blob: 00d8fb6c8d1752d17c3a22b68f6ef70e5073cfb6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
|
%global fwsnortlogdir /var/log/fwsnort
### get the first @INC directory that includes the string "linux".
### This may be 'i386-linux', or 'i686-linux-thread-multi', etc.
%define fwsnortmoddir `perl -e '$path='i386-linux'; for (@INC) { if($_ =~ m|.*/(.*linux.*)|) {$path = $1; last; }} print $path'`
Summary: Translates Snort rules into equivalent iptables rules
Name: fwsnort
Version: 1.0.6
Release: 4%{?dist}
License: GPLv2+
Group: System Environment/Daemons
Url: http://www.cipherdyne.org/fwsnort/
Source0: http://www.cipherdyne.org/fwsnort/download/fwsnort-1.0.6.tar.gz
Source1: logrotate.fwsnort
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildArch: noarch
Requires: iptables,perl-Net-IPv4Addr, perl-IPTables-Parse, perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
%description
fwsnort translates Snort rules into equivalent iptables rules and generates
a Bourne shell script that implements the resulting iptables commands.
In addition, fwsnort (optionally) uses the IPTables::Parse module to parse the
iptables ruleset on the machine to determine which Snort rules are applicable
to the specific iptables policy.
fwsnort is able to translate approximately 60% of all rules from the
Snort-2.3.3 IDS into equivalent iptables rules.
%prep
%setup -q
mv deps/snort_rules/VERSION SNORT-RULES-VERSION
cp -p %SOURCE1 .
%build
%install
rm -rf $RPM_BUILD_ROOT
### log directory
mkdir -p $RPM_BUILD_ROOT%fwsnortlogdir
### fwsnort config
mkdir -p $RPM_BUILD_ROOT%_sysconfdir/fwsnort
mkdir -p $RPM_BUILD_ROOT%_bindir
mkdir -p $RPM_BUILD_ROOT%{_mandir}/man8
mkdir -p $RPM_BUILD_ROOT%_sbindir
install -m 755 fwsnort $RPM_BUILD_ROOT%_sbindir/
install -m 644 fwsnort.conf $RPM_BUILD_ROOT%_sysconfdir/fwsnort/
install -m 644 fwsnort.8 $RPM_BUILD_ROOT%{_mandir}/man8/
### install snort rules files
cp -r deps/snort_rules $RPM_BUILD_ROOT%_sysconfdir/fwsnort
mkdir -p $RPM_BUILD_ROOT/etc/logrotate.d
install -p -m 644 logrotate.fwsnort $RPM_BUILD_ROOT/etc/logrotate.d/fwsnort
%clean
rm -rf $RPM_BUILD_ROOT
#%pre
### not used
%post
### not used
%preun
### not used
%files
%defattr(-,root,root)
%doc LICENSE VERSION README CREDITS TODO SNORT-RULES-VERSION
%dir %fwsnortlogdir
%_sbindir/*
%{_mandir}/man8/*
%dir %_sysconfdir/fwsnort
%config(noreplace) %_sysconfdir/fwsnort/fwsnort.conf
%dir %_sysconfdir/logrotate.d
%config(noreplace) %_sysconfdir/logrotate.d/fwsnort
%dir %_sysconfdir/fwsnort/snort_rules
%config(noreplace) %_sysconfdir/fwsnort/snort_rules/*
%changelog
* Thu Feb 04 2010 Guillermo Gómez <ggomez@neotechgw.com> - 1.0.6-4
- Description shortened
* Thu Feb 04 2010 Guillermo Gómez <ggomez@neotechgw.com> - 1.0.6-3
- License adjusted to GPLv2+
* Wed Feb 03 2010 Guillermo Gómez <ggomez@neotechgw.com> - 1.0.6-2
- documentation included, LICENSE VERSION README CREDITS TODO
SNORT-RULES-VERSION
* Sat Jan 2 2010 Guillermo Gómez <ggomez@neotechgw.com> - 1.0.6-1
- First Fedora spec compliant version, several modifications
- No deps included
- Free snort rules included
|
