aboutsummaryrefslogtreecommitdiff
path: root/network/snort
diff options
context:
space:
mode:
authordsomero <xgizzmo@gmail.com>2010-05-21 21:35:55 -0400
committerDavid Somero <xgizzmo@slackbuilds.org>2010-05-24 16:08:44 -0500
commitb32fe885a51f8ea5cff3c02748da8d2dda6ccf8b (patch)
tree61b9bf1e4b6fb43ef3193c881bce85ccc4ae3c5f /network/snort
parentb15ff21f368da736ce09b40a46fff93b3765901f (diff)
network/snort: Removed (download link broken)
Diffstat (limited to 'network/snort')
-rw-r--r--network/snort/README16
-rw-r--r--network/snort/README.SLACKWARE48
-rw-r--r--network/snort/doinst.sh29
-rw-r--r--network/snort/rc.snort53
-rw-r--r--network/snort/slack-desc19
-rw-r--r--network/snort/snort.SlackBuild128
-rw-r--r--network/snort/snort.info10
7 files changed, 0 insertions, 303 deletions
diff --git a/network/snort/README b/network/snort/README
deleted file mode 100644
index 52132b6ce911..000000000000
--- a/network/snort/README
+++ /dev/null
@@ -1,16 +0,0 @@
-Snort is an open source network intrusion detection and prevention system. It
-is capable of performing real-time traffic analysis, alerting, blocking and
-packet logging on IP networks. It utilizes a combination of protocol analysis
-and pattern matchingin order to detect a anomalies, misuse and attacks.
-Snort uses a flexible rules language to describe activity that can be considered
-malicious or anomalous as well as an analysis engine that incorporates a modular
-plugin architecture. Snort is capable of detecting and responding in real-time,
-sending alerts, performing session sniping, logging packets, or dropping
-sessions/packets when deployed in-line.
-
-Snort has three primary functional modes. It can be used as a packet sniffer
-like tcpdump(1), a packet logger (useful for network traffic debugging, etc),
-or as a full blown network intrusion detection and prevention system.
-
-Note that --libdir seems to be ignored on Slackware64; libraries are installed
-to /usr/lib anyway.
diff --git a/network/snort/README.SLACKWARE b/network/snort/README.SLACKWARE
deleted file mode 100644
index 05fa4f438ea0..000000000000
--- a/network/snort/README.SLACKWARE
+++ /dev/null
@@ -1,48 +0,0 @@
-Snort has three primary functional modes. It can be used as a packet sniffer
-like tcpdump(1), a packet logger (useful for network traffic debugging, etc),
-or as a full blown network intrusion detection and prevention system.
-
-Please read the snort_manual.pdf file that should be included with this
-distribution for full documentation on the program as well as a guide to
-getting started.
-
-This package builds a very basic snort implimentation useful for monitoring
-traffic as an IDS or packet logger and as a sort of improved tcpdump (which
-is what I use it for). MySQL support is included, so you should have little
-trouble hooking snort up to a database or ACID. For more information on
-these, check out snort's homepage at:
-
- http://www.snort.org/
- http://www.snort.org/docs/
-
-snort.org has a nasty habit of changing the location of their source
-code, which means there's no garauntee that the link in snort.info is
-correct. If you can't get that link to work, look for the source code at:
-
- http://www.snort.org/dl/old/
-
-In order for Snort to function properly, you need to provide rule files.
-I recommend registering for free at http://www.snorg.org so you can get these
-files. Once you have done that, go to http://snort.org/pub-bin/downloads.cgi
-and get the latest 2.8 series VRT Certified Rules. You need to untar this
-file and place follow files from etc in the tarball in to your /etc/snort
-directory :
-
-generators
-gen-msg.map
-sid
-sid-msg.map
-
-If you are going to use a front end like Base, you should copy the
-dog/signatures directory from the tarball in to
-/usr/doc/snort-$VERSION/ . Last, but certainly not least, you must
-copy the contents of the rules/ directory in the tarball to
-/etc/snort/rules/ . After you've done this, you can safely restart
-snort or send a HUP to snort to reload the files (killall -HUP snort).
-
-A rc.snort file has been included for your convenience, but it needs to be
-added to your init script of choice to run on boot. You should modify the
-variables in /etc/rc.d/rc.snort to reflect the interface you want to monitor.
-This Slackbuild is no longer maintained by Alan Hicks, but rather me
-(Thomas York), so email me instead if you have any questions.
- --Thomas York (straterra@fuhell.com)
diff --git a/network/snort/doinst.sh b/network/snort/doinst.sh
deleted file mode 100644
index fa5bf4b7416e..000000000000
--- a/network/snort/doinst.sh
+++ /dev/null
@@ -1,29 +0,0 @@
-config() {
- NEW="$1"
- OLD="$(dirname $NEW)/$(basename $NEW .new)"
- # If there's no config file by that name, mv it over:
- if [ ! -r $OLD ]; then
- mv $NEW $OLD
- elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy
- rm $NEW
- fi
- # Otherwise, we leave the .new copy for the admin to consider...
-}
-
-# Keep same perms on rc.snort.new:
-if [ -e etc/rc.d/rc.snort ]; then
- cp -a etc/rc.d/rc.snort etc/rc.d/rc.snort.new.incoming
- cat etc/rc.d/rc.snort.new > etc/rc.d/rc.snort.new.incoming
- mv etc/rc.d/rc.snort.new.incoming etc/rc.d/rc.snort.new
-fi
-
-config etc/rc.d/rc.snort.new
-config etc/snort/snort.conf.new
-config etc/snort/reference.config.new
-config etc/snort/threshold.conf.new
-config etc/snort/attribute_table.dtd.new
-config etc/snort/classification.config.new
-config etc/snort/gen-msg.map.new
-config etc/snort/sid-msg.map.new
-config etc/snort/unicode.map.new
-
diff --git a/network/snort/rc.snort b/network/snort/rc.snort
deleted file mode 100644
index d91941e8227f..000000000000
--- a/network/snort/rc.snort
+++ /dev/null
@@ -1,53 +0,0 @@
-#!/bin/sh
-# Start/stop/restart snort
-
-# This tell snort which interface to listen on (any for every interface)
-IFACE=${IFACE:-any}
-
-# Make sure this matches your IFACE
-PIDFILE=/var/run/snort_$IFACE.pid
-
-# You probably don't want to change this, but in case you do
-LOGDIR="/var/log/snort"
-
-# Probably not this either
-CONF=/etc/snort/snort.conf
-
-# Start snort:
-snort_start() {
- CMDLINE="/usr/bin/snort -d -D -i $IFACE"
- echo -n "Starting Snort daemon: $CMDLINE"
- $CMDLINE --pid-path /var/run --create-pidfile -l $LOGDIR -c $CONF
- echo
-}
-
-# Stop snort:
-snort_stop() {
- echo -n "Stopping Snort daemon ($IFACE)..."
- kill $(cat $PIDFILE)
- echo
- sleep 1
- rm -f $PIDFILE
-}
-
-# Restart snort:
-snort_restart() {
- snort_stop
- sleep 1
- snort_start
-}
-
-case "$1" in
-'start')
- snort_start
- ;;
-'stop')
- snort_stop
- ;;
-'restart')
- snort_restart
- ;;
-*)
- echo "usage $0 start|stop|restart"
-esac
-
diff --git a/network/snort/slack-desc b/network/snort/slack-desc
deleted file mode 100644
index 4d2f8cc2c8ef..000000000000
--- a/network/snort/slack-desc
+++ /dev/null
@@ -1,19 +0,0 @@
-# HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description. Line
-# up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in. You must
-# make exactly 11 lines for the formatting to be correct. It's also
-# customary to leave one space after the ':'.
-
- |-------handy-ruler-----------------------------------------------------|
-snort: Snort (Intrusion Detection and Prevention System)
-snort:
-snort: Snort is an open source network intrusion detection and prevention
-snort: system. It is capable of performing real-time traffic analysis,
-snort: alerting, blocking and packet logging on IP networks. It utilizes a
-snort: combination of protocol analysis and pattern matchingin order to
-snort: detect anomalies, misuse and attacks.
-snort: Snort is capable of detecting and responding in real-time, sending
-snort: alerts, performing session sniping, logging packets, or dropping
-snort: sessions/packets when deployed in-line.
-snort:
diff --git a/network/snort/snort.SlackBuild b/network/snort/snort.SlackBuild
deleted file mode 100644
index 5f234dbf6662..000000000000
--- a/network/snort/snort.SlackBuild
+++ /dev/null
@@ -1,128 +0,0 @@
-#!/bin/sh
-
-# Copyright 2006-2009, Alan Hicks, Lizella, GA,
-# Copyright 2009, Thomas York, Beech Grove, In.
-# All rights reserved.
-#
-# Redistribution and use of this script, with or without modification, is
-# permitted provided that the following conditions are met:
-#
-# 1. Redistributions of this script must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
-# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
-# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
-# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
-# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
-# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
-# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
-# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-# Modified by the SlackBuilds.org project
-
-PRGNAM=snort
-VERSION=2.8.4.1
-ARCH=${ARCH:-i486}
-BUILD=${BUILD:-1}
-TAG=${TAG:-_SBo}
-
-CWD=$(pwd)
-TMP=${TMP:-/tmp/SBo}
-PKG=$TMP/package-$PRGNAM
-OUTPUT=${OUTPUT:-/tmp}
-
-if [ "$ARCH" = "i486" ]; then
- SLKCFLAGS="-O2 -march=i486 -mtune=i686"
- LIBDIRSUFFIX=""
-elif [ "$ARCH" = "i686" ]; then
- SLKCFLAGS="-O2 -march=i686 -mtune=i686"
- LIBDIRSUFFIX=""
-elif [ "$ARCH" = "x86_64" ]; then
- SLKCFLAGS="-O2 -fPIC"
- LIBDIRSUFFIX="64"
-fi
-
-set -e
-
-rm -rf $PKG
-mkdir -p $TMP $PKG $OUTPUT
-cd $TMP
-rm -rf $PRGNAM-$VERSION
-tar xvf $CWD/$PRGNAM-$VERSION.tar.gz
-cd $PRGNAM-$VERSION
-
-chown -R root:root .
-find . \
- \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
- -exec chmod 755 {} \; -o \
- \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
- -exec chmod 644 {} \;
-
-CFLAGS="$SLKCFLAGS" \
-CXXFLAGS="$SLKCFLAGS" \
-./configure \
- --prefix=/usr \
- --libdir=/usr/lib${LIBDIRSUFFIX} \
- --sysconfdir=/etc \
- --mandir=/usr/man \
- --localstatedir=/var \
- --docdir=/usr/doc/$PRGNAM-$VERSION \
- --enable-pthread \
- --enable-linux-smp-stats \
- --with-mysql-libraries=/usr/lib${LIBDIRSUFFIX}/mysql \
- --with-mysql-includes=/usr/include/mysql \
- --build=$ARCH-slackware-linux
-
-make
-make install-strip DESTDIR=$PKG
-
-( cd $PKG/usr/man
- find . -type f -exec gzip -9 {} \;
- for i in $(find . -type l) ; do ln -s $(readlink $i).gz $i.gz ; rm $i ; done
-)
-
-# Set up a sane config directory - snort won't do this on its own
-mkdir -p $PKG/etc/$PRGNAM
-# Fix paths for libraries in snort.conf
-sed -e 's%usr/local%usr%g' etc/snort.conf > $PKG/etc/snort/snort.conf.new
-cat etc/threshold.conf > $PKG/etc/snort/threshold.conf.new
-cat etc/reference.config > $PKG/etc/snort/reference.config.new
-cat etc/classification.config > $PKG/etc/snort/classification.config.new
-cat etc/attribute_table.dtd > $PKG/etc/snort/attribute_table.dtd.new
-cat etc/gen-msg.map > $PKG/etc/snort/gen-msg.map.new
-cat etc/sid-msg.map > $PKG/etc/snort/sid-msg.map.new
-cat etc/unicode.map > $PKG/etc/snort/unicode.map.new
-
-# Create default, empty directory for rules
-mkdir -p $PKG/etc/snort/rules
-mkdir -p $PKG/etc/snort/preproc_rules
-
-# Include the rc.snort file
-mkdir -p $PKG/etc/rc.d
-cat $CWD/rc.snort > $PKG/etc/rc.d/rc.snort.new
-chmod 0755 $PKG/etc/rc.d/rc.snort.new
-
-# Create directory for logging
-mkdir -p $PKG/var/log/snort
-
-# Bundle the SQL schemas and install the docs
-mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION/schemas
-for file in schemas/create_*; do
- cat $file > $PKG/usr/doc/$PRGNAM-$VERSION/$file
-done
-cp -a COPYING ChangeLog LICENSE RELEASE.NOTES doc/* \
- $PKG/usr/doc/$PRGNAM-$VERSION
-cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
-cat $CWD/README.SLACKWARE > $PKG/usr/doc/$PRGNAM-$VERSION/README.SLACKWARE
-find $PKG/usr/doc -name "Makefile*" -exec rm -f {} \;
-rm -rf $PKG/usr/share
-
-mkdir -p $PKG/install
-cat $CWD/slack-desc > $PKG/install/slack-desc
-cat $CWD/doinst.sh > $PKG/install/doinst.sh
-
-cd $PKG
-/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz}
diff --git a/network/snort/snort.info b/network/snort/snort.info
deleted file mode 100644
index db2fd4fda108..000000000000
--- a/network/snort/snort.info
+++ /dev/null
@@ -1,10 +0,0 @@
-PRGNAM="snort"
-VERSION="2.8.4.1"
-HOMEPAGE="http://www.snort.org/"
-DOWNLOAD="http://dl.snort.org/snort-current/snort-2.8.4.1.tar.gz"
-MD5SUM="63f4e76ae96a2d133f4c7b741bad5458"
-DOWNLOAD_x86_64=""
-MD5SUM_x86_64=""
-MAINTAINER="Thomas_York"
-EMAIL="straterra@fuhell.com"
-APPROVED="rworkman"