1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
|
#!/bin/bash
#
# snort.SlackBuild is free software; you can redistribute it and/or modify it under the
# terms of the GNU General Public License as published by the Free Software
# Foundation; either version 2 of the License, or any later version.
#
# snort.SlackBuild is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with
# this program; if not, write to the Free Software Foundation, Inc., 59 Temple
# Place - Suite 330, Boston, MA 02111-1307, USA
#
# slackbuild script for snort
# by rhatto at riseup.net
#
if [ -s "slack-required" ]; then
echo Recomended and required packages for building snort are:
cat slack-required | sed -e 's/^/\t/'
if [ "$INTERACT" != "no" ]; then
echo If you dont have those installed, press Ctrl-C. Otherwise, hit ENTER.
read crap
# else
# echo Sleeping 3 seconds...
# sleep 3
fi
fi
CWD="`pwd`"
if [ -f ~/.slackbuildrc ]; then
source ~/.slackbuildrc
elif [ -f /etc/slackbuildrc ]; then
source /etc/slackbuildrc
fi
# default settings
PACKAGE="snort"
ARCH=${ARCH:=i486}
VERSION=${VERSION:=2.6.1.3}
BUILD=${BUILD:=1rha}
SRC_DIR=${SRC:=$CWD}
TMP=${TMP:=/tmp}
REPOS=${REPOS:=$TMP}
if [ "$ARCH" == "x86_64" ]; then
export LDFLAGS="-L/lib64 -L/usr/lib64"
LIBDIR=/usr/lib64
else
LIBDIR=/usr/lib
fi
# ------- error codes for createpkg --------------
ERROR_WGET=31; ERROR_MAKE=32; ERROR_INSTALL=33
ERROR_MD5=34; ERROR_CONF=35; ERROR_HELP=36
ERROR_TAR=37; ERROR_MKPKG=38; ERROR_GPG=39
ERROR_PATCH=40
RTOOL="wget"
PACKAGE_EXT="gz"
SRC="$PACKAGE-$VERSION.tar.$PACKAGE_EXT"
URL="http://www.snort.org/dl/current/$SRC"
SRC_DIR="$SRC_DIR/$PACKAGE"
mkdir -p $SRC_DIR
if [ "$RTOOL" == "wget" ]; then
if [ ! -f "$SRC_DIR/$SRC" ]; then
wget "$URL" -O "$SRC_DIR/$SRC" || exit $ERROR_WGET
fi
if [ ! -f "$SRC_DIR/$SRC.sig" ]; then
wget "$URL.sig" -O "$SRC_DIR/$SRC.sig" || exit $ERROR_WGET
fi
fi
gpg --import <<EOGPG
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.2.2 (GNU/Linux)
mQGiBETrcO8RBACHBsESKhjInaGZvKBCrRJT0S02WYe+lC7olDwQqEMrf8M9XABO
XSzJhD5UdGelkzVRjv/JMdrxkibkcrXVCLMrDrszEZ5MjAMSFeSXjOc3bCHQklr6
1MoUHqKQXoJ6tWYwxI3gUCQqt6IA+hjxDwhNkaGEaKBIx9cDLjLafBt9cwCgxVR1
UFK7/H3nLYKq34dOqYE1OmcD/0aBTUkTvMLqLPX79QSkuxd5MJUiSR2PBdOic2bC
Do4FvM35t7sZ/qm70Ec6kyk5C36Ju5+S7aBBOnp2R06aPnMHz0ZFLIsTdxdyxsSn
c7fpq3gWDxhLqEmMjtQfcHBZ7/E/1hawEPxxRCDx82Q26XkQYyvnv/3T20K+UVfP
m1poA/0f0KhIrZLGQmEq2QAXcaGxc0k/6JrsnhM+i0aTZTBV1VPaUzs9wQ1yXtZB
0i4/pVXz+rEb7gLlZRY5MhJj/3hQ1g0yk47PW5+h5G+SQHW+f2JpzklD2VfaQXxE
FeLFsrpOJY5mH4XNyIyNBIMUizk4bxvYCwuDKBWGNPz4NmdtIbRIU25vcnQgUmVs
ZWFzZSBUZWFtIChTbm9ydCBSZWxlYXNlIFRlYW0gc2lnbmluZyBrZXkpIDxyZWxl
YXNlc0Bzbm9ydC5vcmc+iGEEExECACEFAkTrcO8FCQHhM4AGCwkIBwMCAxUCAwMW
AgECHgECF4AACgkQt6wejfwDCKZdqgCeIrd9nYy7oWA8Dk2Ya6YotUZKWzkAnR39
0pWCaE4YnQV4yrLdFMh1SczGuQENBETrcPAQBADwHcvsO9HabYeQ8QUQLVygPo5G
xsqcvzhFOR3I6HInQjFfbSXszyKrrQd+mzGy6FHhiqhvnv8UHJzsPScun9SY1ZsQ
ZqXA6hx534XE+UsUymrgwlnut5Iq9kN2aYyYYcuLSXbnOZ3bEdtJiFXuTBYX022B
KsXODfHtU+7CIMg1mwADBgQA1FYHzNrx04aKtRK7VNTr4LugrWNEq+cB+St3Sp1j
61Ap++f9hbExct8ej5dTpauwZk3dPUdah6QOpj/2V0WOY17tRt92kchkD/rZUXDT
6XdvGLXFoUzrMSP/y8C7NS8EX2autaTH+rnLyse0iP6PxaadNSnIz7YeBUOX5OtO
owWITAQYEQIADAUCROtw8AUJAeEzgAAKCRC3rB6N/AMIpkDqAKCcjJRL+nP2OuZ6
WDh7DYMJ/WOXawCdHVNtPLRLBUmgZQ4s/srSJH/AMVI=
=Me6E
-----END PGP PUBLIC KEY BLOCK-----
EOGPG
gpg --verify $SRC_DIR/$SRC.sig $SRC_DIR/$SRC || exit $ERROR_GPG
TMP="$TMP/$PACKAGE"
rm -rf $TMP
mkdir -p $TMP
cd $TMP
tar xvf $SRC_DIR/$SRC || exit $ERROR_TAR
cd $PACKAGE-$VERSION
if [ -f "$CWD/$PACKAGE-$VERSION.diff" ]; then
patch -p1 < $CWD/$PACKAGE-$VERSION.diff || exit $ERROR_PATCH
fi
./configure --prefix=/usr --sysconfdir=/etc --libdir=$LIBDIR \
--localstatedir=/var --enable-pthread \
--enable-linux-smp-stats || exit $ERROR_CONF
# --with-mysql=/usr \
# --disable-dynamicplugin
make || exit $ERROR_MAKE
make DESTDIR=$TMP/package-$PACKAGE install || exit $ERROR_INSTALL
mkdir -p $TMP/package-$PACKAGE/install
cp $CWD/doinst.sh $TMP/package-$PACKAGE/install
CWD="`pwd`"
cd $TMP/package-$PACKAGE
find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
find usr/man -type f -exec gzip -9 {} \;
mkdir -p etc/snort
CFG="snort.conf reference.config threshold.conf classification.config gen-msg.map generators sid sid.new sid-msg.map unicode.map"
for file in $CFG; do
cp $CWD/etc/$file etc/snort/$file.new
done
cat << EOF > install/slack-desc
# HOW TO EDIT THIS FILE:
# The "handy ruler" below makes it easier to edit a package description. Line
# up the first '|' above the ':' following the base package name, and the '|'
# on the right side marks the last column you can put a character in. You must
# make exactly 11 lines for the formatting to be correct. It's also
# customary to leave one space after the ':'.
|-----handy-ruler-----------------------------------------------------|
snort: snort
snort:
snort: Snort is an open source network intrusion prevention and detection
snort: system utilizing a rule-driven language, which combines the benefits
snort: of signature, protocol and anomaly based inspection methods. With
snort: millions of downloads to date, Snort is the most widely deployed
snort: intrusion detection and prevention technology worldwide and has
snort: become the de facto standard for the industry.
snort:
snort:
snort:
EOF
# docs
mkdir -p usr/doc/$PACKAGE-$VERSION
DOCS="COPYING ChangeLog LICENSE RELEASE.NOTES"
for file in $DOCS; do
cp $CWD/$file* usr/doc/$PACKAGE-$VERSION/
done
makepkg -c y -l y $REPOS/$PACKAGE-$VERSION-$ARCH-$BUILD.tgz || exit $ERROR_MKPKG
if [ "$CLEANUP" == "yes" ]; then
rm -rf $TMP
fi
|