Date: 14 Jun 2004 08:55:21 -0300 From: Renato Botelho <renato@galle.com.br> To: FreeBSD-gnats-submit@FreeBSD.org Cc: sergei@FreeBSD.org Subject: ports/67935: [PATCH] security/snort: Use rcNG startup script Message-ID: <20040614115521.99860.qmail@srv1.galle.com.br> Resent-Message-ID: <200406141200.i5EC0bv7081564@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 67935
>Category: ports
>Synopsis: [PATCH] security/snort: Use rcNG startup script
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Mon Jun 14 12:00:36 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: Renato Botelho
>Release: FreeBSD 5.2.1-RELEASE-p8 i386
>Organization:
Galle Folheados
>Environment:
System: FreeBSD srv1.galle.com.br 5.2.1-RELEASE-p8 FreeBSD 5.2.1-RELEASE-p8 #27: Wed May 26 10:21:14 BRT 2004
>Description:
Use rcNG startup script
Port maintainer (sergei@FreeBSD.org) is cc'd.
Generated with FreeBSD Port Tools 0.50
>How-To-Repeat:
>Fix:
--- snort-2.1.2.patch begins here ---
diff -ruN --exclude=CVS /usr/ports/security/snort.bak/Makefile /usr/ports/security/snort/Makefile
--- /usr/ports/security/snort.bak/Makefile Wed Apr 21 02:06:14 2004
+++ /usr/ports/security/snort/Makefile Mon Jun 14 08:46:31 2004
@@ -64,8 +64,13 @@
DOCS= ChangeLog doc/AUTHORS doc/BUGS doc/CREDITS doc/FAQ doc/NEWS \
doc/README* doc/TODO doc/USAGE doc/snort_manual.pdf
+USE_RC_SUBR= yes
+RC_SCRIPTS_SUB= PREFIX=${PREFIX} RC_SUBR=${RC_SUBR}
+
post-patch:
${REINPLACE_CMD} "s,%%PREFIX%%,${PREFIX}," ${WRKSRC}/src/snort.c
+ @${SED} ${RC_SCRIPTS_SUB:S/$/!g/:S/^/ -e s!%%/:S/=/%%!/} \
+ ${FILESDIR}/snort.sh > ${WRKDIR}/snort.sh
pre-configure:
@${ECHO} ""
@@ -85,7 +90,7 @@
${DATADIR}/reference.config-sample
[ -f ${DATADIR}/reference.config ] || \
${CP} ${DATADIR}/reference.config-sample ${DATADIR}/reference.config
- ${INSTALL_DATA} ${FILESDIR}/snort.sh.sample ${PREFIX}/etc/rc.d
+ ${INSTALL_SCRIPT} -m 751 ${WRKDIR}/snort.sh ${PREFIX}/etc/rc.d/snort.sh
.for f in snort.conf unicode.map threshold.conf
${INSTALL_DATA} ${WRKSRC}/etc/${f} ${PREFIX}/etc/${f}-sample
[ -f ${PREFIX}/etc/${f} ] || \
@@ -95,5 +100,6 @@
@${MKDIR} ${DOCSDIR}
cd ${WRKSRC} && ${INSTALL_DATA} ${DOCS} ${DOCSDIR}
.endif
+ @${CAT} ${PKGMESSAGE}
.include <bsd.port.mk>
diff -ruN --exclude=CVS /usr/ports/security/snort.bak/files/snort.sh /usr/ports/security/snort/files/snort.sh
--- /usr/ports/security/snort.bak/files/snort.sh Wed Dec 31 21:00:00 1969
+++ /usr/ports/security/snort/files/snort.sh Mon Jun 14 08:34:57 2004
@@ -0,0 +1,35 @@
+#!/bin/sh
+
+# PROVIDE: snort
+# REQUIRE: DAEMON
+# BEFORE: LOGIN
+# KEYWORD: FreeBSD shutdown
+
+#
+# Add the following lines to /etc/rc.conf to enable snort:
+# snort_enable (bool): Set to "NO" by default.
+# Set it to "YES" to enable snort
+# snort_flags (str): Set to "-Dq" by default.
