#
-# Copyright (C) 2006-2010 OpenWrt.org
+# Copyright (C) 2006-2011 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
PKG_NAME:=snort
PKG_VERSION:=2.8.4.1
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://dl.snort.org/snort-current/
PKG_MD5SUM:=63f4e76ae96a2d133f4c7b741bad5458
-PKG_FIXUP:=libtool
+PKG_BUILD_DEPENDS:=USE_UCLIBC:librpc
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
+PKG_FIXUP:=autoreconf
+PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
define Package/snort
$(call Package/snort/Default)
+ VARIANT:=basic
endef
define Package/snort/description
$(call Package/snort/Default)
DEPENDS+= +libmysqlclient
TITLE+= (MySQL)
+ VARIANT:=mysql
endef
define Package/snort-mysql/description
$(call Package/snort/Default)
DEPENDS+= +libpq
TITLE+= (PostgreSQL)
+ VARIANT:=pgsql
endef
define Package/snort-pgsql/description
This package contains snort with support for logging to a PostgreSQL database.
endef
-define Compile/Template
-
-$(PKG_BUILD_DIR)/snort$(1): $(STAMP_CONFIGURED)
- touch -r $(PKG_BUILD_DIR)/Makefile.am $(PKG_BUILD_DIR)/configure.in
- touch -r $(PKG_BUILD_DIR)/Makefile.in $(PKG_BUILD_DIR)/configure
- -$(MAKE) -C $(PKG_BUILD_DIR) distclean
- $(call Build/Configure/Default, \
- --enable-flexresp \
- --with-libnet-includes="$(STAGING_DIR)/usr/lib/libnet-1.0.x/include" \
- --with-libnet-libraries="$(STAGING_DIR)/usr/lib/libnet-1.0.x/lib" \
- --with-libpcap-includes="$(STAGING_DIR)/usr/include" \
- --with-libpcap-libraries="$(STAGING_DIR)/usr/lib" \
- --with-libpcre-includes="$(STAGING_DIR)/usr/include" \
- --with-libpcre-libraries="$(STAGING_DIR)/usr/lib" \
- $(2) \
- , \
- CPPFLAGS="$$$$CPPFLAGS -I$(STAGING_DIR)/usr/include/mysql" \
- LDFLAGS="$$$$LDFLAGS -L$(STAGING_DIR)/usr/lib/mysql" \
- PATH="$(STAGING_DIR)/usr/lib/libnet-1.0.x/bin:$$$$PATH" \
- $(3) \
- );
- $(MAKE) -C $(PKG_BUILD_DIR) \
- extra_incl="" \
- all
- mv $(PKG_BUILD_DIR)/src/snort $(PKG_BUILD_DIR)/snort$(1)
-
-$(PKG_BUILD_DIR)/.built: $(PKG_BUILD_DIR)/snort$(1)
-endef
+CONFIGURE_ARGS += \
+ --enable-flexresp \
+ --with-libnet-includes="$(STAGING_DIR)/usr/lib/libnet-1.0.x/include" \
+ --with-libnet-libraries="$(STAGING_DIR)/usr/lib/libnet-1.0.x/lib" \
+ --with-libpcap-includes="$(STAGING_DIR)/usr/include" \
+ --with-libpcap-libraries="$(STAGING_DIR)/usr/lib" \
+ --with-libpcre-includes="$(STAGING_DIR)/usr/include" \
+ --with-libpcre-libraries="$(STAGING_DIR)/usr/lib" \
+CONFIGURE_VARS += \
+ CPPFLAGS="$$$$CPPFLAGS -I$(STAGING_DIR)/usr/include/mysql" \
+ LDFLAGS="$$$$LDFLAGS -L$(STAGING_DIR)/usr/lib/mysql" \
+ PATH="$(STAGING_DIR)/usr/lib/libnet-1.0.x/bin:$$$$PATH" \
-define Install/Template
+MAKE_FLAGS += \
+ extra_incl="" \
-define Package/snort$(1)/conffiles
-/etc/default/snort
-/etc/snort/snort.conf
-/etc/snort/threshold.conf
-endef
+ifeq ($(BUILD_VARIANT),basic)
-define Package/snort$(1)/install
- $(INSTALL_DIR) $$(1)/usr/sbin
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/snort$(1) $$(1)/usr/sbin/snort
- $(INSTALL_DIR) $$(1)/etc/snort
- $(INSTALL_DATA) $(PKG_BUILD_DIR)/etc/snort.conf $$(1)/etc/snort/
- $(INSTALL_DATA) $(PKG_BUILD_DIR)/etc/classification.config $$(1)/etc/snort/
- $(INSTALL_DATA) $(PKG_BUILD_DIR)/etc/gen-msg.map $$(1)/etc/snort/
- $(INSTALL_DATA) $(PKG_BUILD_DIR)/etc/reference.config $$(1)/etc/snort/
