[Snort-users] Official Snort.org RPMs

JP Vossen vossenjp at ...8683...
Wed Sep 24 01:49:03 EDT 2003

We are pleased to announce that after a lot of work with Snort.org we are in
the final stages of bringing official Snort RPMs back to life!  Our main goal
is to make Snort more accessible to those who are uncomfortable with compiling
source from tarballs, but there is something for those of you who prefer that
method as well.  Read on.

Please bear with us for the next few days until we get everything finalized
and coordinated with Snort.org, but in the meantime we'd love to have some
testing.  Grab the latest available RPMs from [0] or the latest posted to
Snort.org [1] and let us know what you think!  We're working on getting an RPM
address at Snort.org but until it's live you can send questions and comments
to us at snort-rpms at ...10158...  We also worked very hard on the
documentation included in the RPMS and even in the SPEC file.  Please read
that and provide comments as well.

At the moment, our changes have not been incorporated into the snort CVS
tarball, nor did the SPEC file and documentation make it into 2.0.2.  But
there are some Snort binaries now on Snort.org [1] with updated packages [0]
to follow.

The coolest thing about the new setup is that you will be able to build snort
RPMs right out of the snort tarball (with rpmbuild v4+, and once our code is
imported) with a command like:
	rpmbuild -ta snort-2.0.1.tar.gz

Assuming you have all the dependencies installed, in a few minutes you should
have a snort plain binary and snort SRPM!  Note this will NOT work for the
Snort.org 2.0.2 release tarball but once our code is imported it will work
with the nightly CVS snapshots.  See README.build_rpms for the details.

We think this is a critical ability for a security package like Snort.  Many
of you will not be comfortable running precompiled binaries, yet you should
never install a compiler on a security device.  With the next release of Snort
(and soon in the CVS snapshots) you will be able to download a tarball and
compile and build RPMs yourself, almost trivially.

Changes from the previous Snort RPMs

* snortd has been significantly revised to better conform with the
/etc/sysconfig scheme. See /etc/sysconfig/snort and /etc/init.d/snortd for

* The doc, contrib and signatures directories are included in your doc
directory (e.g. /usr/share/doc/snort-2.0.2).

* The signatures directory is moved out from doc to the root of the Snort
documentation directory to make it more visible.

* We've made a lot of changes under the covers to improve the flexibility and
maintainability of the RPMs going forward.

And much more...

Check it out and let us know how it works!
JP & Dan

PS-We are looking at the great work done in parallel by Florin Andrei and just
announced to this list the other day [2,3].  We have been in touch and will
work with him to merge some of his features into the official SPEC file as
well.  We expect that to happen Real Soon Now.  :-)

[0] http://www.starken.com/snort/
[1] http://www.snort.org/dl/binaries/linux/
[3] http://marc.theaimsgroup.com/?l=snort-users&m=106427346906100&w=2
[4] http://marc.theaimsgroup.com/?l=snort-users&m=106428588515700&w=2

JP Vossen, CISSP              |:::======|         jp{at}jpsdomain{dot}org
My Account, My Opinions       |=========|       http://www.jpsdomain.org/

More information about the Snort-users mailing list