subject:"\[oe\] \[meta\-networking\]\[PATCH 1\/3\] snort\: add recipe"

[oe] [meta-networking][PATCH 1/3] snort : add recipe

2013-10-16 Thread b40290

From: Chunrong Guo b40...@freescale.com

  *snort - a free lightweight network intrusion detection
system for UNIX and Windows

Signed-off-by: Chunrong Guo b40...@freescale.com
---
 .../recipes-connectivity/snort/files/default   |   42 ++
 .../snort/files/disable-dap-address-space-id.patch |   52 +++
 .../snort/files/disable-inaddr-none.patch  |   75 
 .../recipes-connectivity/snort/files/logrotate |   12 +
 .../recipes-connectivity/snort/files/snort.init|  425 
 .../recipes-connectivity/snort/files/volatiles |2 +
 .../recipes-connectivity/snort/snort_2.9.4.6.bb|   83 
 7 files changed, 691 insertions(+), 0 deletions(-)
 create mode 100644 meta-networking/recipes-connectivity/snort/files/default
 create mode 100644 
meta-networking/recipes-connectivity/snort/files/disable-dap-address-space-id.patch
 create mode 100644 
meta-networking/recipes-connectivity/snort/files/disable-inaddr-none.patch
 create mode 100644 meta-networking/recipes-connectivity/snort/files/logrotate
 create mode 100755 meta-networking/recipes-connectivity/snort/files/snort.init
 create mode 100644 meta-networking/recipes-connectivity/snort/files/volatiles
 create mode 100644 meta-networking/recipes-connectivity/snort/snort_2.9.4.6.bb

diff --git a/meta-networking/recipes-connectivity/snort/files/default 
b/meta-networking/recipes-connectivity/snort/files/default
new file mode 100644
index 000..afd3840
--- /dev/null
+++ b/meta-networking/recipes-connectivity/snort/files/default
@@ -0,0 +1,42 @@
+# Parameters for the daemon
+# Add any additional parameteres here.
+PARAMS=-m 027 -D -d 
+#
+# Snort user
+# This user will be used to launch snort. Notice that the 
+# preinst script of the package might do changes to the user 
+# (home directory, User Name) when the package is upgraded or
+# reinstalled.  So, do *not* change this to 'root' or to any other user 
+# unless you are sure there is no problem with those changes being introduced.
+# 
+SNORTUSER=snort
+#
+# Logging directory
+# Snort logs will be dropped here and this will be the home
+# directory for the SNORTUSER. If you change this value you should
+# change the /etc/logrotate.d/snort definition too, otherwise logs
+# will not be rotated properly.
+#
+LOGDIR=/var/log/snort
+#
+# Snort group
+# This is the group that the snort user will be added to.
+#
+SNORTGROUP=snort
+# 
+# Allow Snort's init.d script to work if the configured interfaces
+# are not available. Set this to yes if you configure Snort with
+# multiple interfaces but some might not be available on boot
+# (e.g. wireless interfaces)
+# 
+# Note: In order for this to work the 'iproute' package needs to 
+# be installed.
+ALLOW_UNAVAILABLE=no
+
+# Local configs
+#
+LOCAL_SNORT_STARTUP=boot
+LOCAL_SNORT_HOME_NET=192.168.0.0/16
+LOCAL_SNORT_INTERFACE=
+LOCAL_SNORT_STATS_RCPT=root
+LOCAL_SNORT_STATS_THRESHOLD=1
diff --git 
a/meta-networking/recipes-connectivity/snort/files/disable-dap-address-space-id.patch
 
b/meta-networking/recipes-connectivity/snort/files/disable-dap-address-space-id.patch
new file mode 100644
index 000..39e5c9c
--- /dev/null
+++ 
b/meta-networking/recipes-connectivity/snort/files/disable-dap-address-space-id.patch
@@ -0,0 +1,52 @@
+Upstream-Status:Inappropriate [embedded specific]
+
+fix the below error:
+checking for dap address space id... configure: 
+configure: error: cannot run test program while cross compiling
+
+
+Signed-off-by: Chunrong Guo b40...@freescale.com
+
+--- a/configure.in 2013-08-23 00:06:37.239361932 -0500
 b/configure.in 2013-08-23 00:07:32.860266534 -0500
+@@ -679,23 +679,23 @@
+ 
+ AC_CHECK_FUNCS([daq_hup_apply] [daq_acquire_with_meta])
+ 
+-AC_MSG_CHECKING([for daq address space ID])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include daq.h
+-]],
+-[[
+-   DAQ_PktHdr_t hdr;
+-   hdr.address_space_id = 0;
+-]])],
+-[have_daq_address_space_id=yes],
+-[have_daq_address_space_id=no])
+-AC_MSG_RESULT($have_daq_address_space_id)
+-if test x$have_daq_address_space_id = xyes; then
+-AC_DEFINE([HAVE_DAQ_ADDRESS_SPACE_ID],[1],
+-[DAQ version supports address space ID in header.])
+-fi
++#AC_MSG_CHECKING([for daq address space ID])
++#AC_RUN_IFELSE(
++#[AC_LANG_PROGRAM(
++#[[
++##include daq.h
++#]],
++#[[
++#   DAQ_PktHdr_t hdr;
++#   hdr.address_space_id = 0;
++#]])],
++have_daq_address_space_id=yes
++#[have_daq_address_space_id=no])
++#AC_MSG_RESULT($have_daq_address_space_id)
++#if test x$have_daq_address_space_id = xyes; then
++#AC_DEFINE([HAVE_DAQ_ADDRESS_SPACE_ID],[1],
++#[DAQ version supports address space ID in header.])
++#fi
+ 
+ # any sparc platform has to have this one defined.
+ AC_MSG_CHECKING(for sparc)
diff --git 
a/meta-networking/recipes-connectivity/snort/files/disable-inaddr-none.patch 
b/meta-networking/recipes-connectivity/snort/files/disable-inaddr-none.patch
new file mode 100644
index 000..9dafe63
--- /dev/null
+++

Re: [oe] [meta-networking][PATCH 1/3] snort : add recipe

2013-10-16 Thread Koen Kooi

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Op 16-10-13 09:11, b40...@freescale.com schreef:
 From: Chunrong Guo b40...@freescale.com
 
 *snort - a free lightweight network intrusion detection system for UNIX
 and Windows
 
 Signed-off-by: Chunrong Guo b40...@freescale.com --- 
 .../recipes-connectivity/snort/files/default   |   42 ++ 
 .../snort/files/disable-dap-address-space-id.patch |   52 +++ 
 .../snort/files/disable-inaddr-none.patch  |   75  
 .../recipes-connectivity/snort/files/logrotate |   12 + 
 .../recipes-connectivity/snort/files/snort.init|  425
  .../recipes-connectivity/snort/files/volatiles |
 2 + .../recipes-connectivity/snort/snort_2.9.4.6.bb|   83  7
 files changed, 691 insertions(+), 0 deletions(-) create mode 100644
 meta-networking/recipes-connectivity/snort/files/default create mode
 100644
 meta-networking/recipes-connectivity/snort/files/disable-dap-address-space-id.patch

 
create mode 100644
meta-networking/recipes-connectivity/snort/files/disable-inaddr-none.patch
 create mode 100644
 meta-networking/recipes-connectivity/snort/files/logrotate create mode
 100755 meta-networking/recipes-connectivity/snort/files/snort.init create
 mode 100644 meta-networking/recipes-connectivity/snort/files/volatiles 
 create mode 100644
 meta-networking/recipes-connectivity/snort/snort_2.9.4.6.bb
 
 diff --git a/meta-networking/recipes-connectivity/snort/files/default
 b/meta-networking/recipes-connectivity/snort/files/default new file mode
 100644 index 000..afd3840 --- /dev/null +++
 b/meta-networking/recipes-connectivity/snort/files/default @@ -0,0 +1,42
 @@

 +LOGDIR=/var/log/snort

Hardcoded path

 diff --git a/meta-networking/recipes-connectivity/snort/files/logrotate
 b/meta-networking/recipes-connectivity/snort/files/logrotate new file
 mode 100644 index 000..e394e2e --- /dev/null +++
 b/meta-networking/recipes-connectivity/snort/files/logrotate @@ -0,0
 +1,12 @@ +/var/log/snort/*.log /var/log/snort/alert {

hardcoded path

 +size 1M +missingok +compress +delaycompress +rotate
 10 +sharedscripts +postrotate +/etc/init.d/snort restart

hardcoded path and sysvinit specific


 diff --git a/meta-networking/recipes-connectivity/snort/files/snort.init
 b/meta-networking/recipes-connectivity/snort/files/snort.init new file
 mode 100755 index 000..af66619 --- /dev/null +++
 b/meta-networking/recipes-connectivity/snort/files/snort.init @@ -0,0
 +1,425 @@

 + +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

hardcoded paths

 + +test $DEBIAN_SCRIPT_DEBUG  set -v -x + +DAEMON=/usr/bin/snort

hardcoded path

 +NAME=snort +DESC=Network Intrusion Detection System + +.
 /etc/default/snort

hardcoded path

 +COMMON=$PARAMS -l $LOGDIR -u $SNORTUSER -g $SNORTGROUP + +test -x
 $DAEMON || exit 0 +test -z $LOCAL_SNORT_HOME_NET 
 LOCAL_SNORT_HOME_NET=192.168.0.0/16 + +# to find the lib files +cd
 /etc/snort

hardcoded path


 +check_root()  { +if [ $(id -u) != 0 ]; then +echo You
 must be root to start, stop or restart $NAME. +exit 4 +fi

does this work with busybox?

 +} + +case $1 in +  start) +check_root +echo Starting $DESC 
 $NAME + +if [ -e /etc/snort/db-pending-config ] ; then +
 echo
 /etc/snort/db-pending-config file found +   echo Snort will not 
 start
 as its database is not yet configured. + echo Please configure 
 the
 database as described in +   echo
 /usr/share/doc/snort-{pgsql,mysql}/README-database.Debian + echo 
 and
 remove /etc/snort/db-pending-config

Tons of hardcoded paths

 + exit 6 +fi + +if ! check_log_dir; then +
 echo  will not
 start $DESC! +   exit 5 +fi +if [ 
 $LOCAL_SNORT_STARTUP = dialup ];
 then +shift + set +e +
 /etc/ppp/ip-up.d/snort $@

hardcoded path and needs RRECOMMENDS = pppd?


 + myret=0 +   got_instance=0 +for interface in $interfaces; 
 do +
 got_instance=1 +  echo ($interface + +# Check 
 if the
 interface is available: +# - only if iproute is
 available +# - the interface exists +# -
 the interface is up +if ! [ -x /sbin/ip ] || ( ip link
 show dev $interface /dev/null 21  [ -n `ip link show up
 $interface 2/dev/null` ] ) ; then

hardcoded path and needs RDEPENDS = iputils?

 + +   PIDFILE=/var/run/snort_$interface.pid +
 CONFIGFILE=/etc/snort/snort.$interface.conf + +#
 Defaults: +   fail=failed (check /var/log/syslog and 
 /var/log/snort) +
 run=yes

paths...

 + +if [ -e $PIDFILE ]  running $PIDFILE; then +
 run=no +# Do not start this instance, it is
 already runing +fi + +if [ $run = yes
 ] ; then +if [ ! -e

Re: [oe] [meta-networking][PATCH 1/3] snort: add recipe

2013-09-24 Thread Paul Eggleton

Hi Joe,

On Monday 23 September 2013 14:22:02 Joe MacDonald wrote:
 [Re: [oe] [meta-networking][PATCH 1/3] snort: add recipe] On 13.09.23 (Mon
 18:56) Paul Eggleton wrote:
  
  I'm a bit confused; is this recipe supposed to be going into
  meta-networking or meta-security? Because patches have been sent
  recently to add it to both.
 
 I had mentioned that I would accept snort into meta-networking if it
 wasn't a good fit for meta-security since it was something I'd started
 working on integrating anyway a while back.  I assumed that was the case
 since it was sent to the list for meta-networking today.
 
 I don't think we need copies in both places, though, and since it was
 first aimed at meta-security, if it gets merged there, I won't merge it
 here.
 
 Hopefully nothing I've said here contradicts what the meta-security
 maintainers would want to see.

I would have thought it would go into meta-security myself; but ultimately 
it's up to you and Saul really. I just wanted to make sure we didn't somehow 
end up with it in both layers since we have patches for adding it to both.

Cheers,
Paul

-- 

Paul Eggleton
Intel Open Source Technology Centre
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

Re: [oe] [meta-networking][PATCH 1/3] snort: add recipe

2013-09-24 Thread Joe MacDonald

[Re: [oe] [meta-networking][PATCH 1/3] snort: add recipe] On 13.09.24 (Tue 
18:16) Paul Eggleton wrote:

 Hi Joe,
 
 On Monday 23 September 2013 14:22:02 Joe MacDonald wrote:
  [Re: [oe] [meta-networking][PATCH 1/3] snort: add recipe] On 13.09.23 (Mon
  18:56) Paul Eggleton wrote:
   
   I'm a bit confused; is this recipe supposed to be going into
   meta-networking or meta-security? Because patches have been sent
   recently to add it to both.
  
  I had mentioned that I would accept snort into meta-networking if it
  wasn't a good fit for meta-security since it was something I'd started
  working on integrating anyway a while back.  I assumed that was the case
  since it was sent to the list for meta-networking today.
  
  I don't think we need copies in both places, though, and since it was
  first aimed at meta-security, if it gets merged there, I won't merge it
  here.
  
  Hopefully nothing I've said here contradicts what the meta-security
  maintainers would want to see.
 
 I would have thought it would go into meta-security myself; but ultimately 
 it's up to you and Saul really. I just wanted to make sure we didn't somehow 
 end up with it in both layers since we have patches for adding it to both.

Yeah, I completely agree.  Since I'm using meta-security a bit now and
sending a few patches back, I'll keep an eye out and if the snort stuff
lands in there, I would not consider merging it with meta-networking.

Snort has always been in the same category for me as tcpdump, nmap and
etherape/wireshark.  A hugely useful network diagnostics tool.  But as
and IDS / IPS it makes sense for meta-security as well.

Either works for me.

-- 
-Joe MacDonald.
:wq


signature.asc
Description: Digital signature
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [meta-networking][PATCH 1/3] snort: add recipe

2013-09-23 Thread b40290

From: Chunrong Guo b40...@freescale.com

  *snort - a free lightweight network intrusion detection
 system for UNIX and Windows

Signed-off-by: Chunrong Guo b40...@freescale.com
---
 .../recipes-connectivity/snort/files/default   |   42 ++
 .../snort/files/disable-dap-address-space-id.patch |   52 +++
 .../snort/files/disable-inaddr-none.patch  |   75 
 .../recipes-connectivity/snort/files/logrotate |   12 +
 .../recipes-connectivity/snort/files/snort.init|  425 
 .../recipes-connectivity/snort/files/volatiles |2 +
 .../recipes-connectivity/snort/snort_2.9.4.6.bb|   86 
 7 files changed, 694 insertions(+), 0 deletions(-)
 create mode 100644 meta-networking/recipes-connectivity/snort/files/default
 create mode 100644 
meta-networking/recipes-connectivity/snort/files/disable-dap-address-space-id.patch
 create mode 100644 
meta-networking/recipes-connectivity/snort/files/disable-inaddr-none.patch
 create mode 100644 meta-networking/recipes-connectivity/snort/files/logrotate
 create mode 100755 meta-networking/recipes-connectivity/snort/files/snort.init
 create mode 100644 meta-networking/recipes-connectivity/snort/files/volatiles
 create mode 100644 meta-networking/recipes-connectivity/snort/snort_2.9.4.6.bb

