diff options
Diffstat (limited to 'net-analyzer/snort/metadata.xml')
| -rw-r--r-- | net-analyzer/snort/metadata.xml | 136 |
1 files changed, 136 insertions, 0 deletions
diff --git a/net-analyzer/snort/metadata.xml b/net-analyzer/snort/metadata.xml new file mode 100644 index 000000000000..084698b246da --- /dev/null +++ b/net-analyzer/snort/metadata.xml @@ -0,0 +1,136 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <herd>netmon</herd>
+ <herd>proxy-maintainers</herd>
+ <maintainer>
+ <email>patrick@gentoo.org</email>
+ <name>Patrick Lauer</name>
+ <description>Maintainer</description>
+ </maintainer>
+ <maintainer>
+ <email>jason.r.wallace@gmail.com</email>
+ <name>Jason Wallace</name>
+ <description>Proxy maintainer. CC him on bugs</description>
+ </maintainer>
+ <longdescription>
+ Snort is an open source network intrusion prevention and detection
+ system (IDS/IPS) developed by Sourcefire. Combining the benefits of
+ signature, protocol, and anomaly-based inspection, Snort is the most
+ widely deployed IDS/IPS technology worldwide. With millions of downloads
+ and approximately 300,000 registered users, Snort has become the de facto
+ standard for IPS.
+ </longdescription>
+ <upstream>
+ <maintainer>
+ <email>snort-team@sourcefire.com</email>
+ <name>Snort Team</name>
+ </maintainer>
+ <changelog>http://www.snort.org/snort-downloads</changelog>
+ <doc>http://www.snort.org/docs</doc>
+ <bugs-to>http://www.snort.org/snort-downloads/submit-a-bug/</bugs-to>
+ </upstream>
+ <use>
+ <flag name='control-socket'>
+ Enables Snort's control socket.
+ </flag>
+ <flag name='dynamicplugin'>
+ Enable ability to dynamically load preprocessors, detection engine,
+ and rules library. This is required if you want to use shared
+ object (SO) snort rules.
+ </flag>
+ <flag name='file-inspect'>
+ Enables extended file inspection capabilities.
+ </flag>
+ <flag name='gre'>
+ Enable support for inspecting and processing Generic Routing
+ Encapsulation (GRE) packet headders. Only needed if you are
+ monitoring GRE tunnels.
+ </flag>
+ <flag name='high-availability'>
+ Enables high-availability state sharing.
+ </flag>
+ <flag name='inline-init-failopen'>
+ Enables support to allow traffic to pass (fail-open) through
+ inline deployments while snort is starting and not ready to begin
+ inspecting traffic. If this option is not enabled, network
+ traffic will not pass (fail-closed) until snort has fully started
+ and is ready to perform packet inspection.
+ </flag>
+ <flag name='linux-smp-stats'>
+ Enable accurate statistics reporting through /proc on systems with
+ multipule processors.
+ </flag>
+ <flag name='mpls'>
+ Enables support for processing and inspecting Multiprotocol Label
+ Switching MPLS network network traffic. Only needed if you are
+ monitoring an MPLS network.
+ </flag>
+ <flag name='non-ether-decoders'>
+ Enable decoding of non-ethernet protocols such as TokenRing, FDDI,
+ IPX, etc.
+ </flag>
+ <flag name='perfprofiling'>
+ Enables support for preprocessor and rule performance profiling
+ using the perfmonitor preprocessor.
+ </flag>
+ <flag name='ppm'>
+ Enables support for setting per rule or per packet latency limits.
+ Helps protect against introducing network latency with inline
+ deployments.
+ </flag>
+ <flag name='react'>
+ Enables support for the react rule keyword. Supports interception,
+ termination, and redirection of HTTP connections.
+ </flag>
+ <flag name='shared-rep'>
+ Enables the use of shared memory for the Reputation Preprocessor
+ (Only available on Linux systems)
+ </flag>
+ <flag name='side-channel'>
+ Enables Snort's the side channel.
+ </flag>
+ <flag name='sourcefire'>
+ Enables Sourcefire specific build options, which include
+ --enable-perfprofiling and --enable-ppm.
+ </flag>
+ <flag name='targetbased'>
+ Enables support in snort for using a host attibute XML file
+ (attribute_table.dtd). This file needs to be created by the user
+ and should define the IP address, operating system, and services
+ for all hosts on the monitored network. This is cumbersome, but
+ can improve intrusion detection accuracy.
+ </flag>
+ <flag name='reload-error-restart'>
+ Enables support for completely restarting snort if an error is
+ detected durring a reload.
+ </flag>
+ <flag name='zlib'>
+ Enables HTTP inspection of compressed web traffic. Requires
+ dynamicplugin be enabled.
+ </flag>
+ <flag name='active-response'>
+ Enables support for automatically sending TCP resets and ICMP
+ unreachable messages to terminate connections. Used with inline
+ deployments.
+ </flag>
+ <flag name='normalizer'>
+ Enables support for normalizing packets in inline deployments to
+ help minimize the chances of detection evasion.
+ </flag>
+ <flag name='flexresp3'>
+ Enables support for new flexable response preprocessor for enabling
+ connection tearing for inline deployments. Replaces flexresp and
+ flexresp2.
+ </flag>
+ <flag name='paf'>
+ Enables support for Protocol Aware Flushing. This allows Snort to
+ statefully scan a stream and reassemble a complete protocol data
+ unit regardless of segmentation.
+ </flag>
+ <flag name='large-pcap-64bit'>
+ Allows Snort to read pcap files that are larger than 2 GB. ONLY
+ VALID FOR 64bit SYSTEMS!
+ </flag>
+ </use>
+</pkgmetadata>
|