source: trunk/dports/net/snort/Portfile

Last change on this file was 151665, checked in by mf2k@…, 11 months ago

snort: Add missing rules files from default snort.conf. (#46320)

  • Property svn:eol-style set to native
  • Property svn:keywords set to Id
File size: 8.8 KB
Line 
1# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4
2# $Id: Portfile 151665 2016-08-19 14:37:38Z ryandesign@macports.org $
3
4PortSystem 1.0
5
6name             snort
7version          2.9.8.3
8categories       net
9maintainers      nomaintainer
10license          GPL-2
11description      Open Source Network Intrusion Detection System
12long_description \
13    Snort is an open source network intrusion detection system, capable \
14    of performing real-time traffic analysis and packet logging on IP \
15    networks. It can perform protocol analysis, content \
16    searching/matching and can be used to detect a variety of attacks \
17    and probes, such as buffer overflows, stealth port scans, CGI \
18    attacks, SMB probes, OS fingerprinting attempts, and much more.
19homepage         https://www.snort.org/
20platforms        darwin freebsd
21master_sites     ${homepage}downloads/snort/
22
23checksums           rmd160  4fcd18bff69c8a80576ee08de76acef220a58fe9 \
24                    sha256  856d02ccec49fa30c920a1e416c47c0d62dd224340a614959ba5c03239100e6a
25
26depends_lib      port:daq \
27                 port:openssl
28
29#patchfiles       patch-src-strlcatu.h.diff patch-src-strlcpyu.h.diff
30
31add_users snort group=snort home=${prefix}/var/snort shell=/sbin/nologin realname=Snort\ user
32
33
34set if en1
35startupitem.create  yes
36startupitem.executable ${prefix}/bin/${name} -i ${if} -c ${prefix}/etc/snort/snort.conf -l ${prefix}/var/log/snort -u snort -g snort --pid-path ${prefix}/var/run
37startupitem.pidfile "${prefix}/var/run/snort_${if}.pid"
38#startupitem.start   "${prefix}/share/${name}/snort.sh"
39#startupitem.stop    "/bin/kill \$(cat ${prefix}/var/run/snort_*.pid)"
40
41destroot.asroot     yes
42post-destroot {
43# Copy the Snort database schemas
44#    xinstall -d -m 755 ${destroot}${prefix}/share/${name}/schemas
45#    eval xinstall -m 755 [glob ${worksrcpath}/schemas/create*] ${destroot}${prefix}/share/${name}/schemas
46
47# Copy Snort's etc/ files
48    xinstall -d -m 755 ${destroot}${prefix}/etc/${name}
49    xinstall {*}[glob ${worksrcpath}/etc/*.map] ${destroot}${prefix}/etc/${name}
50    xinstall {*}[glob ${worksrcpath}/etc/*.conf*] ${destroot}${prefix}/etc/${name}
51    xinstall -d -m 755 ${destroot}${prefix}/share/examples/${name}
52    file rename ${destroot}${prefix}/etc/${name}/snort.conf ${destroot}${prefix}/share/examples/${name}/snort.conf.dist
53
54# fix snort.conf.dist
55    reinplace "s|dynamicpreprocessor directory /usr/local/lib/snort_dynamicpreprocessor/|dynamicpreprocessor directory ${prefix}/lib/snort_dynamicpreprocessor/|g" ${destroot}${prefix}/share/examples/${name}/snort.conf.dist
56    reinplace "s|dynamicengine /usr/local/lib/snort_dynamicengine/libsf_engine.so|dynamicengine ${prefix}/lib/snort_dynamicengine/libsf_engine.dylib|g" ${destroot}${prefix}/share/examples/${name}/snort.conf.dist
57    reinplace "s|dynamicdetection directory /usr/local/lib/snort_dynamicrule/|dynamicdetection directory ${prefix}/lib/snort_dynamicrule/|g" ${destroot}${prefix}/share/examples/${name}/snort.conf.dist
58    reinplace "s|dynamicdetection file /usr/local/lib/snort_dynamicrule/libdynamicexamplerule.so|dynamicdetection file ${prefix}/lib/snort_dynamicrule/libdynamicexamplerule.dylib|g" ${destroot}${prefix}/share/examples/${name}/snort.conf.dist
59    reinplace "s|_LIST_PATH ../rules|_LIST_PATH ${prefix}/etc/snort|g" ${destroot}${prefix}/share/examples/${name}/snort.conf.dist
60
61    xinstall -d ${destroot}${prefix}/share/${name}
62    xinstall -m 755 ${filespath}/snort.sh \
63        ${destroot}${prefix}/share/${name}/snort.sh
64    reinplace "s|__PREFIX__|${prefix}|g" \
65        ${destroot}${prefix}/share/${name}/snort.sh
66
67    xinstall -d ${destroot}${prefix}/lib/snort_dynamicrules
68    destroot.keepdirs-append ${destroot}${prefix}/lib/snort_dynamicrules
69    reinplace "s|/usr/local/lib/snort_dynamicrules|${prefix}/lib/snort_dynamicrules|" \
70        ${destroot}${prefix}/share/examples/${name}/snort.conf.dist
71    reinplace "s|dynamicengine ${prefix}/lib/snort_dynamicengine/libsf_engine.dylib|dynamicengine ${prefix}/lib/snort_dynamicengine/libsf_engine.so|" \
72        ${destroot}${prefix}/share/examples/${name}/snort.conf.dist
73    xinstall -d ${destroot}${prefix}/etc/snort/rules
74    destroot.keepdirs-append ${destroot}${prefix}/etc/snort/rules
75    reinplace "s|var RULE_PATH ../rules|var RULE_PATH /rules|" \
76        ${destroot}${prefix}/share/examples/${name}/snort.conf.dist
77    xinstall -d -o snort ${destroot}${prefix}/var/log/snort
