1 |
commit: 1cccc7fc24794b31f27225822e9017bdf39187e5 |
2 |
Author: Slawomir Lis <slis <AT> gentoo <DOT> org> |
3 |
AuthorDate: Mon Nov 30 06:13:41 2015 +0000 |
4 |
Commit: Slawek Lis <slis <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Nov 30 06:13:41 2015 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1cccc7fc |
7 |
|
8 |
Added suricata ebuild (#437564) |
9 |
|
10 |
Package-Manager: portage-2.2.26 |
11 |
|
12 |
net-analyzer/suricata/Manifest | 1 + |
13 |
.../suricata/files/fortify_source-numeric.patch | 11 ++ |
14 |
net-analyzer/suricata/files/json.patch | 10 ++ |
15 |
net-analyzer/suricata/files/magic-location.patch | 13 +++ |
16 |
net-analyzer/suricata/metadata.xml | 16 +++ |
17 |
net-analyzer/suricata/suricata-2.0.10.ebuild | 119 +++++++++++++++++++++ |
18 |
6 files changed, 170 insertions(+) |
19 |
|
20 |
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest |
21 |
new file mode 100644 |
22 |
index 0000000..77f17d0 |
23 |
--- /dev/null |
24 |
+++ b/net-analyzer/suricata/Manifest |
25 |
@@ -0,0 +1 @@ |
26 |
+DIST suricata-2.0.10.tar.gz 3090730 SHA256 c8d1d3b6ce3d2a56577fca224424071afd921739d3859efc8a62229556d4beef SHA512 fa3683a93d85b26166b0f67a85f1a498941aadf4372ef98bd7fe62fcdef150af46b65456e3a764e054c385abbf44138ae6f70882c68ba320508eade6e181f2c6 WHIRLPOOL b867003e76df2b0b1b56c89415ed96acbf9d8966739d77aa303055d29ae5cdad8ad0b58e969336f0c1fc2e5d9990941622c19c062828dae58bf062f5662225f3 |
27 |
|
28 |
diff --git a/net-analyzer/suricata/files/fortify_source-numeric.patch b/net-analyzer/suricata/files/fortify_source-numeric.patch |
29 |
new file mode 100644 |
30 |
index 0000000..0a7f482 |
31 |
--- /dev/null |
32 |
+++ b/net-analyzer/suricata/files/fortify_source-numeric.patch |
33 |
@@ -0,0 +1,11 @@ |
34 |
+--- a/src/suricata.c 2015-10-02 00:21:55.634213646 +0200 |
35 |
++++ b/src/suricata.c 2015-10-02 00:22:39.143940007 +0200 |
36 |
+@@ -774,7 +774,7 @@ |
37 |
+ printf("compiled with -fstack-protector-all\n"); |
38 |
+ #endif |
39 |
+ #ifdef _FORTIFY_SOURCE |
40 |
+- printf("compiled with _FORTIFY_SOURCE=%d\n", _FORTIFY_SOURCE); |
41 |
++ printf("compiled with _FORTIFY_SOURCE\n"); |
42 |
+ #endif |
43 |
+ #ifdef CLS |
44 |
+ printf("L1 cache line size (CLS)=%d\n", CLS); |
45 |
|
46 |
diff --git a/net-analyzer/suricata/files/json.patch b/net-analyzer/suricata/files/json.patch |
47 |
new file mode 100644 |
48 |
index 0000000..a542f35 |
49 |
--- /dev/null |
50 |
+++ b/net-analyzer/suricata/files/json.patch |
51 |
@@ -0,0 +1,10 @@ |
52 |
+--- src/output-json.h.orig 2015-11-21 21:56:24.996289587 +0100 |
53 |
++++ src/output-json.h 2015-11-21 21:57:11.419622642 +0100 |
54 |
+@@ -28,6 +28,7 @@ |
55 |
+ |
56 |
+ #ifdef HAVE_LIBJANSSON |
57 |
+ |
58 |
++#include <jansson.h> |
59 |
+ #include "suricata-common.h" |
60 |
+ #include "util-buffer.h" |
61 |
+ #include "util-logopenfile.h" |
62 |
|
63 |
diff --git a/net-analyzer/suricata/files/magic-location.patch b/net-analyzer/suricata/files/magic-location.patch |
64 |
new file mode 100644 |
65 |
index 0000000..02681f9 |
66 |
--- /dev/null |
67 |
+++ b/net-analyzer/suricata/files/magic-location.patch |
68 |
@@ -0,0 +1,13 @@ |
69 |
+diff --git a/configure.ac b/configure.ac |
70 |
+index 8b41eb0..3cdf0e7 100644 |
71 |
+--- a/configure.ac |
72 |
++++ b/configure.ac |
73 |
+@@ -182,7 +182,7 @@ |
74 |
+ fi |
75 |
+ echo -n "installation for $host OS... " |
76 |
+ |
77 |
+- e_magic_file="/usr/share/file/magic" |
78 |
++ e_magic_file="/usr/share/misc/magic.mgc" |
79 |
+ case "$host" in |
80 |
+ *-*-*freebsd*) |
81 |
+ LUA_PC_NAME="lua-5.1" |
82 |
|
83 |
diff --git a/net-analyzer/suricata/metadata.xml b/net-analyzer/suricata/metadata.xml |
84 |
new file mode 100644 |
85 |
index 0000000..34c1b31 |
86 |
--- /dev/null |
87 |
+++ b/net-analyzer/suricata/metadata.xml |
88 |
@@ -0,0 +1,16 @@ |
89 |
+<?xml version="1.0" encoding="UTF-8"?> |
90 |
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
91 |
+<pkgmetadata> |
92 |
+ <maintainer> |
93 |
+ <email>slis@g.o</email> |
94 |
+ </maintainer> |
95 |
+ <use> |
96 |
+ <flag name="af-packet">Enable AF_PACKET support</flag> |
97 |
+ <flag name="control-socket">Enable unix socket</flag> |
98 |
+ <flag name="cuda">Enable NVIDIA Cuda computations support</flag> |
99 |
+ <flag name="luajit">Enable Luajit support</flag> |
100 |
+ <flag name="nflog">Enable libnetfilter_log support</flag> |
101 |
+ <flag name="nfqueue">Enable AF_PACKET support</flag> |
102 |
+ <flag name="rules">Enable AF_PACKET support</flag> |
103 |
+ </use> |
104 |
+</pkgmetadata> |
105 |
|
106 |
diff --git a/net-analyzer/suricata/suricata-2.0.10.ebuild b/net-analyzer/suricata/suricata-2.0.10.ebuild |
107 |
new file mode 100644 |
108 |
index 0000000..40b2740 |
109 |
--- /dev/null |
110 |
+++ b/net-analyzer/suricata/suricata-2.0.10.ebuild |
111 |
@@ -0,0 +1,119 @@ |
112 |
+# Copyright 1999-2015 Gentoo Foundation |
113 |
+# Distributed under the terms of the GNU General Public License v2 |
114 |
+# $Id$ |
115 |
+ |
116 |
+EAPI=5 |
117 |
+ |
118 |
+inherit autotools eutils user |
119 |
+ |
120 |
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine" |
121 |
+HOMEPAGE="http://suricata-ids.org/" |
122 |
+SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz" |
123 |
+ |
124 |
+LICENSE="GPL-2" |
125 |
+SLOT="0" |
126 |
+KEYWORDS="~amd64 ~x86" |
127 |
+IUSE="+af-packet control-socket cuda debug geoip hardened lua luajit nflog +nfqueue +rules test" |
128 |
+ |
129 |
+DEPEND=" |
130 |
+ >=dev-libs/jansson-2.2 |
131 |
+ dev-libs/libpcre |
132 |
+ dev-libs/libyaml |
133 |
+ net-libs/libnet:* |
134 |
+ net-libs/libnfnetlink |
135 |
+ dev-libs/nspr |
136 |
+ dev-libs/nss |
137 |
+ net-libs/libpcap |
138 |
+ sys-apps/file |
139 |
+ cuda? ( dev-util/nvidia-cuda-toolkit ) |
140 |
+ geoip? ( dev-libs/geoip ) |
141 |
+ lua? ( dev-lang/lua:* ) |
142 |
+ luajit? ( dev-lang/luajit:* ) |
143 |
+ nflog? ( net-libs/libnetfilter_log ) |
144 |
+ nfqueue? ( net-libs/libnetfilter_queue ) |
145 |
+" |
146 |
+# #446814 |
147 |
+# prelude? ( dev-libs/libprelude ) |
148 |
+# pfring? ( sys-process/numactl net-libs/pf_ring) |
149 |
+# system-htp? ( >=net-analyzer/htp-0.5.5 ) |
150 |
+RDEPEND="${DEPEND}" |
151 |
+ |
152 |
+pkg_setup() { |
153 |
+ enewgroup ${PN} |
154 |
+ enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}" |
155 |
+} |
156 |
+ |
157 |
+src_prepare() { |
158 |
+ epatch "${FILESDIR}/fortify_source-numeric.patch" |
159 |
+ epatch "${FILESDIR}/magic-location.patch" |
160 |
+ epatch "${FILESDIR}/json.patch" |
161 |
+ |
162 |
+ eautoreconf |
163 |
+} |
164 |
+ |
165 |
+src_configure() { |
166 |
+ local myeconfargs=( |
167 |
+ "--localstatedir=/var/" \ |
168 |
+ "--disable-detection" \ |
169 |
+ $(use_enable af-packet) \ |
170 |
+ $(use_enable nfqueue) \ |
171 |
+ $(use_enable test coccinelle) \ |
172 |
+ $(use_enable test unittests) \ |
173 |
+ $(use_enable control-socket unix-socket) |
174 |
+ ) |
175 |
+ |
176 |
+ if use cuda ; then |
177 |
+ myeconfargs+=( $(use_enable cuda) ) |
178 |
+ fi |
179 |
+ if use debug ; then |
180 |
+ myeconfargs+=( $(use_enable debug) ) |
181 |
+ fi |
182 |
+ if use geoip ; then |
183 |
+ myeconfargs+=( $(use_enable geoip) ) |
184 |
+ fi |
185 |
+ if use hardened ; then |
186 |
+ myeconfargs+=( $(use_enable hardened gccprotect) ) |
187 |
+ fi |
188 |
+ if use nflog ; then |
189 |
+ myeconfargs+=( $(use_enable nflog) ) |
190 |
+ fi |
191 |
+ # not supported yet (no pfring in portage) |
192 |
+# if use pfring ; then |
193 |
+# myeconfargs+=( $(use_enable pfring) ) |
194 |
+# fi |
195 |
+ # no libprelude in portage |
196 |
+# if use prelude ; then |
197 |
+# myeconfargs+=( $(use_enable prelude) ) |
198 |
+# fi |
199 |
+ # htp not added into portage yet |
200 |
+# if use system-htp ; then |
201 |
+# myeconfargs+=( $(use_enable system-htp non-bundled-htp) ) |
202 |
+# fi |
203 |
+ if use lua ; then |
204 |
+ myeconfargs+=( $(use_enable lua) ) |
205 |
+ fi |
206 |
+ if use luajit ; then |
207 |
+ myeconfargs+=( $(use_enable luajit) ) |
208 |
+ fi |
209 |
+ |
210 |
+ LIBS+="-lrt -lnuma" |
211 |
+ |
212 |
+ econf LIBS="${LIBS}" ${myeconfargs[@]} |
213 |
+} |
214 |
+ |
215 |
+src_install() { |
216 |
+ emake DESTDIR="${D}" install |
217 |
+ |
218 |
+ insinto "/etc/${PN}" |
219 |
+ doins {classification,reference,threshold}.config suricata.yaml |
220 |
+ |
221 |
+ if use rules ; then |
222 |
+ insinto "/etc/${PN}/rules" |
223 |
+ doins rules/*.rules |
224 |
+ fi |
225 |
+ |
226 |
+ dodir "/var/lib/${PN}" |
227 |
+ dodir "/var/log/${PN}" |
228 |
+ fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}" |
229 |
+ fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}" |
230 |
+} |
231 |
\ No newline at end of file |