Elentir wrote: > Hello,
Hi, > > Can you have a look at this FB? Snort is a good NIDS but installation > and configuration can be complex. I try to simplify it as much as possible. > List of files joined: > -> FrugalBuild > -> rc.snortd (rc script for snort daemon) > -> snortd.en .. legacy stuff please don't add more of these .. See http://frugalware.org/docs/make-translation-for-rc-scripts.html > -> README.Frugalware > -> snortd (text file used by rc script for daemon's configuration) > -> snort.install > -> snort.patch (modify snort configuration file) BTW attached stuff is really weird to review. ..... pkgname=snort pkgver=2.8.3.1 pkgrel=1 pkgdesc="Open source Network Intrusion Prevention and Detection System " url="http://www.snort.org"; source=("$url/dl/$pkgname-$pkgver.tar.gz" snort.patch rc.snortd snortd snortd.en README.Frugalware) uselees ""'s . also you need to fix the translation stuff depends=('glibc' 'libpcap' 'pcre' 'mysql' 'libmysqlclient') Not sure how right the mysql / libmysqlclient depends are here .. groups=('network-extra') archs=('i686') up2date="lynx -dump '$url/dl' | grep -v beta | Flasttar" Fconfopts="--enable-dynamicplugins --enable-timestamps --enable-perfprofiling --with-mysql --prefix=/usr" Since you use build() this is kind ugly =) use Fbuild --whatever in build(). Also prefix=/usr is default no need for that .. backup=(etc/snort/{snort.conf,excludes.conf}) install=$pkgname.install useless , $pkgname.install is handled automatically , please remove ..... build() { Fmkdir /etc/snort/rules Fmkdir /var/snort Fmkdir /var/log/snort touch $Fdestdir/etc/snort/excludes.conf || Fdie Hmm ? what is this touch for ? Fmkdir /etc/sysconfig Fmkdir /etc/rc.d/rc.messages These are usually not needed =) Fbuild Frcd2 snortd Ffile $pkgname-$pkgver/schemas/create_mysql /etc/snort/ Ffile $pkgname-$pkgver/etc/* /etc/snort/ Ffile snortd /etc/sysconfig/ These Ffile are fugly too =)) Ffile snortd.en /etc/rc.d/rc.messages .. well .. Fdoc README.Frugalware } Some other comments ( really I don't have time to copy paste all these parts ): you use : .... snort_start() { if ! /sbin/ifconfig $2 | grep "RUNNING" 1> /dev/null; then /sbin/ifconfig $INTERFACE up -arp /usr/bin/touch /var/run/snort.$INTERFACE fi /usr/bin/snort -u snort -g snort -i $INTERFACE -c .... ..... Then tell in the DOCS the user to add manually the group / user but start the daemon by default ? Not going to work :-) Please don't do that. 1) there is not _reason_ to even think adding this daemon by default , in short remove that from *install 2) we add such groups / users ( when needed ) on install and remove when the package is removed ( see hal as example ) or grep the tree for for this kind stuff 3) also you have to reserve a nr for that group -> http://frugalware.org/docs/ids.html And btw that whole rc.script looks somewhat weird > > Thank you > Elentir crazy _______________________________________________ Frugalware-devel mailing list [email protected] http://frugalware.org/mailman/listinfo/frugalware-devel
