summaryrefslogtreecommitdiff
path: root/net/snort
diff options
context:
space:
mode:
authorsalo <salo@pkgsrc.org>2003-03-04 01:02:25 +0000
committersalo <salo@pkgsrc.org>2003-03-04 01:02:25 +0000
commit974cf2e15834d9cb8958675b2e665d30905412e1 (patch)
tree3fbe78906bafeb8a071b0d0f56df79877af3ed74 /net/snort
parent66f3ae7973bbb3658f2b7a10139b33eb1d97e80c (diff)
downloadpkgsrc-974cf2e15834d9cb8958675b2e665d30905412e1.tar.gz
Updated to version 1.9.1.
This version fixes the buffer overflow issue noted in: http://www.kb.cert.org/vuls/id/916785 Changes: - follow PKG_SYSCONFDIR - added rc.d script - create own user and group - added MESSAGE with post-install instructions - removed DEINSTALL - minor cleanups (this package was really half-baked..) 1.9.1: ====== - src/preprocessors/spp_rpc_decode.c (PreprocRpcDecode): - alignment errors on non-x86 platforms - added new space delimited options alert_fragments no_alert_multiple_requests no_alert_large_fragments no_alert_incomplete - corrected buffer overflow in fragment normalization - src/snort.c - Win32 '-s' parameter wasn't configured to accept an optarg, but code expected one, causing null-pointer violation. - Backport of 2.0 fixes for stream4 ( off by one errors on reassembly )
Diffstat (limited to 'net/snort')
-rw-r--r--net/snort/DEINSTALL16
-rw-r--r--net/snort/MESSAGE14
-rw-r--r--net/snort/Makefile.common64
-rw-r--r--net/snort/PLIST26
-rw-r--r--net/snort/distinfo7
-rwxr-xr-xnet/snort/files/snort.sh19
-rw-r--r--net/snort/patches/patch-ae13
7 files changed, 108 insertions, 51 deletions
diff --git a/net/snort/DEINSTALL b/net/snort/DEINSTALL
deleted file mode 100644
index e5afeffad61..00000000000
--- a/net/snort/DEINSTALL
+++ /dev/null
@@ -1,16 +0,0 @@
-#! /bin/sh
-#
-# $NetBSD: DEINSTALL,v 1.1 2001/10/31 22:59:01 zuntum Exp $
-#
-
-case "$2" in
- DEINSTALL) cat <<EOF
-
-========================================================
-If you don't need the logfiles created by snort anymore,
-delete the directory /var/log/snort.
-========================================================
-
-EOF
- ;;
-esac
diff --git a/net/snort/MESSAGE b/net/snort/MESSAGE
new file mode 100644
index 00000000000..3ccf77ce34b
--- /dev/null
+++ b/net/snort/MESSAGE
@@ -0,0 +1,14 @@
+===========================================================================
+$NetBSD: MESSAGE,v 1.1 2003/03/04 01:02:25 salo Exp $
+
+To use snort, you will need to perform the following steps:
+
+1. In case you don't have PKG_RCD_SCRIPTS set in your /etc/mk.conf, copy
+ ${PREFIX}/etc/rc.d/snort to /etc/rc.d/snort and add
+
+ snort=YES
+
+2. Now start snort by issuing the command
+
+ /etc/rc.d/snort start
+===========================================================================
diff --git a/net/snort/Makefile.common b/net/snort/Makefile.common
index a8b146e0ed4..697169dcfc8 100644
--- a/net/snort/Makefile.common
+++ b/net/snort/Makefile.common
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile.common,v 1.6 2002/11/09 13:44:43 wiz Exp $
+# $NetBSD: Makefile.common,v 1.7 2003/03/04 01:02:25 salo Exp $
#
-DISTNAME?= snort-1.9.0
-CATEGORIES?= net security
-MASTER_SITES?= http://www.snort.org/releases/ \
+DISTNAME= snort-1.9.1
+CATEGORIES= net security
+MASTER_SITES= http://www.snort.org/releases/ \
ftp://the.wiretapped.net/pub/security/network-intrusion-detection/snort/ \
http://www.centus.com/snort/ \
