Search
j0ke.net Open Build Service
>
Projects
>
oldschool
>
snort
> snort-2.4.4.spec
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
File snort-2.4.4.spec of Package snort
%define TYPE OTHER Name: snort Summary: packet-sniffer/logger Version: 2.4.4 Release: 1 URL: http://www.snort.org/ Group: Utilities/Security License: GPL Vendor: InterNetX GmbH Packager: InterNetX Package Maintainer <cs@internetx.de> BuildRoot: %{_tmppath}/%{name}-%{version}-root Source: %{name}-%{version}.tar.gz Source1: snortrules-snapshot-CURRENT.tar.gz Patch: snort-2.4.4.diff %description Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis and content searching/matching in order to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine that utilizes a modular plugin architecture. Snort has a real- time alerting capability as well, incorporating alerting mechanisms for syslog, user specified files, a UNIX socket, or WinPopup messages to Windows clients using Samba's smbclient. %prep %setup -n %{name}-%{version} -a 1 %patch -p1 %build ./configure \ --infodir=/usr/share/info \ --mandir=/usr/share/man \ --bindir=/usr/sbin \ --sysconfdir=/etc/snort \ --with-mysql \ --with-snmp \ --with-libxml2-libraries \ --with-libxml2-includes \ --with-openssl make %install make install DESTDIR=$RPM_BUILD_ROOT/ mkdir -p $RPM_BUILD_ROOT/var/log/snort mkdir -p $RPM_BUILD_ROOT/etc/snort cp etc/snort.conf $RPM_BUILD_ROOT/etc/snort mkdir -p $RPM_BUILD_ROOT/etc/init.d install rc $RPM_BUILD_ROOT/etc/init.d/snort ln -sf /etc/init.d/snort $RPM_BUILD_ROOT/usr/sbin/rcsnort mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates install -m 644 rc.config.snort $RPM_BUILD_ROOT/var/adm/fillup-templates echo "RPM_BUILD_ROOT: $RPM_BUILD_ROOT" install -d $RPM_BUILD_ROOT/usr/share/doc/packages/snort cp -pr contrib/ $RPM_BUILD_ROOT/usr/share/doc/packages/snort cp -p rules/* $RPM_BUILD_ROOT/etc/snort cd $RPM_BUILD_ROOT find . -type d | sed '1,2d;s,^\.,\%attr(-\,root\,root) \%dir ,' > $RPM_BUILD_DIR/file.list.snort find . -type f | sed 's,^\.,\%attr(-\,root\,root) ,' >> $RPM_BUILD_DIR/file.list.snort find . -type l | sed 's,^\.,\%attr(-\,root\,root) ,' >> $RPM_BUILD_DIR/file.list.snort sed -e 's|snort\.8|snort\.8\.gz|g' < $RPM_BUILD_DIR/file.list.snort > $RPM_BUILD_DIR/file.list.snort2 %post echo "Updating etc/rc.config..." if [ -x bin/fillup ] ; then bin/fillup -q -d = etc/rc.config var/adm/fillup-templates/rc.config.snort else echo "ERROR: fillup not found. This should not happen. Please compare" echo "etc/rc.config and var/adm/fillup-templates/rc.config.snort and" echo "update by hand." fi sbin/insserv etc/init.d/snort %postun sbin/insserv etc/init.d/ %files -f ../file.list.snort2 #%dir /var/log/snort #%doc AUTHORS BUGS COPYING CREDITS ChangeLog FAQ INSTALL LICENSE MIBS NEWS #%doc README README-SNMP README.FLEXRESP README.PLUGINS README.Spade #%doc README.Spade.Usage README.database README.tcpstream README.xml #%doc RULES.SAMPLE SnortUsersManual.pdf USAGE contrib #%config /etc/snort/snort.conf #%config /etc/snort/attack-responses.rules #%config /etc/snort/backdoor.rules #%config /etc/snort/bad-traffic.rules #%config /etc/snort/classification.config #%config /etc/snort/ddos.rules #%config /etc/snort/dns.rules #%config /etc/snort/dos.rules #%config /etc/snort/exploit.rules #%config /etc/snort/finger.rules #%config /etc/snort/ftp.rules #%config /etc/snort/icmp-info.rules #%config /etc/snort/icmp.rules #%config /etc/snort/info.rules #%config /etc/snort/local.rules #%config /etc/snort/misc.rules #%config /etc/snort/netbios.rules #%config /etc/snort/policy.rules #%config /etc/snort/porn.rules #%config /etc/snort/rpc.rules #%config /etc/snort/rservices.rules #%config /etc/snort/scan.rules #%config /etc/snort/shellcode.rules #%config /etc/snort/sid-msg.map #%config /etc/snort/smtp.rules #%config /etc/snort/sql.rules #%config /etc/snort/telnet.rules #%config /etc/snort/tftp.rules #%config /etc/snort/virus.rules #%config /etc/snort/web-attacks.rules #%config /etc/snort/web-cgi.rules #%config /etc/snort/web-coldfusion.rules #%config /etc/snort/web-frontpage.rules #%config /etc/snort/web-iis.rules #%config /etc/snort/web-misc.rules #%config /etc/snort/x11.rules #%config /etc/init.d/snort #/usr/sbin/snort #/usr/sbin/rcsnort #/var/adm/fillup-templates/rc.config.snort #/usr/share/man/man8/snort.8.gz %clean [ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT rm -rf %{_builddir}/%{name}-%{version}
