* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2021-01-25 17:38 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2021-01-25 17:38 UTC (permalink / raw
To: gentoo-commits
commit: b094a228961abc4f94be9b1bb783753fa779d947
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Mon Jan 25 14:19:54 2021 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Mon Jan 25 17:37:29 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b094a228
net-analyzer/suricata: remove old
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 2 -
net-analyzer/suricata/suricata-5.0.4.ebuild | 197 ---------------------------
net-analyzer/suricata/suricata-5.0.5.ebuild | 197 ---------------------------
net-analyzer/suricata/suricata-6.0.0.ebuild | 203 ----------------------------
net-analyzer/suricata/suricata-6.0.1.ebuild | 203 ----------------------------
5 files changed, 802 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 4393b479fd5..5a442b0ea2e 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,4 +1,2 @@
-DIST suricata-5.0.4.tar.gz 29091046 BLAKE2B 38526ca39d2460d630fdd9e804f36c74bfcde54a529748896779b549ed1b55174d6080ddad8933ddfd26004f4e78748a503832f47ee5f52d84a133643aef482b SHA512 e5da14f80b628968e146839b828971e888fd0158b2ecbbcc15c0f42fda2bdcc8ad89632ba05cc45c88d88e537452e77f8e2f3a5e09ecd038d0d38b1a8cf8cea6
DIST suricata-5.0.5.tar.gz 29094537 BLAKE2B c2a5897836117abe9ca39b3a03de36c4d5667d3e64dc1befd77a7b777e4191439a497e3042e6d00b80ae31c8c4f18347cb2e6833e8db5f64b31c8ab1cf557ac5 SHA512 5f26731e0a0134fdecc8e76a68a69584bacb614ba4fd56b74f27abe62ab7d80135908eeaae38c9a03101f069d83597b3c7c69000bdd2a2e6bfe87f7a98de4e16
-DIST suricata-6.0.0.tar.gz 30832555 BLAKE2B 9cea05b07520924706e961efed6a45b9ba73388a25777f43c1a90497aa00ec200bad15863b7b17b84e622c79309365596853423776da9c3d103c2a8c1126a0d2 SHA512 3c30f6f57c0e8a24992ff2b4ce8ce166d3c0d4b28c8f5e79434d04de9f2016773be01a1689fedfc9e54ff1c8bc9838206bc28f3ff2e47d60102a7016f1062ec3
DIST suricata-6.0.1.tar.gz 30460439 BLAKE2B 55a24fa2f653a0a80f51e1ab102bb7046bd1f67d60c64c139b485086f4d8e0f5db58906bc33a7b5bdb76ba37b8206ded99b08034c4c292cf16d595bcafc7acc0 SHA512 be57150afc238b6627731e4463297e67469b66241779f5af3d1bd93bfad4fde41a5371298b54a06c7c3ea324e5642753ca57900173989ac738d663a85e9c33f4
diff --git a/net-analyzer/suricata/suricata-5.0.4.ebuild b/net-analyzer/suricata/suricata-5.0.4.ebuild
deleted file mode 100644
index 077c14ece6d..00000000000
--- a/net-analyzer/suricata/suricata-5.0.4.ebuild
+++ /dev/null
@@ -1,197 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{6..9} )
-
-inherit autotools flag-o-matic linux-info python-single-r1 systemd
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="https://suricata-ids.org/"
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened logrotate lua luajit lz4 nflog +nfqueue redis systemd test"
-
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- ?? ( lua luajit )
- bpf? ( af-packet )"
-
-RDEPEND="${PYTHON_DEPS}
- acct-group/suricata
- acct-user/suricata
- dev-libs/jansson
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- $(python_gen_cond_dep '
- dev-python/pyyaml[${PYTHON_USEDEP}]
- ')
- >=net-libs/libhtp-0.5.35
- net-libs/libpcap
- sys-apps/file
- sys-libs/libcap-ng
- bpf? ( >=dev-libs/libbpf-0.1.0 )
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/libmaxminddb )
- logrotate? ( app-admin/logrotate )
- lua? ( dev-lang/lua:0= )
- luajit? ( dev-lang/luajit:* )
- lz4? ( app-arch/lz4 )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue? ( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis )"
-DEPEND="${RDEPEND}
- >=sys-devel/autoconf-2.69-r5
- virtual/rust"
-
-PATCHES=(
- "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
- "${FILESDIR}/${PN}-5.0.1_default-config.patch"
-)
-
-pkg_pretend() {
- if use bpf && use kernel_linux; then
- if kernel_is -lt 4 15; then
- ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
- fi
-
- CONFIG_CHECK="~XDP_SOCKETS"
- ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata to load XDP programs. "
- ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
- check_extra_config
- fi
-}
-
-src_prepare() {
- default
- sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am" || die
- eautoreconf
-}
-
-src_configure() {
- local myeconfargs=(
- "--localstatedir=/var" \
- "--runstatedir=/run" \
- "--enable-non-bundled-htp" \
- "--enable-gccmarch-native=no" \
- "--enable-python" \
- $(use_enable af-packet) \
- $(use_enable bpf ebpf) \
- $(use_enable control-socket unix-socket) \
- $(use_enable cuda) \
- $(use_enable detection) \
- $(use_enable geoip) \
- $(use_enable hardened gccprotect) \
- $(use_enable hardened pie) \
- $(use_enable lua) \
- $(use_enable luajit) \
- $(use_enable lz4) \
- $(use_enable nflog) \
- $(use_enable nfqueue) \
- $(use_enable redis hiredis) \
- $(use_enable test unittests) \
- "--disable-coccinelle"
- )
-
- if use debug; then
- myeconfargs+=( $(use_enable debug) )
- # so we can get a backtrace according to "reporting bugs" on upstream web site
- CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
- else
- econf ${myeconfargs[@]}
- fi
-}
-
-src_install() {
- emake DESTDIR="${D}" install
- python_optimize
-
- if use bpf; then
- rm -f ebpf/Makefile.{am,in}
- dodoc -r ebpf/
- keepdir /usr/libexec/suricata/ebpf
- fi
-
- insinto "/etc/${PN}"
- doins etc/{classification,reference}.config threshold.config suricata.yaml
-
- keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
- keepdir "/var/log/${PN}"
-
- fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
-
- newinitd "${FILESDIR}/${PN}-5.0.1-init" ${PN}
- newconfd "${FILESDIR}/${PN}-5.0.1-conf" ${PN}
- systemd_dounit "${FILESDIR}"/${PN}.service
- systemd_newtmpfilesd "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
-
- if use logrotate; then
- insopts -m0644
- insinto /etc/logrotate.d
- newins etc/${PN}.logrotate ${PN}
- fi
-}
-
-pkg_postinst() {
- elog ""
- if use systemd; then
- elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
- elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
- elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
- elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
- elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
- elog "For details, see the section on drop-in directories in systemd.unit(5)."
- else
- elog "The ${PN} init script expects to find the path to the configuration"
- elog "file as well as extra options in /etc/conf.d."
- elog ""
- elog "To create more than one ${PN} service, simply create a new .yaml file for it"
- elog "then create a symlink to the init script from a link called"
- elog "${PN}.foo - like so"
- elog " cd /etc/${PN}"
- elog " ${EDITOR##*/} suricata-foo.yaml"
- elog " cd /etc/init.d"
- elog " ln -s ${PN} ${PN}.foo"
- elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
- elog ""
- elog "You can create as many ${PN}.foo* services as you wish."
- fi
-
- if use bpf; then
- elog ""
- elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
- elog "because their configuration is hard-coded. You can find the default ones in"
- elog " ${EPREFIX}/usr/share/doc/${PF}/ebpf"
- elog "and the common location for eBPF bytecode is"
- elog " ${EPREFIX}/usr/libexec/${PN}"
- elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
- fi
-
- if use debug; then
- elog ""
- elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
- elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
- elog "You need to also ensure the FEATURES variable in make.conf contains the"
- elog "'nostrip' option to produce useful core dumps or back traces."
- fi
-
- elog ""
- elog "To download and install an initial set of rules, run:"
- elog " emerge --config =${CATEGORY}/${PF}"
- elog ""
-}
-
-pkg_config() {
- suricata-update
-}
diff --git a/net-analyzer/suricata/suricata-5.0.5.ebuild b/net-analyzer/suricata/suricata-5.0.5.ebuild
deleted file mode 100644
index db9ee04aadb..00000000000
--- a/net-analyzer/suricata/suricata-5.0.5.ebuild
+++ /dev/null
@@ -1,197 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{6..9} )
-
-inherit autotools flag-o-matic linux-info python-single-r1 systemd
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="https://suricata-ids.org/"
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened logrotate lua luajit lz4 nflog +nfqueue redis systemd test"
-
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- ?? ( lua luajit )
- bpf? ( af-packet )"
-
-RDEPEND="${PYTHON_DEPS}
- acct-group/suricata
- acct-user/suricata
- dev-libs/jansson
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- $(python_gen_cond_dep '
- dev-python/pyyaml[${PYTHON_USEDEP}]
- ')
- >=net-libs/libhtp-0.5.36
- net-libs/libpcap
- sys-apps/file
- sys-libs/libcap-ng
- bpf? ( >=dev-libs/libbpf-0.1.0 )
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/libmaxminddb )
- logrotate? ( app-admin/logrotate )
- lua? ( dev-lang/lua:0= )
- luajit? ( dev-lang/luajit:* )
- lz4? ( app-arch/lz4 )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue? ( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis )"
-DEPEND="${RDEPEND}
- >=sys-devel/autoconf-2.69-r5
- virtual/rust"
-
-PATCHES=(
- "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
- "${FILESDIR}/${PN}-5.0.1_default-config.patch"
-)
-
-pkg_pretend() {
- if use bpf && use kernel_linux; then
- if kernel_is -lt 4 15; then
- ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
- fi
-
- CONFIG_CHECK="~XDP_SOCKETS"
- ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata to load XDP programs. "
- ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
- check_extra_config
- fi
-}
-
-src_prepare() {
- default
- sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am" || die
- eautoreconf
-}
-
-src_configure() {
- local myeconfargs=(
- "--localstatedir=/var" \
- "--runstatedir=/run" \
- "--enable-non-bundled-htp" \
- "--enable-gccmarch-native=no" \
- "--enable-python" \
- $(use_enable af-packet) \
- $(use_enable bpf ebpf) \
- $(use_enable control-socket unix-socket) \
- $(use_enable cuda) \
- $(use_enable detection) \
- $(use_enable geoip) \
- $(use_enable hardened gccprotect) \
- $(use_enable hardened pie) \
- $(use_enable lua) \
- $(use_enable luajit) \
- $(use_enable lz4) \
- $(use_enable nflog) \
- $(use_enable nfqueue) \
- $(use_enable redis hiredis) \
- $(use_enable test unittests) \
- "--disable-coccinelle"
- )
-
- if use debug; then
- myeconfargs+=( $(use_enable debug) )
- # so we can get a backtrace according to "reporting bugs" on upstream web site
- CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
- else
- econf ${myeconfargs[@]}
- fi
-}
-
-src_install() {
- emake DESTDIR="${D}" install
- python_optimize
-
- if use bpf; then
- rm -f ebpf/Makefile.{am,in}
- dodoc -r ebpf/
- keepdir /usr/libexec/suricata/ebpf
- fi
-
- insinto "/etc/${PN}"
- doins etc/{classification,reference}.config threshold.config suricata.yaml
-
- keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
- keepdir "/var/log/${PN}"
-
- fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
-
- newinitd "${FILESDIR}/${PN}-5.0.1-init" ${PN}
- newconfd "${FILESDIR}/${PN}-5.0.1-conf" ${PN}
- systemd_dounit "${FILESDIR}"/${PN}.service
- systemd_newtmpfilesd "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
-
- if use logrotate; then
- insopts -m0644
- insinto /etc/logrotate.d
- newins etc/${PN}.logrotate ${PN}
- fi
-}
-
-pkg_postinst() {
- elog ""
- if use systemd; then
- elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
- elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
- elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
- elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
- elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
- elog "For details, see the section on drop-in directories in systemd.unit(5)."
- else
- elog "The ${PN} init script expects to find the path to the configuration"
- elog "file as well as extra options in /etc/conf.d."
- elog ""
- elog "To create more than one ${PN} service, simply create a new .yaml file for it"
- elog "then create a symlink to the init script from a link called"
- elog "${PN}.foo - like so"
- elog " cd /etc/${PN}"
- elog " ${EDITOR##*/} suricata-foo.yaml"
- elog " cd /etc/init.d"
- elog " ln -s ${PN} ${PN}.foo"
- elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
- elog ""
- elog "You can create as many ${PN}.foo* services as you wish."
- fi
-
- if use bpf; then
- elog ""
- elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
- elog "because their configuration is hard-coded. You can find the default ones in"
- elog " ${EPREFIX}/usr/share/doc/${PF}/ebpf"
- elog "and the common location for eBPF bytecode is"
- elog " ${EPREFIX}/usr/libexec/${PN}"
- elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
- fi
-
- if use debug; then
- elog ""
- elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
- elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
- elog "You need to also ensure the FEATURES variable in make.conf contains the"
- elog "'nostrip' option to produce useful core dumps or back traces."
- fi
-
- elog ""
- elog "To download and install an initial set of rules, run:"
- elog " emerge --config =${CATEGORY}/${PF}"
- elog ""
-}
-
-pkg_config() {
- suricata-update
-}
diff --git a/net-analyzer/suricata/suricata-6.0.0.ebuild b/net-analyzer/suricata/suricata-6.0.0.ebuild
deleted file mode 100644
index 6a00d0c18c9..00000000000
--- a/net-analyzer/suricata/suricata-6.0.0.ebuild
+++ /dev/null
@@ -1,203 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{6..9} )
-
-inherit autotools flag-o-matic linux-info python-single-r1 systemd
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="https://suricata-ids.org/"
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened logrotate lua luajit lz4 nflog +nfqueue redis systemd test"
-
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- ?? ( lua luajit )
- bpf? ( af-packet )"
-
-RDEPEND="${PYTHON_DEPS}
- acct-group/suricata
- acct-user/suricata
- dev-libs/jansson
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- $(python_gen_cond_dep '
- dev-python/pyyaml[${PYTHON_USEDEP}]
- ')
- >=net-libs/libhtp-0.5.35
- net-libs/libpcap
- sys-apps/file
- sys-libs/libcap-ng
- bpf? ( >=dev-libs/libbpf-0.1.0 )
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/libmaxminddb )
- logrotate? ( app-admin/logrotate )
- lua? ( dev-lang/lua:0= )
- luajit? ( dev-lang/luajit:* )
- lz4? ( app-arch/lz4 )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue? ( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis )"
-DEPEND="${RDEPEND}
- >=sys-devel/autoconf-2.69-r5
- virtual/rust"
-
-PATCHES=(
- "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
- "${FILESDIR}/${PN}-6.0.0_default-config.patch"
-)
-
-pkg_pretend() {
- if use bpf && use kernel_linux; then
- if kernel_is -lt 4 15; then
- ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
- fi
-
- CONFIG_CHECK="~XDP_SOCKETS"
- ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata to load XDP programs. "
- ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
- check_extra_config
- fi
-}
-
-src_prepare() {
- default
- sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am" || die
- eautoreconf
-}
-
-src_configure() {
- local myeconfargs=(
- "--localstatedir=/var" \
- "--runstatedir=/run" \
- "--enable-non-bundled-htp" \
- "--enable-gccmarch-native=no" \
- "--enable-python" \
- $(use_enable af-packet) \
- $(use_enable bpf ebpf) \
- $(use_enable control-socket unix-socket) \
- $(use_enable cuda) \
- $(use_enable detection) \
- $(use_enable geoip) \
- $(use_enable hardened gccprotect) \
- $(use_enable hardened pie) \
- $(use_enable lua) \
- $(use_enable luajit) \
- $(use_enable lz4) \
- $(use_enable nflog) \
- $(use_enable nfqueue) \
- $(use_enable redis hiredis) \
- $(use_enable test unittests) \
- "--disable-coccinelle"
- )
-
- if use debug; then
- myeconfargs+=( $(use_enable debug) )
- # so we can get a backtrace according to "reporting bugs" on upstream web site
- CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
- else
- econf ${myeconfargs[@]}
- fi
-}
-
-src_install() {
- emake DESTDIR="${D}" install
- python_optimize
-
- if use bpf; then
- rm -f ebpf/Makefile.{am,in}
- dodoc -r ebpf/
- keepdir /usr/libexec/suricata/ebpf
- fi
-
- insinto "/etc/${PN}"
- doins etc/{classification,reference}.config threshold.config suricata.yaml
-
- keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
- keepdir "/var/log/${PN}"
-
- fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
-
- newinitd "${FILESDIR}/${PN}-5.0.1-init" ${PN}
- newconfd "${FILESDIR}/${PN}-5.0.1-conf" ${PN}
- systemd_dounit "${FILESDIR}"/${PN}.service
- systemd_newtmpfilesd "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
-
- if use logrotate; then
- insopts -m0644
- insinto /etc/logrotate.d
- newins etc/${PN}.logrotate ${PN}
- fi
-}
-
-pkg_postinst() {
- elog
- if use systemd; then
- elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
- elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
- elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
- elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
- elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
- elog "For details, see the section on drop-in directories in systemd.unit(5)."
- else
- elog "The ${PN} init script expects to find the path to the configuration"
- elog "file as well as extra options in /etc/conf.d."
- elog
- elog "To create more than one ${PN} service, simply create a new .yaml file for it"
- elog "then create a symlink to the init script from a link called"
- elog "${PN}.foo - like so"
- elog " cd /etc/${PN}"
- elog " ${EDITOR##*/} suricata-foo.yaml"
- elog " cd /etc/init.d"
- elog " ln -s ${PN} ${PN}.foo"
- elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
- elog
- elog "You can create as many ${PN}.foo* services as you wish."
- fi
-
- if use bpf; then
- elog
- elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
- elog "because their configuration is hard-coded. You can find the default ones in"
- elog " ${EPREFIX}/usr/share/doc/${PF}/ebpf"
- elog "and the common location for eBPF bytecode is"
- elog " ${EPREFIX}/usr/libexec/${PN}"
- elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
- fi
-
- if use debug; then
- elog
- elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
- elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
- elog "You need to also ensure the FEATURES variable in make.conf contains the"
- elog "'nostrip' option to produce useful core dumps or back traces."
- fi
-
- elog
- if [[ -n "${REPLACING_VERSIONS}" ]]; then
- ewarn "Since version 6.0.0 Suricata no longer supports the unified2 output format commonly used"
- ewarn "in legacy, Snort-compatible IDS solutions, e.g. ones based on net-analyzer/barnyard2."
- ewarn "If you need unified2 support, please continue to use suricata-5."
- else
- elog "To download and install an initial set of rules, run:"
- elog " emerge --config =${CATEGORY}/${PF}"
- fi
- elog
-}
-
-pkg_config() {
- suricata-update
-}
diff --git a/net-analyzer/suricata/suricata-6.0.1.ebuild b/net-analyzer/suricata/suricata-6.0.1.ebuild
deleted file mode 100644
index 6602a4b80ad..00000000000
--- a/net-analyzer/suricata/suricata-6.0.1.ebuild
+++ /dev/null
@@ -1,203 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{6..9} )
-
-inherit autotools flag-o-matic linux-info python-single-r1 systemd
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="https://suricata-ids.org/"
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened logrotate lua luajit lz4 nflog +nfqueue redis systemd test"
-
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- ?? ( lua luajit )
- bpf? ( af-packet )"
-
-RDEPEND="${PYTHON_DEPS}
- acct-group/suricata
- acct-user/suricata
- dev-libs/jansson
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- $(python_gen_cond_dep '
- dev-python/pyyaml[${PYTHON_USEDEP}]
- ')
- >=net-libs/libhtp-0.5.36
- net-libs/libpcap
- sys-apps/file
- sys-libs/libcap-ng
- bpf? ( >=dev-libs/libbpf-0.1.0 )
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/libmaxminddb )
- logrotate? ( app-admin/logrotate )
- lua? ( dev-lang/lua:0= )
- luajit? ( dev-lang/luajit:* )
- lz4? ( app-arch/lz4 )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue? ( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis )"
-DEPEND="${RDEPEND}
- >=sys-devel/autoconf-2.69-r5
- virtual/rust"
-
-PATCHES=(
- "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
- "${FILESDIR}/${PN}-6.0.0_default-config.patch"
-)
-
-pkg_pretend() {
- if use bpf && use kernel_linux; then
- if kernel_is -lt 4 15; then
- ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
- fi
-
- CONFIG_CHECK="~XDP_SOCKETS"
- ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata to load XDP programs. "
- ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
- check_extra_config
- fi
-}
-
-src_prepare() {
- default
- sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am" || die
- eautoreconf
-}
-
-src_configure() {
- local myeconfargs=(
- "--localstatedir=/var" \
- "--runstatedir=/run" \
- "--enable-non-bundled-htp" \
- "--enable-gccmarch-native=no" \
- "--enable-python" \
- $(use_enable af-packet) \
- $(use_enable bpf ebpf) \
- $(use_enable control-socket unix-socket) \
- $(use_enable cuda) \
- $(use_enable detection) \
- $(use_enable geoip) \
- $(use_enable hardened gccprotect) \
- $(use_enable hardened pie) \
- $(use_enable lua) \
- $(use_enable luajit) \
- $(use_enable lz4) \
- $(use_enable nflog) \
- $(use_enable nfqueue) \
- $(use_enable redis hiredis) \
- $(use_enable test unittests) \
- "--disable-coccinelle"
- )
-
- if use debug; then
- myeconfargs+=( $(use_enable debug) )
- # so we can get a backtrace according to "reporting bugs" on upstream web site
- CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
- else
- econf ${myeconfargs[@]}
- fi
-}
-
-src_install() {
- emake DESTDIR="${D}" install
- python_optimize
-
- if use bpf; then
- rm -f ebpf/Makefile.{am,in}
- dodoc -r ebpf/
- keepdir /usr/libexec/suricata/ebpf
- fi
-
- insinto "/etc/${PN}"
- doins etc/{classification,reference}.config threshold.config suricata.yaml
-
- keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
- keepdir "/var/log/${PN}"
-
- fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
-
- newinitd "${FILESDIR}/${PN}-5.0.1-init" ${PN}
- newconfd "${FILESDIR}/${PN}-5.0.1-conf" ${PN}
- systemd_dounit "${FILESDIR}"/${PN}.service
- systemd_newtmpfilesd "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
-
- if use logrotate; then
- insopts -m0644
- insinto /etc/logrotate.d
- newins etc/${PN}.logrotate ${PN}
- fi
-}
-
-pkg_postinst() {
- elog
- if use systemd; then
- elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
- elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
- elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
- elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
- elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
- elog "For details, see the section on drop-in directories in systemd.unit(5)."
- else
- elog "The ${PN} init script expects to find the path to the configuration"
- elog "file as well as extra options in /etc/conf.d."
- elog
- elog "To create more than one ${PN} service, simply create a new .yaml file for it"
- elog "then create a symlink to the init script from a link called"
- elog "${PN}.foo - like so"
- elog " cd /etc/${PN}"
- elog " ${EDITOR##*/} suricata-foo.yaml"
- elog " cd /etc/init.d"
- elog " ln -s ${PN} ${PN}.foo"
- elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
- elog
- elog "You can create as many ${PN}.foo* services as you wish."
- fi
-
- if use bpf; then
- elog
- elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
- elog "because their configuration is hard-coded. You can find the default ones in"
- elog " ${EPREFIX}/usr/share/doc/${PF}/ebpf"
- elog "and the common location for eBPF bytecode is"
- elog " ${EPREFIX}/usr/libexec/${PN}"
- elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
- fi
-
- if use debug; then
- elog
- elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
- elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
- elog "You need to also ensure the FEATURES variable in make.conf contains the"
- elog "'nostrip' option to produce useful core dumps or back traces."
- fi
-
- elog
- if [[ -n "${REPLACING_VERSIONS}" ]]; then
- ewarn "Since version 6.0.0 Suricata no longer supports the unified2 output format commonly used"
- ewarn "in legacy, Snort-compatible IDS solutions, e.g. ones based on net-analyzer/barnyard2."
- ewarn "If you need unified2 support, please continue to use suricata-5."
- else
- elog "To download and install an initial set of rules, run:"
- elog " emerge --config =${CATEGORY}/${PF}"
- fi
- elog
-}
-
-pkg_config() {
- suricata-update
-}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2024-11-09 13:54 Sam James
0 siblings, 0 replies; 81+ messages in thread
From: Sam James @ 2024-11-09 13:54 UTC (permalink / raw
To: gentoo-commits
commit: 2fbfba61dfaf64cccd07a0414cb0c13562a1d36f
Author: Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Sat Nov 9 13:51:28 2024 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sat Nov 9 13:51:28 2024 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2fbfba61
net-analyzer/suricata: fix pkg_setup typo
Closes: https://bugs.gentoo.org/943139
Signed-off-by: Sam James <sam <AT> gentoo.org>
net-analyzer/suricata/suricata-7.0.5-r1.ebuild | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/suricata-7.0.5-r1.ebuild b/net-analyzer/suricata/suricata-7.0.5-r1.ebuild
index 8fc26ccd0baf..f70a971b0103 100644
--- a/net-analyzer/suricata/suricata-7.0.5-r1.ebuild
+++ b/net-analyzer/suricata/suricata-7.0.5-r1.ebuild
@@ -86,7 +86,7 @@ pkg_pretend() {
}
pkg_setup() {
- python_single-r1_pkg_setup
+ python-single-r1_pkg_setup
rust_pkg_setup
}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2024-04-07 1:06 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2024-04-07 1:06 UTC (permalink / raw
To: gentoo-commits
commit: e186e58718acb87a9f12802b237ace95d8a7d906
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Sun Apr 7 00:01:37 2024 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Sun Apr 7 01:04:00 2024 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e186e587
net-analyzer/suricata: add 7.0.4, drop 7.0.3
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 4 ++--
.../suricata/{suricata-7.0.3.ebuild => suricata-7.0.4.ebuild} | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 9e0bba5db148..f41fad6e6ffa 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,2 @@
-DIST suricata-7.0.3.tar.gz 23599903 BLAKE2B b42044428ae5ac4ecd6b41d083f0f3ac5839bf9a0734c3a64bb5e9a6f1a0ffe0c1f5da262f4e167461836bd26ebf9238ec9c0c213ba61f6419b6af1314f3becb SHA512 5a19a00118b86cd9c9b8a4b8399d8deda23beb19a6a6ed49e82240a1a5d4549490f3ce72743f5990c200850e8a64e3a51f45b8c1b8088bdd16aa12341dbf64aa
-DIST suricata-7.0.3.tar.gz.sig 566 BLAKE2B 3befe75463a26493b660dc21721e2628a4889d5397d0ada6aa51bd9c748487130dfb56f3fa25b5514411adeaf0b385ee7e9d664ab0af9b6b0a2bef719bdc904f SHA512 a08274708f3aee891b018da613fa60cf66ca09b41f70ed1e89b57d5e778bf97058d71c6ad8c529926783287ddd0f20337957e03ff59b3500c207a4ef7936bfdf
+DIST suricata-7.0.4.tar.gz 23610769 BLAKE2B 6c85ee7134548261a5a766ee3e7c0ce095ef478e9323342f17bb48eb0abc74035a66212c7f7e6ba45bd2efd552d82ad6d218d4b09279877f60526f8f79de9764 SHA512 098364a5f0b2c14bf3a0c8895ec9c94a23edd990468f618fa35181c54405be6db012a6e97981e0024140864342764df97101be73308c835d6fabf6cd98a7ffc3
+DIST suricata-7.0.4.tar.gz.sig 566 BLAKE2B 56a8d3ba556a233b0f27a992c20e2654a44f5205bfd731662e96f1a6cf5e925d00014f2d379458c917527415c5c3020f897528fb35e6681bcbddde670567e6f0 SHA512 f2694f9a6cc4d644bb629ae49deef22517a970a78fa500384b51b3ed9119fdfa4ff4a4524de55d3b02bf16dc36c52419bc0424f65dd02b0b56349c5d2fc00a52
diff --git a/net-analyzer/suricata/suricata-7.0.3.ebuild b/net-analyzer/suricata/suricata-7.0.4.ebuild
similarity index 99%
rename from net-analyzer/suricata/suricata-7.0.3.ebuild
rename to net-analyzer/suricata/suricata-7.0.4.ebuild
index 31a877d45e4f..60817c7c0306 100644
--- a/net-analyzer/suricata/suricata-7.0.3.ebuild
+++ b/net-analyzer/suricata/suricata-7.0.4.ebuild
@@ -39,7 +39,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.46
+ >=net-libs/libhtp-0.5.47
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2024-01-23 5:07 Ionen Wolkens
0 siblings, 0 replies; 81+ messages in thread
From: Ionen Wolkens @ 2024-01-23 5:07 UTC (permalink / raw
To: gentoo-commits
commit: befc4ee3450687083e60cd85b490902af4eac91a
Author: Matoro Mahri <matoro_gentoo <AT> matoro <DOT> tk>
AuthorDate: Mon Jan 22 17:39:39 2024 +0000
Commit: Ionen Wolkens <ionen <AT> gentoo <DOT> org>
CommitDate: Tue Jan 23 05:04:44 2024 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=befc4ee3
net-analyzer/suricata: Keyword 7.0.2-r1 x86, #918871
Signed-off-by: Matoro Mahri <matoro_gentoo <AT> matoro.tk>
Signed-off-by: Ionen Wolkens <ionen <AT> gentoo.org>
net-analyzer/suricata/suricata-7.0.2-r1.ebuild | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/suricata-7.0.2-r1.ebuild b/net-analyzer/suricata/suricata-7.0.2-r1.ebuild
index 9f79f08d97d4..897087d2c82d 100644
--- a/net-analyzer/suricata/suricata-7.0.2-r1.ebuild
+++ b/net-analyzer/suricata/suricata-7.0.2-r1.ebuild
@@ -15,7 +15,7 @@ SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
LICENSE="GPL-2"
SLOT="0/7"
-KEYWORDS="~amd64 ~riscv"
+KEYWORDS="~amd64 ~riscv ~x86"
IUSE="+af-packet af-xdp bpf control-socket cuda debug +detection geoip hardened hyperscan lua lz4 nflog +nfqueue redis systemd test"
VERIFY_SIG_OPENPGP_KEY_PATH="/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2023-11-29 21:16 Petr Vaněk
0 siblings, 0 replies; 81+ messages in thread
From: Petr Vaněk @ 2023-11-29 21:16 UTC (permalink / raw
To: gentoo-commits
commit: ea846f743f1a3f7d6874f22353479121f153bb1f
Author: Petr Vaněk <arkamar <AT> gentoo <DOT> org>
AuthorDate: Wed Nov 29 09:23:32 2023 +0000
Commit: Petr Vaněk <arkamar <AT> gentoo <DOT> org>
CommitDate: Wed Nov 29 21:12:17 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ea846f74
net-analyzer/suricata: switch to dev-libs/vectorscan
Signed-off-by: Petr Vaněk <arkamar <AT> gentoo.org>
net-analyzer/suricata/suricata-7.0.2-r1.ebuild | 221 +++++++++++++++++++++++++
1 file changed, 221 insertions(+)
diff --git a/net-analyzer/suricata/suricata-7.0.2-r1.ebuild b/net-analyzer/suricata/suricata-7.0.2-r1.ebuild
new file mode 100644
index 000000000000..67cffa1955a5
--- /dev/null
+++ b/net-analyzer/suricata/suricata-7.0.2-r1.ebuild
@@ -0,0 +1,221 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+LUA_COMPAT=( lua5-1 luajit )
+PYTHON_COMPAT=( python3_{10..12} )
+
+inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd tmpfiles verify-sig
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="https://suricata.io/"
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
+ verify-sig? ( https://www.openinfosecfoundation.org/download/${P}.tar.gz.sig )"
+
+LICENSE="GPL-2"
+SLOT="0/7"
+KEYWORDS="~amd64 ~riscv"
+IUSE="+af-packet af-xdp bpf control-socket cuda debug +detection geoip hardened hyperscan lua lz4 nflog +nfqueue redis systemd test"
+VERIFY_SIG_OPENPGP_KEY_PATH="/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ af-xdp? ( bpf )
+ bpf? ( af-packet )
+ lua? ( ${LUA_REQUIRED_USE} )"
+
+RDEPEND="${PYTHON_DEPS}
+ acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson:=
+ dev-libs/libpcre2
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_USEDEP}]
+ ')
+ >=net-libs/libhtp-0.5.45
+ net-libs/libpcap
+ sys-apps/file
+ sys-libs/libcap-ng
+ af-xdp? ( net-libs/xdp-tools )
+ bpf? ( dev-libs/libbpf )
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/libmaxminddb:= )
+ hyperscan? ( dev-libs/vectorscan:= )
+ lua? ( ${LUA_DEPS} )
+ lz4? ( app-arch/lz4 )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue? ( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis:= )"
+DEPEND="${RDEPEND}
+ >=sys-devel/autoconf-2.69-r5
+ virtual/rust"
+BDEPEND="verify-sig? ( >=sec-keys/openpgp-keys-oisf-20200807 )"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.7_configure-no-hyperscan-automagic.patch"
+ "${FILESDIR}/${PN}-6.0.0_default-config.patch"
+ "${FILESDIR}/${PN}-7.0.2_configure-no-sphinx-pdflatex-automagic.patch"
+)
+
+pkg_pretend() {
+ if use af-xdp && use kernel_linux; then
+ if kernel_is -lt 4 18; then
+ ewarn "Kernel 4.18 or newer is required for AF_XDP"
+ fi
+ fi
+
+ if use bpf && use kernel_linux; then
+ if kernel_is -lt 4 15; then
+ ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
+ fi
+
+ CONFIG_CHECK="~XDP_SOCKETS"
+ ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata to load XDP programs. "
+ ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
+ check_extra_config
+ fi
+}
+
+src_prepare() {
+ default
+ sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am" || die
+ eautoreconf
+}
+
+src_configure() {
+ # Bug #861242
+ filter-lto
+
+ local myeconfargs=(
+ "--localstatedir=/var" \
+ "--runstatedir=/run" \
+ "--enable-non-bundled-htp" \
+ "--enable-gccmarch-native=no" \
+ "--enable-python" \
+ $(use_enable af-packet) \
+ $(use_enable af-xdp) \
+ $(use_enable bpf ebpf) \
+ $(use_enable control-socket unix-socket) \
+ $(use_enable cuda) \
+ $(use_enable detection) \
+ $(use_enable geoip) \
+ $(use_enable hardened gccprotect) \
+ $(use_enable hardened pie) \
+ $(use_enable hyperscan) \
+ $(use_enable lz4) \
+ $(use_enable nflog) \
+ $(use_enable nfqueue) \
+ $(use_enable redis hiredis) \
+ $(use_enable test unittests) \
+ "--disable-coccinelle"
+ )
+ if use lua; then
+ if use lua_single_target_luajit; then
+ myeconfargs+=( --enable-luajit )
+ else
+ myeconfargs+=( --enable-lua )
+ fi
+ fi
+
+ if use debug; then
+ myeconfargs+=( $(use_enable debug) )
+ # so we can get a backtrace according to "reporting bugs" on upstream web site
+ QA_FLAGS_IGNORED="usr/bin/${PN}"
+ CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
+ else
+ econf ${myeconfargs[@]}
+ fi
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+ python_optimize
+ # Bug #878855
+ python_fix_shebang "${ED}"/usr/bin/
+
+ if use bpf; then
+ rm -f ebpf/Makefile.{am,in} || die
+ dodoc -r ebpf/
+ keepdir /usr/libexec/suricata/ebpf
+ fi
+
+ insinto "/etc/${PN}"
+ doins etc/{classification,reference}.config threshold.config suricata.yaml
+
+ keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+ keepdir "/var/log/${PN}"
+
+ fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 6750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+
+ newinitd "${FILESDIR}/${PN}.initd" ${PN}
+ newconfd "${FILESDIR}/${PN}.confd" ${PN}
+ systemd_dounit "${FILESDIR}"/${PN}.service
+ newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
+
+ insopts -m0644
+ insinto /etc/logrotate.d
+ newins etc/${PN}.logrotate ${PN}
+}
+
+pkg_postinst() {
+ tmpfiles_process ${PN}.conf
+
+ elog
+ if use systemd; then
+ elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
+ elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
+ elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
+ elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
+ elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
+ elog "For details, see the section on drop-in directories in systemd.unit(5)."
+ else
+ elog "The ${PN} init script expects to find the path to the configuration"
+ elog "file as well as extra options in /etc/conf.d."
+ elog
+ elog "To create more than one ${PN} service, simply create a new .yaml file for it"
+ elog "then create a symlink to the init script from a link called"
+ elog "${PN}.foo - like so"
+ elog " cd /etc/${PN}"
+ elog " ${EDITOR##*/} suricata-foo.yaml"
+ elog " cd /etc/init.d"
+ elog " ln -s ${PN} ${PN}.foo"
+ elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
+ elog
+ elog "You can create as many ${PN}.foo* services as you wish."
+ fi
+
+ if use bpf; then
+ elog
+ elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
+ elog "because their configuration is hard-coded. You can find the default ones in"
+ elog " ${EPREFIX}/usr/share/doc/${PF}/ebpf"
+ elog "and the common location for eBPF bytecode is"
+ elog " ${EPREFIX}/usr/libexec/${PN}"
+ elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
+ fi
+
+ if use debug; then
+ elog
+ elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
+ elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
+ elog "You need to also ensure the FEATURES variable in make.conf contains the"
+ elog "'nostrip' option to produce useful core dumps or back traces."
+ fi
+
+ elog
+ if [[ -z "${REPLACING_VERSIONS}" ]]; then
+ elog "To download and install an initial set of rules, run:"
+ elog " suricata-update"
+ fi
+ elog
+}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2023-10-25 22:04 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2023-10-25 22:04 UTC (permalink / raw
To: gentoo-commits
commit: 0b6d8739571b574f8d417331c2acfc15e16f2514
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Wed Oct 25 22:01:27 2023 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Wed Oct 25 22:04:29 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0b6d8739
net-analyzer/suricata: add 6.0.15
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 2 +
net-analyzer/suricata/suricata-6.0.15.ebuild | 212 +++++++++++++++++++++++++++
2 files changed, 214 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 60f9530b2507..1f871c0b4c9e 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,5 +1,7 @@
DIST suricata-6.0.13.tar.gz 27411308 BLAKE2B 47dcc47253c462510494dac35a4aa41a110f62bca148871d86509b76ac0c2a873b9fbb9fc981e65897d6443032c27c9f9eeb0fae524f4e56306ed01fe6e32b01 SHA512 7b7ea4b01b6ec4662db1e875e940d667b0aa71b7b91dccf72d32b644c6291814c3fde0c69c96c138d2f1e2412c92456fede823d61c3b7ba63f4bae0edc2dbb0d
DIST suricata-6.0.13.tar.gz.sig 566 BLAKE2B 880dccc4db0f322bd11f123fb2ad012a2904e4bee5ed0c2f161e0baee7054acde2234a9da94184ba67a5bb7adab1da10ca00c7850ae1a046dea07b91297b8476 SHA512 3578087d3ee4bcc8e0f6bd704e42d553b4baf208fc04002f4931bf8d23babe7727a25720c52143a3c423f1cc1f5513105e177fd4368b40927d6fe7234db9de65
+DIST suricata-6.0.15.tar.gz 27903106 BLAKE2B cf5c2d5760e52f0b4eb0276feb89e056d74ef5478e3158a047fbdec14022aa6e0ba986b7ee9f9ec49e2ebb3f206c7d71ad8ce8dc4eb9a6b48b4ba38c96c2f1c6 SHA512 ec9904fdc57e594653e3f48794c602429412fc85377630600b96081cfeb21361c353ce54d564c01ef0400885c508b49bd8c7a5d8b4482d45155b2007907107a9
+DIST suricata-6.0.15.tar.gz.sig 566 BLAKE2B f9f5fd9df55c9854f4da3765673df094a3979324714b0f81f787abc3eaa811d01e42cf8b892c5ae558e5f453b82f84dcebd4548a0cfafca00582adc595a11bbf SHA512 e938715fe22699b623d70bcd70e69d3acb2bfa322ecb9a8a19b272eb5ba378b34974c3114419bbb07fb46b805bc160344d0bdb567acb887832e4c18734fef9a8
DIST suricata-7.0.0.tar.gz 23426302 BLAKE2B dc5026ee32dd679c18d8953048f7694c6ef69e9b60d91153e1fad5f0d757ccfcb0423ed6f3e21a27f02f6647476923d5c90e1ba83656249509414316f06cd18b SHA512 b512a8d9e7ce26b362be4e4b1e27b97c0fd6dad109e440d6227916a373e85341336782c0870a2b380fa215f4d2e8d86728f105a6af75d8662d746cee1752347d
DIST suricata-7.0.0.tar.gz.sig 566 BLAKE2B 11033671642c953282fbb0dda0647d12ee143b16e1ee6202f0cc9bcee94eb123139e075ea860002851c2d37f3c9c7e90b72ef22c6cd0ea82dbf63d2bad852068 SHA512 216463c103c5f5fed3cb83190e78939b1efb6fcfe3f6bb8a023ff8a8df85fd7ad024fcc1d9720f196c6dbe3a3c80285a3689bf6e575ff51253a1e5df1a142fcb
DIST suricata-7.0.2.tar.gz 23445403 BLAKE2B 5af50f6f0d91ba233b1cc373c073e72824f10d6df20c27041d5fd11d25c7be6b1941beccf0fb18612d6277eaa7bb1d47d8fedbd34f580ba87d352c45d4d51725 SHA512 bca6eb64495d36fcc83522e29a8ec24653752930d001191fca1d72de5513537fdb8c1805fc45afe55b5fb3a68cf3747af609eec46070505dcd5d9e53c0ed9b95
diff --git a/net-analyzer/suricata/suricata-6.0.15.ebuild b/net-analyzer/suricata/suricata-6.0.15.ebuild
new file mode 100644
index 000000000000..df6ba0f72b6f
--- /dev/null
+++ b/net-analyzer/suricata/suricata-6.0.15.ebuild
@@ -0,0 +1,212 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+LUA_COMPAT=( lua5-1 luajit )
+PYTHON_COMPAT=( python3_{10..12} )
+
+inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd tmpfiles verify-sig
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="https://suricata.io/"
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
+ verify-sig? ( https://www.openinfosecfoundation.org/download/${P}.tar.gz.sig )"
+
+LICENSE="GPL-2"
+SLOT="0/6"
+KEYWORDS="~amd64 ~riscv ~x86"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened hyperscan lua lz4 nflog +nfqueue redis systemd test"
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ bpf? ( af-packet )
+ lua? ( ${LUA_REQUIRED_USE} )"
+
+RDEPEND="${PYTHON_DEPS}
+ acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson:=
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_USEDEP}]
+ ')
+ >=net-libs/libhtp-0.5.45
+ net-libs/libpcap
+ sys-apps/file
+ sys-libs/libcap-ng
+ bpf? ( <dev-libs/libbpf-1.0.0 )
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/libmaxminddb:= )
+ hyperscan? ( dev-libs/hyperscan )
+ lua? ( ${LUA_DEPS} )
+ lz4? ( app-arch/lz4 )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue? ( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis:= )"
+DEPEND="${RDEPEND}
+ >=sys-devel/autoconf-2.69-r5
+ virtual/rust"
+BDEPEND="verify-sig? ( >=sec-keys/openpgp-keys-oisf-20200807 )"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.6_configure-no-sphinx-pdflatex-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.7_configure-no-hyperscan-automagic.patch"
+ "${FILESDIR}/${PN}-6.0.0_default-config.patch"
+)
+
+pkg_pretend() {
+ if use bpf && use kernel_linux; then
+ if kernel_is -lt 4 15; then
+ ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
+ fi
+
+ CONFIG_CHECK="~XDP_SOCKETS"
+ ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata to load XDP programs. "
+ ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
+ check_extra_config
+ fi
+}
+
+src_prepare() {
+ default
+ sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am" || die
+ eautoreconf
+}
+
+src_configure() {
+ # Bug #861242
+ filter-lto
+
+ local myeconfargs=(
+ "--localstatedir=/var" \
+ "--runstatedir=/run" \
+ "--enable-non-bundled-htp" \
+ "--enable-gccmarch-native=no" \
+ "--enable-python" \
+ $(use_enable af-packet) \
+ $(use_enable bpf ebpf) \
+ $(use_enable control-socket unix-socket) \
+ $(use_enable cuda) \
+ $(use_enable detection) \
+ $(use_enable geoip) \
+ $(use_enable hardened gccprotect) \
+ $(use_enable hardened pie) \
+ $(use_enable hyperscan) \
+ $(use_enable lz4) \
+ $(use_enable nflog) \
+ $(use_enable nfqueue) \
+ $(use_enable redis hiredis) \
+ $(use_enable test unittests) \
+ "--disable-coccinelle"
+ )
+ if use lua; then
+ if use lua_single_target_luajit; then
+ myeconfargs+=( --enable-luajit )
+ else
+ myeconfargs+=( --enable-lua )
+ fi
+ fi
+
+ if use debug; then
+ myeconfargs+=( $(use_enable debug) )
+ # so we can get a backtrace according to "reporting bugs" on upstream web site
+ QA_FLAGS_IGNORED="usr/bin/${PN}"
+ CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
+ else
+ econf ${myeconfargs[@]}
+ fi
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+ python_optimize
+ # Bug #878855
+ python_fix_shebang "${ED}"/usr/bin/
+
+ if use bpf; then
+ rm -f ebpf/Makefile.{am,in} || die
+ dodoc -r ebpf/
+ keepdir /usr/libexec/suricata/ebpf
+ fi
+
+ insinto "/etc/${PN}"
+ doins etc/{classification,reference}.config threshold.config suricata.yaml
+
+ keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+ keepdir "/var/log/${PN}"
+
+ fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 6750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+
+ newinitd "${FILESDIR}/${PN}.initd" ${PN}
+ newconfd "${FILESDIR}/${PN}.confd" ${PN}
+ systemd_dounit "${FILESDIR}"/${PN}.service
+ newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
+
+ insopts -m0644
+ insinto /etc/logrotate.d
+ newins etc/${PN}.logrotate ${PN}
+}
+
+pkg_postinst() {
+ tmpfiles_process ${PN}.conf
+
+ elog
+ if use systemd; then
+ elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
+ elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
+ elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
+ elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
+ elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
+ elog "For details, see the section on drop-in directories in systemd.unit(5)."
+ else
+ elog "The ${PN} init script expects to find the path to the configuration"
+ elog "file as well as extra options in /etc/conf.d."
+ elog
+ elog "To create more than one ${PN} service, simply create a new .yaml file for it"
+ elog "then create a symlink to the init script from a link called"
+ elog "${PN}.foo - like so"
+ elog " cd /etc/${PN}"
+ elog " ${EDITOR##*/} suricata-foo.yaml"
+ elog " cd /etc/init.d"
+ elog " ln -s ${PN} ${PN}.foo"
+ elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
+ elog
+ elog "You can create as many ${PN}.foo* services as you wish."
+ fi
+
+ if use bpf; then
+ elog
+ elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
+ elog "because their configuration is hard-coded. You can find the default ones in"
+ elog " ${EPREFIX}/usr/share/doc/${PF}/ebpf"
+ elog "and the common location for eBPF bytecode is"
+ elog " ${EPREFIX}/usr/libexec/${PN}"
+ elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
+ fi
+
+ if use debug; then
+ elog
+ elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
+ elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
+ elog "You need to also ensure the FEATURES variable in make.conf contains the"
+ elog "'nostrip' option to produce useful core dumps or back traces."
+ fi
+
+ elog
+ if [[ -z "${REPLACING_VERSIONS}" ]]; then
+ elog "To download and install an initial set of rules, run:"
+ elog " suricata-update"
+ fi
+ elog
+}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2023-10-25 22:04 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2023-10-25 22:04 UTC (permalink / raw
To: gentoo-commits
commit: fa6a92286aa5b09aa5cfc106758c45d69be4bf76
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Wed Oct 25 22:01:39 2023 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Wed Oct 25 22:04:30 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fa6a9228
net-analyzer/suricata: drop 6.0.13, 7.0.0
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 4 -
net-analyzer/suricata/suricata-6.0.13.ebuild | 212 -------------------------
net-analyzer/suricata/suricata-7.0.0.ebuild | 221 ---------------------------
3 files changed, 437 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 1f871c0b4c9e..adabc7aa76bc 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,8 +1,4 @@
-DIST suricata-6.0.13.tar.gz 27411308 BLAKE2B 47dcc47253c462510494dac35a4aa41a110f62bca148871d86509b76ac0c2a873b9fbb9fc981e65897d6443032c27c9f9eeb0fae524f4e56306ed01fe6e32b01 SHA512 7b7ea4b01b6ec4662db1e875e940d667b0aa71b7b91dccf72d32b644c6291814c3fde0c69c96c138d2f1e2412c92456fede823d61c3b7ba63f4bae0edc2dbb0d
-DIST suricata-6.0.13.tar.gz.sig 566 BLAKE2B 880dccc4db0f322bd11f123fb2ad012a2904e4bee5ed0c2f161e0baee7054acde2234a9da94184ba67a5bb7adab1da10ca00c7850ae1a046dea07b91297b8476 SHA512 3578087d3ee4bcc8e0f6bd704e42d553b4baf208fc04002f4931bf8d23babe7727a25720c52143a3c423f1cc1f5513105e177fd4368b40927d6fe7234db9de65
DIST suricata-6.0.15.tar.gz 27903106 BLAKE2B cf5c2d5760e52f0b4eb0276feb89e056d74ef5478e3158a047fbdec14022aa6e0ba986b7ee9f9ec49e2ebb3f206c7d71ad8ce8dc4eb9a6b48b4ba38c96c2f1c6 SHA512 ec9904fdc57e594653e3f48794c602429412fc85377630600b96081cfeb21361c353ce54d564c01ef0400885c508b49bd8c7a5d8b4482d45155b2007907107a9
DIST suricata-6.0.15.tar.gz.sig 566 BLAKE2B f9f5fd9df55c9854f4da3765673df094a3979324714b0f81f787abc3eaa811d01e42cf8b892c5ae558e5f453b82f84dcebd4548a0cfafca00582adc595a11bbf SHA512 e938715fe22699b623d70bcd70e69d3acb2bfa322ecb9a8a19b272eb5ba378b34974c3114419bbb07fb46b805bc160344d0bdb567acb887832e4c18734fef9a8
-DIST suricata-7.0.0.tar.gz 23426302 BLAKE2B dc5026ee32dd679c18d8953048f7694c6ef69e9b60d91153e1fad5f0d757ccfcb0423ed6f3e21a27f02f6647476923d5c90e1ba83656249509414316f06cd18b SHA512 b512a8d9e7ce26b362be4e4b1e27b97c0fd6dad109e440d6227916a373e85341336782c0870a2b380fa215f4d2e8d86728f105a6af75d8662d746cee1752347d
-DIST suricata-7.0.0.tar.gz.sig 566 BLAKE2B 11033671642c953282fbb0dda0647d12ee143b16e1ee6202f0cc9bcee94eb123139e075ea860002851c2d37f3c9c7e90b72ef22c6cd0ea82dbf63d2bad852068 SHA512 216463c103c5f5fed3cb83190e78939b1efb6fcfe3f6bb8a023ff8a8df85fd7ad024fcc1d9720f196c6dbe3a3c80285a3689bf6e575ff51253a1e5df1a142fcb
DIST suricata-7.0.2.tar.gz 23445403 BLAKE2B 5af50f6f0d91ba233b1cc373c073e72824f10d6df20c27041d5fd11d25c7be6b1941beccf0fb18612d6277eaa7bb1d47d8fedbd34f580ba87d352c45d4d51725 SHA512 bca6eb64495d36fcc83522e29a8ec24653752930d001191fca1d72de5513537fdb8c1805fc45afe55b5fb3a68cf3747af609eec46070505dcd5d9e53c0ed9b95
DIST suricata-7.0.2.tar.gz.sig 566 BLAKE2B 8a931361acfa5e945fe9a3a03b38c65ff7f59da88a9af9c3f5a4b15ec880de6f22038a45d27c480c75489df0a90373f3cee44c48a266226fae89c00ed78b6e5f SHA512 0a46c8fef1d68f76c08c314613e558027dc7700a72628b5708dbc36c5c1943d816120c569692103d75d284cd7027cdda0d4ef9ab436992d7d2ec101e18aa5056
diff --git a/net-analyzer/suricata/suricata-6.0.13.ebuild b/net-analyzer/suricata/suricata-6.0.13.ebuild
deleted file mode 100644
index 4ea91dc87cfe..000000000000
--- a/net-analyzer/suricata/suricata-6.0.13.ebuild
+++ /dev/null
@@ -1,212 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-LUA_COMPAT=( lua5-1 luajit )
-PYTHON_COMPAT=( python3_{9..11} )
-
-inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd tmpfiles verify-sig
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="https://suricata.io/"
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
- verify-sig? ( https://www.openinfosecfoundation.org/download/${P}.tar.gz.sig )"
-
-LICENSE="GPL-2"
-SLOT="0/6"
-KEYWORDS="~amd64 ~riscv ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened hyperscan lua lz4 nflog +nfqueue redis systemd test"
-VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
-
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- bpf? ( af-packet )
- lua? ( ${LUA_REQUIRED_USE} )"
-
-RDEPEND="${PYTHON_DEPS}
- acct-group/suricata
- acct-user/suricata
- dev-libs/jansson:=
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- $(python_gen_cond_dep '
- dev-python/pyyaml[${PYTHON_USEDEP}]
- ')
- >=net-libs/libhtp-0.5.44
- net-libs/libpcap
- sys-apps/file
- sys-libs/libcap-ng
- bpf? ( <dev-libs/libbpf-1.0.0 )
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/libmaxminddb:= )
- hyperscan? ( dev-libs/hyperscan )
- lua? ( ${LUA_DEPS} )
- lz4? ( app-arch/lz4 )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue? ( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis:= )"
-DEPEND="${RDEPEND}
- >=sys-devel/autoconf-2.69-r5
- virtual/rust"
-BDEPEND="verify-sig? ( >=sec-keys/openpgp-keys-oisf-20200807 )"
-
-PATCHES=(
- "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
- "${FILESDIR}/${PN}-5.0.6_configure-no-sphinx-pdflatex-automagic.patch"
- "${FILESDIR}/${PN}-5.0.7_configure-no-hyperscan-automagic.patch"
- "${FILESDIR}/${PN}-6.0.0_default-config.patch"
-)
-
-pkg_pretend() {
- if use bpf && use kernel_linux; then
- if kernel_is -lt 4 15; then
- ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
- fi
-
- CONFIG_CHECK="~XDP_SOCKETS"
- ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata to load XDP programs. "
- ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
- check_extra_config
- fi
-}
-
-src_prepare() {
- default
- sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am" || die
- eautoreconf
-}
-
-src_configure() {
- # Bug #861242
- filter-lto
-
- local myeconfargs=(
- "--localstatedir=/var" \
- "--runstatedir=/run" \
- "--enable-non-bundled-htp" \
- "--enable-gccmarch-native=no" \
- "--enable-python" \
- $(use_enable af-packet) \
- $(use_enable bpf ebpf) \
- $(use_enable control-socket unix-socket) \
- $(use_enable cuda) \
- $(use_enable detection) \
- $(use_enable geoip) \
- $(use_enable hardened gccprotect) \
- $(use_enable hardened pie) \
- $(use_enable hyperscan) \
- $(use_enable lz4) \
- $(use_enable nflog) \
- $(use_enable nfqueue) \
- $(use_enable redis hiredis) \
- $(use_enable test unittests) \
- "--disable-coccinelle"
- )
- if use lua; then
- if use lua_single_target_luajit; then
- myeconfargs+=( --enable-luajit )
- else
- myeconfargs+=( --enable-lua )
- fi
- fi
-
- if use debug; then
- myeconfargs+=( $(use_enable debug) )
- # so we can get a backtrace according to "reporting bugs" on upstream web site
- QA_FLAGS_IGNORED="usr/bin/${PN}"
- CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
- else
- econf ${myeconfargs[@]}
- fi
-}
-
-src_install() {
- emake DESTDIR="${D}" install
- python_optimize
- # Bug #878855
- python_fix_shebang "${ED}"/usr/bin/
-
- if use bpf; then
- rm -f ebpf/Makefile.{am,in} || die
- dodoc -r ebpf/
- keepdir /usr/libexec/suricata/ebpf
- fi
-
- insinto "/etc/${PN}"
- doins etc/{classification,reference}.config threshold.config suricata.yaml
-
- keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
- keepdir "/var/log/${PN}"
-
- fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 6750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
-
- newinitd "${FILESDIR}/${PN}.initd" ${PN}
- newconfd "${FILESDIR}/${PN}.confd" ${PN}
- systemd_dounit "${FILESDIR}"/${PN}.service
- newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
-
- insopts -m0644
- insinto /etc/logrotate.d
- newins etc/${PN}.logrotate ${PN}
-}
-
-pkg_postinst() {
- tmpfiles_process ${PN}.conf
-
- elog
- if use systemd; then
- elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
- elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
- elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
- elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
- elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
- elog "For details, see the section on drop-in directories in systemd.unit(5)."
- else
- elog "The ${PN} init script expects to find the path to the configuration"
- elog "file as well as extra options in /etc/conf.d."
- elog
- elog "To create more than one ${PN} service, simply create a new .yaml file for it"
- elog "then create a symlink to the init script from a link called"
- elog "${PN}.foo - like so"
- elog " cd /etc/${PN}"
- elog " ${EDITOR##*/} suricata-foo.yaml"
- elog " cd /etc/init.d"
- elog " ln -s ${PN} ${PN}.foo"
- elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
- elog
- elog "You can create as many ${PN}.foo* services as you wish."
- fi
-
- if use bpf; then
- elog
- elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
- elog "because their configuration is hard-coded. You can find the default ones in"
- elog " ${EPREFIX}/usr/share/doc/${PF}/ebpf"
- elog "and the common location for eBPF bytecode is"
- elog " ${EPREFIX}/usr/libexec/${PN}"
- elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
- fi
-
- if use debug; then
- elog
- elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
- elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
- elog "You need to also ensure the FEATURES variable in make.conf contains the"
- elog "'nostrip' option to produce useful core dumps or back traces."
- fi
-
- elog
- if [[ -z "${REPLACING_VERSIONS}" ]]; then
- elog "To download and install an initial set of rules, run:"
- elog " suricata-update"
- fi
- elog
-}
diff --git a/net-analyzer/suricata/suricata-7.0.0.ebuild b/net-analyzer/suricata/suricata-7.0.0.ebuild
deleted file mode 100644
index f66b8fc5a628..000000000000
--- a/net-analyzer/suricata/suricata-7.0.0.ebuild
+++ /dev/null
@@ -1,221 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-LUA_COMPAT=( lua5-1 luajit )
-PYTHON_COMPAT=( python3_{10..12} )
-
-inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd tmpfiles verify-sig
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="https://suricata.io/"
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
- verify-sig? ( https://www.openinfosecfoundation.org/download/${P}.tar.gz.sig )"
-
-LICENSE="GPL-2"
-SLOT="0/7"
-KEYWORDS="~amd64 ~riscv ~x86"
-IUSE="+af-packet af-xdp bpf control-socket cuda debug +detection geoip hardened hyperscan lua lz4 nflog +nfqueue redis systemd test"
-VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
-
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- af-xdp? ( bpf )
- bpf? ( af-packet )
- lua? ( ${LUA_REQUIRED_USE} )"
-
-RDEPEND="${PYTHON_DEPS}
- acct-group/suricata
- acct-user/suricata
- dev-libs/jansson:=
- dev-libs/libpcre2
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- $(python_gen_cond_dep '
- dev-python/pyyaml[${PYTHON_USEDEP}]
- ')
- >=net-libs/libhtp-0.5.45
- net-libs/libpcap
- sys-apps/file
- sys-libs/libcap-ng
- af-xdp? ( net-libs/xdp-tools )
- bpf? ( dev-libs/libbpf )
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/libmaxminddb:= )
- hyperscan? ( dev-libs/hyperscan )
- lua? ( ${LUA_DEPS} )
- lz4? ( app-arch/lz4 )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue? ( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis:= )"
-DEPEND="${RDEPEND}
- >=sys-devel/autoconf-2.69-r5
- virtual/rust"
-BDEPEND="verify-sig? ( >=sec-keys/openpgp-keys-oisf-20200807 )"
-
-PATCHES=(
- "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
- "${FILESDIR}/${PN}-5.0.6_configure-no-sphinx-pdflatex-automagic.patch"
- "${FILESDIR}/${PN}-5.0.7_configure-no-hyperscan-automagic.patch"
- "${FILESDIR}/${PN}-6.0.0_default-config.patch"
-)
-
-pkg_pretend() {
- if use af-xdp && use kernel_linux; then
- if kernel_is -lt 4 18; then
- ewarn "Kernel 4.18 or newer is required for AF_XDP"
- fi
- fi
-
- if use bpf && use kernel_linux; then
- if kernel_is -lt 4 15; then
- ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
- fi
-
- CONFIG_CHECK="~XDP_SOCKETS"
- ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata to load XDP programs. "
- ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
- check_extra_config
- fi
-}
-
-src_prepare() {
- default
- sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am" || die
- eautoreconf
-}
-
-src_configure() {
- # Bug #861242
- filter-lto
-
- local myeconfargs=(
- "--localstatedir=/var" \
- "--runstatedir=/run" \
- "--enable-non-bundled-htp" \
- "--enable-gccmarch-native=no" \
- "--enable-python" \
- $(use_enable af-packet) \
- $(use_enable af-xdp) \
- $(use_enable bpf ebpf) \
- $(use_enable control-socket unix-socket) \
- $(use_enable cuda) \
- $(use_enable detection) \
- $(use_enable geoip) \
- $(use_enable hardened gccprotect) \
- $(use_enable hardened pie) \
- $(use_enable hyperscan) \
- $(use_enable lz4) \
- $(use_enable nflog) \
- $(use_enable nfqueue) \
- $(use_enable redis hiredis) \
- $(use_enable test unittests) \
- "--disable-coccinelle"
- )
- if use lua; then
- if use lua_single_target_luajit; then
- myeconfargs+=( --enable-luajit )
- else
- myeconfargs+=( --enable-lua )
- fi
- fi
-
- if use debug; then
- myeconfargs+=( $(use_enable debug) )
- # so we can get a backtrace according to "reporting bugs" on upstream web site
- QA_FLAGS_IGNORED="usr/bin/${PN}"
- CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
- else
- econf ${myeconfargs[@]}
- fi
-}
-
-src_install() {
- emake DESTDIR="${D}" install
- python_optimize
- # Bug #878855
- python_fix_shebang "${ED}"/usr/bin/
-
- if use bpf; then
- rm -f ebpf/Makefile.{am,in} || die
- dodoc -r ebpf/
- keepdir /usr/libexec/suricata/ebpf
- fi
-
- insinto "/etc/${PN}"
- doins etc/{classification,reference}.config threshold.config suricata.yaml
-
- keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
- keepdir "/var/log/${PN}"
-
- fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 6750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
-
- newinitd "${FILESDIR}/${PN}.initd" ${PN}
- newconfd "${FILESDIR}/${PN}.confd" ${PN}
- systemd_dounit "${FILESDIR}"/${PN}.service
- newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
-
- insopts -m0644
- insinto /etc/logrotate.d
- newins etc/${PN}.logrotate ${PN}
-}
-
-pkg_postinst() {
- tmpfiles_process ${PN}.conf
-
- elog
- if use systemd; then
- elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
- elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
- elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
- elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
- elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
- elog "For details, see the section on drop-in directories in systemd.unit(5)."
- else
- elog "The ${PN} init script expects to find the path to the configuration"
- elog "file as well as extra options in /etc/conf.d."
- elog
- elog "To create more than one ${PN} service, simply create a new .yaml file for it"
- elog "then create a symlink to the init script from a link called"
- elog "${PN}.foo - like so"
- elog " cd /etc/${PN}"
- elog " ${EDITOR##*/} suricata-foo.yaml"
- elog " cd /etc/init.d"
- elog " ln -s ${PN} ${PN}.foo"
- elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
- elog
- elog "You can create as many ${PN}.foo* services as you wish."
- fi
-
- if use bpf; then
- elog
- elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
- elog "because their configuration is hard-coded. You can find the default ones in"
- elog " ${EPREFIX}/usr/share/doc/${PF}/ebpf"
- elog "and the common location for eBPF bytecode is"
- elog " ${EPREFIX}/usr/libexec/${PN}"
- elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
- fi
-
- if use debug; then
- elog
- elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
- elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
- elog "You need to also ensure the FEATURES variable in make.conf contains the"
- elog "'nostrip' option to produce useful core dumps or back traces."
- fi
-
- elog
- if [[ -z "${REPLACING_VERSIONS}" ]]; then
- elog "To download and install an initial set of rules, run:"
- elog " suricata-update"
- fi
- elog
-}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2023-08-16 17:08 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2023-08-16 17:08 UTC (permalink / raw
To: gentoo-commits
commit: 042427cddd54f9811988dc61798ee7c7288ecd3f
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Wed Aug 16 17:06:10 2023 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Wed Aug 16 17:08:40 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=042427cd
net-analyzer/suricata: drop 6.0.12
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 2 -
net-analyzer/suricata/suricata-6.0.12.ebuild | 212 ---------------------------
2 files changed, 214 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index d3bafea16736..1fff5793c937 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,5 +1,3 @@
-DIST suricata-6.0.12.tar.gz 27388535 BLAKE2B 3cd16072014e814ec116bbde6649a0230200e447884028fef0440cbbc38a36b28c1edb39098e4089ee966890464bcd2573ea82d3e35e6d034ad465ac20c4c0b6 SHA512 aa8a51e0c6b04640a9df3ca46d736c23f213561a0f47e9022f0bd10cf4652b6912ff576fb6db0b663fcae5ab5a80ef5048da3a8888323326fb2b6d56d8ef7c0c
-DIST suricata-6.0.12.tar.gz.sig 566 BLAKE2B 50102891a3efec7a52e16bf7c3842cbdf3e9feb0f9a1fe34ab714ea1b5f01c02aafec74c7252b1bb0b0da0242c4f4eb1771c74aef06f356672f6e5bcc405b1a8 SHA512 b3cfb4791599e9c48a46cd39e28d74022ac2aa88887b6cb04ceff70ae66a5e4b1e166caa48a47869c37cffd82e6eae1f65744ca3d84521f8808f90210039f31b
DIST suricata-6.0.13.tar.gz 27411308 BLAKE2B 47dcc47253c462510494dac35a4aa41a110f62bca148871d86509b76ac0c2a873b9fbb9fc981e65897d6443032c27c9f9eeb0fae524f4e56306ed01fe6e32b01 SHA512 7b7ea4b01b6ec4662db1e875e940d667b0aa71b7b91dccf72d32b644c6291814c3fde0c69c96c138d2f1e2412c92456fede823d61c3b7ba63f4bae0edc2dbb0d
DIST suricata-6.0.13.tar.gz.sig 566 BLAKE2B 880dccc4db0f322bd11f123fb2ad012a2904e4bee5ed0c2f161e0baee7054acde2234a9da94184ba67a5bb7adab1da10ca00c7850ae1a046dea07b91297b8476 SHA512 3578087d3ee4bcc8e0f6bd704e42d553b4baf208fc04002f4931bf8d23babe7727a25720c52143a3c423f1cc1f5513105e177fd4368b40927d6fe7234db9de65
DIST suricata-7.0.0.tar.gz 23426302 BLAKE2B dc5026ee32dd679c18d8953048f7694c6ef69e9b60d91153e1fad5f0d757ccfcb0423ed6f3e21a27f02f6647476923d5c90e1ba83656249509414316f06cd18b SHA512 b512a8d9e7ce26b362be4e4b1e27b97c0fd6dad109e440d6227916a373e85341336782c0870a2b380fa215f4d2e8d86728f105a6af75d8662d746cee1752347d
diff --git a/net-analyzer/suricata/suricata-6.0.12.ebuild b/net-analyzer/suricata/suricata-6.0.12.ebuild
deleted file mode 100644
index 9b453e9fdbc6..000000000000
--- a/net-analyzer/suricata/suricata-6.0.12.ebuild
+++ /dev/null
@@ -1,212 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-LUA_COMPAT=( lua5-1 luajit )
-PYTHON_COMPAT=( python3_{9..11} )
-
-inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd tmpfiles verify-sig
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="https://suricata.io/"
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
- verify-sig? ( https://www.openinfosecfoundation.org/download/${P}.tar.gz.sig )"
-
-LICENSE="GPL-2"
-SLOT="0/6"
-KEYWORDS="~amd64 ~riscv ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened hyperscan lua lz4 nflog +nfqueue redis systemd test"
-VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
-
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- bpf? ( af-packet )
- lua? ( ${LUA_REQUIRED_USE} )"
-
-RDEPEND="${PYTHON_DEPS}
- acct-group/suricata
- acct-user/suricata
- dev-libs/jansson:=
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- $(python_gen_cond_dep '
- dev-python/pyyaml[${PYTHON_USEDEP}]
- ')
- >=net-libs/libhtp-0.5.43
- net-libs/libpcap
- sys-apps/file
- sys-libs/libcap-ng
- bpf? ( <dev-libs/libbpf-1.0.0 )
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/libmaxminddb:= )
- hyperscan? ( dev-libs/hyperscan )
- lua? ( ${LUA_DEPS} )
- lz4? ( app-arch/lz4 )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue? ( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis:= )"
-DEPEND="${RDEPEND}
- >=sys-devel/autoconf-2.69-r5
- virtual/rust"
-BDEPEND="verify-sig? ( >=sec-keys/openpgp-keys-oisf-20200807 )"
-
-PATCHES=(
- "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
- "${FILESDIR}/${PN}-5.0.6_configure-no-sphinx-pdflatex-automagic.patch"
- "${FILESDIR}/${PN}-5.0.7_configure-no-hyperscan-automagic.patch"
- "${FILESDIR}/${PN}-6.0.0_default-config.patch"
-)
-
-pkg_pretend() {
- if use bpf && use kernel_linux; then
- if kernel_is -lt 4 15; then
- ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
- fi
-
- CONFIG_CHECK="~XDP_SOCKETS"
- ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata to load XDP programs. "
- ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
- check_extra_config
- fi
-}
-
-src_prepare() {
- default
- sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am" || die
- eautoreconf
-}
-
-src_configure() {
- # Bug #861242
- filter-lto
-
- local myeconfargs=(
- "--localstatedir=/var" \
- "--runstatedir=/run" \
- "--enable-non-bundled-htp" \
- "--enable-gccmarch-native=no" \
- "--enable-python" \
- $(use_enable af-packet) \
- $(use_enable bpf ebpf) \
- $(use_enable control-socket unix-socket) \
- $(use_enable cuda) \
- $(use_enable detection) \
- $(use_enable geoip) \
- $(use_enable hardened gccprotect) \
- $(use_enable hardened pie) \
- $(use_enable hyperscan) \
- $(use_enable lz4) \
- $(use_enable nflog) \
- $(use_enable nfqueue) \
- $(use_enable redis hiredis) \
- $(use_enable test unittests) \
- "--disable-coccinelle"
- )
- if use lua; then
- if use lua_single_target_luajit; then
- myeconfargs+=( --enable-luajit )
- else
- myeconfargs+=( --enable-lua )
- fi
- fi
-
- if use debug; then
- myeconfargs+=( $(use_enable debug) )
- # so we can get a backtrace according to "reporting bugs" on upstream web site
- QA_FLAGS_IGNORED="usr/bin/${PN}"
- CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
- else
- econf ${myeconfargs[@]}
- fi
-}
-
-src_install() {
- emake DESTDIR="${D}" install
- python_optimize
- # Bug #878855
- python_fix_shebang "${ED}"/usr/bin/
-
- if use bpf; then
- rm -f ebpf/Makefile.{am,in} || die
- dodoc -r ebpf/
- keepdir /usr/libexec/suricata/ebpf
- fi
-
- insinto "/etc/${PN}"
- doins etc/{classification,reference}.config threshold.config suricata.yaml
-
- keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
- keepdir "/var/log/${PN}"
-
- fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 6750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
-
- newinitd "${FILESDIR}/${PN}.initd" ${PN}
- newconfd "${FILESDIR}/${PN}.confd" ${PN}
- systemd_dounit "${FILESDIR}"/${PN}.service
- newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
-
- insopts -m0644
- insinto /etc/logrotate.d
- newins etc/${PN}.logrotate ${PN}
-}
-
-pkg_postinst() {
- tmpfiles_process ${PN}.conf
-
- elog
- if use systemd; then
- elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
- elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
- elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
- elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
- elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
- elog "For details, see the section on drop-in directories in systemd.unit(5)."
- else
- elog "The ${PN} init script expects to find the path to the configuration"
- elog "file as well as extra options in /etc/conf.d."
- elog
- elog "To create more than one ${PN} service, simply create a new .yaml file for it"
- elog "then create a symlink to the init script from a link called"
- elog "${PN}.foo - like so"
- elog " cd /etc/${PN}"
- elog " ${EDITOR##*/} suricata-foo.yaml"
- elog " cd /etc/init.d"
- elog " ln -s ${PN} ${PN}.foo"
- elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
- elog
- elog "You can create as many ${PN}.foo* services as you wish."
- fi
-
- if use bpf; then
- elog
- elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
- elog "because their configuration is hard-coded. You can find the default ones in"
- elog " ${EPREFIX}/usr/share/doc/${PF}/ebpf"
- elog "and the common location for eBPF bytecode is"
- elog " ${EPREFIX}/usr/libexec/${PN}"
- elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
- fi
-
- if use debug; then
- elog
- elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
- elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
- elog "You need to also ensure the FEATURES variable in make.conf contains the"
- elog "'nostrip' option to produce useful core dumps or back traces."
- fi
-
- elog
- if [[ -z "${REPLACING_VERSIONS}" ]]; then
- elog "To download and install an initial set of rules, run:"
- elog " suricata-update"
- fi
- elog
-}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2023-08-16 17:08 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2023-08-16 17:08 UTC (permalink / raw
To: gentoo-commits
commit: 6d239f1820f40bccbc6bee23e88c2ac5a2b1dc52
Author: Stijn Tintel <stijn <AT> linux-ipv6 <DOT> be>
AuthorDate: Thu Jul 27 13:27:03 2023 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Wed Aug 16 17:08:39 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6d239f18
net-analyzer/suricata: add 7.0.0
Closes: https://bugs.gentoo.org/911313
Signed-off-by: Stijn Tintel <stijn <AT> linux-ipv6.be>
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 2 +
net-analyzer/suricata/metadata.xml | 1 +
net-analyzer/suricata/suricata-7.0.0.ebuild | 221 ++++++++++++++++++++++++++++
3 files changed, 224 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 85d27e588a21..d3bafea16736 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -2,3 +2,5 @@ DIST suricata-6.0.12.tar.gz 27388535 BLAKE2B 3cd16072014e814ec116bbde6649a023020
DIST suricata-6.0.12.tar.gz.sig 566 BLAKE2B 50102891a3efec7a52e16bf7c3842cbdf3e9feb0f9a1fe34ab714ea1b5f01c02aafec74c7252b1bb0b0da0242c4f4eb1771c74aef06f356672f6e5bcc405b1a8 SHA512 b3cfb4791599e9c48a46cd39e28d74022ac2aa88887b6cb04ceff70ae66a5e4b1e166caa48a47869c37cffd82e6eae1f65744ca3d84521f8808f90210039f31b
DIST suricata-6.0.13.tar.gz 27411308 BLAKE2B 47dcc47253c462510494dac35a4aa41a110f62bca148871d86509b76ac0c2a873b9fbb9fc981e65897d6443032c27c9f9eeb0fae524f4e56306ed01fe6e32b01 SHA512 7b7ea4b01b6ec4662db1e875e940d667b0aa71b7b91dccf72d32b644c6291814c3fde0c69c96c138d2f1e2412c92456fede823d61c3b7ba63f4bae0edc2dbb0d
DIST suricata-6.0.13.tar.gz.sig 566 BLAKE2B 880dccc4db0f322bd11f123fb2ad012a2904e4bee5ed0c2f161e0baee7054acde2234a9da94184ba67a5bb7adab1da10ca00c7850ae1a046dea07b91297b8476 SHA512 3578087d3ee4bcc8e0f6bd704e42d553b4baf208fc04002f4931bf8d23babe7727a25720c52143a3c423f1cc1f5513105e177fd4368b40927d6fe7234db9de65
+DIST suricata-7.0.0.tar.gz 23426302 BLAKE2B dc5026ee32dd679c18d8953048f7694c6ef69e9b60d91153e1fad5f0d757ccfcb0423ed6f3e21a27f02f6647476923d5c90e1ba83656249509414316f06cd18b SHA512 b512a8d9e7ce26b362be4e4b1e27b97c0fd6dad109e440d6227916a373e85341336782c0870a2b380fa215f4d2e8d86728f105a6af75d8662d746cee1752347d
+DIST suricata-7.0.0.tar.gz.sig 566 BLAKE2B 11033671642c953282fbb0dda0647d12ee143b16e1ee6202f0cc9bcee94eb123139e075ea860002851c2d37f3c9c7e90b72ef22c6cd0ea82dbf63d2bad852068 SHA512 216463c103c5f5fed3cb83190e78939b1efb6fcfe3f6bb8a023ff8a8df85fd7ad024fcc1d9720f196c6dbe3a3c80285a3689bf6e575ff51253a1e5df1a142fcb
diff --git a/net-analyzer/suricata/metadata.xml b/net-analyzer/suricata/metadata.xml
index f55796e7f1ed..ab8f1004e969 100644
--- a/net-analyzer/suricata/metadata.xml
+++ b/net-analyzer/suricata/metadata.xml
@@ -7,6 +7,7 @@
</maintainer>
<use>
<flag name="af-packet">Enable AF_PACKET support</flag>
+ <flag name="af-xdp">Enable AF_XDP support</flag>
<flag name="bpf">Enable support for eBPF (as well as XDP if supported by the kernel and the NIC driver)
for low-level, high-speed packet processing</flag>
<flag name="control-socket">Enable unix socket</flag>
diff --git a/net-analyzer/suricata/suricata-7.0.0.ebuild b/net-analyzer/suricata/suricata-7.0.0.ebuild
new file mode 100644
index 000000000000..f66b8fc5a628
--- /dev/null
+++ b/net-analyzer/suricata/suricata-7.0.0.ebuild
@@ -0,0 +1,221 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+LUA_COMPAT=( lua5-1 luajit )
+PYTHON_COMPAT=( python3_{10..12} )
+
+inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd tmpfiles verify-sig
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="https://suricata.io/"
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
+ verify-sig? ( https://www.openinfosecfoundation.org/download/${P}.tar.gz.sig )"
+
+LICENSE="GPL-2"
+SLOT="0/7"
+KEYWORDS="~amd64 ~riscv ~x86"
+IUSE="+af-packet af-xdp bpf control-socket cuda debug +detection geoip hardened hyperscan lua lz4 nflog +nfqueue redis systemd test"
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ af-xdp? ( bpf )
+ bpf? ( af-packet )
+ lua? ( ${LUA_REQUIRED_USE} )"
+
+RDEPEND="${PYTHON_DEPS}
+ acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson:=
+ dev-libs/libpcre2
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_USEDEP}]
+ ')
+ >=net-libs/libhtp-0.5.45
+ net-libs/libpcap
+ sys-apps/file
+ sys-libs/libcap-ng
+ af-xdp? ( net-libs/xdp-tools )
+ bpf? ( dev-libs/libbpf )
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/libmaxminddb:= )
+ hyperscan? ( dev-libs/hyperscan )
+ lua? ( ${LUA_DEPS} )
+ lz4? ( app-arch/lz4 )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue? ( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis:= )"
+DEPEND="${RDEPEND}
+ >=sys-devel/autoconf-2.69-r5
+ virtual/rust"
+BDEPEND="verify-sig? ( >=sec-keys/openpgp-keys-oisf-20200807 )"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.6_configure-no-sphinx-pdflatex-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.7_configure-no-hyperscan-automagic.patch"
+ "${FILESDIR}/${PN}-6.0.0_default-config.patch"
+)
+
+pkg_pretend() {
+ if use af-xdp && use kernel_linux; then
+ if kernel_is -lt 4 18; then
+ ewarn "Kernel 4.18 or newer is required for AF_XDP"
+ fi
+ fi
+
+ if use bpf && use kernel_linux; then
+ if kernel_is -lt 4 15; then
+ ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
+ fi
+
+ CONFIG_CHECK="~XDP_SOCKETS"
+ ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata to load XDP programs. "
+ ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
+ check_extra_config
+ fi
+}
+
+src_prepare() {
+ default
+ sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am" || die
+ eautoreconf
+}
+
+src_configure() {
+ # Bug #861242
+ filter-lto
+
+ local myeconfargs=(
+ "--localstatedir=/var" \
+ "--runstatedir=/run" \
+ "--enable-non-bundled-htp" \
+ "--enable-gccmarch-native=no" \
+ "--enable-python" \
+ $(use_enable af-packet) \
+ $(use_enable af-xdp) \
+ $(use_enable bpf ebpf) \
+ $(use_enable control-socket unix-socket) \
+ $(use_enable cuda) \
+ $(use_enable detection) \
+ $(use_enable geoip) \
+ $(use_enable hardened gccprotect) \
+ $(use_enable hardened pie) \
+ $(use_enable hyperscan) \
+ $(use_enable lz4) \
+ $(use_enable nflog) \
+ $(use_enable nfqueue) \
+ $(use_enable redis hiredis) \
+ $(use_enable test unittests) \
+ "--disable-coccinelle"
+ )
+ if use lua; then
+ if use lua_single_target_luajit; then
+ myeconfargs+=( --enable-luajit )
+ else
+ myeconfargs+=( --enable-lua )
+ fi
+ fi
+
+ if use debug; then
+ myeconfargs+=( $(use_enable debug) )
+ # so we can get a backtrace according to "reporting bugs" on upstream web site
+ QA_FLAGS_IGNORED="usr/bin/${PN}"
+ CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
+ else
+ econf ${myeconfargs[@]}
+ fi
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+ python_optimize
+ # Bug #878855
+ python_fix_shebang "${ED}"/usr/bin/
+
+ if use bpf; then
+ rm -f ebpf/Makefile.{am,in} || die
+ dodoc -r ebpf/
+ keepdir /usr/libexec/suricata/ebpf
+ fi
+
+ insinto "/etc/${PN}"
+ doins etc/{classification,reference}.config threshold.config suricata.yaml
+
+ keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+ keepdir "/var/log/${PN}"
+
+ fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 6750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+
+ newinitd "${FILESDIR}/${PN}.initd" ${PN}
+ newconfd "${FILESDIR}/${PN}.confd" ${PN}
+ systemd_dounit "${FILESDIR}"/${PN}.service
+ newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
+
+ insopts -m0644
+ insinto /etc/logrotate.d
+ newins etc/${PN}.logrotate ${PN}
+}
+
+pkg_postinst() {
+ tmpfiles_process ${PN}.conf
+
+ elog
+ if use systemd; then
+ elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
+ elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
+ elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
+ elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
+ elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
+ elog "For details, see the section on drop-in directories in systemd.unit(5)."
+ else
+ elog "The ${PN} init script expects to find the path to the configuration"
+ elog "file as well as extra options in /etc/conf.d."
+ elog
+ elog "To create more than one ${PN} service, simply create a new .yaml file for it"
+ elog "then create a symlink to the init script from a link called"
+ elog "${PN}.foo - like so"
+ elog " cd /etc/${PN}"
+ elog " ${EDITOR##*/} suricata-foo.yaml"
+ elog " cd /etc/init.d"
+ elog " ln -s ${PN} ${PN}.foo"
+ elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
+ elog
+ elog "You can create as many ${PN}.foo* services as you wish."
+ fi
+
+ if use bpf; then
+ elog
+ elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
+ elog "because their configuration is hard-coded. You can find the default ones in"
+ elog " ${EPREFIX}/usr/share/doc/${PF}/ebpf"
+ elog "and the common location for eBPF bytecode is"
+ elog " ${EPREFIX}/usr/libexec/${PN}"
+ elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
+ fi
+
+ if use debug; then
+ elog
+ elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
+ elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
+ elog "You need to also ensure the FEATURES variable in make.conf contains the"
+ elog "'nostrip' option to produce useful core dumps or back traces."
+ fi
+
+ elog
+ if [[ -z "${REPLACING_VERSIONS}" ]]; then
+ elog "To download and install an initial set of rules, run:"
+ elog " suricata-update"
+ fi
+ elog
+}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2023-06-27 21:56 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2023-06-27 21:56 UTC (permalink / raw
To: gentoo-commits
commit: 777280c0f9eb5db9ca0e0098c0a690c2506ff50f
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Tue Jun 27 20:45:30 2023 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Tue Jun 27 21:56:22 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=777280c0
net-analyzer/suricata: add 6.0.13, drop 6.0.11
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 4 ++--
.../suricata/{suricata-6.0.11.ebuild => suricata-6.0.13.ebuild} | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 549fe68db0a7..85d27e588a21 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,4 +1,4 @@
-DIST suricata-6.0.11.tar.gz 27408130 BLAKE2B 41b37168e6c50b32971ad8c0541f3bc1981152c8360bbfc261a9abab5dc229425bef92fe19db5d0ec7cf32abff71acca62934c411aea79f5c8f9b38bd6422ee4 SHA512 b9b23aa9f71e9ce9c15312d14624133f772a0df82059a7c911cfb028ff00ba0eb39c7c263cb7f4612d2199c262cef1682c06f8b416a36e37dfb4277f12cb2ce9
-DIST suricata-6.0.11.tar.gz.sig 566 BLAKE2B fb6854b4bade28d4ff5850d2222ace2e71955d587a3a0346bd158796564a3d3440940b90edc85be330ca8f8f903b35c9a7abf01dc2a570f7a74f492ca0bda70b SHA512 4ab0b2823d0260cbb17c1dc25dcf1511b772fd5369555b6f1db9db1cc5bbb66092f1b6c4e4b6f01ee76a6003c51444b44e8529ea6f994a554c42e267295e8dc3
DIST suricata-6.0.12.tar.gz 27388535 BLAKE2B 3cd16072014e814ec116bbde6649a0230200e447884028fef0440cbbc38a36b28c1edb39098e4089ee966890464bcd2573ea82d3e35e6d034ad465ac20c4c0b6 SHA512 aa8a51e0c6b04640a9df3ca46d736c23f213561a0f47e9022f0bd10cf4652b6912ff576fb6db0b663fcae5ab5a80ef5048da3a8888323326fb2b6d56d8ef7c0c
DIST suricata-6.0.12.tar.gz.sig 566 BLAKE2B 50102891a3efec7a52e16bf7c3842cbdf3e9feb0f9a1fe34ab714ea1b5f01c02aafec74c7252b1bb0b0da0242c4f4eb1771c74aef06f356672f6e5bcc405b1a8 SHA512 b3cfb4791599e9c48a46cd39e28d74022ac2aa88887b6cb04ceff70ae66a5e4b1e166caa48a47869c37cffd82e6eae1f65744ca3d84521f8808f90210039f31b
+DIST suricata-6.0.13.tar.gz 27411308 BLAKE2B 47dcc47253c462510494dac35a4aa41a110f62bca148871d86509b76ac0c2a873b9fbb9fc981e65897d6443032c27c9f9eeb0fae524f4e56306ed01fe6e32b01 SHA512 7b7ea4b01b6ec4662db1e875e940d667b0aa71b7b91dccf72d32b644c6291814c3fde0c69c96c138d2f1e2412c92456fede823d61c3b7ba63f4bae0edc2dbb0d
+DIST suricata-6.0.13.tar.gz.sig 566 BLAKE2B 880dccc4db0f322bd11f123fb2ad012a2904e4bee5ed0c2f161e0baee7054acde2234a9da94184ba67a5bb7adab1da10ca00c7850ae1a046dea07b91297b8476 SHA512 3578087d3ee4bcc8e0f6bd704e42d553b4baf208fc04002f4931bf8d23babe7727a25720c52143a3c423f1cc1f5513105e177fd4368b40927d6fe7234db9de65
diff --git a/net-analyzer/suricata/suricata-6.0.11.ebuild b/net-analyzer/suricata/suricata-6.0.13.ebuild
similarity index 99%
rename from net-analyzer/suricata/suricata-6.0.11.ebuild
rename to net-analyzer/suricata/suricata-6.0.13.ebuild
index 9b453e9fdbc6..4ea91dc87cfe 100644
--- a/net-analyzer/suricata/suricata-6.0.11.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.13.ebuild
@@ -38,7 +38,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.43
+ >=net-libs/libhtp-0.5.44
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2023-05-11 12:03 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2023-05-11 12:03 UTC (permalink / raw
To: gentoo-commits
commit: bde43f80ec498f0ecd941ffd08fe5a7141f6ce09
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Thu May 11 11:40:23 2023 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Thu May 11 11:59:32 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bde43f80
net-analyzer/suricata: add 6.0.12, drop 6.0.10
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 4 ++--
.../suricata/{suricata-6.0.10.ebuild => suricata-6.0.12.ebuild} | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 6d54b18e09db..549fe68db0a7 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,4 +1,4 @@
-DIST suricata-6.0.10.tar.gz 27374715 BLAKE2B a2b334c0139ead0b914ba6039c116ebad30dd3b5c0d4bb751f608af83e1487a67b96224ffe61635468dc49a9e44f03a76facf2af66582ba18e364f233029b532 SHA512 3e49d491cf1fb56a6773308380cae826016041018c18753d18529572712a6ffa415df2798805bffdf8482312fdb69c3f2e05f38870a5b725d333f928b840e1e2
-DIST suricata-6.0.10.tar.gz.sig 566 BLAKE2B 911c3587911dd6b8fbf0932608b2eb80928223d5ed6636abfd9355fcdf6fcb2ff0e3d064d472d2c89417679c68d496ee105dd0cee1f3e8c33de9cd6c90290d9d SHA512 5c6ab8937d82472b0bccae00c94094ee503ac423884d958947f276a4f2d7e9a88646e5ca8deb4b03cb4d035238774a6cd20ddbea9a08a6c5b45b646c1458dca8
DIST suricata-6.0.11.tar.gz 27408130 BLAKE2B 41b37168e6c50b32971ad8c0541f3bc1981152c8360bbfc261a9abab5dc229425bef92fe19db5d0ec7cf32abff71acca62934c411aea79f5c8f9b38bd6422ee4 SHA512 b9b23aa9f71e9ce9c15312d14624133f772a0df82059a7c911cfb028ff00ba0eb39c7c263cb7f4612d2199c262cef1682c06f8b416a36e37dfb4277f12cb2ce9
DIST suricata-6.0.11.tar.gz.sig 566 BLAKE2B fb6854b4bade28d4ff5850d2222ace2e71955d587a3a0346bd158796564a3d3440940b90edc85be330ca8f8f903b35c9a7abf01dc2a570f7a74f492ca0bda70b SHA512 4ab0b2823d0260cbb17c1dc25dcf1511b772fd5369555b6f1db9db1cc5bbb66092f1b6c4e4b6f01ee76a6003c51444b44e8529ea6f994a554c42e267295e8dc3
+DIST suricata-6.0.12.tar.gz 27388535 BLAKE2B 3cd16072014e814ec116bbde6649a0230200e447884028fef0440cbbc38a36b28c1edb39098e4089ee966890464bcd2573ea82d3e35e6d034ad465ac20c4c0b6 SHA512 aa8a51e0c6b04640a9df3ca46d736c23f213561a0f47e9022f0bd10cf4652b6912ff576fb6db0b663fcae5ab5a80ef5048da3a8888323326fb2b6d56d8ef7c0c
+DIST suricata-6.0.12.tar.gz.sig 566 BLAKE2B 50102891a3efec7a52e16bf7c3842cbdf3e9feb0f9a1fe34ab714ea1b5f01c02aafec74c7252b1bb0b0da0242c4f4eb1771c74aef06f356672f6e5bcc405b1a8 SHA512 b3cfb4791599e9c48a46cd39e28d74022ac2aa88887b6cb04ceff70ae66a5e4b1e166caa48a47869c37cffd82e6eae1f65744ca3d84521f8808f90210039f31b
diff --git a/net-analyzer/suricata/suricata-6.0.10.ebuild b/net-analyzer/suricata/suricata-6.0.12.ebuild
similarity index 99%
rename from net-analyzer/suricata/suricata-6.0.10.ebuild
rename to net-analyzer/suricata/suricata-6.0.12.ebuild
index bcc930edadc3..9b453e9fdbc6 100644
--- a/net-analyzer/suricata/suricata-6.0.10.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.12.ebuild
@@ -38,7 +38,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.42
+ >=net-libs/libhtp-0.5.43
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2023-04-16 20:03 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2023-04-16 20:03 UTC (permalink / raw
To: gentoo-commits
commit: 15ad928b7ee2e7463637cdc1d40411a4145b1b35
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Sun Apr 16 20:02:40 2023 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Sun Apr 16 20:03:02 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=15ad928b
net-analyzer/suricata: add 6.0.11, drop 6.0.9
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 4 ++--
.../{suricata-6.0.9.ebuild => suricata-6.0.11.ebuild} | 13 +++++--------
2 files changed, 7 insertions(+), 10 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index d74a829df4e1..6d54b18e09db 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,4 +1,4 @@
DIST suricata-6.0.10.tar.gz 27374715 BLAKE2B a2b334c0139ead0b914ba6039c116ebad30dd3b5c0d4bb751f608af83e1487a67b96224ffe61635468dc49a9e44f03a76facf2af66582ba18e364f233029b532 SHA512 3e49d491cf1fb56a6773308380cae826016041018c18753d18529572712a6ffa415df2798805bffdf8482312fdb69c3f2e05f38870a5b725d333f928b840e1e2
DIST suricata-6.0.10.tar.gz.sig 566 BLAKE2B 911c3587911dd6b8fbf0932608b2eb80928223d5ed6636abfd9355fcdf6fcb2ff0e3d064d472d2c89417679c68d496ee105dd0cee1f3e8c33de9cd6c90290d9d SHA512 5c6ab8937d82472b0bccae00c94094ee503ac423884d958947f276a4f2d7e9a88646e5ca8deb4b03cb4d035238774a6cd20ddbea9a08a6c5b45b646c1458dca8
-DIST suricata-6.0.9.tar.gz 27352128 BLAKE2B 966657eeff216894f6357989f0317b7c5eed82602ca2381269446cbe4c015be449f5598726b2f58924f20aca30c4e130ecafe642ea4ce39f1671f46093292551 SHA512 09a24a90db11e74da2d584904987c2d751243a95cf237d13a8b57cdffc6659281c9d572404caea657e637d7eed01ecfe40bdfcfc79c09e1ca8eb26637dddbb6c
-DIST suricata-6.0.9.tar.gz.sig 566 BLAKE2B 1ac1bb67caef5e5827127befd269de03ec697a351e80575d1f0f729c491be3601cc2e9372e87f762aefcb8c15403f94f122e3d626061e2215b8edcda38c46f37 SHA512 0df7d1f83bd1adb4e87b0afeada99c64b2aa50fdfb9eda5d44043f4447bceda50a057e78db2397f882efbe7440ba7e3f5db9e610f679938e5ed461f175d70c6f
+DIST suricata-6.0.11.tar.gz 27408130 BLAKE2B 41b37168e6c50b32971ad8c0541f3bc1981152c8360bbfc261a9abab5dc229425bef92fe19db5d0ec7cf32abff71acca62934c411aea79f5c8f9b38bd6422ee4 SHA512 b9b23aa9f71e9ce9c15312d14624133f772a0df82059a7c911cfb028ff00ba0eb39c7c263cb7f4612d2199c262cef1682c06f8b416a36e37dfb4277f12cb2ce9
+DIST suricata-6.0.11.tar.gz.sig 566 BLAKE2B fb6854b4bade28d4ff5850d2222ace2e71955d587a3a0346bd158796564a3d3440940b90edc85be330ca8f8f903b35c9a7abf01dc2a570f7a74f492ca0bda70b SHA512 4ab0b2823d0260cbb17c1dc25dcf1511b772fd5369555b6f1db9db1cc5bbb66092f1b6c4e4b6f01ee76a6003c51444b44e8529ea6f994a554c42e267295e8dc3
diff --git a/net-analyzer/suricata/suricata-6.0.9.ebuild b/net-analyzer/suricata/suricata-6.0.11.ebuild
similarity index 96%
rename from net-analyzer/suricata/suricata-6.0.9.ebuild
rename to net-analyzer/suricata/suricata-6.0.11.ebuild
index 7f150ca4dc8d..9b453e9fdbc6 100644
--- a/net-analyzer/suricata/suricata-6.0.9.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.11.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2022 Gentoo Authors
+# Copyright 1999-2023 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
@@ -38,7 +38,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.42
+ >=net-libs/libhtp-0.5.43
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
@@ -119,6 +119,7 @@ src_configure() {
if use debug; then
myeconfargs+=( $(use_enable debug) )
# so we can get a backtrace according to "reporting bugs" on upstream web site
+ QA_FLAGS_IGNORED="usr/bin/${PN}"
CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
else
econf ${myeconfargs[@]}
@@ -145,7 +146,7 @@ src_install() {
fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+ fperms 6750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
newinitd "${FILESDIR}/${PN}.initd" ${PN}
newconfd "${FILESDIR}/${PN}.confd" ${PN}
@@ -205,11 +206,7 @@ pkg_postinst() {
elog
if [[ -z "${REPLACING_VERSIONS}" ]]; then
elog "To download and install an initial set of rules, run:"
- elog " emerge --config =${CATEGORY}/${PF}"
+ elog " suricata-update"
fi
elog
}
-
-pkg_config() {
- suricata-update
-}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2023-03-22 23:43 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2023-03-22 23:43 UTC (permalink / raw
To: gentoo-commits
commit: 8532e51714ce99ea6db20cfedde4d976291e70d3
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Wed Mar 22 23:02:00 2023 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Wed Mar 22 23:43:34 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8532e517
net-analyzer/suricata: make rule-file and update dirs setuid suricata
So that it is possible to run suricata-update as root (which according
to upstream documentation is still very much allowed) but have suricata
itself drop its privileges, without having to manually change the
ownership of downloaded files. In the long run it would be nice for
suricata-update to drop privileges as well - but that's something
for upstream to take care of, and setuid suricata on the relevant
directories appears to work fine.
