8 files changed, 681 insertions, 8 deletions

diff --git a/net-analyzer/snort/ChangeLog b/net-analyzer/snort/ChangeLog
index c53b8051632d..2df80849eb86 100644
--- a/net-analyzer/snort/ChangeLog
+++ b/net-analyzer/snort/ChangeLog
@@ -1,6 +1,15 @@
 # ChangeLog for net-analyzer/snort
 # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.139 2009/03/01 19:16:21 patrick Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/ChangeLog,v 1.140 2009/04/17 12:05:30 patrick Exp $
+
+*snort-2.8.4 (17 Apr 2009)
+
+  17 Apr 2009; Patrick Lauer <patrick@gentoo.org>
+  +files/snort-2.8.4-libnet.patch, +files/pcap_memory.patch,
+  files/snort.confd, +files/snort.rc9, +files/spo_database_fix.patch,
+  metadata.xml, +snort-2.8.4.ebuild:
+  Bump to 2.8.4. Reworked ebuild thanks to Jason Wallace. Lots of changes,
+  see bug #266288 for details.
 
 *snort-2.6.1.4-r1 (01 Mar 2009)
 
diff --git a/net-analyzer/snort/files/pcap_memory.patch b/net-analyzer/snort/files/pcap_memory.patch
new file mode 100644
index 000000000000..0f75e34dc60d
--- /dev/null
+++ b/net-analyzer/snort/files/pcap_memory.patch
@@ -0,0 +1,19 @@
+diff -ru snort-2.8.4.orig/src/snort.c snort-2.8.4/src/snort.c
+--- snort-2.8.4.orig/src/snort.c	2009-01-28 11:37:03.000000000 -0500
++++ snort-2.8.4/src/snort.c	2009-04-09 10:48:26.000000000 -0400
+@@ -1188,6 +1188,15 @@
+         LogMessage("Not Using PCAP_FRAMES\n" );
+     }
+ 
++    if( getenv("PCAP_MEMORY") )
++    {
++        LogMessage("Using PCAP_MEMORY = %s\n", getenv("PCAP_MEMORY") );
++    }
++    else
++    {
++        LogMessage("Not Using PCAP_MEMORY\n" );
++    }
++
+ #ifdef TIMESTATS
+     start_time = time(&start_time); /* start counting seconds */
+ #endif
diff --git a/net-analyzer/snort/files/snort-2.8.4-libnet.patch b/net-analyzer/snort/files/snort-2.8.4-libnet.patch
new file mode 100644
index 000000000000..b0f073a14d51
--- /dev/null
+++ b/net-analyzer/snort/files/snort-2.8.4-libnet.patch
@@ -0,0 +1,221 @@
+diff -ru snort-2.8.4.rc1/configure.in snort-2.8.4.rc1_gentoo/configure.in
+--- snort-2.8.4.rc1/configure.in	2009-04-06 08:54:54.000000000 -0400
++++ snort-2.8.4.rc1_gentoo/configure.in	2009-04-06 09:08:37.000000000 -0400
+@@ -1214,19 +1214,19 @@
+          else
+             libnet_dir="/usr/include /usr/local/include /sw/include"
+         fi
+-        AC_MSG_CHECKING("for libnet.h version 1.0.x")
++        AC_MSG_CHECKING("for libnet-1.0.h version 1.0.x")
+         for i in $libnet_dir; do
+-            if test -r "$i/libnet.h"; then
++            if test -r "$i/libnet-1.0.h"; then
+                 LIBNET_INC_DIR="$i"
+             fi
+         done
+ 
+         if test "$LIBNET_INC_DIR" != ""; then
+-            if eval "grep LIBNET_VERSION $LIBNET_INC_DIR/libnet.h | grep -v 1.0 >/dev/null"; then
+-                FAIL_MESSAGE("libnet 1.0.x (libnet.h)", $LIBNET_INC_DIR)
++            if eval "grep LIBNET_VERSION $LIBNET_INC_DIR/libnet-1.0.h | grep -v 1.0 >/dev/null"; then
++                FAIL_MESSAGE("libnet 1.0.x (libnet-1.0.h)", $LIBNET_INC_DIR)
+             fi
+-            CFLAGS="${CFLAGS} `libnet-config --defines` `libnet-config --cflags`"
+-            LIBS="${LIBS} `libnet-config --libs`"
++            CFLAGS="${CFLAGS} `libnet-1.0-config --defines` `libnet-1.0-config --cflags`"
