diff options
-rw-r--r-- | network/snort/README | 16 | ||||
-rw-r--r-- | network/snort/README.SLACKWARE | 48 | ||||
-rw-r--r-- | network/snort/doinst.sh | 29 | ||||
-rw-r--r-- | network/snort/rc.snort | 53 | ||||
-rw-r--r-- | network/snort/slack-desc | 19 | ||||
-rw-r--r-- | network/snort/snort.SlackBuild | 128 | ||||
-rw-r--r-- | network/snort/snort.info | 10 |
7 files changed, 0 insertions, 303 deletions
diff --git a/network/snort/README b/network/snort/README deleted file mode 100644 index 52132b6ce9..0000000000 --- a/network/snort/README +++ /dev/null @@ -1,16 +0,0 @@ -Snort is an open source network intrusion detection and prevention system. It -is capable of performing real-time traffic analysis, alerting, blocking and -packet logging on IP networks. It utilizes a combination of protocol analysis -and pattern matchingin order to detect a anomalies, misuse and attacks. -Snort uses a flexible rules language to describe activity that can be considered -malicious or anomalous as well as an analysis engine that incorporates a modular -plugin architecture. Snort is capable of detecting and responding in real-time, -sending alerts, performing session sniping, logging packets, or dropping -sessions/packets when deployed in-line. - -Snort has three primary functional modes. It can be used as a packet sniffer -like tcpdump(1), a packet logger (useful for network traffic debugging, etc), -or as a full blown network intrusion detection and prevention system. - -Note that --libdir seems to be ignored on Slackware64; libraries are installed -to /usr/lib anyway. diff --git a/network/snort/README.SLACKWARE b/network/snort/README.SLACKWARE deleted file mode 100644 index 05fa4f438e..0000000000 --- a/network/snort/README.SLACKWARE +++ /dev/null @@ -1,48 +0,0 @@ -Snort has three primary functional modes. It can be used as a packet sniffer -like tcpdump(1), a packet logger (useful for network traffic debugging, etc), -or as a full blown network intrusion detection and prevention system. - -Please read the snort_manual.pdf file that should be included with this -distribution for full documentation on the program as well as a guide to -getting started. - -This package builds a very basic snort implimentation useful for monitoring -traffic as an IDS or packet logger and as a sort of improved tcpdump (which -is what I use it for). MySQL support is included, so you should have little -trouble hooking snort up to a database or ACID. For more information on -these, check out snort's homepage at: - - http://www.snort.org/ - http://www.snort.org/docs/ - -snort.org has a nasty habit of changing the location of their source -code, which means there's no garauntee that the link in snort.info is -correct. If you can't get that link to work, look for the source code at: - - http://www.snort.org/dl/old/ - -In order for Snort to function properly, you need to provide rule files. -I recommend registering for free at http://www.snorg.org so you can get these -files. Once you have done that, go to http://snort.org/pub-bin/downloads.cgi -and get the latest 2.8 series VRT Certified Rules. You need to untar this -file and place follow files from etc in the tarball in to your /etc/snort -directory : - -generators -gen-msg.map -sid -sid-msg.map - -If you are going to use a front end like Base, you should copy the -dog/signatures directory from the tarball in to -/usr/doc/snort-$VERSION/ . Last, but certainly not least, you must -copy the contents of the rules/ directory in the tarball to -/etc/snort/rules/ . After you've done this, you can safely restart -snort or send a HUP to snort to reload the files (killall -HUP snort). - -A rc.snort file has been included for your convenience, but it needs to be -added to your init script of choice to run on boot. You should modify the -variables in /etc/rc.d/rc.snort to reflect the interface you want to monitor. -This Slackbuild is no longer maintained by Alan Hicks, but rather me -(Thomas York), so email me instead if you have any questions. - --Thomas York (straterra@fuhell.com) diff --git a/network/snort/doinst.sh b/network/snort/doinst.sh deleted file mode 100644 index fa5bf4b741..0000000000 --- a/network/snort/doinst.sh +++ /dev/null @@ -1,29 +0,0 @@ -config() { - NEW="$1" - OLD="$(dirname $NEW)/$(basename $NEW .new)" - # If there's no config file by that name, mv it over: - if [ ! -r $OLD ]; then - mv $NEW $OLD - elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy - rm $NEW - fi - # Otherwise, we leave the .new copy for the admin to consider... -} - -# Keep same perms on rc.snort.new: -if [ -e etc/rc.d/rc.snort ]; then - cp -a etc/rc.d/rc.snort etc/rc.d/rc.snort.new.incoming - cat etc/rc.d/rc.snort.new > etc/rc.d/rc.snort.new.incoming - mv etc/rc.d/rc.snort.new.incoming etc/rc.d/rc.snort.new -fi - -config etc/rc.d/rc.snort.new -config etc/snort/snort.conf.new -config etc/snort/reference.config.new -config etc/snort/threshold.conf.new -config etc/snort/attribute_table.dtd.new -config etc/snort/classification.config.new -config etc/snort/gen-msg.map.new -config etc/snort/sid-msg.map.new -config etc/snort/unicode.map.new - diff --git a/network/snort/rc.snort b/network/snort/rc.snort deleted file mode 100644 index d91941e822..0000000000 --- a/network/snort/rc.snort +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/sh -# Start/stop/restart snort - -# This tell snort which interface to listen on (any for every interface) -IFACE=${IFACE:-any} - -# Make sure this matches your IFACE -PIDFILE=/var/run/snort_$IFACE.pid - -# You probably don't want to change this, but in case you do -LOGDIR="/var/log/snort" - -# Probably not this either -CONF=/etc/snort/snort.conf - -# Start snort: -snort_start() { - CMDLINE="/usr/bin/snort -d -D -i $IFACE" - echo -n "Starting Snort daemon: $CMDLINE" - $CMDLINE --pid-path /var/run --create-pidfile -l $LOGDIR -c $CONF - echo -} - -# Stop snort: -snort_stop() { - echo -n "Stopping Snort daemon ($IFACE)..." - kill $(cat $PIDFILE) - echo - sleep 1 - rm -f $PIDFILE -} - -# Restart snort: -snort_restart() { - snort_stop - sleep 1 - snort_start -} - -case "$1" in -'start') - snort_start - ;; -'stop') - snort_stop - ;; -'restart') - snort_restart - ;; -*) - echo "usage $0 start|stop|restart" -esac - diff --git a/network/snort/slack-desc b/network/snort/slack-desc deleted file mode 100644 index 4d2f8cc2c8..0000000000 --- a/network/snort/slack-desc +++ /dev/null @@ -1,19 +0,0 @@ -# HOW TO EDIT THIS FILE: -# The "handy ruler" below makes it easier to edit a package description. Line -# up the first '|' above the ':' following the base package name, and the '|' -# on the right side marks the last column you can put a character in. You must -# make exactly 11 lines for the formatting to be correct. It's also -# customary to leave one space after the ':'. - - |-------handy-ruler-----------------------------------------------------| -snort: Snort (Intrusion Detection and Prevention System) -snort: -snort: Snort is an open source network intrusion detection and prevention -snort: system. It is capable of performing real-time traffic analysis, -snort: alerting, blocking and packet logging on IP networks. It utilizes a -snort: combination of protocol analysis and pattern matchingin order to -snort: detect anomalies, misuse and attacks. -snort: Snort is capable of detecting and responding in real-time, sending -snort: alerts, performing session sniping, logging packets, or dropping -snort: sessions/packets when deployed in-line. -snort: diff --git a/network/snort/snort.SlackBuild b/network/snort/snort.SlackBuild deleted file mode 100644 index 5f234dbf66..0000000000 --- a/network/snort/snort.SlackBuild +++ /dev/null @@ -1,128 +0,0 @@ -#!/bin/sh - -# Copyright 2006-2009, Alan Hicks, Lizella, GA, -# Copyright 2009, Thomas York, Beech Grove, In. -# All rights reserved. -# -# Redistribution and use of this script, with or without modification, is -# permitted provided that the following conditions are met: -# -# 1. Redistributions of this script must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED -# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO -# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; -# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR -# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF -# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -# Modified by the SlackBuilds.org project - -PRGNAM=snort -VERSION=2.8.4.1 -ARCH=${ARCH:-i486} -BUILD=${BUILD:-1} -TAG=${TAG:-_SBo} - -CWD=$(pwd) -TMP=${TMP:-/tmp/SBo} -PKG=$TMP/package-$PRGNAM -OUTPUT=${OUTPUT:-/tmp} - -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" - LIBDIRSUFFIX="" -elif [ "$ARCH" = "i686" ]; then - SLKCFLAGS="-O2 -march=i686 -mtune=i686" - LIBDIRSUFFIX="" -elif [ "$ARCH" = "x86_64" ]; then - SLKCFLAGS="-O2 -fPIC" - LIBDIRSUFFIX="64" -fi - -set -e - -rm -rf $PKG -mkdir -p $TMP $PKG $OUTPUT -cd $TMP -rm -rf $PRGNAM-$VERSION -tar xvf $CWD/$PRGNAM-$VERSION.tar.gz -cd $PRGNAM-$VERSION - -chown -R root:root . -find . \ - \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ - -exec chmod 755 {} \; -o \ - \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ - -exec chmod 644 {} \; - -CFLAGS="$SLKCFLAGS" \ -CXXFLAGS="$SLKCFLAGS" \ -./configure \ - --prefix=/usr \ - --libdir=/usr/lib${LIBDIRSUFFIX} \ - --sysconfdir=/etc \ - --mandir=/usr/man \ - --localstatedir=/var \ - --docdir=/usr/doc/$PRGNAM-$VERSION \ - --enable-pthread \ - --enable-linux-smp-stats \ - --with-mysql-libraries=/usr/lib${LIBDIRSUFFIX}/mysql \ - --with-mysql-includes=/usr/include/mysql \ - --build=$ARCH-slackware-linux - -make -make install-strip DESTDIR=$PKG - -( cd $PKG/usr/man - find . -type f -exec gzip -9 {} \; - for i in $(find . -type l) ; do ln -s $(readlink $i).gz $i.gz ; rm $i ; done -) - -# Set up a sane config directory - snort won't do this on its own -mkdir -p $PKG/etc/$PRGNAM -# Fix paths for libraries in snort.conf -sed -e 's%usr/local%usr%g' etc/snort.conf > $PKG/etc/snort/snort.conf.new -cat etc/threshold.conf > $PKG/etc/snort/threshold.conf.new -cat etc/reference.config > $PKG/etc/snort/reference.config.new -cat etc/classification.config > $PKG/etc/snort/classification.config.new -cat etc/attribute_table.dtd > $PKG/etc/snort/attribute_table.dtd.new -cat etc/gen-msg.map > $PKG/etc/snort/gen-msg.map.new -cat etc/sid-msg.map > $PKG/etc/snort/sid-msg.map.new -cat etc/unicode.map > $PKG/etc/snort/unicode.map.new - -# Create default, empty directory for rules -mkdir -p $PKG/etc/snort/rules -mkdir -p $PKG/etc/snort/preproc_rules - -# Include the rc.snort file -mkdir -p $PKG/etc/rc.d -cat $CWD/rc.snort > $PKG/etc/rc.d/rc.snort.new -chmod 0755 $PKG/etc/rc.d/rc.snort.new - -# Create directory for logging -mkdir -p $PKG/var/log/snort - -# Bundle the SQL schemas and install the docs -mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION/schemas -for file in schemas/create_*; do - cat $file > $PKG/usr/doc/$PRGNAM-$VERSION/$file -done -cp -a COPYING ChangeLog LICENSE RELEASE.NOTES doc/* \ - $PKG/usr/doc/$PRGNAM-$VERSION -cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild -cat $CWD/README.SLACKWARE > $PKG/usr/doc/$PRGNAM-$VERSION/README.SLACKWARE -find $PKG/usr/doc -name "Makefile*" -exec rm -f {} \; -rm -rf $PKG/usr/share - -mkdir -p $PKG/install -cat $CWD/slack-desc > $PKG/install/slack-desc -cat $CWD/doinst.sh > $PKG/install/doinst.sh - -cd $PKG -/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz} diff --git a/network/snort/snort.info b/network/snort/snort.info deleted file mode 100644 index db2fd4fda1..0000000000 --- a/network/snort/snort.info +++ /dev/null @@ -1,10 +0,0 @@ -PRGNAM="snort" -VERSION="2.8.4.1" -HOMEPAGE="http://www.snort.org/" -DOWNLOAD="http://dl.snort.org/snort-current/snort-2.8.4.1.tar.gz" -MD5SUM="63f4e76ae96a2d133f4c7b741bad5458" -DOWNLOAD_x86_64="" -MD5SUM_x86_64="" -MAINTAINER="Thomas_York" -EMAIL="straterra@fuhell.com" -APPROVED="rworkman" |