Attachment #71992 for bug #104730

View | Details | Raw Unified | Return to bug 104730
Collapse All | Expand All




# Date created:        4 March 2005
# Whom:                nick@rogness.net
#
# $FreeBSD: ports/security/snort_inline/Makefile,v 1.3 2005/11/14 17:07:04 sem Exp $
#

PORTNAME=	snort_inline
PORTVERSION=	2.4.5
PORTREVISION=	1
CATEGORIES=	security
MASTER_SITES=	http://freebsd.rogness.net/ports/snort_inline/
DISTNAME=	snort_inline-2.3.0-RC1

MAINTAINER=	nick@rogness.net
COMMENT=	An inline IPS system based on snort using ipfw

LIB_DEPENDS=	pcre.0:${PORTSDIR}/devel/pcre

WRKSRC=		${WRKDIR}/snort_inline-2.3.0-RC1

USE_GPG=	yes
SIG_SUFFIX=	.asc
GNU_CONFIGURE=	yes

CONFIGURE_TARGET=	--build=${MACHINE_ARCH}-portbld-freebsd${OSREL}
CONFIGURE_ARGS+=	--enable-inline --enable-ipfw

LIB_DEPENDS+=		dnet:${PORTSDIR}/net/libdnet
CONFIGURE_ARGS+=	--with-libnet-includes=${LOCALBASE}/include \
			--with-libnet-libraries=${LOCALBASE}/lib

.if defined(WITH_MYSQL)
USE_MYSQL=		yes

CONFIGURE_ARGS+=	--with-postgresql=no
.endif

MAN8=		snort.8 snort_inline.8
DOCS=		ChangeLog doc/AUTHORS doc/BUGS doc/CREDITS doc/faq* doc/NEWS \
		doc/README* doc/TODO doc/USAGE doc/*.pdf

RULE_PATH=	${DATADIR}/rules

USE_RC_SUBR=	snort.sh

post-patch:
	${REINPLACE_CMD} "s,%%PREFIX%%,${PREFIX}," ${WRKSRC}/src/snort.c
	${REINPLACE_CMD} "s,/etc/snort_inline/drop-rules,${RULE_PATH}," ${WRKSRC}/etc/snort_inline.conf
	${REINPLACE_CMD} "s,$RULE_PATH/classification.config,${DATADIR}/classification.config," ${WRKSRC}/etc/snort_inline.conf
	${REINPLACE_CMD} "s,$RULE_PATH/reference.config,${DATADIR}/reference.config," ${WRKSRC}/etc/snort_inline.conf
	${REINPLACE_CMD} -e "s/^unicode.map/\/usr\/local\/share\/snort_inline\/unicode.map/" ${WRKSRC}/etc/snort_inline.conf

pre-configure:
	@${ECHO} ""


post-install:
	@${MKDIR} ${DATADIR}
	@${MKDIR} ${RULE_PATH}
	${INSTALL_DATA} ${WRKSRC}/etc/classification.config \
		${DATADIR}/classification.config-sample
	[ -f ${DATADIR}/classification.config ] || \

		${DATADIR}/reference.config-sample
	[ -f ${DATADIR}/reference.config ] ||  \
		${CP} ${DATADIR}/reference.config-sample ${DATADIR}/reference.config
	${INSTALL_DATA} ${WRKSRC}/etc/threshold.conf \
		${DATADIR}/threshold.conf-sample
	[ -f ${DATADIR}/threshold.conf ] ||  \
		${CP} ${DATADIR}/threshold.conf-sample ${DATADIR}/threshold.conf
	${INSTALL_DATA} ${WRKSRC}/etc/unicode.map \
		${DATADIR}/unicode.map
.for f in snort.conf snort_inline.conf
	${INSTALL_DATA} ${WRKSRC}/etc/${f} ${PREFIX}/etc/${f}-sample
	[ -f ${PREFIX}/etc/${f} ] || \
		${INSTALL_DATA} ${WRKSRC}/etc/${f} ${PREFIX}/etc/${f}

Lines 1-3 Link Here

(-)snort_inline/distinfo (-3 / +3 lines)
1	MD5 (snort_inline-2.3.0-RC1.tar.gz) = d577c101a78c97b0f18a1e01b0252419	1	MD5 (snort_inline-2.4.5.tar.gz) = 6fbc46cb339cd9f7b9699104b9a99b1a
2	SHA256 (snort_inline-2.3.0-RC1.tar.gz) = 46027eeb583dd2efa1ca724948a84fd79d320a0f04df4befde27688c4f7995dc	2	SHA256 (snort_inline-2.4.5.tar.gz) = c417dd23d06d468f0fc5d2cc4f9d1022db5b02a9a77d702f8e24261f0a433651
3	SIZE (snort_inline-2.3.0-RC1.tar.gz) = 2742898	3	SIZE (snort_inline-2.4.5.tar.gz) = 3019957

Lines 4-10 Link Here

(-)snort_inline/files/snort.sh.in (-2 / +2 lines)
4	# PROVIDE: snort	4	# PROVIDE: snort
5	# REQUIRE: DAEMON	5	# REQUIRE: DAEMON
6	# BEFORE: LOGIN	6	# BEFORE: LOGIN
7	# KEYWORD: shutdown	7	# KEYWORD: FreeBSD shutdown
8		8
9	# Add the following lines to /etc/rc.conf to enable snort:	9	# Add the following lines to /etc/rc.conf to enable snort:
10	# snort_enable (bool): Set to YES to enable snort	10	# snort_enable (bool): Set to YES to enable snort
Lines 22-28 Link Here
22	name="snort"	22	name="snort"
23	rcvar=`set_rcvar`	23	rcvar=`set_rcvar`
24		24
25	command="%%PREFIX%%/bin/snort"	25	command="%%PREFIX%%/bin/snort_inline"
26		26
27	load_rc_config $name	27	load_rc_config $name
28		28




@unexec if [ -f %D/etc/snort_inline.conf ] && cmp -s %D/etc/snort_inline.conf %D/etc/snort_inline.conf-sample; then rm -f %D/etc/snort_inline.conf; fi
etc/snort_inline.conf-sample
@exec [ -f %B/snort_inline.conf ] || cp %B/%f %B/snort_inline.conf
@unexec if [ -f %B/unicode.map ] && cmp -s %B/unicode.map %B/unicode.map-sample; then rm -f %B/etc/unicode.map; fi
%%DATADIR%%/unicode.map
@exec [ -f %B/unicode.map ] || cp %B/%f %B/unicode.map
@unexec if [ -f %B/threshold.conf ] && cmp -s %B/threshold.conf %B/threshold.conf-sample; then rm -f %B/threshold.conf; fi
%%DATADIR%%/threshold.conf-sample
@exec [ -f %B/threshold.conf ] || cp %B/%f %B/threshold.conf
%%PORTDOCS%%%%DOCSDIR%%/AUTHORS
%%PORTDOCS%%%%DOCSDIR%%/BUGS

%%PORTDOCS%%%%DOCSDIR%%/README.http_inspect
%%PORTDOCS%%%%DOCSDIR%%/README.thresholding
%%PORTDOCS%%%%DOCSDIR%%/README.wireless
%%PORTDOCS%%%%DOCSDIR%%/README.NFQUEUE
%%PORTDOCS%%%%DOCSDIR%%/README.clamav
%%PORTDOCS%%%%DOCSDIR%%/README.frag3
%%PORTDOCS%%%%DOCSDIR%%/TODO
%%PORTDOCS%%%%DOCSDIR%%/USAGE
%%PORTDOCS%%%%DOCSDIR%%/snort_manual.pdf
%%PORTDOCS%%%%DOCSDIR%%/snort_schema_v106.pdf
%%PORTDOCS%%@dirrm %%DOCSDIR%%
%%DATADIR%%/attack-responses.rules
%%DATADIR%%/backdoor.rules
%%DATADIR%%/bad-traffic.rules
%%DATADIR%%/chat.rules
@unexec if [ -f %B/classification.config ] && cmp -s %B/classification.config %B/classification.config-sample; then rm -f %B/classification.config; fi
%%DATADIR%%/classification.config-sample
@exec [ -f %B/classification.config ] || cp %B/%f %B/classification.config
%%DATADIR%%/classification.config
%%DATADIR%%/deleted.rules
%%DATADIR%%/dns.rules
%%DATADIR%%/dos.rules
%%DATADIR%%/experimental.rules
%%DATADIR%%/exploit.rules
%%DATADIR%%/finger.rules
%%DATADIR%%/ftp.rules
%%DATADIR%%/icmp-info.rules
%%DATADIR%%/icmp.rules
%%DATADIR%%/imap.rules
%%DATADIR%%/info.rules
%%DATADIR%%/local.rules
%%DATADIR%%/misc.rules
%%DATADIR%%/multimedia.rules
%%DATADIR%%/mysql.rules
%%DATADIR%%/netbios.rules
%%DATADIR%%/nntp.rules
%%DATADIR%%/oracle.rules
%%DATADIR%%/other-ids.rules
%%DATADIR%%/p2p.rules
%%DATADIR%%/policy.rules
%%DATADIR%%/pop2.rules
%%DATADIR%%/pop3.rules
%%DATADIR%%/porn.rules
@unexec if [ -f %B/reference.config ] && cmp -s %B/reference.config %B/reference.config-sample; then rm -f %B/reference.config; fi
%%DATADIR%%/reference.config-sample
@exec [ -f %B/reference.config ] || cp %B/%f %B/reference.config
@dirrmtry %%DATADIR%%/rules
%%DATADIR%%/rservices.rules
%%DATADIR%%/scan.rules
%%DATADIR%%/shellcode.rules
%%DATADIR%%/smtp.rules
%%DATADIR%%/snmp.rules
%%DATADIR%%/sql.rules
%%DATADIR%%/telnet.rules
%%DATADIR%%/tftp.rules
%%DATADIR%%/virus.rules
%%DATADIR%%/web-attacks.rules
%%DATADIR%%/web-cgi.rules
%%DATADIR%%/web-client.rules
%%DATADIR%%/web-coldfusion.rules
%%DATADIR%%/web-frontpage.rules
%%DATADIR%%/web-iis.rules
%%DATADIR%%/web-misc.rules
%%DATADIR%%/web-php.rules
%%DATADIR%%/x11.rules
@dirrm %%DATADIR%%

Return to bug 104730

Lines 2-24 Link Here

(-)snort_inline/Makefile (-12 / +18 lines)
2	# Date created: 4 March 2005	2	# Date created: 4 March 2005
3	# Whom: nick@rogness.net	3	# Whom: nick@rogness.net
4	#	4	#
5	# $FreeBSD: ports/security/snort_inline/Makefile,v 1.4 2006/05/13 04:15:15 edwin Exp $	5	# $FreeBSD: ports/security/snort_inline/Makefile,v 1.3 2005/11/14 17:07:04 sem Exp $
6	#	6	#
7		7
8	PORTNAME= snort_inline	8	PORTNAME= snort_inline
9	PORTVERSION= 2.3.0	9	PORTVERSION= 2.4.5
10	PORTREVISION= 1
11	CATEGORIES= security	10	CATEGORIES= security
12	MASTER_SITES= http://freebsd.rogness.net/ports/snort_inline/	11	MASTER_SITES= http://freebsd.rogness.net/ports/snort_inline/
13	DISTNAME= snort_inline-2.3.0-RC1
14		12
15	MAINTAINER= nick@rogness.net	13	MAINTAINER= nick@rogness.net
16	COMMENT= An inline IPS system based on snort using ipfw	14	COMMENT= An inline IPS system based on snort using ipfw
17		15
18	LIB_DEPENDS= pcre.0:${PORTSDIR}/devel/pcre	16	LIB_DEPENDS= pcre.0:${PORTSDIR}/devel/pcre
19		17
20	WRKSRC= ${WRKDIR}/snort_inline-2.3.0-RC1
21
22	USE_GPG= yes	18	USE_GPG= yes
23	SIG_SUFFIX= .asc	19	SIG_SUFFIX= .asc
24	GNU_CONFIGURE= yes	20	GNU_CONFIGURE= yes
Lines 26-34 Link Here
26	CONFIGURE_TARGET= --build=${MACHINE_ARCH}-portbld-freebsd${OSREL}	22	CONFIGURE_TARGET= --build=${MACHINE_ARCH}-portbld-freebsd${OSREL}
27	CONFIGURE_ARGS+= --enable-inline --enable-ipfw	23	CONFIGURE_ARGS+= --enable-inline --enable-ipfw
28		24
29	BUILD_DEPENDS+= libnet*<=1.1.0,1:${PORTSDIR}/net/libnet10	25	LIB_DEPENDS+= dnet:${PORTSDIR}/net/libdnet
30	CONFIGURE_ARGS+= --with-libnet-includes=${LOCALBASE}/include \
31	--with-libnet-libraries=${LOCALBASE}/lib
32		26
33	.if defined(WITH_MYSQL)	27	.if defined(WITH_MYSQL)
34	USE_MYSQL= yes	28	USE_MYSQL= yes
Lines 55-68 Link Here
55	CONFIGURE_ARGS+= --with-postgresql=no	49	CONFIGURE_ARGS+= --with-postgresql=no
56	.endif	50	.endif
57		51
58	MAN8= snort.8	52	MAN8= snort.8 snort_inline.8
59	DOCS= ChangeLog doc/AUTHORS doc/BUGS doc/CREDITS doc/faq* doc/NEWS \	53	DOCS= ChangeLog doc/AUTHORS doc/BUGS doc/CREDITS doc/faq* doc/NEWS \
60	doc/README* doc/TODO doc/USAGE doc/*.pdf	54	doc/README* doc/TODO doc/USAGE doc/*.pdf
61		55
		56	RULE_PATH= ${DATADIR}/rules
		57
62	USE_RC_SUBR= snort.sh	58	USE_RC_SUBR= snort.sh
63		59
64	post-patch:	60	post-patch:
65	${REINPLACE_CMD} "s,%%PREFIX%%,${PREFIX}," ${WRKSRC}/src/snort.c	61	${REINPLACE_CMD} "s,%%PREFIX%%,${PREFIX}," ${WRKSRC}/src/snort.c
		62	${REINPLACE_CMD} "s,/etc/snort_inline/drop-rules,${RULE_PATH}," ${WRKSRC}/etc/snort_inline.conf
		63	${REINPLACE_CMD} "s,$RULE_PATH/classification.config,${DATADIR}/classification.config," ${WRKSRC}/etc/snort_inline.conf
		64	${REINPLACE_CMD} "s,$RULE_PATH/reference.config,${DATADIR}/reference.config," ${WRKSRC}/etc/snort_inline.conf
		65	${REINPLACE_CMD} -e "s/^unicode.map/\/usr\/local\/share\/snort_inline\/unicode.map/" ${WRKSRC}/etc/snort_inline.conf
66		66
67	pre-configure:	67	pre-configure:
68	@${ECHO} ""	68	@${ECHO} ""
Lines 72-78 Link Here
72		72
73	post-install:	73	post-install:
74	@${MKDIR} ${DATADIR}	74	@${MKDIR} ${DATADIR}
75	${INSTALL_DATA} ${WRKSRC}/rules/*.rules ${DATADIR}	75	@${MKDIR} ${RULE_PATH}
76	${INSTALL_DATA} ${WRKSRC}/etc/classification.config \	76	${INSTALL_DATA} ${WRKSRC}/etc/classification.config \
77	${DATADIR}/classification.config-sample	77	${DATADIR}/classification.config-sample
78	[ -f ${DATADIR}/classification.config ] \|\| \	78	[ -f ${DATADIR}/classification.config ] \|\| \
Lines 82-88 Link Here
82	${DATADIR}/reference.config-sample	82	${DATADIR}/reference.config-sample
83	[ -f ${DATADIR}/reference.config ] \|\| \	83	[ -f ${DATADIR}/reference.config ] \|\| \
84	${CP} ${DATADIR}/reference.config-sample ${DATADIR}/reference.config	84	${CP} ${DATADIR}/reference.config-sample ${DATADIR}/reference.config
85	.for f in snort.conf snort_inline.conf unicode.map threshold.conf	85	${INSTALL_DATA} ${WRKSRC}/etc/threshold.conf \
		86	${DATADIR}/threshold.conf-sample
		87	[ -f ${DATADIR}/threshold.conf ] \|\| \
		88	${CP} ${DATADIR}/threshold.conf-sample ${DATADIR}/threshold.conf
		89	${INSTALL_DATA} ${WRKSRC}/etc/unicode.map \
		90	${DATADIR}/unicode.map
		91	.for f in snort.conf snort_inline.conf
86	${INSTALL_DATA} ${WRKSRC}/etc/${f} ${PREFIX}/etc/${f}-sample	92	${INSTALL_DATA} ${WRKSRC}/etc/${f} ${PREFIX}/etc/${f}-sample
87	[ -f ${PREFIX}/etc/${f} ] \|\| \	93	[ -f ${PREFIX}/etc/${f} ] \|\| \
88	${INSTALL_DATA} ${WRKSRC}/etc/${f} ${PREFIX}/etc/${f}	94	${INSTALL_DATA} ${WRKSRC}/etc/${f} ${PREFIX}/etc/${f}

Lines 5-15 Link Here

(-)snort_inline/pkg-plist (-52 / +9 lines)
5	@unexec if [ -f %D/etc/snort_inline.conf ] && cmp -s %D/etc/snort_inline.conf %D/etc/snort_inline.conf-sample; then rm -f %D/etc/snort_inline.conf; fi	5	@unexec if [ -f %D/etc/snort_inline.conf ] && cmp -s %D/etc/snort_inline.conf %D/etc/snort_inline.conf-sample; then rm -f %D/etc/snort_inline.conf; fi
6	etc/snort_inline.conf-sample	6	etc/snort_inline.conf-sample
7	@exec [ -f %B/snort_inline.conf ] \|\| cp %B/%f %B/snort_inline.conf	7	@exec [ -f %B/snort_inline.conf ] \|\| cp %B/%f %B/snort_inline.conf
8	@unexec if [ -f %D/etc/unicode.map ] && cmp -s %D/etc/unicode.map %D/etc/unicode.map-sample; then rm -f %D/etc/unicode.map; fi	8	@unexec if [ -f %B/unicode.map ] && cmp -s %B/unicode.map %B/unicode.map-sample; then rm -f %B/etc/unicode.map; fi
9	etc/unicode.map-sample	9	%%DATADIR%%/unicode.map
10	@exec [ -f %B/unicode.map ] \|\| cp %B/%f %B/unicode.map	10	@exec [ -f %B/unicode.map ] \|\| cp %B/%f %B/unicode.map
11	@unexec if [ -f %D/etc/threshold.conf ] && cmp -s %D/etc/threshold.conf %D/etc/threshold.conf-sample; then rm -f %D/etc/threshold.conf; fi	11	@unexec if [ -f %B/threshold.conf ] && cmp -s %B/threshold.conf %B/threshold.conf-sample; then rm -f %B/threshold.conf; fi
12	etc/threshold.conf-sample	12	%%DATADIR%%/threshold.conf-sample
13	@exec [ -f %B/threshold.conf ] \|\| cp %B/%f %B/threshold.conf	13	@exec [ -f %B/threshold.conf ] \|\| cp %B/%f %B/threshold.conf
14	%%PORTDOCS%%%%DOCSDIR%%/AUTHORS	14	%%PORTDOCS%%%%DOCSDIR%%/AUTHORS
15	%%PORTDOCS%%%%DOCSDIR%%/BUGS	15	%%PORTDOCS%%%%DOCSDIR%%/BUGS
Lines 36-98 Link Here
36	%%PORTDOCS%%%%DOCSDIR%%/README.http_inspect	36	%%PORTDOCS%%%%DOCSDIR%%/README.http_inspect
37	%%PORTDOCS%%%%DOCSDIR%%/README.thresholding	37	%%PORTDOCS%%%%DOCSDIR%%/README.thresholding
38	%%PORTDOCS%%%%DOCSDIR%%/README.wireless	38	%%PORTDOCS%%%%DOCSDIR%%/README.wireless
		39	%%PORTDOCS%%%%DOCSDIR%%/README.NFQUEUE
		40	%%PORTDOCS%%%%DOCSDIR%%/README.clamav
		41	%%PORTDOCS%%%%DOCSDIR%%/README.frag3
39	%%PORTDOCS%%%%DOCSDIR%%/TODO	42	%%PORTDOCS%%%%DOCSDIR%%/TODO
40	%%PORTDOCS%%%%DOCSDIR%%/USAGE	43	%%PORTDOCS%%%%DOCSDIR%%/USAGE
41	%%PORTDOCS%%%%DOCSDIR%%/snort_manual.pdf	44	%%PORTDOCS%%%%DOCSDIR%%/snort_manual.pdf
42	%%PORTDOCS%%%%DOCSDIR%%/snort_schema_v106.pdf	45	%%PORTDOCS%%%%DOCSDIR%%/snort_schema_v106.pdf
43	%%PORTDOCS%%@dirrm %%DOCSDIR%%	46	%%PORTDOCS%%@dirrm %%DOCSDIR%%
44	%%DATADIR%%/attack-responses.rules
45	%%DATADIR%%/backdoor.rules
46	%%DATADIR%%/bad-traffic.rules
47	%%DATADIR%%/chat.rules
48	@unexec if [ -f %B/classification.config ] && cmp -s %B/classification.config %B/classification.config-sample; then rm -f %B/classification.config; fi	47	@unexec if [ -f %B/classification.config ] && cmp -s %B/classification.config %B/classification.config-sample; then rm -f %B/classification.config; fi
49	%%DATADIR%%/classification.config-sample	48	%%DATADIR%%/classification.config-sample
50	@exec [ -f %B/classification.config ] \|\| cp %B/%f %B/classification.config	49	@exec [ -f %B/classification.config ] \|\| cp %B/%f %B/classification.config
51	%%DATADIR%%/ddos.rules	50	%%DATADIR%%/classification.config
52	%%DATADIR%%/deleted.rules
53	%%DATADIR%%/dns.rules
54	%%DATADIR%%/dos.rules
55	%%DATADIR%%/experimental.rules
56	%%DATADIR%%/exploit.rules
57	%%DATADIR%%/finger.rules
58	%%DATADIR%%/ftp.rules
59	%%DATADIR%%/icmp-info.rules
60	%%DATADIR%%/icmp.rules
61	%%DATADIR%%/imap.rules
62	%%DATADIR%%/info.rules
63	%%DATADIR%%/local.rules
64	%%DATADIR%%/misc.rules
65	%%DATADIR%%/multimedia.rules
66	%%DATADIR%%/mysql.rules
67	%%DATADIR%%/netbios.rules
68	%%DATADIR%%/nntp.rules
69	%%DATADIR%%/oracle.rules
70	%%DATADIR%%/other-ids.rules
71	%%DATADIR%%/p2p.rules
72	%%DATADIR%%/policy.rules
73	%%DATADIR%%/pop2.rules
74	%%DATADIR%%/pop3.rules
75	%%DATADIR%%/porn.rules
76	@unexec if [ -f %B/reference.config ] && cmp -s %B/reference.config %B/reference.config-sample; then rm -f %B/reference.config; fi	51	@unexec if [ -f %B/reference.config ] && cmp -s %B/reference.config %B/reference.config-sample; then rm -f %B/reference.config; fi
77	%%DATADIR%%/reference.config-sample	52	%%DATADIR%%/reference.config-sample
78	@exec [ -f %B/reference.config ] \|\| cp %B/%f %B/reference.config	53	@exec [ -f %B/reference.config ] \|\| cp %B/%f %B/reference.config
79	%%DATADIR%%/rpc.rules	54	@dirrmtry %%DATADIR%%/rules
80	%%DATADIR%%/rservices.rules
81	%%DATADIR%%/scan.rules
82	%%DATADIR%%/shellcode.rules
83	%%DATADIR%%/smtp.rules
84	%%DATADIR%%/snmp.rules
85	%%DATADIR%%/sql.rules
86	%%DATADIR%%/telnet.rules
87	%%DATADIR%%/tftp.rules
88	%%DATADIR%%/virus.rules
89	%%DATADIR%%/web-attacks.rules
90	%%DATADIR%%/web-cgi.rules
91	%%DATADIR%%/web-client.rules
92	%%DATADIR%%/web-coldfusion.rules
93	%%DATADIR%%/web-frontpage.rules
94	%%DATADIR%%/web-iis.rules
95	%%DATADIR%%/web-misc.rules
96	%%DATADIR%%/web-php.rules
97	%%DATADIR%%/x11.rules
98	@dirrm %%DATADIR%%	55	@dirrm %%DATADIR%%