diff options
| author | adrianp <adrianp@pkgsrc.org> | 2007-02-17 19:08:05 +0000 |
|---|---|---|
| committer | adrianp <adrianp@pkgsrc.org> | 2007-02-17 19:08:05 +0000 |
| commit | 85886634386c8d0c3921aab5fd289c0dcdc54d2e (patch) | |
| tree | f94b75dde6ef27dffcb06c0c9465cc7828e37c1b /net/snort | |
| parent | e88c4f1095d36b1899ffb2bcc10597b7d05f88c4 (diff) | |
| download | pkgsrc-85886634386c8d0c3921aab5fd289c0dcdc54d2e.tar.gz | |
Update to snort 2.6.1.2
2.6.1 provides new functionality including the following:
* New pattern matcher with a significantly reduced memory footprint
* Introduction of stream5 for experimental use
* Improvements to stream4, including UDP session tracking and optimizations for the reassembly buffer
* Handling for reassembly of SMB fragmented data in DCE/RPC
* An ssh preprocessor for experimental use
* Updated Snort decoder that can decode GRE encapsulated packets
* Output plugin to allow Snort to configure Aruba access control
Snort 2.6.0:
* Tcp stream properly reassembled after failed sequence check, which may lead to possible detection evasion.
* Added configurable stream flushpoints.
* Improved rpc processing.
* Improved portscan detection.
* Improved http request processing and handling of possible evasion cases.
* Improved performance monitoring.
The Snort 2.6 release also introduces the ability to use dynamic rules and dynamic preprocessors and contains further improvements to the Snort detection engine.
Remove snort-{pgsql,mysql,prelude}. The new snort package uses options.mk
to specify build options.
Diffstat (limited to 'net/snort')
| -rw-r--r-- | net/snort/Makefile | 104 | ||||
| -rw-r--r-- | net/snort/PLIST | 49 | ||||
| -rw-r--r-- | net/snort/distinfo | 9 | ||||
| -rw-r--r-- | net/snort/patches/patch-ad | 13 |
4 files changed, 157 insertions, 18 deletions
diff --git a/net/snort/Makefile b/net/snort/Makefile index 9354baef80a..fbdef3af0ec 100644 --- a/net/snort/Makefile +++ b/net/snort/Makefile @@ -1,17 +1,103 @@ -# $NetBSD: Makefile,v 1.27 2006/04/18 22:39:32 adrianp Exp $ +# $NetBSD: Makefile,v 1.28 2007/02/17 19:08:06 adrianp Exp $ # -.include "Makefile.common" +DISTNAME= snort-2.6.1.2 +CATEGORIES= net security +MASTER_SITES= http://www.snort.org/dl/current/ -COMMENT= The Open Source Network Intrusion Detection System +MAINTAINER= adrianp@NetBSD.org +HOMEPAGE= http://www.snort.org/ +COMMENT= The Open Source Network Intrusion Detection System -PKG_OPTIONS_VAR= PKG_OPTIONS.snort -PKG_SUPPORTED_OPTIONS= debug +CONFLICTS+= snort-mysql-[0-9]* +CONFLICTS+= snort-pgsql-[0-9]* +CONFLICTS+= snort-prelude-[0-9]* -.include "../../mk/bsd.options.mk" +.include "../../mk/bsd.prefs.mk" -.if !empty(PKG_OPTIONS:Mdebug) -CONFIGURE_ARGS+= --enable-debug -.endif +GNU_CONFIGURE= YES +USE_LIBTOOL= YES +PKG_SYSCONFSUBDIR= snort +RCD_SCRIPTS= snort +SNORT_USER?