org> snort-2.9.0.3.ebuild:
+  Stable on amd64 wrt bug #351549
+
+*snort-2.9.0.3 (13 Jan 2011)
+
+  13 Jan 2011; Patrick Lauer <patrick@gentoo.org> snort-2.8.5.1.ebuild,
+  +snort-2.9.0.3.ebuild:
+  Bump for #351459, dropping x86 stable keyword as libprelude dropped it.
+
+*snort-2.9.0.2 (03 Dec 2010)
+
+  03 Dec 2010; Patrick Lauer <patrick@gentoo.org> +snort-2.9.0.2.ebuild:
+  Bump for #347459
+
+*snort-2.9.0.1 (02 Nov 2010)
+
+  02 Nov 2010; Patrick Lauer <patrick@gentoo.org> +snort-2.9.0.1.ebuild,
+  +files/snort.rc10, metadata.xml:
+  Bump for #341013, many ebuild improvements by Jason Wallace and pva
+
+*snort-2.8.6.1 (13 Aug 2010)
+
+  13 Aug 2010; Patrick Lauer <patrick@gentoo.org> +snort-2.8.6.1.ebuild:
+  Bump, ebuild cleanups by Jason Wallace, fixes #331069
+
+  19 Jul 2010; Markus Meier <maekke@gentoo.org> snort-2.8.6.ebuild:
+  add ~arm, bug #301080
+
+  11 Jul 2010; Patrick Lauer <patrick@gentoo.org> +snort-2.8.5.3.ebuild:
+  Readding last 2.8.5 release by popular request
+
+  18 Jun 2010; Patrick Lauer <patrick@gentoo.org> -snort-2.8.4.1.ebuild,
+  -snort-2.8.5.2.ebuild, -snort-2.8.5.3.ebuild:
+  Remove old
+
+  17 Jun 2010; Patrick Lauer <patrick@gentoo.org> snort-2.8.4.1.ebuild,
+  snort-2.8.5.1.ebuild, snort-2.8.5.2.ebuild, snort-2.8.5.3.ebuild,
+  snort-2.8.6.ebuild:
+  Migrating away from deprecated postgres virtuals
+
+*snort-2.8.6 (02 Jun 2010)
+
+  02 Jun 2010; Patrick Lauer <patrick@gentoo.org> +snort-2.8.6.ebuild,
+  metadata.xml:
+  Bump, fixes #319279. Thanks to Jason Wallace and Brett Edgar
+
+*snort-2.8.5.3 (02 Mar 2010)
+
+  02 Mar 2010; Patrick Lauer <patrick@gentoo.org> +snort-2.8.5.3.ebuild:
+  Bump for #307351, thanks to Jason Wallace
+
+*snort-2.8.5.2 (04 Jan 2010)
+
+  04 Jan 2010; Patrick Lauer <patrick@gentoo.org> +snort-2.8.5.2.ebuild:
+  Bump, thanks to Jason Wallace
+
+  26 Dec 2009; Raúl Porcel <armin76@gentoo.org> snort-2.8.5.1.ebuild:
+  Add ~sparc wrt #268620
+
+  26 Nov 2009; Joseph Jezak <josejx@gentoo.org> snort-2.8.5.1.ebuild:
+  Marked ppc stable for bug #291357.
+
+  17 Nov 2009; Brent Baude <ranger@gentoo.org> snort-2.8.5.1.ebuild:
+  Marking snort-2.8.5.1 ppc64 for bug 291357
+
+  07 Nov 2009; Tobias Klausmann <klausman@gentoo.org> snort-2.8.5.1.ebuild:
+  Stable on alpha, bug #291357
+
+  04 Nov 2009; Markus Meier <maekke@gentoo.org> snort-2.8.5.1.ebuild:
+  amd64/x86 stable, bug #291357
+
+*snort-2.8.5.1 (02 Nov 2009)
+
+  02 Nov 2009; Patrick Lauer <patrick@gentoo.org> +snort-2.8.5.1.ebuild,
+  +files/snort.reload.rc1, metadata.xml:
+  Bump, thanks to Jason Wallace. Fixes #291558 #291604 #291357
+
+  12 Sep 2009; Víctor Ostorga <vostorga@gentoo.org>
+  -files/snort-2.6.1.1-libnet.patch, -files/snort-2.6.1.2-libdir.patch,
+  -files/snort-2.6.1.2-react.patch, -files/snort-2.6.1.4-libdnet-ip6.patch,
+  -files/snort-2.6.1.4-server_stats.patch,
+  -files/snort-2.8.3.1-libnet.patch, -files/snort.rc7, -files/snort.rc8,
+  -files/spo_database_fix.patch:
+  Cleaning out unused files
+
+  17 Aug 2009; Patrick Lauer <patrick@gentoo.org> snort-2.8.4.1.ebuild:
+  Small typo fix, closes #279926
+
+  31 May 2009; Patrick Lauer <patrick@gentoo.org> -snort-2.6.1.3-r1.ebuild,
+  -snort-2.6.1.4.ebuild, -snort-2.6.1.4-r1.ebuild, -snort-2.7.0.1.ebuild,
+  -snort-2.8.3.1.ebuild, -snort-2.8.4-r2.ebuild, metadata.xml:
+  Removing old
+
+  31 May 2009; Patrick Lauer <patrick@gentoo.org> -snort-2.4.5.ebuild:
+  Removing old for #271680
+
+  25 May 2009; Peter Volkov <pva@gentoo.org> snort-2.8.4.1.ebuild:
+  emake should have die at the end.
+
+  21 May 2009; Brent Baude <ranger@gentoo.org> snort-2.8.4.1.ebuild:
+  stable ppc, bug 268620
+
+  13 May 2009; Markus Meier <maekke@gentoo.org> snort-2.8.4.1.ebuild:
+  amd64/x86 stable, bug #268620
+
+  11 May 2009; Peter Volkov <pva@gentoo.org> metadata.xml:
+  Added Jason Wallace to maintainers.
+
+  11 May 2009; Brent Baude <ranger@gentoo.org> snort-2.8.4.1.ebuild:
+  stable ppc64, bug 268620
+
+  09 May 2009; Tobias Klausmann <klausman@gentoo.org> snort-2.8.4.1.ebuild:
+  Stable on alpha, bug #268620
+
+*snort-2.8.4.1 (05 May 2009)
+
+  05 May 2009; Patrick Lauer <patrick@gentoo.org> +snort-2.8.4.1.ebuild:
+  Bump to 2.8.4.1, thanks to Jason Wallace. Closes #268620
+
+*snort-2.8.4-r2 (30 Apr 2009)
+
+  30 Apr 2009; Patrick Lauer <patrick@gentoo.org> -snort-2.8.4.ebuild,
+  -snort-2.8.4-r1.ebuild, +snort-2.8.4-r2.ebuild:
+  Lots of small fixes thanks to Jason Wallace. Fixes #266930.
+
+*snort-2.8.4-r1 (18 Apr 2009)
+
+  18 Apr 2009; Patrick Lauer <patrick@gentoo.org> +snort-2.8.4-r1.ebuild:
+  Small compilation fix for ipv6+prelude useflag combo. Thanks to Jason
+  Wallace.
+
+*snort-2.8.4 (17 Apr 2009)
+
+  17 Apr 2009; Patrick Lauer <patrick@gentoo.org>
+  +files/snort-2.8.4-libnet.patch, +files/pcap_memory.patch,
+  files/snort.confd, +files/snort.rc9, +files/spo_database_fix.patch,
+  metadata.xml, +snort-2.8.4.ebuild:
+  Bump to 2.8.4. Reworked ebuild thanks to Jason Wallace. Lots of changes,
+  see bug #266288 for details.
+
+*snort-2.6.1.4-r1 (01 Mar 2009)
+
+  01 Mar 2009; Patrick Lauer <patrick@gentoo.org>
+  +files/snort-2.6.1.4-server_stats.patch, +snort-2.6.1.4-r1.ebuild:
+  Fixing snort 2.6.1.4 for gcc 4.3.3 / foritfy_sources. Fixes #258487. Patch
+  by Attila Fazekas.