diff --git a/meta-networking/recipes-connectivity/snort/files/default 
b/meta-networking/recipes-connectivity/snort/files/default
new file mode 100644
index 000..afd3840
--- /dev/null
+++ b/meta-networking/recipes-connectivity/snort/files/default
@@ -0,0 +1,42 @@
+# Parameters for the daemon
+# Add any additional parameteres here.
+PARAMS=-m 027 -D -d 
+#
+# Snort user
+# This user will be used to launch snort. Notice that the 
+# preinst script of the package might do changes to the user 
+# (home directory, User Name) when the package is upgraded or
+# reinstalled.  So, do *not* change this to 'root' or to any other user 
+# unless you are sure there is no problem with those changes being introduced.
+# 
+SNORTUSER=snort
+#
+# Logging directory
+# Snort logs will be dropped here and this will be the home
+# directory for the SNORTUSER. If you change this value you should
+# change the /etc/logrotate.d/snort definition too, otherwise logs
+# will not be rotated properly.
+#
+LOGDIR=/var/log/snort
+#
+# Snort group
+# This is the group that the snort user will be added to.
+#
+SNORTGROUP=snort
+# 
+# Allow Snort's init.d script to work if the configured interfaces
+# are not available. Set this to yes if you configure Snort with
+# multiple interfaces but some might not be available on boot
+# (e.g. wireless interfaces)
+# 
+# Note: In order for this to work the 'iproute' package needs to 
+# be installed.
+ALLOW_UNAVAILABLE=no
+
+# Local configs
+#
+LOCAL_SNORT_STARTUP=boot
+LOCAL_SNORT_HOME_NET=192.168.0.0/16
+LOCAL_SNORT_INTERFACE=
+LOCAL_SNORT_STATS_RCPT=root
+LOCAL_SNORT_STATS_THRESHOLD=1
diff --git 
a/meta-networking/recipes-connectivity/snort/files/disable-dap-address-space-id.patch
 
b/meta-networking/recipes-connectivity/snort/files/disable-dap-address-space-id.patch
new file mode 100644
index 000..39e5c9c
--- /dev/null
+++ 
b/meta-networking/recipes-connectivity/snort/files/disable-dap-address-space-id.patch
@@ -0,0 +1,52 @@
+Upstream-Status:Inappropriate [embedded specific]
+
+fix the below error:
+checking for dap address space id... configure: 
+configure: error: cannot run test program while cross compiling
+
+
+Signed-off-by: Chunrong Guo b40...@freescale.com
+
+--- a/configure.in 2013-08-23 00:06:37.239361932 -0500
 b/configure.in 2013-08-23 00:07:32.860266534 -0500
+@@ -679,23 +679,23 @@
+ 
+ AC_CHECK_FUNCS([daq_hup_apply] [daq_acquire_with_meta])
+ 
+-AC_MSG_CHECKING([for daq address space ID])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include daq.h
+-]],
+-[[
+-   DAQ_PktHdr_t hdr;
+-   hdr.address_space_id = 0;
+-]])],
+-[have_daq_address_space_id=yes],
+-[have_daq_address_space_id=no])
+-AC_MSG_RESULT($have_daq_address_space_id)
+-if test x$have_daq_address_space_id = xyes; then
+-AC_DEFINE([HAVE_DAQ_ADDRESS_SPACE_ID],[1],
+-[DAQ version supports address space ID in header.])
+-fi
++#AC_MSG_CHECKING([for daq address space ID])
++#AC_RUN_IFELSE(
++#[AC_LANG_PROGRAM(
++#[[
++##include daq.h
++#]],
++#[[
++#   DAQ_PktHdr_t hdr;
++#   hdr.address_space_id = 0;
++#]])],
++have_daq_address_space_id=yes
++#[have_daq_address_space_id=no])
++#AC_MSG_RESULT($have_daq_address_space_id)
++#if test x$have_daq_address_space_id = xyes; then
++#AC_DEFINE([HAVE_DAQ_ADDRESS_SPACE_ID],[1],
++#[DAQ version supports address space ID in header.])
++#fi
+ 
+ # any sparc platform has to have this one defined.
+ AC_MSG_CHECKING(for sparc)
diff --git 
a/meta-networking/recipes-connectivity/snort/files/disable-inaddr-none.patch 
b/meta-networking/recipes-connectivity/snort/files/disable-inaddr-none.patch
new file mode 100644
index 000..9dafe63
--- /dev/null
+++

Re: [oe] [meta-networking][PATCH 1/3] snort: add recipe

2013-09-23 Thread Joe MacDonald

Hey Paul,

[Re: [oe] [meta-networking][PATCH 1/3] snort: add recipe] On 13.09.23 (Mon 
18:56) Paul Eggleton wrote:

 All,
 
 I'm a bit confused; is this recipe supposed to be going into
 meta-networking or meta-security? Because patches have been sent
 recently to add it to both.

I had mentioned that I would accept snort into meta-networking if it
wasn't a good fit for meta-security since it was something I'd started
working on integrating anyway a while back.  I assumed that was the case
since it was sent to the list for meta-networking today.

I don't think we need copies in both places, though, and since it was
first aimed at meta-security, if it gets merged there, I won't merge it
here.

Hopefully nothing I've said here contradicts what the meta-security
maintainers would want to see.

-- 
-Joe MacDonald.
:wq


signature.asc
Description: Digital signature
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

Re: [oe] [meta-networking][PATCH 1/3] snort: add recipe

2013-09-23 Thread Paul Eggleton

All,

I'm a bit confused; is this recipe supposed to be going into meta-networking 
or meta-security? Because patches have been sent recently to add it to both.

Cheers,
Paul

-- 

Paul Eggleton
Intel Open Source Technology Centre

___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

Re: [oe] [meta-networking][PATCH 1/3] snort: add recipe

2013-09-23 Thread Joe MacDonald


Hi Chunrong,

A few things with this one.

- can you be more specific with the LICENSE?

   WARNING: snort: No generic license file exists for: GPL in any provider

- my test build generated QA errors due to host libraries being used in
  the build:

   cc1: warning: include location /usr/include/pcap is unsafe for 
cross-compilation [-Wpoison-system-directories]
   cc1: warning: include location /usr/include/pcap is unsafe for 
cross-compilation [-Wpoison-system-directories]
   cc1: warning: include location /usr/include/pcap is unsafe for 
cross-compilation [-Wpoison-system-directories]
   cc1: warning: include location /usr/include/pcap is unsafe for 
cross-compilation [-Wpoison-system-directories]

- Is the pkg_postinst_${PN} action really necessary?  Can't you
  accomplish the same thing by inheriting useradd?  At worst, I think
  you'll only need the last line, directly invoking
  populate-volatile.sh.  Could be mistaken on that, though.

- Can you take another pass through the recipe itself, please?  There's
  some inconsistent formatting (specifically around SRC_URI) and
  minor whitespace issues (around EXTRA_OECONF, for sure, maybe
  elsewhere, I've only done a quick scan).

- While we're on the topic, I hate to ask, but any chance we could fix
  up the formatting on the initscript itself?  It's an indentation
  disaster.  Not your fault, I know, but I don't know that we'll ever go
  back to taking the debian one again and I'd rather it be clean for
  anyone who comes along later.

- There's one minor inconsistency in the logrotate file, too, can you
  make them all space-indented or all tab-indented please?

Thanks,

-J.

[[oe] [meta-networking][PATCH 1/3] snort: add recipe] On 13.09.23 (Mon 17:06) 
b40...@freescale.com wrote:

 From: Chunrong Guo b40...@freescale.com
 
   *snort - a free lightweight network intrusion detection
  system for UNIX and Windows
 
 Signed-off-by: Chunrong Guo b40...@freescale.com
 ---
  .../recipes-connectivity/snort/files/default   |   42 ++
  .../snort/files/disable-dap-address-space-id.patch |   52 +++
  .../snort/files/disable-inaddr-none.patch  |   75 
  .../recipes-connectivity/snort/files/logrotate |   12 +
  .../recipes-connectivity/snort/files/snort.init|  425 
 
  .../recipes-connectivity/snort/files/volatiles |2 +
  .../recipes-connectivity/snort/snort_2.9.4.6.bb|   86 
  7 files changed, 694 insertions(+), 0 deletions(-)
  create mode 100644 meta-networking/recipes-connectivity/snort/files/default
  create mode 100644 
 meta-networking/recipes-connectivity/snort/files/disable-dap-address-space-id.patch
  create mode 100644 
 meta-networking/recipes-connectivity/snort/files/disable-inaddr-none.patch
  create mode 100644 meta-networking/recipes-connectivity/snort/files/logrotate
  create mode 100755 
 meta-networking/recipes-connectivity/snort/files/snort.init
  create mode 100644 meta-networking/recipes-connectivity/snort/files/volatiles
  create mode 100644 
 meta-networking/recipes-connectivity/snort/snort_2.9.4.6.bb
 
 diff --git a/meta-networking/recipes-connectivity/snort/files/default 
 b/meta-networking/recipes-connectivity/snort/files/default
 new file mode 100644
 index 000..afd3840
 --- /dev/null
 +++ b/meta-networking/recipes-connectivity/snort/files/default
 @@ -0,0 +1,42 @@
 +# Parameters for the daemon
 +# Add any additional parameteres here.
 +PARAMS=-m 027 -D -d 
 +#
 +# Snort user
 +# This user will be used to launch snort. Notice that the 
 +# preinst script of the package might do changes to the user 
 +# (home directory, User Name) when the package is upgraded or
 +# reinstalled.  So, do *not* change this to 'root' or to any other user 
 +# unless you are sure there is no problem with those changes being 
 introduced.
 +# 
 +SNORTUSER=snort
 +#
 +# Logging directory
 +# Snort logs will be dropped here and this will be the home
 +# directory for the SNORTUSER. If you change this value you should
 +# change the /etc/logrotate.d/snort definition too, otherwise logs
 +# will not be rotated properly.
 +#
 +LOGDIR=/var/log/snort
 +#
 +# Snort group
 +# This is the group that the snort user will be added to.
 +#
 +SNORTGROUP=snort
 +# 
 +# Allow Snort's init.d script to work if the configured interfaces
 +# are not available. Set this to yes if you configure Snort with
 +# multiple interfaces but some might not be available on boot
 +# (e.g. wireless interfaces)
 +# 
 +# Note: In order for this to work the 'iproute' package needs to 
 +# be installed.
 +ALLOW_UNAVAILABLE=no
 +
 +# Local configs
 +#
 +LOCAL_SNORT_STARTUP=boot
 +LOCAL_SNORT_HOME_NET=192.168.0.0/16
 +LOCAL_SNORT_INTERFACE=
 +LOCAL_SNORT_STATS_RCPT=root
 +LOCAL_SNORT_STATS_THRESHOLD=1
 diff --git 
 a/meta-networking/recipes-connectivity/snort/files/disable-dap-address-space-id.patch
  
 b/meta-networking/recipes-connectivity/snort/files/disable-dap-address-space-id.patch
 new file mode 100644
 index 000

[oe] [meta-networking][PATCH 1/3] snort : add recipe

Re: [oe] [meta-networking][PATCH 1/3] snort : add recipe

Re: [oe] [meta-networking][PATCH 1/3] snort: add recipe

Re: [oe] [meta-networking][PATCH 1/3] snort: add recipe

[oe] [meta-networking][PATCH 1/3] snort: add recipe

Re: [oe] [meta-networking][PATCH 1/3] snort: add recipe

Re: [oe] [meta-networking][PATCH 1/3] snort: add recipe

Re: [oe] [meta-networking][PATCH 1/3] snort: add recipe

8 matches

Site Navigation

Mail list logo

Footer information