78    destroot.keepdirs-append ${destroot}${prefix}/var/log/snort
79}
80
81post-activate {
82    if ![file exists ${prefix}/etc/snort/snort.conf ] {
83        copy ${prefix}/share/examples/${name}/snort.conf.dist ${prefix}/etc/snort/snort.conf
84        system "touch ${prefix}/etc/snort/rules/local.rules"
85        system "touch ${prefix}/etc/snort/white_list.rules"
86        system "touch ${prefix}/etc/snort/black_list.rules"
87    }
88}
89
90notes "
91            ***** File locations *****
92
93The Snort database schemas -> ${prefix}/share/${name}/schemas
94The snort.conf sample file -> ${prefix}/share/examples/${name}/snort.conf.dist
95If it doesn't exist before, the sample config is copied to ${prefix}/etc/snort.conf
96
97NOTE: Make sure you do not change the location of the snort.conf file or the startup scripts will not be able to find it.
98
99*Please download rules from https://www.snort.org/downloads/#rule-downloads either manually or with oinkmaster.*
100Oinkmaster is the recommended way with regular updates.
101
102Change at least your HOME_NET in snort.conf and Validate your config with
103    $ snort -T -c ${prefix}/etc/snort/snort.conf
104
105By default ${prefix}/share/${name}/snort.sh is configured to listen only on ${if} interface.
106If you want to listen multiple interface, you need to start one snort instance per interface (or bond them)
107
108    $ grep 'Snort rules read' /var/log/system.log
109    $ egrep '^output' ${prefix}/etc/snort/snort.conf
110If you get empty touched logs, try also to set:
111    ipvar EXTERNAL_NET !\$HOME_NET
112instead of any
113
114You can test that snort is functioning by using these tools:
115ftp http://\$EXTERNAL_HOST/cmd.exe
116ftp http://lteo.net/cmd.exe
117http://testmyids.com
118nmap, IDSWakeup, pytbull, metasploit
119
120To use blacklist/whitelist, see
121http://blog.securitymonks.com/2009/07/19/blacklisting-with-snort/
122http://systemnoise.com/wordpress/?p=89
123http://labs.snort.org/iplists/
124
125"
126
127if {![variant_isset mysql51] && ![variant_isset mysql55] && ![variant_isset mariadb] && ![variant_isset percona] } {
128    default_variants +mysql56
129}
130
131variant mysql51 \
132    conflicts mysql55 mysql56 mariadb percona \
133    description "Enable MySQL 5.1 support" {
134
135    depends_lib-append          port:mysql51
136    configure.env-append        MYSQL_CONFIG=${prefix}/lib/mysql51/bin/mysql_config
137    configure.args-append   --with-mysql-includes=${prefix}/include/mysql51/mysql \
138                            --with-mysql-libraries=${prefix}/lib/mysql51/mysql
139    configure.env               CFLAGS="-L${prefix}/lib/mysql51/mysql"
140}
141
142variant mysql55 \
143    conflicts mysql51 mysql56 mariadb percona \
144    description "Enable MySQL 5.5 support" {
145
146    depends_lib-append          port:mysql55
147    configure.env-append        MYSQL_CONFIG=${prefix}/lib/mysql55/bin/mysql_config
148    configure.args-append   --with-mysql-includes=${prefix}/include/mysql55/mysql \
149                            --with-mysql-libraries=${prefix}/lib/mysql55/mysql
150    configure.env               CFLAGS="-L${prefix}/lib/mysql55/mysql"
151}
152
153variant mysql56 \
154    conflicts mysql51 mysql55 mariadb percona \
155    description "Enable MySQL 5.6 support" {
156
157    depends_lib-append          port:mysql56
158    configure.env-append        MYSQL_CONFIG=${prefix}/lib/mysql56/bin/mysql_config
159    configure.args-append   --with-mysql-includes=${prefix}/include/mysql56/mysql \
160                            --with-mysql-libraries=${prefix}/lib/mysql56/mysql
161    configure.env               CFLAGS="-L${prefix}/lib/mysql56/mysql"
162}
163
164variant mariadb \
165    conflicts mysql51 mysql55 mysql56 percona \
166    description "Enable MariaDB (MySQL) support" {
167
168    depends_lib-append          port:mariadb
169    configure.env-append        MYSQL_CONFIG=${prefix}/lib/mariadb/bin/mysql_config
170    configure.args-append   --with-mysql-includes=${prefix}/include/mariadb/mysql \
171                            --with-mysql-libraries=${prefix}/lib/mariadb/mysql
172    configure.env               CFLAGS="-L${prefix}/lib/mariadb/mysql"
173}
174
175variant percona \
176    conflicts mysql51 mysql55 mysql56 mariadb \
177    description "Enable Percona (MySQL) support" {
178    depends_lib-append          port:percona
179    configure.env-append        MYSQL_CONFIG=${prefix}/lib/percona/bin/mysql_config
180    configure.args-append   --with-mysql-includes=${prefix}/include/percona/mysql \
181                            --with-mysql-libraries=${prefix}/lib/percona/mysql
182    configure.env               CFLAGS="-L${prefix}/lib/percona/mysql"
183}
184
185livecheck.type      regex
186livecheck.url       ${homepage}downloads
187livecheck.regex     >${name}-(\[0-9.\]+)${extract.suffix}<
Note: See TracBrowser for help on using the repository browser.