From: Markus Ullmann Date: Wed, 17 Jan 2007 01:40:58 +0000 (+0000) Subject: Fix for security bug #161632 and bug #161750 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=51a196dce3d839926decd27587cade6dc6d4cc19;p=gentoo.git Fix for security bug #161632 and bug #161750 Package-Manager: portage-2.1.2_rc4-r8 --- diff --git a/net-analyzer/snort/Manifest b/net-analyzer/snort/Manifest index c0ea28bc572e..b52a4d579727 100644 --- a/net-analyzer/snort/Manifest +++ b/net-analyzer/snort/Manifest @@ -1,3 +1,10 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA1 + +AUX snort-2.6.1.1-gre.patch 1164 RMD160 c80be0a6286ad7f79bb22fa94148e2f77ce25a34 SHA1 f0b3e80f05a433a9182d038fe4a28bc37260337a SHA256 72df4c81f615a72a3d305ac236b38aee5a2c953ff1e5fa39e075a7ef2e6b82ef +MD5 e83ddd6b75669ad58e2ce6cafedc0aaf files/snort-2.6.1.1-gre.patch 1164 +RMD160 c80be0a6286ad7f79bb22fa94148e2f77ce25a34 files/snort-2.6.1.1-gre.patch 1164 +SHA256 72df4c81f615a72a3d305ac236b38aee5a2c953ff1e5fa39e075a7ef2e6b82ef files/snort-2.6.1.1-gre.patch 1164 AUX snort-2.6.1.1-libnet.patch 8062 RMD160 fb42546b2efce968160afb0a0e0e96c8f0ad1471 SHA1 bcac8005327e016d8ffc1cf4b74aeb80228a2839 SHA256 ff36205cdd4554ff23c845383a82c9fdef6682a399072f3306f6aa3b74378b86 MD5 24315885b9f04323523e4fec8906888d files/snort-2.6.1.1-libnet.patch 8062 RMD160 fb42546b2efce968160afb0a0e0e96c8f0ad1471 files/snort-2.6.1.1-libnet.patch 8062 @@ -18,26 +25,21 @@ DIST Community-Rules-2.4.tar.gz 110044 RMD160 ecfb4444cb0152545d823692eb6e5e2347 DIST Community-Rules.tar.gz 11678 RMD160 a65b656e4dbf29f1c807622e865e945f509fe0c5 SHA1 de02fd44c58529795e0ab59b65aa08a608cffd95 SHA256 fd37a897455dcb4bace1f7f0af11747b5360e0e3896cd0b9649e5d19281bb2cf DIST snort-2.4.0-genpatches.tar.bz2 6475 RMD160 9ea99c71892a2cbf409ead3514ae792210bdf3d0 SHA1 23d7ac5fb3e3fca5340a4f45ff6d64c4a4214e42 SHA256 8bf51a47b2a0db9ccad83a27105994befd9be381b41aeb02561882308f4c6dff DIST snort-2.4.5.tar.gz 2817837 RMD160 1b697ccd84e1c10406ac20ccc0c46f79ea661e11 SHA1 3ba7dae8058aecf4e4eb1c7a816a7c8a4fb7c550 SHA256 84eb84da542d23e9f1c29b8eb319614c509fb19a745f1fa2a88d07c740645184 -DIST snort-2.6.0.tar.gz 3322826 RMD160 862cfd20b866b58dcc5a27cb3f4fcad90c1b7550 SHA1 502b68163ab378ea55e88d588f8a4784a589377d SHA256 0acbfedf728df3d63ed075a56259b81ab5e26099051ceb5808e0c87329fe588d -DIST snort-2.6.1.1.tar.gz 3509132 RMD160 f49ac2f339303ccc48f343c21f0873e9ca49de2e SHA1 ce17e85725ba68b483d93c544872e6e8c6380a36 SHA256 01e21432ec5a60a3965ce3e3ebf9cdb4125c9dd5d218da22688857a6357e2a94 +DIST snort-2.6.1.2.tar.gz 3511538 RMD160 bd0ce3a4629a6e594a5f24723254e85d36597d04 SHA1 745f56806a0bae128a5c93c93c5eda9a4b80f593 SHA256 ca8bf1b1aa2fe23c9e8f8cb23482da123aac4b5842950b3cc2a40ba13da96b51 DIST snortrules-pr-2.4.tar.gz 789097 RMD160 dd2179b3ce8a55699d2e1b857426e5489191a121 SHA1 b8b59754ccb59b1dcf324d2faa399326117a60e9 SHA256 19d2545a2a150dff8b4dbcbd0def389b6865c4c70f5084172d08a7b151e1a504 DIST snortsam-20050110.tar.gz 29395 RMD160 ec80ce024ed7a013da35444ef1098ba3faa6cfc3 SHA1 46a274abeeea4e808849c65b9d510a5b5a221ba6 SHA256 dc428458f3c47684aabb89036ca7e601a6aa92864dbf23b31f33732b76c2a01e EBUILD snort-2.4.5.ebuild 4425 RMD160 e0df6b4511ecd8ea5447d49963b32279981a2aa8 SHA1 730c173bfdf4a5b0cbc659e48f994844470a2e03 SHA256 8fcef1aae9797a4c5bd51f4810c17d4de69cfa6d351bb131f3f8fa1cfdc873c7 MD5 edd3367ef6795d519b1ae1cf237de552 snort-2.4.5.ebuild 4425 RMD160 e0df6b4511ecd8ea5447d49963b32279981a2aa8 snort-2.4.5.ebuild 4425 SHA256 8fcef1aae9797a4c5bd51f4810c17d4de69cfa6d351bb131f3f8fa1cfdc873c7 snort-2.4.5.ebuild 4425 -EBUILD snort-2.6.0.ebuild 5582 RMD160 c7fbda8bf032ff999b2e25416bedb9b577f2a16c SHA1 8ebc775b11a19f53c92c8db36b18dfb00ca1002f SHA256 8484ad4280601dcd6fad7b7af830d5084b8aaed97ba6611d8c7f59917d7a6031 -MD5 b584eb93be73ead6107524cee48f2c97 snort-2.6.0.ebuild 5582 -RMD160 c7fbda8bf032ff999b2e25416bedb9b577f2a16c snort-2.6.0.ebuild 5582 -SHA256 8484ad4280601dcd6fad7b7af830d5084b8aaed97ba6611d8c7f59917d7a6031 snort-2.6.0.ebuild 5582 -EBUILD snort-2.6.1.1.ebuild 5610 RMD160 400b265c44011f72978a67e29ff54450e9fa0aff SHA1 a8df9758f41c401453314bf689c7d2672d9ad055 SHA256 69cd84f4b5761b1a3925b4a67f2233fc18e3fcaba9f899387b9fc53c61ffd8a9 -MD5 5a9ab6ab68ef70bf0a31852fec6e395a snort-2.6.1.1.ebuild 5610 -RMD160 400b265c44011f72978a67e29ff54450e9fa0aff snort-2.6.1.1.ebuild 5610 -SHA256 69cd84f4b5761b1a3925b4a67f2233fc18e3fcaba9f899387b9fc53c61ffd8a9 snort-2.6.1.1.ebuild 5610 -MISC ChangeLog 20373 RMD160 b44167ba5c74d44a1a35cbd9611ec6a8964b2e6c SHA1 a632462ffa1c4ec6627c714a28ad34be9a374224 SHA256 33bcc4977e168e52b83eed6948b872448133f188ba001b12182fd9bc884a4872 -MD5 26a6d9db796eea42fb5d083703ec2d09 ChangeLog 20373 -RMD160 b44167ba5c74d44a1a35cbd9611ec6a8964b2e6c ChangeLog 20373 -SHA256 33bcc4977e168e52b83eed6948b872448133f188ba001b12182fd9bc884a4872 ChangeLog 20373 +EBUILD snort-2.6.1.2.ebuild 5707 RMD160 e307cbc27bf21889927ba51438c002f5e1bab714 SHA1 86b6497ef27760372d3a0b2c250566a9e099805e SHA256 8f410634c07d9927a29d60c39a7ece2eaf31ef3fc31944baac4f9055c1a35c51 +MD5 7869847f77d299d42c053c1d673fca43 snort-2.6.1.2.ebuild 5707 +RMD160 e307cbc27bf21889927ba51438c002f5e1bab714 snort-2.6.1.2.ebuild 5707 +SHA256 8f410634c07d9927a29d60c39a7ece2eaf31ef3fc31944baac4f9055c1a35c51 snort-2.6.1.2.ebuild 5707 +MISC ChangeLog 20604 RMD160 f15116f9a7cd5a6dab7bd7208733167c36d3f710 SHA1 acd838a4b4d2d7f093a20de008b605f10c02d99e SHA256 f9810c8e118dffb2552b6ca855cf1c29bcae790134e5252d12de4d329c895c43 +MD5 3d9bf6096072e2fbd1106f938e484168 ChangeLog 20604 +RMD160 f15116f9a7cd5a6dab7bd7208733167c36d3f710 ChangeLog 20604 +SHA256 f9810c8e118dffb2552b6ca855cf1c29bcae790134e5252d12de4d329c895c43 ChangeLog 20604 MISC metadata.xml 246 RMD160 427cf3e9767d777650d905a7b4fcad57259908bb SHA1 470a19ab011412f7f219d654304b7a43876082ae SHA256 843ac8d26d6f2f01b254d963268d1b4dc7ec515e5ce16daf47f7c68f2c47584e MD5 53edc4328d9adeaf087c65ea94b1594b metadata.xml 246 RMD160 427cf3e9767d777650d905a7b4fcad57259908bb metadata.xml 246 @@ -45,9 +47,13 @@ SHA256 843ac8d26d6f2f01b254d963268d1b4dc7ec515e5ce16daf47f7c68f2c47584e metadata MD5 8ab79a3b3485b8028ffc95ef22f0e4a7 files/digest-snort-2.4.5 1250 RMD160 9f1bbc6e281b0a46b8dad256d91b2c7898d21d4e