Re: [UPDATE] net/snort 2.8.0.1 (was: [UPDATE] net/snort 2.8.0)
On Sat, Dec 01, 2007 at 01:42:41PM +0100, Markus Lude wrote:
New diff against CVS attached. Please test/comment/commit/...
new diff with a few changes. Please test.
Comments/oks?
cheers,
rui
Index: Makefile
===
RCS file: /cvs/ports/net/snort/Makefile,v
retrieving revision 1.51
diff -u -r1.51 Makefile
--- Makefile15 Sep 2007 22:36:59 - 1.51
+++ Makefile9 Feb 2008 17:38:12 -
@@ -2,29 +2,34 @@
COMMENT= highly flexible sniffer/NIDS
-DISTNAME= snort-2.6.0.2
-PKGNAME= ${DISTNAME}p1
+DISTNAME= snort-2.8.0.1
CATEGORIES=net security
MASTER_SITES= ${HOMEPAGE}/dl/current/
HOMEPAGE= http://www.snort.org/
-# GPL
+MAINTAINER=Markus Lude [EMAIL PROTECTED]
+
+# GPLv2
PERMIT_PACKAGE_CDROM= Yes
PERMIT_PACKAGE_FTP=Yes
PERMIT_DISTFILES_CDROM= Yes
PERMIT_DISTFILES_FTP= Yes
-WANTLIB= c m pcap
+WANTLIB= c m pcap
-SHARED_LIBS= sf_engine 0.0 \
- sf_dns_preproc 0.0 \
- sf_ftptelnet_preproc 0.0 \
- sf_smtp_preproc 0.0
+SHARED_LIBS= sf_engine 1.0 \
+ sf_dns_preproc 1.0 \
+ sf_ftptelnet_preproc 1.0 \
+ sf_smtp_preproc 1.0 \
+ sf_dcerpc_preproc 0.0 \
+ sf_ssh_preproc 0.0 \
+ _sfdynamic_example_rule 0.0 \
+ _sfdynamic_preprocessor_example 0.0
USE_LIBTOOL= Yes
SEPARATE_BUILD=concurrent
-CONFIGURE_STYLE=gnu
+CONFIGURE_STYLE=simple
CONFIGURE_ARGS+=${CONFIGURE_SHARED} \
--enable-dynamicplugin
@@ -41,6 +46,9 @@
.if ${FLAVOR:L:Mflexresp}
LIB_DEPENDS+= dnet.=1::net/libdnet
CONFIGURE_ARGS+=--enable-flexresp2
+
+MASTER_SITES0=
http://www-fs.informatik.uni-tuebingen.de/~lude/openbsd/distfiles/
+PATCHFILES=snort-flexresp_patch.diff:0
.endif
.if ${FLAVOR:L:Mpostgresql}
@@ -50,22 +58,31 @@
.if ${FLAVOR:L:Mmysql}
LIB_DEPENDS+= lib/mysql/mysqlclient.=10::databases/mysql
-CONFIGURE_ARGS+=--with-mysql=${LOCALBASE}
+CONFIGURE_ARGS+=--with-mysql-libraries=${LOCALBASE}/lib \
+ --with-mysql-includes=${LOCALBASE}/include
WANTLIB+= z
.endif
.if ${FLAVOR:L:Mprelude}
MODULES= devel/gettext
-WANTLIB+= gcrypt gpg-error pthread z
+WANTLIB+= gcrypt gnutls gpg-error pthread z
LIB_DEPENDS+= prelude.=8::security/prelude/libprelude
CONFIGURE_ARGS+=--enable-prelude
MESSAGE= ${PKGDIR}/MESSAGE-prelude
.endif
-CONFIGS= classification.config gen-msg.map generators reference.config \
- sid sid-msg.map snort.conf threshold.conf unicode.map
+CONFIGS= classification.config gen-msg.map reference.config \
+ sid-msg.map snort.conf threshold.conf unicode.map
-DOCS= AUTHORS CREDITS README.* *.pdf
+PREPROC= decoder.rules preprocessor.rules
+
+DOCS= AUTHORS CREDITS README README.* *.pdf TODO USAGE WISHLIST
+
+# workaround conflicts between distpatches and patches
+post-patch:
+.if ${FLAVOR:L:Mflexresp}
+ @perl -pi -e s,ip_t,snort_ip, ${WRKSRC}/src/preprocessors/stream.h
+.endif
post-build:
@perl -pi -e s,%%SYSCONFDIR%%,${SYSCONFDIR}, \
@@ -77,6 +94,11 @@
${INSTALL_DATA_DIR} ${PREFIX}/share/examples/snort
.for i in ${CONFIGS}
${INSTALL_DATA} ${WRKSRC}/etc/${i} ${PREFIX}/share/examples/snort
+.endfor
+ ${INSTALL_DATA} ${WRKSRC}/doc/generators ${PREFIX}/share/examples/snort
+
+.for i in ${PREPROC}
+ ${INSTALL_DATA} ${WRKSRC}/preproc_rules/${i}
${PREFIX}/share/examples/snort
.endfor
${INSTALL_DATA_DIR} ${PREFIX}/share/doc/snort
Index: distinfo
===
RCS file: /cvs/ports/net/snort/distinfo,v
retrieving revision 1.15
diff -u -r1.15 distinfo
--- distinfo5 Apr 2007 16:20:15 - 1.15
+++ distinfo9 Feb 2008 17:38:12 -
@@ -1,5 +1,10 @@
-MD5 (snort-2.6.0.2.tar.gz) = XAlP9tgtuEWl8CPkpJIQPg==
-RMD160 (snort-2.6.0.2.tar.gz) = cG1j24O30DesinHIEEMk2bdZTrU=
-SHA1 (snort-2.6.0.2.tar.gz) = Gms/sZqC+Dvw/OWo226xJ3xyN5s=
-SHA256 (snort-2.6.0.2.tar.gz) = B716x7ZF0TgKzmWzPAZO1Y2dwhvXNrH3a8V13CLhpeI=
-SIZE (snort-2.6.0.2.tar.gz) = 3350277
+MD5 (snort-2.8.0.1.tar.gz) = u2UOjv6Fj1w8yx5HF3XX5w==
+MD5 (snort-flexresp_patch.diff) = ZYyI5dSWIpCkny37tRidUQ==
+RMD160 (snort-2.8.0.1.tar.gz) = oLC+wvfMoNR6WYcIu/xpysr0ShI=
+RMD160 (snort-flexresp_patch.diff) = vrc4csTm8t0HUKMbYMrMzDs66jA=
+SHA1 (snort-2.8.0.1.tar.gz) = s7RfptUDcvZYfNd2r0O0FSURljA=
+SHA1 (snort-flexresp_patch.diff) = qkgi0RNWJintUwpX6uYE4QdeWV4=
+SHA256 (snort-2.8.0.1.tar.gz) = T6dP2/5nc2Kw/vImAm5/EQ196Fa6qtIbX+Pr0PYnsRI=
+SHA256 (snort-flexresp_patch.diff) =
cBSVJQ939iIageqqNMHQnsa1GjjplPju96ePvHBMyNY=
+SIZE (snort-2.8.0.1.tar.gz) = 4331731
+SIZE (snort-flexresp_patch.diff) = 48418
Index: patches/patch-etc_snort_conf
===
RCS file:
Re: [UPDATE] net/snort 2.8.0
On Thu, Nov 29, 2007 at 12:21:13AM +0100, Markus Lude wrote:
Hello,
here is an update to snort 2.8.0. Please test/comment/commit/...
Based on changes for 2.7.0.1 by Jason Dixon.
Some added patches fix bus errors on sparc64 noticed by [EMAIL PROTECTED]
If noone other wants, I would take maintainership (not included in
diff).
Regards,
Markus
Attached diff to apply after your diff.
* Updated to 2.8.0.1
* Fixes flexresp flavor: http://marc.info/?l=snort-usersm=119099490314507w=2
* Fixes prelude WANTLIB
* Replaces depricated --with-mysql
diff -ur ../snort.patched/Makefile ./Makefile
--- ../snort.patched/Makefile Fri Nov 30 11:56:08 2007
+++ ./Makefile Fri Nov 30 11:59:14 2007
@@ -2,8 +2,7 @@
COMMENT= highly flexible sniffer/NIDS
-DISTNAME= snort-2.8.0
-PKGNAME= ${DISTNAME}
+DISTNAME= snort-2.8.0.1
CATEGORIES=net security
MASTER_SITES= ${HOMEPAGE}/dl/current/
@@ -43,6 +42,9 @@
.if ${FLAVOR:L:Mflexresp}
LIB_DEPENDS+= dnet.=1::net/libdnet
CONFIGURE_ARGS+=--enable-flexresp2
+
+MASTER_SITES0= http://ftp.secure.lv/pub/distfiles/
+PATCHFILES= respond2_patch.diff:0
.endif
.if ${FLAVOR:L:Mpostgresql}
@@ -52,13 +54,14 @@
.if ${FLAVOR:L:Mmysql}
LIB_DEPENDS+= lib/mysql/mysqlclient.=10::databases/mysql
-CONFIGURE_ARGS+=--with-mysql=${LOCALBASE}
+CONFIGURE_ARGS+=--with-mysql-libraries=${LOCALBASE}/lib \
+ --with-mysql-includes=${LOCALBASE}/include
WANTLIB+= z
.endif
.if ${FLAVOR:L:Mprelude}
MODULES= devel/gettext
-WANTLIB+= gcrypt gpg-error pthread z
+WANTLIB+= gcrypt gnutls gpg-error pthread z
LIB_DEPENDS+= prelude.=8::security/prelude/libprelude
CONFIGURE_ARGS+=--enable-prelude
MESSAGE= ${PKGDIR}/MESSAGE-prelude
diff -ur ../snort.patched/distinfo ./distinfo
--- ../snort.patched/distinfo Fri Nov 30 11:56:08 2007
+++ ./distinfo Fri Nov 30 11:59:54 2007
@@ -1,5 +1,10 @@
-MD5 (snort-2.8.0.tar.gz) = z7qxwuOc27iRISxL8V6C8w==
-RMD160 (snort-2.8.0.tar.gz) = 2sNqSh/aYLZszcXHdKthqqD2yKg=
-SHA1 (snort-2.8.0.tar.gz) = 8HuEoIcthhAGtWqManmmAwjdaLQ=
-SHA256 (snort-2.8.0.tar.gz) = uaBzfTL2nEvnSySDJLQBc2Z7W8e09Yru9PInGi6oQtE=
-SIZE (snort-2.8.0.tar.gz) = 4278872
+MD5 (respond2_patch.diff) = PbuGzELzemmJOZefznO2nw==
+MD5 (snort-2.8.0.1.tar.gz) = u2UOjv6Fj1w8yx5HF3XX5w==
+RMD160 (respond2_patch.diff) = FyVgr7CGRT+jzTMg+iyJbmgkfxI=
+RMD160 (snort-2.8.0.1.tar.gz) = oLC+wvfMoNR6WYcIu/xpysr0ShI=
+SHA1 (respond2_patch.diff) = IJhimg/OA7fMfov6qQCYA2DJlng=
+SHA1 (snort-2.8.0.1.tar.gz) = s7RfptUDcvZYfNd2r0O0FSURljA=
+SHA256 (respond2_patch.diff) = zzARQQev9cVyJscTaI8HaBbvBenvAn+TS67YIF3hpFo=
+SHA256 (snort-2.8.0.1.tar.gz) = T6dP2/5nc2Kw/vImAm5/EQ196Fa6qtIbX+Pr0PYnsRI=
+SIZE (respond2_patch.diff) = 48704
+SIZE (snort-2.8.0.1.tar.gz) = 4331731
diff -ur ../snort.patched/patches/patch-src_dynamic-preprocessors_Makefile_in
./patches/patch-src_dynamic-preprocessors_Makefile_in
--- ../snort.patched/patches/patch-src_dynamic-preprocessors_Makefile_in
Fri Nov 30 11:56:08 2007
+++ ./patches/patch-src_dynamic-preprocessors_Makefile_in Fri Nov 30
12:09:44 2007
@@ -1,7 +1,7 @@
$OpenBSD: patch-src_dynamic-preprocessors_Makefile_in,v 1.1 2006/10/10
13:33:17 aanriot Exp $
src/dynamic-preprocessors/Makefile.in.orig Fri Sep 7 20:31:51 2007
-+++ src/dynamic-preprocessors/Makefile.in Mon Nov 19 22:18:10 2007
-@@ -540,8 +540,7 @@ maintainer-clean-generic:
+--- src/dynamic-preprocessors/Makefile.in.orig Wed Nov 14 16:32:47 2007
src/dynamic-preprocessors/Makefile.in Fri Nov 30 12:09:32 2007
+@@ -543,8 +543,7 @@ maintainer-clean-generic:
@echo This command is intended for maintainers to use
@echo it deletes files that may require special tools to rebuild.
-test -z $(BUILT_SOURCES) || rm -f $(BUILT_SOURCES)
@@ -11,7 +11,7 @@
clean: clean-recursive
clean-am: clean-generic clean-libtool clean-local mostlyclean-am
-@@ -705,20 +704,6 @@ include/str_search.h: $(srcdir)/../preprocessors/str_s
+@@ -700,20 +699,6 @@ include/str_search.h: $(srcdir)/../preprocessors/str_s
clean-local:
rm -rf include build
diff -ur
../snort.patched/patches/patch-src_dynamic-preprocessors_dcerpc_Makefile_in
./patches/patch-src_dynamic-preprocessors_dcerpc_Makefile_in
--- ../snort.patched/patches/patch-src_dynamic-preprocessors_dcerpc_Makefile_in
Fri Nov 30 11:56:08 2007
+++ ./patches/patch-src_dynamic-preprocessors_dcerpc_Makefile_inFri Nov
30 12:09:44 2007
@@ -1,7 +1,7 @@
$OpenBSD$
src/dynamic-preprocessors/dcerpc/Makefile.in.orig Fri Sep 7 20:31:51 2007
-+++ src/dynamic-preprocessors/dcerpc/Makefile.in Mon Nov 19 22:18:11 2007
-@@ -392,7 +392,7 @@ distdir: $(DISTFILES)
+--- src/dynamic-preprocessors/dcerpc/Makefile.in.orig Wed Nov 14 16:32:47 2007
src/dynamic-preprocessors/dcerpc/Makefile.in Fri Nov 30 12:09:32 2007
+@@ -394,7 +394,7 @@ distdir: $(DISTFILES)
check-am: all-am
check: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) check-am
@@ -9,4 +9,4 @@
Re: [UPDATE] net/snort 2.8.0
On Fri, Nov 30 2007 at 34:12, Nikns Siankin wrote: On Thu, Nov 29, 2007 at 12:21:13AM +0100, Markus Lude wrote: Hello, here is an update to snort 2.8.0. Please test/comment/commit/... Based on changes for 2.7.0.1 by Jason Dixon. Some added patches fix bus errors on sparc64 noticed by [EMAIL PROTECTED] If noone other wants, I would take maintainership (not included in diff). Regards, Markus Attached diff to apply after your diff. * Updated to 2.8.0.1 * Fixes flexresp flavor: http://marc.info/?l=snort-usersm=119099490314507w=2 * Fixes prelude WANTLIB * Replaces depricated --with-mysql Compile fine this time with flexresp. I'll test with prelude in the next few days. Thanks ! Claer
Re: [UPDATE] net/snort 2.8.0
works for me.
follow msf@ advice, resubmit a diff to 2.8.0.1 and please take
maintainership.
Regards,
rui
On Thu, Nov 29, 2007 at 12:21:13AM +0100, Markus Lude wrote:
Hello,
here is an update to snort 2.8.0. Please test/comment/commit/...
Based on changes for 2.7.0.1 by Jason Dixon.
Some added patches fix bus errors on sparc64 noticed by [EMAIL PROTECTED]
If noone other wants, I would take maintainership (not included in
diff).
Regards,
Markus
Index: Makefile
===
RCS file: /cvs/ports/net/snort/Makefile,v
retrieving revision 1.51
diff -u -p -r1.51 Makefile
--- Makefile 15 Sep 2007 22:36:59 - 1.51
+++ Makefile 21 Nov 2007 00:43:34 -
@@ -2,14 +2,14 @@
COMMENT= highly flexible sniffer/NIDS
-DISTNAME=snort-2.6.0.2
-PKGNAME= ${DISTNAME}p1
+DISTNAME=snort-2.8.0
+PKGNAME= ${DISTNAME}
CATEGORIES= net security
MASTER_SITES=${HOMEPAGE}/dl/current/
HOMEPAGE= http://www.snort.org/
-# GPL
+# GPLv2
PERMIT_PACKAGE_CDROM=Yes
PERMIT_PACKAGE_FTP= Yes
PERMIT_DISTFILES_CDROM= Yes
@@ -17,9 +17,11 @@ PERMIT_DISTFILES_FTP= Yes
WANTLIB= c m pcap
SHARED_LIBS= sf_engine 0.0 \
+ sf_dcerpc_preproc 0.0 \
sf_dns_preproc 0.0 \
sf_ftptelnet_preproc 0.0 \
- sf_smtp_preproc 0.0
+ sf_smtp_preproc 0.0 \
+ sf_ssh_preproc 0.0
USE_LIBTOOL= Yes
@@ -62,10 +64,12 @@ CONFIGURE_ARGS+=--enable-prelude
MESSAGE= ${PKGDIR}/MESSAGE-prelude
.endif
-CONFIGS= classification.config gen-msg.map generators reference.config \
- sid sid-msg.map snort.conf threshold.conf unicode.map
+CONFIGS= classification.config gen-msg.map reference.config \
+ sid-msg.map snort.conf threshold.conf unicode.map
-DOCS=AUTHORS CREDITS README.* *.pdf
+PREPROC= decoder.rules preprocessor.rules
+
+DOCS=AUTHORS CREDITS README README.* *.pdf TODO USAGE
WISHLIST
post-build:
@perl -pi -e s,%%SYSCONFDIR%%,${SYSCONFDIR}, \
@@ -77,6 +81,11 @@ post-install:
${INSTALL_DATA_DIR} ${PREFIX}/share/examples/snort
.for i in ${CONFIGS}
${INSTALL_DATA} ${WRKSRC}/etc/${i} ${PREFIX}/share/examples/snort
+.endfor
+ ${INSTALL_DATA} ${WRKSRC}/doc/generators ${PREFIX}/share/examples/snort
+
+.for i in ${PREPROC}
+ ${INSTALL_DATA} ${WRKSRC}/preproc_rules/${i}
${PREFIX}/share/examples/snort
.endfor
${INSTALL_DATA_DIR} ${PREFIX}/share/doc/snort
Index: distinfo
===
RCS file: /cvs/ports/net/snort/distinfo,v
retrieving revision 1.15
diff -u -p -r1.15 distinfo
--- distinfo 5 Apr 2007 16:20:15 - 1.15
+++ distinfo 21 Nov 2007 00:43:34 -
@@ -1,5 +1,5 @@
-MD5 (snort-2.6.0.2.tar.gz) = XAlP9tgtuEWl8CPkpJIQPg==
-RMD160 (snort-2.6.0.2.tar.gz) = cG1j24O30DesinHIEEMk2bdZTrU=
-SHA1 (snort-2.6.0.2.tar.gz) = Gms/sZqC+Dvw/OWo226xJ3xyN5s=
-SHA256 (snort-2.6.0.2.tar.gz) = B716x7ZF0TgKzmWzPAZO1Y2dwhvXNrH3a8V13CLhpeI=
-SIZE (snort-2.6.0.2.tar.gz) = 3350277
+MD5 (snort-2.8.0.tar.gz) = z7qxwuOc27iRISxL8V6C8w==
+RMD160 (snort-2.8.0.tar.gz) = 2sNqSh/aYLZszcXHdKthqqD2yKg=
+SHA1 (snort-2.8.0.tar.gz) = 8HuEoIcthhAGtWqManmmAwjdaLQ=
+SHA256 (snort-2.8.0.tar.gz) = uaBzfTL2nEvnSySDJLQBc2Z7W8e09Yru9PInGi6oQtE=
+SIZE (snort-2.8.0.tar.gz) = 4278872
Index: patches/patch-etc_snort_conf
===
RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v
retrieving revision 1.1
diff -u -p -r1.1 patch-etc_snort_conf
--- patches/patch-etc_snort_conf 10 Oct 2006 13:33:17 - 1.1
+++ patches/patch-etc_snort_conf 21 Nov 2007 00:43:34 -
@@ -1,22 +1,26 @@
$OpenBSD: patch-etc_snort_conf,v 1.1 2006/10/10 13:33:17 aanriot Exp $
etc/snort.conf.orig Wed Sep 13 21:44:31 2006
-+++ etc/snort.conf Tue Oct 10 12:54:59 2006
-@@ -82,6 +82,9 @@ var SNMP_SERVERS $HOME_NET
- # Port lists must either be continuous [eg 80:8080], or a single port [eg
80].
- # We will adding support for a real list of ports in the future.
-
+--- etc/snort.conf.orig Fri Sep 7 20:32:45 2007
etc/snort.conf Mon Nov 19 22:23:57 2007
+@@ -78,7 +78,10 @@ var SNMP_SERVERS $HOME_NET
+ # like this:
+ #
+ # portvar HTTP_PORTS 8081
+-#
++
+# Ports you run ssh servers on
-+var SSH_PORTS 22
++portvar SSH_PORTS 22
+
# Ports you run web servers on
- #
- # Please note: [80,8080] does not work.
-@@ -108,7 +111,7 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28.
+ portvar HTTP_PORTS 80
+
+@@ -107,8 +110,8 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.161
# Path to your rules files (this can be a relative path)
# Note for Windows users: You are advised to make this an absolute path,
# such as:
Re: [UPDATE] net/snort 2.8.0
On Thu, Nov 29 2007 at 21:00, Markus Lude wrote: Hello, here is an update to snort 2.8.0. Please test/comment/commit/... Does not compile on i386 with FLAVOR=flexresp on 4.2-stable Based on changes for 2.7.0.1 by Jason Dixon. Some added patches fix bus errors on sparc64 noticed by [EMAIL PROTECTED] If noone other wants, I would take maintainership (not included in diff). Regards, Markus Here is the compile error cc -DHAVE_CONFIG_H -I. -I../.. -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0 -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/sfutil -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/output-plugins -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/dynamic-plugins -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/preprocessors -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/preprocessors/flow -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/preprocessors/portscan -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/preprocessors/flow/int-snort -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/preprocessors/HttpInspect/include -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/preprocessors/Stream5 -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/target-based -I/usr/local/include -DENABLE_RESPONSE2 -I/usr/local/include -O2 -pipe -Wall -DDYNAMIC_PLUGIN -c /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c In file included from /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/decode.h:49, from /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c:99: /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/ipv6_port.h:71: error: conflicting types for `ip_t' /usr/local/include/dnet/ip.h:411: error: previous declaration of `ip_t' In file included from /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c:99: /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/decode.h:948:1: warning: IP_PROTO_HOPOPTS redefined In file included from /usr/local/include/dnet.h:15, from /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c:97: /usr/local/include/dnet/ip.h:97:1: warning: this is the location of the previous definition /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c: In function `Respond2Init': /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c:260: warning: assignment from incompatible pointer type /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c: In function `Respond2Restart': /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c:299: warning: passing arg 1 of `ip_close' from incompatible pointer type /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c:299: warning: assignment from incompatible pointer type /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c: In function `SendReset': /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c:682: warning: passing arg 1 of `ip_send' from incompatible pointer type /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c: In function `SendUnreach': /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c:806: warning: passing arg 1 of `ip_send' from incompatible pointer type *** Error code 1 Stop in /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/build-i386-flexresp/src/detection-plugins. *** Error code 1 Claer
Re: [UPDATE] net/snort 2.8.0
On Thu, Nov 29, 2007 at 12:21:13AM +0100, Markus Lude wrote: Hello, here is an update to snort 2.8.0. Please test/comment/commit/... 2.8.0.1 is already out. please resubmit a diff to 2.8.0.1
[UPDATE] net/snort 2.8.0
Hello,
here is an update to snort 2.8.0. Please test/comment/commit/...
