Context Navigation

Back to Ticket #42531

Ticket #42531: patch-snort-Portfile2.diff

File patch-snort-Portfile2.diff, 10.5 KB (added by jul_bsd@…, 10 years ago)

net/snort/Portfile

-                      old
+                      new
+# $Id: Portfile 125738 2014-09-25 14:43:03Z mf2k@macports.org $
+# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4
+# $Id: Portfile 87104 2011-11-10 19:29:34Z snc@macports.org $
 PortSystem 1.0
 name             snort
 version          2.9.1.2
+version          2.9.7.0
 categories       net
 maintainers      nomaintainer
+maintainers      yahoo.fr:jul_bsd openmaintainer
 license          GPL-2
 description      Open Source Network Intrusion Detection System
 long_description \
 …
     attacks, SMB probes, OS fingerprinting attempts, and much more.
 homepage         http://www.snort.org/
 platforms        darwin freebsd
 master_sites     ${homepage}dl/snort-current/
+master_sites     ${homepage}/downloads/snort/
 checksums        rmd160  a28ebd59df80884e1554fb75a4279e97b1dd8b32 \
                  sha256  eac98be8138f9debdcc8f77061dab1950e88fa40c18311ddbab0a329852375f5
+checksums           rmd160  fa49f3660db9ad940c4c9394d823bbb7faf625c1 \
+                    sha256  9738afea45d20b7f77997cc00055e7dd70f6aea0101209d87efec4bc4eace49b
 depends_lib      port:daq
+startupitem.create  yes
+startupitem.start   "${prefix}/share/${name}/snort.sh"
+startupitem.stop    "/bin/kill \$(cat /var/run/snort_*.pid)"
+#patchfiles       patch-src-strlcatu.h.diff patch-src-strlcpyu.h.diff
+variant mysql5 description {mysql 5 support} {
+    depends_lib-append    path:bin/mysql_config5:mysql5
+    configure.args-append   --with-mysql-includes=${prefix}/include/mysql5/mysql \
+                            --with-mysql-libraries=${prefix}/lib/mysql5/mysql
+}
+add_users snort group=snort home=${prefix}/var/snort shell=/sbin/nologin realname=Snort\ user
-variant mysql4 description {mysql 4 support} {
-    depends_lib-append    port:mysql4
-    configure.args-append --with-mysql=${prefix}
+}
+set if en1
+startupitem.create  yes
+startupitem.executable ${prefix}/bin/${name} -i ${if} -c ${prefix}/etc/snort/snort.conf -l ${prefix}/var/log/snort -u snort -g snort --pid-path ${prefix}/var/run
+startupitem.pidfile "${prefix}/var/run/snort_${if}.pid"
+#startupitem.start   "${prefix}/share/${name}/snort.sh"
+#startupitem.stop    "/bin/kill \$(cat ${prefix}/var/run/snort_*.pid)"
+destroot.asroot     yes
 post-destroot {
 # Copy the Snort database schemas
     xinstall -d -m 755 ${destroot}${prefix}/share/${name}/schemas
     eval xinstall -m 755 [glob ${worksrcpath}/schemas/create*] ${destroot}${prefix}/share/${name}/schemas
+#    xinstall -d -m 755 ${destroot}${prefix}/share/${name}/schemas
+#    eval xinstall -m 755 [glob ${worksrcpath}/schemas/create*] ${destroot}${prefix}/share/${name}/schemas
 # Copy Snort's etc/ files
     xinstall -d -m 755 ${destroot}${prefix}/etc/${name}
     eval xinstall [glob ${worksrcpath}/etc/*.map] ${destroot}${prefix}/etc/${name}
     eval xinstall [glob ${worksrcpath}/etc/*.conf*] ${destroot}${prefix}/etc/${name}
+    file rename ${destroot}${prefix}/etc/${name}/snort.conf ${destroot}${prefix}/etc/${name}/snort.conf.dist
+    xinstall -d -m 755 ${destroot}${prefix}/share/examples/${name}
+    file rename ${destroot}${prefix}/etc/${name}/snort.conf ${destroot}${prefix}/share/examples/${name}/snort.conf.dist
 # fix snort.conf.dist
     reinplace "s|dynamicpreprocessor directory /usr/local/lib/snort_dynamicpreprocessor/|dynamicpreprocessor directory ${prefix}/lib/snort_dynamicpreprocessor/|g" ${destroot}${prefix}/etc/${name}/snort.conf.dist