files/digest-snort-2.4.5 1250 SHA256 eca549eac2e372a4307f224ffb2150f9fd940540134ecae1c73621c81f61d826 files/digest-snort-2.4.5 1250 -MD5 2f9a1287ed8f1232c7b5eb58142e97f1 files/digest-snort-2.6.0 985 -RMD160 1ffee6de223e8608f77c9cb592cb93c80f31680b files/digest-snort-2.6.0 985 -SHA256 eaf927c4c17b7e2ecf529a6cc28ad697600962f607caaf6e7b755003f9fd7cb7 files/digest-snort-2.6.0 985 -MD5 2e5c4d33b57f408c8ff2d95cc66316b0 files/digest-snort-2.6.1.1 1006 -RMD160 31dde0e210e56d041c915b821a964097f222d0bf files/digest-snort-2.6.1.1 1006 -SHA256 40c3978f7683528e809ce58a9ec64543e828cd42be3f701a5a003a2c6de86d92 files/digest-snort-2.6.1.1 1006 +MD5 815d00c6b73946345b8c4860388db41d files/digest-snort-2.6.1.2 1006 +RMD160 a5a63f7a2ddef96a836bb966b98d7d71431965e0 files/digest-snort-2.6.1.2 1006 +SHA256 c776d126ad4060bf4566a1457d753418cf16c4014207e82aa3b34d7c834cefb0 files/digest-snort-2.6.1.2 1006 +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.1 (GNU/Linux) + +iD8DBQFFrX59z974XjDVpbkRAlbfAJ94EQX+5yyzOrdIHPLXw3pN9+xjigCeMjWE +4xUWMNQYe5mvayaFhJ+uAXA= +=G/A+ +-----END PGP SIGNATURE----- diff --git a/net-analyzer/snort/files/digest-snort-2.6.0 b/net-analyzer/snort/files/digest-snort-2.6.0 deleted file mode 100644 index 3d477d1d625e..000000000000 --- a/net-analyzer/snort/files/digest-snort-2.6.0 +++ /dev/null @@ -1,12 +0,0 @@ -MD5 39d8250f47a33aaec4712e29c0dcd1d0 Community-Rules.tar.gz 11678 -RMD160 a65b656e4dbf29f1c807622e865e945f509fe0c5 Community-Rules.tar.gz 11678 -SHA256 fd37a897455dcb4bace1f7f0af11747b5360e0e3896cd0b9649e5d19281bb2cf Community-Rules.tar.gz 11678 -MD5 88bb7f628e5bf1edc6409fbb126eaed0 snort-2.6.0.tar.gz 3322826 -RMD160 862cfd20b866b58dcc5a27cb3f4fcad90c1b7550 snort-2.6.0.tar.gz 3322826 -SHA256 0acbfedf728df3d63ed075a56259b81ab5e26099051ceb5808e0c87329fe588d snort-2.6.0.tar.gz 3322826 -MD5 35d9a2486f8c0280bb493aa03c011927 snortrules-pr-2.4.tar.gz 789097 -RMD160 dd2179b3ce8a55699d2e1b857426e5489191a121 snortrules-pr-2.4.tar.gz 789097 -SHA256 19d2545a2a150dff8b4dbcbd0def389b6865c4c70f5084172d08a7b151e1a504 snortrules-pr-2.4.tar.gz 789097 -MD5 2eeef1a7a040d67c3afaf9d749905e47 snortsam-20050110.tar.gz 29395 -RMD160 ec80ce024ed7a013da35444ef1098ba3faa6cfc3 snortsam-20050110.tar.gz 29395 -SHA256 dc428458f3c47684aabb89036ca7e601a6aa92864dbf23b31f33732b76c2a01e snortsam-20050110.tar.gz 29395 diff --git a/net-analyzer/snort/files/digest-snort-2.6.1.1 b/net-analyzer/snort/files/digest-snort-2.6.1.1 deleted file mode 100644 index cf0dc3541e03..000000000000 --- a/net-analyzer/snort/files/digest-snort-2.6.1.1 +++ /dev/null @@ -1,12 +0,0 @@ -MD5 52c0c6bc60d7123cb048e562d25bc34a Community-Rules-2.4.tar.gz 110044 -RMD160 ecfb4444cb0152545d823692eb6e5e2347151b54 Community-Rules-2.4.tar.gz 110044 -SHA256 4c82f90c960626aae5804c2375540f2d7241524c31ae3c7ab69df6c46e295c4c Community-Rules-2.4.tar.gz 110044 -MD5 a7313ff4346317c301af361e211a7cd4 snort-2.6.1.1.tar.gz 3509132 -RMD160 f49ac2f339303ccc48f343c21f0873e9ca49de2e snort-2.6.1.1.tar.gz 3509132 -SHA256 01e21432ec5a60a3965ce3e3ebf9cdb4125c9dd5d218da22688857a6357e2a94 snort-2.6.1.1.tar.gz 3509132 -MD5 35d9a2486f8c0280bb493aa03c011927 snortrules-pr-2.4.tar.gz 789097 -RMD160 dd2179b3ce8a55699d2e1b857426e5489191a121 snortrules-pr-2.4.tar.gz 789097 -SHA256 19d2545a2a150dff8b4dbcbd0def389b6865c4c70f5084172d08a7b151e1a504 snortrules-pr-2.4.tar.gz 789097 -MD5 2eeef1a7a040d67c3afaf9d749905e47 snortsam-20050110.tar.gz 29395 -RMD160 ec80ce024ed7a013da35444ef1098ba3faa6cfc3 snortsam-20050110.tar.gz 29395 -SHA256 dc428458f3c47684aabb89036ca7e601a6aa92864dbf23b31f33732b76c2a01e snortsam-20050110.tar.gz 29395 diff --git a/net-analyzer/snort/snort-2.6.0.ebuild b/net-analyzer/snort/snort-2.6.0.ebuild deleted file mode 100644 index dfcfc2497548..000000000000 --- a/net-analyzer/snort/snort-2.6.0.ebuild +++ /dev/null @@ -1,180 +0,0 @@ -# Copyright 1999-2006 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/snort-2.6.0.ebuild,v 1.5 2006/11/23 19:54:19 vivo Exp $ - -WANT_AUTOCONF="latest" -WANT_AUTOMAKE="latest" -inherit eutils flag-o-matic autotools - -DESCRIPTION="Libpcap-based packet sniffer/logger/lightweight IDS" -HOMEPAGE="http://www.snort.org/" -SRC_URI="http://www.snort.org/dl/current/${P}.tar.gz - http://www.snort.org/pub-bin/downloads.cgi/Download/comm_rules/Community-Rules.tar.gz - http://www.snort.org/pub-bin/downloads.cgi/Download/vrt_pr/snortrules-pr-2.4.tar.gz - snortsam? ( mirror://gentoo/snortsam-20050110.tar.gz )" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~ppc ~ppc64 -sparc ~x86" -IUSE="ssl postgres mysql flexresp selinux snortsam odbc prelude inline sguil dynamicplugin timestats perfprofiling linux-smp-stats" - -DEPEND="virtual/libc - >=dev-libs/libpcre-4.2-r1 - virtual/libpcap - flexresp? ( ~net-libs/libnet-1.0.2a ) - postgres? ( || ( dev-db/postgresql dev-db/libpq ) ) - mysql? ( virtual/mysql ) - ssl? ( dev-libs/openssl ) - prelude? ( >=dev-libs/libprelude-0.9.0 ) - odbc? ( dev-db/unixODBC ) - >=sys-devel/libtool-1.4 - inline? ( - ~net-libs/libnet-1.0.2a - net-firewall/iptables - )" - -RDEPEND="${DEPEND} - dev-lang/perl - selinux? ( sec-policy/selinux-snort ) - snortsam? ( net-analyzer/snortsam )" - -pkg_setup() { - enewgroup snort - enewuser snort -1 -1 /dev/null snort -} - -src_unpack() { - unpack ${A} - cd "${S}" - - if use flexresp || use inline ; then - epatch "${WORKDIR}/2.4.0-libnet-1.0.patch" - fi - - sed -i "s:var RULE_PATH ../rules:var RULE_PATH /etc/snort/rules:" \ - etc/snort.conf - - if use prelude ; then - sed -i -e "s:AC_PROG_RANLIB:AC_PROG_LIBTOOL:" configure.in - fi - - if use sguil ; then - epatch "${WORKDIR}/2.4.0-spp_portscan_sguil.patch" - epatch "${WORKDIR}/2.4.0-spp_stream4_sguil.patch" - fi - - if use snortsam ; then - cd .. - einfo "Applying snortsam patch" - ./patchsnort.sh "${S}" || die "snortsam patch failed" - cd "${S}" - fi - - einfo "Regenerating autoconf/automake files" - AT_M4DIR=m4 eautoreconf -} - -src_compile() { - local myconf - - # There is no --disable-flexresp, cannot use use_enable - use flexresp && myconf="${myconf} --enable-flexresp" - - use inline && append-flags -I/usr/include/libipq - - econf \ - --without-oracle \ - $(use_with postgres postgresql) \ - $(use_with mysql) \ - $(use_with ssl openssl) \ - $(use_with odbc) \ - $(use_enable prelude) \ - $(use_with sguil) \ - $(use_enable inline) \ - $(use_enable dynamicplugin) \ - $(use_enable timestats) \ - $(use_enable perfprofiling) \ - $(use_enable linux-smp-stats) \ - ${myconf} || die "econf failed" - - # limit to single as reported by jforman on irc - emake -j1 || die "emake failed" -} - -src_install() { - make DESTDIR="${D}" install || die "make install failed" - - keepdir /var/log/snort/ - - dodoc doc/* - dodoc ./RELEASE.NOTES - docinto schemas ; dodoc schemas/* - - insinto /etc/snort - doins etc/reference.config etc/classification.config \ - etc/*.map etc/threshold.conf - newins etc/snort.conf snort.conf - if use sguil ; then - sed -i -e "/^# output log_unified/s:# ::" \ - -e "s:snort.log:snort_unified.log:" \ - "${D}/etc/snort/snort.conf" || die "sed failed" - fi - - newinitd "${FILESDIR}/snort.rc7" snort - newconfd "${FILESDIR}/snort.confd" snort - if use sguil ; then - sed -i -e "s:/var/log/snort:/var/lib/sguil/$(hostname):" \ - -e "/^SNORT_OPTS/s%-u snort%-m 122 -u sguil -g sguil -A none%" \ - "${D}/etc/conf.d/snort" || die "sed failed" - fi - - fowners snort:snort /var/log/snort - fperms 0770 /var/log/snort - - # install rules - dodir /etc/snort/rules - mv "${WORKDIR}"/rules/* "${D}/etc/snort/rules/" -} - -pkg_postinst() { - ewarn - ewarn "Users upgrading from snort 2.4.x should take care when updating" - ewarn "their snort.conf. A number of significant changes have been" - ewarn "have been added to snort 2.6 including the addition of" - ewarn "dynamically loadable preprocessors, detection engine and rules." - ewarn "Snort 2.6 also includes the addition of performance profiling" - ewarn "for rules & preprocessors and uses a new default pattern matcher" - ewarn "which provides faster matching at the expense of being very" - ewarn "memory intensive." - ewarn - ewarn "If you find that snort is using too much memory, your system" - ewarn "freezes, or snort crashes after a few minutes try adding the" - ewarn "following to your snort.conf..." - ewarn - ewarn "'config detection: search-method ac-sparsebands'" - ewarn - ewarn "This will provide high pattern matching performance at a much" - ewarn "lower cost to memory. For more information on the new features" - ewarn "in snort 2.6, please take a look at the release notes located in..." - ewarn - ewarn " /usr/share/doc/${PF}/RELEASE.NOTES.gz" - ewarn - einfo "To use a database as a backend for snort you will have to" - einfo "import the correct tables to the database." - einfo "You will have to setup a database called snort before doing the" - einfo "following..." - einfo - einfo " MySQL: zcat /usr/share/doc/${PF}/schemas/create_mysql.gz | mysql -p snort" - einfo - einfo " PostgreSQL: import /usr/share/doc/${PF}/schemas/create_postgresql.gz" - einfo - einfo " ODBC: look at /usr/share/doc/${PF}/schemas/" - einfo - einfo "Users using the unified output plugin and barnyard do not need to" - einfo "compile database support into snort, but still need to set up their" - einfo "database as shown above." - einfo - ewarn "Only a basic set of rules was installed." - ewarn "Please add your other sets of rules to /etc/snort/rules." - ewarn "For more information on rules, visit ${HOMEPAGE}." -} diff --git a/net-analyzer/snort/snort-2.6.1.1.ebuild b/net-analyzer/snort/snort-2.6.1.1.ebuild deleted file mode 100644 index 09218a898a53..000000000000 --- a/net-analyzer/snort/snort-2.6.1.1.ebuild +++ /dev/null @@ -1,184 +0,0 @@ -# Copyright 1999-2006 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/snort-2.6.1.1.ebuild,v 1.1 2006/11/25 16:39:42 cedk Exp $ - -WANT_AUTOCONF="latest" -WANT_AUTOMAKE="latest" -inherit eutils autotools - -DESCRIPTION="Libpcap-based packet sniffer/logger/lightweight IDS" -HOMEPAGE="http://www.snort.org/" -SRC_URI="http://www.snort.org/dl/current/${P}.tar.gz - http://www.snort.org/pub-bin/downloads.cgi/Download/comm_rules/Community-Rules-2.4.tar.gz - http://www.snort.org/pub-bin/downloads.cgi/Download/vrt_pr/snortrules-pr-2.4.tar.gz - snortsam? ( mirror://gentoo/snortsam-20050110.tar.gz )" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~ppc ~ppc64 -sparc ~x86" -IUSE="postgres mysql flexresp selinux snortsam odbc prelude inline dynamicplugin -timestats perfprofiling linux-smp-stats flexresp2 react sguil" - -DEPEND="virtual/libc - >=dev-libs/libpcre-4.2-r1 - virtual/libpcap - flexresp? ( ~net-libs/libnet-1.0.2a ) - flexresp2? ( dev-libs/libdnet ) - react? ( ~net-libs/libnet-1.0.2a ) - postgres? ( || ( dev-db/postgresql dev-db/libpq ) ) - mysql? ( virtual/mysql ) - prelude? ( >=dev-libs/libprelude-0.9.0 ) - odbc? ( dev-db/unixODBC ) - >=sys-devel/libtool-1.4 - inline? ( - ~net-libs/libnet-1.0.2a - net-firewall/iptables - )" - -RDEPEND="${DEPEND} - dev-lang/perl - selinux? ( sec-policy/selinux-snort ) - snortsam? ( net-analyzer/snortsam )" - -pkg_setup() { - enewgroup snort - enewuser snort -1 -1 /dev/null snort - - if use flexresp && use flexresp2 ; then - ewarn - ewarn "You have both the 'flexresp' and 'flexresp2' USE" - ewarn "flags set. You can use 'flexresp' or 'flexresp2'" - ewarn "but not both." - ewarn - ewarn "Defaulting to flexresp2..." - fi -} - -src_unpack() { - unpack ${A} - cd "${S}" - - epatch "${FILESDIR}/${P}-libnet.patch" - - sed -i "s:var RULE_PATH ../rules:var RULE_PATH /etc/snort/rules:" \ - etc/snort.conf - - if use prelude ; then - sed -i -e "s:AC_PROG_RANLIB:AC_PROG_LIBTOOL:" configure.in - fi - - if use snortsam ; then - cd .. - einfo "Applying snortsam patch" - sed -i "s/PLUGIN_FWSAM/PLUGIN_FWSAM,/" snortpatch9 || die "sed failed" - ./patchsnort.sh "${S}" || die "snortsam patch failed" - cd "${S}" - fi - - einfo "Regenerating autoconf/automake files" - AT_M4DIR=m4 eautoreconf -} - -src_compile() { - local myconf - - if use flexresp2; then - myconf="${myconf} --enable-flexresp2" - elif use flexresp; then - myconf="${myconf} --enable-flexresp" - fi - - if use react && ! use flexresp; then - myconf="${myconf} --enable-react" - fi - - myconf="${myconf} --with-libipq-includes=/usr/include/libipq" - - econf \ - --without-oracle \ - $(use_with postgres postgresql) \ - $(use_with mysql) \ - $(use_with odbc) \ - $(use_enable prelude) \ - $(use_enable inline) \ - $(use_enable dynamicplugin) \ - $(use_enable timestats) \ - $(use_enable perfprofiling) \ - $(use_enable linux-smp-stats) \ - ${myconf} || die "econf failed" - - # limit to single as reported by jforman on irc - emake -j1 || die "emake failed" -} - -src_install() { - emake DESTDIR="${D}" install || die "make install failed" - - keepdir /var/log/snort/ - - dodoc doc/* - dodoc ./RELEASE.NOTES - docinto schemas ; dodoc schemas/* - - insinto /etc/snort - doins etc/reference.config etc/classification.config \ - etc/*.map etc/threshold.conf - newins etc/snort.conf snort.conf - - newinitd "${FILESDIR}/snort.rc8" snort - newconfd "${FILESDIR}/snort.confd" snort - - fowners snort:snort /var/log/snort - fperms 0770 /var/log/snort - - # install rules - insinto /etc/snort/rules - doins -r "${WORKDIR}"/rules/* -} - -pkg_postinst() { - ewarn - ewarn "Users upgrading from snort 2.4.x should take care when updating" - ewarn "their snort.conf. A number of significant changes have been" - ewarn "have been added to snort 2.6 including the addition of" - ewarn "dynamically loadable preprocessors, detection engine and rules." - ewarn "Snort 2.6 also includes the addition of performance profiling" - ewarn "for rules & preprocessors and uses a new default pattern matcher" - ewarn "which provides faster matching at the expense of being very" - ewarn "memory intensive." - ewarn - ewarn "If you find that snort is using too much memory, your system" - ewarn "freezes, or snort crashes after a few minutes try adding the" - ewarn "following to your snort.conf..." - ewarn - ewarn "'config detection: search-method ac-sparsebands'" - ewarn - ewarn "This will provide high pattern matching performance at a much" - ewarn "lower cost to memory. For more information on the new features" - ewarn "in snort 2.6, please take a look at the release notes located in..." - ewarn - ewarn " /usr/share/doc/${PF}/RELEASE.NOTES.gz" - ewarn - einfo "To use a database as a backend for snort you will have to" - einfo "import the correct tables to the database." - einfo "You will have to setup a database called snort before doing the" - einfo "following..." - einfo - einfo " MySQL: zcat /usr/share/doc/${PF}/schemas/create_mysql.gz | mysql -p snort" - einfo - einfo " PostgreSQL: import /usr/share/doc/${PF}/schemas/create_postgresql.gz" - einfo - einfo " ODBC: look at /usr/share/doc/${PF}/schemas/" - einfo - einfo "Users using the unified output plugin and barnyard do not need to" - einfo "compile database support into snort, but still need to set up their" - einfo "database as shown above." - einfo - ewarn "Only a basic set of rules was installed." - ewarn "Please add your other sets of rules to /etc/snort/rules." - ewarn "For more information on rules, visit ${HOMEPAGE}." - if use sguil ; then - elog "SGUIL needs to catch up with snort 2.6.x. If you plan on using SGUIL" - elog "you should unmerge ${P} and emerge snort-2.4.x" - fi -}