issed this.
>
> Unfortunately some additional change crept in. The PLIST entry of
> lib/snort_dynamicrules got lost. Normally the directory is empty and a
> placeholder for compiled rules. The directory is referenced in
> /etc/snort/snort.conf:
>
>256
>257 # path
of
lib/snort_dynamicrules got lost. Normally the directory is empty and a
placeholder for compiled rules. The directory is referenced in
/etc/snort/snort.conf:
256
257 # path to dynamic rules libraries
258 dynamicdetection directory /usr/local/lib/snort_dynamicrules
259
and snort now com
ping
On Thu, Aug 11, 2022 at 09:24:45PM +0200, Markus Lude wrote:
> Hello,
>
> attached is an update of snort to 2.9.20.
> Tested on amd64.
>
> Please test and commit.
>
> Regards,
> Markus
Index: Makefile
=
Hello,
attached is an update of snort to 2.9.20.
Tested on amd64.
Please test and commit.
Regards,
Markus
Index: Makefile
===
RCS file: /cvs/ports/net/snort/Makefile,v
retrieving revision 1.112
diff -u -p -u -p -r1.112 Makefile
sorry about the delay, committed
On 2022/02/18 22:49, Markus Lude wrote:
> ping
>
> On Mon, Jan 31, 2022 at 11:15:54PM +0100, Markus Lude wrote:
> > Hello,
> >
> > attached is an update of snort to 2.9.19.
> > Tested on amd64.
> >
> &
ping
On Mon, Jan 31, 2022 at 11:15:54PM +0100, Markus Lude wrote:
> Hello,
>
> attached is an update of snort to 2.9.19.
> Tested on amd64.
>
> Regards,
> Markus
Index: Makefile
===
RCS file: /cvs/ports
Hello,
attached is an update of snort to 2.9.19.
Tested on amd64.
Regards,
Markus
Index: Makefile
===
RCS file: /cvs/ports/net/snort/Makefile,v
retrieving revision 1.111
diff -u -p -u -p -r1.111 Makefile
--- Makefile19 Sep 2021
On Wed, Jul 14, 2021 at 10:22:12AM +0100, Stuart Henderson wrote:
Hello Stuart,
first I'd like to apologize for the late reply.
> LuaJIT only supports a limited number of archs, restricting what snort
> can be run on. (Notably LuaJIT 2.0 doesn't support aarch64). This diff,
> prompted
LuaJIT only supports a limited number of archs, restricting what snort
can be run on. (Notably LuaJIT 2.0 doesn't support aarch64). This diff,
prompted by a mail from Soner Tari, adds a no_luajit flavour disabling
use of LuaJIT, and uses it by default unless on one of the archs where
LuaJIT
Hello,
attached is a stright forward update for snort 2.9.18.
Tested on amd64.
Regards,
Markus
Index: Makefile
===
RCS file: /cvs/ports/net/snort/Makefile,v
retrieving revision 1.109
diff -u -p -u -p -r1.109 Makefile
--- Makefile
Hello,
attached is an update for snort to bugfix release 2.9.17.1.
Tested on amd64.
Regards,
Markus
Index: Makefile
===
RCS file: /cvs/ports/net/snort/Makefile,v
retrieving revision 1.108
diff -u -p -u -p -r1.108 Makefile
Thanks for the ping and sorry about the delay. I have committed your
update.
Lawrence
On Mon, Feb 15, 2021 at 07:13:52PM +0100, Markus Lude wrote:
> ping
>
> On Tue, Feb 09, 2021 at 11:51:25PM +0100, Markus Lude wrote:
> > Hello,
> >
> > attached is an update to sn
ping
On Tue, Feb 09, 2021 at 11:51:25PM +0100, Markus Lude wrote:
> Hello,
>
> attached is an update to snort 2.9.17. The new version includes fixes
> for gcc-10. Tested on amd64.
>
> Please test and eventually commit. Thanks.
>
> Regards,
&
Hello,
attached is an update to snort 2.9.17. The new version includes fixes
for gcc-10. Tested on amd64.
Please test and eventually commit. Thanks.
Regards,
Markus
Index: Makefile
===
RCS file: /cvs/ports/net/snort/Makefile,v
s, those static libraries are not needed.
