Package: snort
Version: N/A
Severity: normal
Tags: patch
Dear Debian maintainer,
On Thursday, February 14, 2008, I notified you of the beginning of a review
process
concerning debconf templates for snort.
The debian-l10n-english contributors have now reviewed these templates,
and the proposed changes are attached to this bug report.
Please review the suggested changes are suggested, and if you have any
objections, let me know in the next 3 days.
Please try to avoid uploading snort with these changes right now.
The second phase of this process will begin on Monday, March 10, 2008, when I
will
coordinate updates to translations of debconf templates.
The existing translators will be notified of the changes: they will
receive an updated PO file for their language.
Simultaneously, a general call for new translations will be sent to
the debian-i18n mailing list.
Both these calls for translations will request updates to be sent as
individual bug reports. That will probably trigger a lot of bug
reports against your package, but these should be easier to deal with.
The call for translation updates and new translations will run until
about Monday, March 31, 2008. Please avoid uploading a package with fixed or
changed
debconf templates and/or translation updates in the meantime. Of
course, other changes are safe.
Please note that this is an approximative delay, which depends on my
own availability to process this work and is influenced by the fact
that I simultaneously work on many packages.
Around Tuesday, April 01, 2008, I will contact you again and will send a final
patch
summarizing all the updates (changes to debconf templates,
updates to debconf translations and new debconf translations).
Again, thanks for your attention and cooperation.
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.24-1-686 (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
--- snort.old/debian/snort.templates 2008-01-25 06:17:03.829193343 +0100
+++ snort/debian/snort.templates 2008-03-07 07:36:30.896056315 +0100
@@ -1,130 +1,132 @@
+# These templates have been reviewed by the debian-l10n-english
+# team
+#
+# If modifications/additions/rewording are needed, please ask
+# [EMAIL PROTECTED] for advice.
+#
+# Even minor modifications require translation updates and such
+# changes should be coordinated with translators and reviewers.
+
Template: snort/startup
Type: select
-_Choices: boot, dialup, manual
+__Choices: boot, dialup, manual
Default: boot
-_Description: When should Snort be started?
+_Description: Snort start method:
Snort can be started during boot, when connecting to the net with pppd or
- only when you manually start it via /usr/sbin/snort.
+ only manually with the /usr/sbin/snort command.
Template: snort/interface
Type: string
Default: eth0
_Description: Interface(s) which Snort should listen on:
- This value usually is 'eth0', but you might want to vary this depending
- on your environment, if you are using a dialup connection 'ppp0' might
- be more appropiate (Hint: use 'ip link show' of 'ifconfig').
- .
- Typically this is the same interface than the 'default route' is on. You can
- determine which interface is used for this running either '/sbin/ip ro sh' or
- '/sbin/route -n' (look for 'default' or '0.0.0.0').
+ This value is usually 'eth0', but this may be inappropriate in some
+ network environments; for a dialup connection 'ppp0' might be more
+ appropriate (see the output of '/sbin/ifconfig').
+ .
+ Typically, this is the same interface as the 'default route' is on. You can
+ determine which interface is used for this by running '/sbin/route -n'
+ (look for '0.0.0.0').
.
- It is also not uncommon to use an interface with no IP
- and configured in promiscuous mode, if this is your case, select the
+ It is also not uncommon to use an interface with no IP address
+ configured in promiscuous mode. For such cases, select the
interface in this system that is physically connected to the network
- you want to inspect, enable promiscuous mode later on and make sure
+ that should be inspected, enable promiscuous mode later on and make sure
that the network traffic is sent to this interface (either connected
- to a 'port mirroring/spanning' port in a switch, to a hub or to a tap)
+ to a 'port mirroring/spanning' port in a switch, to a hub or to a tap).
.
- You can configure multiple interfaces here, just by adding more than
+ You can configure multiple interfaces, just by adding more than
one interface name separated by spaces. Each interface can have its
- specific configuration.
+ own specific configuration.
Template: snort/address_range
Type: string
Default: 192.168.0.0/16
_Description: Address range that Snort will listen on:
- You have to use CIDR form, i.e. 192.168.1.0/24 for a block of 256 IPs or
- 192.168.1.42/32 for just one. Specify multiple addresses on a single line
- separated by ',' (comma characters), no spaces allowed!
+ Please use the CIDR form - for example, 192.168.1.0/24 for a block of
+ 256 addresses or 192.168.1.42/32 for just one. Multiple values should
+ be comma-separated (without spaces).
.
- If you want you can specify 'any', to not trust any side of the network.
+ If you specify 'any', Snort will listen on all available networks.
.
- Notice that if you are using multiple interfaces this definition will
- be used as the HOME_NET definition of all of them.
+ Please note that if Snort is configured to use multiple interfaces,
+ it will use this value as the HOME_NET definition for all of them.
Template: snort/disable_promiscuous
Type: boolean
Default: false
_Description: Should Snort disable promiscuous mode on the interface?
Disabling promiscuous mode means that Snort will only see packets
- addressed to it's own interface. Enabling it allows Snort to check
- every packet that passes ethernet segment even if it's a connection
- between two other computers.
+ addressed to the interface it is monitoring. Enabling it allows Snort to
+ check every packet that passes the Ethernet segment even if it's a
+ connection between two other computers.
Template: snort/invalid_interface
-Type: note
+Type: error
_Description: Invalid interface
- One of the interfaces you specified is not valid (it might not exist on the
- system or be down). Please introduce a valid interface when answering the
- question of which interface(s) should Snort listen on.
- .
- If you did not configure an interface then the package is trying to use the
- default ('eth0') which does not seem to be valid in your system.
+ Snort is trying to use an interface which does not exist or is down.
+ Either it is defaulting inappropriately to 'eth0', or you specified
+ one which is invalid.
Template: snort/reverse_order
Type: boolean
Default: false
-_Description: Should Snort's rules testing order be changed to Pass|Alert|Log?
- If you change Snort's rules testing order to Pass|Alert|Log, they will be
- applied in Pass->Alert->Log order, instead of standard Alert->Pass->Log.
- This will prevent people from having to make huge Berky Packet Filter
- command line arguments to filter their alert rules.
+_Description: Should Snort's testing order be changed to Pass|Alert|Log?
+ Snort's default testing order is Alert|Pass|Log; if you accept this
+ option, the order will be changed to Pass|Alert|Log, which can make it
+ simpler to use Snort with some packet-filtering tools.
Template: snort/send_stats
Type: boolean
Default: true
_Description: Should daily summaries be sent by e-mail?
- This Snort installation provides a cron job that runs daily and
- summarises the information of Snort logs to a selected email address.
- If you want to disable this feature say 'no' here.
+ A cron job can be set up to send daily summaries of Snort logs to a
+ selected e-mail address.
+ .
+ Please choose whether you want to activate this feature.
Template: snort/stats_rcpt
Type: string
Default: root
_Description: Recipient of daily statistics mails:
- A cron job running daily will summarise the information of the logs
- generated by Snort using a script called 'snort-stat'. Introduce
- here the recipient of these mails. The default value is the system
- administrator. If you keep this value, make sure that the mail of
- the administrator is redirected to a user that actually reads those
- mails.
+ Please specify the e-mail address that should receive daily summaries
+ of Snort logs.
Template: snort/options
Type: string
_Description: Additional custom options:
- If you want to specify custom options to Snort, please specify them here.
+ Please specify any additional options Snort should use.
Template: snort/stats_treshold
Type: string
Default: 1
-_Description: Minimum occurence to report alerts:
- An alert needs to appear more times than this number to be included in the
- daily statistics.
+_Description: Minimum occurrences before alerts are reported:
+ Please enter the minimum number of alert occurrences before a given alert is
+ included in the daily statistics.
Template: snort/please_restart_manually
Type: note
-_Description: You are running Snort manually
- Please restart Snort using:
- /etc/init.d/snort start
- to let the settings take effect.
+_Description: Snort restart required
+ As Snort is manually launched, you need to run '/etc/init.d/snort' for
+ the changes to take place.
Template: snort/config_error
-Type: note
-_Description: There is an error in your configuration
- Your Snort configuration is not correct and Snort will not be able to start
- up normally. Please review your configuration and fix it. If you do not
- do this, Snort package upgrades will probably break. To check which error
- is being generated run '/usr/sbin/snort -T -c /etc/snort/snort.conf'
- (or point to an alternate configuration file if you are using different
- files for different interfaces)
+Type: error
+_Description: Configuration error
+ The current Snort configuration is invalid and will prevent Snort
+ starting up normally. Please review and correct it.
+ .
+ To diagnose an error in a Snort configuration file, use
+ '/usr/sbin/snort -T -c <file>'.
Template: snort/config_parameters
-Type: note
-_Description: This system uses an obsolete configuration file
- Your system has an obsolete configuration file
+Type: error
+_Description: Obsolete configuration file
+ This system uses an obsolete configuration file
(/etc/snort/snort.common.parameters)
which has been automatically converted into the new configuration
- file format (at /etc/default/snort). Please review the new configuration
- and remove the obsolete one. Until you do this, the init.d script
- will not use the new configuration and you will not take advantage
- of the benefits introduced in newer releases.
+ file format (at /etc/default/snort).
+ .
+ Please review the new configuration and remove the obsolete
+ one. Until you do this, the initialization script will not use the new
+ configuration and you will not take advantage of the benefits
+ introduced in newer releases.
--- snort.old/debian/snort-mysql.templates 2008-01-25 06:17:03.837193938
+0100
+++ snort/debian/snort-mysql.templates 2008-03-07 07:36:31.400056463 +0100
@@ -1,181 +1,189 @@
+# These templates have been reviewed by the debian-l10n-english
+# team
+#
+# If modifications/additions/rewording are needed, please ask
+# [EMAIL PROTECTED] for advice.
+#
+# Even minor modifications require translation updates and such
+# changes should be coordinated with translators and reviewers.
+
Template: snort-mysql/startup
Type: select
-_Choices: boot, dialup, manual
+__Choices: boot, dialup, manual
Default: boot
-_Description: When should Snort be started?
+_Description: Snort start method:
Snort can be started during boot, when connecting to the net with pppd or
- only when you manually start it via /usr/sbin/snort.
+ only manually with the /usr/sbin/snort command.
Template: snort-mysql/interface
Type: string
Default: eth0
_Description: Interface(s) which Snort should listen on:
- This value usually is 'eth0', but you might want to vary this depending
- on your environment, if you are using a dialup connection 'ppp0' might
- be more appropiate (Hint: use 'ip link show' of 'ifconfig').
- .
- Typically this is the same interface than the 'default route' is on. You can
- determine which interface is used for this running either '/sbin/ip ro sh' or
- '/sbin/route -n' (look for 'default' or '0.0.0.0').
+ This value is usually 'eth0', but this may be inappropriate in some
+ network environments; for a dialup connection 'ppp0' might be more
+ appropriate (see the output of '/sbin/ifconfig').
+ .
+ Typically, this is the same interface as the 'default route' is on. You can
+ determine which interface is used for this by running '/sbin/route -n'
+ (look for '0.0.0.0').
.
- It is also not uncommon to use an interface with no IP
- and configured in promiscuous mode, if this is your case, select the
+ It is also not uncommon to use an interface with no IP address
+ configured in promiscuous mode. For such cases, select the
interface in this system that is physically connected to the network
- you want to inspect, enable promiscuous mode later on and make sure
+ that should be inspected, enable promiscuous mode later on and make sure
that the network traffic is sent to this interface (either connected
- to a 'port mirroring/spanning' port in a switch, to a hub or to a tap)
+ to a 'port mirroring/spanning' port in a switch, to a hub or to a tap).
.
- You can configure multiple interfaces here, just by adding more than
+ You can configure multiple interfaces, just by adding more than
one interface name separated by spaces. Each interface can have its
- specific configuration.
+ own specific configuration.
Template: snort-mysql/address_range
Type: string
Default: 192.168.0.0/16
_Description: Address range that Snort will listen on:
- You have to use CIDR form, i.e. 192.168.1.0/24 for a block of 256 IPs or
- 192.168.1.42/32 for just one. Specify multiple addresses on a single line
- separated by ',' (comma characters), no spaces allowed!
+ Please use the CIDR form - for example, 192.168.1.0/24 for a block of
+ 256 addresses or 192.168.1.42/32 for just one. Multiple values should
+ be comma-separated (without spaces).
.
- If you want you can specify 'any', to not trust any side of the network.
+ If you specify 'any', Snort will listen on all available networks.
.
- Notice that if you are using multiple interfaces this definition will
- be used as the HOME_NET definition of all of them.
+ Please note that if Snort is configured to use multiple interfaces,
+ it will use this value as the HOME_NET definition for all of them.
Template: snort-mysql/disable_promiscuous
Type: boolean
Default: false
_Description: Should Snort disable promiscuous mode on the interface?
Disabling promiscuous mode means that Snort will only see packets
- addressed to it's own interface. Enabling it allows Snort to check
- every packet that passes ethernet segment even if it's a connection
- between two other computers.
+ addressed to the interface it is monitoring. Enabling it allows Snort to
+ check every packet that passes the Ethernet segment even if it's a
+ connection between two other computers.
Template: snort-mysql/invalid_interface
-Type: note
+Type: error
_Description: Invalid interface
- One of the interfaces you specified is not valid (it might not exist on the
- system or be down). Please introduce a valid interface when answering the
- question of which interface(s) should Snort listen on.
- .
- If you did not configure an interface then the package is trying to use the
- default ('eth0') which does not seem to be valid in your system.
+ Snort is trying to use an interface which does not exist or is down.
+ Either it is defaulting inappropriately to 'eth0', or you specified
+ one which is invalid.
Template: snort-mysql/reverse_order
Type: boolean
Default: false
-_Description: Should Snort's rules testing order be changed to Pass|Alert|Log?
- If you change Snort's rules testing order to Pass|Alert|Log, they will be
- applied in Pass->Alert->Log order, instead of standard Alert->Pass->Log.
- This will prevent people from having to make huge Berky Packet Filter
- command line arguments to filter their alert rules.
+_Description: Should Snort's testing order be changed to Pass|Alert|Log?
+ Snort's default testing order is Alert|Pass|Log; if you accept this
+ option, the order will be changed to Pass|Alert|Log, which can make it
+ simpler to use Snort with some packet-filtering tools.
Template: snort-mysql/send_stats
Type: boolean
Default: true
_Description: Should daily summaries be sent by e-mail?
- This Snort installation provides a cron job that runs daily and
- summarises the information of Snort logs to a selected email address.
- If you want to disable this feature say 'no' here.
+ A cron job can be set up to send daily summaries of Snort logs to a
+ selected e-mail address.
+ .
+ Please choose whether you want to activate this feature.
Template: snort-mysql/stats_rcpt
Type: string
Default: root
_Description: Recipient of daily statistics mails:
- A cron job running daily will summarise the information of the logs
- generated by Snort using a script called 'snort-stat'. Introduce
- here the recipient of these mails. The default value is the system
- administrator. If you keep this value, make sure that the mail of
- the administrator is redirected to a user that actually reads those
- mails.
+ Please specify the e-mail address that should receive daily summaries
+ of Snort logs.
Template: snort-mysql/options
Type: string
_Description: Additional custom options:
- If you want to specify custom options to Snort, please specify them here.
+ Please specify any additional options Snort should use.
Template: snort-mysql/stats_treshold
Type: string
Default: 1
-_Description: Minimum occurence to report alerts:
- An alert needs to appear more times than this number to be included in the
- daily statistics.
+_Description: Minimum occurrences before alerts are reported:
+ Please enter the minimum number of alert occurrences before a given alert is
+ included in the daily statistics.
Template: snort-mysql/please_restart_manually
Type: note
-_Description: You are running Snort manually
- Please restart Snort using:
- /etc/init.d/snort start
- to let the settings take effect.
+_Description: Snort restart required
+ As Snort is manually launched, you need to run '/etc/init.d/snort' for
+ the changes to take place.
Template: snort-mysql/config_error
-Type: note
-_Description: There is an error in your configuration
- Your Snort configuration is not correct and Snort will not be able to start
- up normally. Please review your configuration and fix it. If you do not
- do this, Snort package upgrades will probably break. To check which error
- is being generated run '/usr/sbin/snort -T -c /etc/snort/snort.conf'
- (or point to an alternate configuration file if you are using different
- files for different interfaces)
+Type: error
+_Description: Configuration error
+ The current Snort configuration is invalid and will prevent Snort
+ starting up normally. Please review and correct it.
+ .
+ To diagnose an error in a Snort configuration file, use
+ '/usr/sbin/snort -T -c <file>'.
Template: snort-mysql/config_parameters
-Type: note
-_Description: This system uses an obsolete configuration file
- Your system has an obsolete configuration file
+Type: error
+_Description: Obsolete configuration file
+ This system uses an obsolete configuration file
(/etc/snort/snort.common.parameters)
which has been automatically converted into the new configuration
- file format (at /etc/default/snort). Please review the new configuration
- and remove the obsolete one. Until you do this, the init.d script
- will not use the new configuration and you will not take advantage
- of the benefits introduced in newer releases.
+ file format (at /etc/default/snort).
+ .
+ Please review the new configuration and remove the obsolete
+ one. Until you do this, the initialization script will not use the new
+ configuration and you will not take advantage of the benefits
+ introduced in newer releases.
Template: snort-mysql/configure_db
Type: boolean
Default: true
-_Description: Do you want to set up a database for snort-mysql to log to?
- You only need to do this the first time you install snort-mysql. Before
- you go on, make sure you have (1) the hostname of a machine running a
- mysql server set up to allow tcp connections from this host, (2) a
- database on that server, (3) a username and password to access the
- database. If you don't have _all_ of these, either select 'no' and run
- with regular file logging support, or fix this first. You can always
- configure database logging later, by reconfiguring the snort-mysql
- package with 'dpkg-reconfigure -plow snort-mysql'
+_Description: Set up a database for snort-mysql to log to?
+ No database has been set up for Snort to log to. Before continuing,
+ you should make sure you have:
+ .
+ - the server host name (that server must allow TCP connections
+ from this machine);
+ - a database on that server;
+ - a username and password to access the database.
+ .
+ If some of these requirements are missing, reject this option and
+ run with regular file logging support.
+ .
+ Database logging can be reconfigured later by running
+ 'dpkg-reconfigure -plow snort-mysql'.
Template: snort-mysql/db_host
Type: string
_Description: Database server hostname:
- Make sure it has been set up correctly to allow incoming connections from
- this host!
+ Please specify the host name of a database server that allows
+ incoming connections from this host.
Template: snort-mysql/db_database
Type: string
-_Description: Database to use:
- Make sure this database has been created and your database user has write
- access to this database.
+_Description: Database name:
+ Please specify the name of an existing database to which the
+ database user has write access.
Template: snort-mysql/db_user
Type: string
_Description: Username for database access:
- Make sure this user has been created and has write access.
+ Please specify a database server username with write access to the database.
Template: snort-mysql/db_pass
Type: password
_Description: Password for the database connection:
- Please enter a password to connect to the Snort Alert database.
-
+ Please enter the password to use to connect to the Snort Alert database.
Template: snort-mysql/needs_db_config
Type: note
-_Description: Snort needs a configured database to log to before it starts
+_Description: Configured database mandatory for Snort
Snort needs a configured database before it can successfully start up.
In order to create the structure you need to run the following commands
AFTER the package is installed:
+ .
cd /usr/share/doc/snort-mysql/
zcat create_mysql.gz | mysql -u <user> -h <host> -p <databasename>
+ .
Fill in the correct values for the user, host, and database names.
MySQL will prompt you for the password.
.
- After you created the database structure, you will need to start Snort
+ After you have created the database structure, you will need to start Snort
manually.
--- snort.old/debian/snort-pgsql.templates 2008-01-25 06:17:03.897206503
+0100
+++ snort/debian/snort-pgsql.templates 2008-03-07 07:36:31.484067313 +0100
@@ -1,181 +1,189 @@
+# These templates have been reviewed by the debian-l10n-english
+# team
+#
+# If modifications/additions/rewording are needed, please ask
+# [EMAIL PROTECTED] for advice.
+#
+# Even minor modifications require translation updates and such
+# changes should be coordinated with translators and reviewers.
+
Template: snort-pgsql/startup
Type: select
-_Choices: boot, dialup, manual
+__Choices: boot, dialup, manual
Default: boot
-_Description: When should Snort be started?
+_Description: Snort start method:
Snort can be started during boot, when connecting to the net with pppd or
- only when you manually start it via /usr/sbin/snort.
+ only manually with the /usr/sbin/snort command.
Template: snort-pgsql/interface
Type: string
Default: eth0
_Description: Interface(s) which Snort should listen on:
- This value usually is 'eth0', but you might want to vary this depending
- on your environment, if you are using a dialup connection 'ppp0' might
- be more appropiate (Hint: use 'ip link show' of 'ifconfig').
- .
- Typically this is the same interface than the 'default route' is on. You can
- determine which interface is used for this running either '/sbin/ip ro sh' or
- '/sbin/route -n' (look for 'default' or '0.0.0.0').
+ This value is usually 'eth0', but this may be inappropriate in some
+ network environments; for a dialup connection 'ppp0' might be more
+ appropriate (see the output of '/sbin/ifconfig').
+ .
+ Typically, this is the same interface as the 'default route' is on. You can
+ determine which interface is used for this by running '/sbin/route -n'
+ (look for '0.0.0.0').
.
- It is also not uncommon to use an interface with no IP
- and configured in promiscuous mode, if this is your case, select the
+ It is also not uncommon to use an interface with no IP address
+ configured in promiscuous mode. For such cases, select the
interface in this system that is physically connected to the network
- you want to inspect, enable promiscuous mode later on and make sure
+ that should be inspected, enable promiscuous mode later on and make sure
that the network traffic is sent to this interface (either connected
- to a 'port mirroring/spanning' port in a switch, to a hub or to a tap)
+ to a 'port mirroring/spanning' port in a switch, to a hub or to a tap).
.
- You can configure multiple interfaces here, just by adding more than
+ You can configure multiple interfaces, just by adding more than
one interface name separated by spaces. Each interface can have its
- specific configuration.
+ own specific configuration.
Template: snort-pgsql/address_range
Type: string
Default: 192.168.0.0/16
_Description: Address range that Snort will listen on:
- You have to use CIDR form, i.e. 192.168.1.0/24 for a block of 256 IPs or
- 192.168.1.42/32 for just one. Specify multiple addresses on a single line
- separated by ',' (comma characters), no spaces allowed!
+ Please use the CIDR form - for example, 192.168.1.0/24 for a block of
+ 256 addresses or 192.168.1.42/32 for just one. Multiple values should
+ be comma-separated (without spaces).
.
- If you want you can specify 'any', to not trust any side of the network.
+ If you specify 'any', Snort will listen on all available networks.
.
- Notice that if you are using multiple interfaces this definition will
- be used as the HOME_NET definition of all of them.
+ Please note that if Snort is configured to use multiple interfaces,
+ it will use this value as the HOME_NET definition for all of them.
Template: snort-pgsql/disable_promiscuous
Type: boolean
Default: false
_Description: Should Snort disable promiscuous mode on the interface?
Disabling promiscuous mode means that Snort will only see packets
- addressed to it's own interface. Enabling it allows Snort to check
- every packet that passes ethernet segment even if it's a connection
- between two other computers.
+ addressed to the interface it is monitoring. Enabling it allows Snort to
+ check every packet that passes the Ethernet segment even if it's a
+ connection between two other computers.
Template: snort-pgsql/invalid_interface
-Type: note
+Type: error
_Description: Invalid interface
- One of the interfaces you specified is not valid (it might not exist on the
- system or be down). Please introduce a valid interface when answering the
- question of which interface(s) should Snort listen on.
- .
- If you did not configure an interface then the package is trying to use the
- default ('eth0') which does not seem to be valid in your system.
+ Snort is trying to use an interface which does not exist or is down.
+ Either it is defaulting inappropriately to 'eth0', or you specified
+ one which is invalid.
Template: snort-pgsql/reverse_order
Type: boolean
Default: false
-_Description: Should Snort's rules testing order be changed to Pass|Alert|Log?
- If you change Snort's rules testing order to Pass|Alert|Log, they will be
- applied in Pass->Alert->Log order, instead of standard Alert->Pass->Log.
- This will prevent people from having to make huge Berky Packet Filter
- command line arguments to filter their alert rules.
+_Description: Should Snort's testing order be changed to Pass|Alert|Log?
+ Snort's default testing order is Alert|Pass|Log; if you accept this
+ option, the order will be changed to Pass|Alert|Log, which can make it
+ simpler to use Snort with some packet-filtering tools.
Template: snort-pgsql/send_stats
Type: boolean
Default: true
_Description: Should daily summaries be sent by e-mail?
- This Snort installation provides a cron job that runs daily and
- summarises the information of Snort logs to a selected email address.
- If you want to disable this feature say 'no' here.
+ A cron job can be set up to send daily summaries of Snort logs to a
+ selected e-mail address.
+ .
+ Please choose whether you want to activate this feature.
Template: snort-pgsql/stats_rcpt
Type: string
Default: root
_Description: Recipient of daily statistics mails:
- A cron job running daily will summarise the information of the logs
- generated by Snort using a script called 'snort-stat'. Introduce
- here the recipient of these mails. The default value is the system
- administrator. If you keep this value, make sure that the mail of
- the administrator is redirected to a user that actually reads those
- mails.
+ Please specify the e-mail address that should receive daily summaries
+ of Snort logs.
Template: snort-pgsql/options
Type: string
_Description: Additional custom options:
- If you want to specify custom options to Snort, please specify them here.
+ Please specify any additional options Snort should use.
Template: snort-pgsql/stats_treshold
Type: string
Default: 1
-_Description: Minimum occurence to report alerts:
- An alert needs to appear more times than this number to be included in the
- daily statistics.
+_Description: Minimum occurrences before alerts are reported:
+ Please enter the minimum number of alert occurrences before a given alert is
+ included in the daily statistics.
Template: snort-pgsql/please_restart_manually
Type: note
-_Description: You are running Snort manually
- Please restart Snort using:
- /etc/init.d/snort start
- to let the settings take effect.
+_Description: Snort restart required
+ As Snort is manually launched, you need to run '/etc/init.d/snort' for
+ the changes to take place.
Template: snort-pgsql/config_error
-Type: note
-_Description: There is an error in your configuration
- Your Snort configuration is not correct and Snort will not be able to start
- up normally. Please review your configuration and fix it. If you do not
- do this, Snort package upgrades will probably break. To check which error
- is being generated run '/usr/sbin/snort -T -c /etc/snort/snort.conf'
- (or point to an alternate configuration file if you are using different
- files for different interfaces)
+Type: error
+_Description: Configuration error
+ The current Snort configuration is invalid and will prevent Snort
+ starting up normally. Please review and correct it.
+ .
+ To diagnose an error in a Snort configuration file, use
+ '/usr/sbin/snort -T -c <file>'.
Template: snort-pgsql/config_parameters
-Type: note
-_Description: This system uses an obsolete configuration file
- Your system has an obsolete configuration file
+Type: error
+_Description: Obsolete configuration file
+ This system uses an obsolete configuration file
(/etc/snort/snort.common.parameters)
which has been automatically converted into the new configuration
- file format (at /etc/default/snort). Please review the new configuration
- and remove the obsolete one. Until you do this, the init.d script
- will not use the new configuration and you will not take advantage
- of the benefits introduced in newer releases.
+ file format (at /etc/default/snort).
+ .
+ Please review the new configuration and remove the obsolete
+ one. Until you do this, the initialization script will not use the new
+ configuration and you will not take advantage of the benefits
+ introduced in newer releases.
Template: snort-pgsql/configure_db
Type: boolean
Default: true
-_Description: Do you want to set up a database for snort-pgsql to log to?
- You only need to do this the first time you install snort-pgsql. Before
- you go on, make sure you have (1) the hostname of a machine running a
- pgsql server set up to allow tcp connections from this host, (2) a
- database on that server, (3) a username and password to access the
- database. If you don't have _all_ of these, either select 'no' and run
- with regular file logging support, or fix this first. You can always
- configure database logging later, by reconfiguring the snort-pgsql
- package with 'dpkg-reconfigure -plow snort-pgsql'
+_Description: Set up a database for snort-pgsql to log to?
+ No database has been set up for Snort to log to. Before continuing,
+ you should make sure you have:
+ .
+ - the server host name (that server must allow TCP connections
+ from this machine);
+ - a database on that server;
+ - a username and password to access the database.
+ .
+ If some of these requirements are missing, reject this option and
+ run with regular file logging support.
+ .
+ Database logging can be reconfigured later by running
+ 'dpkg-reconfigure -plow snort-pgsql'.
Template: snort-pgsql/db_host
Type: string
_Description: Database server hostname:
- Make sure it has been set up correctly to allow incoming connections from
- this host!
+ Please specify the host name of a database server that allows
+ incoming connections from this host.
Template: snort-pgsql/db_database
Type: string
-_Description: Database to use:
- Make sure this database has been created and your database user has write
- access to this database.
+_Description: Database name:
+ Please specify the name of an existing database to which the
+ database user has write access.
Template: snort-pgsql/db_user
Type: string
_Description: Username for database access:
- Make sure this user has been created and has write access.
+ Please specify a database server username with write access to the database.
Template: snort-pgsql/db_pass
Type: password
_Description: Password for the database connection:
- Please enter a password to connect to the Snort Alert database.
-
+ Please enter the password to use to connect to the Snort Alert database.
Template: snort-pgsql/needs_db_config
Type: note
-_Description: Snort needs a configured database to log to before it starts
+_Description: Configured database mandatory for Snort
Snort needs a configured database before it can successfully start up.
In order to create the structure you need to run the following commands
AFTER the package is installed:
+ .
cd /usr/share/doc/snort-pgsql/
zcat create_postgresql.gz | psql -U <user> -h <host> -W <databasename>
+ .
Fill in the correct values for the user, host, and database names.
PostgreSQL will prompt you for the password.
.
- After you created the database structure, you will need to start Snort
+ After you have created the database structure, you will need to start Snort
manually.
--- snort.old/debian/snort-common.templates 2008-01-25 06:17:03.897206503
+0100
+++ snort/debian/snort-common.templates 2008-03-07 07:36:31.588056013 +0100
@@ -1,11 +1,20 @@
+# These templates have been reviewed by the debian-l10n-english
+# team
+#
+# If modifications/additions/rewording are needed, please ask
+# [EMAIL PROTECTED] for advice.
+#
+# Even minor modifications require translation updates and such
+# changes should be coordinated with translators and reviewers.
+
Template: snort/deprecated_config
Type: note
-_Description: Your configuration file is deprecated
- Your Snort configuration file (/etc/snort/snort.conf) uses deprecated
- options no longer available for this Snort release.
+_Description: Deprecated configuration file
+ The Snort configuration file (/etc/snort/snort.conf) uses deprecated
+ options no longer available for this Snort release.
Snort will not be able to start unless you provide a correct configuration
- file. You can substitute your configuration file with the one provided
- in this package or fix it manually by removing deprecated options.
+ file. Either allow the configuration file to be replaced with the one
+ provided in this package or fix it manually by removing deprecated options.
.
- The following deprecated options were found in your configuration file:
- ${DEP_CONFIG}
+ The following deprecated options were found in the configuration file:
+ ${DEP_CONFIG}.
--- snort.old/debian/control 2008-01-25 06:17:03.913192050 +0100
+++ snort/debian/control 2008-03-04 17:53:51.499669843 +0100
@@ -6,6 +6,7 @@
Build-Depends: libnet1-dev, libpcap0.8-dev, libpcre3-dev, debhelper (>=
4.1.13), libmysqlclient15-dev | libmysqlclient-dev, libpq-dev, po-debconf (>=
0.5.0), libprelude-dev, iptables-dev
Build-Depends-Indep: texlive, texlive-latex-base, gs-common
Standards-Version: 3.5.6
+Homepage: http://www.snort.org/
Package: snort
Architecture: any
@@ -14,8 +15,7 @@
Conflicts: snort-mysql, snort-pgsql
Replaces: snort-common (<< 2.0.2-3)
Recommends: snort-doc
-Homepage: http://www.snort.org/
-Description: Flexible Network Intrusion Detection System
+Description: flexible Network Intrusion Detection System
Snort is a libpcap-based packet sniffer/logger which can be used as a
lightweight network intrusion detection system. It features rules
based logging and can perform content searching/matching in addition
@@ -25,7 +25,7 @@
sent to syslog, a separate "alert" file, or even to a Windows computer
via Samba.
.
- This package provides the plain-vanilla snort distribution and does not
+ This package provides the plain-vanilla version of Snort and does not
provide database (available in snort-pgsql and snort-mysql) support.
Package: snort-common
@@ -36,7 +36,7 @@
Replaces: snort (<< 1.8.4beta1-1)
Suggests: snort-doc
Homepage: http://www.snort.org/
-Description: Flexible Network Intrusion Detection System [common files]
+Description: flexible Network Intrusion Detection System [common files]
Snort is a libpcap-based packet sniffer/logger which can be used as a
lightweight network intrusion detection system. It features rules
based logging and can perform content searching/matching in addition
@@ -72,7 +72,7 @@
Depends: snort-common-libraries (>=${binary:Version}), snort-rules-default (>=
${binary:Version}), debconf (>= 0.2.80) | debconf-2.0, syslogd |
system-log-daemon, ${shlibs:Depends}, snort-common (>= ${binary:Version}),
logrotate
Conflicts: snort, snort-pgsql
Homepage: http://www.snort.org/
-Description: Flexible Network Intrusion Detection System [MySQL]
+Description: flexible Network Intrusion Detection System [MySQL]
Distribution of Snort with support for logging to a MySQL database.
.
Snort is a libpcap-based packet sniffer/logger which can be used as a
@@ -91,7 +91,7 @@
Depends: snort-common-libraries (>=${binary:Version}), snort-rules-default (>=
${binary:Version}), debconf (>= 0.2.80) | debconf-2.0, adduser (>= 3.11),
syslogd | system-log-daemon, ${shlibs:Depends}, snort-common (>=
${binary:Version}), logrotate
Conflicts: snort, snort-mysql
Homepage: http://www.snort.org/
-Description: Flexible Network Intrusion Detection System [PostgreSQL]
+Description: flexible Network Intrusion Detection System [PostgreSQL]
Distribution of Snort with support for logging to a PostgreSQL dbase.
.
Snort is a libpcap-based packet sniffer/logger which can be used as a
@@ -110,7 +110,7 @@
Suggests: snort (>= 2.2.0) | snort-pgsql (>= 2.2.0) | snort-mysql (>= 2.2.0)
Recommends: oinkmaster
Homepage: http://www.snort.org/rules/
-Description: Flexible Network Intrusion Detection System ruleset
+Description: flexible Network Intrusion Detection System ruleset
Snort default ruleset which provides a common set of accepted and test
network intrusion detection rules developed by the Snort community.
.
@@ -122,7 +122,7 @@
Suggests: snort (>= 2.7.0) | snort-pgsql (>= 2.7.0) | snort-mysql (>= 2.7.0)
Conflicts: snort-common (<< 2.7.0-6)
Homepage: http://www.snort.org/
-Description: Flexible Network Intrusion Detection System ruleset
+Description: flexible Network Intrusion Detection System ruleset
Snort is a libpcap-based packet sniffer/logger which can be used as a
lightweight network intrusion detection system. It features rules
based logging and can perform content searching/matching in addition
