Mercurial Mercurial > upstream > oracle > userland-gate / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/snort/patches/snort.conf.patch
author Rich Burridge <rich.burridge@oracle.com>
Mon, 02 Mar 2015 12:23:58 -0800
changeset 3880 408b5915875e
parent 2198 168b8acace5f
child 7650 2e39c59b83f8
permissions -rw-r--r--
20555148 conflict should be updated to version 20140723

Solaris specific changes to the snort configuration file that will be
installed under /etc/snort/.

These changes will not be submitted upstream.

--- etc/snort.conf.orig	2014-09-25 07:56:45.270217768 -0700
+++ etc/snort.conf	2014-10-06 06:02:57.202660631 -0700
@@ -101,13 +101,13 @@
 # Path to your rules files (this can be a relative path)
 # Note for Windows users:  You are advised to make this an absolute path,
 # such as:  c:\snort\rules
-var RULE_PATH ../rules
-var SO_RULE_PATH ../so_rules
-var PREPROC_RULE_PATH ../preproc_rules
+var RULE_PATH rules
+var SO_RULE_PATH so_rules
+var PREPROC_RULE_PATH preproc_rules
 
 # If you are using reputation preprocessor set these
-var WHITE_LIST_PATH ../rules
-var BLACK_LIST_PATH ../rules
+var WHITE_LIST_PATH rules
+var BLACK_LIST_PATH rules
 
 ###################################################
 # Step #2: Configure the decoder.  For more information, see README.decode
@@ -153,7 +153,7 @@
 # Configure DAQ related options for inline operation. For more information, see README.daq
 #
 # config daq: <type>
-# config daq_dir: <dir>
+config daq_dir: /usr/lib/64/daq/
 # config daq_mode: <mode>
 # config daq_var: <var>
 #
@@ -240,13 +240,13 @@
 ###################################################
 
 # path to dynamic preprocessor libraries
-dynamicpreprocessor directory /usr/local/lib/snort_dynamicpreprocessor/
+dynamicpreprocessor directory /usr/lib/64/snort_dynamicpreprocessor/
 
 # path to base preprocessor engine
-dynamicengine /usr/local/lib/snort_dynamicengine/libsf_engine.so
+dynamicengine /usr/lib/64/snort_dynamicengine/libsf_engine.so
 
 # path to dynamic rules libraries
-dynamicdetection directory /usr/local/lib/snort_dynamicrules
+dynamicdetection directory /usr/lib/64/snort_dynamicrules
 
 ###################################################
 # Step #5: Configure preprocessors
@@ -499,12 +499,12 @@
    check_crc
 
 # Reputation preprocessor. For more information see README.reputation
-preprocessor reputation: \
-   memcap 500, \
-   priority whitelist, \
-   nested_ip inner, \
-   whitelist $WHITE_LIST_PATH/white_list.rules, \
-   blacklist $BLACK_LIST_PATH/black_list.rules 
+#preprocessor reputation: \
+#   memcap 500, \
+#   priority whitelist, \
+#   nested_ip inner, \
+#   whitelist $WHITE_LIST_PATH/white_list.rules, \
+#   blacklist $BLACK_LIST_PATH/black_list.rules 
 
 ###################################################
 # Step #6: Configure output plugins
@@ -538,123 +538,123 @@
 ###################################################
 
 # site specific rules
-include $RULE_PATH/local.rules
+# include $RULE_PATH/local.rules
 
-include $RULE_PATH/app-detect.rules
-include $RULE_PATH/attack-responses.rules
-include $RULE_PATH/backdoor.rules
-include $RULE_PATH/bad-traffic.rules
-include $RULE_PATH/blacklist.rules
-include $RULE_PATH/botnet-cnc.rules
-include $RULE_PATH/browser-chrome.rules
-include $RULE_PATH/browser-firefox.rules
-include $RULE_PATH/browser-ie.rules
-include $RULE_PATH/browser-other.rules
-include $RULE_PATH/browser-plugins.rules
-include $RULE_PATH/browser-webkit.rules
-include $RULE_PATH/chat.rules
-include $RULE_PATH/content-replace.rules
-include $RULE_PATH/ddos.rules
-include $RULE_PATH/dns.rules
-include $RULE_PATH/dos.rules
-include $RULE_PATH/experimental.rules
-include $RULE_PATH/exploit-kit.rules
-include $RULE_PATH/exploit.rules
-include $RULE_PATH/file-executable.rules
-include $RULE_PATH/file-flash.rules
-include $RULE_PATH/file-identify.rules
-include $RULE_PATH/file-image.rules
-include $RULE_PATH/file-java.rules
-include $RULE_PATH/file-multimedia.rules
-include $RULE_PATH/file-office.rules
-include $RULE_PATH/file-other.rules
-include $RULE_PATH/file-pdf.rules
-include $RULE_PATH/finger.rules
-include $RULE_PATH/ftp.rules
-include $RULE_PATH/icmp-info.rules
-include $RULE_PATH/icmp.rules
-include $RULE_PATH/imap.rules
-include $RULE_PATH/indicator-compromise.rules
-include $RULE_PATH/indicator-obfuscation.rules
-include $RULE_PATH/indicator-scan.rules
-include $RULE_PATH/indicator-shellcode.rules
-include $RULE_PATH/info.rules
-include $RULE_PATH/malware-backdoor.rules
-include $RULE_PATH/malware-cnc.rules
-include $RULE_PATH/malware-other.rules
-include $RULE_PATH/malware-tools.rules
-include $RULE_PATH/misc.rules
-include $RULE_PATH/multimedia.rules
-include $RULE_PATH/mysql.rules
-include $RULE_PATH/netbios.rules
-include $RULE_PATH/nntp.rules
-include $RULE_PATH/oracle.rules
-include $RULE_PATH/os-linux.rules
-include $RULE_PATH/os-mobile.rules
-include $RULE_PATH/os-other.rules
-include $RULE_PATH/os-solaris.rules
-include $RULE_PATH/os-windows.rules
-include $RULE_PATH/other-ids.rules
-include $RULE_PATH/p2p.rules
-include $RULE_PATH/phishing-spam.rules
-include $RULE_PATH/policy-multimedia.rules
-include $RULE_PATH/policy-other.rules
-include $RULE_PATH/policy.rules
-include $RULE_PATH/policy-social.rules
-include $RULE_PATH/policy-spam.rules
-include $RULE_PATH/pop2.rules
-include $RULE_PATH/pop3.rules
-include $RULE_PATH/protocol-dns.rules
-include $RULE_PATH/protocol-finger.rules
-include $RULE_PATH/protocol-ftp.rules
-include $RULE_PATH/protocol-icmp.rules
-include $RULE_PATH/protocol-imap.rules
-include $RULE_PATH/protocol-nntp.rules
-include $RULE_PATH/protocol-pop.rules
-include $RULE_PATH/protocol-rpc.rules
-include $RULE_PATH/protocol-scada.rules
-include $RULE_PATH/protocol-services.rules
-include $RULE_PATH/protocol-snmp.rules
-include $RULE_PATH/protocol-telnet.rules
-include $RULE_PATH/protocol-tftp.rules
-include $RULE_PATH/protocol-voip.rules
-include $RULE_PATH/pua-adware.rules
-include $RULE_PATH/pua-other.rules
-include $RULE_PATH/pua-p2p.rules
-include $RULE_PATH/pua-toolbars.rules
-include $RULE_PATH/rpc.rules
-include $RULE_PATH/rservices.rules
-include $RULE_PATH/scada.rules
-include $RULE_PATH/scan.rules
-include $RULE_PATH/server-apache.rules
-include $RULE_PATH/server-iis.rules
-include $RULE_PATH/server-mail.rules
-include $RULE_PATH/server-mssql.rules
-include $RULE_PATH/server-mysql.rules
-include $RULE_PATH/server-oracle.rules
-include $RULE_PATH/server-other.rules
-include $RULE_PATH/server-samba.rules
-include $RULE_PATH/server-webapp.rules
-include $RULE_PATH/shellcode.rules
-include $RULE_PATH/smtp.rules
-include $RULE_PATH/snmp.rules
-include $RULE_PATH/specific-threats.rules
-include $RULE_PATH/spyware-put.rules
-include $RULE_PATH/sql.rules
-include $RULE_PATH/telnet.rules
-include $RULE_PATH/tftp.rules
-include $RULE_PATH/virus.rules
-include $RULE_PATH/voip.rules
-include $RULE_PATH/web-activex.rules
-include $RULE_PATH/web-attacks.rules
-include $RULE_PATH/web-cgi.rules
-include $RULE_PATH/web-client.rules
-include $RULE_PATH/web-coldfusion.rules
-include $RULE_PATH/web-frontpage.rules
-include $RULE_PATH/web-iis.rules
-include $RULE_PATH/web-misc.rules
-include $RULE_PATH/web-php.rules
-include $RULE_PATH/x11.rules
+# include $RULE_PATH/app-detect.rules
+# include $RULE_PATH/attack-responses.rules
+# include $RULE_PATH/backdoor.rules
+# include $RULE_PATH/bad-traffic.rules
+# include $RULE_PATH/blacklist.rules
+# include $RULE_PATH/botnet-cnc.rules
+# include $RULE_PATH/browser-chrome.rules
+# include $RULE_PATH/browser-firefox.rules
+# include $RULE_PATH/browser-ie.rules
+# include $RULE_PATH/browser-other.rules
+# include $RULE_PATH/browser-plugins.rules
+# include $RULE_PATH/browser-webkit.rules
+# include $RULE_PATH/chat.rules
+# include $RULE_PATH/content-replace.rules
+# include $RULE_PATH/ddos.rules
+# include $RULE_PATH/dns.rules
+# include $RULE_PATH/dos.rules
+# include $RULE_PATH/experimental.rules
+# include $RULE_PATH/exploit-kit.rules
+# include $RULE_PATH/exploit.rules
+# include $RULE_PATH/file-executable.rules
+# include $RULE_PATH/file-flash.rules
+# include $RULE_PATH/file-identify.rules
+# include $RULE_PATH/file-image.rules
+# include $RULE_PATH/file-java.rules
+# include $RULE_PATH/file-multimedia.rules
+# include $RULE_PATH/file-office.rules
+# include $RULE_PATH/file-other.rules
+# include $RULE_PATH/file-pdf.rules
+# include $RULE_PATH/finger.rules
+# include $RULE_PATH/ftp.rules
+# include $RULE_PATH/icmp-info.rules
+# include $RULE_PATH/icmp.rules
+# include $RULE_PATH/imap.rules
+# include $RULE_PATH/indicator-compromise.rules
+# include $RULE_PATH/indicator-obfuscation.rules
+# include $RULE_PATH/indicator-scan.rules
+# include $RULE_PATH/indicator-shellcode.rules
+# include $RULE_PATH/info.rules
+# include $RULE_PATH/malware-backdoor.rules
+# include $RULE_PATH/malware-cnc.rules
+# include $RULE_PATH/malware-other.rules
+# include $RULE_PATH/malware-tools.rules
+# include $RULE_PATH/misc.rules
+# include $RULE_PATH/multimedia.rules
+# include $RULE_PATH/mysql.rules
+# include $RULE_PATH/netbios.rules
+# include $RULE_PATH/nntp.rules
+# include $RULE_PATH/oracle.rules
+# include $RULE_PATH/os-linux.rules
+# include $RULE_PATH/os-mobile.rules
+# include $RULE_PATH/os-other.rules
+# include $RULE_PATH/os-solaris.rules
+# include $RULE_PATH/os-windows.rules
+# include $RULE_PATH/other-ids.rules
+# include $RULE_PATH/p2p.rules
+# include $RULE_PATH/phishing-spam.rules
+# include $RULE_PATH/policy-multimedia.rules
+# include $RULE_PATH/policy-other.rules
+# include $RULE_PATH/policy.rules
+# include $RULE_PATH/policy-social.rules
+# include $RULE_PATH/policy-spam.rules
+# include $RULE_PATH/pop2.rules
+# include $RULE_PATH/pop3.rules
+# include $RULE_PATH/protocol-dns.rules
+# include $RULE_PATH/protocol-finger.rules
+# include $RULE_PATH/protocol-ftp.rules
+# include $RULE_PATH/protocol-icmp.rules
+# include $RULE_PATH/protocol-imap.rules
+# include $RULE_PATH/protocol-nntp.rules
+# include $RULE_PATH/protocol-pop.rules
+# include $RULE_PATH/protocol-rpc.rules
+# include $RULE_PATH/protocol-scada.rules
+# include $RULE_PATH/protocol-services.rules
+# include $RULE_PATH/protocol-snmp.rules
+# include $RULE_PATH/protocol-telnet.rules
+# include $RULE_PATH/protocol-tftp.rules
+# include $RULE_PATH/protocol-voip.rules
+# include $RULE_PATH/pua-adware.rules
+# include $RULE_PATH/pua-other.rules
+# include $RULE_PATH/pua-p2p.rules
+# include $RULE_PATH/pua-toolbars.rules
+# include $RULE_PATH/rpc.rules
+# include $RULE_PATH/rservices.rules
+# include $RULE_PATH/scada.rules
+# include $RULE_PATH/scan.rules
+# include $RULE_PATH/server-apache.rules
+# include $RULE_PATH/server-iis.rules
+# include $RULE_PATH/server-mail.rules
+# include $RULE_PATH/server-mssql.rules
+# include $RULE_PATH/server-mysql.rules
+# include $RULE_PATH/server-oracle.rules
+# include $RULE_PATH/server-other.rules
+# include $RULE_PATH/server-samba.rules
+# include $RULE_PATH/server-webapp.rules
+# include $RULE_PATH/shellcode.rules
+# include $RULE_PATH/smtp.rules
+# include $RULE_PATH/snmp.rules
+# include $RULE_PATH/specific-threats.rules
+# include $RULE_PATH/spyware-put.rules
+# include $RULE_PATH/sql.rules
+# include $RULE_PATH/telnet.rules
+# include $RULE_PATH/tftp.rules
+# include $RULE_PATH/virus.rules
+# include $RULE_PATH/voip.rules
+# include $RULE_PATH/web-activex.rules
+# include $RULE_PATH/web-attacks.rules
+# include $RULE_PATH/web-cgi.rules
+# include $RULE_PATH/web-client.rules
+# include $RULE_PATH/web-coldfusion.rules
+# include $RULE_PATH/web-frontpage.rules
+# include $RULE_PATH/web-iis.rules
+# include $RULE_PATH/web-misc.rules
+# include $RULE_PATH/web-php.rules
+# include $RULE_PATH/x11.rules
 
 ###################################################
 # Step #8: Customize your preprocessor and decoder alerts
upstream/oracle/userland-gate