1 |
Summary: An Intrusion Detection System (IDS) |
2 |
Name: snort |
3 |
Version: 2.9.20 |
4 |
Release: %mkrel 2 |
5 |
License: GPLv2 |
6 |
Group: Networking/Other |
7 |
URL: https://www.snort.org/ |
8 |
Source0: https://www.snort.org/downloads/snort/snort-%{version}.tar.gz |
9 |
Source3: snort.init |
10 |
Source4: snort.logrotate |
11 |
Source5: snort.sysconfig |
12 |
Source6: snortdb-extra |
13 |
Patch0: snort-lib64.diff |
14 |
# (oe) http://www.inliniac.net/files/ |
15 |
# http://www.snortsam.net/files/snort-plugin/snortsam-2.9.5.3-2.diff.gz |
16 |
Patch1: snort-2.9.20-snortsam.diff |
17 |
Patch2: snort-2.9.20-plugins_fix.diff |
18 |
Patch5: snort-2.9.4.6-conf.diff |
19 |
Patch6: snort-2.9.2.2-pcre-ldflags.patch |
20 |
Patch7: snort-2.9.8.0-cflags.patch |
21 |
Patch8: snort-2.9.20-libtirpc.patch |
22 |
Requires(post): systemd >= %{systemd_required_version} |
23 |
Requires(post): rpm-helper |
24 |
Requires(post): snort-rules |
25 |
Requires(preun): rpm-helper |
26 |
Requires(preun): snort-rules |
27 |
Requires(pre): rpm-helper |
28 |
Requires(postun): rpm-helper |
29 |
Requires: pcre |
30 |
Requires: pcap |
31 |
Requires: snort-rules |
32 |
Requires: daq-modules |
33 |
BuildRequires: sed |
34 |
BuildRequires: pcap-devel |
35 |
BuildRequires: mysql-devel |
36 |
BuildRequires: openssl-devel |
37 |
BuildRequires: postgresql-devel |
38 |
BuildRequires: texlive |
39 |
BuildRequires: zlib-devel |
40 |
BuildRequires: pcre-devel |
41 |
BuildRequires: dnet-devel |
42 |
BuildRequires: chrpath |
43 |
BuildRequires: iptables-devel |
44 |
BuildRequires: flex |
45 |
BuildRequires: bison |
46 |
BuildRequires: latex2html |
47 |
BuildRequires: libgcrypt-devel |
48 |
BuildRequires: gnutls-devel |
49 |
BuildRequires: prelude-devel |
50 |
BuildRequires: iptables-ipq-devel |
51 |
BuildRequires: daq-devel |
52 |
BuildRequires: libtirpc-devel |
53 |
BuildRequires: luajit-devel |
54 |
Recommends: snortsam |
55 |
|
56 |
%description |
57 |
Snort is a libpcap-based packet sniffer/logger which can be used as a |
58 |
lightweight network intrusion detection system. It features rules based logging |
59 |
and can perform protocol analysis, content searching/matching and can be used |
60 |
to detect a variety of attacks and probes, such as buffer overflows, stealth |
61 |
port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. |
62 |
Snort has a real-time alerting capability, with alerts being sent to syslog, a |
63 |
separate "alert" file, or as a WinPopup message via Samba's smbclient |
64 |
|
65 |
This rpm is different from previous rpms and while it will not clobber |
66 |
your current snort file, you will need to modify it. |
67 |
|
68 |
There are 9 different packages available |
69 |
|
70 |
All of them require the base snort rpm. Additionally, you will need |
71 |
to chose a binary to install. |
72 |
|
73 |
%{_sbindir}/snort should end up being a symlink to a binary in one of |
74 |
the following configurations. We use update-alternatives for this. |
75 |
Here are the different packages along with their priorities. |
76 |
|
77 |
plain(10) plain+flexresp(11) mysql(12) |
78 |
mysql+flexresp(13) postgresql(14) postgresql+flexresp(15) |
79 |
bloat(16) inline(17) inline+flexresp(18) |
80 |
prelude(19) prelude+flexresp(20) |
81 |
|
82 |
Please see the documentation in %{_docdir}/%{name} |
83 |
|
84 |
%package plain+flexresp |
85 |
Summary: Snort with Flexible Response |
86 |
Group: Networking/Other |
87 |
Requires: snort >= %{version} |
88 |
|
89 |
%description plain+flexresp |
90 |
Snort is a libpcap-based packet sniffer/logger which can be used as a |
91 |
lightweight network intrusion detection system. It features rules based logging |
92 |
and can perform protocol analysis, content searching/matching and can be used |
93 |
to detect a variety of attacks and probes, such as buffer overflows, stealth |
94 |
port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. |
95 |
Snort has a real-time alerting capability, with alerts being sent to syslog, a |
96 |
separate "alert" file, or as a WinPopup message via Samba's smbclient |
97 |
|
98 |
Snort compiled with flexresp support. FlexResp allows snort to actively close |
99 |
offending connections. |
100 |
|
101 |
%package mysql |
102 |
