Solaris specific changes to the snort configuration file that will be

installed under /etc/snort/.

These changes will not be submitted upstream.

--- etc/snort.conf.orig	2014-09-25 07:56:45.270217768 -0700

+++ etc/snort.conf	2014-10-06 06:02:57.202660631 -0700

@@ -101,13 +101,13 @@

 # Path to your rules files (this can be a relative path)

 # Note for Windows users:  You are advised to make this an absolute path,

 # such as:  c:\snort\rules

-var RULE_PATH ../rules

-var SO_RULE_PATH ../so_rules

-var PREPROC_RULE_PATH ../preproc_rules

+var RULE_PATH rules

+var SO_RULE_PATH so_rules

+var PREPROC_RULE_PATH preproc_rules

 # If you are using reputation preprocessor set these

-var WHITE_LIST_PATH ../rules

-var BLACK_LIST_PATH ../rules

+var WHITE_LIST_PATH rules

+var BLACK_LIST_PATH rules

 ###################################################

 # Step #2: Configure the decoder.  For more information, see README.decode

@@ -153,7 +153,7 @@

@@ -240,13 +240,13 @@

@@ -499,12 +499,12 @@

    check_crc

 # Reputation preprocessor. For more information see README.reputation

-preprocessor reputation: \

-   memcap 500, \

-   priority whitelist, \

-   nested_ip inner, \

-   whitelist $WHITE_LIST_PATH/white_list.rules, \

-   blacklist $BLACK_LIST_PATH/black_list.rules 

+#preprocessor reputation: \

+#   memcap 500, \

+#   priority whitelist, \

+#   nested_ip inner, \

+#   whitelist $WHITE_LIST_PATH/white_list.rules, \

+#   blacklist $BLACK_LIST_PATH/black_list.rules 

 # Step #6: Configure output plugins

@@ -538,123 +538,123 @@

-include $RULE_PATH/app-detect.rules

-include $RULE_PATH/browser-chrome.rules

-include $RULE_PATH/browser-firefox.rules

-include $RULE_PATH/browser-ie.rules

-include $RULE_PATH/browser-other.rules

-include $RULE_PATH/browser-plugins.rules

-include $RULE_PATH/browser-webkit.rules

-include $RULE_PATH/experimental.rules

-include $RULE_PATH/exploit-kit.rules

-include $RULE_PATH/file-executable.rules

-include $RULE_PATH/file-flash.rules

-include $RULE_PATH/file-identify.rules

-include $RULE_PATH/file-image.rules

-include $RULE_PATH/file-java.rules

-include $RULE_PATH/file-multimedia.rules

-include $RULE_PATH/file-office.rules

-include $RULE_PATH/file-other.rules

-include $RULE_PATH/file-pdf.rules

-include $RULE_PATH/icmp-info.rules

-include $RULE_PATH/indicator-compromise.rules

-include $RULE_PATH/indicator-obfuscation.rules

-include $RULE_PATH/indicator-scan.rules

-include $RULE_PATH/indicator-shellcode.rules

-include $RULE_PATH/malware-backdoor.rules

-include $RULE_PATH/malware-cnc.rules

-include $RULE_PATH/malware-other.rules

-include $RULE_PATH/malware-tools.rules

-include $RULE_PATH/os-linux.rules

-include $RULE_PATH/os-mobile.rules

-include $RULE_PATH/os-other.rules

-include $RULE_PATH/os-solaris.rules

-include $RULE_PATH/os-windows.rules

-include $RULE_PATH/policy-multimedia.rules

-include $RULE_PATH/policy-other.rules

-include $RULE_PATH/policy-social.rules

-include $RULE_PATH/policy-spam.rules

-include $RULE_PATH/protocol-dns.rules

-include $RULE_PATH/protocol-finger.rules

-include $RULE_PATH/protocol-ftp.rules

-include $RULE_PATH/protocol-icmp.rules

-include $RULE_PATH/protocol-imap.rules

-include $RULE_PATH/protocol-nntp.rules

-include $RULE_PATH/protocol-pop.rules

-include $RULE_PATH/protocol-rpc.rules

-include $RULE_PATH/protocol-scada.rules

-include $RULE_PATH/protocol-services.rules

-include $RULE_PATH/protocol-snmp.rules

-include $RULE_PATH/protocol-telnet.rules

-include $RULE_PATH/protocol-tftp.rules

-include $RULE_PATH/protocol-voip.rules

-include $RULE_PATH/pua-adware.rules

-include $RULE_PATH/pua-other.rules

-include $RULE_PATH/pua-p2p.rules

-include $RULE_PATH/pua-toolbars.rules

-include $RULE_PATH/server-apache.rules

-include $RULE_PATH/server-iis.rules

-include $RULE_PATH/server-mail.rules

-include $RULE_PATH/server-mssql.rules

-include $RULE_PATH/server-mysql.rules

-include $RULE_PATH/server-oracle.rules

-include $RULE_PATH/server-other.rules

-include $RULE_PATH/server-samba.rules

-include $RULE_PATH/server-webapp.rules

+# include $RULE_PATH/app-detect.rules

+# include $RULE_PATH/browser-chrome.rules

+# include $RULE_PATH/browser-firefox.rules

+# include $RULE_PATH/browser-ie.rules

+# include $RULE_PATH/browser-other.rules

+# include $RULE_PATH/browser-plugins.rules

+# include $RULE_PATH/browser-webkit.rules

+# include $RULE_PATH/experimental.rules

+# include $RULE_PATH/exploit-kit.rules

+# include $RULE_PATH/file-executable.rules

+# include $RULE_PATH/file-flash.rules

+# include $RULE_PATH/file-identify.rules

+# include $RULE_PATH/file-image.rules

+# include $RULE_PATH/file-java.rules

+# include $RULE_PATH/file-multimedia.rules

+# include $RULE_PATH/file-office.rules

+# include $RULE_PATH/file-other.rules

+# include $RULE_PATH/file-pdf.rules

+# include $RULE_PATH/icmp-info.rules

+# include $RULE_PATH/indicator-compromise.rules

+# include $RULE_PATH/indicator-obfuscation.rules

+# include $RULE_PATH/indicator-scan.rules

+# include $RULE_PATH/indicator-shellcode.rules

+# include $RULE_PATH/malware-backdoor.rules

+# include $RULE_PATH/malware-cnc.rules

+# include $RULE_PATH/malware-other.rules

+# include $RULE_PATH/malware-tools.rules

+# include $RULE_PATH/os-linux.rules

+# include $RULE_PATH/os-mobile.rules

+# include $RULE_PATH/os-other.rules

+# include $RULE_PATH/os-solaris.rules

+# include $RULE_PATH/os-windows.rules

+# include $RULE_PATH/policy-multimedia.rules

+# include $RULE_PATH/policy-other.rules

+# include $RULE_PATH/policy-social.rules

+# include $RULE_PATH/policy-spam.rules

+# include $RULE_PATH/protocol-dns.rules

+# include $RULE_PATH/protocol-finger.rules

+# include $RULE_PATH/protocol-ftp.rules

+# include $RULE_PATH/protocol-icmp.rules

+# include $RULE_PATH/protocol-imap.rules

+# include $RULE_PATH/protocol-nntp.rules

+# include $RULE_PATH/protocol-pop.rules

+# include $RULE_PATH/protocol-rpc.rules

+# include $RULE_PATH/protocol-scada.rules

+# include $RULE_PATH/protocol-services.rules

+# include $RULE_PATH/protocol-snmp.rules

+# include $RULE_PATH/protocol-telnet.rules

+# include $RULE_PATH/protocol-tftp.rules

+# include $RULE_PATH/protocol-voip.rules

+# include $RULE_PATH/pua-adware.rules

+# include $RULE_PATH/pua-other.rules

+# include $RULE_PATH/pua-p2p.rules

+# include $RULE_PATH/pua-toolbars.rules

+# include $RULE_PATH/server-apache.rules

+# include $RULE_PATH/server-iis.rules

+# include $RULE_PATH/server-mail.rules

+# include $RULE_PATH/server-mssql.rules

+# include $RULE_PATH/server-mysql.rules

+# include $RULE_PATH/server-oracle.rules

+# include $RULE_PATH/server-other.rules

+# include $RULE_PATH/server-samba.rules

+# include $RULE_PATH/server-webapp.rules