From 14820894ad62c06b0d7e64b67a2757ba76f4d9e2 Mon Sep 17 00:00:00 2001 From: Christian Schmidt Date: Mon, 14 Mar 2011 20:04:16 +0100 Subject: [PATCH] Fixed snort compile options and ipv6 config options --- config/snort/snort.conf | 6 ++---- lfs/snort | 8 ++++++-- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/config/snort/snort.conf b/config/snort/snort.conf index 4de1a44880..3afa6f1d6b 100644 --- a/config/snort/snort.conf +++ b/config/snort/snort.conf @@ -173,8 +173,6 @@ dynamicengine /usr/lib/snort_dynamicengine/libsf_engine.so preprocessor normalize_ip4 preprocessor normalize_tcp: ips ecn stream preprocessor normalize_icmp4 -preprocessor normalize_ip6 -preprocessor normalize_icmp6 # Target-based IP defragmentation. For more inforation, see README.frag3 preprocessor frag3_global: max_frags 65536 @@ -287,7 +285,7 @@ preprocessor ftp_telnet_protocol: ftp client default \ telnet_cmds yes # SMTP normalization and anomaly detection. For more information, see README.SMTP -reprocessor smtp: ports { 25 465 587 691 } \ +preprocessor smtp: ports { 25 465 587 691 } \ inspection_type stateful \ enable_mime_decoding \ max_mime_depth 20480 \ @@ -311,7 +309,7 @@ reprocessor smtp: ports { 25 465 587 691 } \ xlink2state { enabled } # Portscan detection. For more information, see README.sfportscan - preprocessor sfportscan: proto { all } memcap { 10000000 } sense_level { medium } +preprocessor sfportscan: proto { all } memcap { 10000000 } sense_level { medium } # ARP spoof detection. For more information, see the Snort Manual - Configuring Snort - Preprocessors - ARP Spoof Preprocessor # preprocessor arpspoof diff --git a/lfs/snort b/lfs/snort index fea3f92f60..ebffada8c0 100644 --- a/lfs/snort +++ b/lfs/snort @@ -71,8 +71,12 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) $(DIR_SRC)/snort* && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) cd $(DIR_APP) && ./configure --prefix=/usr --disable-nls \ - --sysconfdir=/etc/snort --target=i586 \ - --enable-linux-smp-stats --enable-smb-alerts + --sysconfdir=/etc/snort --target=i586 \ + --enable-linux-smp-stats --enable-smb-alerts \ + --enable-gre --enable-mpls --enable-targetbased \ + --enable-decoder-preprocessor-rules --enable-ppm \ + --enable-perfprofiling --enable-zlib --enable-active-response \ + --enable-normalizer --enable-reload --enable-react --enable-flexresp3 cd $(DIR_APP) && make cd $(DIR_APP) && make install mv /usr/bin/snort /usr/sbin/ -- 2.39.2