Summary: Snort with MySQL database support |
103 |
Group: Networking/Other |
104 |
Requires: snort >= %{version} |
105 |
|
106 |
%description mysql |
107 |
Snort is a libpcap-based packet sniffer/logger which can be used as a |
108 |
lightweight network intrusion detection system. It features rules based logging |
109 |
and can perform protocol analysis, content searching/matching and can be used |
110 |
to detect a variety of attacks and probes, such as buffer overflows, stealth |
111 |
port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. |
112 |
Snort has a real-time alerting capability, with alerts being sent to syslog, a |
113 |
separate "alert" file, or as a WinPopup message via Samba's smbclient |
114 |
|
115 |
Snort compiled with mysql support. |
116 |
|
117 |
%package mysql+flexresp |
118 |
Summary: Snort with MySQL database and Flexible Response support |
119 |
Group: Networking/Other |
120 |
Requires: snort >= %{version} |
121 |
|
122 |
%description mysql+flexresp |
123 |
Snort is a libpcap-based packet sniffer/logger which can be used as a |
124 |
lightweight network intrusion detection system. It features rules based logging |
125 |
and can perform protocol analysis, content searching/matching and can be used |
126 |
to detect a variety of attacks and probes, such as buffer overflows, stealth |
127 |
port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. |
128 |
Snort has a real-time alerting capability, with alerts being sent to syslog, a |
129 |
separate "alert" file, or as a WinPopup message via Samba's smbclient |
130 |
|
131 |
Snort compiled with mysql+flexresp support. FlexResp allows snort to actively |
132 |
close offending connections. |
133 |
|
134 |
%package postgresql |
135 |
Summary: Snort with PostgreSQL database support |
136 |
Group: Networking/Other |
137 |
Requires: snort >= %{version} |
138 |
|
139 |
%description postgresql |
140 |
Snort is a libpcap-based packet sniffer/logger which can be used as a |
141 |
lightweight network intrusion detection system. It features rules based logging |
142 |
and can perform protocol analysis, content searching/matching and can be used |
143 |
to detect a variety of attacks and probes, such as buffer overflows, stealth |
144 |
port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. |
145 |
Snort has a real-time alerting capability, with alerts being sent to syslog, a |
146 |
separate "alert" file, or as a WinPopup message via Samba's smbclient |
147 |
|
148 |
Snort compiled with postgresql support. |
149 |
|
150 |
%package postgresql+flexresp |
151 |
Summary: Snort with PostgreSQL database and Flexible Response support |
152 |
Group: Networking/Other |
153 |
Requires: snort >= %{version} |
154 |
|
155 |
%description postgresql+flexresp |
156 |
Snort is a libpcap-based packet sniffer/logger which can be used as a |
157 |
lightweight network intrusion detection system. It features rules based logging |
158 |
and can perform protocol analysis, content searching/matching and can be used |
159 |
to detect a variety of attacks and probes, such as buffer overflows, stealth |
160 |
port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. |
161 |
Snort has a real-time alerting capability, with alerts being sent to syslog, a |
162 |
separate "alert" file, or as a WinPopup message via Samba's smbclient |
163 |
|
164 |
Snort compiled with postgresql+flexresp support. FlexResp allows snort to |
165 |
actively close offending connections. |
166 |
|
167 |
%package bloat |
168 |
Summary: Snort with flexresp+mysql+postgresql+inline+prelude support |
169 |
Group: Networking/Other |
170 |
Requires: snort >= %{version} |
171 |
|
172 |
%description bloat |
173 |
Snort is a libpcap-based packet sniffer/logger which can be used as a |
174 |
lightweight network intrusion detection system. It features rules based logging |
175 |
and can perform protocol analysis, content searching/matching and can be used |
176 |
to detect a variety of attacks and probes, such as buffer overflows, stealth |
177 |
port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. |
178 |
Snort has a real-time alerting capability, with alerts being sent to syslog, a |
179 |
separate "alert" file, or as a WinPopup message via Samba's smbclient |
180 |
|
181 |
Snort compiled with flexresp+mysql+postgresql+inline+prelude support. |
182 |
|
183 |
%package inline |
184 |
Summary: Snort with Inline support |
185 |
Group: Networking/Other |
186 |
Requires: iptables |
187 |
Requires: snort >= %{version} |
188 |
|
189 |
%description inline |
190 |
Snort is a libpcap-based packet sniffer/logger which can be used as a |
191 |
lightweight network intrusion detection system. It features rules based logging |
192 |
and can perform protocol analysis, content searching/matching and can be used |
193 |
to detect a variety of attacks and probes, such as buffer overflows, stealth |
194 |
port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. |
195 |
Snort has a real-time alerting capability, with alerts being sent to syslog, a |
196 |
separate "alert" file, or as a WinPopup message via Samba's smbclient |
197 |
|
198 |
Snort compiled with inline support. Snort-Inline takes packets from iptables |
199 |
instead of libpcap. It then uses new rule types to help iptables make pass or |
200 |
drop decisions based on snort rules. |
201 |
|
202 |
%package inline+flexresp |
203 |
Summary: Snort with Inline and Flexible Response support |
204 |
Group: Networking/Other |
205 |
Requires: iptables |
206 |
Requires: snort >= %{version} |
207 |
|
208 |
%description inline+flexresp |
209 |
Snort is a libpcap-based packet sniffer/logger which can be used as a |
210 |
lightweight network intrusion detection system. It features rules based logging |
211 |
and can perform protocol analysis, content searching/matching and can be used |
212 |
to detect a variety of attacks and probes, such as buffer overflows, stealth |
213 |
port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. |
214 |
Snort has a real-time alerting capability, with alerts being sent to syslog, a |
215 |
separate "alert" file, or as a WinPopup message via Samba's smbclient |
216 |
|
217 |
Snort compiled with inline+flexresp support. FlexResp allows snort to actively |
218 |
close offending connections. Snort-Inline takes packets from iptables instead |
219 |
of libpcap. It then uses new rule types to help iptables make pass or drop |
220 |
decisions based on snort rules. |
221 |
|
222 |
%package prelude |
223 |
Summary: Snort with Prelude support |
224 |
Group: Networking/Other |
225 |
Requires: snort >= %{version} |
226 |
|
227 |
%description prelude |
228 |
Snort is a libpcap-based packet sniffer/logger which can be used as a |
229 |
lightweight network intrusion detection system. It features rules based logging |
230 |
and can perform protocol analysis, content searching/matching and can be used |
231 |
to detect a variety of attacks and probes, such as buffer overflows, stealth |
232 |
port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. |
233 |
Snort has a real-time alerting capability, with alerts being sent to syslog, a |
234 |
separate "alert" file, or as a WinPopup message via Samba's smbclient |
235 |
|
236 |
Snort compiled with prelude support. |
237 |
|
238 |
%package prelude+flexresp |
239 |
Summary: Snort with Prelude and Flexible Response support |
240 |
Group: Networking/Other |
241 |
Requires: snort >= %{version} |
242 |
|
243 |
%description prelude+flexresp |
244 |
Snort is a libpcap-based packet sniffer/logger which can be used as a |
245 |
lightweight network intrusion detection system. It features rules based logging |
246 |
and can perform protocol analysis, content searching/matching and can be used |
247 |
to detect a variety of attacks and probes, such as buffer overflows, stealth |
248 |
port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. |
249 |
Snort has a real-time alerting capability, with alerts being sent to syslog, a |
250 |
separate "alert" file, or as a WinPopup message via Samba's smbclient |
251 |
|
252 |
Snort compiled with prelude+flexresp support. FlexResp allows snort to actively |
253 |
close offending connections. |
254 |
|
255 |
%package devel |
256 |
Summary: Snort development files |
257 |
Group: Networking/Other |
258 |
Requires: snort = %{version} |
259 |
|
260 |
%description devel |
261 |
Snort is a libpcap-based packet sniffer/logger which can be used as a |
262 |
lightweight network intrusion detection system. It features rules based logging |
