ports/99862: Update port security/snort to 2.6.0
Linh Pham
question+fbsdports at closedsrc.org
Fri Jul 7 00:50:20 UTC 2006
>Number: 99862
>Category: ports
>Synopsis: Update port security/snort to 2.6.0
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Fri Jul 07 00:50:18 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Linh Pham
>Release: FreeBSD 6.1-RELEASE-p2 i386
>Organization:
>Environment:
System: FreeBSD q.internal.closedsrc.org 6.1-RELEASE-p2 FreeBSD 6.1-RELEASE-p2 #10: Mon Jun 19 16:12:03 PDT 2006 question at q.internal.closedsrc.org:/usr/obj/usr/src/sys/Q i386
>Description:
Update security/snort to 2.6.0 as 2.4.5 is the end of the line for the 2.4.x
branch.
Snort 2.6.0 includes support for dynamic plugins and preprocessors, which I
added an OPTION knob for and set to On as default. In case someone disables
the OPTION, a message is displayed with a warning as the default snort.conf
makes references to dynamic preprocessors and errors can be thrown if Snort
is not configured with the option enabled. Since the default is On, I used
WITHOUT_DYNAMIC to handle the necessary tweaks.
Pre-emptively added OPTION knob for FLEXRESP2, though default is Off and
if enabled, set BROKEN flag. The patch for FLEXRESP2 doesn't incorporate
cleanly against Snort 2.6.0, though a newer version may become available
later.
Also changed the behavior of post-install to install the config files into
CONFIG_DIR using the default filenames since the *-sample files are
already installed in EXAMPLESDIR. Felt that it was redundant and increased
the amount of steps required to get a clean install of Snort up and
running.
>How-To-Repeat:
>Fix:
--- snort-2.6.0.diff begins here ---
diff -ruN /usr/ports/security/snort/Makefile ./snort/Makefile
--- /usr/ports/security/snort/Makefile Sat Jun 10 13:26:30 2006
+++ ./snort/Makefile Thu Jul 6 17:34:13 2006
@@ -6,7 +6,7 @@
#
PORTNAME= snort
-PORTVERSION= 2.4.5
+PORTVERSION= 2.6.0
CATEGORIES= security
MASTER_SITES= http://www.snort.org/dl/current/
@@ -15,7 +15,12 @@
LIB_DEPENDS= pcre.0:${PORTSDIR}/devel/pcre
-OPTIONS= FLEXRESP "Flexible response to events" off \
+CONFLICTS?= snort-1.* snort-2.0.* snort-2.1.* snort-2.2.* snort-2.3.* \
+ snort-2.4.*
+
+OPTIONS= DYNAMIC "Enable dynamic plugin support" on \
+ FLEXRESP "Flexible response to events" off \
+ FLEXRESP2 "Flexible response to events (version 2)" off \
MYSQL "Enable MySQL support" off \
ODBC "Enable ODBC support" off \
POSTGRESQL "Enable PostgreSQL support" off \
@@ -33,7 +38,7 @@
CONFIG_FILES= classification.config gen-msg.map generators reference.config \
sid sid-msg.map snort.conf threshold.conf unicode.map
RULES_DIR= ${PREFIX}/etc/snort/rules
-LOGS_DIR= /var/log/snort
+LOGS_DIR= ${DESTDIR}/var/log/snort
MAN8= snort.8
DOCS= RELEASE.NOTES doc/AUTHORS doc/BUGS doc/CREDITS \
@@ -41,13 +46,32 @@
.include <bsd.port.pre.mk>
+.if !defined(WITHOUT_DYNAMIC)
+USE_AUTOTOOLS= libtool:15
+CONFIGURE_ARGS+= --enable-dynamicplugin
+.endif
+
.if defined(WITH_FLEXRESP)
+.if defined(WITH_FLEXRESP2)
+IGNORE= options FLEXRESP and FLEXRESP2 are mutually exclusive
+.endif
