Bug 146239 - [NEW PORT] security/pulledpork: Script to update snort-2.8+ rules
Summary: [NEW PORT] security/pulledpork: Script to update snort-2.8+ rules
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-ports-bugs (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-05-02 16:30 UTC by Olli Hauer
Modified: 2010-05-10 07:09 UTC (History)
1 user (show)

See Also:

Attachments
pulledpork.shar (6.11 KB, text/plain)
2010-05-02 16:30 UTC, Olli Hauer 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Olli Hauer 2010-05-02 16:30:11 UTC 
pulledpork is a Perl script which helps to update your Snort 2.8+ rules.

The sample config file comes predefined with the new settings for
snort.org downloads, which will change in June 2010.

BE SURE to read through the master pulledpork.conf file thoroughly,
as there are many changes as of snort 2.8.6.0 that WILL affect you,
even if you are NOT yet running 2.8.6.0!

Features:
    * Flowbit tracking!
    * capability to specify base ruleset (see README.RULESETS) in master
      pulledpork.conf file.
    * Handle preprocessor and sensitive-information rulesets
    * Ability to define sid ranges in any of the sid modification .conf files
    * Ability to specify references in any of the sid modification .conf files
    * Ability to ignore entire rule categories (i.e. not include them)
    * Specify locally stored rules files that need their meta data included
      in sid-msg.map
    * Ability to specify your arch for so_rules
    * Rules are written to only two distinct files
    * Support metadata based VRT recommended rulesets
    * Maintain an optional rule changelog
    * Support for setting rules to Drop
    * Support for multi-line rules
    * Rule modification, i.e. disabling of specific rules within rule sets
    * Outputs changes in rules files if any rules have been added / modified
    * Compares new rules files with current rule sets
    * Automated retrieval of certain variables (Distro, Snort Version.. etc)
    * Downloads latest rules file
    * Verifies MD5 of local rules file
    * If MD5 has not changed from snort.org.. doesn't fetch files again
    * handle both rules and so_rules
    * Capability to generate stub files


WWW: http://code.google.com/p/pulledpork/
Comment 1 dfilter service freebsd_committer freebsd_triage 2010-05-10 03:53:44 UTC 
miwi        2010-05-10 02:53:35 UTC

  FreeBSD ports repository

  Modified files:
    security             Makefile 
  Added files:
    security/pulledpork  Makefile distinfo pkg-descr 
    security/pulledpork/files pkg-message.in 
  Log:
  pulledpork is a Perl script which helps to update your Snort 2.8+ rules.
  
  The sample config file comes predefined with the new settings for
  snort.org downloads, which will change in June 2010.
  
  BE SURE to read through the master pulledpork.conf file thoroughly,
  as there are many changes as of snort 2.8.6.0 that WILL affect you,
  even if you are NOT yet running 2.8.6.0!
  
  Features:
      * Flowbit tracking!
      * capability to specify base ruleset (see README.RULESETS) in master
        pulledpork.conf file.
      * Handle preprocessor and sensitive-information rulesets
      * Ability to define sid ranges in any of the sid modification .conf files
      * Ability to specify references in any of the sid modification .conf files
      * Ability to ignore entire rule categories (i.e. not include them)
      * Specify locally stored rules files that need their meta data included
        in sid-msg.map
      * Ability to specify your arch for so_rules
      * Rules are written to only two distinct files
      * Support metadata based VRT recommended rulesets
      * Maintain an optional rule changelog
      * Support for setting rules to Drop
      * Support for multi-line rules
      * Rule modification, i.e. disabling of specific rules within rule sets
      * Outputs changes in rules files if any rules have been added / modified
      * Compares new rules files with current rule sets
      * Automated retrieval of certain variables (Distro, Snort Version.. etc)
      * Downloads latest rules file
      * Verifies MD5 of local rules file
      * If MD5 has not changed from snort.org.. doesn't fetch files again
      * handle both rules and so_rules
      * Capability to generate stub files
  
  WWW: http://code.google.com/p/pulledpork/
  
  PR:             ports/146239
  Submitted by:   Olli Hauer
  
  Revision  Changes    Path
  1.1102    +1 -0      ports/security/Makefile
  1.1       +70 -0     ports/security/pulledpork/Makefile (new)
  1.1       +3 -0      ports/security/pulledpork/distinfo (new)
  1.1       +24 -0     ports/security/pulledpork/files/pkg-message.in (new)
  1.1       +37 -0     ports/security/pulledpork/pkg-descr (new)
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 2 Martin Wilke freebsd_committer freebsd_triage 2010-05-10 07:09:31 UTC 
State Changed
From-To: open->closed

New port added. Thanks!