263 |
and can perform protocol analysis, content searching/matching and can be used |
264 |
to detect a variety of attacks and probes, such as buffer overflows, stealth |
265 |
port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. |
266 |
Snort has a real-time alerting capability, with alerts being sent to syslog, a |
267 |
separate "alert" file, or as a WinPopup message via Samba's smbclient |
268 |
|
269 |
This are snort H files. |
270 |
|
271 |
|
272 |
%prep |
273 |
|
274 |
%setup -q |
275 |
%patch0 -p1 -b .lib64 |
276 |
%patch1 -p1 -b .snortsam |
277 |
%patch2 -p1 -b .plugins_fix |
278 |
%patch5 -p0 |
279 |
%patch6 -p0 |
280 |
%patch7 -p1 -b .cflags |
281 |
%patch8 -p1 |
282 |
|
283 |
%{__cat} configure.in|%{__sed} -r 's|AM_CONFIG_HEADER|AC_CONFIG_HEADERS|' > configure.in.1 |
284 |
%{__rm} -f configure.in |
285 |
%{__mv} configure.in.1 configure.in |
286 |
|
287 |
# fix pid file path |
288 |
/bin/echo "#define _PATH_VARRUN \"/run/%{name}\"" >> acconfig.h |
289 |
|
290 |
%{__cp} -a %{SOURCE6} . |
291 |
|
292 |
%build |
293 |
%serverbuild |
294 |
export WANT_AUTOCONF_2_5=1 |
295 |
rm -f configure |
296 |
libtoolize --automake --copy --force --install; aclocal -I m4; autoheader; automake --foreign --add-missing --copy -f; autoconf -f |
297 |
|
298 |
# build snort |
299 |
rm -rf building && install -d -m 755 building && cd building |
300 |
export CONFIGURE_TOP=../.. |
301 |
SNORT_BASE_CONFIG="--prefix=%{_prefix} \ |
302 |
--libdir=%{_libdir} \ |
303 |
--libexecdir=%{_libdir}/%{name} \ |
304 |
--mandir=%{_mandir} \ |
305 |
--sysconfdir=%{_sysconfdir}/%{name} \ |
306 |
--disable-prelude \ |
307 |
--enable-shared \ |
308 |
--enable-pthread \ |
309 |
--enable-dynamicplugin \ |
310 |
--enable-perfprofiling \ |
311 |
--enable-linux-smp-stats \ |
312 |
--enable-control-socket \ |
313 |
--disable-static-daq \ |
314 |
--enable-ppm \ |
315 |
--enable-decoder-preprocessor-rules \ |
316 |
--cache-file=../../config.cache \ |
317 |
--enable-reload \ |
318 |
--enable-reload-error-restart \ |
319 |
--enable-zlib \ |
320 |
--enable-mpls \ |
321 |
--enable-targetbased \ |
322 |
--enable-perfprofiling \ |
323 |
--enable-inline-init-failopen \ |
324 |
--enable-active-response \ |
325 |
--enable-normalizer \ |
326 |
--enable-react \ |
327 |
--enable-large-pcap \ |
328 |
--with-daq-includes=%{_includedir} \ |
329 |
--with-daq-libraries=%{_libdir}" |
330 |
|
331 |
# Will be, when I port razorback into Mandriva/Mageia |
332 |
# --enable-rzb-saac" |
333 |
|
334 |
# there are some strange configure errors |
335 |
# when not doing a distclean between major builds. |
336 |
# plain |
337 |
{ |
338 |
install -d -m 755 plain; cd plain |
339 |
%configure $SNORT_BASE_CONFIG \ |
340 |
--without-mysql --disable-mysql \ |
341 |
--without-postgresql --disable-postgresql \ |
342 |
--without-oracle --disable-oracle \ |
343 |
--without-odbc --disable-odbc \ |
344 |
--without-inline --disable-inline |
345 |
%make_build |
346 |
mv src/%{name} ../%{name}-plain |
347 |
#make distclean |
348 |
cd .. |
349 |
} |
350 |
|
351 |
# plain+flexresp |
352 |
{ |
353 |
install -d -m 755 plain+flexresp; cd plain+flexresp |
354 |
%configure $SNORT_BASE_CONFIG \ |
355 |
--without-mysql --disable-mysql \ |
356 |
--without-postgresql --disable-postgresql \ |
357 |
--without-oracle --disable-oracle \ |
358 |
--without-odbc --disable-odbc \ |
359 |
--enable-flexresp3 \ |
360 |
--with-dnet-includes=%{_includedir} \ |
361 |
--with-dnet-libraries=%{_libdir} \ |
362 |
--without-inline --disable-inline |
363 |
%make_build |
364 |
mv src/%{name} ../%{name}-plain+flexresp |
365 |
# make distclean |
366 |
cd .. |
367 |
} |
368 |
|
369 |
# mysql+flexresp |
370 |
{ |
371 |
install -d -m 755 mysql+flexresp; cd mysql+flexresp |
372 |
%configure $SNORT_BASE_CONFIG \ |
373 |
--with-mysql-includes=%{_includedir} \ |
374 |
--with-mysql-libraries=%{_libdir} \ |
375 |
--without-postgresql --disable-postgresql \ |
376 |
--without-oracle --disable-oracle \ |
377 |
--without-odbc --disable-odbc \ |
378 |
--enable-flexresp3 \ |
379 |
--with-dnet-includes=%{_includedir} \ |
380 |
--with-dnet-libraries=%{_libdir} \ |
381 |
--without-inline --disable-inline |
382 |
%make_build |
383 |
mv src/%{name} ../%{name}-mysql+flexresp |
384 |
# make distclean |
385 |
cd .. |
386 |
} |
387 |
|
388 |
# mysql |
389 |
{ |
390 |
install -d -m 755 mysql; cd mysql |
391 |
%configure $SNORT_BASE_CONFIG \ |
392 |
--with-mysql-includes=%{_includedir} \ |
393 |
--with-mysql-libraries=%{_libdir} \ |
394 |
--without-postgresql --disable-postgresql \ |
395 |
--without-oracle --disable-oracle \ |
396 |
--without-odbc --disable-odbc \ |
397 |
--without-inline --disable-inline |
398 |
%make_build |
399 |
mv src/%{name} ../%{name}-mysql |
400 |
# make distclean |
401 |
cd .. |
402 |
} |
403 |
|
404 |
# postgresql+flexresp |
405 |
{ |
406 |
install -d -m 755 postgresql+flexresp; cd postgresql+flexresp |
407 |
%configure $SNORT_BASE_CONFIG \ |
408 |
--without-mysql --disable-mysql \ |
409 |
--with-postgresql=%{_prefix} \ |
410 |
--without-oracle --disable-oracle \ |
411 |
--without-odbc --disable-odbc \ |
412 |
--enable-flexresp3 \ |
413 |
--with-dnet-includes=%{_includedir} \ |
414 |
--with-dnet-libraries=%{_libdir} \ |
415 |
--without-inline --disable-inline |
416 |
%make_build |
417 |
mv src/%{name} ../%{name}-postgresql+flexresp |
418 |
# make distclean |
419 |
cd .. |
420 |
} |
421 |
|
422 |
# postgresql |
423 |
{ |
424 |
install -d -m 755 postgresql; cd postgresql |
425 |
%configure $SNORT_BASE_CONFIG \ |
426 |
--without-mysql --disable-mysql \ |
427 |
--with-postgresql=%{_prefix} \ |
428 |
--without-oracle --disable-oracle \ |
429 |
--without-odbc --disable-odbc \ |
430 |
--without-inline --disable-inline |
431 |
%make_build |
432 |
mv src/%{name} ../%{name}-postgresql |
433 |
# make distclean |
434 |
cd .. |
435 |
} |
436 |
|
437 |
# bloat |
438 |
{ |
439 |
install -d -m 755 bloat; cd bloat |
440 |
%configure $SNORT_BASE_CONFIG \ |
441 |
--with-mysql-includes=%{_includedir} \ |
442 |
--with-mysql-libraries=%{_libdir} \ |
443 |
--with-postgresql=%{_prefix} \ |
444 |
--without-oracle --disable-oracle \ |
445 |
--without-odbc --disable-odbc \ |
446 |
--with-openssl=%{_prefix} \ |
447 |
--enable-flexresp3 \ |
448 |
--with-dnet-includes=%{_includedir} \ |
449 |
--with-dnet-libraries=%{_libdir} \ |
450 |
--with-inline --enable-inline \ |
451 |
--with-libipq-includes=%{_includedir} \ |
452 |
--with-libipq-libraries=%{_libdir} \ |
453 |
--enable-prelude --with-libprelude-prefix=%{_prefix} |
454 |
%make_build |
455 |
mv src/%{name} ../%{name}-bloat |
456 |
# make distclean |
457 |
cd .. |
458 |
} |
459 |
|
460 |
# inline |
461 |
{ |
462 |
install -d -m 755 inline; cd inline |
463 |
%configure $SNORT_BASE_CONFIG \ |
464 |
--without-mysql --disable-mysql \ |
465 |
--without-postgresql --disable-postgresql \ |
466 |
--without-oracle --disable-oracle \ |
467 |
--without-odbc --disable-odbc \ |
468 |
--with-inline --enable-inline \ |
469 |
--with-libipq-includes=%{_includedir} \ |
470 |
--with-libipq-libraries=%{_libdir} |
471 |
%make_build |
472 |
mv src/%{name} ../%{name}-inline |
473 |
#make distclean |
474 |
cd .. |
475 |
} |
476 |
|
477 |
# inline+flexresp |
478 |
{ |
479 |
install -d -m 755 inline+flexresp; cd inline+flexresp |
480 |
%configure $SNORT_BASE_CONFIG \ |
481 |
--without-mysql --disable-mysql \ |
482 |
--without-postgresql --disable-postgresql \ |
483 |
--without-oracle --disable-oracle \ |
484 |
--without-odbc --disable-odbc \ |
485 |
--enable-flexresp3 \ |
486 |
--with-dnet-includes=%{_includedir} \ |
487 |
--with-dnet-libraries=%{_libdir} \ |
488 |
--with-inline --enable-inline \ |
489 |
--with-libipq-includes=%{_includedir} \ |
490 |
--with-libipq-libraries=%{_libdir} |
491 |
%make_build |
492 |
mv src/%{name} ../%{name}-inline+flexresp |
493 |
#make distclean |
494 |
cd .. |
495 |
} |
496 |
|
497 |
# prelude+flexresp |
498 |
{ |
499 |
install -d -m 755 prelude+flexresp; cd prelude+flexresp |
500 |
%configure $SNORT_BASE_CONFIG \ |
501 |
--enable-prelude --with-libprelude-prefix=%{_prefix} \ |
502 |
--without-mysql --disable-mysql \ |
503 |
--without-postgresql --disable-postgresql \ |
504 |
--without-oracle --disable-oracle \ |
505 |
--without-odbc --disable-odbc \ |
506 |
--enable-flexresp3 \ |
507 |
--with-dnet-includes=%{_includedir} \ |
508 |
--with-dnet-libraries=%{_libdir} \ |
509 |
--without-inline --disable-inline |
510 |
%make_build |
511 |
mv src/%{name} ../%{name}-prelude+flexresp |
512 |
# make distclean |
513 |
cd .. |
514 |
} |
515 |
|
516 |
# prelude |
517 |
{ |
518 |
install -d -m 755 prelude; cd prelude |
519 |
%configure $SNORT_BASE_CONFIG \ |
520 |
--enable-prelude --with-libprelude-prefix=%{_prefix} \ |
521 |
--without-mysql --disable-mysql \ |
522 |
--without-postgresql --disable-postgresql \ |
523 |
--without-oracle --disable-oracle \ |
524 |
--without-odbc --disable-odbc \ |
525 |
--without-inline --disable-inline |
526 |
%make_build |
527 |
mv src/%{name} ../%{name}-prelude |
528 |
# make distclean |
529 |
cd .. |
530 |
} |
531 |
|
532 |
cd .. |
533 |
|
534 |
## make the html versions of the faq and manual |
535 |
#pushd doc |
536 |
# latex2html -info 0 -local_icons -show_section_numbers -link +2 -split +1 faq.tex |
537 |
# latex2html -info 0 -local_icons -show_section_numbers -link +2 -split +2 -noaddress snort_manual.tex |
538 |
# # cleanup |
539 |
# rm -f faq/WARNINGS faq/*.tex faq/*.idx faq/*.log faq/*.aux faq/*.pl |
540 |
# rm -f snort_manual/WARNINGS snort_manual/*.tex snort_manual/*.aux snort_manual/*.log snort_manual/*.pl |
541 |
#popd |
542 |
|
543 |
%install |
544 |
install -d -m 755 %{buildroot}%{_sysconfdir}/%{name}/rules |
545 |
install -d -m 755 %{buildroot}%{_sysconfdir}/sysconfig |
546 |
install -d -m 755 %{buildroot}%{_sysconfdir}/logrotate.d |
547 |
install -d -m 755 %{buildroot}/var/log/%{name}/empty |
548 |
install -d -m 755 %{buildroot}%{_sbindir} |
549 |
install -d -m 755 %{buildroot}%{_initrddir} |
550 |
install -d -m 755 %{buildroot}%{_mandir}/man8 |
551 |
|
552 |
%make_install -C building/plain |
553 |
|
554 |
# cleanup |
555 |
rm -f %{buildroot}%{_bindir}/%{name} |
556 |
rm -rf %{buildroot}%{_prefix}/src |
557 |
rm -f %{buildroot}%{_libdir}/libsf_sorules.{a,la} |
558 |
rm -f %{buildroot}%{_libdir}/%{name}/*.{a,la} |
559 |
rm -f %{buildroot}%{_libdir}/%{name}/dynamicengine/*.{a,la} |
560 |
rm -f %{buildroot}%{_libdir}/%{name}/dynamicpreprocessor/*.{a,la} |
561 |
rm -f %{buildroot}%{_libdir}/%{name}_dynamicpreprocessor/*.{a,la} |
562 |
#rm -f %%{buildroot}%%{_libdir}/%%{name}/dynamicrules/*.{a,la} |
563 |
rm -f %{buildroot}%{_libdir}/%{name}/dynamic_preproc/*.{a,la} |
564 |
rm -f %{buildroot}%{_libdir}/%{name}/dynamic_output/*.{a,la} |
565 |
|
566 |
{ |
567 |
pushd building |
568 |
install -m 755 %{name}-plain %{buildroot}%{_sbindir}/%{name}-plain |
569 |
install -m 755 %{name}-plain+flexresp %{buildroot}%{_sbindir}/%{name}-plain+flexresp |
570 |
install -m 755 %{name}-mysql %{buildroot}%{_sbindir}/%{name}-mysql |
571 |
install -m 755 %{name}-mysql+flexresp %{buildroot}%{_sbindir}/%{name}-mysql+flexresp |
572 |
install -m 755 %{name}-postgresql %{buildroot}%{_sbindir}/%{name}-postgresql |
573 |
install -m 755 %{name}-postgresql+flexresp %{buildroot}%{_sbindir}/%{name}-postgresql+flexresp |
574 |
install -m 755 %{name}-bloat %{buildroot}%{_sbindir}/%{name}-bloat |
575 |
install -m 755 %{name}-inline %{buildroot}%{_sbindir}/%{name}-inline |
576 |
install -m 755 %{name}-inline+flexresp %{buildroot}%{_sbindir}/%{name}-inline+flexresp |
577 |
install -m 755 %{name}-prelude %{buildroot}%{_sbindir}/%{name}-prelude |
578 |
install -m 755 %{name}-prelude+flexresp %{buildroot}%{_sbindir}/%{name}-prelude+flexresp |
579 |
popd |
580 |
} |
581 |
|
582 |
install %{name}.8* %{buildroot}%{_mandir}/man8 |
583 |
perl -pi -e "s|var RULE_PATH ../rules|var RULE_PATH rules|" etc/%{name}.conf |
584 |
|
585 |
install -m0644 etc/*.conf %{buildroot}%{_sysconfdir}/%{name}/ |
586 |
install -m0644 etc/*.config %{buildroot}%{_sysconfdir}/%{name}/ |
587 |
install -m0644 etc/*.map %{buildroot}%{_sysconfdir}/%{name}/ |
588 |
|
589 |
install -m0755 %{SOURCE3} %{buildroot}%{_initrddir}/snort |
590 |
install -m0644 %{SOURCE4} %{buildroot}%{_sysconfdir}/logrotate.d/%{name} |
591 |
install -m0644 %{SOURCE5} %{buildroot}%{_sysconfdir}/sysconfig/%{name} |
592 |
|
593 |
# strip rpath |
594 |
chrpath -d %{buildroot}%{_sbindir}/%{name}-* |
595 |
|
596 |
# fix libexecdir |
597 |
perl -pi -e "s|/usr/local/lib/snort_|%{_libdir}/%{name}/|g" %{buildroot}%{_sysconfdir}/%{name}/snort.conf |
598 |
perl -pi -e "s|/usr/local/lib/daq|%{_libdir}/daq|g" %{buildroot}%{_sysconfdir}/%{name}/snort.conf |
599 |
|
600 |
mkdir -p %{buildroot}%{_tmpfilesdir} |
601 |
cat <<EOF > %{buildroot}%{_tmpfilesdir}/%{name}.conf |
602 |
d /run/snort 0755 snort snort |
603 |
EOF |
604 |
|
605 |
# cleanup |
606 |
rm -rf %{buildroot}%{_datadir}/doc/snort |
607 |
|
608 |
%pre |
609 |
%_pre_useradd snort /var/log/snort /bin/false |
610 |
|
611 |
%post |
612 |
%{_sbindir}/update-alternatives --install %{_sbindir}/%{name} %{name} %{_sbindir}/%{name}-plain 10 |
613 |
%_tmpfilescreate %{name} |
614 |
%_post_service snort |
615 |
|
616 |
%preun |
617 |
%_preun_service snort |
618 |
|
619 |
%postun |
620 |
%_postun_userdel snort |
621 |
# remove the link if not upgrade |
622 |
if [ $1 = 0 ]; then |
623 |
%{_sbindir}/update-alternatives --remove %{name} %{_sbindir}/%{name}-plain |
624 |
fi |
625 |
|
626 |
%post plain+flexresp |
627 |
%{_sbindir}/update-alternatives --install %{_sbindir}/%{name} %{name} %{_sbindir}/%{name}-plain+flexresp 11 |
628 |
|
629 |
%postun plain+flexresp |
630 |
%{_sbindir}/update-alternatives --remove %{name} %{_sbindir}/%{name}-plain+flexresp |
631 |
|
632 |
%post mysql |
633 |
%{_sbindir}/update-alternatives --install %{_sbindir}/%{name} %{name} %{_sbindir}/%{name}-mysql 12 |
634 |
|
635 |
%postun mysql |
636 |
%{_sbindir}/update-alternatives --remove %{name} %{_sbindir}/%{name}-mysql |
637 |
|
638 |
%post mysql+flexresp |
639 |
%{_sbindir}/update-alternatives --install %{_sbindir}/%{name} %{name} %{_sbindir}/%{name}-mysql+flexresp 13 |
640 |
|
641 |
%postun mysql+flexresp |
642 |
%{_sbindir}/update-alternatives --remove %{name} %{_sbindir}/%{name}-mysql+flexresp |
643 |
|
644 |
%post postgresql |
645 |
%{_sbindir}/update-alternatives --install %{_sbindir}/%{name} %{name} %{_sbindir}/%{name}-postgresql 14 |
646 |
|
647 |
%postun postgresql |
648 |
%{_sbindir}/update-alternatives --remove %{name} %{_sbindir}/%{name}-postgresql |
649 |
|
650 |
%post postgresql+flexresp |
651 |
%{_sbindir}/update-alternatives --install %{_sbindir}/%{name} %{name} %{_sbindir}/%{name}-postgresql+flexresp 15 |
652 |
|
653 |
%postun postgresql+flexresp |
654 |
%{_sbindir}/update-alternatives --remove %{name} %{_sbindir}/%{name}-postgresql+flexresp |
655 |
|
656 |
%post bloat |
657 |
%{_sbindir}/update-alternatives --install %{_sbindir}/%{name} %{name} %{_sbindir}/%{name}-bloat 16 |
658 |
|
659 |
%postun bloat |
660 |
%{_sbindir}/update-alternatives --remove %{name} %{_sbindir}/%{name}-bloat |
661 |
|
662 |
%post inline |
663 |
%{_sbindir}/update-alternatives --install %{_sbindir}/%{name} %{name} %{_sbindir}/%{name}-inline 17 |
664 |
|
665 |
%postun inline |
666 |
%{_sbindir}/update-alternatives --remove %{name} %{_sbindir}/%{name}-inline |
667 |
|
668 |
%post inline+flexresp |
669 |
%{_sbindir}/update-alternatives --install %{_sbindir}/%{name} %{name} %{_sbindir}/%{name}-inline+flexresp 18 |
670 |
|
671 |
%postun inline+flexresp |
672 |
%{_sbindir}/update-alternatives --remove %{name} %{_sbindir}/%{name}-inline+flexresp |
673 |
|
674 |
%post prelude |
675 |
%{_sbindir}/update-alternatives --install %{_sbindir}/%{name} %{name} %{_sbindir}/%{name}-prelude 19 |
676 |
|
677 |
%postun prelude |
678 |
%{_sbindir}/update-alternatives --remove %{name} %{_sbindir}/%{name}-prelude |
679 |
|
680 |
%post prelude+flexresp |
681 |
%{_sbindir}/update-alternatives --install %{_sbindir}/%{name} %{name} %{_sbindir}/%{name}-prelude+flexresp 20 |
682 |
|
683 |
%postun prelude+flexresp |
684 |
%{_sbindir}/update-alternatives --remove %{name} %{_sbindir}/%{name}-prelude+flexresp |
685 |
|
686 |
%files |
687 |
%doc COPYING ChangeLog RELEASE.NOTES |
688 |
%doc doc/AUTHORS doc/BUGS doc/CREDITS doc/generators doc/INSTALL doc/NEWS doc/PROBLEMS doc/README |
689 |
%doc doc/README.alert_order doc/README.asn1 doc/README.csv |
690 |
%doc doc/README.dcerpc2 doc/README.decode doc/README.dns doc/README.event_queue |
691 |
%doc doc/README.flowbits doc/README.frag3 doc/README.daq doc/README.decoder_preproc_rules doc/README.reload |
692 |
%doc doc/README.ftptelnet doc/README.gre doc/README.http_inspect doc/README.ipip doc/README.filters |
693 |
%doc doc/README.ipv6 doc/README.pcap_readmode doc/README.PerfProfiling doc/README.PLUGINS doc/README.ppm |
694 |
%doc doc/README.sfportscan doc/README.SMTP doc/README.ssh doc/README.ssl doc/README.multipleconfigs |
695 |
%doc doc/README.stream5 doc/README.tag doc/README.thresholding doc/README.UNSOCK doc/README.variables |
696 |
%doc doc/README.WIN32 doc/TODO doc/USAGE doc/WISHLIST doc/README.active |
697 |
%doc doc/README.sensitive_data |
698 |
%doc doc/*.pdf doc/*.tex |
699 |
#doc %%doc doc/CRYPTIX-LICENSE.TXT doc/README.sam |
700 |
# latex2html is borked... |
701 |
#doc doc/snort_manual doc/faq |
702 |
%{_sbindir}/%{name}-plain |
703 |
%{_bindir}/u2boat |
704 |
%{_bindir}/u2spewfoo |
705 |
%{_bindir}/snort_control |
706 |
%{_bindir}/snort_dump_packets_control |
707 |
%{_bindir}/appid_detector_builder.sh |
708 |
%{_bindir}/u2openappid |
709 |
%{_bindir}/u2streamer |
710 |
%{_mandir}/man8/%{name}.8* |
711 |
%attr(0755,snort,snort) %dir /var/log/%{name} |
712 |
%attr(0755,snort,snort) %dir /var/log/%{name}/empty |
713 |
%dir %{_sysconfdir}/%{name} |
714 |
%dir %{_sysconfdir}/%{name}/rules |
715 |
%config(noreplace) %{_sysconfdir}/%{name}/*.config |
716 |
%config(noreplace) %{_sysconfdir}/%{name}/threshold.conf |
717 |
%config(noreplace) %{_sysconfdir}/%{name}/*.map |
718 |
%attr(0640,root,root) %config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf |
719 |
%attr(0640,root,root) %config(noreplace) %{_sysconfdir}/%{name}/file_magic.conf |
720 |
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name} |
721 |
%config(noreplace) %{_sysconfdir}/sysconfig/%{name} |
722 |
%{_tmpfilesdir}/%{name}.conf |
723 |
%{_initrddir}/snort |
724 |
%dir %{_libdir}/%{name} |
725 |
%dir %{_libdir}/%{name}/dynamicengine |
726 |
%dir %{_libdir}/%{name}/dynamicpreprocessor |
727 |
#dir %%{_libdir}/%%{name}/dynamicrules |
728 |
%{_libdir}/%{name}/dynamicengine/libsf_engine.so |
729 |
%{_libdir}/%{name}/dynamicpreprocessor/libsf_dce2_preproc.so |
730 |
#attr(0755,root,root) %%{_libdir}/%%{name}/dynamicpreprocessor/libsf_dcerpc_preproc.so |
731 |
%{_libdir}/%{name}/dynamicpreprocessor/libsf_dns_preproc.so |
732 |
#{_libdir}/%%{name}/dynamicpreprocessor/lib_sfdynamic_preprocessor_example.so |
733 |
%{_libdir}/%{name}/dynamicpreprocessor/libsf_ftptelnet_preproc.so |
734 |
%{_libdir}/%{name}/dynamicpreprocessor/libsf_smtp_preproc.so |
735 |
%{_libdir}/%{name}/dynamicpreprocessor/libsf_ssh_preproc.so |
736 |
%{_libdir}/%{name}/dynamicpreprocessor/libsf_ssl_preproc.so |
737 |
#{_libdir}/%%{name}/dynamicrules/lib_sfdynamic_example_rule.so |
738 |
%{_libdir}/%{name}/dynamicpreprocessor/libsf_sdf_preproc.so |
739 |
%{_libdir}/%{name}/dynamicpreprocessor/libsf_imap_preproc.so |
740 |
%{_libdir}/%{name}/dynamicpreprocessor/libsf_pop_preproc.so |
741 |
%{_libdir}/%{name}/dynamicpreprocessor/libsf_reputation_preproc.so |
742 |
%{_libdir}/%{name}/dynamicpreprocessor/libsf_sip_preproc.so |
743 |
%{_libdir}/%{name}/dynamicpreprocessor/libsf_dnp3_preproc.so |
744 |
%{_libdir}/%{name}/dynamicpreprocessor/libsf_gtp_preproc.so |
745 |
%{_libdir}/%{name}/dynamicpreprocessor/libsf_modbus_preproc.so |
746 |
%{_libdir}/%{name}/dynamicpreprocessor/libsf_appid_preproc.so |
747 |
%{_libdir}/%{name}_dynamicpreprocessor/libsf_s7commplus_preproc.so* |
748 |
%{_libdir}/libsf_sorules.so.* |
749 |
|
750 |
%files plain+flexresp |
751 |
%{_sbindir}/%{name}-plain+flexresp |
752 |
|
753 |
%files mysql |
754 |
#doc schemas/create_mysql |
755 |
%{_sbindir}/%{name}-mysql |
756 |
|
757 |
%files mysql+flexresp |
758 |
#doc schemas/create_mysql |
759 |
%{_sbindir}/%{name}-mysql+flexresp |
760 |
|
761 |
%files postgresql |
762 |
#doc schemas/create_postgresql |
763 |
%{_sbindir}/%{name}-postgresql |
764 |
|
765 |
%files postgresql+flexresp |
766 |
#doc schemas/create_postgresql |
767 |
%{_sbindir}/%{name}-postgresql+flexresp |
768 |
|
769 |
%files bloat |
770 |
%{_sbindir}/%{name}-bloat |
771 |
|
772 |
%files inline |
773 |
%{_sbindir}/%{name}-inline |
774 |
|
775 |
%files inline+flexresp |
776 |
%{_sbindir}/%{name}-inline+flexresp |
777 |
|
778 |
%files prelude |
779 |
%{_sbindir}/%{name}-prelude |
780 |
|
781 |
%files prelude+flexresp |
782 |
%{_sbindir}/%{name}-prelude+flexresp |
783 |
|
784 |
%files devel |
785 |
%{_libdir}/libsf_sorules.so |
786 |
%{_libdir}/pkgconfig/snort.pc |
787 |
%{_libdir}/pkgconfig/snort_preproc.pc |
788 |
%{_libdir}/pkgconfig/snort_output.pc |
789 |
%dir %{_includedir}/%{name} |
790 |
%{_includedir}/%{name}/dynamic_preproc/ |
791 |
%{_includedir}/%{name}/dynamic_output/ |