[Midnightbsd-cvs] mports: security/snort: add snort

Thu Jun 12 16:43:16 EDT 2008

Log Message:
-----------
add snort

Added Files:
-----------
    mports/security/snort:
        Makefile (r1.1)
        distinfo (r1.1)
        pkg-descr (r1.1)
        pkg-plist (r1.1)
    mports/security/snort/files:
        extra-patch-src-sf_snort_plugin_api.h (r1.1)
        patch-snort.conf (r1.1)
        pkg-message-dynamicplugin (r1.1)
        pkg-message.in (r1.1)
        snort.sh.in (r1.1)

-------------- next part --------------

--- /dev/null
+++ security/snort/pkg-descr
@@ -0,0 +1,21 @@
+Snort is a libpcap-based packet sniffer/logger which can be used as a 
+lightweight network intrusion detection system. It features rules based logging
+and can perform content searching/matching in addition to being used to detect 
+a variety of other attacks and probes, such as buffer overflows, stealth port
+scans, CGI attacks, SMB probes, and much more. Snort has a real-time alerting 
+capability, with alerts being sent to syslog, a separate "alert" file, or even
+to a Windows computer via Samba.
+
+Packets are logged in their decoded form to directories which are generated
+based upon the IP address of the remote peer.  This allows Snort to be used as
+a sort of "poor man's intrusion detection system" if you specify what traffic
+you want to record and what to let through.
+
+For instance, I use it to record traffic of interest to the six computers in 
+my office at work while I'm away on travel or gone for the weekend.  It's 
+also nice for debugging network code since it shows you most of the Important 
+Stuff(TM) about your packets (as I see it anyway).  The code is pretty easy
+to modify to provide more complete packet decoding, so feel free to make 
+suggestions.
+
+WWW: http://www.snort.org/
--- /dev/null
+++ security/snort/pkg-plist
@@ -0,0 +1,151 @@
+ at comment $FreeBSD: ports/security/snort/pkg-plist,v 1.29 2008/04/09 09:57:59 clsung Exp $
+bin/snort
+ at unexec if cmp  -s %D/etc/snort/classification.config-sample %D/etc/snort/classification.config; then rm -f %D/etc/snort/classification.config; fi
+etc/snort/classification.config-sample
+ at exec if [ ! -f %D/etc/snort/classification.config ] ; then cp -p %D/%F %B/classification.config; fi
+ at unexec if cmp  -s %D/etc/snort/gen-msg.map-sample %D/etc/snort/gen-msg.map; then rm -f %D/etc/snort/gen-msg.map; fi
+etc/snort/gen-msg.map-sample
+ at exec if [ ! -f %D/etc/snort/gen-msg.map ] ; then cp -p %D/%F %B/gen-msg.map; fi
+ at unexec if cmp  -s %D/etc/snort/reference.config-sample %D/etc/snort/reference.config; then rm -f %D/etc/snort/reference.config; fi
+etc/snort/reference.config-sample
+ at exec if [ ! -f %D/etc/snort/reference.config ] ; then cp -p %D/%F %B/reference.config; fi
