%define name prelude-nids %define version 0.8.6 %define release 2mdk %define _localstatedir /var Summary: Prelude Hybrid Intrusion Detection System - Network Sensor Name: %{name} Version: %{version} Release: %{release} License: GPL Group: Networking/Other URL: http://www.prelude-ids.org/ Source: http://www.prelude-ids.org/download/releases/%{name}-%{version}.tar.gz BuildRequires: flex BuildRequires: bison BuildRequires: automake1.7 BuildRequires: autoconf2.5 BuildRequires: prelude-devel => 0.8.10-2mdk Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot %description Prelude NIDS is the network-based sensor program part of the Prelude Hybrid IDS suite. It provides network monitoring with fast pattern matching (Boyer-Moore) to detect attacks against a network. It includes advanced mechanisms such as a generic signature engine which is able to understand any ruleset as long as there is a dedicated parser, protocol and detection analysis plugins featuring Telnet, RPC, HTTP, and FTP decoding and preprocessors for cross-platform polymorphic shellcodes detection, ARP misuse detection, and scanning detection. It supports IP fragmentation and TCP segmentation to track connections and detect stateful events. %package devel Summary: Libraries, includes, etc. to develop Prelude NIDS Group: Development/C Requires: %{name} = %{version} %description devel Prelude NIDS is the network-based sensor program part of the Prelude Hybrid IDS suite. It provides network monitoring with fast pattern matching (Boyer-Moore) to detect attacks against a network. It includes advanced mechanisms such as a generic signature engine which is able to understand any ruleset as long as there is a dedicated parser, protocol and detection analysis plugins featuring Telnet, RPC, HTTP, and FTP decoding and preprocessors for cross-platform polymorphic shellcodes detection, ARP misuse detection, and scanning detection. It supports IP fragmentation and TCP segmentation to track connections and detect stateful events. This package contains the headers for developing %prep %setup -q tar xf libpcap.tar cp libpcap/pcap.h . # include hack... for i in `find src -type f -name "Makefile.am"`; do perl -pi -e "s|libpcap/pcap.h|pcap.h|g" $i perl -pi -e "s|nodist_prelude_nids_SOURCES|#nodist_prelude_nids_SOURCES|g" $i done # fix conflicting declaration with MySQL-4.1.x find -type f | xargs perl -pi -e "s|list_add|list_prelude_add|g" %build export WANT_AUTOCONF_2_5=1 rm -f configure libtoolize --copy --force && aclocal-1.7 && autoconf && automake-1.7 %configure2_5x #(peroyvind) disable parallel build, broken make %install [ "%{buildroot}" != "/" ] && rm -rf %{buildroot} %makeinstall_std %clean [ "%{buildroot}" != "/" ] && rm -rf %{buildroot} %files %defattr(-,root,root) %doc AUTHORS ChangeLog README INSTALL %{_bindir}/prelude-nids %{_libdir}/prelude-nids/detects/* %{_libdir}/prelude-nids/protocols/* %{_mandir}/man8/* %config(noreplace) %{_sysconfdir}/prelude-nids/* %files devel %defattr(-,root,root) %doc AUTHORS ChangeLog README INSTALL %{_includedir}/prelude-nids/*.h %changelog * Tue Jan 25 2005 Oden Eriksson <oeriksson@mandrakesoft.com> 0.8.6-2mdk - rebuilt against MySQL-4.1.x and PostgreSQL-8.x system libs - fix conflicting declaration with MySQL-4.1.x - fix deps * Thu May 20 2004 Per Øyvind Karlsen <peroyvind@linux-mandrake.com> 0.8.6-1mdk - 0.8.6 - do rm -rf $RPM_BUILD_ROOT at the beginning of %%install * Tue Sep 09 2003 Florin Grad <florin@mandrakesoft.com> 0.8.1-1mdk - first mandrake release - add the manpage * Wed Sep 03 2002 Sylvain GIL <prelude-packaging@tootella.org> 0.8.1-2 - Increased libprelude dependency version * Mon Sep 01 2002 Sylvain GIL <prelude-packaging@tootella.org> 0.8.1-1 - Initial Packaging.