%define enable_mysql 1 %define enable_odbc 0 %define enable_postgresql 0 %define groupid 65023 %define userid 65023 Name: snort Version: 3.1.31.0 Release: 1mamba Summary: The Open Source Intrusion Detection System Group: Network/Monitoring Vendor: openmamba Distribution: openmamba Packager: Silvan Calarco URL: https://www.snort.org/ Source0: https://github.com/snort3/snort3.git/%{version}/snort3-%{version}.tar.bz2 Source1: snort-initscript Source2: snort-sysconfig Source3: snort-createmysql Source4: snort-createmysql-archive #Source5: http://www.snort.org/dl/contrib/... Source5: snortdb-extra.bz2 Source6: https://www.snort.org/downloads/community/snort3-community-rules.tar.gz Source7: snort-conf License: GPL %if %enable_mysql BuildRequires: libmysql5-devel %endif %if %enable_odbc Requires: libodbc >= 2.2.6 BuildRequires: libodbc-devel >= 2.2.6 %endif %if %enable_postgresql Requires: postgresql >= 7.3.3 BuildRequires: postgresql-devel >= 7.4-2 %endif ## AUTOBUILDREQ-BEGIN BuildRequires: glibc-devel BuildRequires: libatomic-devel BuildRequires: libdaq-devel BuildRequires: libdnet-devel BuildRequires: libgcc BuildRequires: libhwloc-devel BuildRequires: liblzma-devel BuildRequires: libmnl-devel BuildRequires: libopenssl-devel BuildRequires: libpcap-devel BuildRequires: libpcre-devel BuildRequires: libstdc++6-devel BuildRequires: libunwind-devel BuildRequires: libuuid-devel BuildRequires: libz-devel ## AUTOBUILDREQ-END BuildRequires: libdnet-devel BuildRequires: libdaq-devel >= 3.0.5 BuildRequires: libluajit-devel Provides: %{_datadir}/snort/contrib/createmysql Provides: %{_datadir}/snort/contrib/createmysql-archive %description Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine that utilizes a modular plugin architecture. Snort has a real-time alerting capability as well, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages to Windows clients using Samba's smbclient. Snort has three primary uses. It can be used as a straight packet sniffer like tcpdump(1), a packet logger (useful for network traffic debugging, etc), or as a full blown network intrusion detection system. %package devel Summary: Static libraries, headers and source files for development with %{name} Group: Development/Applications Requires: %{name} = %{version}-%{release} %description devel Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine that utilizes a modular plugin architecture. Snort has a real-time alerting capability as well, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages to Windows clients using Samba's smbclient. Snort has three primary uses. It can be used as a straight packet sniffer like tcpdump(1), a packet logger (useful for network traffic debugging, etc), or as a full blown network intrusion detection system. This package contains the static libraries, headers and source files for development. %debug_package %prep %setup -q -n snort3-%{version} -a6 #sed -i "s|/usr/local|/usr|" etc/snort.conf %build %cmake -d build \ -DCMAKE_INSTALL_SYSCONFDIR=%{_sysconfdir} %make :<< __OLD %configure \ --sysconfdir=%{_sysconfdir}/snort \ --enable-linux-smp-stat \ --enable-smbalerts \ %if %enable_mysql --with-mysql \ %else --without-mysql --disable-mysql \ %endif %if %enable_odbc --with-odbc \ %endif %if %enable_postgresql --with-postgresql \ %endif CFLAGS="%{optflags} -I%{_includedir}/tirpc" # --enable-sourcefire # --enable-perfmonitor # --enable-flexresp %make -j1 %install [ "%{buildroot}" != / ] && rm -rf %{buildroot} %makeinstall -C build install -d %{buildroot}%{_sysconfdir}/snort/{rules,preproc_rules} cp snort3-community-rules/*.rules %{buildroot}%{_sysconfdir}/snort/rules/ :<< __OLD #cp preproc_rules/*.rules %{buildroot}%{_sysconfdir}/snort/preproc_rules/ #cp etc/*.conf etc/*.config etc/*.map %{buildroot}%{_sysconfdir}/snort #install -D -m 755 %{SOURCE1} %{buildroot}%{_initrddir}/snort #install -D -m 644 %{SOURCE2} %{buildroot}%{_sysconfdir}/sysconfig/snort #install -d %{buildroot}/var/log/snort install -D %{SOURCE3} %{buildroot}%{_datadir}/snort/contrib/createmysql install -D %{SOURCE4} %{buildroot}%{_datadir}/snort/contrib/createmysql-archive install -D %{SOURCE7} %{buildroot}%{_sysconfdir}/snort/snort.conf #cp contrib/create* contrib/snortdb-extra.bz2 %{buildroot}%{_datadir}/snort/contrib/ cp %{SOURCE5} %{buildroot}%{_datadir}/snort/contrib/ #cp schemas/create_* %{buildroot}%{_datadir}/snort/contrib/ __OLD %pre /usr/sbin/groupadd snort -g %{groupid} 2>/dev/null /usr/sbin/useradd -u %{userid} -c 'Snort user' -d /dev/null -g snort \ -s /bin/false snort 2>/dev/null exit 0 #%post # new install #if [ $1 -eq 1 ]; then # RANDOM_PASSWD=`/usr/bin/mkpasswd -l 10 -s 0` # sed -i "s|# output database: log, mysql.*|output database: log, mysql, user=snort password=$RANDOM_PASSWD dbname=snort host=localhost|" \ # %{_sysconfdir}/snort/snort.conf # %{_datadir}/snort/contrib/createmysql $RANDOM_PASSWD # %{_datadir}/snort/contrib/createmysql-archive $RANDOM_PASSWD #fi #: %preun # erase if [ $1 -eq 0 ]; then #service snort stop 2>/dev/null #/sbin/chkconfig --del snort /usr/sbin/userdel snort 2>/dev/null fi : %postun # update if [ $1 -eq 1 ]; then groupadd snort -g %{groupid} 2>/dev/null /usr/sbin/useradd -u %{userid} -c 'Snort user' -d /dev/null -g snort \ -s /bin/false snort 2>/dev/null #/sbin/chkconfig snort #[ $? -eq 0 ] && service snort restart fi : %clean [ "%{buildroot}" != / ] && rm -rf %{buildroot} %files %defattr(-,root,root) %dir %{_sysconfdir}/snort %{_sysconfdir}/snort/*.lua %dir %{_sysconfdir}/snort/rules %{_sysconfdir}/snort/rules/* %{_bindir}/appid_detector_builder.sh #%{_bindir}/fbstreamer %{_bindir}/u2boat %{_bindir}/u2spewfoo %{_bindir}/snort %{_bindir}/snort2lua %dir %{_libdir}/snort %dir %{_libdir}/snort/daq %{_libdir}/snort/daq/daq_file.so %{_libdir}/snort/daq/daq_hext.so %dir %{_datadir}/doc/snort %{_datadir}/doc/snort/* #%dir %attr(755,snort,snort) /var/log/snort %doc COPYING LICENSE %files devel %defattr(-,root,root) %dir %{_includedir}/snort %{_includedir}/snort/* %{_libdir}/pkgconfig/snort.pc %changelog * Sat Jun 04 2022 Automatic Build System 3.1.31.0-1mamba - automatic version update by autodist * Sat May 21 2022 Automatic Build System 3.1.30.0-1mamba - automatic version update by autodist * Fri Feb 25 2022 Automatic Build System 3.1.24.0-1mamba - automatic version update by autodist * Thu Feb 10 2022 Automatic Build System 3.1.23.0-1mamba - automatic version update by autodist * Sat Feb 05 2022 Automatic Build System 3.1.22.0-1mamba - automatic version update by autodist * Thu Jan 27 2022 Automatic Build System 3.1.21.0-1mamba - automatic version update by autodist * Thu Jan 13 2022 Automatic Build System 3.1.20.0-1mamba - automatic version update by autodist * Wed Dec 29 2021 Silvan Calarco 3.1.19.0-1mamba - update to 3.1.19.0 * Fri Nov 20 2020 Automatic Build System 2.9.17-1mamba - automatic version update by autodist * Sun Aug 16 2020 Automatic Build System 2.9.16.1-1mamba - automatic version update by autodist * Thu Jun 23 2016 Automatic Build System 2.9.8.3-1mamba - automatic version update by autodist * Thu Mar 31 2016 Automatic Build System 2.9.8.2-1mamba - automatic version update by autodist * Tue Dec 01 2015 Automatic Build System 2.9.8.0-1mamba - automatic version update by autodist * Thu Oct 01 2015 Automatic Build System 2.9.7.6-1mamba - automatic version update by autodist * Fri Jul 24 2015 Automatic Build System 2.9.7.5-1mamba - automatic version update by autodist * Wed May 20 2015 Automatic Build System 2.9.7.3-1mamba - automatic version update by autodist * Fri Mar 20 2015 Automatic Build System 2.9.7.2-1mamba - automatic update by autodist * Fri Oct 24 2014 Automatic Build System 2.9.7.0-1mamba - automatic version update by autodist * Thu Oct 16 2014 Silvan Calarco 2.9.6.2-1mamba - update to 2.9.6.2 * Thu Apr 24 2014 Automatic Build System 2.9.6.1-1mamba - automatic version update by autodist * Sun Feb 02 2014 Automatic Build System 2.9.6.0-1mamba - automatic version update by autodist * Tue Nov 19 2013 Automatic Build System 2.9.5.6-1mamba - automatic version update by autodist * Tue Sep 17 2013 Automatic Build System 2.9.5.5-1mamba - automatic version update by autodist * Wed Jul 31 2013 Automatic Build System 2.9.5.3-1mamba - automatic version update by autodist * Tue Jul 02 2013 Automatic Build System 2.9.5-1mamba - automatic version update by autodist * Thu Apr 25 2013 Automatic Build System 2.9.4.6-1mamba - automatic version update by autodist * Thu Apr 04 2013 Automatic Build System 2.9.4.5-1mamba - automatic version update by autodist * Wed Mar 06 2013 Automatic Build System 2.9.4.1-1mamba - automatic version update by autodist * Tue Dec 04 2012 Automatic Build System 2.9.4-1mamba - automatic version update by autodist * Thu Aug 09 2012 Automatic Build System 2.9.3.1-1mamba - automatic version update by autodist * Sun Jul 22 2012 Automatic Build System 2.9.3-1mamba - automatic version update by autodist * Wed May 16 2012 Automatic Build System 2.9.2.3-1mamba - automatic version update by autodist * Wed Mar 28 2012 Automatic Build System 2.9.2.2-1mamba - automatic version update by autodist * Fri Jan 20 2012 Automatic Build System 2.9.2.1-1mamba - automatic version update by autodist * Thu Dec 22 2011 Automatic Build System 2.9.2-1mamba - automatic version update by autodist * Thu Oct 20 2011 Automatic Build System 2.9.1.2-1mamba - automatic version update by autodist * Fri Oct 07 2011 Automatic Build System 2.9.1.1-1mamba - automatic version update by autodist * Thu Aug 25 2011 Automatic Build System 2.9.1-1mamba - automatic version update by autodist * Thu Apr 07 2011 Automatic Build System 2.9.0.5-1mamba - automatic update by autodist * Sat Feb 19 2011 Automatic Build System 2.9.0.4-1mamba - update to 2.9.0.4 * Mon Jul 26 2010 Automatic Build System 2.8.6.1-1mamba - update to 2.8.6.1 * Sat May 08 2010 Automatic Build System 2.8.6-1mamba - automatic update to 2.8.6 by autodist * Thu Feb 18 2010 Automatic Build System 2.8.5.3-1mamba - automatic update to 2.8.5.3 by autodist * Thu Dec 31 2009 Automatic Build System 2.8.5.2-1mamba - automatic update to 2.8.5.2 by autodist * Sun Oct 25 2009 Automatic Build System 2.8.5.1-1mamba - automatic update to 2.8.5.1 by autodist * Tue Sep 29 2009 Automatic Build System 2.8.5-1mamba - update to 2.8.5 * Tue Apr 28 2009 Automatic Build System 2.8.4.1-1mamba - automatic update to 2.8.4.1 by autodist * Wed Apr 08 2009 Silvan Calarco 2.8.4-1mamba - automatic update to 2.8.4 by autodist * Sat Jan 17 2009 Silvan Calarco 2.8.3.2-1mamba - automatic update to 2.8.3.2 by autodist * Thu Oct 02 2008 Silvan Calarco 2.8.3.1-1mamba - automatic update to 2.8.3.1 by autodist * Sat Sep 06 2008 Silvan Calarco 2.8.3-1mamba - update to 2.8.3 * Sun Aug 31 2008 Silvan Calarco 2.8.2.2-2mamba - fix requirements in post script * Sun Aug 24 2008 gil 2.8.2.2-1mamba - update to 2.8.2.2 * Wed Jun 18 2008 Silvan Calarco 2.8.2.1-1mamba - update to 2.8.2.1 * Fri Jul 08 2005 Davide Madrisan 2.3.3-3qilnx - rebuilt with new libpcap libraries * Thu Jul 07 2005 Davide Madrisan 2.3.3-2qilnx - fixed %%pre script * Mon May 02 2005 Davide Madrisan 2.3.3-1qilnx - update to version 2.3.3 by autospec - new source `snortdb-extra.bz2' see http://cvs.snort.org/viewcvs.cgi/snort/contrib/Attic/snortdb-extra.gz - fixed group for used snort * Fri Dec 31 2004 Silvan Calarco 2.2.0-1qilnx - update to version 2.2.0 by autospec * Tue Oct 05 2004 Silvan Calarco 2.1.3-5qilnx - added creation of snort-archive database * Sat Jun 05 2004 Silvan Calarco 2.1.3-4qilnx - start daemon without "-A fast" otherwise it won't log to database * Fri Jun 04 2004 Silvan Calarco 2.1.3-3qilnx - completed db creation with snortdb-extra.gz * Fri Jun 04 2004 Silvan Calarco 2.1.3-2qilnx - reconfigured with mysql database creation on install - now runs with its own user and group (snort) * Thu Jun 03 2004 Silvan Calarco 2.1.3-1qilnx - new version build * Thu Apr 01 2004 Davide Madrisan 2.1.2-1qilnx - new version rebuild * Tue Mar 02 2004 Davide Madrisan 2.1.1-2qilnx - RPM group modified; postun scriptlet fixed * Mon Mar 01 2004 Davide Madrisan 2.1.1-1qilnx - rebuilt with version 2.1.1 - minor specfile cleanups * Tue Dec 30 2003 Davide Madrisan 2.1.0-1qilnx - rebuilt with version 2.1.0 enabled support for mysql, postgresql, odbc * Fri Nov 21 2003 Davide Madrisan 2.0.5-1qilnx - rebuilt with version 2.0.5 * Fri Nov 07 2003 Davide Madrisan 2.0.4-1qilnx - rebuilt with version 2.0.4 * Wed Nov 05 2003 Davide Madrisan 2.0.3-1qilnx - rebuilt with version 2.0.3 * Fri Sep 19 2003 Davide Madrisan 2.0.2-1qilnx - rebuid using snort 2.0.2 - some interesting optional features enabled (via configure options): SMB alerting via Samba, statistics reporting through proc. flexible responses on hostile connection attempts not yet enabled. * Wed Jun 18 2003 Silvan Calarco 2.0.0-1qilnx - first build for snort