Date: Thu, 6 Jul 2006 17:49:45 -0700 (PDT) From: Linh Pham <question+fbsdports@closedsrc.org> To: FreeBSD-gnats-submit@FreeBSD.org Cc: sergei@FreeBSD.org Subject: ports/99862: Update port security/snort to 2.6.0 Message-ID: <20060707004945.95C4E45021@q.closedsrc.org> Resent-Message-ID: <200607070050.k670oJVA035700@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 99862 >Category: ports >Synopsis: Update port security/snort to 2.6.0 >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Fri Jul 07 00:50:18 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Linh Pham >Release: FreeBSD 6.1-RELEASE-p2 i386 >Organization: >Environment: System: FreeBSD q.internal.closedsrc.org 6.1-RELEASE-p2 FreeBSD 6.1-RELEASE-p2 #10: Mon Jun 19 16:12:03 PDT 2006 question@q.internal.closedsrc.org:/usr/obj/usr/src/sys/Q i386 >Description: Update security/snort to 2.6.0 as 2.4.5 is the end of the line for the 2.4.x branch. Snort 2.6.0 includes support for dynamic plugins and preprocessors, which I added an OPTION knob for and set to On as default. In case someone disables the OPTION, a message is displayed with a warning as the default snort.conf makes references to dynamic preprocessors and errors can be thrown if Snort is not configured with the option enabled. Since the default is On, I used WITHOUT_DYNAMIC to handle the necessary tweaks. Pre-emptively added OPTION knob for FLEXRESP2, though default is Off and if enabled, set BROKEN flag. The patch for FLEXRESP2 doesn't incorporate cleanly against Snort 2.6.0, though a newer version may become available later. Also changed the behavior of post-install to install the config files into CONFIG_DIR using the default filenames since the *-sample files are already installed in EXAMPLESDIR. Felt that it was redundant and increased the amount of steps required to get a clean install of Snort up and running. >How-To-Repeat: >Fix: --- snort-2.6.0.diff begins here --- diff -ruN /usr/ports/security/snort/Makefile ./snort/Makefile --- /usr/ports/security/snort/Makefile Sat Jun 10 13:26:30 2006 +++ ./snort/Makefile Thu Jul 6 17:34:13 2006 @@ -6,7 +6,7 @@ # PORTNAME= snort -PORTVERSION= 2.4.5 +PORTVERSION= 2.6.0 CATEGORIES= security MASTER_SITES= http://www.snort.org/dl/current/ @@ -15,7 +15,12 @@ LIB_DEPENDS= pcre.0:${PORTSDIR}/devel/pcre -OPTIONS= FLEXRESP "Flexible response to events" off \ +CONFLICTS?= snort-1.* snort-2.0.* snort-2.1.* snort-2.2.* snort-2.3.* \ + snort-2.4.