diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2019-01-22 10:09:44 +0000 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2019-01-22 10:09:44 +0000 |
commit | 09351e78166b5e864197c4456ebae3f89dd0bed9 (patch) | |
tree | 41a96399f56ed3aa399006871bfce4430db84aa2 /net-analyzer/snort | |
parent | c8a77dfe4d3d307c1d5dd2650b7297447d8b609d (diff) |
gentoo resync : 22.01.2019
Diffstat (limited to 'net-analyzer/snort')
-rw-r--r-- | net-analyzer/snort/Manifest | 18 | ||||
-rw-r--r-- | net-analyzer/snort/metadata.xml | 30 | ||||
-rw-r--r-- | net-analyzer/snort/snort-2.9.4.6-r1.ebuild | 251 | ||||
-rw-r--r-- | net-analyzer/snort/snort-2.9.7.0.ebuild | 249 | ||||
-rw-r--r-- | net-analyzer/snort/snort-2.9.7.2.ebuild | 249 | ||||
-rw-r--r-- | net-analyzer/snort/snort-2.9.7.3.ebuild | 249 | ||||
-rw-r--r-- | net-analyzer/snort/snort-2.9.7.5.ebuild | 249 | ||||
-rw-r--r-- | net-analyzer/snort/snort-2.9.8.0.ebuild | 249 | ||||
-rw-r--r-- | net-analyzer/snort/snort-2.9.8.2.ebuild | 249 | ||||
-rw-r--r-- | net-analyzer/snort/snort-2.9.8.3-r1.ebuild | 248 | ||||
-rw-r--r-- | net-analyzer/snort/snort-2.9.8.3.ebuild | 249 |
11 files changed, 1 insertions, 2289 deletions
diff --git a/net-analyzer/snort/Manifest b/net-analyzer/snort/Manifest index faf5a0854497..44a4189f73b1 100644 --- a/net-analyzer/snort/Manifest +++ b/net-analyzer/snort/Manifest @@ -6,23 +6,7 @@ AUX snort.rc12 1469 BLAKE2B 6238dfc0f9e178fca864ee9485b8cf59c3056d8b047ee5fd6208 AUX snort.tmpfiles 32 BLAKE2B 39e4f2491f52d2a369b1c4747468ea3a9d5f2c05a85adb4666e733929be16b9cf868ea6878d3d71271dd8ee05ad8e8fac52c4f4ebfd17da873a3dc64c5368810 SHA512 705e49c172ba7bc0afee9910dcbf7b4ee96f05e6d3030c7928bbeb0df658aefb5f61fddd0da078b257ee9a0c86d1750e7b44d6f61d8e56ab799044cd141964b5 AUX snort_at.service 327 BLAKE2B 36039657ae5a5b7a37585baebc3de15f32f457b3df6313621eea6bafe3e8a34626960bd4adafe110f36f75a15bae8fc045a6e3267b960249536a0f10ac05b88f SHA512 af48018d232eec181eff2f3aa240e11744911874ee08a0311474d73bffcf1e567102ea6d42a26520dd5a1a3c66530d8d3f19fc4b4753b6ac0ae55eb3200747e0 DIST snort-2.9.12.tar.gz 6456877 BLAKE2B af5584fe01caf9af2f2188e1362bd927a884354ddcb3026af514dddc1264b557691e1644d3c24e85c3b5b5f515dd9fccdd8d38ebc7c28d2f384fb822e27d8bb8 SHA512 6f759b321ca5496abf27c9e4f4fa003cd5167f8c8a160bf5f0b1aee1a93aa8d27de89b84bdf993a0bfb3a93c6315cb2bdbdc3fdb3b09b8d4d1d3c22b69c6783f -DIST snort-2.9.4.6.tar.gz 5338762 BLAKE2B d7d663028fcfeffd2f2996a4ebf81aa723b4564a0aa38158f5fef104385866164d8ddd538d920f08e4102da0b055157c8574e42f2e306187eb82283db5ad2c78 SHA512 e35e22cab3b98bbd42ffb4b88c4c4cc9b1c11e35952a9f3f4f684c02c81ca8604b45d16f42b3d0a6c792eeab86a8e319d8ebdd7b1a5215f93ec0e70b6ef53f98 -DIST snort-2.9.7.0.tar.gz 6340553 BLAKE2B 97fc2699fd93278edd5b350db498733f60ea9a78fe8f9f755c153380be77b3b97caec3aa7cce633650dd0e5d193deab675855aa68c2efcb04dc6df04b77ccb4c SHA512 f2cbdd2cf2ad15bd4cf3f8658c2a4880ee2069589db89c11aaea637984dde270ef6242c6dd43d5e12f829ed2464388950ee791dbbfa8df796843942c415fbc2f -DIST snort-2.9.7.2.tar.gz 6352738 BLAKE2B c2c67395d9a214886ecf033b692f841da58284d0687ee4c219f77850246b1c2e134b874aba6dfd30dcb1f3c71d54a6c4e5dc70e613eb28a59c51f31dc9498b41 SHA512 4732014d0049671b1a81857e25a5ffbc3cbccb698be2b3406f69a45603a6b9f34343469ee14fa513199cf9b890a278cc777b42493850cff6fcb3493bb9b73dce -DIST snort-2.9.7.3.tar.gz 6300073 BLAKE2B f81611aadd282ebf01e92c7a62c28fad980dab36d86635c32b89fb4691b3723c4cdfaf123f7b703bdf1132419bed4b55533861c1665012af310bf916665b8bf2 SHA512 949213d44d08c7f70bd45bc4947c9c35bfcd2ca3a54ec8a28d0c03e3868a485d2c208ec7850398f69d706c74fbad1389af445eb1107e678ff95714b5696f27b7 -DIST snort-2.9.7.5.tar.gz 6312847 BLAKE2B a8ef86fd5fded47495fe50ee5fcc81d9f066b6ce099fd17496707ea01c77c9581526444ad3601d4025c1be8ada533bfc34e7aca7c616bf4f43c3f940742d0272 SHA512 fa1b299c72a44a8cb64361e8dab9fad5bfec36bbb05ebed2407002b2c5d97256d7d67599cb1f29406b5ee0916f2f85a173610d403cd34c57f74f7049c10eb038 -DIST snort-2.9.8.0.tar.gz 6323095 BLAKE2B f1febbc585e1921af5c599e3d0a4035f38045dd7ea6dd001a6aa9f887a7632e7ad0aecc3fe45f7ba0b44e87dfa50eceeb51df044483baf55ff60ded66cad6867 SHA512 46e5f19be5eccad2d5b4d3d55ce42fe616cd5f605b7178ed98e86cc8f2f4cf0f796fad80033d81b71bea7da2abfb6d0b340815ee158190f9b974f671045bf002 -DIST snort-2.9.8.2.tar.gz 6311793 BLAKE2B 82b4587221a43ade2d6c1d9c38889a5d329d0eb5894bdbd84fac5fa2965ddafc0b1b15f286719a82a8a4df3daf3c20847a298eeae84422867ccefb2d50a7ea71 SHA512 60f660b2093ae88211dcef9256edf35441c0ffc61ec8240b6d25e947b55b0fdb23482913246e2288a8a533dbaff4e5ea2d8f51298ab9aa67baa1ab74d1c4f7a4 DIST snort-2.9.8.3.tar.gz 6244304 BLAKE2B cb77c80dde0b5b32ba0fe36cd07e1f6f465127e4be207ba6cd3b7c7dff75f4537c86c6a88d744a924b99d0b4ac864add2c9111c63e51dc4c7dc23f8d19a6c792 SHA512 2f3dfe46e14a5106a02ca60b2d334549f4924ff916de0804b2b7792cdd31e104fbb454b4b932855b5f25a861698db0f8988844782b12b0e5fa132d88d4a7a687 EBUILD snort-2.9.12.ebuild 8872 BLAKE2B 84895cf9afb5ddf3079773ff50d730c56af2b01fc912c9d1fa74bead53fe30332d4971dde35cd3091057fadb06f32c25971823904c8d00caf185d9547ec32a63 SHA512 26ed8dc6c1d020a1fb73d1f12a81700a3d18103038340d00eb44d9891391eb49b2e8a611a3f46bf4d8423cb0586e8449933e7863e0184030f152b246e6696070 -EBUILD snort-2.9.4.6-r1.ebuild 8579 BLAKE2B 76c4436513f235a59f382faeb2dac52f224b7936d5c2a31ef97c4609dca055c423228b64d21b8362aababefc1eaeafb60849d8e0593d076b27f060d25f50a2df SHA512 cba04818f77f258dd847869f87aa03be44462da6fcd997e5fea012d9fdd6d9498d24f5e4ec6af5b71dbba4b624b6325585c66457258b2b3536e1a2e45f229535 -EBUILD snort-2.9.7.0.ebuild 8554 BLAKE2B eaf2bd2a509c205c55f7a388dd5cc6f8838aac23848ee0ad191967b4b1955139d91547a4b3eb61237e501f8b39b36a093a8a2e5e489b0f1f2d30f80239b9228c SHA512 ec01e6e3bc88d16da3b25fb99be6377175c4bdc704508aaf5badaec511e43d40de5ce25d34315de7407a1cf8c778e81643eb056ebe1cf0c033fe6ceef6f7c8f6 -EBUILD snort-2.9.7.2.ebuild 8554 BLAKE2B eaf2bd2a509c205c55f7a388dd5cc6f8838aac23848ee0ad191967b4b1955139d91547a4b3eb61237e501f8b39b36a093a8a2e5e489b0f1f2d30f80239b9228c SHA512 ec01e6e3bc88d16da3b25fb99be6377175c4bdc704508aaf5badaec511e43d40de5ce25d34315de7407a1cf8c778e81643eb056ebe1cf0c033fe6ceef6f7c8f6 -EBUILD snort-2.9.7.3.ebuild 8554 BLAKE2B eaf2bd2a509c205c55f7a388dd5cc6f8838aac23848ee0ad191967b4b1955139d91547a4b3eb61237e501f8b39b36a093a8a2e5e489b0f1f2d30f80239b9228c SHA512 ec01e6e3bc88d16da3b25fb99be6377175c4bdc704508aaf5badaec511e43d40de5ce25d34315de7407a1cf8c778e81643eb056ebe1cf0c033fe6ceef6f7c8f6 -EBUILD snort-2.9.7.5.ebuild 8554 BLAKE2B eaf2bd2a509c205c55f7a388dd5cc6f8838aac23848ee0ad191967b4b1955139d91547a4b3eb61237e501f8b39b36a093a8a2e5e489b0f1f2d30f80239b9228c SHA512 ec01e6e3bc88d16da3b25fb99be6377175c4bdc704508aaf5badaec511e43d40de5ce25d34315de7407a1cf8c778e81643eb056ebe1cf0c033fe6ceef6f7c8f6 -EBUILD snort-2.9.8.0.ebuild 8554 BLAKE2B eaf2bd2a509c205c55f7a388dd5cc6f8838aac23848ee0ad191967b4b1955139d91547a4b3eb61237e501f8b39b36a093a8a2e5e489b0f1f2d30f80239b9228c SHA512 ec01e6e3bc88d16da3b25fb99be6377175c4bdc704508aaf5badaec511e43d40de5ce25d34315de7407a1cf8c778e81643eb056ebe1cf0c033fe6ceef6f7c8f6 -EBUILD snort-2.9.8.2.ebuild 8554 BLAKE2B eaf2bd2a509c205c55f7a388dd5cc6f8838aac23848ee0ad191967b4b1955139d91547a4b3eb61237e501f8b39b36a093a8a2e5e489b0f1f2d30f80239b9228c SHA512 ec01e6e3bc88d16da3b25fb99be6377175c4bdc704508aaf5badaec511e43d40de5ce25d34315de7407a1cf8c778e81643eb056ebe1cf0c033fe6ceef6f7c8f6 -EBUILD snort-2.9.8.3-r1.ebuild 8347 BLAKE2B 8c7d2738ff0e1ba01b4915f2f4dcb7c37135798118b0ebcc27c5ffba959e830ba84739eb664b436eeaaf98cdf9396a03db6caf515597932ed3dae0c9d4d9a444 SHA512 2dfbb80f30c6051ddc7d090e91715077b97a8e94ffc186d428abda3cf06a9fc8f507d4eebe4bb94dc01e87b1c58869b3d4653ed21057681e8dba96fbdcbd6fd5 EBUILD snort-2.9.8.3-r2.ebuild 8505 BLAKE2B 82e9e4dbb2527f80ff87f3c95befb2b141e8ca55e1b097581b688c65e990c7cc0206388d98859f47e0f6b0a9ea52d2f6ff566ed67085de4f33c5023e7e4b86dc SHA512 8444c62e53db68fa39a85048b1ce01f30d16d636f4dd5eb3e51a1a5af3e393ca9bf0d4615c44b38bd57de050735b3666222c542c215b08f4f75c49613988a390 -EBUILD snort-2.9.8.3.ebuild 8554 BLAKE2B eaf2bd2a509c205c55f7a388dd5cc6f8838aac23848ee0ad191967b4b1955139d91547a4b3eb61237e501f8b39b36a093a8a2e5e489b0f1f2d30f80239b9228c SHA512 ec01e6e3bc88d16da3b25fb99be6377175c4bdc704508aaf5badaec511e43d40de5ce25d34315de7407a1cf8c778e81643eb056ebe1cf0c033fe6ceef6f7c8f6 -MISC metadata.xml 5278 BLAKE2B 064f738fa204f31a53a5964c755b3c828c38c06c39a5528fbb4860e339e8f8b601f3a07544e74407087551a4aa6b643f975d7109157c8e377f19b99cf8cc430a SHA512 3de9ffe710b163675b0126c9df110222b58191f7f6a6e43c7063f56385ccc780d71fdf4532313a3e6636cebca68a136619bf807772d7aaa04d28e793d92055db +MISC metadata.xml 4042 BLAKE2B 931c99e6b1aee3727e47f32dff6399dc821624fc9cc3be496ba711d480edb04920d2ffcdc9ce4fe6a253be2bbcd4bb45f56a34da530c6dd60140c77b5cc45856 SHA512 2ade0995e40052f3be40a073458a19ea380bb2f75e24905c06b45e88d8956b118db73fbb0a1062e5c0ca837e04d1805a54785a84283e701534ec47c320833b1f diff --git a/net-analyzer/snort/metadata.xml b/net-analyzer/snort/metadata.xml index 4478a084a217..be9d2aed013e 100644 --- a/net-analyzer/snort/metadata.xml +++ b/net-analyzer/snort/metadata.xml @@ -30,11 +30,6 @@ <flag name="control-socket"> Enables Snort's control socket. </flag> - <flag name="dynamicplugin"> - Enable ability to dynamically load preprocessors, detection engine, - and rules library. This is required if you want to use shared - object (SO) snort rules. - </flag> <flag name="file-inspect"> Enables extended file inspection capabilities. </flag> @@ -57,11 +52,6 @@ Enable accurate statistics reporting through /proc on systems with multipule processors. </flag> - <flag name="mpls"> - Enables support for processing and inspecting Multiprotocol Label - Switching MPLS network network traffic. Only needed if you are - monitoring an MPLS network. - </flag> <flag name="non-ether-decoders"> Enable decoding of non-ethernet protocols such as TokenRing, FDDI, IPX, etc. @@ -95,40 +85,20 @@ Enables Sourcefire specific build options, which include --enable-perfprofiling and --enable-ppm. </flag> - <flag name="targetbased"> - Enables support in snort for using a host attibute XML file - (attribute_table.dtd). This file needs to be created by the user - and should define the IP address, operating system, and services - for all hosts on the monitored network. This is cumbersome, but - can improve intrusion detection accuracy. - </flag> <flag name="reload-error-restart"> Enables support for completely restarting snort if an error is detected durring a reload. </flag> - <flag name="zlib"> - Enables HTTP inspection of compressed web traffic. Requires - dynamicplugin be enabled. - </flag> <flag name="active-response"> Enables support for automatically sending TCP resets and ICMP unreachable messages to terminate connections. Used with inline deployments. </flag> - <flag name="normalizer"> - Enables support for normalizing packets in inline deployments to - help minimize the chances of detection evasion. - </flag> <flag name="flexresp3"> Enables support for new flexable response preprocessor for enabling connection tearing for inline deployments. Replaces flexresp and flexresp2. </flag> - <flag name="paf"> - Enables support for Protocol Aware Flushing. This allows Snort to - statefully scan a stream and reassemble a complete