Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 78526

Summary: mark snort 2.3 as experimental on sparc?
Product: Gentoo Linux Reporter: mythdraug
Component: New packagesAssignee: Sparc Porters <sparc>
Status: RESOLVED WONTFIX    
Severity: enhancement    
Priority: High    
Version: unspecified   
Hardware: Sparc   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description mythdraug 2005-01-18 08:50:15 UTC
I have been installing snort (various ebuild) on sparc for the last year.   All seems to work as expected.

Reproducible: Always
Steps to Reproduce:
Comment 1 Carsten Lohrke (RETIRED) gentoo-dev 2005-01-18 09:08:23 UTC
from the Changelog: Masked on sparc wrt bugs #29661 and #75395.

sparc herd: I'm not sure how to resolve this. Any news or WONT?
Comment 2 mythdraug 2005-01-18 09:23:57 UTC
Ah ha!   Sorry, I had missed bug #75395.   Since the 2.3.0_rc states that 2.3 is not vulnerable, can that portion be marked as ~sparc?   I'm fine with just editing the ebuild too..  I couldn't figure out how I had installed ebuilds when I noticed that 2.3.0_rc2 was -sparc.
Comment 3 mythdraug 2005-01-18 09:51:41 UTC
And since the following might explain a bit...

emerge info:

Portage 2.0.51-r3 (default-linux/sparc/sparc64/2004.3, gcc-3.3.5, glibc-2.3.3.20040420-r2, 2.4.28-sparc sparc64)
=================================================================
System uname: 2.4.28-sparc sparc64 sun4u
Gentoo Base System version 1.4.16
Autoconf: sys-devel/autoconf-2.59-r5
Automake: sys-devel/automake-1.8.5-r1
Binutils: sys-devel/binutils-2.15.92.0.2-r1
Headers:  sys-kernel/linux-headers-2.4.23
Libtools: sys-devel/libtool-1.5.2-r7
ACCEPT_KEYWORDS="sparc"
AUTOCLEAN="yes"
CFLAGS="-mcpu=ultrasparc -O3 -pipe"
CHOST="sparc-unknown-linux-gnu"
COMPILER=""
CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d"
CXXFLAGS="-O2 -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoaddcvs autoconfig ccache distlocks sandbox"
GENTOO_MIRRORS="http://mirrors.tds.net/gentoo http://128.213.5.34/gentoo/ http://gentoo.chem.wisc.edu/gentoo/ http://gentoo.seren.com/gentoo ftp://ftp.ussg.iu.edu/pub/linux/gentoo"
MAKEOPTS="-j3"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY=""
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="sparc arts avi berkdb bitmap-fonts crypt cups encode esd f77 fbcon font-server foomaticdb fortran gcc64 gdbm gif gnome gpm gtk gtk2 imlib jpeg kde libwww mad mikmod motif mpeg mysql ncurses nls oggvorbis opengl oss pam pdflib perl png python readline sdl slang spell ssl tcpd tiff truetype truetype-fonts type1-fonts xml2 xmms xv zlib"


(You know.. I'm probably just talking myself out of this bug...)
Comment 4 Gustavo Zacarias (RETIRED) gentoo-dev 2005-01-18 10:00:57 UTC
Did you try throwing an nmap at it with no running iptables rules?
Comment 5 mythdraug 2005-01-18 11:50:41 UTC
I had not run nmap against it personally, and it was after filing that I morphed it to 2.3 specific (rather than just a general request for snort).  

However, I have had it up and running in a production environment for the better part of the last year.  I have tweaked my configuration a bit and have it monitoring 5 interfaces (2 unprotected, and on 3 different protected nets).  No ipfiltering is taking place local to the server.

(Server is a 2x360 U60 w/ 2G Ram, 1 qfe and 2 hme cards.)
Comment 6 Gustavo Zacarias (RETIRED) gentoo-dev 2005-01-18 11:58:37 UTC
At least 3 out of 3 sparc devels have been able to crash it in no time consistently by just testing it (which includes me).
nmap is one of the ways to do so.
Just nmap the sparc box from another box against an unprotected listening interface (nmap -O is enough) and you'll see.
So for the time being, i'll close as WONTFIX.
Comment 7 mythdraug 2005-01-18 13:17:32 UTC
Fair enough.  Thanks for your time.