Date: Thu, 28 Jul 2005 12:02:13 -0700 (PDT) From: Linh Pham <question+fbsdports@closedsrc.org> To: FreeBSD-gnats-submit@FreeBSD.org Cc: sergei@FreeBSD.org Subject: ports/84249: Update Port: security/snort to 2.4.0 Message-ID: <20050728190213.0DBE745042@q.closedsrc.org> Resent-Message-ID: <200507281910.j6SJACnT058056@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 84249 >Category: ports >Synopsis: Update Port: security/snort to 2.4.0 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Thu Jul 28 19:10:11 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Linh Pham >Release: FreeBSD 5.4-RELEASE-p4 i386 >Organization: >Environment: System: FreeBSD q.internal.closedsrc.org 5.4-RELEASE-p4 FreeBSD 5.4-RELEASE-p4 #15: Thu Jul 7 01:32:43 PDT 2005 root@q.internal.closedsrc.org:/usr/obj/usr/src/sys/Q i386 >Description: Update security/snort to 2.4.0, which has some significant changes: * Rules are no longer included in the distribution tarball * Includes Frag3 pre-processor * Libprelude support added (per CHANGELOG) At the time of submitting this PR, the PGP .asc signature file for the 2.4.0 distribution tarball is not available, so I commented it out in the Makefile. I uncommented out and updated the BROKEN line under the prelude section, since the section is no longer valid for 2.4.0 and I don't have the expertice in setting it up to use the new configure switch (--enable-prelude). Since rules are no longer included in the tarball, I removed the entries from pkg-plist. There is a quirk with the deinstall portion with it not removing the classification.config file under %%DATADIR%%. >How-To-Repeat: >Fix: --- snort-2.4.0.diff begins here --- diff -ruN /usr/ports/security/snort/Makefile ./snort/Makefile --- /usr/ports/security/snort/Makefile Wed Apr 27 13:54:55 2005 +++ ./snort/Makefile Thu Jul 28 11:32:27 2005 @@ -6,7 +6,7 @@ # PORTNAME= snort -PORTVERSION= 2.3.3 +PORTVERSION= 2.4.0 CATEGORIES= security MASTER_SITES= http://www.snort.org/dl/current/ DISTFILES= ${DISTNAME}${EXTRACT_SUFX} @@ -22,8 +22,8 @@ POSTGRESQL "Enable PostgreSQL support" off \ PRELUDE "Enable patch for Prelude integration" off -USE_GPG= yes -SIG_SUFFIX= .asc +#USE_GPG= yes +#SIG_SUFFIX= .asc USE_REINPLACE= yes USE_RC_SUBR= yes RC_SCRIPTS_SUB= PREFIX=${PREFIX} RC_SUBR=${RC_SUBR} @@ -70,7 +70,7 @@ .endif .if defined(WITH_PRELUDE) -#BROKEN= Prelude reporting patch have not been updated for Snort 2.2.0 +BROKEN= Prelude reporting patch have not been updated for Snort 2.4.0 PRELUDE_PATCH= 0.3.6 MASTER_SITES+= http://prelude-ids.org/download/releases/old/:prelude SIGNED_FILES= ${DISTNAME}${EXTRACT_SUFX} @@ -98,12 +98,6 @@ post-install: ${INSTALL_SCRIPT} -m 751 ${WRKDIR}/snort.sh ${PREFIX}/etc/rc.d/snort.sh @${MKDIR} ${DATADIR} - ${INSTALL_DATA} ${WRKSRC}/rules/[^l]*.rules ${DATADIR} -.for f in local.rules - ${INSTALL_DATA} ${WRKSRC}/rules/${f} ${DATADIR}/${f}-sample - [ -f ${DATADIR}/${f} ] || \ - ${INSTALL_DATA} ${WRKSRC}/rules/${f} ${DATADIR}/${f} -.endfor .for f in classification.config reference.config ${INSTALL_DATA} ${WRKSRC}/etc/${f} ${DATADIR}/${f}-sample [ -f ${DATADIR}/${f} ] || \ diff -ruN /usr/ports/security/snort/distinfo ./snort/distinfo --- /usr/ports/security/snort/distinfo