diff options
| author | Amish | 2018-04-11 17:23:09 +0530 |
|---|---|---|
| committer | Amish | 2018-04-11 17:23:09 +0530 |
| commit | 094878c754bd942a15cb15ffcfdbe4baf88f545c (patch) | |
| tree | 87447bc5e4ae41ee0fe7310efa7367d6bcf8782e /PKGBUILD | |
| parent | ad764d168b6202a8b40412f93603ce6a85dcaac7 (diff) | |
| download | aur-094878c754bd942a15cb15ffcfdbe4baf88f545c.tar.gz | |
Simplify package building and try to do some cool stuff!
Diffstat (limited to 'PKGBUILD')
| -rw-r--r-- | PKGBUILD | 55 |
1 files changed, 34 insertions, 21 deletions
@@ -9,7 +9,7 @@ pkgname=snort-nfqueue _pkgname=snort pkgver=2.9.11.1 -pkgrel=1 +pkgrel=2 pkgdesc='A lightweight network intrusion detection system.' arch=('i686' 'x86_64') url='http://www.snort.org' @@ -28,16 +28,14 @@ backup=('etc/snort/snort.conf' options=('!makeflags' '!libtool') install='snort.install' source=("https://www.snort.org/downloads/snort/${_pkgname}-${pkgver}.tar.gz" - 'snort.conf' - 'homenet.conf' - 'local.rules' - 'logrotate' + 'snort.logrotate' + 'snort.sysusers' + 'snort.tmpfiles' 'snort.service') sha256sums=('9f6b3aeac5a109f55504bd370564ac431cb1773507929dc461626898f33f46cd' - '2c5994e2442f6e4c881e00d6c619aab80f90ac4481b9bff5d3bea43953438d52' - 'b65d8d8e37f686244dfb7293b1ea378f1dfd8141c14dbaf5e83dba9440152808' - 'ec4d81936b3905ba980ee694ae77ad15d5adda45c9f87fa0c27adc38f11bca08' - '4df93871c41f94d688a6c8b9762fa221a703b54d309ee1436c90eebbd3fb8c9d' + '7fe712141f651254b8e5aa0b3b7d73622d2d1d89bf53d7a522f8c1a067938421' + 'ae3245c5de527fb487c459f2f4a9c78803ae6341e9c81b9a404277679cdee051' + 'a92c591c409fc06661865988795093b0fb0447f614ac77951dbf9b1f6a8cf139' 'b904ed172ea0c1a4eeaddb30745aadb8db21e333eb9faaf93400ce3db166f90d') build() { @@ -50,19 +48,34 @@ build() { package() { cd "${srcdir}/${_pkgname}-${pkgver}" - make DESTDIR="${pkgdir}" install - install -d -m750 "${pkgdir}/var/log/snort/old" - chmod 750 "${pkgdir}/var/log/snort" - chown -R 29:29 "${pkgdir}/var/log/snort" + install -D -m644 -t "${pkgdir}"/etc/snort etc/{*.conf*,*.map} + install -D -m644 "${srcdir}"/snort.logrotate "${pkgdir}"/etc/logrotate.d/snort + install -D -m644 "${srcdir}"/snort.tmpfiles "${pkgdir}"/usr/lib/tmpfiles.d/snort.conf + install -D -m644 "${srcdir}"/snort.sysusers "${pkgdir}"/usr/lib/sysusers.d/snort.conf + install -D -m644 "${srcdir}"/snort.service "${pkgdir}"/usr/lib/systemd/system/snort.service + install -d -m755 "${pkgdir}"/etc/snort/{dynamic,}rules - install -D -m644 etc/{*.conf*,*.map} "${pkgdir}/etc/snort/" - install -D -m644 ../snort.conf ../homenet.conf "${pkgdir}/etc/snort/" - install -D -m644 ../local.rules "${pkgdir}/etc/snort/rules/" - touch "${pkgdir}/etc/snort/rules/snort.rules" - chmod 644 "${pkgdir}/etc/snort/rules/snort.rules" - install -D -m644 ../snort.service "${pkgdir}/usr/lib/systemd/system/snort.service" - sed -i 's#/usr/local/lib/#/usr/lib/#' "${pkgdir}/etc/snort/snort.conf" - install -Dm644 ../logrotate "${pkgdir}/etc/logrotate.d/snort" + install -Dm644 /dev/null "${pkgdir}"/etc/snort/rules/snort.rules + echo 'ipvar HOME_NET [10.0.0.0/8,172.16.0.0/12,192.168.0.0/16]' > "${pkgdir}"/etc/snort/homenet.conf + echo '#alert tcp any any <> any 80 (msg: "Test web activity"; sid:1000001;)' > "${pkgdir}"/etc/snort/rules/local.rules + chmod 0644 "${pkgdir}"/etc/snort/{homenet.conf,rules/{local,snort}.rules} + + # config for NFQUEUE support, rule files and output logging + install -m644 "${pkgdir}"/etc/snort/snort.conf "${pkgdir}"/etc/snort/snort.conf.default + sed -i -e '/ipvar\s\+HOME_NET\s/ a include homenet.conf' \ + -e 's/^\(ipvar\s\+HOME_NET\s\)/#\1/g' \ + -e 's/^\(var\s\+RULE_PATH\s\).*/\1rules/g' \ + -e 's/^\(include\s\+$RULE_PATH\/\)/#\1/g' \ + -e 's/^#\(include\s\+$RULE_PATH\/local.rules\)/\1/g' \ + -e 's#/usr/local/lib#/usr/lib#g' \ + -e 's#/usr/local/lib/snort_dynamicrules#/etc/snort/dynamicrules#g' \ + -e 's#/usr/lib/snort_dynamicrules#/etc/snort/dynamicrules#g' \ + -e '/^preprocessor\s\+reputation:\s/,/^\s\+blacklist\s/ s/^/#/g' \ + -e $'/^#\\s*config daq:/,/^\\s*$/ {/^\\s*$/i\\\nconfig daq: nfq\\\nconfig daq_mode: inline\\\nconfig daq_dir: /usr/lib/daq\\\n#config daq_var: queue=0\n}' \ + -e $'/^#\\s*output\\s\\+unified2:\\s/ a\\\noutput unified2: filename snort_unified.log, limit 128\\\n\\\n# alert fast\\\noutput alert_fast: alert' \ + -e $'/include\\s\\+$RULE_PATH\\/local.rules/ i\\\n\\\n# fetched via pulledpork\\\ninclude $RULE_PATH/snort.rules\\\n\\\n# emergingthreats\\\n#include $RULE_PATH/emerging.conf\\\n' \ + "${pkgdir}"/etc/snort/snort.conf + install -m644 "${pkgdir}"/etc/snort/snort.conf "${pkgdir}"/etc/snort/snort-nfqueue.conf.default } |