Closes: https://bugs.gentoo.org/900627
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/suricata-6.0.10.ebuild | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/suricata-6.0.10.ebuild b/net-analyzer/suricata/suricata-6.0.10.ebuild
index 697b19988894..bcc930edadc3 100644
--- a/net-analyzer/suricata/suricata-6.0.10.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.10.ebuild
@@ -146,7 +146,7 @@ src_install() {
fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+ fperms 6750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
newinitd "${FILESDIR}/${PN}.initd" ${PN}
newconfd "${FILESDIR}/${PN}.confd" ${PN}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2023-03-01 23:12 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2023-03-01 23:12 UTC (permalink / raw
To: gentoo-commits
commit: b17adffd47e3d9b107b7c25fb1f17a2edf3df605
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Wed Mar 1 22:29:51 2023 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Wed Mar 1 23:11:58 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b17adffd
net-analyzer/suricata: allow ignoring CFLAGS for USE=debug
We set specific compiler flags when Suricata is built in debug mode in
order to confirm with upstream bug-reporting policy.
Closes: https://bugs.gentoo.org/889748
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/suricata-6.0.10.ebuild | 1 +
1 file changed, 1 insertion(+)
diff --git a/net-analyzer/suricata/suricata-6.0.10.ebuild b/net-analyzer/suricata/suricata-6.0.10.ebuild
index 69445880fb19..697b19988894 100644
--- a/net-analyzer/suricata/suricata-6.0.10.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.10.ebuild
@@ -119,6 +119,7 @@ src_configure() {
if use debug; then
myeconfargs+=( $(use_enable debug) )
# so we can get a backtrace according to "reporting bugs" on upstream web site
+ QA_FLAGS_IGNORED="usr/bin/${PN}"
CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
else
econf ${myeconfargs[@]}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2023-02-01 10:51 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2023-02-01 10:51 UTC (permalink / raw
To: gentoo-commits
commit: d84c3680afade906ec0cfcb2822c7cb2e75ad785
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Wed Feb 1 10:47:34 2023 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Wed Feb 1 10:50:38 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d84c3680
net-analyzer/suricata: drop 6.0.8-r1
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 2 -
net-analyzer/suricata/suricata-6.0.8-r1.ebuild | 215 -------------------------
2 files changed, 217 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index d2780384de9a..d74a829df4e1 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,6 +1,4 @@
DIST suricata-6.0.10.tar.gz 27374715 BLAKE2B a2b334c0139ead0b914ba6039c116ebad30dd3b5c0d4bb751f608af83e1487a67b96224ffe61635468dc49a9e44f03a76facf2af66582ba18e364f233029b532 SHA512 3e49d491cf1fb56a6773308380cae826016041018c18753d18529572712a6ffa415df2798805bffdf8482312fdb69c3f2e05f38870a5b725d333f928b840e1e2
DIST suricata-6.0.10.tar.gz.sig 566 BLAKE2B 911c3587911dd6b8fbf0932608b2eb80928223d5ed6636abfd9355fcdf6fcb2ff0e3d064d472d2c89417679c68d496ee105dd0cee1f3e8c33de9cd6c90290d9d SHA512 5c6ab8937d82472b0bccae00c94094ee503ac423884d958947f276a4f2d7e9a88646e5ca8deb4b03cb4d035238774a6cd20ddbea9a08a6c5b45b646c1458dca8
-DIST suricata-6.0.8.tar.gz 32697425 BLAKE2B 1e445885f3a672081cbb8f17de9fb0fa21a2c618b80ea8d3d9362c0475149d833986cac047ad90b1c1a5b5b19025ff501a695e0f197c00457859b3858f51ecba SHA512 ab1eceedde70179e4a447297039e64132e0a2361e8424ad42c9037273a3f6eaf4c8d5d0306af6f26c8b373636b621ac1d7d505952306d9170c6a87e6fb863b61
-DIST suricata-6.0.8.tar.gz.sig 566 BLAKE2B 817756401d628e49fb0f54faca05d87131711946aa641d0f0a5957fa2f5d6378e1b5cafeaf67b176b66cb0be0afd790aea1312042a195535e57571276aef1edc SHA512 d0d354b6fca3ef088e2371d6262f4bd45fb06747fcc32519510e690ced933d828fc1acf64d8d1b17d0360ce280905e5bf4b1c9fb8016d82cdee57a432bded884
DIST suricata-6.0.9.tar.gz 27352128 BLAKE2B 966657eeff216894f6357989f0317b7c5eed82602ca2381269446cbe4c015be449f5598726b2f58924f20aca30c4e130ecafe642ea4ce39f1671f46093292551 SHA512 09a24a90db11e74da2d584904987c2d751243a95cf237d13a8b57cdffc6659281c9d572404caea657e637d7eed01ecfe40bdfcfc79c09e1ca8eb26637dddbb6c
DIST suricata-6.0.9.tar.gz.sig 566 BLAKE2B 1ac1bb67caef5e5827127befd269de03ec697a351e80575d1f0f729c491be3601cc2e9372e87f762aefcb8c15403f94f122e3d626061e2215b8edcda38c46f37 SHA512 0df7d1f83bd1adb4e87b0afeada99c64b2aa50fdfb9eda5d44043f4447bceda50a057e78db2397f882efbe7440ba7e3f5db9e610f679938e5ed461f175d70c6f
diff --git a/net-analyzer/suricata/suricata-6.0.8-r1.ebuild b/net-analyzer/suricata/suricata-6.0.8-r1.ebuild
deleted file mode 100644
index f43461cd5001..000000000000
--- a/net-analyzer/suricata/suricata-6.0.8-r1.ebuild
+++ /dev/null
@@ -1,215 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-LUA_COMPAT=( lua5-1 luajit )
-PYTHON_COMPAT=( python3_{9..11} )
-
-inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd tmpfiles verify-sig
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="https://suricata.io/"
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
- verify-sig? ( https://www.openinfosecfoundation.org/download/${P}.tar.gz.sig )"
-
-LICENSE="GPL-2"
-SLOT="0/6"
-KEYWORDS="~amd64 ~riscv ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened hyperscan lua lz4 nflog +nfqueue redis systemd test"
-VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
-
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- bpf? ( af-packet )
- lua? ( ${LUA_REQUIRED_USE} )"
-
-RDEPEND="${PYTHON_DEPS}
- acct-group/suricata
- acct-user/suricata
- dev-libs/jansson:=
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- $(python_gen_cond_dep '
- dev-python/pyyaml[${PYTHON_USEDEP}]
- ')
- >=net-libs/libhtp-0.5.41
- net-libs/libpcap
- sys-apps/file
- sys-libs/libcap-ng
- bpf? ( <dev-libs/libbpf-1.0.0 )
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/libmaxminddb:= )
- hyperscan? ( dev-libs/hyperscan )
- lua? ( ${LUA_DEPS} )
- lz4? ( app-arch/lz4 )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue? ( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis:= )"
-DEPEND="${RDEPEND}
- >=sys-devel/autoconf-2.69-r5
- virtual/rust"
-BDEPEND="verify-sig? ( >=sec-keys/openpgp-keys-oisf-20200807 )"
-
-PATCHES=(
- "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
- "${FILESDIR}/${PN}-5.0.6_configure-no-sphinx-pdflatex-automagic.patch"
- "${FILESDIR}/${PN}-5.0.7_configure-no-hyperscan-automagic.patch"
- "${FILESDIR}/${PN}-6.0.0_default-config.patch"
-)
-
-pkg_pretend() {
- if use bpf && use kernel_linux; then
- if kernel_is -lt 4 15; then
- ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
- fi
-
- CONFIG_CHECK="~XDP_SOCKETS"
- ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata to load XDP programs. "
- ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
- check_extra_config
- fi
-}
-
-src_prepare() {
- default
- sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am" || die
- eautoreconf
-}
-
-src_configure() {
- # Bug #861242
- filter-lto
-
- local myeconfargs=(
- "--localstatedir=/var" \
- "--runstatedir=/run" \
- "--enable-non-bundled-htp" \
- "--enable-gccmarch-native=no" \
- "--enable-python" \
- $(use_enable af-packet) \
- $(use_enable bpf ebpf) \
- $(use_enable control-socket unix-socket) \
- $(use_enable cuda) \
- $(use_enable detection) \
- $(use_enable geoip) \
- $(use_enable hardened gccprotect) \
- $(use_enable hardened pie) \
- $(use_enable hyperscan) \
- $(use_enable lz4) \
- $(use_enable nflog) \
- $(use_enable nfqueue) \
- $(use_enable redis hiredis) \
- $(use_enable test unittests) \
- "--disable-coccinelle"
- )
- if use lua; then
- if use lua_single_target_luajit; then
- myeconfargs+=( --enable-luajit )
- else
- myeconfargs+=( --enable-lua )
- fi
- fi
-
- if use debug; then
- myeconfargs+=( $(use_enable debug) )
- # so we can get a backtrace according to "reporting bugs" on upstream web site
- CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
- else
- econf ${myeconfargs[@]}
- fi
-}
-
-src_install() {
- emake DESTDIR="${D}" install
- python_optimize
- # Bug #878855
- python_fix_shebang "${ED}"/usr/bin/
-
- if use bpf; then
- rm -f ebpf/Makefile.{am,in} || die
- dodoc -r ebpf/
- keepdir /usr/libexec/suricata/ebpf
- fi
-
- insinto "/etc/${PN}"
- doins etc/{classification,reference}.config threshold.config suricata.yaml
-
- keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
- keepdir "/var/log/${PN}"
-
- fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
-
- newinitd "${FILESDIR}/${PN}.initd" ${PN}
- newconfd "${FILESDIR}/${PN}.confd" ${PN}
- systemd_dounit "${FILESDIR}"/${PN}.service
- newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
-
- insopts -m0644
- insinto /etc/logrotate.d
- newins etc/${PN}.logrotate ${PN}
-}
-
-pkg_postinst() {
- tmpfiles_process ${PN}.conf
-
- elog
- if use systemd; then
- elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
- elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
- elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
- elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
- elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
- elog "For details, see the section on drop-in directories in systemd.unit(5)."
- else
- elog "The ${PN} init script expects to find the path to the configuration"
- elog "file as well as extra options in /etc/conf.d."
- elog
- elog "To create more than one ${PN} service, simply create a new .yaml file for it"
- elog "then create a symlink to the init script from a link called"
- elog "${PN}.foo - like so"
- elog " cd /etc/${PN}"
- elog " ${EDITOR##*/} suricata-foo.yaml"
- elog " cd /etc/init.d"
- elog " ln -s ${PN} ${PN}.foo"
- elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
- elog
- elog "You can create as many ${PN}.foo* services as you wish."
- fi
-
- if use bpf; then
- elog
- elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
- elog "because their configuration is hard-coded. You can find the default ones in"
- elog " ${EPREFIX}/usr/share/doc/${PF}/ebpf"
- elog "and the common location for eBPF bytecode is"
- elog " ${EPREFIX}/usr/libexec/${PN}"
- elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
- fi
-
- if use debug; then
- elog
- elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
- elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
- elog "You need to also ensure the FEATURES variable in make.conf contains the"
- elog "'nostrip' option to produce useful core dumps or back traces."
- fi
-
- elog
- if [[ -z "${REPLACING_VERSIONS}" ]]; then
- elog "To download and install an initial set of rules, run:"
- elog " emerge --config =${CATEGORY}/${PF}"
- fi
- elog
-}
-
-pkg_config() {
- suricata-update
-}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2023-02-01 10:51 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2023-02-01 10:51 UTC (permalink / raw
To: gentoo-commits
commit: 8b6d65a2f8918e747d3801e689c9349f9de02140
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Wed Feb 1 10:47:06 2023 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Wed Feb 1 10:50:37 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8b6d65a2
net-analyzer/suricata: add 6.0.10
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 2 +
net-analyzer/suricata/suricata-6.0.10.ebuild | 211 +++++++++++++++++++++++++++
2 files changed, 213 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 2314e0a6d360..d2780384de9a 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,3 +1,5 @@
+DIST suricata-6.0.10.tar.gz 27374715 BLAKE2B a2b334c0139ead0b914ba6039c116ebad30dd3b5c0d4bb751f608af83e1487a67b96224ffe61635468dc49a9e44f03a76facf2af66582ba18e364f233029b532 SHA512 3e49d491cf1fb56a6773308380cae826016041018c18753d18529572712a6ffa415df2798805bffdf8482312fdb69c3f2e05f38870a5b725d333f928b840e1e2
+DIST suricata-6.0.10.tar.gz.sig 566 BLAKE2B 911c3587911dd6b8fbf0932608b2eb80928223d5ed6636abfd9355fcdf6fcb2ff0e3d064d472d2c89417679c68d496ee105dd0cee1f3e8c33de9cd6c90290d9d SHA512 5c6ab8937d82472b0bccae00c94094ee503ac423884d958947f276a4f2d7e9a88646e5ca8deb4b03cb4d035238774a6cd20ddbea9a08a6c5b45b646c1458dca8
DIST suricata-6.0.8.tar.gz 32697425 BLAKE2B 1e445885f3a672081cbb8f17de9fb0fa21a2c618b80ea8d3d9362c0475149d833986cac047ad90b1c1a5b5b19025ff501a695e0f197c00457859b3858f51ecba SHA512 ab1eceedde70179e4a447297039e64132e0a2361e8424ad42c9037273a3f6eaf4c8d5d0306af6f26c8b373636b621ac1d7d505952306d9170c6a87e6fb863b61
DIST suricata-6.0.8.tar.gz.sig 566 BLAKE2B 817756401d628e49fb0f54faca05d87131711946aa641d0f0a5957fa2f5d6378e1b5cafeaf67b176b66cb0be0afd790aea1312042a195535e57571276aef1edc SHA512 d0d354b6fca3ef088e2371d6262f4bd45fb06747fcc32519510e690ced933d828fc1acf64d8d1b17d0360ce280905e5bf4b1c9fb8016d82cdee57a432bded884
DIST suricata-6.0.9.tar.gz 27352128 BLAKE2B 966657eeff216894f6357989f0317b7c5eed82602ca2381269446cbe4c015be449f5598726b2f58924f20aca30c4e130ecafe642ea4ce39f1671f46093292551 SHA512 09a24a90db11e74da2d584904987c2d751243a95cf237d13a8b57cdffc6659281c9d572404caea657e637d7eed01ecfe40bdfcfc79c09e1ca8eb26637dddbb6c
diff --git a/net-analyzer/suricata/suricata-6.0.10.ebuild b/net-analyzer/suricata/suricata-6.0.10.ebuild
new file mode 100644
index 000000000000..69445880fb19
--- /dev/null
+++ b/net-analyzer/suricata/suricata-6.0.10.ebuild
@@ -0,0 +1,211 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+LUA_COMPAT=( lua5-1 luajit )
+PYTHON_COMPAT=( python3_{9..11} )
+
+inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd tmpfiles verify-sig
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="https://suricata.io/"
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
+ verify-sig? ( https://www.openinfosecfoundation.org/download/${P}.tar.gz.sig )"
+
+LICENSE="GPL-2"
+SLOT="0/6"
+KEYWORDS="~amd64 ~riscv ~x86"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened hyperscan lua lz4 nflog +nfqueue redis systemd test"
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ bpf? ( af-packet )
+ lua? ( ${LUA_REQUIRED_USE} )"
+
+RDEPEND="${PYTHON_DEPS}
+ acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson:=
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_USEDEP}]
+ ')
+ >=net-libs/libhtp-0.5.42
+ net-libs/libpcap
+ sys-apps/file
+ sys-libs/libcap-ng
+ bpf? ( <dev-libs/libbpf-1.0.0 )
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/libmaxminddb:= )
+ hyperscan? ( dev-libs/hyperscan )
+ lua? ( ${LUA_DEPS} )
+ lz4? ( app-arch/lz4 )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue? ( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis:= )"
+DEPEND="${RDEPEND}
+ >=sys-devel/autoconf-2.69-r5
+ virtual/rust"
+BDEPEND="verify-sig? ( >=sec-keys/openpgp-keys-oisf-20200807 )"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.6_configure-no-sphinx-pdflatex-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.7_configure-no-hyperscan-automagic.patch"
+ "${FILESDIR}/${PN}-6.0.0_default-config.patch"
+)
+
+pkg_pretend() {
+ if use bpf && use kernel_linux; then
+ if kernel_is -lt 4 15; then
+ ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
+ fi
+
+ CONFIG_CHECK="~XDP_SOCKETS"
+ ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata to load XDP programs. "
+ ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
+ check_extra_config
+ fi
+}
+
+src_prepare() {
+ default
+ sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am" || die
+ eautoreconf
+}
+
+src_configure() {
+ # Bug #861242
+ filter-lto
+
+ local myeconfargs=(
+ "--localstatedir=/var" \
+ "--runstatedir=/run" \
+ "--enable-non-bundled-htp" \
+ "--enable-gccmarch-native=no" \
+ "--enable-python" \
+ $(use_enable af-packet) \
+ $(use_enable bpf ebpf) \
+ $(use_enable control-socket unix-socket) \
+ $(use_enable cuda) \
+ $(use_enable detection) \
+ $(use_enable geoip) \
+ $(use_enable hardened gccprotect) \
+ $(use_enable hardened pie) \
+ $(use_enable hyperscan) \
+ $(use_enable lz4) \
+ $(use_enable nflog) \
+ $(use_enable nfqueue) \
+ $(use_enable redis hiredis) \
+ $(use_enable test unittests) \
+ "--disable-coccinelle"
+ )
+ if use lua; then
+ if use lua_single_target_luajit; then
+ myeconfargs+=( --enable-luajit )
+ else
+ myeconfargs+=( --enable-lua )
+ fi
+ fi
+
+ if use debug; then
+ myeconfargs+=( $(use_enable debug) )
+ # so we can get a backtrace according to "reporting bugs" on upstream web site
+ CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
+ else
+ econf ${myeconfargs[@]}
+ fi
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+ python_optimize
+ # Bug #878855
+ python_fix_shebang "${ED}"/usr/bin/
+
+ if use bpf; then
+ rm -f ebpf/Makefile.{am,in} || die
+ dodoc -r ebpf/
+ keepdir /usr/libexec/suricata/ebpf
+ fi
+
+ insinto "/etc/${PN}"
+ doins etc/{classification,reference}.config threshold.config suricata.yaml
+
+ keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+ keepdir "/var/log/${PN}"
+
+ fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+
+ newinitd "${FILESDIR}/${PN}.initd" ${PN}
+ newconfd "${FILESDIR}/${PN}.confd" ${PN}
+ systemd_dounit "${FILESDIR}"/${PN}.service
+ newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
+
+ insopts -m0644
+ insinto /etc/logrotate.d
+ newins etc/${PN}.logrotate ${PN}
+}
+
+pkg_postinst() {
+ tmpfiles_process ${PN}.conf
+
+ elog
+ if use systemd; then
+ elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
+ elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
+ elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
+ elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
+ elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
+ elog "For details, see the section on drop-in directories in systemd.unit(5)."
+ else
+ elog "The ${PN} init script expects to find the path to the configuration"
+ elog "file as well as extra options in /etc/conf.d."
+ elog
+ elog "To create more than one ${PN} service, simply create a new .yaml file for it"
+ elog "then create a symlink to the init script from a link called"
+ elog "${PN}.foo - like so"
+ elog " cd /etc/${PN}"
+ elog " ${EDITOR##*/} suricata-foo.yaml"
+ elog " cd /etc/init.d"
+ elog " ln -s ${PN} ${PN}.foo"
+ elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
+ elog
+ elog "You can create as many ${PN}.foo* services as you wish."
+ fi
+
+ if use bpf; then
+ elog
+ elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
+ elog "because their configuration is hard-coded. You can find the default ones in"
+ elog " ${EPREFIX}/usr/share/doc/${PF}/ebpf"
+ elog "and the common location for eBPF bytecode is"
+ elog " ${EPREFIX}/usr/libexec/${PN}"
+ elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
+ fi
+
+ if use debug; then
+ elog
+ elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
+ elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
+ elog "You need to also ensure the FEATURES variable in make.conf contains the"
+ elog "'nostrip' option to produce useful core dumps or back traces."
+ fi
+
+ elog
+ if [[ -z "${REPLACING_VERSIONS}" ]]; then
+ elog "To download and install an initial set of rules, run:"
+ elog " suricata-update"
+ fi
+ elog
+}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2022-12-02 10:00 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2022-12-02 10:00 UTC (permalink / raw
To: gentoo-commits
commit: 56123cf7a6c8f01ae24fe2b8cd958201e95c816f
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Fri Dec 2 09:46:02 2022 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Fri Dec 2 10:00:06 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=56123cf7
net-analyzer/suricata: add 6.0.9
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 2 +
net-analyzer/suricata/suricata-6.0.9.ebuild | 215 ++++++++++++++++++++++++++++
2 files changed, 217 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 3be5cf6b3c89..2314e0a6d360 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,4 @@
DIST suricata-6.0.8.tar.gz 32697425 BLAKE2B 1e445885f3a672081cbb8f17de9fb0fa21a2c618b80ea8d3d9362c0475149d833986cac047ad90b1c1a5b5b19025ff501a695e0f197c00457859b3858f51ecba SHA512 ab1eceedde70179e4a447297039e64132e0a2361e8424ad42c9037273a3f6eaf4c8d5d0306af6f26c8b373636b621ac1d7d505952306d9170c6a87e6fb863b61
DIST suricata-6.0.8.tar.gz.sig 566 BLAKE2B 817756401d628e49fb0f54faca05d87131711946aa641d0f0a5957fa2f5d6378e1b5cafeaf67b176b66cb0be0afd790aea1312042a195535e57571276aef1edc SHA512 d0d354b6fca3ef088e2371d6262f4bd45fb06747fcc32519510e690ced933d828fc1acf64d8d1b17d0360ce280905e5bf4b1c9fb8016d82cdee57a432bded884
+DIST suricata-6.0.9.tar.gz 27352128 BLAKE2B 966657eeff216894f6357989f0317b7c5eed82602ca2381269446cbe4c015be449f5598726b2f58924f20aca30c4e130ecafe642ea4ce39f1671f46093292551 SHA512 09a24a90db11e74da2d584904987c2d751243a95cf237d13a8b57cdffc6659281c9d572404caea657e637d7eed01ecfe40bdfcfc79c09e1ca8eb26637dddbb6c
+DIST suricata-6.0.9.tar.gz.sig 566 BLAKE2B 1ac1bb67caef5e5827127befd269de03ec697a351e80575d1f0f729c491be3601cc2e9372e87f762aefcb8c15403f94f122e3d626061e2215b8edcda38c46f37 SHA512 0df7d1f83bd1adb4e87b0afeada99c64b2aa50fdfb9eda5d44043f4447bceda50a057e78db2397f882efbe7440ba7e3f5db9e610f679938e5ed461f175d70c6f
diff --git a/net-analyzer/suricata/suricata-6.0.9.ebuild b/net-analyzer/suricata/suricata-6.0.9.ebuild
new file mode 100644
index 000000000000..7f150ca4dc8d
--- /dev/null
+++ b/net-analyzer/suricata/suricata-6.0.9.ebuild
@@ -0,0 +1,215 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+LUA_COMPAT=( lua5-1 luajit )
+PYTHON_COMPAT=( python3_{9..11} )
+
+inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd tmpfiles verify-sig
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="https://suricata.io/"
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
+ verify-sig? ( https://www.openinfosecfoundation.org/download/${P}.tar.gz.sig )"
+
+LICENSE="GPL-2"
+SLOT="0/6"
+KEYWORDS="~amd64 ~riscv ~x86"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened hyperscan lua lz4 nflog +nfqueue redis systemd test"
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ bpf? ( af-packet )
+ lua? ( ${LUA_REQUIRED_USE} )"
+
+RDEPEND="${PYTHON_DEPS}
+ acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson:=
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_USEDEP}]
+ ')
+ >=net-libs/libhtp-0.5.42
+ net-libs/libpcap
+ sys-apps/file
+ sys-libs/libcap-ng
+ bpf? ( <dev-libs/libbpf-1.0.0 )
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/libmaxminddb:= )
+ hyperscan? ( dev-libs/hyperscan )
+ lua? ( ${LUA_DEPS} )
+ lz4? ( app-arch/lz4 )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue? ( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis:= )"
+DEPEND="${RDEPEND}
+ >=sys-devel/autoconf-2.69-r5
+ virtual/rust"
+BDEPEND="verify-sig? ( >=sec-keys/openpgp-keys-oisf-20200807 )"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.6_configure-no-sphinx-pdflatex-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.7_configure-no-hyperscan-automagic.patch"
+ "${FILESDIR}/${PN}-6.0.0_default-config.patch"
+)
+
+pkg_pretend() {
+ if use bpf && use kernel_linux; then
+ if kernel_is -lt 4 15; then
+ ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
+ fi
+
+ CONFIG_CHECK="~XDP_SOCKETS"
+ ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata to load XDP programs. "
+ ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
+ check_extra_config
+ fi
+}
+
+src_prepare() {
+ default
+ sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am" || die
+ eautoreconf
+}
+
+src_configure() {
+ # Bug #861242
+ filter-lto
+
+ local myeconfargs=(
+ "--localstatedir=/var" \
+ "--runstatedir=/run" \
+ "--enable-non-bundled-htp" \
+ "--enable-gccmarch-native=no" \
+ "--enable-python" \
+ $(use_enable af-packet) \
+ $(use_enable bpf ebpf) \
+ $(use_enable control-socket unix-socket) \
+ $(use_enable cuda) \
+ $(use_enable detection) \
+ $(use_enable geoip) \
+ $(use_enable hardened gccprotect) \
+ $(use_enable hardened pie) \
+ $(use_enable hyperscan) \
+ $(use_enable lz4) \
+ $(use_enable nflog) \
+ $(use_enable nfqueue) \
+ $(use_enable redis hiredis) \
+ $(use_enable test unittests) \
+ "--disable-coccinelle"
+ )
+ if use lua; then
+ if use lua_single_target_luajit; then
+ myeconfargs+=( --enable-luajit )
+ else
+ myeconfargs+=( --enable-lua )
+ fi
+ fi
+
+ if use debug; then
+ myeconfargs+=( $(use_enable debug) )
+ # so we can get a backtrace according to "reporting bugs" on upstream web site
+ CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
+ else
+ econf ${myeconfargs[@]}
+ fi
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+ python_optimize
+ # Bug #878855
+ python_fix_shebang "${ED}"/usr/bin/
+
+ if use bpf; then
+ rm -f ebpf/Makefile.{am,in} || die
+ dodoc -r ebpf/
+ keepdir /usr/libexec/suricata/ebpf
+ fi
+
+ insinto "/etc/${PN}"
+ doins etc/{classification,reference}.config threshold.config suricata.yaml
+
+ keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+ keepdir "/var/log/${PN}"
+
+ fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+
+ newinitd "${FILESDIR}/${PN}.initd" ${PN}
+ newconfd "${FILESDIR}/${PN}.confd" ${PN}
+ systemd_dounit "${FILESDIR}"/${PN}.service
+ newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
+
+ insopts -m0644
+ insinto /etc/logrotate.d
+ newins etc/${PN}.logrotate ${PN}
+}
+
+pkg_postinst() {
+ tmpfiles_process ${PN}.conf
+
+ elog
+ if use systemd; then
+ elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
+ elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
+ elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
+ elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
+ elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
+ elog "For details, see the section on drop-in directories in systemd.unit(5)."
+ else
+ elog "The ${PN} init script expects to find the path to the configuration"
+ elog "file as well as extra options in /etc/conf.d."
+ elog
+ elog "To create more than one ${PN} service, simply create a new .yaml file for it"
+ elog "then create a symlink to the init script from a link called"
+ elog "${PN}.foo - like so"
+ elog " cd /etc/${PN}"
+ elog " ${EDITOR##*/} suricata-foo.yaml"
+ elog " cd /etc/init.d"
+ elog " ln -s ${PN} ${PN}.foo"
+ elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
+ elog
+ elog "You can create as many ${PN}.foo* services as you wish."
+ fi
+
+ if use bpf; then
+ elog
+ elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
+ elog "because their configuration is hard-coded. You can find the default ones in"
+ elog " ${EPREFIX}/usr/share/doc/${PF}/ebpf"
+ elog "and the common location for eBPF bytecode is"
+ elog " ${EPREFIX}/usr/libexec/${PN}"
+ elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
+ fi
+
+ if use debug; then
+ elog
+ elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
+ elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
+ elog "You need to also ensure the FEATURES variable in make.conf contains the"
+ elog "'nostrip' option to produce useful core dumps or back traces."
+ fi
+
+ elog
+ if [[ -z "${REPLACING_VERSIONS}" ]]; then
+ elog "To download and install an initial set of rules, run:"
+ elog " emerge --config =${CATEGORY}/${PF}"
+ fi
+ elog
+}
+
+pkg_config() {
+ suricata-update
+}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2022-11-10 0:42 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2022-11-10 0:42 UTC (permalink / raw
To: gentoo-commits
commit: fa455e775b038a6b8e1c0fe57df3ed0d39882955
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Wed Nov 9 22:59:42 2022 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Thu Nov 10 00:42:08 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fa455e77
net-analyzer/suricata: do not mention version 5 any more
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/suricata-6.0.8-r1.ebuild | 6 +-----
1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/net-analyzer/suricata/suricata-6.0.8-r1.ebuild b/net-analyzer/suricata/suricata-6.0.8-r1.ebuild
index 9b39a338afc0..1caffbd09a2c 100644
--- a/net-analyzer/suricata/suricata-6.0.8-r1.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.8-r1.ebuild
@@ -203,11 +203,7 @@ pkg_postinst() {
fi
elog
- if [[ -n "${REPLACING_VERSIONS}" ]]; then
- ewarn "Since version 6.0.0 Suricata no longer supports the unified2 output format commonly used"
- ewarn "in legacy, Snort-compatible IDS solutions, e.g. ones based on net-analyzer/barnyard2."
- ewarn "If you need unified2 support, please continue to use suricata-5."
- else
+ if [[ -z "${REPLACING_VERSIONS}" ]]; then
elog "To download and install an initial set of rules, run:"
elog " emerge --config =${CATEGORY}/${PF}"
fi
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2022-11-01 13:10 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2022-11-01 13:10 UTC (permalink / raw
To: gentoo-commits
commit: 4cc4a0c4fc45b09318bd4a9a73032270f30748b5
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Tue Nov 1 12:58:35 2022 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Tue Nov 1 13:10:33 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4cc4a0c4
net-analyzer/suricata: revbump for Python shebang change
Was going to make some additional potentially revbump-requiring tweaking
but have run out of time for now.
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/{suricata-6.0.8.ebuild => suricata-6.0.8-r1.ebuild} | 0
1 file changed, 0 insertions(+), 0 deletions(-)
diff --git a/net-analyzer/suricata/suricata-6.0.8.ebuild b/net-analyzer/suricata/suricata-6.0.8-r1.ebuild
similarity index 100%
rename from net-analyzer/suricata/suricata-6.0.8.ebuild
rename to net-analyzer/suricata/suricata-6.0.8-r1.ebuild
^ permalink raw reply [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2022-11-01 0:36 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2022-11-01 0:36 UTC (permalink / raw
To: gentoo-commits
commit: ccd5c182f09cb41b255b1c1ba6c2226e6158de5e
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Tue Nov 1 00:27:56 2022 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Tue Nov 1 00:36:30 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ccd5c182
net-analyzer/suricata: fix shebangs in installed Python scripts
Closes: https://bugs.gentoo.org/878855
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/suricata-6.0.8.ebuild | 2 ++
1 file changed, 2 insertions(+)
diff --git a/net-analyzer/suricata/suricata-6.0.8.ebuild b/net-analyzer/suricata/suricata-6.0.8.ebuild
index 5176b2844776..9b39a338afc0 100644
--- a/net-analyzer/suricata/suricata-6.0.8.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.8.ebuild
@@ -128,6 +128,8 @@ src_configure() {
src_install() {
emake DESTDIR="${D}" install
python_optimize
+ # Bug #878855
+ python_fix_shebang "${ED}"/usr/bin/
if use bpf; then
rm -f ebpf/Makefile.{am,in} || die
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2022-10-04 0:53 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2022-10-04 0:53 UTC (permalink / raw
To: gentoo-commits
commit: 9da636ee58895a292c2eabc921b986b6cf1993f7
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Tue Oct 4 00:34:18 2022 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Tue Oct 4 00:52:51 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9da636ee
net-analyzer/suricata: add 6.0.8, drop 6.0.6-r1
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 4 ++--
.../suricata/{suricata-6.0.6-r1.ebuild => suricata-6.0.8.ebuild} | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 0d0da5219528..3be5cf6b3c89 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,2 @@
-DIST suricata-6.0.6.tar.gz 32651139 BLAKE2B de0a73c618c1e2777019de6b29be5224db1885840cba8d05ad4a83fc082408e5d8b16d2c6055701f5d279852a99bea5dea01bed58ad0148afd76c1158e693f16 SHA512 184e5a2f3a68de33198f6f0e681710b3f04ed083081ef989dba77d1afb78922c5afdcdaa18ca92c6ed79b98134a3c42b13e1f3e91d20ea10ca74a692f93c5101
-DIST suricata-6.0.6.tar.gz.sig 566 BLAKE2B 07a1d3ccf434eb0bff36009d36b449ed3295e78ca217efc3bfb722169f80e513621878077e5d2e6a5085db6dff3dfcb0d37ca3d125b590b4ba56a6135293377b SHA512 8dc242af8d176699c710c27ec4ebc37c1363ebed1601de9a6f5a81a393079eff4680e6912674872861d905cfe85dfa610c2a66a9a79980603868bb9d515ffe29
+DIST suricata-6.0.8.tar.gz 32697425 BLAKE2B 1e445885f3a672081cbb8f17de9fb0fa21a2c618b80ea8d3d9362c0475149d833986cac047ad90b1c1a5b5b19025ff501a695e0f197c00457859b3858f51ecba SHA512 ab1eceedde70179e4a447297039e64132e0a2361e8424ad42c9037273a3f6eaf4c8d5d0306af6f26c8b373636b621ac1d7d505952306d9170c6a87e6fb863b61
+DIST suricata-6.0.8.tar.gz.sig 566 BLAKE2B 817756401d628e49fb0f54faca05d87131711946aa641d0f0a5957fa2f5d6378e1b5cafeaf67b176b66cb0be0afd790aea1312042a195535e57571276aef1edc SHA512 d0d354b6fca3ef088e2371d6262f4bd45fb06747fcc32519510e690ced933d828fc1acf64d8d1b17d0360ce280905e5bf4b1c9fb8016d82cdee57a432bded884
diff --git a/net-analyzer/suricata/suricata-6.0.6-r1.ebuild b/net-analyzer/suricata/suricata-6.0.8.ebuild
similarity index 99%
rename from net-analyzer/suricata/suricata-6.0.6-r1.ebuild
rename to net-analyzer/suricata/suricata-6.0.8.ebuild
index eb585ca69101..5176b2844776 100644
--- a/net-analyzer/suricata/suricata-6.0.6-r1.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.8.ebuild
@@ -38,7 +38,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.40
+ >=net-libs/libhtp-0.5.41
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2022-09-01 12:27 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2022-09-01 12:27 UTC (permalink / raw
To: gentoo-commits
commit: 748cdd7b6cc6c2c5b3fd4ab2796e12054b8d666a
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Thu Sep 1 11:59:55 2022 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Thu Sep 1 11:59:55 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=748cdd7b
net-analyzer/suricata: require <dev-libs/libbpf-1.0.0
bpf_program__set_<TYPE>() APIs were deprecated since libbpf-0.8.0
and have been removed before 1.0 release; see
https://lore.kernel.org/bpf/Yrwhi2VWtxF+QJk6@boxer/T/
Closes: https://bugs.gentoo.org/867757
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/suricata-6.0.6-r1.ebuild | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/suricata-6.0.6-r1.ebuild b/net-analyzer/suricata/suricata-6.0.6-r1.ebuild
index aa3162a55d94..eb585ca69101 100644
--- a/net-analyzer/suricata/suricata-6.0.6-r1.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.6-r1.ebuild
@@ -42,7 +42,7 @@ RDEPEND="${PYTHON_DEPS}
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
- bpf? ( >=dev-libs/libbpf-0.1.0 )
+ bpf? ( <dev-libs/libbpf-1.0.0 )
cuda? ( dev-util/nvidia-cuda-toolkit )
geoip? ( dev-libs/libmaxminddb:= )
hyperscan? ( dev-libs/hyperscan )
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2022-08-24 15:36 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2022-08-24 15:36 UTC (permalink / raw
To: gentoo-commits
commit: 4e48545f46682625aa2fae6ffe25e86096c583a5
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Wed Aug 24 15:17:08 2022 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Wed Aug 24 15:36:16 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4e48545f
net-analyzer/suricata: add USE=verify-sig support
Suggested-by: Jonathan Davies <jpds <AT> protonmail.com>
Closes: https://github.com/gentoo/gentoo/pull/24615
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 1 +
net-analyzer/suricata/suricata-6.0.6.ebuild | 7 +++++--
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 57121c96f9d8..4c10e0066966 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,3 @@
DIST suricata-5.0.10.tar.gz 29391642 BLAKE2B b5c83b9882e89894c3dedb7f536d584a20bbeab24236752e528171db6589a6308422c8b0be4f433fc63b8cfc227aa0b67935a4aece943b10f4577398ea9ed467 SHA512 c59719d42a236ac7421e0bcf6894f113c8f7518e2b5dde558cbe57c12b68b86ef700bae3f4047c6b2677a784061951fc9d058e9f59b11846279da06e9649ac56
DIST suricata-6.0.6.tar.gz 32651139 BLAKE2B de0a73c618c1e2777019de6b29be5224db1885840cba8d05ad4a83fc082408e5d8b16d2c6055701f5d279852a99bea5dea01bed58ad0148afd76c1158e693f16 SHA512 184e5a2f3a68de33198f6f0e681710b3f04ed083081ef989dba77d1afb78922c5afdcdaa18ca92c6ed79b98134a3c42b13e1f3e91d20ea10ca74a692f93c5101
+DIST suricata-6.0.6.tar.gz.sig 566 BLAKE2B 07a1d3ccf434eb0bff36009d36b449ed3295e78ca217efc3bfb722169f80e513621878077e5d2e6a5085db6dff3dfcb0d37ca3d125b590b4ba56a6135293377b SHA512 8dc242af8d176699c710c27ec4ebc37c1363ebed1601de9a6f5a81a393079eff4680e6912674872861d905cfe85dfa610c2a66a9a79980603868bb9d515ffe29
diff --git a/net-analyzer/suricata/suricata-6.0.6.ebuild b/net-analyzer/suricata/suricata-6.0.6.ebuild
index a3816e04eee7..054eb7c52431 100644
--- a/net-analyzer/suricata/suricata-6.0.6.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.6.ebuild
@@ -6,16 +6,18 @@ EAPI=8
LUA_COMPAT=( lua5-1 luajit )
PYTHON_COMPAT=( python3_{8..11} )
-inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd tmpfiles
+inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd tmpfiles verify-sig
DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
HOMEPAGE="https://suricata.io/"
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
+ verify-sig? ( https://www.openinfosecfoundation.org/download/${P}.tar.gz.sig )"
LICENSE="GPL-2"
SLOT="0/6"
KEYWORDS="~amd64 ~riscv ~x86"
IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened hyperscan lua lz4 nflog +nfqueue redis systemd test"
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
RESTRICT="!test? ( test )"
@@ -52,6 +54,7 @@ RDEPEND="${PYTHON_DEPS}
DEPEND="${RDEPEND}
>=sys-devel/autoconf-2.69-r5
virtual/rust"
+BDEPEND="verify-sig? ( >=sec-keys/openpgp-keys-oisf-20200807 )"
PATCHES=(
"${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2022-08-24 15:36 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2022-08-24 15:36 UTC (permalink / raw
To: gentoo-commits
commit: 273a7f92150be905787cd14cb7896bc844fed7e1
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Wed Aug 24 15:16:23 2022 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Wed Aug 24 15:36:16 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=273a7f92
net-analyzer/suricata: enable py3.11
Builds, tests and installs fine with this Python version.
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/suricata-6.0.6.ebuild | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/suricata-6.0.6.ebuild b/net-analyzer/suricata/suricata-6.0.6.ebuild
index 751a280a7b5d..a3816e04eee7 100644
--- a/net-analyzer/suricata/suricata-6.0.6.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.6.ebuild
@@ -4,7 +4,7 @@
EAPI=8
LUA_COMPAT=( lua5-1 luajit )
-PYTHON_COMPAT=( python3_{8..10} )
+PYTHON_COMPAT=( python3_{8..11} )
inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd tmpfiles
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2022-07-27 23:54 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2022-07-27 23:54 UTC (permalink / raw
To: gentoo-commits
commit: 7f4e93388771731395d5848538531f6419f843f3
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Wed Jul 27 23:43:33 2022 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Wed Jul 27 23:43:33 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7f4e9338
net-analyzer/suricata: filter out LTO flags
Triggers type mismatches as demonstrated in the linked bug.
Don't bother doing the same with suricata-5, it is mere days
away from its end of life.
Closes: https://bugs.gentoo.org/861242
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/suricata-6.0.6.ebuild | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/suricata-6.0.6.ebuild b/net-analyzer/suricata/suricata-6.0.6.ebuild
index 1170a44de6b0..751a280a7b5d 100644
--- a/net-analyzer/suricata/suricata-6.0.6.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.6.ebuild
@@ -6,7 +6,7 @@ EAPI=8
LUA_COMPAT=( lua5-1 luajit )
PYTHON_COMPAT=( python3_{8..10} )
-inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
+inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd tmpfiles
DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
HOMEPAGE="https://suricata.io/"
@@ -80,6 +80,9 @@ src_prepare() {
}
src_configure() {
+ # Bug #861242
+ filter-lto
+
local myeconfargs=(
"--localstatedir=/var" \
"--runstatedir=/run" \
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2022-07-13 15:55 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2022-07-13 15:55 UTC (permalink / raw
To: gentoo-commits
commit: 6174a0f40918932e75a92b8892e7f2884ad493b0
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Wed Jul 13 13:40:31 2022 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Wed Jul 13 15:55:24 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6174a0f4
net-analyzer/suricata: drop 5.0.8-r1, 6.0.4-r1
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 2 -
net-analyzer/suricata/suricata-5.0.8-r1.ebuild | 207 ------------------------
net-analyzer/suricata/suricata-6.0.4-r1.ebuild | 211 -------------------------
3 files changed, 420 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 835e03888260..b2e75432ae3d 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,4 +1,2 @@
-DIST suricata-5.0.8.tar.gz 29272209 BLAKE2B 5c13aea176b6666477c620d1ed294310ee84ec706abbc740a23d66722297c09b61f253bbe17700cd58f8ce439987c9b13f312aba37d911b6522e4848e7c1b0cd SHA512 a3b355f158f72ed7b43304069ed81b1ebcb331a9fc3e7cfd2e4d04e33369cec1f654f80a2d3df86af74b631235c49068ff992c8715fe868e5ae6b5aff5642891
DIST suricata-5.0.9.tar.gz 29365601 BLAKE2B 02ab99585233a47b1577e55060ba1141c339718e5bd39b6f4d38bb9384fd459aae353f313083048128507f9023a8bcfea3e5a5bcc9ea0c75cfc9c288ca9db6b6 SHA512 5097bb0d62df05343628579a880eb57182c36c757f707ecaa6c2a8f54e759d8e42357f55630f33bb84e8cd98b783745e1525bdf08ef370754860a3b6aecf2fa4
-DIST suricata-6.0.4.tar.gz 32498036 BLAKE2B 083c08ab0878352c425e18184c07866640e5cbe4838749eeb934857bfb486e4b78e7f9ac724289e8ea30b33fe637484cc6da7bc78231e5419b747e22e5a9b6dc SHA512 8dccea669e50758def06fe3f3e8d5048d76b27a80b5f96a7b56d2ab6e4da358d8b17ec2d764e1b53cc6a1334ee0b14191cc80f5dcf18cc4d804d5c530290adf0
DIST suricata-6.0.5.tar.gz 32605145 BLAKE2B 6fb85eee9a9e5d97eeed5b55f72230261a5cc9c28f0f6ea0cb39f795e1b0ea9655d7bcc3016812f42adc8a9a18e7234c371e05e907686c54214b29a506b38494 SHA512 8b15a8756846faed4120eef75641a6595d06ec9282a934f4d740bba6d01f08b4e876bf6c53559ab571aba5fab70dcc70d891c82978d6b60ab86ab0ae9660368e
diff --git a/net-analyzer/suricata/suricata-5.0.8-r1.ebuild b/net-analyzer/suricata/suricata-5.0.8-r1.ebuild
deleted file mode 100644
index d2ee545bc674..000000000000
--- a/net-analyzer/suricata/suricata-5.0.8-r1.ebuild
+++ /dev/null
@@ -1,207 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-LUA_COMPAT=( lua5-1 luajit )
-PYTHON_COMPAT=( python3_{8..10} )
-
-inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="https://suricata.io/"
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0/5"
-KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened hyperscan lua lz4 nflog +nfqueue redis systemd test"
-
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- bpf? ( af-packet )
- lua? ( ${LUA_REQUIRED_USE} )"
-
-RDEPEND="${PYTHON_DEPS}
- acct-group/suricata
- acct-user/suricata
- dev-libs/jansson:=
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- $(python_gen_cond_dep '
- dev-python/pyyaml[${PYTHON_USEDEP}]
- ')
- >=net-libs/libhtp-0.5.39
- net-libs/libpcap
- sys-apps/file
- sys-libs/libcap-ng
- bpf? ( >=dev-libs/libbpf-0.1.0 )
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/libmaxminddb )
- hyperscan? ( dev-libs/hyperscan )
- lua? ( ${LUA_DEPS} )
- lz4? ( app-arch/lz4 )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue? ( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis:= )"
-DEPEND="${RDEPEND}
- >=sys-devel/autoconf-2.69-r5
- virtual/rust"
-
-PATCHES=(
- "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
- "${FILESDIR}/${PN}-5.0.1_default-config.patch"
- "${FILESDIR}/${PN}-5.0.6_configure-no-sphinx-pdflatex-automagic.patch"
- "${FILESDIR}/${PN}-5.0.7_configure-no-hyperscan-automagic.patch"
-)
-
-pkg_pretend() {
- if use bpf && use kernel_linux; then
- if kernel_is -lt 4 15; then
- ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
- fi
-
- CONFIG_CHECK="~XDP_SOCKETS"
- ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata to load XDP programs. "
- ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
- check_extra_config
- fi
-}
-
-src_prepare() {
- default
- sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am" || die
- eautoreconf
-}
-
-src_configure() {
- local myeconfargs=(
- "--localstatedir=/var" \
- "--runstatedir=/run" \
- "--enable-non-bundled-htp" \
- "--enable-gccmarch-native=no" \
- "--enable-python" \
- $(use_enable af-packet) \
- $(use_enable bpf ebpf) \
- $(use_enable control-socket unix-socket) \
- $(use_enable cuda) \
- $(use_enable detection) \
- $(use_enable geoip) \
- $(use_enable hardened gccprotect) \
- $(use_enable hardened pie) \
- $(use_enable hyperscan) \
- $(use_enable lz4) \
- $(use_enable nflog) \
- $(use_enable nfqueue) \
- $(use_enable redis hiredis) \
- $(use_enable test unittests) \
- "--disable-coccinelle"
- )
- if use lua; then
- if use lua_single_target_luajit; then
- myeconfargs+=( --enable-luajit )
- else
- myeconfargs+=( --enable-lua )
- fi
- fi
-
- if use debug; then
- myeconfargs+=( $(use_enable debug) )
- # so we can get a backtrace according to "reporting bugs" on upstream web site
- CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
- else
- econf ${myeconfargs[@]}
- fi
-}
-
-src_install() {
- emake DESTDIR="${D}" install
- python_optimize
-
- if use bpf; then
- rm -f ebpf/Makefile.{am,in} || die
- dodoc -r ebpf/
- keepdir /usr/libexec/suricata/ebpf
- fi
-
- insinto "/etc/${PN}"
- doins etc/{classification,reference}.config threshold.config suricata.yaml
-
- keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
- keepdir "/var/log/${PN}"
-
- fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
-
- newinitd "${FILESDIR}/${PN}-5.0.1-init" ${PN}
- newconfd "${FILESDIR}/${PN}-5.0.1-conf" ${PN}
- systemd_dounit "${FILESDIR}"/${PN}.service
- newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
-
- insopts -m0644
- insinto /etc/logrotate.d
- newins etc/${PN}.logrotate ${PN}
-}
-
-pkg_postinst() {
- tmpfiles_process ${PN}.conf
-
- elog
- if use systemd; then
- elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
- elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
- elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
- elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
- elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
- elog "For details, see the section on drop-in directories in systemd.unit(5)."
- else
- elog "The ${PN} init script expects to find the path to the configuration"
- elog "file as well as extra options in /etc/conf.d."
- elog
- elog "To create more than one ${PN} service, simply create a new .yaml file for it"
- elog "then create a symlink to the init script from a link called"
- elog "${PN}.foo - like so"
- elog " cd /etc/${PN}"
- elog " ${EDITOR##*/} suricata-foo.yaml"
- elog " cd /etc/init.d"
- elog " ln -s ${PN} ${PN}.foo"
- elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
- elog
- elog "You can create as many ${PN}.foo* services as you wish."
- fi
-
- if use bpf; then
- elog
- elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
- elog "because their configuration is hard-coded. You can find the default ones in"
- elog " ${EPREFIX}/usr/share/doc/${PF}/ebpf"
- elog "and the common location for eBPF bytecode is"
- elog " ${EPREFIX}/usr/libexec/${PN}"
- elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
- fi
-
- if use debug; then
- elog
- elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
- elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
- elog "You need to also ensure the FEATURES variable in make.conf contains the"
- elog "'nostrip' option to produce useful core dumps or back traces."
- fi
-
- elog
- if [[ -z "${REPLACING_VERSIONS}" ]]; then
- elog "To download and install an initial set of rules, run:"
- elog " emerge --config =${CATEGORY}/${PF}"
- fi
- elog
-}
-
-pkg_config() {
- suricata-update
-}
diff --git a/net-analyzer/suricata/suricata-6.0.4-r1.ebuild b/net-analyzer/suricata/suricata-6.0.4-r1.ebuild
deleted file mode 100644
index 4404a037f1c3..000000000000
--- a/net-analyzer/suricata/suricata-6.0.4-r1.ebuild
+++ /dev/null
@@ -1,211 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-LUA_COMPAT=( lua5-1 luajit )
-PYTHON_COMPAT=( python3_{8..10} )
-
-inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="https://suricata.io/"
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0/6"
-KEYWORDS="~amd64 ~riscv ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened hyperscan lua lz4 nflog +nfqueue redis systemd test"
-
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- bpf? ( af-packet )
- lua? ( ${LUA_REQUIRED_USE} )"
-
-RDEPEND="${PYTHON_DEPS}
- acct-group/suricata
- acct-user/suricata
- dev-libs/jansson:=
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- $(python_gen_cond_dep '
- dev-python/pyyaml[${PYTHON_USEDEP}]
- ')
- >=net-libs/libhtp-0.5.39
- net-libs/libpcap
- sys-apps/file
- sys-libs/libcap-ng
- bpf? ( >=dev-libs/libbpf-0.1.0 )
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/libmaxminddb:= )
- hyperscan? ( dev-libs/hyperscan )
- lua? ( ${LUA_DEPS} )
- lz4? ( app-arch/lz4 )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue? ( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis:= )"
-DEPEND="${RDEPEND}
- >=sys-devel/autoconf-2.69-r5
- virtual/rust"
-
-PATCHES=(
- "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
- "${FILESDIR}/${PN}-5.0.6_configure-no-sphinx-pdflatex-automagic.patch"
- "${FILESDIR}/${PN}-5.0.7_configure-no-hyperscan-automagic.patch"
- "${FILESDIR}/${PN}-6.0.0_default-config.patch"
-)
-
-pkg_pretend() {
- if use bpf && use kernel_linux; then
- if kernel_is -lt 4 15; then
- ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
- fi
-
- CONFIG_CHECK="~XDP_SOCKETS"
- ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata to load XDP programs. "
- ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
- check_extra_config
- fi
-}
-
-src_prepare() {
- default
- sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am" || die
- eautoreconf
-}
-
-src_configure() {
- local myeconfargs=(
- "--localstatedir=/var" \
- "--runstatedir=/run" \
- "--enable-non-bundled-htp" \
- "--enable-gccmarch-native=no" \
- "--enable-python" \
- $(use_enable af-packet) \
- $(use_enable bpf ebpf) \
- $(use_enable control-socket unix-socket) \
- $(use_enable cuda) \
- $(use_enable detection) \
- $(use_enable geoip) \
- $(use_enable hardened gccprotect) \
- $(use_enable hardened pie) \
- $(use_enable hyperscan) \
- $(use_enable lz4) \
- $(use_enable nflog) \
- $(use_enable nfqueue) \
- $(use_enable redis hiredis) \
- $(use_enable test unittests) \
- "--disable-coccinelle"
- )
- if use lua; then
- if use lua_single_target_luajit; then
- myeconfargs+=( --enable-luajit )
- else
- myeconfargs+=( --enable-lua )
- fi
- fi
-
- if use debug; then
- myeconfargs+=( $(use_enable debug) )
- # so we can get a backtrace according to "reporting bugs" on upstream web site
- CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
- else
- econf ${myeconfargs[@]}
- fi
-}
-
-src_install() {
- emake DESTDIR="${D}" install
- python_optimize
-
- if use bpf; then
- rm -f ebpf/Makefile.{am,in} || die
- dodoc -r ebpf/
- keepdir /usr/libexec/suricata/ebpf
- fi
-
- insinto "/etc/${PN}"
- doins etc/{classification,reference}.config threshold.config suricata.yaml
-
- keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
- keepdir "/var/log/${PN}"
-
- fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
-
- newinitd "${FILESDIR}/${PN}-5.0.1-init" ${PN}
- newconfd "${FILESDIR}/${PN}-5.0.1-conf" ${PN}
- systemd_dounit "${FILESDIR}"/${PN}.service
- newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
-
- insopts -m0644
- insinto /etc/logrotate.d
- newins etc/${PN}.logrotate ${PN}
-}
-
-pkg_postinst() {
- tmpfiles_process ${PN}.conf
-
- elog
- if use systemd; then
- elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
- elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
- elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
- elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
- elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
- elog "For details, see the section on drop-in directories in systemd.unit(5)."
- else
- elog "The ${PN} init script expects to find the path to the configuration"
- elog "file as well as extra options in /etc/conf.d."
- elog
- elog "To create more than one ${PN} service, simply create a new .yaml file for it"
- elog "then create a symlink to the init script from a link called"
- elog "${PN}.foo - like so"
- elog " cd /etc/${PN}"
- elog " ${EDITOR##*/} suricata-foo.yaml"
- elog " cd /etc/init.d"
- elog " ln -s ${PN} ${PN}.foo"
- elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
- elog
- elog "You can create as many ${PN}.foo* services as you wish."
- fi
-
- if use bpf; then
- elog
- elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
- elog "because their configuration is hard-coded. You can find the default ones in"
- elog " ${EPREFIX}/usr/share/doc/${PF}/ebpf"
- elog "and the common location for eBPF bytecode is"
- elog " ${EPREFIX}/usr/libexec/${PN}"
- elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
- fi
-
- if use debug; then
- elog
- elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
- elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
- elog "You need to also ensure the FEATURES variable in make.conf contains the"
- elog "'nostrip' option to produce useful core dumps or back traces."
- fi
-
- elog
- if [[ -n "${REPLACING_VERSIONS}" ]]; then
- ewarn "Since version 6.0.0 Suricata no longer supports the unified2 output format commonly used"
- ewarn "in legacy, Snort-compatible IDS solutions, e.g. ones based on net-analyzer/barnyard2."
- ewarn "If you need unified2 support, please continue to use suricata-5."
- else
- elog "To download and install an initial set of rules, run:"
- elog " emerge --config =${CATEGORY}/${PF}"
- fi
- elog
-}
-
-pkg_config() {
- suricata-update
-}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2022-07-13 15:55 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2022-07-13 15:55 UTC (permalink / raw
To: gentoo-commits
commit: 26370f71e40abad8193f8447c471b5c2d93a6d29
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Wed Jul 13 13:57:13 2022 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Wed Jul 13 15:55:26 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=26370f71
net-analyzer/suricata: add 6.0.6 and 5.0.10, remove old
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 4 ++--
.../suricata/{suricata-5.0.9.ebuild => suricata-5.0.10.ebuild} | 4 ++++
.../suricata/{suricata-6.0.5.ebuild => suricata-6.0.6.ebuild} | 0
3 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index b2e75432ae3d..57121c96f9d8 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,2 @@
-DIST suricata-5.0.9.tar.gz 29365601 BLAKE2B 02ab99585233a47b1577e55060ba1141c339718e5bd39b6f4d38bb9384fd459aae353f313083048128507f9023a8bcfea3e5a5bcc9ea0c75cfc9c288ca9db6b6 SHA512 5097bb0d62df05343628579a880eb57182c36c757f707ecaa6c2a8f54e759d8e42357f55630f33bb84e8cd98b783745e1525bdf08ef370754860a3b6aecf2fa4
-DIST suricata-6.0.5.tar.gz 32605145 BLAKE2B 6fb85eee9a9e5d97eeed5b55f72230261a5cc9c28f0f6ea0cb39f795e1b0ea9655d7bcc3016812f42adc8a9a18e7234c371e05e907686c54214b29a506b38494 SHA512 8b15a8756846faed4120eef75641a6595d06ec9282a934f4d740bba6d01f08b4e876bf6c53559ab571aba5fab70dcc70d891c82978d6b60ab86ab0ae9660368e
+DIST suricata-5.0.10.tar.gz 29391642 BLAKE2B b5c83b9882e89894c3dedb7f536d584a20bbeab24236752e528171db6589a6308422c8b0be4f433fc63b8cfc227aa0b67935a4aece943b10f4577398ea9ed467 SHA512 c59719d42a236ac7421e0bcf6894f113c8f7518e2b5dde558cbe57c12b68b86ef700bae3f4047c6b2677a784061951fc9d058e9f59b11846279da06e9649ac56
+DIST suricata-6.0.6.tar.gz 32651139 BLAKE2B de0a73c618c1e2777019de6b29be5224db1885840cba8d05ad4a83fc082408e5d8b16d2c6055701f5d279852a99bea5dea01bed58ad0148afd76c1158e693f16 SHA512 184e5a2f3a68de33198f6f0e681710b3f04ed083081ef989dba77d1afb78922c5afdcdaa18ca92c6ed79b98134a3c42b13e1f3e91d20ea10ca74a692f93c5101
diff --git a/net-analyzer/suricata/suricata-5.0.9.ebuild b/net-analyzer/suricata/suricata-5.0.10.ebuild
similarity index 97%
rename from net-analyzer/suricata/suricata-5.0.9.ebuild
rename to net-analyzer/suricata/suricata-5.0.10.ebuild
index 585a9b6114bd..bcc45a9635c7 100644
--- a/net-analyzer/suricata/suricata-5.0.9.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.10.ebuild
@@ -152,6 +152,10 @@ src_install() {
pkg_postinst() {
tmpfiles_process ${PN}.conf
+ ewarn
+ ewarn "The 5.0 branch of ${PN} will reach the end of life (EOL) on 2022-08-01, after which date upstream will no longer produce or release fixes for this branch."
+ ewarn
+
elog
if use systemd; then
elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
diff --git a/net-analyzer/suricata/suricata-6.0.5.ebuild b/net-analyzer/suricata/suricata-6.0.6.ebuild
similarity index 100%
rename from net-analyzer/suricata/suricata-6.0.5.ebuild
rename to net-analyzer/suricata/suricata-6.0.6.ebuild
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2022-04-25 22:57 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2022-04-25 22:57 UTC (permalink / raw
To: gentoo-commits
commit: 724b39f227f162ab77bd1f53aab0b1f306311bd6
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Mon Apr 25 22:33:37 2022 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Mon Apr 25 22:57:12 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=724b39f2
net-analyzer/suricata: add 5.0.9
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 1 +
net-analyzer/suricata/suricata-5.0.9.ebuild | 207 ++++++++++++++++++++++++++++
2 files changed, 208 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index f72537a77d01..a1800d4a5d4a 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,3 @@
DIST suricata-5.0.8.tar.gz 29272209 BLAKE2B 5c13aea176b6666477c620d1ed294310ee84ec706abbc740a23d66722297c09b61f253bbe17700cd58f8ce439987c9b13f312aba37d911b6522e4848e7c1b0cd SHA512 a3b355f158f72ed7b43304069ed81b1ebcb331a9fc3e7cfd2e4d04e33369cec1f654f80a2d3df86af74b631235c49068ff992c8715fe868e5ae6b5aff5642891
+DIST suricata-5.0.9.tar.gz 29365601 BLAKE2B 02ab99585233a47b1577e55060ba1141c339718e5bd39b6f4d38bb9384fd459aae353f313083048128507f9023a8bcfea3e5a5bcc9ea0c75cfc9c288ca9db6b6 SHA512 5097bb0d62df05343628579a880eb57182c36c757f707ecaa6c2a8f54e759d8e42357f55630f33bb84e8cd98b783745e1525bdf08ef370754860a3b6aecf2fa4
DIST suricata-6.0.4.tar.gz 32498036 BLAKE2B 083c08ab0878352c425e18184c07866640e5cbe4838749eeb934857bfb486e4b78e7f9ac724289e8ea30b33fe637484cc6da7bc78231e5419b747e22e5a9b6dc SHA512 8dccea669e50758def06fe3f3e8d5048d76b27a80b5f96a7b56d2ab6e4da358d8b17ec2d764e1b53cc6a1334ee0b14191cc80f5dcf18cc4d804d5c530290adf0
diff --git a/net-analyzer/suricata/suricata-5.0.9.ebuild b/net-analyzer/suricata/suricata-5.0.9.ebuild
new file mode 100644
index 000000000000..585a9b6114bd
--- /dev/null
+++ b/net-analyzer/suricata/suricata-5.0.9.ebuild
@@ -0,0 +1,207 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+LUA_COMPAT=( lua5-1 luajit )
+PYTHON_COMPAT=( python3_{8..10} )
+
+inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="https://suricata.io/"
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0/5"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened hyperscan lua lz4 nflog +nfqueue redis systemd test"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ bpf? ( af-packet )
+ lua? ( ${LUA_REQUIRED_USE} )"
+
+RDEPEND="${PYTHON_DEPS}
+ acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson:=
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_USEDEP}]
+ ')
+ >=net-libs/libhtp-0.5.40
+ net-libs/libpcap
+ sys-apps/file
+ sys-libs/libcap-ng
+ bpf? ( >=dev-libs/libbpf-0.1.0 )
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/libmaxminddb )
+ hyperscan? ( dev-libs/hyperscan )
+ lua? ( ${LUA_DEPS} )
+ lz4? ( app-arch/lz4 )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue? ( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis:= )"
+DEPEND="${RDEPEND}
+ >=sys-devel/autoconf-2.69-r5
+ virtual/rust"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.1_default-config.patch"
+ "${FILESDIR}/${PN}-5.0.6_configure-no-sphinx-pdflatex-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.7_configure-no-hyperscan-automagic.patch"
+)
+
+pkg_pretend() {
+ if use bpf && use kernel_linux; then
+ if kernel_is -lt 4 15; then
+ ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
+ fi
+
+ CONFIG_CHECK="~XDP_SOCKETS"
+ ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata to load XDP programs. "
+ ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
+ check_extra_config
+ fi
+}
+
+src_prepare() {
+ default
+ sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am" || die
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ "--localstatedir=/var" \
+ "--runstatedir=/run" \
+ "--enable-non-bundled-htp" \
+ "--enable-gccmarch-native=no" \
+ "--enable-python" \
+ $(use_enable af-packet) \
+ $(use_enable bpf ebpf) \
+ $(use_enable control-socket unix-socket) \
+ $(use_enable cuda) \
+ $(use_enable detection) \
+ $(use_enable geoip) \
+ $(use_enable hardened gccprotect) \
+ $(use_enable hardened pie) \
+ $(use_enable hyperscan) \
+ $(use_enable lz4) \
+ $(use_enable nflog) \
+ $(use_enable nfqueue) \
+ $(use_enable redis hiredis) \
+ $(use_enable test unittests) \
+ "--disable-coccinelle"
+ )
+ if use lua; then
+ if use lua_single_target_luajit; then
+ myeconfargs+=( --enable-luajit )
+ else
+ myeconfargs+=( --enable-lua )
+ fi
+ fi
+
+ if use debug; then
+ myeconfargs+=( $(use_enable debug) )
+ # so we can get a backtrace according to "reporting bugs" on upstream web site
+ CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
+ else
+ econf ${myeconfargs[@]}
+ fi
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+ python_optimize
+
+ if use bpf; then
+ rm -f ebpf/Makefile.{am,in} || die
+ dodoc -r ebpf/
+ keepdir /usr/libexec/suricata/ebpf
+ fi
+
+ insinto "/etc/${PN}"
+ doins etc/{classification,reference}.config threshold.config suricata.yaml
+
+ keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+ keepdir "/var/log/${PN}"
+
+ fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+
+ newinitd "${FILESDIR}/${PN}-5.0.1-init" ${PN}
+ newconfd "${FILESDIR}/${PN}-5.0.1-conf" ${PN}
+ systemd_dounit "${FILESDIR}"/${PN}.service
+ newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
+
+ insopts -m0644
+ insinto /etc/logrotate.d
+ newins etc/${PN}.logrotate ${PN}
+}
+
+pkg_postinst() {
+ tmpfiles_process ${PN}.conf
+
+ elog
+ if use systemd; then
+ elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
+ elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
+ elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
+ elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
+ elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
+ elog "For details, see the section on drop-in directories in systemd.unit(5)."
+ else
+ elog "The ${PN} init script expects to find the path to the configuration"
+ elog "file as well as extra options in /etc/conf.d."
+ elog
+ elog "To create more than one ${PN} service, simply create a new .yaml file for it"
+ elog "then create a symlink to the init script from a link called"
+ elog "${PN}.foo - like so"
+ elog " cd /etc/${PN}"
+ elog " ${EDITOR##*/} suricata-foo.yaml"
+ elog " cd /etc/init.d"
+ elog " ln -s ${PN} ${PN}.foo"
+ elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
+ elog
+ elog "You can create as many ${PN}.foo* services as you wish."
+ fi
+
+ if use bpf; then
+ elog
+ elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
+ elog "because their configuration is hard-coded. You can find the default ones in"
+ elog " ${EPREFIX}/usr/share/doc/${PF}/ebpf"
+ elog "and the common location for eBPF bytecode is"
+ elog " ${EPREFIX}/usr/libexec/${PN}"
+ elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
+ fi
+
+ if use debug; then
+ elog
+ elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
+ elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
+ elog "You need to also ensure the FEATURES variable in make.conf contains the"
+ elog "'nostrip' option to produce useful core dumps or back traces."
+ fi
+
+ elog
+ if [[ -z "${REPLACING_VERSIONS}" ]]; then
+ elog "To download and install an initial set of rules, run:"
+ elog " emerge --config =${CATEGORY}/${PF}"
+ fi
+ elog
+}
+
+pkg_config() {
+ suricata-update
+}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2022-04-25 22:57 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2022-04-25 22:57 UTC (permalink / raw
To: gentoo-commits
commit: 80d4d1209925988ef4495aaea68516cf18f07b9d
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Mon Apr 25 22:46:00 2022 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Mon Apr 25 22:57:13 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=80d4d120
net-analyzer/suricata: add 6.0.5
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 1 +
net-analyzer/suricata/suricata-6.0.5.ebuild | 211 ++++++++++++++++++++++++++++
2 files changed, 212 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index a1800d4a5d4a..835e03888260 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,3 +1,4 @@
DIST suricata-5.0.8.tar.gz 29272209 BLAKE2B 5c13aea176b6666477c620d1ed294310ee84ec706abbc740a23d66722297c09b61f253bbe17700cd58f8ce439987c9b13f312aba37d911b6522e4848e7c1b0cd SHA512 a3b355f158f72ed7b43304069ed81b1ebcb331a9fc3e7cfd2e4d04e33369cec1f654f80a2d3df86af74b631235c49068ff992c8715fe868e5ae6b5aff5642891
DIST suricata-5.0.9.tar.gz 29365601 BLAKE2B 02ab99585233a47b1577e55060ba1141c339718e5bd39b6f4d38bb9384fd459aae353f313083048128507f9023a8bcfea3e5a5bcc9ea0c75cfc9c288ca9db6b6 SHA512 5097bb0d62df05343628579a880eb57182c36c757f707ecaa6c2a8f54e759d8e42357f55630f33bb84e8cd98b783745e1525bdf08ef370754860a3b6aecf2fa4
DIST suricata-6.0.4.tar.gz 32498036 BLAKE2B 083c08ab0878352c425e18184c07866640e5cbe4838749eeb934857bfb486e4b78e7f9ac724289e8ea30b33fe637484cc6da7bc78231e5419b747e22e5a9b6dc SHA512 8dccea669e50758def06fe3f3e8d5048d76b27a80b5f96a7b56d2ab6e4da358d8b17ec2d764e1b53cc6a1334ee0b14191cc80f5dcf18cc4d804d5c530290adf0
+DIST suricata-6.0.5.tar.gz 32605145 BLAKE2B 6fb85eee9a9e5d97eeed5b55f72230261a5cc9c28f0f6ea0cb39f795e1b0ea9655d7bcc3016812f42adc8a9a18e7234c371e05e907686c54214b29a506b38494 SHA512 8b15a8756846faed4120eef75641a6595d06ec9282a934f4d740bba6d01f08b4e876bf6c53559ab571aba5fab70dcc70d891c82978d6b60ab86ab0ae9660368e
diff --git a/net-analyzer/suricata/suricata-6.0.5.ebuild b/net-analyzer/suricata/suricata-6.0.5.ebuild
new file mode 100644
index 000000000000..1170a44de6b0
--- /dev/null
+++ b/net-analyzer/suricata/suricata-6.0.5.ebuild
@@ -0,0 +1,211 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+LUA_COMPAT=( lua5-1 luajit )
+PYTHON_COMPAT=( python3_{8..10} )
+
+inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="https://suricata.io/"
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0/6"
+KEYWORDS="~amd64 ~riscv ~x86"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened hyperscan lua lz4 nflog +nfqueue redis systemd test"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ bpf? ( af-packet )
+ lua? ( ${LUA_REQUIRED_USE} )"
+
+RDEPEND="${PYTHON_DEPS}
+ acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson:=
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_USEDEP}]
+ ')
+ >=net-libs/libhtp-0.5.40
+ net-libs/libpcap
+ sys-apps/file
+ sys-libs/libcap-ng
+ bpf? ( >=dev-libs/libbpf-0.1.0 )
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/libmaxminddb:= )
+ hyperscan? ( dev-libs/hyperscan )
+ lua? ( ${LUA_DEPS} )
+ lz4? ( app-arch/lz4 )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue? ( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis:= )"
+DEPEND="${RDEPEND}
+ >=sys-devel/autoconf-2.69-r5
+ virtual/rust"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.6_configure-no-sphinx-pdflatex-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.7_configure-no-hyperscan-automagic.patch"
+ "${FILESDIR}/${PN}-6.0.0_default-config.patch"
+)
+
+pkg_pretend() {
+ if use bpf && use kernel_linux; then
+ if kernel_is -lt 4 15; then
+ ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
+ fi
+
+ CONFIG_CHECK="~XDP_SOCKETS"
+ ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata to load XDP programs. "
+ ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
+ check_extra_config
+ fi
+}
+
+src_prepare() {
+ default
+ sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am" || die
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ "--localstatedir=/var" \
+ "--runstatedir=/run" \
+ "--enable-non-bundled-htp" \
+ "--enable-gccmarch-native=no" \
+ "--enable-python" \
+ $(use_enable af-packet) \
+ $(use_enable bpf ebpf) \
+ $(use_enable control-socket unix-socket) \
+ $(use_enable cuda) \
+ $(use_enable detection) \
+ $(use_enable geoip) \
+ $(use_enable hardened gccprotect) \
+ $(use_enable hardened pie) \
+ $(use_enable hyperscan) \
+ $(use_enable lz4) \
+ $(use_enable nflog) \
+ $(use_enable nfqueue) \
+ $(use_enable redis hiredis) \
+ $(use_enable test unittests) \
+ "--disable-coccinelle"
+ )
+ if use lua; then
+ if use lua_single_target_luajit; then
+ myeconfargs+=( --enable-luajit )
+ else
+ myeconfargs+=( --enable-lua )
+ fi
+ fi
+
+ if use debug; then
+ myeconfargs+=( $(use_enable debug) )
+ # so we can get a backtrace according to "reporting bugs" on upstream web site
+ CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
+ else
+ econf ${myeconfargs[@]}
+ fi
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+ python_optimize
+
+ if use bpf; then
+ rm -f ebpf/Makefile.{am,in} || die
+ dodoc -r ebpf/
+ keepdir /usr/libexec/suricata/ebpf
+ fi
+
+ insinto "/etc/${PN}"
+ doins etc/{classification,reference}.config threshold.config suricata.yaml
+
+ keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+ keepdir "/var/log/${PN}"
+
+ fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+
+ newinitd "${FILESDIR}/${PN}-5.0.1-init" ${PN}
+ newconfd "${FILESDIR}/${PN}-5.0.1-conf" ${PN}
+ systemd_dounit "${FILESDIR}"/${PN}.service
+ newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
+
+ insopts -m0644
+ insinto /etc/logrotate.d
+ newins etc/${PN}.logrotate ${PN}
+}
+
+pkg_postinst() {
+ tmpfiles_process ${PN}.conf
+
+ elog
+ if use systemd; then
+ elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
+ elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
+ elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
+ elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
+ elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
+ elog "For details, see the section on drop-in directories in systemd.unit(5)."
+ else
+ elog "The ${PN} init script expects to find the path to the configuration"
+ elog "file as well as extra options in /etc/conf.d."
+ elog
+ elog "To create more than one ${PN} service, simply create a new .yaml file for it"
+ elog "then create a symlink to the init script from a link called"
+ elog "${PN}.foo - like so"
+ elog " cd /etc/${PN}"
+ elog " ${EDITOR##*/} suricata-foo.yaml"
+ elog " cd /etc/init.d"
+ elog " ln -s ${PN} ${PN}.foo"
+ elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
+ elog
+ elog "You can create as many ${PN}.foo* services as you wish."
+ fi
+
+ if use bpf; then
+ elog
+ elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
+ elog "because their configuration is hard-coded. You can find the default ones in"
+ elog " ${EPREFIX}/usr/share/doc/${PF}/ebpf"
+ elog "and the common location for eBPF bytecode is"
+ elog " ${EPREFIX}/usr/libexec/${PN}"
+ elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
+ fi
+
+ if use debug; then
+ elog
+ elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
+ elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
+ elog "You need to also ensure the FEATURES variable in make.conf contains the"
+ elog "'nostrip' option to produce useful core dumps or back traces."
+ fi
+
+ elog
+ if [[ -n "${REPLACING_VERSIONS}" ]]; then
+ ewarn "Since version 6.0.0 Suricata no longer supports the unified2 output format commonly used"
+ ewarn "in legacy, Snort-compatible IDS solutions, e.g. ones based on net-analyzer/barnyard2."
+ ewarn "If you need unified2 support, please continue to use suricata-5."
+ else
+ elog "To download and install an initial set of rules, run:"
+ elog " emerge --config =${CATEGORY}/${PF}"
+ fi
+ elog
+}
+
+pkg_config() {
+ suricata-update
+}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2022-03-23 1:24 Sam James
0 siblings, 0 replies; 81+ messages in thread
From: Sam James @ 2022-03-23 1:24 UTC (permalink / raw
To: gentoo-commits
commit: 494e977970384142327ea2dfd7bd0b9bf79e2d23
Author: Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Wed Mar 23 01:21:47 2022 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Wed Mar 23 01:21:47 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=494e9779
net-analyzer/suricata: add subslot dep on hiredis
They break ABI liberally.
Signed-off-by: Sam James <sam <AT> gentoo.org>
.../suricata/{suricata-5.0.8.ebuild => suricata-5.0.8-r1.ebuild} | 4 ++--
.../suricata/{suricata-6.0.4.ebuild => suricata-6.0.4-r1.ebuild} | 6 +++---
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/net-analyzer/suricata/suricata-5.0.8.ebuild b/net-analyzer/suricata/suricata-5.0.8-r1.ebuild
similarity index 98%
rename from net-analyzer/suricata/suricata-5.0.8.ebuild
rename to net-analyzer/suricata/suricata-5.0.8-r1.ebuild
index ed531092db95..d2ee545bc674 100644
--- a/net-analyzer/suricata/suricata-5.0.8.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.8-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2021 Gentoo Authors
+# Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
@@ -48,7 +48,7 @@ RDEPEND="${PYTHON_DEPS}
lz4? ( app-arch/lz4 )
nflog? ( net-libs/libnetfilter_log )
nfqueue? ( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis )"
+ redis? ( dev-libs/hiredis:= )"
DEPEND="${RDEPEND}
>=sys-devel/autoconf-2.69-r5
virtual/rust"
diff --git a/net-analyzer/suricata/suricata-6.0.4.ebuild b/net-analyzer/suricata/suricata-6.0.4-r1.ebuild
similarity index 98%
rename from net-analyzer/suricata/suricata-6.0.4.ebuild
rename to net-analyzer/suricata/suricata-6.0.4-r1.ebuild
index 398159ce0adf..4404a037f1c3 100644
--- a/net-analyzer/suricata/suricata-6.0.4.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.4-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2021 Gentoo Authors
+# Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
@@ -42,13 +42,13 @@ RDEPEND="${PYTHON_DEPS}
sys-libs/libcap-ng
bpf? ( >=dev-libs/libbpf-0.1.0 )
cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/libmaxminddb )
+ geoip? ( dev-libs/libmaxminddb:= )
hyperscan? ( dev-libs/hyperscan )
lua? ( ${LUA_DEPS} )
lz4? ( app-arch/lz4 )
nflog? ( net-libs/libnetfilter_log )
nfqueue? ( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis )"
+ redis? ( dev-libs/hiredis:= )"
DEPEND="${RDEPEND}
>=sys-devel/autoconf-2.69-r5
virtual/rust"
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2021-11-19 14:59 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2021-11-19 14:59 UTC (permalink / raw
To: gentoo-commits
commit: 499df2554ab088ec1b6cc98a74f1efeb2fa77248
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Fri Nov 19 11:59:49 2021 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Fri Nov 19 14:58:50 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=499df255
net-analyzer/suricata: add 6.0.4, drop 6.0.3-r2
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 2 +-
.../suricata/{suricata-6.0.3-r2.ebuild => suricata-6.0.4.ebuild} | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index f369f3fa3c53..f72537a77d01 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,2 @@
DIST suricata-5.0.8.tar.gz 29272209 BLAKE2B 5c13aea176b6666477c620d1ed294310ee84ec706abbc740a23d66722297c09b61f253bbe17700cd58f8ce439987c9b13f312aba37d911b6522e4848e7c1b0cd SHA512 a3b355f158f72ed7b43304069ed81b1ebcb331a9fc3e7cfd2e4d04e33369cec1f654f80a2d3df86af74b631235c49068ff992c8715fe868e5ae6b5aff5642891
-DIST suricata-6.0.3.tar.gz 32421197 BLAKE2B c1b339823f2caab73aeb82f96fb703834cd3ca9f0f60662cf340cbc36734aea47106d49869bd70cf3acb419e954ca37bcd22ad1b2d789597bf36f8fe7ceebe11 SHA512 186b871959988ca7cbd0d69e725aed18af915f93363c7ecc0ffa20d8ad8f50a326be08452d085772b1df84ef25258ef0dd6b35d41b0988cb1c653e60aeb103a2
+DIST suricata-6.0.4.tar.gz 32498036 BLAKE2B 083c08ab0878352c425e18184c07866640e5cbe4838749eeb934857bfb486e4b78e7f9ac724289e8ea30b33fe637484cc6da7bc78231e5419b747e22e5a9b6dc SHA512 8dccea669e50758def06fe3f3e8d5048d76b27a80b5f96a7b56d2ab6e4da358d8b17ec2d764e1b53cc6a1334ee0b14191cc80f5dcf18cc4d804d5c530290adf0
diff --git a/net-analyzer/suricata/suricata-6.0.3-r2.ebuild b/net-analyzer/suricata/suricata-6.0.4.ebuild
similarity index 99%
rename from net-analyzer/suricata/suricata-6.0.3-r2.ebuild
rename to net-analyzer/suricata/suricata-6.0.4.ebuild
index d8e374f6afc6..398159ce0adf 100644
--- a/net-analyzer/suricata/suricata-6.0.3-r2.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.4.ebuild
@@ -36,7 +36,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.38
+ >=net-libs/libhtp-0.5.39
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2021-11-19 14:59 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2021-11-19 14:59 UTC (permalink / raw
To: gentoo-commits
commit: b056aee1282fd05f028ff9133fdd2f80dd353d4f
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Fri Nov 19 11:56:38 2021 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Fri Nov 19 14:58:49 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b056aee1
net-analyzer/suricata: add 5.0.8, drop 5.0.7-r2
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 2 +-
.../suricata/{suricata-5.0.7-r2.ebuild => suricata-5.0.8.ebuild} | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index b50527fd8c9f..f369f3fa3c53 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,2 @@
-DIST suricata-5.0.7.tar.gz 29211384 BLAKE2B 939e672d9df61863c7adcc4bf52f5620e3760f0d6178362828474b1a72c4e3a69bf1ab52a3220c0069ae5a545c56307553c2796166af488a72a25dddd68782a8 SHA512 dce3929c796e04778eb9437bd4c7203aa9dae56be0baa4b7d986d3eedff3bfc71aa2886ecdeed9d87ec3d88cd3060ff8ef01540d15eb857698a2c4696da5899c
+DIST suricata-5.0.8.tar.gz 29272209 BLAKE2B 5c13aea176b6666477c620d1ed294310ee84ec706abbc740a23d66722297c09b61f253bbe17700cd58f8ce439987c9b13f312aba37d911b6522e4848e7c1b0cd SHA512 a3b355f158f72ed7b43304069ed81b1ebcb331a9fc3e7cfd2e4d04e33369cec1f654f80a2d3df86af74b631235c49068ff992c8715fe868e5ae6b5aff5642891
DIST suricata-6.0.3.tar.gz 32421197 BLAKE2B c1b339823f2caab73aeb82f96fb703834cd3ca9f0f60662cf340cbc36734aea47106d49869bd70cf3acb419e954ca37bcd22ad1b2d789597bf36f8fe7ceebe11 SHA512 186b871959988ca7cbd0d69e725aed18af915f93363c7ecc0ffa20d8ad8f50a326be08452d085772b1df84ef25258ef0dd6b35d41b0988cb1c653e60aeb103a2
diff --git a/net-analyzer/suricata/suricata-5.0.7-r2.ebuild b/net-analyzer/suricata/suricata-5.0.8.ebuild
similarity index 99%
rename from net-analyzer/suricata/suricata-5.0.7-r2.ebuild
rename to net-analyzer/suricata/suricata-5.0.8.ebuild
index 8fb9132b46eb..ed531092db95 100644
--- a/net-analyzer/suricata/suricata-5.0.7-r2.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.8.ebuild
@@ -36,7 +36,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.38
+ >=net-libs/libhtp-0.5.39
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2021-09-25 19:08 Sam James
0 siblings, 0 replies; 81+ messages in thread
From: Sam James @ 2021-09-25 19:08 UTC (permalink / raw
To: gentoo-commits
commit: 6f982349b5961e2e0b4ca96d4db20e92645a62a6
Author: Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Sat Sep 25 19:03:22 2021 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sat Sep 25 19:08:11 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6f982349
net-analyzer/suricata: add libjansson subslot dep
Earlier versions of libjansson lacked symbol versioning, causing crashes.
Bug: https://bugs.gentoo.org/812119
Signed-off-by: Sam James <sam <AT> gentoo.org>
.../suricata/{suricata-5.0.7-r1.ebuild => suricata-5.0.7-r2.ebuild} | 2 +-
.../suricata/{suricata-6.0.3-r1.ebuild => suricata-6.0.3-r2.ebuild} | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/suricata-5.0.7-r1.ebuild b/net-analyzer/suricata/suricata-5.0.7-r2.ebuild
similarity index 99%
rename from net-analyzer/suricata/suricata-5.0.7-r1.ebuild
rename to net-analyzer/suricata/suricata-5.0.7-r2.ebuild
index 58594b6169a..8fb9132b46e 100644
--- a/net-analyzer/suricata/suricata-5.0.7-r1.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.7-r2.ebuild
@@ -26,7 +26,7 @@ REQUIRED_USE="${PYTHON_REQUIRED_USE}
RDEPEND="${PYTHON_DEPS}
acct-group/suricata
acct-user/suricata
- dev-libs/jansson
+ dev-libs/jansson:=
dev-libs/libpcre
dev-libs/libyaml
net-libs/libnet:*
diff --git a/net-analyzer/suricata/suricata-6.0.3-r1.ebuild b/net-analyzer/suricata/suricata-6.0.3-r2.ebuild
similarity index 99%
rename from net-analyzer/suricata/suricata-6.0.3-r1.ebuild
rename to net-analyzer/suricata/suricata-6.0.3-r2.ebuild
index 29b2cdff3c0..d8e374f6afc 100644
--- a/net-analyzer/suricata/suricata-6.0.3-r1.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.3-r2.ebuild
@@ -26,7 +26,7 @@ REQUIRED_USE="${PYTHON_REQUIRED_USE}
RDEPEND="${PYTHON_DEPS}
acct-group/suricata
acct-user/suricata
- dev-libs/jansson
+ dev-libs/jansson:=
dev-libs/libpcre
dev-libs/libyaml
net-libs/libnet:*
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2021-09-03 12:15 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2021-09-03 12:15 UTC (permalink / raw
To: gentoo-commits
commit: 0c78c2e5256c800d5e1538aec8891dfdbcb31b7f
Author: Jonathan Davies <jpds <AT> protonmail <DOT> com>
AuthorDate: Fri Sep 3 00:00:02 2021 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Fri Sep 3 12:15:28 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0c78c2e5
net-analyzer/suricata: Add hyperscan USE flag.
Signed-off-by: Jonathan Davies <jpds <AT> protonmail.com>
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/metadata.xml | 1 +
.../suricata/{suricata-5.0.7.ebuild => suricata-5.0.7-r1.ebuild} | 3 ++-
.../suricata/{suricata-6.0.3.ebuild => suricata-6.0.3-r1.ebuild} | 3 ++-
3 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/metadata.xml b/net-analyzer/suricata/metadata.xml
index 87689ee5189..36501eaa4f5 100644
--- a/net-analyzer/suricata/metadata.xml
+++ b/net-analyzer/suricata/metadata.xml
@@ -12,6 +12,7 @@
<flag name="control-socket">Enable unix socket</flag>
<flag name="cuda">Enable NVIDIA Cuda computations support</flag>
<flag name="detection">Enable detection modules</flag>
+ <flag name="hyperscan">Enable high-performance regex matching with Hyperscan</flag>
<flag name="lz4">Enable support for compressed pcap logging using the LZ4 algorithm</flag>
<flag name="nflog">Enable libnetfilter_log support</flag>
<flag name="nfqueue">Enable NFQUEUE support for inline IDP</flag>
diff --git a/net-analyzer/suricata/suricata-5.0.7.ebuild b/net-analyzer/suricata/suricata-5.0.7-r1.ebuild
similarity index 98%
rename from net-analyzer/suricata/suricata-5.0.7.ebuild
rename to net-analyzer/suricata/suricata-5.0.7-r1.ebuild
index b2e2f7e436d..eed3b8e26ae 100644
--- a/net-analyzer/suricata/suricata-5.0.7.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.7-r1.ebuild
@@ -15,7 +15,7 @@ SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
LICENSE="GPL-2"
SLOT="0/5"
KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened lua lz4 nflog +nfqueue redis systemd test"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened hyperscan lua lz4 nflog +nfqueue redis systemd test"
RESTRICT="!test? ( test )"
@@ -43,6 +43,7 @@ RDEPEND="${PYTHON_DEPS}
bpf? ( >=dev-libs/libbpf-0.1.0 )
cuda? ( dev-util/nvidia-cuda-toolkit )
geoip? ( dev-libs/libmaxminddb )
+ hyperscan? ( dev-libs/hyperscan )
lua? ( ${LUA_DEPS} )
lz4? ( app-arch/lz4 )
nflog? ( net-libs/libnetfilter_log )
diff --git a/net-analyzer/suricata/suricata-6.0.3.ebuild b/net-analyzer/suricata/suricata-6.0.3-r1.ebuild
similarity index 98%
rename from net-analyzer/suricata/suricata-6.0.3.ebuild
rename to net-analyzer/suricata/suricata-6.0.3-r1.ebuild
index 7e48fc1c6d5..fae8b5b7a3f 100644
--- a/net-analyzer/suricata/suricata-6.0.3.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.3-r1.ebuild
@@ -15,7 +15,7 @@ SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
LICENSE="GPL-2"
SLOT="0/6"
KEYWORDS="~amd64 ~riscv ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened lua lz4 nflog +nfqueue redis systemd test"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened hyperscan lua lz4 nflog +nfqueue redis systemd test"
RESTRICT="!test? ( test )"
@@ -43,6 +43,7 @@ RDEPEND="${PYTHON_DEPS}
bpf? ( >=dev-libs/libbpf-0.1.0 )
cuda? ( dev-util/nvidia-cuda-toolkit )
geoip? ( dev-libs/libmaxminddb )
+ hyperscan? ( dev-libs/hyperscan )
lua? ( ${LUA_DEPS} )
lz4? ( app-arch/lz4 )
nflog? ( net-libs/libnetfilter_log )
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2021-09-03 12:15 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2021-09-03 12:15 UTC (permalink / raw
To: gentoo-commits
commit: a8a3cbd2d2b367b5cae15ce5545c1041b7e7a6c9
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Fri Sep 3 12:13:38 2021 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Fri Sep 3 12:15:30 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a8a3cbd2
net-analyzer/suricata: add TODO note about hyperscan automagic
Even with USE=-hyperscan, if dev-libs/hyperscan is present at configure
time it is pulled in. Same deal as with lz4 earlier.
