From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 0D12F1382DE for ; Wed, 29 Jun 2016 06:44:16 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 46D5114145; Wed, 29 Jun 2016 06:44:14 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id C414414145 for ; Wed, 29 Jun 2016 06:44:13 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 47A92340D54 for ; Wed, 29 Jun 2016 06:44:12 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id C738B2428 for ; Wed, 29 Jun 2016 06:44:08 +0000 (UTC) From: "Slawek Lis" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Slawek Lis" Message-ID: <1467182690.d98d97359da37602fb63290fcd14c78351150f1f.slis@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/ X-VCS-Repository: repo/gentoo X-VCS-Files: net-analyzer/suricata/Manifest net-analyzer/suricata/metadata.xml net-analyzer/suricata/suricata-3.1.ebuild X-VCS-Directories: net-analyzer/suricata/ X-VCS-Committer: slis X-VCS-Committer-Name: Slawek Lis X-VCS-Revision: d98d97359da37602fb63290fcd14c78351150f1f X-VCS-Branch: master Date: Wed, 29 Jun 2016 06:44:08 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 84dac897-782d-4ff3-9c7e-94597288fb65 X-Archives-Hash: 005145ca9b3c77b12be14dce38b915d0 commit: d98d97359da37602fb63290fcd14c78351150f1f Author: Slawomir Lis gentoo org> AuthorDate: Wed Jun 29 06:44:50 2016 +0000 Commit: Slawek Lis gentoo org> CommitDate: Wed Jun 29 06:44:50 2016 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d98d9735 version bump, metadata update Package-Manager: portage-2.3.0_rc1 net-analyzer/suricata/Manifest | 1 + net-analyzer/suricata/metadata.xml | 5 +- net-analyzer/suricata/suricata-3.1.ebuild | 115 ++++++++++++++++++++++++++++++ 3 files changed, 119 insertions(+), 2 deletions(-) diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest index d82d007..1d5b46a 100644 --- a/net-analyzer/suricata/Manifest +++ b/net-analyzer/suricata/Manifest @@ -1,2 +1,3 @@ DIST suricata-2.0.11.tar.gz 3091124 SHA256 c607f1e18e5636830f42a83f7c67e1466f07db82853f3a9dba4ab8c6c3bc656e SHA512 659e893fef3cdcca8440f2af7596d5cc58b142d3350b9ea5ba57d855c6759a00adafeb15a1dfe91dd55eca1437487eb4e842b4e2913d12417f0b906ca3d54ec9 WHIRLPOOL 5cfa55abd90284a0a3441853af9db18075a23fa5661d89448b409b8fdd1031ad348d76d455b7dfe7b2688e69633f5bbb65dc060cc2426af017ab1bcb824c9ac5 DIST suricata-3.0.1.tar.gz 3315637 SHA256 74c685f8da51b3f038a7b8185bdbed274aca25daf64ac7ea01eea60636727f26 SHA512 cd10f5b19dd7b6ccbed668263b54d93738842191e71391b040aa7fc2049ac597feb38cd333f07b15d30ebeaf778f6abe18b72215e609891608dca094531c7fd8 WHIRLPOOL a1f6c8ee760cac9e3daa3358e89d30b4a24441fb975214ae2fe165fcb697b4292e035007323041febdc0d8f09b16666515aba76f60f1e437d865193db3deb25d +DIST suricata-3.1.tar.gz 3327181 SHA256 a05aa534166495a4d9ea6104a936bc8edb49376aeb3ba0b1b2a4d9687d016669 SHA512 64483951136f064ed3ad0e01276ac633e53aed511d5517b67d6ab2b81e7c2af436dcece7f8a2576c741cd79d19176da622775ff580f2f0cf747fd134ddcfd352 WHIRLPOOL 39a79626ab496789676a39f62cf2c6cfdfc592d0d04add63f711d7487364fcdd54be63d73b0529b39a5ef9aa30dadaf5ae5af57ff51cf65d9ecfd2ea5f2451ff diff --git a/net-analyzer/suricata/metadata.xml b/net-analyzer/suricata/metadata.xml index 0f80bed..e538ae1 100644 --- a/net-analyzer/suricata/metadata.xml +++ b/net-analyzer/suricata/metadata.xml @@ -11,7 +11,8 @@ Enable detection modules Enable Luajit support Enable libnetfilter_log support - Enable AF_PACKET support - Enable AF_PACKET support + Enable NFQUEUE support for inline IDP + Enable Redis support + Install default ruleset diff --git a/net-analyzer/suricata/suricata-3.1.ebuild b/net-analyzer/suricata/suricata-3.1.ebuild new file mode 100644 index 0000000..18a981c --- /dev/null +++ b/net-analyzer/suricata/suricata-3.1.ebuild @@ -0,0 +1,115 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit autotools eutils user + +DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine" +HOMEPAGE="http://suricata-ids.org/" +SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="+af-packet control-socket cuda debug +detection geoip hardened lua luajit nflog +nfqueue redis +rules test" + +DEPEND=" + >=dev-libs/jansson-2.2 + dev-libs/libpcre + dev-libs/libyaml + net-libs/libnet:* + net-libs/libnfnetlink + dev-libs/nspr + dev-libs/nss + >=net-libs/libhtp-0.5.18 + net-libs/libpcap + sys-apps/file + cuda? ( dev-util/nvidia-cuda-toolkit ) + geoip? ( dev-libs/geoip ) + lua? ( dev-lang/lua:* ) + luajit? ( dev-lang/luajit:* ) + nflog? ( net-libs/libnetfilter_log ) + nfqueue? ( net-libs/libnetfilter_queue ) + redis? ( dev-libs/hiredis ) +" +# #446814 +# prelude? ( dev-libs/libprelude ) +# pfring? ( sys-process/numactl net-libs/pf_ring) +RDEPEND="${DEPEND}" + +pkg_setup() { + enewgroup ${PN} + enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}" +} + +src_prepare() { + eautoreconf +} + +src_configure() { + local myeconfargs=( + "--localstatedir=/var/" \ + "--enable-non-bundled-htp" \ + $(use_enable af-packet) \ + $(use_enable detection) \ + $(use_enable nfqueue) \ + $(use_enable redis hiredis) \ + $(use_enable test coccinelle) \ + $(use_enable test unittests) \ + $(use_enable control-socket unix-socket) + ) + + if use cuda ; then + myeconfargs+=( $(use_enable cuda) ) + fi + if use debug ; then + myeconfargs+=( $(use_enable debug) ) + fi + if use geoip ; then + myeconfargs+=( $(use_enable geoip) ) + fi + if use hardened ; then + myeconfargs+=( $(use_enable hardened gccprotect) ) + fi + if use nflog ; then + myeconfargs+=( $(use_enable nflog) ) + fi + # not supported yet (no pfring in portage) +# if use pfring ; then +# myeconfargs+=( $(use_enable pfring) ) +# fi + # no libprelude in portage +# if use prelude ; then +# myeconfargs+=( $(use_enable prelude) ) +# fi + if use lua ; then + myeconfargs+=( $(use_enable lua) ) + fi + if use luajit ; then + myeconfargs+=( $(use_enable luajit) ) + fi + +# this should be used when pf_ring use flag support will be added +# LIBS+="-lrt -lnuma" + + econf LIBS="${LIBS}" ${myeconfargs[@]} +} + +src_install() { + emake DESTDIR="${D}" install + + insinto "/etc/${PN}" + doins {classification,reference,threshold}.config suricata.yaml + + if use rules ; then + insinto "/etc/${PN}/rules" + doins rules/*.rules + fi + + dodir "/var/lib/${PN}" + dodir "/var/log/${PN}" + fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}" + fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}" +}