|
|
|
# --- SDE-COPYRIGHT-NOTE-BEGIN ---
|
|
|
|
# This copyright note is auto-generated by ./scripts/Create-CopyPatch.
|
|
|
|
#
|
|
|
|
# Filename: package/.../snort/snort.conf
|
|
|
|
# Copyright (C) 2007 - 2011 The OpenSDE Project
|
|
|
|
# Copyright (C) 2004 - 2006 The T2 SDE Project
|
|
|
|
# Copyright (C) 1998 - 2003 Clifford Wolf
|
|
|
|
#
|
|
|
|
# More information can be found in the files COPYING and README.
|
|
|
|
#
|
|
|
|
# This program is free software; you can redistribute it and/or modify
|
|
|
|
# it under the terms of the GNU General Public License as published by
|
|
|
|
# the Free Software Foundation; version 2 of the License. A copy of the
|
|
|
|
# GNU General Public License can be found in the file COPYING.
|
|
|
|
# --- SDE-COPYRIGHT-NOTE-END ---
|
|
|
|
|
|
|
|
if [ $prefix_auto = 1 ] ; then
|
|
|
|
# use a dedicted sysconfdir instead of installing into /etc
|
|
|
|
sysconfdir="$sysconfdir/$pkg"
|
|
|
|
fi
|
|
|
|
|
|
|
|
# postgresql support
|
|
|
|
if pkginstalled postgresql; then
|
|
|
|
pkgprefix -t postgresql
|
|
|
|
var_append extraconfopt " " "--with-postgresql=/$( pkgprefix postgresql )"
|
|
|
|
var_append LDFLAGS ' ' "-L$( pkgprefix libdir postgresql )"
|
|
|
|
export LDFLAGS
|
|
|
|
fi
|
|
|
|
|
|
|
|
# mysql support
|
|
|
|
if pkginstalled mysql; then
|
|
|
|
pkgprefix -t mysql
|
|
|
|
var_append extraconfopt " " "--with-mysql-includes=$root/$( pkgprefix includedir mysql )"
|
|
|
|
var_append extraconfopt " " "--with-mysql-libraries=$root/$( pkgprefix libdir mysql )"
|
|
|
|
fi
|
|
|
|
|
|
|
|
# prelude support
|
|
|
|
if pkginstalled libprelude; then
|
|
|
|
pkgprefix -t libprelude
|
|
|
|
var_append extraconfopt " " "--enable-prelude"
|
|
|
|
var_append extraconfopt " " "--with-libprelude-prefix=/$( pkgprefix libprelude )"
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
|
# FlexResp feature
|
|
|
|
# NOTE: At time of writing, FlexResp:
|
|
|
|
# (a) is considered in Alpha stage and "to be used with caution"
|
|
|
|
# (b) requires libnet, which is an unmaintained package in ROCK
|
|
|
|
# (c) does not work with libnet 1.1 (the latest stable release)
|
|
|
|
# (d) works only with libnet 1.02a, which is deprecated
|
|
|
|
# For these reasons, FlexResp is not enabled.
|
|
|
|
# var_append extraconfopt " " "--enable-flexresp"
|
|
|
|
|
|
|
|
# 2005-09-21 //morfoh
|
|
|
|
# snort-inline isn't building due to libnet 1.02a dependency
|
|
|
|
# see Note above
|
|
|
|
# var_append extraconfopt " " "--enable-inline"
|
|
|
|
|
|
|
|
# FlexResp2 Support
|
|
|
|
pkginstalled libdnet && var_append confopt ' ' "--enable-flexresp2"
|
|
|
|
|
|
|
|
# TimeStats functionality
|
|
|
|
var_append confopt ' ' "--enable-timestats"
|
|
|
|
|
|
|
|
# Statistics reporting through proc
|
|
|
|
var_append confopt ' ' "--enable-linux-smp-stats"
|
|
|
|
|
|
|
|
snort_preconf()
|
|
|
|
{
|
|
|
|
# Comply with FHS for /var/opt/
|
|
|
|
sed -i "s,/var/log/snort,${localstatedir}/log," src/snort.h
|
|
|
|
|
|
|
|
# fix etc/snort.conf
|
|
|
|
sed -i \
|
|
|
|
-e "s;dynamicpreprocessor directory \/usr\/local/lib\/snort_dynamicpreprocessor;dynamicpreprocessor directory $libdir\/snort_dynamicpreprocessor;" \
|
|
|
|
-e "s;dynamicengine \/usr\/local/lib\/snort_dynamicengine;dynamicengine $libdir\/snort_dynamicengine;" \
|
|
|
|
-e "s;dynamicdetection directory \/usr\/local/lib\/snort_dynamicrules;dynamicpreprocessor directory $libdir\/snort_dynamicrules;" \
|
|
|
|
etc/snort.conf
|
|
|
|
}
|
|
|
|
|
|
|
|
snort_postmake()
|
|
|
|
{
|
|
|
|
# 'make install' sadly doesn't copy a lot of useful stuff
|
|
|
|
# so we have to do it ourselves
|
|
|
|
|
|
|
|
# The etc directory includes snort.conf, sigs and maps.
|
|
|
|
# Technically the maps should not be here but snort convention
|
|
|
|
# places them in etc.
|
|
|
|
# For security reasons this directory should not be world-readable
|
|
|
|
cp -fr etc/{*.conf,*.config,*.map} $root/$sysconfdir
|
|
|
|
|
|
|
|
# some changes on the shipped snort.conf example we use as default
|
|
|
|
# replacing RULE_PATH '../rules' to './rules'
|
|
|
|
sed -i 's,\.\./rules,./rules,' $root/$sysconfdir/snort.conf
|
|
|
|
}
|
|
|
|
|
|
|
|
hook_add preconf 5 snort_preconf
|
|
|
|
hook_add postmake 5 snort_postmake
|
|
|
|
|
|
|
|
# install header files into $includedir/snort and not into
|
|
|
|
# $prefix/src/snort_dynamicsrc/
|
|
|
|
var_insert makeinstopt ' ' "srcinstdir=$root$includedir/snort"
|