# Copyright 1999-2010 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 # $Header: /var/cvsroot/gentoo-x86/net-analyzer/barnyard2/barnyard2-1.8.ebuild,v 1.3 2010/06/17 21:44:24 patrick Exp $ inherit eutils DESCRIPTION="Parser for Snort unified/unified2 files" HOMEPAGE="http://www.securixlive.com/barnyard2/" SRC_URI="http://www.securixlive.com/download/barnyard2/${P}.tar.gz" SLOT="0" LICENSE="GPL-2" KEYWORDS="~amd64 ~x86" IUSE="static debug aruba gre mpls prelude ipv6 mysql odbc postgres" DEPEND="virtual/libpcap mysql? ( virtual/mysql ) postgres? ( dev-db/postgresql-server ) prelude? ( >=dev-libs/libprelude-0.9.0 ) odbc? ( dev-db/unixODBC )" src_unpack() { unpack ${A} cd "${S}" } src_compile() { local myconf econf \ $(use_enable !static shared) \ $(use_enable static) \ $(use_enable debug) \ $(use_enable aruba) \ $(use_enable gre) \ $(use_enable mpls) \ $(use_enable prelude) \ $(use_enable ipv6) \ $(use_with mysql) \ $(use_with odbc) \ $(use_with postgres postgresql) \ --without-oracle \ ${myconf} emake || die "make failed" } src_install () { make DESTDIR="${D}" install || die "make install failed" dodir /etc/barnyard2 # A spool dir is needed to start BY2 and this is the most likely choice. dodir /var/log/snort # BY2 doesn't write logs to this dir unless a logging type output plugin # is chosen, but BY2 will not start without a log dir defined. dodir /var/log/barnyard2 dodoc doc/INSTALL \ doc/README \ doc/README.aruba \ doc/README.database \ doc/README.sguil \ LICENSE \ RELEASE.NOTES dodoc schemas/create_db2 \ schemas/create_mssql \ schemas/create_mysql \ schemas/create_oracle.sql \ schemas/create_postgresql insinto /etc/barnyard2 newins etc/barnyard2.conf barnyard2.conf.distrib einfo "Making changes to barnyard2.conf.distrib." sed -i -e "s:^#config interface:config interface:" \ "${D}etc/barnyard2/barnyard2.conf.distrib" \ || die "Failed to update barnyard2.conf.distrib" sed -i -e "s:^output alert_fast:#output alert_fast:" \ "${D}etc/barnyard2/barnyard2.conf.distrib" \ || die "Failed to update barnyard2.conf.distrib" newconfd "${FILESDIR}/barnyard2.confd" barnyard2 \ || die "Failed to add barnyard2.confd" newinitd "${FILESDIR}/barnyard2.initd" barnyard2 \ || die "Failed to add barnyard2.initd" } pkg_postinst() { einfo einfo "Barnyard2 is a fork of the original barnyard project " einfo "(which is no longer under development)." einfo einfo "Barnyard2 is designed specifically for Snort's new unified2" einfo "file format. Barnyard2 is under active development and continues" einfo "to adapt based on user feedback." elog elog "For confiuration options, take a look at..." elog elog "/etc/barnyard2/barnyard2.conf.distrib" elog ewarn "The following output plugins are considered 'beta' for ${P}" ewarn "So your milage may very if you use them." ewarn ewarn "alert_arrubaaction" ewarn "alert_cef" ewarn "alert_prelude" ewarn "alert_unixsock" ewarn ewarn "For a list of stable output plugins see..." ewarn ewarn "http://www.securixlive.com/barnyard2/index.php" ewarn ewarn "IMPORTANT:" ewarn ewarn "The settings for 'INTERFACE=' in /etc/conf.d/barnyard2 and" ewarn "for 'config interface' in /etc/barnyard2/barnyard2.conf" ewarn "must be the same!! The PID file for barnyard2 takes the form of" ewarn "barnyard2_.pid. If conf.d and barnyard2.conf" ewarn "do not match then doing '/etc/init.d/barnyard2 stop' will not work." ewarn }