This diff updates the Snort pkg/README to change the Snort ruleset
download URL from HTTP to HTTPS to avoid exposing the oinkcode in
transit (suggested by David Hill a while ago).
It also adds a note that registered users without a paid subscription
are only allowed to download the official Snort ruleset once every 15
minutes (suggested by Adam Jeanguenat a while ago). This restriction is
not obvious from the official snort.org site, so I think it would be
helpful to users to include a note here.
This diff does not make any functional change to Snort itself.
Thoughts? OK?
Lawrence
Index: Makefile
===================================================================
RCS file: /cvs/ports/net/snort/Makefile,v
retrieving revision 1.73
diff -u -p -r1.73 Makefile
--- Makefile 16 Jan 2013 04:52:53 -0000 1.73
+++ Makefile 27 Jan 2013 03:37:37 -0000
@@ -7,6 +7,7 @@ COMMENT = highly flexible sniffer/NIDS
VERSION = 2.9.4.0
DISTNAME = snort-2.9.4
PKGNAME = snort-${VERSION}
+REVISION = 0
CATEGORIES = net security
Index: pkg/README
===================================================================
RCS file: /cvs/ports/net/snort/pkg/README,v
retrieving revision 1.2
diff -u -p -r1.2 README
--- pkg/README 11 Oct 2012 02:40:48 -0000 1.2
+++ pkg/README 7 Feb 2013 04:31:41 -0000
@@ -29,8 +29,11 @@ to the correct directory:
* Official Snort rules (replace <oinkcode> with yours):
ftp -o snortrules-snapshot-${V}.tar.gz \
-
http://www.snort.org/reg-rules/snortrules-snapshot-${V}.tar.gz/<oinkcode>
+
https://www.snort.org/reg-rules/snortrules-snapshot-${V}.tar.gz/<oinkcode>
tar -C /etc/snort -xzf snortrules-snapshot-${V}.tar.gz rules preproc_rules
+
+ Note that registered users without a paid subscription are only
+ allowed to download the official Snort ruleset once every 15 minutes.
* Emerging Threats rules:
