- Update to 2.4.1

- Snort distribution no longer includes rules - download them seperately
  (or consider using security/oinkmaster to simplify that process)
- Change default config dir to ${PREFIX}/etc/snort (to avoid cluttering)
- Install database schemas scripts into EXAMPLESDIR

8 files changed, 58 insertions, 179 deletions

diff --git a/security/snort/Makefile b/security/snort/Makefile
index 04cab915f95b..169c3f12abd7 100644
--- a/security/snort/Makefile
+++ b/security/snort/Makefile
@@ -6,10 +6,9 @@
 #
 
 PORTNAME=	snort
-PORTVERSION=	2.3.3
+PORTVERSION=	2.4.1
 CATEGORIES=	security
 MASTER_SITES=	http://www.snort.org/dl/current/
-DISTFILES=	${DISTNAME}${EXTRACT_SUFX}
 
 MAINTAINER=	sergei@FreeBSD.org
 COMMENT=	Lightweight network intrusion detection system
@@ -20,20 +19,24 @@ OPTIONS=	FLEXRESP "Flexible response to events" off \
 		MYSQL "Enable MySQL support" off \
 		ODBC "Enable ODBC support" off \
 		POSTGRESQL "Enable PostgreSQL support" off \
-		PRELUDE "Enable patch for Prelude integration" off
+		PRELUDE "Enable Prelude NIDS integration" off
 
 USE_GPG=	yes
-SIG_SUFFIX=	.asc
+SIG_SUFFIX=	.sig
 USE_REINPLACE=	yes
-USE_RC_SUBR=	yes
-RC_SCRIPTS_SUB=	PREFIX=${PREFIX} RC_SUBR=${RC_SUBR}
+USE_RC_SUBR=	snort.sh
+SUB_FILES=	pkg-message
 GNU_CONFIGURE=	yes
 CONFIGURE_ENV=	LDFLAGS="${LDFLAGS}"
 CONFIGURE_TARGET=	--build=${MACHINE_ARCH}-portbld-freebsd${OSREL}
 
+CONFIG_DIR?=	${PREFIX}/etc/snort
+CONFIG_FILES=	classification.config gen-msg.map generators reference.config \
+		sid sid-msg.map snort.conf threshold.conf unicode.map
+
 MAN8=		snort.8
-DOCS=		ChangeLog doc/AUTHORS doc/BUGS doc/CREDITS doc/NEWS \
-		doc/README* doc/TODO doc/USAGE doc/*.pdf
+DOCS=		RELEASE.NOTES doc/AUTHORS doc/BUGS doc/CREDITS \
+		doc/README* doc/USAGE doc/*.pdf
 
 .include <bsd.port.pre.mk>
 
@@ -70,57 +73,25 @@ CONFIGURE_ARGS+=	--with-postgresql=no
 .endif
 
 .if defined(WITH_PRELUDE)
-#BROKEN=			Prelude reporting patch have not been updated for Snort 2.2.0
-PRELUDE_PATCH=		0.3.6
-MASTER_SITES+=		http://prelude-ids.org/download/releases/old/:prelude
-SIGNED_FILES=		${DISTNAME}${EXTRACT_SUFX}
-DISTFILES+=		snort-prelude-reporting-patch-${PRELUDE_PATCH}.tar.gz:prelude
-EXTRA_PATCHES+=		${WRKDIR}/snort-2.2.0-prelude-${PRELUDE_PATCH}.diff
-USE_AUTOMAKE_VER=	19
-USE_AUTOCONF_VER=	259
 LIB_DEPENDS+=		prelude.1:${PORTSDIR}/security/libprelude
-CONFIGURE_ARGS+=	--with-prelude=yes
+CONFIGURE_ARGS+=	--enable-prelude
 PLIST_SUB+=		PRELUDE=""
-
-pre-configure:
-	cd ${WRKSRC} && ${ACLOCAL} && ${AUTOMAKE} && ${AUTOCONF}
-	${RM} ${WRKSRC}/doc/README.Prelude.orig
 .else
-CONFIGURE_ARGS+=	--with-prelude=no
+CONFIGURE_ARGS+=	--disable-prelude
 PLIST_SUB+=		PRELUDE="@comment "
 .endif
 
 post-patch:
-	${REINPLACE_CMD} "s,%%PREFIX%%,${PREFIX}," ${WRKSRC}/src/snort.c
-	@${SED} ${RC_SCRIPTS_SUB:S/$/!g/:S/^/ -e s!%%/:S/=/%%!/} \
-		${FILESDIR}/snort.sh > ${WRKDIR}/snort.sh
+	${REINPLACE_CMD} "s,/etc/snort.conf,${CONFIG_DIR}/snort.conf," \
+		${WRKSRC}/src/snort.c ${WRKSRC}/snort.8
 
 post-install:
-	${INSTALL_SCRIPT} -m 751 ${WRKDIR}/snort.sh ${PREFIX}/etc/rc.d/snort.sh
-	@${MKDIR} ${DATADIR}
-	${INSTALL_DATA} ${WRKSRC}/rules/[^l]*.rules ${DATADIR}
-.for f in local.rules
-	${INSTALL_DATA} ${WRKSRC}/rules/${f} ${DATADIR}/${f}-sample
-	[ -f ${DATADIR}/${f} ] || \
-	    ${INSTALL_DATA} ${WRKSRC}/rules/${f} ${DATADIR}/${f}
-.endfor
-.for f in classification.config reference.config
-	${INSTALL_DATA} ${WRKSRC}/etc/${f} ${DATADIR}/${f}-sample
-	[ -f ${DATADIR}/${f} ] || \
-	    ${INSTALL_DATA} ${WRKSRC}/etc/${f} ${DATADIR}/${f}
-.endfor
-.for f in snort.conf unicode.map threshold.conf
-	${INSTALL_DATA} ${WRKSRC}/etc/${f} ${PREFIX}/etc/${f}-sample
-	[ -f ${PREFIX}/etc/${f} ] || \
-	    ${INSTALL_DATA} ${WRKSRC}/etc/${f} ${PREFIX}/etc/${f}
+	[ -d ${CONFIG_DIR} ] || ${MKDIR} ${CONFIG_DIR}
+.for f in ${CONFIG_FILES}
+	${INSTALL_DATA} ${WRKSRC}/etc/${f} ${CONFIG_DIR}/${f}-sample
 .endfor
-.if defined(WITH_PRELUDE)
-.for f in prelude-classification.config
-	${INSTALL_DATA} ${WRKSRC}/etc/${f} ${PREFIX}/etc/${f}-sample
-	[ -f ${PREFIX}/etc/${f} ] || \
-	    ${INSTALL_DATA} ${WRKSRC}/etc/${f} ${PREFIX}/etc/${f}
-.endfor
-.endif
+	@${MKDIR} ${EXAMPLESDIR}
+	${INSTALL_DATA} ${WRKSRC}/schemas/create* ${EXAMPLESDIR}
 .if !defined(NOPORTDOCS)
 	@${MKDIR} ${DOCSDIR}
 	cd ${WRKSRC} && ${INSTALL_DATA} ${DOCS} ${DOCSDIR}
diff --git a/security/snort/distinfo b/security/snort/distinfo
index 776ec86152bf..7ccbeb477c6e 100644
--- a/security/snort/distinfo
+++ b/security/snort/distinfo
@@ -1,6 +1,4 @@
-MD5 (snort-2.3.3.tar.gz) = 06bf140893e7cb120aaa9372d10a0100
-SIZE (snort-2.3.3.tar.gz) = 2631270
-MD5 (snort-prelude-reporting-patch-0.3.6.tar.gz) = 323ab2956a59de113aa13099917f0d3a
-SIZE (snort-prelude-reporting-patch-0.3.6.tar.gz) = 21964
-MD5 (snort-2.3.3.tar.gz.asc) = 545d371c8e4a1c9aa06478460768f9d3
-SIZE (snort-2.3.3.tar.gz.asc) = 189
+MD5 (snort-2.4.1.tar.gz) = 7b7d36e063a674fd9cc324969012f32a
+SIZE (snort-2.4.1.tar.gz) = 2695304
+MD5 (snort-2.4.1.tar.gz.sig) = 8e8e5315623efc1250c59fbd6d551393
+SIZE (snort-2.4.1.tar.gz.sig) = 65
diff --git a/security/snort/files/patch-snort.c b/security/snort/files/patch-snort.c
deleted file mode 100644
index 44045699dbe1..000000000000
--- a/security/snort/files/patch-snort.c
+++ /dev/null
@@ -1,11 +0,0 @@
---- src/snort.c.orig	Thu Apr 17 14:39:59 2003
-+++ src/snort.c	Thu Apr 17 14:40:09 2003
-@@ -1729,7 +1729,7 @@
- {
-     struct stat st;
-     int i;
--    char *conf_files[]={"/etc/snort.conf", "./snort.conf", NULL};
-+    char *conf_files[]={"%%PREFIX%%/etc/snort.conf", "./snort.conf", NULL};
-     char *fname = NULL;
-     char *home_dir = NULL;
-     char *rval = NULL;
diff --git a/security/snort/files/patch-snort.conf b/security/snort/files/patch-snort.conf
index 06cb69bb7895..1ca95740e001 100644
--- a/security/snort/files/patch-snort.conf
+++ b/security/snort/files/patch-snort.conf
@@ -5,25 +5,7 @@
  # Note for Windows users:  You are advised to make this an absolute path,
  # such as:  c:\snort\rules
 -var RULE_PATH ../rules
-+var RULE_PATH ../share/snort
++var RULE_PATH ./rules
  
  # Configure the snort decoder
  # ============================
-@@ -507,7 +507,7 @@
- # such as:  c:\snort\etc\classification.config
- #
- 
--include classification.config
-+include ../share/snort/classification.config
- 
- #
- # Include reference systems
-@@ -515,7 +515,7 @@
- # such as:  c:\snort\etc\reference.config
- #
- 
--include reference.config
-+include ../share/snort/reference.config
- 
- ####################################################################
- # Step #4: Customize your rule set
diff --git a/security/snort/files/pkg-message.in b/security/snort/files/pkg-message.in
new file mode 100644
index 000000000000..d3dad9f97a15
--- /dev/null
+++ b/security/snort/files/pkg-message.in
@@ -0,0 +1,12 @@
+=========================================================================
+Snort uses rcNG startup script and must be enabled via /etc/rc.conf
+Please see %%PREFIX%%/etc/rc.d/snort.sh 
+for list of available variables and their description.
+Configuration files are located in %%PREFIX%%/etc/snort directory.
+
+NOTE: Starting with Snort 2.4.0 (released on 2005-04-22) 
+      the rules are no longer included with the distribution.
+      Please download them from http://www.snort.org/rules/.
+      You might consider installing security/oinkmaster port to simplify
+      rules downloads and updates.
+=========================================================================
diff --git a/security/snort/files/snort.sh b/security/snort/files/snort.sh.in
index d737bfd76385..e81c40b90e97 100644
--- a/security/snort/files/snort.sh
+++ b/security/snort/files/snort.sh.in
@@ -1,10 +1,10 @@
 #!/bin/sh
-# $Id$
+# $FreeBSD$
 
 # PROVIDE: snort
 # REQUIRE: DAEMON
 # BEFORE: LOGIN
-# KEYWORD: FreeBSD shutdown
+# KEYWORD: shutdown
 
 # Add the following lines to /etc/rc.conf to enable snort:
 # snort_enable (bool):		Set to YES to enable snort
@@ -14,7 +14,7 @@
 # snort_interface (str):	Network interface to sniff
 #				Default: "" 
 # snort_conf (str):		Snort configuration file
-#				Default: ${PREFIX}/etc/snort.conf
+#				Default: ${PREFIX}/etc/snort/snort.conf
 #
 
 . %%RC_SUBR%%
@@ -27,7 +27,7 @@ command="%%PREFIX%%/bin/snort"
 load_rc_config $name
 
 [ -z "$snort_enable" ]    && snort_enable="NO"
-[ -z "$snort_conf" ]      && snort_conf="%%PREFIX%%/etc/snort.conf"
+[ -z "$snort_conf" ]      && snort_conf="%%PREFIX%%/etc/snort/snort.conf"
 [ -z "$snort_flags" ]     && snort_flags="-Dq"
 
 [ -n "$snort_interface" ] && snort_flags="$snort_flags -i $snort_interface"
diff --git a/security/snort/pkg-message b/security/snort/pkg-message
deleted file mode 100644
index 7a4949ff8ac2..000000000000
--- a/security/snort/pkg-message
+++ /dev/null
@@ -1,16 +0,0 @@
-         ***********************************
-         * !!!!!!!!!!! WARNING !!!!!!!!!!! *
-         ***********************************
-
-snort now uses rcNG startup scripts and must be enabled via /etc/rc.conf
-
-Available variables:
-
-  snort_enable (bool):		Set to YES to enable snort
-  				Default: NO
-  snort_flags (str):		Extra flags passed to snort
- 				Default: -Dq
-  snort_interface (str):	Network interface to sniff
- 				Default: ""
-  snort_conf (str):		Snort configuration file
- 				Default: ${PREFIX}/etc/snort.conf
diff --git a/security/snort/pkg-plist b/security/snort/pkg-plist
index 9c49dc4f9556..c4568c4fb393 100644
--- a/security/snort/pkg-plist
+++ b/security/snort/pkg-plist
@@ -1,28 +1,22 @@
 @comment $FreeBSD$
 bin/snort
-@unexec if [ -f %D/etc/snort.conf ] && cmp -s %D/etc/snort.conf %D/etc/snort.conf-sample; then rm -f %D/etc/snort.conf; fi
-etc/snort.conf-sample
-@exec [ -f %B/snort.conf ] || cp %B/%f %B/snort.conf
-@unexec if [ -f %D/etc/unicode.map ] && cmp -s %D/etc/unicode.map %D/etc/unicode.map-sample; then rm -f %D/etc/unicode.map; fi
-etc/unicode.map-sample
-@exec [ -f %B/unicode.map ] || cp %B/%f %B/unicode.map
-@unexec if [ -f %D/etc/threshold.conf ] && cmp -s %D/etc/threshold.conf %D/etc/threshold.conf-sample; then rm -f %D/etc/threshold.conf; fi
-etc/threshold.conf-sample
-@exec [ -f %B/threshold.conf ] || cp %B/%f %B/threshold.conf
-%%PRELUDE%%@unexec if [ -f %D/etc/prelude-classification.config ] && cmp -s %D/etc/prelude-classification.config %D/etc/prelude-classification.config-sample; then rm -f %D/etc/prelude-classification.config; fi
-%%PRELUDE%%etc/prelude-classification.config-sample
-%%PRELUDE%%@exec [ -f %B/prelude-classification.config ] || cp %B/%f %B/prelude-classification.config
-etc/rc.d/snort.sh
+etc/snort/classification.config-sample
+etc/snort/gen-msg.map-sample
+etc/snort/generators-sample
+etc/snort/reference.config-sample
+etc/snort/sid-sample
+etc/snort/sid-msg.map-sample
+etc/snort/snort.conf-sample
+etc/snort/threshold.conf-sample
+etc/snort/unicode.map-sample
+@unexec rmdir %D/etc/snort 2>/dev/null || true
 %%PORTDOCS%%%%DOCSDIR%%/AUTHORS
 %%PORTDOCS%%%%DOCSDIR%%/BUGS
 %%PORTDOCS%%%%DOCSDIR%%/CREDITS
-%%PORTDOCS%%%%DOCSDIR%%/ChangeLog
-%%PORTDOCS%%%%DOCSDIR%%/NEWS
 %%PORTDOCS%%%%DOCSDIR%%/README
 %%PORTDOCS%%%%DOCSDIR%%/README.FLEXRESP
 %%PORTDOCS%%%%DOCSDIR%%/README.INLINE
 %%PORTDOCS%%%%DOCSDIR%%/README.PLUGINS
-%%PORTDOCS%%%%PRELUDE%%%%DOCSDIR%%/README.Prelude
 %%PORTDOCS%%%%DOCSDIR%%/README.UNSOCK
 %%PORTDOCS%%%%DOCSDIR%%/README.WIN32
 %%PORTDOCS%%%%DOCSDIR%%/README.alert_order
@@ -33,70 +27,19 @@ etc/rc.d/snort.sh
 %%PORTDOCS%%%%DOCSDIR%%/README.flow
 %%PORTDOCS%%%%DOCSDIR%%/README.flowbits
 %%PORTDOCS%%%%DOCSDIR%%/README.flow-portscan
+%%PORTDOCS%%%%DOCSDIR%%/README.frag3
 %%PORTDOCS%%%%DOCSDIR%%/README.http_inspect
 %%PORTDOCS%%%%DOCSDIR%%/README.sfportscan
 %%PORTDOCS%%%%DOCSDIR%%/README.thresholding
 %%PORTDOCS%%%%DOCSDIR%%/README.wireless
-%%PORTDOCS%%%%DOCSDIR%%/TODO
+%%PORTDOCS%%%%DOCSDIR%%/RELEASE.NOTES
 %%PORTDOCS%%%%DOCSDIR%%/USAGE
 %%PORTDOCS%%%%DOCSDIR%%/faq.pdf
 %%PORTDOCS%%%%DOCSDIR%%/snort_manual.pdf
 %%PORTDOCS%%%%DOCSDIR%%/snort_schema_v106.pdf
 %%PORTDOCS%%@dirrm %%DOCSDIR%%
-%%DATADIR%%/attack-responses.rules
-%%DATADIR%%/backdoor.rules
-%%DATADIR%%/bad-traffic.rules
-%%DATADIR%%/chat.rules
-@unexec if [ -f %B/classification.config ] && cmp -s %B/classification.config %B/classification.config-sample; then rm -f %B/classification.config; fi
-%%DATADIR%%/classification.config-sample
-@exec [ -f %B/classification.config ] || cp %B/%f %B/classification.config
-%%DATADIR%%/ddos.rules
-%%DATADIR%%/deleted.rules
-%%DATADIR%%/dns.rules
-%%DATADIR%%/dos.rules
-%%DATADIR%%/experimental.rules
-%%DATADIR%%/exploit.rules
-%%DATADIR%%/finger.rules
-%%DATADIR%%/ftp.rules
-%%DATADIR%%/icmp-info.rules
-%%DATADIR%%/icmp.rules
-%%DATADIR%%/imap.rules
-%%DATADIR%%/info.rules
-@unexec if [ -f %B/local.rules ] && cmp -s %B/local.rules %B/local.rules-sample; then rm -f %B/local.rules; fi
-%%DATADIR%%/local.rules-sample
-@exec [ -f %B/local.rules ] || cp %B/%f %B/local.rules
-%%DATADIR%%/misc.rules
-%%DATADIR%%/multimedia.rules
-%%DATADIR%%/mysql.rules
-%%DATADIR%%/netbios.rules
-%%DATADIR%%/nntp.rules
-%%DATADIR%%/oracle.rules
-%%DATADIR%%/other-ids.rules
-%%DATADIR%%/p2p.rules
-%%DATADIR%%/policy.rules
-%%DATADIR%%/pop2.rules
-%%DATADIR%%/pop3.rules
-%%DATADIR%%/porn.rules
-@unexec if [ -f %B/reference.config ] && cmp -s %B/reference.config %B/reference.config-sample; then rm -f %B/reference.config; fi
-%%DATADIR%%/reference.config-sample
-@exec [ -f %B/reference.config ] || cp %B/%f %B/reference.config
-%%DATADIR%%/rpc.rules
-%%DATADIR%%/rservices.rules
-%%DATADIR%%/scan.rules
-%%DATADIR%%/shellcode.rules
-%%DATADIR%%/smtp.rules
-%%DATADIR%%/snmp.rules
-%%DATADIR%%/sql.rules
-%%DATADIR%%/telnet.rules
-%%DATADIR%%/tftp.rules
-%%DATADIR%%/virus.rules
-%%DATADIR%%/web-attacks.rules
-%%DATADIR%%/web-cgi.rules
-%%DATADIR%%/web-client.rules
-%%DATADIR%%/web-coldfusion.rules
-%%DATADIR%%/web-frontpage.rules
-%%DATADIR%%/web-iis.rules
-%%DATADIR%%/web-misc.rules
-%%DATADIR%%/web-php.rules
-%%DATADIR%%/x11.rules
-@dirrm %%DATADIR%%
+%%EXAMPLESDIR%%/create_mssql
+%%EXAMPLESDIR%%/create_mysql
+%%EXAMPLESDIR%%/create_oracle.sql
+%%EXAMPLESDIR%%/create_postgresql
+@dirrm %%EXAMPLESDIR%%