diff options
author | salo <salo@pkgsrc.org> | 2003-03-04 01:02:25 +0000 |
---|---|---|
committer | salo <salo@pkgsrc.org> | 2003-03-04 01:02:25 +0000 |
commit | 974cf2e15834d9cb8958675b2e665d30905412e1 (patch) | |
tree | 3fbe78906bafeb8a071b0d0f56df79877af3ed74 /net/snort | |
parent | 66f3ae7973bbb3658f2b7a10139b33eb1d97e80c (diff) | |
download | pkgsrc-974cf2e15834d9cb8958675b2e665d30905412e1.tar.gz |
Updated to version 1.9.1.
This version fixes the buffer overflow issue noted in:
http://www.kb.cert.org/vuls/id/916785
Changes:
- follow PKG_SYSCONFDIR
- added rc.d script
- create own user and group
- added MESSAGE with post-install instructions
- removed DEINSTALL
- minor cleanups (this package was really half-baked..)
1.9.1:
======
- src/preprocessors/spp_rpc_decode.c (PreprocRpcDecode):
- alignment errors on non-x86 platforms
- added new space delimited options
alert_fragments
no_alert_multiple_requests
no_alert_large_fragments
no_alert_incomplete
- corrected buffer overflow in fragment normalization
- src/snort.c
- Win32 '-s' parameter wasn't configured to accept an optarg,
but code expected one, causing null-pointer violation.
- Backport of 2.0 fixes for stream4 ( off by one errors on reassembly )
Diffstat (limited to 'net/snort')
-rw-r--r-- | net/snort/DEINSTALL | 16 | ||||
-rw-r--r-- | net/snort/MESSAGE | 14 | ||||
-rw-r--r-- | net/snort/Makefile.common | 64 | ||||
-rw-r--r-- | net/snort/PLIST | 26 | ||||
-rw-r--r-- | net/snort/distinfo | 7 | ||||
-rwxr-xr-x | net/snort/files/snort.sh | 19 | ||||
-rw-r--r-- | net/snort/patches/patch-ae | 13 |
7 files changed, 108 insertions, 51 deletions
diff --git a/net/snort/DEINSTALL b/net/snort/DEINSTALL deleted file mode 100644 index e5afeffad61..00000000000 --- a/net/snort/DEINSTALL +++ /dev/null @@ -1,16 +0,0 @@ -#! /bin/sh -# -# $NetBSD: DEINSTALL,v 1.1 2001/10/31 22:59:01 zuntum Exp $ -# - -case "$2" in - DEINSTALL) cat <<EOF - -======================================================== -If you don't need the logfiles created by snort anymore, -delete the directory /var/log/snort. -======================================================== - -EOF - ;; -esac diff --git a/net/snort/MESSAGE b/net/snort/MESSAGE new file mode 100644 index 00000000000..3ccf77ce34b --- /dev/null +++ b/net/snort/MESSAGE @@ -0,0 +1,14 @@ +=========================================================================== +$NetBSD: MESSAGE,v 1.1 2003/03/04 01:02:25 salo Exp $ + +To use snort, you will need to perform the following steps: + +1. In case you don't have PKG_RCD_SCRIPTS set in your /etc/mk.conf, copy + ${PREFIX}/etc/rc.d/snort to /etc/rc.d/snort and add + + snort=YES + +2. Now start snort by issuing the command + + /etc/rc.d/snort start +=========================================================================== diff --git a/net/snort/Makefile.common b/net/snort/Makefile.common index a8b146e0ed4..697169dcfc8 100644 --- a/net/snort/Makefile.common +++ b/net/snort/Makefile.common @@ -1,9 +1,9 @@ -# $NetBSD: Makefile.common,v 1.6 2002/11/09 13:44:43 wiz Exp $ +# $NetBSD: Makefile.common,v 1.7 2003/03/04 01:02:25 salo Exp $ # -DISTNAME?= snort-1.9.0 -CATEGORIES?= net security -MASTER_SITES?= http://www.snort.org/releases/ \ +DISTNAME= snort-1.9.1 +CATEGORIES= net security +MASTER_SITES= http://www.snort.org/releases/ \ ftp://the.wiretapped.net/pub/security/network-intrusion-detection/snort/ \ http://www.centus.com/snort/ \ http://snort.whitehats.com/ \ @@ -11,30 +11,56 @@ MASTER_SITES?