New upstream version. Closes #46033.

7 files changed, 298 insertions, 1 deletions

diff --git a/net-analyzer/snort_inline/ChangeLog b/net-analyzer/snort_inline/ChangeLog
index 07d4e2b910e1..83ed7f1fc928 100644
--- a/net-analyzer/snort_inline/ChangeLog
+++ b/net-analyzer/snort_inline/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for net-analyzer/snort_inline
 # Copyright 2000-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort_inline/ChangeLog,v 1.4 2004/03/29 13:04:45 mboman Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort_inline/ChangeLog,v 1.5 2004/03/29 13:21:54 mboman Exp $
+
+*snort_inline-2.1.1 (29 Mar 2004)
+
+  29 Mar 2004; Michael Boman <mboman@gentoo.org> snort_inline-2.1.1.ebuild,
+  files/2.1.1-libnet-1.0.patch, files/snort_inline-2.1.1-gcc3.patch,
+  files/snort_inline-2.1.1-pgsql.patch:
+  New upstream version. Closes #46033.
 
 *snort_inline-2.1.0a-r2 (29 Mar 2004)
 
diff --git a/net-analyzer/snort_inline/Manifest b/net-analyzer/snort_inline/Manifest
index 41647d38a2e4..5847e691547f 100644
--- a/net-analyzer/snort_inline/Manifest
+++ b/net-analyzer/snort_inline/Manifest
@@ -3,6 +3,7 @@ MD5 a03c7143facdc72a078379d3cb85ceb0 metadata.xml 775
 MD5 69a0b61f02f16b6048a60474a4c5359a ChangeLog 942
 MD5 c04d5cb45b04ca460000620043c72d3d snort_inline-2.1.0a-r1.ebuild 2896
 MD5 2e8dcdb7c611e6816e8fcffe86e7e7e3 snort_inline-2.1.0a-r2.ebuild 3029
+MD5 2e8dcdb7c611e6816e8fcffe86e7e7e3 snort_inline-2.1.1.ebuild 3029
 MD5 0cce9e04506ab5922938962ae1fa1d07 files/snort_inline.initd 845
 MD5 b5858725dbd2df4356875f78b9d855da files/digest-snort_inline-2.1.0a 69
 MD5 6f4160da265eb5b2d12d7ec7333e73a2 files/2.1.0a-libnet-1.0.patch 5923
@@ -12,3 +13,4 @@ MD5 ea783bd276257a20df5b6537d3ff5d49 files/snort-drop-calculation.diff 4957
 MD5 c663da5de60e2e230e14349acfecf6f7 files/snort_inline.confd 368
 MD5 b5858725dbd2df4356875f78b9d855da files/digest-snort_inline-2.1.0a-r1 69
 MD5 b5858725dbd2df4356875f78b9d855da files/digest-snort_inline-2.1.0a-r2 69
+MD5 3cf1d80848a328ace5817893cec930f2 files/digest-snort_inline-2.1.1 68
diff --git a/net-analyzer/snort_inline/files/2.1.1-libnet-1.0.patch b/net-analyzer/snort_inline/files/2.1.1-libnet-1.0.patch
new file mode 100644
index 000000000000..93e8b4dcafb7
--- /dev/null
+++ b/net-analyzer/snort_inline/files/2.1.1-libnet-1.0.patch
@@ -0,0 +1,157 @@
+--- snort_inline-2.1.0a.orig/configure	2004-01-27 00:48:53.000000000 +0800
++++ snort_inline-2.1.0a/configure	2004-03-09 10:11:36.000000000 +0800
+@@ -7945,22 +7945,22 @@
+         fi
+ 
+         LIBNET_INC_DIR=""
+-        echo "$as_me:$LINENO: checking \"for libnet.h version 1.0.x\"" >&5
+-echo $ECHO_N "checking \"for libnet.h version 1.0.x\"... $ECHO_C" >&6
++        echo "$as_me:$LINENO: checking \"for libnet-1.0.h version 1.0.x\"" >&5
++echo $ECHO_N "checking \"for libnet-1.0.h version 1.0.x\"... $ECHO_C" >&6
+         libnet_dir="/usr/include /usr/local/include"
+         for i in $libnet_dir; do
+-            if test -r $i/libnet.h; then
++            if test -r $i/libnet-1.0.h; then
+                 LIBNET_INC_DIR=$i
+             fi
+         done
+ 
+         if test "$LIBNET_INC_DIR" != ""; then
+-            if eval "grep LIBNET_VERSION $LIBNET_INC_DIR/libnet.h | grep -v 1.0 >/dev/null"; then
++            if eval "grep LIBNET_VERSION $LIBNET_INC_DIR/libnet-1.0.h | grep -v 1.0 >/dev/null"; then
+ 
+    echo
+    echo
+    echo "**********************************************"
+-   echo "  ERROR: unable to find" "libnet 1.0.x (libnet.h)"
++   echo "  ERROR: unable to find" "libnet 1.0.x (libnet-1.0.h)"
+    echo "  checked in the following places"
+    for i in `echo $tmp`; do
+      echo "        $i"
+@@ -7970,8 +7970,8 @@
+    exit
+ 
+             fi
+-            CFLAGS="${CFLAGS} `libnet-config --defines` `libnet-config --cflags`"
+-            LIBS="${LIBS} `libnet-config --libs`"
++            CFLAGS="${CFLAGS} `libnet-1.0-config --defines` `libnet-1.0-config --cflags`"
++            LIBS="${LIBS} `libnet-1.0-config --libs`"
+             CPPFLAGS="${CPPFLAGS} -I${LIBNET_INC_DIR}"
+             echo "$as_me:$LINENO: result: $i" >&5
+ echo "${ECHO_T}$i" >&6
+@@ -7988,31 +7988,31 @@
+ # Check whether --enable-flexresp or --disable-flexresp was given.
+ if test "${enable_flexresp+set}" = set; then
+   enableval="$enable_flexresp"
+-   CPPFLAGS="${CPPFLAGS} -DENABLE_RESPONSE `libnet-config --defines --cflags`" LDFLAGS="${LDFLAGS} `libnet-config --libs`"
++   CPPFLAGS="${CPPFLAGS} -DENABLE_RESPONSE `libnet-1.0-config --defines --cflags`" LDFLAGS="${LDFLAGS} `libnet-1.0-config --libs`"
+ fi;
+ 
+ 
+ if test "$enable_flexresp" != "no" -a "$enable_flexresp" = "yes"; then
+ 
+-  if test `libnet-config --cflags | wc -c` = "1"; then
++  if test `libnet-1.0-config --cflags | wc -c` = "1"; then
+     CPPFLAGS="${CPPFLAGS} -I/usr/local/include -I/sw/include"
+     LIBNET_CONFIG_BROKEN_CFLAGS=yes
+   fi
+ 
+-  if test `libnet-config --libs | wc -c` = "1"; then
+-    { echo "$as_me:$LINENO: WARNING: libnet-config --libs is broken on your system.  If you" >&5
+-echo "$as_me: WARNING: libnet-config --libs is broken on your system.  If you" >&2;}
++  if test `libnet-1.0-config --libs | wc -c` = "1"; then
++    { echo "$as_me:$LINENO: WARNING: libnet-1.0-config --libs is broken on your system.  If you" >&5
++echo "$as_me: WARNING: libnet-1.0-config --libs is broken on your system.  If you" >&2;}
+     { echo "$as_me:$LINENO: WARNING: are using a precompiled package please notify the" >&5
+ echo "$as_me: WARNING: are using a precompiled package please notify the" >&2;}
+     { echo "$as_me:$LINENO: WARNING: maintainer." >&5
+ echo "$as_me: WARNING: maintainer." >&2;}
+     LDFLAGS="${LDFLAGS} -L/usr/local/lib -L/sw/lib"
+-    LIBS="${LIBS} -lnet"
++    LIBS="${LIBS} -lnet-1.0"
+   fi
+ 
+   LNET=""
+ 
+-for ac_header in libnet.h
++for ac_header in libnet-1.0.h
+ do
+ as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+ if eval "test \"\${$as_ac_Header+set}\" = set"; then
+@@ -8180,18 +8180,18 @@
+       libnet_dir="/usr/include /usr/local/include /sw/include"
+     fi
+   else
+-    libnet_dir=`libnet-config --cflags | cut -dI -f2`
++    libnet_dir=`libnet-1.0-config --cflags | cut -dI -f2`
+   fi
+ 
+   LIBNET_INC_DIR=""
+   for i in $libnet_dir; do
+-    if test -r $i/libnet.h; then
++    if test -r $i/libnet-1.0.h; then
+       LIBNET_INC_DIR=$i
+     fi
+   done
+ 
+   if test "$LIBNET_INC_DIR" != ""; then
+-    if eval "grep LIBNET_VERSION $LIBNET_INC_DIR/libnet.h | grep -v 1.0.2a >/dev/null"; then
++    if eval "grep LIBNET_VERSION $LIBNET_INC_DIR/libnet-1.0.h | grep -v 1.0.2a >/dev/null"; then
+       echo "$as_me:$LINENO: result: no" >&5
+ echo "${ECHO_T}no" >&6
+       echo
+@@ -8202,7 +8202,7 @@
+    echo
+    echo
+    echo "**********************************************"
+-   echo "  ERROR: unable to find" "libnet 1.0.2a (libnet.h)"
++   echo "  ERROR: unable to find" "libnet 1.0.2a (libnet-1.0.h)"
+    echo "  checked in the following places"
+    for i in `echo $LIBNET_INC_DIR`; do
+      echo "        $i"
+@@ -8221,7 +8221,7 @@
+    echo
+    echo
+    echo "**********************************************"
+-   echo "  ERROR: unable to find" "libnet 1.0.2a (libnet.h)"
++   echo "  ERROR: unable to find" "libnet 1.0.2a (libnet-1.0.h)"
+    echo "  checked in the following places"
+    for i in `echo $libnet_dir`; do
+      echo "        $i"
+@@ -8234,13 +8234,13 @@
+ 
+   LNET=""
+ 
+-echo "$as_me:$LINENO: checking for libnet_build_ip in -lnet" >&5
+-echo $ECHO_N "checking for libnet_build_ip in -lnet... $ECHO_C" >&6
++echo "$as_me:$LINENO: checking for libnet_build_ip in -lnet-1.0" >&5
++echo $ECHO_N "checking for libnet_build_ip in -lnet-1.0... $ECHO_C" >&6
+ if test "${ac_cv_lib_net_libnet_build_ip+set}" = set; then
+   echo $ECHO_N "(cached) $ECHO_C" >&6
+ else
+   ac_check_lib_save_LIBS=$LIBS
+-LIBS="-lnet  $LIBS"
++LIBS="-lnet-1.0  $LIBS"
+ cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+ _ACEOF
+@@ -8302,7 +8302,7 @@
+ #define HAVE_LIBNET 1
+ _ACEOF
+ 
+-  LIBS="-lnet $LIBS"
++  LIBS="-lnet-1.0 $LIBS"
+ 
+ else
+   LNET="no"
+--- snort_inline-2.1.0a.orig/src/inline.c	2004-01-27 01:15:26.000000000 +0800
++++ snort_inline-2.1.0a/src/inline.c	2004-03-09 10:20:59.000000000 +0800
+@@ -5,7 +5,7 @@
+ #include <pcap.h>
+ #include <string.h>
+ #include <stdlib.h>
+-#include <libnet.h>
++#include <libnet-1.0.h>
+ 
+ #define PKT_BUFSIZE 65536
+ 
diff --git a/net-analyzer/snort_inline/files/digest-snort_inline-2.1.1 b/net-analyzer/snort_inline/files/digest-snort_inline-2.1.1
new file mode 100644
index 000000000000..a4b680cc89d3
--- /dev/null
+++ b/net-analyzer/snort_inline/files/digest-snort_inline-2.1.1
@@ -0,0 +1 @@
+MD5 48ab33a21141680588cf864646efbe7f snort_inline-2.1.1.tgz 2493082
diff --git a/net-analyzer/snort_inline/files/snort_inline-2.1.1-gcc3.patch b/net-analyzer/snort_inline/files/snort_inline-2.1.1-gcc3.patch
new file mode 100644
index 000000000000..972aee39c74a
--- /dev/null
+++ b/net-analyzer/snort_inline/files/snort_inline-2.1.1-gcc3.patch
@@ -0,0 +1,12 @@
+diff -ur snort-2.0.2/src/util.h snort-2.0.2-gentoo/src/util.h
+--- snort-2.0.2/src/util.h	2003-03-27 09:59:30.000000000 +1200
++++ snort-2.0.2-gentoo/src/util.h	2003-10-10 02:11:41.000000000 +1300
+@@ -39,6 +39,8 @@
+ #include "strlcpyu.h"
+ #endif
+ 
++#include <sys/types.h>
++
+ extern u_long netmasks[33];
+ 
+ /* Self preservation memory control struct */
diff --git a/net-analyzer/snort_inline/files/snort_inline-2.1.1-pgsql.patch b/net-analyzer/snort_inline/files/snort_inline-2.1.1-pgsql.patch
new file mode 100644
index 000000000000..46d62711ea12
--- /dev/null
+++ b/net-analyzer/snort_inline/files/snort_inline-2.1.1-pgsql.patch
@@ -0,0 +1,17 @@
+Index: configure.in
+===================================================================
+RCS file: /cvsroot/snort/snort/configure.in,v
+retrieving revision 1.129
+diff -u -b -B -w -p -r1.129 configure.in
+--- configure.in	17 Dec 2003 21:25:13 -0000	1.129
++++ configure.in	8 Jan 2004 11:50:34 -0000
+@@ -511,6 +511,9 @@ if test "$with_postgresql" != "no"; then
+     elif test -r $i/include/postgresql/libpq-fe.h; then
+       POSTGRESQL_DIR=$i
+       POSTGRESQL_INC_DIR=$i/include/postgresql
++    elif test -r $i/include/postgresql/pgsql/libpq-fe.h; then
++      POSTGRESQL_DIR=$i
++      POSTGRESQL_INC_DIR=$i/include/postgresql/pgsql
+     fi
+   done
+ 
diff --git a/net-analyzer/snort_inline/snort_inline-2.1.1.ebuild b/net-analyzer/snort_inline/snort_inline-2.1.1.ebuild
new file mode 100644
index 000000000000..b6a0fb25f595
--- /dev/null
+++ b/net-analyzer/snort_inline/snort_inline-2.1.1.ebuild
@@ -0,0 +1,101 @@
+# Copyright 1999-2004 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort_inline/snort_inline-2.1.1.ebuild,v 1.1 2004/03/29 13:21:54 mboman Exp $
+
+DESCRIPTION="Intrusion Prevention System (IPS) based on Snort"
+HOMEPAGE="http://snort-inline.sf.net/"
+SRC_URI="mirror://sourceforge/snort-inline/${P}.tgz"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~x86"
+IUSE="ssl postgres mysql"
+DEPEND="virtual/glibc
+	>=dev-libs/libpcre-4.2-r1
+	>=net-libs/libpcap-0.6.2-r1
+	>=net-firewall/iptables-1.2.7a-r4
+	<net-libs/libnet-1.1
+	>=net-libs/libnet-1.0.2a-r3
+	postgres? ( >=dev-db/postgresql-7.2 )
+	mysql? ( >=dev-db/mysql-3.23.26 )
+	ssl? ( >=dev-libs/openssl-0.9.6b )"
+
+RDEPEND="virtual/glibc
+	>=dev-libs/libpcre-4.2-r1
+	dev-lang/perl
+	net-firewall/iptables
+	net-firewall/ebtables
+	>=net-libs/libpcap-0.6.2-r1
+	<net-libs/libnet-1.1
+	>=net-libs/libnet-1.0.2a-r3
+	postgres? ( >=dev-db/postgresql-7.2 )
+	mysql? ( >=dev-db/mysql-3.23.26 )
+	ssl? ( >=dev-libs/openssl-0.9.6b )"
+
+S=${WORKDIR}/${P}
+
+src_unpack() {
+	unpack ${A}
+	cd ${S}
+
+	epatch ${FILESDIR}/${PV}-libnet-1.0.patch
+	epatch ${FILESDIR}/${P}-gcc3.patch
+	epatch ${FILESDIR}/snort-drop-calculation.diff
+
+	sed -i -e "s:^var RULE_PATH.*:var RULE_PATH /etc/snort_inline/rules:" \
+		-e "s:\$RULE_PATH/classification.config:classification.config:" \
+		-e "s:\$RULE_PATH/reference.config:reference.config:" \
+		etc/snort_inline.conf
+}
+
+src_compile() {
+	econf \
+		`use_with postgres postgresql` \
+		`use_with mysql` \
+		`use_with ssl openssl` \
+		--without-odbc \
+		--without-oracle || die "bad ./configure"
+
+	emake || die "compile problem"
+}
+
+src_install() {
+	make DESTDIR=${D} install || die
+
+	dodir /var/log/snort_inline
+	keepdir /var/log/snort_inline/
+
+	insinto /usr/lib/snort_inline/bin
+	doins contrib/{create_mysql,snortlog,*.pl}
+
+	dodoc COPYING LICENSE doc/*
+	docinto contrib ; dodoc contrib/*
+
+	newman snort.8 snort_inline.8
+	rm ${D}/usr/share/man/man8/snort.8
+
+	insinto /etc/snort_inline
+	doins etc/reference.config etc/classification.config etc/*.map etc/threshold.conf
+	newins etc/snort_inline.conf snort_inline.conf.distrib
+
+	insinto /etc/snort_inline/rules
+	doins rules/*.rules
+
+	exeinto /etc/init.d ; newexe ${FILESDIR}/snort_inline.initd snort_inline
+	insinto /etc/conf.d ; newins ${FILESDIR}/snort_inline.confd snort_inline
+}
+
+pkg_postinst() {
+	enewgroup snort_inline
+	enewuser snort_inline -1 /dev/null /var/log/snort_inline snort_inline
+	usermod -d "/var/log/snort_inline" snort_inline || die "usermod problem"
+	usermod -g "snort_inline" snort_inline || die "usermod problem"
+	usermod -s "/dev/null" snort_inline || die "usermod problem"
+	echo "ignore any message about CREATE_HOME above..."
+
+	chown snort_inline:snort_inline /var/log/snort_inline
+	chmod 0770 /var/log/snort_inline
+
+	einfo "snort_inline requires a kernel with ebtables support. 2.6.x"
+	einfo "kernels have this built-in, while 2.4.x kernels needs to be"
+	einfo "patched. ebtables can be found at http://ebtables.sf.net"
+}