aboutsummaryrefslogtreecommitdiff
path: root/net/analyzer/snort/snort.SlackBuild
blob: 2a7b25880efd9d65f5a02f51c564e1db1d8ae357 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
#!/bin/bash
#
# slackbuild script for snort
# by rhatto at riseup.net
#

if [ -s "slack-required" ]; then
  echo Recomended and required packages for building snort are:
  cat slack-required | sed -e 's/^/\t/'
  if [ "$INTERACT" != "no" ]; then
    echo If you dont have those installed, press Ctrl-C. Otherwise, hit ENTER.
    read crap
#  else
#    echo Sleeping 3 seconds...
#    sleep 3
  fi
fi

CWD="`pwd`"

if [ -f ~/.slackbuildrc ]; then
  source ~/.slackbuildrc
elif [ -f /etc/slackbuildrc ]; then
  source /etc/slackbuildrc
fi

# default settings
PACKAGE="snort"
ARCH=${ARCH:=i486}
VERSION=${VERSION:=2.6.1.3}
BUILD=${BUILD:=1rha}
SRC_DIR=${SRC:=$CWD}
TMP=${TMP:=/tmp}
REPOS=${REPOS:=$TMP}

if [ "$ARCH" == "x86_64" ]; then
  export LDFLAGS="-L/lib64 -L/usr/lib64"
  LIBDIR=/usr/lib64
else
  LIBDIR=/usr/lib
fi

# -------  error codes for createpkg  --------------
ERROR_WGET=31;      ERROR_MAKE=32;      ERROR_INSTALL=33
ERROR_MD5=34;       ERROR_CONF=35;      ERROR_HELP=36
ERROR_TAR=37;       ERROR_MKPKG=38;     ERROR_GPG=39
ERROR_PATCH=40

RTOOL="wget"
PACKAGE_EXT="gz"
SRC="$PACKAGE-$VERSION.tar.$PACKAGE_EXT"
URL="http://www.snort.org/dl/current/$SRC"

SRC_DIR="$SRC_DIR/$PACKAGE"
mkdir -p $SRC_DIR

if [ "$RTOOL" == "wget" ]; then
  if [ ! -f "$SRC_DIR/$SRC" ]; then
    wget "$URL" -O "$SRC_DIR/$SRC" || exit $ERROR_WGET
  fi
  if [ ! -f "$SRC_DIR/$SRC.sig" ]; then
    wget "$URL.sig" -O "$SRC_DIR/$SRC.sig" || exit $ERROR_WGET
  fi
fi

gpg --import <<EOGPG
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.2.2 (GNU/Linux)

mQGiBETrcO8RBACHBsESKhjInaGZvKBCrRJT0S02WYe+lC7olDwQqEMrf8M9XABO
XSzJhD5UdGelkzVRjv/JMdrxkibkcrXVCLMrDrszEZ5MjAMSFeSXjOc3bCHQklr6
1MoUHqKQXoJ6tWYwxI3gUCQqt6IA+hjxDwhNkaGEaKBIx9cDLjLafBt9cwCgxVR1
UFK7/H3nLYKq34dOqYE1OmcD/0aBTUkTvMLqLPX79QSkuxd5MJUiSR2PBdOic2bC
Do4FvM35t7sZ/qm70Ec6kyk5C36Ju5+S7aBBOnp2R06aPnMHz0ZFLIsTdxdyxsSn
c7fpq3gWDxhLqEmMjtQfcHBZ7/E/1hawEPxxRCDx82Q26XkQYyvnv/3T20K+UVfP
m1poA/0f0KhIrZLGQmEq2QAXcaGxc0k/6JrsnhM+i0aTZTBV1VPaUzs9wQ1yXtZB
0i4/pVXz+rEb7gLlZRY5MhJj/3hQ1g0yk47PW5+h5G+SQHW+f2JpzklD2VfaQXxE
FeLFsrpOJY5mH4XNyIyNBIMUizk4bxvYCwuDKBWGNPz4NmdtIbRIU25vcnQgUmVs
ZWFzZSBUZWFtIChTbm9ydCBSZWxlYXNlIFRlYW0gc2lnbmluZyBrZXkpIDxyZWxl
YXNlc0Bzbm9ydC5vcmc+iGEEExECACEFAkTrcO8FCQHhM4AGCwkIBwMCAxUCAwMW
AgECHgECF4AACgkQt6wejfwDCKZdqgCeIrd9nYy7oWA8Dk2Ya6YotUZKWzkAnR39
0pWCaE4YnQV4yrLdFMh1SczGuQENBETrcPAQBADwHcvsO9HabYeQ8QUQLVygPo5G
xsqcvzhFOR3I6HInQjFfbSXszyKrrQd+mzGy6FHhiqhvnv8UHJzsPScun9SY1ZsQ
ZqXA6hx534XE+UsUymrgwlnut5Iq9kN2aYyYYcuLSXbnOZ3bEdtJiFXuTBYX022B
KsXODfHtU+7CIMg1mwADBgQA1FYHzNrx04aKtRK7VNTr4LugrWNEq+cB+St3Sp1j
61Ap++f9hbExct8ej5dTpauwZk3dPUdah6QOpj/2V0WOY17tRt92kchkD/rZUXDT
6XdvGLXFoUzrMSP/y8C7NS8EX2autaTH+rnLyse0iP6PxaadNSnIz7YeBUOX5OtO
owWITAQYEQIADAUCROtw8AUJAeEzgAAKCRC3rB6N/AMIpkDqAKCcjJRL+nP2OuZ6
WDh7DYMJ/WOXawCdHVNtPLRLBUmgZQ4s/srSJH/AMVI=
=Me6E
-----END PGP PUBLIC KEY BLOCK-----
EOGPG