Wed Apr 27 13:54:55 2005 +++ ./snort/distinfo Thu Jul 28 11:22:41 2005 @@ -1,6 +1,4 @@ -MD5 (snort-2.3.3.tar.gz) = 06bf140893e7cb120aaa9372d10a0100 -SIZE (snort-2.3.3.tar.gz) = 2631270 +MD5 (snort-2.4.0.tar.gz) = 033e21190c5308fe69857908285feed1 +SIZE (snort-2.4.0.tar.gz) = 2126176 MD5 (snort-prelude-reporting-patch-0.3.6.tar.gz) = 323ab2956a59de113aa13099917f0d3a SIZE (snort-prelude-reporting-patch-0.3.6.tar.gz) = 21964 -MD5 (snort-2.3.3.tar.gz.asc) = 545d371c8e4a1c9aa06478460768f9d3 -SIZE (snort-2.3.3.tar.gz.asc) = 189 diff -ruN /usr/ports/security/snort/pkg-plist ./snort/pkg-plist --- /usr/ports/security/snort/pkg-plist Mon Feb 7 16:38:49 2005 +++ ./snort/pkg-plist Thu Jul 28 11:39:29 2005 @@ -33,6 +33,7 @@ %%PORTDOCS%%%%DOCSDIR%%/README.flow %%PORTDOCS%%%%DOCSDIR%%/README.flowbits %%PORTDOCS%%%%DOCSDIR%%/README.flow-portscan +%%PORTDOCS%%%%DOCSDIR%%/README.frag3 %%PORTDOCS%%%%DOCSDIR%%/README.http_inspect %%PORTDOCS%%%%DOCSDIR%%/README.sfportscan %%PORTDOCS%%%%DOCSDIR%%/README.thresholding @@ -43,60 +44,12 @@ %%PORTDOCS%%%%DOCSDIR%%/snort_manual.pdf %%PORTDOCS%%%%DOCSDIR%%/snort_schema_v106.pdf %%PORTDOCS%%@dirrm %%DOCSDIR%% -%%DATADIR%%/attack-responses.rules -%%DATADIR%%/backdoor.rules -%%DATADIR%%/bad-traffic.rules -%%DATADIR%%/chat.rules @unexec if [ -f %B/classification.config ] && cmp -s %B/classification.config %B/classification.config-sample; then rm -f %B/classification.config; fi %%DATADIR%%/classification.config-sample @exec [ -f %B/classification.config ] || cp %B/%f %B/classification.config -%%DATADIR%%/ddos.rules -%%DATADIR%%/deleted.rules -%%DATADIR%%/dns.rules -%%DATADIR%%/dos.rules -%%DATADIR%%/experimental.rules -%%DATADIR%%/exploit.rules -%%DATADIR%%/finger.rules -%%DATADIR%%/ftp.rules -%%DATADIR%%/icmp-info.rules -%%DATADIR%%/icmp.rules -%%DATADIR%%/imap.rules -%%DATADIR%%/info.rules @unexec if [ -f %B/local.rules ] && cmp -s %B/local.rules %B/local.rules-sample; then rm -f %B/local.rules; fi -%%DATADIR%%/local.rules-sample @exec [ -f %B/local.rules ] || cp %B/%f %B/local.rules -%%DATADIR%%/misc.rules -%%DATADIR%%/multimedia.rules -%%DATADIR%%/mysql.rules -%%DATADIR%%/netbios.rules -%%DATADIR%%/nntp.rules -%%DATADIR%%/oracle.rules -%%DATADIR%%/other-ids.rules -%%DATADIR%%/p2p.rules -%%DATADIR%%/policy.rules -%%DATADIR%%/pop2.rules -%%DATADIR%%/pop3.rules -%%DATADIR%%/porn.rules @unexec if [ -f %B/reference.config ] && cmp -s %B/reference.config %B/reference.config-sample; then rm -f %B/reference.config; fi %%DATADIR%%/reference.config-sample @exec [ -f %B/reference.config ] || cp %B/%f %B/reference.config -%%DATADIR%%/rpc.rules -%%DATADIR%%/rservices.rules -%%DATADIR%%/scan.rules -%%DATADIR%%/shellcode.rules -%%DATADIR%%/smtp.rules -%%DATADIR%%/snmp.rules -%%DATADIR%%/sql.rules -%%DATADIR%%/telnet.rules -%%DATADIR%%/tftp.rules -%%DATADIR%%/virus.rules -%%DATADIR%%/web-attacks.rules -%%DATADIR%%/web-cgi.rules -%%DATADIR%%/web-client.rules -%%DATADIR%%/web-coldfusion.rules -%%DATADIR%%/web-frontpage.rules -%%DATADIR%%/web-iis.rules -%%DATADIR%%/web-misc.rules -%%DATADIR%%/web-php.rules -%%DATADIR%%/x11.rules @dirrm %%DATADIR%% --- snort-2.4.0.diff ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050728190213.0DBE745042>