     reinplace "s|dynamicengine /usr/local/lib/snort_dynamicengine/libsf_engine.so|dynamicengine ${prefix}/lib/snort_dynamicengine/libsf_engine.dylib|g" ${destroot}${prefix}/etc/${name}/snort.conf.dist
     reinplace "s|dynamicdetection directory /usr/local/lib/snort_dynamicrule/|dynamicdetection directory ${prefix}/lib/snort_dynamicrule/|g" ${destroot}${prefix}/etc/${name}/snort.conf.dist
     reinplace "s|dynamicdetection file /usr/local/lib/snort_dynamicrule/libdynamicexamplerule.so|dynamicdetection file ${prefix}/lib/snort_dynamicrule/libdynamicexamplerule.dylib|g" ${destroot}${prefix}/etc/${name}/snort.conf.dist
+    reinplace "s|dynamicpreprocessor directory /usr/local/lib/snort_dynamicpreprocessor/|dynamicpreprocessor directory ${prefix}/lib/snort_dynamicpreprocessor/|g" ${destroot}${prefix}/share/examples/${name}/snort.conf.dist
+    reinplace "s|dynamicengine /usr/local/lib/snort_dynamicengine/libsf_engine.so|dynamicengine ${prefix}/lib/snort_dynamicengine/libsf_engine.dylib|g" ${destroot}${prefix}/share/examples/${name}/snort.conf.dist
+    reinplace "s|dynamicdetection directory /usr/local/lib/snort_dynamicrule/|dynamicdetection directory ${prefix}/lib/snort_dynamicrule/|g" ${destroot}${prefix}/share/examples/${name}/snort.conf.dist
+    reinplace "s|dynamicdetection file /usr/local/lib/snort_dynamicrule/libdynamicexamplerule.so|dynamicdetection file ${prefix}/lib/snort_dynamicrule/libdynamicexamplerule.dylib|g" ${destroot}${prefix}/share/examples/${name}/snort.conf.dist
+    xinstall -d ${destroot}${prefix}/share/${name}
     xinstall -m 755 ${filespath}/snort.sh \
         ${destroot}${prefix}/share/${name}/snort.sh
     reinplace "s|__PREFIX__|${prefix}|g" \
         ${destroot}${prefix}/share/${name}/snort.sh
+    xinstall -d ${destroot}${prefix}/lib/snort_dynamicrules
+    destroot.keepdirs-append ${destroot}${prefix}/lib/snort_dynamicrules
+    reinplace "s|/usr/local/lib/snort_dynamicrules|${prefix}/lib/snort_dynamicrules|" \
+        ${destroot}${prefix}/share/examples/${name}/snort.conf.dist
+    reinplace "s|dynamicengine ${prefix}/lib/snort_dynamicengine/libsf_engine.dylib|dynamicengine ${prefix}/lib/snort_dynamicengine/libsf_engine.so|" \
+        ${destroot}${prefix}/share/examples/${name}/snort.conf.dist
+    xinstall -d ${destroot}${prefix}/etc/snort/rules
+    destroot.keepdirs-append ${destroot}${prefix}/etc/snort/rules
+    reinplace "s|var RULE_PATH ../rules|var RULE_PATH /rules|" \
+        ${destroot}${prefix}/share/examples/${name}/snort.conf.dist
+    xinstall -d -o snort ${destroot}${prefix}/var/log/snort
+    destroot.keepdirs-append ${destroot}${prefix}/var/log/snort
+}
+post-activate {
+    if ![file exists ${prefix}/etc/snort/snort.conf ] {
+        copy ${prefix}/share/examples/${name}/snort.conf.dist ${prefix}/etc/snort/snort.conf
+    }
+}
 notes "
             ***** File locations *****
 The Snort database schemas -> ${prefix}/share/${name}/schemas
+The snort.conf sample file -> ${prefix}/etc/${name}/snort.conf.dist (copy to snort.conf)
+The snort.conf sample file -> ${prefix}/share/examples/${name}/snort.conf.dist
+If it doesn't exist before, the sample config is copied to ${prefix}/etc/snort.conf
 NOTE: Make sure you do not change the location of the snort.conf file\
 or the startup scripts will not be able to find it.
+Please download rules from https://www.snort.org/snort-rules/#rules either
+manually or with oinkmaster.
+Change at least your HOME_NET in snort.conf and Validate your config with
+    $ snort -T -c ${prefix}/etc/snort/snort.conf
+By default ${prefix}/share/${name}/snort.sh is configured
+to listen only on en0 interface.
+If you want to listen multiple interface, you need to start one snort
+instance per interface (or bond them)
+    $ grep 'Snort rules read' /var/log/system.log
+    $ egrep '^output' ${prefix}/etc/snort/snort.conf
+If you get empty touched logs, try also to set:
+    ipvar EXTERNAL_NET !\$HOME_NET
+instead of any
+You can test that snort is functionning by using those tool:
+ftp http://\$EXTERNAL_HOST/cmd.exe
+ftp http://lteo.net/cmd.exe
+http://testmyids.com
+nmap, IDSWakeup, pytbull, metasploit
+To use blacklist/whitelist, see
+http://blog.securitymonks.com/2009/07/19/blacklisting-with-snort/
+http://systemnoise.com/wordpress/?p=89
+http://labs.snort.org/iplists/
+"
+if {![variant_isset mysql51] && ![variant_isset mysql55] && ![variant_isset mariadb] && ![variant_isset percona] } {
+    default_variants +mysql56
+}
+variant mysql51 \
+    conflicts mysql55 mysql56 mariadb percona \
+    description "Enable MySQL 5.1 support" {
+    depends_lib-append          port:mysql51
+    configure.env-append        MYSQL_CONFIG=${prefix}/lib/mysql51/bin/mysql_config
+    configure.args-append   --with-mysql-includes=${prefix}/include/mysql51/mysql \
+                            --with-mysql-libraries=${prefix}/lib/mysql51/mysql
+    configure.env               CFLAGS="-L${prefix}/lib/mysql51/mysql"
+}
+variant mysql55 \
+    conflicts mysql51 mysql56 mariadb percona \
+    description "Enable MySQL 5.5 support" {
+    depends_lib-append          port:mysql55
+    configure.env-append        MYSQL_CONFIG=${prefix}/lib/mysql55/bin/mysql_config
+    configure.args-append   --with-mysql-includes=${prefix}/include/mysql55/mysql \
+                            --with-mysql-libraries=${prefix}/lib/mysql55/mysql
+    configure.env               CFLAGS="-L${prefix}/lib/mysql55/mysql"
+}
+variant mysql56 \
+    conflicts mysql51 mysql55 mariadb percona \
+    description "Enable MySQL 5.6 support" {
+    depends_lib-append          port:mysql56
+    configure.env-append        MYSQL_CONFIG=${prefix}/lib/mysql56/bin/mysql_config
+    configure.args-append   --with-mysql-includes=${prefix}/include/mysql56/mysql \
+                            --with-mysql-libraries=${prefix}/lib/mysql56/mysql
+    configure.env               CFLAGS="-L${prefix}/lib/mysql56/mysql"
+}
+variant mariadb \
+    conflicts mysql51 mysql55 mysql56 percona \
+    description "Enable MariaDB (MySQL) support" {
+    depends_lib-append          port:mariadb
+    configure.env-append        MYSQL_CONFIG=${prefix}/lib/mariadb/bin/mysql_config
+    configure.args-append   --with-mysql-includes=${prefix}/include/mariadb/mysql \
+                            --with-mysql-libraries=${prefix}/lib/mariadb/mysql
+    configure.env               CFLAGS="-L${prefix}/lib/mariadb/mysql"
+}
+variant percona \
+    conflicts mysql51 mysql55 mysql56 mariadb \
+    description "Enable Percona (MySQL) support" {
+    depends_lib-append          port:percona
+    configure.env-append        MYSQL_CONFIG=${prefix}/lib/percona/bin/mysql_config
+    configure.args-append   --with-mysql-includes=${prefix}/include/percona/mysql \
+                            --with-mysql-libraries=${prefix}/lib/percona/mysql
+    configure.env               CFLAGS="-L${prefix}/lib/percona/mysql"
+}
 livecheck.type      regex
 livecheck.url       ${homepage}snort-downloads
+livecheck.url       ${homepage}/downloads
 livecheck.regex     >${name}-(\[0-9.\]+)${extract.suffix}<

Download in other formats:

Original Format