gpg --verify $SRC_DIR/$SRC.sig $SRC_DIR/$SRC || exit $ERROR_GPG

TMP="$TMP/$PACKAGE"
rm -rf $TMP
mkdir -p $TMP
cd $TMP

tar xvf $SRC_DIR/$SRC || exit $ERROR_TAR
cd $PACKAGE-$VERSION

if [ -f "$CWD/$PACKAGE-$VERSION.diff" ]; then
  patch -p1 < $CWD/$PACKAGE-$VERSION.diff || exit $ERROR_PATCH
fi

./configure --prefix=/usr --sysconfdir=/etc --libdir=$LIBDIR \
              --localstatedir=/var --enable-pthread \
              --enable-linux-smp-stats || exit $ERROR_CONF
              # --with-mysql=/usr \
              # --disable-dynamicplugin

make || exit $ERROR_MAKE
make DESTDIR=$TMP/package-$PACKAGE install || exit $ERROR_INSTALL

mkdir -p $TMP/package-$PACKAGE/install
cp $CWD/doinst.sh $TMP/package-$PACKAGE/install

CWD="`pwd`"

cd $TMP/package-$PACKAGE

find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null

find usr/man -type f -exec gzip -9 {} \;

mkdir -p etc/snort

CFG="snort.conf reference.config threshold.conf classification.config gen-msg.map generators sid sid.new sid-msg.map unicode.map"

for file in $CFG; do
  cp $CWD/etc/$file etc/snort/$file.new
done

cat << EOF > install/slack-desc
# HOW TO EDIT THIS FILE:
# The "handy ruler" below makes it easier to edit a package description.  Line
# up the first '|' above the ':' following the base package name, and the '|'
# on the right side marks the last column you can put a character in.  You must
# make exactly 11 lines for the formatting to be correct.  It's also
# customary to leave one space after the ':'.

     |-----handy-ruler-----------------------------------------------------|
snort: snort
snort:
snort: Snort is an open source network intrusion prevention and detection
snort: system utilizing a rule-driven language, which combines the benefits
snort: of signature, protocol and anomaly based inspection methods. With
snort: millions of downloads to date, Snort is the most widely deployed
snort: intrusion detection and prevention technology worldwide and has
snort: become the de facto standard for the industry.
snort:
snort:
snort:
EOF

# docs
mkdir -p usr/doc/$PACKAGE-$VERSION

DOCS="COPYING ChangeLog LICENSE RELEASE.NOTES"

for file in $DOCS; do
  cp $CWD/$file* usr/doc/$PACKAGE-$VERSION/
done

makepkg -c y -l y $REPOS/$PACKAGE-$VERSION-$ARCH-$BUILD.tgz || exit $ERROR_MKPKG

if [ "$CLEANUP" == "yes" ]; then
  rm -rf $TMP
fi