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/suricata-5.0.7-r1.ebuild | 1 +
net-analyzer/suricata/suricata-6.0.3-r1.ebuild | 1 +
2 files changed, 2 insertions(+)
diff --git a/net-analyzer/suricata/suricata-5.0.7-r1.ebuild b/net-analyzer/suricata/suricata-5.0.7-r1.ebuild
index eed3b8e26ae..8d11af4dcc5 100644
--- a/net-analyzer/suricata/suricata-5.0.7-r1.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.7-r1.ebuild
@@ -53,6 +53,7 @@ DEPEND="${RDEPEND}
>=sys-devel/autoconf-2.69-r5
virtual/rust"
+# TODO: get rid of hyperscan automagic as well
PATCHES=(
"${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
"${FILESDIR}/${PN}-5.0.1_default-config.patch"
diff --git a/net-analyzer/suricata/suricata-6.0.3-r1.ebuild b/net-analyzer/suricata/suricata-6.0.3-r1.ebuild
index fae8b5b7a3f..64dd427cc0d 100644
--- a/net-analyzer/suricata/suricata-6.0.3-r1.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.3-r1.ebuild
@@ -53,6 +53,7 @@ DEPEND="${RDEPEND}
>=sys-devel/autoconf-2.69-r5
virtual/rust"
+# TODO: get rid of hyperscan automagic as well
PATCHES=(
"${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
"${FILESDIR}/${PN}-5.0.6_configure-no-sphinx-pdflatex-automagic.patch"
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2021-08-23 21:29 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2021-08-23 21:29 UTC (permalink / raw
To: gentoo-commits
commit: 3534f1f4d94222a87764e9da0dfeecd7af1ebc02
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Mon Aug 23 21:28:43 2021 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Mon Aug 23 21:29:09 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3534f1f4
net-analyzer/suricata: keyword 6.0.3 for ~riscv
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/suricata-6.0.3.ebuild | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/suricata-6.0.3.ebuild b/net-analyzer/suricata/suricata-6.0.3.ebuild
index 6b5b71ffe43..7e48fc1c6d5 100644
--- a/net-analyzer/suricata/suricata-6.0.3.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.3.ebuild
@@ -14,7 +14,7 @@ SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
LICENSE="GPL-2"
SLOT="0/6"
-KEYWORDS="~amd64 ~x86"
+KEYWORDS="~amd64 ~riscv ~x86"
IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened lua lz4 nflog +nfqueue redis systemd test"
RESTRICT="!test? ( test )"
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2021-07-25 20:58 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2021-07-25 20:58 UTC (permalink / raw
To: gentoo-commits
commit: 54b4acb81dc95c75a9ed8c521dfed50bd9cefa12
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Sun Jul 25 20:54:56 2021 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Sun Jul 25 20:58:41 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=54b4acb8
net-analyzer/suricata: install logrotate files unconditionally
No revbump in order to avoid forcing everyone to reinstall.
Suggested-by: Sam James <sam <AT> gentoo.org>
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/metadata.xml | 1 -
net-analyzer/suricata/suricata-5.0.7.ebuild | 11 ++++-------
net-analyzer/suricata/suricata-6.0.3.ebuild | 11 ++++-------
3 files changed, 8 insertions(+), 15 deletions(-)
diff --git a/net-analyzer/suricata/metadata.xml b/net-analyzer/suricata/metadata.xml
index 457a2fbd2e8..87689ee5189 100644
--- a/net-analyzer/suricata/metadata.xml
+++ b/net-analyzer/suricata/metadata.xml
@@ -12,7 +12,6 @@
<flag name="control-socket">Enable unix socket</flag>
<flag name="cuda">Enable NVIDIA Cuda computations support</flag>
<flag name="detection">Enable detection modules</flag>
- <flag name="logrotate">Install logrotate rule</flag>
<flag name="lz4">Enable support for compressed pcap logging using the LZ4 algorithm</flag>
<flag name="nflog">Enable libnetfilter_log support</flag>
<flag name="nfqueue">Enable NFQUEUE support for inline IDP</flag>
diff --git a/net-analyzer/suricata/suricata-5.0.7.ebuild b/net-analyzer/suricata/suricata-5.0.7.ebuild
index d8e5826ae3a..50b8ba84db3 100644
--- a/net-analyzer/suricata/suricata-5.0.7.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.7.ebuild
@@ -15,7 +15,7 @@ SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
LICENSE="GPL-2"
SLOT="0/5"
KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened logrotate lua lz4 nflog +nfqueue redis systemd test"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened lua lz4 nflog +nfqueue redis systemd test"
RESTRICT="!test? ( test )"
@@ -43,7 +43,6 @@ RDEPEND="${PYTHON_DEPS}
bpf? ( >=dev-libs/libbpf-0.1.0 )
cuda? ( dev-util/nvidia-cuda-toolkit )
geoip? ( dev-libs/libmaxminddb )
- logrotate? ( app-admin/logrotate )
lua? ( ${LUA_DEPS} )
lz4? ( app-arch/lz4 )
nflog? ( net-libs/libnetfilter_log )
@@ -142,11 +141,9 @@ src_install() {
systemd_dounit "${FILESDIR}"/${PN}.service
newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
- if use logrotate; then
- insopts -m0644
- insinto /etc/logrotate.d
- newins etc/${PN}.logrotate ${PN}
- fi
+ insopts -m0644
+ insinto /etc/logrotate.d
+ newins etc/${PN}.logrotate ${PN}
}
pkg_postinst() {
diff --git a/net-analyzer/suricata/suricata-6.0.3.ebuild b/net-analyzer/suricata/suricata-6.0.3.ebuild
index da57e2c8b34..c6dfbc4f14b 100644
--- a/net-analyzer/suricata/suricata-6.0.3.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.3.ebuild
@@ -15,7 +15,7 @@ SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
LICENSE="GPL-2"
SLOT="0/6"
KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened logrotate lua lz4 nflog +nfqueue redis systemd test"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened lua lz4 nflog +nfqueue redis systemd test"
RESTRICT="!test? ( test )"
@@ -43,7 +43,6 @@ RDEPEND="${PYTHON_DEPS}
bpf? ( >=dev-libs/libbpf-0.1.0 )
cuda? ( dev-util/nvidia-cuda-toolkit )
geoip? ( dev-libs/libmaxminddb )
- logrotate? ( app-admin/logrotate )
lua? ( ${LUA_DEPS} )
lz4? ( app-arch/lz4 )
nflog? ( net-libs/libnetfilter_log )
@@ -142,11 +141,9 @@ src_install() {
systemd_dounit "${FILESDIR}"/${PN}.service
newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
- if use logrotate; then
- insopts -m0644
- insinto /etc/logrotate.d
- newins etc/${PN}.logrotate ${PN}
- fi
+ insopts -m0644
+ insinto /etc/logrotate.d
+ newins etc/${PN}.logrotate ${PN}
}
pkg_postinst() {
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2021-07-01 9:47 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2021-07-01 9:47 UTC (permalink / raw
To: gentoo-commits
commit: 8d163145761f32befd627eb7dbeafa75fe577be7
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Thu Jul 1 09:41:25 2021 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Thu Jul 1 09:41:25 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8d163145
net-analyzer/suricata: add 5.0.7, drop 5.0.6
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 2 +-
.../suricata/{suricata-5.0.6.ebuild => suricata-5.0.7.ebuild} | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 24be5f65d70..80b973ee171 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,2 @@
-DIST suricata-5.0.6.tar.gz 29136659 BLAKE2B 97d95cadd54d44bd82424322c08ad04be2122cdae5763995f7aefe4a75872091dd7d289e89e47a5ad9fbce570964f11331d848db7fe7ec4c2be9a0f8b62fadff SHA512 73580721683f929a90b6b59673842c051fe44ee7b8d8d890106aad09952d5b8a8f3716f168c41b33feb5c32e0106f5926125313cc11b27bc5a9c65e90b21888f
+DIST suricata-5.0.7.tar.gz 29211384 BLAKE2B 939e672d9df61863c7adcc4bf52f5620e3760f0d6178362828474b1a72c4e3a69bf1ab52a3220c0069ae5a545c56307553c2796166af488a72a25dddd68782a8 SHA512 dce3929c796e04778eb9437bd4c7203aa9dae56be0baa4b7d986d3eedff3bfc71aa2886ecdeed9d87ec3d88cd3060ff8ef01540d15eb857698a2c4696da5899c
DIST suricata-6.0.2.tar.gz 30514801 BLAKE2B 20604fa3332a9d99a1a30db55a0ccd689af0e08e686cd6739d6c4390456acc28d34702704f7e25537463b0c23600d123de361a227f9ef2420ee5c2b11df2866a SHA512 230a74a5442cfa066c56528036b64c173702238c5075161119eaad08d320e528d3510c51095297f120030177fed9c84076d00f567f7a3a4cbdb23d382966cf00
diff --git a/net-analyzer/suricata/suricata-5.0.6.ebuild b/net-analyzer/suricata/suricata-5.0.7.ebuild
similarity index 99%
rename from net-analyzer/suricata/suricata-5.0.6.ebuild
rename to net-analyzer/suricata/suricata-5.0.7.ebuild
index a48eacb1a1e..d8e5826ae3a 100644
--- a/net-analyzer/suricata/suricata-5.0.6.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.7.ebuild
@@ -4,7 +4,7 @@
EAPI=7
LUA_COMPAT=( lua5-1 luajit )
-PYTHON_COMPAT=( python3_{7..10} )
+PYTHON_COMPAT=( python3_{8..10} )
inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
@@ -36,7 +36,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.37
+ >=net-libs/libhtp-0.5.38
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2021-07-01 9:47 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2021-07-01 9:47 UTC (permalink / raw
To: gentoo-commits
commit: 506079cafa0b3a1417ba678192df931c24d98c41
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Thu Jul 1 09:46:04 2021 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Thu Jul 1 09:46:11 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=506079ca
net-analyzer/suricata: add 6.0.3, drop 6.0.2
Now with rust-1.53 compatibility and without CVE-2021-35063.
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 2 +-
.../{suricata-6.0.2.ebuild => suricata-6.0.3.ebuild} | 18 +++---------------
2 files changed, 4 insertions(+), 16 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 80b973ee171..b50527fd8c9 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,2 @@
DIST suricata-5.0.7.tar.gz 29211384 BLAKE2B 939e672d9df61863c7adcc4bf52f5620e3760f0d6178362828474b1a72c4e3a69bf1ab52a3220c0069ae5a545c56307553c2796166af488a72a25dddd68782a8 SHA512 dce3929c796e04778eb9437bd4c7203aa9dae56be0baa4b7d986d3eedff3bfc71aa2886ecdeed9d87ec3d88cd3060ff8ef01540d15eb857698a2c4696da5899c
-DIST suricata-6.0.2.tar.gz 30514801 BLAKE2B 20604fa3332a9d99a1a30db55a0ccd689af0e08e686cd6739d6c4390456acc28d34702704f7e25537463b0c23600d123de361a227f9ef2420ee5c2b11df2866a SHA512 230a74a5442cfa066c56528036b64c173702238c5075161119eaad08d320e528d3510c51095297f120030177fed9c84076d00f567f7a3a4cbdb23d382966cf00
+DIST suricata-6.0.3.tar.gz 32421197 BLAKE2B c1b339823f2caab73aeb82f96fb703834cd3ca9f0f60662cf340cbc36734aea47106d49869bd70cf3acb419e954ca37bcd22ad1b2d789597bf36f8fe7ceebe11 SHA512 186b871959988ca7cbd0d69e725aed18af915f93363c7ecc0ffa20d8ad8f50a326be08452d085772b1df84ef25258ef0dd6b35d41b0988cb1c653e60aeb103a2
diff --git a/net-analyzer/suricata/suricata-6.0.2.ebuild b/net-analyzer/suricata/suricata-6.0.3.ebuild
similarity index 88%
rename from net-analyzer/suricata/suricata-6.0.2.ebuild
rename to net-analyzer/suricata/suricata-6.0.3.ebuild
index 5a9b9a7ab1a..da57e2c8b34 100644
--- a/net-analyzer/suricata/suricata-6.0.2.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.3.ebuild
@@ -4,7 +4,7 @@
EAPI=7
LUA_COMPAT=( lua5-1 luajit )
-PYTHON_COMPAT=( python3_{7..10} )
+PYTHON_COMPAT=( python3_{8..10} )
inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
@@ -36,7 +36,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.37
+ >=net-libs/libhtp-0.5.38
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
@@ -51,7 +51,7 @@ RDEPEND="${PYTHON_DEPS}
redis? ( dev-libs/hiredis )"
DEPEND="${RDEPEND}
>=sys-devel/autoconf-2.69-r5
- <virtual/rust-1.53.0" # Bug #797370 part one. Hopefully to be fixed come next release.
+ virtual/rust"
PATCHES=(
"${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
@@ -60,18 +60,6 @@ PATCHES=(
)
pkg_pretend() {
- # Bug #797370 part deux, needed to address the edge case of both rust and rust-bin being present
- # - in which case the version limit set on virtual/rust only affects one of them.
- # Version-checking code shamelessly stolen from www-client/firefox.
- local version_rust=$(rustc -Vv 2>/dev/null | grep -F -- 'release:' | awk '{ print $2 }')
- [[ -z ${version_rust} ]] && die "Failed to read version from rustc!"
- if ver_test "${version_rust}" -ge "1.53.0"; then
- eerror "This version of ${PN} does not support Rust 1.53.0+. Please switch to an older version using"
- eerror " eselect rust"
- eerror "before emerging ${PN}."
- die "Unsupported version of Rust selected"
- fi
-
if use bpf && use kernel_linux; then
if kernel_is -lt 4 15; then
ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2021-06-21 16:03 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2021-06-21 16:03 UTC (permalink / raw
To: gentoo-commits
commit: 7a2e9ee518178d40409d8d27384ac0c84b2b3ae9
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Mon Jun 21 15:59:50 2021 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Mon Jun 21 16:03:38 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7a2e9ee5
net-analyzer/suricata: limit version of currently selected rust
While simply limiting the version of virtual/rust in dependencies is
likely enough for most users at present, if someone has got both rust
and rust-bin emerged the virtual will only affect the version of one of
them - and it is possible that the version currently set as active
by "eselect rust" is not a supported one.
Closes: https://bugs.gentoo.org/797370
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/suricata-6.0.2.ebuild | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/suricata-6.0.2.ebuild b/net-analyzer/suricata/suricata-6.0.2.ebuild
index 739d881823d..5a9b9a7ab1a 100644
--- a/net-analyzer/suricata/suricata-6.0.2.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.2.ebuild
@@ -51,7 +51,7 @@ RDEPEND="${PYTHON_DEPS}
redis? ( dev-libs/hiredis )"
DEPEND="${RDEPEND}
>=sys-devel/autoconf-2.69-r5
- <virtual/rust-1.53.0" # Bug #797370. Hopefully to be fixed come next release.
+ <virtual/rust-1.53.0" # Bug #797370 part one. Hopefully to be fixed come next release.
PATCHES=(
"${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
@@ -60,6 +60,18 @@ PATCHES=(
)
pkg_pretend() {
+ # Bug #797370 part deux, needed to address the edge case of both rust and rust-bin being present
+ # - in which case the version limit set on virtual/rust only affects one of them.
+ # Version-checking code shamelessly stolen from www-client/firefox.
+ local version_rust=$(rustc -Vv 2>/dev/null | grep -F -- 'release:' | awk '{ print $2 }')
+ [[ -z ${version_rust} ]] && die "Failed to read version from rustc!"
+ if ver_test "${version_rust}" -ge "1.53.0"; then
+ eerror "This version of ${PN} does not support Rust 1.53.0+. Please switch to an older version using"
+ eerror " eselect rust"
+ eerror "before emerging ${PN}."
+ die "Unsupported version of Rust selected"
+ fi
+
if use bpf && use kernel_linux; then
if kernel_is -lt 4 15; then
ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2021-06-21 14:54 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2021-06-21 14:54 UTC (permalink / raw
To: gentoo-commits
commit: 7eabf62a749bd0028ddeb4774030d5c738025f50
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Mon Jun 21 14:53:48 2021 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Mon Jun 21 14:54:20 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7eabf62a
net-analyzer/suricata: update HOMEPAGE
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/suricata-5.0.6.ebuild | 2 +-
net-analyzer/suricata/suricata-6.0.2.ebuild | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/suricata-5.0.6.ebuild b/net-analyzer/suricata/suricata-5.0.6.ebuild
index ac0387dc315..a48eacb1a1e 100644
--- a/net-analyzer/suricata/suricata-5.0.6.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.6.ebuild
@@ -9,7 +9,7 @@ PYTHON_COMPAT=( python3_{7..10} )
inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="https://suricata-ids.org/"
+HOMEPAGE="https://suricata.io/"
SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
LICENSE="GPL-2"
diff --git a/net-analyzer/suricata/suricata-6.0.2.ebuild b/net-analyzer/suricata/suricata-6.0.2.ebuild
index 0ffe354ceb0..739d881823d 100644
--- a/net-analyzer/suricata/suricata-6.0.2.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.2.ebuild
@@ -9,7 +9,7 @@ PYTHON_COMPAT=( python3_{7..10} )
inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="https://suricata-ids.org/"
+HOMEPAGE="https://suricata.io/"
SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
LICENSE="GPL-2"
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2021-06-21 14:54 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2021-06-21 14:54 UTC (permalink / raw
To: gentoo-commits
commit: 0ba3e306a8c728ad5eaf3e2577859e57820bd28e
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Mon Jun 21 14:41:53 2021 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Mon Jun 21 14:54:16 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0ba3e306
net-analyzer/suricata-6.0.2: restrict Rust version
The bundled lexical-core-0.6.7 is not compatible with rust-1.53 due to
stabilisation of <integer>::BITS, see
https://github.com/rust-lang/rust/issues/81654 . Already fixed by
lexical-core upstream (in version 0.7.5) but I haven't had much luck
backporting this to 0.6.7.
Suricata-5 is not affected because it doesn't use this Rust module.
Closes: https://bugs.gentoo.org/797370
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/suricata-6.0.2.ebuild | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/suricata-6.0.2.ebuild b/net-analyzer/suricata/suricata-6.0.2.ebuild
index ac72587b971..0ffe354ceb0 100644
--- a/net-analyzer/suricata/suricata-6.0.2.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.2.ebuild
@@ -51,7 +51,7 @@ RDEPEND="${PYTHON_DEPS}
redis? ( dev-libs/hiredis )"
DEPEND="${RDEPEND}
>=sys-devel/autoconf-2.69-r5
- virtual/rust"
+ <virtual/rust-1.53.0" # Bug #797370. Hopefully to be fixed come next release.
PATCHES=(
"${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2021-05-17 16:15 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2021-05-17 16:15 UTC (permalink / raw
To: gentoo-commits
commit: 1c381489bdc4603c9447884f1b5748994792b2b9
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Mon May 17 16:12:56 2021 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Mon May 17 16:15:16 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1c381489
net-analyzer/suricata: support python3_10
Build, test and install fine, Python tools such as suricatactl or
suricata-update appear to function properly too.
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/suricata-5.0.6.ebuild | 2 +-
net-analyzer/suricata/suricata-6.0.2.ebuild | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/suricata-5.0.6.ebuild b/net-analyzer/suricata/suricata-5.0.6.ebuild
index defd0c6f7f8..ac0387dc315 100644
--- a/net-analyzer/suricata/suricata-5.0.6.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.6.ebuild
@@ -4,7 +4,7 @@
EAPI=7
LUA_COMPAT=( lua5-1 luajit )
-PYTHON_COMPAT=( python3_{7..9} )
+PYTHON_COMPAT=( python3_{7..10} )
inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
diff --git a/net-analyzer/suricata/suricata-6.0.2.ebuild b/net-analyzer/suricata/suricata-6.0.2.ebuild
index 061242b9a52..ac72587b971 100644
--- a/net-analyzer/suricata/suricata-6.0.2.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.2.ebuild
@@ -4,7 +4,7 @@
EAPI=7
LUA_COMPAT=( lua5-1 luajit )
-PYTHON_COMPAT=( python3_{7..9} )
+PYTHON_COMPAT=( python3_{7..10} )
inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2021-04-03 19:53 Sam James
0 siblings, 0 replies; 81+ messages in thread
From: Sam James @ 2021-04-03 19:53 UTC (permalink / raw
To: gentoo-commits
commit: 3859b4a949038ff5d333dc68b1d2c49b11cefffe
Author: Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Sat Apr 3 19:20:03 2021 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sat Apr 3 19:52:57 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3859b4a9
net-analyzer/suricata: flag-o-matic--, missing die
Signed-off-by: Sam James <sam <AT> gentoo.org>
net-analyzer/suricata/suricata-5.0.6.ebuild | 4 ++--
net-analyzer/suricata/suricata-6.0.2.ebuild | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/net-analyzer/suricata/suricata-5.0.6.ebuild b/net-analyzer/suricata/suricata-5.0.6.ebuild
index b3efab9fb84..46d1458df40 100644
--- a/net-analyzer/suricata/suricata-5.0.6.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.6.ebuild
@@ -6,7 +6,7 @@ EAPI=7
LUA_COMPAT=( lua5-1 luajit )
PYTHON_COMPAT=( python3_{7..9} )
-inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd tmpfiles
+inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
HOMEPAGE="https://suricata-ids.org/"
@@ -121,7 +121,7 @@ src_install() {
python_optimize
if use bpf; then
- rm -f ebpf/Makefile.{am,in}
+ rm -f ebpf/Makefile.{am,in} || die
dodoc -r ebpf/
keepdir /usr/libexec/suricata/ebpf
fi
diff --git a/net-analyzer/suricata/suricata-6.0.2.ebuild b/net-analyzer/suricata/suricata-6.0.2.ebuild
index 18b52aaae03..7171dc94415 100644
--- a/net-analyzer/suricata/suricata-6.0.2.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.2.ebuild
@@ -6,7 +6,7 @@ EAPI=7
LUA_COMPAT=( lua5-1 luajit )
PYTHON_COMPAT=( python3_{7..9} )
-inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd tmpfiles
+inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
HOMEPAGE="https://suricata-ids.org/"
@@ -121,7 +121,7 @@ src_install() {
python_optimize
if use bpf; then
- rm -f ebpf/Makefile.{am,in}
+ rm -f ebpf/Makefile.{am,in} || die
dodoc -r ebpf/
keepdir /usr/libexec/suricata/ebpf
fi
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2021-03-04 14:47 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2021-03-04 14:47 UTC (permalink / raw
To: gentoo-commits
commit: 234bc1ebf74a9163253407cbfa4a89c9e8807efb
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Thu Mar 4 14:10:58 2021 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Thu Mar 4 14:47:11 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=234bc1eb
net-analyzer/suricata: bump v5 to 5.0.6
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 2 +-
.../suricata/{suricata-5.0.5-r1.ebuild => suricata-5.0.6.ebuild} | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 5a442b0ea2e..9cc78dd7d9a 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,2 @@
-DIST suricata-5.0.5.tar.gz 29094537 BLAKE2B c2a5897836117abe9ca39b3a03de36c4d5667d3e64dc1befd77a7b777e4191439a497e3042e6d00b80ae31c8c4f18347cb2e6833e8db5f64b31c8ab1cf557ac5 SHA512 5f26731e0a0134fdecc8e76a68a69584bacb614ba4fd56b74f27abe62ab7d80135908eeaae38c9a03101f069d83597b3c7c69000bdd2a2e6bfe87f7a98de4e16
+DIST suricata-5.0.6.tar.gz 29136659 BLAKE2B 97d95cadd54d44bd82424322c08ad04be2122cdae5763995f7aefe4a75872091dd7d289e89e47a5ad9fbce570964f11331d848db7fe7ec4c2be9a0f8b62fadff SHA512 73580721683f929a90b6b59673842c051fe44ee7b8d8d890106aad09952d5b8a8f3716f168c41b33feb5c32e0106f5926125313cc11b27bc5a9c65e90b21888f
DIST suricata-6.0.1.tar.gz 30460439 BLAKE2B 55a24fa2f653a0a80f51e1ab102bb7046bd1f67d60c64c139b485086f4d8e0f5db58906bc33a7b5bdb76ba37b8206ded99b08034c4c292cf16d595bcafc7acc0 SHA512 be57150afc238b6627731e4463297e67469b66241779f5af3d1bd93bfad4fde41a5371298b54a06c7c3ea324e5642753ca57900173989ac738d663a85e9c33f4
diff --git a/net-analyzer/suricata/suricata-5.0.5-r1.ebuild b/net-analyzer/suricata/suricata-5.0.6.ebuild
similarity index 99%
rename from net-analyzer/suricata/suricata-5.0.5-r1.ebuild
rename to net-analyzer/suricata/suricata-5.0.6.ebuild
index a87e7c8fa16..ef4c372ec11 100644
--- a/net-analyzer/suricata/suricata-5.0.5-r1.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.6.ebuild
@@ -13,7 +13,7 @@ HOMEPAGE="https://suricata-ids.org/"
SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
LICENSE="GPL-2"
-SLOT="0"
+SLOT="0/5"
KEYWORDS="~amd64 ~x86"
IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened logrotate lua lz4 nflog +nfqueue redis systemd test"
@@ -36,7 +36,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.36
+ >=net-libs/libhtp-0.5.37
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2021-03-04 14:47 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2021-03-04 14:47 UTC (permalink / raw
To: gentoo-commits
commit: 42768b1b5f4c1873cf7c13af37d4cf79dbc2ff7a
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Thu Mar 4 14:12:03 2021 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Thu Mar 4 14:47:15 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=42768b1b
net-analyzer/suricata: bump v6 to 6.0.2
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 2 +-
.../suricata/{suricata-6.0.1-r100.ebuild => suricata-6.0.2.ebuild} | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 9cc78dd7d9a..24be5f65d70 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,2 @@
DIST suricata-5.0.6.tar.gz 29136659 BLAKE2B 97d95cadd54d44bd82424322c08ad04be2122cdae5763995f7aefe4a75872091dd7d289e89e47a5ad9fbce570964f11331d848db7fe7ec4c2be9a0f8b62fadff SHA512 73580721683f929a90b6b59673842c051fe44ee7b8d8d890106aad09952d5b8a8f3716f168c41b33feb5c32e0106f5926125313cc11b27bc5a9c65e90b21888f
-DIST suricata-6.0.1.tar.gz 30460439 BLAKE2B 55a24fa2f653a0a80f51e1ab102bb7046bd1f67d60c64c139b485086f4d8e0f5db58906bc33a7b5bdb76ba37b8206ded99b08034c4c292cf16d595bcafc7acc0 SHA512 be57150afc238b6627731e4463297e67469b66241779f5af3d1bd93bfad4fde41a5371298b54a06c7c3ea324e5642753ca57900173989ac738d663a85e9c33f4
+DIST suricata-6.0.2.tar.gz 30514801 BLAKE2B 20604fa3332a9d99a1a30db55a0ccd689af0e08e686cd6739d6c4390456acc28d34702704f7e25537463b0c23600d123de361a227f9ef2420ee5c2b11df2866a SHA512 230a74a5442cfa066c56528036b64c173702238c5075161119eaad08d320e528d3510c51095297f120030177fed9c84076d00f567f7a3a4cbdb23d382966cf00
diff --git a/net-analyzer/suricata/suricata-6.0.1-r100.ebuild b/net-analyzer/suricata/suricata-6.0.2.ebuild
similarity index 98%
rename from net-analyzer/suricata/suricata-6.0.1-r100.ebuild
rename to net-analyzer/suricata/suricata-6.0.2.ebuild
index 64ce2211725..028ea37b43e 100644
--- a/net-analyzer/suricata/suricata-6.0.1-r100.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.2.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2020 Gentoo Authors
+# Copyright 1999-2021 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
@@ -13,7 +13,7 @@ HOMEPAGE="https://suricata-ids.org/"
SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
LICENSE="GPL-2"
-SLOT="0"
+SLOT="0/6"
KEYWORDS="~amd64 ~x86"
IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened logrotate lua lz4 nflog +nfqueue redis systemd test"
@@ -36,7 +36,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.36
+ >=net-libs/libhtp-0.5.37
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2021-01-25 17:38 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2021-01-25 17:38 UTC (permalink / raw
To: gentoo-commits
commit: f77e3d5c7199873514045c900961f6f24e747283
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Mon Jan 25 14:20:10 2021 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Mon Jan 25 17:37:26 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f77e3d5c
net-analyzer/suricata: migrate v5 to lua-single.eclass as well
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/suricata-5.0.5-r1.ebuild | 204 +++++++++++++++++++++++++
1 file changed, 204 insertions(+)
diff --git a/net-analyzer/suricata/suricata-5.0.5-r1.ebuild b/net-analyzer/suricata/suricata-5.0.5-r1.ebuild
new file mode 100644
index 00000000000..9fd6cb85894
--- /dev/null
+++ b/net-analyzer/suricata/suricata-5.0.5-r1.ebuild
@@ -0,0 +1,204 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+LUA_COMPAT=( lua5-1 luajit )
+PYTHON_COMPAT=( python3_{6..9} )
+
+inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="https://suricata-ids.org/"
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened logrotate lua lz4 nflog +nfqueue redis systemd test"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ bpf? ( af-packet )
+ lua? ( ${LUA_REQUIRED_USE} )"
+
+RDEPEND="${PYTHON_DEPS}
+ acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_USEDEP}]
+ ')
+ >=net-libs/libhtp-0.5.36
+ net-libs/libpcap
+ sys-apps/file
+ sys-libs/libcap-ng
+ bpf? ( >=dev-libs/libbpf-0.1.0 )
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/libmaxminddb )
+ logrotate? ( app-admin/logrotate )
+ lua? ( ${LUA_DEPS} )
+ lz4? ( app-arch/lz4 )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue? ( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis )"
+DEPEND="${RDEPEND}
+ >=sys-devel/autoconf-2.69-r5
+ virtual/rust"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.1_default-config.patch"
+)
+
+pkg_pretend() {
+ if use bpf && use kernel_linux; then
+ if kernel_is -lt 4 15; then
+ ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
+ fi
+
+ CONFIG_CHECK="~XDP_SOCKETS"
+ ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata to load XDP programs. "
+ ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
+ check_extra_config
+ fi
+}
+
+src_prepare() {
+ default
+ sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am" || die
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ "--localstatedir=/var" \
+ "--runstatedir=/run" \
+ "--enable-non-bundled-htp" \
+ "--enable-gccmarch-native=no" \
+ "--enable-python" \
+ $(use_enable af-packet) \
+ $(use_enable bpf ebpf) \
+ $(use_enable control-socket unix-socket) \
+ $(use_enable cuda) \
+ $(use_enable detection) \
+ $(use_enable geoip) \
+ $(use_enable hardened gccprotect) \
+ $(use_enable hardened pie) \
+ $(use_enable lz4) \
+ $(use_enable nflog) \
+ $(use_enable nfqueue) \
+ $(use_enable redis hiredis) \
+ $(use_enable test unittests) \
+ "--disable-coccinelle"
+ )
+ if use lua; then
+ if use lua_single_target_luajit; then
+ myeconfargs+=( --enable-luajit )
+ else
+ myeconfargs+=( --enable-lua )
+ fi
+ fi
+
+ if use debug; then
+ myeconfargs+=( $(use_enable debug) )
+ # so we can get a backtrace according to "reporting bugs" on upstream web site
+ CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
+ else
+ econf ${myeconfargs[@]}
+ fi
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+ python_optimize
+
+ if use bpf; then
+ rm -f ebpf/Makefile.{am,in}
+ dodoc -r ebpf/
+ keepdir /usr/libexec/suricata/ebpf
+ fi
+
+ insinto "/etc/${PN}"
+ doins etc/{classification,reference}.config threshold.config suricata.yaml
+
+ keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+ keepdir "/var/log/${PN}"
+
+ fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+
+ newinitd "${FILESDIR}/${PN}-5.0.1-init" ${PN}
+ newconfd "${FILESDIR}/${PN}-5.0.1-conf" ${PN}
+ systemd_dounit "${FILESDIR}"/${PN}.service
+ systemd_newtmpfilesd "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
+
+ if use logrotate; then
+ insopts -m0644
+ insinto /etc/logrotate.d
+ newins etc/${PN}.logrotate ${PN}
+ fi
+}
+
+pkg_postinst() {
+ elog
+ if use systemd; then
+ elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
+ elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
+ elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
+ elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
+ elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
+ elog "For details, see the section on drop-in directories in systemd.unit(5)."
+ else
+ elog "The ${PN} init script expects to find the path to the configuration"
+ elog "file as well as extra options in /etc/conf.d."
+ elog
+ elog "To create more than one ${PN} service, simply create a new .yaml file for it"
+ elog "then create a symlink to the init script from a link called"
+ elog "${PN}.foo - like so"
+ elog " cd /etc/${PN}"
+ elog " ${EDITOR##*/} suricata-foo.yaml"
+ elog " cd /etc/init.d"
+ elog " ln -s ${PN} ${PN}.foo"
+ elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
+ elog
+ elog "You can create as many ${PN}.foo* services as you wish."
+ fi
+
+ if use bpf; then
+ elog
+ elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
+ elog "because their configuration is hard-coded. You can find the default ones in"
+ elog " ${EPREFIX}/usr/share/doc/${PF}/ebpf"
+ elog "and the common location for eBPF bytecode is"
+ elog " ${EPREFIX}/usr/libexec/${PN}"
+ elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
+ fi
+
+ if use debug; then
+ elog
+ elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
+ elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
+ elog "You need to also ensure the FEATURES variable in make.conf contains the"
+ elog "'nostrip' option to produce useful core dumps or back traces."
+ fi
+
+ elog
+ if [[ -z "${REPLACING_VERSIONS}" ]]; then
+ elog "To download and install an initial set of rules, run:"
+ elog " emerge --config =${CATEGORY}/${PF}"
+ fi
+ elog
+}
+
+pkg_config() {
+ suricata-update
+}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2020-12-06 22:02 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2020-12-06 22:02 UTC (permalink / raw
To: gentoo-commits
commit: 57724f05b683513e331b327d9bc589a099d335b6
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Sun Dec 6 22:01:39 2020 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Sun Dec 6 22:02:41 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=57724f05
net-analyzer/suricata: bump the old stable branch to 5.0.5
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 1 +
net-analyzer/suricata/suricata-5.0.5.ebuild | 197 ++++++++++++++++++++++++++++
2 files changed, 198 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index ea206e75187..4393b479fd5 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,3 +1,4 @@
DIST suricata-5.0.4.tar.gz 29091046 BLAKE2B 38526ca39d2460d630fdd9e804f36c74bfcde54a529748896779b549ed1b55174d6080ddad8933ddfd26004f4e78748a503832f47ee5f52d84a133643aef482b SHA512 e5da14f80b628968e146839b828971e888fd0158b2ecbbcc15c0f42fda2bdcc8ad89632ba05cc45c88d88e537452e77f8e2f3a5e09ecd038d0d38b1a8cf8cea6
+DIST suricata-5.0.5.tar.gz 29094537 BLAKE2B c2a5897836117abe9ca39b3a03de36c4d5667d3e64dc1befd77a7b777e4191439a497e3042e6d00b80ae31c8c4f18347cb2e6833e8db5f64b31c8ab1cf557ac5 SHA512 5f26731e0a0134fdecc8e76a68a69584bacb614ba4fd56b74f27abe62ab7d80135908eeaae38c9a03101f069d83597b3c7c69000bdd2a2e6bfe87f7a98de4e16
DIST suricata-6.0.0.tar.gz 30832555 BLAKE2B 9cea05b07520924706e961efed6a45b9ba73388a25777f43c1a90497aa00ec200bad15863b7b17b84e622c79309365596853423776da9c3d103c2a8c1126a0d2 SHA512 3c30f6f57c0e8a24992ff2b4ce8ce166d3c0d4b28c8f5e79434d04de9f2016773be01a1689fedfc9e54ff1c8bc9838206bc28f3ff2e47d60102a7016f1062ec3
DIST suricata-6.0.1.tar.gz 30460439 BLAKE2B 55a24fa2f653a0a80f51e1ab102bb7046bd1f67d60c64c139b485086f4d8e0f5db58906bc33a7b5bdb76ba37b8206ded99b08034c4c292cf16d595bcafc7acc0 SHA512 be57150afc238b6627731e4463297e67469b66241779f5af3d1bd93bfad4fde41a5371298b54a06c7c3ea324e5642753ca57900173989ac738d663a85e9c33f4
diff --git a/net-analyzer/suricata/suricata-5.0.5.ebuild b/net-analyzer/suricata/suricata-5.0.5.ebuild
new file mode 100644
index 00000000000..db9ee04aadb
--- /dev/null
+++ b/net-analyzer/suricata/suricata-5.0.5.ebuild
@@ -0,0 +1,197 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{6..9} )
+
+inherit autotools flag-o-matic linux-info python-single-r1 systemd
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="https://suricata-ids.org/"
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened logrotate lua luajit lz4 nflog +nfqueue redis systemd test"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ ?? ( lua luajit )
+ bpf? ( af-packet )"
+
+RDEPEND="${PYTHON_DEPS}
+ acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_USEDEP}]
+ ')
+ >=net-libs/libhtp-0.5.36
+ net-libs/libpcap
+ sys-apps/file
+ sys-libs/libcap-ng
+ bpf? ( >=dev-libs/libbpf-0.1.0 )
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/libmaxminddb )
+ logrotate? ( app-admin/logrotate )
+ lua? ( dev-lang/lua:0= )
+ luajit? ( dev-lang/luajit:* )
+ lz4? ( app-arch/lz4 )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue? ( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis )"
+DEPEND="${RDEPEND}
+ >=sys-devel/autoconf-2.69-r5
+ virtual/rust"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.1_default-config.patch"
+)
+
+pkg_pretend() {
+ if use bpf && use kernel_linux; then
+ if kernel_is -lt 4 15; then
+ ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
+ fi
+
+ CONFIG_CHECK="~XDP_SOCKETS"
+ ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata to load XDP programs. "
+ ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
+ check_extra_config
+ fi
+}
+
+src_prepare() {
+ default
+ sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am" || die
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ "--localstatedir=/var" \
+ "--runstatedir=/run" \
+ "--enable-non-bundled-htp" \
+ "--enable-gccmarch-native=no" \
+ "--enable-python" \
+ $(use_enable af-packet) \
+ $(use_enable bpf ebpf) \
+ $(use_enable control-socket unix-socket) \
+ $(use_enable cuda) \
+ $(use_enable detection) \
+ $(use_enable geoip) \
+ $(use_enable hardened gccprotect) \
+ $(use_enable hardened pie) \
+ $(use_enable lua) \
+ $(use_enable luajit) \
+ $(use_enable lz4) \
+ $(use_enable nflog) \
+ $(use_enable nfqueue) \
+ $(use_enable redis hiredis) \
+ $(use_enable test unittests) \
+ "--disable-coccinelle"
+ )
+
+ if use debug; then
+ myeconfargs+=( $(use_enable debug) )
+ # so we can get a backtrace according to "reporting bugs" on upstream web site
+ CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
+ else
+ econf ${myeconfargs[@]}
+ fi
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+ python_optimize
+
+ if use bpf; then
+ rm -f ebpf/Makefile.{am,in}
+ dodoc -r ebpf/
+ keepdir /usr/libexec/suricata/ebpf
+ fi
+
+ insinto "/etc/${PN}"
+ doins etc/{classification,reference}.config threshold.config suricata.yaml
+
+ keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+ keepdir "/var/log/${PN}"
+
+ fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+
+ newinitd "${FILESDIR}/${PN}-5.0.1-init" ${PN}
+ newconfd "${FILESDIR}/${PN}-5.0.1-conf" ${PN}
+ systemd_dounit "${FILESDIR}"/${PN}.service
+ systemd_newtmpfilesd "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
+
+ if use logrotate; then
+ insopts -m0644
+ insinto /etc/logrotate.d
+ newins etc/${PN}.logrotate ${PN}
+ fi
+}
+
+pkg_postinst() {
+ elog ""
+ if use systemd; then
+ elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
+ elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
+ elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
+ elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
+ elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
+ elog "For details, see the section on drop-in directories in systemd.unit(5)."
+ else
+ elog "The ${PN} init script expects to find the path to the configuration"
+ elog "file as well as extra options in /etc/conf.d."
+ elog ""
+ elog "To create more than one ${PN} service, simply create a new .yaml file for it"
+ elog "then create a symlink to the init script from a link called"
+ elog "${PN}.foo - like so"
+ elog " cd /etc/${PN}"
+ elog " ${EDITOR##*/} suricata-foo.yaml"
+ elog " cd /etc/init.d"
+ elog " ln -s ${PN} ${PN}.foo"
+ elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
+ elog ""
+ elog "You can create as many ${PN}.foo* services as you wish."
+ fi
+
+ if use bpf; then
+ elog ""
+ elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
+ elog "because their configuration is hard-coded. You can find the default ones in"
+ elog " ${EPREFIX}/usr/share/doc/${PF}/ebpf"
+ elog "and the common location for eBPF bytecode is"
+ elog " ${EPREFIX}/usr/libexec/${PN}"
+ elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
+ fi
+
+ if use debug; then
+ elog ""
+ elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
+ elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
+ elog "You need to also ensure the FEATURES variable in make.conf contains the"
+ elog "'nostrip' option to produce useful core dumps or back traces."
+ fi
+
+ elog ""
+ elog "To download and install an initial set of rules, run:"
+ elog " emerge --config =${CATEGORY}/${PF}"
+ elog ""
+}
+
+pkg_config() {
+ suricata-update
+}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2020-12-03 12:54 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2020-12-03 12:54 UTC (permalink / raw
To: gentoo-commits
commit: 7c476fc8e3073f2bb277ff3775b14aff3505ee1c
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Thu Dec 3 12:39:22 2020 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Thu Dec 3 12:54:11 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7c476fc8
net-analyzer/suricata: limit unmigrated ebuilds to dev-lang/lua:0
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/suricata-5.0.4.ebuild | 2 +-
net-analyzer/suricata/suricata-6.0.0.ebuild | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/suricata-5.0.4.ebuild b/net-analyzer/suricata/suricata-5.0.4.ebuild
index e618aa1e0bc..077c14ece6d 100644
--- a/net-analyzer/suricata/suricata-5.0.4.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.4.ebuild
@@ -43,7 +43,7 @@ RDEPEND="${PYTHON_DEPS}
cuda? ( dev-util/nvidia-cuda-toolkit )
geoip? ( dev-libs/libmaxminddb )
logrotate? ( app-admin/logrotate )
- lua? ( dev-lang/lua:* )
+ lua? ( dev-lang/lua:0= )
luajit? ( dev-lang/luajit:* )
lz4? ( app-arch/lz4 )
nflog? ( net-libs/libnetfilter_log )
diff --git a/net-analyzer/suricata/suricata-6.0.0.ebuild b/net-analyzer/suricata/suricata-6.0.0.ebuild
index 5f5d14e3eec..6a00d0c18c9 100644
--- a/net-analyzer/suricata/suricata-6.0.0.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.0.ebuild
@@ -43,7 +43,7 @@ RDEPEND="${PYTHON_DEPS}
cuda? ( dev-util/nvidia-cuda-toolkit )
geoip? ( dev-libs/libmaxminddb )
logrotate? ( app-admin/logrotate )
- lua? ( dev-lang/lua:* )
+ lua? ( dev-lang/lua:0= )
luajit? ( dev-lang/luajit:* )
lz4? ( app-arch/lz4 )
nflog? ( net-libs/libnetfilter_log )
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2020-10-14 14:44 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2020-10-14 14:44 UTC (permalink / raw
To: gentoo-commits
commit: b9b248bc69259902555d6c2a622a3d2e97a45355
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Wed Oct 14 13:55:12 2020 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Wed Oct 14 14:42:31 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b9b248bc
net-analyzer/suricata: migrate to lua-single.eclass
Both the documentation and the autoconf script only mention luajit and
lua5.1 so limit compatibility to these two.
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/suricata-6.0.0-r100.ebuild | 208 +++++++++++++++++++++++
1 file changed, 208 insertions(+)
diff --git a/net-analyzer/suricata/suricata-6.0.0-r100.ebuild b/net-analyzer/suricata/suricata-6.0.0-r100.ebuild
new file mode 100644
index 00000000000..872fafeef3a
--- /dev/null
+++ b/net-analyzer/suricata/suricata-6.0.0-r100.ebuild
@@ -0,0 +1,208 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+LUA_COMPAT=( lua5-1 luajit )
+PYTHON_COMPAT=( python3_{6..9} )
+
+inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="https://suricata-ids.org/"
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened logrotate lua lz4 nflog +nfqueue redis systemd test"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ bpf? ( af-packet )
+ lua? ( ${LUA_REQUIRED_USE} )"
+
+RDEPEND="${PYTHON_DEPS}
+ acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_USEDEP}]
+ ')
+ >=net-libs/libhtp-0.5.35
+ net-libs/libpcap
+ sys-apps/file
+ sys-libs/libcap-ng
+ bpf? ( >=dev-libs/libbpf-0.1.0 )
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/libmaxminddb )
+ logrotate? ( app-admin/logrotate )
+ lua? ( ${LUA_DEPS} )
+ lz4? ( app-arch/lz4 )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue? ( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis )"
+DEPEND="${RDEPEND}
+ >=sys-devel/autoconf-2.69-r5
+ virtual/rust"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
+ "${FILESDIR}/${PN}-6.0.0_default-config.patch"
+)
+
+pkg_pretend() {
+ if use bpf && use kernel_linux; then
+ if kernel_is -lt 4 15; then
+ ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
+ fi
+
+ CONFIG_CHECK="~XDP_SOCKETS"
+ ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata to load XDP programs. "
+ ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
+ check_extra_config
+ fi
+}
+
+src_prepare() {
+ default
+ sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am" || die
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ "--localstatedir=/var" \
+ "--runstatedir=/run" \
+ "--enable-non-bundled-htp" \
+ "--enable-gccmarch-native=no" \
+ "--enable-python" \
+ $(use_enable af-packet) \
+ $(use_enable bpf ebpf) \
+ $(use_enable control-socket unix-socket) \
+ $(use_enable cuda) \
+ $(use_enable detection) \
+ $(use_enable geoip) \
+ $(use_enable hardened gccprotect) \
+ $(use_enable hardened pie) \
+ $(use_enable lz4) \
+ $(use_enable nflog) \
+ $(use_enable nfqueue) \
+ $(use_enable redis hiredis) \
+ $(use_enable test unittests) \
+ "--disable-coccinelle"
+ )
+ if use lua; then
+ if use lua_single_target_luajit; then
+ myeconfargs+=( --enable-luajit )
+ else
+ myeconfargs+=( --enable-lua )
+ fi
+ fi
+
+ if use debug; then
+ myeconfargs+=( $(use_enable debug) )
+ # so we can get a backtrace according to "reporting bugs" on upstream web site
+ CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
+ else
+ econf ${myeconfargs[@]}
+ fi
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+ python_optimize
+
+ if use bpf; then
+ rm -f ebpf/Makefile.{am,in}
+ dodoc -r ebpf/
+ keepdir /usr/libexec/suricata/ebpf
+ fi
+
+ insinto "/etc/${PN}"
+ doins etc/{classification,reference}.config threshold.config suricata.yaml
+
+ keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+ keepdir "/var/log/${PN}"
+
+ fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+
+ newinitd "${FILESDIR}/${PN}-5.0.1-init" ${PN}
+ newconfd "${FILESDIR}/${PN}-5.0.1-conf" ${PN}
+ systemd_dounit "${FILESDIR}"/${PN}.service
+ systemd_newtmpfilesd "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
+
+ if use logrotate; then
+ insopts -m0644
+ insinto /etc/logrotate.d
+ newins etc/${PN}.logrotate ${PN}
+ fi
+}
+
+pkg_postinst() {
+ elog
+ if use systemd; then
+ elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
+ elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
+ elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
+ elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
+ elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
+ elog "For details, see the section on drop-in directories in systemd.unit(5)."
+ else
+ elog "The ${PN} init script expects to find the path to the configuration"
+ elog "file as well as extra options in /etc/conf.d."
+ elog
+ elog "To create more than one ${PN} service, simply create a new .yaml file for it"
+ elog "then create a symlink to the init script from a link called"
+ elog "${PN}.foo - like so"
+ elog " cd /etc/${PN}"
+ elog " ${EDITOR##*/} suricata-foo.yaml"
+ elog " cd /etc/init.d"
+ elog " ln -s ${PN} ${PN}.foo"
+ elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
+ elog
+ elog "You can create as many ${PN}.foo* services as you wish."
+ fi
+
+ if use bpf; then
+ elog
+ elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
+ elog "because their configuration is hard-coded. You can find the default ones in"
+ elog " ${EPREFIX}/usr/share/doc/${PF}/ebpf"
+ elog "and the common location for eBPF bytecode is"
+ elog " ${EPREFIX}/usr/libexec/${PN}"
+ elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
+ fi
+
+ if use debug; then
+ elog
+ elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
+ elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
+ elog "You need to also ensure the FEATURES variable in make.conf contains the"
+ elog "'nostrip' option to produce useful core dumps or back traces."
+ fi
+
+ elog
+ if [[ -n "${REPLACING_VERSIONS}" ]]; then
+ ewarn "Since version 6.0.0 Suricata no longer supports the unified2 output format commonly used"
+ ewarn "in legacy, Snort-compatible IDS solutions, e.g. ones based on net-analyzer/barnyard2."
+ ewarn "If you need unified2 support, please continue to use suricata-5."
+ else
+ elog "To download and install an initial set of rules, run:"
+ elog " emerge --config =${CATEGORY}/${PF}"
+ fi
+ elog
+}
+
+pkg_config() {
+ suricata-update
+}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2020-10-09 11:41 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2020-10-09 11:41 UTC (permalink / raw
To: gentoo-commits
commit: 6b0add7f82cb3990a9b95d3931ce94981884dca4
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Fri Oct 9 11:34:30 2020 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Fri Oct 9 11:40:52 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6b0add7f
net-analyzer/suricata: bump to 5.0.4
6.0.0 is out now too but it may or may not take time to package, and
5.0.4 fixes some potential security issues detected by Oss-Fuzz.
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 2 +-
.../suricata/{suricata-5.0.3.ebuild => suricata-5.0.4.ebuild} | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index b4800d771b4..06edb9b7cc8 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1 +1 @@
-DIST suricata-5.0.3.tar.gz 23744731 BLAKE2B 51dfd6fb8a1208e4999999f178f679f2b3cf6a2632a659fb5b58baa747da64fb37a1c9345b51b2bb3f5c33f9a3fc9208ab52cb6e8dc6ddb38b7c19124f7345ca SHA512 4e0ad2ae33537cb074d549b3cc162c5ed115605cb142a96cbf66d1341799eaad96b307fd6ad4679e344e51d00065b3573bfb26bd60468f12addb144b112e4f72
+DIST suricata-5.0.4.tar.gz 29091046 BLAKE2B 38526ca39d2460d630fdd9e804f36c74bfcde54a529748896779b549ed1b55174d6080ddad8933ddfd26004f4e78748a503832f47ee5f52d84a133643aef482b SHA512 e5da14f80b628968e146839b828971e888fd0158b2ecbbcc15c0f42fda2bdcc8ad89632ba05cc45c88d88e537452e77f8e2f3a5e09ecd038d0d38b1a8cf8cea6
diff --git a/net-analyzer/suricata/suricata-5.0.3.ebuild b/net-analyzer/suricata/suricata-5.0.4.ebuild
similarity index 98%
rename from net-analyzer/suricata/suricata-5.0.3.ebuild
rename to net-analyzer/suricata/suricata-5.0.4.ebuild
index d159cf584da..e618aa1e0bc 100644
--- a/net-analyzer/suricata/suricata-5.0.3.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.4.ebuild
@@ -35,11 +35,11 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.33
+ >=net-libs/libhtp-0.5.35
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
- bpf? ( >=dev-libs/libbpf-0.0.6 )
+ bpf? ( >=dev-libs/libbpf-0.1.0 )
cuda? ( dev-util/nvidia-cuda-toolkit )
geoip? ( dev-libs/libmaxminddb )
logrotate? ( app-admin/logrotate )
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2020-07-17 20:10 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2020-07-17 20:10 UTC (permalink / raw
To: gentoo-commits
commit: 2fa67aeb1448e023feb007a4f83003c759013924
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Fri Jul 17 19:30:28 2020 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Fri Jul 17 20:09:59 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2fa67aeb
net-analyzer/suricata: support python3_9
Builds, tests and installs fine, and at least suricata-update works
without problems.
Tested pypy3 support as well and it needs work, somehow Python modules
for this implementation end up in /usr/site-packages. Tools work fine
once the modules have been manually moved to the right directory,
though.
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/suricata-5.0.3.ebuild | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/suricata-5.0.3.ebuild b/net-analyzer/suricata/suricata-5.0.3.ebuild
index c1f707b1342..d159cf584da 100644
--- a/net-analyzer/suricata/suricata-5.0.3.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.3.ebuild
@@ -3,7 +3,7 @@
EAPI=7
-PYTHON_COMPAT=( python3_{6,7,8} )
+PYTHON_COMPAT=( python3_{6..9} )
inherit autotools flag-o-matic linux-info python-single-r1 systemd
@@ -65,7 +65,7 @@ pkg_pretend() {
fi
CONFIG_CHECK="~XDP_SOCKETS"
- ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata will to load XDP programs. "
+ ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata to load XDP programs. "
ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
check_extra_config
fi
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2020-05-22 21:02 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2020-05-22 21:02 UTC (permalink / raw
To: gentoo-commits
commit: 00b295187723410950b9e6fed2b221a68bdacb5b
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Fri May 22 20:58:25 2020 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Fri May 22 21:01:55 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=00b29518
net-analyzer/suricata: bump to 5.0.3 + remove 5.0.2
Bug: https://bugs.gentoo.org/724536
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 2 +-
net-analyzer/suricata/{suricata-5.0.2.ebuild => suricata-5.0.3.ebuild} | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 0d9c0caa06c..b4800d771b4 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1 +1 @@
-DIST suricata-5.0.2.tar.gz 23735393 BLAKE2B 3fd9bac597cda59cbeb3d902eccf15e4b873b56b44967a1cad9e99e041f06778ffd4f8ea1378f0df3fa84f2cabd6ac13eda7a2cb233e80a75c27bf7c4e5f7cd0 SHA512 e288f6aee9f8fafb8fa811d2c83a89a29434edc24e05542e172852dc139b9d0bb474d35ddbdc4723df04e7a8b4e70e181c822a4fb1315ba2879c3c7a5c16ef16
+DIST suricata-5.0.3.tar.gz 23744731 BLAKE2B 51dfd6fb8a1208e4999999f178f679f2b3cf6a2632a659fb5b58baa747da64fb37a1c9345b51b2bb3f5c33f9a3fc9208ab52cb6e8dc6ddb38b7c19124f7345ca SHA512 4e0ad2ae33537cb074d549b3cc162c5ed115605cb142a96cbf66d1341799eaad96b307fd6ad4679e344e51d00065b3573bfb26bd60468f12addb144b112e4f72
diff --git a/net-analyzer/suricata/suricata-5.0.2.ebuild b/net-analyzer/suricata/suricata-5.0.3.ebuild
similarity index 99%
rename from net-analyzer/suricata/suricata-5.0.2.ebuild
rename to net-analyzer/suricata/suricata-5.0.3.ebuild
index b2dc6c2e8b0..c1f707b1342 100644
--- a/net-analyzer/suricata/suricata-5.0.2.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.3.ebuild
@@ -35,7 +35,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.32
+ >=net-libs/libhtp-0.5.33
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2020-04-23 21:11 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2020-04-23 21:11 UTC (permalink / raw
To: gentoo-commits
commit: 3af306d8750b3693dd04e3bed2c6a40a5258718a
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Thu Apr 23 21:10:21 2020 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Thu Apr 23 21:10:54 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3af306d8
net-analyzer/suricata: remove old
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 1 -
net-analyzer/suricata/suricata-5.0.1-r1.ebuild | 201 -------------------------
2 files changed, 202 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 15bad1cad76..0d9c0caa06c 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1 @@
-DIST suricata-5.0.1.tar.gz 23721536 BLAKE2B 529837e8e4d6c33d2093df8208bf03519e0d60deef92eadf9d0a44b7416eae2f900b2f72349815acb86d9bdd9d4253bbc5d7c4c1a34157f544982b0788291624 SHA512 db0797a7992abf0ddf170cb603fdac06b0ff92278bb91343860bccbbe029ea0e83131dfb9805ca44bcbbe3925502119259e350a17e94209b21d1f8b610d965a6
DIST suricata-5.0.2.tar.gz 23735393 BLAKE2B 3fd9bac597cda59cbeb3d902eccf15e4b873b56b44967a1cad9e99e041f06778ffd4f8ea1378f0df3fa84f2cabd6ac13eda7a2cb233e80a75c27bf7c4e5f7cd0 SHA512 e288f6aee9f8fafb8fa811d2c83a89a29434edc24e05542e172852dc139b9d0bb474d35ddbdc4723df04e7a8b4e70e181c822a4fb1315ba2879c3c7a5c16ef16
diff --git a/net-analyzer/suricata/suricata-5.0.1-r1.ebuild b/net-analyzer/suricata/suricata-5.0.1-r1.ebuild
deleted file mode 100644
index e74f32fee51..00000000000
--- a/net-analyzer/suricata/suricata-5.0.1-r1.ebuild
+++ /dev/null
@@ -1,201 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{6,7,8} )
-
-inherit autotools flag-o-matic linux-info python-single-r1 systemd
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="https://suricata-ids.org/"
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened logrotate lua luajit lz4 nflog +nfqueue redis systemd test"
-
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- ?? ( lua luajit )
- bpf? ( af-packet )"
-
-CDEPEND="acct-group/suricata
- acct-user/suricata
- dev-libs/jansson
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- $(python_gen_cond_dep '
- dev-python/pyyaml[${PYTHON_MULTI_USEDEP}]
- ')
- >=net-libs/libhtp-0.5.32
- net-libs/libpcap
- sys-apps/file
- sys-libs/libcap-ng
- bpf? ( >=dev-libs/libbpf-0.0.6 )
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/libmaxminddb )
- logrotate? ( app-admin/logrotate )
- lua? ( dev-lang/lua:* )
- luajit? ( dev-lang/luajit:* )
- lz4? ( app-arch/lz4 )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue? ( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis )"
-DEPEND="${CDEPEND}
- >=sys-devel/autoconf-2.69-r5
- virtual/rust"
-RDEPEND="${CDEPEND}
- ${PYTHON_DEPS}"
-
-PATCHES=(
- "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
- "${FILESDIR}/${PN}-5.0.1_default-config.patch"
-)
-
-pkg_pretend() {
- if use bpf && use kernel_linux; then
- if kernel_is -lt 4 15; then
- ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
- fi
-
- CONFIG_CHECK="~XDP_SOCKETS"
- ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata will to load XDP programs. "
- ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
- check_extra_config
- fi
-}
-
-src_prepare() {
- # Bug #707204
- append-cflags $(test-flags-CC -fcommon)
-
- default
- sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am"
- eautoreconf
-}
-
-src_configure() {
- local myeconfargs=(
- "--localstatedir=/var" \
- "--runstatedir=/run" \
- "--enable-non-bundled-htp" \
- "--enable-gccmarch-native=no" \
- "--enable-python" \
- $(use_enable af-packet) \
- $(use_enable bpf ebpf) \
- $(use_enable control-socket unix-socket) \
- $(use_enable cuda) \
- $(use_enable detection) \
- $(use_enable geoip) \
- $(use_enable hardened gccprotect) \
- $(use_enable hardened pie) \
- $(use_enable lua) \
- $(use_enable luajit) \
- $(use_enable lz4) \
- $(use_enable nflog) \
- $(use_enable nfqueue) \
- $(use_enable redis hiredis) \
- $(use_enable test unittests) \
- "--disable-coccinelle"
- )
-
- if use debug; then
- myeconfargs+=( $(use_enable debug) )
- # so we can get a backtrace according to "reporting bugs" on upstream web site
- CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
- else
- econf ${myeconfargs[@]}
- fi
-}
-
-src_install() {
- emake DESTDIR="${D}" install
- python_optimize
-
- if use bpf; then
- rm -f ebpf/Makefile.{am,in}
- dodoc -r ebpf/
- keepdir /usr/libexec/suricata/ebpf
- fi
-
- insinto "/etc/${PN}"
- doins etc/{classification,reference}.config threshold.config suricata.yaml
-
- keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
- keepdir "/var/log/${PN}"
-
- fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
-
- newinitd "${FILESDIR}/${PN}-5.0.1-init" ${PN}
- newconfd "${FILESDIR}/${PN}-5.0.1-conf" ${PN}
- systemd_dounit "${FILESDIR}"/${PN}.service
- systemd_newtmpfilesd "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
-
- if use logrotate; then
- insopts -m0644
- insinto /etc/logrotate.d
- newins etc/${PN}.logrotate ${PN}
- fi
-}
-
-pkg_postinst() {
- elog ""
- if use systemd; then
- elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
- elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
- elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
- elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
- elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
- elog "For details, see the section on drop-in directories in systemd.unit(5)."
- else
- elog "The ${PN} init script expects to find the path to the configuration"
- elog "file as well as extra options in /etc/conf.d."
- elog ""
- elog "To create more than one ${PN} service, simply create a new .yaml file for it"
- elog "then create a symlink to the init script from a link called"
- elog "${PN}.foo - like so"
- elog " cd /etc/${PN}"
- elog " ${EDITOR##*/} suricata-foo.yaml"
- elog " cd /etc/init.d"
- elog " ln -s ${PN} ${PN}.foo"
- elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
- elog ""
- elog "You can create as many ${PN}.foo* services as you wish."
- fi
-
- if use bpf; then
- elog ""
- elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
- elog "because their configuration is hard-coded. You can find the default ones in"
- elog " ${EPREFIX}/usr/share/doc/${PF}/ebpf"
- elog "and the common location for eBPF bytecode is"
- elog " ${EPREFIX}/usr/libexec/${PN}"
- elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
- fi
-
- if use debug; then
- elog ""
- elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
- elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
- elog "You need to also ensure the FEATURES variable in make.conf contains the"
- elog "'nostrip' option to produce useful core dumps or back traces."
- fi
-
- elog ""
- elog "To download and install an initial set of rules, run:"
- elog " emerge --config =${CATEGORY}/${PF}"
- elog ""
-}
-
-pkg_config() {
- suricata-update
-}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2020-04-23 21:11 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2020-04-23 21:11 UTC (permalink / raw
To: gentoo-commits
commit: a061032bd203f7986591189957a1008aecc9268a
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Thu Apr 23 20:59:56 2020 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Thu Apr 23 21:10:48 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a061032b
net-analyzer/suricata: add missing "|| die" guard to sed call
Also, some cosmetic changes to dependencies.
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/suricata-5.0.2.ebuild | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/net-analyzer/suricata/suricata-5.0.2.ebuild b/net-analyzer/suricata/suricata-5.0.2.ebuild
index 19940f3c9fb..b2dc6c2e8b0 100644
--- a/net-analyzer/suricata/suricata-5.0.2.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.2.ebuild
@@ -22,7 +22,8 @@ REQUIRED_USE="${PYTHON_REQUIRED_USE}
?? ( lua luajit )
bpf? ( af-packet )"
-CDEPEND="acct-group/suricata
+RDEPEND="${PYTHON_DEPS}
+ acct-group/suricata
acct-user/suricata
dev-libs/jansson
dev-libs/libpcre
@@ -32,7 +33,7 @@ CDEPEND="acct-group/suricata
dev-libs/nspr
dev-libs/nss
$(python_gen_cond_dep '
- dev-python/pyyaml[${PYTHON_MULTI_USEDEP}]
+ dev-python/pyyaml[${PYTHON_USEDEP}]
')
>=net-libs/libhtp-0.5.32
net-libs/libpcap
@@ -48,11 +49,9 @@ CDEPEND="acct-group/suricata
nflog? ( net-libs/libnetfilter_log )
nfqueue? ( net-libs/libnetfilter_queue )
redis? ( dev-libs/hiredis )"
-DEPEND="${CDEPEND}
+DEPEND="${RDEPEND}
>=sys-devel/autoconf-2.69-r5
virtual/rust"
-RDEPEND="${CDEPEND}
- ${PYTHON_DEPS}"
PATCHES=(
"${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
@@ -74,7 +73,7 @@ pkg_pretend() {
src_prepare() {
default
- sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am"
+ sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am" || die
eautoreconf
}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2020-03-04 9:46 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2020-03-04 9:46 UTC (permalink / raw
To: gentoo-commits
commit: a4873f5bac8cb283f0827abfca1d44e99c383fae
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Wed Mar 4 09:44:09 2020 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Wed Mar 4 09:44:09 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a4873f5b
net-analyzer/suricata: bump to 5.0.2
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/Manifest | 1 +
net-analyzer/suricata/suricata-5.0.2.ebuild | 198 ++++++++++++++++++++++++++++
2 files changed, 199 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index ac5ea56c85b..15bad1cad76 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1 +1,2 @@
DIST suricata-5.0.1.tar.gz 23721536 BLAKE2B 529837e8e4d6c33d2093df8208bf03519e0d60deef92eadf9d0a44b7416eae2f900b2f72349815acb86d9bdd9d4253bbc5d7c4c1a34157f544982b0788291624 SHA512 db0797a7992abf0ddf170cb603fdac06b0ff92278bb91343860bccbbe029ea0e83131dfb9805ca44bcbbe3925502119259e350a17e94209b21d1f8b610d965a6
+DIST suricata-5.0.2.tar.gz 23735393 BLAKE2B 3fd9bac597cda59cbeb3d902eccf15e4b873b56b44967a1cad9e99e041f06778ffd4f8ea1378f0df3fa84f2cabd6ac13eda7a2cb233e80a75c27bf7c4e5f7cd0 SHA512 e288f6aee9f8fafb8fa811d2c83a89a29434edc24e05542e172852dc139b9d0bb474d35ddbdc4723df04e7a8b4e70e181c822a4fb1315ba2879c3c7a5c16ef16
diff --git a/net-analyzer/suricata/suricata-5.0.2.ebuild b/net-analyzer/suricata/suricata-5.0.2.ebuild
new file mode 100644
index 00000000000..19940f3c9fb
--- /dev/null
+++ b/net-analyzer/suricata/suricata-5.0.2.ebuild
@@ -0,0 +1,198 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{6,7,8} )
+
+inherit autotools flag-o-matic linux-info python-single-r1 systemd
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="https://suricata-ids.org/"
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened logrotate lua luajit lz4 nflog +nfqueue redis systemd test"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ ?? ( lua luajit )
+ bpf? ( af-packet )"
+
+CDEPEND="acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_MULTI_USEDEP}]
+ ')
+ >=net-libs/libhtp-0.5.32
+ net-libs/libpcap
+ sys-apps/file
+ sys-libs/libcap-ng
+ bpf? ( >=dev-libs/libbpf-0.0.6 )
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/libmaxminddb )
+ logrotate? ( app-admin/logrotate )
+ lua? ( dev-lang/lua:* )
+ luajit? ( dev-lang/luajit:* )
+ lz4? ( app-arch/lz4 )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue? ( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis )"
+DEPEND="${CDEPEND}
+ >=sys-devel/autoconf-2.69-r5
+ virtual/rust"
+RDEPEND="${CDEPEND}
+ ${PYTHON_DEPS}"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.1_default-config.patch"
+)
+
+pkg_pretend() {
+ if use bpf && use kernel_linux; then
+ if kernel_is -lt 4 15; then
+ ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
+ fi
+
+ CONFIG_CHECK="~XDP_SOCKETS"
+ ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata will to load XDP programs. "
+ ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
+ check_extra_config
+ fi
+}
+
+src_prepare() {
+ default
+ sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am"
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ "--localstatedir=/var" \
+ "--runstatedir=/run" \
+ "--enable-non-bundled-htp" \
+ "--enable-gccmarch-native=no" \
+ "--enable-python" \
+ $(use_enable af-packet) \
+ $(use_enable bpf ebpf) \
+ $(use_enable control-socket unix-socket) \
+ $(use_enable cuda) \
+ $(use_enable detection) \
+ $(use_enable geoip) \
+ $(use_enable hardened gccprotect) \
+ $(use_enable hardened pie) \
+ $(use_enable lua) \
+ $(use_enable luajit) \
+ $(use_enable lz4) \
+ $(use_enable nflog) \
+ $(use_enable nfqueue) \
+ $(use_enable redis hiredis) \
+ $(use_enable test unittests) \
+ "--disable-coccinelle"
+ )
+
+ if use debug; then
+ myeconfargs+=( $(use_enable debug) )
+ # so we can get a backtrace according to "reporting bugs" on upstream web site
+ CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
+ else
+ econf ${myeconfargs[@]}
+ fi
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+ python_optimize
+
+ if use bpf; then
+ rm -f ebpf/Makefile.{am,in}
+ dodoc -r ebpf/
+ keepdir /usr/libexec/suricata/ebpf
+ fi
+
+ insinto "/etc/${PN}"
+ doins etc/{classification,reference}.config threshold.config suricata.yaml
+
+ keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+ keepdir "/var/log/${PN}"
+
+ fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+
+ newinitd "${FILESDIR}/${PN}-5.0.1-init" ${PN}
+ newconfd "${FILESDIR}/${PN}-5.0.1-conf" ${PN}
+ systemd_dounit "${FILESDIR}"/${PN}.service
+ systemd_newtmpfilesd "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
+
+ if use logrotate; then
+ insopts -m0644
+ insinto /etc/logrotate.d
+ newins etc/${PN}.logrotate ${PN}
+ fi
+}
+
+pkg_postinst() {
+ elog ""
+ if use systemd; then
+ elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
+ elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
+ elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
+ elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
+ elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
+ elog "For details, see the section on drop-in directories in systemd.unit(5)."
+ else
+ elog "The ${PN} init script expects to find the path to the configuration"
+ elog "file as well as extra options in /etc/conf.d."
+ elog ""
+ elog "To create more than one ${PN} service, simply create a new .yaml file for it"
+ elog "then create a symlink to the init script from a link called"
+ elog "${PN}.foo - like so"
+ elog " cd /etc/${PN}"
+ elog " ${EDITOR##*/} suricata-foo.yaml"
+ elog " cd /etc/init.d"
+ elog " ln -s ${PN} ${PN}.foo"
+ elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
+ elog ""
+ elog "You can create as many ${PN}.foo* services as you wish."
+ fi
+
+ if use bpf; then
+ elog ""
+ elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
+ elog "because their configuration is hard-coded. You can find the default ones in"
+ elog " ${EPREFIX}/usr/share/doc/${PF}/ebpf"
+ elog "and the common location for eBPF bytecode is"
+ elog " ${EPREFIX}/usr/libexec/${PN}"
+ elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
+ fi
+
+ if use debug; then
+ elog ""
+ elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
+ elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
+ elog "You need to also ensure the FEATURES variable in make.conf contains the"
+ elog "'nostrip' option to produce useful core dumps or back traces."
+ fi
+
+ elog ""
+ elog "To download and install an initial set of rules, run:"
+ elog " emerge --config =${CATEGORY}/${PF}"
+ elog ""
+}
+
+pkg_config() {
+ suricata-update
+}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2020-02-05 15:30 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2020-02-05 15:30 UTC (permalink / raw
To: gentoo-commits
commit: e079e3cc9126887c71f1cd7130157e17c1ea31ac
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Wed Feb 5 15:29:31 2020 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Wed Feb 5 15:30:35 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e079e3cc
net-analyzer/suricata: build with -fno-common / gcc-10
Tried fixing the code but it turns out it would require a non-trivial
amount of changes so let's just force -fcommon. Tested using gcc-9 with
-fno-common included in CFLAGS.
Closes: https://bugs.gentoo.org/707204
Package-Manager: Portage-2.3.84, Repoman-2.3.20
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/suricata-5.0.1.ebuild | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/suricata-5.0.1.ebuild b/net-analyzer/suricata/suricata-5.0.1.ebuild
index 67694740597..d09d4b1a984 100644
--- a/net-analyzer/suricata/suricata-5.0.1.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.1.ebuild
@@ -1,11 +1,11 @@
-# Copyright 1999-2019 Gentoo Authors
+# Copyright 1999-2020 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
PYTHON_COMPAT=( python3_{6,7,8} )
-inherit autotools linux-info python-single-r1 systemd
+inherit autotools flag-o-matic linux-info python-single-r1 systemd
DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
HOMEPAGE="https://suricata-ids.org/"
@@ -71,6 +71,9 @@ pkg_pretend() {
}
src_prepare() {
+ # Bug #707204
+ append-cflags $(test-flags-CC -fcommon)
+
default
sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am"
eautoreconf
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2019-12-20 10:18 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2019-12-20 10:18 UTC (permalink / raw
To: gentoo-commits
commit: 225a6a736d4c216d370d510a6a40c8a4f7622adf
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Fri Dec 20 10:17:43 2019 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Fri Dec 20 10:18:03 2019 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=225a6a73
net-analyzer/suricata: depend on virtual/rust, not dev-lang/rust
In other words, do not force users to build Rust from source.
Closes: https://bugs.gentoo.org/703346
Package-Manager: Portage-2.3.79, Repoman-2.3.16
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/suricata-5.0.1.ebuild | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/suricata-5.0.1.ebuild b/net-analyzer/suricata/suricata-5.0.1.ebuild
index 1618cee4705..67694740597 100644
--- a/net-analyzer/suricata/suricata-5.0.1.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.1.ebuild
@@ -48,7 +48,7 @@ CDEPEND="acct-group/suricata
redis? ( dev-libs/hiredis )"
DEPEND="${CDEPEND}
>=sys-devel/autoconf-2.69-r5
- dev-lang/rust"
+ virtual/rust"
RDEPEND="${CDEPEND}
${PYTHON_DEPS}"
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2019-12-19 15:18 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2019-12-19 15:18 UTC (permalink / raw
To: gentoo-commits
commit: c8ecb922ecf5a2685f265df3d0a0536aba0ce5bf
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Thu Dec 19 14:59:17 2019 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Thu Dec 19 15:17:15 2019 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c8ecb922
net-analyzer/suricata: fix typo in postinst messages
Package-Manager: Portage-2.3.79, Repoman-2.3.16
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/suricata-5.0.1.ebuild | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/suricata-5.0.1.ebuild b/net-analyzer/suricata/suricata-5.0.1.ebuild
index ecb34b71784..1618cee4705 100644
--- a/net-analyzer/suricata/suricata-5.0.1.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.1.ebuild
@@ -147,7 +147,7 @@ pkg_postinst() {
if use systemd; then
elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
- elog "on file configuration to specify interfaces, should you prefer to run it different you will have to customise"
+ elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
elog "For details, see the section on drop-in directories in systemd.unit(5)."
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2019-12-16 16:05 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2019-12-16 16:05 UTC (permalink / raw
To: gentoo-commits
commit: c1210bc476d8126c337aa416fb8018377e8a0490
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Mon Dec 16 15:58:12 2019 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Mon Dec 16 16:05:09 2019 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c1210bc4
net-analyzer/suricata: add self to the list of maintainers
Package-Manager: Portage-2.3.79, Repoman-2.3.16
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>
net-analyzer/suricata/metadata.xml | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/net-analyzer/suricata/metadata.xml b/net-analyzer/suricata/metadata.xml
index bc25d72f088..cc49d0aa09f 100644
--- a/net-analyzer/suricata/metadata.xml
+++ b/net-analyzer/suricata/metadata.xml
@@ -4,6 +4,10 @@
<maintainer type="person">
<email>slis@gentoo.org</email>
</maintainer>
+ <maintainer type="person">
+ <email>marecki@gentoo.org</email>
+ <name>Marek Szuba</name>
+ </maintainer>
<use>
<flag name="af-packet">Enable AF_PACKET support</flag>
<flag name="bpf">Enable support for eBPF (as well as XDP if supported by the kernel and the NIC driver)
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2019-09-08 19:25 Slawek Lis
0 siblings, 0 replies; 81+ messages in thread
From: Slawek Lis @ 2019-09-08 19:25 UTC (permalink / raw
To: gentoo-commits
commit: 31be0335f7697f18ac28a8364636f1b0c0635f44
Author: Slawomir Lis <slis <AT> gentoo <DOT> org>
AuthorDate: Sun Sep 8 19:20:10 2019 +0000
Commit: Slawek Lis <slis <AT> gentoo <DOT> org>
CommitDate: Sun Sep 8 19:24:42 2019 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=31be0335
net-analyzer/suricata: fixed installations warnings
Package-Manager: Portage-2.3.75, Repoman-2.3.17
Signed-off-by: Slawek Lis <slis <AT> gentoo.org>
net-analyzer/suricata/suricata-4.0.4.ebuild | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/suricata-4.0.4.ebuild b/net-analyzer/suricata/suricata-4.0.4.ebuild
index eea47cd01bd..98ed94d5b7d 100644
--- a/net-analyzer/suricata/suricata-4.0.4.ebuild
+++ b/net-analyzer/suricata/suricata-4.0.4.ebuild
@@ -48,6 +48,7 @@ pkg_setup() {
src_prepare() {
epatch "${FILESDIR}/${P}_configure-lua-flags.patch"
epatch "${FILESDIR}/${P}_sockios.patch"
+ sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am"
eautoreconf
}
@@ -125,8 +126,8 @@ src_install() {
doins rules/*.rules
fi
- dodir "/var/lib/${PN}"
- dodir "/var/log/${PN}"
+ keepdir "/var/lib/${PN}"
+ keepdir "/var/log/${PN}"
fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2018-06-11 14:04 Marek Szuba
0 siblings, 0 replies; 81+ messages in thread
From: Marek Szuba @ 2018-06-11 14:04 UTC (permalink / raw
To: gentoo-commits
commit: 5073a26b023b9b579b550c2d92fe949d9dbda2a5
Author: Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Mon Jun 11 14:03:15 2018 +0000
Commit: Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Mon Jun 11 14:04:06 2018 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5073a26b
net-analyzer/suricata: remove vulnerable 4.0.3
Bug: https://bugs.gentoo.org/647664
Package-Manager: Portage-2.3.40, Repoman-2.3.9
net-analyzer/suricata/Manifest | 1 -
net-analyzer/suricata/suricata-4.0.3.ebuild | 167 ----------------------------
2 files changed, 168 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index cc70d0f7283..fe67675774d 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1 @@
-DIST suricata-4.0.3.tar.gz 12392388 BLAKE2B 9b6338b343ff85f070d61608ff9dc7f25df868fdffbc13b5a8d245cb3db5cd757cb1785c827c388653b2f8a7977129259671900bc1abfebeb878a668b4058bdf SHA512 aa6b6d1ae86efad0184ba4fa06375f34334e07c22b7b1f82bf17fcb0ae48ad7f867bced57ab4f713de01583965e1260cb82e1355f78002071b689dddd3b53892
DIST suricata-4.0.4.tar.gz 12511121 BLAKE2B d9dfb00a45c2e9810409a8ce91a83e23ebce20eb28492bf24f9688d292b5805dca932c39cc673cf1148325fe5ef7936dda7f6c7819605753cb2e2ddc1cf5dba0 SHA512 6e158aa6d3edb9d11e0df3f986392ee2ae49ab4dfb978288ced4484dbe5c08ae061db2a566be6d22cf14bd0b88f87f9cb9c0a657d7fc44e099b8783d933c771e
diff --git a/net-analyzer/suricata/suricata-4.0.3.ebuild b/net-analyzer/suricata/suricata-4.0.3.ebuild
deleted file mode 100644
index 501a7c7a03a..00000000000
--- a/net-analyzer/suricata/suricata-4.0.3.ebuild
+++ /dev/null
@@ -1,167 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-
-inherit autotools eutils user
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="https://suricata-ids.org/"
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet control-socket cuda debug +detection geoip hardened logrotate lua luajit nflog +nfqueue redis +rules test"
-
-DEPEND="
- >=dev-libs/jansson-2.2
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- >=net-libs/libhtp-0.5.20
- net-libs/libpcap
- sys-apps/file
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/geoip )
- lua? ( dev-lang/lua:* )
- luajit? ( dev-lang/luajit:* )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue? ( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis )
- logrotate? ( app-admin/logrotate )
- sys-libs/libcap-ng
-"
-# #446814
-# prelude? ( dev-libs/libprelude )
-# pfring? ( sys-process/numactl net-libs/pf_ring)
-RDEPEND="${DEPEND}"
-
-pkg_setup() {
- enewgroup ${PN}
- enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
-}
-
-src_prepare() {
- eautoreconf
-}
-
-src_configure() {
- local myeconfargs=(
- "--localstatedir=/var/" \
- "--enable-non-bundled-htp" \
- $(use_enable af-packet) \
- $(use_enable detection) \
- $(use_enable nfqueue) \
- $(use_enable test coccinelle) \
- $(use_enable test unittests) \
- $(use_enable control-socket unix-socket)
- )
-
- if use cuda ; then
- myeconfargs+=( $(use_enable cuda) )
- fi
- if use geoip ; then
- myeconfargs+=( $(use_enable geoip) )
- fi
- if use hardened ; then
- myeconfargs+=( $(use_enable hardened gccprotect) )
- fi
- if use nflog ; then
- myeconfargs+=( $(use_enable nflog) )
- fi
- if use redis ; then
- myeconfargs+=( $(use_enable redis hiredis) )
- fi
- # not supported yet (no pfring in portage)
-# if use pfring ; then
-# myeconfargs+=( $(use_enable pfring) )
-# fi
- # no libprelude in portage
-# if use prelude ; theng
-# myeconfargs+=( $(use_enable prelude) )
-# fi
- if use lua ; then
- myeconfargs+=( $(use_enable lua) )
- fi
- if use luajit ; then
- myeconfargs+=( $(use_enable luajit) )
- fi
- if (use !lua) && (use !luajit) ; then
- myeconfargs+=(
- --disable-lua
- --disable-luajit
- )
- fi
-
-# this should be used when pf_ring use flag support will be added
-# LIBS+="-lrt -lnuma"
-
- # avoid upstream configure script trying to add -march=native to CFLAGS
- myeconfargs+=( --enable-gccmarch-native=no )
-
- if use debug ; then
- myeconfargs+=( $(use_enable debug) )
- # so we can get a backtrace according to "reporting bugs" on upstream web site
- CFLAGS="-ggdb -O0" econf LIBS="${LIBS}" ${myeconfargs[@]}
- else
- econf LIBS="${LIBS}" ${myeconfargs[@]}
- fi
-}
-
-src_install() {
- emake DESTDIR="${D}" install
-
- insinto "/etc/${PN}"
- doins {classification,reference,threshold}.config suricata.yaml
-
- if use rules ; then
- insinto "/etc/${PN}/rules"
- doins rules/*.rules
- fi
-
- dodir "/var/lib/${PN}"
- dodir "/var/log/${PN}"
-
- fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
-
- newinitd "${FILESDIR}/${P}-init" ${PN}
- newconfd "${FILESDIR}/${P}-conf" ${PN}
-
- if use logrotate; then
- insopts -m0644
- insinto /etc/logrotate.d
- newins "${FILESDIR}"/${PN}-logrotate ${PN}
- fi
-}
-
-pkg_postinst() {
- elog "The ${PN} init script expects to find the path to the configuration"
- elog "file as well as extra options in /etc/conf.d."
- elog ""
- elog "To create more than one ${PN} service, simply create a new .yaml file for it"
- elog "then create a symlink to the init script from a link called"
- elog "${PN}.foo - like so"
- elog " cd /etc/${PN}"
- elog " ${EDITOR##*/} suricata-foo.yaml"
- elog " cd /etc/init.d"
- elog " ln -s ${PN} ${PN}.foo"
- elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
- elog ""
- elog "You can create as many ${PN}.foo* services as you wish."
-
- if use logrotate; then
- elog "You enabled the logrotate USE flag. Please make sure you correctly set up the ${PN} logrotate config file in /etc/logrotate.d/."
- fi
-
- if use debug; then
- elog "You enabled the debug USE flag. Please read this link to report bugs upstream:"
- elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
- elog "You need to also ensure the FEATURES variable in make.conf contains the"
- elog "'nostrip' option to produce useful core dumps or back traces."
- fi
-}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2018-06-03 13:49 Aaron Bauman
0 siblings, 0 replies; 81+ messages in thread
From: Aaron Bauman @ 2018-06-03 13:49 UTC (permalink / raw
To: gentoo-commits
commit: 0cd38eeec9f055befc5e16d1b714252905eb387c
Author: Michael Mair-Keimberger <m.mairkeimberger <AT> gmail <DOT> com>
AuthorDate: Sun Jun 3 09:27:21 2018 +0000
Commit: Aaron Bauman <bman <AT> gentoo <DOT> org>
CommitDate: Sun Jun 3 13:48:19 2018 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0cd38eee
net-analyzer/suricata: use HTTPs
net-analyzer/suricata/suricata-4.0.3.ebuild | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/suricata-4.0.3.ebuild b/net-analyzer/suricata/suricata-4.0.3.ebuild
index 19c4e17ebb2..501a7c7a03a 100644
--- a/net-analyzer/suricata/suricata-4.0.3.ebuild
+++ b/net-analyzer/suricata/suricata-4.0.3.ebuild
@@ -6,8 +6,8 @@ EAPI=5
inherit autotools eutils user
DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="http://suricata-ids.org/"
-SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz"
+HOMEPAGE="https://suricata-ids.org/"
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
LICENSE="GPL-2"
SLOT="0"
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2018-05-11 7:43 Slawek Lis
0 siblings, 0 replies; 81+ messages in thread
From: Slawek Lis @ 2018-05-11 7:43 UTC (permalink / raw
To: gentoo-commits
commit: 2e6b7a4b972c110a62877daf862231eb99c08c1f
Author: Slawomir Lis <slis <AT> gentoo <DOT> org>
AuthorDate: Fri May 11 07:40:16 2018 +0000
Commit: Slawek Lis <slis <AT> gentoo <DOT> org>
CommitDate: Fri May 11 07:43:27 2018 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2e6b7a4b
net-analyzer/suricata: fixed problems with compilation
Fixed problems with compilation using lua and luajit
Package-Manager: Portage-2.3.36, Repoman-2.3.9
net-analyzer/suricata/suricata-4.0.3.ebuild | 19 +++++++++----------
1 file changed, 9 insertions(+), 10 deletions(-)
diff --git a/net-analyzer/suricata/suricata-4.0.3.ebuild b/net-analyzer/suricata/suricata-4.0.3.ebuild
index e501c9c775b..19c4e17ebb2 100644
--- a/net-analyzer/suricata/suricata-4.0.3.ebuild
+++ b/net-analyzer/suricata/suricata-4.0.3.ebuild
@@ -27,10 +27,8 @@ DEPEND="
sys-apps/file
cuda? ( dev-util/nvidia-cuda-toolkit )
geoip? ( dev-libs/geoip )
- lua? (
- !luajit? ( dev-lang/lua:* )
- luajit? ( dev-lang/luajit:* )
- )
+ lua? ( dev-lang/lua:* )
+ luajit? ( dev-lang/luajit:* )
nflog? ( net-libs/libnetfilter_log )
nfqueue? ( net-libs/libnetfilter_queue )
redis? ( dev-libs/hiredis )
@@ -83,15 +81,16 @@ src_configure() {
# myeconfargs+=( $(use_enable pfring) )
# fi
# no libprelude in portage
-# if use prelude ; then
+# if use prelude ; theng
# myeconfargs+=( $(use_enable prelude) )
# fi
if use lua ; then
- myeconfargs+=(
- $(use_enable !luajit lua)
- $(use_enable luajit)
- )
- else
+ myeconfargs+=( $(use_enable lua) )
+ fi
+ if use luajit ; then
+ myeconfargs+=( $(use_enable luajit) )
+ fi
+ if (use !lua) && (use !luajit) ; then
myeconfargs+=(
--disable-lua
--disable-luajit
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2018-03-26 19:33 Michał Górny
0 siblings, 0 replies; 81+ messages in thread
From: Michał Górny @ 2018-03-26 19:33 UTC (permalink / raw
To: gentoo-commits
commit: d4e40e0eb9740bbeec133addc8ccfff64cde699b
Author: Michał Górny <mgorny <AT> gentoo <DOT> org>
AuthorDate: Mon Feb 26 22:17:25 2018 +0000
Commit: Michał Górny <mgorny <AT> gentoo <DOT> org>
CommitDate: Mon Mar 26 19:33:10 2018 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d4e40e0e
net-analyzer/suricata: [QA] Use standard meaning of USE=luajit
Fix the package to use standard meaning for USE=luajit instead of making
it exclusive with USE=lua.
net-analyzer/suricata/metadata.xml | 1 -
net-analyzer/suricata/suricata-4.0.3.ebuild | 21 +++++++++++++--------
2 files changed, 13 insertions(+), 9 deletions(-)
diff --git a/net-analyzer/suricata/metadata.xml b/net-analyzer/suricata/metadata.xml
index 58878c64f05..0afee5625d1 100644
--- a/net-analyzer/suricata/metadata.xml
+++ b/net-analyzer/suricata/metadata.xml
@@ -9,7 +9,6 @@
<flag name="control-socket">Enable unix socket</flag>
<flag name="cuda">Enable NVIDIA Cuda computations support</flag>
<flag name="detection">Enable detection modules</flag>
- <flag name="luajit">Enable Luajit support</flag>
<flag name="nflog">Enable libnetfilter_log support</flag>
<flag name="nfqueue">Enable NFQUEUE support for inline IDP</flag>
<flag name="redis">Enable Redis support</flag>
diff --git a/net-analyzer/suricata/suricata-4.0.3.ebuild b/net-analyzer/suricata/suricata-4.0.3.ebuild
index 604eae665be..e501c9c775b 100644
--- a/net-analyzer/suricata/suricata-4.0.3.ebuild
+++ b/net-analyzer/suricata/suricata-4.0.3.ebuild
@@ -14,8 +14,6 @@ SLOT="0"
KEYWORDS="~amd64 ~x86"
IUSE="+af-packet control-socket cuda debug +detection geoip hardened logrotate lua luajit nflog +nfqueue redis +rules test"
-REQUIRED_USE="lua? ( !luajit )"
-
DEPEND="
>=dev-libs/jansson-2.2
dev-libs/libpcre
@@ -29,8 +27,10 @@ DEPEND="
sys-apps/file
cuda? ( dev-util/nvidia-cuda-toolkit )
geoip? ( dev-libs/geoip )
- lua? ( dev-lang/lua:* )
- luajit? ( dev-lang/luajit:* )
+ lua? (
+ !luajit? ( dev-lang/lua:* )
+ luajit? ( dev-lang/luajit:* )
+ )
nflog? ( net-libs/libnetfilter_log )
nfqueue? ( net-libs/libnetfilter_queue )
redis? ( dev-libs/hiredis )
@@ -87,10 +87,15 @@ src_configure() {
# myeconfargs+=( $(use_enable prelude) )
# fi
if use lua ; then
- myeconfargs+=( $(use_enable lua) )
- fi
- if use luajit ; then
- myeconfargs+=( $(use_enable luajit) )
+ myeconfargs+=(
+ $(use_enable !luajit lua)
+ $(use_enable luajit)
+ )
+ else
+ myeconfargs+=(
+ --disable-lua
+ --disable-luajit
+ )
fi
# this should be used when pf_ring use flag support will be added
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2018-01-24 7:00 Slawek Lis
0 siblings, 0 replies; 81+ messages in thread
From: Slawek Lis @ 2018-01-24 7:00 UTC (permalink / raw
To: gentoo-commits
commit: 9a69b3e675e006bd67b9a95d7cc043982b0c253a
Author: Slawomir Lis <slis <AT> gentoo <DOT> org>
AuthorDate: Wed Jan 24 07:00:02 2018 +0000
Commit: Slawek Lis <slis <AT> gentoo <DOT> org>
CommitDate: Wed Jan 24 07:00:02 2018 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9a69b3e6
net-analyzer/suricata: removed old version
To fix vulnerability reported in bug https://bugs.gentoo.org/635662
Dropped versions: 2.0.11, 3.0.1, 3.1.3, 3.2-r1, 3.2.1, 3.2
Package-Manager: Portage-2.3.20, Repoman-2.3.6
net-analyzer/suricata/Manifest | 5 -
net-analyzer/suricata/suricata-2.0.11.ebuild | 116 -------------------
net-analyzer/suricata/suricata-3.0.1.ebuild | 112 ------------------
net-analyzer/suricata/suricata-3.1.3.ebuild | 116 -------------------
net-analyzer/suricata/suricata-3.2-r1.ebuild | 163 ---------------------------
net-analyzer/suricata/suricata-3.2.1.ebuild | 161 --------------------------
net-analyzer/suricata/suricata-3.2.ebuild | 147 ------------------------
7 files changed, 820 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 3115c23a894..b3ab446f9d9 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,6 +1 @@
-DIST suricata-2.0.11.tar.gz 3091124 BLAKE2B 5cc99982d2041f0fd405ae1aee01c3955f8780a49148b64cd98061f60dbba9ced5d56e57247883480dfb06f587b231c4527eb59052d9e4c1341a8dafe6f20b90 SHA512 659e893fef3cdcca8440f2af7596d5cc58b142d3350b9ea5ba57d855c6759a00adafeb15a1dfe91dd55eca1437487eb4e842b4e2913d12417f0b906ca3d54ec9
-DIST suricata-3.0.1.tar.gz 3315637 BLAKE2B f92e8f4b9708b265eda2476dbedaaa3a5c417561befc4d4c0bca15669545f07cd681a6e4e60f9290c97072dffb9ced473ca5fbbd4250d1df002353f1de87b759 SHA512 cd10f5b19dd7b6ccbed668263b54d93738842191e71391b040aa7fc2049ac597feb38cd333f07b15d30ebeaf778f6abe18b72215e609891608dca094531c7fd8
-DIST suricata-3.1.3.tar.gz 3340627 BLAKE2B 6dff61a876591485fc32053912abfe8ec2ac23ff40ed63e4140d3c494adbf83b7310afae67f0b2c552f45c6ec9ed02db94635b3d90e4ac74e3da8de3a611f65b SHA512 d29c2c4344d52ba3d8c5ed4331a35b512e323c9a13a73e3039df6406d8c6389d05e3b311db6b561125c12dfbea67b121afbdecb7f0a5cb0594cf339b492726fb
-DIST suricata-3.2.1.tar.gz 11754332 BLAKE2B 1f72f9460c363aa86933a7105f0267d89e5b7e11db8668d30f2e84a545856cc53e4edc403f434533271697fc73d45fbd9ea2ce2cc4f07c245ba0724e3d0cae60 SHA512 6b0e5565368a085f059f62c9862364a9fcd970158b17671a25bcbed9b3ef8fcf857b1760a6d186ebe3227dde45070bc69a8b0d0bfd341f39a4d42ef93d12f290
-DIST suricata-3.2.tar.gz 11732080 BLAKE2B e5315edc7fb42792f165ebc6b43b3bef8ca8151857305adb6ac1cd2bbf93f5f679ac9762ac48836bf94dfdfc820e4dc7fdcaa73a2b609e3128524f39cd24c741 SHA512 327f5a62449af44f6cb95220e1ff9bf61b51db7bd25f2b1e8def3e8650ba754304cf9d02fc30b46b6cbaa6b5f94fa3d4be90edb8a293ff3b6c0927b596a2976e
DIST suricata-4.0.3.tar.gz 12392388 BLAKE2B 9b6338b343ff85f070d61608ff9dc7f25df868fdffbc13b5a8d245cb3db5cd757cb1785c827c388653b2f8a7977129259671900bc1abfebeb878a668b4058bdf SHA512 aa6b6d1ae86efad0184ba4fa06375f34334e07c22b7b1f82bf17fcb0ae48ad7f867bced57ab4f713de01583965e1260cb82e1355f78002071b689dddd3b53892
diff --git a/net-analyzer/suricata/suricata-2.0.11.ebuild b/net-analyzer/suricata/suricata-2.0.11.ebuild
deleted file mode 100644
index cebe46b654e..00000000000
--- a/net-analyzer/suricata/suricata-2.0.11.ebuild
+++ /dev/null
@@ -1,116 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-
-inherit autotools eutils user
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="http://suricata-ids.org/"
-SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet control-socket cuda debug +detection geoip hardened lua luajit nflog +nfqueue +rules test"
-
-DEPEND="
- >=dev-libs/jansson-2.2
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- >=net-libs/libhtp-0.5.18
- net-libs/libpcap
- sys-apps/file
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/geoip )
- lua? ( dev-lang/lua:* )
- luajit? ( dev-lang/luajit:* )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue? ( net-libs/libnetfilter_queue )
-"
-# #446814
-# prelude? ( dev-libs/libprelude )
-# pfring? ( sys-process/numactl net-libs/pf_ring)
-RDEPEND="${DEPEND}"
-
-pkg_setup() {
- enewgroup ${PN}
- enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
-}
-
-src_prepare() {
- epatch "${FILESDIR}/fortify_source-numeric.patch"
- epatch "${FILESDIR}/magic-location.patch"
- epatch "${FILESDIR}/json.patch"
-
- eautoreconf
-}
-
-src_configure() {
- local myeconfargs=(
- "--localstatedir=/var/" \
- "--enable-non-bundled-htp" \
- $(use_enable af-packet) \
- $(use_enable detection) \
- $(use_enable nfqueue) \
- $(use_enable test coccinelle) \
- $(use_enable test unittests) \
- $(use_enable control-socket unix-socket)
- )
-
- if use cuda ; then
- myeconfargs+=( $(use_enable cuda) )
- fi
- if use debug ; then
- myeconfargs+=( $(use_enable debug) )
- fi
- if use geoip ; then
- myeconfargs+=( $(use_enable geoip) )
- fi
- if use hardened ; then
- myeconfargs+=( $(use_enable hardened gccprotect) )
- fi
- if use nflog ; then
- myeconfargs+=( $(use_enable nflog) )
- fi
- # not supported yet (no pfring in portage)
-# if use pfring ; then
-# myeconfargs+=( $(use_enable pfring) )
-# fi
- # no libprelude in portage
-# if use prelude ; then
-# myeconfargs+=( $(use_enable prelude) )
-# fi
- if use lua ; then
- myeconfargs+=( $(use_enable lua) )
- fi
- if use luajit ; then
- myeconfargs+=( $(use_enable luajit) )
- fi
-
-# this should be used when pf_ring use flag support will be added
-# LIBS+="-lrt -lnuma"
-
- econf LIBS="${LIBS}" ${myeconfargs[@]}
-}
-
-src_install() {
- emake DESTDIR="${D}" install
-
- insinto "/etc/${PN}"
- doins {classification,reference,threshold}.config suricata.yaml
-
- if use rules ; then
- insinto "/etc/${PN}/rules"
- doins rules/*.rules
- fi
-
- dodir "/var/lib/${PN}"
- dodir "/var/log/${PN}"
- fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
-}
diff --git a/net-analyzer/suricata/suricata-3.0.1.ebuild b/net-analyzer/suricata/suricata-3.0.1.ebuild
deleted file mode 100644
index 90010bf2a04..00000000000
--- a/net-analyzer/suricata/suricata-3.0.1.ebuild
+++ /dev/null
@@ -1,112 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-
-inherit autotools eutils user
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="http://suricata-ids.org/"
-SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet control-socket cuda debug +detection geoip hardened lua luajit nflog +nfqueue +rules test"
-
-DEPEND="
- >=dev-libs/jansson-2.2
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- >=net-libs/libhtp-0.5.18
- net-libs/libpcap
- sys-apps/file
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/geoip )
- lua? ( dev-lang/lua:* )
- luajit? ( dev-lang/luajit:* )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue? ( net-libs/libnetfilter_queue )
-"
-# #446814
-# prelude? ( dev-libs/libprelude )
-# pfring? ( sys-process/numactl net-libs/pf_ring)
-RDEPEND="${DEPEND}"
-
-pkg_setup() {
- enewgroup ${PN}
- enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
-}
-
-src_prepare() {
- eautoreconf
-}
-
-src_configure() {
- local myeconfargs=(
- "--localstatedir=/var/" \
- "--enable-non-bundled-htp" \
- $(use_enable af-packet) \
- $(use_enable detection) \
- $(use_enable nfqueue) \
- $(use_enable test coccinelle) \
- $(use_enable test unittests) \
- $(use_enable control-socket unix-socket)
- )
-
- if use cuda ; then
- myeconfargs+=( $(use_enable cuda) )
- fi
- if use debug ; then
- myeconfargs+=( $(use_enable debug) )
- fi
- if use geoip ; then
- myeconfargs+=( $(use_enable geoip) )
- fi
- if use hardened ; then
- myeconfargs+=( $(use_enable hardened gccprotect) )
- fi
- if use nflog ; then
- myeconfargs+=( $(use_enable nflog) )
- fi
- # not supported yet (no pfring in portage)
-# if use pfring ; then
-# myeconfargs+=( $(use_enable pfring) )
-# fi
- # no libprelude in portage
-# if use prelude ; then
-# myeconfargs+=( $(use_enable prelude) )
-# fi
- if use lua ; then
- myeconfargs+=( $(use_enable lua) )
- fi
- if use luajit ; then
- myeconfargs+=( $(use_enable luajit) )
- fi
-
-# this should be used when pf_ring use flag support will be added
-# LIBS+="-lrt -lnuma"
-
- econf LIBS="${LIBS}" ${myeconfargs[@]}
-}
-
-src_install() {
- emake DESTDIR="${D}" install
-
- insinto "/etc/${PN}"
- doins {classification,reference,threshold}.config suricata.yaml
-
- if use rules ; then
- insinto "/etc/${PN}/rules"
- doins rules/*.rules
- fi
-
- dodir "/var/lib/${PN}"
- dodir "/var/log/${PN}"
- fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
-}
diff --git a/net-analyzer/suricata/suricata-3.1.3.ebuild b/net-analyzer/suricata/suricata-3.1.3.ebuild
deleted file mode 100644
index 5b883f9be78..00000000000
--- a/net-analyzer/suricata/suricata-3.1.3.ebuild
+++ /dev/null
@@ -1,116 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-
-inherit autotools eutils user
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="http://suricata-ids.org/"
-SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet control-socket cuda debug +detection geoip hardened lua luajit nflog +nfqueue redis +rules test"
-
-DEPEND="
- >=dev-libs/jansson-2.2
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- >=net-libs/libhtp-0.5.20
- net-libs/libpcap
- sys-apps/file
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/geoip )
- lua? ( dev-lang/lua:* )
- luajit? ( dev-lang/luajit:* )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue? ( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis )
-"
-# #446814
-# prelude? ( dev-libs/libprelude )
-# pfring? ( sys-process/numactl net-libs/pf_ring)
-RDEPEND="${DEPEND}"
-
-pkg_setup() {
- enewgroup ${PN}
- enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
-}
-
-src_prepare() {
- eautoreconf
-}
-
-src_configure() {
- local myeconfargs=(
- "--localstatedir=/var/" \
- "--enable-non-bundled-htp" \
- $(use_enable af-packet) \
- $(use_enable detection) \
- $(use_enable nfqueue) \
- $(use_enable test coccinelle) \
- $(use_enable test unittests) \
- $(use_enable control-socket unix-socket)
- )
-
- if use cuda ; then
- myeconfargs+=( $(use_enable cuda) )
- fi
- if use debug ; then
- myeconfargs+=( $(use_enable debug) )
- fi
- if use geoip ; then
- myeconfargs+=( $(use_enable geoip) )
- fi
- if use hardened ; then
- myeconfargs+=( $(use_enable hardened gccprotect) )
- fi
- if use nflog ; then
- myeconfargs+=( $(use_enable nflog) )
- fi
- if use redis ; then
- myeconfargs+=( $(use_enable redis hiredis) )
- fi
- # not supported yet (no pfring in portage)
-# if use pfring ; then
-# myeconfargs+=( $(use_enable pfring) )
-# fi
- # no libprelude in portage
-# if use prelude ; then
-# myeconfargs+=( $(use_enable prelude) )
-# fi
- if use lua ; then
- myeconfargs+=( $(use_enable lua) )
- fi
- if use luajit ; then
- myeconfargs+=( $(use_enable luajit) )
- fi
-
-# this should be used when pf_ring use flag support will be added
-# LIBS+="-lrt -lnuma"
-
- econf LIBS="${LIBS}" ${myeconfargs[@]}
-}
-
-src_install() {
- emake DESTDIR="${D}" install
-
- insinto "/etc/${PN}"
- doins {classification,reference,threshold}.config suricata.yaml
-
- if use rules ; then
- insinto "/etc/${PN}/rules"
- doins rules/*.rules
- fi
-
- dodir "/var/lib/${PN}"
- dodir "/var/log/${PN}"
- fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
-}
diff --git a/net-analyzer/suricata/suricata-3.2-r1.ebuild b/net-analyzer/suricata/suricata-3.2-r1.ebuild
deleted file mode 100644
index f6aa21dbcc4..00000000000
--- a/net-analyzer/suricata/suricata-3.2-r1.ebuild
+++ /dev/null
@@ -1,163 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-
-inherit autotools eutils user
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="http://suricata-ids.org/"
-SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet control-socket cuda debug +detection geoip hardened logrotate lua luajit nflog +nfqueue redis +rules test"
-
-REQUIRED_USE="lua? ( !luajit )"
-
-DEPEND="
- >=dev-libs/jansson-2.2
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- >=net-libs/libhtp-0.5.20
- net-libs/libpcap
- sys-apps/file
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/geoip )
- lua? ( dev-lang/lua:* )
- luajit? ( dev-lang/luajit:* )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue? ( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis )
- logrotate? ( app-admin/logrotate )
- sys-libs/libcap-ng
-"
-# #446814
-# prelude? ( dev-libs/libprelude )
-# pfring? ( sys-process/numactl net-libs/pf_ring)
-RDEPEND="${DEPEND}"
-
-pkg_setup() {
- enewgroup ${PN}
- enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
-}
-
-src_prepare() {
- eautoreconf
-}
-
-src_configure() {
- local myeconfargs=(
- "--localstatedir=/var/" \
- "--enable-non-bundled-htp" \
- $(use_enable af-packet) \
- $(use_enable detection) \
- $(use_enable nfqueue) \
- $(use_enable test coccinelle) \
- $(use_enable test unittests) \
- $(use_enable control-socket unix-socket)
- )
-
- if use cuda ; then
- myeconfargs+=( $(use_enable cuda) )
- fi
- if use geoip ; then
- myeconfargs+=( $(use_enable geoip) )
- fi
- if use hardened ; then
- myeconfargs+=( $(use_enable hardened gccprotect) )
- fi
- if use nflog ; then
- myeconfargs+=( $(use_enable nflog) )
- fi
- if use redis ; then
- myeconfargs+=( $(use_enable redis hiredis) )
- fi
- # not supported yet (no pfring in portage)
-# if use pfring ; then
-# myeconfargs+=( $(use_enable pfring) )
-# fi
- # no libprelude in portage
-# if use prelude ; then
-# myeconfargs+=( $(use_enable prelude) )
-# fi
- if use lua ; then
- myeconfargs+=( $(use_enable lua) )
- fi
- if use luajit ; then
- myeconfargs+=( $(use_enable luajit) )
- fi
-
-# this should be used when pf_ring use flag support will be added
-# LIBS+="-lrt -lnuma"
-
- # avoid upstream configure script trying to add -march=native to CFLAGS
- myeconfargs+=( --enable-gccmarch-native=no )
-
- if use debug ; then
- myeconfargs+=( $(use_enable debug) )
- # so we can get a backtrace according to "reporting bugs" on upstream web site
- CFLAGS="-ggdb -O0" econf LIBS="${LIBS}" ${myeconfargs[@]}
- else
- econf LIBS="${LIBS}" ${myeconfargs[@]}
- fi
-}
-
-src_install() {
- emake DESTDIR="${D}" install
-
- insinto "/etc/${PN}"
- doins {classification,reference,threshold}.config suricata.yaml
-
- if use rules ; then
- insinto "/etc/${PN}/rules"
- doins rules/*.rules
- fi
-
- dodir "/var/lib/${PN}"
- dodir "/var/log/${PN}"
-
- fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
-
- newinitd "${FILESDIR}/${P}-init" ${PN}
- newconfd "${FILESDIR}/${P}-conf" ${PN}
-
- if use logrotate; then
- insopts -m0644
- insinto /etc/logrotate.d
- newins "${FILESDIR}"/${PN}-logrotate ${PN}
- fi
-}
-
-pkg_postinst() {
- elog "The ${PN} init script expects to find the path to the configuration"
- elog "file as well as extra options in /etc/conf.d."
- elog ""
- elog "To create more than one ${PN} service, simply create a new .yaml file for it"
- elog "then create a symlink to the init script from a link called"
- elog "${PN}.foo - like so"
- elog " cd /etc/${PN}"
- elog " ${EDITOR##*/} suricata-foo.yaml"
- elog " cd /etc/init.d"
- elog " ln -s ${PN} ${PN}.foo"
- elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
- elog ""
- elog "You can create as many ${PN}.foo* services as you wish."
-
- if use logrotate; then
- elog "You enabled the logrotate USE flag. Please make sure you correctly set up the ${PN} logrotate config file in /etc/logrotate.d/."
- fi
-
- if use debug; then
- elog "You enabled the debug USE flag. Please read this link to report bugs upstream:"
- elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
- elog "You need to also ensure the FEATURES variable in make.conf contains the"
- elog "'nostrip' option to produce useful core dumps or back traces."
- fi
-}
diff --git a/net-analyzer/suricata/suricata-3.2.1.ebuild b/net-analyzer/suricata/suricata-3.2.1.ebuild
deleted file mode 100644
index 419c56ac26d..00000000000
--- a/net-analyzer/suricata/suricata-3.2.1.ebuild
+++ /dev/null
@@ -1,161 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-
-inherit autotools eutils user
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="http://suricata-ids.org/"
-SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet control-socket cuda debug +detection geoip hardened logrotate lua luajit nflog +nfqueue redis +rules test"
-
-DEPEND="
- >=dev-libs/jansson-2.2
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- >=net-libs/libhtp-0.5.20
- net-libs/libpcap
- sys-apps/file
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/geoip )
- lua? ( dev-lang/lua:* )
- luajit? ( dev-lang/luajit:* )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue? ( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis )
- logrotate? ( app-admin/logrotate )
- sys-libs/libcap-ng
-"
-# #446814
-# prelude? ( dev-libs/libprelude )
-# pfring? ( sys-process/numactl net-libs/pf_ring)
-RDEPEND="${DEPEND}"
-
-pkg_setup() {
- enewgroup ${PN}
- enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
-}
-
-src_prepare() {
- eautoreconf
-}
-
-src_configure() {
- local myeconfargs=(
- "--localstatedir=/var/" \
- "--enable-non-bundled-htp" \
- $(use_enable af-packet) \
- $(use_enable detection) \
- $(use_enable nfqueue) \
- $(use_enable test coccinelle) \
- $(use_enable test unittests) \
- $(use_enable control-socket unix-socket)
- )
-
- if use cuda ; then
- myeconfargs+=( $(use_enable cuda) )
- fi
- if use geoip ; then
- myeconfargs+=( $(use_enable geoip) )
- fi
- if use hardened ; then
- myeconfargs+=( $(use_enable hardened gccprotect) )
- fi
- if use nflog ; then
- myeconfargs+=( $(use_enable nflog) )
- fi
- if use redis ; then
- myeconfargs+=( $(use_enable redis hiredis) )
- fi
- # not supported yet (no pfring in portage)
-# if use pfring ; then
-# myeconfargs+=( $(use_enable pfring) )
-# fi
- # no libprelude in portage
-# if use prelude ; then
-# myeconfargs+=( $(use_enable prelude) )
-# fi
- if use lua ; then
- myeconfargs+=( $(use_enable lua) )
- fi
- if use luajit ; then
- myeconfargs+=( $(use_enable luajit) )
- fi
-
-# this should be used when pf_ring use flag support will be added
-# LIBS+="-lrt -lnuma"
-
- # avoid upstream configure script trying to add -march=native to CFLAGS
- myeconfargs+=( --enable-gccmarch-native=no )
-
- if use debug ; then
- myeconfargs+=( $(use_enable debug) )
- # so we can get a backtrace according to "reporting bugs" on upstream web site
- CFLAGS="-ggdb -O0" econf LIBS="${LIBS}" ${myeconfargs[@]}
- else
- econf LIBS="${LIBS}" ${myeconfargs[@]}
- fi
-}
-
-src_install() {
- emake DESTDIR="${D}" install
-
- insinto "/etc/${PN}"
- doins {classification,reference,threshold}.config suricata.yaml
-
- if use rules ; then
- insinto "/etc/${PN}/rules"
- doins rules/*.rules
- fi
-
- dodir "/var/lib/${PN}"
- dodir "/var/log/${PN}"
-
- fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
-
- newinitd "${FILESDIR}/${P}-init" ${PN}
- newconfd "${FILESDIR}/${P}-conf" ${PN}
-
- if use logrotate; then
- insopts -m0644
- insinto /etc/logrotate.d
- newins "${FILESDIR}"/${PN}-logrotate ${PN}
- fi
-}
-
-pkg_postinst() {
- elog "The ${PN} init script expects to find the path to the configuration"
- elog "file as well as extra options in /etc/conf.d."
- elog ""
- elog "To create more than one ${PN} service, simply create a new .yaml file for it"
- elog "then create a symlink to the init script from a link called"
- elog "${PN}.foo - like so"
- elog " cd /etc/${PN}"
- elog " ${EDITOR##*/} suricata-foo.yaml"
- elog " cd /etc/init.d"
- elog " ln -s ${PN} ${PN}.foo"
- elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
- elog ""
- elog "You can create as many ${PN}.foo* services as you wish."
-
- if use logrotate; then
- elog "You enabled the logrotate USE flag. Please make sure you correctly set up the ${PN} logrotate config file in /etc/logrotate.d/."
- fi
-
- if use debug; then
- elog "You enabled the debug USE flag. Please read this link to report bugs upstream:"
- elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
- elog "You need to also ensure the FEATURES variable in make.conf contains the"
- elog "'nostrip' option to produce useful core dumps or back traces."
- fi
-}
diff --git a/net-analyzer/suricata/suricata-3.2.ebuild b/net-analyzer/suricata/suricata-3.2.ebuild
deleted file mode 100644
index a8763bf9ff8..00000000000
--- a/net-analyzer/suricata/suricata-3.2.ebuild
+++ /dev/null
@@ -1,147 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-
-inherit autotools eutils user
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="http://suricata-ids.org/"
-SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet control-socket cuda debug +detection geoip hardened lua luajit nflog +nfqueue redis +rules test"
-
-DEPEND="
- >=dev-libs/jansson-2.2
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- >=net-libs/libhtp-0.5.20
- net-libs/libpcap
- sys-apps/file
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/geoip )
- lua? ( dev-lang/lua:* )
- luajit? ( dev-lang/luajit:* )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue? ( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis )
-"
-# #446814
-# prelude? ( dev-libs/libprelude )
-# pfring? ( sys-process/numactl net-libs/pf_ring)
-RDEPEND="${DEPEND}"
-
-pkg_setup() {
- enewgroup ${PN}
- enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
-}
-
-src_prepare() {
- eautoreconf
-}
-
-src_configure() {
- local myeconfargs=(
- "--localstatedir=/var/" \
- "--enable-non-bundled-htp" \
- $(use_enable af-packet) \
- $(use_enable detection) \
- $(use_enable nfqueue) \
- $(use_enable test coccinelle) \
- $(use_enable test unittests) \
- $(use_enable control-socket unix-socket)
- )
-
- if use cuda ; then
- myeconfargs+=( $(use_enable cuda) )
- fi
- if use geoip ; then
- myeconfargs+=( $(use_enable geoip) )
- fi
- if use hardened ; then
- myeconfargs+=( $(use_enable hardened gccprotect) )
- fi
- if use nflog ; then
- myeconfargs+=( $(use_enable nflog) )
- fi
- if use redis ; then
- myeconfargs+=( $(use_enable redis hiredis) )
- fi
- # not supported yet (no pfring in portage)
-# if use pfring ; then
-# myeconfargs+=( $(use_enable pfring) )
-# fi
- # no libprelude in portage
-# if use prelude ; then
-# myeconfargs+=( $(use_enable prelude) )
-# fi
- if use lua ; then
- myeconfargs+=( $(use_enable lua) )
- fi
- if use luajit ; then
- myeconfargs+=( $(use_enable luajit) )
- fi
-
-# this should be used when pf_ring use flag support will be added
-# LIBS+="-lrt -lnuma"
-
- # avoid upstream configure script trying to add -march=native to CFLAGS
- myeconfargs+=( --enable-gccmarch-native=no )
-
- if use debug ; then
- myeconfargs+=( $(use_enable debug) )
- # so we can get a backtrace according to "reporting bugs" on upstream web site
- CFLAGS="-ggdb -O0" econf LIBS="${LIBS}" ${myeconfargs[@]}
- else
- econf LIBS="${LIBS}" ${myeconfargs[@]}
- fi
-}
-
-src_install() {
- emake DESTDIR="${D}" install
-
- insinto "/etc/${PN}"
- doins {classification,reference,threshold}.config suricata.yaml
-
- if use rules ; then
- insinto "/etc/${PN}/rules"
- doins rules/*.rules
- fi
-
- dodir "/var/lib/${PN}"
- dodir "/var/log/${PN}"
-
- fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
-
- newinitd "${FILESDIR}/${P}-init" ${PN}
- newconfd "${FILESDIR}/${P}-conf" ${PN}
-}
-
-pkg_postinst() {
- elog "The ${PN} init script expects to find the path to the configuration"
- elog "file as well as extra options in /etc/conf.d"
- elog ""
- elog "To create more than one ${PN} service, simply create a new .yaml file for it"
- elog "then create a symlink to the init script from a link called"
- elog "${PN}.foo - like so"
- elog " cd /etc/${PN}"
- elog " ${EDITOR##*/} suricata-foo.yaml"
- elog " cd /etc/init.d"
- elog " ln -s ${PN} ${PN}.foo"
- elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
- elog ""
- elog "You can create as many ${PN}.foo* services as you wish."
-
- if use debug; then
- elog "You enabled the debug USE flag. Please read this link to report bugs upstream:"
- elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
- fi
-}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2018-01-23 9:15 Slawek Lis
0 siblings, 0 replies; 81+ messages in thread
From: Slawek Lis @ 2018-01-23 9:15 UTC (permalink / raw
To: gentoo-commits
commit: 78745195e87a1b2b6698d6600d74da6932ebcadd
Author: Slawomir Lis <slis <AT> gentoo <DOT> org>
AuthorDate: Tue Jan 23 09:15:07 2018 +0000
Commit: Slawek Lis <slis <AT> gentoo <DOT> org>
CommitDate: Tue Jan 23 09:15:19 2018 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=78745195
net-analyzer/suricata: version bump to 4.0.3
This should fix security problems reported in https://bugs.gentoo.org/635662
Package-Manager: Portage-2.3.20, Repoman-2.3.6
net-analyzer/suricata/Manifest | 1 +
net-analyzer/suricata/suricata-4.0.3.ebuild | 163 ++++++++++++++++++++++++++++
2 files changed, 164 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index dee7b9c1e63..3115c23a894 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -3,3 +3,4 @@ DIST suricata-3.0.1.tar.gz 3315637 BLAKE2B f92e8f4b9708b265eda2476dbedaaa3a5c417
DIST suricata-3.1.3.tar.gz 3340627 BLAKE2B 6dff61a876591485fc32053912abfe8ec2ac23ff40ed63e4140d3c494adbf83b7310afae67f0b2c552f45c6ec9ed02db94635b3d90e4ac74e3da8de3a611f65b SHA512 d29c2c4344d52ba3d8c5ed4331a35b512e323c9a13a73e3039df6406d8c6389d05e3b311db6b561125c12dfbea67b121afbdecb7f0a5cb0594cf339b492726fb
DIST suricata-3.2.1.tar.gz 11754332 BLAKE2B 1f72f9460c363aa86933a7105f0267d89e5b7e11db8668d30f2e84a545856cc53e4edc403f434533271697fc73d45fbd9ea2ce2cc4f07c245ba0724e3d0cae60 SHA512 6b0e5565368a085f059f62c9862364a9fcd970158b17671a25bcbed9b3ef8fcf857b1760a6d186ebe3227dde45070bc69a8b0d0bfd341f39a4d42ef93d12f290
DIST suricata-3.2.tar.gz 11732080 BLAKE2B e5315edc7fb42792f165ebc6b43b3bef8ca8151857305adb6ac1cd2bbf93f5f679ac9762ac48836bf94dfdfc820e4dc7fdcaa73a2b609e3128524f39cd24c741 SHA512 327f5a62449af44f6cb95220e1ff9bf61b51db7bd25f2b1e8def3e8650ba754304cf9d02fc30b46b6cbaa6b5f94fa3d4be90edb8a293ff3b6c0927b596a2976e
+DIST suricata-4.0.3.tar.gz 12392388 BLAKE2B 9b6338b343ff85f070d61608ff9dc7f25df868fdffbc13b5a8d245cb3db5cd757cb1785c827c388653b2f8a7977129259671900bc1abfebeb878a668b4058bdf SHA512 aa6b6d1ae86efad0184ba4fa06375f34334e07c22b7b1f82bf17fcb0ae48ad7f867bced57ab4f713de01583965e1260cb82e1355f78002071b689dddd3b53892
diff --git a/net-analyzer/suricata/suricata-4.0.3.ebuild b/net-analyzer/suricata/suricata-4.0.3.ebuild
new file mode 100644
index 00000000000..604eae665be
--- /dev/null
+++ b/net-analyzer/suricata/suricata-4.0.3.ebuild
@@ -0,0 +1,163 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=5
+
+inherit autotools eutils user
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="http://suricata-ids.org/"
+SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet control-socket cuda debug +detection geoip hardened logrotate lua luajit nflog +nfqueue redis +rules test"
+
+REQUIRED_USE="lua? ( !luajit )"
+
+DEPEND="
+ >=dev-libs/jansson-2.2
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ >=net-libs/libhtp-0.5.20
+ net-libs/libpcap
+ sys-apps/file
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/geoip )
+ lua? ( dev-lang/lua:* )
+ luajit? ( dev-lang/luajit:* )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue? ( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis )
+ logrotate? ( app-admin/logrotate )
+ sys-libs/libcap-ng
+"
+# #446814
+# prelude? ( dev-libs/libprelude )
+# pfring? ( sys-process/numactl net-libs/pf_ring)
+RDEPEND="${DEPEND}"
+
+pkg_setup() {
+ enewgroup ${PN}
+ enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
+}
+
+src_prepare() {
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ "--localstatedir=/var/" \
+ "--enable-non-bundled-htp" \
+ $(use_enable af-packet) \
+ $(use_enable detection) \
+ $(use_enable nfqueue) \
+ $(use_enable test coccinelle) \
+ $(use_enable test unittests) \
+ $(use_enable control-socket unix-socket)
+ )
+
+ if use cuda ; then
+ myeconfargs+=( $(use_enable cuda) )
+ fi
+ if use geoip ; then
+ myeconfargs+=( $(use_enable geoip) )
+ fi
+ if use hardened ; then
+ myeconfargs+=( $(use_enable hardened gccprotect) )
+ fi
+ if use nflog ; then
+ myeconfargs+=( $(use_enable nflog) )
+ fi
+ if use redis ; then
+ myeconfargs+=( $(use_enable redis hiredis) )
+ fi
+ # not supported yet (no pfring in portage)
+# if use pfring ; then
+# myeconfargs+=( $(use_enable pfring) )
+# fi
+ # no libprelude in portage
+# if use prelude ; then
+# myeconfargs+=( $(use_enable prelude) )
+# fi
+ if use lua ; then
+ myeconfargs+=( $(use_enable lua) )
+ fi
+ if use luajit ; then
+ myeconfargs+=( $(use_enable luajit) )
+ fi
+
+# this should be used when pf_ring use flag support will be added
+# LIBS+="-lrt -lnuma"
+
+ # avoid upstream configure script trying to add -march=native to CFLAGS
+ myeconfargs+=( --enable-gccmarch-native=no )
+
+ if use debug ; then
+ myeconfargs+=( $(use_enable debug) )
+ # so we can get a backtrace according to "reporting bugs" on upstream web site
+ CFLAGS="-ggdb -O0" econf LIBS="${LIBS}" ${myeconfargs[@]}
+ else
+ econf LIBS="${LIBS}" ${myeconfargs[@]}
+ fi
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+
+ insinto "/etc/${PN}"
+ doins {classification,reference,threshold}.config suricata.yaml
+
+ if use rules ; then
+ insinto "/etc/${PN}/rules"
+ doins rules/*.rules
+ fi
+
+ dodir "/var/lib/${PN}"
+ dodir "/var/log/${PN}"
+
+ fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+
+ newinitd "${FILESDIR}/${P}-init" ${PN}
+ newconfd "${FILESDIR}/${P}-conf" ${PN}
+
+ if use logrotate; then
+ insopts -m0644
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}"/${PN}-logrotate ${PN}
+ fi
+}
+
+pkg_postinst() {
+ elog "The ${PN} init script expects to find the path to the configuration"
+ elog "file as well as extra options in /etc/conf.d."
+ elog ""
+ elog "To create more than one ${PN} service, simply create a new .yaml file for it"
+ elog "then create a symlink to the init script from a link called"
+ elog "${PN}.foo - like so"
+ elog " cd /etc/${PN}"
+ elog " ${EDITOR##*/} suricata-foo.yaml"
+ elog " cd /etc/init.d"
+ elog " ln -s ${PN} ${PN}.foo"
+ elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
+ elog ""
+ elog "You can create as many ${PN}.foo* services as you wish."
+
+ if use logrotate; then
+ elog "You enabled the logrotate USE flag. Please make sure you correctly set up the ${PN} logrotate config file in /etc/logrotate.d/."
+ fi
+
+ if use debug; then
+ elog "You enabled the debug USE flag. Please read this link to report bugs upstream:"
+ elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
+ elog "You need to also ensure the FEATURES variable in make.conf contains the"
+ elog "'nostrip' option to produce useful core dumps or back traces."
+ fi
+}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2017-07-24 8:30 Slawek Lis
0 siblings, 0 replies; 81+ messages in thread
From: Slawek Lis @ 2017-07-24 8:30 UTC (permalink / raw
To: gentoo-commits
commit: 8610c416bfc5e5fb30a1925c6d5dbbce5537baab
Author: Slawomir Lis <slis <AT> gentoo <DOT> org>
AuthorDate: Mon Jul 24 08:29:45 2017 +0000
Commit: Slawek Lis <slis <AT> gentoo <DOT> org>
CommitDate: Mon Jul 24 08:30:03 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8610c416
net-analyzer/suricata: Solved conflicting use flags
Use flags LUA and LUAJIT cannot be set at the same time.
Reported in bug 625814
Reported-By: deference <AT> null.net
Package-Manager: Portage-2.3.6, Repoman-2.3.3
net-analyzer/suricata/suricata-3.2-r1.ebuild | 2 ++
1 file changed, 2 insertions(+)
diff --git a/net-analyzer/suricata/suricata-3.2-r1.ebuild b/net-analyzer/suricata/suricata-3.2-r1.ebuild
index 419c56ac26d..f6aa21dbcc4 100644
--- a/net-analyzer/suricata/suricata-3.2-r1.ebuild
+++ b/net-analyzer/suricata/suricata-3.2-r1.ebuild
@@ -14,6 +14,8 @@ SLOT="0"
KEYWORDS="~amd64 ~x86"
IUSE="+af-packet control-socket cuda debug +detection geoip hardened logrotate lua luajit nflog +nfqueue redis +rules test"
+REQUIRED_USE="lua? ( !luajit )"
+
DEPEND="
>=dev-libs/jansson-2.2
dev-libs/libpcre
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2017-01-07 10:25 Slawek Lis
0 siblings, 0 replies; 81+ messages in thread
From: Slawek Lis @ 2017-01-07 10:25 UTC (permalink / raw
To: gentoo-commits
commit: cb5cefc064378a810126ac76a888ff668ae3015b
Author: Slawomir Lis <slis <AT> gentoo <DOT> org>
AuthorDate: Sat Jan 7 10:27:20 2017 +0000
Commit: Slawek Lis <slis <AT> gentoo <DOT> org>
CommitDate: Sat Jan 7 10:25:42 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cb5cefc0
net-analyzer/suricata: fixing error with logrotate file
As reported in bug 604904
Package-Manager: Portage-2.3.3, Repoman-2.3.1
net-analyzer/suricata/suricata-3.2-r1.ebuild | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/suricata-3.2-r1.ebuild b/net-analyzer/suricata/suricata-3.2-r1.ebuild
index 0d4739e..9d39b83 100644
--- a/net-analyzer/suricata/suricata-3.2-r1.ebuild
+++ b/net-analyzer/suricata/suricata-3.2-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2016 Gentoo Foundation
+# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$
@@ -130,7 +130,7 @@ src_install() {
if use logrotate; then
insopts -m0644
insinto /etc/logrotate.d
- newins "${FILESDIR}"/${PN}.logrotate ${PN}
+ newins "${FILESDIR}"/${PN}-logrotate ${PN}
fi
}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2016-12-28 13:25 Slawek Lis
0 siblings, 0 replies; 81+ messages in thread
From: Slawek Lis @ 2016-12-28 13:25 UTC (permalink / raw
To: gentoo-commits
commit: d6a9c58d4a29fb0fdb4e78e976a34cb0bd18f08d
Author: Slawomir Lis <slis <AT> gentoo <DOT> org>
AuthorDate: Wed Dec 28 13:25:09 2016 +0000
Commit: Slawek Lis <slis <AT> gentoo <DOT> org>
CommitDate: Wed Dec 28 13:25:36 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d6a9c58d
net-analyzer/suricata: postinst log message fix
Package-Manager: Portage-2.3.3, Repoman-2.3.1
net-analyzer/suricata/suricata-3.2-r1.ebuild | 2 ++
1 file changed, 2 insertions(+)
diff --git a/net-analyzer/suricata/suricata-3.2-r1.ebuild b/net-analyzer/suricata/suricata-3.2-r1.ebuild
index ee724a5..0d4739e 100644
--- a/net-analyzer/suricata/suricata-3.2-r1.ebuild
+++ b/net-analyzer/suricata/suricata-3.2-r1.ebuild
@@ -156,5 +156,7 @@ pkg_postinst() {
if use debug; then
elog "You enabled the debug USE flag. Please read this link to report bugs upstream:"
elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
+ elog "You need to also ensure the FEATURES variable in make.conf contains the"
+ elog "'nostrip' option to produce useful core dumps or back traces."
fi
}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2016-12-15 6:19 Slawek Lis
0 siblings, 0 replies; 81+ messages in thread
From: Slawek Lis @ 2016-12-15 6:19 UTC (permalink / raw
To: gentoo-commits
commit: 491ed86b850168f4910c3ab70d02ec8f161c54fb
Author: Slawomir Lis <slis <AT> gentoo <DOT> org>
AuthorDate: Thu Dec 15 06:19:29 2016 +0000
Commit: Slawek Lis <slis <AT> gentoo <DOT> org>
CommitDate: Thu Dec 15 06:19:29 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=491ed86b
net-analyzer/suricata: Drop old version
Dropped versions: 3.1 and 3.1.2
Package-Manager: Portage-2.3.3, Repoman-2.3.1
net-analyzer/suricata/Manifest | 2 -
net-analyzer/suricata/suricata-3.1.2.ebuild | 117 ----------------------------
net-analyzer/suricata/suricata-3.1.ebuild | 117 ----------------------------
3 files changed, 236 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 82918e3..4730f83 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,6 +1,4 @@
DIST suricata-2.0.11.tar.gz 3091124 SHA256 c607f1e18e5636830f42a83f7c67e1466f07db82853f3a9dba4ab8c6c3bc656e SHA512 659e893fef3cdcca8440f2af7596d5cc58b142d3350b9ea5ba57d855c6759a00adafeb15a1dfe91dd55eca1437487eb4e842b4e2913d12417f0b906ca3d54ec9 WHIRLPOOL 5cfa55abd90284a0a3441853af9db18075a23fa5661d89448b409b8fdd1031ad348d76d455b7dfe7b2688e69633f5bbb65dc060cc2426af017ab1bcb824c9ac5
DIST suricata-3.0.1.tar.gz 3315637 SHA256 74c685f8da51b3f038a7b8185bdbed274aca25daf64ac7ea01eea60636727f26 SHA512 cd10f5b19dd7b6ccbed668263b54d93738842191e71391b040aa7fc2049ac597feb38cd333f07b15d30ebeaf778f6abe18b72215e609891608dca094531c7fd8 WHIRLPOOL a1f6c8ee760cac9e3daa3358e89d30b4a24441fb975214ae2fe165fcb697b4292e035007323041febdc0d8f09b16666515aba76f60f1e437d865193db3deb25d
-DIST suricata-3.1.2.tar.gz 3338099 SHA256 f9e7742580849f202254e75d9fc245ba53f4d7490f47a6d30f02a7b10aacc512 SHA512 93332193d424b44a7bad5e49132b652a87bcfde3959ab8d0f8229ff41c7db63f49511899a709bb12431c57ded8ddbca8a596a83dde01f979154a4412ae2dc316 WHIRLPOOL 369c5ac924f64bbc79d9233912b3b6b66424b02f6b2af721c19e571d23465ca3f9d6ee2ada15499bb29abe987788a4a59f0a8dd7145a14055b12bf22cb40a9fd
DIST suricata-3.1.3.tar.gz 3340627 SHA256 bd89c269e29b03a8898ccabccfb7fcab11c1aa036444772e117705f3b37b4174 SHA512 d29c2c4344d52ba3d8c5ed4331a35b512e323c9a13a73e3039df6406d8c6389d05e3b311db6b561125c12dfbea67b121afbdecb7f0a5cb0594cf339b492726fb WHIRLPOOL 720f668480bfa05e7e6c32bb63f09af6d38e46b909ab4d0d9879cd069436215eb3b4bb1778147de82344b6879a1b3e04da0af2e14084bb1b74472ecc727c4ebe
-DIST suricata-3.1.tar.gz 3327181 SHA256 a05aa534166495a4d9ea6104a936bc8edb49376aeb3ba0b1b2a4d9687d016669 SHA512 64483951136f064ed3ad0e01276ac633e53aed511d5517b67d6ab2b81e7c2af436dcece7f8a2576c741cd79d19176da622775ff580f2f0cf747fd134ddcfd352 WHIRLPOOL 39a79626ab496789676a39f62cf2c6cfdfc592d0d04add63f711d7487364fcdd54be63d73b0529b39a5ef9aa30dadaf5ae5af57ff51cf65d9ecfd2ea5f2451ff
DIST suricata-3.2.tar.gz 11732080 SHA256 41cbe19c6fd6bd51ebcbc29063f558e2fbba4a2450e5809fee2e461f16a4ed68 SHA512 327f5a62449af44f6cb95220e1ff9bf61b51db7bd25f2b1e8def3e8650ba754304cf9d02fc30b46b6cbaa6b5f94fa3d4be90edb8a293ff3b6c0927b596a2976e WHIRLPOOL b6d4c2c08e34da2b4dee4087831a0a9dcad836737489e2599938d74b74c624e455d0f1299ef7c4e70df038ac13dcd29344c2117b44310f8dc42d9f0fad0c3e15
diff --git a/net-analyzer/suricata/suricata-3.1.2.ebuild b/net-analyzer/suricata/suricata-3.1.2.ebuild
deleted file mode 100644
index 7c185aa..00000000
--- a/net-analyzer/suricata/suricata-3.1.2.ebuild
+++ /dev/null
@@ -1,117 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=5
-
-inherit autotools eutils user
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="http://suricata-ids.org/"
-SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet control-socket cuda debug +detection geoip hardened lua luajit nflog +nfqueue redis +rules test"
-
-DEPEND="
- >=dev-libs/jansson-2.2
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- >=net-libs/libhtp-0.5.20
- net-libs/libpcap
- sys-apps/file
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/geoip )
- lua? ( dev-lang/lua:* )
- luajit? ( dev-lang/luajit:* )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue? ( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis )
-"
-# #446814
-# prelude? ( dev-libs/libprelude )
-# pfring? ( sys-process/numactl net-libs/pf_ring)
-RDEPEND="${DEPEND}"
-
-pkg_setup() {
- enewgroup ${PN}
- enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
-}
-
-src_prepare() {
- eautoreconf
-}
-
-src_configure() {
- local myeconfargs=(
- "--localstatedir=/var/" \
- "--enable-non-bundled-htp" \
- $(use_enable af-packet) \
- $(use_enable detection) \
- $(use_enable nfqueue) \
- $(use_enable test coccinelle) \
- $(use_enable test unittests) \
- $(use_enable control-socket unix-socket)
- )
-
- if use cuda ; then
- myeconfargs+=( $(use_enable cuda) )
- fi
- if use debug ; then
- myeconfargs+=( $(use_enable debug) )
- fi
- if use geoip ; then
- myeconfargs+=( $(use_enable geoip) )
- fi
- if use hardened ; then
- myeconfargs+=( $(use_enable hardened gccprotect) )
- fi
- if use nflog ; then
- myeconfargs+=( $(use_enable nflog) )
- fi
- if use redis ; then
- myeconfargs+=( $(use_enable redis hiredis) )
- fi
- # not supported yet (no pfring in portage)
-# if use pfring ; then
-# myeconfargs+=( $(use_enable pfring) )
-# fi
- # no libprelude in portage
-# if use prelude ; then
-# myeconfargs+=( $(use_enable prelude) )
-# fi
- if use lua ; then
- myeconfargs+=( $(use_enable lua) )
- fi
- if use luajit ; then
- myeconfargs+=( $(use_enable luajit) )
- fi
-
-# this should be used when pf_ring use flag support will be added
-# LIBS+="-lrt -lnuma"
-
- econf LIBS="${LIBS}" ${myeconfargs[@]}
-}
-
-src_install() {
- emake DESTDIR="${D}" install
-
- insinto "/etc/${PN}"
- doins {classification,reference,threshold}.config suricata.yaml
-
- if use rules ; then
- insinto "/etc/${PN}/rules"
- doins rules/*.rules
- fi
-
- dodir "/var/lib/${PN}"
- dodir "/var/log/${PN}"
- fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
-}
diff --git a/net-analyzer/suricata/suricata-3.1.ebuild b/net-analyzer/suricata/suricata-3.1.ebuild
deleted file mode 100644
index 4e48aa6..00000000
--- a/net-analyzer/suricata/suricata-3.1.ebuild
+++ /dev/null
@@ -1,117 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=5
-
-inherit autotools eutils user
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="http://suricata-ids.org/"
-SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet control-socket cuda debug +detection geoip hardened lua luajit nflog +nfqueue redis +rules test"
-
-DEPEND="
- >=dev-libs/jansson-2.2
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- >=net-libs/libhtp-0.5.18
- net-libs/libpcap
- sys-apps/file
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/geoip )
- lua? ( dev-lang/lua:* )
- luajit? ( dev-lang/luajit:* )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue? ( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis )
-"
-# #446814
-# prelude? ( dev-libs/libprelude )
-# pfring? ( sys-process/numactl net-libs/pf_ring)
-RDEPEND="${DEPEND}"
-
-pkg_setup() {
- enewgroup ${PN}
- enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
-}
-
-src_prepare() {
- eautoreconf
-}
-
-src_configure() {
- local myeconfargs=(
- "--localstatedir=/var/" \
- "--enable-non-bundled-htp" \
- $(use_enable af-packet) \
- $(use_enable detection) \
- $(use_enable nfqueue) \
- $(use_enable test coccinelle) \
- $(use_enable test unittests) \
- $(use_enable control-socket unix-socket)
- )
-
- if use cuda ; then
- myeconfargs+=( $(use_enable cuda) )
- fi
- if use debug ; then
- myeconfargs+=( $(use_enable debug) )
- fi
- if use geoip ; then
- myeconfargs+=( $(use_enable geoip) )
- fi
- if use hardened ; then
- myeconfargs+=( $(use_enable hardened gccprotect) )
- fi
- if use nflog ; then
- myeconfargs+=( $(use_enable nflog) )
- fi
- if use redis ; then
- myeconfargs+=( $(use_enable redis hiredis) )
- fi
- # not supported yet (no pfring in portage)
-# if use pfring ; then
-# myeconfargs+=( $(use_enable pfring) )
-# fi
- # no libprelude in portage
-# if use prelude ; then
-# myeconfargs+=( $(use_enable prelude) )
-# fi
- if use lua ; then
- myeconfargs+=( $(use_enable lua) )
- fi
- if use luajit ; then
- myeconfargs+=( $(use_enable luajit) )
- fi
-
-# this should be used when pf_ring use flag support will be added
-# LIBS+="-lrt -lnuma"
-
- econf LIBS="${LIBS}" ${myeconfargs[@]}
-}
-
-src_install() {
- emake DESTDIR="${D}" install
-
- insinto "/etc/${PN}"
- doins {classification,reference,threshold}.config suricata.yaml
-
- if use rules ; then
- insinto "/etc/${PN}/rules"
- doins rules/*.rules
- fi
-
- dodir "/var/lib/${PN}"
- dodir "/var/log/${PN}"
- fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
-}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2016-11-29 12:05 Slawek Lis
0 siblings, 0 replies; 81+ messages in thread
From: Slawek Lis @ 2016-11-29 12:05 UTC (permalink / raw
To: gentoo-commits
commit: 33c8fa9c802e00a7df75ebb081855b13e4556a5d
Author: Slawomir Lis <slis <AT> gentoo <DOT> org>
AuthorDate: Tue Nov 29 11:55:19 2016 +0000
Commit: Slawek Lis <slis <AT> gentoo <DOT> org>
CommitDate: Tue Nov 29 12:08:26 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=33c8fa9c
net-analyzer/suricata: version bump to 3.1.3
Package-Manager: portage-2.3.2
net-analyzer/suricata/Manifest | 1 +
net-analyzer/suricata/suricata-3.1.3.ebuild | 117 ++++++++++++++++++++++++++++
2 files changed, 118 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 5f6def5..a2dfaa8 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,4 +1,5 @@
DIST suricata-2.0.11.tar.gz 3091124 SHA256 c607f1e18e5636830f42a83f7c67e1466f07db82853f3a9dba4ab8c6c3bc656e SHA512 659e893fef3cdcca8440f2af7596d5cc58b142d3350b9ea5ba57d855c6759a00adafeb15a1dfe91dd55eca1437487eb4e842b4e2913d12417f0b906ca3d54ec9 WHIRLPOOL 5cfa55abd90284a0a3441853af9db18075a23fa5661d89448b409b8fdd1031ad348d76d455b7dfe7b2688e69633f5bbb65dc060cc2426af017ab1bcb824c9ac5
DIST suricata-3.0.1.tar.gz 3315637 SHA256 74c685f8da51b3f038a7b8185bdbed274aca25daf64ac7ea01eea60636727f26 SHA512 cd10f5b19dd7b6ccbed668263b54d93738842191e71391b040aa7fc2049ac597feb38cd333f07b15d30ebeaf778f6abe18b72215e609891608dca094531c7fd8 WHIRLPOOL a1f6c8ee760cac9e3daa3358e89d30b4a24441fb975214ae2fe165fcb697b4292e035007323041febdc0d8f09b16666515aba76f60f1e437d865193db3deb25d
DIST suricata-3.1.2.tar.gz 3338099 SHA256 f9e7742580849f202254e75d9fc245ba53f4d7490f47a6d30f02a7b10aacc512 SHA512 93332193d424b44a7bad5e49132b652a87bcfde3959ab8d0f8229ff41c7db63f49511899a709bb12431c57ded8ddbca8a596a83dde01f979154a4412ae2dc316 WHIRLPOOL 369c5ac924f64bbc79d9233912b3b6b66424b02f6b2af721c19e571d23465ca3f9d6ee2ada15499bb29abe987788a4a59f0a8dd7145a14055b12bf22cb40a9fd
+DIST suricata-3.1.3.tar.gz 3340627 SHA256 bd89c269e29b03a8898ccabccfb7fcab11c1aa036444772e117705f3b37b4174 SHA512 d29c2c4344d52ba3d8c5ed4331a35b512e323c9a13a73e3039df6406d8c6389d05e3b311db6b561125c12dfbea67b121afbdecb7f0a5cb0594cf339b492726fb WHIRLPOOL 720f668480bfa05e7e6c32bb63f09af6d38e46b909ab4d0d9879cd069436215eb3b4bb1778147de82344b6879a1b3e04da0af2e14084bb1b74472ecc727c4ebe
DIST suricata-3.1.tar.gz 3327181 SHA256 a05aa534166495a4d9ea6104a936bc8edb49376aeb3ba0b1b2a4d9687d016669 SHA512 64483951136f064ed3ad0e01276ac633e53aed511d5517b67d6ab2b81e7c2af436dcece7f8a2576c741cd79d19176da622775ff580f2f0cf747fd134ddcfd352 WHIRLPOOL 39a79626ab496789676a39f62cf2c6cfdfc592d0d04add63f711d7487364fcdd54be63d73b0529b39a5ef9aa30dadaf5ae5af57ff51cf65d9ecfd2ea5f2451ff
diff --git a/net-analyzer/suricata/suricata-3.1.3.ebuild b/net-analyzer/suricata/suricata-3.1.3.ebuild
new file mode 100644
index 00000000..7c185aa
--- /dev/null
+++ b/net-analyzer/suricata/suricata-3.1.3.ebuild
@@ -0,0 +1,117 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+inherit autotools eutils user
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="http://suricata-ids.org/"
+SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet control-socket cuda debug +detection geoip hardened lua luajit nflog +nfqueue redis +rules test"
+
+DEPEND="
+ >=dev-libs/jansson-2.2
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ >=net-libs/libhtp-0.5.20
+ net-libs/libpcap
+ sys-apps/file
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/geoip )
+ lua? ( dev-lang/lua:* )
+ luajit? ( dev-lang/luajit:* )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue? ( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis )
+"
+# #446814
+# prelude? ( dev-libs/libprelude )
+# pfring? ( sys-process/numactl net-libs/pf_ring)
+RDEPEND="${DEPEND}"
+
+pkg_setup() {
+ enewgroup ${PN}
+ enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
+}
+
+src_prepare() {
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ "--localstatedir=/var/" \
+ "--enable-non-bundled-htp" \
+ $(use_enable af-packet) \
+ $(use_enable detection) \
+ $(use_enable nfqueue) \
+ $(use_enable test coccinelle) \
+ $(use_enable test unittests) \
+ $(use_enable control-socket unix-socket)
+ )
+
+ if use cuda ; then
+ myeconfargs+=( $(use_enable cuda) )
+ fi
+ if use debug ; then
+ myeconfargs+=( $(use_enable debug) )
+ fi
+ if use geoip ; then
+ myeconfargs+=( $(use_enable geoip) )
+ fi
+ if use hardened ; then
+ myeconfargs+=( $(use_enable hardened gccprotect) )
+ fi
+ if use nflog ; then
+ myeconfargs+=( $(use_enable nflog) )
+ fi
+ if use redis ; then
+ myeconfargs+=( $(use_enable redis hiredis) )
+ fi
+ # not supported yet (no pfring in portage)
+# if use pfring ; then
+# myeconfargs+=( $(use_enable pfring) )
+# fi
+ # no libprelude in portage
+# if use prelude ; then
+# myeconfargs+=( $(use_enable prelude) )
+# fi
+ if use lua ; then
+ myeconfargs+=( $(use_enable lua) )
+ fi
+ if use luajit ; then
+ myeconfargs+=( $(use_enable luajit) )
+ fi
+
+# this should be used when pf_ring use flag support will be added
+# LIBS+="-lrt -lnuma"
+
+ econf LIBS="${LIBS}" ${myeconfargs[@]}
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+
+ insinto "/etc/${PN}"
+ doins {classification,reference,threshold}.config suricata.yaml
+
+ if use rules ; then
+ insinto "/etc/${PN}/rules"
+ doins rules/*.rules
+ fi
+
+ dodir "/var/lib/${PN}"
+ dodir "/var/log/${PN}"
+ fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2016-10-10 19:08 Slawek Lis
0 siblings, 0 replies; 81+ messages in thread
From: Slawek Lis @ 2016-10-10 19:08 UTC (permalink / raw
To: gentoo-commits
commit: 63c4cea6d979218082106aa79b88a98b3013c1be
Author: Slawomir Lis <slis <AT> gentoo <DOT> org>
AuthorDate: Mon Oct 10 19:08:30 2016 +0000
Commit: Slawek Lis <slis <AT> gentoo <DOT> org>
CommitDate: Mon Oct 10 19:08:50 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=63c4cea6
net-analyzer/suricata: version bump to 3.1.2
This update is needed and resolves #587786
Reported in #595524
Reported-By: bgo <bgo <AT> 9dt.de>
Package-Manager: portage-2.3.1
net-analyzer/suricata/Manifest | 1 +
net-analyzer/suricata/suricata-3.1.2.ebuild | 117 ++++++++++++++++++++++++++++
2 files changed, 118 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 1d5b46a..5f6def5 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,3 +1,4 @@
DIST suricata-2.0.11.tar.gz 3091124 SHA256 c607f1e18e5636830f42a83f7c67e1466f07db82853f3a9dba4ab8c6c3bc656e SHA512 659e893fef3cdcca8440f2af7596d5cc58b142d3350b9ea5ba57d855c6759a00adafeb15a1dfe91dd55eca1437487eb4e842b4e2913d12417f0b906ca3d54ec9 WHIRLPOOL 5cfa55abd90284a0a3441853af9db18075a23fa5661d89448b409b8fdd1031ad348d76d455b7dfe7b2688e69633f5bbb65dc060cc2426af017ab1bcb824c9ac5
DIST suricata-3.0.1.tar.gz 3315637 SHA256 74c685f8da51b3f038a7b8185bdbed274aca25daf64ac7ea01eea60636727f26 SHA512 cd10f5b19dd7b6ccbed668263b54d93738842191e71391b040aa7fc2049ac597feb38cd333f07b15d30ebeaf778f6abe18b72215e609891608dca094531c7fd8 WHIRLPOOL a1f6c8ee760cac9e3daa3358e89d30b4a24441fb975214ae2fe165fcb697b4292e035007323041febdc0d8f09b16666515aba76f60f1e437d865193db3deb25d
+DIST suricata-3.1.2.tar.gz 3338099 SHA256 f9e7742580849f202254e75d9fc245ba53f4d7490f47a6d30f02a7b10aacc512 SHA512 93332193d424b44a7bad5e49132b652a87bcfde3959ab8d0f8229ff41c7db63f49511899a709bb12431c57ded8ddbca8a596a83dde01f979154a4412ae2dc316 WHIRLPOOL 369c5ac924f64bbc79d9233912b3b6b66424b02f6b2af721c19e571d23465ca3f9d6ee2ada15499bb29abe987788a4a59f0a8dd7145a14055b12bf22cb40a9fd
DIST suricata-3.1.tar.gz 3327181 SHA256 a05aa534166495a4d9ea6104a936bc8edb49376aeb3ba0b1b2a4d9687d016669 SHA512 64483951136f064ed3ad0e01276ac633e53aed511d5517b67d6ab2b81e7c2af436dcece7f8a2576c741cd79d19176da622775ff580f2f0cf747fd134ddcfd352 WHIRLPOOL 39a79626ab496789676a39f62cf2c6cfdfc592d0d04add63f711d7487364fcdd54be63d73b0529b39a5ef9aa30dadaf5ae5af57ff51cf65d9ecfd2ea5f2451ff
diff --git a/net-analyzer/suricata/suricata-3.1.2.ebuild b/net-analyzer/suricata/suricata-3.1.2.ebuild
new file mode 100644
index 00000000..7c185aa
--- /dev/null
+++ b/net-analyzer/suricata/suricata-3.1.2.ebuild
@@ -0,0 +1,117 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+inherit autotools eutils user
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="http://suricata-ids.org/"
+SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet control-socket cuda debug +detection geoip hardened lua luajit nflog +nfqueue redis +rules test"
+
+DEPEND="
+ >=dev-libs/jansson-2.2
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ >=net-libs/libhtp-0.5.20
+ net-libs/libpcap
+ sys-apps/file
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/geoip )
+ lua? ( dev-lang/lua:* )
+ luajit? ( dev-lang/luajit:* )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue? ( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis )
+"
+# #446814
+# prelude? ( dev-libs/libprelude )
+# pfring? ( sys-process/numactl net-libs/pf_ring)
+RDEPEND="${DEPEND}"
+
+pkg_setup() {
+ enewgroup ${PN}
+ enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
+}
+
+src_prepare() {
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ "--localstatedir=/var/" \
+ "--enable-non-bundled-htp" \
+ $(use_enable af-packet) \
+ $(use_enable detection) \
+ $(use_enable nfqueue) \
+ $(use_enable test coccinelle) \
+ $(use_enable test unittests) \
+ $(use_enable control-socket unix-socket)
+ )
+
+ if use cuda ; then
+ myeconfargs+=( $(use_enable cuda) )
+ fi
+ if use debug ; then
+ myeconfargs+=( $(use_enable debug) )
+ fi
+ if use geoip ; then
+ myeconfargs+=( $(use_enable geoip) )
+ fi
+ if use hardened ; then
+ myeconfargs+=( $(use_enable hardened gccprotect) )
+ fi
+ if use nflog ; then
+ myeconfargs+=( $(use_enable nflog) )
+ fi
+ if use redis ; then
+ myeconfargs+=( $(use_enable redis hiredis) )
+ fi
+ # not supported yet (no pfring in portage)
+# if use pfring ; then
+# myeconfargs+=( $(use_enable pfring) )
+# fi
+ # no libprelude in portage
+# if use prelude ; then
+# myeconfargs+=( $(use_enable prelude) )
+# fi
+ if use lua ; then
+ myeconfargs+=( $(use_enable lua) )
+ fi
+ if use luajit ; then
+ myeconfargs+=( $(use_enable luajit) )
+ fi
+
+# this should be used when pf_ring use flag support will be added
+# LIBS+="-lrt -lnuma"
+
+ econf LIBS="${LIBS}" ${myeconfargs[@]}
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+
+ insinto "/etc/${PN}"
+ doins {classification,reference,threshold}.config suricata.yaml
+
+ if use rules ; then
+ insinto "/etc/${PN}/rules"
+ doins rules/*.rules
+ fi
+
+ dodir "/var/lib/${PN}"
+ dodir "/var/log/${PN}"
+ fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2016-06-30 19:03 Slawek Lis
0 siblings, 0 replies; 81+ messages in thread
From: Slawek Lis @ 2016-06-30 19:03 UTC (permalink / raw
To: gentoo-commits
commit: 38465c370adbf8ab2e69182c025a6faba0b05b4b
Author: Slawomir Lis <slis <AT> gentoo <DOT> org>
AuthorDate: Thu Jun 30 19:04:11 2016 +0000
Commit: Slawek Lis <slis <AT> gentoo <DOT> org>
CommitDate: Thu Jun 30 19:04:11 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=38465c37
fixed #587548
Package-Manager: portage-2.3.0_rc1
net-analyzer/suricata/suricata-3.1.ebuild | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/suricata-3.1.ebuild b/net-analyzer/suricata/suricata-3.1.ebuild
index 18a981c..4e48aa6 100644
--- a/net-analyzer/suricata/suricata-3.1.ebuild
+++ b/net-analyzer/suricata/suricata-3.1.ebuild
@@ -55,7 +55,6 @@ src_configure() {
$(use_enable af-packet) \
$(use_enable detection) \
$(use_enable nfqueue) \
- $(use_enable redis hiredis) \
$(use_enable test coccinelle) \
$(use_enable test unittests) \
$(use_enable control-socket unix-socket)
@@ -76,6 +75,9 @@ src_configure() {
if use nflog ; then
myeconfargs+=( $(use_enable nflog) )
fi
+ if use redis ; then
+ myeconfargs+=( $(use_enable redis hiredis) )
+ fi
# not supported yet (no pfring in portage)
# if use pfring ; then
# myeconfargs+=( $(use_enable pfring) )
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2016-06-29 6:44 Slawek Lis
0 siblings, 0 replies; 81+ messages in thread
From: Slawek Lis @ 2016-06-29 6:44 UTC (permalink / raw
To: gentoo-commits
commit: d98d97359da37602fb63290fcd14c78351150f1f
Author: Slawomir Lis <slis <AT> gentoo <DOT> org>
AuthorDate: Wed Jun 29 06:44:50 2016 +0000
Commit: Slawek Lis <slis <AT> gentoo <DOT> org>
CommitDate: Wed Jun 29 06:44:50 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d98d9735
version bump, metadata update
Package-Manager: portage-2.3.0_rc1
net-analyzer/suricata/Manifest | 1 +
net-analyzer/suricata/metadata.xml | 5 +-
net-analyzer/suricata/suricata-3.1.ebuild | 115 ++++++++++++++++++++++++++++++
3 files changed, 119 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index d82d007..1d5b46a 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,3 @@
DIST suricata-2.0.11.tar.gz 3091124 SHA256 c607f1e18e5636830f42a83f7c67e1466f07db82853f3a9dba4ab8c6c3bc656e SHA512 659e893fef3cdcca8440f2af7596d5cc58b142d3350b9ea5ba57d855c6759a00adafeb15a1dfe91dd55eca1437487eb4e842b4e2913d12417f0b906ca3d54ec9 WHIRLPOOL 5cfa55abd90284a0a3441853af9db18075a23fa5661d89448b409b8fdd1031ad348d76d455b7dfe7b2688e69633f5bbb65dc060cc2426af017ab1bcb824c9ac5
DIST suricata-3.0.1.tar.gz 3315637 SHA256 74c685f8da51b3f038a7b8185bdbed274aca25daf64ac7ea01eea60636727f26 SHA512 cd10f5b19dd7b6ccbed668263b54d93738842191e71391b040aa7fc2049ac597feb38cd333f07b15d30ebeaf778f6abe18b72215e609891608dca094531c7fd8 WHIRLPOOL a1f6c8ee760cac9e3daa3358e89d30b4a24441fb975214ae2fe165fcb697b4292e035007323041febdc0d8f09b16666515aba76f60f1e437d865193db3deb25d
+DIST suricata-3.1.tar.gz 3327181 SHA256 a05aa534166495a4d9ea6104a936bc8edb49376aeb3ba0b1b2a4d9687d016669 SHA512 64483951136f064ed3ad0e01276ac633e53aed511d5517b67d6ab2b81e7c2af436dcece7f8a2576c741cd79d19176da622775ff580f2f0cf747fd134ddcfd352 WHIRLPOOL 39a79626ab496789676a39f62cf2c6cfdfc592d0d04add63f711d7487364fcdd54be63d73b0529b39a5ef9aa30dadaf5ae5af57ff51cf65d9ecfd2ea5f2451ff
diff --git a/net-analyzer/suricata/metadata.xml b/net-analyzer/suricata/metadata.xml
index 0f80bed..e538ae1 100644
--- a/net-analyzer/suricata/metadata.xml
+++ b/net-analyzer/suricata/metadata.xml
@@ -11,7 +11,8 @@
<flag name="detection">Enable detection modules</flag>
<flag name="luajit">Enable Luajit support</flag>
<flag name="nflog">Enable libnetfilter_log support</flag>
- <flag name="nfqueue">Enable AF_PACKET support</flag>
- <flag name="rules">Enable AF_PACKET support</flag>
+ <flag name="nfqueue">Enable NFQUEUE support for inline IDP</flag>
+ <flag name="redis">Enable Redis support</flag>
+ <flag name="rules">Install default ruleset</flag>
</use>
</pkgmetadata>
diff --git a/net-analyzer/suricata/suricata-3.1.ebuild b/net-analyzer/suricata/suricata-3.1.ebuild
new file mode 100644
index 0000000..18a981c
--- /dev/null
+++ b/net-analyzer/suricata/suricata-3.1.ebuild
@@ -0,0 +1,115 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+inherit autotools eutils user
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="http://suricata-ids.org/"
+SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet control-socket cuda debug +detection geoip hardened lua luajit nflog +nfqueue redis +rules test"
+
+DEPEND="
+ >=dev-libs/jansson-2.2
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ >=net-libs/libhtp-0.5.18
+ net-libs/libpcap
+ sys-apps/file
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/geoip )
+ lua? ( dev-lang/lua:* )
+ luajit? ( dev-lang/luajit:* )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue? ( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis )
+"
+# #446814
+# prelude? ( dev-libs/libprelude )
+# pfring? ( sys-process/numactl net-libs/pf_ring)
+RDEPEND="${DEPEND}"
+
+pkg_setup() {
+ enewgroup ${PN}
+ enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
+}
+
+src_prepare() {
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ "--localstatedir=/var/" \
+ "--enable-non-bundled-htp" \
+ $(use_enable af-packet) \
+ $(use_enable detection) \
+ $(use_enable nfqueue) \
+ $(use_enable redis hiredis) \
+ $(use_enable test coccinelle) \
+ $(use_enable test unittests) \
+ $(use_enable control-socket unix-socket)
+ )
+
+ if use cuda ; then
+ myeconfargs+=( $(use_enable cuda) )
+ fi
+ if use debug ; then
+ myeconfargs+=( $(use_enable debug) )
+ fi
+ if use geoip ; then
+ myeconfargs+=( $(use_enable geoip) )
+ fi
+ if use hardened ; then
+ myeconfargs+=( $(use_enable hardened gccprotect) )
+ fi
+ if use nflog ; then
+ myeconfargs+=( $(use_enable nflog) )
+ fi
+ # not supported yet (no pfring in portage)
+# if use pfring ; then
+# myeconfargs+=( $(use_enable pfring) )
+# fi
+ # no libprelude in portage
+# if use prelude ; then
+# myeconfargs+=( $(use_enable prelude) )
+# fi
+ if use lua ; then
+ myeconfargs+=( $(use_enable lua) )
+ fi
+ if use luajit ; then
+ myeconfargs+=( $(use_enable luajit) )
+ fi
+
+# this should be used when pf_ring use flag support will be added
+# LIBS+="-lrt -lnuma"
+
+ econf LIBS="${LIBS}" ${myeconfargs[@]}
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+
+ insinto "/etc/${PN}"
+ doins {classification,reference,threshold}.config suricata.yaml
+
+ if use rules ; then
+ insinto "/etc/${PN}/rules"
+ doins rules/*.rules
+ fi
+
+ dodir "/var/lib/${PN}"
+ dodir "/var/log/${PN}"
+ fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2016-04-26 6:18 Slawek Lis
0 siblings, 0 replies; 81+ messages in thread
From: Slawek Lis @ 2016-04-26 6:18 UTC (permalink / raw
To: gentoo-commits
commit: 1746742cde4026dc3ae9b97b8aa1b722734798c1
Author: Slawomir Lis <slis <AT> gentoo <DOT> org>
AuthorDate: Tue Apr 26 06:18:38 2016 +0000
Commit: Slawek Lis <slis <AT> gentoo <DOT> org>
CommitDate: Tue Apr 26 06:18:38 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1746742c
version bump (#580824)
Package-Manager: portage-2.2.28
net-analyzer/suricata/Manifest | 1 +
net-analyzer/suricata/suricata-3.0.1.ebuild | 113 ++++++++++++++++++++++++++++
2 files changed, 114 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index cff1749..d82d007 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1 +1,2 @@
DIST suricata-2.0.11.tar.gz 3091124 SHA256 c607f1e18e5636830f42a83f7c67e1466f07db82853f3a9dba4ab8c6c3bc656e SHA512 659e893fef3cdcca8440f2af7596d5cc58b142d3350b9ea5ba57d855c6759a00adafeb15a1dfe91dd55eca1437487eb4e842b4e2913d12417f0b906ca3d54ec9 WHIRLPOOL 5cfa55abd90284a0a3441853af9db18075a23fa5661d89448b409b8fdd1031ad348d76d455b7dfe7b2688e69633f5bbb65dc060cc2426af017ab1bcb824c9ac5
+DIST suricata-3.0.1.tar.gz 3315637 SHA256 74c685f8da51b3f038a7b8185bdbed274aca25daf64ac7ea01eea60636727f26 SHA512 cd10f5b19dd7b6ccbed668263b54d93738842191e71391b040aa7fc2049ac597feb38cd333f07b15d30ebeaf778f6abe18b72215e609891608dca094531c7fd8 WHIRLPOOL a1f6c8ee760cac9e3daa3358e89d30b4a24441fb975214ae2fe165fcb697b4292e035007323041febdc0d8f09b16666515aba76f60f1e437d865193db3deb25d
diff --git a/net-analyzer/suricata/suricata-3.0.1.ebuild b/net-analyzer/suricata/suricata-3.0.1.ebuild
new file mode 100644
index 0000000..79c1aff
--- /dev/null
+++ b/net-analyzer/suricata/suricata-3.0.1.ebuild
@@ -0,0 +1,113 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+inherit autotools eutils user
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="http://suricata-ids.org/"
+SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet control-socket cuda debug +detection geoip hardened lua luajit nflog +nfqueue +rules test"
+
+DEPEND="
+ >=dev-libs/jansson-2.2
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ >=net-libs/libhtp-0.5.18
+ net-libs/libpcap
+ sys-apps/file
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/geoip )
+ lua? ( dev-lang/lua:* )
+ luajit? ( dev-lang/luajit:* )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue? ( net-libs/libnetfilter_queue )
+"
+# #446814
+# prelude? ( dev-libs/libprelude )
+# pfring? ( sys-process/numactl net-libs/pf_ring)
+RDEPEND="${DEPEND}"
+
+pkg_setup() {
+ enewgroup ${PN}
+ enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
+}
+
+src_prepare() {
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ "--localstatedir=/var/" \
+ "--enable-non-bundled-htp" \
+ $(use_enable af-packet) \
+ $(use_enable detection) \
+ $(use_enable nfqueue) \
+ $(use_enable test coccinelle) \
+ $(use_enable test unittests) \
+ $(use_enable control-socket unix-socket)
+ )
+
+ if use cuda ; then
+ myeconfargs+=( $(use_enable cuda) )
+ fi
+ if use debug ; then
+ myeconfargs+=( $(use_enable debug) )
+ fi
+ if use geoip ; then
+ myeconfargs+=( $(use_enable geoip) )
+ fi
+ if use hardened ; then
+ myeconfargs+=( $(use_enable hardened gccprotect) )
+ fi
+ if use nflog ; then
+ myeconfargs+=( $(use_enable nflog) )
+ fi
+ # not supported yet (no pfring in portage)
+# if use pfring ; then
+# myeconfargs+=( $(use_enable pfring) )
+# fi
+ # no libprelude in portage
+# if use prelude ; then
+# myeconfargs+=( $(use_enable prelude) )
+# fi
+ if use lua ; then
+ myeconfargs+=( $(use_enable lua) )
+ fi
+ if use luajit ; then
+ myeconfargs+=( $(use_enable luajit) )
+ fi
+
+# this should be used when pf_ring use flag support will be added
+# LIBS+="-lrt -lnuma"
+
+ econf LIBS="${LIBS}" ${myeconfargs[@]}
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+
+ insinto "/etc/${PN}"
+ doins {classification,reference,threshold}.config suricata.yaml
+
+ if use rules ; then
+ insinto "/etc/${PN}/rules"
+ doins rules/*.rules
+ fi
+
+ dodir "/var/lib/${PN}"
+ dodir "/var/log/${PN}"
+ fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2016-02-19 20:19 Slawek Lis
0 siblings, 0 replies; 81+ messages in thread
From: Slawek Lis @ 2016-02-19 20:19 UTC (permalink / raw
To: gentoo-commits
commit: b78db6c8dcc6826a4f544e7269faec38f90dcd49
Author: Slawomir Lis <slis <AT> gentoo <DOT> org>
AuthorDate: Fri Feb 19 20:23:50 2016 +0000
Commit: Slawek Lis <slis <AT> gentoo <DOT> org>
CommitDate: Fri Feb 19 20:23:50 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b78db6c8
useflag to use libhtp instead of bundled one (#575144)
Package-Manager: portage-2.2.27
net-analyzer/suricata/metadata.xml | 1 +
net-analyzer/suricata/suricata-2.0.11.ebuild | 13 ++++++-------
2 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/net-analyzer/suricata/metadata.xml b/net-analyzer/suricata/metadata.xml
index 0f80bed..517666e 100644
--- a/net-analyzer/suricata/metadata.xml
+++ b/net-analyzer/suricata/metadata.xml
@@ -13,5 +13,6 @@
<flag name="nflog">Enable libnetfilter_log support</flag>
<flag name="nfqueue">Enable AF_PACKET support</flag>
<flag name="rules">Enable AF_PACKET support</flag>
+ <flag name="system-htp">Use net-libs/libhtp instead of bundled one</flag>
</use>
</pkgmetadata>
diff --git a/net-analyzer/suricata/suricata-2.0.11.ebuild b/net-analyzer/suricata/suricata-2.0.11.ebuild
index 250c663..0323836 100644
--- a/net-analyzer/suricata/suricata-2.0.11.ebuild
+++ b/net-analyzer/suricata/suricata-2.0.11.ebuild
@@ -13,7 +13,7 @@ SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet control-socket cuda debug +detection geoip hardened lua luajit nflog +nfqueue +rules test"
+IUSE="+af-packet control-socket cuda debug +detection geoip hardened lua luajit nflog +nfqueue +rules system-htp test"
DEPEND="
>=dev-libs/jansson-2.2
@@ -31,11 +31,11 @@ DEPEND="
luajit? ( dev-lang/luajit:* )
nflog? ( net-libs/libnetfilter_log )
nfqueue? ( net-libs/libnetfilter_queue )
+ system-htp? ( >=net-libs/libhtp-0.5.18 )
"
# #446814
# prelude? ( dev-libs/libprelude )
# pfring? ( sys-process/numactl net-libs/pf_ring)
-# system-htp? ( >=net-analyzer/htp-0.5.5 )
RDEPEND="${DEPEND}"
pkg_setup() {
@@ -85,10 +85,9 @@ src_configure() {
# if use prelude ; then
# myeconfargs+=( $(use_enable prelude) )
# fi
- # htp not added into portage yet
-# if use system-htp ; then
-# myeconfargs+=( $(use_enable system-htp non-bundled-htp) )
-# fi
+ if use system-htp ; then
+ myeconfargs+=( $(use_enable system-htp non-bundled-htp) )
+ fi
if use lua ; then
myeconfargs+=( $(use_enable lua) )
fi
@@ -117,4 +116,4 @@ src_install() {
dodir "/var/log/${PN}"
fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
-}
\ No newline at end of file
+}
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2016-02-19 5:59 Slawek Lis
0 siblings, 0 replies; 81+ messages in thread
From: Slawek Lis @ 2016-02-19 5:59 UTC (permalink / raw
To: gentoo-commits
commit: c5a4a175ab4fa5eb7cba1ced681b8cf3a9e95e4c
Author: Slawomir Lis <slis <AT> gentoo <DOT> org>
AuthorDate: Fri Feb 19 06:03:53 2016 +0000
Commit: Slawek Lis <slis <AT> gentoo <DOT> org>
CommitDate: Fri Feb 19 06:03:53 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c5a4a175
fixing broken metadata.xml, sorry
Package-Manager: portage-2.2.27
net-analyzer/suricata/metadata.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/metadata.xml b/net-analyzer/suricata/metadata.xml
index 108297d..0f80bed 100644
--- a/net-analyzer/suricata/metadata.xml
+++ b/net-analyzer/suricata/metadata.xml
@@ -1,7 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
- <maintainer>
+ <maintainer type="person">
<email>slis@gentoo.org</email>
</maintainer>
<use>
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2016-02-19 5:32 Slawek Lis
0 siblings, 0 replies; 81+ messages in thread
From: Slawek Lis @ 2016-02-19 5:32 UTC (permalink / raw
To: gentoo-commits
commit: 8f5935a130e2f36e50950b193cbf0f92e7616032
Author: Slawomir Lis <slis <AT> gentoo <DOT> org>
AuthorDate: Fri Feb 19 05:36:04 2016 +0000
Commit: Slawek Lis <slis <AT> gentoo <DOT> org>
CommitDate: Fri Feb 19 05:36:04 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8f5935a1
Added detection USE flag, drop old
Package-Manager: portage-2.2.27
net-analyzer/suricata/Manifest | 1 -
net-analyzer/suricata/metadata.xml | 3 +-
net-analyzer/suricata/suricata-2.0.10.ebuild | 120 ---------------------------
net-analyzer/suricata/suricata-2.0.11.ebuild | 6 +-
4 files changed, 5 insertions(+), 125 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index e35b5b9..cff1749 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1 @@
-DIST suricata-2.0.10.tar.gz 3090730 SHA256 c8d1d3b6ce3d2a56577fca224424071afd921739d3859efc8a62229556d4beef SHA512 fa3683a93d85b26166b0f67a85f1a498941aadf4372ef98bd7fe62fcdef150af46b65456e3a764e054c385abbf44138ae6f70882c68ba320508eade6e181f2c6 WHIRLPOOL b867003e76df2b0b1b56c89415ed96acbf9d8966739d77aa303055d29ae5cdad8ad0b58e969336f0c1fc2e5d9990941622c19c062828dae58bf062f5662225f3
DIST suricata-2.0.11.tar.gz 3091124 SHA256 c607f1e18e5636830f42a83f7c67e1466f07db82853f3a9dba4ab8c6c3bc656e SHA512 659e893fef3cdcca8440f2af7596d5cc58b142d3350b9ea5ba57d855c6759a00adafeb15a1dfe91dd55eca1437487eb4e842b4e2913d12417f0b906ca3d54ec9 WHIRLPOOL 5cfa55abd90284a0a3441853af9db18075a23fa5661d89448b409b8fdd1031ad348d76d455b7dfe7b2688e69633f5bbb65dc060cc2426af017ab1bcb824c9ac5
diff --git a/net-analyzer/suricata/metadata.xml b/net-analyzer/suricata/metadata.xml
index 9ec4bf7..108297d 100644
--- a/net-analyzer/suricata/metadata.xml
+++ b/net-analyzer/suricata/metadata.xml
@@ -1,13 +1,14 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
- <maintainer type="person">
+ <maintainer>
<email>slis@gentoo.org</email>
</maintainer>
<use>
<flag name="af-packet">Enable AF_PACKET support</flag>
<flag name="control-socket">Enable unix socket</flag>
<flag name="cuda">Enable NVIDIA Cuda computations support</flag>
+ <flag name="detection">Enable detection modules</flag>
<flag name="luajit">Enable Luajit support</flag>
<flag name="nflog">Enable libnetfilter_log support</flag>
<flag name="nfqueue">Enable AF_PACKET support</flag>
diff --git a/net-analyzer/suricata/suricata-2.0.10.ebuild b/net-analyzer/suricata/suricata-2.0.10.ebuild
deleted file mode 100644
index 3c69998..0000000
--- a/net-analyzer/suricata/suricata-2.0.10.ebuild
+++ /dev/null
@@ -1,120 +0,0 @@
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=5
-
-inherit autotools eutils user
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="http://suricata-ids.org/"
-SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet control-socket cuda debug geoip hardened lua luajit nflog +nfqueue +rules test"
-
-DEPEND="
- >=dev-libs/jansson-2.2
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- net-libs/libpcap
- sys-apps/file
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/geoip )
- lua? ( dev-lang/lua:* )
- luajit? ( dev-lang/luajit:* )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue? ( net-libs/libnetfilter_queue )
-"
-# #446814
-# prelude? ( dev-libs/libprelude )
-# pfring? ( sys-process/numactl net-libs/pf_ring)
-# system-htp? ( >=net-analyzer/htp-0.5.5 )
-RDEPEND="${DEPEND}"
-
-pkg_setup() {
- enewgroup ${PN}
- enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
-}
-
-src_prepare() {
- epatch "${FILESDIR}/fortify_source-numeric.patch"
- epatch "${FILESDIR}/magic-location.patch"
- epatch "${FILESDIR}/json.patch"
-
- eautoreconf
-}
-
-src_configure() {
- local myeconfargs=(
- "--localstatedir=/var/" \
- "--disable-detection" \
- $(use_enable af-packet) \
- $(use_enable nfqueue) \
- $(use_enable test coccinelle) \
- $(use_enable test unittests) \
- $(use_enable control-socket unix-socket)
- )
-
- if use cuda ; then
- myeconfargs+=( $(use_enable cuda) )
- fi
- if use debug ; then
- myeconfargs+=( $(use_enable debug) )
- fi
- if use geoip ; then
- myeconfargs+=( $(use_enable geoip) )
- fi
- if use hardened ; then
- myeconfargs+=( $(use_enable hardened gccprotect) )
- fi
- if use nflog ; then
- myeconfargs+=( $(use_enable nflog) )
- fi
- # not supported yet (no pfring in portage)
-# if use pfring ; then
-# myeconfargs+=( $(use_enable pfring) )
-# fi
- # no libprelude in portage
-# if use prelude ; then
-# myeconfargs+=( $(use_enable prelude) )
-# fi
- # htp not added into portage yet
-# if use system-htp ; then
-# myeconfargs+=( $(use_enable system-htp non-bundled-htp) )
-# fi
- if use lua ; then
- myeconfargs+=( $(use_enable lua) )
- fi
- if use luajit ; then
- myeconfargs+=( $(use_enable luajit) )
- fi
-
-# this should be used when pf_ring use flag support will be added
-# LIBS+="-lrt -lnuma"
-
- econf LIBS="${LIBS}" ${myeconfargs[@]}
-}
-
-src_install() {
- emake DESTDIR="${D}" install
-
- insinto "/etc/${PN}"
- doins {classification,reference,threshold}.config suricata.yaml
-
- if use rules ; then
- insinto "/etc/${PN}/rules"
- doins rules/*.rules
- fi
-
- dodir "/var/lib/${PN}"
- dodir "/var/log/${PN}"
- fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
-}
\ No newline at end of file
diff --git a/net-analyzer/suricata/suricata-2.0.11.ebuild b/net-analyzer/suricata/suricata-2.0.11.ebuild
index 3c69998..250c663 100644
--- a/net-analyzer/suricata/suricata-2.0.11.ebuild
+++ b/net-analyzer/suricata/suricata-2.0.11.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2015 Gentoo Foundation
+# Copyright 1999-2016 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$
@@ -13,7 +13,7 @@ SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet control-socket cuda debug geoip hardened lua luajit nflog +nfqueue +rules test"
+IUSE="+af-packet control-socket cuda debug +detection geoip hardened lua luajit nflog +nfqueue +rules test"
DEPEND="
>=dev-libs/jansson-2.2
@@ -54,8 +54,8 @@ src_prepare() {
src_configure() {
local myeconfargs=(
"--localstatedir=/var/" \
- "--disable-detection" \
$(use_enable af-packet) \
+ $(use_enable detection) \
$(use_enable nfqueue) \
$(use_enable test coccinelle) \
$(use_enable test unittests) \
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2015-12-28 5:53 Slawek Lis
0 siblings, 0 replies; 81+ messages in thread
From: Slawek Lis @ 2015-12-28 5:53 UTC (permalink / raw
To: gentoo-commits
commit: 34a58b272507e98993da25151adfb88b0a9e18d0
Author: Slawomir Lis <slis <AT> gentoo <DOT> org>
AuthorDate: Mon Dec 28 05:56:46 2015 +0000
Commit: Slawek Lis <slis <AT> gentoo <DOT> org>
CommitDate: Mon Dec 28 05:56:46 2015 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=34a58b27
version bump
Package-Manager: portage-2.2.26
net-analyzer/suricata/Manifest | 1 +
net-analyzer/suricata/suricata-2.0.11.ebuild | 120 +++++++++++++++++++++++++++
2 files changed, 121 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 77f17d0..e35b5b9 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1 +1,2 @@
DIST suricata-2.0.10.tar.gz 3090730 SHA256 c8d1d3b6ce3d2a56577fca224424071afd921739d3859efc8a62229556d4beef SHA512 fa3683a93d85b26166b0f67a85f1a498941aadf4372ef98bd7fe62fcdef150af46b65456e3a764e054c385abbf44138ae6f70882c68ba320508eade6e181f2c6 WHIRLPOOL b867003e76df2b0b1b56c89415ed96acbf9d8966739d77aa303055d29ae5cdad8ad0b58e969336f0c1fc2e5d9990941622c19c062828dae58bf062f5662225f3
+DIST suricata-2.0.11.tar.gz 3091124 SHA256 c607f1e18e5636830f42a83f7c67e1466f07db82853f3a9dba4ab8c6c3bc656e SHA512 659e893fef3cdcca8440f2af7596d5cc58b142d3350b9ea5ba57d855c6759a00adafeb15a1dfe91dd55eca1437487eb4e842b4e2913d12417f0b906ca3d54ec9 WHIRLPOOL 5cfa55abd90284a0a3441853af9db18075a23fa5661d89448b409b8fdd1031ad348d76d455b7dfe7b2688e69633f5bbb65dc060cc2426af017ab1bcb824c9ac5
diff --git a/net-analyzer/suricata/suricata-2.0.11.ebuild b/net-analyzer/suricata/suricata-2.0.11.ebuild
new file mode 100644
index 0000000..3c69998
--- /dev/null
+++ b/net-analyzer/suricata/suricata-2.0.11.ebuild
@@ -0,0 +1,120 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+inherit autotools eutils user
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="http://suricata-ids.org/"
+SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet control-socket cuda debug geoip hardened lua luajit nflog +nfqueue +rules test"
+
+DEPEND="
+ >=dev-libs/jansson-2.2
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ net-libs/libpcap
+ sys-apps/file
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/geoip )
+ lua? ( dev-lang/lua:* )
+ luajit? ( dev-lang/luajit:* )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue? ( net-libs/libnetfilter_queue )
+"
+# #446814
+# prelude? ( dev-libs/libprelude )
+# pfring? ( sys-process/numactl net-libs/pf_ring)
+# system-htp? ( >=net-analyzer/htp-0.5.5 )
+RDEPEND="${DEPEND}"
+
+pkg_setup() {
+ enewgroup ${PN}
+ enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
+}
+
+src_prepare() {
+ epatch "${FILESDIR}/fortify_source-numeric.patch"
+ epatch "${FILESDIR}/magic-location.patch"
+ epatch "${FILESDIR}/json.patch"
+
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ "--localstatedir=/var/" \
+ "--disable-detection" \
+ $(use_enable af-packet) \
+ $(use_enable nfqueue) \
+ $(use_enable test coccinelle) \
+ $(use_enable test unittests) \
+ $(use_enable control-socket unix-socket)
+ )
+
+ if use cuda ; then
+ myeconfargs+=( $(use_enable cuda) )
+ fi
+ if use debug ; then
+ myeconfargs+=( $(use_enable debug) )
+ fi
+ if use geoip ; then
+ myeconfargs+=( $(use_enable geoip) )
+ fi
+ if use hardened ; then
+ myeconfargs+=( $(use_enable hardened gccprotect) )
+ fi
+ if use nflog ; then
+ myeconfargs+=( $(use_enable nflog) )
+ fi
+ # not supported yet (no pfring in portage)
+# if use pfring ; then
+# myeconfargs+=( $(use_enable pfring) )
+# fi
+ # no libprelude in portage
+# if use prelude ; then
+# myeconfargs+=( $(use_enable prelude) )
+# fi
+ # htp not added into portage yet
+# if use system-htp ; then
+# myeconfargs+=( $(use_enable system-htp non-bundled-htp) )
+# fi
+ if use lua ; then
+ myeconfargs+=( $(use_enable lua) )
+ fi
+ if use luajit ; then
+ myeconfargs+=( $(use_enable luajit) )
+ fi
+
+# this should be used when pf_ring use flag support will be added
+# LIBS+="-lrt -lnuma"
+
+ econf LIBS="${LIBS}" ${myeconfargs[@]}
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+
+ insinto "/etc/${PN}"
+ doins {classification,reference,threshold}.config suricata.yaml
+
+ if use rules ; then
+ insinto "/etc/${PN}/rules"
+ doins rules/*.rules
+ fi
+
+ dodir "/var/lib/${PN}"
+ dodir "/var/log/${PN}"
+ fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+}
\ No newline at end of file
^ permalink raw reply related [flat|nested] 81+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
@ 2015-12-28 5:49 Slawek Lis
0 siblings, 0 replies; 81+ messages in thread
From: Slawek Lis @ 2015-12-28 5:49 UTC (permalink / raw
To: gentoo-commits
commit: f0be13e9ed39aba8138a9d7842745d08f837415f
Author: Slawomir Lis <slis <AT> gentoo <DOT> org>
AuthorDate: Mon Dec 28 05:52:24 2015 +0000
Commit: Slawek Lis <slis <AT> gentoo <DOT> org>
CommitDate: Mon Dec 28 05:52:24 2015 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f0be13e9
Fixed #569636
Package-Manager: portage-2.2.26
net-analyzer/suricata/suricata-2.0.10.ebuild | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/suricata-2.0.10.ebuild b/net-analyzer/suricata/suricata-2.0.10.ebuild
index 40b2740..3c69998 100644
--- a/net-analyzer/suricata/suricata-2.0.10.ebuild
+++ b/net-analyzer/suricata/suricata-2.0.10.ebuild
@@ -96,7 +96,8 @@ src_configure() {
myeconfargs+=( $(use_enable luajit) )
fi
- LIBS+="-lrt -lnuma"
+# this should be used when pf_ring use flag support will be added
+# LIBS+="-lrt -lnuma"
econf LIBS="${LIBS}" ${myeconfargs[@]}
}
^ permalink raw reply related [flat|nested] 81+ messages in thread
end of thread, other threads:[~2024-11-09 13:54 UTC | newest]
Thread overview: 81+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-01-25 17:38 [gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/ Marek Szuba
-- strict thread matches above, loose matches on Subject: below --
2024-11-09 13:54 Sam James
2024-04-07 1:06 Marek Szuba
2024-01-23 5:07 Ionen Wolkens
2023-11-29 21:16 Petr Vaněk
2023-10-25 22:04 Marek Szuba
2023-10-25 22:04 Marek Szuba
2023-08-16 17:08 Marek Szuba
2023-08-16 17:08 Marek Szuba
2023-06-27 21:56 Marek Szuba
2023-05-11 12:03 Marek Szuba
2023-04-16 20:03 Marek Szuba
2023-03-22 23:43 Marek Szuba
2023-03-01 23:12 Marek Szuba
2023-02-01 10:51 Marek Szuba
2023-02-01 10:51 Marek Szuba
2022-12-02 10:00 Marek Szuba
2022-11-10 0:42 Marek Szuba
2022-11-01 13:10 Marek Szuba
2022-11-01 0:36 Marek Szuba
2022-10-04 0:53 Marek Szuba
2022-09-01 12:27 Marek Szuba
2022-08-24 15:36 Marek Szuba
2022-08-24 15:36 Marek Szuba
2022-07-27 23:54 Marek Szuba
2022-07-13 15:55 Marek Szuba
2022-07-13 15:55 Marek Szuba
2022-04-25 22:57 Marek Szuba
2022-04-25 22:57 Marek Szuba
2022-03-23 1:24 Sam James
2021-11-19 14:59 Marek Szuba
2021-11-19 14:59 Marek Szuba
2021-09-25 19:08 Sam James
2021-09-03 12:15 Marek Szuba
2021-09-03 12:15 Marek Szuba
2021-08-23 21:29 Marek Szuba
2021-07-25 20:58 Marek Szuba
2021-07-01 9:47 Marek Szuba
2021-07-01 9:47 Marek Szuba
2021-06-21 16:03 Marek Szuba
2021-06-21 14:54 Marek Szuba
2021-06-21 14:54 Marek Szuba
2021-05-17 16:15 Marek Szuba
2021-04-03 19:53 Sam James
2021-03-04 14:47 Marek Szuba
2021-03-04 14:47 Marek Szuba
2021-01-25 17:38 Marek Szuba
2020-12-06 22:02 Marek Szuba
2020-12-03 12:54 Marek Szuba
2020-10-14 14:44 Marek Szuba
2020-10-09 11:41 Marek Szuba
2020-07-17 20:10 Marek Szuba
2020-05-22 21:02 Marek Szuba
2020-04-23 21:11 Marek Szuba
2020-04-23 21:11 Marek Szuba
2020-03-04 9:46 Marek Szuba
2020-02-05 15:30 Marek Szuba
2019-12-20 10:18 Marek Szuba
2019-12-19 15:18 Marek Szuba
2019-12-16 16:05 Marek Szuba
2019-09-08 19:25 Slawek Lis
2018-06-11 14:04 Marek Szuba
2018-06-03 13:49 Aaron Bauman
2018-05-11 7:43 Slawek Lis
2018-03-26 19:33 Michał Górny
2018-01-24 7:00 Slawek Lis
2018-01-23 9:15 Slawek Lis
2017-07-24 8:30 Slawek Lis
2017-01-07 10:25 Slawek Lis
2016-12-28 13:25 Slawek Lis
2016-12-15 6:19 Slawek Lis
2016-11-29 12:05 Slawek Lis
2016-10-10 19:08 Slawek Lis
2016-06-30 19:03 Slawek Lis
2016-06-29 6:44 Slawek Lis
2016-04-26 6:18 Slawek Lis
2016-02-19 20:19 Slawek Lis
2016-02-19 5:59 Slawek Lis
2016-02-19 5:32 Slawek Lis
2015-12-28 5:53 Slawek Lis
2015-12-28 5:49 Slawek Lis
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox