[MacPorts] #46320: net/snort: missing rules files from default snort.conf
#46320: net/snort: missing rules files from default snort.conf -----------------------+----------------------- Reporter: pixilla@… | Owner: jul_bsd@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.3.3 Keywords: | Port: snort -----------------------+----------------------- {{{ $ snort -T -c /opt/local/etc/snort/snort.conf 2>&1 | tail -n3 ERROR: /opt/local/etc/snort//rules/local.rules(0) Unable to open rules file "/opt/local/etc/snort//rules/local.rules": No such file or directory. Fatal Error, Quitting.. }}} -- Ticket URL: <https://trac.macports.org/ticket/46320> MacPorts <https://www.macports.org/> Ports system for OS X
#46320: net/snort: missing rules files from default snort.conf ------------------------+----------------------- Reporter: pixilla@… | Owner: jul_bsd@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.3.3 Resolution: | Keywords: Port: snort | ------------------------+----------------------- Comment (by jul_bsd@…): Hello Pixilla, in the 'port notes' is said: "Please download rules from https://www.snort.org/snort-rules/#rules either manually or with oinkmaster." oinkmaster has not been commited for now (Ticket #42859) so need to download it manually or do that with the rules. Maybe the above line need more highlight. Also the link changed. it is https://www.snort.org/downloads/#rule- downloads now Problem is snort has 3 sets - unregistered user/community rules - registered user - paid user the first one is pretty outdated but is still kept by debian package for the sake of usability. But as it's a security software, in a same way than an AV, it's pretty useless with outdated rules. I would prefer to leave user make its choice and if possible use registered set. In Oinkmaster port, I pinpoint on other sets like EmergingThreats or BleedingSnort Also for this rules file, an alternative would be just touching file in post-activate, but need also white and black_list.rules and change path. tentative patch joined -- Ticket URL: <https://trac.macports.org/ticket/46320#comment:1> MacPorts <https://www.macports.org/> Ports system for OS X
#46320: net/snort: missing rules files from default snort.conf ------------------------+----------------------- Reporter: pixilla@… | Owner: jul_bsd@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.3.3 Resolution: | Keywords: Port: snort | ------------------------+----------------------- Comment (by pixilla@…): In general it would be good if this port could install snort with a working configuration file. Would it be a terrible idea to remove or comment the lines in the example conf that point to non-existent files? -- Ticket URL: <https://trac.macports.org/ticket/46320#comment:2> MacPorts <https://www.macports.org/> Ports system for OS X
#46320: net/snort: missing rules files from default snort.conf ------------------------+----------------------- Reporter: pixilla@… | Owner: jul_bsd@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.3.3 Resolution: | Keywords: Port: snort | ------------------------+----------------------- Comment (by jul_bsd@…): touching file or commenting lines is our choice. Those are not part of rules set and both are equivalent. I went with touch. -- Ticket URL: <https://trac.macports.org/ticket/46320#comment:3> MacPorts <https://www.macports.org/> Ports system for OS X
#46320: net/snort: missing rules files from default snort.conf ------------------------+----------------------- Reporter: pixilla@… | Owner: jul_bsd@… Type: defect | Status: closed Priority: Normal | Milestone: Component: ports | Version: 2.3.3 Resolution: fixed | Keywords: Port: snort | ------------------------+----------------------- Changes (by mf2k@…): * status: new => closed * resolution: => fixed Comment: r151665 -- Ticket URL: <https://trac.macports.org/ticket/46320#comment:4> MacPorts <https://www.macports.org/> Ports system for OS X
participants (1)
-
MacPorts