390 lines
14 KiB
RPMSpec
390 lines
14 KiB
RPMSpec
%define enable_mysql 1
|
|
%define enable_odbc 0
|
|
%define enable_postgresql 0
|
|
%define groupid 65023
|
|
%define userid 65023
|
|
|
|
Name: snort
|
|
Version: 2.9.6.2
|
|
Release: 1mamba
|
|
Summary: The Open Source Intrusion Detection System
|
|
Group: Network/Monitoring
|
|
Vendor: openmamba
|
|
Distribution: openmamba
|
|
Packager: Silvan Calarco <silvan.calarco@mambasoft.it>
|
|
URL: http://www.snort.org
|
|
# 2.8.6.1: no direct link working; downloaded by hand
|
|
Source0: https://www.snort.org/downloads/snort/snort-%{version}.tar.gz
|
|
Source1: snort-initscript
|
|
Source2: snort-sysconfig
|
|
Source3: snort-createmysql
|
|
Source4: snort-createmysql-archive
|
|
#Source5: http://www.snort.org/dl/contrib/...
|
|
Source5: snortdb-extra.bz2
|
|
Source6: http://www.snort.org/pub-bin/downloads.cgi/Download/comm_rules/Community-Rules-CURRENT.tar.gz
|
|
Source7: snort-conf
|
|
License: GPL
|
|
%if %enable_mysql
|
|
BuildRequires: libmysql5-devel
|
|
%endif
|
|
%if %enable_odbc
|
|
Requires: libodbc >= 2.2.6
|
|
BuildRequires: libodbc-devel >= 2.2.6
|
|
%endif
|
|
%if %enable_postgresql
|
|
Requires: postgresql >= 7.3.3
|
|
BuildRequires: postgresql-devel >= 7.4-2
|
|
%endif
|
|
## AUTOBUILDREQ-BEGIN
|
|
BuildRequires: glibc-devel
|
|
BuildRequires: libmysql5-devel
|
|
BuildRequires: libopenssl-devel
|
|
BuildRequires: libpcap-devel
|
|
BuildRequires: libpcre-devel
|
|
BuildRequires: libz-devel
|
|
BuildRequires: mysql
|
|
BuildRequires: mysql-client
|
|
## AUTOBUILDREQ-END
|
|
BuildRequires: libdnet-devel
|
|
BuildRequires: libdaq-devel
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
|
Provides: %{_datadir}/snort/contrib/createmysql
|
|
Provides: %{_datadir}/snort/contrib/createmysql-archive
|
|
|
|
%description
|
|
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks.
|
|
It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.
|
|
Snort uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine that utilizes a modular plugin architecture.
|
|
Snort has a real-time alerting capability as well, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages to Windows clients using Samba's smbclient.
|
|
|
|
Snort has three primary uses.
|
|
It can be used as a straight packet sniffer like tcpdump(1), a packet logger (useful for network traffic debugging, etc), or as a full blown network intrusion detection system.
|
|
|
|
%package devel
|
|
Summary: Static libraries, headers and source files for development with %{name}
|
|
Group: Development/Applications
|
|
Requires: %{name} = %{version}-%{release}
|
|
|
|
%description devel
|
|
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks.
|
|
It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.
|
|
Snort uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine that utilizes a modular plugin architecture.
|
|
Snort has a real-time alerting capability as well, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages to Windows clients using Samba's smbclient.
|
|
|
|
Snort has three primary uses.
|
|
It can be used as a straight packet sniffer like tcpdump(1), a packet logger (useful for network traffic debugging, etc), or as a full blown network intrusion detection system.
|
|
|
|
This package contains the static libraries, headers and source files for development.
|
|
|
|
%prep
|
|
%setup -q -a6
|
|
sed -i "s|/usr/local|/usr|" etc/snort.conf
|
|
|
|
%build
|
|
%configure \
|
|
-sysconfdir=%{_sysconfdir}/snort \
|
|
--enable-linux-smp-stat \
|
|
--enable-smbalerts \
|
|
%if %enable_mysql
|
|
--with-mysql \
|
|
%else
|
|
--without-mysql --disable-mysql \
|
|
%endif
|
|
%if %enable_odbc
|
|
--with-odbc \
|
|
%endif
|
|
%if %enable_postgresql
|
|
--with-postgresql \
|
|
%endif
|
|
# --enable-sourcefire
|
|
# --enable-perfmonitor
|
|
# --enable-flexresp
|
|
|
|
%make -j1
|
|
|
|
%install
|
|
[ "%{buildroot}" != / ] && rm -rf %{buildroot}
|
|
%makeinstall
|
|
|
|
install -d %{buildroot}%{_sysconfdir}/snort/{rules,preproc_rules}
|
|
cp rules/*.rules %{buildroot}%{_sysconfdir}/snort/rules/
|
|
cp preproc_rules/*.rules %{buildroot}%{_sysconfdir}/snort/preproc_rules/
|
|
|
|
cp etc/*.conf etc/*.config etc/*.map %{buildroot}%{_sysconfdir}/snort
|
|
|
|
install -D -m 755 %{SOURCE1} %{buildroot}%{_initrddir}/snort
|
|
install -D -m 644 %{SOURCE2} %{buildroot}%{_sysconfdir}/sysconfig/snort
|
|
|
|
install -d %{buildroot}/var/log/snort
|
|
|
|
install -D %{SOURCE3} %{buildroot}%{_datadir}/snort/contrib/createmysql
|
|
install -D %{SOURCE4} %{buildroot}%{_datadir}/snort/contrib/createmysql-archive
|
|
|
|
install -D %{SOURCE7} %{buildroot}%{_sysconfdir}/snort/snort.conf
|
|
|
|
#cp contrib/create* contrib/snortdb-extra.bz2 %{buildroot}%{_datadir}/snort/contrib/
|
|
cp %{SOURCE5} %{buildroot}%{_datadir}/snort/contrib/
|
|
#cp schemas/create_* %{buildroot}%{_datadir}/snort/contrib/
|
|
|
|
%pre
|
|
/usr/sbin/groupadd snort -g %{groupid} 2>/dev/null
|
|
/usr/sbin/useradd -u %{userid} -c 'Snort user' -d /dev/null -g snort \
|
|
-s /bin/false snort 2>/dev/null
|
|
exit 0
|
|
|
|
%post
|
|
# new install
|
|
if [ $1 -eq 1 ]; then
|
|
RANDOM_PASSWD=`/usr/bin/mkpasswd -l 10 -s 0`
|
|
sed -i "s|# output database: log, mysql.*|output database: log, mysql, user=snort password=$RANDOM_PASSWD dbname=snort host=localhost|" \
|
|
%{_sysconfdir}/snort/snort.conf
|
|
%{_datadir}/snort/contrib/createmysql $RANDOM_PASSWD
|
|
%{_datadir}/snort/contrib/createmysql-archive $RANDOM_PASSWD
|
|
fi
|
|
exit 0
|
|
|
|
%preun
|
|
# erase
|
|
if [ $1 -eq 0 ]; then
|
|
service snort stop 2>/dev/null
|
|
/sbin/chkconfig --del snort
|
|
/usr/sbin/userdel snort 2>/dev/null
|
|
fi
|
|
exit 0
|
|
|
|
%postun
|
|
# update
|
|
if [ $1 -eq 1 ]; then
|
|
groupadd snort -g %{groupid} 2>/dev/null
|
|
/usr/sbin/useradd -u %{userid} -c 'Snort user' -d /dev/null -g snort \
|
|
-s /bin/false snort 2>/dev/null
|
|
/sbin/chkconfig snort
|
|
[ $? -eq 0 ] && service snort restart
|
|
fi
|
|
exit 0
|
|
|
|
%clean
|
|
[ "%{buildroot}" != / ] && rm -rf %{buildroot}
|
|
|
|
%files
|
|
%defattr(-,root,root)
|
|
%config(noreplace) %{_sysconfdir}/snort/snort.conf
|
|
%config %{_sysconfdir}/snort/file_magic.conf
|
|
%config(noreplace) %{_sysconfdir}/snort/threshold.conf
|
|
%config(noreplace) %{_sysconfdir}/snort/classification.config
|
|
%config(noreplace) %{_sysconfdir}/snort/reference.config
|
|
%config(noreplace) %{_sysconfdir}/sysconfig/snort
|
|
%{_sysconfdir}/snort/rules/*
|
|
%{_sysconfdir}/snort/preproc_rules/*
|
|
%{_sysconfdir}/snort/*.map
|
|
%{_bindir}/u2boat
|
|
%{_bindir}/u2spewfoo
|
|
%{_bindir}/snort
|
|
%dir %{_prefix}/lib/snort_dynamicengine
|
|
%{_prefix}/lib/snort_dynamicengine/libsf_engine.a
|
|
%{_prefix}/lib/snort_dynamicengine/libsf_engine.la
|
|
%{_prefix}/lib/snort_dynamicengine/libsf_engine.so
|
|
%{_prefix}/lib/snort_dynamicengine/libsf_engine.so.*
|
|
%dir %{_prefix}/lib/snort_dynamicpreprocessor
|
|
%{_prefix}/lib/snort_dynamicpreprocessor/*.a
|
|
%{_prefix}/lib/snort_dynamicpreprocessor/*.la
|
|
%{_prefix}/lib/snort_dynamicpreprocessor/*.so*
|
|
%dir %{_libdir}/snort/dynamic_output/
|
|
%{_libdir}/snort/dynamic_output/libsf_dynamic_output.a
|
|
%{_libdir}/snort/dynamic_output/libsf_dynamic_output.la
|
|
%dir %{_libdir}/snort/dynamic_preproc
|
|
%{_libdir}/snort/dynamic_preproc/libsf_dynamic_preproc.a
|
|
%{_libdir}/snort/dynamic_preproc/libsf_dynamic_preproc.la
|
|
%dir %{_datadir}/snort
|
|
%dir %{_datadir}/snort/contrib
|
|
%{_datadir}/snort/contrib/*
|
|
%attr(755,root,root) %{_initrddir}/snort
|
|
%dir %attr(755,snort,snort) /var/log/snort
|
|
%{_datadir}/doc/snort/*
|
|
%{_mandir}/man8/*
|
|
%doc ChangeLog doc/AUTHORS doc/CREDITS
|
|
%doc doc/snort_manual.*
|
|
|
|
%files devel
|
|
%defattr(-,root,root)
|
|
%{_prefix}/src/snort_dynamicsrc/*.h
|
|
%{_prefix}/src/snort_dynamicsrc/*.c
|
|
%dir %{_includedir}/snort
|
|
%{_includedir}/snort/*
|
|
%{_libdir}/pkgconfig/snort.pc
|
|
%{_libdir}/pkgconfig/snort_preproc.pc
|
|
%{_libdir}/pkgconfig/snort_output.pc
|
|
%doc doc/{BUGS,CREDITS,NEWS,README*,TODO,USAGE}
|
|
|
|
%changelog
|
|
* Thu Oct 16 2014 Silvan Calarco <silvan.calarco@mambasoft.it> 2.9.6.2-1mamba
|
|
- update to 2.9.6.2
|
|
|
|
* Thu Apr 24 2014 Automatic Build System <autodist@mambasoft.it> 2.9.6.1-1mamba
|
|
- automatic version update by autodist
|
|
|
|
* Sun Feb 02 2014 Automatic Build System <autodist@mambasoft.it> 2.9.6.0-1mamba
|
|
- automatic version update by autodist
|
|
|
|
* Tue Nov 19 2013 Automatic Build System <autodist@mambasoft.it> 2.9.5.6-1mamba
|
|
- automatic version update by autodist
|
|
|
|
* Tue Sep 17 2013 Automatic Build System <autodist@mambasoft.it> 2.9.5.5-1mamba
|
|
- automatic version update by autodist
|
|
|
|
* Wed Jul 31 2013 Automatic Build System <autodist@mambasoft.it> 2.9.5.3-1mamba
|
|
- automatic version update by autodist
|
|
|
|
* Tue Jul 02 2013 Automatic Build System <autodist@mambasoft.it> 2.9.5-1mamba
|
|
- automatic version update by autodist
|
|
|
|
* Thu Apr 25 2013 Automatic Build System <autodist@mambasoft.it> 2.9.4.6-1mamba
|
|
- automatic version update by autodist
|
|
|
|
* Thu Apr 04 2013 Automatic Build System <autodist@mambasoft.it> 2.9.4.5-1mamba
|
|
- automatic version update by autodist
|
|
|
|
* Wed Mar 06 2013 Automatic Build System <autodist@mambasoft.it> 2.9.4.1-1mamba
|
|
- automatic version update by autodist
|
|
|
|
* Tue Dec 04 2012 Automatic Build System <autodist@mambasoft.it> 2.9.4-1mamba
|
|
- automatic version update by autodist
|
|
|
|
* Thu Aug 09 2012 Automatic Build System <autodist@mambasoft.it> 2.9.3.1-1mamba
|
|
- automatic version update by autodist
|
|
|
|
* Sun Jul 22 2012 Automatic Build System <autodist@mambasoft.it> 2.9.3-1mamba
|
|
- automatic version update by autodist
|
|
|
|
* Wed May 16 2012 Automatic Build System <autodist@mambasoft.it> 2.9.2.3-1mamba
|
|
- automatic version update by autodist
|
|
|
|
* Wed Mar 28 2012 Automatic Build System <autodist@mambasoft.it> 2.9.2.2-1mamba
|
|
- automatic version update by autodist
|
|
|
|
* Fri Jan 20 2012 Automatic Build System <autodist@mambasoft.it> 2.9.2.1-1mamba
|
|
- automatic version update by autodist
|
|
|
|
* Thu Dec 22 2011 Automatic Build System <autodist@mambasoft.it> 2.9.2-1mamba
|
|
- automatic version update by autodist
|
|
|
|
* Thu Oct 20 2011 Automatic Build System <autodist@mambasoft.it> 2.9.1.2-1mamba
|
|
- automatic version update by autodist
|
|
|
|
* Fri Oct 07 2011 Automatic Build System <autodist@mambasoft.it> 2.9.1.1-1mamba
|
|
- automatic version update by autodist
|
|
|
|
* Thu Aug 25 2011 Automatic Build System <autodist@mambasoft.it> 2.9.1-1mamba
|
|
- automatic version update by autodist
|
|
|
|
* Thu Apr 07 2011 Automatic Build System <autodist@mambasoft.it> 2.9.0.5-1mamba
|
|
- automatic update by autodist
|
|
|
|
* Sat Feb 19 2011 Automatic Build System <autodist@mambasoft.it> 2.9.0.4-1mamba
|
|
- update to 2.9.0.4
|
|
|
|
* Mon Jul 26 2010 Automatic Build System <autodist@mambasoft.it> 2.8.6.1-1mamba
|
|
- update to 2.8.6.1
|
|
|
|
* Sat May 08 2010 Automatic Build System <autodist@mambasoft.it> 2.8.6-1mamba
|
|
- automatic update to 2.8.6 by autodist
|
|
|
|
* Thu Feb 18 2010 Automatic Build System <autodist@mambasoft.it> 2.8.5.3-1mamba
|
|
- automatic update to 2.8.5.3 by autodist
|
|
|
|
* Thu Dec 31 2009 Automatic Build System <autodist@mambasoft.it> 2.8.5.2-1mamba
|
|
- automatic update to 2.8.5.2 by autodist
|
|
|
|
* Sun Oct 25 2009 Automatic Build System <autodist@mambasoft.it> 2.8.5.1-1mamba
|
|
- automatic update to 2.8.5.1 by autodist
|
|
|
|
* Tue Sep 29 2009 Automatic Build System <autodist@mambasoft.it> 2.8.5-1mamba
|
|
- update to 2.8.5
|
|
|
|
* Tue Apr 28 2009 Automatic Build System <autodist@mambasoft.it> 2.8.4.1-1mamba
|
|
- automatic update to 2.8.4.1 by autodist
|
|
|
|
* Wed Apr 08 2009 Silvan Calarco <silvan.calarco@mambasoft.it> 2.8.4-1mamba
|
|
- automatic update to 2.8.4 by autodist
|
|
|
|
* Sat Jan 17 2009 Silvan Calarco <silvan.calarco@mambasoft.it> 2.8.3.2-1mamba
|
|
- automatic update to 2.8.3.2 by autodist
|
|
|
|
* Thu Oct 02 2008 Silvan Calarco <silvan.calarco@mambasoft.it> 2.8.3.1-1mamba
|
|
- automatic update to 2.8.3.1 by autodist
|
|
|
|
* Sat Sep 06 2008 Silvan Calarco <silvan.calarco@mambasoft.it> 2.8.3-1mamba
|
|
- update to 2.8.3
|
|
|
|
* Sun Aug 31 2008 Silvan Calarco <silvan.calarco@mambasoft.it> 2.8.2.2-2mamba
|
|
- fix requirements in post script
|
|
|
|
* Sun Aug 24 2008 gil <puntogil@libero.it> 2.8.2.2-1mamba
|
|
- update to 2.8.2.2
|
|
|
|
* Wed Jun 18 2008 Silvan Calarco <silvan.calarco@mambasoft.it> 2.8.2.1-1mamba
|
|
- update to 2.8.2.1
|
|
|
|
* Fri Jul 08 2005 Davide Madrisan <davide.madrisan@qilinux.it> 2.3.3-3qilnx
|
|
- rebuilt with new libpcap libraries
|
|
|
|
* Thu Jul 07 2005 Davide Madrisan <davide.madrisan@qilinux.it> 2.3.3-2qilnx
|
|
- fixed %%pre script
|
|
|
|
* Mon May 02 2005 Davide Madrisan <davide.madrisan@qilinux.it> 2.3.3-1qilnx
|
|
- update to version 2.3.3 by autospec
|
|
- new source `snortdb-extra.bz2'
|
|
see http://cvs.snort.org/viewcvs.cgi/snort/contrib/Attic/snortdb-extra.gz
|
|
- fixed group for used snort
|
|
|
|
* Fri Dec 31 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.2.0-1qilnx
|
|
- update to version 2.2.0 by autospec
|
|
|
|
* Tue Oct 05 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.1.3-5qilnx
|
|
- added creation of snort-archive database
|
|
|
|
* Sat Jun 05 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.1.3-4qilnx
|
|
- start daemon without "-A fast" otherwise it won't log to database
|
|
|
|
* Tue Jun 04 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.1.3-3qilnx
|
|
- completed db creation with snortdb-extra.gz
|
|
|
|
* Tue Jun 04 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.1.3-2qilnx
|
|
- reconfigured with mysql database creation on install
|
|
- now runs with its own user and group (snort)
|
|
|
|
* Thu Jun 03 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.1.3-1qilnx
|
|
- new version build
|
|
|
|
* Thu Apr 01 2004 Davide Madrisan <davide.madrisan@qilinux.it> 2.1.2-1qilnx
|
|
- new version rebuild
|
|
|
|
* Tue Mar 02 2004 Davide Madrisan <davide.madrisan@qilinux.it> 2.1.1-2qilnx
|
|
- RPM group modified; postun scriptlet fixed
|
|
|
|
* Mon Mar 01 2004 Davide Madrisan <davide.madrisan@qilinux.it> 2.1.1-1qilnx
|
|
- rebuilt with version 2.1.1
|
|
- minor specfile cleanups
|
|
|
|
* Tue Dec 30 2003 Davide Madrisan <davide.madrisan@qilinux.it> 2.1.0-1qilnx
|
|
- rebuilt with version 2.1.0
|
|
enabled support for mysql, postgresql, odbc
|
|
|
|
* Fri Nov 21 2003 Davide Madrisan <davide.madrisan@qilinux.it> 2.0.5-1qilnx
|
|
- rebuilt with version 2.0.5
|
|
|
|
* Fri Nov 07 2003 Davide Madrisan <davide.madrisan@qilinux.it> 2.0.4-1qilnx
|
|
- rebuilt with version 2.0.4
|
|
|
|
* Wed Nov 05 2003 Davide Madrisan <davide.madrisan@qilinux.it> 2.0.3-1qilnx
|
|
- rebuilt with version 2.0.3
|
|
|
|
* Fri Sep 19 2003 Davide Madrisan <davide.madrisan@qilinux.it> 2.0.2-1qilnx
|
|
- rebuid using snort 2.0.2
|
|
- some interesting optional features enabled (via configure options):
|
|
SMB alerting via Samba, statistics reporting through proc.
|
|
flexible responses on hostile connection attempts not yet enabled.
|
|
|
|
* Tue Jun 18 2003 Silvan Calarco <silvan.calarco@qinet.it> 2.0.0-1qilnx
|
|
- first build for snort
|