Based on changes for 2.7.0.1 by Jason Dixon.
Some added patches fix bus errors on sparc64 noticed by [EMAIL PROTECTED]
If noone other wants, I would take maintainership (not included in
diff).
Regards,
Markus
Index: Makefile
===
RCS file: /cvs/ports/net/snort/Makefile,v
retrieving revision 1.51
diff -u -p -r1.51 Makefile
--- Makefile15 Sep 2007 22:36:59 - 1.51
+++ Makefile21 Nov 2007 00:43:34 -
@@ -2,14 +2,14 @@
COMMENT= highly flexible sniffer/NIDS
-DISTNAME= snort-2.6.0.2
-PKGNAME= ${DISTNAME}p1
+DISTNAME= snort-2.8.0
+PKGNAME= ${DISTNAME}
CATEGORIES=net security
MASTER_SITES= ${HOMEPAGE}/dl/current/
HOMEPAGE= http://www.snort.org/
-# GPL
+# GPLv2
PERMIT_PACKAGE_CDROM= Yes
PERMIT_PACKAGE_FTP=Yes
PERMIT_DISTFILES_CDROM= Yes
@@ -17,9 +17,11 @@ PERMIT_DISTFILES_FTP=Yes
WANTLIB= c m pcap
SHARED_LIBS= sf_engine 0.0 \
+ sf_dcerpc_preproc 0.0 \
sf_dns_preproc 0.0 \
sf_ftptelnet_preproc 0.0 \
- sf_smtp_preproc 0.0
+ sf_smtp_preproc 0.0 \
+ sf_ssh_preproc 0.0
USE_LIBTOOL= Yes
@@ -62,10 +64,12 @@ CONFIGURE_ARGS+=--enable-prelude
MESSAGE= ${PKGDIR}/MESSAGE-prelude
.endif
-CONFIGS= classification.config gen-msg.map generators reference.config \
- sid sid-msg.map snort.conf threshold.conf unicode.map
+CONFIGS= classification.config gen-msg.map reference.config \
+ sid-msg.map snort.conf threshold.conf unicode.map
-DOCS= AUTHORS CREDITS README.* *.pdf
+PREPROC= decoder.rules preprocessor.rules
+
+DOCS= AUTHORS CREDITS README README.* *.pdf TODO USAGE WISHLIST
post-build:
@perl -pi -e s,%%SYSCONFDIR%%,${SYSCONFDIR}, \
@@ -77,6 +81,11 @@ post-install:
${INSTALL_DATA_DIR} ${PREFIX}/share/examples/snort
.for i in ${CONFIGS}
${INSTALL_DATA} ${WRKSRC}/etc/${i} ${PREFIX}/share/examples/snort
+.endfor
+ ${INSTALL_DATA} ${WRKSRC}/doc/generators ${PREFIX}/share/examples/snort
+
+.for i in ${PREPROC}
+ ${INSTALL_DATA} ${WRKSRC}/preproc_rules/${i}
${PREFIX}/share/examples/snort
.endfor
${INSTALL_DATA_DIR} ${PREFIX}/share/doc/snort
Index: distinfo
===
RCS file: /cvs/ports/net/snort/distinfo,v
retrieving revision 1.15
diff -u -p -r1.15 distinfo
--- distinfo5 Apr 2007 16:20:15 - 1.15
+++ distinfo21 Nov 2007 00:43:34 -
@@ -1,5 +1,5 @@
-MD5 (snort-2.6.0.2.tar.gz) = XAlP9tgtuEWl8CPkpJIQPg==
-RMD160 (snort-2.6.0.2.tar.gz) = cG1j24O30DesinHIEEMk2bdZTrU=
-SHA1 (snort-2.6.0.2.tar.gz) = Gms/sZqC+Dvw/OWo226xJ3xyN5s=
-SHA256 (snort-2.6.0.2.tar.gz) = B716x7ZF0TgKzmWzPAZO1Y2dwhvXNrH3a8V13CLhpeI=
-SIZE (snort-2.6.0.2.tar.gz) = 3350277
+MD5 (snort-2.8.0.tar.gz) = z7qxwuOc27iRISxL8V6C8w==
+RMD160 (snort-2.8.0.tar.gz) = 2sNqSh/aYLZszcXHdKthqqD2yKg=
+SHA1 (snort-2.8.0.tar.gz) = 8HuEoIcthhAGtWqManmmAwjdaLQ=
+SHA256 (snort-2.8.0.tar.gz) = uaBzfTL2nEvnSySDJLQBc2Z7W8e09Yru9PInGi6oQtE=
+SIZE (snort-2.8.0.tar.gz) = 4278872
Index: patches/patch-etc_snort_conf
===
RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v
retrieving revision 1.1
diff -u -p -r1.1 patch-etc_snort_conf
--- patches/patch-etc_snort_conf10 Oct 2006 13:33:17 - 1.1
+++ patches/patch-etc_snort_conf21 Nov 2007 00:43:34 -
@@ -1,22 +1,26 @@
$OpenBSD: patch-etc_snort_conf,v 1.1 2006/10/10 13:33:17 aanriot Exp $
etc/snort.conf.origWed Sep 13 21:44:31 2006
-+++ etc/snort.conf Tue Oct 10 12:54:59 2006
-@@ -82,6 +82,9 @@ var SNMP_SERVERS $HOME_NET
- # Port lists must either be continuous [eg 80:8080], or a single port [eg 80].
- # We will adding support for a real list of ports in the future.
-
+--- etc/snort.conf.origFri Sep 7 20:32:45 2007
etc/snort.conf Mon Nov 19 22:23:57 2007
+@@ -78,7 +78,10 @@ var SNMP_SERVERS $HOME_NET
+ # like this:
+ #
+ # portvar HTTP_PORTS 8081
+-#
++
+# Ports you run ssh servers on
-+var SSH_PORTS 22
++portvar SSH_PORTS 22
+
# Ports you run web servers on
- #
- # Please note: [80,8080] does not work.
-@@ -108,7 +111,7 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28.
+ portvar HTTP_PORTS 80
+
+@@ -107,8 +110,8 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.161
# Path to your rules files (this can be a relative path)
# Note for Windows users: You are advised to make this an absolute path,
# such as: c:\snort\rules
-var RULE_PATH ../rules
+-var PREPROC_RULE_PATH ../preproc_rules
+var RULE_PATH %%SYSCONFDIR%%/snort/rules
++var PREPROC_RULE_PATH %%SYSCONFDIR%%/snort/preproc_rules
# Configure the snort decoder
#
Index:
Re: [UPDATE] net/snort 2.8.0
On Nov 28, 2007, at 6:21 PM, Markus Lude wrote: Hello, here is an update to snort 2.8.0. Please test/comment/commit/... Based on changes for 2.7.0.1 by Jason Dixon. Some added patches fix bus errors on sparc64 noticed by [EMAIL PROTECTED] Crashes on my alpha. I've sent you a new kdump offlist. --- Jason Dixon DixonGroup Consulting http://www.dixongroup.net
