public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, net-analyzer/suricata/files/
@ 2015-11-30  6:10 Slawek Lis
  0 siblings, 0 replies; 11+ messages in thread
From: Slawek Lis @ 2015-11-30  6:10 UTC (permalink / raw
  To: gentoo-commits

commit:     1cccc7fc24794b31f27225822e9017bdf39187e5
Author:     Slawomir Lis <slis <AT> gentoo <DOT> org>
AuthorDate: Mon Nov 30 06:13:41 2015 +0000
Commit:     Slawek Lis <slis <AT> gentoo <DOT> org>
CommitDate: Mon Nov 30 06:13:41 2015 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1cccc7fc

Added suricata ebuild (#437564)

Package-Manager: portage-2.2.26

 net-analyzer/suricata/Manifest                     |   1 +
 .../suricata/files/fortify_source-numeric.patch    |  11 ++
 net-analyzer/suricata/files/json.patch             |  10 ++
 net-analyzer/suricata/files/magic-location.patch   |  13 +++
 net-analyzer/suricata/metadata.xml                 |  16 +++
 net-analyzer/suricata/suricata-2.0.10.ebuild       | 119 +++++++++++++++++++++
 6 files changed, 170 insertions(+)

diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
new file mode 100644
index 0000000..77f17d0
--- /dev/null
+++ b/net-analyzer/suricata/Manifest
@@ -0,0 +1 @@
+DIST suricata-2.0.10.tar.gz 3090730 SHA256 c8d1d3b6ce3d2a56577fca224424071afd921739d3859efc8a62229556d4beef SHA512 fa3683a93d85b26166b0f67a85f1a498941aadf4372ef98bd7fe62fcdef150af46b65456e3a764e054c385abbf44138ae6f70882c68ba320508eade6e181f2c6 WHIRLPOOL b867003e76df2b0b1b56c89415ed96acbf9d8966739d77aa303055d29ae5cdad8ad0b58e969336f0c1fc2e5d9990941622c19c062828dae58bf062f5662225f3

diff --git a/net-analyzer/suricata/files/fortify_source-numeric.patch b/net-analyzer/suricata/files/fortify_source-numeric.patch
new file mode 100644
index 0000000..0a7f482
--- /dev/null
+++ b/net-analyzer/suricata/files/fortify_source-numeric.patch
@@ -0,0 +1,11 @@
+--- a/src/suricata.c	2015-10-02 00:21:55.634213646 +0200
++++ b/src/suricata.c	2015-10-02 00:22:39.143940007 +0200
+@@ -774,7 +774,7 @@
+     printf("compiled with -fstack-protector-all\n");
+ #endif
+ #ifdef _FORTIFY_SOURCE
+-    printf("compiled with _FORTIFY_SOURCE=%d\n", _FORTIFY_SOURCE);
++    printf("compiled with _FORTIFY_SOURCE\n");
+ #endif
+ #ifdef CLS
+     printf("L1 cache line size (CLS)=%d\n", CLS);

diff --git a/net-analyzer/suricata/files/json.patch b/net-analyzer/suricata/files/json.patch
new file mode 100644
index 0000000..a542f35
--- /dev/null
+++ b/net-analyzer/suricata/files/json.patch
@@ -0,0 +1,10 @@
+--- src/output-json.h.orig	2015-11-21 21:56:24.996289587 +0100
++++ src/output-json.h	2015-11-21 21:57:11.419622642 +0100
+@@ -28,6 +28,7 @@
+ 
+ #ifdef HAVE_LIBJANSSON
+ 
++#include <jansson.h>
+ #include "suricata-common.h"
+ #include "util-buffer.h"
+ #include "util-logopenfile.h"

diff --git a/net-analyzer/suricata/files/magic-location.patch b/net-analyzer/suricata/files/magic-location.patch
new file mode 100644
index 0000000..02681f9
--- /dev/null
+++ b/net-analyzer/suricata/files/magic-location.patch
@@ -0,0 +1,13 @@
+diff --git a/configure.ac b/configure.ac
+index 8b41eb0..3cdf0e7 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -182,7 +182,7 @@
+     fi
+     echo -n "installation for $host OS... "
+ 
+-    e_magic_file="/usr/share/file/magic"
++    e_magic_file="/usr/share/misc/magic.mgc"
+     case "$host" in
+         *-*-*freebsd*)
+             LUA_PC_NAME="lua-5.1"

diff --git a/net-analyzer/suricata/metadata.xml b/net-analyzer/suricata/metadata.xml
new file mode 100644
index 0000000..34c1b31
--- /dev/null
+++ b/net-analyzer/suricata/metadata.xml
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+  <maintainer>
+    <email>slis@gentoo.org</email>
+  </maintainer>
+  <use>
+    <flag name="af-packet">Enable AF_PACKET support</flag>
+    <flag name="control-socket">Enable unix socket</flag>
+    <flag name="cuda">Enable NVIDIA Cuda computations support</flag>
+    <flag name="luajit">Enable Luajit support</flag>
+    <flag name="nflog">Enable libnetfilter_log support</flag>
+    <flag name="nfqueue">Enable AF_PACKET support</flag>
+    <flag name="rules">Enable AF_PACKET support</flag>
+  </use>
+</pkgmetadata>

diff --git a/net-analyzer/suricata/suricata-2.0.10.ebuild b/net-analyzer/suricata/suricata-2.0.10.ebuild
new file mode 100644
index 0000000..40b2740
--- /dev/null
+++ b/net-analyzer/suricata/suricata-2.0.10.ebuild
@@ -0,0 +1,119 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+inherit autotools eutils user
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="http://suricata-ids.org/"
+SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet control-socket cuda debug geoip hardened lua luajit nflog +nfqueue +rules test"
+
+DEPEND="
+	>=dev-libs/jansson-2.2
+	dev-libs/libpcre
+	dev-libs/libyaml
+	net-libs/libnet:*
+	net-libs/libnfnetlink
+	dev-libs/nspr
+	dev-libs/nss
+	net-libs/libpcap
+	sys-apps/file
+	cuda?       ( dev-util/nvidia-cuda-toolkit )
+	geoip?      ( dev-libs/geoip )
+	lua?        ( dev-lang/lua:* )
+	luajit?     ( dev-lang/luajit:* )
+	nflog?      ( net-libs/libnetfilter_log )
+	nfqueue?    ( net-libs/libnetfilter_queue )
+"
+# #446814
+#	prelude?    ( dev-libs/libprelude )
+#	pfring?     ( sys-process/numactl net-libs/pf_ring)
+#	system-htp? ( >=net-analyzer/htp-0.5.5 )
+RDEPEND="${DEPEND}"
+
+pkg_setup() {
+	enewgroup ${PN}
+	enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
+}
+
+src_prepare() {
+	epatch "${FILESDIR}/fortify_source-numeric.patch"
+	epatch "${FILESDIR}/magic-location.patch"
+	epatch "${FILESDIR}/json.patch"
+
+	eautoreconf
+}
+
+src_configure() {
+	local myeconfargs=(
+		"--localstatedir=/var/" \
+		"--disable-detection" \
+		$(use_enable af-packet) \
+		$(use_enable nfqueue) \
+		$(use_enable test coccinelle) \
+		$(use_enable test unittests) \
+		$(use_enable control-socket unix-socket)
+	)
+
+	if use cuda ; then
+		myeconfargs+=( $(use_enable cuda) )
+	fi
+	if use debug ; then
+		myeconfargs+=( $(use_enable debug) )
+	fi
+	if use geoip ; then
+		myeconfargs+=( $(use_enable geoip) )
+	fi
+	if use hardened ; then
+		myeconfargs+=( $(use_enable hardened gccprotect) )
+	fi
+	if use nflog ; then
+		myeconfargs+=( $(use_enable nflog) )
+	fi
+	# not supported yet (no pfring in portage)
+# 	if use pfring ; then
+# 		myeconfargs+=( $(use_enable pfring) )
+# 	fi
+	# no libprelude in portage
+# 	if use prelude ; then
+# 		myeconfargs+=( $(use_enable prelude) )
+# 	fi
+	# htp not added into portage yet
+# 	if use system-htp ; then
+# 		myeconfargs+=( $(use_enable system-htp non-bundled-htp) )
+# 	fi
+	if use lua ; then
+		myeconfargs+=( $(use_enable lua) )
+	fi
+	if use luajit ; then
+		myeconfargs+=( $(use_enable luajit) )
+	fi
+
+	LIBS+="-lrt -lnuma"
+
+	econf LIBS="${LIBS}" ${myeconfargs[@]}
+}
+
+src_install() {
+	emake DESTDIR="${D}" install
+
+	insinto "/etc/${PN}"
+	doins {classification,reference,threshold}.config suricata.yaml
+
+	if use rules ; then
+		insinto "/etc/${PN}/rules"
+		doins rules/*.rules
+	fi
+
+	dodir "/var/lib/${PN}"
+	dodir "/var/log/${PN}"
+	fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+	fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+}
\ No newline at end of file


^ permalink raw reply related	[flat|nested] 11+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, net-analyzer/suricata/files/
@ 2016-12-27  7:33 Slawek Lis
  0 siblings, 0 replies; 11+ messages in thread
From: Slawek Lis @ 2016-12-27  7:33 UTC (permalink / raw
  To: gentoo-commits

commit:     a43050c1456321619ef97dfdeb5a158593fef58d
Author:     Slawomir Lis <slis <AT> gentoo <DOT> org>
AuthorDate: Tue Dec 27 07:33:10 2016 +0000
Commit:     Slawek Lis <slis <AT> gentoo <DOT> org>
CommitDate: Tue Dec 27 07:33:10 2016 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a43050c1

net-analyzer/suricata: updated init script and config file

Updated way the script starts suricata, it allows to define config values
inline now.

Details in bug 602590.

Package-Manager: Portage-2.3.3, Repoman-2.3.1

 net-analyzer/suricata/files/suricata-3.2-conf |  4 ++--
 net-analyzer/suricata/files/suricata-3.2-init | 26 ++++++++++++--------------
 net-analyzer/suricata/suricata-3.2.ebuild     |  2 --
 3 files changed, 14 insertions(+), 18 deletions(-)

diff --git a/net-analyzer/suricata/files/suricata-3.2-conf b/net-analyzer/suricata/files/suricata-3.2-conf
index bc6e281..61715ba 100644
--- a/net-analyzer/suricata/files/suricata-3.2-conf
+++ b/net-analyzer/suricata/files/suricata-3.2-conf
@@ -23,8 +23,8 @@
 # 
 # You can then define the following options here:
 
-# SURICATA_OPTS_q0="-i eth0"
-# SURICATA_OPTS_q1="-i eth1"
+# SURICATA_OPTS_q0="-q 0"
+# SURICATA_OPTS_q1="-q 1"
 
 # If you want to use ${SURICATA_DIR}/suricata.yaml and start the service with /etc/init.d/suricata
 # then you can set:

diff --git a/net-analyzer/suricata/files/suricata-3.2-init b/net-analyzer/suricata/files/suricata-3.2-init
index 3a9c356..d612815 100644
--- a/net-analyzer/suricata/files/suricata-3.2-init
+++ b/net-analyzer/suricata/files/suricata-3.2-init
@@ -16,6 +16,7 @@ else
     SURICATAPID="/var/run/suricata/suricata.pid"
     SURICATAOPTS=${SURICATA_OPTS}
 fi
+[ -e ${SURICATACONF} ] && SURICATAOPTS="${SURICATAOPTS} -c ${SURICATACONF}"
 
 extra_commands="checkconfig"
 extra_started_commands="reload relog"
@@ -28,8 +29,9 @@ depend() {
 
 checkconfig() {
 	if [ ! -e ${SURICATACONF} ] ; then
-		eerror "You need to create ${SURICATACONF} to run ${SVCNAME}."
-		return 1
+		einfo "The configuration file ${SURICATACONF} was not found."
+		einfo "If this is OK then make sure you set enough options for ${SVCNAME} in /etc/conf.d/suricata."
+		einfo "Take a look at the suricata arguments --set and --dump-config."
 	fi
 	if [ ! -d "/var/run/suricata" ] ; then
 		checkpath -d /var/run/suricata
@@ -37,7 +39,7 @@ checkconfig() {
 }
 
 initpidinfo() {
-	[ -f ${SURICATAPID} ] && SUR_PID="$(cat ${SURICATAPID})"
+	[ -e ${SURICATAPID} ] && SUR_PID="$(cat ${SURICATAPID})"
 	if [ ${#SUR_PID} -gt 0 ]; then
 	    SUR_PID_CHECK="$(ps -eo pid | grep -c ${SUR_PID})"
 	    SUR_USER="$(ps -p ${SUR_PID} --no-headers -o user)"
@@ -46,7 +48,7 @@ initpidinfo() {
 
 checkpidinfo() {
 	initpidinfo
-        if [ ! -f ${SURICATAPID} ]; then
+        if [ ! -e ${SURICATAPID} ]; then
         	eerror "${SVCNAME} isn't running"
                 return 1
 	elif [ ${#SUR_PID} -eq 0 ] || [ $((SUR_PID_CHECK)) -ne 1 ]; then
@@ -65,12 +67,11 @@ start() {
 	checkconfig || return 1
 	ebegin "Starting ${SVCNAME}"
 	start-stop-daemon --start --quiet --exec ${SURICATA_BIN} \
-		-- --pidfile ${SURICATAPID} -D ${SURICATAOPTS} \
-		 -c ${SURICATACONF} >/dev/null 2>&1
+		-- --pidfile ${SURICATAPID} -D ${SURICATAOPTS} >/dev/null 2>&1
 	local SUR_EXIT=$?
 	if [ $((SUR_EXIT)) -ne 0 ]; then
 	    einfo "Could not start ${SURICATA_BIN} with:"
-	    einfo "--pidfile ${SURICATAPID} -D ${SURICATAOPTS} -c ${SURICATACONF}"
+	    einfo "--pidfile ${SURICATAPID} -D ${SURICATAOPTS}"
 	    einfo "Exit code ${SUR_EXIT}"
 	fi
 	eend ${SUR_EXIT}
@@ -80,14 +81,13 @@ stop() {
 	ebegin "Stopping ${SVCNAME}"
 	initpidinfo
 	start-stop-daemon --stop --quiet --pidfile ${SURICATAPID} >/dev/null 2>&1
-	einfon "Waiting for ${SVCNAME} to shut down. This can take a while..."
-	echo
+	einfo "Waiting for ${SVCNAME} to shut down. This can take a while..."
 	# max wait: 5 minutes as it can take quite a while on some systems with heavy traffic
 	local cnt=300
-	while [ -f ${SURICATAPID} ] && [ $cnt -gt 0 ]; do
+	while [ -e ${SURICATAPID} ] && [ $cnt -gt 0 ]; do
 	    cnt=$(expr $cnt - 1)
 	    sleep 1
-	    echo -ne "$cnt seconds left before we give up checking the PID file...\r"
+	    einfo -ne "$cnt seconds left before we give up checking the PID file...\r"
 	done
 	# under certain conditions suricata can be pretty slow and the PID can persist long after the pidfile has been removed
 	# max wait for process to terminate: 1 minute
@@ -95,19 +95,17 @@ stop() {
 	    cnt=60
 	    SUR_PID_CHECK="$(ps -eo pid | grep -c ${SUR_PID})"
 	    if [ $((SUR_PID_CHECK)) -ne 0 ]; then
-		echo
 		einfo "The PID file ${SURICATAPID} is gone but the ${SVCNAME} PID ${SUR_PID} is still running."
 		einfo "Waiting for process to shut down on its own. This can take a while..."
 	    fi
 	    while [ $((SUR_PID_CHECK)) -ne 0 ]; do
 		cnt=$(expr $cnt - 1)
 		if [ $cnt -lt 1 ] ; then
-		    echo
 		    eend 1 "Failed. You might need to kill PID ${SUR_PID} or find out why it can't be stopped."
 		    break
 		fi
 		sleep 1
-		echo -ne "$cnt seconds left before we give up checking PID ${SUR_PID}...\r"
+		einfo -ne "$cnt seconds left before we give up checking PID ${SUR_PID}...\r"
 		SUR_PID_CHECK="$(ps -eo pid | grep -c ${SUR_PID})"
 	    done
 	fi

diff --git a/net-analyzer/suricata/suricata-3.2.ebuild b/net-analyzer/suricata/suricata-3.2.ebuild
index 078186b..ba4903c 100644
--- a/net-analyzer/suricata/suricata-3.2.ebuild
+++ b/net-analyzer/suricata/suricata-3.2.ebuild
@@ -118,8 +118,6 @@ src_install() {
 
 	dodir "/var/lib/${PN}"
 	dodir "/var/log/${PN}"
-	dodir "/var/log/${PN}" \
-		"/var/lib/${PN}"
 
 	fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
 	fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"


^ permalink raw reply related	[flat|nested] 11+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, net-analyzer/suricata/files/
@ 2016-12-28  9:34 Slawek Lis
  0 siblings, 0 replies; 11+ messages in thread
From: Slawek Lis @ 2016-12-28  9:34 UTC (permalink / raw
  To: gentoo-commits

commit:     a382935f837f6a18529793813228cb2731e9d36f
Author:     Slawomir Lis <slis <AT> gentoo <DOT> org>
AuthorDate: Wed Dec 28 09:34:11 2016 +0000
Commit:     Slawek Lis <slis <AT> gentoo <DOT> org>
CommitDate: Wed Dec 28 09:34:11 2016 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a382935f

net-analyzer/suricata: Updated suricata logging and added logrotate file

I've also bumped revision number, as there are many changes, and those fixes
should finally close bug 602590.

