rpms/bro/devel bro-20080804-configurein.patch, NONE, 1.1 bro-20080804-installpolicy.patch, NONE, 1.1 bro-20080804.cfg, NONE, 1.1 bro-20080804.rc, NONE, 1.1 bro.spec, NONE, 1.1 import.log, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
Daniel Kopeček
mildew at fedoraproject.org
Mon Aug 25 15:59:54 UTC 2008
- Previous message (by thread): rpms/kdelibs/devel kdelibs.spec,1.365,1.366
- Next message (by thread): rpms/mapnik/devel gcc43-warnings.patch, NONE, 1.1 import.log, NONE, 1.1 mapnik-data.license, NONE, 1.1 mapnik.spec, NONE, 1.1 no_date_footer.html, NONE, 1.1 use-system-fonts.patch, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: mildew
Update of /cvs/pkgs/rpms/bro/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv710/devel
Modified Files:
.cvsignore sources
Added Files:
bro-20080804-configurein.patch
bro-20080804-installpolicy.patch bro-20080804.cfg
bro-20080804.rc bro.spec import.log
Log Message:
Initial commit
bro-20080804-configurein.patch:
--- NEW FILE bro-20080804-configurein.patch ---
diff -up bro-20080804/configure.in.orig bro-20080804/configure.in
--- bro-20080804/configure.in.orig 2008-08-08 15:18:40.000000000 +0200
+++ bro-20080804/configure.in 2008-08-08 15:19:34.000000000 +0200
@@ -272,7 +272,7 @@ AM_CONDITIONAL(USE_NMALLOC, false)
dnl Our resolver tests below include an absolute libray location.
dnl This is its default, it may be changed for some OSs.
-bro_absolute_libresolv="/usr/lib/libresolv.a"
+bro_absolute_libresolv=""
case "$target_os" in
@@ -319,7 +319,7 @@ linux*)
AC_MSG_ERROR(version 2 or higher required; see the INSTALL doc for more info)
fi
if test "a$build_cpu" = "ax86_64"; then
- bro_absolute_libresolv="/usr/lib64/libresolv.a"
+ bro_absolute_libresolv=""
fi
;;
bro-20080804-installpolicy.patch:
--- NEW FILE bro-20080804-installpolicy.patch ---
diff -up bro-20080804/policy/Makefile.am.orig bro-20080804/policy/Makefile.am
--- bro-20080804/policy/Makefile.am.orig 2008-07-29 22:40:43.000000000 +0200
+++ bro-20080804/policy/Makefile.am 2008-08-07 21:33:14.000000000 +0200
@@ -10,7 +10,7 @@ MOSTLYCLEANFILES = \
smb-rw.bif.bro smtp-rw.bif.bro strings.bif.bro
# doesn't end in a sig
-bropolicydir=${datadir}/bro
+bropolicydir=$(datadir)/bro
dist_bropolicy_DATA = bro.init adu.bro alarm.bro analy.bro \
anon.bro arp.bro backdoor.bro bittorrent.bro \
blaster.bro bt-tracker.bro brolite.bro \
@@ -59,18 +59,18 @@ dist_bropolicy_DATA = bro.init adu.bro a
install-data-hook:
- $(INSTALL_DATA) bro.bif.bro ${bropolicydir}
- $(INSTALL_DATA) common-rw.bif.bro ${bropolicydir}
- $(INSTALL_DATA) const.bif.bro ${bropolicydir}
- $(INSTALL_DATA) dns-rw.bif.bro ${bropolicydir}
- $(INSTALL_DATA) event.bif.bro ${bropolicydir}
- $(INSTALL_DATA) finger-rw.bif.bro ${bropolicydir}
- $(INSTALL_DATA) ftp-rw.bif.bro ${bropolicydir}
- $(INSTALL_DATA) http-rw.bif.bro ${bropolicydir}
- $(INSTALL_DATA) ident-rw.bif.bro ${bropolicydir}
- $(INSTALL_DATA) smb-rw.bif.bro ${bropolicydir}
- $(INSTALL_DATA) smtp-rw.bif.bro ${bropolicydir}
- $(INSTALL_DATA) strings.bif.bro ${bropolicydir}
+ $(INSTALL_DATA) bro.bif.bro $(DESTDIR)${bropolicydir}/bro.bif.bro
+ $(INSTALL_DATA) common-rw.bif.bro $(DESTDIR)${bropolicydir}/common-rw.bif.bro
+ $(INSTALL_DATA) const.bif.bro $(DESTDIR)${bropolicydir}/const.bif.bro
+ $(INSTALL_DATA) dns-rw.bif.bro $(DESTDIR)${bropolicydir}/dns-rw.bif.bro
+ $(INSTALL_DATA) event.bif.bro $(DESTDIR)${bropolicydir}/event.bif.bro
+ $(INSTALL_DATA) finger-rw.bif.bro $(DESTDIR)${bropolicydir}/finger-rw.bif.bro
+ $(INSTALL_DATA) ftp-rw.bif.bro $(DESTDIR)${bropolicydir}/ftp-rw.bif.bro
+ $(INSTALL_DATA) http-rw.bif.bro $(DESTDIR)${bropolicydir}/http-rw.bif.bro
+ $(INSTALL_DATA) ident-rw.bif.bro $(DESTDIR)${bropolicydir}/ident-rw.bif.bro
+ $(INSTALL_DATA) smb-rw.bif.bro $(DESTDIR)${bropolicydir}/smb-rw.bif.bro
+ $(INSTALL_DATA) smtp-rw.bif.bro $(DESTDIR)${bropolicydir}/smtp-rw.bif.bro
+ $(INSTALL_DATA) strings.bif.bro $(DESTDIR)${bropolicydir}/strings.bif.bro
uninstall-local:
rm -f ${bropolicydir}/bro.bif.bro
--- NEW FILE bro-20080804.cfg ---
# Source file config for running bro
# host only format
BRO_HOSTNAME=`hostname | awk -F. ' { print } '`
# FQDN format
# HOSTNAME=`hostname`
# Directory containing Bro binaries
BRO_BIN_DIR="/usr/bin"
# Filename of the Bro start policy
# START_POLICY="default.bro"
BRO_START_POLICY="localhost.bro"
# Directory containing Bro logs
BROLOGS="/var/log/bro"
export BROLOGS
# Log archive directory
BRO_LOG_ARCHIVE="/var/log/bro/archive"
# Directory containing Bro signature files
BRO_SIG_DIR="/usr/share/bro/sigs"
# Bro policy paths
# Location of site specific policy and configurations
BROSITE="/var/lib/bro/site"
# Location of host specific policy and configurations
BROHOST="/var/lib/bro/host"
BROPATH="${BROSITE}:${BROHOST}:/usr/share/bro/site:/usr/share/bro"
export BROPATH
# A prefix to use when looking for local policy files to load.
# BRO_PREFIX="local"
# Location of the Bro executable
BRO="${BRO_BIN_DIR}/bro"
# Base command line options.
BRO_ADD_OPTS=" -W"
# Turn on Bro's Watchdog feature
BRO_OPTS="${BRO_ADD_OPTS}"
# Interface name to listen on. The default is to use the busiest one found.
BRO_CAPTURE_INTERFACE="eth0"
# Multiple interface should be specified as a space delimited list.
# Examples:
# CAPTURE_INTERFACE="sk0 sk1 sk5"
# CAPTURE_INTERFACE="eth0 eth3"
# CAPTURE_INTERFACE="eth0"
# If set to YES and there are any signature files ending with .bro in $SIG_DIR
# then they will be started with bro. Set to NO to disable signatures
# Set to YES to enable bro to run with 'signature matching' on (YES/NO)
BRO_USE_SIGNATURES=YES
# Shoud a trace (tcpdump) file be created in the log directory (YES/NO)
BRO_CREATE_TRACE_FILE=NO
# How long to wait during checkpointing after startin a new Bro process and
# stopping the old one. This value is in seconds
BRO_CHECKPOINT_OVERLAP_TIME=20
# Starting time for a report run (0001 is 12:01 am and 1201 is 12:01pm)
BRO_REPORT_START_TIME=0010
# How often (in hours) to generate an activity report
BRO_REPORT_INTERVAL=24
# This is the how often to rotate the logs (in hours)
BRO_LOG_ROTATE_INTERVAL=24
# This is the how often to restart bro (in hours)
BRO_CHECKPOINT_INTERVAL=24
# The maximum time allowed for a Bro process to cleanup and exit
# This value is in seconds
BRO_MAX_SHUTDOWN_TIME=$(( 60 * 60 * 2 )) # 2 hours
# Use this to enable the init script to autorestart Bro in the event of an
# unexpected shutdown. The value should be YES or NO
BRO_ENABLE_AUTORESTART="YES"
