From ba02ef204e8724e511c63426301a86965b474fd4 Mon Sep 17 00:00:00 2001 From: Aurélien DESBRIÈRES Date: Thu, 5 Jun 2014 18:12:22 +0200 Subject: snort --- pcr/snort/PKGBUILD | 47 +++++++++++++++++++++++++---------------------- pcr/snort/snort.service | 10 ++++++++++ 2 files changed, 35 insertions(+), 22 deletions(-) create mode 100644 pcr/snort/snort.service diff --git a/pcr/snort/PKGBUILD b/pcr/snort/PKGBUILD index a92d8cb43..78eaa633e 100644 --- a/pcr/snort/PKGBUILD +++ b/pcr/snort/PKGBUILD @@ -1,37 +1,34 @@ -# $Id: PKGBUILD 78820 2012-10-25 06:47:28Z foutrelis $ -# Contributor (Arch): Lukas Fleischer -# Contributor (Arch): Hugo Doria -# Contributor (Arch): Kessia 'even' Pinheiro -# Contributor (Arch): dorphell -# Contributor (Arch): Gregor Ibic -# Maintainer : Parabola GNU / Linux-libre Aurelien Desbrieres +# Contributor (Arch) : M0Rf30 +# Contributor (Arch) : Lukas Fleischer +# Contributor (Arch) : Hugo Doria +# Contributor (Arch) : Kessia 'even' Pinheiro +# Contributor (Arch) : dorphell +# Contributor (Arch) : Gregor Ibic +# Maintainer (Parabola) : Aurélien DESBRIÈRES pkgname=snort -pkgver=2.9.3.1 -pkgrel=1 +pkgver=2.9.6.1 +pkgrel=2 pkgdesc='A lightweight network intrusion detection system.' arch=('i686' 'x86_64') url='http://www.snort.org' license=('GPL') -depends=('libdaq' 'libdnet' 'libpcap' 'pcre' 'zlib') -makedepends=('ca-certificates') -backup=('etc/conf.d/snort' - 'etc/snort/snort.conf' +depends=('libdaq' 'libdnet' 'libpcap' 'openssl' 'pcre' 'zlib') +backup=('etc/snort/snort.conf' 'etc/snort/threshold.conf' - 'etc/snort/confreference.config' + 'etc/snort/reference.config' 'etc/snort/classification.config') options=('!makeflags' '!libtool') install='snort.install' -source=("http://www.snort.org/dl/snort-current/${pkgname}-${pkgver}.tar.gz"{,.sig} - 'snort' - 'snort.conf.d') +source=("http://www.snort.org/dl/snort-current/${pkgname}-${pkgver}.tar.gz" + "http://rules.emergingthreats.net/open/${pkgname}-2.9.0/emerging.rules.tar.gz" + 'snort.service') build() { cd "${srcdir}/${pkgname}-${pkgver}" - ./configure --prefix=/usr --sysconfdir=/etc/snort --with-libpcap-includes=/usr/include/pcap \ - --without-mysql --without-postgresql --without-oracle --without-odbc --enable-zlib \ - --enable-ipv6 + --with-daq-includes=/usr/include --with-daq-libraries=/usr/lib/ \ + --enable-zlib --disable-static-daq make } @@ -44,8 +41,14 @@ package() { install -d -m755 "${pkgdir}/var/log/snort" install -D -m644 etc/{*.conf*,*.map} "${pkgdir}/etc/snort/" - install -D -m644 "${srcdir}/snort.conf.d" "${pkgdir}/etc/conf.d/snort" - install -D -m755 "${srcdir}/snort" "${pkgdir}/etc/rc.d/snort" + +# init service file + install -D -m644 ../snort.service $pkgdir/usr/lib/systemd/system/snort.service sed -i 's#/usr/local/lib/#/usr/lib/#' "${pkgdir}/etc/snort/snort.conf" + +# emerginthreats rules + echo 'include $RULE_PATH/emerging.conf' >> "${pkgdir}/etc/snort/snort.conf" + cp ${srcdir}/rules/* "${pkgdir}/etc/snort/rules" } + diff --git a/pcr/snort/snort.service b/pcr/snort/snort.service new file mode 100644 index 000000000..d3d0da01f --- /dev/null +++ b/pcr/snort/snort.service @@ -0,0 +1,10 @@ +[Unit] +Description=Snort IDS system listening on '%I' + +[Service] +Type=simple +ExecStartPre=/usr/sbin/ip link set up dev %I +ExecStart=/usr/bin/snort -A fast -b -p -u snort -g snort -c /etc/snort/snort.conf -i %I + +[Install] +Alias=multi-user.target.wants/snort@eth0.service -- cgit v1.2.3