Date: Thu, 16 Dec 2010 17:47:44 GMT From: Michael Scheidell <michael.scheidell@secnap.com> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/153224: security/snort misplaces dynamic rules is you select snortsam. Message-ID: <201012161747.oBGHliap073991@red.freebsd.org> Resent-Message-ID: <201012161750.oBGHoCZT054246@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 153224 >Category: ports >Synopsis: security/snort misplaces dynamic rules is you select snortsam. >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Dec 16 17:50:12 UTC 2010 >Closed-Date: >Last-Modified: >Originator: Michael Scheidell >Release: 7.3 amd >Organization: SECNAP Network Security >Environment: FreeBSD success-ca.hackertrap.net 7.3-RELEASE-p1 FreeBSD 7.3-RELEASE-p1 #4: Fri Jun 11 17:17:14 UTC 2010 root@ht-amd-ghost.hackertrap.net:/usr/obj/usr/src/sys/ENTHACKER amd64 >Description: building snort version 2.8.6.1 WITHOUT snortsam installs, deinstalls, runs, creates packages correctly. brand new portstree (as of 10am dec 16, est) however, building it with both dynamic rules AND snortsam, with put the dynamic rules in the wrong directory, makeing packages impossible to build, deinstall doesn't know where things are, and the sample snort.conf is wrong also. example: building WITH DYNAMIC RULES and without SNORT SAM, the dynamic pre-processor rules are installed in: /usr/local/lib/snort/ but, if you select BOTH DYNAMIC RULES and SNORTSAM, they are put here: cd /usr/local/lib ls -ltd snort* drwxr-xr-x 2 root wheel 1536 Dec 16 09:26 snort_dynamicpreprocessor drwxr-xr-x 2 root wheel 512 Dec 16 09:26 snort_dynamicengine (notice the _ maybe should be a /? ) and, since pkg_plist is looking in /usr/local/lib/snort/dynamic*, packages wont' build, and deinstall doesn't remove them. clearly in source, if you build with/without snortsam, and do a grep -R, you can see it builds the source differently. >How-To-Repeat: cd /usr/ports/security/snort select defaults (dynamic rules, flexresp, perfprofile) and add 'snortsam' make clean deinstall reinstall grep -R snort_dynamic ./ (yep, lots of links to snort_dynamic, and NOT snort/dynamic.. confusing) cd /usr/local/lib/snort (not there cd /usr/local/lib/snort_dynamicengine make package fails: tar: lib/snort/dynamicengine/libsf_engine.so: Cannot stat: No such file or directory tar: lib/snort/dynamicengine/libsf_engine.so.0: Cannot stat: No such file or directory tar: lib/snort/dynamicengine/libsf_engine.la: Cannot stat: No such file or directory tar: lib/snort/dynamicengine/libsf_engine.a: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_dcerpc_preproc.a: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_dcerpc_preproc.la: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_dcerpc_preproc.so: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_dcerpc_preproc.so.0: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_dce2_preproc.a: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_dce2_preproc.la: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_dce2_preproc.so: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_dce2_preproc.so.0: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_dns_preproc.a: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_dns_preproc.la: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_dns_preproc.so: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_dns_preproc.so.0: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_ftptelnet_preproc.a: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_ftptelnet_preproc.la: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_ftptelnet_preproc.so: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_ftptelnet_preproc.so.0: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_sdf_preproc.a: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_sdf_preproc.la: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_sdf_preproc.so: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_sdf_preproc.so.0: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_smtp_preproc.a: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_smtp_preproc.la: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_smtp_preproc.so: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_smtp_preproc.so.0: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_ssh_preproc.a: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_ssh_preproc.la: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_ssh_preproc.so: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_ssh_preproc.so.0: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_ssl_preproc.a: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_ssl_preproc.la: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_ssl_preproc.so: Cannot stat: No such file or directory tar: lib/snort/dynamicpreprocessor/libsf_ssl_preproc.so.0: Cannot stat: No such file or directory tar: libdata/pkgconfig/snort.pc: Cannot stat: No such file or directory tar: Error exit delayed from previous errors. >Fix: find the 'thing' that somehow breaks where snort dynamic rules go. workaround: cd /usr/ports/security/snort make config (select dynamic,flex,perf and snortsam) make clean make install cp -p ./work/snort-2.8.6.1/snort.pc /usr/local/libdata/pkgconfig/ /usr/local/lib ls -ltd snort* drwxr-xr-x 2 root wheel 512 Dec 16 09:38 snort_dynamicengine drwxr-xr-x 2 root wheel 1536 Dec 16 09:38 snort_dynamicpreprocessor mkdir snort mkdir snort/dynamicengine mkdir snort/dynamicpreprocessor mv snort_dynamicengine/* snort/dynamicengine/ mv snort_dynamicpreprocessor/* snort/dynamicpreprocessor/ >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201012161747.oBGHliap073991>