= snort +SNORT_GROUP?= snort +EGDIR= ${PREFIX}/share/examples/snort +PKG_GROUPS= ${SNORT_GROUP} +PKG_USERS= ${SNORT_USER}:${SNORT_GROUP} +FILES_SUBST+= SNORT_USER=${SNORT_USER:Q} SNORT_GROUP=${SNORT_GROUP:Q} +BUILD_DEFS+= VARBASE +OWN_DIRS_PERMS= ${VARBASE}/log/snort ${SNORT_USER} ${SNORT_GROUP} 700 +DOC_FILES= BUGS INSTALL NEWS PROBLEMS README TODO USAGE WISHLIST +CONF_FILES= ${EGDIR}/snort.conf.default \ + ${PKG_SYSCONFDIR}/snort.conf +CONF_FILES+= ${EGDIR}/threshold.conf \ + ${PKG_SYSCONFDIR}/threshold.conf +CONF_FILES+= ${EGDIR}/classification.config \ + ${PKG_SYSCONFDIR}/classification.config +CONF_FILES+= ${EGDIR}/reference.config \ + ${PKG_SYSCONFDIR}/reference.config +CONF_FILES+= ${EGDIR}/gen-msg.map \ + ${PKG_SYSCONFDIR}/gen-msg.map +CONF_FILES+= ${EGDIR}/generators \ + ${PKG_SYSCONFDIR}/generators +CONF_FILES+= ${EGDIR}/sid \ + ${PKG_SYSCONFDIR}/sid +CONF_FILES+= ${EGDIR}/sid-msg.map \ + ${PKG_SYSCONFDIR}/sid-msg.map +CONF_FILES+= ${EGDIR}/unicode.map \ + ${PKG_SYSCONFDIR}/unicode.map + +SUBST_CLASSES+= paths +SUBST_STAGE.paths= post-patch +SUBST_FILES.paths= etc/snort.conf src/snort.c +SUBST_SED.paths= -e "s|@PREFIX@|${PREFIX}|g" +SUBST_SED.paths+= -e "s|@PKG_SYSCONFDIR@|${PKG_SYSCONFDIR}|g" +SUBST_MESSAGE.paths= Fixing paths. + +SUBST_CLASSES+= install +SUBST_STAGE.install= post-configure +SUBST_FILES.install= src/dynamic-preprocessors/ftptelnet/Makefile +SUBST_FILES.install+= src/dynamic-preprocessors/smtp/Makefile +SUBST_FILES.install+= src/dynamic-preprocessors/ssh/Makefile +SUBST_FILES.install+= src/dynamic-preprocessors/dcerpc/Makefile +SUBST_FILES.install+= src/dynamic-preprocessors/dns/Makefile +SUBST_SED.install= -e "s|-o root -g wheel||g" +SUBST_MESSAGE.install= Fixing install scripts. + +.include "options.mk" + +CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR:Q} +CONFIGURE_ARGS+= --with-libpcap-includes=${BUILDLINK_PREFIX.libpcap}/include +CONFIGURE_ARGS+= --with-libpcap-libraries=${BUILDLINK_PREFIX.libpcap}/lib + +pre-build: + ${CP} ${WRKSRC}/etc/snort.conf ${WRKSRC}/etc/snort.conf.default + +post-install: + ${INSTALL_DATA_DIR} ${EGDIR} + ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/snort + ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/snort/schemas + + ${INSTALL_DATA} ${WRKSRC}/etc/*.config \ + ${WRKSRC}/etc/*.map \ + ${WRKSRC}/etc/generators \ + ${WRKSRC}/etc/sid \ + ${WRKSRC}/etc/threshold.conf \ + ${WRKSRC}/etc/snort.conf.default ${EGDIR}/ + +. for i in ${DOC_FILES} + ${INSTALL_DATA} ${WRKSRC}/doc/${i} ${PREFIX}/share/doc/snort/ +. endfor + + ${INSTALL_DATA} ${WRKSRC}/doc/README.* ${PREFIX}/share/doc/snort/ + ${INSTALL_DATA} ${WRKSRC}/doc/*.tex ${PREFIX}/share/doc/snort/ + ${INSTALL_DATA} ${WRKSRC}/doc/*.pdf ${PREFIX}/share/doc/snort/ + ${INSTALL_MAN} ${WRKSRC}/snort.8 ${PREFIX}/${PKGMANDIR}/man8 + + ${INSTALL_DATA} ${WRKSRC}/schemas/create_* \ + ${PREFIX}/share/doc/snort/schemas + +.include "../../net/libpcap/buildlink3.mk" +.include "../../devel/pcre/buildlink3.mk" .include "../../mk/bsd.pkg.mk" diff --git a/net/snort/PLIST b/net/snort/PLIST index 37a00c64b70..94e77fb87dc 100644 --- a/net/snort/PLIST +++ b/net/snort/PLIST @@ -1,38 +1,54 @@ -@comment $NetBSD: PLIST,v 1.23 2006/01/03 17:34:40 adrianp Exp $ +@comment $NetBSD: PLIST,v 1.24 2007/02/17 19:08:06 adrianp Exp $ bin/snort +lib/snort_dynamicengine/libsf_engine.la +lib/snort_dynamicpreprocessor/libsf_dcerpc_preproc.la +lib/snort_dynamicpreprocessor/libsf_dns_preproc.la +lib/snort_dynamicpreprocessor/libsf_ftptelnet_preproc.la +lib/snort_dynamicpreprocessor/libsf_smtp_preproc.la +lib/snort_dynamicpreprocessor/libsf_ssh_preproc.la man/man8/snort.8 -share/doc/snort/AUTHORS share/doc/snort/BUGS -share/doc/snort/CREDITS share/doc/snort/INSTALL share/doc/snort/NEWS share/doc/snort/PROBLEMS share/doc/snort/README +share/doc/snort/README.ARUBA share/doc/snort/README.FLEXRESP +share/doc/snort/README.FLEXRESP2 share/doc/snort/README.INLINE share/doc/snort/README.PLUGINS +share/doc/snort/README.PerfProfiling +share/doc/snort/README.SMTP share/doc/snort/README.UNSOCK share/doc/snort/README.WIN32 share/doc/snort/README.alert_order share/doc/snort/README.asn1 share/doc/snort/README.csv share/doc/snort/README.database +share/doc/snort/README.dcerpc +share/doc/snort/README.dns share/doc/snort/README.event_queue share/doc/snort/README.flow share/doc/snort/README.flow-portscan share/doc/snort/README.flowbits share/doc/snort/README.frag3 +share/doc/snort/README.ftptelnet share/doc/snort/README.http_inspect share/doc/snort/README.sfportscan +share/doc/snort/README.ssh +share/doc/snort/README.stream4 +share/doc/snort/README.stream5 share/doc/snort/README.thresholding share/doc/snort/README.wireless -share/doc/snort/RULES.todo share/doc/snort/TODO share/doc/snort/USAGE share/doc/snort/WISHLIST share/doc/snort/faq.pdf share/doc/snort/faq.tex +share/doc/snort/schemas/create_db2 +share/doc/snort/schemas/create_mssql share/doc/snort/schemas/create_mysql +share/doc/snort/schemas/create_oracle.sql share/doc/snort/schemas/create_postgresql share/doc/snort/snort_manual.pdf share/doc/snort/snort_manual.tex @@ -47,6 +63,29 @@ share/examples/snort/sid-msg.map share/examples/snort/snort.conf.default share/examples/snort/threshold.conf share/examples/snort/unicode.map +share/snort/src/snort_dynamicsrc/bitop.h +share/snort/src/snort_dynamicsrc/debug.h +share/snort/src/snort_dynamicsrc/preprocids.h +share/snort/src/snort_dynamicsrc/profiler.h +share/snort/src/snort_dynamicsrc/sf_dynamic_common.h +share/snort/src/snort_dynamicsrc/sf_dynamic_meta.h +share/snort/src/snort_dynamicsrc/sf_dynamic_preproc_lib.c +share/snort/src/snort_dynamicsrc/sf_dynamic_preproc_lib.h +share/snort/src/snort_dynamicsrc/sf_dynamic_preprocessor.h +share/snort/src/snort_dynamicsrc/sf_snort_packet.h +share/snort/src/snort_dynamicsrc/sf_snort_plugin_api.h +share/snort/src/snort_dynamicsrc/sfghash.h +share/snort/src/snort_dynamicsrc/sfhashfcn.h +share/snort/src/snort_dynamicsrc/sfsnort_dynamic_detection_lib.c +share/snort/src/snort_dynamicsrc/sfsnort_dynamic_detection_lib.h +share/snort/src/snort_dynamicsrc/snort_packet_header.h +share/snort/src/snort_dynamicsrc/str_search.h +share/snort/src/snort_dynamicsrc/stream_api.h +@dirrm share/snort/src/snort_dynamicsrc +@dirrm share/snort/src +@dirrm share/snort @dirrm share/examples/snort @dirrm share/doc/snort/schemas -@unexec ${RMDIR} %D/share/doc/snort 2>/dev/null || ${TRUE} +@dirrm share/doc/snort +@dirrm lib/snort_dynamicpreprocessor +@dirrm lib/snort_dynamicengine diff --git a/net/snort/distinfo b/net/snort/distinfo index f8b5c9314ee..dc5d875c189 100644 --- a/net/snort/distinfo +++ b/net/snort/distinfo @@ -1,9 +1,10 @@ -$NetBSD: distinfo,v 1.35 2006/06/06 18:51:52 adrianp Exp $ +$NetBSD: distinfo,v 1.36 2007/02/17 19:08:06 adrianp Exp $ -SHA1 (snort-2.4.5.tar.gz) = 3ba7dae8058aecf4e4eb1c7a816a7c8a4fb7c550 -RMD160 (snort-2.4.5.tar.gz) = 1b697ccd84e1c10406ac20ccc0c46f79ea661e11 -Size (snort-2.4.5.tar.gz) = 2817837 bytes +SHA1 (snort-2.6.1.2.tar.gz) = 745f56806a0bae128a5c93c93c5eda9a4b80f593 +RMD160 (snort-2.6.1.2.tar.gz) = bd0ce3a4629a6e594a5f24723254e85d36597d04 +Size (snort-2.6.1.2.tar.gz) = 3511538 bytes SHA1 (patch-aa) = 0ab8a524a1e78545cb2f6875cc1da7d0e848b3cd SHA1 (patch-ab) = 0ea7deb91de5d3d68558a30e80dcbd8bd81f8a5e SHA1 (patch-ac) = 6cdf26fcaeb8dad9cd9562b77377bd56b49c9f38 +SHA1 (patch-ad) = d4bf1dee02af1f1730263a78a868bbdae5d8846d SHA1 (patch-ae) = 4a669e664ccbce2b9e689fe3d281c46f6549b72c diff --git a/net/snort/patches/patch-ad b/net/snort/patches/patch-ad new file mode 100644 index 00000000000..e4b3c42bd2f --- /dev/null +++ b/net/snort/patches/patch-ad @@ -0,0 +1,13 @@ +$NetBSD: patch-ad,v 1.5 2007/02/17 19:08:06 adrianp Exp $ + +--- src/dynamic-preprocessors/Makefile.in.orig 2006-12-04 17:50:31.000000000 +0000 ++++ src/dynamic-preprocessors/Makefile.in +@@ -224,7 +224,7 @@ EXTRA_DIST = \ + dynamic_preprocessors.dsp \ + sf_dynamic_initialize/sf_dynamic_initialize.dsp + +-@HAVE_DYNAMIC_PLUGINS_TRUE@srcinstdir = $(exec_prefix)/src/snort_dynamicsrc ++@HAVE_DYNAMIC_PLUGINS_TRUE@srcinstdir = $(exec_prefix)/share/snort/src/snort_dynamicsrc + @HAVE_DYNAMIC_PLUGINS_TRUE@exported_files = \ + @HAVE_DYNAMIC_PLUGINS_TRUE@include/sf_dynamic_common.h \ + @HAVE_DYNAMIC_PLUGINS_TRUE@include/sf_dynamic_meta.h \ |