- $(INSTALL_DATA) $(PKG_BUILD_DIR)/etc/sid-msg.map $$(1)/etc/snort/
- $(INSTALL_DATA) $(PKG_BUILD_DIR)/etc/threshold.conf $$(1)/etc/snort/
- $(INSTALL_DATA) $(PKG_BUILD_DIR)/etc/unicode.map $$(1)/etc/snort/
- $(INSTALL_DIR) $$(1)/etc/default
- $(INSTALL_DATA) ./files/snort.default $$(1)/etc/default/snort
- $(INSTALL_DIR) $$(1)/etc/init.d
- $(INSTALL_BIN) ./files/snort.init $$(1)/etc/init.d/snort
-endef
+ CONFIGURE_ARGS += \
+ --without-mysql \
+ --without-postgresql \
-endef
+endif
+ifeq ($(BUILD_VARIANT),mysql)
+ CONFIGURE_ARGS += \
+ --with-mysql="$(STAGING_DIR)/usr" \
+ --without-postgresql \
-ifneq ($(SDK)$(CONFIG_PACKAGE_snort),)
- define Compile/snort
- $(call Compile/Template,, \
- --without-mysql \
- --without-postgresql \
- )
- $(call Install/Template,)
- endef
endif
-$(eval $(Compile/snort))
-
-ifneq ($(SDK)$(CONFIG_PACKAGE_snort-mysql),)
- define Compile/snort-mysql
- $(call Compile/Template,-mysql, \
- --with-mysql="$(STAGING_DIR)/usr" \
- --without-postgresql \
- )
- $(call Install/Template,-mysql)
- endef
-endif
-$(eval $(Compile/snort-mysql))
+ifeq ($(BUILD_VARIANT),pgsql)
+ CONFIGURE_ARGS += \
+ --without-mysql \
+ --with-postgresql="$(STAGING_DIR)/usr" \
-ifneq ($(SDK)$(CONFIG_PACKAGE_snort-pgsql),)
- define Compile/snort-pgsql
- $(call Compile/Template,-pgsql, \
- --without-mysql \
- --with-postgresql="$(STAGING_DIR)/usr" \
- )
- $(call Install/Template,-pgsql)
- endef
endif
-$(eval $(Compile/snort-pgsql))
-define Build/Configure
+
+define Package/snort/conffiles
+/etc/default/snort
+/etc/snort/snort.conf
+/etc/snort/threshold.conf
endef
-define Build/Compile
+define Package/snort/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/snort $(1)/usr/bin/
+ $(INSTALL_DIR) $(1)/usr/lib/snort_dynamicengine
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/snort_dynamicengine/libsf_engine.so* $(1)/usr/lib/snort_dynamicengine/
+ $(INSTALL_DIR) $(1)/usr/lib/snort_dynamicpreprocessor
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/snort_dynamicpreprocessor/libsf_{dce2,dcerpc,dns,ftptelnet,smtp,ssh,ssl}_preproc.so* $(1)/usr/lib/snort_dynamicpreprocessor/
+ $(INSTALL_DIR) $(1)/etc/snort
+ $(INSTALL_DATA) $(PKG_BUILD_DIR)/etc/snort.conf $(1)/etc/snort/
+ $(INSTALL_DATA) $(PKG_BUILD_DIR)/etc/classification.config $(1)/etc/snort/
+ $(INSTALL_DATA) $(PKG_BUILD_DIR)/etc/gen-msg.map $(1)/etc/snort/
+ $(INSTALL_DATA) $(PKG_BUILD_DIR)/etc/reference.config $(1)/etc/snort/
+ $(INSTALL_DATA) $(PKG_BUILD_DIR)/etc/sid-msg.map $(1)/etc/snort/
+ $(INSTALL_DATA) $(PKG_BUILD_DIR)/etc/threshold.conf $(1)/etc/snort/
+ $(INSTALL_DATA) $(PKG_BUILD_DIR)/etc/unicode.map $(1)/etc/snort/
+ $(INSTALL_DIR) $(1)/etc/snort/preproc_rules
+ $(INSTALL_DATA) $(PKG_BUILD_DIR)/preproc_rules/*.rules $(1)/etc/snort/preproc_rules/
+ $(INSTALL_DIR) $(1)/etc/snort/rules
+ $(INSTALL_DATA) ./files/snort.local.rules $(1)/etc/snort/rules/local.rules
+ $(INSTALL_DIR) $(1)/etc/default
+ $(INSTALL_DATA) ./files/snort.default $(1)/etc/default/snort
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) ./files/snort.init $(1)/etc/init.d/snort
endef
+Package/snort-mysql/conffiles = $(Package/snort/conffiles)
+Package/snort-mysql/install = $(Package/snort/install)
+
+Package/snort-pgsql/conffiles = $(Package/snort/conffiles)
+Package/snort-pgsql/install = $(Package/snort/install)
+
$(eval $(call BuildPackage,snort))
$(eval $(call BuildPackage,snort-mysql))
$(eval $(call BuildPackage,snort-pgsql))
# Configure the snort decoder
# ============================
+@@ -191,27 +192,27 @@ var PREPROC_RULE_PATH ../preproc_rules
+ # Load all dynamic preprocessors from the install path
+ # (same as command line option --dynamic-preprocessor-lib-dir)
+ #
+-dynamicpreprocessor directory /usr/local/lib/snort_dynamicpreprocessor/
++#dynamicpreprocessor directory /usr/lib/snort_dynamicpreprocessor/
+ #
+ # Load a specific dynamic preprocessor library from the install path
+ # (same as command line option --dynamic-preprocessor-lib)
+ #
+-# dynamicpreprocessor file /usr/local/lib/snort_dynamicpreprocessor/libdynamicexample.so
++# dynamicpreprocessor file /usr/lib/snort_dynamicpreprocessor/lib_sfdynamic_preprocessor_example.so
+ #
+ # Load a dynamic engine from the install path
+ # (same as command line option --dynamic-engine-lib)
+ #
+-dynamicengine /usr/local/lib/snort_dynamicengine/libsf_engine.so
++#dynamicengine /usr/lib/snort_dynamicengine/libsf_engine.so
+ #
+ # Load all dynamic rules libraries from the install path
+ # (same as command line option --dynamic-detection-lib-dir)
+ #
+-# dynamicdetection directory /usr/local/lib/snort_dynamicrule/
++# dynamicdetection directory /usr/lib/snort_dynamicrules/
+ #
+ # Load a specific dynamic rule library from the install path
+ # (same as command line option --dynamic-detection-lib)
+ #
+-# dynamicdetection file /usr/local/lib/snort_dynamicrule/libdynamicexamplerule.so
++# dynamicdetection file /usr/lib/snort_dynamicrules/lib_sfdynamic_example_rule.so
+ #
+
+ ###################################################
@@ -307,11 +308,11 @@ preprocessor stream5_tcp: policy first,
# lots of options available here. See doc/README.http_inspect.
# unicode.map should be wherever your snort.conf lives, or given
# arpspoof
#----------------------------------------
+@@ -605,8 +606,8 @@ preprocessor sfportscan: proto { all }
+ # See doc/README.dcerpc2 for explanations of what the
+ # preprocessor does and how to configure it.
+ #
+-preprocessor dcerpc2
+-preprocessor dcerpc2_server: default
++#preprocessor dcerpc2
++#preprocessor dcerpc2_server: default
+
+
+ # DNS
@@ -623,9 +624,9 @@ preprocessor dcerpc2_server: default
# or use commandline option
# --dynamic-preprocessor-lib <full path to libsf_dns_preproc.so>
####################################################################
-@@ -811,41 +812,41 @@ include $RULE_PATH/local.rules
- include $RULE_PATH/bad-traffic.rules
- include $RULE_PATH/exploit.rules
- include $RULE_PATH/scan.rules
+@@ -808,44 +809,44 @@ include reference.config
+ #=========================================
+
+ include $RULE_PATH/local.rules
+-include $RULE_PATH/bad-traffic.rules
+-include $RULE_PATH/exploit.rules
+-include $RULE_PATH/scan.rules
-include $RULE_PATH/finger.rules
-include $RULE_PATH/ftp.rules
-include $RULE_PATH/telnet.rules
-include $RULE_PATH/imap.rules
-include $RULE_PATH/pop2.rules
-include $RULE_PATH/pop3.rules
++#include $RULE_PATH/bad-traffic.rules
++#include $RULE_PATH/exploit.rules
++#include $RULE_PATH/scan.rules
+#include $RULE_PATH/finger.rules
+#include $RULE_PATH/ftp.rules
+#include $RULE_PATH/telnet.rules
projects / openwrt / svn-archive / packages.git / commitdiff