Re: problems with yum and roo

["Earl" <esammons () hush com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Erin/All,

I have to admit that my communication / release engineering skills
have been a bit lax...  Sorry about that.

Long story short:  There are no updates for roo-1.0.hw-189.  I
cleared the update repos (that brok roo anyway) because we were
just about to release roo-1.1.hw-1... Then our upstream OS update
feed dried up.

We decided to hold the release and do a "quick" (yeah right) OS
update which we are working on now.  If anyone wants to play with
roo-1.1.hw-1, which is essentially 189 plus 5,000 or so bug fixes
<grin>, feel free,  however, please be advised, there will not be
any updates to anything until we do a full release of roo-1.2.hw-1.
 Nothing worng with FC, just a bit tough keeping up with the
release cycle :)

Sorry about not being able to support what we create...  I'm
looking very hard at moving to CentOS for an underlying OS later in
the year to give us a _much_ longer support tail.

Below is the important part of what would have been an official
release message for 1.1.  You can find the roo-1.1.hw-1 ISO, sigs,
changelog and the default honeywall.conf it ships with here:

http://www.honeynet.org/tools/cdrom/roo/iso/test/

Bug reports (https://bugs.honeynet.org/) on things like the new
snort update process and things unrelated to old OS layer stuff
will help us clean up any loose ends for the official release of
1.2 when were ready for it.

Stay tuned for info on when 1.2 is ready and thanks for your
patience.

Earl

ROO-1.1.hw-1 Release Mesage notes:

Install
========
Unfortunately, there is NO upgrade path from previous versions of
roo to roo-1.1x.  The only way to run roo-1.1x is to do a complete
install (which will erase all existing data).  The reason for this
is due to the tremendous number of bug fixes, updates, and overall
stability added.  We are working on a data export/import process to
transfer data from an existing roo to a new (or other) roo but its
not quite ready for prime time yet.

NOTE: This version is still based on Fedora Core 3, which recently
confirmed no longer has legacy support.  We intend to soon release
another version (Honeywall 1.2) based on Fedora Core 6.

Major Changes
==============
Aside from numerous bug fixes that were listed in our bugserver (see
also changelog), the following list highlights most of the major
changes
since version 1.0.hw-189:

o Thanks to Sourcefire, the Honeywall CDROM is now distributed with
the
  latest version of the Sourcefire VRT Certified Rules for Snort and
  Snort_Inline.

o We added Oinkmaster and Snortconfig to automate Snort(IDS) and
  Snort-inline (IPS) rule updates.

o We updated Snort from version 2.3.3 to 2.6.0.1.

o We have updated the functionality of Snort-Inline. In versions of
Roo
  prior to version 1.1.hw-1 there were a limited number of IPS rules
  that were hand picked for versatility.  They were all known to
  function well with the 'Action' field set to either of DROP,
  REJECT, or REPLACE.  Now that we are utilizing the entire VRT
rule
  set for both IDS and IPS rules this is no longer true.  We have
  removed the ability to set all IPS rules to either of
  DROP/REJECT/REPLACE.  Instead the decision on
  which action is appropriate for each IPS rule is being passed off
to
  'snortconfig' which was written and is maintained by Brian
Caswell,
  who has written a snort rule or two ;P

o Since the Ethereal Core development team is now working on
wireshark,
  which is of the same code base, we have made the move from
tethereal
  0.10.14 -> Wireshark 0.99.3.  We really only "require" the
mergecap
  utility but we also include the very handy cli capture tool
formerly
  known as tethereal (now tshark).

o Changed the update process so that, by default, ALL updates for
roo
  will come from the Honeynet Project yum repo instead of the
various
  independent OS and application repos.  This will enable us to test
  updates before they are received to ensure that updates don't
break
  Roo. Optionally, one can use the tool 'hwrepoconf' to enable OS /
  application repos if you desire quicker (but untested) updates as
  they become available.  Be warned, however, that updates from
repos
  other than the Honeynet repo may break your Honeywall!





On Wed, 31 Jan 2007 10:50:41 -0500 "Erin L. Johnson"
<tenbris () gmail com> wrote:
> I loaded a fresh install of roo 1.0 189 and tried to run 'yum
> update
> roo-base' to avoid bug 423
> (https://bugs.honeynet.org/show_bug.cgi?id=423).  This gave me an
> error of:
>
> http://www.honeynet.org/tools/cdrom/roo/repo/roo-base-1.0.hw-
> 442.noarch.rpm:
> [Errno 4] IOError: HTTP Error 404: Not Found
>
> After poking around the roo directory on honeynet.org I did find a
> repo2 directory.  However, when I modify
> /etc/yum.repos.d/honeynet.repo to point to
> http://www.honeynet.org/tools/cdrom/roo/repo2/ and then run  'yum
> update roo-base' it says that roo-base does not need to be
> updated.
> Yet, when I run 'yum update' I get  the same behaviour as bug 423.
>
> Any thoughts?
>
> Thanks,
> -e
>
> --
> Time does not change us. It just unfolds us.
>   - Max Frisch
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.5

wkYEARECAAYFAkXBWd4ACgkQk7+e+4lPSm2+3ACgkwH2apszpG07M+fgPRKgQ13cH3QA
njZv8CGB4mkFNGyho3KlO0aLr5I6
=BGJ9
-----END PGP SIGNATURE-----