Updated to version 1.9.1.

This version fixes the buffer overflow issue noted in: http://www.kb.cert.org/vuls/id/916785 Changes: - follow PKG_SYSCONFDIR - added rc.d script - create own user and group - added MESSAGE with post-install instructions - removed DEINSTALL - minor cleanups (this package was really half-baked..) 1.9.1: ====== - src/preprocessors/spp_rpc_decode.c (PreprocRpcDecode): - alignment errors on non-x86 platforms - added new space delimited options alert_fragments no_alert_multiple_requests no_alert_large_fragments no_alert_incomplete - corrected buffer overflow in fragment normalization - src/snort.c - Win32 '-s' parameter wasn't configured to accept an optarg, but code expected one, causing null-pointer violation. - Backport of 2.0 fixes for stream4 ( off by one errors on reassembly )
author: salo <salo@pkgsrc.org> 2003-03-04 01:02:25 +0000
committer: salo <salo@pkgsrc.org> 2003-03-04 01:02:25 +0000
commit: 974cf2e15834d9cb8958675b2e665d30905412e1 (patch)
tree: 3fbe78906bafeb8a071b0d0f56df79877af3ed74 /net/snort
parent: 66f3ae7973bbb3658f2b7a10139b33eb1d97e80c (diff)
download: pkgsrc-974cf2e15834d9cb8958675b2e665d30905412e1.tar.gz
7 files changed, 108 insertions, 51 deletions
diff --git a/net/snort/DEINSTALL b/net/snort/DEINSTALL
deleted file mode 100644
index e5afeffad61..00000000000
--- a/net/snort/DEINSTALL
+++ /dev/null
@@ -1,16 +0,0 @@
-#! /bin/sh
-#
-# $NetBSD: DEINSTALL,v 1.1 2001/10/31 22:59:01 zuntum Exp $
-#
-
-case "$2" in
-	DEINSTALL) cat <<EOF
-
-========================================================
-If you don't need the logfiles created by snort anymore,
-delete the directory /var/log/snort.
-========================================================
-
-EOF
-	;;
-esac
diff --git a/net/snort/MESSAGE b/net/snort/MESSAGE
new file mode 100644
index 00000000000..3ccf77ce34b
--- /dev/null
+++ b/net/snort/MESSAGE
@@ -0,0 +1,14 @@
+===========================================================================
+$NetBSD: MESSAGE,v 1.1 2003/03/04 01:02:25 salo Exp $
+
+To use snort, you will need to perform the following steps:
+
+1. In case you don't have PKG_RCD_SCRIPTS set in your /etc/mk.conf, copy
+   ${PREFIX}/etc/rc.d/snort to /etc/rc.d/snort and add
+
+	snort=YES
+
+2. Now start snort by issuing the command
+
+	/etc/rc.d/snort start
+===========================================================================
diff --git a/net/snort/Makefile.common b/net/snort/Makefile.common
index a8b146e0ed4..697169dcfc8 100644
--- a/net/snort/Makefile.common
+++ b/net/snort/Makefile.common
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile.common,v 1.6 2002/11/09 13:44:43 wiz Exp $
+# $NetBSD: Makefile.common,v 1.7 2003/03/04 01:02:25 salo Exp $
 #
 
-DISTNAME?=	snort-1.9.0
-CATEGORIES?=	net security
-MASTER_SITES?=	http://www.snort.org/releases/				\
+DISTNAME=	snort-1.9.1
+CATEGORIES=	net security
+MASTER_SITES=	http://www.snort.org/releases/				\
 		ftp://the.wiretapped.net/pub/security/network-intrusion-detection/snort/ \
 		http://www.centus.com/snort/				\
 		http://snort.whitehats.com/				\
@@ -11,30 +11,56 @@ MASTER_SITES?=	http://www.snort.org/releases/				\
 		ftp://gd.tuwien.ac.at/infosys/security/snort/		\
 		http://snort.sourcefire.com/releases/
 
-MAINTAINER?=	packages@netbsd.org
-HOMEPAGE?=	http://www.snort.org/
+MAINTAINER=	packages@netbsd.org
+HOMEPAGE=	http://www.snort.org/
 
-GNU_CONFIGURE=	YES
-CONFIGURE_ARGS+=--with-libpcap-includes=${BUILDLINK_PREFIX.libpcap}/include
-CONFIGURE_ARGS+=--with-libpcap-libraries=${BUILDLINK_PREFIX.libpcap}/lib
+USE_PKGINSTALL=		YES
+GNU_CONFIGURE=		YES
+
+CONFIGURE_ARGS+=	--with-libpcap-includes=${BUILDLINK_PREFIX.libpcap}/include
+CONFIGURE_ARGS+=	--with-libpcap-libraries=${BUILDLINK_PREFIX.libpcap}/lib
+
+PKG_SYSCONFSUBDIR=	snort
+
+RCD_SCRIPTS=		snort
+
+SNORT_USER?=		snort
+SNORT_GROUP?=		snort
+PKG_GROUPS=		${SNORT_GROUP}
+PKG_USERS=		${SNORT_USER}:${SNORT_GROUP}::Snort\\ user
+FILES_SUBST+=		SNORT_USER="${SNORT_USER}" SNORT_GROUP="${SNORT_GROUP}"
+
+OWN_DIRS_PERMS=		/var/log/snort ${SNORT_USER} ${SNORT_GROUP} 700
+CONF_FILES=		${EGDIR}/snort.conf.default \
+			${PKG_SYSCONFDIR}/snort.conf
+CONF_FILES+=		${EGDIR}/classification.config \
+			${PKG_SYSCONFDIR}/classification.config
+CONF_FILES+=		${EGDIR}/reference.config \
+			${PKG_SYSCONFDIR}/reference.config
+
+EGDIR=			${PREFIX}/share/examples/snort
+
+post-configure:
+	@${SED} ${FILES_SUBST_SED} ${WRKSRC}/etc/snort.conf > \
+		${WRKDIR}/snort.conf.default
 
 post-install:
-	${INSTALL_DATA_DIR} -m 700 -o ${ROOT_USER} -g ${ROOT_GROUP} /var/log/snort
-	${INSTALL_DATA_DIR} ${PREFIX}/etc/snort
-	cd ${WRKSRC}/etc ; \
-	for i in `ls | grep -v Makefile` ; do \
-		${INSTALL_DATA} $$i ${PREFIX}/etc/snort ; \
-	done
-	:
+	${INSTALL_DATA_DIR} ${EGDIR}
+	${INSTALL_DATA} ${WRKSRC}/etc/classification.config \
+			${WRKSRC}/etc/reference.config \
+			${WRKDIR}/snort.conf.default ${EGDIR}/
 	${INSTALL_DATA_DIR} ${PREFIX}/share/doc/snort
 	cd ${WRKSRC}/doc ; \
-	for i in `ls | grep -v Makefile` ; do \
+	for i in `${LS} | ${GREP} -v Makefile` ; do \
 		${INSTALL_DATA} $$i ${PREFIX}/share/doc/snort ; \
 	done
-	:
 	${INSTALL_DATA_DIR} ${PREFIX}/share/snort/rules
+	cd ${WRKSRC}/etc ; \
+	for i in *.map *.txt sid ; do \
+		${INSTALL_DATA} $$i ${PREFIX}/share/snort/rules ; \
+	done
 	cd ${WRKSRC}/rules ; \
-	for i in `ls | grep -v Makefile` ; do \
+	for i in `${LS} | ${GREP} -v Makefile` ; do \
 		${INSTALL_DATA} $$i ${PREFIX}/share/snort/rules ; \
 	done
 	${INSTALL_MAN} ${WRKSRC}/snort.8 ${PREFIX}/man/man8
diff --git a/net/snort/PLIST b/net/snort/PLIST
index 61e5497d39e..c24cb079597 100644
--- a/net/snort/PLIST
+++ b/net/snort/PLIST
@@ -1,13 +1,6 @@
-@comment $NetBSD: PLIST,v 1.7 2002/12/09 16:01:36 tron Exp $
+@comment $NetBSD: PLIST,v 1.8 2003/03/04 01:02:25 salo Exp $
 bin/snort
-etc/snort/SnortCommonMIB.txt
-etc/snort/SnortIDAlertMIB.txt
-etc/snort/classification.config
-etc/snort/gen-msg.map
-etc/snort/reference.config
-etc/snort/sid
-etc/snort/sid-msg.map
-etc/snort/snort.conf
+etc/rc.d/snort
 man/man8/snort.8
 share/doc/snort/AUTHORS
 share/doc/snort/BUGS
@@ -26,6 +19,11 @@ share/doc/snort/RULES.todo
 share/doc/snort/SnortUsersManual.pdf
 share/doc/snort/TODO
 share/doc/snort/USAGE
+share/examples/snort/classification.config
+share/examples/snort/reference.config
+share/examples/snort/snort.conf.default
+share/snort/rules/SnortCommonMIB.txt
+share/snort/rules/SnortIDAlertMIB.txt
 share/snort/rules/attack-responses.rules
 share/snort/rules/backdoor.rules
 share/snort/rules/bad-traffic.rules
@@ -38,6 +36,7 @@ share/snort/rules/experimental.rules
 share/snort/rules/exploit.rules
 share/snort/rules/finger.rules
 share/snort/rules/ftp.rules
+share/snort/rules/gen-msg.map
 share/snort/rules/icmp-info.rules
 share/snort/rules/icmp.rules
 share/snort/rules/imap.rules
@@ -52,12 +51,15 @@ share/snort/rules/oracle.rules
 share/snort/rules/other-ids.rules
 share/snort/rules/p2p.rules
 share/snort/rules/policy.rules
+share/snort/rules/pop2.rules
 share/snort/rules/pop3.rules
 share/snort/rules/porn.rules
 share/snort/rules/rpc.rules
 share/snort/rules/rservices.rules
 share/snort/rules/scan.rules
 share/snort/rules/shellcode.rules
+share/snort/rules/sid
+share/snort/rules/sid-msg.map
 share/snort/rules/smtp.rules
 share/snort/rules/snmp.rules
 share/snort/rules/sql.rules
@@ -74,8 +76,6 @@ share/snort/rules/web-misc.rules
 share/snort/rules/web-php.rules
 share/snort/rules/x11.rules
 @dirrm share/snort/rules
-@dirrm share/snort
+@dirrm share/examples/snort
 @dirrm share/doc/snort
-@dirrm etc/snort
-@exec install -d -m 700 -o root -g wheel /var/log/snort
-@unexec ${RMDIR} /var/log/snort 2>/dev/null || ${TRUE}
+@dirrm share/snort
diff --git a/net/snort/distinfo b/net/snort/distinfo
index ea636638d3e..362518d1e9a 100644
--- a/net/snort/distinfo
+++ b/net/snort/distinfo
@@ -1,8 +1,9 @@
-$NetBSD: distinfo,v 1.13 2002/10/13 04:42:12 hubertf Exp $
+$NetBSD: distinfo,v 1.14 2003/03/04 01:02:25 salo Exp $
 