* + +OPTIONS= DYNAMIC "Enable dynamic plugin support" on \ + FLEXRESP "Flexible response to events" off \ + FLEXRESP2 "Flexible response to events (version 2)" off \ MYSQL "Enable MySQL support" off \ ODBC "Enable ODBC support" off \ POSTGRESQL "Enable PostgreSQL support" off \ @@ -33,7 +38,7 @@ CONFIG_FILES= classification.config gen-msg.map generators reference.config \ sid sid-msg.map snort.conf threshold.conf unicode.map RULES_DIR= ${PREFIX}/etc/snort/rules -LOGS_DIR= /var/log/snort +LOGS_DIR= ${DESTDIR}/var/log/snort MAN8= snort.8 DOCS= RELEASE.NOTES doc/AUTHORS doc/BUGS doc/CREDITS \ @@ -41,13 +46,32 @@ .include <bsd.port.pre.mk> +.if !defined(WITHOUT_DYNAMIC) +USE_AUTOTOOLS= libtool:15 +CONFIGURE_ARGS+= --enable-dynamicplugin +.endif + .if defined(WITH_FLEXRESP) +.if defined(WITH_FLEXRESP2) +IGNORE= options FLEXRESP and FLEXRESP2 are mutually exclusive +.endif BUILD_DEPENDS+= libnet*<=1.1.0,1:${PORTSDIR}/net/libnet10 CONFIGURE_ARGS+= --enable-flexresp \ --with-libnet-includes=${LOCALBASE}/include \ --with-libnet-libraries=${LOCALBASE}/lib .endif +.if defined(WITH_FLEXRESP2) +BROKEN= FLEXRESP2 patch file does not incorporate cleanly +PATCH_SITES+= http://cerberus.sourcefire.com/~jeff/archives/snort/sp_respond2/ +PATCHFILES+= sp_respond2.diff.gz +BUILD_DEPENDS+= libnet*>=1.1.2.1,1:${PORTSDIR}/net/libnet \ + libdnet*>=1.10_1:${PORTSDIR}/net/libdnet +CONFIGURE_ARGS+= --enable-flexresp2 \ + --with-libnet-includes=${LOCALBASE}/include \ + --with-libnet-libraries=${LOCALBASE}/lib +.endif + .if defined(WITH_MYSQL) USE_MYSQL= yes CONFIGURE_ARGS+= --with-mysql=${LOCALBASE} @@ -86,13 +110,22 @@ ${REINPLACE_CMD} "s,/etc/snort.conf,${CONFIG_DIR}/snort.conf," \ ${WRKSRC}/src/snort.c ${WRKSRC}/snort.8 +pre-configure: +.if defined(WITHOUT_DYNAMIC) + @${CAT} pkg-message,dynamicplugin + @sleep 5 +.endif + post-install: +.if !defined(WITH_DYNAMIC) + @${LIBTOOL} --finish ${LOCALBASE}/snort_dynamicpreprocessor +.endif [ -d ${CONFIG_DIR} ] || ${MKDIR} ${CONFIG_DIR} [ -d ${EXAMPLESDIR} ] || ${MKDIR} ${EXAMPLESDIR} [ -d ${RULES_DIR} ] || ${MKDIR} ${RULES_DIR} [ -d ${LOGS_DIR} ] || ${MKDIR} ${LOGS_DIR} .for f in ${CONFIG_FILES} - ${INSTALL_DATA} ${WRKSRC}/etc/${f} ${CONFIG_DIR}/${f}.default + ${INSTALL_DATA} ${WRKSRC}/etc/${f} ${CONFIG_DIR} ${INSTALL_DATA} ${WRKSRC}/etc/${f} ${EXAMPLESDIR}/${f}-sample .endfor ${INSTALL_DATA} ${WRKSRC}/schemas/create* ${EXAMPLESDIR} diff -ruN /usr/ports/security/snort/distinfo ./snort/distinfo --- /usr/ports/security/snort/distinfo Sat Jun 10 13:26:30 2006 +++ ./snort/distinfo Mon Jun 12 17:03:32 2006 @@ -1,6 +1,9 @@ -MD5 (snort-2.4.5.tar.gz) = 108b3c20dcbaf3cdb17ea9203342eaaa -SHA256 (snort-2.4.5.tar.gz) = 84eb84da542d23e9f1c29b8eb319614c509fb19a745f1fa2a88d07c740645184 -SIZE (snort-2.4.5.tar.gz) = 2817837 -MD5 (snort-2.4.5.tar.gz.sig) = c2baa96bfbdfab407aa1e0dbf84414fb -SHA256 (snort-2.4.5.tar.gz.sig) = df263b8853292d2f581de044ca407a2f9e715d9c54795e6c7a00571e27f504dd -SIZE (snort-2.4.5.tar.gz.sig) = 65 +MD5 (snort-2.6.0.tar.gz) = 88bb7f628e5bf1edc6409fbb126eaed0 +SHA256 (snort-2.6.0.tar.gz) = 0acbfedf728df3d63ed075a56259b81ab5e26099051ceb5808e0c87329fe588d +SIZE (snort-2.6.0.tar.gz) = 3322826 +MD5 (snort-2.6.0.tar.gz.sig) = bc867f80d02cd31b6ffe73e74aa83e77 +SHA256 (snort-2.6.0.tar.gz.sig) = 86010b715ea3ee4a384f4e87261d9e634766306edac49a79bfcb7bbf14e55015 +SIZE (snort-2.6.0.tar.gz.sig) = 65 +MD5 (sp_respond2.diff.gz) = ebf5985b3baef3be2e99d11074f06ada +SHA256 (sp_respond2.diff.gz) = 14902da7779524801ff8130ac77bc2d95467f446e30050aba3db0ebdb17cee27 +SIZE (sp_response2.diff.gz) = 13452 diff -ruN /usr/ports/security/snort/pkg-message,dynamicplugin ./snort/pkg-message,dynamicplugin --- /usr/ports/security/snort/pkg-message,dynamicplugin Wed Dec 31 16:00:00 1969 +++ ./snort/pkg-message,dynamicplugin Thu Jul 6 17:03:54 2006 @@ -0,0 +1,12 @@ +========================================================================= +NOTE: The port has been configured without support for dynamic plugins. + It is recommended that you enable dynamic plugins by pressing + Ctrl-C now, run 'make config' and enable the DYNAMIC option. + + If you choose not to enable dynamic plugins, the default Snort + configuration file may reference some dynamic plugins and + preprocessors that may cause Snort to not work properly or throw + errors. Please read the Snort documentation for more information + regarding dynamic plugins and which configuration directives + are affected. +========================================================================= diff -ruN /usr/ports/security/snort/pkg-plist ./snort/pkg-plist --- /usr/ports/security/snort/pkg-plist Sat Jun 10 13:26:30 2006 +++ ./snort/pkg-plist Thu Jul 6 17:33:06 2006 @@ -1,14 +1,5 @@ @comment $FreeBSD: ports/security/snort/pkg-plist,v 1.23 2006/06/10 11:34:06 pav Exp $ bin/snort -etc/snort/classification.config.default -etc/snort/gen-msg.map.default -etc/snort/generators.default -etc/snort/reference.config.default -etc/snort/sid.default -etc/snort/sid-msg.map.default -etc/snort/snort.conf.default -etc/snort/threshold.conf.default -etc/snort/unicode.map.default @dirrmtry etc/snort/rules @dirrmtry etc/snort %%PORTDOCS%%%%DOCSDIR%%/AUTHORS @@ -16,8 +7,11 @@ %%PORTDOCS%%%%DOCSDIR%%/CREDITS %%PORTDOCS%%%%DOCSDIR%%/README %%PORTDOCS%%%%DOCSDIR%%/README.FLEXRESP +%%PORTDOCS%%%%DOCSDIR%%/README.FLEXRESP2 %%PORTDOCS%%%%DOCSDIR%%/README.INLINE %%PORTDOCS%%%%DOCSDIR%%/README.PLUGINS +%%PORTDOCS%%%%DOCSDIR%%/README.PerfProfiling +%%PORTDOCS%%%%DOCSDIR%%/README.SMTP %%PORTDOCS%%%%DOCSDIR%%/README.UNSOCK %%PORTDOCS%%%%DOCSDIR%%/README.WIN32 %%PORTDOCS%%%%DOCSDIR%%/README.alert_order @@ -29,6 +23,7 @@ %%PORTDOCS%%%%DOCSDIR%%/README.flowbits %%PORTDOCS%%%%DOCSDIR%%/README.flow-portscan %%PORTDOCS%%%%DOCSDIR%%/README.frag3 +%%PORTDOCS%%%%DOCSDIR%%/README.ftptelnet %%PORTDOCS%%%%DOCSDIR%%/README.http_inspect %%PORTDOCS%%%%DOCSDIR%%/README.sfportscan %%PORTDOCS%%%%DOCSDIR%%/README.thresholding --- snort-2.6.0.diff ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060707004945.95C4E45021>