protocol data - unit regardless of segmentation. - </flag> <flag name="large-pcap-64bit"> Allows Snort to read pcap files that are larger than 2 GB. ONLY VALID FOR 64bit SYSTEMS! diff --git a/net-analyzer/snort/snort-2.9.4.6-r1.ebuild b/net-analyzer/snort/snort-2.9.4.6-r1.ebuild deleted file mode 100644 index 4b7042f75768..000000000000 --- a/net-analyzer/snort/snort-2.9.4.6-r1.ebuild +++ /dev/null @@ -1,251 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="5" -inherit autotools multilib user - -DESCRIPTION="The de facto standard for intrusion detection/prevention" -HOMEPAGE="https://www.snort.org" -SRC_URI="https://www.snort.org/downloads/archive/${PN}/${P}.tar.gz" -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86" -IUSE="static +dynamicplugin +zlib +gre +mpls +targetbased -+ppm +perfprofiling +non-ether-decoders control-socket -shared-rep sourcefire linux-smp-stats inline-init-failopen -+threads debug +active-response +normalizer reload-error-restart -+react +flexresp3 +paf large-pcap-64bit selinux" - -DEPEND=">=net-libs/libpcap-1.3.0 - >=net-libs/daq-2.0.0 - >=dev-libs/libpcre-8.33 - dev-libs/libdnet - zlib? ( sys-libs/zlib )" - -RDEPEND="${DEPEND} - selinux? ( sec-policy/selinux-snort )" - -REQUIRED_USE="zlib? ( dynamicplugin ) - !kernel_linux? ( !shared-rep )" - -pkg_setup() { - - # pre_inst() is a better place to put this - # but we need it here for the 'fowners' statements in src_install() - enewgroup snort - enewuser snort -1 -1 /dev/null snort - -} - -src_prepare() { - - # Multilib fix for the sf_engine - ebegin "Applying multilib fix" - sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ - "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ - || die "sed for sf_engine failed" - - # Multilib fix for the curent set of dynamic-preprocessors - for i in ftptelnet smtp ssh dns ssl dcerpc2 sdf imap pop rzb_saac sip reputation gtp modbus dnp3; do - sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ - "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ - || die "sed for $i failed." - done - eend - - AT_M4DIR=m4 eautoreconf -} - -src_configure() { - - econf \ - $(use_enable !static shared) \ - $(use_enable static) \ - $(use_enable static so-with-static-lib) \ - $(use_enable dynamicplugin) \ - $(use_enable zlib) \ - $(use_enable gre) \ - $(use_enable mpls) \ - $(use_enable targetbased) \ - $(use_enable control-socket) \ - $(use_enable non-ether-decoders) \ - $(use_enable shared-rep) \ - $(use_enable sourcefire) \ - $(use_enable ppm) \ - $(use_enable perfprofiling) \ - $(use_enable linux-smp-stats) \ - $(use_enable inline-init-failopen) \ - $(use_enable threads pthread) \ - $(use_enable debug) \ - $(use_enable debug debug-msgs) \ - $(use_enable debug corefiles) \ - $(use_enable !debug dlclose) \ - $(use_enable active-response) \ - $(use_enable normalizer) \ - $(use_enable reload-error-restart) \ - $(use_enable react) \ - $(use_enable flexresp3) \ - $(use_enable paf) \ - $(use_enable large-pcap-64bit large-pcap) \ - --enable-reload \ - --disable-build-dynamic-examples \ - --disable-profile \ - --disable-ppm-test \ - --disable-intel-soft-cpm \ - --disable-static-daq \ - --disable-rzb-saac -} - -src_install() { - - emake DESTDIR="${D}" install - - dodir /var/log/snort \ - /var/run/snort \ - /etc/snort/rules \ - /etc/snort/so_rules \ - /usr/$(get_libdir)/snort_dynamicrules - - # config.log and build.log are needed by Sourcefire - # to trouble shoot build problems and bug reports so we are - # perserving them incase the user needs upstream support. - dodoc RELEASE.NOTES ChangeLog \ - doc/* \ - tools/u2boat/README.u2boat - - insinto /etc/snort - doins etc/attribute_table.dtd \ - etc/classification.config \ - etc/gen-msg.map \ - etc/reference.config \ - etc/threshold.conf \ - etc/unicode.map - - # We use snort.conf.distrib because the config file is complicated - # and the one shipped with snort can change drastically between versions. - # Users should migrate setting by hand and not with etc-update. - newins etc/snort.conf snort.conf.distrib - - # config.log and build.log are needed by Sourcefire - # to troubleshoot build problems and bug reports so we are - # preserving them incase the user needs upstream support. - if [ -f "${WORKDIR}/${PF}/config.log" ]; then - dodoc "${WORKDIR}/${PF}/config.log" - fi - if [ -f "${T}/build.log" ]; then - dodoc "${T}/build.log" - fi - - insinto /etc/snort/preproc_rules - doins preproc_rules/decoder.rules \ - preproc_rules/preprocessor.rules \ - preproc_rules/sensitive-data.rules - - fowners -R snort:snort \ - /var/log/snort \ - /var/run/snort \ - /etc/snort - - newinitd "${FILESDIR}/snort.rc12" snort - newconfd "${FILESDIR}/snort.confd.2" snort - - # Sourcefire uses Makefiles to install docs causing Bug #297190. - # This removes the unwanted doc directory and rogue Makefiles. - rm -rf "${D}"usr/share/doc/snort || die "Failed to remove SF doc directories" - rm "${D}"usr/share/doc/"${PF}"/Makefile* || die "Failed to remove doc make files" - - #Remove unneeded .la files (Bug #382863) - rm "${D}"usr/$(get_libdir)/snort_dynamicengine/libsf_engine.la || die - rm "${D}"usr/$(get_libdir)/snort_dynamicpreprocessor/libsf_*_preproc.la || die "Failed to remove libsf_?_preproc.la" - - # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection - sed -i -e 's|/usr/local/lib|/usr/'$(get_libdir)'|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct rule location in the config - sed -i -e 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct preprocessor/decoder rule location in the config - sed -i -e 's|PREPROC_RULE_PATH ../preproc_rules|PREPROC_RULE_PATH /etc/snort/preproc_rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Enable the preprocessor/decoder rules - sed -i -e 's|^# include $PREPROC_RULE_PATH|include $PREPROC_RULE_PATH|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - sed -i -e 's|^# dynamicdetection directory|dynamicdetection directory|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Just some clean up of trailing /'s in the config - sed -i -e 's|snort_dynamicpreprocessor/$|snort_dynamicpreprocessor|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Make it clear in the config where these are... - sed -i -e 's|^include classification.config|include /etc/snort/classification.config|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - sed -i -e 's|^include reference.config|include /etc/snort/reference.config|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Disable all rule files by default. - sed -i -e 's|^include $RULE_PATH|# include $RULE_PATH|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Disable normalizer preprocessor config if normalizer USE flag not set. - if ! use normalizer; then - sed -i -e 's|^preprocessor normalize|#preprocessor normalize|g' \ - "${D}etc/snort/snort.conf.distrib" || die - fi - - # Set the configured DAQ to afpacket - sed -i -e 's|^# config daq: <type>|config daq: afpacket|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the location of the DAQ modules - sed -i -e 's|^# config daq_dir: <dir>|config daq_dir: /usr/'$(get_libdir)'/daq|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the DAQ mode to passive - sed -i -e 's|^# config daq_mode: <mode>|config daq_mode: passive|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set snort to run as snort:snort - sed -i -e 's|^# config set_gid:|config set_gid: snort|g' \ - "${D}etc/snort/snort.conf.distrib" || die - sed -i -e 's|^# config set_uid:|config set_uid: snort|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the default log dir - sed -i -e 's|^# config logdir:|config logdir: /var/log/snort/|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct so_rule location in the config - sed -i -e 's|SO_RULE_PATH ../so_rules|SO_RULE_PATH /etc/snort/so_rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die -} - -pkg_postinst() { - - einfo "There have been a number of improvements and new features" - einfo "added to ${P}. Please review the RELEASE.NOTES and" - einfo "ChangLog located in /usr/share/doc/${PF}." - einfo - elog "The Sourcefire Vulnerability Research Team (VRT) recommends that" - elog "users migrate their snort.conf customizations to the latest config" - elog "file released by the VRT. You can find the latest version of the" - elog "Snort config file in /etc/snort/snort.conf.distrib." - elog - elog "!! It is important that you migrate to this new snort.conf file !!" - elog - elog "This version of the ebuild includes an updated init.d file and" - elog "conf.d file that rely on options found in the latest Snort" - elog "config file provided by the VRT." - - if use debug; then - elog "You have the 'debug' USE flag enabled. If this has been done to" - elog "troubleshoot an issue by producing a core dump or a back trace," - elog "then you need to also ensure the FEATURES variable in make.conf" - elog "contains the 'nostrip' option." - fi -} diff --git a/net-analyzer/snort/snort-2.9.7.0.ebuild b/net-analyzer/snort/snort-2.9.7.0.ebuild deleted file mode 100644 index a22c0902ec33..000000000000 --- a/net-analyzer/snort/snort-2.9.7.0.ebuild +++ /dev/null @@ -1,249 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="5" -inherit autotools multilib user - -DESCRIPTION="The de facto standard for intrusion detection/prevention" -HOMEPAGE="https://www.snort.org" -SRC_URI="https://www.snort.org/downloads/archive/${PN}/${P}.tar.gz" -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86" -IUSE="static +gre +mpls +targetbased +ppm +perfprofiling -+non-ether-decoders control-socket file-inspect high-availability -shared-rep side-channel sourcefire linux-smp-stats inline-init-failopen -+threads debug +active-response +normalizer reload-error-restart -+react +flexresp3 large-pcap-64bit selinux" - -DEPEND=">=net-libs/libpcap-1.3.0 - >=net-libs/daq-2.0.2 - >=dev-libs/libpcre-8.33 - dev-libs/libdnet - sys-libs/zlib" - -RDEPEND="${DEPEND} - selinux? ( sec-policy/selinux-snort )" - -REQUIRED_USE="!kernel_linux? ( !shared-rep )" - -pkg_setup() { - - # pre_inst() is a better place to put this - # but we need it here for the 'fowners' statements in src_install() - enewgroup snort - enewuser snort -1 -1 /dev/null snort - -} - -src_prepare() { - - # Multilib fix for the sf_engine - ebegin "Applying multilib fix" - sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ - "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ - || die "sed for sf_engine failed" - - # Multilib fix for the curent set of dynamic-preprocessors - for i in file ftptelnet smtp ssh dns ssl dcerpc2 sdf imap pop sip reputation gtp modbus dnp3; do - sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ - "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ - || die "sed for $i failed." - done - eend - - AT_M4DIR=m4 eautoreconf -} - -src_configure() { - - econf \ - $(use_enable !static shared) \ - $(use_enable static) \ - $(use_enable static so-with-static-lib) \ - $(use_enable gre) \ - $(use_enable mpls) \ - $(use_enable targetbased) \ - $(use_enable control-socket) \ - $(use_enable file-inspect) \ - $(use_enable high-availability ha) \ - $(use_enable non-ether-decoders) \ - $(use_enable shared-rep) \ - $(use_enable