Initial import. Ebuild by Jason Wallace based on work by Fabio Scaccabarozzi and Han Boetes . Closes #279019 and #307783

(Portage version: 2.2_rc67/cvs/Linux x86_64)
author: Patrick Lauer <patrick@gentoo.org> 2010-03-16 21:25:54 +0000
committer: Patrick Lauer <patrick@gentoo.org> 2010-03-16 21:25:54 +0000
commit: e3c46f1a0895da26d7e9eebec31c60573d68efff (patch)
tree: 390aa6092e9b5f2aa1816829034f6efddeb95096 /net-analyzer/barnyard2
parent: Remove sci-astronomy/xephem block because "cam" was renamed to "feh-cam". (diff)
download: gentoo-2-e3c46f1a0895da26d7e9eebec31c60573d68efff.tar.gz
gentoo-2-e3c46f1a0895da26d7e9eebec31c60573d68efff.tar.bz2
gentoo-2-e3c46f1a0895da26d7e9eebec31c60573d68efff.zip
5 files changed, 230 insertions, 0 deletions
diff --git a/net-analyzer/barnyard2/ChangeLog b/net-analyzer/barnyard2/ChangeLog
new file mode 100644
index 000000000000..097e3d4e5dca
--- /dev/null
+++ b/net-analyzer/barnyard2/ChangeLog
@@ -0,0 +1,11 @@
+# ChangeLog for net-analyzer/barnyard2
+# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/barnyard2/ChangeLog,v 1.1 2010/03/16 21:25:53 patrick Exp $
+
+*barnyard2-1.8 (16 Mar 2010)
+
+  16 Mar 2010; Patrick Lauer <patrick@gentoo.org> +files/barnyard2.confd,
+  +files/barnyard2.initd, +barnyard2-1.8.ebuild, +metadata.xml:
+  Initial import. Ebuild by Jason Wallace based on work by Fabio
+  Scaccabarozzi and Han Boetes . Closes #279019 and #307783
+
diff --git a/net-analyzer/barnyard2/barnyard2-1.8.ebuild b/net-analyzer/barnyard2/barnyard2-1.8.ebuild
new file mode 100644
index 000000000000..e4457a617b63
--- /dev/null
+++ b/net-analyzer/barnyard2/barnyard2-1.8.ebuild
@@ -0,0 +1,134 @@
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/barnyard2/barnyard2-1.8.ebuild,v 1.1 2010/03/16 21:25:53 patrick Exp $
+
+inherit eutils
+
+DESCRIPTION="Parser for Snort unified/unified2 files"
+HOMEPAGE="http://www.securixlive.com/barnyard2/"
+SRC_URI="http://www.securixlive.com/download/barnyard2/${P}.tar.gz"
+SLOT="0"
+LICENSE="GPL-2"
+KEYWORDS="~amd64 ~x86"
+IUSE="static debug aruba gre mpls prelude ipv6 mysql odbc postgres"
+
+DEPEND="virtual/libpcap
+	    mysql? ( virtual/mysql )
+		postgres? ( >=virtual/postgresql-server-7.2 )
+		prelude? ( >=dev-libs/libprelude-0.9.0 )
+		sguil? ( dev-lang/tcl )
+		odbc? ( dev-db/unixODBC )"
+
+src_unpack() {
+
+	unpack ${A}
+	cd "${S}"
+
+}
+
+src_compile() {
+
+	local myconf
+
+	econf \
+		$(use_enable !static shared) \
+		$(use_enable static) \
+		$(use_enable debug) \
+		$(use_enable aruba) \
+		$(use_enable gre) \
+		$(use_enable mpls) \
+		$(use_enable prelude) \
+		$(use_enable ipv6) \
+		$(use_with mysql) \
+		$(use_with odbc) \
+		$(use_with postgres postgresql) \
+		--without-oracle \
+		${myconf}
+
+	emake || die "make failed"
+
+}
+
+src_install () {
+
+	make DESTDIR="${D}" install || die "make install failed"
+
+	dodir /etc/barnyard2
+
+	# A spool dir is needed to start BY2 and this is the most likely choice.
+	dodir /var/log/snort
+
+	# BY2 doesn't write logs to this dir unless a logging type output plugin
+	# is chosen, but BY2 will not start without a log dir defined.
+	dodir /var/log/barnyard2
+
+	dodoc doc/INSTALL \
+		  doc/README \
+		  doc/README.aruba \
+	      doc/README.database \
+		  doc/README.sguil \
+		  LICENSE \
+		  RELEASE.NOTES
+
+	dodoc schemas/create_db2 \
+	      schemas/create_mssql \
+		  schemas/create_mysql \
+		  schemas/create_oracle.sql \
+		  schemas/create_postgresql
+
+	insinto /etc/barnyard2
+	newins etc/barnyard2.conf barnyard2.conf.distrib
+
+	einfo "Making changes to barnyard2.conf.distrib."
+	sed -i -e "s:^#config interface:config interface:" \
+		"${D}etc/barnyard2/barnyard2.conf.distrib" \
+		|| die "Failed to update barnyard2.conf.distrib"
+
+	sed -i -e "s:^output alert_fast:#output alert_fast:" \
+		"${D}etc/barnyard2/barnyard2.conf.distrib" \
+		|| die "Failed to update barnyard2.conf.distrib"
+
+	newconfd "${FILESDIR}/barnyard2.confd" barnyard2 \
+		|| die "Failed to add barnyard2.confd"
+
+	newinitd "${FILESDIR}/barnyard2.initd" barnyard2 \
+		|| die "Failed to add barnyard2.initd"
+
+}
+
+pkg_postinst() {
+
+	einfo
+	einfo "Barnyard2 is a fork of the original barnyard project "
+	einfo "(which is no longer under development)."
+	einfo
+	einfo "Barnyard2 is designed specifically for Snort's new unified2"
+	einfo "file format. Barnyard2 is under active development and continues"
+	einfo "to adapt based on user feedback."
+	elog
+	elog "For confiuration options, take a look at..."
+	elog
+	elog "/etc/barnyard2/barnyard2.conf.distrib"
+	elog
+	ewarn "The following output plugins are considered 'beta' for ${P}"
+	ewarn "So your milage may very if you use them."
+	ewarn
+	ewarn "alert_arrubaaction"
+	ewarn "alert_cef"
+	ewarn "alert_prelude"
+	ewarn "alert_unixsock"
+	ewarn
+	ewarn "For a list of stable output plugins see..."
+	ewarn
+	ewarn "http://www.securixlive.com/barnyard2/index.php"
+	ewarn
+	ewarn "IMPORTANT:"
+	ewarn
+	ewarn "The settings for 'INTERFACE=' in /etc/conf.d/barnyard2 and"
+	ewarn "for 'config interface' in /etc/barnyard2/barnyard2.conf"
+	ewarn "must be the same!! The PID file for barnyard2 takes the form of"
+	ewarn "barnyard2_<interface>.pid. If conf.d and barnyard2.conf"
+	ewarn "do not match then doing '/etc/init.d/barnyard2 stop' will not work."
+	ewarn
+
+}
diff --git a/net-analyzer/barnyard2/files/barnyard2.confd b/net-analyzer/barnyard2/files/barnyard2.confd
new file mode 100644
index 000000000000..d114f826c707
--- /dev/null
+++ b/net-analyzer/barnyard2/files/barnyard2.confd
@@ -0,0 +1,36 @@
+# Config file for /etc/init.d/barnyard2
+
+# This file only contains variables needed by the init.d script.
+# All other configuration options are located in the barnyard2.conf file
+
+# This should be the first part of the unified/unified2 log file name (without the time stamp)
+# Ex. If you log files look like this 'snort.unified2.1239801645' then you would use 'snort.unified2'
+SPOOL_FILE="snort.unified2"
+
+# Location of your unified/unified2 log files
+SPOOL_DIR="/var/log/snort"
+
+# Directory to log to
+LOG_DIR="/var/log/barnyard2"
+
+# This MUST match what you set for "config interface:" in your barnyard2.conf
+# If you do not set this correctly then Barnyard2 will not stop when you do a 
+# "/etc/init.d/barnyard2 stop"
+INTERFACE="eth0"
+
+# You probably don't want to change this, but in case you do
+PID_FILE="barnyard2_${INTERFACE}.pid"
+PID_PATH="/var/run"
+
+# The waldo file is located in the SPOOL_DIR to support multipule instances of barnyard2
+WALDO_FILE="${SPOOL_DIR}/barnyard2.waldo"
+CONF="/etc/barnyard2/barnyard2.conf"
+
+# Location of the archive directory if you choose to use it.
+# The ARCHIVE_DIR is located in the SPOOL_DIR to support multipule instances of barnyard2
+#ARCHIVE_DIR="${SPOOL_DIR}/archive"
+
+# This pulls in the options above
+BARNYARD_OPTS="-D -c ${CONF} -d ${SPOOL_DIR} -w ${WALDO_FILE} -f ${SPOOL_FILE} -l ${LOG_DIR}"
+# Or with an archive directory
+#BARNYARD_OPTS="-D -c ${CONF} -d ${SPOOL_DIR} -w ${WALDO_FILE} -f ${LOG_FILE} -l ${LOG_DIR} -a ${ARCHIVE_DIR}"
diff --git a/net-analyzer/barnyard2/files/barnyard2.initd b/net-analyzer/barnyard2/files/barnyard2.initd
new file mode 100644
index 000000000000..4d0a338b5b25
--- /dev/null
+++ b/net-analyzer/barnyard2/files/barnyard2.initd
@@ -0,0 +1,30 @@
+#!/sbin/runscript
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/barnyard2/files/barnyard2.initd,v 1.1 2010/03/16 21:25:54 patrick Exp $
+
+depend() {
+	need net
+}
+
+checkconfig() {
+	if [ ! -e ${CONF} ] ; then
+		eerror "You need a configuration file to run barnyard2"
+		eerror "There is an example config in /etc/snort/barnyard2.conf.distrib"
+		return 1
+	fi
+}
+
+start() {
+	checkconfig || return 1
+	ebegin "Starting barnyard2"
+	start-stop-daemon --start --quiet --exec /usr/bin/barnyard2 \
+		-- --pid-path ${PID_PATH} --nolock-pidfile ${BARNYARD_OPTS} >/dev/null 2>&1
+	eend $?
+}
+
+stop() {
+	ebegin "Stopping barnyard2"
+	start-stop-daemon --stop --quiet --pidfile ${PID_PATH}/${PID_FILE}
+	eend $?
+}
diff --git a/net-analyzer/barnyard2/metadata.xml b/net-analyzer/barnyard2/metadata.xml
new file mode 100644
index 000000000000..dda471b53fb9
--- /dev/null
+++ b/net-analyzer/barnyard2/metadata.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<maintainer>
+  <email>patrick@gentoo.org</email>
+  <name>Patrick Lauer</name>
+</maintainer>
+<maintainer>
+  <email>jason.r.wallace@gmail.com</email>
+  <name>Jason Wallace</name>
+</maintainer>
+<herd>netmon</herd>
+<longdescription>Parser for Snort unified/unified2 files</longdescription>
+<use>
+<flag name='aruba'>Enable Aruba support</flag>
+<flag name='gre'>Enable GRE support</flag>
+<flag name='mpls'>Enable support for mpls networks</flag>
+</use>
+</pkgmetadata>
author	Patrick Lauer <patrick@gentoo.org>	2010-03-16 21:25:54 +0000
committer	Patrick Lauer <patrick@gentoo.org>	2010-03-16 21:25:54 +0000
commit	e3c46f1a0895da26d7e9eebec31c60573d68efff (patch)
tree	390aa6092e9b5f2aa1816829034f6efddeb95096 /net-analyzer/barnyard2
parent	Remove sci-astronomy/xephem block because "cam" was renamed to "feh-cam". (diff)
download	gentoo-2-e3c46f1a0895da26d7e9eebec31c60573d68efff.tar.gz gentoo-2-e3c46f1a0895da26d7e9eebec31c60573d68efff.tar.bz2 gentoo-2-e3c46f1a0895da26d7e9eebec31c60573d68efff.zip