rpms/bro/F-10 bro-1.4-installpolicy.patch, NONE, 1.1 bro-1.4-pl_scripts.patch, NONE, 1.1 bro-1.4-scripts.patch, NONE, 1.1 bro.cfg, NONE, 1.1 bro.rc, NONE, 1.1 .cvsignore, 1.2, 1.3 bro.spec, 1.3, 1.4 sources, 1.2, 1.3
Daniel Kopeček
mildew at fedoraproject.org
Tue Feb 10 01:40:30 UTC 2009
Author: mildew
Update of /cvs/pkgs/rpms/bro/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv32173
Modified Files:
.cvsignore bro.spec sources
Added Files:
bro-1.4-installpolicy.patch bro-1.4-pl_scripts.patch
bro-1.4-scripts.patch bro.cfg bro.rc
Log Message:
rebase to 1.4-release
bro-1.4-installpolicy.patch:
--- NEW FILE bro-1.4-installpolicy.patch ---
diff -up bro-1.4/policy/Makefile.am.orig bro-1.4/policy/Makefile.am
--- bro-1.4/policy/Makefile.am.orig 2009-01-12 15:07:08.000000000 +0100
+++ bro-1.4/policy/Makefile.am 2009-01-12 15:08:37.000000000 +0100
@@ -71,7 +71,7 @@ install-data-hook:
$(INSTALL_DATA) smb-rw.bif.bro $(DESTDIR)${bropolicydir}/smb-rw.bif.bro
$(INSTALL_DATA) smtp-rw.bif.bro $(DESTDIR)${bropolicydir}/smtp-rw.bif.bro
$(INSTALL_DATA) strings.bif.bro $(DESTDIR)${bropolicydir}/strings.bif.bro
- test -d ${bropolicydir}/site || mkdir ${bropolicydir}/site
+ test -d $(DESTDIR)${bropolicydir}/site || mkdir $(DESTDIR)${bropolicydir}/site
uninstall-local:
rm -f ${bropolicydir}/bro.bif.bro
diff -up bro-1.4/policy/Makefile.in.orig bro-1.4/policy/Makefile.in
bro-1.4-pl_scripts.patch:
--- NEW FILE bro-1.4-pl_scripts.patch ---
diff -up bro-1.4/scripts/perl/lib/Bro/Config.pm.orig-pl bro-1.4/scripts/perl/lib/Bro/Config.pm
--- bro-1.4/scripts/perl/lib/Bro/Config.pm.orig-pl 2009-01-26 04:53:27.000000000 +0100
+++ bro-1.4/scripts/perl/lib/Bro/Config.pm 2009-01-26 04:53:56.000000000 +0100
@@ -18,13 +18,13 @@ $DEBUG = 0;
@ISA = ( 'Exporter' );
@EXPORT_OK = qw( $BRO_CONFIG );
-%DEFAULTS = ( BROHOME => '/usr/local/bro',
+%DEFAULTS = ( BROHOME => '@@BROHOME@@',
BRO_POLICY_SUFFIX => '.bro',
BRO_SIG_SUFFIX => '.sig',
META_DATA_PREFIX => '.',
);
-$DEFAULTS{CONFIG_FILE} = $DEFAULTS{BROHOME} . '/etc/bro.cfg';
+$DEFAULTS{CONFIG_FILE} = '@@BROCONFIG@@';
sub parse
{
diff -up bro-1.4/scripts/perl/lib/Bro/Report/Alarm.pm.orig-pl bro-1.4/scripts/perl/lib/Bro/Report/Alarm.pm
--- bro-1.4/scripts/perl/lib/Bro/Report/Alarm.pm.orig-pl 2009-01-26 04:55:02.000000000 +0100
+++ bro-1.4/scripts/perl/lib/Bro/Report/Alarm.pm 2009-01-26 04:56:31.000000000 +0100
@@ -61,8 +61,8 @@ my %REPORT_MAP = ( 'scans' => { input =>
$NOTICE_TYPE_SCORES = {};
$SIGNATURE_ID_SCORES = {};
-$NOTICE_TYPE_SCORES_FILE = $BRO_CONFIG->{BROHOME} . "/etc/alert_scores";
-$SIGNATURE_ID_SCORES_FILE = $BRO_CONFIG->{BROHOME} . "/etc/signature_scores";
