%global fwsnortlogdir /var/log/fwsnort
Summary: Translates Snort rules into equivalent iptables rules
Name: fwsnort
Version: 1.5
Release: 0%{?dist}
License: GPLv2+
Group: System Environment/Daemons
Url: http://www.cipherdyne.org/fwsnort/
Source0: http://www.cipherdyne.org/fwsnort/download/fwsnort-1.5.tar.gz
Source1: logrotate.fwsnort
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildArch: noarch
Requires: iptables
Requires: perl(Net::IPv4Addr)
Requires: perl(IPTables::Parse)
Requires: logrotate
Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
%description
fwsnort translates Snort rules into equivalent iptables rules and generates
a Bourne shell script that implements the resulting iptables commands.
In addition, fwsnort (optionally) uses the IPTables::Parse module to parse the
iptables ruleset on the machine to determine which Snort rules are applicable
to the specific iptables policy.
fwsnort is able to translate approximately 60% of all rules from the
Snort-2.3.3 IDS into equivalent iptables rules.
%prep
%setup -q
mv deps/snort_rules/VERSION SNORT-RULES-VERSION
cp -p %SOURCE1 .
%build
%install
rm -rf $RPM_BUILD_ROOT
### log directory
mkdir -p $RPM_BUILD_ROOT%{fwsnortlogdir}
### fwsnort config
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/fwsnort
mkdir -p $RPM_BUILD_ROOT%{_bindir}
mkdir -p $RPM_BUILD_ROOT%{_mandir}/man8
mkdir -p $RPM_BUILD_ROOT%{_sbindir}
install -m 755 fwsnort $RPM_BUILD_ROOT%{_sbindir}/
install -m 644 fwsnort.conf $RPM_BUILD_ROOT%{_sysconfdir}/fwsnort/
install -m 644 fwsnort.8 $RPM_BUILD_ROOT%{_mandir}/man8/
### install snort rules files
cp -r deps/snort_rules $RPM_BUILD_ROOT%{_sysconfdir}/fwsnort
mkdir -p $RPM_BUILD_ROOT/etc/logrotate.d
install -p -m 644 logrotate.fwsnort $RPM_BUILD_ROOT/etc/logrotate.d/fwsnort
%clean
rm -rf $RPM_BUILD_ROOT
%pre
### not used
%post
### not used
%preun
### not used
%files
%defattr(-,root,root)
%doc LICENSE VERSION README CREDITS TODO SNORT-RULES-VERSION
%dir %{fwsnortlogdir}
%{_sbindir}/*
%{_mandir}/man8/*
%dir %{_sysconfdir}/fwsnort
%config %{_sysconfdir}/fwsnort/fwsnort.conf
%config(noreplace) %{_sysconfdir}/logrotate.d/fwsnort
%dir %{_sysconfdir}/fwsnort/snort_rules
%config(noreplace) %{_sysconfdir}/fwsnort/snort_rules/*
%changelog
* Wed Dec 29 2010 Guillermo Gomez <gomix@fedoraproject.org> - 1.5-0
- Upgrade to major release version 1.5-0
- WARNING: Compatibility issue with 1.0.6 fwsnort.conf, previous
fwsnort.conf renamed as /etc/fwsnort/fwsnort.conf.rpmsave.
* Wed Dec 29 2010 Guillermo Gomez <gomix@fedoraproject.org>
- Upgrade to major prerelease version 1.5pre
* Tue Oct 12 2010 Mark Chappell <tremble@tremble.org.uk> - 1.0.6-8
- Replace the perl dependencies with the virtual modules rather than
the package name
* Sun May 16 2010 Guillermo Gómez <ggomez@neotechgw.com> - 1.0.6-7
- Ownership of /etc/logrotate.d corrected and requires logrotate instead which
provides it
* Sun Apr 25 2010 Guillermo Gómez <ggomez@neotechgw.com> - 1.0.6-6
- Macros use improved for consistency
* Thu Feb 04 2010 Guillermo Gómez <ggomez@neotechgw.com> - 1.0.6-5
- Removed unnecesary macro definition
* Thu Feb 04 2010 Guillermo Gómez <ggomez@neotechgw.com> - 1.0.6-4
- Description shortened
* Thu Feb 04 2010 Guillermo Gómez <ggomez@neotechgw.com> - 1.0.6-3
- License adjusted to GPLv2+
* Wed Feb 03 2010 Guillermo Gómez <ggomez@neotechgw.com> - 1.0.6-2
- documentation included, LICENSE VERSION README CREDITS TODO
SNORT-RULES-VERSION
* Sat Jan 2 2010 Guillermo Gómez <ggomez@neotechgw.com> - 1.0.6-1
- First Fedora spec compliant version, several modifications
- No deps included
- Free snort rules included
distrib
>
Fedora
>
13
>
i386
>
media
>
updates-src
>
by-pkgid
>
ccf613827fac4953a18139015a27dd41
>
files
>
2
