OpenPKG Specs / annotate

snort/snort.spec@00e5f0537340 (annotated)

snort/snort.spec

Tue, 28 Aug 2012 18:31:50 +0200

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Tue, 28 Aug 2012 18:31:50 +0200
changeset 549
00e5f0537340
child 550
b663cfca750a
permissions
-rw-r--r--

Import package vendor original specs for necessary manipulations.

michael@549 1 ##
michael@549 2 ## snort.spec -- OpenPKG RPM Package Specification
michael@549 3 ## Copyright (c) 2000-2010 OpenPKG Foundation e.V. <http://openpkg.net/>
michael@549 4 ##
michael@549 5 ## Permission to use, copy, modify, and distribute this software for
michael@549 6 ## any purpose with or without fee is hereby granted, provided that
michael@549 7 ## the above copyright notice and this permission notice appear in all
michael@549 8 ## copies.
michael@549 9 ##
michael@549 10 ## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
michael@549 11 ## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
michael@549 12 ## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
michael@549 13 ## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
michael@549 14 ## CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
michael@549 15 ## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
michael@549 16 ## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
michael@549 17 ## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
michael@549 18 ## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
michael@549 19 ## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
michael@549 20 ## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
michael@549 21 ## SUCH DAMAGE.
michael@549 22 ##
michael@549 23
michael@549 24 # package version
michael@549 25 %define V_snort 2.8.6
michael@549 26 %define V_rules 2.4
michael@549 27 %define V_oinkmaster 2.0
michael@549 28
michael@549 29 # package information
michael@549 30 Name: snort
michael@549 31 Summary: Network Intrusion Detection System
michael@549 32 URL: http://www.snort.org/
michael@549 33 Vendor: B. Caswell, M. Roesch
michael@549 34 Packager: OpenPKG Foundation e.V.
michael@549 35 Distribution: OpenPKG Community
michael@549 36 Class: BASE
michael@549 37 Group: Monitoring
michael@549 38 License: GPL
michael@549 39 Version: %{V_snort}
michael@549 40 Release: 20100427
michael@549 41
michael@549 42 # package options
michael@549 43 %option with_fsl yes
michael@549 44 %option with_mysql no
michael@549 45 %option with_pgsql no
michael@549 46
michael@549 47 # list of sources
michael@549 48 Source0: http://dl.snort.org/snort-current/snort-%{V_snort}.tar.gz
michael@549 49 Source1: http://www.snort.org/pub-bin/downloads.cgi/Download/vrt_pr/snortrules-pr-%{V_rules}.tar.gz
michael@549 50 Source2: http://switch.dl.sourceforge.net/sourceforge/oinkmaster/oinkmaster-%{V_oinkmaster}.tar.gz
michael@549 51 Source3: snort.conf
michael@549 52 Source4: rc.snort
michael@549 53 Source5: fsl.snort
michael@549 54 Source6: snort-update.sh
michael@549 55 Patch0: snort.patch
michael@549 56
michael@549 57 # build information
michael@549 58 BuildPreReq: OpenPKG, openpkg >= 20100101, make, gcc
michael@549 59 PreReq: OpenPKG, openpkg >= 20100101, perl, perl-www, perl-sys, perl-comp
michael@549 60 BuildPreReq: libpcap, libnet, pcre
michael@549 61 PreReq: libpcap, libnet, pcre
michael@549 62 %if "%{with_fsl}" == "yes"
michael@549 63 BuildPreReq: fsl
michael@549 64 PreReq: fsl
michael@549 65 %endif
michael@549 66 %if "%{with_mysql}" == "yes"
michael@549 67 BuildPreReq: mysql
michael@549 68 PreReq: mysql
michael@549 69 %endif
michael@549 70 %if "%{with_pgsql}" == "yes"
michael@549 71 BuildPreReq: postgresql
michael@549 72 PreReq: postgresql
michael@549 73 %endif
michael@549 74
michael@549 75 %description
michael@549 76 Snort is an open source network intrusion detection system,
michael@549 77 capable of performing real-time traffic analysis and packet
michael@549 78 logging on IP networks. It can perform protocol analysis, content
michael@549 79 searching/matching and can be used to detect a variety of attacks
michael@549 80 and probes. Snort uses a flexible rules language to describe traffic
michael@549 81 that it should collect or pass, as well as a detection engine that
michael@549 82 utilizes a modular plugin architecture. Snort has a real-time
michael@549 83 alerting capability as well. Snort has three primary uses. It can be
michael@549 84 used as a straight packet sniffer like tcpdump(1), a packet logger
michael@549 85 (useful for network traffic debugging, etc), or as a full blown
michael@549 86 network intrusion detection system.
michael@549 87
michael@549 88 %track
michael@549 89 prog snort = {
michael@549 90 version = %{V_snort}
michael@549 91 url = http://www.snort.org/downloads
michael@549 92 regex = snort-(\d+\.\d+\.\d+(\.\d+)*)\.tar\.gz
michael@549 93 }
michael@549 94 prog snort:rules = {
michael@549 95 version = %{V_rules}
michael@549 96 url = http://www.snort.org/pub-bin/downloads.cgi
michael@549 97 regex = snortrules-pr-(\d+\.\d+)\.tar\.gz
michael@549 98 }
michael@549 99 prog snort:oinkmaster = {
michael@549 100 version = %{V_oinkmaster}
michael@549 101 url = http://sourceforge.net/projects/oinkmaster/files/
michael@549 102 regex = oinkmaster-(__VER__)\.tar\.gz
michael@549 103 }
michael@549 104
michael@549 105 %prep
michael@549 106 %setup -q
michael@549 107 %setup -q -D -T -a 2
michael@549 108 %patch -p0
michael@549 109 %{l_shtool} subst %{l_value -s -a} \
michael@549 110 src/snort.h
michael@549 111
michael@549 112 %build
michael@549 113 # configure program
michael@549 114 LIBS=""
michael@549 115 %if "%{with_pgsql}" == "yes"
michael@549 116 LIBS="$LIBS -lpq -lcrypt -lssl -lcrypto"
michael@549 117 %endif
michael@549 118 case "%{l_platform -t}" in
michael@549 119 *-sunos* ) LIBS="$LIBS -lresolv" ;;
michael@549 120 esac
michael@549 121 CC="%{l_cc}" \
michael@549 122 CFLAGS="%{l_cflags -O}" \
michael@549 123 CPPFLAGS="%{l_cppflags}" \
michael@549 124 LDFLAGS="%{l_ldflags} %{l_fsl_ldflags}" \
michael@549 125 LIBS="$LIBS %{l_fsl_libs}" \
michael@549 126 ./configure \
michael@549 127 --prefix=%{l_prefix} \
michael@549 128 --sysconfdir=%{l_prefix}/etc/snort \
michael@549 129 %if "%{with_mysql}" == "yes"
michael@549 130 --with-mysql=%{l_prefix} \
michael@549 131 %else
michael@549 132 --without-mysql \
michael@549 133 %endif
michael@549 134 %if "%{with_pgsql}" == "yes"
michael@549 135 --with-postgresql=%{l_prefix} \
michael@549 136 %else
michael@549 137 --without-postgresql \
michael@549 138 %endif
michael@549 139 --with-libpcap-includes=%{l_prefix}/include \
michael@549 140 --with-libpcap-libraries=%{l_prefix}/lib \
michael@549 141 --with-libnet-includes=%{l_prefix}/include \
michael@549 142 --with-libnet-libraries=%{l_prefix}/lib \
michael@549 143 --with-libpcre-includes=%{l_prefix}/include \
michael@549 144 --with-libpcre-libraries=%{l_prefix}/lib \
michael@549 145 --enable-perfmonitor
michael@549 146
michael@549 147 # build program
michael@549 148 %{l_make} %{l_mflags}
michael@549 149
michael@549 150 %install
michael@549 151 # create installation hierarchy
michael@549 152 rm -rf $RPM_BUILD_ROOT
michael@549 153 %{l_shtool} mkdir -f -p -m 755 \
michael@549 154 $RPM_BUILD_ROOT%{l_prefix}/sbin \
michael@549 155 $RPM_BUILD_ROOT%{l_prefix}/man/man8 \
michael@549 156 $RPM_BUILD_ROOT%{l_prefix}/etc/fsl \
michael@549 157 $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d \
michael@549 158 $RPM_BUILD_ROOT%{l_prefix}/etc/snort \
michael@549 159 $RPM_BUILD_ROOT%{l_prefix}/share/snort \
michael@549 160 $RPM_BUILD_ROOT%{l_prefix}/var/snort/rules \
michael@549 161 $RPM_BUILD_ROOT%{l_prefix}/var/snort/tmp
michael@549 162
michael@549 163 # install program and manual page
michael@549 164 %{l_shtool} install -c -s -m 755 \
michael@549 165 src/snort $RPM_BUILD_ROOT%{l_prefix}/sbin/
michael@549 166 %{l_shtool} install -c -m 644 \
michael@549 167 snort.8 $RPM_BUILD_ROOT%{l_prefix}/man/man8/
michael@549 168
michael@549 169 # install default configuration
michael@549 170 %{l_shtool} install -c -m 644 %{l_value -s -a} \
michael@549 171 %{SOURCE snort.conf} $RPM_BUILD_ROOT%{l_prefix}/etc/snort/
michael@549 172
michael@549 173 # install default ruleset tarball
michael@549 174 %{l_shtool} install -c -m 644 \
michael@549 175 %{SOURCE snortrules-pr-%{V_rules}.tar.gz} \
michael@549 176 $RPM_BUILD_ROOT%{l_prefix}/share/snort/rules.tar.gz
michael@549 177
michael@549 178 # install run-command script
michael@549 179 %{l_shtool} install -c -m 755 %{l_value -s -a} \
michael@549 180 %{SOURCE rc.snort} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/
michael@549 181
michael@549 182 # install OSSP fsl configuration
michael@549 183 %{l_shtool} install -c -m 644 %{l_value -s -a} \
michael@549 184 %{SOURCE fsl.snort} $RPM_BUILD_ROOT%{l_prefix}/etc/fsl/
michael@549 185
michael@549 186 # install optional/additional files
michael@549 187 %if "%{with_mysql}" == "yes"
michael@549 188 %{l_shtool} install -c -m 644 \
michael@549 189 schemas/create_mysql \
michael@549 190 $RPM_BUILD_ROOT%{l_prefix}/share/snort/
michael@549 191 %endif
michael@549 192 %if "%{with_pgsql}" == "yes"
michael@549 193 %{l_shtool} install -c -m 644 \
michael@549 194 schemas/create_postgresql \
michael@549 195 $RPM_BUILD_ROOT%{l_prefix}/share/snort/
michael@549 196 %endif
michael@549 197
michael@549 198 # install oinkmaster utility
michael@549 199 ( cd oinkmaster-%{V_oinkmaster}
michael@549 200 %{l_shtool} install -c -m 755 \
michael@549 201 -e 's;#!/usr/bin/perl;#!%{l_prefix}/bin/perl;g' \
michael@549 202 -e 's;/etc/oinkmaster\.conf;%{l_prefix}/etc/snort/oinkmaster.conf;' \
michael@549 203 oinkmaster.pl $RPM_BUILD_ROOT%{l_prefix}/sbin/oinkmaster
michael@549 204 %{l_shtool} install -c -m 644 \
michael@549 205 oinkmaster.1 $RPM_BUILD_ROOT%{l_prefix}/man/man8/oinkmaster.8
michael@549 206 %{l_shtool} install -c -m 644 \
michael@549 207 -e 's;^\(path = \);\1%{l_prefix}/bin:;' \
michael@549 208 -e 's;^# tmpdir = /home/oinkmaster/tmp/;tmpdir = %{l_prefix}/var/snort/tmp;' \
michael@549 209 -e 's;^\(use_external_bins = 0\);\1;' \
michael@549 210 -e 's;^\(skipfile snort\.conf\);# \1;' \
michael@549 211 oinkmaster.conf $RPM_BUILD_ROOT%{l_prefix}/etc/snort/
michael@549 212 ) || exit $?
michael@549 213
michael@549 214 # install rule update utility
michael@549 215 %{l_shtool} install -c -m 755 %{l_value -s -a} \
michael@549 216 -e 's;@V_rules@;%{V_rules};g' \
michael@549 217 %{SOURCE snort-update.sh} \
michael@549 218 $RPM_BUILD_ROOT%{l_prefix}/sbin/snort-update
michael@549 219
michael@549 220 # determine installation files
michael@549 221 %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
michael@549 222 %{l_files_std} \
michael@549 223 '%config %{l_prefix}/etc/fsl/*' \
michael@549 224 '%config %{l_prefix}/etc/snort/*' \
michael@549 225 '%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/snort' \
michael@549 226 '%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/snort/rules' \
michael@549 227 '%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/snort/tmp'
michael@549 228
michael@549 229 %files -f files
michael@549 230
michael@549 231 %clean
michael@549 232
michael@549 233 %post
michael@549 234 if [ $1 -eq 1 ]; then
michael@549 235 # display final hints on initial installation
michael@549 236 ( echo "Before starting Snort IDS, please set the configuration variable"
michael@549 237 echo "\"snort_if\" in $RPM_INSTALL_PREFIX/etc/rc.conf to the name of the"
michael@549 238 echo "used network interface."
michael@549 239 ) | %{l_rpmtool} msg -b -t notice
michael@549 240 ( echo "To use Snort as an IDS, its rules HAVE to be ALWAYS up to date."
michael@549 241 echo "But this package just ships with the latest PUBLIC version of the"
michael@549 242 echo "\"Sourcefire VRT Certified Rules\" for UNREGISTERED Snort users."
michael@549 243 echo "This means your rules are NOT covering the latest known attacks."
michael@549 244 echo ""
michael@549 245 echo "Hence, we strongly recommend to become at least a REGISTERED Snort"
michael@549 246 echo "user (see http://www.snort.org/ for details). This way you receive"
michael@549 247 echo "a so-called \"oinkcode\" (a sequence of 40 hexadecimal numbers)"
michael@549 248 echo "which you can configure in the file"
michael@549 249 echo " $RPM_INSTALL_PREFIX/etc/rc.conf"
michael@549 250 echo "via the directives"
michael@549 251 echo " snort_update_time=\"daily\""
michael@549 252 echo " snort_update_source=\"oinkcode:XXXX...\""
michael@549 253 echo "to update your Snort rules in"
michael@549 254 echo " $RPM_INSTALL_PREFIX/var/snort/rules/"
michael@549 255 echo "automatically once per day with the latest version of the"
michael@549 256 echo "\"Sourcefire VRT Certified Rules\" for REGISTERED Snort users."
michael@549 257 ) | %{l_rpmtool} msg -b -t notice
michael@549 258 fi
michael@549 259
michael@549 260 # trigger a ruleset update
michael@549 261 snort_update_source=`%{l_rc} -q snort_update_source`
michael@549 262 if [ ".$snort_update_source" != . ]; then
michael@549 263 su - %{l_rusr} -c "$RPM_INSTALL_PREFIX/sbin/snort-update \"$snort_update_source\""
michael@549 264 fi
michael@549 265
michael@549 266 # after upgrade, restart service
michael@549 267 [ $1 -eq 2 ] || exit 0
michael@549 268 eval `%{l_rc} snort status 2>/dev/null`
michael@549 269 [ ".$snort_active" = .yes ] && %{l_rc} snort restart
michael@549 270 exit 0
michael@549 271
michael@549 272 %preun
michael@549 273 # before erase, stop service and remove log files
michael@549 274 [ $1 -eq 0 ] || exit 0
michael@549 275 %{l_rc} snort stop 2>/dev/null
michael@549 276 rm -f $RPM_INSTALL_PREFIX/var/snort/*.pid >/dev/null 2>&1 || true
michael@549 277 rm -f $RPM_INSTALL_PREFIX/var/snort/*.log >/dev/null 2>&1 || true
michael@549 278 rm -f $RPM_INSTALL_PREFIX/var/snort/*.cap >/dev/null 2>&1 || true
michael@549 279 rm -f $RPM_INSTALL_PREFIX/var/snort/rules/* >/dev/null 2>&1 || true
michael@549 280 rm -f $RPM_INSTALL_PREFIX/var/snort/tmp/* >/dev/null 2>&1 || true
michael@549 281 exit 0
michael@549 282

Mercurial Repository: OpenPKG Specs

Europalab SCM Repository Server

mercurial