From question@closedsrc.org  Thu Jul 28 19:03:21 2005
Return-Path: <question@closedsrc.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8FB1B16A41F;
	Thu, 28 Jul 2005 19:03:21 +0000 (GMT)
	(envelope-from question@closedsrc.org)
Received: from q.closedsrc.org (q.closedsrc.org [72.1.133.20])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D9CA743D45;
	Thu, 28 Jul 2005 19:03:20 +0000 (GMT)
	(envelope-from question@closedsrc.org)
Received: by q.closedsrc.org (Postfix, from userid 1001)
	id 0DBE745042; Thu, 28 Jul 2005 12:02:13 -0700 (PDT)
Message-Id: <20050728190213.0DBE745042@q.closedsrc.org>
Date: Thu, 28 Jul 2005 12:02:13 -0700 (PDT)
From: Linh Pham <question+fbsdports@closedsrc.org>
Reply-To: Linh Pham <question+fbsdports@closedsrc.org>
To: FreeBSD-gnats-submit@freebsd.org
Cc: sergei@freebsd.org
Subject: Update Port: security/snort to 2.4.0
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         84249
>Category:       ports
>Synopsis:       Update Port: security/snort to 2.4.0
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    sergei
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jul 28 19:10:11 GMT 2005
>Closed-Date:    Wed Oct 12 12:37:29 GMT 2005
>Last-Modified:  Wed Oct 12 12:37:29 GMT 2005
>Originator:     Linh Pham
>Release:        FreeBSD 5.4-RELEASE-p4 i386
>Organization:
>Environment:
System: FreeBSD q.internal.closedsrc.org 5.4-RELEASE-p4 FreeBSD 5.4-RELEASE-p4 #15: Thu Jul 7 01:32:43 PDT 2005 root@q.internal.closedsrc.org:/usr/obj/usr/src/sys/Q i386
>Description:
Update security/snort to 2.4.0, which has some significant changes:

* Rules are no longer included in the distribution tarball
* Includes Frag3 pre-processor
* Libprelude support added (per CHANGELOG)

At the time of submitting this PR, the PGP .asc signature file for the 2.4.0
distribution tarball is not available, so I commented it out in the Makefile.

I uncommented out and updated the BROKEN line under the prelude section, since
the section is no longer valid for 2.4.0 and I don't have the expertice in
setting it up to use the new configure switch (--enable-prelude).

Since rules are no longer included in the tarball, I removed the entries from
pkg-plist. There is a quirk with the deinstall portion with it not removing the
classification.config file under %%DATADIR%%.

>How-To-Repeat:
>Fix:

--- snort-2.4.0.diff begins here ---
diff -ruN /usr/ports/security/snort/Makefile ./snort/Makefile
--- /usr/ports/security/snort/Makefile	Wed Apr 27 13:54:55 2005
+++ ./snort/Makefile	Thu Jul 28 11:32:27 2005
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	snort
-PORTVERSION=	2.3.3
+PORTVERSION=	2.4.0
 CATEGORIES=	security
 MASTER_SITES=	http://www.snort.org/dl/current/
 DISTFILES=	${DISTNAME}${EXTRACT_SUFX}
@@ -22,8 +22,8 @@
 		POSTGRESQL "Enable PostgreSQL support" off \
 		PRELUDE "Enable patch for Prelude integration" off
 
-USE_GPG=	yes
-SIG_SUFFIX=	.asc
+#USE_GPG=	yes
+#SIG_SUFFIX=	.asc
 USE_REINPLACE=	yes
 USE_RC_SUBR=	yes
 RC_SCRIPTS_SUB=	PREFIX=${PREFIX} RC_SUBR=${RC_SUBR}
@@ -70,7 +70,7 @@
 .endif
 
 .if defined(WITH_PRELUDE)
-#BROKEN=			Prelude reporting patch have not been updated for Snort 2.2.0
+BROKEN=			Prelude reporting patch have not been updated for Snort 2.4.0
 PRELUDE_PATCH=		0.3.6
 MASTER_SITES+=		http://prelude-ids.org/download/releases/old/:prelude
 SIGNED_FILES=		${DISTNAME}${EXTRACT_SUFX}
@@ -98,12 +98,6 @@
 post-install:
 	${INSTALL_SCRIPT} -m 751 ${WRKDIR}/snort.sh ${PREFIX}/etc/rc.d/snort.sh
 	@${MKDIR} ${DATADIR}
-	${INSTALL_DATA} ${WRKSRC}/rules/[^l]*.rules ${DATADIR}
-.for f in local.rules
-	${INSTALL_DATA} ${WRKSRC}/rules/${f} ${DATADIR}/${f}-sample
-	[ -f ${DATADIR}/${f} ] || \
-	    ${INSTALL_DATA} ${WRKSRC}/rules/${f} ${DATADIR}/${f}
-.endfor
 .for f in classification.config reference.config
 	${INSTALL_DATA} ${WRKSRC}/etc/${f} ${DATADIR}/${f}-sample
 	[ -f ${DATADIR}/${f} ] || \
diff -ruN /usr/ports/security/snort/distinfo ./snort/distinfo
--- /usr/ports/security/snort/distinfo	Wed Apr 27 13:54:55 2005
+++ ./snort/distinfo	Thu Jul 28 11:22:41 2005
@@ -1,6 +1,4 @@
-MD5 (snort-2.3.3.tar.gz) = 06bf140893e7cb120aaa9372d10a0100
-SIZE (snort-2.3.3.tar.gz) = 2631270
+MD5 (snort-2.4.0.tar.gz) = 033e21190c5308fe69857908285feed1
+SIZE (snort-2.4.0.tar.gz) = 2126176
 MD5 (snort-prelude-reporting-patch-0.3.6.tar.gz) = 323ab2956a59de113aa13099917f0d3a
 SIZE (snort-prelude-reporting-patch-0.3.6.tar.gz) = 21964
-MD5 (snort-2.3.3.tar.gz.asc) = 545d371c8e4a1c9aa06478460768f9d3
-SIZE (snort-2.3.3.tar.gz.asc) = 189
diff -ruN /usr/ports/security/snort/pkg-plist ./snort/pkg-plist
--- /usr/ports/security/snort/pkg-plist	Mon Feb  7 16:38:49 2005
+++ ./snort/pkg-plist	Thu Jul 28 11:39:29 2005
@@ -33,6 +33,7 @@
 %%PORTDOCS%%%%DOCSDIR%%/README.flow
 %%PORTDOCS%%%%DOCSDIR%%/README.flowbits
 %%PORTDOCS%%%%DOCSDIR%%/README.flow-portscan
+%%PORTDOCS%%%%DOCSDIR%%/README.frag3
 %%PORTDOCS%%%%DOCSDIR%%/README.http_inspect
 %%PORTDOCS%%%%DOCSDIR%%/README.sfportscan
 %%PORTDOCS%%%%DOCSDIR%%/README.thresholding
@@ -43,60 +44,12 @@
 %%PORTDOCS%%%%DOCSDIR%%/snort_manual.pdf
 %%PORTDOCS%%%%DOCSDIR%%/snort_schema_v106.pdf
 %%PORTDOCS%%@dirrm %%DOCSDIR%%
-%%DATADIR%%/attack-responses.rules
-%%DATADIR%%/backdoor.rules
-%%DATADIR%%/bad-traffic.rules
-%%DATADIR%%/chat.rules
 @unexec if [ -f %B/classification.config ] && cmp -s %B/classification.config %B/classification.config-sample; then rm -f %B/classification.config; fi
 %%DATADIR%%/classification.config-sample
 @exec [ -f %B/classification.config ] || cp %B/%f %B/classification.config
-%%DATADIR%%/ddos.rules
-%%DATADIR%%/deleted.rules
-%%DATADIR%%/dns.rules
-%%DATADIR%%/dos.rules
-%%DATADIR%%/experimental.rules
-%%DATADIR%%/exploit.rules
-%%DATADIR%%/finger.rules
-%%DATADIR%%/ftp.rules
-%%DATADIR%%/icmp-info.rules
-%%DATADIR%%/icmp.rules
-%%DATADIR%%/imap.rules
-%%DATADIR%%/info.rules
 @unexec if [ -f %B/local.rules ] && cmp -s %B/local.rules %B/local.rules-sample; then rm -f %B/local.rules; fi
-%%DATADIR%%/local.rules-sample
 @exec [ -f %B/local.rules ] || cp %B/%f %B/local.rules
-%%DATADIR%%/misc.rules
-%%DATADIR%%/multimedia.rules
-%%DATADIR%%/mysql.rules
-%%DATADIR%%/netbios.rules
-%%DATADIR%%/nntp.rules
-%%DATADIR%%/oracle.rules
-%%DATADIR%%/other-ids.rules
-%%DATADIR%%/p2p.rules
-%%DATADIR%%/policy.rules
-%%DATADIR%%/pop2.rules
-%%DATADIR%%/pop3.rules
-%%DATADIR%%/porn.rules
 @unexec if [ -f %B/reference.config ] && cmp -s %B/reference.config %B/reference.config-sample; then rm -f %B/reference.config; fi
 %%DATADIR%%/reference.config-sample
 @exec [ -f %B/reference.config ] || cp %B/%f %B/reference.config
-%%DATADIR%%/rpc.rules
-%%DATADIR%%/rservices.rules
-%%DATADIR%%/scan.rules
-%%DATADIR%%/shellcode.rules
-%%DATADIR%%/smtp.rules
-%%DATADIR%%/snmp.rules
-%%DATADIR%%/sql.rules
-%%DATADIR%%/telnet.rules
-%%DATADIR%%/tftp.rules
-%%DATADIR%%/virus.rules
-%%DATADIR%%/web-attacks.rules
-%%DATADIR%%/web-cgi.rules
-%%DATADIR%%/web-client.rules
-%%DATADIR%%/web-coldfusion.rules
-%%DATADIR%%/web-frontpage.rules
-%%DATADIR%%/web-iis.rules
-%%DATADIR%%/web-misc.rules
-%%DATADIR%%/web-php.rules
-%%DATADIR%%/x11.rules
 @dirrm %%DATADIR%%
--- snort-2.4.0.diff ends here ---


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->sergei 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Fri Jul 29 00:46:48 GMT 2005 
Responsible-Changed-Why:  
Over to maintainer. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=84249 

From: Sergey Matveychuk <sem@FreeBSD.org>
To: bug-followup@FreeBSD.org,  question+fbsdports@closedsrc.org
Cc:  
Subject: Re: ports/84249: Update Port: security/snort to 2.4.0
Date: Mon, 26 Sep 2005 17:51:38 +0400

 What's progress on the PR?
 
 -- 
 Sem.

From: Sergei Kolobov <sergei@FreeBSD.org>
To: Sergey Matveychuk <sem@FreeBSD.org>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: ports/84249: Update Port: security/snort to 2.4.0
Date: Tue, 27 Sep 2005 15:27:30 +0400

 On 2005-09-26 at 14:00 +0000, Sergey Matveychuk wrote:
 >  What's progress on the PR?
 
 There is a newer version - 2.4.1 - that came out in the meanwhile.
 I am currently in the process of testing the port upgrade to that version instead.
 Unfortunately, it is taking longer than expected because of the busy schedule
 at work as well as other issues. For instance, I am trying to squeeze in prelude
 integration changes but depend on getting a newer version (0.9.0) of libprelude
 and friends into the tree as well. ;)
 
 The port should be updated shortly.
 
 Sergei

From: Linh Pham <question+fbsdports@closedsrc.org>
To: Sergey Matveychuk <sem@FreeBSD.org>
Cc: bug-followup@FreeBSD.org, question+fbsdports@closedsrc.org
Subject: Re: ports/84249: Update Port: security/snort to 2.4.0
Date: Tue, 27 Sep 2005 07:19:39 -0700

 --ZGiS0Q5IWpPtfppv
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 Content-Transfer-Encoding: quoted-printable
 
 On 2005-09-26 17:51 +0400, Sergey Matveychuk <sem@FreeBSD.org> wrote:
 
 # What's progress on the PR?
 
 I haven't heard any updates from the maintainer. I know that 2.4.1 is
 out, but it uses a different signature file and there are some tweaks
 that need to be applied for some of the features to be enabled properly
 as noted for this particular PR. Unfortunately, I'm not savvy enough to
 do that.
 
 --=20
 Linh Pham
 question+fbsdports@closedsrc.org
 http://closedsrc.org/
 
 --ZGiS0Q5IWpPtfppv
 Content-Type: application/pgp-signature
 Content-Disposition: inline
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.2 (FreeBSD)
 
 iD8DBQFDOVT7whofDeWkDMIRAqpMAKCpLgUadMKCfOTuCKVwxqoxExsykACfTjco
 OrlFKJ71dhjubiUUlaTntfA=
 =KzNm
 -----END PGP SIGNATURE-----
 
 --ZGiS0Q5IWpPtfppv--
State-Changed-From-To: open->closed 
State-Changed-By: sergei 
State-Changed-When: Wed Oct 12 12:37:11 GMT 2005 
State-Changed-Why:  
Committed update to 2.4.1 - thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=84249 
>Unformatted:
