#!/bin/sh # --- T2-COPYRIGHT-NOTE-BEGIN --- # This copyright note is auto-generated by ./scripts/Create-CopyPatch. # # T2 SDE: package/.../snort/snort.conf # Copyright (C) 2004 - 2006 The T2 SDE Project # Copyright (C) 1998 - 2003 Clifford Wolf # # More information can be found in the files COPYING and README. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; version 2 of the License. A copy of the # GNU General Public License can be found in the file COPYING. # --- T2-COPYRIGHT-NOTE-END --- if [ $prefix_auto = 1 ] ; then prefix=opt/snort set_confopt fi # postgresql support if pkginstalled postgresql; then pkgprefix -t postgresql var_append extraconfopt " " "--with-postgresql=/$( pkgprefix postgresql )" var_append LDFLAGS ' ' "-L$( pkgprefix libdir postgresql )" export LDFLAGS fi # mysql support if pkginstalled mysql; then pkgprefix -t mysql var_append extraconfopt " " "--with-mysql=/$( pkgprefix mysql )" var_append LD_RUN_PATH ':' "$( pkgprefix libdir mysql )/mysql" export LD_RUN_PATH fi # prelude support if pkginstalled libprelude; then pkgprefix -t libprelude var_append extraconfopt " " "--enable-prelude" var_append extraconfopt " " "--with-libprelude-prefix=/$( pkgprefix libprelude )" fi # FlexResp feature # NOTE: At time of writing, FlexResp: # (a) is considered in Alpha stage and "to be used with caution" # (b) requires libnet, which is an unmaintained package in ROCK # (c) does not work with libnet 1.1 (the latest stable release) # (d) works only with libnet 1.02a, which is deprecated # For these reasons, FlexResp is not enabled. # var_append extraconfopt " " "--enable-flexresp" # 2005-09-21 //morfoh # snort-inline isn't building due to libnet 1.02a dependency # see Note above # var_append extraconfopt " " "--enable-inline" snort_preconf() { # Comply with FHS for /var/opt/ sed -i "s,/var/log/snort,${localstatedir}/log," src/snort.h } snort_postmake() { # 'make install' sadly doesn't copy a lot of useful stuff # so we have to do it ourselves # The etc directory includes snort.conf, sigs and maps. # Technically the maps should not be here but snort convention # places them in etc. # For security reasons this directory should not be world-readable cp -fr etc/{*.conf,*.config,*.map,generators,sid} $root/$sysconfdir # Installing # Sourcefire VRT Certified Rules - The Official Snort Ruleset (unregistered user release) tar -v $taropt `match_source_file -p snortrules-pr` -C $root/$sysconfdir/ # some changes on the shipped snort.conf example we use as default # replacing RULE_PATH '../rules' to './rules' sed -i 's,\.\./rules,./rules,' $root/$sysconfdir/snort.conf } hook_add preconf 5 snort_preconf hook_add postmake 5 snort_postmake