# A value less than 1 means there will be no limit to the number of restarts
# Maximum times to try to auto-restart Bro before giving up.
BRO_MAX_RESTART_ATTEMPTS=-1
# Location of the run-time variable directory. This is normally /var/run/bro
# and contains the pidfile and other temporal data.
BRO_RUNTIME_DIR="/var/run/bro"
# Email address for local reports to be mailed to
BRO_EMAIL_LOCAL="root at localhost"
# Email address to send from
BRO_EMAIL_FROM="bro at localhost"
# Do you want to send external reports to a incident reporting org (e.g.: CERT, CIAC, etc)
BRO_EMAIL_EXTERNAL="NO"
# Email address for remote reports to be mailed to
BRO_EMAIL_REMOTE="foo at example.bar"
# User id to install and run Bro under
BRO_USER_ID="bro"
# Site name for reports (i.e. LBNL, FOO.COM, BAZ.ORG)
BRO_SITE_NAME=""
# Do you want to encrypt email reports (YES/NO)
BRO_ENCRYPT_EMAIL="NO"
# Location of GPG binary or encrypting email
BRO_GPG_BIN="/usr/bin/gpg"
# Default BPF buffer
BRO_BPF_BUFSIZE=4194304
# Do BPF bonding
BRO_BPFBOND_ENABLE="NO"
# Interfaces to bond
BRO_BPFBOND_FLAGS="em0 em1"
# diskspace management settings
# Should I manage diskspace
BRO_DISKSPACE_ENABLE="YES"
# percent full to worry about
BRO_DISKSPACE_PCT=90
# account watching disk space
BRO_DISKSPACE_WATCHER="root"
# days before deleting old logs
BRO_DAYS_2_DELETION=45
# days before compressing logs
BRO_DAYS_2_COMPRESSION=20
# Bulk data capture settings
# Buld data directory
BRO_BULK_DIR="${BROLOGS}/bulk-trace"
# Capture filter for bulk data
BRO_BULK_CAPTURE_FILTER=""
# days before deleting bulk data
BRO_BULK_DAYS_2_DELETION=4
# days before compressing bulk data
BRO_BULK_DAYS_2_COMPRESSION=2
# location of sorted log files, needed by Brooery
BROOERY_LOGS="${BROLOGS}/sorted-logs"
--- NEW FILE bro-20080804.rc ---
#!/bin/sh
#
# Bro - Open-source, Unix-based Network Intrusion Detection System
#
# chkconfig: - 57 30
# description: Bro is an open-source, Unix-based Network Intrusion Detection System (NIDS) \
# that passively monitors network traffic and looks for suspicious activity.
#
### BEGIN INIT INFO
# Provides:
# Required-Start:
# Required-Stop:
# Should-Start:
# Should-Stop:
# Default-Start:
# Default-Stop:
# Short-Description:
# Description:
### END INIT INFO
# Source function library.
. /etc/rc.d/init.d/functions
exec="/usr/bin/bro"
prog="bro"
config="/etc/sysconfig/bro"
syslog_cmd="logger"
[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
lockfile=/var/lock/subsys/$prog
fexists () {
[ -f "${1}" ] || exit 1
exit 0
}
dexists () {
[ -d "${1}" ] || exit 1
exit 0
}
start() {
[ -x $exec ] || exit 5
[[ -f "${config}" && \
-w "${BROLOGS}" && \
-d "${BRO_BIN_DIR}" && \
-d "${BRO_LOG_ARCHIVE}" && \
-d "${BRO_SIG_DIR}" && \
-d "${BROSITE}" && \
-d "${BROHOST}" && \
-f "${BRO}" ]] || exit 6
local current_date
local trace_file
local cmd_opts
cmd_opts="${BRO_OPTS}"
current_date="$(date +%y-%m-%d_%H.%M.%S)"
export \
BRO_LOG_SUFFIX="${BRO_HOSTNAME}.${current_date}"
trace_file="${BROLOGS}/trace.${BRO_LOG_SUFFIX}"
info_file="${BROLOGS}/info.${BRO_LOG_SUFFIX}"
if [ "${BRO_CREATE_TRACE_FILE}" = 'YES' -o "${BRO_CREATE_TRACE_FILE}" = 'yes' ]; then
cmd_opts="${cmd_opts} -w \"${trace_file}\""
fi
if [ -n "${BRO_CAPTURE_INTERFACE}" ]; then
for _intf in ${BRO_CAPTURE_INTERFACE}; do
cmd_opts="${cmd_opts} -i ${_intf}"
done
fi
if [ -n "${BRO_START_POLICY}" ]; then
cmd_opts="${cmd_opts} ${BRO_START_POLICY}"
else
echo "${prog}: No start policy file specified." >&2
fi
cd "${BROLOGS}" || exit 6
echo -n $"Starting $prog: "
"${exec}" ${cmd_opts} >> "${info_file}" 2>&1 &
retval=$?
newpid=$!
if [ "${retval}" = '0' -o -z "${retval}" ]; then
for ((i=1; i < 11; i++)); do
if [ -f "${info_file}" ]; then
if [ -n "$(grep -E '^listening on' "${info_file}")" ]; then
break
fi
fi
# break now if the process returned a non-zero value
if [ -n "${retval}" -a "${retval}" != '0' ]; then
break
fi
sleep 1
done
fi
if [ "${retval}" != '0' ]; then
${syslog_cmd} -t "${prog}" "Bro has failed to start."
else
${syslog_cmd} -t "${prog}" "Bro process (${newpid}) has started"
fi
if [ $retval -eq 0 ]; then
touch $lockfile
success
else
failure
fi
echo
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
stop
start
}
reload() {
restart
}
force_reload() {
restart
}
rh_status() {
# run checks to determine if the service is running or use generic status
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
restart
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
exit 2
esac
exit $?
--- NEW FILE bro.spec ---
%define snapshot 20080804
Summary: Open-source, Unix-based Network Intrusion Detection System
Name: bro
Version: 1.4
Release: 0.1.%{snapshot}svn%{?dist}
License: BSD
Group: Applications/Internet
URL: http://bro-ids.org
# The source for this package was pulled from upstream's vcs. Use the
# following commands to generate the tarball:
# svn export -r 6043 http://svn.icir.org/bro/trunk/bro bro-%{snapshot}
# tar -czvf bro-%{snapshot}.tgz bro-%{snapshot}
Source0: bro-%{snapshot}.tgz
Source1: bro-%{snapshot}.cfg
Source2: bro-%{snapshot}.rc
Patch0: bro-%{snapshot}-installpolicy.patch
Patch1: bro-%{snapshot}-configurein.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: libpcap-devel openssl-devel zlib-devel ncurses-devel automake autoconf libtool flex bison file-devel bind-devel
Requires(post): chkconfig
Requires(preun): chkconfig
Requires(preun): initscripts
%description
Bro is an open-source, Unix-based Network Intrusion Detection System (NIDS)
that passively monitors network traffic and looks for suspicious activity.
Bro detects intrusions by first parsing network traffic to extract is
application-level semantics and then executing event-oriented analyzers that
compare the activity with patterns deemed troublesome. Its analysis includes
detection of specific attacks (including those defined by signatures, but also
those defined in terms of events) and unusual activities (e.g., certain hosts
connecting to certain services, or patterns of failed connection attempts).
%prep
%setup -q -n %{name}-%{snapshot}
%patch0 -p1 -b .installpolicy
%patch1 -p1 -b .configurein
%build
./autogen.sh
%configure --enable-brov6 --disable-broccoli
%{__make} %{?_smp_mflags} CFLAGS+="-I/usr/include/ncurses"
%install
rm -rf %{buildroot}
%{__make} DESTDIR="%{buildroot}" install
# Install config
%{__install} -d -m 755 %{buildroot}%{_sysconfdir}/bro
%{__install} -D -c -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/sysconfig/bro
# Create runtime dir
%{__install} -d -m 755 %{buildroot}%{_localstatedir}/run/bro
# Create log dirs
%{__install} -d -m 755 %{buildroot}%{_localstatedir}/log/bro
%{__install} -d -m 755 %{buildroot}%{_localstatedir}/log/bro/archive
%{__install} -d -m 755 %{buildroot}%{_localstatedir}/log/bro/sorted-logs
# Install scripts
cd scripts/
%{__install} -d -m 755 %{buildroot}%{_datadir}/bro/scripts
%{__install} -c -m 644 bro.rc-hooks.sh %{buildroot}%{_datadir}/bro/scripts/bro.rc-hooks.sh
%{__install} -D -c -m 755 %{SOURCE2} %{buildroot}%{_initrddir}/bro
%{__install} -d -m 755 %{buildroot}%{_datadir}/bro/scripts/s2b
%{__install} -c -m 755 snort2bro/snort2bro %{buildroot}%{_datadir}/bro/scripts/s2b/snort2bro
%{__install} -c -m 644 snort2bro/snort2bro.cfg %{buildroot}%{_datadir}/bro/scripts/s2b/snort2bro.cfg
cd ..
# Install bifs
#%{__install} -d -m 755 %{buildroot}%{_datadir}/bro/bif
#cd src/
#for bif in $(ls *.bif.bro); do
# %{__install} -c -m 644 ${bif} %{buildroot}%{_datadir}/bro/bif/${bif}
#done
#cd ..
# Install example signatures, site policy
%{__install} -D -d -m 755 %{buildroot}%{_localstatedir}/lib/bro/site
%{__install} -D -d -m 755 %{buildroot}%{_localstatedir}/lib/bro/host
%{__install} -c -m 644 scripts/s2b/example_bro_files/signatures.sig %{buildroot}%{_localstatedir}/lib/bro/site/signatures.sig
%{__install} -c -m 644 scripts/local.lite.bro %{buildroot}%{_localstatedir}/lib/bro/site/localhost.bro
rm -rf src/libedit
%clean
rm -rf %{buildroot}
%post
/sbin/chkconfig --add bro
%preun
if [ $1 = 0 ] ; then
/sbin/service bro stop >/dev/null 2>&1
/sbin/chkconfig --del bro
fi
%files
%defattr(-,root,root,-)
%doc README COPYING doc/user-manual/Bro-user-manual.pdf doc/ref-manual/Bro-Ref-Manual.pdf doc/quick-start/Bro-quick-start.pdf doc/pubs/*.ps doc/misc/*
%config(noreplace) %{_sysconfdir}/sysconfig/bro
%{_initrddir}/bro
%{_bindir}/bro
%{_datadir}/bro
%{_localstatedir}/run/bro
%{_localstatedir}/log/bro
%{_localstatedir}/lib/bro
%changelog
* Wed May 7 2008 Daniel Kopecek <dkopecek at redhat.com> - 1.4-0.1.20080804svn
- Initial build.
--- NEW FILE import.log ---
bro-1_4-0_1_20080804svn_fc9:HEAD:bro-1.4-0.1.20080804svn.fc9.src.rpm:1219686542
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/bro/devel/.cvsignore,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- .cvsignore 23 Aug 2008 04:21:48 -0000 1.1
+++ .cvsignore 25 Aug 2008 15:59:24 -0000 1.2
@@ -0,0 +1 @@
+bro-20080804.tgz
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/bro/devel/sources,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- sources 23 Aug 2008 04:21:48 -0000 1.1
+++ sources 25 Aug 2008 15:59:24 -0000 1.2
@@ -0,0 +1 @@
+e93683240231069f32b960a3f7e5905c bro-20080804.tgz
- Previous message (by thread): rpms/kdelibs/devel kdelibs.spec,1.365,1.366
- Next message (by thread): rpms/mapnik/devel gcc43-warnings.patch, NONE, 1.1 import.log, NONE, 1.1 mapnik-data.license, NONE, 1.1 mapnik.spec, NONE, 1.1 no_date_footer.html, NONE, 1.1 use-system-fonts.patch, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list