The snort package introduced new or modified debconf templates. This is often a good moment for a review to help the package maintainer following the general suggested writing style and track down typos and errors in the use of English language. A bug report has been sent against the package: 720061 If someone wants to pick up this review, please answer to this mail, in the mailing list, with an [ITR] (Intent To Review) label. The templates file is attached. To propose the file you reviewed for peer review, please send a [RFR] (Request For Review) mail with the reviewed file attached...then a few days later, when no more contributions come, a summary mail with a [LCFC] (Last Chance For Comments) label. These RFR and LCFC mails should CC the opened bug report. Finally, after no more comments coming to the LCFC mail, you can send the reviewed templates file in the bug report. Then, please notify the list with a last mail using a [BTS] label with the bug number. Helping the package maintainer to deal with induced translation updates at that moment will be nice. If you're not comfortable with that part of the process, please hand it off to a translator. --
Template: snort/startup Type: select __Choices: boot, dialup, manual Default: boot _Description: Snort start method: Snort can be started during boot, when connecting to the net with pppd or only manually with the /usr/sbin/snort command. Template: snort/interface Type: string Default: eth0 _Description: Interface(s) which Snort should listen on: This value is usually 'eth0', but this may be inappropriate in some network environments; for a dialup connection 'ppp0' might be more appropriate (see the output of '/sbin/ifconfig'). . Typically, this is the same interface as the 'default route' is on. You can determine which interface is used for this by running '/sbin/route -n' (look for '0.0.0.0'). . It is also not uncommon to use an interface with no IP address configured in promiscuous mode. For such cases, select the interface in this system that is physically connected to the network that should be inspected, enable promiscuous mode later on and make sure that the network traffic is sent to this interface (either connected to a 'port mirroring/spanning' port in a switch, to a hub or to a tap). . You can configure multiple interfaces, just by adding more than one interface name separated by spaces. Each interface can have its own specific configuration. Template: snort/address_range Type: string Default: 192.168.0.0/16 _Description: Address range for the local network: Please use the CIDR form - for example, 192.168.1.0/24 for a block of 256 addresses or 192.168.1.42/32 for just one. Multiple values should be comma-separated (without spaces). . Please note that if Snort is configured to use multiple interfaces, it will use this value as the HOME_NET definition for all of them. Template: snort/disable_promiscuous Type: boolean Default: false _Description: Should Snort disable promiscuous mode on the interface? Disabling promiscuous mode means that Snort will only see packets addressed to the interface it is monitoring. Enabling it allows Snort to check every packet that passes the Ethernet segment even if it's a connection between two other computers. Template: snort/invalid_interface Type: error _Description: Invalid interface Snort is trying to use an interface which does not exist or is down. Either it is defaulting inappropriately to 'eth0', or you specified one which is invalid. Template: snort/send_stats Type: boolean Default: true _Description: Should daily summaries be sent by e-mail? A cron job can be set up to send daily summaries of Snort logs to a selected e-mail address. . Please choose whether you want to activate this feature. Template: snort/stats_rcpt Type: string Default: root _Description: Recipient of daily statistics mails: Please specify the e-mail address that should receive daily summaries of Snort logs. Template: snort/options Type: string _Description: Additional custom options: Please specify any additional options Snort should use. Template: snort/stats_treshold Type: string Default: 1 _Description: Minimum occurrences before alerts are reported: Please enter the minimum number of alert occurrences before a given alert is included in the daily statistics. Template: snort/please_restart_manually Type: note _Description: Snort restart required As Snort is manually launched, you need to run '/etc/init.d/snort' for the changes to take place. Template: snort/config_parameters Type: error _Description: Obsolete configuration file This system uses an obsolete configuration file (/etc/snort/snort.common.parameters) which has been automatically converted into the new configuration file format (at /etc/default/snort). . Please review the new configuration and remove the obsolete one. Until you do this, the initialization script will not use the new configuration and you will not take advantage of the benefits introduced in newer releases.
Template: snort/deprecated_config Type: note _Description: Deprecated options in configuration file The Snort configuration file (/etc/snort/snort.conf) uses deprecated options no longer available for this Snort release. Snort will not be able to start unless you provide a correct configuration file. Either allow the configuration file to be replaced with the one provided in this package or fix it manually by removing deprecated options. . The following deprecated options were found in the configuration file: ${DEP_CONFIG} Template: snort/config_error Type: error _Description: Configuration error The current Snort configuration is invalid and will prevent Snort starting up normally. Please review and correct it. . To diagnose errors in your Snort configuration you can run (as root) the following: '/usr/sbin/snort -T -c /etc/snort/snort.conf' Template: snort/deprecated_file Type: note _Description: Deprecated configuration file Your system has deprecated configuration files which should not be used any longer and might contain deprecated options. If included through the standard configuration file (/etc/snort/snort.conf), they might prevent Snort from starting up properly. . Please remove these files as well as any existing references to them in the /etc/snort/snort.conf configuration file. . The following deprecated configuration files were found: ${DEP_FILE}
Source: snort Section: net Priority: optional Maintainer: Javier Fernández-Sanguino Peña <jfs@debian.org> Uploaders: Andrew Pollock <apollock@debian.org> Build-Depends: libnet1-dev, libpcap0.8-dev, libpcre3-dev, debhelper (>= 5.0.0), po-debconf (>= 0.5.0), libgnutls-dev, libdumbnet-dev, libdaq-dev, flex, bison Build-Depends-Indep: texlive, texlive-latex-base, latex2html, ghostscript Standards-Version: 3.9.2 Homepage: http://www.snort.org/ Vcs-Git: git://git.debian.org/git/pkg-snort/pkg-snort.git Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-snort/pkg-snort.git Package: snort Architecture: any Pre-Depends: adduser (>= 3.11) Depends: snort-common-libraries (>=${binary:Version}), snort-rules-default (>= ${source:Version}), snort-common (>= ${source:Version}), debconf (>= 0.2.80) | debconf-2.0, rsyslog | system-log-daemon, logrotate, net-tools, ${shlibs:Depends}, ${misc:Depends} Conflicts: snort-mysql, snort-pgsql Replaces: snort-common (<< 2.0.2-3) Recommends: iproute Suggests: snort-doc Description: flexible Network Intrusion Detection System Snort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more. Snort has a real-time alerting capability, with alerts being sent to syslog, a separate "alert" file, or even to a Windows computer via Samba. . This package provides the plain-vanilla version of Snort. Package: snort-common Architecture: all Pre-Depends: adduser (>= 3.11) Depends: perl-modules, debconf (>= 0.2.80) | debconf-2.0, lsb-base, ${shlibs:Depends}, ${misc:Depends} Conflicts: snort (<< ${binary:Version}) Replaces: snort (<< 1.8.4beta1-1) Suggests: snort-doc Description: flexible Network Intrusion Detection System [common files] Snort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more. Snort has a real-time alerting capability, with alerts being sent to syslog, a separate "alert" file, or even to a Windows computer via Samba. . This is a common package which holds cron jobs, tools and config files used by all the different packages flavors. Package: snort-doc Architecture: all Depends: ${misc:Depends} Priority: optional Section: doc Description: Documentation for the Snort IDS [documentation] Snort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more. Snort has a real-time alerting capability, with alerts being sent to syslog, a separate "alert" file, or even to a Windows computer via Samba. Package: snort-rules-default Provides: snort-rules Architecture: all Depends: debconf (>= 0.2.80) | debconf-2.0, adduser (>= 3.11), ${shlibs:Depends}, ${misc:Depends} Suggests: snort (>= 2.2.0) | snort-pgsql (>= 2.2.0) | snort-mysql (>= 2.2.0) Recommends: oinkmaster Homepage: http://www.snort.org/snort-rules/ Description: flexible Network Intrusion Detection System ruleset Snort default ruleset which provides a basic set network intrusion detection rules developed by the Snort community. . These rules can be used as a basis for development of additional rules. Users using Snort to defend networks in production environments are encouraged to update their local rulesets as described in the included documentation or using the oinkmaster package. Package: snort-common-libraries Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends} Suggests: snort (>= 2.7.0) | snort-pgsql (>= 2.7.0) | snort-mysql (>= 2.7.0) Conflicts: snort-common (<< 2.7.0-6) Description: flexible Network Intrusion Detection System ruleset Snort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more. Snort has a real-time alerting capability, with alerts being sent to syslog, a separate "alert" file, or even to a Windows computer via Samba. . This package provides libraries used by all the Snort binary packages.
Attachment:
signature.asc
Description: Digital signature