BUILD_DEPENDS+= libnet*<=1.1.0,1:${PORTSDIR}/net/libnet10
CONFIGURE_ARGS+= --enable-flexresp \
--with-libnet-includes=${LOCALBASE}/include \
--with-libnet-libraries=${LOCALBASE}/lib
.endif
+.if defined(WITH_FLEXRESP2)
+BROKEN= FLEXRESP2 patch file does not incorporate cleanly
+PATCH_SITES+= http://cerberus.sourcefire.com/~jeff/archives/snort/sp_respond2/
+PATCHFILES+= sp_respond2.diff.gz
+BUILD_DEPENDS+= libnet*>=1.1.2.1,1:${PORTSDIR}/net/libnet \
+ libdnet*>=1.10_1:${PORTSDIR}/net/libdnet
+CONFIGURE_ARGS+= --enable-flexresp2 \
+ --with-libnet-includes=${LOCALBASE}/include \
+ --with-libnet-libraries=${LOCALBASE}/lib
+.endif
+
.if defined(WITH_MYSQL)
USE_MYSQL= yes
CONFIGURE_ARGS+= --with-mysql=${LOCALBASE}
@@ -86,13 +110,22 @@
${REINPLACE_CMD} "s,/etc/snort.conf,${CONFIG_DIR}/snort.conf," \
${WRKSRC}/src/snort.c ${WRKSRC}/snort.8
+pre-configure:
+.if defined(WITHOUT_DYNAMIC)
+ @${CAT} pkg-message,dynamicplugin
+ @sleep 5
+.endif
+
post-install:
+.if !defined(WITH_DYNAMIC)
+ @${LIBTOOL} --finish ${LOCALBASE}/snort_dynamicpreprocessor
+.endif
[ -d ${CONFIG_DIR} ] || ${MKDIR} ${CONFIG_DIR}
[ -d ${EXAMPLESDIR} ] || ${MKDIR} ${EXAMPLESDIR}
[ -d ${RULES_DIR} ] || ${MKDIR} ${RULES_DIR}
[ -d ${LOGS_DIR} ] || ${MKDIR} ${LOGS_DIR}
.for f in ${CONFIG_FILES}
- ${INSTALL_DATA} ${WRKSRC}/etc/${f} ${CONFIG_DIR}/${f}.default
+ ${INSTALL_DATA} ${WRKSRC}/etc/${f} ${CONFIG_DIR}
${INSTALL_DATA} ${WRKSRC}/etc/${f} ${EXAMPLESDIR}/${f}-sample
.endfor
${INSTALL_DATA} ${WRKSRC}/schemas/create* ${EXAMPLESDIR}
diff -ruN /usr/ports/security/snort/distinfo ./snort/distinfo
--- /usr/ports/security/snort/distinfo Sat Jun 10 13:26:30 2006
+++ ./snort/distinfo Mon Jun 12 17:03:32 2006
@@ -1,6 +1,9 @@
-MD5 (snort-2.4.5.tar.gz) = 108b3c20dcbaf3cdb17ea9203342eaaa
-SHA256 (snort-2.4.5.tar.gz) = 84eb84da542d23e9f1c29b8eb319614c509fb19a745f1fa2a88d07c740645184
-SIZE (snort-2.4.5.tar.gz) = 2817837
-MD5 (snort-2.4.5.tar.gz.sig) = c2baa96bfbdfab407aa1e0dbf84414fb
-SHA256 (snort-2.4.5.tar.gz.sig) = df263b8853292d2f581de044ca407a2f9e715d9c54795e6c7a00571e27f504dd
-SIZE (snort-2.4.5.tar.gz.sig) = 65
+MD5 (snort-2.6.0.tar.gz) = 88bb7f628e5bf1edc6409fbb126eaed0
+SHA256 (snort-2.6.0.tar.gz) = 0acbfedf728df3d63ed075a56259b81ab5e26099051ceb5808e0c87329fe588d
+SIZE (snort-2.6.0.tar.gz) = 3322826
+MD5 (snort-2.6.0.tar.gz.sig) = bc867f80d02cd31b6ffe73e74aa83e77
+SHA256 (snort-2.6.0.tar.gz.sig) = 86010b715ea3ee4a384f4e87261d9e634766306edac49a79bfcb7bbf14e55015
+SIZE (snort-2.6.0.tar.gz.sig) = 65
+MD5 (sp_respond2.diff.gz) = ebf5985b3baef3be2e99d11074f06ada
+SHA256 (sp_respond2.diff.gz) = 14902da7779524801ff8130ac77bc2d95467f446e30050aba3db0ebdb17cee27
+SIZE (sp_response2.diff.gz) = 13452
diff -ruN /usr/ports/security/snort/pkg-message,dynamicplugin ./snort/pkg-message,dynamicplugin
--- /usr/ports/security/snort/pkg-message,dynamicplugin Wed Dec 31 16:00:00 1969
+++ ./snort/pkg-message,dynamicplugin Thu Jul 6 17:03:54 2006
@@ -0,0 +1,12 @@
+=========================================================================
+NOTE: The port has been configured without support for dynamic plugins.
+ It is recommended that you enable dynamic plugins by pressing
+ Ctrl-C now, run 'make config' and enable the DYNAMIC option.
+
+ If you choose not to enable dynamic plugins, the default Snort
+ configuration file may reference some dynamic plugins and
+ preprocessors that may cause Snort to not work properly or throw
+ errors. Please read the Snort documentation for more information
+ regarding dynamic plugins and which configuration directives
+ are affected.
+=========================================================================
diff -ruN /usr/ports/security/snort/pkg-plist ./snort/pkg-plist
--- /usr/ports/security/snort/pkg-plist Sat Jun 10 13:26:30 2006
+++ ./snort/pkg-plist Thu Jul 6 17:33:06 2006
@@ -1,14 +1,5 @@
@comment $FreeBSD: ports/security/snort/pkg-plist,v 1.23 2006/06/10 11:34:06 pav Exp $
bin/snort
-etc/snort/classification.config.default
-etc/snort/gen-msg.map.default
-etc/snort/generators.default
-etc/snort/reference.config.default
-etc/snort/sid.default
-etc/snort/sid-msg.map.default
-etc/snort/snort.conf.default
-etc/snort/threshold.conf.default
-etc/snort/unicode.map.default
@dirrmtry etc/snort/rules
@dirrmtry etc/snort
%%PORTDOCS%%%%DOCSDIR%%/AUTHORS
@@ -16,8 +7,11 @@
%%PORTDOCS%%%%DOCSDIR%%/CREDITS
%%PORTDOCS%%%%DOCSDIR%%/README
%%PORTDOCS%%%%DOCSDIR%%/README.FLEXRESP
+%%PORTDOCS%%%%DOCSDIR%%/README.FLEXRESP2
%%PORTDOCS%%%%DOCSDIR%%/README.INLINE
%%PORTDOCS%%%%DOCSDIR%%/README.PLUGINS
+%%PORTDOCS%%%%DOCSDIR%%/README.PerfProfiling
+%%PORTDOCS%%%%DOCSDIR%%/README.SMTP
%%PORTDOCS%%%%DOCSDIR%%/README.UNSOCK
%%PORTDOCS%%%%DOCSDIR%%/README.WIN32
%%PORTDOCS%%%%DOCSDIR%%/README.alert_order
@@ -29,6 +23,7 @@
%%PORTDOCS%%%%DOCSDIR%%/README.flowbits
%%PORTDOCS%%%%DOCSDIR%%/README.flow-portscan
%%PORTDOCS%%%%DOCSDIR%%/README.frag3
+%%PORTDOCS%%%%DOCSDIR%%/README.ftptelnet
%%PORTDOCS%%%%DOCSDIR%%/README.http_inspect
%%PORTDOCS%%%%DOCSDIR%%/README.sfportscan
%%PORTDOCS%%%%DOCSDIR%%/README.thresholding
--- snort-2.6.0.diff ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list