+ at unexec if cmp  -s %D/etc/snort/sid-msg.map-sample %D/etc/snort/sid-msg.map; then rm -f %D/etc/snort/sid-msg.map; fi
+etc/snort/sid-msg.map-sample
+ at exec if [ ! -f %D/etc/snort/sid-msg.map ] ; then cp -p %D/%F %B/sid-msg.map; fi
+ at unexec if cmp  -s %D/etc/snort/snort.conf-sample %D/etc/snort/snort.conf; then rm -f %D/etc/snort/snort.conf; fi
+etc/snort/snort.conf-sample
+ at exec if [ ! -f %D/etc/snort/snort.conf ] ; then cp -p %D/%F %B/snort.conf; fi
+ at unexec if cmp  -s %D/etc/snort/threshold.conf-sample %D/etc/snort/threshold.conf; then rm -f %D/etc/snort/threshold.conf; fi
+etc/snort/threshold.conf-sample
+ at exec if [ ! -f %D/etc/snort/threshold.conf ] ; then cp -p %D/%F %B/threshold.conf; fi
+ at unexec if cmp  -s %D/etc/snort/unicode.map-sample %D/etc/snort/unicode.map; then rm -f %D/etc/snort/unicode.map; fi
+etc/snort/unicode.map-sample
+ at exec if [ ! -f %D/etc/snort/unicode.map ] ; then cp -p %D/%F %B/unicode.map; fi
+ at dirrmtry etc/snort/rules
+ at dirrmtry etc/snort
+%%DYNAMIC%%src/snort_dynamicsrc/bitop.h
+%%DYNAMIC%%src/snort_dynamicsrc/debug.h
+%%DYNAMIC%%src/snort_dynamicsrc/pcap_pkthdr32.h
+%%DYNAMIC%%src/snort_dynamicsrc/preprocids.h
+%%DYNAMIC%%src/snort_dynamicsrc/profiler.h
+%%DYNAMIC%%src/snort_dynamicsrc/sf_dynamic_common.h
+%%DYNAMIC%%src/snort_dynamicsrc/sf_dynamic_meta.h
+%%DYNAMIC%%src/snort_dynamicsrc/sf_dynamic_preproc_lib.c
+%%DYNAMIC%%src/snort_dynamicsrc/sf_dynamic_preproc_lib.h
+%%DYNAMIC%%src/snort_dynamicsrc/sf_dynamic_preprocessor.h
+%%DYNAMIC%%src/snort_dynamicsrc/sf_snort_packet.h
+%%DYNAMIC%%src/snort_dynamicsrc/sf_snort_plugin_api.h
+%%DYNAMIC%%src/snort_dynamicsrc/sfghash.h
+%%DYNAMIC%%src/snort_dynamicsrc/sfhashfcn.h
+%%DYNAMIC%%src/snort_dynamicsrc/sfsnort_dynamic_detection_lib.c
+%%DYNAMIC%%src/snort_dynamicsrc/sfsnort_dynamic_detection_lib.h
+%%DYNAMIC%%src/snort_dynamicsrc/str_search.h
+%%DYNAMIC%%src/snort_dynamicsrc/stream_api.h
+%%DYNAMIC%%@dirrmtry src/snort_dynamicsrc
+%%DYNAMIC%%@dirrmtry src
+%%DYNAMIC%%lib/snort/dynamicengine/libsf_engine.so
+%%DYNAMIC%%lib/snort/dynamicengine/libsf_engine.so.0
+%%DYNAMIC%%lib/snort/dynamicengine/libsf_engine.la
+%%DYNAMIC%%lib/snort/dynamicengine/libsf_engine.a
+%%DYNAMIC%%@dirrmtry lib/snort/dynamicengine
+%%DYNAMIC%%lib/snort/dynamicrules/lib_sfdynamic_example_rule.so
+%%DYNAMIC%%lib/snort/dynamicrules/lib_sfdynamic_example_rule.so.0
+%%DYNAMIC%%lib/snort/dynamicrules/lib_sfdynamic_example_rule.la
+%%DYNAMIC%%lib/snort/dynamicrules/lib_sfdynamic_example_rule.a
+%%DYNAMIC%%@dirrmtry lib/snort/dynamicrules
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/lib_sfdynamic_preprocessor_example.a
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/lib_sfdynamic_preprocessor_example.la