+
+  26 Jan 2009; Mike Frysinger <vapier@gentoo.org> snort-2.8.3.1.ebuild:
+  Drop usage of USE=pic here.
+
+  02 Jan 2009; Tobias Scherbaum <dertobi123@gentoo.org>
+  snort-2.8.3.1.ebuild:
+  Fix postgres dep, #253429
+
+  31 Dec 2008; Tobias Scherbaum <dertobi123@gentoo.org> metadata.xml,
+  snort-2.8.3.1.ebuild:
+  Various QA fixes, as requested by Mr_Bones_. Also describe local use-flags
+  (and switch pthreads to just threads), though those local use-flags do need
+  some better descriptions. Hey, at least I do care ...
+
+*snort-2.8.3.1 (23 Nov 2008)
+
+  23 Nov 2008; Marcelo Goes <vanquirius@gentoo.org>
+  +files/snort-2.8.3.1-libnet.patch, +snort-2.8.3.1.ebuild:
+  2.8.3.1 version bump with many changes for bug 245752. Thanks to Jason
+  Wallace <jason.r.wallace at gmail dot com> and Antixrict <antixrict at
+  inbox.lv> for the rewrite. Currently in package.mask for testing.
+
+  04 Aug 2008; Jeroen Roovers <jer@gentoo.org> metadata.xml:
+  Describe local USE flags for GLEP 56.
+
+  21 May 2008; Tiziano Müller <dev-zero@gentoo.org> snort-2.4.5.ebuild,
+  snort-2.6.1.3-r1.ebuild, snort-2.6.1.4.ebuild, snort-2.7.0.1.ebuild:
+  Changed dependency for postgresql from dev-db/postgresql to
+  virtual/postgresql-server
+
+  19 May 2008; Tiziano Müller <dev-zero@gentoo.org> snort-2.4.5.ebuild,
+  snort-2.6.1.3-r1.ebuild, snort-2.6.1.4.ebuild, snort-2.7.0.1.ebuild:
+  Changed dependency for postgresql to virtual/postgresql-base
+
+  13 May 2008; Ferris McCormick <fmccor@gentoo.org> snort-2.6.1.3-r1.ebuild,
+  snort-2.6.1.4.ebuild:
+  Making ~sparc again for testing, Bug #221917
+
+*snort-2.7.0.1 (05 Sep 2007)
+
+  05 Sep 2007; Markus Ullmann <jokey@gentoo.org> +snort-2.7.0.1.ebuild:
+  Version bump wrt bug #185501, needs more testing
+
+  22 Apr 2007; Daniel Black <dragonheart@gentoo.org> +files/snort.rc7,
+  -files/snort.rc9, +snort-2.4.5.ebuild, snort-2.6.1.4.ebuild,
+  -snort-2.6.1.4-r1.ebuild:
+  snort.conf default to install to /etc/snort/snort.conf.distrib like the init
+  script says. No includes proper amd64 library paths too
+
+  07 Apr 2007; Raphael Marichez <falco@gentoo.org>
+  +files/snort-2.6.1.4-libdnet-ip6.patch, snort-2.6.1.4.ebuild:
+  Fix #173594, ip6 header redeclaration if libdnet.
+
+*snort-2.6.1.4 (06 Apr 2007)
+
+  06 Apr 2007; Marcelo Goes <vanquirius@gentoo.org> +snort-2.6.1.4.ebuild:
+  2.6.1.4 version bump.
+
+  28 Feb 2007; Daniel Black <dragonheart@gentoo.org>
+  snort-2.6.1.3-r1.ebuild:
+  ewarn fixed as per bug #168714 thanks to Toralf
+
+*snort-2.6.1.3-r1 (28 Feb 2007)
+
+  28 Feb 2007; Daniel Black <dragonheart@gentoo.org> -snort-2.6.1.3.ebuild,
+  +snort-2.6.1.3-r1.ebuild:
+  -m better default config thanks to Mike Gualtieri as per bug #166874
+
+  27 Feb 2007; Tobias Scherbaum <dertobi123@gentoo.org>
+  snort-2.6.1.3.ebuild:
+  Stable on ppc wrt bug #167730.
+
+  27 Feb 2007; Steve Dibb <beandog@gentoo.org> snort-2.6.1.3.ebuild:
+  amd64 stable, security bug 167730
+
+  21 Feb 2007; Daniel Black <dragonheart@gentoo.org> snort-2.6.1.2.ebuild,
+  snort-2.6.1.3.ebuild:
+  gre patches included in the latest. Fix ebuild error with USE=gre too.
+  Thanks Tobias bug #167730
+
+  20 Feb 2007; Markus Rothe <corsair@gentoo.org> snort-2.6.1.3.ebuild:
+  Stable on ppc64; bug #167730
+
+  20 Feb 2007; Markus Ullmann <jokey@gentoo.org> snort-2.6.1.3.ebuild:
+  Stable on x86 for bug #167730
+
+*snort-2.6.1.3 (20 Feb 2007)
+
+  20 Feb 2007; Markus Ullmann <jokey@gentoo.org> +snort-2.6.1.3.ebuild:
+  Security bump wrt bug #167730
+
+  11 Feb 2007; Simon Stelling <blubb@gentoo.org>
+  +files/snort-2.6.1.2-libdir.patch, snort-2.6.1.2.ebuild:
+  fix multilib-strict and mark stable on amd64; security bug 161632
+
+  01 Feb 2007; Markus Ullmann <jokey@gentoo.org>
+  +files/snort-2.6.1.2-react.patch, snort-2.6.1.2.ebuild:
+  Add patch for react failure, see bug #162598 for details, thanks to
+  perry@csk.pl
+
+  31 Jan 2007; Tobias Scherbaum <dertobi123@gentoo.org>
+  snort-2.6.1.2.ebuild:
+  Stable on ppc wrt bug #161632.
+
+  27 Jan 2007; Raúl Porcel <armin76@gentoo.org> snort-2.6.1.2.ebuild:
+  x86 stable wrt bug 161632
+
+  27 Jan 2007; Markus Rothe <corsair@gentoo.org> snort-2.6.1.2.ebuild:
+  Stable on ppc64; bug #161632
+
+*snort-2.6.1.2 (17 Jan 2007)
+
+  17 Jan 2007; Markus Ullmann <jokey@gentoo.org>
+  +files/snort-2.6.1.1-gre.patch, -snort-2.6.0.ebuild,
+  -snort-2.6.1.1.ebuild, +snort-2.6.1.2.ebuild:
+  Fix for security bug #161632 and bug #161750
+
+  25 Nov 2006; Cedric Krier <cedk@gentoo.org> snort-2.4.5.ebuild:
+  Fix bug #149496
+
+*snort-2.6.1.1 (25 Nov 2006)
+
+  25 Nov 2006; Cedric Krier <cedk@gentoo.org>
+  +files/snort-2.6.1.1-libnet.patch, +files/snort.rc8,
+  +snort-2.6.1.1.ebuild:
+  Version bump thanks to Jason Wallace
+
+  23 Nov 2006; Francesco Riosa <vivo@gentoo.org> snort-2.4.5.ebuild,
+  snort-2.6.0.ebuild:
+  dev-db/mysql => virtual/mysql
+
+  31 Oct 2006; Markus Ullmann <jokey@gentoo.org> snort-2.6.0.ebuild:
+  Adding -j1 o fix parallel make issue
+
+  09 Oct 2006; Markus Ullmann <jokey@gentoo.org> snort-2.4.5.ebuild,
+  snort-2.6.0.ebuild:
+  Updating deps wrt bug #143033
+
+  20 Sep 2006; Stefaan De Roeck <stefaan@gentoo.org> snort-2.6.0.ebuild:
+  Keyworded ~alpha, as there seems to be no reason to keep -alpha
+
+*snort-2.6.0 (08 Jul 2006)
+
+  08 Jul 2006; Marcelo Goes <vanquirius@gentoo.org> +snort-2.6.0.ebuild:
+  2.6.0 version bump for bug 136250. Thanks to Ed Davison <ed.davison at
+  mccombs dot utexas dot edu>, Andrew Ross <aross at westnet dot com dot au>,
+  Jason Wallace <jason.r.wallace at gmail dot com> and Brett Edgar <bedgar at
+  desasecurity dot com>. Currently in package.mask for testing.
+
+  08 Jul 2006; Marcelo Goes <vanquirius@gentoo.org>
+  -files/2.3.0-libnet-1.0.patch, -files/snort-2.3.3-log.c.diff,
+  -files/snort-2.4.4-demarc-patch.diff, -files/snort.rc6,
+  -snort-2.3.3.ebuild, -snort-2.3.3-r1.ebuild, -snort-2.4.3.ebuild,
+  -snort-2.4.3-r1.ebuild, -snort-2.4.3-r2.ebuild, -snort-2.4.4.ebuild,
+  -snort-2.4.4-r1.ebuild:
+  Remove old ebuilds and unused files.
+
+  10 Jun 2006; Thomas Cort <tcort@gentoo.org> snort-2.4.5.ebuild:
+  Stable on amd64 wrt security Bug #135112.
+
+  07 Jun 2006; Mark Loeser <halcy0n@gentoo.org> snort-2.4.5.ebuild:
+  Stable on x86; bug #135112
+
+  06 Jun 2006; Tobias Scherbaum <dertobi123@gentoo.org> snort-2.4.5.ebuild:
+  ppc stable, bug #135112
+
+  06 Jun 2006; Markus Rothe <corsair@gentoo.org> snort-2.4.5.ebuild:
+  Stable on ppc64; bug #135112
+
+  06 Jun 2006; Markus Ullmann <jokey@gentoo.org> snort-2.3.3.ebuild,
+  snort-2.3.3-r1.ebuild, snort-2.4.3.ebuild, snort-2.4.3-r1.ebuild,
+  snort-2.4.3-r2.ebuild, snort-2.4.4.ebuild, snort-2.4.4-r1.ebuild,
+  snort-2.4.5.ebuild:
+  Changing dep to virtual/libpcap wrt bug #117898
+
+*snort-2.4.5 (06 Jun 2006)
+
+  06 Jun 2006; Markus Ullmann <jokey@gentoo.org> +snort-2.4.5.ebuild:
+  Version bump wrt bug #135112
+
+*snort-2.4.4-r1 (01 Jun 2006)
+
+  01 Jun 2006; Markus Ullmann <jokey@gentoo.org> +snort-2.4.4-r1.ebuild:
+  Applying security patch from bug #135112
+
+  30 Apr 2006; Simon Stelling <blubb@gentoo.org> snort-2.4.3-r1.ebuild:
+  stable on amd64
+
+*snort-2.4.4 (09 Mar 2006)
+
+  09 Mar 2006; Marcelo Goes <vanquirius@gentoo.org> +snort-2.4.4.ebuild:
+  2.4.4 version bump for bug 125607, requested by Ken Garland <garlandkr at
+  gmail dot com>.
+
+  20 Feb 2006; Markus Rothe <corsair@gentoo.org> snort-2.4.3-r1.ebuild:
+  Stable on ppc64
+
+  17 Feb 2006; Michael Hanselmann <hansmi@gentoo.org> snort-2.4.3-r1.ebuild:
+  Stable on ppc.
+
+*snort-2.4.3-r2 (17 Feb 2006)
+
+  17 Feb 2006; Marcelo Goes <vanquirius@gentoo.org> +files/snort.rc7,
+  +snort-2.4.3-r2.ebuild:
+  Add --pidfile option to init script for bug 123169. Thanks to Eric Brown
+  <bigwhitecow at hotmail dot com>.
+
+  15 Feb 2006; Markus Ullmann <jokey@gentoo.org> snort-2.3.3.ebuild,
+  snort-2.3.3-r1.ebuild, snort-2.4.3.ebuild, snort-2.4.3-r1.ebuild:
+  Removing virtual/libpcap wrt bug #117898
+
+  14 Feb 2006; Mark Loeser <halcy0n@gentoo.org> snort-2.4.3-r1.ebuild:
+  Stable on x86; bug #118708
+
+*snort-2.4.3-r1 (27 Jan 2006)
+
+  27 Jan 2006; Marcelo Goes <vanquirius@gentoo.org> -snort-2.4.1.ebuild,
+  -snort-2.4.1-r1.ebuild, +snort-2.4.3-r1.ebuild:
+  Install basic rules for bug 110103. Thanks to Mark Conway <mark dot conway
+  at themobiusprojectdot com> and Donald R. Gray Jr <donaldgray at dslextreme
+  dot com>.
+
+  03 Dec 2005; Tom Gall <tgall@gentoo.org> snort-2.3.3-r1.ebuild:
+  stable on ppc64
+
+  26 Nov 2005; Benjamin Smee <strerror@gentoo.org> files/snort.rc6:
+  Change to init script to accept CONF
+
+*snort-2.4.3 (19 Oct 2005)
+
+  19 Oct 2005; Benjamin Smee <strerror@gentoo.org> +snort-2.4.3.ebuild:
+  revbump for bug #109730
+
+*snort-2.4.1-r1 (08 Oct 2005)
+
+  08 Oct 2005; Benjamin Smee <strerror@gentoo.org> +snort-2.4.1-r1.ebuild:
+  New conf.d and init.d files as well as sguil integration
+
+  25 Sep 2005; Marcelo Goes <vanquirius@gentoo.org> -snort-2.3.0-r1.ebuild,
+  -snort-2.3.2.ebuild, snort-2.3.3-r1.ebuild, snort-2.4.1.ebuild:
+  Remove old ebuilds, depend on >=dev-libs/libprelude-0.9.0.
+
+  21 Sep 2005; Mark Loeser <halcy0n@gentoo.org> snort-2.3.3.ebuild:
+  Stable on x86
+
+  17 Sep 2005; Michael Hanselmann <hansmi@gentoo.org> snort-2.3.3.ebuild:
+  Stable on ppc.
+
+*snort-2.4.1 (17 Sep 2005)
+
+  17 Sep 2005; Marcelo Goes <vanquirius@gentoo.org>
+  +files/snort-2.3.3-log.c.diff, snort-2.3.3.ebuild, snort-2.3.3-r1.ebuild,
+  -snort-2.4.0.ebuild, +snort-2.4.1.ebuild:
+  Add patch and 2.4.1 version bump for bug 105852.
+
+  03 Sep 2005; <soulse@gentoo.org> snort-2.4.0.ebuild:
+  Fixed ebuild as per bug #103482 thanks to yoann@prelude-ids.org
+
+  23 Aug 2005; Aaron Walker <ka0ttic@gentoo.org> snort-2.3.0-r1.ebuild,
+  snort-2.3.2.ebuild, snort-2.3.3.ebuild, snort-2.3.3-r1.ebuild,
+  snort-2.4.0.ebuild:
+  Use -1 instead of /bin/false, bug #103421.
+
+  03 Aug 2005; Marcelo Goes <vanquirius@gentoo.org> snort-2.4.0.ebuild:
+  Install community rules.
+
+  01 Aug 2005; Marcelo Goes <vanquirius@gentoo.org> snort-2.4.0.ebuild:
+  In Soviet Russia, prelude enables you. Using use_enable instead of use_with
+  for prelude. Thanks to BaSS and dragonheart for pointing this out.
+
+  29 Jul 2005; Daniel Black <dragonheart@gentoo.org> snort-2.3.0-r1.ebuild,
+  snort-2.3.2.ebuild, snort-2.3.3.ebuild, snort-2.3.3-r1.ebuild,
+  snort-2.4.0.ebuild:
+  removed die from epatch || die.
+
+  29 Jul 2005; Marcelo Goes <vanquirius@gentoo.org> snort-2.4.0.ebuild:
+  Use Gentoo mirrors for patches instead of my dev space.
+
+*snort-2.4.0 (29 Jul 2005)
+
+  29 Jul 2005; Marcelo Goes <vanquirius@gentoo.org>
+  -files/2.0.6-libnet-1.0.patch, -files/2.1.2-libnet-1.0.patch,
+  -files/snort-2.0.6-gcc3.patch, -files/snort-2.1.2-gcc3.patch,
+  -files/snort-2.1.3-gcc3.patch, -files/snort-drop-calculation.diff,
+  -snort-2.0.6.ebuild, -snort-2.1.3.ebuild, -snort-2.2.0.ebuild,
+  -snort-2.3.0_rc2.ebuild, -snort-2.3.0.ebuild, +snort-2.4.0.ebuild,
+  -snort-2.4.20050508.ebuild:
+  Removing ebuilds prior to 2.3.0 and 2.4.0 version bump.
+
+  25 Jul 2005; Marcelo Goes <vanquirius@gentoo.org> snort-2.3.3-r1.ebuild:
+  Move snort user code from pkg_preinst to pkg_setup, changed it a bit. Fixes
+  bug 94161. Thanks to kakou <kakou@kakou.org> and Marco Morales
+  <soulse@gmail.com>.
+
+  24 Jul 2005; Marcelo Goes <vanquirius@gentoo.org> snort-2.3.3-r1.ebuild:
+  Fix RULEPATH in example config. Fixes bug 99397. Thanks to Marco Morales
+  <soulse@gmail.com>.
+
+  27 Jun 2005; Markus Rothe <corsair@gentoo.org> snort-2.3.3-r1.ebuild,
+  snort-2.4.20050508.ebuild:
+  Added ~ppc64
+
+  25 Jun 2005; Marcelo Goes <vanquirius@gentoo.org> snort-2.3.3-r1.ebuild:
+  Install rules in /etc/snort/rules for cleaner layout. Fixes bug 95368.
+  Thanks to Greg Watson <bugs@linuxlogin.com>.
+
+  26 May 2005; Marcelo Goes <vanquirius@gentoo.org> :
+  Took snort-2.3.3-r1 out of package.mask.
+
+*snort-2.3.3-r1 (08 May 2005)
+
+  08 May 2005; Marcelo Goes <vanquirius@gentoo.org> +snort-2.3.3-r1.ebuild,
+  +snort-2.4.20050508.ebuild:
+  Prelude patching fun. Making snort-2.3.3-r1 depend on >=libprelude-0.9.0_rc1
+  and using patch from their mailing list, as pointed out by Yoann
+  Vandoorselaere <yoann@prelude-ids.org>. Also, I made a cvs snapshot of
+  snort-2.4, which does not require patching anymore, since prelude patches were
+  accepted in snort. Of course, both new ebuilds are in package.mask for testing
+  - I expect unexpected borks. This hopefully fixes bug 91820. Thanks to dago
+  <dago158@bluewin.ch> for reporting.
+
+*snort-2.3.3 (07 May 2005)
+
+  07 May 2005; Aaron Walker <ka0ttic@gentoo.org> +snort-2.3.3.ebuild:
+  Version bump for bug 91673.
+
+  19 Apr 2005; Aaron Walker <ka0ttic@gentoo.org> snort-2.3.2.ebuild:
+  Marked stable on x86.
+
+  22 Mar 2005; Aaron Walker <ka0ttic@gentoo.org> snort-2.3.2.ebuild:
+  Fix missing patch for bug 86219.
+
+*snort-2.3.2 (19 Mar 2005)
+
+  19 Mar 2005; Aaron Walker <ka0ttic@gentoo.org> snort-2.3.0-r1.ebuild,
+  +snort-2.3.2.ebuild:
+  Version bump; marked 2.3.0-r1 stable on x86.
+
+  09 Feb 2005; Aaron Walker <ka0ttic@gentoo.org> snort-2.3.0-r1.ebuild,
+  snort-2.3.0.ebuild, snort-2.3.0_rc2.ebuild:
+  Fix typo in pkg_postinst for bug 81415.
+
+  07 Feb 2005; Daniel Black <dragonheart@gentoo.org> snort-2.3.0-r1.ebuild:
+  ppc stable
+
+*snort-2.3.0-r1 (06 Feb 2005)
+
+  06 Feb 2005; Aaron Walker <ka0ttic@gentoo.org> +snort-2.3.0-r1.ebuild,
+  snort-2.3.0.ebuild:
+  Revision bump for bug 80831; added sguil support. Marked 2.3.0 stable on x86.
+
+  29 Jan 2005; Daniel Black <dragonheart@gentoo.org> snort-2.0.6.ebuild,
+  snort-2.1.3.ebuild, snort-2.2.0.ebuild, snort-2.3.0.ebuild,
+  snort-2.3.0_rc2.ebuild:
+  changed net-libs/libpcap depend to virtual/libcap
+
+*snort-2.3.0 (27 Jan 2005)
+
+  27 Jan 2005; Aaron Walker <ka0ttic@gentoo.org>
+  +files/2.3.0-libnet-1.0.patch, -files/2.3.0_rc2-libnet-1.0.patch,
+  +snort-2.3.0.ebuild, snort-2.3.0_rc2.ebuild:
+  2.3.0 final; added support for snort-inline via USE=inline. Updated
+  libnet-1.0 patch to also patch inline.c. Closes bugs 79708 and 79664.
+
+  25 Jan 2005; Daniel Black <dragonheart@gentoo.org> snort-2.0.6.ebuild,
+  snort-2.1.3.ebuild, snort-2.2.0.ebuild, snort-2.3.0_rc2.ebuild:
+  change shell of snort user to /bin/false as per bug #79216. Thanks to Sascha
+  Nitsch <gentoobugs@linuxhowtos.org>
+
+  25 Jan 2005; Aaron Walker <ka0ttic@gentoo.org> snort-2.3.0_rc2.ebuild:
+  Run autoreconf since it looks like autogen.sh is no longer provided; fixes
+  bug 79389.
+
+  11 Jan 2005; Jason Wever <weeve@gentoo.org> snort-2.0.6.ebuild,
+  snort-2.1.3.ebuild, snort-2.2.0.ebuild, snort-2.3.0_rc2.ebuild:
+  Masked on sparc wrt bugs #29661 and #75395.
+
+  11 Jan 2005; Daniel Black <dragonheart@gentoo.org> snort-2.3.0_rc2.ebuild:
+  unmasked and x86, ppc stable
+
+*snort-2.3.0_rc2 (11 Jan 2005)
+
+  11 Jan 2005; Daniel Black <dragonheart@gentoo.org>
+  +files/2.3.0_rc2-libnet-1.0.patch, +snort-2.3.0_rc2.ebuild:
+  Version bump as per security bug #75395. Still masked pending
+  further testing
+
+  28 Nov 2004; Eldad Zack <eldad@gentoo.org> snort-2.1.3.ebuild,
+  snort-2.2.0.ebuild:
+  Small post install info error. Thanks to John Barton
+  <jbarton@technicalworks.net> for reporting. Closes #72570.
+
+  30 Oct 2004; Eldad Zack <eldad@gentoo.org> -snort-2.1.2.ebuild,
+  snort-2.2.0.ebuild:
+  x86 stable.
+
+  29 Oct 2004; Eldad Zack <eldad@gentoo.org> snort-2.1.3.ebuild,
+  snort-2.2.0.ebuild:
+  Added einfo for MySQL/PostgreSQL usage. Closes #68922.
+
+  16 Aug 2004; Eldad Zack <eldad@gentoo.org> snort-2.1.3.ebuild,
+  snort-2.2.0.ebuild:
+  x86 stable. added ~ppc which was omitted between 2.1.2 and 2.1.3.
+
+*snort-2.2.0 (15 Aug 2004)
+
+  15 Aug 2004; Eldad Zack <eldad@gentoo.org> -snort-2.1.0-r1.ebuild,
+  -snort-2.1.0.ebuild, +snort-2.2.0.ebuild:
+  Version bump
+
+  01 Jul 2004; Jon Hood <squinky86@gentoo.org> snort-2.0.6.ebuild,
+  snort-2.1.0-r1.ebuild, snort-2.1.0.ebuild, snort-2.1.1.ebuild,
+  snort-2.1.2.ebuild, snort-2.1.3.ebuild:
+  change virtual/glibc to virtual/libc
+
+*snort-2.1.3 (01 Jul 2004)
+
+  01 Jul 2004; Eldad Zack <eldad@gentoo.org> +files/snort-2.1.3-gcc3.patch,
+  +snort-2.1.3.ebuild:
+  Version bump, added snortsam support.
+
+  19 Jun 2004; Michael Hanselmann <hansmi@gentoo.org> snort-2.0.6.ebuild:
+  Marked snort 2.0.6 as ~ppc
+
+  19 Jun 2004; David Holm <dholm@gentoo.org> snort-2.1.2.ebuild:
+  Added to ~ppc.
+
+  19 May 2004; Michael Boman <mboman@gentoo.org> snort-1.9.1-r3.ebuild,
+  snort-2.0.0.ebuild, snort-2.0.1-r1.ebuild, snort-2.0.2.ebuild,
+  snort-2.0.5-r1.ebuild, snort-2.0.5-r2.ebuild, snort-2.0.5.ebuild,
+  files/1.9.1-libnet-1.0.patch, files/2.0.0-libnet-1.0.patch,
+  files/2.0.1-libnet-1.0.patch, files/2.0.2-libnet-1.0.patch,
+  files/2.0.5-libnet-1.0.patch, files/snort-1.9.0-gentoo.diff,
+  files/snort-1.9.1-alpha-core_vuln.diff, files/snort-1.9.1-alpha.patch,
+  files/snort-1.9.1-configure.patch, files/snort-2.0.2-gcc3.patch,
+  files/snort-2.0.5-gcc3.patch:
+  Cleaning out old ebuilds
+
+  17 May 2004; Michael Boman <mboman@gentoo.org> snort-2.1.2.ebuild:
+  Mark 2.1.2 stable on x86
+
+  14 Apr 2004; Jon Hood <squinky86@gentoo.org> files/2.1.2-libnet-1.0.patch:
+  added patch, fixes #47229
+
+  06 Apr 2004; Joshua Brindle <method@gentoo.org> snort-2.1.1.ebuild,
+  snort-2.1.2.ebuild:
+  added selinux policy to rdepend
+
+  01 Apr 2004; Michael Boman <mboman@gentoo.org> snort-2.1.1.ebuild:
+  Marked stable on x86
+
+*snort-2.1.2 (01 Apr 2004)
+
+  01 Apr 2004; Michael Boman <mboman@gentoo.org> snort-2.1.2.ebuild,
+  files/snort-2.1.2-gcc3.patch:
+  New upstream version.
+
+  16 Mar 2004; Michael Boman <mboman@gentoo.org> snort-2.0.0.ebuild,
+  snort-2.0.1-r1.ebuild, snort-2.0.2.ebuild, snort-2.0.5-r1.ebuild,
+  snort-2.0.5.ebuild, snort-2.1.0.ebuild, snort-2.1.1.ebuild:
+  Changed ebuilds to use 'sed -i ...' instead of 'sed ... < file > file.new'
+  syntax.
+
+*snort-2.1.1 (09 Mar 2004)
+
+  09 Mar 2004; Michael Boman <mboman@gentoo.org> snort-2.1.1.ebuild,
+  files/2.1.1-libnet-1.0.patch, files/snort-2.1.1-gcc3.patch,
+  files/snort-2.1.1-pgsql.patch:
+  New upstream version. Closes #44067.
+
+  08 Mar 2004; Michael Boman <mboman@gentoo.org> files/2.0.6-libnet-1.0.patch:
+  Added missing file. Closing bug #43990.
+
+  04 Mar 2004; Jason Wever <weeve@gentoo.org> snort-2.0.6.ebuild:
+  Marked stable on sparc. If you have any problems on sparc, check gentoo bug
+  #29661.
+
+*snort-2.1.0-r1 (08 Jan 2004)
+
+  08 Jan 2004; Michael Boman <mboman@gentoo.org> snort-2.1.0-r1.ebuild,
+  files/snort-2.1.0-pgsql.patch:
+  Made use of 'doc' USE flag to install signature documentation. Patched
+  configure.in to solve bug #37436.
+
+  07 Jan 2004; Michael Boman <mboman@gentoo.org> snort-2.1.0.ebuild:
+  Forgot to include the threshold.conf file in the installation process.
+
+*snort-2.1.0 (06 Jan 2004)
+
+  06 Jan 2004; Michael Boman <mboman@gentoo.org> snort-2.1.0.ebuild,
+  files/2.1.0-libnet-1.0.patch, files/snort-2.1.0-gcc3.patch:
+  New upstream version. Breaks prelude support, samba support is now
+  obsoleted by upstream. Ebuild with prelude support will follow once
+  a updated patch is made availble.
+
+*snort-2.0.6 (21 Dec 2003)
+
+  21 Dec 2003; Michael Boman <mboman@gentoo.org> snort-2.0.6.ebuild:
+  New upstream version
+
+  20 Dec 2003; Michael Boman <mboman@gentoo.org> snort-2.0.5-r2.ebuild:
+  Bump to stable on x86
+  Added ~amd64 to KEYWORDS (fixes bug #36098)
+
+  16 Dec 2003; Mike Frysinger <vapier@gentoo.org> :
+  Port the libnet-1.0 patch to snort-2.0.0 to help out the sparc peeps.
+
+*snort-2.0.5-r2 (09 Dec 2003)
+
+  09 Dec 2003; Michael Boman <mboman@gentoo.org> snort-2.0.5-r2.ebuild:
+  Forgot to add etc/prelude-classification.config to the files that should be in
+  /etc/snort if you are using prelude
+
+  09 Dec 2003; Michael Boman <mboman@gentoo.org> snort-2.0.5-r2.ebuild:
+  Added patch to fix drop packet calculations
+
+*snort-2.0.5-r1 (28 Nov 2003)
+
+  28 Nov 2003; Michael Boman <mboman@gentoo.org> snort-2.0.5-r1.ebuild:
+  - Made flexresp optional (controlled by "flexresp" local USE flag), closes #34150.
+  - Made smbalert optional (controlled by "samba" USE flag).
+  - Threading support was never officially supported in Snort, and has
+    been removed from ebuild now as the code is, if not already has been,
+    cleaned from the source tree.
+  - Updated prelude patch.
+  - Assigned myself as the primary maintainer of this ebuild, with the
+    hardened as the herd.
+
+*snort-2.0.5 (24 Nov 2003)
+
+  24 Nov 2003; Daniel Ahlberg <aliz@gentoo.org> snort-2.0.5.ebuild :
+  Version bump. Closing #29609 and #32950.
+
+  28 Oct 2003; Martin Holzer <mholzer@gentoo.org> snort-2.0.2.ebuild:
+  adding gcc3 patch. Closes #30540.
+
+  08 Oct 2003; Jason Wever <weeve@gentoo.org> snort-2.0.2.ebuild:
+  masked on sparc until bug #30540 is fixed.
+
+*snort-2.0.2 (06 Oct 2003)
+
+  06 Oct 2003; Daniel Ahlberg <aliz@gentoo.org> snort-2.0.2.ebuild:
+  Version bump
+
+*snort-2.0.1-r1 (21 Aug 2003)
+
+  21 Aug 2003; Mike Frysinger <vapier@gentoo.org> :
+  Patch to compile against SLOT-ed libnet-1.0.x #17772.
+  Also fix user adding to enewuser/enewgroup and switch use
+  flags over to `use_enable`.
+
+*snort-1.9.1-r3 (21 Aug 2003)
+
+  21 Aug 2003; Mike Frysinger <vapier@gentoo.org> :
+  Patch to compile against SLOT-ed libnet-1.0.x #17772.
+  Also fix user adding to enewuser/enewgroup and switch use
+  flags over to `use_enable`.
+
+*snort-2.0.1 (09 Aug 2003)
+
+  11 Aug 2003; <solar@gentoo.org> snort-2.0.1.ebuild,
+  files/snort-2.0.1+prelude.patch:
+  Snort 2.0.x does not support snmp bug #26310, Moved large prelude patch to
+  mirror://
+
+  09 Aug 2003; <mboman@gentoo.org> snort-2.0.1.ebuild,
+  files/snort-2.0.1+prelude.patch:
+  Added libprelude support to snort. Closes bug 19672.
+  Upgraded to new upstream version (2.0.1)
+
+*snort-1.9.1-r2 (22 Apr 2003)
+
+  22 Apr 2003; Tavis Ormandy <taviso@gentoo.org> snort-1.9.1-r2.ebuild,
+  snort-2.0.0.ebuild, files/snort-1.9.1-alpha-core_vuln.diff:
+  snort 2.0.0 is broken on Alpha, backporting the integer overflow fix to snort
+  1.9.1 while its being fixed, and bumping version
+
+  22 Apr 2003; Daniel Ahlberg <aliz@gentoo.org> snort-2.0.0.ebuild files/snort.confd :
+  Closing #11643. Unmasking becuse of GLSA.
+
+*snort-2.0.0 (16 Apr 2003)
+
+  16 Apr 2003; Joshua Brindle <method@gentoo.org> Manifest,
+  snort-2.0.0.ebuild:
+  2.0.0 released, yay
+
+*snort-1.9.1-r1 (29 Mar 2003)
+
+  29 Mar 2003; Aron Griffis <agriffis@gentoo.org> snort-1.9.1-r1.ebuild,
+  files/snort-1.9.1-alpha.patch:
+  Add patch and bump revision for alpha. Thanks to Tavis Ormandy for providing
+  this in bug #18258
+
+*snort-1.9.1 (04 Mar 2003)
+
+  04 Mar 2003; Daniel Ahlberg <aliz@gentoo.org> :
+  Security update.
+
+  06 Dec 2002; Rodney Rees <manson@gentoo.org> : changed sparc ~sparc keywords
+ 
+*snort-1.9.0 (24 Oct 2002)
+
+  24 Oct 2002; Daniel Ahlberg <aliz@gentoo.org> :
+  Version bump. Found by Torgeir Hansen <torgeir@trenger.ro> in #8925.
+  Added support for specifying listening interface. Closes #6822.
+  Addes support for snmp, closes #7299.
+  Locked down dependency on libnet some more.
+
+*snort-1.8.7 (23 Jul 2002)
+
+  24 Oct 2002; Daniel Ahlberg <aliz@gentoo.org> files/snort.confd :
+  Added support for specifying listening interface. Closes #6822.
+  Locked down dependency on libnet some more.
+
+  30 Aug 2002; Seemant Kulleen <seemant@gentoo.org> snort-1.8.7.ebuild :
+
+  /var/log/snort now has a .keep in it. Closes bug #7271 by
+  mcummings@gentoo.org (Michael Cummings)
+
+  26 Jul 2002; Daniel Ahlberg <aliz@gentoo.org> snort-1.8.7.ebuild snort-1.8.6.ebuild :
+
+  Fix for bug #5592. 
+
+  23 Jul 2002; Daniel Ahlberg <aliz@gentoo.org> snort-1.8.7.ebuild :
+  
+  New version.
+
+*snort-1.8.6 (11 Mar 2003)
+ 
+  13 Jul 2003; Daniel Ahlberg <aliz@gentoo.org> :
+  Added missing changelog entry.
+
+*snort-1.8.5 (6 Apr 2002)
+
+  18 Jul 2002; Kyle Manna <nitro@gentoo.org> snort-1.8.6.ebuild :
+  
+  Added KEYWORDS.
+
+  28 Jun 2002; Thilo Bangert <bangert@gentoo.org> :
+
+  moved to net-analyzer - added SLOT - added LICENSE
+
+  6 Apr 2002; Matthew Kennedy <mkennedy@gentoo.org> ChangeLog,
+  snort-1.8.5.ebuild, files/digest-snort-1.8.5:
+
+  Added dependency for PostgreSQL. Moved netlib dep from RDEPEND to
+  DEPEND (it is statically linked). Version bump to latest.
+
+*snort-1.8.3-r1 (8 Feb 2002)
+
+  8 Feb 2002; Donny Davies <woodchip@gentoo.org> Changelog,
+  snort-1.8.3-r1.ebuild, files/digest-snort-1.8.3-r1,
+  files/snort.confd, files/snort.rc6 files/snort.conf :
+
+  Fix for nonexistant /etc/conf.d/snort.  Make user/group addition
+  a little smarter.
+
+*snort-1.8.3 (1 Feb 2002)
+
+  1 Feb 2002; G.Bevin <gbevin@gentoo.org> ChangeLog :
+  
+  Added initial ChangeLog which should be updated whenever the package is
+  updated in any way. This changelog is targetted to users. This means that the
+  comments should well explained and written in clean English. The details about
+  writing correct changelogs are explained in the skel.ChangeLog file which you
+  can find in the root directory of the portage repository.
+

net-analyzer/snort/Manifest

@@ -0,0 +1,7 @@
+AUX snort.confd.2 420 RMD160 66bead70bfb5752d7f9779803453bdecf2694fee SHA1 d4917da66def50d09430a0dff4b2e86103a4834a SHA256 337378f098e0cd59fb5c28a26b5b74b32168cf48596064469e6a5ba04fe3a36f
+AUX snort.rc11 1473 RMD160 f9d1a9bfbe88b0bcb5dbecbab3ee3fc647f0a9ff SHA1 cf97f12c9560b85d6ac12492020c5222eb4613b3 SHA256 280ed4fb18c871ca83469a4dd1485f47d422b9d4476613711707c627176e4774
+AUX snortsam-2.9.2.2.diff.gz 28987 RMD160 b09a856bffa47300d3421029ce55375e96eeadf1 SHA1 403ffb76323be7ffee57062fad0cfd61cce755ab SHA256 61c6104778a1cd2d0795be0a7b3d67460955e5ffab392852a930b167c1fe27f2
+AUX snortsam-redirect-2.9.2.2.patch 2370 RMD160 e289bee7423286d287d876792bc47ea6e447cd11 SHA1 00e35d6c10f8eb61b2d348567d9d1fbee931a2aa SHA256 f5111fce50d5578446bd4eb788a9d974ee4ee3c3a27c8e3e2e5a148c59491d3c
+DIST snort-2.9.2.2.tar.gz 6529966 RMD160 2c5f3d9d28de860f906c6f229721833b856705c8 SHA1 5b1e9bd527ecba7e42c007ae1a62ff51a4adb2c6 SHA256 63f4eeee24d79e4a4e4b573e085d0d2fd78fcf3b7ea730c37eab7b47fcd9b954
+EBUILD snort-2.9.2.2-r9999.ebuild 9536 RMD160 6eaa6ccae82ac0e752316a646f3c16b094e40354 SHA1 3d8e60f92a7aba3150427446244aeb8625ccbdea SHA256 bad1c917896d45db4649ce70d7003e1e46e5490c9bd8b6820d7eb3186c398f44
+MISC ChangeLog 33624 RMD160 a39244fe968467d72330e62b4e54aaae363a650f SHA1 767a852c3f3a1e3905406ebed2da5b138ff0b543 SHA256 b9d25fcbc4f88b0aa35f78dfd776fa1a673461f4e20fa19a2245e0ac703b0f25

net-analyzer/snort/files/snort.confd.2

@@ -0,0 +1,16 @@
+# Config file for /etc/init.d/snort
+
+# The following options are now set in your snort.conf file:
+# config set_gid:
+# config set_uid:
+# config snaplen:
+# config bpf_file:
+# config logdir:
+
+# The only options that should be set here are SNORT_IFACE and SNORT_CONF.
+
+# This tell snort which interface to listen on (any for every interface)
+SNORT_IFACE="eth1"
+
+# Probably not this either
+SNORT_CONF="/etc/snort/snort.conf"

net-analyzer/snort/files/snort.rc11

@@ -0,0 +1,57 @@
+#!/sbin/runscript
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/files/snort.rc11,v 1.1 2011/09/22 17:39:51 patrick Exp $
+
+opts="checkconfig reload"
+
+depend() {
+	need net
+	after mysql
+	after postgresql
+}
+
+checkconfig() {
+	if [ ! -e ${SNORT_CONF} ] ; then
+		eerror "You need a configuration file to run snort"
+		eerror "There is an example config in /etc/snort/snort.conf.distrib"
+		return 1
+	fi
+}
+
+start() {
+	checkconfig || return 1
+	ebegin "Starting snort"
+	start-stop-daemon --start --quiet --exec /usr/bin/snort \
+		-- --nolock-pidfile --pid-path /var/run/snort -D -i ${SNORT_IFACE} \
+		 -c ${SNORT_CONF} >/dev/null 2>&1
+	eend $?
+}
+
+stop() {
+	ebegin "Stopping snort"
+	start-stop-daemon --stop --quiet --pidfile /var/run/snort/snort_${SNORT_IFACE}.pid
+	# Snort needs a few seconds to fully shutdown
+	sleep 15
+	eend $?
+}
+
+reload() {
+
+	local SNORT_PID="`cat /var/run/snort/snort_${SNORT_IFACE}.pid`"
+	local SNORT_USER="`ps -p ${SNORT_PID} --no-headers -o user`"
+
+        if [ ! -f /var/run/snort/snort_${SNORT_IFACE}.pid ]; then
+        	eerror "Snort isn't running"
+                return 1
+	elif [ ${SNORT_USER} != root ]; then
+		eerror "Snort must be running as root for reload to work!"
+		return 1
+	else
+		checkconfig || return 1
+		ebegin "Reloading Snort"
+		start-stop-daemon --signal HUP --pidfile /var/run/snort/snort_${SNORT_IFACE}.pid
+        fi
+}
+
+

net-analyzer/snort/files/snortsam-redirect-2.9.2.2.patch

@@ -0,0 +1,60 @@
+diff -ur snort-2.9.2.2-snortsam/src/output-plugins/spo_alert_fwsam.c snort-2.9.2.2/src/output-plugins/spo_alert_fwsam.c
+--- snort-2.9.2.2-snortsam/src/output-plugins/spo_alert_fwsam.c	2012-05-20 18:33:57.271278999 +0400
++++ snort-2.9.2.2/src/output-plugins/spo_alert_fwsam.c	2012-05-20 19:18:47.383364414 +0400
+@@ -515,6 +515,7 @@
+ 	optp->how=FWSAM_HOW_INOUT;			/* inbound and outbound block */
+ 	optp->who=FWSAM_WHO_SRC;			/* the source  */
+     optp->loglevel=FWSAM_LOG_LONGALERT; /* the log level default */
++	optp->action = FWSAM_STATUS_BLOCK; /* type of action */
+ 	/* parse the fwsam keywords */
+ 
+ #ifdef FWSAMDEBUG
+@@ -566,6 +567,17 @@
+ 					optp->duration=0;
+ 				else
+ 					possprob=TRUE;
++				if (!possprob)
++				{
++					char* tok = ap;
++					char* action = strtok(tok, ",");
++					action = strtok(NULL, ",");
++					if (action != NULL)
++					{
++						// set our custom action for redirecting traffic instead of blocking
++						optp->action = FWSAM_STATUS_REDIRECT;
++					}
++				}
+ 			}
+ 			else if(!*ap)
+ 				possprob=TRUE;
+@@ -879,7 +891,7 @@
+ 						sampacket.snortseqno[1]=(char)(station->myseqno>>8);
+ 						sampacket.fwseqno[0]=(char)station->stationseqno;/* fill station seqno */
+ 						sampacket.fwseqno[1]=(char)(station->stationseqno>>8);
+-						sampacket.status=FWSAM_STATUS_BLOCK;			/* set block mode */
++						sampacket.status=optp->action;				/* set action mode */
+ 						sampacket.version=FWSAM_PACKETVERSION;			/* set packet version */
+ 						sampacket.duration[0]=(char)optp->duration;		/* set duration */
+ 						sampacket.duration[1]=(char)(optp->duration>>8);
+diff -ur snort-2.9.2.2-snortsam/src/output-plugins/spo_alert_fwsam.h snort-2.9.2.2/src/output-plugins/spo_alert_fwsam.h
+--- snort-2.9.2.2-snortsam/src/output-plugins/spo_alert_fwsam.h	2012-05-20 18:33:57.270278999 +0400
++++ snort-2.9.2.2/src/output-plugins/spo_alert_fwsam.h	2012-05-20 19:02:01.695332482 +0400
+@@ -107,6 +107,10 @@
+ #define FWSAM_STATUS_BLOCK		3
+ #define FWSAM_STATUS_UNBLOCK	9
+ 
++// Custom action to redirect traffic instead of drop
++#define FWSAM_STATUS_REDIRECT	10
++
++
+ #define FWSAM_STATUS_OK			4	/* fw to snort */
+ #define FWSAM_STATUS_ERROR		5
+ #define FWSAM_STATUS_NEWKEY		6
+@@ -186,6 +190,7 @@
+ 	unsigned char	who;
+ 	unsigned char	how;
+ 	unsigned char	loglevel;
++	unsigned char	action; // type of action
+ }	FWsamOptions;
+ 
+ typedef struct _FWsamlistpointer

net-analyzer/snort/snort-2.9.2.2-r9999.ebuild

@@ -0,0 +1,272 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/snort-2.9.2.2.ebuild,v 1.1 2012/04/04 09:39:53 patrick Exp $
+
+EAPI="2"
+inherit eutils autotools multilib
+
+DESCRIPTION="The de facto standard for intrusion detection/prevention"
+HOMEPAGE="http://www.snort.org/"
+SRC_URI="http://www.snort.org/dl/snort-current/${P}.tar.gz"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86 ~mips"
+IUSE="static +dynamicplugin +zlib +gre +mpls +targetbased +decoder-preprocessor-rules
++ppm +perfprofiling linux-smp-stats inline-init-failopen +threads debug +active-response
++normalizer reload-error-restart +react +flexresp3 +paf large-pcap-64bit
+aruba mysql odbc postgres selinux
+snortsam"
+
+DEPEND=">=net-libs/libpcap-1.0.0
+	>=net-libs/daq-0.6
+	>=dev-libs/libpcre-6.0
+	dev-libs/libdnet
+	postgres? ( dev-db/postgresql-base )
+	mysql? ( virtual/mysql )
+	odbc? ( dev-db/unixODBC )
+	zlib? ( sys-libs/zlib )"
+
+RDEPEND="${DEPEND}
+	selinux? ( sec-policy/selinux-snort )"
+
+pkg_setup() {
+
+	if use zlib && ! use dynamicplugin; then
+		eerror "You have enabled the 'zlib' USE flag but not the 'dynamicplugin' USE flag."
+		eerror "'zlib' requires 'dynamicplugin' be enabled."
+		die
+	fi
+
+	# pre_inst() is a better place to put this
+	# but we need it here for the 'fowners' statements in src_install()
+	enewgroup snort
+	enewuser snort -1 -1 /dev/null snort
+
+}
+
+src_prepare() {
+
+	#Multilib fix for the sf_engine
+	einfo "Applying multilib fix."
+	sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \
+		"${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \
+		|| die "sed for sf_engine failed"
+
+	#Multilib fix for the curent set of dynamic-preprocessors
+	for i in ftptelnet smtp ssh dns ssl dcerpc2 sdf imap pop rzb_saac sip reputation gtp modbus dnp3; do
+		sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \
+			"${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \
+			|| die "sed for $i failed."
+	done
+
+	# Pinkbyte: add patch for snortsam support
+	if use snortsam; then
+		epatch "${FILESDIR}/snortsam-${PV}.diff.gz"
+		epatch "${FILESDIR}/snortsam-redirect-${PV}.patch"
+	fi
+	#
+
+	AT_M4DIR=m4 eautoreconf
+}
+
+src_configure() {
+	econf \
+		$(use_enable !static shared) \
+		$(use_enable static) \
+		$(use_enable static so-with-static-lib) \
+		$(use_enable dynamicplugin) \
+		$(use_enable zlib) \
+		$(use_enable gre) \
+		$(use_enable mpls) \
+		$(use_enable targetbased) \
+		$(use_enable decoder-preprocessor-rules) \
+		$(use_enable ppm) \
+		$(use_enable perfprofiling) \
+		$(use_enable linux-smp-stats) \
+		$(use_enable inline-init-failopen) \
+		$(use_enable threads pthread) \
+		$(use_enable debug) \
+		$(use_enable debug debug-msgs) \
+		$(use_enable debug corefiles) \
+		$(use_enable !debug dlclose) \
+		$(use_enable active-response) \
+		$(use_enable normalizer) \
+		$(use_enable reload-error-restart) \
+		$(use_enable react) \
+		$(use_enable flexresp3) \
+		$(use_enable paf) \
+		$(use_enable large-pcap-64bit large-pcap) \
+		$(use_enable aruba) \
+		$(use_with mysql) \
+		$(use_with odbc) \
+		$(use_with postgres postgresql) \
+		--enable-ipv6 \
+		--enable-reload \
+		--disable-prelude \
+		--disable-build-dynamic-examples \
+		--disable-profile \
+		--disable-ppm-test \
+		--disable-intel-soft-cpm \
+		--disable-static-daq \
+		--disable-rzb-saac \
+		--without-oracle \
+		--enable-sourcefire
+}
+
+src_install() {
+
+	emake DESTDIR="${D}" install || die "emake failed"
+
+	dodir /var/log/snort \
+		/var/run/snort \
+		/etc/snort/rules \
+		/etc/snort/so_rules \
+		/usr/$(get_libdir)/snort_dynamicrules \
+			|| die "Failed to create core directories"
+
+	# config.log and build.log are needed by Sourcefire
+	# to trouble shoot build problems and bug reports so we are
+	# perserving them incase the user needs upstream support.
+	dodoc RELEASE.NOTES ChangeLog \
+		doc/* \
+		tools/u2boat/README.u2boat \
+		schemas/* || die "Failed to install snort docs"
+
+	insinto /etc/snort
+	doins etc/attribute_table.dtd \
+		etc/classification.config \
+		etc/gen-msg.map \
+		etc/reference.config \
+		etc/threshold.conf \
+		etc/unicode.map || die "Failed to install docs in etc"
+
+	# We use snort.conf.distrib because the config file is complicated
+	# and the one shipped with snort can change drastically between versions.
+	# Users should migrate setting by hand and not with etc-update.
+	newins etc/snort.conf snort.conf.distrib \
+		|| die "Failed to add snort.conf.distrib"
+
+	# config.log and build.log are needed by Sourcefire
+	# to troubleshoot build problems and bug reports so we are
+	# perserving them incase the user needs upstream support.
+	# 'die' was intentionally not added here.
+	if [ -f "${WORKDIR}/${PF}/config.log" ]; then
+		dodoc "${WORKDIR}/${PF}/config.log"
+	fi
+	if [ -f "${T}/build.log" ]; then
+		dodoc "${T}/build.log"
+	fi
+
+	insinto /etc/snort/preproc_rules
+	doins preproc_rules/decoder.rules \
+		preproc_rules/preprocessor.rules \
+		preproc_rules/sensitive-data.rules || die "Failed to install preproc rule files"
+
+	fowners -R snort:snort \
+		/var/log/snort \
+		/var/run/snort \
+		/etc/snort || die
+
+	newinitd "${FILESDIR}/snort.rc11" snort || die "Failed to install snort init script"
+	newconfd "${FILESDIR}/snort.confd.2" snort || die "Failed to install snort confd file"
+
+	# Sourcefire uses Makefiles to install docs causing Bug #297190.
+	# This removes the unwanted doc directory and rogue Makefiles.
+	rm -rf "${D}"usr/share/doc/snort || die "Failed to remove SF doc directories"
+	rm "${D}"usr/share/doc/"${PF}"/Makefile* || die "Failed to remove doc make files"
+
+	#Remove unneeded .la files (Bug #382863)
+	rm "${D}"usr/$(get_libdir)/snort_dynamicengine/libsf_engine.la || die
+	rm "${D}"usr/$(get_libdir)/snort_dynamicpreprocessor/libsf_*_preproc.la || die "Failed to remove libsf_?_preproc.la"
+
+	# Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection
+	sed -i -e 's|/usr/local/lib|/usr/'$(get_libdir)'|g' \
+		"${D}etc/snort/snort.conf.distrib" || die
+
+	# Set the correct rule location in the config
+	sed -i -e 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|g' \
+		"${D}etc/snort/snort.conf.distrib" || die
+
+	# Set the correct preprocessor/decoder rule location in the config
+	sed -i -e 's|PREPROC_RULE_PATH ../preproc_rules|PREPROC_RULE_PATH /etc/snort/preproc_rules|g' \
+		"${D}etc/snort/snort.conf.distrib" || die
+
+	# Enable the preprocessor/decoder rules
+	sed -i -e 's|^# include $PREPROC_RULE_PATH|include $PREPROC_RULE_PATH|g' \
+		"${D}etc/snort/snort.conf.distrib" || die
+
+	sed -i -e 's|^# dynamicdetection directory|dynamicdetection directory|g' \
+		"${D}etc/snort/snort.conf.distrib" || die
+
+	# Just some clean up of trailing /'s in the config
+	sed -i -e 's|snort_dynamicpreprocessor/$|snort_dynamicpreprocessor|g' \
+		"${D}etc/snort/snort.conf.distrib" || die
+
+	# Make it clear in the config where these are...
+	sed -i -e 's|^include classification.config|include /etc/snort/classification.config|g' \
+		"${D}etc/snort/snort.conf.distrib" || die
+
+	sed -i -e 's|^include reference.config|include /etc/snort/reference.config|g' \
+		"${D}etc/snort/snort.conf.distrib" || die
+
+	# Disable all rule files by default.
+	sed -i -e 's|^include $RULE_PATH|# include $RULE_PATH|g' \
+		"${D}etc/snort/snort.conf.distrib" || die
+
+	# Disable normalizer preprocessor config if normalizer USE flag not set.
+	if ! use normalizer; then
+		sed -i -e 's|^preprocessor normalize|#preprocessor normalize|g' \
+			"${D}etc/snort/snort.conf.distrib" || die
+	fi
+
+	# Set the configured DAQ to afpacket
+	sed -i -e 's|^# config daq: <type>|config daq: afpacket|g' \
+		"${D}etc/snort/snort.conf.distrib" || die
+
+	# Set the location of the DAQ modules
+	sed -i -e 's|^# config daq_dir: <dir>|config daq_dir: /usr/'$(get_libdir)'/daq|g' \
+		"${D}etc/snort/snort.conf.distrib" || die
+
+	# Set the DAQ mode to passive
+	sed -i -e 's|^# config daq_mode: <mode>|config daq_mode: passive|g' \
+		"${D}etc/snort/snort.conf.distrib" || die
+
+	# Set snort to run as snort:snort
+	sed -i -e 's|^# config set_gid:|config set_gid: snort|g' \
+		"${D}etc/snort/snort.conf.distrib" || die
+	sed -i -e 's|^# config set_uid:|config set_uid: snort|g' \
+		"${D}etc/snort/snort.conf.distrib" || die
+
+	# Set the default log dir
+	sed -i -e 's|^# config logdir:|config logdir: /var/log/snort/|g' \
+		"${D}etc/snort/snort.conf.distrib" || die
+
+	# Set the correct so_rule location in the config
+	 sed -i -e 's|SO_RULE_PATH ../so_rules|SO_RULE_PATH /etc/snort/so_rules|g' \
+		 "${D}etc/snort/snort.conf.distrib" || die
+}
+
+pkg_postinst() {
+
+	einfo "There have been a number of improvements and new features"
+	einfo "added to ${P}. Please review the RELEASE.NOTES and"
+	einfo "ChangLog located in /usr/share/doc/${PF}."
+	einfo
+	elog "The Sourcefire Vulnerability Research Team (VRT) recommends that"
+	elog "users migrate their snort.conf customizations to the latest config"
+	elog "file released by the VRT. You can find the latest version of the"
+	elog "Snort config file in /etc/snort/snort.conf.distrib."
+	elog
+	elog "!! It is important that you migrate to this new snort.conf file !!"
+	elog
+	elog "This version of the ebuild includes an updated init.d file and"
+	elog "conf.d file that rely on options found in the latest Snort"
+	elog "config file provided by the VRT."
+
+	if use debug; then
+		elog "You have the 'debug' USE flag enabled. If this has been done to"
+		elog "troubleshoot an issue by producing a core dump or a back trace,"
+		elog "then you need to also ensure the FEATURES variable in make.conf"
+		elog "contains the 'nostrip' option."
+	fi
+}