++            LIBS="${LIBS} `libnet-1.0-config --libs`"
+             CPPFLAGS="${CPPFLAGS} -I${LIBNET_INC_DIR}"
+             AC_MSG_RESULT($i)
+         else
+@@ -1248,8 +1248,8 @@
+ [  --enable-flexresp        Flexible Responses on hostile connection attempts],
+        enable_flexresp="$enableval", enable_flexresp="no")
+ if test "x$enable_flexresp" = "xyes"; then
+-    CPPFLAGS="${CPPFLAGS} -DENABLE_RESPONSE `libnet-config --defines --cflags`"
+-    LDFLAGS="${LDFLAGS} `libnet-config --libs`"
++    CPPFLAGS="${CPPFLAGS} -DENABLE_RESPONSE `libnet-1.0-config --defines --cflags`"
++    LDFLAGS="${LDFLAGS} `libnet-1.0-config --libs`"
+ fi
+                 
+ if test "x$enable_flexresp" != "xno" -a "x$enable_flexresp" = "xyes"; then
+@@ -1259,21 +1259,21 @@
+         exit
+     fi
+ 
+-    if test `libnet-config --cflags | wc -c` = "1"; then
++    if test `libnet-1.0-config --cflags | wc -c` = "1"; then
+         CPPFLAGS="${CPPFLAGS} -I/usr/local/include -I/sw/include"
+         LIBNET_CONFIG_BROKEN_CFLAGS="yes"
+     fi
+ 
+-    if test `libnet-config --libs | wc -c` = "1"; then
+-        AC_MSG_WARN(libnet-config --libs is broken on your system.  If you)
++    if test `libnet-1.0-config --libs | wc -c` = "1"; then
++        AC_MSG_WARN(libnet-1.0-config --libs is broken on your system.  If you)
+         AC_MSG_WARN(are using a precompiled package please notify the) 
+         AC_MSG_WARN(maintainer.)
+         LDFLAGS="${LDFLAGS} -L/usr/local/lib -L/sw/lib"
+-        LIBS="${LIBS} -lnet"
++        LIBS="${LIBS} -lnet-1.0"
+     fi
+ 
+     LNET=""
+-    AC_CHECK_HEADERS(libnet.h,, LNET="no")
++    AC_CHECK_HEADERS(libnet-1.0.h,, LNET="no")
+     if test "x$LNET" = "xno"; then
+         echo
+         echo "   ERROR!  Libnet header not found, go get it from"
+@@ -1291,33 +1291,33 @@
+             libnet_dir="/usr/include /usr/local/include /sw/include"
+         fi
+     else
+-        libnet_dir=`libnet-config --cflags | cut -dI -f2`
++        libnet_dir=`libnet-1.0-config --cflags | cut -dI -f2`
+     fi
+ 
+     LIBNET_INC_DIR=""
+     for i in $libnet_dir; do
+-        if test -r "$i/libnet.h"; then
++        if test -r "$i/libnet-1.0.h"; then
+             LIBNET_INC_DIR="$i"
+         fi
+     done
+ 
+     if test "x$LIBNET_INC_DIR" != "x"; then
+-        if eval "grep LIBNET_VERSION $LIBNET_INC_DIR/libnet.h | grep -v 1.0.2a >/dev/null"; then
++        if eval "grep LIBNET_VERSION $LIBNET_INC_DIR/libnet-1.0.h | grep -v 1.0.2a >/dev/null"; then
+             AC_MSG_RESULT(no)
+             echo
+             echo "   ERROR!  Snort with --enable-flexresp will *only* work with"
+             echo "   libnet version 1.0.2a, go get it from"
+             echo "   http://www.packetfactory.net/projects/libnet/"
+-            FAIL_MESSAGE("libnet 1.0.2a (libnet.h)", $LIBNET_INC_DIR)
++            FAIL_MESSAGE("libnet 1.0.2a (libnet-1.0.h)", $LIBNET_INC_DIR)
+         fi
+         AC_MSG_RESULT(yes)
+     else
+         AC_MSG_RESULT(no)
+-        FAIL_MESSAGE("libnet 1.0.2a (libnet.h)", $libnet_dir)
++        FAIL_MESSAGE("libnet 1.0.2a (libnet-1.0.h)", $libnet_dir)
+     fi
+ 
+     LNET=""
+-    AC_CHECK_LIB(net, libnet_build_ip,, LNET="no")
++    AC_CHECK_LIB(net-1.0, libnet_build_ip,, LNET="no")
+     if test "x$LNET" = "xno"; then
+         echo
+         echo "   ERROR!  Libnet library not found, go get it from"
+@@ -1368,8 +1368,8 @@
+ [  --enable-react           Intercept and terminate offending HTTP accesses],
+        enable_react="$enableval", enable_react="no")
+ if test "x$enable_react" = "xyes"; then
+-    CPPFLAGS="${CPPFLAGS} -DENABLE_REACT `libnet-config --defines --cflags`"
+-    LDFLAGS="${LDFLAGS} `libnet-config --libs`"
++    CPPFLAGS="${CPPFLAGS} -DENABLE_REACT `libnet-1.0-config --defines --cflags`"
++    LDFLAGS="${LDFLAGS} `libnet-1.0-config --libs`"
+ fi
+ 
+ if test "x$enable_react" != "xno" -a "x$enable_react" = "xyes"; then
+@@ -1380,13 +1380,13 @@
+         exit
+     fi
+ 
+-    if test `libnet-config --cflags | wc -c` = "1"; then
++    if test `libnet-1.0-config --cflags | wc -c` = "1"; then
+         CPPFLAGS="${CPPFLAGS} -I/usr/local/include -I/sw/include"
+         LIBNET_CONFIG_BROKEN_CFLAGS="yes"
+     fi
+ 
+-    if test `libnet-config --libs | wc -c` = "1"; then
+-        AC_MSG_WARN(libnet-config --libs is broken on your system.  If you)
++    if test `libnet-1.0-config --libs | wc -c` = "1"; then
++        AC_MSG_WARN(libnet-1.0-config --libs is broken on your system.  If you)
+         AC_MSG_WARN(are using a precompiled package please notify the)
+         AC_MSG_WARN(maintainer.)
+         LDFLAGS="${LDFLAGS} -L/usr/local/lib -L/sw/lib"
+@@ -1394,7 +1394,7 @@
+     fi
+ 
+     LNET=""
+-    AC_CHECK_HEADERS(libnet.h,, LNET="no")
++    AC_CHECK_HEADERS(libnet-1.0.h,, LNET="no")
+     if test "x$LNET" = "xno"; then
+         echo
+         echo "   ERROR!  Libnet header not found, go get it from"
+@@ -1412,33 +1412,33 @@
+             libnet_dir="/usr/include /usr/local/include /sw/include"
+         fi
+     else
+-        libnet_dir=`libnet-config --cflags | cut -dI -f2`
++        libnet_dir=`libnet-1.0-config --cflags | cut -dI -f2`
+     fi
+ 
+     LIBNET_INC_DIR=""
+     for i in $libnet_dir; do
+-        if test -r "$i/libnet.h"; then
++        if test -r "$i/libnet-1.0.h"; then
+             LIBNET_INC_DIR="$i"
+         fi
+     done
+ 
+     if test "x$LIBNET_INC_DIR" != "x"; then
+-        if eval "grep LIBNET_VERSION $LIBNET_INC_DIR/libnet.h | grep -v 1.0.2a >/dev/null"; then
++        if eval "grep LIBNET_VERSION $LIBNET_INC_DIR/libnet-1.0.h | grep -v 1.0.2a >/dev/null"; then
+             AC_MSG_RESULT(no)
+             echo
+             echo "   ERROR!  Snort with --enable-react will *only* work with"
+             echo "   libnet version 1.0.2a, go get it from"
+             echo "   http://www.packetfactory.net/projects/libnet/"
+-            FAIL_MESSAGE("libnet 1.0.2a (libnet.h)", $LIBNET_INC_DIR)
++            FAIL_MESSAGE("libnet 1.0.2a (libnet-1.0.h)", $LIBNET_INC_DIR)
+         fi
+         AC_MSG_RESULT(yes)
+     else
+         AC_MSG_RESULT(no)
+-        FAIL_MESSAGE("libnet 1.0.2a (libnet.h)", $libnet_dir)
++        FAIL_MESSAGE("libnet 1.0.2a (libnet-1.0.h)", $libnet_dir)
+     fi
+ 
+     LNET=""
+-    AC_CHECK_LIB(net, libnet_build_ip,, LNET="no")
++    AC_CHECK_LIB(net-1.0, libnet_build_ip,, LNET="no")
+     if test "x$LNET" = "xno"; then
+         echo
+         echo "   ERROR!  Libnet library not found, go get it from"
+Only in snort-2.8.4.rc1_gentoo/: configure.in.orig
+diff -ru snort-2.8.4.rc1/src/detection-plugins/sp_react.c snort-2.8.4.rc1_gentoo/src/detection-plugins/sp_react.c
+--- snort-2.8.4.rc1/src/detection-plugins/sp_react.c	2009-04-06 08:54:54.000000000 -0400
++++ snort-2.8.4.rc1_gentoo/src/detection-plugins/sp_react.c	2009-04-06 09:08:37.000000000 -0400
+@@ -59,7 +59,7 @@
+ #include <stdlib.h>
+ #include <string.h>
+ #include <ctype.h>
+-#include <libnet.h>
++#include <libnet-1.0.h>
+ 
+ #include "rules.h"
+ #include "decode.h"
+diff -ru snort-2.8.4.rc1/src/detection-plugins/sp_respond.c snort-2.8.4.rc1_gentoo/src/detection-plugins/sp_respond.c
+--- snort-2.8.4.rc1/src/detection-plugins/sp_respond.c	2009-04-06 08:54:54.000000000 -0400
++++ snort-2.8.4.rc1_gentoo/src/detection-plugins/sp_respond.c	2009-04-06 09:08:37.000000000 -0400
+@@ -36,7 +36,7 @@
+ 
+ 
+ #if defined(ENABLE_RESPONSE) && !defined(ENABLE_RESPONSE2)
+-#include <libnet.h>
++#include <libnet-1.0.h>
+ 
+ #include "decode.h"
+ #include "rules.h"
+diff -ru snort-2.8.4.rc1/src/inline.c snort-2.8.4.rc1_gentoo/src/inline.c
+--- snort-2.8.4.rc1/src/inline.c	2009-04-06 08:54:54.000000000 -0400
++++ snort-2.8.4.rc1_gentoo/src/inline.c	2009-04-06 09:08:37.000000000 -0400
+@@ -20,7 +20,7 @@
+ #include <stdlib.h>
+ #include <string.h>
+ #include <pcap.h>
+-#include <libnet.h>
++#include <libnet-1.0.h>
+ 
+ #include "decode.h"
+ #include "inline.h"
diff --git a/net-analyzer/snort/files/snort.confd b/net-analyzer/snort/files/snort.confd
index d4d240ac966b..c429ca61b2cb 100644
--- a/net-analyzer/snort/files/snort.confd
+++ b/net-analyzer/snort/files/snort.confd
@@ -1,16 +1,17 @@
 # Config file for /etc/init.d/snort
 
 # This tell snort which interface to listen on (any for every interface)
-IFACE=eth0
+IFACE="eth1"
 
-# Make sure this matches your IFACE
-PIDFILE=/var/run/snort_$IFACE.pid
+# You do NOT want to change this
+PIDPATH="/var/run/snort"
+PIDFILE="snort_$IFACE.pid"
 
 # You probably don't want to change this, but in case you do
 LOGDIR="/var/log/snort"
 
 # Probably not this either
-CONF=/etc/snort/snort.conf
+CONF="/etc/snort/snort.conf"
 
 # This pulls in the options above
 SNORT_OPTS="-D -u snort -i $IFACE -l $LOGDIR -c $CONF"
diff --git a/net-analyzer/snort/files/snort.rc9 b/net-analyzer/snort/files/snort.rc9
new file mode 100644
index 000000000000..6c65a353adc8
--- /dev/null
+++ b/net-analyzer/snort/files/snort.rc9
@@ -0,0 +1,34 @@
+#!/sbin/runscript
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/files/snort.rc9,v 1.3 2009/04/17 12:05:29 patrick Exp $
+
+depend() {
+	need net
+	after mysql
+	after postgresql
+}
+
+checkconfig() {
+	if [ ! -e $CONF ] ; then
+		eerror "You need a configuration file to run snort"
+		eerror "There is an example config in /etc/snort/snort.conf.distrib"
+		return 1
+	fi
+}
+
+start() {
+	checkconfig || return 1
+	ebegin "Starting snort"
+	start-stop-daemon --start --quiet --exec /usr/bin/snort \
+		-- --nolock-pidfile --pid-path ${PIDPATH} ${SNORT_OPTS} >/dev/null 2>&1
+	eend $?
+}
+
+stop() {
+	ebegin "Stopping snort"
+	start-stop-daemon --stop --quiet --pidfile ${PIDPATH}/${PIDFILE}
+	# Snort needs a few seconds to fully shutdown
+	sleep 15
+	eend $?
+}
diff --git a/net-analyzer/snort/files/spo_database_fix.patch b/net-analyzer/snort/files/spo_database_fix.patch
new file mode 100644
index 000000000000..944b3ee49e14
--- /dev/null
+++ b/net-analyzer/snort/files/spo_database_fix.patch
@@ -0,0 +1,18 @@
+diff -ru snort-2.8.4.orig/src/output-plugins/spo_database.c snort-2.8.4/src/output-plugins/spo_database.c
+--- snort-2.8.4.orig/src/output-plugins/spo_database.c	2009-01-26 16:50:26.000000000 -0500
++++ snort-2.8.4/src/output-plugins/spo_database.c	2009-04-14 10:43:28.000000000 -0400
+@@ -2798,6 +2798,14 @@
+                     {
+                         result = atoi(data->m_row[0]);
+                     }
++		      else
++		      {
++		    	result = 0;
++		      }
++		    }
++		    else
++		    {
++		      result = 0;
+                 }
+             }
+             mysql_free_result(data->m_result);
diff --git a/net-analyzer/snort/metadata.xml b/net-analyzer/snort/metadata.xml
index d76e098fcf6a..3bd53ba25071 100644
--- a/net-analyzer/snort/metadata.xml
+++ b/net-analyzer/snort/metadata.xml
@@ -1,17 +1,24 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
 <pkgmetadata>
+<maintainer>
+  <email>patrick@gentoo.org</email>
+  <name>Patrick Lauer</name>
+</maintainer>
+
 <herd>netmon</herd>
 <longdescription>Libpcap-based packet sniffer/logger/lightweight IDS</longdescription>
 <use>
-<flag name='aruba'>Enable Aruba support</flag>
-<flag name='community-rules'>Include Community rules</flag>
+
+<flag name='aruba'>Enable Aruba support</flag>                                                   
+<flag name='community-rules'>Include Community rules</flag>                                      
 <flag name='decoder-preprocessor-rules'></flag>
 <flag name='dynamicplugin'>Enable ability to dynamically load preprocessors, detection engine, and rules library</flag>
 <flag name='flexresp'>Enable new connection tearing (not recommended)</flag>
 <flag name='flexresp2'>Enable new connection tearing</flag>
 <flag name='gre'>Enable GRE support</flag>
-<flag name='inline'>Enable snort-inline for accepting packets from <pkg>net-firewall/iptables</pkg>, via libipq, rather than <pkg>net-libs/libpcap</pkg>.</flag>
+<flag name='inline'>Enable snort-inline for accepting packets from <pkg>net-firewall/iptables</pkg>, via libipq, rather than 
+	<pkg>net-libs/libpcap</pkg>.</flag>
 <flag name='inline-init-failopen'>Enable inline-init-failopen support</flag>
 <flag name='linux-smp-stats'>Enable statistics reporting through proc on smp systems</flag>
 <flag name='memory-cleanup'>Enable memory-cleanup support</flag>
diff --git a/net-analyzer/snort/snort-2.8.4.ebuild b/net-analyzer/snort/snort-2.8.4.ebuild
new file mode 100644
index 000000000000..3e71d69bf439
--- /dev/null
+++ b/net-analyzer/snort/snort-2.8.4.ebuild
@@ -0,0 +1,364 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/snort/snort-2.8.4.ebuild,v 1.1 2009/04/17 12:05:30 patrick Exp $
+
+AT_M4DIR=m4
+
+inherit eutils autotools multilib
+
+DESCRIPTION="The de facto standard for intrusion detection/prevention"
+HOMEPAGE="http://www.snort.org/"
+SRC_URI="http://www.snort.org/dl/${P}.tar.gz"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~ppc ~ppc64 -sparc ~x86"
+IUSE="static debug threads prelude memory-cleanup dynamicplugin decoder-preprocessor-rules ipv6 targetbased timestats ppm perfprofiling linux-smp-stats inline inline-init-failopen flexresp flexresp2 react aruba gre mpls postgres mysql odbc selinux"
+
+#flexresp, react, and inline _ONLY_ work with net-libs/libnet-1.0.2a
+DEPEND="virtual/libc
+	virtual/libpcap
+	>=dev-libs/libpcre-6.0
+	flexresp2? ( dev-libs/libdnet )
+	flexresp? ( ~net-libs/libnet-1.0.2a )
+	react? ( ~net-libs/libnet-1.0.2a )
+	postgres? ( virtual/postgresql-base )
+	mysql? ( virtual/mysql )
+	odbc? ( dev-db/unixODBC )
+	prelude? ( >=dev-libs/libprelude-0.9.0 )
+	inline? ( ~net-libs/libnet-1.0.2a net-firewall/iptables )"
+
+RDEPEND="${DEPEND}
+	dev-lang/perl
+	selinux? ( sec-policy/selinux-snort )"
+
+pkg_setup() {
+	enewgroup snort
+	enewuser snort -1 -1 /dev/null snort
+
+	if use flexresp && use flexresp2 ; then
+		ewarn
+		ewarn
+		ewarn "You have both the 'flexresp' and 'flexresp2' USE"
+		ewarn "flags set. You can use 'flexresp' OR 'flexresp2'"
+		ewarn "but not both."
+		ewarn
+		ewarn "Defaulting to flexresp2..."
+		ewarn
+		ewarn
+		epause
+	fi
+
+	if use memory-cleanup && ! use dynamicplugin; then
+		ewarn
+		ewarn
+		ewarn "You have enabled 'memory-cleanup' but not 'dynamicplugin'."
+		ewarn "'memory-cleanup' requires 'dynamicplugin' to compile."
+		ewarn
+		ewarn "Enabling dynamicplugin..."
+		ewarn
+		ewarn
+		epause
+	fi
+
+	if use inline-init-failopen && ! use inline; then
+		ewarn
+		ewarn
+		ewarn "You have enabled 'inline-init-failopen' but not 'inline'."
+		ewarn "'inline-init-failopen' is an 'inline' only function."
+		ewarn
+		ewarn "Enabling inline mode..."
+		ewarn
+		ewarn
+		epause
+	fi
+}
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}"
+
+	#Dont monkey with the original source if you don't need to.
+	if use flexresp || use react || use inline || use inline-init-failopen; then
+	        epatch "${FILESDIR}/${PN}-2.8.4-libnet.patch"
+	fi
+
+	#Added patch to print the value of PCAP_MEMORY
+	epatch "${FILESDIR}/pcap_memory.patch"
+
+	#Added patch to fix problem with the DB output plugin
+	#This will be included upstream in the next version released
+	epatch "${FILESDIR}/spo_database_fix.patch"
+
+	if use prelude ; then
+		sed -i -e "s:AC_PROG_RANLIB:AC_PROG_LIBTOOL:" configure.in
+	fi
+
+	einfo "Regenerating autoconf/automake files"
+	eautoreconf
+}
+
+src_compile() {
+	local myconf
+
+	#Both shared and static are enable by defaut so we need to be specific
+	if use static; then
+		myconf="${myconf} --enable-static --disable-shared"
+	else
+		myconf="${myconf} --disable-static --enable-shared"
+	fi
+
+	#Added in ebuild version snort-2.8.3.1. Should be rechecked in updated versions.
+	#Use 'die' because ./configure will die any ways with the same error message...
+	if use ipv6 && use targetbased; then
+		die "Support for target-based and IPv6 cannot be enabled simultaneously in this version."
+	fi
+
+	#Sourcefire is often not clear about what is and is not enabled by default
+	#To avoid undesired results we should be very specific
+	#Also, See the next 'if' for "react"
+	if ! use react && use flexresp && ! use flexresp2; then
+		myconf="${myconf} --enable-flexresp --disable-flexresp2"
+	elif ! use react && ! use flexresp && use flexresp2; then
+		myconf="${myconf} --disable-flexresp --enable-flexresp2"
+	elif ! use react && use flexresp && use flexresp2; then
+		myconf="${myconf} --disable-flexresp --enable-flexresp2"
+	elif ! use react && ! use flexresp && ! use flexresp2; then
+		myconf="${myconf} --disable-flexresp --disable-flexresp2"
+	fi
+
+	#We need to do this becaue 'react' automaticly enables 'flexresp'
+	#but ./configure fails if both --enable-react and --enable-flexresp
+	#are used. Here is the error...
+	#ERROR!  --enable-react cannot be used with --enable-flexresp
+	#because it is AUTOMATICALLY enabled with --enable-flexresp
+	#Given that --enable-flexresp is enable we know that 
+	#--disable-flexresp2 should be used
+	if use react; then
+		myconf="${myconf} --enable-react --disable-flexresp2"
+	fi
+
+	#USE flag memory-cleanup requires dynamicplugin
+	#Only 'dynamicplugin' is set here, 'memory-cleanup' is set below via econf.
+	if use memory-cleanup || use dynamicplugin; then
+		myconf="${myconf} --enable-dynamicplugin"
+	else
+		myconf="${myconf} --disable-dynamicplugin"
+	fi
+
+
+	# USE flages 'targetbased' and 'inline-init-failopen' require threads
+	#Only 'threads' is set here. 'targetbased' and 'inline-init-failopen' are set below via econf.
