Bug 121710 - [PATCH] Add flexible response support to security/snort_inline
Summary: [PATCH] Add flexible response support to security/snort_inline
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Beech Rintoul
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2008-03-14 19:10 UTC by Yousif Hassan
Modified: 2008-04-24 02:40 UTC (History)
0 users

See Also:

Attachments
file.diff (1.92 KB, patch)
2008-03-14 19:10 UTC, Yousif Hassan 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Yousif Hassan 2008-03-14 19:10:01 UTC 
The attached patch adds flexible response (v1) support to snort_inline.  It borrows heavily from the snort port, which also has this feature.

I have fully tested the flexible response capability of libnet10 after integrating it with snort_inline... and works very well in my environment.  TCP resets or UDP ICMP unreachable messages work perfectly.

This patch adds libnet10 as a dependency if this is chosen.

Also, I have reworked the Makefile to take advantage of "OPTIONS" configs, which presents a nice menu.  This makes it easier to add ODBC, POSTGRESQL, and MySQL support (plus flexible responses)

Choosing flexible responses from the menu pulls in libnet10, otherwise it is not needed.

Note that flexible response v2 (needing libnet11) is unsupported due to libnet11 patches not applying cleanly.  When this is cleared up for snort, it can be ported to snort_inline.

I would be grateful if the maintainer (or other relevant person(s)) would review this patch for submission.

Thanks!

Fix: Attached.

Patch attached with submission follows:
How-To-Repeat: N/A - just apply patch to /usr/ports/security/snort_inline/Makefile and go!
Comment 1 Edwin Groothuis freebsd_committer freebsd_triage 2008-03-14 21:14:13 UTC 
State Changed
From-To: open->feedback

Awaiting maintainers feedback (via the GNATS Auto Assign Tool)
Comment 2 Felippe de Meirelles Motta freebsd_committer freebsd_triage 2008-03-18 05:05:34 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->lippe

I'll take it.
Comment 3 Beech Rintoul freebsd_committer freebsd_triage 2008-04-23 23:16:33 UTC 
Responsible Changed
From-To: lippe->beech

lippe unavailable
Comment 4 Beech Rintoul freebsd_committer freebsd_triage 2008-04-23 23:18:09 UTC 
State Changed
From-To: feedback->open

Past timeout
Comment 5 dfilter service freebsd_committer freebsd_triage 2008-04-24 02:38:24 UTC 
beech       2008-04-24 01:38:20 UTC

  FreeBSD ports repository

  Modified files:
    security/snort_inline Makefile 
  Log:
  - Add flexible response (v1) support to snort_inline. It borrows heavily from
    the snort port, which also has this feature. Adds libnet10 as a dependency if
    this is chosen.
  - Add options, ODBC, POSTGRESQL, and MySQL support (plus flexible responses).
  - Add dependency on libnet10 if flexible responses is defined.
  - Bump portrevision
  
  - Note that flexible response v2 (needing libnet11) is unsupported due to libnet11
    patches not applying cleanly. When this is cleared up for snort, it can be
    ported to snort_inline.
  
  PR:             ports/121710
  Submitted by:   Yousif Hassan <yousif@alumni.jmu.edu>
  Approved by:    maintainer timeout (1+ months)
  
  Revision  Changes    Path
  1.7       +28 -7     ports/security/snort_inline/Makefile
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 6 Beech Rintoul freebsd_committer freebsd_triage 2008-04-24 02:38:38 UTC 
State Changed
From-To: open->closed

Committed (maintainer timeout), Thanks!