File: rules

package info (click to toggle)
snort 2.9.7.0-5
  • links: PTS, VCS
  • area: main
  • in suites: bullseye, buster, sid, stretch
  • size: 55,000 kB
  • ctags: 38,464
  • sloc: ansic: 266,667; sh: 12,508; makefile: 2,908; yacc: 497; perl: 496; lex: 261; sed: 14
file content (262 lines) | stat: -rwxr-xr-x 8,510 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
#!/usr/bin/make -f
#-*- makefile -*-
# Rules file for Snort, developed by Javier Fernandez-Sanguino
# Made with the aid of dh_make, by Craig Small
# Sample debian/rules that uses debhelper. GNU copyright 1997 by Joey Hess.
# Some lines taken from debmake, by Christoph Lameter.
#

export DH_VERBOSE=1

DPKG_EXPORT_BUILDFLAGS = 1
include /usr/share/dpkg/buildflags.mk

# Enable all hardening features as Snort is a network "listener" of sorts
export DEB_BUILD_MAINT_OPTIONS = hardening=+all

TMP=`pwd`/debian

CFLAGS +=-D_GNU_SOURCE

ifneq (,$(findstring debug,$(DEB_BUILD_OPTIONS)))
	CFLAGS += -g
endif
ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS)))
	INSTALL_PROGRAM += -s
endif

export CFLAGS

CONFFLAGS= --prefix=/usr \
	--bindir=\$$\{exec_prefix\}/sbin \
	--mandir=\$$\{exec_prefix\}/share/man \
	--enable-zlib \
	--enable-ipv6 \
	--enable-gre \
	--enable-mpls \
	--enable-targetbased \
	--enable-ppm \
	--enable-perfprofiling \
	--enable-active-response \
	--enable-normalizer \
	--enable-reload \
	--enable-react \
	--enable-flexresp3

aclocal.m4:
	aclocal-1.9 -I m4/
	automake-1.9 -i
	autoconf

clean-sources:
	# Clean the sources
	[ ! -f Makefile ] ||  $(MAKE) distclean
	cd src &&  [ ! -f Makefile ] || $(MAKE) distclean
# Remove the flag that indicated that the sources were configured
	-rm -f configure-stamp

clean: clean-sources
	dh_testdir
	dh_testroot
# Clean all the stamps
	rm -f build*stamp install-stamp configure-stamp
# Clean all the different binaries we have created when building the packages'
# flavors
	rm -f src/snort-basic
	rm -f src/snort
# Clean documents
	cd doc && [ ! -f Makefile ] || $(MAKE) distclean
	rm -f doc/snort_manual.pdf doc/snort_manual.ps doc/snort_manual.aux \
	    doc/snort_manual.log doc/snort_manual.toc
	dh_autoreconf_clean
	dh_clean

configure: configure-stamp
configure-stamp:
	dh_testdir
	dh_autoreconf
# Standard package configuration:
	./configure $(CONFFLAGS) 
	touch $@

# Basic 'flavor' package 
#
# Other 'flavors' (with different compilation flags) can be generated using
# this as a reference
build-basic: build-basic-stamp
build-basic-stamp: configure-stamp
# NOTE: We don't clean the sources on the first compilation
	dh_testdir
	$(MAKE) 
	cp src/snort src/snort-basic
	touch $@

# This is an example of a 'flavor'. A flavor
# adds support for some specific configuration flags
# that are not used in the basic flavor
#
#build-flavor: build-flavor-stamp
#build-flavor-stamp:
#       dh_testdir
#       sh debian/clean_sources.sh
#       # Support for blah, blah, blah
#       ./configure $(CONFFLAGS) \
#               --enable-some-esoteric-option 
#       $(MAKE)
#       cp src/snort src/snort-flavor
#       touch $@
# Note: the binary generated needs to be moved to the proper 'flavor' package too


build-arch: build-arch-stamp 
build-arch-stamp: build-basic-stamp
	dh_testdir
	touch $@

build-indep: build-indep-stamp
build-indep-stamp: configure-stamp
	dh_testdir
	# Build the documentation
# Only do this if we have the required binaries and files
# Note: I hate hardcoding paths here, but the buildds are stupid
	@if [ -x /usr/bin/ps2pdf -a -x /usr/bin/pslatex -a \
	     -x /usr/bin/dvips -a \
	     -e /usr/share/texlive/texmf-dist/tex/latex/pslatex/pslatex.sty -a \
	     -e /usr/share/texlive/texmf-dist/tex/latex/oberdiek/kvoptions.sty ] ; \
	then \
	    $(MAKE) -C doc snort_manual.pdf ; \
	else \
	    echo >&2 'WARNING: Not building documentation, environment not available!'; \
	fi
	touch $@

build: build-arch build-indep
	
install: install-indep install-arch

install-arch: 
	dh_testdir
	dh_testroot
	dh_prep -s
	dh_installdirs -s
# Install the common binaries
	$(MAKE) install prefix=$(TMP)/snort-common/usr/
	rm -f  $(TMP)/snort-common/usr/sbin/snort
	# clean dependency_libs
	find $(TMP)/snort-common/usr/lib  -name "*.la" -exec \
		sed -i -e "s,^dependency_libs=.*,dependency_libs=''," {} +
# Snort binaries
	install -m 755 -o root -g root src/snort-basic $(TMP)/snort/usr/sbin/snort
# Default config
#	install -m 644 -o root -g root `pwd`/debian/snort.common.parameters $(TMP)/snort/etc/snort/snort.common.parameters
	install -m 644 -o root -g root `pwd`/debian/snort.default $(TMP)/snort/etc/default/snort
#  Install init.d initscripts
	install -m 755 -o root -g root `pwd`/debian/snort.init.d $(TMP)/snort/etc/init.d/snort
#  Install PPP initscripts
	install -m 755 -o root -g root `pwd`/debian/my/snort.ip-up.d $(TMP)/snort/etc/ppp/ip-up.d/snort
	install -m 755 -o root -g root `pwd`/debian/my/snort.ip-down.d $(TMP)/snort/etc/ppp/ip-down.d/snort
# Logrotate files
	install -m 644 -o root -g root `pwd`/debian/snort.logrotate $(TMP)/snort/etc/logrotate.d/snort
# Move libraries to the snort-common-libraries package
	mv $(TMP)/snort-common/usr/lib/* $(TMP)/snort-common-libraries/usr/lib/
	rmdir $(TMP)/snort-common/usr/lib/
# Remove headers, as this is not a -dev package
#	mv $(TMP)/snort-common/usr/src/ $(TMP)/snort-common-libraries/usr/
	rm -rf $(TMP)/sort-common/usr/src/
	dh_install -s

install-indep: 
	dh_testdir
	dh_testroot
	dh_prep -i
	dh_installdirs -i
# Install Debian specific, scripts and files of the snort-common
# package
	install -m 755 -o root -g root `pwd`/debian/snort.cron.daily $(TMP)/snort-common/etc/cron.daily/5snort
	install -m 755 -o root -g root `pwd`/debian/my/snort-stat $(TMP)/snort-common/usr/sbin/
	install -m 644 -o root -g root `pwd`/etc/snort.conf $(TMP)/snort-common/etc/snort/
	install -m 644 -o root -g root `pwd`/etc/unicode.map $(TMP)/snort-common/etc/snort/
	install -m 644 -o root -g root `pwd`/etc/threshold.conf $(TMP)/snort-common/etc/snort/
#  Install files of the arch-independent packages
	cp rules/*.rules $(TMP)/snort-rules-default/etc/snort/rules/
#	mkdir -p $(TMP)/snort-rules-default/usr/share/snort/
#	install -m 644 -o root -g root `pwd`/debian/oldrules.md5 $(TMP)/snort-rules-default/usr/share/snort/oldrules.md5
#	install -m 644 etc/sid-msg.map $(TMP)/snort-rules-default/etc/snort/
	install -m 644 etc/gen-msg.map $(TMP)/snort-rules-default/etc/snort/
	install -m 644 etc/community-sid-msg.map $(TMP)/snort-rules-default/etc/snort/
	install -m 644 etc/classification.config $(TMP)/snort-rules-default/etc/snort/
	install -m 644 etc/reference.config $(TMP)/snort-rules-default/etc/snort/
# Remove useless directories
	rm -rf $(TMP)/snort-common/etc/ppp
	rm -rf $(TMP)/snort-doc/usr/share/doc
	dh_install -i

# Build architecture-independent files here.
binary-indep: build-indep install-indep
	dh_testdir -i
	dh_testroot -i
	dh_installdocs -i -XREADME.WIN32
	dh_installexamples -i
	dh_installdebconf -i
	dh_installman -i 
# Other adjustments
	rm -rf $(TMP)/snort-doc/usr/share/doc/snort-doc/CVS
	rm -rf $(TMP)/snort-doc/usr/share/doc/snort-doc/contrib/CVS
	chmod +x $(TMP)/snort-common/usr/share/doc/snort-common/examples/snort*
	cp -a doc/signatures/ $(TMP)/snort-doc/usr/share/doc/snort-doc/
	rm -rf $(TMP)/snort-doc/usr/share/man
	rm -rf $(TMP)/snort-rules-default/usr/share/man
	rm -rf $(TMP)/snort-common/usr/share/man/man8/snort.*
	dh_installchangelogs -i ChangeLog
	dh_link -i
	dh_strip -i
	dh_compress -i
	dh_fixperms -i
	dh_makeshlibs -i
	dh_installdeb -i
	dh_perl -i
	dh_shlibdeps -i
	dh_gencontrol -i
	dh_md5sums -i
	dh_builddeb -i

# Build architecture-dependent files here.
binary-arch: build-arch install-arch
	dh_testdir -a
	dh_testroot -a
	dh_installdocs -a
	dh_installexamples -a
	dh_installdebconf -a
	dh_installman -a
	rm -rf $(TMP)/snort-rules-default/usr/share/man
	rm -f $(TMP)/snort/usr/share/man/man8/snort-stat.*
	rm -f $(TMP)/snort-common/usr/share/man/man8/snort.*
	dh_installchangelogs -a ChangeLog
	dh_link -a
	dh_strip -a
	dh_compress -a
	dh_fixperms -a
	dh_makeshlibs -a -Xsnort-common-libraries
	dh_installdeb -a
	dh_perl -a
	dh_shlibdeps -a
	dh_gencontrol -a
	dh_md5sums -a
	dh_builddeb -a

source diff:                                                                  
	@echo >&2 'source and diff are obsolete - use dpkg-source -b'; false

update-rules:
	mv rules rules.old
	wget -q -O ../snortrules-snapshot-2_2.tar.gz http://www.snort.org/dl/rules/snortrules-snapshot-2_2.tar.gz
	tar -zxf ../snortrules-snapshot-2_2.tar.gz
	if [ -d rules ] ; then mv rules.old/Makefile* rules/; rm -rf rules.old; fi

# Update the Debconf templates for all packages using the common templates
update-templates: debian/snort.TEMPLATE.templates 
	cd debian && sh generate-templates.sh
	cd debian && debconf-updatepo

binary: binary-arch binary-indep
.PHONY: build clean binary-indep binary-arch binary install install-indep install-arch