It would be nice for someone to work through the deps for a OSSIM ebuild, found here http://ossim.net. Reproducible: Always Steps to Reproduce: 1. 2. 3.
the deps are crazy. If you can compile a list of the deps, I can sketch around an ebuild for you to test. Or maybe you can do it youself: http://www.gentoo.org/doc/en/gentoo-howto.xml
We'll need AT LEAST a list of required deps.
Hi, since no one answers i'll try to put the deps together. According to http://www.ossim.net/docs/INSTALL.fc1 the following files are needed: snort > 2.1.0 with mysql support php-acid > 0.9.6b (perhaps 23 but i think that's fedora specific) ntop > 2.2c cgilib > 0.5.1 rrdtool > 20040205 gnet2 > 2.0.4 libgda > 1.0.3 gda-mysql > 1.0.3 MySQL-python > 0.9.2 nmap > 3.50 p0f > 2.0.3 php-adodb > 4.11 as far as i can see these are all dependencies. Lateron i'll see if all packages are already included in portage or what's missing and what has to be done to get os-sim runing. Jens
this is a compilation of what's aviable in portage prog needed latest aviable in portage snort 2.1.0 2.1.2 php-acid 0.9.6b ntop 2.2c 2.2c rrdtool 20040205 1.0.47 ?? cgilib 0.5.1 gnet2 2.0.4 libgda 1.0.3 1.0.2 gda-mysql 1.0.3 MySQL-python 0.9.2 0.9.2 nmap 3.50 3.50 p0f 2.0.3 2.0.3 php-adodb 4.11
I installed ossim in gentoo, I know the steps to do it but I know little about ebuilds, I began to read "Gentoo Ebuild/Developer HOWTO" and I would like to do this ebuild or to contribute with that knows more about ebuilds, the main problem is that some dependencies as ntop,snort,acid,mrtg needs to be modified with patches that ossim brings, and ossim need the CVS version of rrdtools before compile ntop. I think I would be necessary to modify ebuilds of ntops,snort,acid,mrtg to add a variable USE call "ossim" that patch to the package with support for ossim before installing it, somebody can guide to me on as I must take the project? PD: I am from argentina, sorry my english.
I will try attaching here the ebuilds I have put together while installing ossim-0.9.9-rc3, as a request for comments. Dependency data is compiled from the files supplied with the distribution and from the OSSIM Wiki. Based a lot on the OSSIM gentoo installation guide by Jeremy Briffaut: http://www.ossim.net/dokuwiki/doku.php?id=installation:gentoo The ebuilds are split because each part of ossim can be installed on a separate server, and the dependencies are different for each part. Flags used: net-analyzer/ossim-db-0.9.9_rc3 IUSE="mysql doc eventdb-only ossimdb-only postgres" net-analyzer/ossim-framework-0.9.9_rc3 IUSE="apache apache2 mysql nagios nessus nmap ntop postgres" net-analyzer/ossim-server-0.9.9_rc3 IUSE="" net-analyzer/ossim-agent-0.9.9_rc3 IUSE="" ossim-framework depends on two packages not yet in portage, phpgacl and fpdf, the ebuilds can be found in these bugs: fpdf-1.53: bug 107558 phpgacl-3.3.7: bug 154300 For base-1.2.6 I will attach an 'ossim' use flag patch in bug 142528. The ossim-agent could be configured with flags & dependencies for each plugin, but it would be very hard testing such an ebuild. I assume it's just easier emerging each of the needed dependencies (snort for snort, etc. - maybe later with an 'ossim' flag for ossim patches ) and editing the config files, because the agent itself has just python as dependency.
Created attachment 103011 [details] ossim-db-0.9.9_rc3.ebuild
Created attachment 103012 [details] ossim-server-0.9.9_rc3.ebuild
Created attachment 103013 [details] ossim-server.confd
Created attachment 103014 [details] ossim-server.initd
Created attachment 103015 [details] ossim-agent-0.9.9_rc3.ebuild
Created attachment 103016 [details] ossim-agent.confd
Created attachment 103017 [details] ossim-agent.initd
Created attachment 103018 [details] ossim-framework-0.9.9_rc3.ebuild
Created attachment 103019 [details] ossim-framework.confd
Created attachment 103020 [details] ossim-framework.initd
Created attachment 103021 [details] vhosts 99_ossim.conf
According to the ossim ChangeLog, acid is no longer required for ossim-framework: "* BASE support. It should be the default event viewer, ACID is dead." The same is valid for mrtg (quote from sources/etc/cron.d/ossim-framework): "# WARNING! # # Generate ossim's rrd files via mrtg is deprecated. # You should remove this script from you crontab # # Use frameworkd (ossim-framework daemon) instead. #"