= http://www.snort.org/releases/ \ ftp://gd.tuwien.ac.at/infosys/security/snort/ \ http://snort.sourcefire.com/releases/ -MAINTAINER?= packages@netbsd.org -HOMEPAGE?= http://www.snort.org/ +MAINTAINER= packages@netbsd.org +HOMEPAGE= http://www.snort.org/ -GNU_CONFIGURE= YES -CONFIGURE_ARGS+=--with-libpcap-includes=${BUILDLINK_PREFIX.libpcap}/include -CONFIGURE_ARGS+=--with-libpcap-libraries=${BUILDLINK_PREFIX.libpcap}/lib +USE_PKGINSTALL= YES +GNU_CONFIGURE= YES + +CONFIGURE_ARGS+= --with-libpcap-includes=${BUILDLINK_PREFIX.libpcap}/include +CONFIGURE_ARGS+= --with-libpcap-libraries=${BUILDLINK_PREFIX.libpcap}/lib + +PKG_SYSCONFSUBDIR= snort + +RCD_SCRIPTS= snort + +SNORT_USER?= snort +SNORT_GROUP?= snort +PKG_GROUPS= ${SNORT_GROUP} +PKG_USERS= ${SNORT_USER}:${SNORT_GROUP}::Snort\\ user +FILES_SUBST+= SNORT_USER="${SNORT_USER}" SNORT_GROUP="${SNORT_GROUP}" + +OWN_DIRS_PERMS= /var/log/snort ${SNORT_USER} ${SNORT_GROUP} 700 +CONF_FILES= ${EGDIR}/snort.conf.default \ + ${PKG_SYSCONFDIR}/snort.conf +CONF_FILES+= ${EGDIR}/classification.config \ + ${PKG_SYSCONFDIR}/classification.config +CONF_FILES+= ${EGDIR}/reference.config \ + ${PKG_SYSCONFDIR}/reference.config + +EGDIR= ${PREFIX}/share/examples/snort + +post-configure: + @${SED} ${FILES_SUBST_SED} ${WRKSRC}/etc/snort.conf > \ + ${WRKDIR}/snort.conf.default post-install: - ${INSTALL_DATA_DIR} -m 700 -o ${ROOT_USER} -g ${ROOT_GROUP} /var/log/snort - ${INSTALL_DATA_DIR} ${PREFIX}/etc/snort - cd ${WRKSRC}/etc ; \ - for i in `ls | grep -v Makefile` ; do \ - ${INSTALL_DATA} $$i ${PREFIX}/etc/snort ; \ - done - : + ${INSTALL_DATA_DIR} ${EGDIR} + ${INSTALL_DATA} ${WRKSRC}/etc/classification.config \ + ${WRKSRC}/etc/reference.config \ + ${WRKDIR}/snort.conf.default ${EGDIR}/ ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/snort cd ${WRKSRC}/doc ; \ - for i in `ls | grep -v Makefile` ; do \ + for i in `${LS} | ${GREP} -v Makefile` ; do \ ${INSTALL_DATA} $$i ${PREFIX}/share/doc/snort ; \ done - : ${INSTALL_DATA_DIR} ${PREFIX}/share/snort/rules + cd ${WRKSRC}/etc ; \ + for i in *.map *.txt sid ; do \ + ${INSTALL_DATA} $$i ${PREFIX}/share/snort/rules ; \ + done cd ${WRKSRC}/rules ; \ - for i in `ls | grep -v Makefile` ; do \ + for i in `${LS} | ${GREP} -v Makefile` ; do \ ${INSTALL_DATA} $$i ${PREFIX}/share/snort/rules ; \ done ${INSTALL_MAN} ${WRKSRC}/snort.8 ${PREFIX}/man/man8 diff --git a/net/snort/PLIST b/net/snort/PLIST index 61e5497d39e..c24cb079597 100644 --- a/net/snort/PLIST +++ b/net/snort/PLIST @@ -1,13 +1,6 @@ -@comment $NetBSD: PLIST,v 1.7 2002/12/09 16:01:36 tron Exp $ +@comment $NetBSD: PLIST,v 1.8 2003/03/04 01:02:25 salo Exp $ bin/snort -etc/snort/SnortCommonMIB.txt -etc/snort/SnortIDAlertMIB.txt -etc/snort/classification.config -etc/snort/gen-msg.map -etc/snort/reference.config -etc/snort/sid -etc/snort/sid-msg.map -etc/snort/snort.conf +etc/rc.d/snort man/man8/snort.8 share/doc/snort/AUTHORS share/doc/snort/BUGS @@ -26,6 +19,11 @@ share/doc/snort/RULES.todo share/doc/snort/SnortUsersManual.pdf share/doc/snort/TODO share/doc/snort/USAGE +share/examples/snort/classification.config +share/examples/snort/reference.config +share/examples/snort/snort.conf.default +share/snort/rules/SnortCommonMIB.txt +share/snort/rules/SnortIDAlertMIB.txt share/snort/rules/attack-responses.rules