################################################################ # rpmbuild Package Options # ======================== # # See README.build_rpms for more details. # # --with flexresp # Add flexresp capability to whatever package(s) you are # building. # # --with inline # Add inline capability to whatever package(s) you are # building. This will create its own inline package. # # --with mysql # Builds a binary/package with support for MySQL. # # --with postgresql # Builds a binary/package with support for PostgreSQL. # # --with unixODBC # Build a binary/package with support for unixODBC # # --with oracle # Builds a binary/package with support for Oracle. # # See pg 399 of _Red_Hat_RPM_Guide_ for rpmbuild --with and --without options. ################################################################ # Other useful bits %define OracleHome /opt/oracle/OraHome1 %define SnortRulesDir %{_sysconfdir}/snort/rules %define noShell /bin/false # Handle the options noted above. # Default of no flexresp, but --with flexresp will enable it %define flexresp 1 %{?_with_flexresp:%define flexresp 1} %{?_without_flexresp:%define flexresp 0} # Default of no MySQL, but --with mysql will enable it %define mysql 0 %{?_with_mysql:%define mysql 1} %{?_without_mysql:%define mysql 0} # Default of no PostgreSQL, but --with postgresql will enable it %define postgresql 0 %{?_with_postgresql:%define postgresql 1} %{?_without_postgresql:%define postgresql 0} # Default of no unixODBC, but --with unixODBC will enable it %define unixODBC 0 %{?_with_unixODBC:%define unixODBC 1} %{?_without_unixODBC:%define unixODBC 0} # Default of no Oracle, but --with oracle will enable it %define oracle 0 %{?_with_oracle:%define oracle 1} # If not inline then we'll conflict with it %define conflicts snort-inline # Default of no Inline, but --with inline will enable it %define inline 0 %define inlinetext %{nil} %{?_with_inline:%define inline 1} %{?_with_inline:%define inlinetext -inline } %{?_with_inline:%define conflicts snort } %define vendor Snort.org %define for_distro RPMs %define release 1 %define realname snort # Look for a directory to see if we're building under cAos # Exit status is usually 0 if the dir exists, 1 if not, so # we reverse that with the '!' %define caos %([ ! -d /usr/lib/rpm/caos ]; echo $?) %if %{caos} # We are building for cAos (www.caosity.org) and the autobuilder doesn't # have command line options so we have to fake the options for whatever # packages we actually want here, in addition to tweaking the package # info. %define vendor cAos Linux %define for_distro RPMs for cAos Linux %define mysql 1 %define postgresql 1 %define release 1.caos %endif Name: %{realname}%{inlinetext} %{?_with_inline:%define Name: %{realname}-inline } Version: 2.9.5.6 Epoch: 1 Release: 1%{?_dist_release} Summary: An open source Network Intrusion Detection System (NIDS) Group: Applications/Internet License: GPL Url: http://www.snort.org/ Source0: http://www.snort.org/snort-downloads/2.9.2/%{realname}-%{version}.tar.gz BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) #Packager: Official Snort.org %{for_distro} #Vendor: %{vendor} Vendor: Project Vine Distribution: Vine Linux BuildRequires: autoconf, automake, flex, bison BuildRequires: pcre-devel BuildRequires: libpcap-devel BuildRequires: daq BuildRequires: libdnet-devel BuildRequires: zlib-devel BuildRequires: iptables-devel BuildRequires: libnfnetlink-devel BuildRequires: libnetfilter_queue-devel Conflicts: %{conflicts} %if %{flexresp} BuildRequires: libnet %define EnableFlexresp --enable-flexresp %endif # Itables-devel removed from BuildReq as RH does not supply that package. # Will replace iptables-devel buildreq with a scripted solution. --jh %if %{inline} BuildRequires: libnet %define EnableInline --enable-inline %endif %package mysql Summary: Snort with MySQL support Group: Applications/Internet Requires: %{name} = %{epoch}:%{version}-%{release} %if %{mysql} BuildRequires: mysql-devel %endif %description mysql Snort binary compiled with mysql support. %package postgresql Summary: Snort with PostgreSQL support Group: Applications/Internet Requires: %{name} = %{epoch}:%{version}-%{release} %if %{postgresql} BuildRequires: postgresql-devel %endif %description postgresql Snort binary compiled with postgresql support. %package unixODBC Summary: Snort with unixODBC support Group: Applications/Internet Requires: %{name} = %{epoch}:%{version}-%{release} %if %{unixODBC} BuildRequires: unixODBC-devel %endif %description unixODBC Snort binary compiled with unixODBC support. %package oracle Summary: Snort with Oracle support Group: Applications/Internet Requires: %{name} = %{epoch}:%{version}-%{release} %description oracle Snort binary compiled with Oracle support. EXPERIMENTAL!! I don't have a way to test this, so let me know if it works! ORACLE_HOME=%{OracleHome} %description Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort has three primary uses. It can be used as a straight packet sniffer like tcpdump(1), a packet logger (useful for network traffic debugging, etc), or as a full blown network intrusion detection system. You MUST edit /etc/snort/snort.conf to configure snort before it will work! There are 5 different packages available. All of them require the base snort rpm (this one). Additionally, you may need to chose a different binary to install if you want database support. If you install a different binary package %{_sbindir}/snort should end up being a symlink to a binary in one of the following configurations: plain Snort (this package, required) mysql Snort with mysql (optional) postgresql Snort with postgresql (optional) unixODBC Snort with unixODBC (optional) oracle Snort with oracle (optional, not official) inline Snort with inline support (optional) Please see the documentation in %{_docdir}/%{realname}-%{version} for more information on snort features and configuration. %prep %setup -q -n %{realname}-%{version} # When building from a Snort.org CVS snapshot tarball, you have to run # autojunk before you can build. if [ \( ! -s configure \) -a \( -x autojunk.sh \) ]; then ./autojunk.sh fi # Make sure it worked, or die with a useful error message. if [ ! -s configure ]; then echo "Can't find ./configure. ./autojunk.sh not present or not executable?" exit 2 fi %build BuildSnort() { %__mkdir "$1" cd "$1" %__ln_s ../configure ./configure if [ "$1" = "plain" ] ; then ./configure $SNORT_BASE_CONFIG \ --without-mysql \ --without-postgresql \ --without-oracle \ --without-odbc \ %{?EnableFlexresp} %{?EnableFlexresp2} \ %{?EnableInline} fi if [ "$1" = "mysql" ]; then ./configure $SNORT_BASE_CONFIG \ --with-mysql \ --with-mysql-libraries=%{_libdir} \ --without-postgresql \ --without-oracle \ --without-odbc \ %{?EnableFlexresp} %{?EnableFlexresp2} \ %{?EnableInline} fi if [ "$1" = "postgresql" ]; then ./configure $SNORT_BASE_CONFIG \ --without-mysql \ --with-postgresql \ --without-odbc \ --without-oracle \ %{?EnableFlexresp} %{?EnableFlexresp2} \ %{?EnableInline} fi if [ "$1" = "unixODBC" ]; then ./configure $SNORT_BASE_CONFIG \ --without-mysql \ --without-postgresql \ --with-odbc=%{_libdir} \ --without-oracle \ %{?EnableFlexresp} %{?EnableFlexresp2} \ %{?EnableInline} fi if [ "$1" = "oracle" ]; then export ORACLE_HOME=%{OracleHome} ./configure $SNORT_BASE_CONFIG \ --without-mysql \ --without-postgresql \ --without-odbc \ --with-oracle=$ORACLE_HOME \ %{?EnableFlexresp} %{?EnableFlexresp2} \ %{?EnableInline} fi %__make %__mv src/snort ../%{name}-"$1" cd .. } CFLAGS="$RPM_OPT_FLAGS" export AM_CFLAGS="-g -O2" SNORT_BASE_CONFIG="--prefix=%{_prefix} \ --bindir=%{_sbindir} \ --sysconfdir=%{_sysconfdir}/snort \ --with-libpcap-includes=%{_includedir} \ --enable-decoder-preprocessor-rules --enable-targetbased \ " # Always build snort-plain BuildSnort plain # Maybe build the others %if %{mysql} BuildSnort mysql %endif %if %{postgresql} BuildSnort postgresql %endif %if %{oracle} BuildSnort oracle %endif %if %{unixODBC} BuildSnort unixODBC %endif %install # Remove leftover CVS files in the tarball, if any... find . -type 'd' -name "CVS" -print | xargs %{__rm} -rf InstallSnort() { if [ "$1" = "mysql" ]; then %__install -p -m 0755 %{name}-mysql %{buildroot}%{_sbindir}/%{name}-mysql fi if [ "$1" = "postgresql" ]; then %__install -p -m 0755 %{name}-postgresql %{buildroot}%{_sbindir}/%{name}-postgresql fi if [ "$1" = "unixODBC" ]; then %__install -p -m 0755 %{name}-unixODBC %{buildroot}%{_sbindir}/%{name}-unixODBC fi if [ "$1" = "oracle" ]; then %__install -p -m 0755 %{name}-oracle %{buildroot}%{_sbindir}/%{name}-oracle fi if [ "$1" = "plain" ]; then %__rm -rf %{buildroot} %__mkdir_p -m 0755 %{buildroot}%{_sbindir} %__mkdir_p -m 0755 %{buildroot}%{SnortRulesDir} %__mkdir_p -m 0755 %{buildroot}%{_sysconfdir}/snort %__mkdir_p -m 0755 %{buildroot}%{_sysconfdir}/sysconfig %__mkdir_p -m 0755 %{buildroot}%{_sysconfdir}/logrotate.d %__mkdir_p -m 0755 %{buildroot}%{_var}/log/snort %__mkdir_p -m 0755 %{buildroot}%{_initrddir} %__mkdir_p -m 0755 %{buildroot}%{_mandir}/man8 %__mkdir_p -m 0755 %{buildroot}%{_docdir}/%{realname}-%{version} %__install -p -m 0755 %{name}-plain %{buildroot}%{_sbindir}/%{name}-plain %__mkdir_p -m 0755 %{buildroot}%{_libdir}/%{realname}-%{version}_dynamicengine %__mkdir_p -m 0755 %{buildroot}%{_libdir}/%{realname}-%{version}_dynamicpreprocessor %__install -p -m 0755 plain/src/dynamic-plugins/sf_engine/.libs/libsf_engine.so.0 %{buildroot}%{_libdir}/%{realname}-%{version}_dynamicengine %__ln_s -f %{_libdir}/%{realname}-%{version}_dynamicengine/libsf_engine.so.0 %{buildroot}%{_libdir}/%{realname}-%{version}_dynamicengine/libsf_engine.so %__install -p -m 0755 plain/src/dynamic-preprocessors/build/%{_prefix}/lib/snort_dynamicpreprocessor/*.so* %{buildroot}%{_libdir}/%{realname}-%{version}_dynamicpreprocessor for file in %{buildroot}%{_libdir}/%{realname}-%{version}_dynamicpreprocessor/*.so; do preprocessor=`basename $file` %__ln_s -f %{_libdir}/%{realname}-%{version}_dynamicpreprocessor/$preprocessor.0 $file done %__install -p -m 0644 snort.8 %{buildroot}%{_mandir}/man8 %__gzip %{buildroot}%{_mandir}/man8/snort.8 %__install -p -m 0755 rpm/snortd %{buildroot}%{_initrddir} %__install -p -m 0644 rpm/snort.sysconfig %{buildroot}/%{_sysconfdir}/sysconfig/%{realname} %__install -p -m 0644 rpm/snort.logrotate %{buildroot}/%{_sysconfdir}/logrotate.d/snort %__install -p -m 0644 etc/reference.config etc/classification.config \ etc/unicode.map etc/gen-msg.map \ etc/threshold.conf etc/snort.conf \ %{buildroot}/%{_sysconfdir}/snort find doc -maxdepth 1 -type f -not -name 'Makefile*' -exec %__install -p -m 0644 {} %{buildroot}%{_docdir}/%{realname}-%{version} \; %__rm -f %{buildroot}%{_docdir}/%{realname}-%{version}/Makefile.* fi } # Fix the RULE_PATH %__sed -e 's;var RULE_PATH ../rules;var RULE_PATH %{SnortRulesDir};' \ < etc/snort.conf > etc/snort.conf.new %__rm -f etc/snort.conf %__mv etc/snort.conf.new etc/snort.conf # Fix dynamic-preproc paths %__sed -e 's;dynamicpreprocessor directory \/usr\/local/lib\/snort_dynamicpreprocessor;dynamicpreprocessor directory %{_libdir}\/%{realname}-%{version}_dynamicpreprocessor;' < etc/snort.conf > etc/snort.conf.new %__rm -f etc/snort.conf %__mv etc/snort.conf.new etc/snort.conf # Fix dynamic-engine paths %__sed -e 's;dynamicengine \/usr\/local/lib\/snort_dynamicengine;dynamicengine %{_libdir}\/%{realname}-%{version}_dynamicengine;' < etc/snort.conf > etc/snort.conf.new %__rm -f etc/snort.conf %__mv etc/snort.conf.new etc/snort.conf # Always install snort-plain InstallSnort plain # Maybe install the others %if %{mysql} InstallSnort mysql %endif %if %{postgresql} InstallSnort postgresql %endif %if %{unixODBC} InstallSnort unixODBC %endif %if %{oracle} InstallSnort oracle %endif %clean %__rm -rf %{buildroot} %pre # Don't do all this stuff if we are upgrading if [ $1 = 1 ] ; then /usr/sbin/groupadd snort 2> /dev/null || true /usr/sbin/useradd -M -d %{_var}/log/snort -s %{noShell} -c "Snort" -g snort snort 2>/dev/null || true fi %post mysql if [ -L %{_sbindir}/snort ] || [ ! -e %{_sbindir}/snort ] ; then %__rm -f %{_sbindir}/snort; %__ln_s -f %{_sbindir}/%{name}-mysql %{_sbindir}/snort fi %post postgresql if [ -L %{_sbindir}/snort ] || [ ! -e %{_sbindir}/snort ] ; then %__rm -f %{_sbindir}/snort; %__ln_s -f %{_sbindir}/%{name}-postgresql %{_sbindir}/snort fi %post unixODBC if [ -L %{_sbindir}/snort ] || [ ! -e %{_sbindir}/snort ] ; then %__rm -f %{_sbindir}/snort; %__ln_s -f %{_sbindir}/%{name}-unixODBC %{_sbindir}/snort fi %post oracle if [ -L %{_sbindir}/snort ] || [ ! -e %{_sbindir}/snort ] ; then %__rm -f %{_sbindir}/snort; %__ln_s %{_sbindir}/%{name}-oracle %{_sbindir}/snort fi %post # Make a symlink if there is no link for snort-plain if [ -L %{_sbindir}/snort ] || [ ! -e %{_sbindir}/snort ] ; then \ %__rm -f %{_sbindir}/snort; %__ln_s %{_sbindir}/%{name}-plain %{_sbindir}/snort; fi # We should restart it to activate the new binary if it was upgraded %{_initrddir}/snortd condrestart 1>/dev/null 2>/dev/null # Don't do all this stuff if we are upgrading if [ $1 = 1 ] ; then %__chown -R snort.snort %{_var}/log/snort /sbin/chkconfig --add snortd fi %preun if [ $1 = 0 ] ; then # We get errors about not running, but we don't care %{_initrddir}/snortd stop 2>/dev/null 1>/dev/null /sbin/chkconfig --del snortd fi %postun # Try and restart, but don't bail if it fails if [ $1 -ge 1 ] ; then %{_initrddir}/snortd condrestart 1>/dev/null 2>/dev/null || : fi # Only do this if we are actually removing snort if [ $1 = 0 ] ; then if [ -L %{_sbindir}/snort ]; then %__rm -f %{_sbindir}/snort fi /usr/sbin/userdel snort 2>/dev/null fi %postun mysql if [ -L %{_sbindir}/snort ]; then %__rm -f %{_sbindir}/snort %__ln_s -f %{_sbindir}/%{name}-plain %{_sbindir}/snort fi %postun postgresql if [ -L %{_sbindir}/snort ]; then %__rm -f %{_sbindir}/snort %__ln_s -f %{_sbindir}/%{name}-plain %{_sbindir}/snort fi %postun unixODBC if [ -L %{_sbindir}/snort ]; then %__rm -f %{_sbindir}/snort %__ln_s -f %{_sbindir}/%{name}-plain %{_sbindir}/snort fi %postun oracle if [ -L %{_sbindir}/snort ]; then %__rm -f %{_sbindir}/snort %__ln_s -f %{_sbindir}/%{name}-plain %{_sbindir}/snort fi %files %defattr(-,root,root,-) %{_sbindir}/%{name}-plain %{_mandir}/man8/snort.8.* %dir %{SnortRulesDir} %config(noreplace) %{_sysconfdir}/snort/classification.config %config(noreplace) %{_sysconfdir}/snort/reference.config %config(noreplace) %{_sysconfdir}/snort/threshold.conf %config(noreplace) %{_sysconfdir}/snort/*.map %config(noreplace) %{_sysconfdir}/logrotate.d/snort %config(noreplace) %{_sysconfdir}/snort/snort.conf %config(noreplace) %{_sysconfdir}/sysconfig/snort %config(noreplace) %{_initrddir}/snortd %attr(0755,snort,snort) %dir %{_var}/log/snort %dir %{_sysconfdir}/snort %{_docdir}/%{realname}-%{version}/* %dir %{_libdir}/%{realname}-%{version}_dynamicengine %{_libdir}/%{realname}-%{version}_dynamicengine/libsf_engine.* %dir %{_libdir}/%{realname}-%{version}_dynamicpreprocessor %{_libdir}/%{realname}-%{version}_dynamicpreprocessor/libsf_*_preproc.* %dir %{_docdir}/%{realname}-%{version} %docdir %{_docdir}/%{realname}-%{version} %if %{mysql} %files mysql %defattr(-,root,root,-) %{_sbindir}/%{name}-mysql %endif %if %{postgresql} %files postgresql %defattr(-,root,root,-) %{_sbindir}/%{name}-postgresql %endif %if %{unixODBC} %files unixODBC %defattr(-,root,root,-) %{_sbindir}/%{name}-unixODBC %endif %if %{oracle} %files oracle %defattr(-,root,root,-) %{_sbindir}/%{name}-oracle %endif %changelog * Wed Jan 15 2014 Yoji TOYODA - 2.9.5.6-1 - new upstream release * Fri Mar 16 2012 MATSUBAYASHI Kohji - 2.9.2.1-1 - initial build for Vine Linux (based on official srpm)