Thanks to Vieri <rentorbuy <AT> yahoo.com> for support.

Package-Manager: Portage-2.3.3, Repoman-2.3.1

 net-analyzer/suricata/files/suricata-3.2-conf  |  11 +-
 net-analyzer/suricata/files/suricata-3.2-init  |  28 +++--
 net-analyzer/suricata/files/suricata-logrotate |   6 +
 net-analyzer/suricata/metadata.xml             |   1 +
 net-analyzer/suricata/suricata-3.2-r1.ebuild   | 161 +++++++++++++++++++++++++
 5 files changed, 189 insertions(+), 18 deletions(-)

diff --git a/net-analyzer/suricata/files/suricata-3.2-conf b/net-analyzer/suricata/files/suricata-3.2-conf
index d900ade..fc6885d 100644
--- a/net-analyzer/suricata/files/suricata-3.2-conf
+++ b/net-analyzer/suricata/files/suricata-3.2-conf
@@ -41,11 +41,6 @@ SURICATA_OPTS="-i eth0"
 
 # Log paths listed here will be created by the init script and will override the log path
 # set in the yaml file, if present.
-# SURICATA_LOG_PATH_q0="/var/log/suricata/q0"
-# SURICATA_LOG_PATH_q1="/var/log/suricata/q1"
-# SURICATA_LOG_PATH="/var/log/suricata"
-# SURICATA_LOG_FILE="suricata.log"
-
-# You can view all the available options you can set with --set
-# and check the full config settings in an easily parsable format.
-# SURICATA_DUMP=1
+# SURICATA_LOG_FILE_q0="/var/log/suricata/q0/suricata.log"
+# SURICATA_LOG_FILE_q1="/var/log/suricata/q1/suricata.log"
+# SURICATA_LOG_FILE="/var/log/suricata/suricata.log"

diff --git a/net-analyzer/suricata/files/suricata-3.2-init b/net-analyzer/suricata/files/suricata-3.2-init
index 3ec6afd..1717dbb 100644
--- a/net-analyzer/suricata/files/suricata-3.2-init
+++ b/net-analyzer/suricata/files/suricata-3.2-init
@@ -12,18 +12,23 @@ if [ -n "${SURICATA}" ] && [ ${SVCNAME} != "suricata" ]; then
     [ ${#SURICATACONF} -eq 0 ] && SURICATACONF="${SURICATA_DIR}/suricata-${SURICATA}.yaml" || SURICATACONF="${SURICATA_DIR}/${SURICATACONF}"
     SURICATAPID="/var/run/suricata/suricata.${SURICATA}.pid"
     eval SURICATAOPTS=\$SURICATA_OPTS_${SURICATAID}
-    eval SURICATALOGPATH=\$SURICATA_LOG_PATH_${SURICATAID}
+    eval SURICATALOGPATH=\$SURICATA_LOG_FILE_${SURICATAID}
 else
     SURICATACONF=${SURICATA_CONF}
     [ ${#SURICATACONF} -eq 0 ] && SURICATACONF="${SURICATA_DIR}/suricata.yaml" || SURICATACONF="${SURICATA_DIR}/${SURICATACONF}"
     SURICATAPID="/var/run/suricata/suricata.pid"
     SURICATAOPTS=${SURICATA_OPTS}
-    SURICATALOGPATH=${SURICATA_LOG_PATH}
+    SURICATALOGPATH=${SURICATA_LOG_FILE}
 fi
 [ -e ${SURICATACONF} ] && SURICATAOPTS="${SURICATAOPTS} -c ${SURICATACONF}"
 
-extra_commands="checkconfig"
+description="Suricata IDS/IPS"
+extra_commands="checkconfig dump"
+description_checkconfig="Check config for ${SVCNAME}"
+description_dump="List all config values that can be used with --set"
 extra_started_commands="reload relog"
+description_reload="Live rule and config reload"
+description_relog="Close and re-open all log files"
 
 depend() {
 	need net
@@ -41,10 +46,12 @@ checkconfig() {
 		checkpath -d /var/run/suricata
 	fi
 	if [ ${#SURICATALOGPATH} -gt 0 ]; then
+		SURICATALOGFILE=$( basename ${SURICATA_LOG_FILE} )
+		SURICATALOGFILE=${SURICATALOGFILE:-suricata.log}
+		SURICATALOGPATH=$( dirname ${SURICATALOGPATH} )
 		if [ ! -d "${SURICATALOGPATH}" ] ; then
 			checkpath -d "${SURICATALOGPATH}"
 		fi
-		SURICATALOGFILE=${SURICATA_LOG_FILE:-suricata.log}
 		SURICATAOPTS="${SURICATAOPTS} --set logging.outputs.1.file.filename=${SURICATALOGPATH}/${SURICATALOGFILE}"
 		SURICATALOGPATH="-l ${SURICATALOGPATH}"
 	fi
@@ -77,12 +84,6 @@ checkpidinfo() {
 
 start() {
 	checkconfig || return 1
-	if [ $((SURICATA_DUMP)) -eq 1 ]; then
-	    einfo "Dumping ${SVCNAME} config values and quitting."
-	    ${SURICATA_BIN} --dump-config --pidfile ${SURICATAPID} ${SURICATAOPTS} ${SURICATALOGPATH}
-	    einfo "You need to disable SURICATA_DUMP to start ${SVCNAME}."
-	    return 1
-	fi
 	ebegin "Starting ${SVCNAME}"
 	start-stop-daemon --start --quiet --exec ${SURICATA_BIN} \
 		-- --pidfile ${SURICATAPID} -D ${SURICATAOPTS} ${SURICATALOGPATH} >/dev/null 2>&1
@@ -145,3 +146,10 @@ relog() {
 	start-stop-daemon --signal HUP --pidfile ${SURICATAPID}
 	eend $?
 }
+
+dump() {
+	checkconfig || return 1
+	ebegin "Dumping ${SVCNAME} config values and quitting."
+	${SURICATA_BIN} --dump-config --pidfile ${SURICATAPID} ${SURICATAOPTS} ${SURICATALOGPATH}
+	eend $?
+}

diff --git a/net-analyzer/suricata/files/suricata-logrotate b/net-analyzer/suricata/files/suricata-logrotate
new file mode 100644
index 00000000..0dc145b
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata-logrotate
@@ -0,0 +1,6 @@
+/var/log/suricata/* {
+	missingok
+	postrotate
+		/etc/init.d/suricata reload
+	endscript
+}

diff --git a/net-analyzer/suricata/metadata.xml b/net-analyzer/suricata/metadata.xml
index e538ae1..58878c6 100644
--- a/net-analyzer/suricata/metadata.xml
+++ b/net-analyzer/suricata/metadata.xml
@@ -14,5 +14,6 @@
     <flag name="nfqueue">Enable NFQUEUE support for inline IDP</flag>
     <flag name="redis">Enable Redis support</flag>
     <flag name="rules">Install default ruleset</flag>
+    <flag name="logrotate">Install logrotate rule</flag>
   </use>
 </pkgmetadata>

diff --git a/net-analyzer/suricata/suricata-3.2-r1.ebuild b/net-analyzer/suricata/suricata-3.2-r1.ebuild
new file mode 100644
index 00000000..816a69d
--- /dev/null
+++ b/net-analyzer/suricata/suricata-3.2-r1.ebuild
@@ -0,0 +1,161 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+inherit autotools eutils user
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="http://suricata-ids.org/"
+SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet control-socket cuda debug +detection geoip hardened logrotate lua luajit nflog +nfqueue redis +rules test"
+
+DEPEND="
+	>=dev-libs/jansson-2.2
+	dev-libs/libpcre
+	dev-libs/libyaml
+	net-libs/libnet:*
+	net-libs/libnfnetlink
+	dev-libs/nspr
+	dev-libs/nss
+	>=net-libs/libhtp-0.5.20
+	net-libs/libpcap
+	sys-apps/file
+	cuda?       ( dev-util/nvidia-cuda-toolkit )
+	geoip?      ( dev-libs/geoip )
+	lua?        ( dev-lang/lua:* )
+	luajit?     ( dev-lang/luajit:* )
+	nflog?      ( net-libs/libnetfilter_log )
+	nfqueue?    ( net-libs/libnetfilter_queue )
+	redis?      ( dev-libs/hiredis )
+	logrotate?      ( app-admin/logrotate )
+"
+# #446814
+#	prelude?    ( dev-libs/libprelude )
+#	pfring?     ( sys-process/numactl net-libs/pf_ring)
+RDEPEND="${DEPEND}"
+
+pkg_setup() {
+	enewgroup ${PN}
+	enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
+}
+
+src_prepare() {
+	eautoreconf
+}
+
+src_configure() {
+	local myeconfargs=(
+		"--localstatedir=/var/" \
+		"--enable-non-bundled-htp" \
+		$(use_enable af-packet) \
+		$(use_enable detection) \
+		$(use_enable nfqueue) \
+		$(use_enable test coccinelle) \
+		$(use_enable test unittests) \
+		$(use_enable control-socket unix-socket)
+	)
+
+	if use cuda ; then
+		myeconfargs+=( $(use_enable cuda) )
+	fi
+	if use geoip ; then
+		myeconfargs+=( $(use_enable geoip) )
+	fi
+	if use hardened ; then
+		myeconfargs+=( $(use_enable hardened gccprotect) )
+	fi
+	if use nflog ; then
+		myeconfargs+=( $(use_enable nflog) )
+	fi
+	if use redis ; then
+		myeconfargs+=( $(use_enable redis hiredis) )
+	fi
+	# not supported yet (no pfring in portage)
+# 	if use pfring ; then
+# 		myeconfargs+=( $(use_enable pfring) )
+# 	fi
+	# no libprelude in portage
+# 	if use prelude ; then
+# 		myeconfargs+=( $(use_enable prelude) )
+# 	fi
+	if use lua ; then
+		myeconfargs+=( $(use_enable lua) )
+	fi
+	if use luajit ; then
+		myeconfargs+=( $(use_enable luajit) )
+	fi
+
+# this should be used when pf_ring use flag support will be added
+# 	LIBS+="-lrt -lnuma"
+
+	# avoid upstream configure script trying to add -march=native to CFLAGS
+	myeconfargs+=( --enable-gccmarch-native=no )
+
+	if use debug ; then
+		myeconfargs+=( $(use_enable debug) )
+		# so we can get a backtrace according to "reporting bugs" on upstream web site
+		CFLAGS="-ggdb -O0" econf LIBS="${LIBS}" ${myeconfargs[@]}
+	else
+		econf LIBS="${LIBS}" ${myeconfargs[@]}
+	fi
+}
+
+src_install() {
+	emake DESTDIR="${D}" install
+
+	insinto "/etc/${PN}"
+	doins {classification,reference,threshold}.config suricata.yaml
+
+	if use rules ; then
+		insinto "/etc/${PN}/rules"
+		doins rules/*.rules
+	fi
+
+	dodir "/var/lib/${PN}"
+	dodir "/var/log/${PN}"
+	dodir "/var/log/${PN}" \
+		"/var/lib/${PN}"
+
+	fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+	fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+
+	newinitd "${FILESDIR}/${P}-init" ${PN}
+	newconfd "${FILESDIR}/${P}-conf" ${PN}
+
+	if use logrotate; then
+		insopts -m0644
+		insinto /etc/logrotate.d
+		newins "${FILESDIR}"/${PN}.logrotate ${PN}
+	fi
+}
+
+pkg_postinst() {
+	elog "The ${PN} init script expects to find the path to the configuration"
+	elog "file as well as extra options in /etc/conf.d."
+	elog ""
+	elog "To create more than one ${PN} service, simply create a new .yaml file for it"
+	elog "then create a symlink to the init script from a link called"
+	elog "${PN}.foo - like so"
+	elog "   cd /etc/${PN}"
+	elog "   ${EDITOR##*/} suricata-foo.yaml"
+	elog "   cd /etc/init.d"
+	elog "   ln -s ${PN} ${PN}.foo"
+	elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
+	elog ""
+	elog "You can create as many ${PN}.foo* services as you wish."
+
+	if use logrotate; then
+		elog "You enabled the logrotate USE flag. Please make sure you correctly set up the ${PN} logortate config file in /etc/logrotate.d/."
+	fi
+
+	if use debug; then
+		elog "You enabled the debug USE flag. Please read this link to report bugs upstream:"
+		elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
+	fi
+}


^ permalink raw reply related	[flat|nested] 11+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, net-analyzer/suricata/files/
@ 2016-12-28 13:10 Slawek Lis
  0 siblings, 0 replies; 11+ messages in thread
From: Slawek Lis @ 2016-12-28 13:10 UTC (permalink / raw
  To: gentoo-commits

commit:     2c174cb604c2c99f9d9e8ac4fab438d0aedf7ab1
Author:     Slawomir Lis <slis <AT> gentoo <DOT> org>
AuthorDate: Wed Dec 28 12:59:11 2016 +0000
Commit:     Slawek Lis <slis <AT> gentoo <DOT> org>
CommitDate: Wed Dec 28 12:59:11 2016 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2c174cb6

net-analyzer/suricata: Dropping user privs in init script

Bug #602590

Package-Manager: Portage-2.3.3, Repoman-2.3.1

 net-analyzer/suricata/files/suricata-3.2-conf | 12 ++++++++-
 net-analyzer/suricata/files/suricata-3.2-init | 39 ++++++++++++++++++++-------
 net-analyzer/suricata/suricata-3.2-r1.ebuild  |  5 ++--
 3 files changed, 43 insertions(+), 13 deletions(-)

diff --git a/net-analyzer/suricata/files/suricata-3.2-conf b/net-analyzer/suricata/files/suricata-3.2-conf
index fc6885d..d8466b4 100644
--- a/net-analyzer/suricata/files/suricata-3.2-conf
+++ b/net-analyzer/suricata/files/suricata-3.2-conf
@@ -29,7 +29,7 @@
 # SURICATA_CONF="suricata.yaml"
 
 # You can define the options here:
-# NB: avoid using -l, -c and setting logging.outputs.1.file.filename as the init script will try to set them for you.
+# NB: avoid using -l, -c, --user, --group and setting logging.outputs.1.file.filename as the init script will try to set them for you.
 
 # SURICATA_OPTS_q0="-q 0"
 # SURICATA_OPTS_q1="-q 1"
@@ -44,3 +44,13 @@ SURICATA_OPTS="-i eth0"
 # SURICATA_LOG_FILE_q0="/var/log/suricata/q0/suricata.log"
 # SURICATA_LOG_FILE_q1="/var/log/suricata/q1/suricata.log"
 # SURICATA_LOG_FILE="/var/log/suricata/suricata.log"
+
+# Run as user/group.
+# Do not define if you want to run as root or as the user defined in the yaml config file (run-as).
+# The ebuild should have created the dedicated user/group suricata:suricata for you to specify here below.
+# SURICATA_USER_q0="suricata"
+# SURICATA_GROUP_q0="suricata"
+# SURICATA_USER_q1="suricata"
+# SURICATA_GROUP_q1="suricata"
+# SURICATA_USER="suricata"
+# SURICATA_GROUP="suricata"

diff --git a/net-analyzer/suricata/files/suricata-3.2-init b/net-analyzer/suricata/files/suricata-3.2-init
index 1717dbb..b276f49 100644
--- a/net-analyzer/suricata/files/suricata-3.2-init
+++ b/net-analyzer/suricata/files/suricata-3.2-init
@@ -13,13 +13,19 @@ if [ -n "${SURICATA}" ] && [ ${SVCNAME} != "suricata" ]; then
     SURICATAPID="/var/run/suricata/suricata.${SURICATA}.pid"
     eval SURICATAOPTS=\$SURICATA_OPTS_${SURICATAID}
     eval SURICATALOGPATH=\$SURICATA_LOG_FILE_${SURICATAID}
+    eval SURICATAUSER=\$SURICATA_USER_${SURICATAID}
+    eval SURICATAGROUP=\$SURICATA_GROUP_${SURICATAID}
 else
     SURICATACONF=${SURICATA_CONF}
     [ ${#SURICATACONF} -eq 0 ] && SURICATACONF="${SURICATA_DIR}/suricata.yaml" || SURICATACONF="${SURICATA_DIR}/${SURICATACONF}"
     SURICATAPID="/var/run/suricata/suricata.pid"
     SURICATAOPTS=${SURICATA_OPTS}
     SURICATALOGPATH=${SURICATA_LOG_FILE}
+    SURICATAUSER=${SURICATA_USER}
+    SURICATAGROUP=${SURICATA_GROUP}
 fi
+SURICATAUSER=${SURICATAUSER:-${SURICATA_USER}}
+SURICATAGROUP=${SURICATAGROUP:-${SURICATA_GROUP}}
 [ -e ${SURICATACONF} ] && SURICATAOPTS="${SURICATAOPTS} -c ${SURICATACONF}"
 
 description="Suricata IDS/IPS"
@@ -37,11 +43,6 @@ depend() {
 }
 
 checkconfig() {
-	if [ ! -e ${SURICATACONF} ] ; then
-		einfo "The configuration file ${SURICATACONF} was not found."
-		einfo "If this is OK then make sure you set enough options for ${SVCNAME} in /etc/conf.d/suricata."
-		einfo "Take a look at the suricata arguments --set and --dump-config."
-	fi
 	if [ ! -d "/var/run/suricata" ] ; then
 		checkpath -d /var/run/suricata
 	fi
@@ -52,9 +53,22 @@ checkconfig() {
 		if [ ! -d "${SURICATALOGPATH}" ] ; then
 			checkpath -d "${SURICATALOGPATH}"
 		fi
+		if [ ${#SURICATAUSER} -gt 0 ] && [ ${#SURICATAGROUP} -gt 0 ] && [ -e "${SURICATALOGPATH}" ]; then
+			chown ${SURICATAUSER}:${SURICATAGROUP} "${SURICATALOGPATH}" || return 1
+			chown ${SURICATAUSER}:${SURICATAGROUP} "${SURICATALOGPATH}"/* >/dev/null 2>&1 3>&1
+		fi
 		SURICATAOPTS="${SURICATAOPTS} --set logging.outputs.1.file.filename=${SURICATALOGPATH}/${SURICATALOGFILE}"
 		SURICATALOGPATH="-l ${SURICATALOGPATH}"
 	fi
+	if [ ! -e ${SURICATACONF} ] ; then
+		einfo "The configuration file ${SURICATACONF} was not found."
+		einfo "If this is OK then make sure you set enough options for ${SVCNAME} in /etc/conf.d/suricata."
+		einfo "Take a look at the suricata arguments --set and --dump-config."
+	fi
+	if [ ${#SURICATAUSER} -gt 0 ] && [ ${#SURICATAGROUP} -gt 0 ]; then
+		einfo "${SVCNAME} will run as user ${SURICATAUSER}:${SURICATAGROUP}."
+		SURICATAOPTS="${SURICATAOPTS} --user=${SURICATAUSER} --group=${SURICATAGROUP}"
+	fi
 }
 
 initpidinfo() {
@@ -77,8 +91,7 @@ checkpidinfo() {
 		eerror "Unable to determine user running ${SVCNAME}!"
 		return 1
 	elif [ "x${SUR_USER}" != "xroot" ]; then
-		eerror "${SVCNAME} must be running as root for reload or relog to work!"
-		return 1
+		ewarn "${SVCNAME} may need to be running as root or as a priviledged user for the extra commands reload and relog to work."
         fi
 }
 
@@ -135,7 +148,11 @@ reload() {
 	checkpidinfo || return 1
 	checkconfig || return 1
 	ebegin "Sending USR2 signal to ${SVCNAME} to perform a live rule and config reload."
-	start-stop-daemon --signal USR2 --pidfile ${SURICATAPID}
+	if [ ${#SURICATAUSER} -gt 0 ] && [ ${#SURICATAGROUP} -gt 0 ]; then
+		start-stop-daemon --user ${SURICATAUSER} --group ${SURICATAGROUP} --signal USR2 --pidfile ${SURICATAPID}
+	else
+		start-stop-daemon --signal USR2 --pidfile ${SURICATAPID}
+	fi
 	eend $?
 }
 
@@ -143,7 +160,11 @@ relog() {
 	checkpidinfo || return 1
 	checkconfig || return 1
 	ebegin "Sending HUP signal to ${SVCNAME} to close and re-open all log files."
-	start-stop-daemon --signal HUP --pidfile ${SURICATAPID}
+	if [ ${#SURICATAUSER} -gt 0 ] && [ ${#SURICATAGROUP} -gt 0 ]; then
+		start-stop-daemon --user ${SURICATAUSER} --group ${SURICATAGROUP} --signal HUP --pidfile ${SURICATAPID}
+	else
+		start-stop-daemon --signal HUP --pidfile ${SURICATAPID}
+	fi
 	eend $?
 }
 

diff --git a/net-analyzer/suricata/suricata-3.2-r1.ebuild b/net-analyzer/suricata/suricata-3.2-r1.ebuild
index 816a69d..ee724a5 100644
--- a/net-analyzer/suricata/suricata-3.2-r1.ebuild
+++ b/net-analyzer/suricata/suricata-3.2-r1.ebuild
@@ -34,6 +34,7 @@ DEPEND="
 	nfqueue?    ( net-libs/libnetfilter_queue )
 	redis?      ( dev-libs/hiredis )
 	logrotate?      ( app-admin/logrotate )
+	sys-libs/libcap-ng
 "
 # #446814
 #	prelude?    ( dev-libs/libprelude )
@@ -119,8 +120,6 @@ src_install() {
 
 	dodir "/var/lib/${PN}"
 	dodir "/var/log/${PN}"
-	dodir "/var/log/${PN}" \
-		"/var/lib/${PN}"
 
 	fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
 	fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
@@ -151,7 +150,7 @@ pkg_postinst() {
 	elog "You can create as many ${PN}.foo* services as you wish."
 
 	if use logrotate; then
-		elog "You enabled the logrotate USE flag. Please make sure you correctly set up the ${PN} logortate config file in /etc/logrotate.d/."
+		elog "You enabled the logrotate USE flag. Please make sure you correctly set up the ${PN} logrotate config file in /etc/logrotate.d/."
 	fi
 
 	if use debug; then


^ permalink raw reply related	[flat|nested] 11+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, net-analyzer/suricata/files/
@ 2018-06-11 14:04 Marek Szuba
  0 siblings, 0 replies; 11+ messages in thread
From: Marek Szuba @ 2018-06-11 14:04 UTC (permalink / raw
  To: gentoo-commits

commit:     c35f490c5944f47bdcc633d70056ee8f433c3a44
Author:     Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Mon Jun 11 14:02:10 2018 +0000
Commit:     Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Mon Jun 11 14:04:06 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c35f490c

net-analyzer/suricata: bump to 4.0.4 + fix Lua USE flags

Invoking maintainer timeout on both issues.

Closes: https://bugs.gentoo.org/652344
Package-Manager: Portage-2.3.40, Repoman-2.3.9

 net-analyzer/suricata/Manifest                     |   1 +
 .../files/suricata-4.0.4_configure-lua-flags.patch |  16 ++
 net-analyzer/suricata/suricata-4.0.4.ebuild        | 168 +++++++++++++++++++++
 3 files changed, 185 insertions(+)

diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index b3ab446f9d9..cc70d0f7283 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1 +1,2 @@
 DIST suricata-4.0.3.tar.gz 12392388 BLAKE2B 9b6338b343ff85f070d61608ff9dc7f25df868fdffbc13b5a8d245cb3db5cd757cb1785c827c388653b2f8a7977129259671900bc1abfebeb878a668b4058bdf SHA512 aa6b6d1ae86efad0184ba4fa06375f34334e07c22b7b1f82bf17fcb0ae48ad7f867bced57ab4f713de01583965e1260cb82e1355f78002071b689dddd3b53892
+DIST suricata-4.0.4.tar.gz 12511121 BLAKE2B d9dfb00a45c2e9810409a8ce91a83e23ebce20eb28492bf24f9688d292b5805dca932c39cc673cf1148325fe5ef7936dda7f6c7819605753cb2e2ddc1cf5dba0 SHA512 6e158aa6d3edb9d11e0df3f986392ee2ae49ab4dfb978288ced4484dbe5c08ae061db2a566be6d22cf14bd0b88f87f9cb9c0a657d7fc44e099b8783d933c771e

diff --git a/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch b/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch
new file mode 100644
index 00000000000..bad66359afa
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch
@@ -0,0 +1,16 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -1749,11 +1749,11 @@
+   # liblua
+     AC_ARG_ENABLE(lua,
+ 	        AS_HELP_STRING([--enable-lua],[Enable Lua support]),
+-	        [ enable_lua="yes"],
++	        [],
+ 	        [ enable_lua="no"])
+     AC_ARG_ENABLE(luajit,
+ 	        AS_HELP_STRING([--enable-luajit],[Enable Luajit support]),
+-	        [ enable_luajit="yes"],
++	        [],
+ 	        [ enable_luajit="no"])
+     if test "$enable_lua" = "yes"; then
+         if test "$enable_luajit" = "yes"; then

diff --git a/net-analyzer/suricata/suricata-4.0.4.ebuild b/net-analyzer/suricata/suricata-4.0.4.ebuild
new file mode 100644
index 00000000000..2622dccdb3b
--- /dev/null
+++ b/net-analyzer/suricata/suricata-4.0.4.ebuild
@@ -0,0 +1,168 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=5
+
+inherit autotools eutils user
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="https://suricata-ids.org/"
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet control-socket cuda debug +detection geoip hardened logrotate lua luajit nflog +nfqueue redis +rules test"
+
+DEPEND="
+	>=dev-libs/jansson-2.2
+	dev-libs/libpcre
+	dev-libs/libyaml
+	net-libs/libnet:*
+	net-libs/libnfnetlink
+	dev-libs/nspr
+	dev-libs/nss
+	>=net-libs/libhtp-0.5.20
+	net-libs/libpcap
+	sys-apps/file
+	cuda?       ( dev-util/nvidia-cuda-toolkit )
+	geoip?      ( dev-libs/geoip )
+	lua?        ( dev-lang/lua:* )
+	luajit?     ( dev-lang/luajit:* )
+	nflog?      ( net-libs/libnetfilter_log )
+	nfqueue?    ( net-libs/libnetfilter_queue )
+	redis?      ( dev-libs/hiredis )
+	logrotate?      ( app-admin/logrotate )
+	sys-libs/libcap-ng
+"
+# #446814
+#	prelude?    ( dev-libs/libprelude )
+#	pfring?     ( sys-process/numactl net-libs/pf_ring)
+RDEPEND="${DEPEND}"
+
+pkg_setup() {
+	enewgroup ${PN}
+	enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
+}
+
+src_prepare() {
+	epatch "${FILESDIR}"/${P}_configure-lua-flags.patch
+	eautoreconf
+}
+
+src_configure() {
+	local myeconfargs=(
+		"--localstatedir=/var/" \
+		"--enable-non-bundled-htp" \
+		$(use_enable af-packet) \
+		$(use_enable detection) \
+		$(use_enable nfqueue) \
+		$(use_enable test coccinelle) \
+		$(use_enable test unittests) \
+		$(use_enable control-socket unix-socket)
+	)
+
+	if use cuda ; then
+		myeconfargs+=( $(use_enable cuda) )
+	fi
+	if use geoip ; then
+		myeconfargs+=( $(use_enable geoip) )
+	fi
+	if use hardened ; then
+		myeconfargs+=( $(use_enable hardened gccprotect) )
+	fi
+	if use nflog ; then
+		myeconfargs+=( $(use_enable nflog) )
+	fi
+	if use redis ; then
+		myeconfargs+=( $(use_enable redis hiredis) )
+	fi
+	# not supported yet (no pfring in portage)
+# 	if use pfring ; then
+# 		myeconfargs+=( $(use_enable pfring) )
+# 	fi
+	# no libprelude in portage
+# 	if use prelude ; theng
+# 		myeconfargs+=( $(use_enable prelude) )
+# 	fi
+	if use lua ; then
+		myeconfargs+=( $(use_enable lua) )
+	fi
+	if use luajit ; then
+		myeconfargs+=( $(use_enable luajit) )
+	fi
+	if (use !lua) && (use !luajit) ; then
+		myeconfargs+=(
+			--disable-lua
+			--disable-luajit
+		)
+	fi
+
+# this should be used when pf_ring use flag support will be added
+# 	LIBS+="-lrt -lnuma"
+
+	# avoid upstream configure script trying to add -march=native to CFLAGS
+	myeconfargs+=( --enable-gccmarch-native=no )
+
+	if use debug ; then
+		myeconfargs+=( $(use_enable debug) )
+		# so we can get a backtrace according to "reporting bugs" on upstream web site
+		CFLAGS="-ggdb -O0" econf LIBS="${LIBS}" ${myeconfargs[@]}
+	else
+		econf LIBS="${LIBS}" ${myeconfargs[@]}
+	fi
+}
+
+src_install() {
+	emake DESTDIR="${D}" install
+
+	insinto "/etc/${PN}"
+	doins {classification,reference,threshold}.config suricata.yaml
+
+	if use rules ; then
+		insinto "/etc/${PN}/rules"
+		doins rules/*.rules
+	fi
+
+	dodir "/var/lib/${PN}"
+	dodir "/var/log/${PN}"
+
+	fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+	fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+
+	newinitd "${FILESDIR}/${PN}-4.0.3-init" ${PN}
+	newconfd "${FILESDIR}/${PN}-4.0.3-conf" ${PN}
+
+	if use logrotate; then
+		insopts -m0644
+		insinto /etc/logrotate.d
+		newins "${FILESDIR}"/${PN}-logrotate ${PN}
+	fi
+}
+
+pkg_postinst() {
+	elog "The ${PN} init script expects to find the path to the configuration"
+	elog "file as well as extra options in /etc/conf.d."
+	elog ""
+	elog "To create more than one ${PN} service, simply create a new .yaml file for it"
+	elog "then create a symlink to the init script from a link called"
+	elog "${PN}.foo - like so"
+	elog "   cd /etc/${PN}"
+	elog "   ${EDITOR##*/} suricata-foo.yaml"
+	elog "   cd /etc/init.d"
+	elog "   ln -s ${PN} ${PN}.foo"
+	elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
+	elog ""
+	elog "You can create as many ${PN}.foo* services as you wish."
+
+	if use logrotate; then
+		elog "You enabled the logrotate USE flag. Please make sure you correctly set up the ${PN} logrotate config file in /etc/logrotate.d/."
+	fi
+
+	if use debug; then
+		elog "You enabled the debug USE flag. Please read this link to report bugs upstream:"
+		elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
+		elog "You need to also ensure the FEATURES variable in make.conf contains the"
+		elog "'nostrip' option to produce useful core dumps or back traces."
+	fi
+}


^ permalink raw reply related	[flat|nested] 11+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, net-analyzer/suricata/files/
@ 2019-09-08 19:25 Slawek Lis
  0 siblings, 0 replies; 11+ messages in thread
From: Slawek Lis @ 2019-09-08 19:25 UTC (permalink / raw
  To: gentoo-commits

commit:     bbf4c30078e27adf7f6af90223cf03a333b2eb28
Author:     Slawomir Lis <slis <AT> gentoo <DOT> org>
AuthorDate: Sun Sep  8 19:02:22 2019 +0000
Commit:     Slawek Lis <slis <AT> gentoo <DOT> org>
CommitDate: Sun Sep  8 19:24:41 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bbf4c300

net-analyzer/suricata: Updated init.d and conf.d default pathes

Package-Manager: Portage-2.3.75, Repoman-2.3.17
Signed-off-by: Slawek Lis <slis <AT> gentoo.org>

 .../suricata/files/{suricata-4.0.3-conf => suricata-4.0.4-conf}       | 0
 .../suricata/files/{suricata-4.0.3-init => suricata-4.0.4-init}       | 2 +-
 net-analyzer/suricata/suricata-4.0.4.ebuild                           | 4 ++--
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/net-analyzer/suricata/files/suricata-4.0.3-conf b/net-analyzer/suricata/files/suricata-4.0.4-conf
similarity index 100%
rename from net-analyzer/suricata/files/suricata-4.0.3-conf
rename to net-analyzer/suricata/files/suricata-4.0.4-conf

diff --git a/net-analyzer/suricata/files/suricata-4.0.3-init b/net-analyzer/suricata/files/suricata-4.0.4-init
similarity index 99%
rename from net-analyzer/suricata/files/suricata-4.0.3-init
rename to net-analyzer/suricata/files/suricata-4.0.4-init
index f54ba3a5e23..1db8137f31a 100644
--- a/net-analyzer/suricata/files/suricata-4.0.3-init
+++ b/net-analyzer/suricata/files/suricata-4.0.4-init
@@ -1,5 +1,5 @@
 #!/sbin/openrc-run
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2019 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 SURICATA_BIN=/usr/bin/suricata

diff --git a/net-analyzer/suricata/suricata-4.0.4.ebuild b/net-analyzer/suricata/suricata-4.0.4.ebuild
index f476bfe2ae2..eea47cd01bd 100644
--- a/net-analyzer/suricata/suricata-4.0.4.ebuild
+++ b/net-analyzer/suricata/suricata-4.0.4.ebuild
@@ -131,8 +131,8 @@ src_install() {
 	fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
 	fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
 
-	newinitd "${FILESDIR}/${PN}-4.0.3-init" ${PN}
-	newconfd "${FILESDIR}/${PN}-4.0.3-conf" ${PN}
+	newinitd "${FILESDIR}/${P}-init" ${PN}
+	newconfd "${FILESDIR}/${P}-conf" ${PN}
 
 	if use logrotate; then
 		insopts -m0644


^ permalink raw reply related	[flat|nested] 11+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, net-analyzer/suricata/files/
@ 2019-12-16 16:05 Marek Szuba
  0 siblings, 0 replies; 11+ messages in thread
From: Marek Szuba @ 2019-12-16 16:05 UTC (permalink / raw
  To: gentoo-commits

commit:     da28437322994c655e77d94dcd82d01d575fce58
Author:     Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Mon Dec 16 15:56:33 2019 +0000
Commit:     Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Mon Dec 16 16:05:06 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=da284373

net-analyzer/suricata: bump to 5.0.0 and EAPI 7

Package-Manager: Portage-2.3.79, Repoman-2.3.16
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>

 net-analyzer/suricata/Manifest                     |   1 +
 .../files/suricata-5.0.0_configure-lua-flags.patch |  16 ++
 ...suricata-5.0.0_configure-no-lz4-automagic.patch |  23 +++
 .../files/suricata-5.0.0_default-config.patch      |  61 +++++++
 net-analyzer/suricata/files/suricata.service       |  21 +++
 net-analyzer/suricata/files/suricata.tmpfiles      |   1 +
 net-analyzer/suricata/metadata.xml                 |   6 +-
 net-analyzer/suricata/suricata-5.0.0.ebuild        | 185 +++++++++++++++++++++
 8 files changed, 313 insertions(+), 1 deletion(-)

diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index fe67675774d..72532b86510 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1 +1,2 @@
 DIST suricata-4.0.4.tar.gz 12511121 BLAKE2B d9dfb00a45c2e9810409a8ce91a83e23ebce20eb28492bf24f9688d292b5805dca932c39cc673cf1148325fe5ef7936dda7f6c7819605753cb2e2ddc1cf5dba0 SHA512 6e158aa6d3edb9d11e0df3f986392ee2ae49ab4dfb978288ced4484dbe5c08ae061db2a566be6d22cf14bd0b88f87f9cb9c0a657d7fc44e099b8783d933c771e
+DIST suricata-5.0.0.tar.gz 23689051 BLAKE2B 701625d50dacbeb846d7ea1c3aad3980969c1c0124c007d843353fe25b7e579378d2cd125db4660e33fff1f8cf20eac4bbafe280ba6ff31f988fb6c42b29b6aa SHA512 0dc8941fdf29d615531eeda6f6076052cca79fda6dda3c96300c08b343a64a1700fd23dd83a03507009ab7c9b19c91b65ee65e704f55ddee17764b71e9e2911e

diff --git a/net-analyzer/suricata/files/suricata-5.0.0_configure-lua-flags.patch b/net-analyzer/suricata/files/suricata-5.0.0_configure-lua-flags.patch
new file mode 100644
index 00000000000..be956fd94d4
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata-5.0.0_configure-lua-flags.patch
@@ -0,0 +1,16 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -1749,11 +1749,11 @@
+   # liblua
+     AC_ARG_ENABLE(lua,
+ 	        AS_HELP_STRING([--enable-lua],[Enable Lua support]),
+-	        [ enable_lua="$enableval"],
++	        [],
+ 	        [ enable_lua="no"])
+     AC_ARG_ENABLE(luajit,
+ 	        AS_HELP_STRING([--enable-luajit],[Enable Luajit support]),
+-	        [ enable_luajit="$enableval"],
++	        [],
+ 	        [ enable_luajit="no"])
+     if test "$enable_lua" = "yes"; then
+         if test "$enable_luajit" = "yes"; then

diff --git a/net-analyzer/suricata/files/suricata-5.0.0_configure-no-lz4-automagic.patch b/net-analyzer/suricata/files/suricata-5.0.0_configure-no-lz4-automagic.patch
new file mode 100644
index 00000000000..5efce46f6d9
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata-5.0.0_configure-no-lz4-automagic.patch
@@ -0,0 +1,23 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -2292,7 +2292,11 @@
+     fi
+ 
+ # Check for lz4
+-enable_liblz4="yes"
++AC_ARG_ENABLE(lz4,
++       AS_HELP_STRING([--enable-lz4], [Enable compressed pcap logging using liblz4]),
++       [enable_liblz4=$enableval],
++       [enable_liblz4=yes])
++if test "x$enable_liblz4" != "xno"; then
+ AC_CHECK_LIB(lz4, LZ4F_createCompressionContext, , enable_liblz4="no")
+ 
+ if test "$enable_liblz4" = "no"; then
+@@ -2306,6 +2310,7 @@
+     echo "               yum install lz4-devel"
+     echo
+ fi
++fi
+ 
+ # get cache line size
+     AC_PATH_PROG(HAVE_GETCONF_CMD, getconf, "no")

diff --git a/net-analyzer/suricata/files/suricata-5.0.0_default-config.patch b/net-analyzer/suricata/files/suricata-5.0.0_default-config.patch
new file mode 100644
index 00000000000..07a45c9a574
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata-5.0.0_default-config.patch
@@ -0,0 +1,61 @@
+--- a/suricata.yaml.in
++++ b/suricata.yaml.in
+@@ -203,8 +203,9 @@
+             # https://suricata.readthedocs.io/en/latest/output/eve/eve-json-output.html#dns-v1-format
+ 
+             # As of Suricata 5.0, version 2 of the eve dns output
+-            # format is the default.
+-            #version: 2
++            # format is the default - but the daemon produces a warning to that effect
++            # at start-up if this isn't explicitly set.
++            version: 2
+ 
+             # Enable/disable this logger. Default: enabled.
+             #enabled: yes
+@@ -978,9 +979,9 @@
+ ##
+ 
+ # Run suricata as user and group.
+-#run-as:
+-#  user: suri
+-#  group: suri
++run-as:
++  user: suricata
++  group: suricata
+ 
+ # Some logging module will use that name in event as identifier. The default
+ # value is the hostname
+@@ -1806,16 +1807,28 @@
+     hashmode: hash5tuplesorted
+ 
+ ##
+-## Configure Suricata to load Suricata-Update managed rules.
+-##
+-## If this section is completely commented out move down to the "Advanced rule
+-## file configuration".
++## Configure Suricata to load default rules it comes with.
+ ##
+ 
+ default-rule-path: @e_defaultruledir@
+ 
+ rule-files:
+-  - suricata.rules
++  - /etc/suricata/rules/app-layer-events.rules
++  - /etc/suricata/rules/decoder-events.rules
++  - /etc/suricata/rules/dhcp-events.rules
++  - /etc/suricata/rules/dnp3-events.rules
++  - /etc/suricata/rules/dns-events.rules
++  - /etc/suricata/rules/files.rules
++  - /etc/suricata/rules/http-events.rules
++  - /etc/suricata/rules/ipsec-events.rules
++  - /etc/suricata/rules/kerberos-events.rules
++  - /etc/suricata/rules/modbus-events.rules
++  - /etc/suricata/rules/nfs-events.rules
++  - /etc/suricata/rules/ntp-events.rules
++  - /etc/suricata/rules/smb-events.rules
++  - /etc/suricata/rules/smtp-events.rules
++  - /etc/suricata/rules/stream-events.rules
++  - /etc/suricata/rules/tls-events.rules
+ 
+ ##
+ ## Auxiliary configuration files.

diff --git a/net-analyzer/suricata/files/suricata.service b/net-analyzer/suricata/files/suricata.service
new file mode 100644
index 00000000000..5e617388018
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata.service
@@ -0,0 +1,21 @@
+[Unit]
+Description=Suricata IDS/IDP daemon
+After=network.target
+Requires=network.target
+Documentation=man:suricata(8) man:suricatasc(8)
+Documentation=https://redmine.openinfosecfoundation.org/projects/suricata/wiki
+
+[Service]
+Type=forking
+Environment=OPTIONS='-c /etc/suricata/suricata.yaml'
+CapabilityBoundingSet=CAP_NET_ADMIN
+PIDFile=/var/run/suricata/suricata.pid
+ExecStart=/usr/bin/suricata --pidfile /var/run/suricata/suricata.pid $OPTIONS
+ExecReload=/bin/kill -HUP $MAINPID
+ExecStop=/bin/kill $MAINPID
+PrivateTmp=yes
+ProtectHome=yes
+
+[Install]
+WantedBy=multi-user.target
+

diff --git a/net-analyzer/suricata/files/suricata.tmpfiles b/net-analyzer/suricata/files/suricata.tmpfiles
new file mode 100644
index 00000000000..46fe5084297
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata.tmpfiles
@@ -0,0 +1 @@
+d	/var/run/suricata	- - - -

diff --git a/net-analyzer/suricata/metadata.xml b/net-analyzer/suricata/metadata.xml
index 0afee5625d1..bc25d72f088 100644
--- a/net-analyzer/suricata/metadata.xml
+++ b/net-analyzer/suricata/metadata.xml
@@ -6,13 +6,17 @@
   </maintainer>
   <use>
     <flag name="af-packet">Enable AF_PACKET support</flag>
+    <flag name="bpf">Enable support for eBPF (as well as XDP if supported by the kernel and the NIC driver)
+        for low-level, high-speed packet processing</flag>
     <flag name="control-socket">Enable unix socket</flag>
     <flag name="cuda">Enable NVIDIA Cuda computations support</flag>
     <flag name="detection">Enable detection modules</flag>
+    <flag name="logrotate">Install logrotate rule</flag>
+    <flag name="lz4">Enable support for compressed pcap logging using the LZ4 algorithm</flag>
     <flag name="nflog">Enable libnetfilter_log support</flag>
     <flag name="nfqueue">Enable NFQUEUE support for inline IDP</flag>
     <flag name="redis">Enable Redis support</flag>
     <flag name="rules">Install default ruleset</flag>
-    <flag name="logrotate">Install logrotate rule</flag>
+    <flag name="tools">Install suricatactl, suricatasc and suricata-update</flag>
   </use>
 </pkgmetadata>

diff --git a/net-analyzer/suricata/suricata-5.0.0.ebuild b/net-analyzer/suricata/suricata-5.0.0.ebuild
new file mode 100644
index 00000000000..05f328b973b
--- /dev/null
+++ b/net-analyzer/suricata/suricata-5.0.0.ebuild
@@ -0,0 +1,185 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{6,7,8} )
+
+inherit autotools linux-info python-single-r1 systemd
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="https://suricata-ids.org/"
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened logrotate lua luajit lz4 nflog +nfqueue redis +rules systemd test tools"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="?? ( lua luajit )
+	bpf? ( af-packet )
+	tools? ( ${PYTHON_REQUIRED_USE} )"
+
+CDEPEND="acct-group/suricata
+	acct-user/suricata
+	dev-libs/jansson
+	dev-libs/libpcre
+	dev-libs/libyaml
+	net-libs/libnet:*
+	net-libs/libnfnetlink
+	dev-libs/nspr
+	dev-libs/nss
+	>=net-libs/libhtp-0.5.31
+	net-libs/libpcap
+	sys-apps/file
+	sys-libs/libcap-ng
+	bpf?        ( >=dev-libs/libbpf-0.0.5 )
+	cuda?       ( dev-util/nvidia-cuda-toolkit )
+	geoip?      ( dev-libs/libmaxminddb )
+	logrotate?  ( app-admin/logrotate )
+	lua?        ( dev-lang/lua:* )
+	luajit?     ( dev-lang/luajit:* )
+	lz4?        ( app-arch/lz4 )
+	nflog?      ( net-libs/libnetfilter_log )
+	nfqueue?    ( net-libs/libnetfilter_queue )
+	redis?      ( dev-libs/hiredis )
+	tools?      ( dev-python/pyyaml[${PYTHON_USEDEP}] )"
+DEPEND="${CDEPEND}
+	dev-lang/rust"
+# Not confirmed that it works yet
+#	test? ( dev-util/coccinelle )"
+RDEPEND="${CDEPEND}
+	tools? ( ${PYTHON_DEPS} )"
+
+PATCHES=(
+	"${FILESDIR}/${PN}-5.0.0_configure-lua-flags.patch"
+	"${FILESDIR}/${PN}-5.0.0_configure-no-lz4-automagic.patch"
+	"${FILESDIR}/${PN}-5.0.0_default-config.patch"
+)
+
+pkg_pretend() {
+	if use bpf && use kernel_linux; then
+		if kernel_is -lt 4 15; then
+			ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
+		fi
+
+		CONFIG_CHECK="~XDP_SOCKETS"
+		ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata will to load XDP programs. "
+		ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
+		check_extra_config
+	fi
+}
+
+src_prepare() {
+	default
+	sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am"
+	eautoreconf
+}
+
+src_configure() {
+	local myeconfargs=(
+		"--localstatedir=/var" \
+		"--enable-non-bundled-htp" \
+		"--enable-gccmarch-native=no" \
+		$(use_enable af-packet) \
+		$(use_enable bpf ebpf) \
+		$(use_enable control-socket unix-socket) \
+		$(use_enable cuda) \
+		$(use_enable detection) \
+		$(use_enable geoip) \
+		$(use_enable hardened gccprotect) \
+		$(use_enable hardened pie) \
+		$(use_enable lua) \
+		$(use_enable luajit) \
+		$(use_enable lz4) \
+		$(use_enable nflog) \
+		$(use_enable nfqueue) \
+		$(use_enable redis hiredis) \
+		$(use_enable test coccinelle) \
+		$(use_enable test unittests) \
+		$(use_enable tools python)
+	)
+
+	if use debug; then
+		myeconfargs+=( $(use_enable debug) )
+		# so we can get a backtrace according to "reporting bugs" on upstream web site
+		CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
+	else
+		econf ${myeconfargs[@]}
+	fi
+}
+
+src_install() {
+	emake DESTDIR="${D}" install
+
+	if use bpf; then
+		rm -f ebpf/Makefile.{am,in}
+		dodoc -r ebpf/
+		keepdir /usr/libexec/suricata/ebpf
+	fi
+
+	insinto "/etc/${PN}"
+	doins etc/{classification,reference}.config threshold.config suricata.yaml
+
+	if use rules; then
+		insinto "/etc/${PN}/rules"
+		doins rules/*.rules
+	fi
+
+	keepdir "/var/lib/${PN}"
+	keepdir "/var/log/${PN}"
+
+	fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+	fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+
+	newinitd "${FILESDIR}/${PN}-4.0.4-init" ${PN}
+	newconfd "${FILESDIR}/${PN}-4.0.4-conf" ${PN}
+	systemd_dounit "${FILESDIR}"/${PN}.service
+	systemd_newtmpfilesd "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
+
+	if use logrotate; then
+		insopts -m0644
+		insinto /etc/logrotate.d
+		newins etc/${PN}.logrotate ${PN}
+	fi
+}
+
+pkg_postinst() {
+	if ! use systemd; then
+		elog "The ${PN} init script expects to find the path to the configuration"
+		elog "file as well as extra options in /etc/conf.d."
+		elog ""
+		elog "To create more than one ${PN} service, simply create a new .yaml file for it"
+		elog "then create a symlink to the init script from a link called"
+		elog "${PN}.foo - like so"
+		elog "   cd /etc/${PN}"
+		elog "   ${EDITOR##*/} suricata-foo.yaml"
+		elog "   cd /etc/init.d"
+		elog "   ln -s ${PN} ${PN}.foo"
+		elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
+		elog ""
+		elog "You can create as many ${PN}.foo* services as you wish."
+	fi
+
+	if use bpf; then
+		elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
+		elog "because their configuration is hard-coded. You can find the default ones in"
+		elog "    ${EPREFIX}/usr/share/doc/${PF}"
+		elog "and the common location for eBPF bytecode is"
+		elog "    ${EPREFIX}/usr/libexec/${PN}"
+		elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
+	fi
+
+	if use logrotate; then
+		elog "You enabled the logrotate USE flag. Please make sure you correctly set up the ${PN} logrotate config file in /etc/logrotate.d/."
+	fi
+
+	if use debug; then
+		elog "You enabled the debug USE flag. Please read this link to report bugs upstream:"
+		elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
+		elog "You need to also ensure the FEATURES variable in make.conf contains the"
+		elog "'nostrip' option to produce useful core dumps or back traces."
+	fi
+}


^ permalink raw reply related	[flat|nested] 11+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, net-analyzer/suricata/files/
@ 2019-12-18 14:22 Marek Szuba
  0 siblings, 0 replies; 11+ messages in thread
From: Marek Szuba @ 2019-12-18 14:22 UTC (permalink / raw
  To: gentoo-commits

commit:     4bbf99b0dbf76f352c0b123cba32cfbd90080fb3
Author:     Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Wed Dec 18 14:17:32 2019 +0000
Commit:     Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Wed Dec 18 14:21:49 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4bbf99b0

net-analyzer/suricata: bump to 5.0.1

Further clean-up of old ebuilds, tools are no longer optional, there is
now a config phase to download an initial rule set using
suricata-update.

Closes: https://bugs.gentoo.org/703184
Package-Manager: Portage-2.3.79, Repoman-2.3.16
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>

 net-analyzer/suricata/Manifest                     |   1 +
 net-analyzer/suricata/files/suricata-5.0.1-conf    |  62 +++++++
 net-analyzer/suricata/files/suricata-5.0.1-init    | 147 ++++++++++++++++
 ...suricata-5.0.1_configure-no-lz4-automagic.patch |  23 +++
 .../files/suricata-5.0.1_default-config.patch      |  27 +++
 net-analyzer/suricata/files/suricata.service       |   2 +-
 net-analyzer/suricata/files/suricata.tmpfiles      |   2 +-
 net-analyzer/suricata/suricata-5.0.1.ebuild        | 196 +++++++++++++++++++++
 8 files changed, 458 insertions(+), 2 deletions(-)

diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 16a7c6ae731..9247b853f30 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1 +1,2 @@
 DIST suricata-5.0.0.tar.gz 23689051 BLAKE2B 701625d50dacbeb846d7ea1c3aad3980969c1c0124c007d843353fe25b7e579378d2cd125db4660e33fff1f8cf20eac4bbafe280ba6ff31f988fb6c42b29b6aa SHA512 0dc8941fdf29d615531eeda6f6076052cca79fda6dda3c96300c08b343a64a1700fd23dd83a03507009ab7c9b19c91b65ee65e704f55ddee17764b71e9e2911e
+DIST suricata-5.0.1.tar.gz 23721536 BLAKE2B 529837e8e4d6c33d2093df8208bf03519e0d60deef92eadf9d0a44b7416eae2f900b2f72349815acb86d9bdd9d4253bbc5d7c4c1a34157f544982b0788291624 SHA512 db0797a7992abf0ddf170cb603fdac06b0ff92278bb91343860bccbbe029ea0e83131dfb9805ca44bcbbe3925502119259e350a17e94209b21d1f8b610d965a6

diff --git a/net-analyzer/suricata/files/suricata-5.0.1-conf b/net-analyzer/suricata/files/suricata-5.0.1-conf
new file mode 100644
index 00000000000..7f22113dbf0
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata-5.0.1-conf
@@ -0,0 +1,62 @@
+# Config file for /etc/init.d/suricata*
+
+# Where config files are stored. Default:
+
+# SURICATA_DIR="/etc/suricata"
+
+# Pass options to each suricata service.
+#
+# You can launch more than one service at the same time with different options.
+# This can be useful in a multi-queue gateway, for example.
+# You can expand on the Suricata inline example found at:
+# http://suricata.readthedocs.io/en/latest/setting-up-ipsinline-for-linux.html
+# Instead of configuring iptables to send traffic to just one queue, you can configure it to "load balance"
+# on several queues. You can then have a Suricata instance processing traffic for each queue.
+# This should help improve performance on the gateway/firewall.
+#
+# Suppose you configured iptables to use queues 0 and 1 named q0 and q1. You can now do the following:
+# ln -s /etc/init.d/suricata /etc/init.d/suricata.q0
+# ln -s /etc/init.d/suricata /etc/init.d/suricata.q1
+# cp /etc/suricata/suricata.yaml /etc/suricata/suricata-q0.yaml
+# cp /etc/suricata/suricata.yaml /etc/suricata/suricata-q1.yaml
+#
+# Edit both suricata-q{0,1}.yaml files and set values accordingly.
+# You can override these yaml config file names with SURICATA_CONF* below (optional).
+# This allows you to use the same yaml config file for multiple instances as long as you override
+# sensible options such as the log file paths.
+# SURICATA_CONF_q0="suricata-queues.yaml"
+# SURICATA_CONF_q1="suricata-queues.yaml"
+# SURICATA_CONF="suricata.yaml"
+
+# You can define the options here:
+# NB: avoid using -l, -c, --user, --group and setting logging.outputs.1.file.filename as the init script will try to set them for you.
+
+# SURICATA_OPTS_q0="-q 0"
+# SURICATA_OPTS_q1="-q 1"
+
+# If you want to use ${SURICATA_DIR}/suricata.yaml and start the service with /etc/init.d/suricata
+# then you can set:
+
+SURICATA_OPTS="--af-packet"
+
+# Log paths listed here will be created by the init script and will override the log path
+# set in the yaml file, if present.
+# SURICATA_LOG_FILE_q0="/var/log/suricata/q0/suricata.log"
+# SURICATA_LOG_FILE_q1="/var/log/suricata/q1/suricata.log"
+# SURICATA_LOG_FILE="/var/log/suricata/suricata.log"
+
+# Run as user/group.
+# Do not define if you want to run as root or as the user defined in the yaml config file (run-as).
+# The ebuild should have created the dedicated user/group suricata:suricata for you to specify here below.
+# SURICATA_USER_q0="suricata"
+# SURICATA_GROUP_q0="suricata"
+# SURICATA_USER_q1="suricata"
+# SURICATA_GROUP_q1="suricata"
+# SURICATA_USER="suricata"
+# SURICATA_GROUP="suricata"
+
+# Suricata processes can take a long time to shut down.
+# If necessary, adjust timeout in seconds to be used when calling stop from the init script.
+# Examples:
+# SURICATA_MAX_WAIT_ON_STOP="300"
+# SURICATA_MAX_WAIT_ON_STOP="SIGTERM/30"

diff --git a/net-analyzer/suricata/files/suricata-5.0.1-init b/net-analyzer/suricata/files/suricata-5.0.1-init
new file mode 100644
index 00000000000..89f92803ced
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata-5.0.1-init
@@ -0,0 +1,147 @@
+#!/sbin/openrc-run
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+SURICATA_BIN=/usr/bin/suricata
+SURICATA_DIR=${SURICATA_DIR:-/etc/suricata}
+SURICATA=${SVCNAME#*.}
+SURICATAID=$(shell_var "${SURICATA}")
+if [ -n "${SURICATA}" ] && [ ${SVCNAME} != "suricata" ]; then
+    eval SURICATACONF=\$SURICATA_CONF_${SURICATAID}
+    [ ${#SURICATACONF} -eq 0 ] && SURICATACONF="${SURICATA_DIR}/suricata-${SURICATA}.yaml" || SURICATACONF="${SURICATA_DIR}/${SURICATACONF}"
+    SURICATAPID="/run/suricata/suricata.${SURICATA}.pid"
+    eval SURICATAOPTS=\$SURICATA_OPTS_${SURICATAID}
+    eval SURICATALOGPATH=\$SURICATA_LOG_FILE_${SURICATAID}
+    eval SURICATAUSER=\$SURICATA_USER_${SURICATAID}
+    eval SURICATAGROUP=\$SURICATA_GROUP_${SURICATAID}
+else
+    SURICATACONF=${SURICATA_CONF}
+    [ ${#SURICATACONF} -eq 0 ] && SURICATACONF="${SURICATA_DIR}/suricata.yaml" || SURICATACONF="${SURICATA_DIR}/${SURICATACONF}"
+    SURICATAPID="/run/suricata/suricata.pid"
+    SURICATAOPTS=${SURICATA_OPTS}
+    SURICATALOGPATH=${SURICATA_LOG_FILE}
+    SURICATAUSER=${SURICATA_USER}
+    SURICATAGROUP=${SURICATA_GROUP}
+fi
+SURICATAUSER=${SURICATAUSER:-${SURICATA_USER}}
+SURICATAGROUP=${SURICATAGROUP:-${SURICATA_GROUP}}
+[ -e ${SURICATACONF} ] && SURICATAOPTS="-c ${SURICATACONF} ${SURICATAOPTS}"
+[[ -z "${SURICATA_MAX_WAIT_ON_STOP// }" ]] || SURICATA_RETRY="--retry ${SURICATA_MAX_WAIT_ON_STOP}"
+
+description="Suricata IDS/IPS"
+extra_commands="checkconfig dump"
+description_checkconfig="Check config for ${SVCNAME}"
+description_dump="List all config values that can be used with --set"
+extra_started_commands="reload relog"
+description_reload="Live rule and config reload"
+description_relog="Close and re-open all log files"
+
+depend() {
+	need net
+	after mysql
+	after postgresql
+}
+
+checkconfig() {
+	if [ ! -d "/run/suricata" ] ; then
+		checkpath -d /run/suricata
+	fi
+	if [ ${#SURICATALOGPATH} -gt 0 ]; then
+		SURICATALOGFILE=$( basename ${SURICATALOGPATH} )
+		SURICATALOGFILE=${SURICATALOGFILE:-suricata.log}
+		SURICATALOGPATH=$( dirname ${SURICATALOGPATH} )
+		if [ ! -d "${SURICATALOGPATH}" ] ; then
+			checkpath -d "${SURICATALOGPATH}"
+		fi
+		if [ ${#SURICATAUSER} -gt 0 ] && [ ${#SURICATAGROUP} -gt 0 ] && [ -e "${SURICATALOGPATH}" ]; then
+			chown ${SURICATAUSER}:${SURICATAGROUP} "${SURICATALOGPATH}" || return 1
+			chown ${SURICATAUSER}:${SURICATAGROUP} "${SURICATALOGPATH}"/* >/dev/null 2>&1 3>&1
+		fi
+		SURICATAOPTS="${SURICATAOPTS} --set logging.outputs.1.file.filename=${SURICATALOGPATH}/${SURICATALOGFILE}"
+		SURICATALOGPATH="-l ${SURICATALOGPATH}"
+	fi
+	if [ ! -e ${SURICATACONF} ] ; then
+		einfo "The configuration file ${SURICATACONF} was not found."
+		einfo "If this is OK then make sure you set enough options for ${SVCNAME} in /etc/conf.d/suricata."
+		einfo "Take a look at the suricata arguments --set and --dump-config."
+	fi
+	if [ ${#SURICATAUSER} -gt 0 ] && [ ${#SURICATAGROUP} -gt 0 ]; then
+		einfo "${SVCNAME} will run as user ${SURICATAUSER}:${SURICATAGROUP}."
+		SURICATAOPTS="${SURICATAOPTS} --user=${SURICATAUSER} --group=${SURICATAGROUP}"
+	fi
+}
+
+initpidinfo() {
+	[ -e ${SURICATAPID} ] && SUR_PID="$(cat ${SURICATAPID})"
+	if [ ${#SUR_PID} -gt 0 ]; then
+	    SUR_PID_CHECK="$(ps -eo pid | grep -c ${SUR_PID})"
+	    SUR_USER="$(ps -p ${SUR_PID} --no-headers -o user)"
+	fi
+}
+
+checkpidinfo() {
+	initpidinfo
+        if [ ! -e ${SURICATAPID} ]; then
+        	eerror "${SVCNAME} isn't running"
+                return 1
+	elif [ ${#SUR_PID} -eq 0 ] || [ $((SUR_PID_CHECK)) -ne 1 ]; then
+		eerror "Could not determine PID of ${SVCNAME}! Did the service crash?"
+		return 1
+	elif [ ${#SUR_USER} -eq 0 ]; then
+		eerror "Unable to determine user running ${SVCNAME}!"
+		return 1
+	elif [ "x${SUR_USER}" != "xroot" ]; then
+		ewarn "${SVCNAME} may need to be running as root or as a priviledged user for the extra commands reload and relog to work."
+        fi
+}
+
+start() {
+	checkconfig || return 1
+	ebegin "Starting ${SVCNAME}"
+	start-stop-daemon --start --quiet --exec ${SURICATA_BIN} \
+		-- --pidfile ${SURICATAPID} -D ${SURICATAOPTS} ${SURICATALOGPATH} >/dev/null 2>&1
+	local SUR_EXIT=$?
+	if [ $((SUR_EXIT)) -ne 0 ]; then
+	    einfo "Could not start ${SURICATA_BIN} with:"
+	    einfo "--pidfile ${SURICATAPID} -D ${SURICATAOPTS} ${SURICATALOGPATH}"
+	    einfo "Exit code ${SUR_EXIT}"
+	fi
+	eend ${SUR_EXIT}
+}
+
+stop() {
+	ebegin "Stopping ${SVCNAME}"
+	start-stop-daemon --stop ${SURICATA_RETRY} --quiet --pidfile ${SURICATAPID} >/dev/null 2>&1
+	eend $?
+}
+
+reload() {
+	checkpidinfo || return 1
+	checkconfig || return 1
+	ebegin "Sending USR2 signal to ${SVCNAME} to perform a live rule and config reload."
+	if [ ${#SURICATAUSER} -gt 0 ] && [ ${#SURICATAGROUP} -gt 0 ]; then
+		start-stop-daemon --user ${SURICATAUSER} --group ${SURICATAGROUP} --signal USR2 --pidfile ${SURICATAPID}
+	else
+		start-stop-daemon --signal USR2 --pidfile ${SURICATAPID}
+	fi
+	eend $?
+}
+
+relog() {
+	checkpidinfo || return 1
+	checkconfig || return 1
+	ebegin "Sending HUP signal to ${SVCNAME} to close and re-open all log files."
+	if [ ${#SURICATAUSER} -gt 0 ] && [ ${#SURICATAGROUP} -gt 0 ]; then
+		start-stop-daemon --user ${SURICATAUSER} --group ${SURICATAGROUP} --signal HUP --pidfile ${SURICATAPID}
+	else
+		start-stop-daemon --signal HUP --pidfile ${SURICATAPID}
+	fi
+	eend $?
+}
+
+dump() {
+	checkconfig || return 1
+	ebegin "Dumping ${SVCNAME} config values and quitting."
+	${SURICATA_BIN} --dump-config --pidfile ${SURICATAPID} ${SURICATAOPTS} ${SURICATALOGPATH}
+	eend $?
+}

diff --git a/net-analyzer/suricata/files/suricata-5.0.1_configure-no-lz4-automagic.patch b/net-analyzer/suricata/files/suricata-5.0.1_configure-no-lz4-automagic.patch
new file mode 100644
index 00000000000..5efce46f6d9
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata-5.0.1_configure-no-lz4-automagic.patch
@@ -0,0 +1,23 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -2292,7 +2292,11 @@
+     fi
+ 
+ # Check for lz4
+-enable_liblz4="yes"
++AC_ARG_ENABLE(lz4,
++       AS_HELP_STRING([--enable-lz4], [Enable compressed pcap logging using liblz4]),
++       [enable_liblz4=$enableval],
++       [enable_liblz4=yes])
++if test "x$enable_liblz4" != "xno"; then
+ AC_CHECK_LIB(lz4, LZ4F_createCompressionContext, , enable_liblz4="no")
+ 
+ if test "$enable_liblz4" = "no"; then
+@@ -2306,6 +2310,7 @@
+     echo "               yum install lz4-devel"
+     echo
+ fi
++fi
+ 
+ # get cache line size
+     AC_PATH_PROG(HAVE_GETCONF_CMD, getconf, "no")

diff --git a/net-analyzer/suricata/files/suricata-5.0.1_default-config.patch b/net-analyzer/suricata/files/suricata-5.0.1_default-config.patch
new file mode 100644
index 00000000000..ef1b1f63ad4
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata-5.0.1_default-config.patch
@@ -0,0 +1,27 @@
+--- a/suricata.yaml.in
++++ b/suricata.yaml.in
+@@ -203,8 +203,9 @@
+             # https://suricata.readthedocs.io/en/latest/output/eve/eve-json-output.html#dns-v1-format
+ 
+             # As of Suricata 5.0, version 2 of the eve dns output
+-            # format is the default.
+-            #version: 2
++            # format is the default - but the daemon produces a warning to that effect
++            # at start-up if this isn't explicitly set.
++            version: 2
+ 
+             # Enable/disable this logger. Default: enabled.
+             #enabled: yes
+@@ -978,9 +979,9 @@
+ ##
+ 
+ # Run suricata as user and group.
+-#run-as:
+-#  user: suri
+-#  group: suri
++run-as:
++  user: suricata
++  group: suricata
+ 
+ # Some logging module will use that name in event as identifier. The default
+ # value is the hostname

diff --git a/net-analyzer/suricata/files/suricata.service b/net-analyzer/suricata/files/suricata.service
index 294ec637348..1fb056957ec 100644
--- a/net-analyzer/suricata/files/suricata.service
+++ b/net-analyzer/suricata/files/suricata.service
@@ -3,7 +3,7 @@ Description=Suricata IDS/IDP daemon
 After=network.target
 Requires=network.target
 Documentation=man:suricata(8) man:suricatasc(8)
-Documentation=https://redmine.openinfosecfoundation.org/projects/suricata/wiki
+Documentation=https://suricata.readthedocs.io/
 
 [Service]
 Environment=OPTIONS='-c /etc/suricata/suricata.yaml --af-packet'

diff --git a/net-analyzer/suricata/files/suricata.tmpfiles b/net-analyzer/suricata/files/suricata.tmpfiles
index 46fe5084297..a6e784cc37c 100644
--- a/net-analyzer/suricata/files/suricata.tmpfiles
+++ b/net-analyzer/suricata/files/suricata.tmpfiles
@@ -1 +1 @@
-d	/var/run/suricata	- - - -
+d	/run/suricata	- - - -

diff --git a/net-analyzer/suricata/suricata-5.0.1.ebuild b/net-analyzer/suricata/suricata-5.0.1.ebuild
new file mode 100644
index 00000000000..ecb34b71784
--- /dev/null
+++ b/net-analyzer/suricata/suricata-5.0.1.ebuild
@@ -0,0 +1,196 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{6,7,8} )
+
+inherit autotools linux-info python-single-r1 systemd
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="https://suricata-ids.org/"
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened logrotate lua luajit lz4 nflog +nfqueue redis systemd test"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+	?? ( lua luajit )
+	bpf? ( af-packet )"
+
+CDEPEND="acct-group/suricata
+	acct-user/suricata
+	dev-libs/jansson
+	dev-libs/libpcre
+	dev-libs/libyaml
+	net-libs/libnet:*
+	net-libs/libnfnetlink
+	dev-libs/nspr
+	dev-libs/nss
+	dev-python/pyyaml[${PYTHON_USEDEP}]
+	>=net-libs/libhtp-0.5.32
+	net-libs/libpcap
+	sys-apps/file
+	sys-libs/libcap-ng
+	bpf?        ( >=dev-libs/libbpf-0.0.6 )
+	cuda?       ( dev-util/nvidia-cuda-toolkit )
+	geoip?      ( dev-libs/libmaxminddb )
+	logrotate?  ( app-admin/logrotate )
+	lua?        ( dev-lang/lua:* )
+	luajit?     ( dev-lang/luajit:* )
+	lz4?        ( app-arch/lz4 )
+	nflog?      ( net-libs/libnetfilter_log )
+	nfqueue?    ( net-libs/libnetfilter_queue )
+	redis?      ( dev-libs/hiredis )"
+DEPEND="${CDEPEND}
+	>=sys-devel/autoconf-2.69-r5
+	dev-lang/rust"
+RDEPEND="${CDEPEND}
+	${PYTHON_DEPS}"
+
+PATCHES=(
+	"${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
+	"${FILESDIR}/${PN}-5.0.1_default-config.patch"
+)
+
+pkg_pretend() {
+	if use bpf && use kernel_linux; then
+		if kernel_is -lt 4 15; then
+			ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
+		fi
+
+		CONFIG_CHECK="~XDP_SOCKETS"
+		ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata will to load XDP programs. "
+		ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
+		check_extra_config
+	fi
+}
+
+src_prepare() {
+	default
+	sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am"
+	eautoreconf
+}
+
+src_configure() {
+	local myeconfargs=(
+		"--localstatedir=/var" \
+		"--runstatedir=/run" \
+		"--enable-non-bundled-htp" \
+		"--enable-gccmarch-native=no" \
+		"--enable-python" \
+		$(use_enable af-packet) \
+		$(use_enable bpf ebpf) \
+		$(use_enable control-socket unix-socket) \
+		$(use_enable cuda) \
+		$(use_enable detection) \
+		$(use_enable geoip) \
+		$(use_enable hardened gccprotect) \
+		$(use_enable hardened pie) \
+		$(use_enable lua) \
+		$(use_enable luajit) \
+		$(use_enable lz4) \
+		$(use_enable nflog) \
+		$(use_enable nfqueue) \
+		$(use_enable redis hiredis) \
+		$(use_enable test unittests) \
+		"--disable-coccinelle"
+	)
+
+	if use debug; then
+		myeconfargs+=( $(use_enable debug) )
+		# so we can get a backtrace according to "reporting bugs" on upstream web site
+		CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
+	else
+		econf ${myeconfargs[@]}
+	fi
+}
+
+src_install() {
+	emake DESTDIR="${D}" install
+	python_optimize
+
+	if use bpf; then
+		rm -f ebpf/Makefile.{am,in}
+		dodoc -r ebpf/
+		keepdir /usr/libexec/suricata/ebpf
+	fi
+
+	insinto "/etc/${PN}"
+	doins etc/{classification,reference}.config threshold.config suricata.yaml
+
+	keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+	keepdir "/var/log/${PN}"
+
+	fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+	fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+	fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+
+	newinitd "${FILESDIR}/${PN}-5.0.1-init" ${PN}
+	newconfd "${FILESDIR}/${PN}-5.0.1-conf" ${PN}
+	systemd_dounit "${FILESDIR}"/${PN}.service
+	systemd_newtmpfilesd "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
+
+	if use logrotate; then
+		insopts -m0644
+		insinto /etc/logrotate.d
+		newins etc/${PN}.logrotate ${PN}
+	fi
+}
+
+pkg_postinst() {
+	elog ""
+	if use systemd; then
+		elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
+		elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
+		elog "on file configuration to specify interfaces, should you prefer to run it different you will have to customise"
+		elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
+		elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
+		elog "For details, see the section on drop-in directories in systemd.unit(5)."
+	else
+		elog "The ${PN} init script expects to find the path to the configuration"
+		elog "file as well as extra options in /etc/conf.d."
+		elog ""
+		elog "To create more than one ${PN} service, simply create a new .yaml file for it"
+		elog "then create a symlink to the init script from a link called"
+		elog "${PN}.foo - like so"
+		elog "   cd /etc/${PN}"
+		elog "   ${EDITOR##*/} suricata-foo.yaml"
+		elog "   cd /etc/init.d"
+		elog "   ln -s ${PN} ${PN}.foo"
+		elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
+		elog ""
+		elog "You can create as many ${PN}.foo* services as you wish."
+	fi
+
+	if use bpf; then
+		elog ""
+		elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
+		elog "because their configuration is hard-coded. You can find the default ones in"
+		elog "    ${EPREFIX}/usr/share/doc/${PF}/ebpf"
+		elog "and the common location for eBPF bytecode is"
+		elog "    ${EPREFIX}/usr/libexec/${PN}"
+		elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
+	fi
+
+	if use debug; then
+		elog ""
+		elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
+		elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
+		elog "You need to also ensure the FEATURES variable in make.conf contains the"
+		elog "'nostrip' option to produce useful core dumps or back traces."
+	fi
+
+	elog ""
+	elog "To download and install an initial set of rules, run:"
+	elog "    emerge --config =${CATEGORY}/${PF}"
+	elog ""
+}
+
+pkg_config() {
+	suricata-update
+}


^ permalink raw reply related	[flat|nested] 11+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, net-analyzer/suricata/files/
@ 2020-10-09 12:14 Marek Szuba
  0 siblings, 0 replies; 11+ messages in thread
From: Marek Szuba @ 2020-10-09 12:14 UTC (permalink / raw
  To: gentoo-commits

commit:     a8e82003db4b6ef62cf260263bafc1cc32f33acc
Author:     Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Fri Oct  9 12:09:22 2020 +0000
Commit:     Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Fri Oct  9 12:14:16 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a8e82003

net-analyzer/suricata: bump to 6.0.0

Okay, this has turned out to be easier than I thought it might be.
Note to self: since suricata-6 no longer supports unified2 output and
suricata-5 is still supported upstream (even 4 will only reach end of
life on 2020-12-31), keep the latter around for at least a bit longer.

Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>

 net-analyzer/suricata/Manifest                     |   1 +
 .../files/suricata-6.0.0_default-config.patch      |  27 +++
 net-analyzer/suricata/suricata-6.0.0.ebuild        | 203 +++++++++++++++++++++
 3 files changed, 231 insertions(+)

diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 06edb9b7cc8..fde179dd2cb 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1 +1,2 @@
 DIST suricata-5.0.4.tar.gz 29091046 BLAKE2B 38526ca39d2460d630fdd9e804f36c74bfcde54a529748896779b549ed1b55174d6080ddad8933ddfd26004f4e78748a503832f47ee5f52d84a133643aef482b SHA512 e5da14f80b628968e146839b828971e888fd0158b2ecbbcc15c0f42fda2bdcc8ad89632ba05cc45c88d88e537452e77f8e2f3a5e09ecd038d0d38b1a8cf8cea6
+DIST suricata-6.0.0.tar.gz 30832555 BLAKE2B 9cea05b07520924706e961efed6a45b9ba73388a25777f43c1a90497aa00ec200bad15863b7b17b84e622c79309365596853423776da9c3d103c2a8c1126a0d2 SHA512 3c30f6f57c0e8a24992ff2b4ce8ce166d3c0d4b28c8f5e79434d04de9f2016773be01a1689fedfc9e54ff1c8bc9838206bc28f3ff2e47d60102a7016f1062ec3

diff --git a/net-analyzer/suricata/files/suricata-6.0.0_default-config.patch b/net-analyzer/suricata/files/suricata-6.0.0_default-config.patch
new file mode 100644
index 00000000000..03e0f1cda94
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata-6.0.0_default-config.patch
@@ -0,0 +1,27 @@
+--- a/suricata.yaml.in
++++ b/suricata.yaml.in
+@@ -209,8 +209,9 @@
+             # https://suricata.readthedocs.io/en/latest/output/eve/eve-json-output.html#dns-v1-format
+ 
+             # As of Suricata 5.0, version 2 of the eve dns output
+-            # format is the default.
+-            #version: 2
++            # format is the default - but the daemon produces a warning to that effect
++            # at start-up if this isn't explicitly set.
++            version: 2
+ 
+             # Enable/disable this logger. Default: enabled.
+             #enabled: yes
+@@ -988,9 +989,9 @@
+ ##
+ 
+ # Run Suricata with a specific user-id and group-id:
+-#run-as:
+-#  user: suri
+-#  group: suri
++run-as:
++  user: suricata
++  group: suricata
+ 
+ # Some logging modules will use that name in event as identifier. The default
+ # value is the hostname

diff --git a/net-analyzer/suricata/suricata-6.0.0.ebuild b/net-analyzer/suricata/suricata-6.0.0.ebuild
new file mode 100644
index 00000000000..5f5d14e3eec
--- /dev/null
+++ b/net-analyzer/suricata/suricata-6.0.0.ebuild
@@ -0,0 +1,203 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{6..9} )
+
+inherit autotools flag-o-matic linux-info python-single-r1 systemd
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="https://suricata-ids.org/"
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened logrotate lua luajit lz4 nflog +nfqueue redis systemd test"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+	?? ( lua luajit )
+	bpf? ( af-packet )"
+
+RDEPEND="${PYTHON_DEPS}
+	acct-group/suricata
+	acct-user/suricata
+	dev-libs/jansson
+	dev-libs/libpcre
+	dev-libs/libyaml
+	net-libs/libnet:*
+	net-libs/libnfnetlink
+	dev-libs/nspr
+	dev-libs/nss
+	$(python_gen_cond_dep '
+		dev-python/pyyaml[${PYTHON_USEDEP}]
+	')
+	>=net-libs/libhtp-0.5.35
+	net-libs/libpcap
+	sys-apps/file
+	sys-libs/libcap-ng
+	bpf?        ( >=dev-libs/libbpf-0.1.0 )
+	cuda?       ( dev-util/nvidia-cuda-toolkit )
+	geoip?      ( dev-libs/libmaxminddb )
+	logrotate?  ( app-admin/logrotate )
+	lua?        ( dev-lang/lua:* )
+	luajit?     ( dev-lang/luajit:* )
+	lz4?        ( app-arch/lz4 )
+	nflog?      ( net-libs/libnetfilter_log )
+	nfqueue?    ( net-libs/libnetfilter_queue )
+	redis?      ( dev-libs/hiredis )"
+DEPEND="${RDEPEND}
+	>=sys-devel/autoconf-2.69-r5
+	virtual/rust"
+
+PATCHES=(
+	"${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
+	"${FILESDIR}/${PN}-6.0.0_default-config.patch"
+)
+
+pkg_pretend() {
+	if use bpf && use kernel_linux; then
+		if kernel_is -lt 4 15; then
+			ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
+		fi
+
+		CONFIG_CHECK="~XDP_SOCKETS"
+		ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata to load XDP programs. "
+		ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
+		check_extra_config
+	fi
+}
+
+src_prepare() {
+	default
+	sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am" || die
+	eautoreconf
+}
+
+src_configure() {
+	local myeconfargs=(
+		"--localstatedir=/var" \
+		"--runstatedir=/run" \
+		"--enable-non-bundled-htp" \
+		"--enable-gccmarch-native=no" \
+		"--enable-python" \
+		$(use_enable af-packet) \
+		$(use_enable bpf ebpf) \
+		$(use_enable control-socket unix-socket) \
+		$(use_enable cuda) \
+		$(use_enable detection) \
+		$(use_enable geoip) \
+		$(use_enable hardened gccprotect) \
+		$(use_enable hardened pie) \
+		$(use_enable lua) \
+		$(use_enable luajit) \
+		$(use_enable lz4) \
+		$(use_enable nflog) \
+		$(use_enable nfqueue) \
+		$(use_enable redis hiredis) \
+		$(use_enable test unittests) \
+		"--disable-coccinelle"
+	)
+
+	if use debug; then
+		myeconfargs+=( $(use_enable debug) )
+		# so we can get a backtrace according to "reporting bugs" on upstream web site
+		CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
+	else
+		econf ${myeconfargs[@]}
+	fi
+}
+
+src_install() {
+	emake DESTDIR="${D}" install
+	python_optimize
+
+	if use bpf; then
+		rm -f ebpf/Makefile.{am,in}
+		dodoc -r ebpf/
+		keepdir /usr/libexec/suricata/ebpf
+	fi
+
+	insinto "/etc/${PN}"
+	doins etc/{classification,reference}.config threshold.config suricata.yaml
+
+	keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+	keepdir "/var/log/${PN}"
+
+	fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+	fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+	fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+
+	newinitd "${FILESDIR}/${PN}-5.0.1-init" ${PN}
+	newconfd "${FILESDIR}/${PN}-5.0.1-conf" ${PN}
+	systemd_dounit "${FILESDIR}"/${PN}.service
+	systemd_newtmpfilesd "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
+
+	if use logrotate; then
+		insopts -m0644
+		insinto /etc/logrotate.d
+		newins etc/${PN}.logrotate ${PN}
+	fi
+}
+
+pkg_postinst() {
+	elog
+	if use systemd; then
+		elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
+		elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
+		elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
+		elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
+		elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
+		elog "For details, see the section on drop-in directories in systemd.unit(5)."
+	else
+		elog "The ${PN} init script expects to find the path to the configuration"
+		elog "file as well as extra options in /etc/conf.d."
+		elog
+		elog "To create more than one ${PN} service, simply create a new .yaml file for it"
+		elog "then create a symlink to the init script from a link called"
+		elog "${PN}.foo - like so"
+		elog "   cd /etc/${PN}"
+		elog "   ${EDITOR##*/} suricata-foo.yaml"
+		elog "   cd /etc/init.d"
+		elog "   ln -s ${PN} ${PN}.foo"
+		elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
+		elog
+		elog "You can create as many ${PN}.foo* services as you wish."
+	fi
+
+	if use bpf; then
+		elog
+		elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
+		elog "because their configuration is hard-coded. You can find the default ones in"
+		elog "    ${EPREFIX}/usr/share/doc/${PF}/ebpf"
+		elog "and the common location for eBPF bytecode is"
+		elog "    ${EPREFIX}/usr/libexec/${PN}"
+		elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
+	fi
+
+	if use debug; then
+		elog
+		elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
+		elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
+		elog "You need to also ensure the FEATURES variable in make.conf contains the"
+		elog "'nostrip' option to produce useful core dumps or back traces."
+	fi
+
+	elog
+	if [[ -n "${REPLACING_VERSIONS}" ]]; then
+		ewarn "Since version 6.0.0 Suricata no longer supports the unified2 output format commonly used"
+		ewarn "in legacy, Snort-compatible IDS solutions, e.g. ones based on net-analyzer/barnyard2."
+		ewarn "If you need unified2 support, please continue to use suricata-5."
+	else
+		elog "To download and install an initial set of rules, run:"
+		elog "    emerge --config =${CATEGORY}/${PF}"
+	fi
+	elog
+}
+
+pkg_config() {
+	suricata-update
+}


^ permalink raw reply related	[flat|nested] 11+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, net-analyzer/suricata/files/
@ 2024-02-28 21:46 Marek Szuba
  0 siblings, 0 replies; 11+ messages in thread
From: Marek Szuba @ 2024-02-28 21:46 UTC (permalink / raw
  To: gentoo-commits

commit:     07e1f3e359b3cfe01d8ef3a1e263af2f8acc23b4
Author:     Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Wed Feb 28 21:34:39 2024 +0000
Commit:     Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Wed Feb 28 21:46:10 2024 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=07e1f3e3

net-analyzer/suricata: drop 6.0.15

No versions affected by the latest batch of CVEs left in the tree.

Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>

 net-analyzer/suricata/Manifest                     |   2 -
 ....6_configure-no-sphinx-pdflatex-automagic.patch |  26 ---
 net-analyzer/suricata/suricata-6.0.15.ebuild       | 212 ---------------------
 3 files changed, 240 deletions(-)

diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 241154b314b8..9e0bba5db148 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,4 +1,2 @@
-DIST suricata-6.0.15.tar.gz 27903106 BLAKE2B cf5c2d5760e52f0b4eb0276feb89e056d74ef5478e3158a047fbdec14022aa6e0ba986b7ee9f9ec49e2ebb3f206c7d71ad8ce8dc4eb9a6b48b4ba38c96c2f1c6 SHA512 ec9904fdc57e594653e3f48794c602429412fc85377630600b96081cfeb21361c353ce54d564c01ef0400885c508b49bd8c7a5d8b4482d45155b2007907107a9
-DIST suricata-6.0.15.tar.gz.sig 566 BLAKE2B f9f5fd9df55c9854f4da3765673df094a3979324714b0f81f787abc3eaa811d01e42cf8b892c5ae558e5f453b82f84dcebd4548a0cfafca00582adc595a11bbf SHA512 e938715fe22699b623d70bcd70e69d3acb2bfa322ecb9a8a19b272eb5ba378b34974c3114419bbb07fb46b805bc160344d0bdb567acb887832e4c18734fef9a8
 DIST suricata-7.0.3.tar.gz 23599903 BLAKE2B b42044428ae5ac4ecd6b41d083f0f3ac5839bf9a0734c3a64bb5e9a6f1a0ffe0c1f5da262f4e167461836bd26ebf9238ec9c0c213ba61f6419b6af1314f3becb SHA512 5a19a00118b86cd9c9b8a4b8399d8deda23beb19a6a6ed49e82240a1a5d4549490f3ce72743f5990c200850e8a64e3a51f45b8c1b8088bdd16aa12341dbf64aa
 DIST suricata-7.0.3.tar.gz.sig 566 BLAKE2B 3befe75463a26493b660dc21721e2628a4889d5397d0ada6aa51bd9c748487130dfb56f3fa25b5514411adeaf0b385ee7e9d664ab0af9b6b0a2bef719bdc904f SHA512 a08274708f3aee891b018da613fa60cf66ca09b41f70ed1e89b57d5e778bf97058d71c6ad8c529926783287ddd0f20337957e03ff59b3500c207a4ef7936bfdf

diff --git a/net-analyzer/suricata/files/suricata-5.0.6_configure-no-sphinx-pdflatex-automagic.patch b/net-analyzer/suricata/files/suricata-5.0.6_configure-no-sphinx-pdflatex-automagic.patch
deleted file mode 100644
index be5805e67f87..000000000000
--- a/net-analyzer/suricata/files/suricata-5.0.6_configure-no-sphinx-pdflatex-automagic.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-No configure options to disable looking for these, redundant for releases
-because the tarballs already contain both PDF documentation and man pages,
-and as of 2021-05-11 doc generation is not compatible with sphinx-4.0.0+
-due to conf.py calling long-deprecated app.add_stylesheet() rather
-than app.add_css_file().
-
---- a/configure.ac
-+++ b/configure.ac
-@@ -2423,7 +2423,7 @@
-     fi
- 
- # sphinx for documentation
--    AC_PATH_PROG(HAVE_SPHINXBUILD, sphinx-build, "no")
-+    HAVE_SPHINXBUILD="no"
-     if test "$HAVE_SPHINXBUILD" = "no"; then
-        enable_sphinxbuild=no
-        if test -e "$srcdir/doc/userguide/suricata.1"; then
-@@ -2434,7 +2434,7 @@
-     AM_CONDITIONAL([HAVE_SURICATA_MAN], [test "x$have_suricata_man" = "xyes"])
- 
- # pdflatex for the pdf version of the user manual
--    AC_PATH_PROG(HAVE_PDFLATEX, pdflatex, "no")
-+    HAVE_PDFLATEX="no"
-     if test "$HAVE_PDFLATEX" = "no"; then
-        enable_pdflatex=no
-     fi

diff --git a/net-analyzer/suricata/suricata-6.0.15.ebuild b/net-analyzer/suricata/suricata-6.0.15.ebuild
deleted file mode 100644
index 045ebbc38788..000000000000
--- a/net-analyzer/suricata/suricata-6.0.15.ebuild
+++ /dev/null
@@ -1,212 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-LUA_COMPAT=( lua5-1 luajit )
-PYTHON_COMPAT=( python3_{10..12} )
-
-inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd tmpfiles verify-sig
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="https://suricata.io/"
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
-	verify-sig? ( https://www.openinfosecfoundation.org/download/${P}.tar.gz.sig )"
-
-LICENSE="GPL-2"
-SLOT="0/6"
-KEYWORDS="~amd64 ~riscv ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened hyperscan lua lz4 nflog +nfqueue redis systemd test"
-VERIFY_SIG_OPENPGP_KEY_PATH="/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
-
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
-	bpf? ( af-packet )
-	lua? ( ${LUA_REQUIRED_USE} )"
-
-RDEPEND="${PYTHON_DEPS}
-	acct-group/suricata
-	acct-user/suricata
-	dev-libs/jansson:=
-	dev-libs/libpcre
-	dev-libs/libyaml
-	net-libs/libnet:*
-	net-libs/libnfnetlink
-	dev-libs/nspr
-	dev-libs/nss
-	$(python_gen_cond_dep '
-		dev-python/pyyaml[${PYTHON_USEDEP}]
-	')
-	>=net-libs/libhtp-0.5.45
-	net-libs/libpcap
-	sys-apps/file
-	sys-libs/libcap-ng
-	bpf?        ( <dev-libs/libbpf-1.0.0 )
-	cuda?       ( dev-util/nvidia-cuda-toolkit )
-	geoip?      ( dev-libs/libmaxminddb:= )
-	hyperscan?  ( dev-libs/hyperscan )
-	lua?        ( ${LUA_DEPS} )
-	lz4?        ( app-arch/lz4 )
-	nflog?      ( net-libs/libnetfilter_log )
-	nfqueue?    ( net-libs/libnetfilter_queue )
-	redis?      ( dev-libs/hiredis:= )"
-DEPEND="${RDEPEND}
-	>=dev-build/autoconf-2.69-r5
-	virtual/rust"
-BDEPEND="verify-sig? ( >=sec-keys/openpgp-keys-oisf-20200807 )"
-
-PATCHES=(
-	"${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
-	"${FILESDIR}/${PN}-5.0.6_configure-no-sphinx-pdflatex-automagic.patch"
-	"${FILESDIR}/${PN}-5.0.7_configure-no-hyperscan-automagic.patch"
-	"${FILESDIR}/${PN}-6.0.0_default-config.patch"
-)
-
-pkg_pretend() {
-	if use bpf && use kernel_linux; then
-		if kernel_is -lt 4 15; then
-			ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
-		fi
-
-		CONFIG_CHECK="~XDP_SOCKETS"
-		ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata to load XDP programs. "
-		ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
-		check_extra_config
-	fi
-}
-
-src_prepare() {
-	default
-	sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am" || die
-	eautoreconf
-}
-
-src_configure() {
-	# Bug #861242
-	filter-lto
-
-	local myeconfargs=(
-		"--localstatedir=/var" \
-		"--runstatedir=/run" \
-		"--enable-non-bundled-htp" \
-		"--enable-gccmarch-native=no" \
-		"--enable-python" \
-		$(use_enable af-packet) \
-		$(use_enable bpf ebpf) \
-		$(use_enable control-socket unix-socket) \
-		$(use_enable cuda) \
-		$(use_enable detection) \
-		$(use_enable geoip) \
-		$(use_enable hardened gccprotect) \
-		$(use_enable hardened pie) \
-		$(use_enable hyperscan) \
-		$(use_enable lz4) \
-		$(use_enable nflog) \
-		$(use_enable nfqueue) \
-		$(use_enable redis hiredis) \
-		$(use_enable test unittests) \
-		"--disable-coccinelle"
-	)
-	if use lua; then
-		if use lua_single_target_luajit; then
-			myeconfargs+=( --enable-luajit )
-		else
-			myeconfargs+=( --enable-lua )
-		fi
-	fi
-
-	if use debug; then
-		myeconfargs+=( $(use_enable debug) )
-		# so we can get a backtrace according to "reporting bugs" on upstream web site
-		QA_FLAGS_IGNORED="usr/bin/${PN}"
-		CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
-	else
-		econf ${myeconfargs[@]}
-	fi
-}
-
-src_install() {
-	emake DESTDIR="${D}" install
-	python_optimize
-	# Bug #878855
-	python_fix_shebang "${ED}"/usr/bin/
-
-	if use bpf; then
-		rm -f ebpf/Makefile.{am,in} || die
-		dodoc -r ebpf/
-		keepdir /usr/libexec/suricata/ebpf
-	fi
-
-	insinto "/etc/${PN}"
-	doins etc/{classification,reference}.config threshold.config suricata.yaml
-
-	keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
-	keepdir "/var/log/${PN}"
-
-	fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
-	fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
-	fperms 6750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
-
-	newinitd "${FILESDIR}/${PN}.initd" ${PN}
-	newconfd "${FILESDIR}/${PN}.confd" ${PN}
-	systemd_dounit "${FILESDIR}"/${PN}.service
-	newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
-
-	insopts -m0644
-	insinto /etc/logrotate.d
-	newins etc/${PN}.logrotate ${PN}
-}
-
-pkg_postinst() {
-	tmpfiles_process ${PN}.conf
-
-	elog
-	if use systemd; then
-		elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
-		elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
-		elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
-		elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
-		elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
-		elog "For details, see the section on drop-in directories in systemd.unit(5)."
-	else
-		elog "The ${PN} init script expects to find the path to the configuration"
-		elog "file as well as extra options in /etc/conf.d."
-		elog
-		elog "To create more than one ${PN} service, simply create a new .yaml file for it"
-		elog "then create a symlink to the init script from a link called"
-		elog "${PN}.foo - like so"
-		elog "   cd /etc/${PN}"
-		elog "   ${EDITOR##*/} suricata-foo.yaml"
-		elog "   cd /etc/init.d"
-		elog "   ln -s ${PN} ${PN}.foo"
-		elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
-		elog
-		elog "You can create as many ${PN}.foo* services as you wish."
-	fi
-
-	if use bpf; then
-		elog
-		elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
-		elog "because their configuration is hard-coded. You can find the default ones in"
-		elog "    ${EPREFIX}/usr/share/doc/${PF}/ebpf"
-		elog "and the common location for eBPF bytecode is"
-		elog "    ${EPREFIX}/usr/libexec/${PN}"
-		elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
-	fi
-
-	if use debug; then
-		elog
-		elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
-		elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
-		elog "You need to also ensure the FEATURES variable in make.conf contains the"
-		elog "'nostrip' option to produce useful core dumps or back traces."
-	fi
-
-	elog
-	if [[ -z "${REPLACING_VERSIONS}" ]]; then
-		elog "To download and install an initial set of rules, run:"
-		elog "    suricata-update"
-	fi
-	elog
-}


^ permalink raw reply related	[flat|nested] 11+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, net-analyzer/suricata/files/
@ 2024-02-28 21:46 Marek Szuba
  0 siblings, 0 replies; 11+ messages in thread
From: Marek Szuba @ 2024-02-28 21:46 UTC (permalink / raw
  To: gentoo-commits

commit:     4c54d76e8fab4063a74490103bace21d972a4d9d
Author:     Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Wed Feb 28 21:25:33 2024 +0000
Commit:     Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Wed Feb 28 21:46:09 2024 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4c54d76e

net-analyzer/suricata: add 7.0.3, remove 7.0.2 and 7.0.2-r1

Includes Brahmajit's patch for the gcc-14 issue, as it is yet to be
fixed upstream.

Closes: https://bugs.gentoo.org/925011
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>

 net-analyzer/suricata/Manifest                     |   4 +-
 .../suricata-7.0.3_fix-build-with-gcc14.patch      |  39 ++++
 net-analyzer/suricata/suricata-7.0.2.ebuild        | 221 ---------------------
 ...icata-7.0.2-r1.ebuild => suricata-7.0.3.ebuild} |   3 +-
 4 files changed, 43 insertions(+), 224 deletions(-)

diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index adabc7aa76bc..241154b314b8 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,4 +1,4 @@
 DIST suricata-6.0.15.tar.gz 27903106 BLAKE2B cf5c2d5760e52f0b4eb0276feb89e056d74ef5478e3158a047fbdec14022aa6e0ba986b7ee9f9ec49e2ebb3f206c7d71ad8ce8dc4eb9a6b48b4ba38c96c2f1c6 SHA512 ec9904fdc57e594653e3f48794c602429412fc85377630600b96081cfeb21361c353ce54d564c01ef0400885c508b49bd8c7a5d8b4482d45155b2007907107a9
 DIST suricata-6.0.15.tar.gz.sig 566 BLAKE2B f9f5fd9df55c9854f4da3765673df094a3979324714b0f81f787abc3eaa811d01e42cf8b892c5ae558e5f453b82f84dcebd4548a0cfafca00582adc595a11bbf SHA512 e938715fe22699b623d70bcd70e69d3acb2bfa322ecb9a8a19b272eb5ba378b34974c3114419bbb07fb46b805bc160344d0bdb567acb887832e4c18734fef9a8
-DIST suricata-7.0.2.tar.gz 23445403 BLAKE2B 5af50f6f0d91ba233b1cc373c073e72824f10d6df20c27041d5fd11d25c7be6b1941beccf0fb18612d6277eaa7bb1d47d8fedbd34f580ba87d352c45d4d51725 SHA512 bca6eb64495d36fcc83522e29a8ec24653752930d001191fca1d72de5513537fdb8c1805fc45afe55b5fb3a68cf3747af609eec46070505dcd5d9e53c0ed9b95
-DIST suricata-7.0.2.tar.gz.sig 566 BLAKE2B 8a931361acfa5e945fe9a3a03b38c65ff7f59da88a9af9c3f5a4b15ec880de6f22038a45d27c480c75489df0a90373f3cee44c48a266226fae89c00ed78b6e5f SHA512 0a46c8fef1d68f76c08c314613e558027dc7700a72628b5708dbc36c5c1943d816120c569692103d75d284cd7027cdda0d4ef9ab436992d7d2ec101e18aa5056
+DIST suricata-7.0.3.tar.gz 23599903 BLAKE2B b42044428ae5ac4ecd6b41d083f0f3ac5839bf9a0734c3a64bb5e9a6f1a0ffe0c1f5da262f4e167461836bd26ebf9238ec9c0c213ba61f6419b6af1314f3becb SHA512 5a19a00118b86cd9c9b8a4b8399d8deda23beb19a6a6ed49e82240a1a5d4549490f3ce72743f5990c200850e8a64e3a51f45b8c1b8088bdd16aa12341dbf64aa
+DIST suricata-7.0.3.tar.gz.sig 566 BLAKE2B 3befe75463a26493b660dc21721e2628a4889d5397d0ada6aa51bd9c748487130dfb56f3fa25b5514411adeaf0b385ee7e9d664ab0af9b6b0a2bef719bdc904f SHA512 a08274708f3aee891b018da613fa60cf66ca09b41f70ed1e89b57d5e778bf97058d71c6ad8c529926783287ddd0f20337957e03ff59b3500c207a4ef7936bfdf

diff --git a/net-analyzer/suricata/files/suricata-7.0.3_fix-build-with-gcc14.patch b/net-analyzer/suricata/files/suricata-7.0.3_fix-build-with-gcc14.patch
new file mode 100644
index 000000000000..7ebacf76852c
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata-7.0.3_fix-build-with-gcc14.patch
@@ -0,0 +1,39 @@
+Bug: From b5280929c58559c178415ce199157b5c87171258 Mon Sep 17 00:00:00 2001
+From: Brahmajit Das <brahmajit.xyz@gmail.com>
+Date: Tue, 20 Feb 2024 12:05:57 +0530
+Subject: [PATCH 1/1] Fix passing incompatible pointer type with GCC 14
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+GCC 14 (and newer compilers like Clang 16) enables
+-Wincompatible-pointer-types by default, along with some other flags.
+Thus resulting in build errors such as
+
+util-host-info.c: In function ‘SCKernelVersionIsAtLeast’:
+util-host-info.c:94:31: error: passing argument 1 of ‘pcre2_substring_list_free_8’ from incompatible pointer type [-Wincompatible-pointer-types]
+   94 |     pcre2_substring_list_free((PCRE2_SPTR *)list);
+      |                               ^~~~~~~~~~~~~~~~~~
+      |                               |
+      |                               const PCRE2_UCHAR8 ** {aka const unsigned char **}
+
+Removing the casting make suricata build with GCC 14.
+
+First discovered on Gentoo Linux with GCC 14
+
+Bug: https://bugs.gentoo.org/925011
+Signed-off-by: Brahmajit Das <brahmajit.xyz@gmail.com>
+--- a/src/util-host-info.c
++++ b/src/util-host-info.c
+@@ -91,7 +91,7 @@ int SCKernelVersionIsAtLeast(int major, int minor)
+         err = true;
+     }
+ 
+-    pcre2_substring_list_free((PCRE2_SPTR *)list);
++    pcre2_substring_list_free(list);
+     pcre2_match_data_free(version_regex_match);
+     pcre2_code_free(version_regex);
+ 
+-- 
+2.43.2
+

diff --git a/net-analyzer/suricata/suricata-7.0.2.ebuild b/net-analyzer/suricata/suricata-7.0.2.ebuild
deleted file mode 100644
index 93fe2558be37..000000000000
--- a/net-analyzer/suricata/suricata-7.0.2.ebuild
+++ /dev/null
@@ -1,221 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-LUA_COMPAT=( lua5-1 luajit )
-PYTHON_COMPAT=( python3_{10..12} )
-
-inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd tmpfiles verify-sig
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="https://suricata.io/"
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
-	verify-sig? ( https://www.openinfosecfoundation.org/download/${P}.tar.gz.sig )"
-
-LICENSE="GPL-2"
-SLOT="0/7"
-KEYWORDS="~amd64 ~riscv ~x86"
-IUSE="+af-packet af-xdp bpf control-socket cuda debug +detection geoip hardened hyperscan lua lz4 nflog +nfqueue redis systemd test"
-VERIFY_SIG_OPENPGP_KEY_PATH="/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
-
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
-	af-xdp? ( bpf )
-	bpf? ( af-packet )
-	lua? ( ${LUA_REQUIRED_USE} )"
-
-RDEPEND="${PYTHON_DEPS}
-	acct-group/suricata
-	acct-user/suricata
-	dev-libs/jansson:=
-	dev-libs/libpcre2
-	dev-libs/libyaml
-	net-libs/libnet:*
-	net-libs/libnfnetlink
-	dev-libs/nspr
-	dev-libs/nss
-	$(python_gen_cond_dep '
-		dev-python/pyyaml[${PYTHON_USEDEP}]
-	')
-	>=net-libs/libhtp-0.5.45
-	net-libs/libpcap
-	sys-apps/file
-	sys-libs/libcap-ng
-	af-xdp?		( net-libs/xdp-tools )
-	bpf?        ( dev-libs/libbpf )
-	cuda?       ( dev-util/nvidia-cuda-toolkit )
-	geoip?      ( dev-libs/libmaxminddb:= )
-	hyperscan?  ( dev-libs/hyperscan )
-	lua?        ( ${LUA_DEPS} )
-	lz4?        ( app-arch/lz4 )
-	nflog?      ( net-libs/libnetfilter_log )
-	nfqueue?    ( net-libs/libnetfilter_queue )
-	redis?      ( dev-libs/hiredis:= )"
-DEPEND="${RDEPEND}
-	>=dev-build/autoconf-2.69-r5
-	virtual/rust"
-BDEPEND="verify-sig? ( >=sec-keys/openpgp-keys-oisf-20200807 )"
-
-PATCHES=(
-	"${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
-	"${FILESDIR}/${PN}-5.0.7_configure-no-hyperscan-automagic.patch"
-	"${FILESDIR}/${PN}-6.0.0_default-config.patch"
-	"${FILESDIR}/${PN}-7.0.2_configure-no-sphinx-pdflatex-automagic.patch"
-)
-
-pkg_pretend() {
-	if use af-xdp && use kernel_linux; then
-		if kernel_is -lt 4 18; then
-			ewarn "Kernel 4.18 or newer is required for AF_XDP"
-		fi
-	fi
-
-	if use bpf && use kernel_linux; then
-		if kernel_is -lt 4 15; then
-			ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
-		fi
-
-		CONFIG_CHECK="~XDP_SOCKETS"
-		ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata to load XDP programs. "
-		ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
-		check_extra_config
-	fi
-}
-
-src_prepare() {
-	default
-	sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am" || die
-	eautoreconf
-}
-
-src_configure() {
-	# Bug #861242
-	filter-lto
-
-	local myeconfargs=(
-		"--localstatedir=/var" \
-		"--runstatedir=/run" \
-		"--enable-non-bundled-htp" \
-		"--enable-gccmarch-native=no" \
-		"--enable-python" \
-		$(use_enable af-packet) \
-		$(use_enable af-xdp) \
-		$(use_enable bpf ebpf) \
-		$(use_enable control-socket unix-socket) \
-		$(use_enable cuda) \
-		$(use_enable detection) \
-		$(use_enable geoip) \
-		$(use_enable hardened gccprotect) \
-		$(use_enable hardened pie) \
-		$(use_enable hyperscan) \
-		$(use_enable lz4) \
-		$(use_enable nflog) \
-		$(use_enable nfqueue) \
-		$(use_enable redis hiredis) \
-		$(use_enable test unittests) \
-		"--disable-coccinelle"
-	)
-	if use lua; then
-		if use lua_single_target_luajit; then
-			myeconfargs+=( --enable-luajit )
-		else
-			myeconfargs+=( --enable-lua )
-		fi
-	fi
-
-	if use debug; then
-		myeconfargs+=( $(use_enable debug) )
-		# so we can get a backtrace according to "reporting bugs" on upstream web site
-		QA_FLAGS_IGNORED="usr/bin/${PN}"
-		CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
-	else
-		econf ${myeconfargs[@]}
-	fi
-}
-
-src_install() {
-	emake DESTDIR="${D}" install
-	python_optimize
-	# Bug #878855
-	python_fix_shebang "${ED}"/usr/bin/
-
-	if use bpf; then
-		rm -f ebpf/Makefile.{am,in} || die
-		dodoc -r ebpf/
-		keepdir /usr/libexec/suricata/ebpf
-	fi
-
-	insinto "/etc/${PN}"
-	doins etc/{classification,reference}.config threshold.config suricata.yaml
-
-	keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
-	keepdir "/var/log/${PN}"
-
-	fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
-	fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
-	fperms 6750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
-
-	newinitd "${FILESDIR}/${PN}.initd" ${PN}
-	newconfd "${FILESDIR}/${PN}.confd" ${PN}
-	systemd_dounit "${FILESDIR}"/${PN}.service
-	newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
-
-	insopts -m0644
-	insinto /etc/logrotate.d
-	newins etc/${PN}.logrotate ${PN}
-}
-
-pkg_postinst() {
-	tmpfiles_process ${PN}.conf
-
-	elog
-	if use systemd; then
-		elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
-		elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
-		elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
-		elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
-		elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
-		elog "For details, see the section on drop-in directories in systemd.unit(5)."
-	else
-		elog "The ${PN} init script expects to find the path to the configuration"
-		elog "file as well as extra options in /etc/conf.d."
-		elog
-		elog "To create more than one ${PN} service, simply create a new .yaml file for it"
-		elog "then create a symlink to the init script from a link called"
-		elog "${PN}.foo - like so"
-		elog "   cd /etc/${PN}"
-		elog "   ${EDITOR##*/} suricata-foo.yaml"
-		elog "   cd /etc/init.d"
-		elog "   ln -s ${PN} ${PN}.foo"
-		elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
-		elog
-		elog "You can create as many ${PN}.foo* services as you wish."
-	fi
-
-	if use bpf; then
-		elog
-		elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
-		elog "because their configuration is hard-coded. You can find the default ones in"
-		elog "    ${EPREFIX}/usr/share/doc/${PF}/ebpf"
-		elog "and the common location for eBPF bytecode is"
-		elog "    ${EPREFIX}/usr/libexec/${PN}"
-		elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
-	fi
-
-	if use debug; then
-		elog
-		elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
-		elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
-		elog "You need to also ensure the FEATURES variable in make.conf contains the"
-		elog "'nostrip' option to produce useful core dumps or back traces."
-	fi
-
-	elog
-	if [[ -z "${REPLACING_VERSIONS}" ]]; then
-		elog "To download and install an initial set of rules, run:"
-		elog "    suricata-update"
-	fi
-	elog
-}

diff --git a/net-analyzer/suricata/suricata-7.0.2-r1.ebuild b/net-analyzer/suricata/suricata-7.0.3.ebuild
similarity index 98%
rename from net-analyzer/suricata/suricata-7.0.2-r1.ebuild
rename to net-analyzer/suricata/suricata-7.0.3.ebuild
index 897087d2c82d..31a877d45e4f 100644
--- a/net-analyzer/suricata/suricata-7.0.2-r1.ebuild
+++ b/net-analyzer/suricata/suricata-7.0.3.ebuild
@@ -39,7 +39,7 @@ RDEPEND="${PYTHON_DEPS}
 	$(python_gen_cond_dep '
 		dev-python/pyyaml[${PYTHON_USEDEP}]
 	')
-	>=net-libs/libhtp-0.5.45
+	>=net-libs/libhtp-0.5.46
 	net-libs/libpcap
 	sys-apps/file
 	sys-libs/libcap-ng
@@ -63,6 +63,7 @@ PATCHES=(
 	"${FILESDIR}/${PN}-5.0.7_configure-no-hyperscan-automagic.patch"
 	"${FILESDIR}/${PN}-6.0.0_default-config.patch"
 	"${FILESDIR}/${PN}-7.0.2_configure-no-sphinx-pdflatex-automagic.patch"
+	"${FILESDIR}/${PN}-7.0.3_fix-build-with-gcc14.patch"
 )
 
 pkg_pretend() {


^ permalink raw reply related	[flat|nested] 11+ messages in thread

end of thread, other threads:[~2024-02-28 21:46 UTC | newest]

Thread overview: 11+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-10-09 12:14 [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, net-analyzer/suricata/files/ Marek Szuba
  -- strict thread matches above, loose matches on Subject: below --
2024-02-28 21:46 Marek Szuba
2024-02-28 21:46 Marek Szuba
2019-12-18 14:22 Marek Szuba
2019-12-16 16:05 Marek Szuba
2019-09-08 19:25 Slawek Lis
2018-06-11 14:04 Marek Szuba
2016-12-28 13:10 Slawek Lis
2016-12-28  9:34 Slawek Lis
2016-12-27  7:33 Slawek Lis
2015-11-30  6:10 Slawek Lis

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox