[deleted comment]

[deleted comment]

# downloaded tarball:
wget http://www.snort.org/downloads/1347

# decompressed tarball and built package:
tar zxvf 1347
cd snort-2.9.2/
./configure --enable-sourcefire
make
checkinstall

# verified 
snort -v
dpkg -l |grep snort

# downloaded and customized snort.conf template
cd /etc/snort/
mkdir 2.9.1.2
mv snort.conf* 2.9.1.2
wget http://labs.snort.org/snort/2920/snort.conf
vi snort.conf

# built securityonion-snort-config package
cd /home/build
/usr/local/lib/ruby/gems/1.9.1/gems/fpm-0.3.11/bin/fpm -s dir -t deb -n 
securityonion-snort-config -v 20120116 /etc/snort/

# created white_list.rules and black_list.rules and packaged:
touch /etc/nsm/rules/white_list.rules
touch /etc/nsm/rules/black_list.rules
/usr/local/lib/ruby/gems/1.9.1/gems/fpm-0.3.11/bin/fpm -s dir -t deb -n 
securityonion-snort-reputation -v 20120116 /etc/nsm/rules/white_list.rules 
/etc/nsm/rules/black_list.rules 

# added the following to security-onion-upgrade.sh:

sed -i 's| |=|g' $CONF
source $CONF
if [ "$VERSION" = "20120114" ]; then
        NEW="20120116"
        echo "**********************************************"   | $LOGGER
        echo "* Upgrading from $VERSION to $NEW."               | $LOGGER
        echo "**********************************************"   | $LOGGER
        DIR="/nsm/backup/$NEW"
        mkdir -p $DIR                                           | $LOGGER
        cd $DIR

    FILE=securityonion-snort_"$NEW"-1_i386.deb
    echo "* Installing $FILE"               | $LOGGER
    wget -q http://sourceforge.net/projects/security-onion/files/$NEW/$FILE -O $FILE | $LOGGER
    dpkg -i $FILE                       | $LOGGER

    FILE=securityonion-snort-config_"$NEW"_i386.deb
    echo "* Installing $FILE"               | $LOGGER
    wget -q http://sourceforge.net/projects/security-onion/files/$NEW/$FILE -O $FILE | $LOGGER
    dpkg -i --force-overwrite $FILE             | $LOGGER

    FILE=securityonion-snort-reputation_"$NEW"_i386.deb
    echo "* Installing $FILE"               | $LOGGER
    wget -q http://sourceforge.net/projects/security-onion/files/$NEW/$FILE -O $FILE | $LOGGER
    dpkg -i $FILE                       | $LOGGER

    SENSORS=`grep -v "^#" /etc/nsm/sensortab |awk '{print $1}'`
    for SENSORNAME in $SENSORS; do
        echo "* Backing up /etc/nsm/$SENSORNAME/"   | $LOGGER
        cp -a /etc/nsm/"$SENSORNAME"/ .         | $LOGGER
        echo "* Copying new snort.conf to /etc/nsm/$SENSORNAME/"    | $LOGGER
        cp /etc/snort/snort.conf /etc/nsm/"$SENSORNAME"/    | $LOGGER
        sed -i "s|# preprocessor perfmonitor: time 300 file /var/snort/snort.stats pktcnt 10000|preprocessor perfmonitor: time 300 file /nsm/sensor_data/"$SEN
SORNAME"/snort.stats pktcnt 10000|" /etc/nsm/"$SENSORNAME"/snort.conf | $LOGGER
    done

    [ "$ENGINE" = "snort" ] && /usr/local/bin/pulledpork_update.sh | $LOGGER

        sed -i "s|VERSION=$VERSION|VERSION=$NEW|g" $CONF        | $LOGGER
        echo "* Upgrade to $NEW complete."                      | $LOGGER
        echo 
fi

Published:
http://securityonion.blogspot.com/2012/01/security-onion-20120116-now-available.
html