[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[RFR] fwsnort package


I am currently packaging fwsnort and I would be glad if someone could
have a look at it.

If it can helps: http://cipherdyne.org/fwsnort/

Here are the three files I would like you to check.

---- debian/control file
Description: makes use of Snort rules in an iptables-based firewall
 Fwsnort translates Snort rules into iptables rule approximations and
 generates a Bourne shell script that implements the resulting iptables
 This ruleset allows network traffic that exhibits Snort signatures
 to be logged and/or dropped by iptables directly without putting any
 interface into promiscuous mode or queuing packets from kernel to
 user space.

---- debian/README.Debian
The Debian package of fwsnort does not contain any ruleset.

However, you can get the latest Emerging Threats rules from
http://www.emergingthreats.net by running one of the following commands:

  fwsnort --update-rules
  dpkg-reconfigure fwsnort

The new ruleset will be saved in /etc/fwsnort/snort_rules.

The snort-rules-default package is recommended and can provide you with
more rules that you can then manage by oinkmaster.

If you handle rulesets from different directories (for example to use
both the rules from Emerging Threats and the ones from the
snort-rules-default package) then you can run this command:

 fwsnort --snort-rdir /etc/snort/rules,/etc/fwsnort/snort_rules

You can add as many directories as you want as a comma separated list.

---- debian/fwsnort.templates
_Description: Download the rules?
 The latest Snort rules can be downloaded from
 http://www.emergingthreats.net in order to keep fwsnort up-to-date.


Franck Joncourt
http://debian.org - http://smhteam.info/wiki/
Fingerprint : C10E D1D0 EF70 0A2A CACF 9A3C C490 534E 75C0 89FE

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: