changeset
Import package vendor original specs for necessary manipulations.
Tue, 28 Aug 2012 18:31:50 +0200
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Tue, 28 Aug 2012 18:31:50 +0200
- changeset 549
- 00e5f0537340
- parent 548
- efb4f295e1cf
- child 550
- b663cfca750a
Import package vendor original specs for necessary manipulations.
| snort/fsl.snort | file | annotate | diff | comparison | revisions | |
| snort/rc.snort | file | annotate | diff | comparison | revisions | |
| snort/snort-update.sh | file | annotate | diff | comparison | revisions | |
| snort/snort.conf | file | annotate | diff | comparison | revisions | |
| snort/snort.patch | file | annotate | diff | comparison | revisions | |
| snort/snort.spec | file | annotate | diff | comparison | revisions |
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/snort/fsl.snort Tue Aug 28 18:31:50 2012 +0200 1.3 @@ -0,0 +1,16 @@ 1.4 +## 1.5 +## fsl.snort -- OSSP fsl configuration 1.6 +## 1.7 + 1.8 +ident (snort)/.+ q{ 1.9 + prefix( 1.10 + prefix="%b %d %H:%M:%S %N <%L> $1[%P]: " 1.11 + ) 1.12 + -> { 1.13 + debug: file( 1.14 + path="@l_prefix@/var/snort/snort.log", 1.15 + perm=0644 1.16 + ) 1.17 + } 1.18 +}; 1.19 +
2.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 2.2 +++ b/snort/rc.snort Tue Aug 28 18:31:50 2012 +0200 2.3 @@ -0,0 +1,92 @@ 2.4 +#!@l_prefix@/bin/openpkg rc 2.5 +## 2.6 +## rc.snort -- Run-Commands 2.7 +## 2.8 + 2.9 +%config 2.10 + snort_enable="$openpkg_rc_def" 2.11 + snort_if="" 2.12 + snort_flags="-N -Afast -o" 2.13 + snort_log_prolog="true" 2.14 + snort_log_epilog="true" 2.15 + snort_log_numfiles="10" 2.16 + snort_log_minsize="1M" 2.17 + snort_log_complevel="9" 2.18 + snort_update_time="once" 2.19 + snort_update_source="file://@l_prefix@/share/snort/rules.tar.gz" 2.20 + 2.21 +%common 2.22 + snort_cfgfile="@l_prefix@/etc/snort/snort.conf" 2.23 + snort_logdir="@l_prefix@/var/snort" 2.24 + snort_piddir="@l_prefix@/var/snort" 2.25 + snort_pidfile="$snort_piddir/snort_${snort_if}.pid" 2.26 + snort_signal () { 2.27 + [ -f $snort_pidfile ] && kill -$1 `cat $snort_pidfile` 2.28 + } 2.29 + snort_update () { 2.30 + @l_prefix@/sbin/snort-update "$snort_update_source" 2.31 + } 2.32 + 2.33 +%status -u @l_susr@ -o 2.34 + snort_usable="no" 2.35 + snort_active="no" 2.36 + @l_prefix@/sbin/snort \ 2.37 + -q -T \ 2.38 + -u "@l_rusr@" -g "@l_rgrp@" \ 2.39 + -i "$snort_if" \ 2.40 + -c "$snort_cfgfile" \ 2.41 + -l "$snort_logdir" \ 2.42 + >/dev/null 2>&1 && snort_usable="yes" 2.43 + [ ".$snort_if" = . ] && snort_usable="no" 2.44 + rcService snort enable yes && snort_signal 0 && snort_active="yes" 2.45 + echo "snort_enable=\"$snort_enable\"" 2.46 + echo "snort_usable=\"$snort_usable\"" 2.47 + echo "snort_active=\"$snort_active\"" 2.48 + 2.49 +%start -p 100 -u @l_susr@ 2.50 + rcService snort enable yes || exit 0 2.51 + rcService snort active yes && exit 0 2.52 + @l_prefix@/sbin/snort \ 2.53 + -q -D \ 2.54 + -u "@l_rusr@" -g "@l_rgrp@" \ 2.55 + -i "$snort_if" \ 2.56 + -c "$snort_cfgfile" \ 2.57 + -l "$snort_logdir" \ 2.58 + ${snort_flags} 2.59 + 2.60 +%stop -p 900 -u @l_susr@ 2.61 + rcService snort enable yes || exit 0 2.62 + rcService snort active no && exit 0 2.63 + snort_signal TERM 2.64 + sleep 2 2.65 + rm -f $snort_pidfile 2>/dev/null || true 2.66 + 2.67 +%restart -p 100 -u @l_susr@ 2.68 + rcService snort enable yes || exit 0 2.69 + rcService snort active no && exit 0 2.70 + rc snort stop start 2.71 + 2.72 +%hourly -u @l_rusr@ 2.73 + rcService snort enable yes || exit 0 2.74 + if [ ".$snort_update_time" = .hourly ]; then 2.75 + snort_update || exit $? 2.76 + fi 2.77 + 2.78 +%daily -u @l_rusr@ 2.79 + rcService snort enable yes || exit 0 2.80 + if [ ".$snort_update_time" = .daily ]; then 2.81 + snort_update || exit $? 2.82 + fi 2.83 + shtool rotate -f \ 2.84 + -n ${snort_log_numfiles} -s ${snort_log_minsize} -d \ 2.85 + -z ${snort_log_complevel} -m 644 -o @l_rusr@ -g @l_rgrp@ \ 2.86 + -P "${snort_log_prolog}" \ 2.87 + -E "${snort_log_epilog}; rc snort reload" \ 2.88 + $snort_logdir/snort.alert.log 2.89 + 2.90 +%weekly -u @l_rusr@ 2.91 + rcService snort enable yes || exit 0 2.92 + if [ ".$snort_update_time" = .weekly ]; then 2.93 + snort_update || exit $? 2.94 + fi 2.95 +
3.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 3.2 +++ b/snort/snort-update.sh Tue Aug 28 18:31:50 2012 +0200 3.3 @@ -0,0 +1,43 @@ 3.4 +#!/bin/sh 3.5 +## 3.6 +## snort-update.sh -- Snort Rule Updating Utility 3.7 +## Copyright (c) 2005-2007 Ralf S. Engelschall <rse@engelschall.com> 3.8 +## 3.9 + 3.10 +# command line parameters 3.11 +url="$1" 3.12 +if [ ".$url" = . ]; then 3.13 + echo "USAGE: $0 <url>" 1>&2 3.14 + exit 1 3.15 +fi 3.16 + 3.17 +# configuration 3.18 +rulesdir="@l_prefix@/var/snort/rules" 3.19 +tmpdir="@l_prefix@/var/snort/tmp" 3.20 +oinkmaster="@l_prefix@/sbin/oinkmaster" 3.21 +logfile="@l_prefix@/var/snort/oinkmaster.log" 3.22 +statsfile="@l_prefix@/var/snort/snort.stats" 3.23 + 3.24 +# parameter post-processing 3.25 +url=`echo "$url" |\ 3.26 + sed -e 's;^oinkcode:\(.*\)$;http://www.snort.org/pub-bin/oinkmaster.cgi/\1/snortrules-snapshot-@V_rules@.tar.gz;' \ 3.27 + -e 's;^\(/.*\)$;file://\1;'` 3.28 + 3.29 +# ruleset updating 3.30 +( echo "++ SNORT-UPDATE START (`date`)" 3.31 + echo "++ Update URL: \"$url\"" 3.32 + $oinkmaster -q -o $rulesdir -u $url 3.33 + if [ ! -f $rulesdir/local.rules ]; then 3.34 + touch $rulesdir/local.rules 3.35 + fi 3.36 + @l_prefix@/lib/openpkg/shtool subst \ 3.37 + -e 's;\(var HOME_NET\) any;\1 $(HOME_NET:-any);' \ 3.38 + -e 's;\(var EXTERNAL_NET\) any;\1 $(EXTERNAL_NET:-any);' \ 3.39 + -e 's; \([^ /]*\.map\); $(RULE_PATH)/\1;' \ 3.40 + -e 's; \([^ /]*\.config\); $(RULE_PATH)/\1;' \ 3.41 + -e "s;\\(var RULE_PATH\\).*;\\1 \$(RULE_PATH:-$rulesdir);" \ 3.42 + -e "s;/var/snort/snort\.stats;$statsfile;" \ 3.43 + $rulesdir/snort.conf 3.44 + echo "++ SNORT-UPDATE END (`date`)" 3.45 +) >>$logfile 2>&1 3.46 +
4.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 4.2 +++ b/snort/snort.conf Tue Aug 28 18:31:50 2012 +0200 4.3 @@ -0,0 +1,22 @@ 4.4 +## 4.5 +## snort.conf -- Snort Daemon Configuration 4.6 +## 4.7 + 4.8 +# common variables 4.9 +var VAR_PATH @l_prefix@/var/snort 4.10 +var RULE_PATH $VAR_PATH/rules 4.11 + 4.12 +# output selection 4.13 +config alertfile: $VAR_PATH/snort.alert.log 4.14 +output alert_fast: $VAR_PATH/snort.alert.log 4.15 +#output log_tcpdump: $VAR_PATH/snort.alert.cap 4.16 + 4.17 +# configuration parameters 4.18 +config show_year 4.19 +config order: alert pass log 4.20 + 4.21 +# load snort rules configuration 4.22 +var HOME_NET any 4.23 +var EXTERNAL_NET any 4.24 +include $RULE_PATH/snort.conf 4.25 +
5.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 5.2 +++ b/snort/snort.patch Tue Aug 28 18:31:50 2012 +0200 5.3 @@ -0,0 +1,12 @@ 5.4 +Index: src/snort.h 5.5 +--- src/snort.h.orig 2009-09-14 21:12:14 +0200 5.6 ++++ src/snort.h 2009-09-19 09:27:59 +0200 5.7 +@@ -92,7 +92,7 @@ 5.8 + #define RF_ANY_FLAGS 0x20 5.9 + 5.10 + #ifndef WIN32 5.11 +-# define DEFAULT_LOG_DIR "/var/log/snort" 5.12 ++# define DEFAULT_LOG_DIR "@l_prefix@/var/snort" 5.13 + # define DEFAULT_DAEMON_ALERT_FILE "alert" 5.14 + #else 5.15 + # define DEFAULT_LOG_DIR "log"
6.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 6.2 +++ b/snort/snort.spec Tue Aug 28 18:31:50 2012 +0200 6.3 @@ -0,0 +1,282 @@ 6.4 +## 6.5 +## snort.spec -- OpenPKG RPM Package Specification 6.6 +## Copyright (c) 2000-2010 OpenPKG Foundation e.V. <http://openpkg.net/> 6.7 +## 6.8 +## Permission to use, copy, modify, and distribute this software for 6.9 +## any purpose with or without fee is hereby granted, provided that 6.10 +## the above copyright notice and this permission notice appear in all 6.11 +## copies. 6.12 +## 6.13 +## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED 6.14 +## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 6.15 +## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 6.16 +## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR 6.17 +## CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 6.18 +## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 6.19 +## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF 6.20 +## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 6.21 +## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 6.22 +## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 6.23 +## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 6.24 +## SUCH DAMAGE. 6.25 +## 6.26 + 6.27 +# package version 6.28 +%define V_snort 2.8.6 6.29 +%define V_rules 2.4 6.30 +%define V_oinkmaster 2.0 6.31 + 6.32 +# package information 6.33 +Name: snort 6.34 +Summary: Network Intrusion Detection System 6.35 +URL: http://www.snort.org/ 6.36 +Vendor: B. Caswell, M. Roesch 6.37 +Packager: OpenPKG Foundation e.V. 6.38 +Distribution: OpenPKG Community 6.39 +Class: BASE 6.40 +Group: Monitoring 6.41 +License: GPL 6.42 +Version: %{V_snort} 6.43 +Release: 20100427 6.44 + 6.45 +# package options 6.46 +%option with_fsl yes 6.47 +%option with_mysql no 6.48 +%option with_pgsql no 6.49 + 6.50 +# list of sources 6.51 +Source0: http://dl.snort.org/snort-current/snort-%{V_snort}.tar.gz 6.52 +Source1: http://www.snort.org/pub-bin/downloads.cgi/Download/vrt_pr/snortrules-pr-%{V_rules}.tar.gz 6.53 +Source2: http://switch.dl.sourceforge.net/sourceforge/oinkmaster/oinkmaster-%{V_oinkmaster}.tar.gz 6.54 +Source3: snort.conf 6.55 +Source4: rc.snort 6.56 +Source5: fsl.snort 6.57 +Source6: snort-update.sh 6.58 +Patch0: snort.patch 6.59 + 6.60 +# build information 6.61 +BuildPreReq: OpenPKG, openpkg >= 20100101, make, gcc 6.62 +PreReq: OpenPKG, openpkg >= 20100101, perl, perl-www, perl-sys, perl-comp 6.63 +BuildPreReq: libpcap, libnet, pcre 6.64 +PreReq: libpcap, libnet, pcre 6.65 +%if "%{with_fsl}" == "yes" 6.66 +BuildPreReq: fsl 6.67 +PreReq: fsl 6.68 +%endif 6.69 +%if "%{with_mysql}" == "yes" 6.70 +BuildPreReq: mysql 6.71 +PreReq: mysql 6.72 +%endif 6.73 +%if "%{with_pgsql}" == "yes" 6.74 +BuildPreReq: postgresql 6.75 +PreReq: postgresql 6.76 +%endif 6.77 + 6.78 +%description 6.79 + Snort is an open source network intrusion detection system, 6.80 + capable of performing real-time traffic analysis and packet 6.81 + logging on IP networks. It can perform protocol analysis, content 6.82 + searching/matching and can be used to detect a variety of attacks 6.83 + and probes. Snort uses a flexible rules language to describe traffic 6.84 + that it should collect or pass, as well as a detection engine that 6.85 + utilizes a modular plugin architecture. Snort has a real-time 6.86 + alerting capability as well. Snort has three primary uses. It can be 6.87 + used as a straight packet sniffer like tcpdump(1), a packet logger 6.88 + (useful for network traffic debugging, etc), or as a full blown 6.89 + network intrusion detection system. 6.90 + 6.91 +%track 6.92 + prog snort = { 6.93 + version = %{V_snort} 6.94 + url = http://www.snort.org/downloads 6.95 + regex = snort-(\d+\.\d+\.\d+(\.\d+)*)\.tar\.gz 6.96 + } 6.97 + prog snort:rules = { 6.98 + version = %{V_rules} 6.99 + url = http://www.snort.org/pub-bin/downloads.cgi 6.100 + regex = snortrules-pr-(\d+\.\d+)\.tar\.gz 6.101 + } 6.102 + prog snort:oinkmaster = { 6.103 + version = %{V_oinkmaster} 6.104 + url = http://sourceforge.net/projects/oinkmaster/files/ 6.105 + regex = oinkmaster-(__VER__)\.tar\.gz 6.106 + } 6.107 + 6.108 +%prep 6.109 + %setup -q 6.110 + %setup -q -D -T -a 2 6.111 + %patch -p0 6.112 + %{l_shtool} subst %{l_value -s -a} \ 6.113 + src/snort.h 6.114 + 6.115 +%build 6.116 + # configure program 6.117 + LIBS="" 6.118 +%if "%{with_pgsql}" == "yes" 6.119 + LIBS="$LIBS -lpq -lcrypt -lssl -lcrypto" 6.120 +%endif 6.121 + case "%{l_platform -t}" in 6.122 + *-sunos* ) LIBS="$LIBS -lresolv" ;; 6.123 + esac 6.124 + CC="%{l_cc}" \ 6.125 + CFLAGS="%{l_cflags -O}" \ 6.126 + CPPFLAGS="%{l_cppflags}" \ 6.127 + LDFLAGS="%{l_ldflags} %{l_fsl_ldflags}" \ 6.128 + LIBS="$LIBS %{l_fsl_libs}" \ 6.129 + ./configure \ 6.130 + --prefix=%{l_prefix} \ 6.131 + --sysconfdir=%{l_prefix}/etc/snort \ 6.132 +%if "%{with_mysql}" == "yes" 6.133 + --with-mysql=%{l_prefix} \ 6.134 +%else 6.135 + --without-mysql \ 6.136 +%endif 6.137 +%if "%{with_pgsql}" == "yes" 6.138 + --with-postgresql=%{l_prefix} \ 6.139 +%else 6.140 + --without-postgresql \ 6.141 +%endif 6.142 + --with-libpcap-includes=%{l_prefix}/include \ 6.143 + --with-libpcap-libraries=%{l_prefix}/lib \ 6.144 + --with-libnet-includes=%{l_prefix}/include \ 6.145 + --with-libnet-libraries=%{l_prefix}/lib \ 6.146 + --with-libpcre-includes=%{l_prefix}/include \ 6.147 + --with-libpcre-libraries=%{l_prefix}/lib \ 6.148 + --enable-perfmonitor 6.149 + 6.150 + # build program 6.151 + %{l_make} %{l_mflags} 6.152 + 6.153 +%install 6.154 + # create installation hierarchy 6.155 + rm -rf $RPM_BUILD_ROOT 6.156 + %{l_shtool} mkdir -f -p -m 755 \ 6.157 + $RPM_BUILD_ROOT%{l_prefix}/sbin \ 6.158 + $RPM_BUILD_ROOT%{l_prefix}/man/man8 \ 6.159 + $RPM_BUILD_ROOT%{l_prefix}/etc/fsl \ 6.160 + $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d \ 6.161 + $RPM_BUILD_ROOT%{l_prefix}/etc/snort \ 6.162 + $RPM_BUILD_ROOT%{l_prefix}/share/snort \ 6.163 + $RPM_BUILD_ROOT%{l_prefix}/var/snort/rules \ 6.164 + $RPM_BUILD_ROOT%{l_prefix}/var/snort/tmp 6.165 + 6.166 + # install program and manual page 6.167 + %{l_shtool} install -c -s -m 755 \ 6.168 + src/snort $RPM_BUILD_ROOT%{l_prefix}/sbin/ 6.169 + %{l_shtool} install -c -m 644 \ 6.170 + snort.8 $RPM_BUILD_ROOT%{l_prefix}/man/man8/ 6.171 + 6.172 + # install default configuration 6.173 + %{l_shtool} install -c -m 644 %{l_value -s -a} \ 6.174 + %{SOURCE snort.conf} $RPM_BUILD_ROOT%{l_prefix}/etc/snort/ 6.175 + 6.176 + # install default ruleset tarball 6.177 + %{l_shtool} install -c -m 644 \ 6.178 + %{SOURCE snortrules-pr-%{V_rules}.tar.gz} \ 6.179 + $RPM_BUILD_ROOT%{l_prefix}/share/snort/rules.tar.gz 6.180 + 6.181 + # install run-command script 6.182 + %{l_shtool} install -c -m 755 %{l_value -s -a} \ 6.183 + %{SOURCE rc.snort} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/ 6.184 + 6.185 + # install OSSP fsl configuration 6.186 + %{l_shtool} install -c -m 644 %{l_value -s -a} \ 6.187 + %{SOURCE fsl.snort} $RPM_BUILD_ROOT%{l_prefix}/etc/fsl/ 6.188 + 6.189 + # install optional/additional files 6.190 +%if "%{with_mysql}" == "yes" 6.191 + %{l_shtool} install -c -m 644 \ 6.192 + schemas/create_mysql \ 6.193 + $RPM_BUILD_ROOT%{l_prefix}/share/snort/ 6.194 +%endif 6.195 +%if "%{with_pgsql}" == "yes" 6.196 + %{l_shtool} install -c -m 644 \ 6.197 + schemas/create_postgresql \ 6.198 + $RPM_BUILD_ROOT%{l_prefix}/share/snort/ 6.199 +%endif 6.200 + 6.201 + # install oinkmaster utility 6.202 + ( cd oinkmaster-%{V_oinkmaster} 6.203 + %{l_shtool} install -c -m 755 \ 6.204 + -e 's;#!/usr/bin/perl;#!%{l_prefix}/bin/perl;g' \ 6.205 + -e 's;/etc/oinkmaster\.conf;%{l_prefix}/etc/snort/oinkmaster.conf;' \ 6.206 + oinkmaster.pl $RPM_BUILD_ROOT%{l_prefix}/sbin/oinkmaster 6.207 + %{l_shtool} install -c -m 644 \ 6.208 + oinkmaster.1 $RPM_BUILD_ROOT%{l_prefix}/man/man8/oinkmaster.8 6.209 + %{l_shtool} install -c -m 644 \ 6.210 + -e 's;^\(path = \);\1%{l_prefix}/bin:;' \ 6.211 + -e 's;^# tmpdir = /home/oinkmaster/tmp/;tmpdir = %{l_prefix}/var/snort/tmp;' \ 6.212 + -e 's;^\(use_external_bins = 0\);\1;' \ 6.213 + -e 's;^\(skipfile snort\.conf\);# \1;' \ 6.214 + oinkmaster.conf $RPM_BUILD_ROOT%{l_prefix}/etc/snort/ 6.215 + ) || exit $? 6.216 + 6.217 + # install rule update utility 6.218 + %{l_shtool} install -c -m 755 %{l_value -s -a} \ 6.219 + -e 's;@V_rules@;%{V_rules};g' \ 6.220 + %{SOURCE snort-update.sh} \ 6.221 + $RPM_BUILD_ROOT%{l_prefix}/sbin/snort-update 6.222 + 6.223 + # determine installation files 6.224 + %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \ 6.225 + %{l_files_std} \ 6.226 + '%config %{l_prefix}/etc/fsl/*' \ 6.227 + '%config %{l_prefix}/etc/snort/*' \ 6.228 + '%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/snort' \ 6.229 + '%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/snort/rules' \ 6.230 + '%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/snort/tmp' 6.231 + 6.232 +%files -f files 6.233 + 6.234 +%clean 6.235 + 6.236 +%post 6.237 + if [ $1 -eq 1 ]; then 6.238 + # display final hints on initial installation 6.239 + ( echo "Before starting Snort IDS, please set the configuration variable" 6.240 + echo "\"snort_if\" in $RPM_INSTALL_PREFIX/etc/rc.conf to the name of the" 6.241 + echo "used network interface." 6.242 + ) | %{l_rpmtool} msg -b -t notice 6.243 + ( echo "To use Snort as an IDS, its rules HAVE to be ALWAYS up to date." 6.244 + echo "But this package just ships with the latest PUBLIC version of the" 6.245 + echo "\"Sourcefire VRT Certified Rules\" for UNREGISTERED Snort users." 6.246 + echo "This means your rules are NOT covering the latest known attacks." 6.247 + echo "" 6.248 + echo "Hence, we strongly recommend to become at least a REGISTERED Snort" 6.249 + echo "user (see http://www.snort.org/ for details). This way you receive" 6.250 + echo "a so-called \"oinkcode\" (a sequence of 40 hexadecimal numbers)" 6.251 + echo "which you can configure in the file" 6.252 + echo " $RPM_INSTALL_PREFIX/etc/rc.conf" 6.253 + echo "via the directives" 6.254 + echo " snort_update_time=\"daily\"" 6.255 + echo " snort_update_source=\"oinkcode:XXXX...\"" 6.256 + echo "to update your Snort rules in" 6.257 + echo " $RPM_INSTALL_PREFIX/var/snort/rules/" 6.258 + echo "automatically once per day with the latest version of the" 6.259 + echo "\"Sourcefire VRT Certified Rules\" for REGISTERED Snort users." 6.260 + ) | %{l_rpmtool} msg -b -t notice 6.261 + fi 6.262 + 6.263 + # trigger a ruleset update 6.264 + snort_update_source=`%{l_rc} -q snort_update_source` 6.265 + if [ ".$snort_update_source" != . ]; then 6.266 + su - %{l_rusr} -c "$RPM_INSTALL_PREFIX/sbin/snort-update \"$snort_update_source\"" 6.267 + fi 6.268 + 6.269 + # after upgrade, restart service 6.270 + [ $1 -eq 2 ] || exit 0 6.271 + eval `%{l_rc} snort status 2>/dev/null` 6.272 + [ ".$snort_active" = .yes ] && %{l_rc} snort restart 6.273 + exit 0 6.274 + 6.275 +%preun 6.276 + # before erase, stop service and remove log files 6.277 + [ $1 -eq 0 ] || exit 0 6.278 + %{l_rc} snort stop 2>/dev/null 6.279 + rm -f $RPM_INSTALL_PREFIX/var/snort/*.pid >/dev/null 2>&1 || true 6.280 + rm -f $RPM_INSTALL_PREFIX/var/snort/*.log >/dev/null 2>&1 || true 6.281 + rm -f $RPM_INSTALL_PREFIX/var/snort/*.cap >/dev/null 2>&1 || true 6.282 + rm -f $RPM_INSTALL_PREFIX/var/snort/rules/* >/dev/null 2>&1 || true 6.283 + rm -f $RPM_INSTALL_PREFIX/var/snort/tmp/* >/dev/null 2>&1 || true 6.284 + exit 0 6.285 +