Index: Makefile
===
RCS file: /cvs/ports/net/snort/Makefile,v
retrieving revision 1.106
diff -u -p -r1.106 Makefile
--- Makefile1 Dec 2019 03:19:10 - 1.106
+++ Makefile21 May 2020 20:55:49 -
@@ -2,8 +2,8 @@
COMMENT = hig
On 2020/05/18 23:52, Lawrence Teo wrote:
> lib/pkgconfig/snort.pc
> lib/snort_dynamicengine/
> -lib/snort_dynamicengine/libsf_engine.a
> +@static-lib lib/snort_dynamicengine/libsf_engine.a
> @comment lib/snort_dynamicengine/libsf_engine.la
> -lib/snort_dynamicengine/libsf_engine.so
> +@so
This updates Snort to 2.9.16.
https://blog.snort.org/2020/04/snort-29160-has-been-released.html
Upstream has a daq 2.0.7 release too, where the only change is the
addition of a daq.vcxproj file for 64-bit Windows. But their distfile
still ships with the configure script generated for daq-2.0.6
Hello,
attached is an update to snort 2.9.15.
Tested on amd64.
Please test, comment and eventually commit.
Regards
Markus
Index: Makefile
===
RCS file: /cvs/ports/net/snort/Makefile,v
retrieving revision 1.105
diff -u -p -u -p
Thanks for the ping! I have tested and committed your diff.
On Wed, Aug 28, 2019 at 10:40:31PM +0200, Markus Lude wrote:
> ping
>
> On Sun, Aug 18, 2019 at 12:46:31PM +0200, Markus Lude wrote:
> > Hello,
> >
> > attached is an update to snort 2.9.14.1.
> >
&g
ping
On Sun, Aug 18, 2019 at 12:46:31PM +0200, Markus Lude wrote:
> Hello,
>
> attached is an update to snort 2.9.14.1.
>
> Tested on amd64.
>
> Please test, comment and eventually commit.
>
> Regards
&g
Hello,
attached is an update to snort 2.9.14.1.
Tested on amd64.
Please test, comment and eventually commit.
Regards
Markus
Index: Makefile
===
RCS file: /cvs/ports/net/snort/Makefile,v
retrieving revision 1.104
diff -u -p -u -p
21, 2019 at 11:38:06PM -0600, Aaron Bieber wrote:
> > >>> On Fri, 19 Jul 2019 at 22:01:53 -0400, Lawrence Teo wrote:
> > >>> This updates Snort to 2.9.14.
> > >>>
> > >>> https://blog.snort.org/2019/07/snort-29140-has-bee
eo wrote:
> >
> > ???On Sun, Jul 21, 2019 at 11:38:06PM -0600, Aaron Bieber wrote:
> >>> On Fri, 19 Jul 2019 at 22:01:53 -0400, Lawrence Teo wrote:
> >>> This updates Snort to 2.9.14.
> >>>
> >>> https://blog.snort.org/2019/07/snort-29140-has-bee
l 2019 at 22:01:53 -0400, Lawrence Teo wrote:
>>> This updates Snort to 2.9.14.
>>>
>>> https://blog.snort.org/2019/07/snort-29140-has-been-released.html
>>>
>>> ok?
>>
>> Builds and runs fine here! When I start it with "-d" I se
On Sun, Jul 21, 2019 at 11:38:06PM -0600, Aaron Bieber wrote:
> On Fri, 19 Jul 2019 at 22:01:53 -0400, Lawrence Teo wrote:
> > This updates Snort to 2.9.14.
> >
> > https://blog.snort.org/2019/07/snort-29140-has-been-released.html
> >
> > ok?
>
>
On Fri, 19 Jul 2019 at 22:01:53 -0400, Lawrence Teo wrote:
> This updates Snort to 2.9.14.
>
> https://blog.snort.org/2019/07/snort-29140-has-been-released.html
>
> ok?
Builds and runs fine here! When I start it with "-d" I see:
snort:/usr/local/lib/libluajit-5.1
This updates Snort to 2.9.14.
https://blog.snort.org/2019/07/snort-29140-has-been-released.html
ok?
Index: Makefile
===
RCS file: /cvs/ports/net/snort/Makefile,v
retrieving revision 1.103
diff -u -p -r1.103 Makefile
--- Makefile
Hello,
attached is an update to snort 2.9.13.
A new library libsf_sorules appeared in an example directory. Questions
about it went unanswered on snort-devel. I disabled it for now.
Rest is mostly regenerated patches.
Please test / comment and evetnually commit.
Regards
Markus
Index: Makefile
Hello,
thanks Stuart for your suggestions.
Updated diff attached.
- straight DISTNAME
- use RULESV instead of V
- fix WANTLIB
Regards
Markus
Index: Makefile
===
RCS file: /cvs/ports/net/snort/Makefile,v
retrieving revision 1.100
On 2019/02/10 20:29, Markus Lude wrote:
> Hello,
>
> attached is an update to snort-2.9.12.
>
> Tested on amd64.
>
> Please test, comment and eventually commit.
>
> Regards
> Markus
>
> Index: Makefile
> =
Hello,
attached is an update to snort-2.9.12.
Tested on amd64.
Please test, comment and eventually commit.
Regards
Markus
Index: Makefile
===
RCS file: /cvs/ports/net/snort/Makefile,v
retrieving revision 1.100
diff -u -p -u -p
This updates Snort to 2.9.11.1.
Release notes + changelog:
https://www.snort.org/downloads/snort/release_notes_2.9.11.1.txt
https://www.snort.org/downloads/snort/changelog_2.9.11.1.txt
In addition, the diff also syncs pkg/README with reality, adds
daemon_timeout=120 to the rc script (since Snort
This updates Snort to 2.9.11, along with these changes/fixes:
* Change all HTTP URLs to HTTPS where appropriate.
* Make sure pkg/README uses the correct Snort rule URL for Snort 2.9.11.
* Remove note in pkg/README about registered users only being allowed to
download the snort.org ruleset every
This updates Snort to 2.9.9.0. Release notes and changelog at:
https://www.snort.org/downloads/snort/release_notes_2.9.9.0.txt
https://www.snort.org/downloads/snort/changelog_2.9.9.0.txt
Tested on amd64.
ok?
Index: Makefile
This updates Snort to 2.9.8.3. Tested on amd64.
It also removes README.session from the packing list since that file no
longer exists.
ok?
Index: Makefile
===
RCS file: /cvs/ports/net/snort/Makefile,v
retrieving revision 1.94
diff
This updates Snort to 2.9.8.2.
Tested with DAQ 2.0.6 (sent earlier) on amd64.
Other minor changes in the port:
- Shortened a line in the pkg/README so that portcheck won't complain.
- Replaced "/var" with ${LOCALSTATEDIR} in pkg/snort.rc.
- Regenerated patches.
ok?
Index
Hello,
attached is an update to snort-2.9.7.3, a bugfix release.
Most of the diff are regenerated patches.
Tested with daq 2.0.5 on i386.
Also at least builds on sparc64.
Please test, comment.
Regards,
Markus
Index: Makefile
On Thu, Jan 08, 2015 at 11:37:16PM -0500, Lawrence Teo wrote:
This updates Snort to 2.9.7.0.
Tested with DAQ 2.0.4 (sent earlier) on amd64.
ok?
your tree is/was not up-to-date.
for example the in-tree version of Makefile is r1.88 and the in-tree
version of the snort package
This updates Snort to 2.9.7.0.
Tested with DAQ 2.0.4 (sent earlier) on amd64.
ok?
Index: Makefile
===
RCS file: /cvs/ports/net/snort/Makefile,v
retrieving revision 1.86
diff -u -p -r1.86 Makefile
--- Makefile4 Jun 2014 03:17:12
This updates Snort to 2.9.6.2, which contains a few improvements.
Release notes are at:
https://www.snort.org/downloads/snort/release_notes_2.9.6.2.txt
snort.org has revamped their website, so this diff also updates
MASTER_SITES accordingly.
Tested on amd64, i386, macppc, and sparc64.
ok
Hi,
I have been having issues with the snort OpenBSD ports package.
I am running the following system:
OpenBSD 5.5 GENERIC.MP#0 amd64
I have installed the snort from the port package. Few seconds after it
starts analyzing packets snort quits due to a segmentation fault.
I have been debugging
Recent work in OpenBSD's network stack delays the calculation of IP and
protocol checksums of outbound packets until very late in the outbound
path. This allows OpenBSD to take advantage of the network interface's
hardware checksum offload capabilities, if available.
However, because Snort
Hello,
attached is an update of snort to the recent version 2.9.6.1.
Please test, comment, and eventually commit.
Regards,
Markus
Index: Makefile
===
RCS file: /cvs/ports/net/snort/Makefile,v
retrieving revision 1.84
diff -u -p -u
On Sun, Jan 26, 2014 at 02:12:06PM +0100, Markus Lude wrote:
Hello,
attached is an update to recent snort 2.9.6.0.
Tested on sparc64 with daq 2.0.2.
Please test, comment, ...
and now with the diff attached ...
Index: Makefile
Hello,
attached is an update of snort to recent version 2.9.5.6.
Please test, comment and eventually commit.
Special thanks to Bhagya Bantwal from Sourcefire for a patch to fix
crashes on sparc64 on first alert.
Regards,
Markus
Index: Makefile
. The problem is older versions of snort (2.8.6) in ports (OpenBSD
release 5.2),
cannot be used with the latest rules from Sourcefire so I'm basically
backporting
it on some of our systems.
The main problem would be mismatch of dependencies in ports on installs?
(btw, with the time_t changes
Hi,
I've been testing this on 5.2 and 5.3 amd64 without issues.
but I've noticed that if I do a 'make update-plist' on net/daq
I get a warning of SHARED_LIBS daq 2.0 vs 2.1 and sfbpf 1.0 vs 0.1.
I've changed the Makefile so I don't get it. Is that the correct
thing to do ?
--
Cheers,
Rodolfo
On 2013/09/24 11:59, Community - Dognaedis wrote:
Hi,
I've been testing this on 5.2 and 5.3 amd64 without issues.
but I've noticed that if I do a 'make update-plist' on net/daq
I get a warning of SHARED_LIBS daq 2.0 vs 2.1 and sfbpf 1.0 vs 0.1.
I've changed the Makefile so I don't get it. Is
On 2013-09-23 at 21:35:19 +0200, Markus Lude wrote:
On Mon, Sep 23, 2013 at 02:31:11PM -0400, Lawrence Teo wrote:
Here's a trivial update to Snort 2.9.5.5 (release notes are at
https://www.snort.org/downloads/2548)
I come up with a similar diff. I recently noticed the rc.d script has
Here's a trivial update to Snort 2.9.5.5 (release notes are at
https://www.snort.org/downloads/2548)
Tested on amd64, i386, macppc.
OK?
Index: Makefile
===
RCS file: /cvs/ports/net/snort/Makefile,v
retrieving revision 1.81
diff -u
On Mon, Sep 23, 2013 at 02:31:11PM -0400, Lawrence Teo wrote:
Here's a trivial update to Snort 2.9.5.5 (release notes are at
https://www.snort.org/downloads/2548)
I come up with a similar diff. I recently noticed the rc.d script has
ownership _snort:_snort. I think it should be owned by root
On Thu, Aug 08, 2013 at 03:21:05PM -0400, Adam Jeanguenat wrote:
On 2013-08-07 at 15:59:44 -0400, Lawrence Teo wrote:
This updates Snort to 2.9.5.3.
While testing I found that since Snort 2.9.4.1, upstream has removed the
ability for Snort to listen on non-Ethernet devices such as our
On 2013-08-07 at 15:59:44 -0400, Lawrence Teo wrote:
This updates Snort to 2.9.5.3.
While testing I found that since Snort 2.9.4.1, upstream has removed the
ability for Snort to listen on non-Ethernet devices such as our
pflog(4) by default. This diff re-enables that ability by using
This updates Snort to 2.9.5.3.
While testing I found that since Snort 2.9.4.1, upstream has removed the
ability for Snort to listen on non-Ethernet devices such as our
pflog(4) by default. This diff re-enables that ability by using the
--enable-non-ether-decoders configure flag.
Tested on amd64
On Tue, Jul 16, 2013 at 04:56:34PM -0400, Adam Jeanguenat wrote:
On 2013-07-11 at 22:33:48 -0400, Lawrence Teo wrote:
On Fri, May 31, 2013 at 07:41:21PM -0400, Lawrence Teo wrote:
This patch fixes two issues with the IPFW DAQ module that's used by
Snort inline:
I would really like
module that's used by
Snort inline:
I would really like to commit these two DAQ fixes so that they can be
included on time for the 5.4 release. These fixes are needed for Snort
to run properly in inline mode.
To recap, this diff fixes two issues:
1. Snort inline does
On 2013-07-11 at 22:33:48 -0400, Lawrence Teo wrote:
On Fri, May 31, 2013 at 07:41:21PM -0400, Lawrence Teo wrote:
This patch fixes two issues with the IPFW DAQ module that's used by
Snort inline:
I would really like to commit these two DAQ fixes so that they can be
included on time
Hi,
Anybody feel like porting Suricata?
I'm reading here (http://www.aldeid.com/wiki/Suricata-vs-snort): Suricata
offers new features that Snort could implement in the future: multi-threading
support, capture accelerators [...snip...] One advantage Suricata has is its
ability to understand
On Fri, May 31, 2013 at 07:41:21PM -0400, Lawrence Teo wrote:
This patch fixes two issues with the IPFW DAQ module that's used by
Snort inline:
I would really like to commit these two DAQ fixes so that they can be
included on time for the 5.4 release. These fixes are needed for Snort
to run
Hello,
attached is an update to recent snort 2.9.5.
Please test, comment, and maybe commit.
Test build and run on sparc64 so far.
Regards,
Markus
Index: Makefile
===
RCS file: /cvs/ports/net/snort/Makefile,v
retrieving revision
On Wed, May 22, 2013 at 09:38:30AM -0400, Lawrence Teo wrote:
On Sat, May 18, 2013 at 03:07:10PM -0400, Lawrence Teo wrote:
This diff updates Snort to 2.9.4.6. Maintainer Markus Lude came up with
the same diff.
Markus has tested this on sparc64 for a week with low traffic. I have
This patch fixes two issues with the IPFW DAQ module that's used by
Snort inline:
1. The ipfw_daq_inject() function ignores the buf and len arguments
that are passed to it, causing packet injection to fail.
Here's the actual function:
static int ipfw_daq_inject (
void* handle, const
On Sat, May 18, 2013 at 03:07:10PM -0400, Lawrence Teo wrote:
This diff updates Snort to 2.9.4.6. Maintainer Markus Lude came up with
the same diff.
Markus has tested this on sparc64 for a week with low traffic. I have
tested this on i386 on a public-facing webserver for more than three
This diff updates Snort to 2.9.4.6. Maintainer Markus Lude came up with
the same diff.
Markus has tested this on sparc64 for a week with low traffic. I have
tested this on i386 on a public-facing webserver for more than three
weeks, and also tested it on amd64 and macppc.
OK?
Index: Makefile
On Tue, Apr 16, 2013 at 10:16:02PM -0400, Lawrence Teo wrote:
On Sun, Apr 14, 2013 at 04:29:57PM +0200, Markus Lude wrote:
Hello,
here's an update to the latest snort version 2.9.4.5.
Please test, comment, commit, ...
Builds on sparc64, run since 2 days on a sparc64 test machine
On Sun, Apr 14, 2013 at 04:29:57PM +0200, Markus Lude wrote:
Hello,
here's an update to the latest snort version 2.9.4.5.
Please test, comment, commit, ...
Builds on sparc64, run since 2 days on a sparc64 test machine (with low
traffic).
I have tested Markus's Snort 2.9.4.5 update
Hello,
here's an update to the latest snort version 2.9.4.5.
Please test, comment, commit, ...
Builds on sparc64, run since 2 days on a sparc64 test machine (with low
traffic).
Regards,
Markus
Index: Makefile
===
RCS file: /cvs
On 03/26/2013 09:22 PM, Markus Lude wrote:
Hello,
here is an update to latest snort 2.9.4.1.
Please test, comment, ...
Regards,
Markus
Thanks Markus.
Compiled and running under OpenBSD 5.2 amd64 without any problems.
On Thu, Mar 28, 2013 at 05:51:30PM +, Rodolfo Gouveia wrote:
On 03/26/2013 09:22 PM, Markus Lude wrote:
Hello,
here is an update to latest snort 2.9.4.1.
Please test, comment, ...
Regards,
Markus
Thanks Markus.
Compiled and running under OpenBSD 5.2 amd64 without any problems
Hello,
here is an update to latest snort 2.9.4.1.
Please test, comment, ...
Regards,
Markus
Index: Makefile
===
RCS file: /cvs/ports/net/snort/Makefile,v
retrieving revision 1.75
diff -u -p -r1.75 Makefile
--- Makefile11 Mar
This diff updates the Snort pkg/README to change the Snort ruleset
download URL from HTTP to HTTPS to avoid exposing the oinkcode in
transit (suggested by David Hill a while ago).
It also adds a note that registered users without a paid subscription
are only allowed to download the official Snort
This DAQ/Snort update is from Markus Lude (maintainer), and also
includes a snort.conf patch from me that Markus has OK'ed. The
snort.conf patch ensures that Snort will load the latest Snort ruleset
since the rule files have been reorganized by upstream. It also
excludes local.rules by default
On Wed, Jan 09, 2013 at 11:01:59PM +0100, Markus Lude wrote:
On Tue, Jan 08, 2013 at 11:05:27PM -0500, Lawrence Teo wrote:
I have tested both diffs and here are my comments. The Snort rule
categories are going through a reorganization (please see
http://blog.snort.org/2012/10/rule-category
On Sat, Dec 15, 2012 at 07:20:53PM +0100, Markus Lude wrote:
Hello,
attached are updates of daq to version 2.0.0 and snort to version
2.9.4.0. Build on i386 and sparc64 works. Been running it on sparc64 for
two days with low traffic.
Upgraded it from 2.9.3 and running it under amd64 on 5.2
On Tue, Jan 08, 2013 at 11:05:27PM -0500, Lawrence Teo wrote:
On Sat, Dec 15, 2012 at 07:20:53PM +0100, Markus Lude wrote:
Hello,
attached are updates of daq to version 2.0.0 and snort to version
2.9.4.0. Build on i386 and sparc64 works. Been running it on sparc64 for
two days with low
On Sat, Dec 15, 2012 at 07:20:53PM +0100, Markus Lude wrote:
Hello,
attached are updates of daq to version 2.0.0 and snort to version
2.9.4.0. Build on i386 and sparc64 works. Been running it on sparc64 for
two days with low traffic.
Please test, comment.
Hi Markus,
Thank you
Hello,
attached are updates of daq to version 2.0.0 and snort to version
2.9.4.0. Build on i386 and sparc64 works. Been running it on sparc64 for
two days with low traffic.
Please test, comment.
Regards,
Markus
Index: net/daq/Makefile
. Users may add this themselves.
include $RULE_PATH/emerging.conf
may be enough then.
Thanks, I have updated snort.conf accordingly.
* In pkg/README, describe how to download both the official Snort rules
as well as the Emerging Threats rules. Also provide some guidance on
how
may be enough then.
Thanks, I have updated snort.conf accordingly.
* In pkg/README, describe how to download both the official Snort rules
as well as the Emerging Threats rules. Also provide some guidance on
how to use oinkmaster to download the rules.
I think guidance on how to use
On Wed, Oct 03, 2012 at 10:08:10PM -0400, Lawrence Teo wrote:
On Wed, Oct 03, 2012 at 11:19:43PM +0200, Markus Lude wrote:
On Tue, Oct 02, 2012 at 11:00:53AM +0100, Stuart Henderson wrote:
On 2012/10/01 22:56, Lawrence Teo wrote:
This diff adds an rc.d script for Snort.
It also
an unnecessary VERSION
variable.
OK with you Markus?
Index: snort/Makefile
===
RCS file: /cvs/ports/net/snort/Makefile,v
retrieving revision 1.68
diff -u -p -w -r1.68 Makefile
--- snort/Makefile 26 Sep 2012 02:11:05
On 2012-10-03 at 22:08:10 -0400, Lawrence Teo wrote:
Index: pkg/README
===
RCS file: /home/lteo/cvsync/cvs/ports/net/snort/pkg/README,v
retrieving revision 1.1
diff -u -p -r1.1 README
--- pkg/README26 Sep 2012 02:11:05
On Thu, Oct 04, 2012 at 08:52:36AM -0400, Adam Jeanguenat wrote:
On 2012-10-03 at 22:08:10 -0400, Lawrence Teo wrote:
Index: pkg/README
===
RCS file: /home/lteo/cvsync/cvs/ports/net/snort/pkg/README,v
retrieving revision 1.1
experience -- to remain active than the previously-used URLs.
As a point of clarification, I spoke with Joel Esler at Sourcefire and
he said he would ensure the web team keeps the snort-current URL scheme
around and functioning, as it has been for some time now.
Alternatively, he mentioned FreeBSD's
rules tarball using the 'sub-rules' URL
with my oinkcode.
Thanks for clarifying this. I use paid subscriptions and didn't have a
chance to register a new account and test with a non-paid oink code.
Without the clarification, some confusion could arise in the future.
For example, when a new Snort
version.
Those are just redirects to the AWS storage, and more likely -- in my
experience -- to remain active than the previously-used URLs.
As a point of clarification, I spoke with Joel Esler at Sourcefire and
he said he would ensure the web team keeps the snort-current URL scheme
around
Here's the revised diff, where the only change is to replace 'sub-rules'
with 'reg-rules' in the download URLs that was done based on Adam's
feedback. This helps ensure that users without a paid subscription to
the official Snort rules can still download the rules using the steps in
pkg/README
On Tue, Oct 02, 2012 at 11:00:53AM +0100, Stuart Henderson wrote:
On 2012/10/01 22:56, Lawrence Teo wrote:
This diff adds an rc.d script for Snort.
It also modifies the pkg/README file to mention the rc.d script, and
adds a note that rules need to be present in /etc/snort/rules for Snort
: snort/Makefile
===
RCS file: /cvs/ports/net/snort/Makefile,v
retrieving revision 1.68
diff -u -p -w -r1.68 Makefile
--- snort/Makefile26 Sep 2012 02:11:05 - 1.68
+++ snort/Makefile26 Sep 2012 08:22:45 -
@@ -4,12
On Wed, Oct 03, 2012 at 11:19:43PM +0200, Markus Lude wrote:
On Tue, Oct 02, 2012 at 11:00:53AM +0100, Stuart Henderson wrote:
On 2012/10/01 22:56, Lawrence Teo wrote:
This diff adds an rc.d script for Snort.
It also modifies the pkg/README file to mention the rc.d script, and
adds
On 2012-10-01 at 22:56:43 -0400, Lawrence Teo wrote:
This diff adds an rc.d script for Snort.
It also modifies the pkg/README file to mention the rc.d script, and
adds a note that rules need to be present in /etc/snort/rules for Snort
to work as an IDS (since `/etc/rc.d/snort start
On 2012/10/01 22:56, Lawrence Teo wrote:
This diff adds an rc.d script for Snort.
It also modifies the pkg/README file to mention the rc.d script, and
adds a note that rules need to be present in /etc/snort/rules for Snort
to work as an IDS (since `/etc/rc.d/snort start` will fail if rules
This diff adds an rc.d script for Snort.
It also modifies the pkg/README file to mention the rc.d script, and
adds a note that rules need to be present in /etc/snort/rules for Snort
to work as an IDS (since `/etc/rc.d/snort start` will fail if rules
don't exist in that directory).
Looking
it moves MASTER_SITES to the normal place
now it doesn't need to be updated per-release, moves SHARED_LIBS
to the normal place for daq, and doesn't use an unnecessary VERSION
variable.
OK with you Markus?
Index: snort/Makefile
On 2012-09-25 at 23:04:52 -0400, Lawrence Teo wrote:
On Mon, Sep 24, 2012 at 12:42:19PM -0400, Adam Jeanguenat wrote:
I've also given this some testing on -current i386 and have no issues
to report. Great work.
Looking at http://lteo.net/stuff/snort-2.9.3.1.diff2, I noticed
On Mon, Sep 24, 2012 at 12:42:19PM -0400, Adam Jeanguenat wrote:
I've also given this some testing on -current i386 and have no issues
to report. Great work.
Looking at http://lteo.net/stuff/snort-2.9.3.1.diff2, I noticed the
use of the auto-generated download IDs as the MASTER_SITES
an earlier version on macppc as well.
Retested this second diff, no issues on macppc. OK!
I've also given this some testing on -current i386 and have no issues
to report. Great work.
Looking at http://lteo.net/stuff/snort-2.9.3.1.diff2, I noticed the
use of the auto-generated download IDs
on macppc. OK!
The current Snort port in our tree is extremely out-of-date, so I would
really like to get this update in, along with the new DAQ port that
Snort now depends on.
Looking for ok's to commit.
Thank you,
Lawrence
On Tue, Sep 11, 2012 at 03:11:26PM -0400, Lawrence Teo wrote:
On Sat, Sep 01, 2012 at 09:32:15PM +0200, Markus Lude wrote:
Hello,
here's an update to the latest snort version 2.9.3.1.
I dropped the flexresp flavor, configure param --enable-flexresp3 is now
default. Database output
+12,3 @@ Snort has three primary functional modes
like tcpdump(1), a packet logger (useful for network traffic
debugging, etc), or as a full blown network intrusion detection and
prevention
system.
-
-Available flavors:
- postgresql - enable postgresql database logging support
1 - 100 of 187 matches
Mail list logo