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/lib_sfdynamic_preprocessor_example.so
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/lib_sfdynamic_preprocessor_example.so.0
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/libsf_dcerpc_preproc.a
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/libsf_dcerpc_preproc.la
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/libsf_dcerpc_preproc.so
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/libsf_dcerpc_preproc.so.0
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/libsf_dns_preproc.a
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/libsf_dns_preproc.la
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/libsf_dns_preproc.so
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/libsf_dns_preproc.so.0
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/libsf_ftptelnet_preproc.a
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/libsf_ftptelnet_preproc.la
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/libsf_ftptelnet_preproc.so
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/libsf_ftptelnet_preproc.so.0
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/libsf_smtp_preproc.a
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/libsf_smtp_preproc.la
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/libsf_smtp_preproc.so
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/libsf_smtp_preproc.so.0
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/libsf_ssh_preproc.a
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/libsf_ssh_preproc.la
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/libsf_ssh_preproc.so
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/libsf_ssh_preproc.so.0
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/libsf_ssl_preproc.a
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/libsf_ssl_preproc.la
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/libsf_ssl_preproc.so
+%%DYNAMIC%%lib/snort/dynamicpreprocessor/libsf_ssl_preproc.so.0
+%%DYNAMIC%%@dirrmtry lib/snort/dynamicpreprocessor
+%%DYNAMIC%%@dirrmtry lib/snort
+%%EXAMPLESDIR%%/classification.config-sample
+%%EXAMPLESDIR%%/create_db2
+%%EXAMPLESDIR%%/create_mssql
+%%EXAMPLESDIR%%/create_mysql
+%%EXAMPLESDIR%%/create_oracle.sql
+%%EXAMPLESDIR%%/create_postgresql
+%%EXAMPLESDIR%%/gen-msg.map-sample
+%%EXAMPLESDIR%%/reference.config-sample
+%%EXAMPLESDIR%%/sid-msg.map-sample
+%%EXAMPLESDIR%%/snort.conf-sample
+%%EXAMPLESDIR%%/threshold.conf-sample
+%%EXAMPLESDIR%%/unicode.map-sample
+ at dirrm %%EXAMPLESDIR%%
+%%PORTDOCS%%%%DOCSDIR%%/AUTHORS
+%%PORTDOCS%%%%DOCSDIR%%/BUGS
+%%PORTDOCS%%%%DOCSDIR%%/CREDITS
+%%PORTDOCS%%%%DOCSDIR%%/INSTALL
+%%PORTDOCS%%%%DOCSDIR%%/NEWS
+%%PORTDOCS%%%%DOCSDIR%%/PROBLEMS
+%%PORTDOCS%%%%DOCSDIR%%/README
+%%PORTDOCS%%%%DOCSDIR%%/README.ARUBA
+%%PORTDOCS%%%%DOCSDIR%%/README.FLEXRESP
+%%PORTDOCS%%%%DOCSDIR%%/README.FLEXRESP2
+%%PORTDOCS%%%%DOCSDIR%%/README.INLINE
+%%PORTDOCS%%%%DOCSDIR%%/README.PLUGINS
+%%PORTDOCS%%%%DOCSDIR%%/README.PerfProfiling
+%%PORTDOCS%%%%DOCSDIR%%/README.SMTP
+%%PORTDOCS%%%%DOCSDIR%%/README.UNSOCK
+%%PORTDOCS%%%%DOCSDIR%%/README.WIN32
+%%PORTDOCS%%%%DOCSDIR%%/README.alert_order
+%%PORTDOCS%%%%DOCSDIR%%/README.asn1
+%%PORTDOCS%%%%DOCSDIR%%/README.csv
+%%PORTDOCS%%%%DOCSDIR%%/README.database
+%%PORTDOCS%%%%DOCSDIR%%/README.dcerpc
+%%PORTDOCS%%%%DOCSDIR%%/README.decode
+%%PORTDOCS%%%%DOCSDIR%%/README.dns
+%%PORTDOCS%%%%DOCSDIR%%/README.event_queue
+%%PORTDOCS%%%%DOCSDIR%%/README.flow
+%%PORTDOCS%%%%DOCSDIR%%/README.flow-portscan
+%%PORTDOCS%%%%DOCSDIR%%/README.flowbits
+%%PORTDOCS%%%%DOCSDIR%%/README.frag3
+%%PORTDOCS%%%%DOCSDIR%%/README.ftptelnet
+%%PORTDOCS%%%%DOCSDIR%%/README.gre
+%%PORTDOCS%%%%DOCSDIR%%/README.http_inspect
+%%PORTDOCS%%%%DOCSDIR%%/README.ipip
+%%PORTDOCS%%%%DOCSDIR%%/README.ipv6
+%%PORTDOCS%%%%DOCSDIR%%/README.pcap_readmode
+%%PORTDOCS%%%%DOCSDIR%%/README.ppm
+%%PORTDOCS%%%%DOCSDIR%%/README.sfportscan
+%%PORTDOCS%%%%DOCSDIR%%/README.ssh
+%%PORTDOCS%%%%DOCSDIR%%/README.ssl
+%%PORTDOCS%%%%DOCSDIR%%/README.stream4
+%%PORTDOCS%%%%DOCSDIR%%/README.stream5
+%%PORTDOCS%%%%DOCSDIR%%/README.tag
+%%PORTDOCS%%%%DOCSDIR%%/README.thresholding
+%%PORTDOCS%%%%DOCSDIR%%/README.variables
+%%PORTDOCS%%%%DOCSDIR%%/README.wireless
+%%PORTDOCS%%%%DOCSDIR%%/RELEASE.NOTES
+%%PORTDOCS%%%%DOCSDIR%%/TODO
+%%PORTDOCS%%%%DOCSDIR%%/USAGE
+%%PORTDOCS%%%%DOCSDIR%%/WISHLIST
+%%PORTDOCS%%%%DOCSDIR%%/faq.pdf
+%%PORTDOCS%%%%DOCSDIR%%/generators
+%%PORTDOCS%%%%DOCSDIR%%/snort_manual.pdf
+%%PORTDOCS%%%%DOCSDIR%%/snort_schema_v106.pdf
+%%PORTDOCS%%@dirrm %%DOCSDIR%%
--- /dev/null
+++ security/snort/Makefile
@@ -0,0 +1,172 @@
+# New ports collection makefile for:	snort
+# Date created:		Mon Aug  2 12:04:08 CEST 1999
+# Whom:			Dirk Froemberg <dirk at FreeBSD.org>
+#
+# $FreeBSD: ports/security/snort/Makefile,v 1.98 2008/06/09 06:16:02 clsung Exp $
+# $MidnightBSD: mports/security/snort/Makefile,v 1.1 2008/06/12 20:43:14 crash Exp $
+
+PORTNAME=	snort
+PORTVERSION=	2.8.2
+PORTREVISION=	1
+CATEGORIES=	security
+MASTER_SITES=	http://www.snort.org/dl/current/
+
+MAINTAINER=	ports at MidnightBSD.org
+COMMENT=	Lightweight network intrusion detection system
+LICENSE=        gpl2
+LIB_DEPENDS=	pcre.0:${PORTSDIR}/devel/pcre
+
+CONFLICTS?=	snort-1.* snort-2.[0-7].*
+
+OPTIONS=	DYNAMIC "Enable dynamic plugin support" on \
+		FLEXRESP "Flexible response to events" off \
+		FLEXRESP2 "Flexible response to events (version 2)" off \
+		MYSQL "Enable MySQL support" off \