+	if use targetbased || use inline-init-failopen || use threads; then
+		myconf="${myconf} --enable-pthread"
+	else
+		myconf="${myconf} --disable-pthread"
+	fi
+
+	#Only needed if...
+	if use flexresp || use react || use inline; then
+		myconf="${myconf} --with-libipq-includes=/usr/include/libipq"
+	fi
+
+	#'inline-init-failopen' requires 'inline'
+	if use inline-init-failopen || use inline; then
+		myconf="${myconf} --enable-inline"
+	else
+		myconf="${myconf} --disable-inline"
+	fi
+
+#The --enable-<feature> options... 
+#'static' 'threads' 'react' 'flexresp' 'flexresp2' 'inline' 'dynamicplugin'
+# are configured above due to dependancy/conflict issues.
+
+#All others are handled the standard ebuild way via econf
+
+	econf \
+		--without-oracle \
+		$(use_with postgres postgresql) \
+		$(use_with mysql) \
+		$(use_with odbc) \
+		--with-pic \
+		--disable-ipfw \
+		--disable-profile \
+		--disable-ppm-test \
+		$(use_enable debug) \
+		$(use_enable prelude) \
+		$(use_enable memory-cleanup) \
+		$(use_enable decoder-preprocessor-rules) \
+		$(use_enable ipv6) \
+		$(use_enable targetbased) \
+		$(use_enable timestats) \
+		$(use_enable ppm) \
+		$(use_enable perfprofiling) \
+		$(use_enable linux-smp-stats) \
+		$(use_enable inline-init-failopen) \
+		$(use_enable aruba) \
+		$(use_enable gre) \
+		$(use_enable mpls) \
+		${myconf} || die "econf failed"
+
+	# limit to single as reported by jforman on irc
+	emake -j1 || die "emake failed"
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die "make install failed"
+
+	dodir /var/log/snort/
+	keepdir /var/log/snort/
+	fowners snort:snort /var/log/snort
+
+	dodir /var/run/snort/
+	fowners snort:snort /var/run/snort/
+
+	dodoc doc/*
+	dodoc ./RELEASE.NOTES
+	docinto schemas
+	dodoc schemas/*
+
+	insinto /etc/snort
+	doins etc/attribute_table.dtd \
+		etc/classification.config \
+		etc/gen-msg.map \
+		etc/reference.config \
+		etc/sid-msg.map \
+		etc/threshold.conf \
+		etc/unicode.map
+
+	newins etc/snort.conf snort.conf.distrib
+
+	insinto /etc/snort/preproc_rules
+	doins preproc_rules/decoder.rules \
+		preproc_rules/preprocessor.rules
+
+	dodir /etc/snort/rules/
+	keepdir /etc/snort/rules/
+
+	fowners -R snort:snort /etc/snort/
+	keepdir /etc/snort/
+
+	newinitd "${FILESDIR}/snort.rc9" snort
+	newconfd "${FILESDIR}/snort.confd" snort
+
+}
+
+pkg_preinst() {
+
+	#Remove the example dunamic rule
+	rm "${D}usr/"$(get_libdir)"/snort_dynamicrules/lib_sfdynamic_example_rule.la"
+	rm "${D}usr/"$(get_libdir)"/snort_dynamicrules/lib_sfdynamic_example_rule.so"
+	rm "${D}usr/"$(get_libdir)"/snort_dynamicrules/lib_sfdynamic_example_rule.so.0"
+	rm "${D}usr/"$(get_libdir)"/snort_dynamicrules/lib_sfdynamic_example_rule.so.0.0.0"
+
+	# Make some changes to snort.conf.distrib
+
+	# Set the correct lib path for dynamicengine, dynamicpreprocessor, and dynamicdetection
+	sed -i -e 's:/usr/local/lib:/usr/'$(get_libdir)':g' \
+		"${D}etc/snort/snort.conf.distrib"
+
+	#Set the correct rule location in the config
+	sed -i -e 's:RULE_PATH ../rules:RULE_PATH /etc/snort/rules:g' \
+		"${D}etc/snort/snort.conf.distrib"
+
+	#Set the correct preprocessor/decoder rule location in the config
+	sed -i -e 's:PREPROC_RULE_PATH ../preproc_rules:PREPROC_RULE_PATH /etc/snort/preproc_rules:g' \
+		"${D}etc/snort/snort.conf.distrib"
+
+	#Enable the preprocessor/decoder rules
+	sed -i -e 's:^# include $PREPROC_RULE_PATH:include $PREPROC_RULE_PATH:g' \
+		"${D}etc/snort/snort.conf.distrib"
+	sed -i -e 's:^# dynamicdetection directory:dynamicdetection directory:g' \
+		"${D}etc/snort/snort.conf.distrib"
+
+	#Just some clean up of trailing /'s in the config
+	sed -i -e 's:snort_dynamicpreprocessor/$:snort_dynamicpreprocessor:g' \
+		"${D}etc/snort/snort.conf.distrib"
+	sed -i -e 's:snort_dynamicrule/$:snort_dynamicrules:g' \
+		"${D}etc/snort/snort.conf.distrib"
+
+	#Make it clear in the config where these are...
+	sed -i -e 's:^include classification.config:include /etc/snort/classification.config:g' \
+		"${D}etc/snort/snort.conf.distrib"
+	sed -i -e 's:^include reference.config:include /etc/snort/reference.config:g' \
+		"${D}etc/snort/snort.conf.distrib"
+
+	#Disable all rule files by default.
+	#Users need to chose what they want enabled.
+	sed -i -e 's:^include $RULE_PATH:# include $RULE_PATH:g' \
+		"${D}etc/snort/snort.conf.distrib"
+
+}
+
+pkg_postinst() {
+	einfo
+	einfo "Snort is a libpcap based packet capture tool which can be used in"
+	einfo "three modes Sniffer Mode, Packet Logger Mode, or Network Intrusion"
+	einfo "Detection System Mode."
+	einfo
+	einfo "To learn more about these modes review the Snort User Manual at..."
+	einfo
+	einfo "http://www.snort.org/docs/"
+	einfo
+	einfo "See /usr/share/doc/${PF} and /etc/snort/snort.conf.distrib for"
+	einfo "information on configuring snort."
+	einfo
+	einfo "Joining the Snort Users and Snort Sigs mailing list is highly"
+	einfo "recommended for all users..."
+	einfo
+	einfo "http://www.snort.org/community/lists.html"
+	einfo
+	elog "Snort-2.8.4-r1 Notes:"
+	elog "The 'ruleperf' USE flag has been removed. The Snort Dev's have"
+	elog "included it in the build by default now."
+	elog
+	elog "The 'stream4udp' USE flag has been removed. It is no"
+	elog "longer a valid compile time option."
+	elog "If you are still using Stream4, you should switch to using Stream5."
+	elog
+	elog "/etc/init.d/snort and /etc/conf.d/snort have been updated to"
+	elog "resolve some bugs with starting and stopping snort."
+	elog "It is important that you update these when you run 'etc-update'"
+	elog
+	elog "The 'community-rules' USE flag has been removed."
+	elog
+	elog "We are no longer distributing rule files via the snort ebuild."
+	elog "There are a couple of reasons for this change..."
+	elog
+	elog "1. Rule files are not versioned making it impossible to use"
+	elog "   portage to update them properly."
+	elog "2. Although some of the rules are still useful, the"
+	elog "   Community Rules are quite old (RELEASED: 2007-04-27) and"
+	elog "   should only be used to supplement the VRT rule set."
+	elog "3. Sourcefire's VRT rule set requires users to register (for free)"
+	elog "   to download them."
+	elog "4. Certain versions of Snort require specific rule set versions"
+	elog "   for proper detection and to prevent Snort from breaking."
+	elog "  (See below.)"
+	elog
+	elog "To download rules for use with Snort please, see the following"
+	elog
+	elog "Sourcefire's VRT Rules and older Community Rules:"
+	elog "http://www.snort.org/pub-bin/downloads.cgi"
+	elog
+	elog "Emerging Threats Rules:"
+	elog "http://www.emergingthreats.net/"
+	elog
+	elog "A good place to put your downloaded rules would be..."
+	elog "/etc/snort/rules"
+	elog
+	elog "To manage updates to your rules please visit..."
+	elog
+	elog "http://oinkmaster.sourceforge.net/"
+	elog
+	elog "and then 'emerge oinkmaster'."
+	elog
+	elog "!!!IMPORTANT!!!"
+	elog "Users upgrading from versions prior to Snort-2.8.4 and are using"
+	elog "the dcerpc or dcerpc2 preprocessor in your snort.conf file"
+	elog "with the netbios rules should be aware of the following"
+	elog "announcements..."
+	elog
+	elog "http://vrt-sourcefire.blogspot.com/2009/04/snort-284-is-nigh.html"
+	elog "http://vrt-sourcefire.blogspot.com/2009/02/important-snort-rule-changes-and-new.html"
+	elog
+}