snort maintainer ?

Thu May 15 16:14:35 UTC 2008

On Thursday 15 May 2008 11:53:29 Dennis Gilmore wrote:
> I'm the maintainer of snort the packaging of it is better than when i
> started but is nasty and painful.  

Agreed

> so far no one has stepped up and submitted patches.

below.

thanks,
-Steve


Only in devel: snort-2.4.3-configure64.patch
Only in devel: snort-2.4.4-demarc-patch.diff
diff -ur devel/snortd snort/snortd

--- devel/snortd	2007-11-17 18:46:17.000000000 -0500
+++ snort/snortd	2008-04-26 14:27:28.000000000 -0400
@@ -22,12 +22,20 @@
 # source the interface to listen on
 . /etc/sysconfig/snort
 
+if [ "$USER"x != "x" ] ; then
+	USER="-u $USER"
+fi
+
+if [ "$GROUP"x != "x" ] ; then
+	GROUP="-g $GROUP"
+fi
+
 # See how we were called.
 case "$1" in
   start)
 	echo -n "Starting snort: "
         cd /var/log/snort
-	daemon /usr/sbin/snort -A fast -b -l /var/log/snort -d -D \
+	daemon /usr/sbin/snort -D $SNORT_OPTIONS $USER $GROUP \
 		 -i $INTERFACE -c /etc/snort/snort.conf
 	touch /var/lock/subsys/snort
 	echo
diff -ur devel/snort.spec snort/snort.spec
--- devel/snort.spec	2008-02-18 15:16:11.000000000 -0500
+++ snort/snort.spec	2008-04-26 14:32:31.000000000 -0400
@@ -1,7 +1,7 @@
 Summary:        Intrusion detection system
 Name:           snort
-Version:        2.7.0.1
-Release:        6%{?dist}
+Version:        2.8.1
+Release:        1%{?dist}
 License:        GPLv2
 Group:          Applications/Internet
 Source0:        http://www.snort.org/dl/current/snort-%{version}.tar.gz
@@ -16,6 +16,7 @@
 BuildRequires:  perl
 BuildRequires:  pcre-devel
 BuildRequires:  sed
+BuildRequires:  libprelude-devel
 
 %package        plain+flexresp
 Summary:        Snort with Flexible Response
@@ -152,7 +153,7 @@
 %build
 
 SNORT_BASE_CONFIG="--with-libpcap-includes=/usr/include/pcap \
-                   --enable-dynamicplugin"
+                   --enable-dynamicplugin --enable-prelude"
 export LDFLAGS=-L/usr/lib64/mysql
 # there are some strange configure errors
 # when not doing a distclean between major builds.
@@ -316,7 +317,7 @@
 }
 
 install snort.8 %{buildroot}%{_mandir}/man8
-install etc/generators  etc/gen-msg.map  etc/sid etc/sid-msg.map  etc/threshold.conf  etc/unicode.map etc/reference.config etc/classification.config etc/snort.conf %{buildroot}%{_sysconfdir}/snort
+install etc/gen-msg.map  etc/sid-msg.map  etc/threshold.conf  etc/unicode.map etc/reference.config etc/classification.config etc/snort.conf %{buildroot}%{_sysconfdir}/snort
 install -p -m 755 %{SOURCE1} %{buildroot}/etc/rc.d/init.d
 mkdir -p %{buildroot}/etc/sysconfig/
 install -p -m 644 %{SOURCE3} %{buildroot}/etc/sysconfig/snort
@@ -452,6 +453,7 @@
 # handle compressed man pages.
 %attr(755,root,root) %{_mandir}/man8/snort.8*
 %attr(755,root,root) %dir /var/log/snort
+%attr(755,root,root) %dir %{_sysconfdir}/snort/rules
 %attr(644,root,root) %config %{_sysconfdir}/snort
 %attr(755,root,root) /etc/rc.d/init.d/snortd
 %{_libdir}/snort
@@ -483,6 +485,9 @@
 
 
 %changelog
+* Fri Apr 25 2008 Steve Grubb <sgrubb at redhat.com> - 2.8.1-1
+- update to 2.8.1
+
 * Mon Feb 18 2008 Fedora Release Engineering <rel-eng at fedoraproject.org> - 2.7.0.1-6
 - Autorebuild for GCC 4.3
 
diff -ur devel/sysconfig.snort snort/sysconfig.snort
--- devel/sysconfig.snort	2007-11-17 18:46:17.000000000 -0500
+++ snort/sysconfig.snort	2008-04-26 14:19:43.000000000 -0400
@@ -1,2 +1,11 @@
+# What user account should we run under. Empty means root
+USER=""
+
+# What group account should we run under. Empty means root
+GROUP=""
+
 # define the interface we listen on
-INTERFACE=eth0
+INTERFACE="eth0"
+
+# If you are using prelude, delete the '-A fast' option
+SNORT_OPTIONS="-A fast -b -l /var/log/snort -d"





