119 lines
4.6 KiB
XML
119 lines
4.6 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
|
|
<pkgmetadata>
|
|
<herd>netmon</herd>
|
|
<maintainer>
|
|
<email>patrick@gentoo.org</email>
|
|
<name>Patrick Lauer</name>
|
|
<description>Maintainer</description>
|
|
</maintainer>
|
|
<maintainer>
|
|
<email>jason.r.wallace@gmail.com</email>
|
|
<name>Jason Wallace</name>
|
|
<description>Proxy maintainer. CC him on bugs</description>
|
|
</maintainer>
|
|
<longdescription>
|
|
Snort is an open source network intrusion prevention and detection
|
|
system (IDS/IPS) developed by Sourcefire. Combining the benefits of
|
|
signature, protocol, and anomaly-based inspection, Snort is the most
|
|
widely deployed IDS/IPS technology worldwide. With millions of downloads
|
|
and approximately 300,000 registered users, Snort has become the de facto
|
|
standard for IPS.
|
|
</longdescription>
|
|
<upstream>
|
|
<maintainer>
|
|
<email>snort-team@sourcefire.com</email>
|
|
<name>Snort Team</name>
|
|
</maintainer>
|
|
<changelog>http://www.snort.org/snort-downloads</changelog>
|
|
<doc>http://www.snort.org/docs</doc>
|
|
<bugs-to>http://www.snort.org/snort-downloads/submit-a-bug/</bugs-to>
|
|
</upstream>
|
|
<use>
|
|
<flag name='aruba'>
|
|
Adds support for monitoring wireless traffic using a Aruba Mobility
|
|
Controler.
|
|
</flag>
|
|
<flag name='decoder-preprocessor-rules'>
|
|
Added support to provide action control (alert, drop, pass, etc)
|
|
over preprocessor and decoder generated events.
|
|
</flag>
|
|
<flag name='dynamicplugin'>
|
|
Enable ability to dynamically load preprocessors, detection engine,
|
|
and rules library. This is required if you want to use shared
|
|
object (SO) snort rules.
|
|
</flag>
|
|
<flag name='gre'>
|
|
Enable support for inspecting and processing Generic Routing
|
|
Encapsulation (GRE) packet headders. Only needed if you are
|
|
monitoring GRE tunnels.
|
|
</flag>
|
|
<flag name='inline-init-failopen'>
|
|
Enables support to allow traffic to pass (fail-open) through
|
|
inline deployments while snort is starting and not ready to begin
|
|
inspecting traffic. If this option is not enabled, network
|
|
traffic will not pass (fail-closed) until snort has fully started
|
|
and is ready to perform packet inspection.
|
|
</flag>
|
|
<flag name='linux-smp-stats'>
|
|
Enable accurate statistics reporting through /proc on systems with
|
|
multipule processors.
|
|
</flag>
|
|
<flag name='mpls'>
|
|
Enables support for processing and inspecting Multiprotocol Label
|
|
Switching MPLS network network traffic. Only needed if you are
|
|
monitoring an MPLS network.
|
|
</flag>
|
|
<flag name='perfprofiling'>
|
|
Enables support for preprocessor and rule performance profiling
|
|
using the perfmonitor preprocessor.
|
|
</flag>
|
|
<flag name='ppm'>
|
|
Enables support for setting per rule or per packet latency limits.
|
|
Helps protect against introducing network latency with inline
|
|
deployments.
|
|
</flag>
|
|
<flag name='react'>
|
|
Enables support for the react rule keyword. Supports interception,
|
|
termination, and redirection of HTTP connections.
|
|
</flag>
|
|
<flag name='targetbased'>
|
|
Enables support in snort for using a host attibute XML file
|
|
(attribute_table.dtd). This file needs to be created by the user
|
|
and should define the IP address, operating system, and services
|
|
for all hosts on the monitored network. This is cumbersome, but
|
|
can improve intrusion detection accuracy.
|
|
</flag>
|
|
<flag name='reload-error-restart'>
|
|
Enables support for completely restarting snort if an error is
|
|
detected durring a reload.
|
|
</flag>
|
|
<flag name='zlib'>
|
|
Enables HTTP inspection of compressed web traffic. Requires
|
|
dynamicplugin be enabled.
|
|
</flag>
|
|
<flag name='active-response'>
|
|
Enables support for automatically sending TCP resets and ICMP
|
|
unreachable messages to terminate connections. Used with inline
|
|
deployments.
|
|
</flag>
|
|
<flag name='normalizer'>
|
|
Enables support for normalizing packets in inline deployments to
|
|
help minimize the chances of detection evasion.
|
|
</flag>
|
|
<flag name='flexresp3'>
|
|
Enables support for new flexable response preprocessor for enabling
|
|
connection tearing for inline deployments. Replaces flexresp and
|
|
flexresp2.
|
|
</flag>
|
|
<flag name='paf'>
|
|
Enables support for Protocol Aware Flushing. This allows Snort to
|
|
statefully scan a stream and reassemble a complete protocol data
|
|
unit regardless of segmentation.
|
|
</flag>
|
|
<flag name='large-pcap-64bit'>
|
|
Allows Snort to read pcap files that are larger than 2 GB. ONLY
|
|
VALID FOR 64bit SYSTEMS!
|
|
</flag>
|
|
</use>
|
|
</pkgmetadata>
|