Package: sagan Version: 1.2.0-1.2 Severity: wishlist Tags: patch Dear maintainer,
sagan's configure script contains | echo " The libdnet headers cannot be found. This library is used for Sagan's" | echo " Unified2 output support. Please see:" | echo " https://wiki.quadrantsec.com/bin/view/Main/Unified2Output"; and etc/sagan.yaml further elaborates | # The 'unified2' output allows Sagan to write in Snort's unified2 format. | # This allows events/alerts generates by Sagan to be read and queued for | # external programs like Barnyard2 (http://www.securixlive.com/barnyard2/). | # Barnyard2 can then record events to various formats (Sguil, PostgreSQL, | # MySQL, MS-SQL, Oracle, etc). Sagan must be compiled with libdnet support | # to use this function. However, the current packaging explicitly disables libdnet support, but the following small patch could be used to enable it: | diff -Nru sagan-1.2.0/debian/control sagan-1.2.0/debian/control | --- sagan-1.2.0/debian/control 2021-01-26 16:33:17.000000000 +0100 | +++ sagan-1.2.0/debian/control 2022-03-04 22:26:33.000000000 +0100 | @@ -14,7 +14,8 @@ | libpq-dev, | libprelude-dev, | liblognorm-dev, | - libyaml-dev | + libyaml-dev, | + libdumbnet-dev | Standards-Version: 4.1.4 | Homepage: http://sagan.softwink.com/ | #Vcs-Git: git://git.debian.org/collab-maint/sagan.git | diff -Nru sagan-1.2.0/debian/rules sagan-1.2.0/debian/rules | --- sagan-1.2.0/debian/rules 2021-01-26 16:35:40.000000000 +0100 | +++ sagan-1.2.0/debian/rules 2022-03-04 22:26:36.000000000 +0100 | @@ -17,7 +17,7 @@ | | override_dh_auto_configure: | dh_testdir | - dh_auto_configure -- --with-postgresql-includes=/usr/include/postgresql --disable-libdnet LIBS="-lm -lestr -lee" | + dh_auto_configure -- --with-postgresql-includes=/usr/include/postgresql --enable-libdnet LIBS="-lm -lestr -lee" | | override_dh_auto_install: | dh_auto_install The resulting binary package debdiff then merely indicates the additional dependency on libdumbnet1: | Control files of package sagan: lines which differ (wdiff format) | ----------------------------------------------------------------- | Depends: libc6 (>= 2.33), {+libdumbnet1 (>= 1.8),+} libfastjson4 (>= 0.99.3), liblognorm5 (>= 0.3.0), libpcre3, libyaml-0-2, adduser, sagan-rules, lsb-base (>= 3.0-6) | Installed-Size: [-592-] {+608+} | Version: [-1.2.0-1.2-] {+1.2.0-1.3+} Please consider whether it's worthwhile to include libdumbnet support into sagan, thanks. Oh, JFTR, libdnet was renamed in Debian to libdumbnet due to a naming conflict with a DECnet library, but luckily sagan knows how to deal with that, see above. The project lay dormant for quite some time but now found a new upstream. Disclaimer: I am the new libdumbnet maintainer, so of course I am biased on whether libdumbnet should be used. Cheers, Flo
signature.asc
Description: PGP signature
