[arch-commits] Commit in snort/repos (7 files)
Eric Belanger
eric at archlinux.org
Wed Jul 9 21:25:48 UTC 2008
Date: Wednesday, July 9, 2008 @ 17:25:48
Author: eric
Revision: 4773
Merged revisions 3540-4772 via svnmerge from
svn+ssh://svn.archlinux.org/home/svn-packages/snort/trunk
........
r4725 | hugo | 2008-07-09 09:40:57 -0400 (Wed, 09 Jul 2008) | 2 lines
upgpkg: snort 2.8.2.1-3
snort updated! lots of bugs fixed. see FS#10775 and FS#10072 for details
........
r4727 | hugo | 2008-07-09 10:06:49 -0400 (Wed, 09 Jul 2008) | 1 line
snort files added
........
r4729 | hugo | 2008-07-09 10:35:30 -0400 (Wed, 09 Jul 2008) | 2 lines
upgpkg: snort 2.8.2.1-4
snort updated! snort.patch and snort.install were added
........
r4772 | eric | 2008-07-09 17:25:32 -0400 (Wed, 09 Jul 2008) | 2 lines
upgpkg: snort 2.8.2.1-4
Removed references out of $startdir/src
........
Added:
snort/repos/extra-x86_64/snort.conf.patch
(from rev 4772, snort/trunk/snort.conf.patch)
snort/repos/extra-x86_64/snort.install
(from rev 4772, snort/trunk/snort.install)
snort/repos/extra-x86_64/snort.patch
(from rev 4772, snort/trunk/snort.patch)
Modified:
snort/repos/extra-x86_64/ (properties)
snort/repos/extra-x86_64/PKGBUILD
snort/repos/extra-x86_64/snort
snort/repos/extra-x86_64/snort.conf.d
------------------+
PKGBUILD | 35 ++++++---
snort | 4 -
snort.conf.d | 8 +-
snort.conf.patch | 188 +++++++++++++++++++++++++++++++++++++++++++++++++++++
snort.install | 23 ++++++
snort.patch | 188 +++++++++++++++++++++++++++++++++++++++++++++++++++++
6 files changed, 429 insertions(+), 17 deletions(-)
Property changes on: snort/repos/extra-x86_64
___________________________________________________________________
Name: svnmerge-integrated
- /snort/trunk:1-3539
+ /snort/trunk:1-4772
Modified: extra-x86_64/PKGBUILD
===================================================================
--- extra-x86_64/PKGBUILD 2008-07-09 21:25:32 UTC (rev 4772)
+++ extra-x86_64/PKGBUILD 2008-07-09 21:25:48 UTC (rev 4773)
@@ -1,10 +1,11 @@
# $Id$
-# Maintainer: Andreas Radke <andyrtr at archlinux.org>
+# Maintainer: Hugo Doria <hugo at archlinux.org>
+# Contributor: Kessia 'even' Pinheiro <kessiapinheiro at gmail.com>
# Contributor: dorphell <dorphell at archlinux.org>
# Contributor: Gregor Ibic <gregor.ibic at intelicom.si>
pkgname=snort
pkgver=2.8.2.1
-pkgrel=1
+pkgrel=4
pkgdesc="A lightweight network intrusion detection system"
arch=('i686' 'x86_64')
license=('GPL')
@@ -12,25 +13,35 @@
backup=(etc/conf.d/snort
etc/snort/{snort,threshold}.conf
etc/snort/{confreference,classification}.config)
-source=(http://www.snort.org/dl/current/$pkgname-$pkgver.tar.gz snort snort.conf.d
- http://www.snort.org/pub-bin/downloads.cgi/Download/comm_rules/Community-Rules-CURRENT.tar.gz) # rules RELEASED: 2007-04-27
+install=snort.install
+source=("http://www.snort.org/dl/current/$pkgname-$pkgver.tar.gz"
+ 'snort'
+ 'snort.conf.d'
+ 'http://www.snort.org/pub-bin/downloads.cgi/Download/comm_rules/Community-Rules-CURRENT.tar.gz'
+ 'snort.conf.patch')
+md5sums=('b39e784dd8a5cf180aae20e94a7b52dd' '361b8b9e40b9af0164f6b3e3da2e8277'\
+ 'b4fb8a68490589cd34df93de7609bfac' 'f236b8a4ac12e99d3e7bd81bf3b5a482'\
+ 'd6ee07e7e23a0b7f5a0dd7d605828946')
url="http://www.snort.org"
options=('!makeflags' '!libtool')
-md5sums=('b39e784dd8a5cf180aae20e94a7b52dd'
- '53284a7996ee41c4c58d13c65d46d776'
- 'e861a59739151ee12798f31e029d43c5'
- 'f236b8a4ac12e99d3e7bd81bf3b5a482')
build() {
cd $startdir/src/$pkgname-$pkgver
+
+ patch -Np0 < ${startdir}/src/snort.conf.patch || return 1
+
./configure --prefix=/usr --sysconfdir=/etc/snort --with-libpcap-includes=/usr/include/pcap \
- --without-mysql --without-postgresql --without-oracle --without-odbc
+ --without-mysql --without-postgresql --without-oracle --without-odbc
make || return 1
make DESTDIR=$startdir/pkg install
- mkdir -p $startdir/pkg/{etc/rc.d,etc/snort/rules,var/log/snort}
+
+ mkdir -p $startdir/pkg/{etc/rc.d,etc/snort/rules}
+
+ install -d -m744 -o snort -g snort $startdir/pkg/var/log/snort
install -D -m644 etc/{*.conf*,*.map} $startdir/pkg/etc/snort
- install -D -m644 ../../snort.conf.d $startdir/pkg/etc/conf.d/snort
+ install -D -m644 ../snort.conf.d $startdir/pkg/etc/conf.d/snort
install -D -m644 $startdir/src/rules/*.rules $startdir/pkg/etc/snort/rules
- install -D -m755 $startdir/snort $startdir/pkg/etc/rc.d/snort
+ install -D -m755 $startdir/src/snort $startdir/pkg/etc/rc.d/snort
+
sed 's|RULE_PATH ../rules|RULE_PATH /etc/snort/rules|' -i $startdir/pkg/etc/snort/snort.conf
}
Modified: extra-x86_64/snort
===================================================================
--- extra-x86_64/snort 2008-07-09 21:25:32 UTC (rev 4772)
+++ extra-x86_64/snort 2008-07-09 21:25:48 UTC (rev 4773)
@@ -4,14 +4,14 @@
. /etc/rc.d/functions
# source application-specific settings
-SNORT_ARGS=
[ -f /etc/conf.d/snort ] && . /etc/conf.d/snort
PID=`pidof -o %PPID /usr/bin/snort`
case "$1" in
start)
stat_busy "Starting Intrusion Database System: SNORT"
- [ -z "$PID" ] && /usr/bin/snort ${SNORT_ARGS}
+ [ -z "$PID" ] && /usr/bin/snort ${SNORT_OPTIONS} -u ${USER} -g ${GROUP} \
+ -i ${INTERFACE} -c ${SNORT_CONF}
if [ $? -gt 0 ]; then
stat_fail
else
Modified: extra-x86_64/snort.conf.d
===================================================================
--- extra-x86_64/snort.conf.d 2008-07-09 21:25:32 UTC (rev 4772)
+++ extra-x86_64/snort.conf.d 2008-07-09 21:25:48 UTC (rev 4773)
@@ -5,14 +5,17 @@
# options taken from Fedora
# http://cvs.fedoraproject.org/viewcvs/devel/snort/sysconfig.snort?rev=1.2&view=markup
+# Where is the snort.conf file.
+SNORT_CONF="/etc/snort/snort.conf"
+
# What user account should we run under.
-USER="root"
+USER="snort"
# What group account should we run under.
-GROUP="root"
+GROUP="snort"
# define the interface we listen on
INTERFACE="eth0"
# If you are using prelude, delete the '-A fast' option
-SNORT_OPTIONS="-A fast -b -l /var/log/snort -D -p"
\ No newline at end of file
+SNORT_OPTIONS="-A fast -b -l /var/log/snort -D -p"
Copied: snort/repos/extra-x86_64/snort.conf.patch (from rev 4772, snort/trunk/snort.conf.patch)
===================================================================
--- extra-x86_64/snort.conf.patch (rev 0)
+++ extra-x86_64/snort.conf.patch 2008-07-09 21:25:48 UTC (rev 4773)
@@ -0,0 +1,188 @@
+--- etc/snort.conf.orig 2008-07-03 16:44:57.000000000 -0300
++++ etc/snort.conf 2008-07-03 17:42:57.000000000 -0300
+@@ -1,5 +1,5 @@
+ #--------------------------------------------------
+-# http://www.snort.org Snort 2.8.2.1 Ruleset
++# http://www.snort.org Snort 2.8.2 Ruleset
+ # Contact: snort-sigs at lists.sourceforge.net
+ #--------------------------------------------------
+ # $Id$
+@@ -191,7 +191,7 @@
+ # Load all dynamic preprocessors from the install path
+ # (same as command line option --dynamic-preprocessor-lib-dir)
+ #
+-dynamicpreprocessor directory /usr/local/lib/snort_dynamicpreprocessor/
++dynamicpreprocessor directory /usr/lib/snort_dynamicpreprocessor/
+ #
+ # Load a specific dynamic preprocessor library from the install path
+ # (same as command line option --dynamic-preprocessor-lib)
+@@ -201,12 +201,12 @@
+ # Load a dynamic engine from the install path
+ # (same as command line option --dynamic-engine-lib)
+ #
+-dynamicengine /usr/local/lib/snort_dynamicengine/libsf_engine.so
++dynamicengine /usr/lib/snort_dynamicengine/libsf_engine.so
+ #
+ # Load all dynamic rules libraries from the install path
+ # (same as command line option --dynamic-detection-lib-dir)
+ #
+-# dynamicdetection directory /usr/local/lib/snort_dynamicrule/
++dynamicdetection directory /usr/local/lib/snort_dynamicrule/
+ #
+ # Load a specific dynamic rule library from the install path
+ # (same as command line option --dynamic-detection-lib)
+@@ -487,7 +487,7 @@
+ # drop { client | server | general | snort_attack }
+ # example:
+ # preprocessor bo: noalert { general server } drop { snort_attack }
+-#
++
+ #
+ # The Back Orifice detector uses Generator ID 105 and uses the
+ # following SIDS for that GID:
+@@ -936,59 +936,87 @@
+ # README.alert_order for how rule ordering affects how alerts are triggered.
+ #=========================================
+
+-include $RULE_PATH/local.rules
+-include $RULE_PATH/bad-traffic.rules
+-include $RULE_PATH/exploit.rules
+-include $RULE_PATH/scan.rules
+-include $RULE_PATH/finger.rules
+-include $RULE_PATH/ftp.rules
+-include $RULE_PATH/telnet.rules
+-include $RULE_PATH/rpc.rules
+-include $RULE_PATH/rservices.rules
+-include $RULE_PATH/dos.rules
+-include $RULE_PATH/ddos.rules
+-include $RULE_PATH/dns.rules
+-include $RULE_PATH/tftp.rules
+-
+-include $RULE_PATH/web-cgi.rules
+-include $RULE_PATH/web-coldfusion.rules
+-include $RULE_PATH/web-iis.rules
+-include $RULE_PATH/web-frontpage.rules
+-include $RULE_PATH/web-misc.rules
+-include $RULE_PATH/web-client.rules
+-include $RULE_PATH/web-php.rules
+-
+-include $RULE_PATH/sql.rules
+-include $RULE_PATH/x11.rules
+-include $RULE_PATH/icmp.rules
+-include $RULE_PATH/netbios.rules
+-include $RULE_PATH/misc.rules
+-include $RULE_PATH/attack-responses.rules
+-include $RULE_PATH/oracle.rules
+-include $RULE_PATH/mysql.rules
+-include $RULE_PATH/snmp.rules
+-
+-include $RULE_PATH/smtp.rules
+-include $RULE_PATH/imap.rules
+-include $RULE_PATH/pop2.rules
+-include $RULE_PATH/pop3.rules
+-
+-include $RULE_PATH/nntp.rules
+-include $RULE_PATH/other-ids.rules
+-# include $RULE_PATH/web-attacks.rules
+-# include $RULE_PATH/backdoor.rules
+-# include $RULE_PATH/shellcode.rules
+-# include $RULE_PATH/policy.rules
+-# include $RULE_PATH/porn.rules
+-# include $RULE_PATH/info.rules
+-# include $RULE_PATH/icmp-info.rules
+-# include $RULE_PATH/virus.rules
+-# include $RULE_PATH/chat.rules
+-# include $RULE_PATH/multimedia.rules
+-# include $RULE_PATH/p2p.rules
+-# include $RULE_PATH/spyware-put.rules
+-# include $RULE_PATH/specific-threats.rules
+-include $RULE_PATH/experimental.rules
++#include $RULE_PATH/local.rules
++#include $RULE_PATH/bad-traffic.rules
++#include $RULE_PATH/exploit.rules
++#include $RULE_PATH/scan.rules
++#include $RULE_PATH/finger.rules
++#include $RULE_PATH/ftp.rules
++#include $RULE_PATH/telnet.rules
++#include $RULE_PATH/rpc.rules
++#include $RULE_PATH/rservices.rules
++#include $RULE_PATH/dos.rules
++#include $RULE_PATH/ddos.rules
++#include $RULE_PATH/dns.rules
++#include $RULE_PATH/tftp.rules
++
++#include $RULE_PATH/web-cgi.rules
++#include $RULE_PATH/web-coldfusion.rules
++#include $RULE_PATH/web-iis.rules
++#include $RULE_PATH/web-frontpage.rules
++#include $RULE_PATH/web-misc.rules
++#include $RULE_PATH/web-client.rules
++#include $RULE_PATH/web-php.rules
++
++#include $RULE_PATH/sql.rules
++#include $RULE_PATH/x11.rules
++#include $RULE_PATH/icmp.rules
++#include $RULE_PATH/netbios.rules
++#include $RULE_PATH/misc.rules
++#include $RULE_PATH/attack-responses.rules
++#include $RULE_PATH/oracle.rules
++#include $RULE_PATH/mysql.rules
++#include $RULE_PATH/snmp.rules
++
++#include $RULE_PATH/smtp.rules
++#include $RULE_PATH/imap.rules
++#include $RULE_PATH/pop2.rules
++#include $RULE_PATH/pop3.rules
++
++#include $RULE_PATH/nntp.rules
++#include $RULE_PATH/other-ids.rules
++#include $RULE_PATH/web-attacks.rules
++#include $RULE_PATH/backdoor.rules
++#include $RULE_PATH/shellcode.rules
++#include $RULE_PATH/policy.rules
++#include $RULE_PATH/porn.rules
++#include $RULE_PATH/info.rules
++#include $RULE_PATH/icmp-info.rules
++#include $RULE_PATH/virus.rules
++#include $RULE_PATH/chat.rules
++#include $RULE_PATH/multimedia.rules
++#include $RULE_PATH/p2p.rules
++#include $RULE_PATH/spyware-put.rules
++#include $RULE_PATH/specific-threats.rules
++#include $RULE_PATH/experimental.rules
++
++
++# Community Rules
++include $RULE_PATH/community-bot.rules
++include $RULE_PATH/community-deleted.rules
++include $RULE_PATH/community-dos.rules
++include $RULE_PATH/community-exploit.rules
++include $RULE_PATH/community-ftp.rules
++include $RULE_PATH/community-game.rules
++include $RULE_PATH/community-icmp.rules
++include $RULE_PATH/community-imap.rules
++include $RULE_PATH/community-inappropriate.rules
++include $RULE_PATH/community-mail-client.rules
++include $RULE_PATH/community-misc.rules
++include $RULE_PATH/community-nntp.rules
++include $RULE_PATH/community-oracle.rules
++include $RULE_PATH/community-policy.rules
++include $RULE_PATH/community-sip.rules
++include $RULE_PATH/community-smtp.rules
++include $RULE_PATH/community-sql-injection.rules
++include $RULE_PATH/community-virus.rules
++include $RULE_PATH/community-web-attacks.rules
++include $RULE_PATH/community-web-cgi.rules
++include $RULE_PATH/community-web-client.rules
++include $RULE_PATH/community-web-dos.rules
++include $RULE_PATH/community-web-iis.rules
++include $RULE_PATH/community-web-misc.rules
++include $RULE_PATH/community-web-php.rules
+
+ # include $PREPROC_RULE_PATH/preprocessor.rules
+ # include $PREPROC_RULE_PATH/decoder.rules
+@@ -1000,3 +1028,4 @@
+ # such as: c:\snort\etc\threshold.conf
+ # Uncomment if needed.
+ # include threshold.conf
++
Copied: snort/repos/extra-x86_64/snort.install (from rev 4772, snort/trunk/snort.install)
===================================================================
--- extra-x86_64/snort.install (rev 0)
+++ extra-x86_64/snort.install 2008-07-09 21:25:48 UTC (rev 4773)
@@ -0,0 +1,23 @@
+post_install() {
+ getent group snort >/dev/null || usr/sbin/groupadd snort
+ getent passwd snort >/dev/null || usr/sbin/useradd -c 'Snort user' -g snort -d /var/log/snort -s /bin/false snort
+ usr/bin/passwd -l snort &>/dev/null
+
+ [ -f var/log/snort/alert ] || : >var/log/snort/alert
+ chown snort.snort var/log/snort/alert
+}
+
+post_upgrade() {
+ post_install $1
+}
+
+pre_remove() {
+ usr/sbin/userdel snort &>/dev/null
+ usr/sbin/groupdel snort &>/dev/null
+}
+
+post_remove() {
+ /bin/true
+}
+
+# vim:set ts=2 sw=2 et:
Copied: snort/repos/extra-x86_64/snort.patch (from rev 4772, snort/trunk/snort.patch)
===================================================================
--- extra-x86_64/snort.patch (rev 0)
+++ extra-x86_64/snort.patch 2008-07-09 21:25:48 UTC (rev 4773)
@@ -0,0 +1,188 @@
+--- etc/snort.conf.orig 2008-07-03 16:44:57.000000000 -0300
++++ etc/snort.conf 2008-07-03 18:04:45.000000000 -0300
+@@ -1,5 +1,5 @@
+ #--------------------------------------------------
+-# http://www.snort.org Snort 2.8.2.1 Ruleset
++# http://www.snort.org Snort 2.8.2 Ruleset
+ # Contact: snort-sigs at lists.sourceforge.net
+ #--------------------------------------------------
+ # $Id$
+@@ -191,7 +191,7 @@
+ # Load all dynamic preprocessors from the install path
+ # (same as command line option --dynamic-preprocessor-lib-dir)
+ #
+-dynamicpreprocessor directory /usr/local/lib/snort_dynamicpreprocessor/
++dynamicpreprocessor directory /usr/lib/snort_dynamicpreprocessor/
+ #
+ # Load a specific dynamic preprocessor library from the install path
+ # (same as command line option --dynamic-preprocessor-lib)
+@@ -201,12 +201,12 @@
+ # Load a dynamic engine from the install path
+ # (same as command line option --dynamic-engine-lib)
+ #
+-dynamicengine /usr/local/lib/snort_dynamicengine/libsf_engine.so
++dynamicengine /usr/lib/snort_dynamicengine/libsf_engine.so
+ #
+ # Load all dynamic rules libraries from the install path
+ # (same as command line option --dynamic-detection-lib-dir)
+ #
+-# dynamicdetection directory /usr/local/lib/snort_dynamicrule/
++dynamicdetection directory /usr/local/lib/snort_dynamicrule/
+ #
+ # Load a specific dynamic rule library from the install path
+ # (same as command line option --dynamic-detection-lib)
+@@ -487,7 +487,7 @@
+ # drop { client | server | general | snort_attack }
+ # example:
+ # preprocessor bo: noalert { general server } drop { snort_attack }
+-#
++
+ #
+ # The Back Orifice detector uses Generator ID 105 and uses the
+ # following SIDS for that GID:
+@@ -936,59 +936,87 @@
+ # README.alert_order for how rule ordering affects how alerts are triggered.
+ #=========================================
+
+-include $RULE_PATH/local.rules
+-include $RULE_PATH/bad-traffic.rules
+-include $RULE_PATH/exploit.rules
+-include $RULE_PATH/scan.rules
+-include $RULE_PATH/finger.rules
+-include $RULE_PATH/ftp.rules
+-include $RULE_PATH/telnet.rules
+-include $RULE_PATH/rpc.rules
+-include $RULE_PATH/rservices.rules
+-include $RULE_PATH/dos.rules
+-include $RULE_PATH/ddos.rules
+-include $RULE_PATH/dns.rules
+-include $RULE_PATH/tftp.rules
+-
+-include $RULE_PATH/web-cgi.rules
+-include $RULE_PATH/web-coldfusion.rules
+-include $RULE_PATH/web-iis.rules
+-include $RULE_PATH/web-frontpage.rules
+-include $RULE_PATH/web-misc.rules
+-include $RULE_PATH/web-client.rules
+-include $RULE_PATH/web-php.rules
+-
+-include $RULE_PATH/sql.rules
+-include $RULE_PATH/x11.rules
+-include $RULE_PATH/icmp.rules
+-include $RULE_PATH/netbios.rules
+-include $RULE_PATH/misc.rules
+-include $RULE_PATH/attack-responses.rules
+-include $RULE_PATH/oracle.rules
+-include $RULE_PATH/mysql.rules
+-include $RULE_PATH/snmp.rules
+-
+-include $RULE_PATH/smtp.rules
+-include $RULE_PATH/imap.rules
+-include $RULE_PATH/pop2.rules
+-include $RULE_PATH/pop3.rules
+-
+-include $RULE_PATH/nntp.rules
+-include $RULE_PATH/other-ids.rules
+-# include $RULE_PATH/web-attacks.rules
+-# include $RULE_PATH/backdoor.rules
+-# include $RULE_PATH/shellcode.rules
+-# include $RULE_PATH/policy.rules
+-# include $RULE_PATH/porn.rules
+-# include $RULE_PATH/info.rules
+-# include $RULE_PATH/icmp-info.rules
+-# include $RULE_PATH/virus.rules
+-# include $RULE_PATH/chat.rules
+-# include $RULE_PATH/multimedia.rules
+-# include $RULE_PATH/p2p.rules
+-# include $RULE_PATH/spyware-put.rules
+-# include $RULE_PATH/specific-threats.rules
+-include $RULE_PATH/experimental.rules
++#include $RULE_PATH/local.rules
++#include $RULE_PATH/bad-traffic.rules
++#include $RULE_PATH/exploit.rules
++#include $RULE_PATH/scan.rules
++#include $RULE_PATH/finger.rules
++#include $RULE_PATH/ftp.rules
++#include $RULE_PATH/telnet.rules
++#include $RULE_PATH/rpc.rules
++#include $RULE_PATH/rservices.rules
++#include $RULE_PATH/dos.rules
++#include $RULE_PATH/ddos.rules
++#include $RULE_PATH/dns.rules
++#include $RULE_PATH/tftp.rules
++
++#include $RULE_PATH/web-cgi.rules
++#include $RULE_PATH/web-coldfusion.rules
++#include $RULE_PATH/web-iis.rules
++#include $RULE_PATH/web-frontpage.rules
++#include $RULE_PATH/web-misc.rules
++#include $RULE_PATH/web-client.rules
++#include $RULE_PATH/web-php.rules
++
++#include $RULE_PATH/sql.rules
++#include $RULE_PATH/x11.rules
++#include $RULE_PATH/icmp.rules
++#include $RULE_PATH/netbios.rules
++#include $RULE_PATH/misc.rules
++#include $RULE_PATH/attack-responses.rules
++#include $RULE_PATH/oracle.rules
++#include $RULE_PATH/mysql.rules
++#include $RULE_PATH/snmp.rules
++
++#include $RULE_PATH/smtp.rules
++#include $RULE_PATH/imap.rules
++#include $RULE_PATH/pop2.rules
++#include $RULE_PATH/pop3.rules
++
++#include $RULE_PATH/nntp.rules
++#include $RULE_PATH/other-ids.rules
++#include $RULE_PATH/web-attacks.rules
++#include $RULE_PATH/backdoor.rules
++#include $RULE_PATH/shellcode.rules
++#include $RULE_PATH/policy.rules
++#include $RULE_PATH/porn.rules
++#include $RULE_PATH/info.rules
++#include $RULE_PATH/icmp-info.rules
++#include $RULE_PATH/virus.rules
++#include $RULE_PATH/chat.rules
++#include $RULE_PATH/multimedia.rules
++#include $RULE_PATH/p2p.rules
++#include $RULE_PATH/spyware-put.rules
++#include $RULE_PATH/specific-threats.rules
++#include $RULE_PATH/experimental.rules
++
++
++# Community Rules
++include $RULE_PATH/community-bot.rules
++include $RULE_PATH/community-deleted.rules
++include $RULE_PATH/community-dos.rules
++include $RULE_PATH/community-exploit.rules
++include $RULE_PATH/community-ftp.rules
++include $RULE_PATH/community-game.rules
++include $RULE_PATH/community-icmp.rules
++include $RULE_PATH/community-imap.rules
++include $RULE_PATH/community-inappropriate.rules
++include $RULE_PATH/community-mail-client.rules
++include $RULE_PATH/community-misc.rules
++include $RULE_PATH/community-nntp.rules
++include $RULE_PATH/community-oracle.rules
++include $RULE_PATH/community-policy.rules
++include $RULE_PATH/community-sip.rules
++#include $RULE_PATH/community-smtp.rules
++include $RULE_PATH/community-sql-injection.rules
++#include $RULE_PATH/community-virus.rules
++include $RULE_PATH/community-web-attacks.rules
++include $RULE_PATH/community-web-cgi.rules
++include $RULE_PATH/community-web-client.rules
++include $RULE_PATH/community-web-dos.rules
++include $RULE_PATH/community-web-iis.rules
++include $RULE_PATH/community-web-misc.rules
++include $RULE_PATH/community-web-php.rules
+
+ # include $PREPROC_RULE_PATH/preprocessor.rules
+ # include $PREPROC_RULE_PATH/decoder.rules
+@@ -1000,3 +1028,4 @@
+ # such as: c:\snort\etc\threshold.conf
+ # Uncomment if needed.
+ # include threshold.conf
++
More information about the arch-commits
mailing list