-SHA1 (snort-1.9.0.tar.gz) = ad376504dd866dd0bbf79d65c0b547902a3f2739
-Size (snort-1.9.0.tar.gz) = 1866556 bytes
+SHA1 (snort-1.9.1.tar.gz) = a176beab3cac249da491d81081c0ca6d82fd405a
+Size (snort-1.9.1.tar.gz) = 1466151 bytes
 SHA1 (patch-aa) = ce6d9a13823dd1ca25a0ff250a3e134f71227ca4
 SHA1 (patch-ab) = 0ea7deb91de5d3d68558a30e80dcbd8bd81f8a5e
 SHA1 (patch-ac) = 6cdf26fcaeb8dad9cd9562b77377bd56b49c9f38
 SHA1 (patch-ad) = 5472fc78db0c0668a1d8ff8f1c66eee6ba7f6a7e
+SHA1 (patch-ae) = b402289267cebc0721104c6e8c8f7ce6a6b11a59
diff --git a/net/snort/files/snort.sh b/net/snort/files/snort.sh
new file mode 100755
index 00000000000..d6a9d444a1d
--- /dev/null
+++ b/net/snort/files/snort.sh
@@ -0,0 +1,19 @@
+#!/bin/sh
+#
+# $NetBSD: snort.sh,v 1.1 2003/03/04 01:02:26 salo Exp $
+#
+
+# PROVIDE: snort
+# REQUIRE: DAEMON
+
+. /etc/rc.subr
+
+name="snort"
+rcvar=$name
+command="@PREFIX@/bin/${name}"
+confdir="@PKG_SYSCONFDIR@"
+required_files="$confdir/snort.conf $confdir/classification.config $confdir/reference.config"
+command_args="-u @SNORT_USER@ -g @SNORT_GROUP@ -o -d -D -l /var/log/snort -c $confdir/snort.conf"
+
+load_rc_config $name
+run_rc_command "$1"
diff --git a/net/snort/patches/patch-ae b/net/snort/patches/patch-ae
new file mode 100644
index 00000000000..34d7fe710f5
--- /dev/null
+++ b/net/snort/patches/patch-ae
@@ -0,0 +1,13 @@
+$NetBSD: patch-ae,v 1.1 2003/03/04 01:02:26 salo Exp $
+
+--- etc/snort.conf.orig	2003-02-23 20:29:24.000000000 +0100
++++ etc/snort.conf	2003-03-04 00:51:11.000000000 +0100
+@@ -99,7 +99,7 @@
+ var AIM_SERVERS [64.12.24.0/24,64.12.25.0/24,64.12.26.14/24,64.12.28.0/24,64.12.29.0/24,64.12.161.0/24,64.12.163.0/24,205.188.5.0/24,205.188.9.0/24]
+ 
+ # Path to your rules files (this can be a relative path)
+-var RULE_PATH ../rules
++var RULE_PATH @PREFIX@/share/snort/rules
+ 
+ ###################################################
+ # Step #2: Configure preprocessors
author	salo <salo@pkgsrc.org>	2003-03-04 01:02:25 +0000
committer	salo <salo@pkgsrc.org>	2003-03-04 01:02:25 +0000
commit	974cf2e15834d9cb8958675b2e665d30905412e1 (patch)
tree	3fbe78906bafeb8a071b0d0f56df79877af3ed74 /net/snort
parent	66f3ae7973bbb3658f2b7a10139b33eb1d97e80c (diff)
download	pkgsrc-974cf2e15834d9cb8958675b2e665d30905412e1.tar.gz