http://snort.whitehats.com/ \
@@ -11,30 +11,56 @@ MASTER_SITES?= http://www.snort.org/releases/ \
ftp://gd.tuwien.ac.at/infosys/security/snort/ \
http://snort.sourcefire.com/releases/
-MAINTAINER?= packages@netbsd.org
-HOMEPAGE?= http://www.snort.org/
+MAINTAINER= packages@netbsd.org
+HOMEPAGE= http://www.snort.org/
-GNU_CONFIGURE= YES
-CONFIGURE_ARGS+=--with-libpcap-includes=${BUILDLINK_PREFIX.libpcap}/include
-CONFIGURE_ARGS+=--with-libpcap-libraries=${BUILDLINK_PREFIX.libpcap}/lib
+USE_PKGINSTALL= YES
+GNU_CONFIGURE= YES
+
+CONFIGURE_ARGS+= --with-libpcap-includes=${BUILDLINK_PREFIX.libpcap}/include
+CONFIGURE_ARGS+= --with-libpcap-libraries=${BUILDLINK_PREFIX.libpcap}/lib
+
+PKG_SYSCONFSUBDIR= snort
+
+RCD_SCRIPTS= snort
+
+SNORT_USER?= snort
+SNORT_GROUP?= snort
+PKG_GROUPS= ${SNORT_GROUP}
+PKG_USERS= ${SNORT_USER}:${SNORT_GROUP}::Snort\\ user
+FILES_SUBST+= SNORT_USER="${SNORT_USER}" SNORT_GROUP="${SNORT_GROUP}"
+
+OWN_DIRS_PERMS= /var/log/snort ${SNORT_USER} ${SNORT_GROUP} 700
+CONF_FILES= ${EGDIR}/snort.conf.default \
+ ${PKG_SYSCONFDIR}/snort.conf
+CONF_FILES+= ${EGDIR}/classification.config \
+ ${PKG_SYSCONFDIR}/classification.config
+CONF_FILES+= ${EGDIR}/reference.config \
+ ${PKG_SYSCONFDIR}/reference.config
+
+EGDIR= ${PREFIX}/share/examples/snort
+
+post-configure:
+ @${SED} ${FILES_SUBST_SED} ${WRKSRC}/etc/snort.conf > \
+ ${WRKDIR}/snort.conf.default
post-install:
- ${INSTALL_DATA_DIR} -m 700 -o ${ROOT_USER} -g ${ROOT_GROUP} /var/log/snort
- ${INSTALL_DATA_DIR} ${PREFIX}/etc/snort
- cd ${WRKSRC}/etc ; \
- for i in `ls | grep -v Makefile` ; do \
- ${INSTALL_DATA} $$i ${PREFIX}/etc/snort ; \
- done
- :
+ ${INSTALL_DATA_DIR} ${EGDIR}
+ ${INSTALL_DATA} ${WRKSRC}/etc/classification.config \
+ ${WRKSRC}/etc/reference.config \
+ ${WRKDIR}/snort.conf.default ${EGDIR}/
${INSTALL_DATA_DIR} ${PREFIX}/share/doc/snort
cd ${WRKSRC}/doc ; \
- for i in `ls | grep -v Makefile` ; do \
+ for i in `${LS} | ${GREP} -v Makefile` ; do \
${INSTALL_DATA} $$i ${PREFIX}/share/doc/snort ; \
done
- :
${INSTALL_DATA_DIR} ${PREFIX}/share/snort/rules
+ cd ${WRKSRC}/etc ; \
+ for i in *.map *.txt sid ; do \
+ ${INSTALL_DATA} $$i ${PREFIX}/share/snort/rules ; \
+ done
cd ${WRKSRC}/rules ; \
- for i in `ls | grep -v Makefile` ; do \
+ for i in `${LS} | ${GREP} -v Makefile` ; do \
${INSTALL_DATA} $$i ${PREFIX}/share/snort/rules ; \
done
${INSTALL_MAN} ${WRKSRC}/snort.8 ${PREFIX}/man/man8
diff --git a/net/snort/PLIST b/net/snort/PLIST
index 61e5497d39e..c24cb079597 100644
--- a/net/snort/PLIST
+++ b/net/snort/PLIST
@@ -1,13 +1,6 @@
-@comment $NetBSD: PLIST,v 1.7 2002/12/09 16:01:36 tron Exp $
+@comment $NetBSD: PLIST,v 1.8 2003/03/04 01:02:25 salo Exp $
bin/snort
-etc/snort/SnortCommonMIB.txt
-etc/snort/SnortIDAlertMIB.txt
-etc/snort/classification.config
-etc/snort/gen-msg.map
-etc/snort/reference.config
-etc/snort/sid
-etc/snort/sid-msg.map
-etc/snort/snort.conf
+etc/rc.d/snort
man/man8/snort.8
share/doc/snort/AUTHORS
share/doc/snort/BUGS
@@ -26,6 +19,11 @@ share/doc/snort/RULES.todo
share/doc/snort/SnortUsersManual.pdf
share/doc/snort/TODO
share/doc/snort/USAGE
+share/examples/snort/classification.config
+share/examples/snort/reference.config
+share/examples/snort/snort.conf.default
+share/snort/rules/SnortCommonMIB.txt
+share/snort/rules/SnortIDAlertMIB.txt
share/snort/rules/attack-responses.rules
share/snort/rules/backdoor.rules
share/snort/rules/bad-traffic.rules
@@ -38,6 +36,7 @@ share/snort/rules/experimental.rules
share/snort/rules/exploit.rules
share/snort/rules/finger.rules
share/snort/rules/ftp.rules
+share/snort/rules/gen-msg.map
share/snort/rules/icmp-info.rules
share/snort/rules/icmp.rules
share/snort/rules/imap.rules
@@ -52,12 +51,15 @@ share/snort/rules/oracle.rules
share/snort/rules/other-ids.rules
share/snort/rules/p2p.rules
share/snort/rules/policy.rules
+share/snort/rules/pop2.rules
share/snort/rules/pop3.rules
share/snort/rules/porn.rules
share/snort/rules/rpc.rules
share/snort/rules/rservices.rules
share/snort/rules/scan.rules
share/snort/rules/shellcode.rules
+share/snort/rules/sid
+share/snort/rules/sid-msg.map
share/snort/rules/smtp.rules
share/snort/rules/snmp.rules
share/snort/rules/sql.rules
@@ -74,8 +76,6 @@ share/snort/rules/web-misc.rules
share/snort/rules/web-php.rules
share/snort/rules/x11.rules
@dirrm share/snort/rules
-@dirrm share/snort
+@dirrm share/examples/snort
@dirrm share/doc/snort
-@dirrm etc/snort
-@exec install -d -m 700 -o root -g wheel /var/log/snort
-@unexec ${RMDIR} /var/log/snort 2>/dev/null || ${TRUE}
+@dirrm share/snort
diff --git a/net/snort/distinfo b/net/snort/distinfo
index ea636638d3e..362518d1e9a 100644
--- a/net/snort/distinfo
+++ b/net/snort/distinfo
@@ -1,8 +1,9 @@
-$NetBSD: distinfo,v 1.13 2002/10/13 04:42:12 hubertf Exp $
+$NetBSD: distinfo,v 1.14 2003/03/04 01:02:25 salo Exp $
-SHA1 (snort-1.9.0.tar.gz) = ad376504dd866dd0bbf79d65c0b547902a3f2739
-Size (snort-1.9.0.tar.gz) = 1866556 bytes
+SHA1 (snort-1.9.1.tar.gz) = a176beab3cac249da491d81081c0ca6d82fd405a
+Size (snort-1.9.1.tar.gz) = 1466151 bytes
SHA1 (patch-aa) = ce6d9a13823dd1ca25a0ff250a3e134f71227ca4
SHA1 (patch-ab) = 0ea7deb91de5d3d68558a30e80dcbd8bd81f8a5e
SHA1 (patch-ac) = 6cdf26fcaeb8dad9cd9562b77377bd56b49c9f38
SHA1 (patch-ad) = 5472fc78db0c0668a1d8ff8f1c66eee6ba7f6a7e
+SHA1 (patch-ae) = b402289267cebc0721104c6e8c8f7ce6a6b11a59
diff --git a/net/snort/files/snort.sh b/net/snort/files/snort.sh
new file mode 100755
index 00000000000..d6a9d444a1d
--- /dev/null
+++ b/net/snort/files/snort.sh
@@ -0,0 +1,19 @@
+#!/bin/sh
+#
+# $NetBSD: snort.sh,v 1.1 2003/03/04 01:02:26 salo Exp $
+#
+
+# PROVIDE: snort
+# REQUIRE: DAEMON
+
+. /etc/rc.subr
+
+name="snort"
+rcvar=$name
+command="@PREFIX@/bin/${name}"
+confdir="@PKG_SYSCONFDIR@"
+required_files="$confdir/snort.conf $confdir/classification.config $confdir/reference.config"
+command_args="-u @SNORT_USER@ -g @SNORT_GROUP@ -o -d -D -l /var/log/snort -c $confdir/snort.conf"
+
+load_rc_config $name
+run_rc_command "$1"
diff --git a/net/snort/patches/patch-ae b/net/snort/patches/patch-ae
new file mode 100644
index 00000000000..34d7fe710f5
--- /dev/null
+++ b/net/snort/patches/patch-ae
@@ -0,0 +1,13 @@
+$NetBSD: patch-ae,v 1.1 2003/03/04 01:02:26 salo Exp $
+
+--- etc/snort.conf.orig 2003-02-23 20:29:24.000000000 +0100
++++ etc/snort.conf 2003-03-04 00:51:11.000000000 +0100
+@@ -99,7 +99,7 @@
+ var AIM_SERVERS [64.12.24.0/24,64.12.25.0/24,64.12.26.14/24,64.12.28.0/24,64.12.29.0/24,64.12.161.0/24,64.12.163.0/24,205.188.5.0/24,205.188.9.0/24]
+
+ # Path to your rules files (this can be a relative path)
+-var RULE_PATH ../rules
++var RULE_PATH @PREFIX@/share/snort/rules
+
+ ###################################################
+ # Step #2: Configure preprocessors