share/snort/rules/backdoor.rules share/snort/rules/bad-traffic.rules @@ -38,6 +36,7 @@ share/snort/rules/experimental.rules share/snort/rules/exploit.rules share/snort/rules/finger.rules share/snort/rules/ftp.rules +share/snort/rules/gen-msg.map share/snort/rules/icmp-info.rules share/snort/rules/icmp.rules share/snort/rules/imap.rules @@ -52,12 +51,15 @@ share/snort/rules/oracle.rules share/snort/rules/other-ids.rules share/snort/rules/p2p.rules share/snort/rules/policy.rules +share/snort/rules/pop2.rules share/snort/rules/pop3.rules share/snort/rules/porn.rules share/snort/rules/rpc.rules share/snort/rules/rservices.rules share/snort/rules/scan.rules share/snort/rules/shellcode.rules +share/snort/rules/sid +share/snort/rules/sid-msg.map share/snort/rules/smtp.rules share/snort/rules/snmp.rules share/snort/rules/sql.rules @@ -74,8 +76,6 @@ share/snort/rules/web-misc.rules share/snort/rules/web-php.rules share/snort/rules/x11.rules @dirrm share/snort/rules -@dirrm share/snort +@dirrm share/examples/snort @dirrm share/doc/snort -@dirrm etc/snort -@exec install -d -m 700 -o root -g wheel /var/log/snort -@unexec ${RMDIR} /var/log/snort 2>/dev/null || ${TRUE} +@dirrm share/snort diff --git a/net/snort/distinfo b/net/snort/distinfo index ea636638d3e..362518d1e9a 100644 --- a/net/snort/distinfo +++ b/net/snort/distinfo @@ -1,8 +1,9 @@ -$NetBSD: distinfo,v 1.13 2002/10/13 04:42:12 hubertf Exp $ +$NetBSD: distinfo,v 1.14 2003/03/04 01:02:25 salo Exp $ -SHA1 (snort-1.9.0.tar.gz) = ad376504dd866dd0bbf79d65c0b547902a3f2739 -Size (snort-1.9.0.tar.gz) = 1866556 bytes +SHA1 (snort-1.9.1.tar.gz) = a176beab3cac249da491d81081c0ca6d82fd405a +Size (snort-1.9.1.tar.gz) = 1466151 bytes SHA1 (patch-aa) = ce6d9a13823dd1ca25a0ff250a3e134f71227ca4 SHA1 (patch-ab) = 0ea7deb91de5d3d68558a30e80dcbd8bd81f8a5e SHA1 (patch-ac) = 6cdf26fcaeb8dad9cd9562b77377bd56b49c9f38 SHA1 (patch-ad) = 5472fc78db0c0668a1d8ff8f1c66eee6ba7f6a7e +SHA1 (patch-ae) = b402289267cebc0721104c6e8c8f7ce6a6b11a59 diff --git a/net/snort/files/snort.sh b/net/snort/files/snort.sh new file mode 100755 index 00000000000..d6a9d444a1d --- /dev/null +++ b/net/snort/files/snort.sh @@ -0,0 +1,19 @@ +#!/bin/sh +# +# $NetBSD: snort.sh,v 1.1 2003/03/04 01:02:26 salo Exp $ +# + +# PROVIDE: snort +# REQUIRE: DAEMON + +. /etc/rc.subr + +name="snort" +rcvar=$name +command="@PREFIX@/bin/${name}" +confdir="@PKG_SYSCONFDIR@" +required_files="$confdir/snort.conf $confdir/classification.config $confdir/reference.config" +command_args="-u @SNORT_USER@ -g @SNORT_GROUP@ -o -d -D -l /var/log/snort -c $confdir/snort.conf" + +load_rc_config $name +run_rc_command "$1" diff --git a/net/snort/patches/patch-ae b/net/snort/patches/patch-ae new file mode 100644 index 00000000000..34d7fe710f5 --- /dev/null +++ b/net/snort/patches/patch-ae @@ -0,0 +1,13 @@ +$NetBSD: patch-ae,v 1.1 2003/03/04 01:02:26 salo Exp $ + +--- etc/snort.conf.orig 2003-02-23 20:29:24.000000000 +0100 ++++ etc/snort.conf 2003-03-04 00:51:11.000000000 +0100 +@@ -99,7 +99,7 @@ + var AIM_SERVERS [64.12.24.0/24,64.12.25.0/24,64.12.26.14/24,64.12.28.0/24,64.12.29.0/24,64.12.161.0/24,64.12.163.0/24,205.188.5.0/24,205.188.9.0/24] + + # Path to your rules files (this can be a relative path) +-var RULE_PATH ../rules ++var RULE_PATH @PREFIX@/share/snort/rules + + ################################################### + # Step #2: Configure preprocessors |