FreeBSD Bugzilla – Attachment 105724 Details for
Bug 146239
[NEW PORT] security/pulledpork: Script to update snort-2.8+ rules
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
pulledpork.shar
pulledpork.shar (text/plain), 6.11 KB, created by
Olli Hauer
on 2010-05-02 16:30:11 UTC
(
hide
)
Description:
pulledpork.shar
Filename:
MIME Type:
Creator:
Olli Hauer
Created:
2010-05-02 16:30:11 UTC
Size:
6.11 KB
patch
obsolete
># This is a shell archive. Save it in a file, remove anything before ># this line, and then unpack it by entering "sh file". Note, it may ># create directories; files and directories will be owned by you and ># have default permissions. ># ># This archive contains: ># ># pulledpork ># pulledpork/files ># pulledpork/files/pkg-message.in ># pulledpork/Makefile ># pulledpork/pkg-descr ># pulledpork/distinfo ># >echo c - pulledpork >mkdir -p pulledpork > /dev/null 2>&1 >echo c - pulledpork/files >mkdir -p pulledpork/files > /dev/null 2>&1 >echo x - pulledpork/files/pkg-message.in >sed 's/^X//' >pulledpork/files/pkg-message.in << 'abbb7ab3bc01816d210c6788717e2ad2' >X===================================================================== >X >XIn order to use pulled pork, adjust the config files located in >X%%CONFIGDIR%%/ >X >X >XImportant Note: >X >XSnort change the way rules are published. In June 2010 Snort will >Xstop offering rules in the "snortrules-snapshot-CURRENT" format. >X >XInstead, rules will be released for specific Snort versions. >XYou will be responsible for downloading the correct rules release >Xfor your version of Snort. >X >XThe new versioning mechanism will require a four digit version in the >Xfile name. To get the new download naming schema visit snort.org, >Xand look at 'My Account' -> 'Subscriptions and Oinkcodes' >X >XBE SURE to read through the master pulledpork.conf file thoroughly, >Xas there are many changes as of snort 2.8.6.0 that WILL affect you, >Xeven if you are NOT yet running 2.8.6.0! >X >X===================================================================== >abbb7ab3bc01816d210c6788717e2ad2 >echo x - pulledpork/Makefile >sed 's/^X//' >pulledpork/Makefile << '5c1e7aebd3f72e1a44c808485216df30' >X# New ports collection makefile for: pulledpork >X# Date created: 01 Mai 2010 >X# Whom: Olli Hauer >X# >X# $FreeBSD$ >X# >X >XPORTNAME= pulledpork >XPORTVERSION= 0.4.1 >XCATEGORIES= security >XMASTER_SITES= ${MASTER_SITE_GOOGLE_CODE} >XDISTNAME= ${PORTNAME}-${PORTVERSION} >X >XMAINTAINER= ohauer@gmx.de >XCOMMENT= Script to update snort-2.8+ rules >X >XRUN_DEPENDS= ${SITE_PERL}/LWP/Simple.pm:${PORTSDIR}/www/p5-libwww >X >XNO_BUILD= yes >XUSE_PERL5_RUN= yes >X >XPLIST_DIRS= etc/pulledpork >XPLIST_FILES= bin/pulledpork.pl \ >X ${PLIST_DIRS}/disablesid.conf.sample \ >X ${PLIST_DIRS}/dropsid.conf.sample \ >X ${PLIST_DIRS}/enablesid.conf.sample \ >X ${PLIST_DIRS}/pulledpork.conf.sample >X >XCONFIG_DIR= ${PREFIX}/${PLIST_DIRS} >XSUB_FILES= pkg-message >XSUB_LIST= CONFIGDIR=${CONFIG_DIR} >X >X.include <bsd.port.pre.mk> >X >X.if (${PERL_LEVEL} < 501000) >XRUN_DEPENDS+= p5-Archive-Tar>=1.52:${PORTSDIR}/archivers/p5-Archive-Tar >X.endif >X >X.if !defined(NOPORTDOCS) >XPORTDOCS= LICENSE README README.CHANGES README.RULESET >X.endif >X >Xpost-patch: >X @${REINPLACE_CMD} -e "s|/usr/bin/perl|${PERL}|" ${WRKSRC}/pulledpork.pl >X @${REINPLACE_CMD} -e 's|snort/enablesid.conf|pulledpork/enablesid.conf|g' \ >X -e 's|snort/dropsid.conf|pulledpork/dropsid.conf|g' \ >X -e 's|snort/disablesid.conf|pulledpork/disablesid.conf|g' \ >X -e "s|/usr/local/lib/snort_dynamicrules/|${PREFIX}/etc/snort/so_rules/|g" \ >X ${WRKSRC}/etc/pulledpork.conf >X >Xdo-install: >X ${INSTALL_SCRIPT} ${WRKSRC}/pulledpork.pl ${PREFIX}/bin >X @${MKDIR} -m 750 ${CONFIG_DIR} >X # pulledpork.conf contains the snort user registration key, do not install world readable >X ${INSTALL_DATA} -m 440 ${WRKSRC}/etc/pulledpork.conf ${CONFIG_DIR}/pulledpork.conf.sample >X ${INSTALL_DATA} ${WRKSRC}/etc/disablesid.conf ${CONFIG_DIR}/disablesid.conf.sample >X ${INSTALL_DATA} ${WRKSRC}/etc/dropsid.conf ${CONFIG_DIR}/dropsid.conf.sample >X ${INSTALL_DATA} ${WRKSRC}/etc/enablesid.conf ${CONFIG_DIR}/enablesid.conf.sample >X >X.if !defined(NOPORTDOCS) >X @${MKDIR} ${DOCSDIR} >X @${INSTALL_DATA} ${WRKSRC}/LICENSE ${DOCSDIR}/ >X @${INSTALL_DATA} ${WRKSRC}/README ${DOCSDIR}/ >X @${INSTALL_DATA} ${WRKSRC}/README.CHANGES ${DOCSDIR}/ >X @${INSTALL_DATA} ${WRKSRC}/README.RULESET ${DOCSDIR}/ >X.endif >X >Xpost-install: >X @${CAT} ${PKGMESSAGE} >X.include <bsd.port.post.mk> >5c1e7aebd3f72e1a44c808485216df30 >echo x - pulledpork/pkg-descr >sed 's/^X//' >pulledpork/pkg-descr << '6063cd04a3b36c5e46958f6513662351' >Xpulledpork is a Perl script which helps to update your Snort 2.8+ rules. >X >XThe sample config file comes predefined with the new settings for >Xsnort.org downloads, which will change in June 2010. >X >XBE SURE to read through the master pulledpork.conf file thoroughly, >Xas there are many changes as of snort 2.8.6.0 that WILL affect you, >Xeven if you are NOT yet running 2.8.6.0! >X >XFeatures: >X * Flowbit tracking! >X * capability to specify base ruleset (see README.RULESETS) in master >X pulledpork.conf file. >X * Handle preprocessor and sensitive-information rulesets >X * Ability to define sid ranges in any of the sid modification .conf files >X * Ability to specify references in any of the sid modification .conf files >X * Ability to ignore entire rule categories (i.e. not include them) >X * Specify locally stored rules files that need their meta data included >X in sid-msg.map >X * Ability to specify your arch for so_rules >X * Rules are written to only two distinct files >X * Support metadata based VRT recommended rulesets >X * Maintain an optional rule changelog >X * Support for setting rules to Drop >X * Support for multi-line rules >X * Rule modification, i.e. disabling of specific rules within rule sets >X * Outputs changes in rules files if any rules have been added / modified >X * Compares new rules files with current rule sets >X * Automated retrieval of certain variables (Distro, Snort Version.. etc) >X * Downloads latest rules file >X * Verifies MD5 of local rules file >X * If MD5 has not changed from snort.org.. doesn't fetch files again >X * handle both rules and so_rules >X * Capability to generate stub files >X >X >XWWW: http://code.google.com/p/pulledpork/ >6063cd04a3b36c5e46958f6513662351 >echo x - pulledpork/distinfo >sed 's/^X//' >pulledpork/distinfo << 'ddab54909bef1f20eecc435eb248cf04' >XMD5 (pulledpork-0.4.1.tar.gz) = 75f39ab4c1807ef3485fbf39561fbdd8 >XSHA256 (pulledpork-0.4.1.tar.gz) = f1c50aba1fcf43660d2c62025192b0e756f49911ae2bced9106e98a24cddc923 >XSIZE (pulledpork-0.4.1.tar.gz) = 21805 >ddab54909bef1f20eecc435eb248cf04 >exit
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=105724">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 146239
: 105724