+# Extra flags passed to start command
+# snort_interface (str): Set to "" by default.
+# Network interface to sniff
+# snort_conf_file (str): Set to "%%PREFIX%%/etc/snort.conf" by default.
+# Config file
+#
+. %%RC_SUBR%%
+
+name="snort"
+rcvar=`set_rcvar`
+
+command="%%PREFIX%%/bin/snort"
+
+load_rc_config $name
+
+[ -z "$snort_enable" ] && snort_enable="NO"
+[ -z "$snort_conf_file" ] && snort_conf_file="%%PREFIX%%/etc/snort.conf"
+[ -z "$snort_flags" ] && snort_flags="-Dq"
+
+[ -n "$snort_interface" ] && snort_flags="$snort_flags -i $snort_interface"
+[ -n "$snort_conf_file" ] && snort_flags="$snort_flags -c $snort_conf_file"
+
+run_rc_command "$1"
diff -ruN --exclude=CVS /usr/ports/security/snort.bak/files/snort.sh.sample /usr/ports/security/snort/files/snort.sh.sample
--- /usr/ports/security/snort.bak/files/snort.sh.sample Thu Sep 4 10:48:27 2003
+++ /usr/ports/security/snort/files/snort.sh.sample Wed Dec 31 21:00:00 1969
@@ -1,21 +0,0 @@
-#!/bin/sh
-
-if ! PREFIX=$(expr $0 : "\(/.*\)/etc/rc\.d/$(basename $0)\$"); then
- echo "$0: Cannot determine the PREFIX" >&2
- exit 1
-fi
-
-case "$1" in
-start)
- ${PREFIX}/bin/snort -Dqc ${PREFIX}/etc/snort.conf > /dev/null && echo -n " snort"
- ;;
-stop)
- kill `cat /var/run/snort_*.pid`
- ;;
-restart)
- killall -1 `cat /var/run/snort_*.pid`
- ;;
-*)
- echo "Usage: snort.sh [start|stop|restart]"
- ;;
-esac
diff -ruN --exclude=CVS /usr/ports/security/snort.bak/pkg-message /usr/ports/security/snort/pkg-message
--- /usr/ports/security/snort.bak/pkg-message Wed Dec 31 21:00:00 1969
+++ /usr/ports/security/snort/pkg-message Mon Jun 14 08:47:19 2004
@@ -0,0 +1,17 @@
+ ***********************************
+ * !!!!!!!!!!! WARNING !!!!!!!!!!! *
+ ***********************************
+
+snort now uses rcNg startup scripts and must be enabled via rc.conf
+
+Available variables:
+#
+# snort_enable (bool): Set to "NO" by default.
+# Set it to "YES" to enable snort
+# snort_flags (str): Set to "-Dq" by default.
+# Extra flags passed to start command
+# snort_interface (str): Set to "" by default.
+# Network interface to sniff
+# snort_conf_file (str): Set to "${PREFIX}/etc/snort.conf" by default.
+# Config file
+#
diff -ruN --exclude=CVS /usr/ports/security/snort.bak/pkg-plist /usr/ports/security/snort/pkg-plist
--- /usr/ports/security/snort.bak/pkg-plist Fri Feb 27 07:16:56 2004
+++ /usr/ports/security/snort/pkg-plist Mon Jun 14 08:33:19 2004
@@ -9,7 +9,7 @@
@unexec if [ -f %D/etc/threshold.conf ] && cmp -s %D/etc/threshold.conf %D/etc/threshold.conf-sample; then rm -f %D/etc/threshold.conf; fi
etc/threshold.conf-sample
@exec [ -f %B/threshold.conf ] || cp %B/%f %B/threshold.conf
-etc/rc.d/snort.sh.sample
+etc/rc.d/snort.sh
%%PORTDOCS%%%%DOCSDIR%%/AUTHORS
%%PORTDOCS%%%%DOCSDIR%%/BUGS
%%PORTDOCS%%%%DOCSDIR%%/CREDITS
--- snort-2.1.2.patch ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040614115521.99860.qmail>