+$NOTICE_TYPE_SCORES_FILE = "@@BROCONFIGDIR@@/alert_scores";
+$SIGNATURE_ID_SCORES_FILE = "@@BROCONFIGDIR@@/signature_scores";
# Set the signature score list
setsignaturescores( $SIGNATURE_ID_SCORES_FILE );
diff -up bro-1.4/scripts/perl/lib/Bro/Report.pm.orig-pl bro-1.4/scripts/perl/lib/Bro/Report.pm
diff -up bro-1.4/scripts/perl/script/site-report.pl.orig-pl bro-1.4/scripts/perl/script/site-report.pl
--- bro-1.4/scripts/perl/script/site-report.pl.orig-pl 2009-01-26 04:49:30.000000000 +0100
+++ bro-1.4/scripts/perl/script/site-report.pl 2009-01-26 04:52:58.000000000 +0100
@@ -1,7 +1,7 @@
#!/usr/bin/perl
# look for our modules first
-use lib '/usr/local/bro/perl/lib/perl5/site_perl';
+use lib '@@BROPERLLIB@@';
# This is all stuff that needs to be set before compile time of other Bro modules
# because the other modules depend of Bro::Config to be configures properly
@@ -22,7 +22,7 @@ BEGIN
use Bro::Config qw( $BRO_CONFIG );
- $DEFAULT_BRO_CONFIG_FILE = '/usr/local/bro/etc/bro.cfg';
+ $DEFAULT_BRO_CONFIG_FILE = '@@BROCONFIG@@';
$BRO_CONFIG_FILE = getbroconfigfile() || $DEFAULT_BRO_CONFIG_FILE;
Bro::Config::Configure( File => $BRO_CONFIG_FILE );
bro-1.4-scripts.patch:
--- NEW FILE bro-1.4-scripts.patch ---
diff -up bro-1.4/scripts/frontend-mail-reports.sh.scripts bro-1.4/scripts/frontend-mail-reports.sh
--- bro-1.4/scripts/frontend-mail-reports.sh.scripts 2007-12-03 18:45:16.000000000 +0100
+++ bro-1.4/scripts/frontend-mail-reports.sh 2009-01-27 06:50:17.000000000 +0100
@@ -1,29 +1,25 @@
-#!/bin/sh
+#!/usr/bin/env sh
#
# script to check if rsync of logs has finished, and runs site-report.pl
#
# usage: frontend-mail-report.sh BroConfigFile
#
-# where are we located
-base=`dirname $0`
#set up the environment
if [ $1 ] ; then
. $1
else
- . $base/../etc/bro.cfg
+ . @@CONFIGDIR@@/bro
fi
echo " "
-echo "`date`: checking if reports are ready to mail:" $BROHOME/logs/MailReports.$BRO_HOSTNAME
+echo "`date`: checking if reports are ready to mail:" $BROLOGS/MailReports.$BRO_HOSTNAME
-# only run if file $BROHOME/logs/MailReports.$BRO_HOSTNAME
-if [ -e $BROHOME/logs/MailReports.$BRO_HOSTNAME ] ; then
+# only run if file $BROLOGS/MailReports.$BRO_HOSTNAME
+if [ -e $BROLOGS/MailReports.$BRO_HOSTNAME ] ; then
echo "Reports ready: Running mail reports script"
- $BROHOME/scripts/mail_reports.sh $1
- rm $BROHOME/logs/MailReports.$BRO_HOSTNAME
+ @@SCRIPTSDIR@@/scripts/mail_reports.sh $1
+ rm $BROLOGS/MailReports.$BRO_HOSTNAME
else
echo "Reports not ready"
fi
-
-
diff -up bro-1.4/scripts/frontend-site-report.sh.scripts bro-1.4/scripts/frontend-site-report.sh
--- bro-1.4/scripts/frontend-site-report.sh.scripts 2007-12-03 18:45:16.000000000 +0100
+++ bro-1.4/scripts/frontend-site-report.sh 2009-01-27 06:50:17.000000000 +0100
@@ -1,32 +1,28 @@
-#!/bin/sh
+#!/usr/bin/env sh
#
# script to check if rsync of logs has finished, and runs site-report.pl
#
# usage: frontend-site-report.sh BroConfigFile
#
-#set -x
-# where are we located
-base=`dirname $0`
#set up the environment
if [ $1 ] ; then
. $1
else
- . $base/../etc/bro.cfg
+ . @@CONFIGDIR@@/bro
fi
echo " "
-echo "`date`: checking if reports are ready to generate:" $BROHOME/logs/DoReports.$BRO_HOSTNAME
+echo "`date`: checking if reports are ready to generate:" $BROLOGS/DoReports.$BRO_HOSTNAME
-# only run if file $BROHOME/logs/DoReports.$BROHOST
-if [ -e $BROHOME/logs/DoReports.$BRO_HOSTNAME ] ; then
+# only run if file $BROLOGS/DoReports.$BROHOST
+if [ -e $BROLOGS/DoReports.$BRO_HOSTNAME ] ; then
echo "rsync done: running site report script"
- rm $BROHOME/logs/DoReports.$BRO_HOSTNAME
- $BROHOME/scripts/site-report.pl --broconfig $1
+ rm $BROLOGS/DoReports.$BRO_HOSTNAME
+ @@SCRIPTSDIR@@/site-report.pl --broconfig $1
# create file indicating report is finished
- echo "creating file" $BROHOME/logs/MailReports.$BRO_HOSTNAME
- touch $BROHOME/logs/MailReports.$BRO_HOSTNAME
+ echo "creating file" $BROLOGS/MailReports.$BRO_HOSTNAME
+ touch $BROLOGS/MailReports.$BRO_HOSTNAME
else
echo "rsync not done"
fi
-
diff -up bro-1.4/scripts/mail_notice.sh.scripts bro-1.4/scripts/mail_notice.sh
--- bro-1.4/scripts/mail_notice.sh.scripts 2007-12-03 18:45:16.000000000 +0100
+++ bro-1.4/scripts/mail_notice.sh 2009-01-27 06:50:17.000000000 +0100
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/usr/bin/env sh
#
# This is a sample script to provide basic email notification for
# notices marked NOTICE_EMAIL .
@@ -10,14 +10,11 @@ notice="/tmp/bro.notice.$$"
# Clean up after ourselves.
trap "rm -f $notice; exit" 1 2 15
-# Where are we located.
-base=`dirname $0`
-
# Set up the environment.
if [ $3 ] ; then
. $3
else
- . $base/../etc/bro.cfg
+ . @@CONFIGDIR@@/bro
fi
echo "From:<$BRO_EMAIL_FROM>" > $notice
diff -up bro-1.4/scripts/mail_reports.sh.scripts bro-1.4/scripts/mail_reports.sh
--- bro-1.4/scripts/mail_reports.sh.scripts 2007-12-03 18:45:16.000000000 +0100
+++ bro-1.4/scripts/mail_reports.sh 2009-01-27 06:50:17.000000000 +0100
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/usr/bin/env sh
#
# Shell script to mail reports, should be called from
# crontab
@@ -13,14 +13,11 @@ tmp_file="/tmp/bro.report.$$"
# Clean up after ourselves.
trap "rm $tmp_file; exit" 1 2 15
-# Where are we located.
-base=`dirname $0`
-
# Set up the environment.
if [ $1 ] ; then
. $1
else
- . $base/../etc/bro.cfg
+ . @@CONFIGDIR@@/bro
fi
for f in /usr/bin/sendmail /usr/sbin/sendmail /usr/lib/sendmail; do
diff -up bro-1.4/scripts/push_logs.sh.scripts bro-1.4/scripts/push_logs.sh
--- bro-1.4/scripts/push_logs.sh.scripts 2009-01-27 06:50:54.000000000 +0100
+++ bro-1.4/scripts/push_logs.sh 2009-01-27 07:32:30.000000000 +0100
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/usr/bin/env sh
#
# script to push logs from a bro host to a front end host, including a file "DoReports.HOST" telling
# the report generation script that the new days logs are ready to process
@@ -9,14 +9,13 @@
# where are we located
base=`dirname $0`
#set the environment
-. $base/../etc/bro.cfg
+. @@CONFIGDIR@@/bro
-nice -n 20 /usr/local/bin/rsync -avzt $BROHOME/logs/ $1
+nice -n 20 rsync -avzt "$BROLOGS" $1
# create and copy file to trigger report generation
touch /tmp/DoReports.$BRO_HOSTNAME
-/usr/local/bin/rsync -avzt /tmp/DoReports.$BRO_HOSTNAME $1
+rsync -avzt /tmp/DoReports.$BRO_HOSTNAME $1
# and if you need to sort the logs for Brooery, add this:
#ssh $1 "/usr/local/bro/scripts/log2gui.py -r /usr/local/bro/logs -l /usr/local/bro/sorted-logs"
-
--- NEW FILE bro.cfg ---
# Source file config for running bro
# host only format
BRO_HOSTNAME=`hostname | awk -F. ' { print } '`
# FQDN format
# HOSTNAME=`hostname`
# Directory containing Bro binaries
BRO_BIN_DIR="/usr/bin"
# Filename of the Bro start policy
# START_POLICY="default.bro"
BRO_START_POLICY="localhost.bro"
# Directory containing Bro logs
BROLOGS="/var/log/bro"
export BROLOGS
# Log archive directory
BRO_LOG_ARCHIVE="/var/log/bro/archive"
# Directory containing Bro signature files
BRO_SIG_DIR="/usr/share/bro/sigs"
# Bro policy paths
# Location of site specific policy and configurations
BROSITE="/var/lib/bro/site"
# Location of host specific policy and configurations
BROHOST="/var/lib/bro/host"
BROPATH="${BROSITE}:${BROHOST}:/usr/share/bro/site:/usr/share/bro"
export BROPATH
# A prefix to use when looking for local policy files to load.
# BRO_PREFIX="local"
# Location of the Bro executable
BRO="${BRO_BIN_DIR}/bro"
# Base command line options.
BRO_ADD_OPTS=" -W"
# Turn on Bro's Watchdog feature
BRO_OPTS="${BRO_ADD_OPTS}"
# Interface name to listen on. The default is to use the busiest one found.
BRO_CAPTURE_INTERFACE="eth0"
# Multiple interface should be specified as a space delimited list.
# Examples:
# CAPTURE_INTERFACE="sk0 sk1 sk5"
# CAPTURE_INTERFACE="eth0 eth3"
# CAPTURE_INTERFACE="eth0"
# If set to YES and there are any signature files ending with .bro in $SIG_DIR
# then they will be started with bro. Set to NO to disable signatures
# Set to YES to enable bro to run with 'signature matching' on (YES/NO)
BRO_USE_SIGNATURES=YES
# Shoud a trace (tcpdump) file be created in the log directory (YES/NO)
BRO_CREATE_TRACE_FILE=NO
# How long to wait during checkpointing after startin a new Bro process and
# stopping the old one. This value is in seconds
BRO_CHECKPOINT_OVERLAP_TIME=20
# Starting time for a report run (0001 is 12:01 am and 1201 is 12:01pm)
BRO_REPORT_START_TIME=0010
# How often (in hours) to generate an activity report
BRO_REPORT_INTERVAL=24
BRO_REPORT_DIR="${BROLOGS}/reports"
# This is the how often to rotate the logs (in hours)
BRO_LOG_ROTATE_INTERVAL=24
# This is the how often to restart bro (in hours)
BRO_CHECKPOINT_INTERVAL=24
# The maximum time allowed for a Bro process to cleanup and exit
# This value is in seconds
BRO_MAX_SHUTDOWN_TIME=$(( 60 * 60 * 2 )) # 2 hours
# Use this to enable the init script to autorestart Bro in the event of an
# unexpected shutdown. The value should be YES or NO
BRO_ENABLE_AUTORESTART="YES"
# A value less than 1 means there will be no limit to the number of restarts
# Maximum times to try to auto-restart Bro before giving up.
BRO_MAX_RESTART_ATTEMPTS=-1
# Location of the run-time variable directory. This is normally /var/run/bro
# and contains the pidfile and other temporal data.
BRO_RUNTIME_DIR="/var/run/bro"
# Email address for local reports to be mailed to
BRO_EMAIL_LOCAL="root at localhost"
# Email address to send from
BRO_EMAIL_FROM="bro at localhost"
# Do you want to send external reports to a incident reporting org (e.g.: CERT, CIAC, etc)
BRO_EMAIL_EXTERNAL="NO"
# Email address for remote reports to be mailed to
BRO_EMAIL_REMOTE="foo at example.bar"
# User id to install and run Bro under
BRO_USER_ID="bro"
# Site name for reports (i.e. LBNL, FOO.COM, BAZ.ORG)
BRO_SITE_NAME="localsite"
# Do you want to encrypt email reports (YES/NO)
BRO_ENCRYPT_EMAIL="NO"
# Location of GPG binary or encrypting email
BRO_GPG_BIN="/usr/bin/gpg"
# Default BPF buffer
BRO_BPF_BUFSIZE=4194304
# Do BPF bonding
BRO_BPFBOND_ENABLE="NO"
# Interfaces to bond
BRO_BPFBOND_FLAGS="em0 em1"
# diskspace management settings
# Should I manage diskspace
BRO_DISKSPACE_ENABLE="YES"
# percent full to worry about
BRO_DISKSPACE_PCT=90
# account watching disk space
BRO_DISKSPACE_WATCHER="root"
# days before deleting old logs
BRO_DAYS_2_DELETION=45
# days before compressing logs
BRO_DAYS_2_COMPRESSION=20
# Bulk data capture settings
# Buld data directory
BRO_BULK_DIR="${BROLOGS}/bulk-trace"
# Capture filter for bulk data
BRO_BULK_CAPTURE_FILTER=""
# days before deleting bulk data
BRO_BULK_DAYS_2_DELETION=4
# days before compressing bulk data
BRO_BULK_DAYS_2_COMPRESSION=2
# location of sorted log files, needed by Brooery
BROOERY_LOGS="${BROLOGS}/sorted-logs"
--- NEW FILE bro.rc ---
#!/bin/sh
#
# Bro - Open-source, Unix-based Network Intrusion Detection System
#
# chkconfig: - 57 30
# description: Bro is an open-source, Unix-based Network Intrusion Detection System (NIDS) \
# that passively monitors network traffic and looks for suspicious activity.
#
### BEGIN INIT INFO
# Provides:
# Required-Start:
# Required-Stop:
# Should-Start:
# Should-Stop:
# Default-Start:
# Default-Stop:
# Short-Description:
# Description:
### END INIT INFO
# Source function library.
. /etc/rc.d/init.d/functions
exec="/usr/bin/bro"
prog="bro"
config="/etc/sysconfig/bro"
syslog_cmd="logger"
[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
lockfile=/var/lock/subsys/$prog
fexists () {
[ -f "${1}" ] || exit 1
exit 0
}
dexists () {
[ -d "${1}" ] || exit 1
exit 0
}
start() {
[ -x $exec ] || exit 5
[[ -f "${config}" && \
-w "${BROLOGS}" && \
-d "${BRO_BIN_DIR}" && \
-d "${BRO_LOG_ARCHIVE}" && \
-d "${BRO_SIG_DIR}" && \
-d "${BROSITE}" && \
-d "${BROHOST}" && \
-f "${BRO}" ]] || exit 6
local current_date
local trace_file
local cmd_opts
cmd_opts="${BRO_OPTS}"
current_date="$(date +%y-%m-%d_%H.%M.%S)"
export \
BRO_LOG_SUFFIX="${BRO_HOSTNAME}.${current_date}"
trace_file="${BROLOGS}/trace.${BRO_LOG_SUFFIX}"
info_file="${BROLOGS}/info.${BRO_LOG_SUFFIX}"
if [ "${BRO_CREATE_TRACE_FILE}" = 'YES' -o "${BRO_CREATE_TRACE_FILE}" = 'yes' ]; then
cmd_opts="${cmd_opts} -w \"${trace_file}\""
fi
if [ -n "${BRO_CAPTURE_INTERFACE}" ]; then
for _intf in ${BRO_CAPTURE_INTERFACE}; do
cmd_opts="${cmd_opts} -i ${_intf}"
done
fi
if [ -n "${BRO_START_POLICY}" ]; then
cmd_opts="${cmd_opts} ${BRO_START_POLICY}"
else
echo "${prog}: No start policy file specified." >&2
fi
cd "${BROLOGS}" || exit 6
echo -n $"Starting $prog: "
"${exec}" ${cmd_opts} >> "${info_file}" 2>&1 &
retval=$?
newpid=$!
if [ "${retval}" = '0' -o -z "${retval}" ]; then
for ((i=1; i < 11; i++)); do
if [ -f "${info_file}" ]; then
if [ -n "$(grep -E '^listening on' "${info_file}")" ]; then
break
fi
fi
# break now if the process returned a non-zero value
if [ -n "${retval}" -a "${retval}" != '0' ]; then
break
fi
sleep 1
done
fi
if [ "${retval}" != '0' ]; then
${syslog_cmd} -t "${prog}" "Bro has failed to start."
else
${syslog_cmd} -t "${prog}" "Bro process (${newpid}) has started"
fi
if [ $retval -eq 0 ]; then
touch $lockfile
success
else
failure
fi
echo
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
stop
start
}
reload() {
restart
}
force_reload() {
restart
}
rh_status() {
# run checks to determine if the service is running or use generic status
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
restart
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
exit 2
esac
exit $?
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/bro/F-10/.cvsignore,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- .cvsignore 25 Aug 2008 15:59:24 -0000 1.2
+++ .cvsignore 10 Feb 2009 01:40:30 -0000 1.3
@@ -1 +1 @@
-bro-20080804.tgz
+bro-1.4-release.tar.gz
Index: bro.spec
===================================================================
RCS file: /cvs/pkgs/rpms/bro/F-10/bro.spec,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- bro.spec 10 Nov 2008 16:07:54 -0000 1.3
+++ bro.spec 10 Feb 2009 01:40:30 -0000 1.4
@@ -1,28 +1,27 @@
-%define snapshot 20080804
-
Summary: Open-source, Unix-based Network Intrusion Detection System
Name: bro
Version: 1.4
-Release: 0.3.%{snapshot}svn%{?dist}
+Release: 1%{?dist}
License: BSD
Group: Applications/Internet
URL: http://bro-ids.org
-# The source for this package was pulled from upstream's vcs. Use the
-# following commands to generate the tarball:
-# svn export -r 6043 http://svn.icir.org/bro/trunk/bro bro-%{snapshot}
-# tar -czvf bro-%{snapshot}.tgz bro-%{snapshot}
-
-Source0: bro-%{snapshot}.tgz
-Source1: bro-%{snapshot}.cfg
-Source2: bro-%{snapshot}.rc
-Patch0: bro-%{snapshot}-installpolicy.patch
-Patch1: bro-%{snapshot}-configurein.patch
-Patch2: bro-20080804-configure-opt-check.patch
+Source0: bro-%{version}-release.tar.gz
+Source1: bro.cfg
+Source2: bro.rc
+
+Patch0: bro-1.4-installpolicy.patch
+Patch1: bro-1.4-scripts.patch
+Patch2: bro-1.4-pl_scripts.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-BuildRequires: libpcap-devel openssl-devel zlib-devel ncurses-devel automake autoconf libtool flex bison file-devel
-
+BuildRequires: libpcap-devel openssl-devel zlib-devel ncurses-devel
+BuildRequires: automake autoconf libtool flex bison file-devel
+BuildRequires: texinfo-tex
+
+Requires: rsync
+Requires: python
+Requires: perl >= 5.6.1, perl(Config::General), perl(Getopt::Long)
Requires(post): chkconfig
Requires(preun): chkconfig
Requires(preun): initscripts
@@ -38,10 +37,10 @@
connecting to certain services, or patterns of failed connection attempts).
%prep
-%setup -q -n %{name}-%{snapshot}
+%setup -q
%patch0 -p1 -b .installpolicy
-%patch1 -p1 -b .configurein
-%patch2 -p1 -b .optcheck
+%patch1 -p1 -b .scripts
+%patch2 -p1 -b .pl_scripts
%build
./autogen.sh
@@ -63,25 +62,50 @@
%{__install} -d -m 755 %{buildroot}%{_localstatedir}/log/bro
%{__install} -d -m 755 %{buildroot}%{_localstatedir}/log/bro/archive
%{__install} -d -m 755 %{buildroot}%{_localstatedir}/log/bro/sorted-logs
+%{__install} -d -m 755 %{buildroot}%{_localstatedir}/log/bro/reports
# Install scripts
-cd scripts/
+pushd scripts/
+
%{__install} -d -m 755 %{buildroot}%{_datadir}/bro/scripts
%{__install} -c -m 644 bro.rc-hooks.sh %{buildroot}%{_datadir}/bro/scripts/bro.rc-hooks.sh
%{__install} -D -c -m 755 %{SOURCE2} %{buildroot}%{_initrddir}/bro
+##
+## FIXME: perl(Bro) needed by site-report.pl
+##
+
+%{__install} -d -m 755 %{buildroot}%{_datadir}/bro/perl
+
+for PSCRIPT in perl/script/site-report.pl perl/lib/Bro/*.pm perl/lib/Bro/Report/*.pm; do
+ sed -i "s|@@BROCONFIG@@|%{_sysconfdir}/sysconfig/bro|g" "$PSCRIPT"
+ sed -i "s|@@BROCONFIGDIR@@|%{_sysconfdir}/bro|g" "$PSCRIPT"
+ sed -i "s|@@BROPERLLIB@@|%{_datadir}/bro/perl|g" "$PSCRIPT"
+ sed -i "s|@@BROHOME@@|%{_localstatedir}/run/bro|g" "$PSCRIPT"
+done
+
+pushd perl/lib
+ cp -r Bro %{buildroot}%{_datadir}/bro/perl
+popd
+
+for SPATH in push_logs.sh mail_reports.sh mail_notice.sh frontend-mail-reports.sh frontend-site-report.sh perl/script/site-report.pl; do
+ SNAME=$(basename "$SPATH")
+ %{__install} -c -m 755 "$SPATH" %{buildroot}%{_datadir}/bro/scripts
+ sed -i "s|@@CONFIGDIR@@|%{_sysconfdir}/sysconfig|g" "%{buildroot}%{_datadir}/bro/scripts/$SNAME"
+ sed -i "s|@@SCRIPTSDIR@@|%{_datadir}/bro/scripts|g" "%{buildroot}%{_datadir}/bro/scripts/$SNAME"
+done
+
%{__install} -d -m 755 %{buildroot}%{_datadir}/bro/scripts/s2b
-%{__install} -c -m 755 snort2bro/snort2bro %{buildroot}%{_datadir}/bro/scripts/s2b/snort2bro
-%{__install} -c -m 644 snort2bro/snort2bro.cfg %{buildroot}%{_datadir}/bro/scripts/s2b/snort2bro.cfg
-cd ..
-
-# Install bifs
-#%{__install} -d -m 755 %{buildroot}%{_datadir}/bro/bif
-#cd src/
-#for bif in $(ls *.bif.bro); do
-# %{__install} -c -m 644 ${bif} %{buildroot}%{_datadir}/bro/bif/${bif}
-#done
-#cd ..
+%{__install} -c -m 755 s2b/bin/s2b.pl %{buildroot}%{_datadir}/bro/scripts/s2b/s2b.pl
+sed -i "s|/usr/local/etc/bro/s2b|%{_datadir}/bro/scripts/s2b|g" %{buildroot}%{_datadir}/bro/scripts/s2b/s2b.pl
+
+%{__install} -c -m 644 s2b/etc/s2b.cfg %{buildroot}%{_datadir}/bro/scripts/s2b/s2b.cfg
+%{__install} -c -m 644 s2b/etc/s2b-augment.cfg %{buildroot}%{_datadir}/bro/scripts/s2b/s2b-augment.cfg
+%{__install} -c -m 644 s2b/etc/s2b-ruleset-augment.cfg %{buildroot}%{_datadir}/bro/scripts/s2b/s2b-ruleset-augment.cfg
+%{__install} -c -m 644 s2b/etc/s2b-sigmap.cfg %{buildroot}%{_datadir}/bro/scripts/s2b/s2b-sigmap.cfg
+%{__install} -c -m 755 s2b/bin/snort2bro %{buildroot}%{_datadir}/bro/scripts/s2b/snort2bro
+
+popd
# Install example signatures, site policy
%{__install} -D -d -m 755 %{buildroot}%{_localstatedir}/lib/bro/site
@@ -89,8 +113,18 @@
%{__install} -c -m 644 scripts/s2b/example_bro_files/signatures.sig %{buildroot}%{_localstatedir}/lib/bro/site/signatures.sig
%{__install} -c -m 644 scripts/local.lite.bro %{buildroot}%{_localstatedir}/lib/bro/site/localhost.bro
+%{__install} -c -m 644 scripts/alert_scores %{buildroot}%{_sysconfdir}/bro/alert_scores
+%{__install} -c -m 644 scripts/signature_scores %{buildroot}%{_sysconfdir}/bro/signature_scores
+
rm -rf src/libedit
+# Generate docs
+for d in doc/user-manual/Bro-user-manual.texi doc/ref-manual/Bro-Ref-Manual.texi doc/quick-start/Bro-quick-start.texi; do
+ pushd "$(dirname "$d")"
+ texi2dvi --clean --pdf "$(basename "$d")"
+ popd
+done
+
%clean
rm -rf %{buildroot}
@@ -105,7 +139,7 @@
%files
%defattr(-,root,root,-)
-%doc README COPYING doc/user-manual/Bro-user-manual.pdf doc/ref-manual/Bro-Ref-Manual.pdf doc/quick-start/Bro-quick-start.pdf doc/pubs/*.ps doc/misc/*
+%doc README COPYING doc/user-manual/Bro-user-manual.pdf doc/ref-manual/Bro-Ref-Manual.pdf doc/quick-start/Bro-quick-start.pdf
%config(noreplace) %{_sysconfdir}/sysconfig/bro
%{_initrddir}/bro
%{_bindir}/bro
@@ -113,9 +147,13 @@
%{_localstatedir}/run/bro
%{_localstatedir}/log/bro
%{_localstatedir}/lib/bro
+%{_sysconfdir}/bro
%changelog
+* Mon Feb 9 2009 Daniel Kopecek <dkopecek at redhat.com> - 1.4-1
+- rebase to 1.4-release
+
* Mon Nov 10 2008 Daniel Kopecek <dkopecek at redhat.com> - 1.4-0.3.20080804svn
- Removed bind-devel from BuildRequires
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/bro/F-10/sources,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- sources 25 Aug 2008 15:59:24 -0000 1.2
+++ sources 10 Feb 2009 01:40:30 -0000 1.3
@@ -1 +1 @@
-e93683240231069f32b960a3f7e5905c bro-20080804.tgz
+3607ae65c5993ca2509b267af3c830f0 bro-1.4-release.tar.gz
More information about the scm-commits
mailing list