OpenSDE
/
rocklinux
mirror of https://github.com/amery/rocklinux.git
2
0
Fork 0
Code Releases Wiki Activity
mirror of the now-defunct rocklinux.org
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
152 Commits
1 Branch
0 Tags
34 MiB
 
 
 
 
 
 
Tree: 0c52f6ecea
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '0c52f6ecea'
${ noResults }
rocklinux/package/jocelyn/snort/snort.conf

154 lines
4.8 KiB
Raw Blame History

# --- ROCK-COPYRIGHT-NOTE-BEGIN ---
#
# This copyright note is auto-generated by ./scripts/Create-CopyPatch.
# Please add additional copyright information _after_ the line containing
# the ROCK-COPYRIGHT-NOTE-END tag. Otherwise it might get removed by
# the ./scripts/Create-CopyPatch script. Do not edit this copyright text!
#
# ROCK Linux: rock-src/package/jocelyn/snort/snort.conf
# ROCK Linux is Copyright (C) 1998 - 2003 Clifford Wolf
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version. A copy of the GNU General Public
# License can be found at Documentation/COPYING.
#
# Many people helped and are helping developing ROCK Linux. Please
# have a look at http://www.rocklinux.org/ and the Documentation/TEAM
# file for details.
#
# --- ROCK-COPYRIGHT-NOTE-END ---
# Set up options for configure
# snort should be installed in /opt because it is easier
# to maintain if it has its own directory structure
prefix=/opt/snort
set_confopt
# postgresql support
pgsqldir=""
if [ -r /opt/postgresql/include/libpq-fe.h ] ; then
pgsqldir=/opt/postgresql
elif [ -r /usr/include/libpq-fe.h ] ; then
pgsqldir=/usr
elif [ -r /usr/include/pgsql/libpq-fe.h ] ; then
pgsqldir=/usr
elif [ -r /usr/include/postgresqllibpq-fe.h ] ; then
pgsqldir=/usr
elif [ -f /usr/local/include/libpq-fe.h ] ; then
pgsqldir=/usr/local
elif [ -f /usr/local/include/pgsql/libpq-fe.h ] ; then
pgsqldir=/usr/local
elif [ -f /usr/local/include/postgresql/libpq-fe.h ] ; then
local pgsqldir=/usr/local
fi
if [ "$pgsqldir" != "" ] ; then
var_append extraconfopt " " "--with-postgresql=$pgsqldir"
fi
# mysql support
mysqldir=""
if [ -r /opt/mysql/include/mysql/mysql.h ] ; then
mysqldir=/opt/mysql
elif [ -r /usr/include/mysql.h ] ; then
mysqldir=/usr/
elif [ -r /usr/include/mysql/mysql.h ] ; then
mysqldir=/usr
elif [ -r /usr/local/include/mysql.h ] ; then
mysqldir=/usr/local
elif [ -r /usr/local/include/mysql/mysql.h ] ; then
mysqldir=/usr/local
fi
if [ "$mysqldir" != "" ] ; then
var_append extraconfopt " " "--with-mysql=$mysqldir"
fi
# openSSL support
ssldir=""
if [ -r /opt/openssl/include/crypto.h ] ; then
ssldir=/opt/openssl
elif [ -r /usr/include/openssl/crypto.h ]; then
ssldir=/usr/
elif [ -r /usr/local/include/openssl/crypto.h ]; then
ssldir=/usr/local/
fi
if [ "$ssldir" != "" ] ; then
var_append extraconfopt " " "--with-openssl=$ssldir"
fi
# FlexResp feature
# NOTE: At time of writing, FlexResp:
# (a) is considered in Alpha stage and "to be used with caution"
# (b) requires libnet, which is an unmaintained package in ROCK
# (c) does not work with libnet 1.1 (the latest stable release)
# (d) works only with libnet 1.02a, which is deprecated
# For these reasons, FlexResp is not enabled.
# var_append extraconfopt " " "--enable-flexresp"
snort_premake()
{
# Comply with FHS for /var/opt/
cd $builddir/snort-$ver/src
sed 's/\/var\/log\/snort/\/var\/opt\/snort\/log/' snort.h > temp.f
mv -f temp.f snort.h
}
snort_postmake()
{
# 'make install' sadly doesn't copy a lot of useful stuff
# so we have to do it ourselves
cd $builddir/snort-$ver
# The contrib directory contains helper scripts and tars
# of plugins. This directory is just copied over.
cp -r contrib /opt/snort/
# The etc directory includes snort.conf, sigs, maps and rules.
# Technically the maps should not be here but snort convention
# places them in etc.
# For security reasons this directory should not be world-readable
mkdir -p /opt/snort/var
cp -r etc /opt/snort/
cp -r rules /opt/snort/etc/
mv /opt/snort/etc/etc/* /opt/snort/etc/
rm -rf /opt/snort/etc/etc/
sed 's/\.\.\/rules/.\/rules/' /opt/snort/etc/snort.conf > temp.f
mv -f temp.f /opt/snort/etc/snort.conf
chmod -R 700 /opt/snort/etc
# Remove Makefiles (left from build)
rm -f /opt/snort/*/Makefile*
rm -f /opt/snort/*/*/Makefile*
# Create a SysV init script for snort
install_init snort $confdir/snort.init
# Link snort's etc and var dirs to system's /etc and /var dirs.
# If the directory exists, make a new one with $TIMESTAMP in the name;
# this allows for more than one "version" of each directory
# so that previous configs and data are not overwritten
TIMESTAMP=`date +%y%m0%H%M`
mkdir -p /etc/opt
mkdir -p /var/opt
if [ -d /opt/snort/etc ] ; then
if [ -d /etc/opt/snort ] ; then
mv -fv /opt/snort/etc /etc/opt/snort/new$TIMESTAMP
else
mv -fv /opt/snort/etc /etc/opt/snort
fi
ln -sf /etc/opt/snort /opt/snort/etc
fi
if [ -d /opt/snort/var ] ; then
if [ -d /var/opt/snort ] ; then
mv -fv /opt/snort/var /var/opt/snort/new$TIMESTAMP
else
mv -fv /opt/snort/var /var/opt/snort
fi
ln -sf /var/opt/snort /opt/snort/var
mkdir -p /var/opt/snort/log
fi
}
premake=snort_premake
postmake=snort_postmake