+		ODBC "Enable ODBC support" off \
+		POSTGRESQL "Enable PostgreSQL support" off \
+		PRELUDE "Enable Prelude NIDS integration" off \
+		PERPROFILE "Enable Performance Profiling" off
+
+USE_RC_SUBR=	snort.sh
+SUB_FILES=	pkg-message
+GNU_CONFIGURE=	yes
+CONFIGURE_ENV=	LDFLAGS="${LDFLAGS}"
+CONFIGURE_TARGET=	--build=${MACHINE_ARCH}-portbld-freebsd${OSREL}
+
+CONFIG_DIR?=	${PREFIX}/etc/snort
+CONFIG_FILES=	classification.config gen-msg.map reference.config \
+		sid-msg.map snort.conf threshold.conf unicode.map
+RULES_DIR=	${PREFIX}/etc/snort/rules
+LOGS_DIR=	/var/log/snort
+
+MAN8=		snort.8
+DOCS=		RELEASE.NOTES doc/AUTHORS doc/BUGS doc/CREDITS \
+		doc/README* doc/USAGE doc/*.pdf
+
+.include <bsd.port.pre.mk>
+
+.if ${OSVERSION} < 500036
+EXTRA_PATCHES+=	${FILESDIR}/extra-patch-src-sf_snort_plugin_api.h
+.endif
+
+.if defined(WITH_FLEXRESP)
+LIBNET_CONFIG?=		${LOCALBASE}/bin/libnet10-config
+.elif defined(WITH_FLEXRESP2)
+LIBNET_CONFIG?=		${LOCALBASE}/bin/libnet11-config
+.endif
+
+.if exists(${LIBNET_CONFIG})
+LIBNET_CFLAGS!=	${LIBNET_CONFIG} --cflags
+LIBNET_LIBS!=	${LIBNET_CONFIG} --libs
+LIBNET_INCDIR=	${LIBNET_CFLAGS:M-I*:S/-I//}
+LIBNET_LIBDIR=	${LIBNET_LIBS:M-L*:S/-L//}
+.endif
+
+.if !defined(WITHOUT_DYNAMIC)
+USE_AUTOTOOLS=	libtool:15
+USE_LDCONFIG=	yes
+CONFIGURE_ARGS+=	--enable-dynamicplugin
+PLIST_SUB+=	DYNAMIC=""
+.else
+PLIST_SUB+=	DYNAMIC="@comment "
+.endif
+
+.if defined(WITH_FLEXRESP)
+.if defined(WITH_FLEXRESP2)
+IGNORE=			options FLEXRESP and FLEXRESP2 are mutually exclusive
+.endif
+BUILD_DEPENDS+=		${LIBNET_CONFIG}:${PORTSDIR}/net/libnet10
+CONFIGURE_ARGS+=	--enable-flexresp \
+			--with-libnet-includes=${LIBNET_INCDIR} \
+			--with-libnet-libraries=${LIBNET_LIBDIR}
+.endif
+
+.if defined(WITH_FLEXRESP2)
+BUILD_DEPENDS+=		${LIBNET_CONFIG}:${PORTSDIR}/net/libnet \
+			libdnet*>=1.10_1:${PORTSDIR}/net/libdnet
+CONFIGURE_ARGS+=	--enable-flexresp2 \
+			--with-libnet-includes=${LIBNET_INCDIR} \
+			--with-libnet-libraries=${LIBNET_LIBDIR}
+.endif
+
+.if defined(WITH_MYSQL)
+USE_MYSQL=		yes
+CONFIGURE_ARGS+=	--with-mysql=${LOCALBASE}
+.else
+CONFIGURE_ARGS+=	--with-mysql=no
+.endif
+
+.if defined(WITH_ODBC)
+LIB_DEPENDS+=		odbc.1:${PORTSDIR}/databases/unixODBC
+CONFIGURE_ARGS+=	--with-odbc=${LOCALBASE}
+LDFLAGS+=		${PTHREAD_LIBS}
+.else
+CONFIGURE_ARGS+=	--with-odbc=no
+.endif
+
+.if defined(WITH_POSTGRESQL)
+USE_PGSQL=		yes
+CONFIGURE_ARGS+=	--with-postgresql=${LOCALBASE}
+.if exists(/usr/lib/libssl.a) && exists(/usr/lib/libcrypto.a)
+LDFLAGS+=		-lssl -lcrypto
+.endif
+.else
+CONFIGURE_ARGS+=	--with-postgresql=no
+.endif
+
+.if defined(WITH_PRELUDE)
+LIB_DEPENDS+=		prelude.14:${PORTSDIR}/security/libprelude
+CONFIGURE_ARGS+=	--enable-prelude
+PLIST_SUB+=		PRELUDE=""
+.else
+CONFIGURE_ARGS+=	--disable-prelude
+PLIST_SUB+=		PRELUDE="@comment "
+.endif
+
+.if defined(WITH_PERPROFILE)
+CONFIGURE_ARGS+=	--enable-perfprofiling
+.endif
+
+post-patch:
+	${FIND} ${WRKSRC} -name 'Makefile.in' | ${XARGS} ${REINPLACE_CMD} -e \
+	    's|lib/snort_|lib/snort/|g'
+	${REINPLACE_CMD} "s,/etc/snort.conf,${CONFIG_DIR}/snort.conf," \
+		${WRKSRC}/src/snort.c ${WRKSRC}/snort.8
+	${REINPLACE_CMD} -e 's|lib/snort_|lib/snort/|g' ${WRKSRC}/etc/snort.conf
+.if defined(WITH_FLEXRESP) || defined(WITH_FLEXRESP2)
+	${REINPLACE_CMD} -e 's|libnet-config|${LIBNET_CONFIG}|g' ${WRKSRC}/configure
+.endif
+.if defined(WITHOUT_DYNAMIC)
+	${REINPLACE_CMD} -e "s,-am: install-libLTLIBRARIES,-am:," \
+		${WRKSRC}/src/dynamic-plugins/sf_engine/Makefile.in
+.endif
+
+pre-configure:
+.if defined(WITHOUT_DYNAMIC)
+	@${CAT} ${PATCHDIR}/pkg-message-dynamicplugin
+	@sleep 5
+.endif
+
+post-install:
+.if !defined(WITHOUT_DYNAMIC)
+	@${LIBTOOL} --finish ${LOCALBASE}/snort/dynamicpreprocessor
+.endif
+	[ -d ${CONFIG_DIR} ] || ${MKDIR} ${CONFIG_DIR}
+	[ -d ${EXAMPLESDIR} ] || ${MKDIR} ${EXAMPLESDIR}
+	[ -d ${RULES_DIR} ] || ${MKDIR} ${RULES_DIR}
+	[ -d ${LOGS_DIR} ] || ${MKDIR} ${LOGS_DIR}
+.for f in ${CONFIG_FILES}
+	${INSTALL_DATA} ${WRKSRC}/etc/${f} ${CONFIG_DIR}/${f}-sample
+	${INSTALL_DATA} ${WRKSRC}/etc/${f} ${EXAMPLESDIR}/${f}-sample
+	@if [ ! -f ${CONFIG_DIR}/${f} ]; then \
+		${CP} -p ${CONFIG_DIR}/${f}-sample ${CONFIG_DIR}/${f} ; \
+	fi
+.endfor
+	${INSTALL_DATA} ${WRKSRC}/schemas/create* ${EXAMPLESDIR}
+.if !defined(NOPORTDOCS)
+	@${MKDIR} ${DOCSDIR}
+	cd ${WRKSRC} && ${INSTALL_DATA} ${DOCS} ${DOCSDIR}
+.endif
+	@${CAT} ${PKGMESSAGE}
+
+.include <bsd.port.post.mk>
--- /dev/null
+++ security/snort/distinfo
@@ -0,0 +1,3 @@
+MD5 (snort-2.8.2.tar.gz) = ce431672bdfd9e9730871a5f80a43550
+SHA256 (snort-2.8.2.tar.gz) = 36911561edf0d46970b0867c31a5f3ccd33ef90471e18dee2e4af789265eb10f
+SIZE (snort-2.8.2.tar.gz) = 4375116
--- /dev/null
+++ security/snort/files/snort.sh.in
@@ -0,0 +1,44 @@
+#!/bin/sh
+# $FreeBSD: ports/security/snort/files/snort.sh.in,v 1.3 2007/06/14 02:51:01 clsung Exp $
+
+# PROVIDE: snort
+# REQUIRE: DAEMON
+# BEFORE: LOGIN
+# KEYWORD: shutdown
+
+# Add the following lines to /etc/rc.conf to enable snort:
+# snort_enable (bool):		Set to YES to enable snort
+# 				Default: NO
+# snort_flags (str):		Extra flags passed to snort
+#				Default: -Dq
+# snort_interface (str):	Network interface to sniff
+#				Default: "" 
+# snort_conf (str):		Snort configuration file
+#				Default: ${PREFIX}/etc/snort/snort.conf
+# snort_expression (str):	filter expression
+#				If your expression is very long, set 
+#				kern.ps_arg_cache_limit sysctl variable
+#				to large value. Otherwise, snort won't
+#				restart!
+#				Default: ""
+#
+
+. %%RC_SUBR%%
+
+name="snort"
+rcvar=`set_rcvar`
+
+command="%%PREFIX%%/bin/snort"
+
+load_rc_config $name
+
+[ -z "$snort_enable" ]    && snort_enable="NO"
+[ -z "$snort_conf" ]      && snort_conf="%%PREFIX%%/etc/snort/snort.conf"
+[ -z "$snort_flags" ]     && snort_flags="-Dq"
+
+[ -n "$snort_interface" ] && snort_flags="$snort_flags -i $snort_interface" \
+                          && pidfile="/var/run/snort_${snort_interface}.pid"
+[ -n "$snort_conf" ]      && snort_flags="$snort_flags -c $snort_conf"
+[ -n "$snort_expression" ] && snort_flags="$snort_flags $snort_expression"
+
+run_rc_command "$1"
--- /dev/null
+++ security/snort/files/pkg-message.in
@@ -0,0 +1,12 @@
+=========================================================================
+Snort uses rcNG startup script and must be enabled via /etc/rc.conf
+Please see %%PREFIX%%/etc/rc.d/snort
+for list of available variables and their description.
+Configuration files are located in %%PREFIX%%/etc/snort directory.
+
+NOTE: Starting with Snort 2.4.0 (released on 2005-04-22) 
+      the rules are no longer included with the distribution.
+      Please download them from http://www.snort.org/rules/.
+      You might consider installing security/oinkmaster port to simplify
+      rules downloads and updates.
+=========================================================================
--- /dev/null
+++ security/snort/files/extra-patch-src-sf_snort_plugin_api.h
@@ -0,0 +1,12 @@
+--- src/dynamic-plugins/sf_engine/sf_snort_plugin_api.h.orig	Fri Feb  3 01:49:10 2006
++++ src/dynamic-plugins/sf_engine/sf_snort_plugin_api.h	Wed Sep  6 13:53:28 2006
+@@ -36,8 +36,8 @@
+ #include "stdio.h"
+ 
+ #ifndef WIN32
+-#include <netinet/in.h>
+ #include <sys/types.h>
++#include <netinet/in.h>
+ #else
+ typedef unsigned char u_int8_t;
+ typedef unsigned short u_int16_t;
--- /dev/null
+++ security/snort/files/patch-snort.conf
@@ -0,0 +1,13 @@
+--- etc/snort.conf.orig	Thu Aug  5 11:55:37 2004
++++ etc/snort.conf	Wed Aug 11 15:52:47 2004
+@@ -106,8 +106,8 @@
+ # Path to your rules files (this can be a relative path)
+ # Note for Windows users:  You are advised to make this an absolute path,
+ # such as:  c:\snort\rules
+-var RULE_PATH ../rules
++var RULE_PATH ./rules
+-var PREPROC_RULE_PATH ../preproc_rules
++var PREPROC_RULE_PATH ./preproc_rules
+ 
+ # Configure the snort decoder
+ # ============================
--- /dev/null
+++ security/snort/files/pkg-message-dynamicplugin
@@ -0,0 +1,12 @@
+=========================================================================
+NOTE: The port has been configured without support for dynamic plugins.
+      It is recommended that you enable dynamic plugins by pressing
+      Ctrl-C now, run 'make config' and enable the DYNAMIC option.
+
+      If you choose not to enable dynamic plugins, the default Snort
+      configuration file may reference some dynamic plugins and
+      preprocessors that may cause Snort to not work properly or throw
+      errors. Please read the Snort documentation for more information
+      regarding dynamic plugins and which configuration directives
+      are affected.
+=========================================================================
