Description en el spec reducida

4 files changed, 114 insertions, 23 deletions

diff --git a/1.0.6-4/fwsnort-1.0.6-4.fc12.src.rpm b/1.0.6-4/fwsnort-1.0.6-4.fc12.src.rpm
new file mode 100644
index 0000000..8e1da7a
--- /dev/null
+++ b/1.0.6-4/fwsnort-1.0.6-4.fc12.src.rpm
diff --git a/1.0.6-4/fwsnort.spec b/1.0.6-4/fwsnort.spec
new file mode 100644
index 0000000..00d8fb6
--- /dev/null
+++ b/1.0.6-4/fwsnort.spec
@@ -0,0 +1,102 @@
+%global fwsnortlogdir /var/log/fwsnort
+
+### get the first @INC directory that includes the string "linux".
+### This may be 'i386-linux', or 'i686-linux-thread-multi', etc.
+%define fwsnortmoddir `perl -e '$path='i386-linux'; for (@INC) { if($_ =~ m|.*/(.*linux.*)|) {$path = $1; last; }} print $path'`
+
+Summary: Translates Snort rules into equivalent iptables rules
+Name: fwsnort
+Version: 1.0.6
+Release: 4%{?dist}
+License: GPLv2+
+Group: System Environment/Daemons
+Url: http://www.cipherdyne.org/fwsnort/
+Source0: http://www.cipherdyne.org/fwsnort/download/fwsnort-1.0.6.tar.gz
+Source1: logrotate.fwsnort
+BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+BuildArch: noarch 
+Requires: iptables,perl-Net-IPv4Addr, perl-IPTables-Parse, perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
+
+%description
+fwsnort translates Snort rules into equivalent iptables rules and generates
+a Bourne shell script that implements the resulting iptables commands.
+
+In addition, fwsnort (optionally) uses the IPTables::Parse module to parse the
+iptables ruleset on the machine to determine which Snort rules are applicable
+to the specific iptables policy.
+
+fwsnort is able to translate approximately 60% of all rules from the
+Snort-2.3.3 IDS into equivalent iptables rules. 
+
+%prep
+%setup -q
+mv deps/snort_rules/VERSION SNORT-RULES-VERSION
+cp -p %SOURCE1 .
+
+%build
+
+%install
+rm -rf $RPM_BUILD_ROOT
+### log directory
+mkdir -p $RPM_BUILD_ROOT%fwsnortlogdir
+
+### fwsnort config
+mkdir -p $RPM_BUILD_ROOT%_sysconfdir/fwsnort
+
+mkdir -p $RPM_BUILD_ROOT%_bindir
+mkdir -p $RPM_BUILD_ROOT%{_mandir}/man8
+mkdir -p $RPM_BUILD_ROOT%_sbindir
+
+install -m 755 fwsnort $RPM_BUILD_ROOT%_sbindir/
+install -m 644 fwsnort.conf $RPM_BUILD_ROOT%_sysconfdir/fwsnort/
+install -m 644 fwsnort.8 $RPM_BUILD_ROOT%{_mandir}/man8/
+
+### install snort rules files
+cp -r deps/snort_rules $RPM_BUILD_ROOT%_sysconfdir/fwsnort
+
+mkdir -p $RPM_BUILD_ROOT/etc/logrotate.d
+install -p -m 644  logrotate.fwsnort $RPM_BUILD_ROOT/etc/logrotate.d/fwsnort
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+#%pre
+### not used
+
+%post
+### not used
+
+%preun
+### not used
+
+%files
+%defattr(-,root,root)
+%doc LICENSE VERSION README CREDITS TODO SNORT-RULES-VERSION
+%dir %fwsnortlogdir
+%_sbindir/*
+%{_mandir}/man8/*
+
+%dir %_sysconfdir/fwsnort
+%config(noreplace) %_sysconfdir/fwsnort/fwsnort.conf
+
+%dir %_sysconfdir/logrotate.d
+%config(noreplace) %_sysconfdir/logrotate.d/fwsnort
+
+%dir %_sysconfdir/fwsnort/snort_rules
+%config(noreplace) %_sysconfdir/fwsnort/snort_rules/*
+
+%changelog
+* Thu Feb 04 2010 Guillermo Gómez <ggomez@neotechgw.com> - 1.0.6-4
+- Description shortened
+
+* Thu Feb 04 2010 Guillermo Gómez <ggomez@neotechgw.com> - 1.0.6-3
+- License adjusted to GPLv2+
+
+* Wed Feb 03 2010 Guillermo Gómez <ggomez@neotechgw.com> - 1.0.6-2
+- documentation included, LICENSE VERSION README CREDITS TODO
+  SNORT-RULES-VERSION
+
+* Sat Jan 2 2010 Guillermo Gómez <ggomez@neotechgw.com> - 1.0.6-1
+- First Fedora spec compliant version, several modifications
+- No deps included
+- Free snort rules included
diff --git a/fwsnort-1.0.6-4.fc12.src.rpm b/fwsnort-1.0.6-4.fc12.src.rpm
new file mode 100644
index 0000000..8e1da7a
--- /dev/null
+++ b/fwsnort-1.0.6-4.fc12.src.rpm
diff --git a/fwsnort.spec b/fwsnort.spec
index c0dcb44..00d8fb6 100644
--- a/fwsnort.spec
+++ b/fwsnort.spec
@@ -7,7 +7,7 @@
 Summary: Translates Snort rules into equivalent iptables rules
 Name: fwsnort
 Version: 1.0.6
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: GPLv2+
 Group: System Environment/Daemons
 Url: http://www.cipherdyne.org/fwsnort/
@@ -19,28 +19,14 @@ Requires: iptables,perl-Net-IPv4Addr, perl-IPTables-Parse, perl(:MODULE_COMPAT_%
 
 %description
 fwsnort translates Snort rules into equivalent iptables rules and generates
-a Bourne shell script that implements the resulting iptables commands. This
-ruleset allows network traffic that exhibits Snort signatures to be logged
-and/or dropped by iptables directly without putting any interface into
-promiscuous mode or queuing packets from kernel to user space. In addition,
-fwsnort (optionally) uses the IPTables::Parse module to parse the iptables
-ruleset on the machine to determine which Snort rules are applicable to the
-specific iptables policy.  After all, if iptables is blocking all inbound
-http traffic from external addresses, it is probably not of much use to try
-detecting inbound attacks against against tcp/80. By default fwsnort
-generates iptables rules that log Snort sid's with --log-prefix to klogd
-where the messages can be analyzed with a log watcher such as logwatch or
-psad (see http://www.cipherdyne.org/psad). fwsnort relies on the iptables
-string match module to match Snort content fields in the application portion
-of ip traffic. Since Snort rules can contain hex data in content fields,
-fwsnort implements a patch against iptables-1.2.7a which adds a
-"--hex-string" option which will accept content fields such as
-"|0d0a5b52504c5d3030320d0a|". fwsnort is able to translate approximately 60%
-of all rules from the Snort-2.3.3 IDS into equivalent iptables rules. For
-more information about the translation strategy as well as
-advantages/disadvantages of the method used by fwsnort to obtain intrusion
-detection data, see the README included with the fwsnort sources or browse
-to: http://www.cipherdyne.org/fwsnort/
+a Bourne shell script that implements the resulting iptables commands.
+
+In addition, fwsnort (optionally) uses the IPTables::Parse module to parse the
+iptables ruleset on the machine to determine which Snort rules are applicable
+to the specific iptables policy.
+
+fwsnort is able to translate approximately 60% of all rules from the
+Snort-2.3.3 IDS into equivalent iptables rules. 
 
 %prep
 %setup -q
@@ -100,6 +86,9 @@ rm -rf $RPM_BUILD_ROOT
 %config(noreplace) %_sysconfdir/fwsnort/snort_rules/*
 
 %changelog
+* Thu Feb 04 2010 Guillermo Gómez <ggomez@neotechgw.com> - 1.0.6-4
+- Description shortened
+
 * Thu Feb 04 2010 Guillermo Gómez <ggomez@neotechgw.com> - 1.0.6-3
 - License adjusted to GPLv2+