summaryrefslogtreecommitdiff
path: root/pcr/fwsnort
diff options
context:
space:
mode:
Diffstat (limited to 'pcr/fwsnort')
-rw-r--r--pcr/fwsnort/#PKGBUILD#44
-rw-r--r--pcr/fwsnort/#install_pl.patch#126
-rw-r--r--pcr/fwsnort/PKGBUILD24
3 files changed, 182 insertions, 12 deletions
diff --git a/pcr/fwsnort/#PKGBUILD# b/pcr/fwsnort/#PKGBUILD#
new file mode 100644
index 000000000..a4b666dfa
--- /dev/null
+++ b/pcr/fwsnort/#PKGBUILD#
@@ -0,0 +1,44 @@
+# Contributor (Arch) : Colin Shea <colin@evaryont.me>
+# Maintainer (Parabola): Aurélien DESBRIÈRES <aurelien@hackers.camp>
+
+pkgname=fwsnort
+pkgver=1.6.4
+pkgrel=1
+pkgdesc="application layer IDS/IPS by translating snort rules into iptables"
+arch=('any')
+url="http://www.cipherdyne.org/fwsnort/"
+license=('GPL')
+# net-tools: sorry, but fwsnort needs ifconfig. Doesn't support iproute yet
+depends=('perl' 'perl-netaddr-ip' 'perl-iptables-parse' 'iptables' 'net-tools')
+makedepends=('wget')
+source=(http://www.cipherdyne.org/$pkgname/download/$pkgname-$pkgver.tar.bz2
+ )
+
+options=(emptydirs)
+
+build() {
+ cd "$srcdir/$pkgname-$pkgver"
+
+ # fix up the installer for our purposes:
+ # - removes the root check
+ # - includes sbin as another place to check for binares
+ # - fixes various paths for utilities & the man page
+ #patch -p1 -i $srcdir/install_pl.patch
+
+ # -S skips installing the perl modules, which we did with packages
+ # and --install-test-dir sets the INSTALL_ROOT to src/../test/fwsnort-test. An
+ # easy way to collect all the files into 1
+ #./install.pl -S --install-test-dir
+}
+
+#package() {
+ #cp -r $srcdir/fwsnort-$pkgver/test/fwsnort-install/* -t $pkgdir
+ # delete references to $pkgdir from fwsnort; they were made by the installer
+ # as part of installing to the test dir
+ #cp -f $srcdir/fwsnort-$pkgver/fwsnort.conf $pkgdir/etc/fwsnort/fwsnort.conf
+
+ # avoid a 'warning: directory permissions differ on etc/' line from pacman
+ #chmod 755 $pkgdir/etc
+#}
+
+# vim:set ts=2 sw=2 et:
diff --git a/pcr/fwsnort/#install_pl.patch# b/pcr/fwsnort/#install_pl.patch#
new file mode 100644
index 000000000..cf0602d04
--- /dev/null
+++ b/pcr/fwsnort/#install_pl.patch#
@@ -0,0 +1,126 @@
+diff -u fwsnort-1.6.4-1/install.pl fwsnort-1..3/install.pl
+--- fwsnort-1.6.3-2/install.pl 2012-12-24 21:31:28.597018440 -0700
++++ fwsnort-1.6.3/install.pl 2012-12-24 21:40:38.564569377 -0700
+@@ -45,7 +45,7 @@
+ my $perlCmd = '/usr/bin/perl';
+ my $makeCmd = '/usr/bin/make';
+ my $wgetCmd = '/usr/bin/wget';
+-my $gzipCmd = '/bin/gzip';
++my $gzipCmd = '/usr/bin/gzip';
+ my $tarCmd = '/bin/tar';
+ #======================= end config ======================
+
+@@ -129,10 +129,6 @@
+ ### make sure the system binaries are where we think they are.
+ &check_commands();
+
+-### check to make sure we are running as root
+-$< == 0 && $> == 0 or die "You need to be root (or equivalent UID 0",
+- " account) to install/uninstall fwsnort!\n";
+-
+ if ($uninstall) {
+ &uninstall();
+ } else {
+@@ -154,10 +150,10 @@
+ "sources directory." unless -e 'fwsnort' and -e 'fwsnort.conf';
+
+ unless (-d $config{'CONF_DIR'}) {
+- &full_mkdir($config{'CONF_DIR'}, 0500);
++ &full_mkdir($config{'CONF_DIR'}, 0700);
+ }
+ unless (-d $config{'RULES_DIR'}) {
+- &full_mkdir($config{'RULES_DIR'}, 0500);
++ &full_mkdir($config{'RULES_DIR'}, 0700);
+ }
+
+ ### install perl modules
+@@ -336,52 +332,11 @@
+
+ sub install_manpage() {
+ my $manpage = 'fwsnort.8';
+- ### remove old man page
+- unlink "/usr/local/man/man8/${manpage}" if
+- (-e "/usr/local/man/man8/${manpage}");
+
+ ### default location to put the fwsnort man page, but check with
+ ### /etc/man.config
+- my $mpath = '/usr/share/man/man8';
+- if (-e '/etc/man.config') {
+- ### prefer to install $manpage in /usr/local/man/man8 if
+- ### this directory is configured in /etc/man.config
+- open M, '< /etc/man.config' or
+- die "[*] Could not open /etc/man.config: $!";
+- my @lines = <M>;
+- close M;