side-channel) \ - $(use_enable sourcefire) \ - $(use_enable ppm) \ - $(use_enable perfprofiling) \ - $(use_enable linux-smp-stats) \ - $(use_enable inline-init-failopen) \ - $(use_enable threads pthread) \ - $(use_enable debug) \ - $(use_enable debug debug-msgs) \ - $(use_enable debug corefiles) \ - $(use_enable !debug dlclose) \ - $(use_enable active-response) \ - $(use_enable normalizer) \ - $(use_enable reload-error-restart) \ - $(use_enable react) \ - $(use_enable flexresp3) \ - $(use_enable large-pcap-64bit large-pcap) \ - --enable-reload \ - --disable-build-dynamic-examples \ - --disable-profile \ - --disable-ppm-test \ - --disable-intel-soft-cpm \ - --disable-static-daq -} - -src_install() { - - emake DESTDIR="${D}" install - - dodir /var/log/snort \ - /var/run/snort \ - /etc/snort/rules \ - /etc/snort/so_rules \ - /usr/$(get_libdir)/snort_dynamicrules - - # config.log and build.log are needed by Sourcefire - # to trouble shoot build problems and bug reports so we are - # perserving them incase the user needs upstream support. - dodoc RELEASE.NOTES ChangeLog \ - doc/* \ - tools/u2boat/README.u2boat - - insinto /etc/snort - doins etc/attribute_table.dtd \ - etc/classification.config \ - etc/gen-msg.map \ - etc/reference.config \ - etc/threshold.conf \ - etc/unicode.map - - # We use snort.conf.distrib because the config file is complicated - # and the one shipped with snort can change drastically between versions. - # Users should migrate setting by hand and not with etc-update. - newins etc/snort.conf snort.conf.distrib - - # config.log and build.log are needed by Sourcefire - # to troubleshoot build problems and bug reports so we are - # preserving them incase the user needs upstream support. - if [ -f "${WORKDIR}/${PF}/config.log" ]; then - dodoc "${WORKDIR}/${PF}/config.log" - fi - if [ -f "${T}/build.log" ]; then - dodoc "${T}/build.log" - fi - - insinto /etc/snort/preproc_rules - doins preproc_rules/decoder.rules \ - preproc_rules/preprocessor.rules \ - preproc_rules/sensitive-data.rules - - fowners -R snort:snort \ - /var/log/snort \ - /var/run/snort \ - /etc/snort - - newinitd "${FILESDIR}/snort.rc12" snort - newconfd "${FILESDIR}/snort.confd.2" snort - - # Sourcefire uses Makefiles to install docs causing Bug #297190. - # This removes the unwanted doc directory and rogue Makefiles. - rm -rf "${D}"usr/share/doc/snort || die "Failed to remove SF doc directories" - rm "${D}"usr/share/doc/"${PF}"/Makefile* || die "Failed to remove doc make files" - - # Remove unneeded .la files (Bug #382863) - rm "${D}"usr/$(get_libdir)/snort_dynamicengine/libsf_engine.la || die - rm "${D}"usr/$(get_libdir)/snort_dynamicpreprocessor/libsf_*_preproc.la || die "Failed to remove libsf_?_preproc.la" - - # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection - sed -i -e 's|/usr/local/lib|/usr/'$(get_libdir)'|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct rule location in the config - sed -i -e 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct preprocessor/decoder rule location in the config - sed -i -e 's|PREPROC_RULE_PATH ../preproc_rules|PREPROC_RULE_PATH /etc/snort/preproc_rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Enable the preprocessor/decoder rules - sed -i -e 's|^# include $PREPROC_RULE_PATH|include $PREPROC_RULE_PATH|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - sed -i -e 's|^# dynamicdetection directory|dynamicdetection directory|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Just some clean up of trailing /'s in the config - sed -i -e 's|snort_dynamicpreprocessor/$|snort_dynamicpreprocessor|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Make it clear in the config where these are... - sed -i -e 's|^include classification.config|include /etc/snort/classification.config|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - sed -i -e 's|^include reference.config|include /etc/snort/reference.config|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Disable all rule files by default. - sed -i -e 's|^include $RULE_PATH|# include $RULE_PATH|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Disable normalizer preprocessor config if normalizer USE flag not set. - if ! use normalizer; then - sed -i -e 's|^preprocessor normalize|#preprocessor normalize|g' \ - "${D}etc/snort/snort.conf.distrib" || die - fi - - # Set the configured DAQ to afpacket - sed -i -e 's|^# config daq: <type>|config daq: afpacket|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the location of the DAQ modules - sed -i -e 's|^# config daq_dir: <dir>|config daq_dir: /usr/'$(get_libdir)'/daq|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the DAQ mode to passive - sed -i -e 's|^# config daq_mode: <mode>|config daq_mode: passive|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set snort to run as snort:snort - sed -i -e 's|^# config set_gid:|config set_gid: snort|g' \ - "${D}etc/snort/snort.conf.distrib" || die - sed -i -e 's|^# config set_uid:|config set_uid: snort|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the default log dir - sed -i -e 's|^# config logdir:|config logdir: /var/log/snort/|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct so_rule location in the config - sed -i -e 's|SO_RULE_PATH ../so_rules|SO_RULE_PATH /etc/snort/so_rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die -} - -pkg_postinst() { - - einfo "There have been a number of improvements and new features" - einfo "added to ${P}. Please review the RELEASE.NOTES and" - einfo "ChangLog located in /usr/share/doc/${PF}." - einfo - elog "The Sourcefire Vulnerability Research Team (VRT) recommends that" - elog "users migrate their snort.conf customizations to the latest config" - elog "file released by the VRT. You can find the latest version of the" - elog "Snort config file in /etc/snort/snort.conf.distrib." - elog - elog "!! It is important that you migrate to this new snort.conf file !!" - elog - elog "This version of the ebuild includes an updated init.d file and" - elog "conf.d file that rely on options found in the latest Snort" - elog "config file provided by the VRT." - - if use debug; then - elog "You have the 'debug' USE flag enabled. If this has been done to" - elog "troubleshoot an issue by producing a core dump or a back trace," - elog "then you need to also ensure the FEATURES variable in make.conf" - elog "contains the 'nostrip' option." - fi -} diff --git a/net-analyzer/snort/snort-2.9.7.2.ebuild b/net-analyzer/snort/snort-2.9.7.2.ebuild deleted file mode 100644 index a22c0902ec33..000000000000 --- a/net-analyzer/snort/snort-2.9.7.2.ebuild +++ /dev/null @@ -1,249 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="5" -inherit autotools multilib user - -DESCRIPTION="The de facto standard for intrusion detection/prevention" -HOMEPAGE="https://www.snort.org" -SRC_URI="https://www.snort.org/downloads/archive/${PN}/${P}.tar.gz" -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86" -IUSE="static +gre +mpls +targetbased +ppm +perfprofiling -+non-ether-decoders control-socket file-inspect high-availability -shared-rep side-channel sourcefire linux-smp-stats inline-init-failopen -+threads debug +active-response +normalizer reload-error-restart -+react +flexresp3 large-pcap-64bit selinux" - -DEPEND=">=net-libs/libpcap-1.3.0 - >=net-libs/daq-2.0.2 - >=dev-libs/libpcre-8.33 - dev-libs/libdnet - sys-libs/zlib" - -RDEPEND="${DEPEND} - selinux? ( sec-policy/selinux-snort )" - -REQUIRED_USE="!kernel_linux? ( !shared-rep )" - -pkg_setup() { - - # pre_inst() is a better place to put this - # but we need it here for the 'fowners' statements in src_install() - enewgroup snort - enewuser snort -1 -1 /dev/null snort - -} - -src_prepare() { - - # Multilib fix for the sf_engine - ebegin "Applying multilib fix" - sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ - "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ - || die "sed for sf_engine failed" - - # Multilib fix for the curent set of dynamic-preprocessors - for i in file ftptelnet smtp ssh dns ssl dcerpc2 sdf imap pop sip reputation gtp modbus dnp3; do - sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ - "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ - || die "sed for $i failed." - done - eend - - AT_M4DIR=m4 eautoreconf -} - -src_configure() { - - econf \ - $(use_enable !static shared) \ - $(use_enable static) \ - $(use_enable static so-with-static-lib) \ - $(use_enable gre) \ - $(use_enable mpls) \ - $(use_enable targetbased) \ - $(use_enable control-socket) \ - $(use_enable file-inspect) \ - $(use_enable high-availability ha) \ - $(use_enable non-ether-decoders) \ - $(use_enable shared-rep) \ - $(use_enable side-channel) \ - $(use_enable sourcefire) \ - $(use_enable ppm) \ - $(use_enable perfprofiling) \ - $(use_enable linux-smp-stats) \ - $(use_enable inline-init-failopen) \ - $(use_enable threads pthread) \ - $(use_enable debug) \ - $(use_enable debug debug-msgs) \ - $(use_enable debug corefiles) \ - $(use_enable !debug dlclose) \ - $(use_enable active-response) \ - $(use_enable normalizer) \ - $(use_enable reload-error-restart) \ - $(use_enable react) \ - $(use_enable flexresp3) \ - $(use_enable large-pcap-64bit large-pcap) \ - --enable-reload \ - --disable-build-dynamic-examples \ - --disable-profile \ - --disable-ppm-test \ - --disable-intel-soft-cpm \ - --disable-static-daq -} - -src_install() { - - emake DESTDIR="${D}" install - - dodir /var/log/snort \ - /var/run/snort \ - /etc/snort/rules \ - /etc/snort/so_rules \ - /usr/$(get_libdir)/snort_dynamicrules - - # config.log and build.log are needed by Sourcefire - # to trouble shoot build problems and bug reports so we are - # perserving them incase the user needs upstream support. - dodoc RELEASE.NOTES ChangeLog \ - doc/* \ - tools/u2boat/README.u2boat - - insinto /etc/snort - doins etc/attribute_table.dtd \ - etc/classification.config \ - etc/gen-msg.map \ - etc/reference.config \ - etc/threshold.conf \ - etc/unicode.map - - # We use snort.conf.distrib because the config file is complicated - # and the one shipped with snort can change drastically between versions. - # Users should migrate setting by hand and not with etc-update. - newins etc/snort.conf snort.conf.distrib - - # config.log and build.log are needed by Sourcefire - # to troubleshoot build problems and bug reports so we are - # preserving them incase the user needs upstream support. - if [ -f "${WORKDIR}/${PF}/config.log" ]; then - dodoc "${WORKDIR}/${PF}/config.log" - fi - if [ -f "${T}/build.log" ]; then - dodoc "${T}/build.log" - fi - - insinto /etc/snort/preproc_rules - doins preproc_rules/decoder.rules \ - preproc_rules/preprocessor.rules \ - preproc_rules/sensitive-data.rules - - fowners -R snort:snort \ - /var/log/snort \ - /var/run/snort \ - /etc/snort - - newinitd "${FILESDIR}/snort.rc12" snort - newconfd "${FILESDIR}/snort.confd.2" snort - - # Sourcefire uses Makefiles to install docs causing Bug #297190. - # This removes the unwanted doc directory and rogue Makefiles. - rm -rf "${D}"usr/share/doc/snort || die "Failed to remove SF doc directories" - rm "${D}"usr/share/doc/"${PF}"/Makefile* || die "Failed to remove doc make files" - - # Remove unneeded .la files (Bug #382863) - rm "${D}"usr/$(get_libdir)/snort_dynamicengine/libsf_engine.la || die - rm "${D}"usr/$(get_libdir)/snort_dynamicpreprocessor/libsf_*_preproc.la || die "Failed to remove libsf_?_preproc.la" - - # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection - sed -i -e 's|/usr/local/lib|/usr/'$(get_libdir)'|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct rule location in the config - sed -i -e 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct preprocessor/decoder rule location in the config - sed -i -e 's|PREPROC_RULE_PATH ../preproc_rules|PREPROC_RULE_PATH /etc/snort/preproc_rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Enable the preprocessor/decoder rules - sed -i -e 's|^# include $PREPROC_RULE_PATH|include $PREPROC_RULE_PATH|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - sed -i -e 's|^# dynamicdetection directory|dynamicdetection directory|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Just some clean up of trailing /'s in the config - sed -i -e 's|snort_dynamicpreprocessor/$|snort_dynamicpreprocessor|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Make it clear in the config where these are... - sed -i -e 's|^include classification.config|include /etc/snort/classification.config|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - sed -i -e 's|^include reference.config|include /etc/snort/reference.config|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Disable all rule files by default. - sed -i -e 's|^include $RULE_PATH|# include $RULE_PATH|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Disable normalizer preprocessor config if normalizer USE flag not set. - if ! use normalizer; then - sed -i -e 's|^preprocessor normalize|#preprocessor normalize|g' \ - "${D}etc/snort/snort.conf.distrib" || die - fi - - # Set the configured DAQ to afpacket - sed -i -e 's|^# config daq: <type>|config daq: afpacket|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the location of the DAQ modules - sed -i -e 's|^# config daq_dir: <dir>|config daq_dir: /usr/'$(get_libdir)'/daq|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the DAQ mode to passive - sed -i -e 's|^# config daq_mode: <mode>|config daq_mode: passive|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set snort to run as snort:snort - sed -i -e 's|^# config set_gid:|config set_gid: snort|g' \ - "${D}etc/snort/snort.conf.distrib" || die - sed -i -e 's|^# config set_uid:|config set_uid: snort|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the default log dir - sed -i -e 's|^# config logdir:|config logdir: /var/log/snort/|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct so_rule location in the config - sed -i -e 's|SO_RULE_PATH ../so_rules|SO_RULE_PATH /etc/snort/so_rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die -} - -pkg_postinst() { - - einfo "There have been a number of improvements and new features" - einfo "added to ${P}. Please review the RELEASE.NOTES and" - einfo "ChangLog located in /usr/share/doc/${PF}." - einfo - elog "The Sourcefire Vulnerability Research Team (VRT) recommends that" - elog "users migrate their snort.conf customizations to the latest config" - elog "file released by the VRT. You can find the latest version of the" - elog "Snort config file in /etc/snort/snort.conf.distrib." - elog - elog "!! It is important that you migrate to this new snort.conf file !!" - elog - elog "This version of the ebuild includes an updated init.d file and" - elog "conf.d file that rely on options found in the latest Snort" - elog "config file provided by the VRT." - - if use debug; then - elog "You have the 'debug' USE flag enabled. If this has been done to" - elog "troubleshoot an issue by producing a core dump or a back trace," - elog "then you need to also ensure the FEATURES variable in make.conf" - elog "contains the 'nostrip' option." - fi -} diff --git a/net-analyzer/snort/snort-2.9.7.3.ebuild b/net-analyzer/snort/snort-2.9.7.3.ebuild deleted file mode 100644 index a22c0902ec33..000000000000 --- a/net-analyzer/snort/snort-2.9.7.3.ebuild +++ /dev/null @@ -1,249 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="5" -inherit autotools multilib user - -DESCRIPTION="The de facto standard for intrusion detection/prevention" -HOMEPAGE="https://www.snort.org" -SRC_URI="https://www.snort.org/downloads/archive/${PN}/${P}.tar.gz" -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86" -IUSE="static +gre +mpls +targetbased +ppm +perfprofiling -+non-ether-decoders control-socket file-inspect high-availability -shared-rep side-channel sourcefire linux-smp-stats inline-init-failopen -+threads debug +active-response +normalizer reload-error-restart -+react +flexresp3 large-pcap-64bit selinux" - -DEPEND=">=net-libs/libpcap-1.3.0 - >=net-libs/daq-2.0.2 - >=dev-libs/libpcre-8.33 - dev-libs/libdnet - sys-libs/zlib" - -RDEPEND="${DEPEND} - selinux? ( sec-policy/selinux-snort )" - -REQUIRED_USE="!kernel_linux? ( !shared-rep )" - -pkg_setup() { - - # pre_inst() is a better place to put this - # but we need it here for the 'fowners' statements in src_install() - enewgroup snort - enewuser snort -1 -1 /dev/null snort - -} - -src_prepare() { - - # Multilib fix for the sf_engine - ebegin "Applying multilib fix" - sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ - "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ - || die "sed for sf_engine failed" - - # Multilib fix for the curent set of dynamic-preprocessors - for i in file ftptelnet smtp ssh dns ssl dcerpc2 sdf imap pop sip reputation gtp modbus dnp3; do - sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ - "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ - || die "sed for $i failed." - done - eend - - AT_M4DIR=m4 eautoreconf -} - -src_configure() { - - econf \ - $(use_enable !static shared) \ - $(use_enable static) \ - $(use_enable static so-with-static-lib) \ - $(use_enable gre) \ - $(use_enable mpls) \ - $(use_enable targetbased) \ - $(use_enable control-socket) \ - $(use_enable file-inspect) \ - $(use_enable high-availability ha) \ - $(use_enable non-ether-decoders) \ - $(use_enable shared-rep) \ - $(use_enable side-channel) \ - $(use_enable sourcefire) \ - $(use_enable ppm) \ - $(use_enable perfprofiling) \ - $(use_enable linux-smp-stats) \ - $(use_enable inline-init-failopen) \ - $(use_enable threads pthread) \ - $(use_enable debug) \ - $(use_enable debug debug-msgs) \ - $(use_enable debug corefiles) \ - $(use_enable !debug dlclose) \ - $(use_enable active-response) \ - $(use_enable normalizer) \ - $(use_enable reload-error-restart) \ - $(use_enable react) \ - $(use_enable flexresp3) \ - $(use_enable large-pcap-64bit large-pcap) \ - --enable-reload \ - --disable-build-dynamic-examples \ - --disable-profile \ - --disable-ppm-test \ - --disable-intel-soft-cpm \ - --disable-static-daq -} - -src_install() { - - emake DESTDIR="${D}" install - - dodir /var/log/snort \ - /var/run/snort \ - /etc/snort/rules \ - /etc/snort/so_rules \ - /usr/$(get_libdir)/snort_dynamicrules - - # config.log and build.log are needed by Sourcefire - # to trouble shoot build problems and bug reports so we are - # perserving them incase the user needs upstream support. - dodoc RELEASE.NOTES ChangeLog \ - doc/* \ - tools/u2boat/README.u2boat - - insinto /etc/snort - doins etc/attribute_table.dtd \ - etc/classification.config \ - etc/gen-msg.map \ - etc/reference.config \ - etc/threshold.conf \ - etc/unicode.map - - # We use snort.conf.distrib because the config file is complicated - # and the one shipped with snort can change drastically between versions. - # Users should migrate setting by hand and not with etc-update. - newins etc/snort.conf snort.conf.distrib - - # config.log and build.log are needed by Sourcefire - # to troubleshoot build problems and bug reports so we are - # preserving them incase the user needs upstream support. - if [ -f "${WORKDIR}/${PF}/config.log" ]; then - dodoc "${WORKDIR}/${PF}/config.log" - fi - if [ -f "${T}/build.log" ]; then - dodoc "${T}/build.log" - fi - - insinto /etc/snort/preproc_rules - doins preproc_rules/decoder.rules \ - preproc_rules/preprocessor.rules \ - preproc_rules/sensitive-data.rules - - fowners -R snort:snort \ - /var/log/snort \ - /var/run/snort \ - /etc/snort - - newinitd "${FILESDIR}/snort.rc12" snort - newconfd "${FILESDIR}/snort.confd.2" snort - - # Sourcefire uses Makefiles to install docs causing Bug #297190. - # This removes the unwanted doc directory and rogue Makefiles. - rm -rf "${D}"usr/share/doc/snort || die "Failed to remove SF doc directories" - rm "${D}"usr/share/doc/"${PF}"/Makefile* || die "Failed to remove doc make files" - - # Remove unneeded .la files (Bug #382863) - rm "${D}"usr/$(get_libdir)/snort_dynamicengine/libsf_engine.la || die - rm "${D}"usr/$(get_libdir)/snort_dynamicpreprocessor/libsf_*_preproc.la || die "Failed to remove libsf_?_preproc.la" - - # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection - sed -i -e 's|/usr/local/lib|/usr/'$(get_libdir)'|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct rule location in the config - sed -i -e 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct preprocessor/decoder rule location in the config - sed -i -e 's|PREPROC_RULE_PATH ../preproc_rules|PREPROC_RULE_PATH /etc/snort/preproc_rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Enable the preprocessor/decoder rules - sed -i -e 's|^# include $PREPROC_RULE_PATH|include $PREPROC_RULE_PATH|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - sed -i -e 's|^# dynamicdetection directory|dynamicdetection directory|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Just some clean up of trailing /'s in the config - sed -i -e 's|snort_dynamicpreprocessor/$|snort_dynamicpreprocessor|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Make it clear in the config where these are... - sed -i -e 's|^include classification.config|include /etc/snort/classification.config|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - sed -i -e 's|^include reference.config|include /etc/snort/reference.config|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Disable all rule files by default. - sed -i -e 's|^include $RULE_PATH|# include $RULE_PATH|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Disable normalizer preprocessor config if normalizer USE flag not set. - if ! use normalizer; then - sed -i -e 's|^preprocessor normalize|#preprocessor normalize|g' \ - "${D}etc/snort/snort.conf.distrib" || die - fi - - # Set the configured DAQ to afpacket - sed -i -e 's|^# config daq: <type>|config daq: afpacket|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the location of the DAQ modules - sed -i -e 's|^# config daq_dir: <dir>|config daq_dir: /usr/'$(get_libdir)'/daq|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the DAQ mode to passive - sed -i -e 's|^# config daq_mode: <mode>|config daq_mode: passive|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set snort to run as snort:snort - sed -i -e 's|^# config set_gid:|config set_gid: snort|g' \ - "${D}etc/snort/snort.conf.distrib" || die - sed -i -e 's|^# config set_uid:|config set_uid: snort|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the default log dir - sed -i -e 's|^# config logdir:|config logdir: /var/log/snort/|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct so_rule location in the config - sed -i -e 's|SO_RULE_PATH ../so_rules|SO_RULE_PATH /etc/snort/so_rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die -} - -pkg_postinst() { - - einfo "There have been a number of improvements and new features" - einfo "added to ${P}. Please review the RELEASE.NOTES and" - einfo "ChangLog located in /usr/share/doc/${PF}." - einfo - elog "The Sourcefire Vulnerability Research Team (VRT) recommends that" - elog "users migrate their snort.conf customizations to the latest config" - elog "file released by the VRT. You can find the latest version of the" - elog "Snort config file in /etc/snort/snort.conf.distrib." - elog - elog "!! It is important that you migrate to this new snort.conf file !!" - elog - elog "This version of the ebuild includes an updated init.d file and" - elog "conf.d file that rely on options found in the latest Snort" - elog "config file provided by the VRT." - - if use debug; then - elog "You have the 'debug' USE flag enabled. If this has been done to" - elog "troubleshoot an issue by producing a core dump or a back trace," - elog "then you need to also ensure the FEATURES variable in make.conf" - elog "contains the 'nostrip' option." - fi -} diff --git a/net-analyzer/snort/snort-2.9.7.5.ebuild b/net-analyzer/snort/snort-2.9.7.5.ebuild deleted file mode 100644 index a22c0902ec33..000000000000 --- a/net-analyzer/snort/snort-2.9.7.5.ebuild +++ /dev/null @@ -1,249 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="5" -inherit autotools multilib user - -DESCRIPTION="The de facto standard for intrusion detection/prevention" -HOMEPAGE="https://www.snort.org" -SRC_URI="https://www.snort.org/downloads/archive/${PN}/${P}.tar.gz" -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86" -IUSE="static +gre +mpls +targetbased +ppm +perfprofiling -+non-ether-decoders control-socket file-inspect high-availability -shared-rep side-channel sourcefire linux-smp-stats inline-init-failopen -+threads debug +active-response +normalizer reload-error-restart -+react +flexresp3 large-pcap-64bit selinux" - -DEPEND=">=net-libs/libpcap-1.3.0 - >=net-libs/daq-2.0.2 - >=dev-libs/libpcre-8.33 - dev-libs/libdnet - sys-libs/zlib" - -RDEPEND="${DEPEND} - selinux? ( sec-policy/selinux-snort )" - -REQUIRED_USE="!kernel_linux? ( !shared-rep )" - -pkg_setup() { - - # pre_inst() is a better place to put this - # but we need it here for the 'fowners' statements in src_install() - enewgroup snort - enewuser snort -1 -1 /dev/null snort - -} - -src_prepare() { - - # Multilib fix for the sf_engine - ebegin "Applying multilib fix" - sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ - "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ - || die "sed for sf_engine failed" - - # Multilib fix for the curent set of dynamic-preprocessors - for i in file ftptelnet smtp ssh dns ssl dcerpc2 sdf imap pop sip reputation gtp modbus dnp3; do - sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ - "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ - || die "sed for $i failed." - done - eend - - AT_M4DIR=m4 eautoreconf -} - -src_configure() { - - econf \ - $(use_enable !static shared) \ - $(use_enable static) \ - $(use_enable static so-with-static-lib) \ - $(use_enable gre) \ - $(use_enable mpls) \ - $(use_enable targetbased) \ - $(use_enable control-socket) \ - $(use_enable file-inspect) \ - $(use_enable high-availability ha) \ - $(use_enable non-ether-decoders) \ - $(use_enable shared-rep) \ - $(use_enable side-channel) \ - $(use_enable sourcefire) \ - $(use_enable ppm) \ - $(use_enable perfprofiling) \ - $(use_enable linux-smp-stats) \ - $(use_enable inline-init-failopen) \ - $(use_enable threads pthread) \ - $(use_enable debug) \ - $(use_enable debug debug-msgs) \ - $(use_enable debug corefiles) \ - $(use_enable !debug dlclose) \ - $(use_enable active-response) \ - $(use_enable normalizer) \ - $(use_enable reload-error-restart) \ - $(use_enable react) \ - $(use_enable flexresp3) \ - $(use_enable large-pcap-64bit large-pcap) \ - --enable-reload \ - --disable-build-dynamic-examples \ - --disable-profile \ - --disable-ppm-test \ - --disable-intel-soft-cpm \ - --disable-static-daq -} - -src_install() { - - emake DESTDIR="${D}" install - - dodir /var/log/snort \ - /var/run/snort \ - /etc/snort/rules \ - /etc/snort/so_rules \ - /usr/$(get_libdir)/snort_dynamicrules - - # config.log and build.log are needed by Sourcefire - # to trouble shoot build problems and bug reports so we are - # perserving them incase the user needs upstream support. - dodoc RELEASE.NOTES ChangeLog \ - doc/* \ - tools/u2boat/README.u2boat - - insinto /etc/snort - doins etc/attribute_table.dtd \ - etc/classification.config \ - etc/gen-msg.map \ - etc/reference.config \ - etc/threshold.conf \ - etc/unicode.map - - # We use snort.conf.distrib because the config file is complicated - # and the one shipped with snort can change drastically between versions. - # Users should migrate setting by hand and not with etc-update. - newins etc/snort.conf snort.conf.distrib - - # config.log and build.log are needed by Sourcefire - # to troubleshoot build problems and bug reports so we are - # preserving them incase the user needs upstream support. - if [ -f "${WORKDIR}/${PF}/config.log" ]; then - dodoc "${WORKDIR}/${PF}/config.log" - fi - if [ -f "${T}/build.log" ]; then - dodoc "${T}/build.log" - fi - - insinto /etc/snort/preproc_rules - doins preproc_rules/decoder.rules \ - preproc_rules/preprocessor.rules \ - preproc_rules/sensitive-data.rules - - fowners -R snort:snort \ - /var/log/snort \ - /var/run/snort \ - /etc/snort - - newinitd "${FILESDIR}/snort.rc12" snort - newconfd "${FILESDIR}/snort.confd.2" snort - - # Sourcefire uses Makefiles to install docs causing Bug #297190. - # This removes the unwanted doc directory and rogue Makefiles. - rm -rf "${D}"usr/share/doc/snort || die "Failed to remove SF doc directories" - rm "${D}"usr/share/doc/"${PF}"/Makefile* || die "Failed to remove doc make files" - - # Remove unneeded .la files (Bug #382863) - rm "${D}"usr/$(get_libdir)/snort_dynamicengine/libsf_engine.la || die - rm "${D}"usr/$(get_libdir)/snort_dynamicpreprocessor/libsf_*_preproc.la || die "Failed to remove libsf_?_preproc.la" - - # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection - sed -i -e 's|/usr/local/lib|/usr/'$(get_libdir)'|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct rule location in the config - sed -i -e 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct preprocessor/decoder rule location in the config - sed -i -e 's|PREPROC_RULE_PATH ../preproc_rules|PREPROC_RULE_PATH /etc/snort/preproc_rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Enable the preprocessor/decoder rules - sed -i -e 's|^# include $PREPROC_RULE_PATH|include $PREPROC_RULE_PATH|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - sed -i -e 's|^# dynamicdetection directory|dynamicdetection directory|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Just some clean up of trailing /'s in the config - sed -i -e 's|snort_dynamicpreprocessor/$|snort_dynamicpreprocessor|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Make it clear in the config where these are... - sed -i -e 's|^include classification.config|include /etc/snort/classification.config|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - sed -i -e 's|^include reference.config|include /etc/snort/reference.config|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Disable all rule files by default. - sed -i -e 's|^include $RULE_PATH|# include $RULE_PATH|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Disable normalizer preprocessor config if normalizer USE flag not set. - if ! use normalizer; then - sed -i -e 's|^preprocessor normalize|#preprocessor normalize|g' \ - "${D}etc/snort/snort.conf.distrib" || die - fi - - # Set the configured DAQ to afpacket - sed -i -e 's|^# config daq: <type>|config daq: afpacket|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the location of the DAQ modules - sed -i -e 's|^# config daq_dir: <dir>|config daq_dir: /usr/'$(get_libdir)'/daq|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the DAQ mode to passive - sed -i -e 's|^# config daq_mode: <mode>|config daq_mode: passive|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set snort to run as snort:snort - sed -i -e 's|^# config set_gid:|config set_gid: snort|g' \ - "${D}etc/snort/snort.conf.distrib" || die - sed -i -e 's|^# config set_uid:|config set_uid: snort|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the default log dir - sed -i -e 's|^# config logdir:|config logdir: /var/log/snort/|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct so_rule location in the config - sed -i -e 's|SO_RULE_PATH ../so_rules|SO_RULE_PATH /etc/snort/so_rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die -} - -pkg_postinst() { - - einfo "There have been a number of improvements and new features" - einfo "added to ${P}. Please review the RELEASE.NOTES and" - einfo "ChangLog located in /usr/share/doc/${PF}." - einfo - elog "The Sourcefire Vulnerability Research Team (VRT) recommends that" - elog "users migrate their snort.conf customizations to the latest config" - elog "file released by the VRT. You can find the latest version of the" - elog "Snort config file in /etc/snort/snort.conf.distrib." - elog - elog "!! It is important that you migrate to this new snort.conf file !!" - elog - elog "This version of the ebuild includes an updated init.d file and" - elog "conf.d file that rely on options found in the latest Snort" - elog "config file provided by the VRT." - - if use debug; then - elog "You have the 'debug' USE flag enabled. If this has been done to" - elog "troubleshoot an issue by producing a core dump or a back trace," - elog "then you need to also ensure the FEATURES variable in make.conf" - elog "contains the 'nostrip' option." - fi -} diff --git a/net-analyzer/snort/snort-2.9.8.0.ebuild b/net-analyzer/snort/snort-2.9.8.0.ebuild deleted file mode 100644 index a22c0902ec33..000000000000 --- a/net-analyzer/snort/snort-2.9.8.0.ebuild +++ /dev/null @@ -1,249 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="5" -inherit autotools multilib user - -DESCRIPTION="The de facto standard for intrusion detection/prevention" -HOMEPAGE="https://www.snort.org" -SRC_URI="https://www.snort.org/downloads/archive/${PN}/${P}.tar.gz" -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86" -IUSE="static +gre +mpls +targetbased +ppm +perfprofiling -+non-ether-decoders control-socket file-inspect high-availability -shared-rep side-channel sourcefire linux-smp-stats inline-init-failopen -+threads debug +active-response +normalizer reload-error-restart -+react +flexresp3 large-pcap-64bit selinux" - -DEPEND=">=net-libs/libpcap-1.3.0 - >=net-libs/daq-2.0.2 - >=dev-libs/libpcre-8.33 - dev-libs/libdnet - sys-libs/zlib" - -RDEPEND="${DEPEND} - selinux? ( sec-policy/selinux-snort )" - -REQUIRED_USE="!kernel_linux? ( !shared-rep )" - -pkg_setup() { - - # pre_inst() is a better place to put this - # but we need it here for the 'fowners' statements in src_install() - enewgroup snort - enewuser snort -1 -1 /dev/null snort - -} - -src_prepare() { - - # Multilib fix for the sf_engine - ebegin "Applying multilib fix" - sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ - "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ - || die "sed for sf_engine failed" - - # Multilib fix for the curent set of dynamic-preprocessors - for i in file ftptelnet smtp ssh dns ssl dcerpc2 sdf imap pop sip reputation gtp modbus dnp3; do - sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ - "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ - || die "sed for $i failed." - done - eend - - AT_M4DIR=m4 eautoreconf -} - -src_configure() { - - econf \ - $(use_enable !static shared) \ - $(use_enable static) \ - $(use_enable static so-with-static-lib) \ - $(use_enable gre) \ - $(use_enable mpls) \ - $(use_enable targetbased) \ - $(use_enable control-socket) \ - $(use_enable file-inspect) \ - $(use_enable high-availability ha) \ - $(use_enable non-ether-decoders) \ - $(use_enable shared-rep) \ - $(use_enable side-channel) \ - $(use_enable sourcefire) \ - $(use_enable ppm) \ - $(use_enable perfprofiling) \ - $(use_enable linux-smp-stats) \ - $(use_enable inline-init-failopen) \ - $(use_enable threads pthread) \ - $(use_enable debug) \ - $(use_enable debug debug-msgs) \ - $(use_enable debug corefiles) \ - $(use_enable !debug dlclose) \ - $(use_enable active-response) \ - $(use_enable normalizer) \ - $(use_enable reload-error-restart) \ - $(use_enable react) \ - $(use_enable flexresp3) \ - $(use_enable large-pcap-64bit large-pcap) \ - --enable-reload \ - --disable-build-dynamic-examples \ - --disable-profile \ - --disable-ppm-test \ - --disable-intel-soft-cpm \ - --disable-static-daq -} - -src_install() { - - emake DESTDIR="${D}" install - - dodir /var/log/snort \ - /var/run/snort \ - /etc/snort/rules \ - /etc/snort/so_rules \ - /usr/$(get_libdir)/snort_dynamicrules - - # config.log and build.log are needed by Sourcefire - # to trouble shoot build problems and bug reports so we are - # perserving them incase the user needs upstream support. - dodoc RELEASE.NOTES ChangeLog \ - doc/* \ - tools/u2boat/README.u2boat - - insinto /etc/snort - doins etc/attribute_table.dtd \ - etc/classification.config \ - etc/gen-msg.map \ - etc/reference.config \ - etc/threshold.conf \ - etc/unicode.map - - # We use snort.conf.distrib because the config file is complicated - # and the one shipped with snort can change drastically between versions. - # Users should migrate setting by hand and not with etc-update. - newins etc/snort.conf snort.conf.distrib - - # config.log and build.log are needed by Sourcefire - # to troubleshoot build problems and bug reports so we are - # preserving them incase the user needs upstream support. - if [ -f "${WORKDIR}/${PF}/config.log" ]; then - dodoc "${WORKDIR}/${PF}/config.log" - fi - if [ -f "${T}/build.log" ]; then - dodoc "${T}/build.log" - fi - - insinto /etc/snort/preproc_rules - doins preproc_rules/decoder.rules \ - preproc_rules/preprocessor.rules \ - preproc_rules/sensitive-data.rules - - fowners -R snort:snort \ - /var/log/snort \ - /var/run/snort \ - /etc/snort - - newinitd "${FILESDIR}/snort.rc12" snort - newconfd "${FILESDIR}/snort.confd.2" snort - - # Sourcefire uses Makefiles to install docs causing Bug #297190. - # This removes the unwanted doc directory and rogue Makefiles. - rm -rf "${D}"usr/share/doc/snort || die "Failed to remove SF doc directories" - rm "${D}"usr/share/doc/"${PF}"/Makefile* || die "Failed to remove doc make files" - - # Remove unneeded .la files (Bug #382863) - rm "${D}"usr/$(get_libdir)/snort_dynamicengine/libsf_engine.la || die - rm "${D}"usr/$(get_libdir)/snort_dynamicpreprocessor/libsf_*_preproc.la || die "Failed to remove libsf_?_preproc.la" - - # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection - sed -i -e 's|/usr/local/lib|/usr/'$(get_libdir)'|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct rule location in the config - sed -i -e 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct preprocessor/decoder rule location in the config - sed -i -e 's|PREPROC_RULE_PATH ../preproc_rules|PREPROC_RULE_PATH /etc/snort/preproc_rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Enable the preprocessor/decoder rules - sed -i -e 's|^# include $PREPROC_RULE_PATH|include $PREPROC_RULE_PATH|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - sed -i -e 's|^# dynamicdetection directory|dynamicdetection directory|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Just some clean up of trailing /'s in the config - sed -i -e 's|snort_dynamicpreprocessor/$|snort_dynamicpreprocessor|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Make it clear in the config where these are... - sed -i -e 's|^include classification.config|include /etc/snort/classification.config|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - sed -i -e 's|^include reference.config|include /etc/snort/reference.config|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Disable all rule files by default. - sed -i -e 's|^include $RULE_PATH|# include $RULE_PATH|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Disable normalizer preprocessor config if normalizer USE flag not set. - if ! use normalizer; then - sed -i -e 's|^preprocessor normalize|#preprocessor normalize|g' \ - "${D}etc/snort/snort.conf.distrib" || die - fi - - # Set the configured DAQ to afpacket - sed -i -e 's|^# config daq: <type>|config daq: afpacket|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the location of the DAQ modules - sed -i -e 's|^# config daq_dir: <dir>|config daq_dir: /usr/'$(get_libdir)'/daq|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the DAQ mode to passive - sed -i -e 's|^# config daq_mode: <mode>|config daq_mode: passive|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set snort to run as snort:snort - sed -i -e 's|^# config set_gid:|config set_gid: snort|g' \ - "${D}etc/snort/snort.conf.distrib" || die - sed -i -e 's|^# config set_uid:|config set_uid: snort|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the default log dir - sed -i -e 's|^# config logdir:|config logdir: /var/log/snort/|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct so_rule location in the config - sed -i -e 's|SO_RULE_PATH ../so_rules|SO_RULE_PATH /etc/snort/so_rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die -} - -pkg_postinst() { - - einfo "There have been a number of improvements and new features" - einfo "added to ${P}. Please review the RELEASE.NOTES and" - einfo "ChangLog located in /usr/share/doc/${PF}." - einfo - elog "The Sourcefire Vulnerability Research Team (VRT) recommends that" - elog "users migrate their snort.conf customizations to the latest config" - elog "file released by the VRT. You can find the latest version of the" - elog "Snort config file in /etc/snort/snort.conf.distrib." - elog - elog "!! It is important that you migrate to this new snort.conf file !!" - elog - elog "This version of the ebuild includes an updated init.d file and" - elog "conf.d file that rely on options found in the latest Snort" - elog "config file provided by the VRT." - - if use debug; then - elog "You have the 'debug' USE flag enabled. If this has been done to" - elog "troubleshoot an issue by producing a core dump or a back trace," - elog "then you need to also ensure the FEATURES variable in make.conf" - elog "contains the 'nostrip' option." - fi -} diff --git a/net-analyzer/snort/snort-2.9.8.2.ebuild b/net-analyzer/snort/snort-2.9.8.2.ebuild deleted file mode 100644 index a22c0902ec33..000000000000 --- a/net-analyzer/snort/snort-2.9.8.2.ebuild +++ /dev/null @@ -1,249 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="5" -inherit autotools multilib user - -DESCRIPTION="The de facto standard for intrusion detection/prevention" -HOMEPAGE="https://www.snort.org" -SRC_URI="https://www.snort.org/downloads/archive/${PN}/${P}.tar.gz" -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86" -IUSE="static +gre +mpls +targetbased +ppm +perfprofiling -+non-ether-decoders control-socket file-inspect high-availability -shared-rep side-channel sourcefire linux-smp-stats inline-init-failopen -+threads debug +active-response +normalizer reload-error-restart -+react +flexresp3 large-pcap-64bit selinux" - -DEPEND=">=net-libs/libpcap-1.3.0 - >=net-libs/daq-2.0.2 - >=dev-libs/libpcre-8.33 - dev-libs/libdnet - sys-libs/zlib" - -RDEPEND="${DEPEND} - selinux? ( sec-policy/selinux-snort )" - -REQUIRED_USE="!kernel_linux? ( !shared-rep )" - -pkg_setup() { - - # pre_inst() is a better place to put this - # but we need it here for the 'fowners' statements in src_install() - enewgroup snort - enewuser snort -1 -1 /dev/null snort - -} - -src_prepare() { - - # Multilib fix for the sf_engine - ebegin "Applying multilib fix" - sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ - "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ - || die "sed for sf_engine failed" - - # Multilib fix for the curent set of dynamic-preprocessors - for i in file ftptelnet smtp ssh dns ssl dcerpc2 sdf imap pop sip reputation gtp modbus dnp3; do - sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ - "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ - || die "sed for $i failed." - done - eend - - AT_M4DIR=m4 eautoreconf -} - -src_configure() { - - econf \ - $(use_enable !static shared) \ - $(use_enable static) \ - $(use_enable static so-with-static-lib) \ - $(use_enable gre) \ - $(use_enable mpls) \ - $(use_enable targetbased) \ - $(use_enable control-socket) \ - $(use_enable file-inspect) \ - $(use_enable high-availability ha) \ - $(use_enable non-ether-decoders) \ - $(use_enable shared-rep) \ - $(use_enable side-channel) \ - $(use_enable sourcefire) \ - $(use_enable ppm) \ - $(use_enable perfprofiling) \ - $(use_enable linux-smp-stats) \ - $(use_enable inline-init-failopen) \ - $(use_enable threads pthread) \ - $(use_enable debug) \ - $(use_enable debug debug-msgs) \ - $(use_enable debug corefiles) \ - $(use_enable !debug dlclose) \ - $(use_enable active-response) \ - $(use_enable normalizer) \ - $(use_enable reload-error-restart) \ - $(use_enable react) \ - $(use_enable flexresp3) \ - $(use_enable large-pcap-64bit large-pcap) \ - --enable-reload \ - --disable-build-dynamic-examples \ - --disable-profile \ - --disable-ppm-test \ - --disable-intel-soft-cpm \ - --disable-static-daq -} - -src_install() { - - emake DESTDIR="${D}" install - - dodir /var/log/snort \ - /var/run/snort \ - /etc/snort/rules \ - /etc/snort/so_rules \ - /usr/$(get_libdir)/snort_dynamicrules - - # config.log and build.log are needed by Sourcefire - # to trouble shoot build problems and bug reports so we are - # perserving them incase the user needs upstream support. - dodoc RELEASE.NOTES ChangeLog \ - doc/* \ - tools/u2boat/README.u2boat - - insinto /etc/snort - doins etc/attribute_table.dtd \ - etc/classification.config \ - etc/gen-msg.map \ - etc/reference.config \ - etc/threshold.conf \ - etc/unicode.map - - # We use snort.conf.distrib because the config file is complicated - # and the one shipped with snort can change drastically between versions. - # Users should migrate setting by hand and not with etc-update. - newins etc/snort.conf snort.conf.distrib - - # config.log and build.log are needed by Sourcefire - # to troubleshoot build problems and bug reports so we are - # preserving them incase the user needs upstream support. - if [ -f "${WORKDIR}/${PF}/config.log" ]; then - dodoc "${WORKDIR}/${PF}/config.log" - fi - if [ -f "${T}/build.log" ]; then - dodoc "${T}/build.log" - fi - - insinto /etc/snort/preproc_rules - doins preproc_rules/decoder.rules \ - preproc_rules/preprocessor.rules \ - preproc_rules/sensitive-data.rules - - fowners -R snort:snort \ - /var/log/snort \ - /var/run/snort \ - /etc/snort - - newinitd "${FILESDIR}/snort.rc12" snort - newconfd "${FILESDIR}/snort.confd.2" snort - - # Sourcefire uses Makefiles to install docs causing Bug #297190. - # This removes the unwanted doc directory and rogue Makefiles. - rm -rf "${D}"usr/share/doc/snort || die "Failed to remove SF doc directories" - rm "${D}"usr/share/doc/"${PF}"/Makefile* || die "Failed to remove doc make files" - - # Remove unneeded .la files (Bug #382863) - rm "${D}"usr/$(get_libdir)/snort_dynamicengine/libsf_engine.la || die - rm "${D}"usr/$(get_libdir)/snort_dynamicpreprocessor/libsf_*_preproc.la || die "Failed to remove libsf_?_preproc.la" - - # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection - sed -i -e 's|/usr/local/lib|/usr/'$(get_libdir)'|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct rule location in the config - sed -i -e 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct preprocessor/decoder rule location in the config - sed -i -e 's|PREPROC_RULE_PATH ../preproc_rules|PREPROC_RULE_PATH /etc/snort/preproc_rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Enable the preprocessor/decoder rules - sed -i -e 's|^# include $PREPROC_RULE_PATH|include $PREPROC_RULE_PATH|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - sed -i -e 's|^# dynamicdetection directory|dynamicdetection directory|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Just some clean up of trailing /'s in the config - sed -i -e 's|snort_dynamicpreprocessor/$|snort_dynamicpreprocessor|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Make it clear in the config where these are... - sed -i -e 's|^include classification.config|include /etc/snort/classification.config|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - sed -i -e 's|^include reference.config|include /etc/snort/reference.config|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Disable all rule files by default. - sed -i -e 's|^include $RULE_PATH|# include $RULE_PATH|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Disable normalizer preprocessor config if normalizer USE flag not set. - if ! use normalizer; then - sed -i -e 's|^preprocessor normalize|#preprocessor normalize|g' \ - "${D}etc/snort/snort.conf.distrib" || die - fi - - # Set the configured DAQ to afpacket - sed -i -e 's|^# config daq: <type>|config daq: afpacket|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the location of the DAQ modules - sed -i -e 's|^# config daq_dir: <dir>|config daq_dir: /usr/'$(get_libdir)'/daq|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the DAQ mode to passive - sed -i -e 's|^# config daq_mode: <mode>|config daq_mode: passive|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set snort to run as snort:snort - sed -i -e 's|^# config set_gid:|config set_gid: snort|g' \ - "${D}etc/snort/snort.conf.distrib" || die - sed -i -e 's|^# config set_uid:|config set_uid: snort|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the default log dir - sed -i -e 's|^# config logdir:|config logdir: /var/log/snort/|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct so_rule location in the config - sed -i -e 's|SO_RULE_PATH ../so_rules|SO_RULE_PATH /etc/snort/so_rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die -} - -pkg_postinst() { - - einfo "There have been a number of improvements and new features" - einfo "added to ${P}. Please review the RELEASE.NOTES and" - einfo "ChangLog located in /usr/share/doc/${PF}." - einfo - elog "The Sourcefire Vulnerability Research Team (VRT) recommends that" - elog "users migrate their snort.conf customizations to the latest config" - elog "file released by the VRT. You can find the latest version of the" - elog "Snort config file in /etc/snort/snort.conf.distrib." - elog - elog "!! It is important that you migrate to this new snort.conf file !!" - elog - elog "This version of the ebuild includes an updated init.d file and" - elog "conf.d file that rely on options found in the latest Snort" - elog "config file provided by the VRT." - - if use debug; then - elog "You have the 'debug' USE flag enabled. If this has been done to" - elog "troubleshoot an issue by producing a core dump or a back trace," - elog "then you need to also ensure the FEATURES variable in make.conf" - elog "contains the 'nostrip' option." - fi -} diff --git a/net-analyzer/snort/snort-2.9.8.3-r1.ebuild b/net-analyzer/snort/snort-2.9.8.3-r1.ebuild deleted file mode 100644 index af7a8f5ec0c2..000000000000 --- a/net-analyzer/snort/snort-2.9.8.3-r1.ebuild +++ /dev/null @@ -1,248 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 -inherit autotools multilib user - -DESCRIPTION="The de facto standard for intrusion detection/prevention" -HOMEPAGE="https://www.snort.org" -SRC_URI="https://www.snort.org/downloads/archive/${PN}/${P}.tar.gz" -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86" -IUSE="static +gre +ppm +perfprofiling -+non-ether-decoders control-socket file-inspect high-availability -shared-rep side-channel sourcefire linux-smp-stats inline-init-failopen -+threads debug +active-response reload-error-restart -+react +flexresp3 large-pcap-64bit selinux" - -DEPEND=">=net-libs/libpcap-1.3.0 - >=net-libs/daq-2.0.2 - >=dev-libs/libpcre-8.33 - dev-libs/libdnet - sys-libs/zlib" - -RDEPEND="${DEPEND} - selinux? ( sec-policy/selinux-snort )" - -REQUIRED_USE="!kernel_linux? ( !shared-rep )" - -PATCHES=( - "${FILESDIR}"/${P}-no-implicit.patch -) - -pkg_setup() { - - # pre_inst() is a better place to put this - # but we need it here for the 'fowners' statements in src_install() - enewgroup snort - enewuser snort -1 -1 /dev/null snort - -} - -src_prepare() { - default - - # Multilib fix for the sf_engine - ebegin "Applying multilib fix" - sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ - "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ - || die "sed for sf_engine failed" - - # Multilib fix for the curent set of dynamic-preprocessors - for i in file ftptelnet smtp ssh dns ssl dcerpc2 sdf imap pop sip reputation gtp modbus dnp3; do - sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ - "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ - || die "sed for $i failed." - done - eend - - AT_M4DIR=m4 eautoreconf -} - -src_configure() { - - econf \ - $(use_enable !static shared) \ - $(use_enable static) \ - $(use_enable static so-with-static-lib) \ - $(use_enable gre) \ - $(use_enable control-socket) \ - $(use_enable file-inspect) \ - $(use_enable high-availability ha) \ - $(use_enable non-ether-decoders) \ - $(use_enable shared-rep) \ - $(use_enable side-channel) \ - $(use_enable sourcefire) \ - $(use_enable ppm) \ - $(use_enable perfprofiling) \ - $(use_enable linux-smp-stats) \ - $(use_enable inline-init-failopen) \ - $(use_enable threads pthread) \ - $(use_enable debug) \ - $(use_enable debug debug-msgs) \ - $(use_enable debug corefiles) \ - $(use_enable !debug dlclose) \ - $(use_enable active-response) \ - $(use_enable reload-error-restart) \ - $(use_enable react) \ - $(use_enable flexresp3) \ - $(use_enable large-pcap-64bit large-pcap) \ - --enable-mpls \ - --enable-normalizer \ - --enable-reload \ - --enable-targetbased \ - --disable-build-dynamic-examples \ - --disable-profile \ - --disable-ppm-test \ - --disable-intel-soft-cpm \ - --disable-static-daq -} - -src_install() { - - emake DESTDIR="${D}" install - - dodir /var/log/snort \ - /var/run/snort \ - /etc/snort/rules \ - /etc/snort/so_rules \ - /usr/$(get_libdir)/snort_dynamicrules - - # config.log and build.log are needed by Sourcefire - # to trouble shoot build problems and bug reports so we are - # perserving them incase the user needs upstream support. - dodoc RELEASE.NOTES ChangeLog \ - doc/* \ - tools/u2boat/README.u2boat - - insinto /etc/snort - doins etc/attribute_table.dtd \ - etc/classification.config \ - etc/gen-msg.map \ - etc/reference.config \ - etc/threshold.conf \ - etc/unicode.map - - # We use snort.conf.distrib because the config file is complicated - # and the one shipped with snort can change drastically between versions. - # Users should migrate setting by hand and not with etc-update. - newins etc/snort.conf snort.conf.distrib - - # config.log and build.log are needed by Sourcefire - # to troubleshoot build problems and bug reports so we are - # preserving them incase the user needs upstream support. - if [ -f "${WORKDIR}/${PF}/config.log" ]; then - dodoc "${WORKDIR}/${PF}/config.log" - fi - if [ -f "${T}/build.log" ]; then - dodoc "${T}/build.log" - fi - - insinto /etc/snort/preproc_rules - doins preproc_rules/decoder.rules \ - preproc_rules/preprocessor.rules \ - preproc_rules/sensitive-data.rules - - fowners -R snort:snort \ - /var/log/snort \ - /var/run/snort \ - /etc/snort - - newinitd "${FILESDIR}/snort.rc12" snort - newconfd "${FILESDIR}/snort.confd.2" snort - - # Sourcefire uses Makefiles to install docs causing Bug #297190. - # This removes the unwanted doc directory and rogue Makefiles. - rm -rf "${D}"usr/share/doc/snort || die "Failed to remove SF doc directories" - rm "${D}"usr/share/doc/"${PF}"/Makefile* || die "Failed to remove doc make files" - - # Remove unneeded .la files (Bug #382863) - rm "${D}"usr/$(get_libdir)/snort_dynamicengine/libsf_engine.la || die - rm "${D}"usr/$(get_libdir)/snort_dynamicpreprocessor/libsf_*_preproc.la || die "Failed to remove libsf_?_preproc.la" - - # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection - sed -i -e 's|/usr/local/lib|/usr/'$(get_libdir)'|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct rule location in the config - sed -i -e 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct preprocessor/decoder rule location in the config - sed -i -e 's|PREPROC_RULE_PATH ../preproc_rules|PREPROC_RULE_PATH /etc/snort/preproc_rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Enable the preprocessor/decoder rules - sed -i -e 's|^# include $PREPROC_RULE_PATH|include $PREPROC_RULE_PATH|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - sed -i -e 's|^# dynamicdetection directory|dynamicdetection directory|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Just some clean up of trailing /'s in the config - sed -i -e 's|snort_dynamicpreprocessor/$|snort_dynamicpreprocessor|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Make it clear in the config where these are... - sed -i -e 's|^include classification.config|include /etc/snort/classification.config|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - sed -i -e 's|^include reference.config|include /etc/snort/reference.config|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Disable all rule files by default. - sed -i -e 's|^include $RULE_PATH|# include $RULE_PATH|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the configured DAQ to afpacket - sed -i -e 's|^# config daq: <type>|config daq: afpacket|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the location of the DAQ modules - sed -i -e 's|^# config daq_dir: <dir>|config daq_dir: /usr/'$(get_libdir)'/daq|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the DAQ mode to passive - sed -i -e 's|^# config daq_mode: <mode>|config daq_mode: passive|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set snort to run as snort:snort - sed -i -e 's|^# config set_gid:|config set_gid: snort|g' \ - "${D}etc/snort/snort.conf.distrib" || die - sed -i -e 's|^# config set_uid:|config set_uid: snort|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the default log dir - sed -i -e 's|^# config logdir:|config logdir: /var/log/snort/|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct so_rule location in the config - sed -i -e 's|SO_RULE_PATH ../so_rules|SO_RULE_PATH /etc/snort/so_rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die -} - -pkg_postinst() { - - einfo "There have been a number of improvements and new features" - einfo "added to ${P}. Please review the RELEASE.NOTES and" - einfo "ChangLog located in /usr/share/doc/${PF}." - einfo - elog "The Sourcefire Vulnerability Research Team (VRT) recommends that" - elog "users migrate their snort.conf customizations to the latest config" - elog "file released by the VRT. You can find the latest version of the" - elog "Snort config file in /etc/snort/snort.conf.distrib." - elog - elog "!! It is important that you migrate to this new snort.conf file !!" - elog - elog "This version of the ebuild includes an updated init.d file and" - elog "conf.d file that rely on options found in the latest Snort" - elog "config file provided by the VRT." - - if use debug; then - elog "You have the 'debug' USE flag enabled. If this has been done to" - elog "troubleshoot an issue by producing a core dump or a back trace," - elog "then you need to also ensure the FEATURES variable in make.conf" - elog "contains the 'nostrip' option." - fi -} diff --git a/net-analyzer/snort/snort-2.9.8.3.ebuild b/net-analyzer/snort/snort-2.9.8.3.ebuild deleted file mode 100644 index a22c0902ec33..000000000000 --- a/net-analyzer/snort/snort-2.9.8.3.ebuild +++ /dev/null @@ -1,249 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="5" -inherit autotools multilib user - -DESCRIPTION="The de facto standard for intrusion detection/prevention" -HOMEPAGE="https://www.snort.org" -SRC_URI="https://www.snort.org/downloads/archive/${PN}/${P}.tar.gz" -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~sparc ~x86" -IUSE="static +gre +mpls +targetbased +ppm +perfprofiling -+non-ether-decoders control-socket file-inspect high-availability -shared-rep side-channel sourcefire linux-smp-stats inline-init-failopen -+threads debug +active-response +normalizer reload-error-restart -+react +flexresp3 large-pcap-64bit selinux" - -DEPEND=">=net-libs/libpcap-1.3.0 - >=net-libs/daq-2.0.2 - >=dev-libs/libpcre-8.33 - dev-libs/libdnet - sys-libs/zlib" - -RDEPEND="${DEPEND} - selinux? ( sec-policy/selinux-snort )" - -REQUIRED_USE="!kernel_linux? ( !shared-rep )" - -pkg_setup() { - - # pre_inst() is a better place to put this - # but we need it here for the 'fowners' statements in src_install() - enewgroup snort - enewuser snort -1 -1 /dev/null snort - -} - -src_prepare() { - - # Multilib fix for the sf_engine - ebegin "Applying multilib fix" - sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ - "${WORKDIR}/${P}/src/dynamic-plugins/sf_engine/Makefile.am" \ - || die "sed for sf_engine failed" - - # Multilib fix for the curent set of dynamic-preprocessors - for i in file ftptelnet smtp ssh dns ssl dcerpc2 sdf imap pop sip reputation gtp modbus dnp3; do - sed -i -e 's|${exec_prefix}/lib|${exec_prefix}/'$(get_libdir)'|g' \ - "${WORKDIR}/${P}/src/dynamic-preprocessors/$i/Makefile.am" \ - || die "sed for $i failed." - done - eend - - AT_M4DIR=m4 eautoreconf -} - -src_configure() { - - econf \ - $(use_enable !static shared) \ - $(use_enable static) \ - $(use_enable static so-with-static-lib) \ - $(use_enable gre) \ - $(use_enable mpls) \ - $(use_enable targetbased) \ - $(use_enable control-socket) \ - $(use_enable file-inspect) \ - $(use_enable high-availability ha) \ - $(use_enable non-ether-decoders) \ - $(use_enable shared-rep) \ - $(use_enable side-channel) \ - $(use_enable sourcefire) \ - $(use_enable ppm) \ - $(use_enable perfprofiling) \ - $(use_enable linux-smp-stats) \ - $(use_enable inline-init-failopen) \ - $(use_enable threads pthread) \ - $(use_enable debug) \ - $(use_enable debug debug-msgs) \ - $(use_enable debug corefiles) \ - $(use_enable !debug dlclose) \ - $(use_enable active-response) \ - $(use_enable normalizer) \ - $(use_enable reload-error-restart) \ - $(use_enable react) \ - $(use_enable flexresp3) \ - $(use_enable large-pcap-64bit large-pcap) \ - --enable-reload \ - --disable-build-dynamic-examples \ - --disable-profile \ - --disable-ppm-test \ - --disable-intel-soft-cpm \ - --disable-static-daq -} - -src_install() { - - emake DESTDIR="${D}" install - - dodir /var/log/snort \ - /var/run/snort \ - /etc/snort/rules \ - /etc/snort/so_rules \ - /usr/$(get_libdir)/snort_dynamicrules - - # config.log and build.log are needed by Sourcefire - # to trouble shoot build problems and bug reports so we are - # perserving them incase the user needs upstream support. - dodoc RELEASE.NOTES ChangeLog \ - doc/* \ - tools/u2boat/README.u2boat - - insinto /etc/snort - doins etc/attribute_table.dtd \ - etc/classification.config \ - etc/gen-msg.map \ - etc/reference.config \ - etc/threshold.conf \ - etc/unicode.map - - # We use snort.conf.distrib because the config file is complicated - # and the one shipped with snort can change drastically between versions. - # Users should migrate setting by hand and not with etc-update. - newins etc/snort.conf snort.conf.distrib - - # config.log and build.log are needed by Sourcefire - # to troubleshoot build problems and bug reports so we are - # preserving them incase the user needs upstream support. - if [ -f "${WORKDIR}/${PF}/config.log" ]; then - dodoc "${WORKDIR}/${PF}/config.log" - fi - if [ -f "${T}/build.log" ]; then - dodoc "${T}/build.log" - fi - - insinto /etc/snort/preproc_rules - doins preproc_rules/decoder.rules \ - preproc_rules/preprocessor.rules \ - preproc_rules/sensitive-data.rules - - fowners -R snort:snort \ - /var/log/snort \ - /var/run/snort \ - /etc/snort - - newinitd "${FILESDIR}/snort.rc12" snort - newconfd "${FILESDIR}/snort.confd.2" snort - - # Sourcefire uses Makefiles to install docs causing Bug #297190. - # This removes the unwanted doc directory and rogue Makefiles. - rm -rf "${D}"usr/share/doc/snort || die "Failed to remove SF doc directories" - rm "${D}"usr/share/doc/"${PF}"/Makefile* || die "Failed to remove doc make files" - - # Remove unneeded .la files (Bug #382863) - rm "${D}"usr/$(get_libdir)/snort_dynamicengine/libsf_engine.la || die - rm "${D}"usr/$(get_libdir)/snort_dynamicpreprocessor/libsf_*_preproc.la || die "Failed to remove libsf_?_preproc.la" - - # Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection - sed -i -e 's|/usr/local/lib|/usr/'$(get_libdir)'|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct rule location in the config - sed -i -e 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct preprocessor/decoder rule location in the config - sed -i -e 's|PREPROC_RULE_PATH ../preproc_rules|PREPROC_RULE_PATH /etc/snort/preproc_rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Enable the preprocessor/decoder rules - sed -i -e 's|^# include $PREPROC_RULE_PATH|include $PREPROC_RULE_PATH|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - sed -i -e 's|^# dynamicdetection directory|dynamicdetection directory|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Just some clean up of trailing /'s in the config - sed -i -e 's|snort_dynamicpreprocessor/$|snort_dynamicpreprocessor|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Make it clear in the config where these are... - sed -i -e 's|^include classification.config|include /etc/snort/classification.config|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - sed -i -e 's|^include reference.config|include /etc/snort/reference.config|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Disable all rule files by default. - sed -i -e 's|^include $RULE_PATH|# include $RULE_PATH|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Disable normalizer preprocessor config if normalizer USE flag not set. - if ! use normalizer; then - sed -i -e 's|^preprocessor normalize|#preprocessor normalize|g' \ - "${D}etc/snort/snort.conf.distrib" || die - fi - - # Set the configured DAQ to afpacket - sed -i -e 's|^# config daq: <type>|config daq: afpacket|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the location of the DAQ modules - sed -i -e 's|^# config daq_dir: <dir>|config daq_dir: /usr/'$(get_libdir)'/daq|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the DAQ mode to passive - sed -i -e 's|^# config daq_mode: <mode>|config daq_mode: passive|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set snort to run as snort:snort - sed -i -e 's|^# config set_gid:|config set_gid: snort|g' \ - "${D}etc/snort/snort.conf.distrib" || die - sed -i -e 's|^# config set_uid:|config set_uid: snort|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the default log dir - sed -i -e 's|^# config logdir:|config logdir: /var/log/snort/|g' \ - "${D}etc/snort/snort.conf.distrib" || die - - # Set the correct so_rule location in the config - sed -i -e 's|SO_RULE_PATH ../so_rules|SO_RULE_PATH /etc/snort/so_rules|g' \ - "${D}etc/snort/snort.conf.distrib" || die -} - -pkg_postinst() { - - einfo "There have been a number of improvements and new features" - einfo "added to ${P}. Please review the RELEASE.NOTES and" - einfo "ChangLog located in /usr/share/doc/${PF}." - einfo - elog "The Sourcefire Vulnerability Research Team (VRT) recommends that" - elog "users migrate their snort.conf customizations to the latest config" - elog "file released by the VRT. You can find the latest version of the" - elog "Snort config file in /etc/snort/snort.conf.distrib." - elog - elog "!! It is important that you migrate to this new snort.conf file !!" - elog - elog "This version of the ebuild includes an updated init.d file and" - elog "conf.d file that rely on options found in the latest Snort" - elog "config file provided by the VRT." - - if use debug; then - elog "You have the 'debug' USE flag enabled. If this has been done to" - elog "troubleshoot an issue by producing a core dump or a back trace," - elog "then you need to also ensure the FEATURES variable in make.conf" - elog "contains the 'nostrip' option." - fi -} |