4 files changed, 31 insertions, 68 deletions

diff --git a/security/snort_inline/Makefile b/security/snort_inline/Makefile
index 96d3b3b5c489..4c6f7e339e01 100644
--- a/security/snort_inline/Makefile
+++ b/security/snort_inline/Makefile
@@ -6,19 +6,15 @@
 #
 
 PORTNAME=	snort_inline
-PORTVERSION=	2.3.0
-PORTREVISION=	1
+PORTVERSION=	2.4.5
 CATEGORIES=	security
 MASTER_SITES=	http://freebsd.rogness.net/ports/snort_inline/
-DISTNAME=	snort_inline-2.3.0-RC1
 
 MAINTAINER=	nick@rogness.net
 COMMENT=	An inline IPS system based on snort using ipfw
 
 LIB_DEPENDS=	pcre.0:${PORTSDIR}/devel/pcre
 
-WRKSRC=		${WRKDIR}/snort_inline-2.3.0-RC1
-
 USE_GPG=	yes
 SIG_SUFFIX=	.asc
 GNU_CONFIGURE=	yes
@@ -26,9 +22,7 @@ CONFIGURE_ENV=	LDFLAGS="${LDFLAGS}"
 CONFIGURE_TARGET=	--build=${MACHINE_ARCH}-portbld-freebsd${OSREL}
 CONFIGURE_ARGS+=	--enable-inline --enable-ipfw
 
-BUILD_DEPENDS+=		libnet*<=1.1.0,1:${PORTSDIR}/net/libnet10
-CONFIGURE_ARGS+=	--with-libnet-includes=${LOCALBASE}/include \
-			--with-libnet-libraries=${LOCALBASE}/lib
+LIB_DEPENDS+=		dnet:${PORTSDIR}/net/libdnet
 
 .if defined(WITH_MYSQL)
 USE_MYSQL=		yes
@@ -55,14 +49,20 @@ LDFLAGS+=		-lssl -lcrypto
 CONFIGURE_ARGS+=	--with-postgresql=no
 .endif
 
-MAN8=		snort.8
+MAN8=		snort.8 snort_inline.8
 DOCS=		ChangeLog doc/AUTHORS doc/BUGS doc/CREDITS doc/faq* doc/NEWS \
 		doc/README* doc/TODO doc/USAGE doc/*.pdf
 
+RULE_PATH=	${DATADIR}/rules
+
 USE_RC_SUBR=	snort.sh
 
 post-patch:
 	${REINPLACE_CMD} "s,%%PREFIX%%,${PREFIX}," ${WRKSRC}/src/snort.c
+	${REINPLACE_CMD} "s,/etc/snort_inline/drop-rules,${RULE_PATH}," ${WRKSRC}/etc/snort_inline.conf
+	${REINPLACE_CMD} "s,$RULE_PATH/classification.config,${DATADIR}/classification.config," ${WRKSRC}/etc/snort_inline.conf
+	${REINPLACE_CMD} "s,$RULE_PATH/reference.config,${DATADIR}/reference.config," ${WRKSRC}/etc/snort_inline.conf
+	${REINPLACE_CMD} -e "s/^unicode.map/\/usr\/local\/share\/snort_inline\/unicode.map/" ${WRKSRC}/etc/snort_inline.conf
 
 pre-configure:
 	@${ECHO} ""
@@ -72,7 +72,7 @@ pre-configure:
 
 post-install:
 	@${MKDIR} ${DATADIR}
-	${INSTALL_DATA} ${WRKSRC}/rules/*.rules ${DATADIR}
+	@${MKDIR} ${RULE_PATH}
 	${INSTALL_DATA} ${WRKSRC}/etc/classification.config \
 		${DATADIR}/classification.config-sample
 	[ -f ${DATADIR}/classification.config ] || \
@@ -82,7 +82,13 @@ post-install:
 		${DATADIR}/reference.config-sample
 	[ -f ${DATADIR}/reference.config ] ||  \
 		${CP} ${DATADIR}/reference.config-sample ${DATADIR}/reference.config
-.for f in snort.conf snort_inline.conf unicode.map threshold.conf
+	${INSTALL_DATA} ${WRKSRC}/etc/threshold.conf \
+		${DATADIR}/threshold.conf-sample
+	[ -f ${DATADIR}/threshold.conf ] ||  \
+		${CP} ${DATADIR}/threshold.conf-sample ${DATADIR}/threshold.conf
+	${INSTALL_DATA} ${WRKSRC}/etc/unicode.map \
+		${DATADIR}/unicode.map
+.for f in snort.conf snort_inline.conf
 	${INSTALL_DATA} ${WRKSRC}/etc/${f} ${PREFIX}/etc/${f}-sample
 	[ -f ${PREFIX}/etc/${f} ] || \
 		${INSTALL_DATA} ${WRKSRC}/etc/${f} ${PREFIX}/etc/${f}
diff --git a/security/snort_inline/distinfo b/security/snort_inline/distinfo
index 0c3819c908d9..8952510843ef 100644
--- a/security/snort_inline/distinfo
+++ b/security/snort_inline/distinfo
@@ -1,3 +1,3 @@
-MD5 (snort_inline-2.3.0-RC1.tar.gz) = d577c101a78c97b0f18a1e01b0252419
-SHA256 (snort_inline-2.3.0-RC1.tar.gz) = 46027eeb583dd2efa1ca724948a84fd79d320a0f04df4befde27688c4f7995dc
-SIZE (snort_inline-2.3.0-RC1.tar.gz) = 2742898
+MD5 (snort_inline-2.4.5.tar.gz) = 6fbc46cb339cd9f7b9699104b9a99b1a
+SHA256 (snort_inline-2.4.5.tar.gz) = c417dd23d06d468f0fc5d2cc4f9d1022db5b02a9a77d702f8e24261f0a433651
+SIZE (snort_inline-2.4.5.tar.gz) = 3019957
diff --git a/security/snort_inline/files/snort.sh.in b/security/snort_inline/files/snort.sh.in
index 1b8b172cdfd7..aecaf43cd77a 100644
--- a/security/snort_inline/files/snort.sh.in
+++ b/security/snort_inline/files/snort.sh.in
@@ -4,7 +4,7 @@
 # PROVIDE: snort
 # REQUIRE: DAEMON
 # BEFORE: LOGIN
-# KEYWORD: shutdown
+# KEYWORD: FreeBSD shutdown
 
 # Add the following lines to /etc/rc.conf to enable snort:
 # snort_enable (bool):		Set to YES to enable snort
@@ -22,7 +22,7 @@
 name="snort"
 rcvar=`set_rcvar`
 
-command="%%PREFIX%%/bin/snort"
+command="%%PREFIX%%/bin/snort_inline"
 
 load_rc_config $name
 
diff --git a/security/snort_inline/pkg-plist b/security/snort_inline/pkg-plist
index d9a148b677bf..1304bfebc148 100644
--- a/security/snort_inline/pkg-plist
+++ b/security/snort_inline/pkg-plist
@@ -5,11 +5,11 @@ etc/snort.conf-sample
 @unexec if [ -f %D/etc/snort_inline.conf ] && cmp -s %D/etc/snort_inline.conf %D/etc/snort_inline.conf-sample; then rm -f %D/etc/snort_inline.conf; fi
 etc/snort_inline.conf-sample
 @exec [ -f %B/snort_inline.conf ] || cp %B/%f %B/snort_inline.conf
-@unexec if [ -f %D/etc/unicode.map ] && cmp -s %D/etc/unicode.map %D/etc/unicode.map-sample; then rm -f %D/etc/unicode.map; fi
-etc/unicode.map-sample
+@unexec if [ -f %B/unicode.map ] && cmp -s %B/unicode.map %B/unicode.map-sample; then rm -f %B/etc/unicode.map; fi
+%%DATADIR%%/unicode.map
 @exec [ -f %B/unicode.map ] || cp %B/%f %B/unicode.map
-@unexec if [ -f %D/etc/threshold.conf ] && cmp -s %D/etc/threshold.conf %D/etc/threshold.conf-sample; then rm -f %D/etc/threshold.conf; fi
-etc/threshold.conf-sample
+@unexec if [ -f %B/threshold.conf ] && cmp -s %B/threshold.conf %B/threshold.conf-sample; then rm -f %B/threshold.conf; fi
+%%DATADIR%%/threshold.conf-sample
 @exec [ -f %B/threshold.conf ] || cp %B/%f %B/threshold.conf
 %%PORTDOCS%%%%DOCSDIR%%/AUTHORS
 %%PORTDOCS%%%%DOCSDIR%%/BUGS
@@ -36,63 +36,20 @@ etc/threshold.conf-sample
 %%PORTDOCS%%%%DOCSDIR%%/README.http_inspect
 %%PORTDOCS%%%%DOCSDIR%%/README.thresholding
 %%PORTDOCS%%%%DOCSDIR%%/README.wireless
+%%PORTDOCS%%%%DOCSDIR%%/README.NFQUEUE
+%%PORTDOCS%%%%DOCSDIR%%/README.clamav
+%%PORTDOCS%%%%DOCSDIR%%/README.frag3
 %%PORTDOCS%%%%DOCSDIR%%/TODO
 %%PORTDOCS%%%%DOCSDIR%%/USAGE
 %%PORTDOCS%%%%DOCSDIR%%/snort_manual.pdf
 %%PORTDOCS%%%%DOCSDIR%%/snort_schema_v106.pdf
 %%PORTDOCS%%@dirrm %%DOCSDIR%%
-%%DATADIR%%/attack-responses.rules
-%%DATADIR%%/backdoor.rules
-%%DATADIR%%/bad-traffic.rules
-%%DATADIR%%/chat.rules
 @unexec if [ -f %B/classification.config ] && cmp -s %B/classification.config %B/classification.config-sample; then rm -f %B/classification.config; fi
 %%DATADIR%%/classification.config-sample
 @exec [ -f %B/classification.config ] || cp %B/%f %B/classification.config
-%%DATADIR%%/ddos.rules
-%%DATADIR%%/deleted.rules
-%%DATADIR%%/dns.rules
-%%DATADIR%%/dos.rules
-%%DATADIR%%/experimental.rules
-%%DATADIR%%/exploit.rules
-%%DATADIR%%/finger.rules
-%%DATADIR%%/ftp.rules
-%%DATADIR%%/icmp-info.rules
-%%DATADIR%%/icmp.rules
-%%DATADIR%%/imap.rules
-%%DATADIR%%/info.rules
-%%DATADIR%%/local.rules
-%%DATADIR%%/misc.rules
-%%DATADIR%%/multimedia.rules
-%%DATADIR%%/mysql.rules
-%%DATADIR%%/netbios.rules
-%%DATADIR%%/nntp.rules
-%%DATADIR%%/oracle.rules
-%%DATADIR%%/other-ids.rules
-%%DATADIR%%/p2p.rules
-%%DATADIR%%/policy.rules
-%%DATADIR%%/pop2.rules
-%%DATADIR%%/pop3.rules
-%%DATADIR%%/porn.rules
+%%DATADIR%%/classification.config
 @unexec if [ -f %B/reference.config ] && cmp -s %B/reference.config %B/reference.config-sample; then rm -f %B/reference.config; fi
 %%DATADIR%%/reference.config-sample
 @exec [ -f %B/reference.config ] || cp %B/%f %B/reference.config
-%%DATADIR%%/rpc.rules
-%%DATADIR%%/rservices.rules
-%%DATADIR%%/scan.rules
-%%DATADIR%%/shellcode.rules
-%%DATADIR%%/smtp.rules
-%%DATADIR%%/snmp.rules
-%%DATADIR%%/sql.rules
-%%DATADIR%%/telnet.rules
-%%DATADIR%%/tftp.rules
-%%DATADIR%%/virus.rules
-%%DATADIR%%/web-attacks.rules
-%%DATADIR%%/web-cgi.rules
-%%DATADIR%%/web-client.rules
-%%DATADIR%%/web-coldfusion.rules
-%%DATADIR%%/web-frontpage.rules
-%%DATADIR%%/web-iis.rules
-%%DATADIR%%/web-misc.rules
-%%DATADIR%%/web-php.rules
-%%DATADIR%%/x11.rules
+@dirrmtry %%DATADIR%%/rules
 @dirrm %%DATADIR%%