FreeBSD Bugzilla – Attachment 53789 Details for
Bug 81378
New port: security/snort_inline
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
file.shar
file.shar (text/plain), 9.97 KB, created by
Nick Rogness
on 2005-05-23 03:40:01 UTC
(
hide
)
Description:
file.shar
Filename:
MIME Type:
Creator:
Nick Rogness
Created:
2005-05-23 03:40:01 UTC
Size:
9.97 KB
patch
obsolete
># This is a shell archive. Save it in a file, remove anything before ># this line, and then unpack it by entering "sh file". Note, it may ># create directories; files and directories will be owned by you and ># have default permissions. ># ># This archive contains: ># ># snort_inline ># snort_inline/Makefile ># snort_inline/pkg-descr ># snort_inline/pkg-plist ># snort_inline/distinfo ># snort_inline/files ># snort_inline/files/snort.sh ># snort_inline/pkg-message ># >echo c - snort_inline >mkdir -p snort_inline > /dev/null 2>&1 >echo x - snort_inline/Makefile >sed 's/^X//' >snort_inline/Makefile << 'END-of-snort_inline/Makefile' >X# New ports collection makefile for: snort_inline >X# Date created: 4 March 2005 >X# Whom: nick@rogness.net >X# >X# $FreeBSD$ >X# >X >XPORTNAME= snort_inline >XPORTVERSION= 2.3.0 >XCATEGORIES= security >XMASTER_SITES= http://freebsd.rogness.net/ports/snort_inline/ >XDISTNAME= snort_inline-2.3.0-RC1 >X >XMAINTAINER= nick@rogness.net >XCOMMENT= An inline IPS system based on snort using ipfw >X >XLIB_DEPENDS= pcre.0:${PORTSDIR}/devel/pcre >X >XWRKSRC= ${WRKDIR}/snort_inline-2.3.0-RC1 >X >XUSE_GPG= yes >XSIG_SUFFIX= .asc >XUSE_REINPLACE= yes >XGNU_CONFIGURE= yes >XCONFIGURE_ENV= LDFLAGS="${LDFLAGS}" >XCONFIGURE_TARGET= --build=${MACHINE_ARCH}-portbld-freebsd${OSREL} >XCONFIGURE_ARGS+= --enable-inline --enable-ipfw >X >XBUILD_DEPENDS+= ${LOCALBASE}/lib/libnet.a:${PORTSDIR}/net/libnet >XCONFIGURE_ARGS+= --with-libnet-includes=${LOCALBASE}/include \ >X --with-libnet-libraries=${LOCALBASE}/lib >X >X.if defined(WITH_MYSQL) >XUSE_MYSQL= yes >XCONFIGURE_ARGS+= --with-mysql=${LOCALBASE} >X.else >XCONFIGURE_ARGS+= --with-mysql=no >X.endif >X >X.if defined(WITH_ODBC) >XLIB_DEPENDS+= odbc.1:${PORTSDIR}/databases/unixODBC >XCONFIGURE_ARGS+= --with-odbc=${LOCALBASE} >XLDFLAGS+= ${PTHREAD_LIBS} >X.else >XCONFIGURE_ARGS+= --with-odbc=no >X.endif >X >X.if defined(WITH_POSTGRESQL) >XPOSTGRESQL_PORT?= databases/postgresql7 >XLIB_DEPENDS+= pq.3:${PORTSDIR}/${POSTGRESQL_PORT} >XCONFIGURE_ARGS+= --with-postgresql=${LOCALBASE} >X.if exists(/usr/lib/libssl.a) && exists(/usr/lib/libcrypto.a) >XLDFLAGS+= -lssl -lcrypto >X.endif >X.else >XCONFIGURE_ARGS+= --with-postgresql=no >X.endif >X >XMAN8= snort.8 >XDOCS= ChangeLog doc/AUTHORS doc/BUGS doc/CREDITS doc/faq* doc/NEWS \ >X doc/README* doc/TODO doc/USAGE doc/*.pdf >X >XUSE_RC_SUBR= yes >XRC_SCRIPTS_SUB= PREFIX=${PREFIX} RC_SUBR=${RC_SUBR} >X >Xpost-patch: >X ${REINPLACE_CMD} "s,%%PREFIX%%,${PREFIX}," ${WRKSRC}/src/snort.c >X @${SED} ${RC_SCRIPTS_SUB:S/$/!g/:S/^/ -e s!%%/:S/=/%%!/} \ >X ${FILESDIR}/snort.sh > ${WRKDIR}/snort.sh >X >Xpre-configure: >X @${ECHO} "" >X @${ECHO} "Set WITH_MYSQL, WITH_ODBC or WITH_POSTGRESQL" >X @${ECHO} "to get additional support." >X @${ECHO} "" >X >Xpost-install: >X @${MKDIR} ${DATADIR} >X ${INSTALL_DATA} ${WRKSRC}/rules/*.rules ${DATADIR} >X ${INSTALL_DATA} ${WRKSRC}/etc/classification.config \ >X ${DATADIR}/classification.config-sample >X [ -f ${DATADIR}/classification.config ] || \ >X ${CP} ${DATADIR}/classification.config-sample \ >X ${DATADIR}/classification.config >X ${INSTALL_DATA} ${WRKSRC}/etc/reference.config \ >X ${DATADIR}/reference.config-sample >X [ -f ${DATADIR}/reference.config ] || \ >X ${CP} ${DATADIR}/reference.config-sample ${DATADIR}/reference.config >X ${INSTALL_SCRIPT} -m 751 ${WRKDIR}/snort.sh ${PREFIX}/etc/rc.d/snort.sh >X.for f in snort.conf snort_inline.conf unicode.map threshold.conf >X ${INSTALL_DATA} ${WRKSRC}/etc/${f} ${PREFIX}/etc/${f}-sample >X [ -f ${PREFIX}/etc/${f} ] || \ >X ${INSTALL_DATA} ${WRKSRC}/etc/${f} ${PREFIX}/etc/${f} >X.endfor >X.if !defined(NOPORTDOCS) >X @${MKDIR} ${DOCSDIR} >X cd ${WRKSRC} && ${INSTALL_DATA} ${DOCS} ${DOCSDIR} >X.endif >X @${CAT} ${PKGMESSAGE} >X >X.include <bsd.port.mk> >END-of-snort_inline/Makefile >echo x - snort_inline/pkg-descr >sed 's/^X//' >snort_inline/pkg-descr << 'END-of-snort_inline/pkg-descr' >Xsnort-inline is a variation of snort that interfaces with the >XIPFW firewall and divert sockets to provide a simple IPS system >Xusing snort signatures. >X >XWWW: http://freebsd.rogness.net/snort_inline >X >X- Nick Rogness >Xnick@rogness.net >END-of-snort_inline/pkg-descr >echo x - snort_inline/pkg-plist >sed 's/^X//' >snort_inline/pkg-plist << 'END-of-snort_inline/pkg-plist' >Xbin/snort_inline >X@unexec if [ -f %D/etc/snort.conf ] && cmp -s %D/etc/snort.conf %D/etc/snort.conf-sample; then rm -f %D/etc/snort.conf; fi >Xetc/snort.conf-sample >X@exec [ -f %B/snort.conf ] || cp %B/%f %B/snort.conf >X@exec [ -f %B/snort_inline.conf ] || cp %B/%f %B/snort_inline.conf >X@unexec if [ -f %D/etc/unicode.map ] && cmp -s %D/etc/unicode.map %D/etc/unicode.map-sample; then rm -f %D/etc/unicode.map; fi >Xetc/unicode.map-sample >X@exec [ -f %B/unicode.map ] || cp %B/%f %B/unicode.map >X@unexec if [ -f %D/etc/threshold.conf ] && cmp -s %D/etc/threshold.conf %D/etc/threshold.conf-sample; then rm -f %D/etc/threshold.conf; fi >Xetc/threshold.conf-sample >X@exec [ -f %B/threshold.conf ] || cp %B/%f %B/threshold.conf >Xetc/rc.d/snort.sh >X%%PORTDOCS%%%%DOCSDIR%%/AUTHORS >X%%PORTDOCS%%%%DOCSDIR%%/BUGS >X%%PORTDOCS%%%%DOCSDIR%%/CREDITS >X%%PORTDOCS%%%%DOCSDIR%%/ChangeLog >X%%PORTDOCS%%%%DOCSDIR%%/faq.pdf >X%%PORTDOCS%%%%DOCSDIR%%/faq.tex >X%%PORTDOCS%%%%DOCSDIR%%/NEWS >X%%PORTDOCS%%%%DOCSDIR%%/README >X%%PORTDOCS%%%%DOCSDIR%%/README.INLINE >X%%PORTDOCS%%%%DOCSDIR%%/README.FLEXRESP >X%%PORTDOCS%%%%DOCSDIR%%/README.PLUGINS >X%%PORTDOCS%%%%DOCSDIR%%/README.UNSOCK >X%%PORTDOCS%%%%DOCSDIR%%/README.WIN32 >X%%PORTDOCS%%%%DOCSDIR%%/README.alert_order >X%%PORTDOCS%%%%DOCSDIR%%/README.csv >X%%PORTDOCS%%%%DOCSDIR%%/README.database >X%%PORTDOCS%%%%DOCSDIR%%/README.event_queue >X%%PORTDOCS%%%%DOCSDIR%%/README.flow >X%%PORTDOCS%%%%DOCSDIR%%/README.flowbits >X%%PORTDOCS%%%%DOCSDIR%%/README.flow-portscan >X%%PORTDOCS%%%%DOCSDIR%%/README.sfportscan >X%%PORTDOCS%%%%DOCSDIR%%/README.asn1 >X%%PORTDOCS%%%%DOCSDIR%%/README.http_inspect >X%%PORTDOCS%%%%DOCSDIR%%/README.thresholding >X%%PORTDOCS%%%%DOCSDIR%%/README.wireless >X%%PORTDOCS%%%%DOCSDIR%%/TODO >X%%PORTDOCS%%%%DOCSDIR%%/USAGE >X%%PORTDOCS%%%%DOCSDIR%%/snort_manual.pdf >X%%PORTDOCS%%%%DOCSDIR%%/snort_schema_v106.pdf >X%%PORTDOCS%%@dirrm %%DOCSDIR%% >X%%DATADIR%%/attack-responses.rules >X%%DATADIR%%/backdoor.rules >X%%DATADIR%%/bad-traffic.rules >X%%DATADIR%%/chat.rules >X@unexec if [ -f %B/classification.config ] && cmp -s %B/classification.config %B/classification.config-sample; then rm -f %B/classification.config; fi >X%%DATADIR%%/classification.config-sample >X@exec [ -f %B/classification.config ] || cp %B/%f %B/classification.config >X%%DATADIR%%/ddos.rules >X%%DATADIR%%/deleted.rules >X%%DATADIR%%/dns.rules >X%%DATADIR%%/dos.rules >X%%DATADIR%%/experimental.rules >X%%DATADIR%%/exploit.rules >X%%DATADIR%%/finger.rules >X%%DATADIR%%/ftp.rules >X%%DATADIR%%/icmp-info.rules >X%%DATADIR%%/icmp.rules >X%%DATADIR%%/imap.rules >X%%DATADIR%%/info.rules >X%%DATADIR%%/local.rules >X%%DATADIR%%/misc.rules >X%%DATADIR%%/multimedia.rules >X%%DATADIR%%/mysql.rules >X%%DATADIR%%/netbios.rules >X%%DATADIR%%/nntp.rules >X%%DATADIR%%/oracle.rules >X%%DATADIR%%/other-ids.rules >X%%DATADIR%%/p2p.rules >X%%DATADIR%%/policy.rules >X%%DATADIR%%/pop2.rules >X%%DATADIR%%/pop3.rules >X%%DATADIR%%/porn.rules >X@unexec if [ -f %B/reference.config ] && cmp -s %B/reference.config %B/reference.config-sample; then rm -f %B/reference.config; fi >X%%DATADIR%%/reference.config-sample >X@exec [ -f %B/reference.config ] || cp %B/%f %B/reference.config >X%%DATADIR%%/rpc.rules >X%%DATADIR%%/rservices.rules >X%%DATADIR%%/scan.rules >X%%DATADIR%%/shellcode.rules >X%%DATADIR%%/smtp.rules >X%%DATADIR%%/snmp.rules >X%%DATADIR%%/sql.rules >X%%DATADIR%%/telnet.rules >X%%DATADIR%%/tftp.rules >X%%DATADIR%%/virus.rules >X%%DATADIR%%/web-attacks.rules >X%%DATADIR%%/web-cgi.rules >X%%DATADIR%%/web-client.rules >X%%DATADIR%%/web-coldfusion.rules >X%%DATADIR%%/web-frontpage.rules >X%%DATADIR%%/web-iis.rules >X%%DATADIR%%/web-misc.rules >X%%DATADIR%%/web-php.rules >X%%DATADIR%%/x11.rules >X@dirrm %%DATADIR%% >END-of-snort_inline/pkg-plist >echo x - snort_inline/distinfo >sed 's/^X//' >snort_inline/distinfo << 'END-of-snort_inline/distinfo' >XMD5 (snort_inline-2.3.0-RC1.tar.gz) = d577c101a78c97b0f18a1e01b0252419 >END-of-snort_inline/distinfo >echo c - snort_inline/files >mkdir -p snort_inline/files > /dev/null 2>&1 >echo x - snort_inline/files/snort.sh >sed 's/^X//' >snort_inline/files/snort.sh << 'END-of-snort_inline/files/snort.sh' >X#!/bin/sh >X# $Id$ >X >X# PROVIDE: snort >X# REQUIRE: DAEMON >X# BEFORE: LOGIN >X# KEYWORD: FreeBSD shutdown >X >X# Add the following lines to /etc/rc.conf to enable snort: >X# snort_enable (bool): Set to YES to enable snort >X# Default: NO >X# snort_flags (str): Extra flags passed to snort >X# Default: -Dq -J 8000 >X# snort_interface (str): Network interface to sniff >X# Default: "" >X# snort_conf (str): Snort configuration file >X# Default: ${PREFIX}/etc/snort_inline.conf >X# >X >X. %%RC_SUBR%% >X >Xname="snort" >Xrcvar=`set_rcvar` >X >Xcommand="%%PREFIX%%/bin/snort" >X >Xload_rc_config $name >X >X[ -z "$snort_enable" ] && snort_enable="NO" >X[ -z "$snort_conf" ] && snort_conf="%%PREFIX%%/etc/snort_inline.conf" >X[ -z "$snort_flags" ] && snort_flags="-Dq -J 8000" >X >X[ -n "$snort_interface" ] && snort_flags="$snort_flags -i $snort_interface" >X[ -n "$snort_conf" ] && snort_flags="$snort_flags -c $snort_conf" >X >Xrun_rc_command "$1" >END-of-snort_inline/files/snort.sh >echo x - snort_inline/pkg-message >sed 's/^X//' >snort_inline/pkg-message << 'END-of-snort_inline/pkg-message' >X *********************************** >X * !!!!!!!!!!! WARNING !!!!!!!!!!! * >X *********************************** >X >Xsnort_inline uses rcNG startup scripts and must be enabled via /etc/rc.conf >X >XAvailable variables: >X >X snort_enable (bool): Set to YES to enable snort >X Default: NO >X snort_flags (str): Extra flags passed to snort >X Default: -Dq -J 8000 >X snort_interface (str): Network interface to sniff >X Default: "" >X snort_conf (str): Snort configuration file >X Default: ${PREFIX}/etc/snort_inline.conf >X >XAlso, make sure that your kernel is compiled with: >X >X options IPFIREWALL >X options IPDIVERT >X >XThe default divert port is 8000. See http://freebsd.rogness.net/snort_inline >Xfor more information. >END-of-snort_inline/pkg-message >exit
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=53789">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 81378
: 53789