+- ### prefer the path "/usr/share/man"
+- my $found = 0;
+- for my $line (@lines) {
+- chomp $line;
+- if ($line =~ m|^MANPATH\s+/usr/share/man|) {
+- $found = 1;
+- last;
+- }
+- }
+- ### try to find "/usr/local/man" if we didn't find /usr/share/man
+- unless ($found) {
+- for my $line (@lines) {
+- chomp $line;
+- if ($line =~ m|^MANPATH\s+/usr/local/man|) {
+- $mpath = '/usr/local/man/man8';
+- $found = 1;
+- last;
+- }
+- }
+- }
+- ### if we still have not found one of the above man paths,
+- ### just select the first one out of /etc/man.config
+- unless ($found) {
+- for my $line (@lines) {
+- chomp $line;
+- if ($line =~ m|^MANPATH\s+(\S+)|) {
+- $mpath = $1;
+- last;
+- }
+- }
+- }
+- }
++ my $mpath = $config{'INSTALL_ROOT'}.'/usr/share/man/man8';
++
+ &full_mkdir($mpath, 0755);
+ my $mfile = "${mpath}/${manpage}";
+ print "[+] Installing $manpage man page as $mfile\n";
+@@ -532,6 +487,9 @@
+ /bin
+ /usr/bin
+ /usr/local/bin
++ /sbin
++ /usr/sbin
++ /usr/local/sbin
+ );
+ CMD: for my $cmd (keys %cmds) {
+ unless (-x $cmds{$cmd}) {
+diff -u fwsnort-1.6.3-2/fwsnort.conf fwsnort-1.6.3/fwsnort.conf
+--- fwsnort-1.6.3-2/fwsnort.conf 2012-12-24 22:39:21.323178467 -0700
++++ fwsnort-1.6.3/fwsnort.conf 2012-12-24 22:41:52.172194457 -0700
+@@ -103,14 +103,14 @@
+
+ ### system binaries
+ shCmd /bin/sh;
+-echoCmd /bin/echo;
++echoCmd /usr/bin/echo;
+ tarCmd /bin/tar;
+ wgetCmd /usr/bin/wget;
+ unameCmd /usr/bin/uname;
+ ifconfigCmd /sbin/ifconfig;
+-iptablesCmd /sbin/iptables;
+-iptables-saveCmd /sbin/iptables-save;
+-iptables-restoreCmd /sbin/iptables-restore;
+-ip6tablesCmd /sbin/ip6tables;
+-ip6tables-saveCmd /sbin/ip6tables-save;
+-ip6tables-restoreCmd /sbin/ip6tables-restore;
++iptablesCmd /usr/sbin/iptables;
++iptables-saveCmd /usr/sbin/iptables-save;
++iptables-restoreCmd /usr/sbin/iptables-restore;
++ip6tablesCmd /usr/sbin/ip6tables;
++ip6tables-saveCmd /usr/sbin/ip6tables-save;
++ip6tables-restoreCmd /usr/sbin/ip6tables-restore;
diff --git a/pcr/fwsnort/PKGBUILD b/pcr/fwsnort/PKGBUILD
index b4983658d..a4b666dfa 100644
--- a/pcr/fwsnort/PKGBUILD
+++ b/pcr/fwsnort/PKGBUILD
@@ -1,9 +1,9 @@
-# Contributor: Colin Shea <colin@evaryont.me>
-# Maintainer : Parabola GNU / Linux-libre Aurélien DESBRIÈRES <aurelien@hackers.camp>
+# Contributor (Arch) : Colin Shea <colin@evaryont.me>
+# Maintainer (Parabola): Aurélien DESBRIÈRES <aurelien@hackers.camp>
pkgname=fwsnort
-pkgver=1.6.3
-pkgrel=3
+pkgver=1.6.4
+pkgrel=1
pkgdesc="application layer IDS/IPS by translating snort rules into iptables"
arch=('any')
url="http://www.cipherdyne.org/fwsnort/"
@@ -12,7 +12,7 @@ license=('GPL')
depends=('perl' 'perl-netaddr-ip' 'perl-iptables-parse' 'iptables' 'net-tools')
makedepends=('wget')
source=(http://www.cipherdyne.org/$pkgname/download/$pkgname-$pkgver.tar.bz2
- 'install_pl.patch')
+ )
options=(emptydirs)
@@ -23,22 +23,22 @@ build() {
# - removes the root check
# - includes sbin as another place to check for binares
# - fixes various paths for utilities & the man page
- patch -p1 -i $srcdir/install_pl.patch
+ #patch -p1 -i $srcdir/install_pl.patch
# -S skips installing the perl modules, which we did with packages
# and --install-test-dir sets the INSTALL_ROOT to src/../test/fwsnort-test. An
# easy way to collect all the files into 1
- ./install.pl -S --install-test-dir
+ #./install.pl -S --install-test-dir
}
-package() {
- cp -r $srcdir/fwsnort-$pkgver/test/fwsnort-install/* -t $pkgdir
+#package() {
+ #cp -r $srcdir/fwsnort-$pkgver/test/fwsnort-install/* -t $pkgdir
# delete references to $pkgdir from fwsnort; they were made by the installer
# as part of installing to the test dir
- cp -f $srcdir/fwsnort-$pkgver/fwsnort.conf $pkgdir/etc/fwsnort/fwsnort.conf
+ #cp -f $srcdir/fwsnort-$pkgver/fwsnort.conf $pkgdir/etc/fwsnort/fwsnort.conf
# avoid a 'warning: directory permissions differ on etc/' line from pacman
- chmod 755 $pkgdir/etc
-}
+ #chmod 755 $pkgdir/etc
+#}
# vim:set ts=2 sw=2 et: