snort

2 files changed, 35 insertions, 22 deletions

diff --git a/pcr/snort/PKGBUILD b/pcr/snort/PKGBUILD
index a92d8cb43..78eaa633e 100644
--- a/pcr/snort/PKGBUILD
+++ b/pcr/snort/PKGBUILD
@@ -1,37 +1,34 @@
-# $Id: PKGBUILD 78820 2012-10-25 06:47:28Z foutrelis $
-# Contributor (Arch): Lukas Fleischer <archlinux at cryptocrack dot de>
-# Contributor (Arch): Hugo Doria <hugo@archlinux.org>
-# Contributor (Arch): Kessia 'even' Pinheiro <kessiapinheiro at gmail.com>
-# Contributor (Arch): dorphell <dorphell@archlinux.org>
-# Contributor (Arch): Gregor Ibic <gregor.ibic@intelicom.si>
-# Maintainer : Parabola GNU / Linux-libre Aurelien Desbrieres <aurelien@cwb.io>
+# Contributor (Arch)     : M0Rf30
+# Contributor (Arch)     : Lukas Fleischer <archlinux at cryptocrack dot de>
+# Contributor (Arch)     : Hugo Doria <hugo@archlinux.org>
+# Contributor (Arch)     : Kessia 'even' Pinheiro <kessiapinheiro at gmail.com>
+# Contributor (Arch)     : dorphell <dorphell@archlinux.org>
+# Contributor (Arch)     : Gregor Ibic <gregor.ibic@intelicom.si>
+# Maintainer  (Parabola) : Aurélien DESBRIÈRES <aurelien@hackers.camp>
 
 pkgname=snort
-pkgver=2.9.3.1
-pkgrel=1
+pkgver=2.9.6.1
+pkgrel=2
 pkgdesc='A lightweight network intrusion detection system.'
 arch=('i686' 'x86_64')
 url='http://www.snort.org'
 license=('GPL')
-depends=('libdaq' 'libdnet' 'libpcap' 'pcre' 'zlib')
-makedepends=('ca-certificates')
-backup=('etc/conf.d/snort'
-        'etc/snort/snort.conf'
+depends=('libdaq' 'libdnet' 'libpcap' 'openssl' 'pcre' 'zlib')
+backup=('etc/snort/snort.conf'
         'etc/snort/threshold.conf'
-        'etc/snort/confreference.config'
+        'etc/snort/reference.config'
         'etc/snort/classification.config')
 options=('!makeflags' '!libtool')
 install='snort.install'
-source=("http://www.snort.org/dl/snort-current/${pkgname}-${pkgver}.tar.gz"{,.sig}
-        'snort'
-        'snort.conf.d')
+source=("http://www.snort.org/dl/snort-current/${pkgname}-${pkgver}.tar.gz"
+	"http://rules.emergingthreats.net/open/${pkgname}-2.9.0/emerging.rules.tar.gz"
+	'snort.service')
 
 build() {
   cd "${srcdir}/${pkgname}-${pkgver}"
-
   ./configure --prefix=/usr --sysconfdir=/etc/snort --with-libpcap-includes=/usr/include/pcap \
-              --without-mysql --without-postgresql --without-oracle --without-odbc --enable-zlib \
-              --enable-ipv6
+	      --with-daq-includes=/usr/include --with-daq-libraries=/usr/lib/ \
+              --enable-zlib --disable-static-daq
   make
 }
 
@@ -44,8 +41,14 @@ package() {
 
   install -d -m755 "${pkgdir}/var/log/snort"
   install -D -m644 etc/{*.conf*,*.map} "${pkgdir}/etc/snort/"
-  install -D -m644 "${srcdir}/snort.conf.d" "${pkgdir}/etc/conf.d/snort"
-  install -D -m755 "${srcdir}/snort" "${pkgdir}/etc/rc.d/snort"
+
+# init service file
+  install -D -m644 ../snort.service $pkgdir/usr/lib/systemd/system/snort.service
 
   sed -i 's#/usr/local/lib/#/usr/lib/#' "${pkgdir}/etc/snort/snort.conf"
+
+# emerginthreats rules
+  echo 'include $RULE_PATH/emerging.conf' >> "${pkgdir}/etc/snort/snort.conf"
+  cp ${srcdir}/rules/* "${pkgdir}/etc/snort/rules"
 }
+
diff --git a/pcr/snort/snort.service b/pcr/snort/snort.service
new file mode 100644
index 000000000..d3d0da01f
--- /dev/null
+++ b/pcr/snort/snort.service
@@ -0,0 +1,10 @@
+[Unit]
+Description=Snort IDS system listening on '%I'
+
+[Service]
+Type=simple
+ExecStartPre=/usr/sbin/ip link set up dev %I
+ExecStart=/usr/bin/snort -A fast -b -p -u snort -g snort -c /etc/snort/snort.conf -i %I
+
+[Install]
+Alias=multi-user.target.wants/snort@eth0.service