diff options
author | Marek Szuba <marecki@gentoo.org> | 2018-06-11 15:02:10 +0100 |
---|---|---|
committer | Marek Szuba <marecki@gentoo.org> | 2018-06-11 15:04:06 +0100 |
commit | c35f490c5944f47bdcc633d70056ee8f433c3a44 (patch) | |
tree | a3194d5a6b02dbbdcbb6415d959bbcc85f0ca5e9 /net-analyzer | |
parent | dev-libs/openssl: Add Fedora Hobble-EC patch (diff) | |
download | gentoo-c35f490c5944f47bdcc633d70056ee8f433c3a44.tar.gz gentoo-c35f490c5944f47bdcc633d70056ee8f433c3a44.tar.bz2 gentoo-c35f490c5944f47bdcc633d70056ee8f433c3a44.zip |
net-analyzer/suricata: bump to 4.0.4 + fix Lua USE flags
Invoking maintainer timeout on both issues.
Closes: https://bugs.gentoo.org/652344
Package-Manager: Portage-2.3.40, Repoman-2.3.9
Diffstat (limited to 'net-analyzer')
-rw-r--r-- | net-analyzer/suricata/Manifest | 1 | ||||
-rw-r--r-- | net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch | 16 | ||||
-rw-r--r-- | net-analyzer/suricata/suricata-4.0.4.ebuild | 168 |
3 files changed, 185 insertions, 0 deletions
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest index b3ab446f9d99..cc70d0f72834 100644 --- a/net-analyzer/suricata/Manifest +++ b/net-analyzer/suricata/Manifest @@ -1 +1,2 @@ DIST suricata-4.0.3.tar.gz 12392388 BLAKE2B 9b6338b343ff85f070d61608ff9dc7f25df868fdffbc13b5a8d245cb3db5cd757cb1785c827c388653b2f8a7977129259671900bc1abfebeb878a668b4058bdf SHA512 aa6b6d1ae86efad0184ba4fa06375f34334e07c22b7b1f82bf17fcb0ae48ad7f867bced57ab4f713de01583965e1260cb82e1355f78002071b689dddd3b53892 +DIST suricata-4.0.4.tar.gz 12511121 BLAKE2B d9dfb00a45c2e9810409a8ce91a83e23ebce20eb28492bf24f9688d292b5805dca932c39cc673cf1148325fe5ef7936dda7f6c7819605753cb2e2ddc1cf5dba0 SHA512 6e158aa6d3edb9d11e0df3f986392ee2ae49ab4dfb978288ced4484dbe5c08ae061db2a566be6d22cf14bd0b88f87f9cb9c0a657d7fc44e099b8783d933c771e diff --git a/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch b/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch new file mode 100644 index 000000000000..bad66359afa1 --- /dev/null +++ b/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch @@ -0,0 +1,16 @@ +--- a/configure.ac ++++ b/configure.ac +@@ -1749,11 +1749,11 @@ + # liblua + AC_ARG_ENABLE(lua, + AS_HELP_STRING([--enable-lua],[Enable Lua support]), +- [ enable_lua="yes"], ++ [], + [ enable_lua="no"]) + AC_ARG_ENABLE(luajit, + AS_HELP_STRING([--enable-luajit],[Enable Luajit support]), +- [ enable_luajit="yes"], ++ [], + [ enable_luajit="no"]) + if test "$enable_lua" = "yes"; then + if test "$enable_luajit" = "yes"; then diff --git a/net-analyzer/suricata/suricata-4.0.4.ebuild b/net-analyzer/suricata/suricata-4.0.4.ebuild new file mode 100644 index 000000000000..2622dccdb3b7 --- /dev/null +++ b/net-analyzer/suricata/suricata-4.0.4.ebuild @@ -0,0 +1,168 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 + +inherit autotools eutils user + +DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine" +HOMEPAGE="https://suricata-ids.org/" +SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="+af-packet control-socket cuda debug +detection geoip hardened logrotate lua luajit nflog +nfqueue redis +rules test" + +DEPEND=" + >=dev-libs/jansson-2.2 + dev-libs/libpcre + dev-libs/libyaml + net-libs/libnet:* + net-libs/libnfnetlink + dev-libs/nspr + dev-libs/nss + >=net-libs/libhtp-0.5.20 + net-libs/libpcap + sys-apps/file + cuda? ( dev-util/nvidia-cuda-toolkit ) + geoip? ( dev-libs/geoip ) + lua? ( dev-lang/lua:* ) + luajit? ( dev-lang/luajit:* ) + nflog? ( net-libs/libnetfilter_log ) + nfqueue? ( net-libs/libnetfilter_queue ) + redis? ( dev-libs/hiredis ) + logrotate? ( app-admin/logrotate ) + sys-libs/libcap-ng +" +# #446814 +# prelude? ( dev-libs/libprelude ) +# pfring? ( sys-process/numactl net-libs/pf_ring) +RDEPEND="${DEPEND}" + +pkg_setup() { + enewgroup ${PN} + enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}" +} + +src_prepare() { + epatch "${FILESDIR}"/${P}_configure-lua-flags.patch + eautoreconf +} + +src_configure() { + local myeconfargs=( + "--localstatedir=/var/" \ + "--enable-non-bundled-htp" \ + $(use_enable af-packet) \ + $(use_enable detection) \ + $(use_enable nfqueue) \ + $(use_enable test coccinelle) \ + $(use_enable test unittests) \ + $(use_enable control-socket unix-socket) + ) + + if use cuda ; then + myeconfargs+=( $(use_enable cuda) ) + fi + if use geoip ; then + myeconfargs+=( $(use_enable geoip) ) + fi + if use hardened ; then + myeconfargs+=( $(use_enable hardened gccprotect) ) + fi + if use nflog ; then + myeconfargs+=( $(use_enable nflog) ) + fi + if use redis ; then + myeconfargs+=( $(use_enable redis hiredis) ) + fi + # not supported yet (no pfring in portage) +# if use pfring ; then +# myeconfargs+=( $(use_enable pfring) ) +# fi + # no libprelude in portage +# if use prelude ; theng +# myeconfargs+=( $(use_enable prelude) ) +# fi + if use lua ; then + myeconfargs+=( $(use_enable lua) ) + fi + if use luajit ; then + myeconfargs+=( $(use_enable luajit) ) + fi + if (use !lua) && (use !luajit) ; then + myeconfargs+=( + --disable-lua + --disable-luajit + ) + fi + +# this should be used when pf_ring use flag support will be added +# LIBS+="-lrt -lnuma" + + # avoid upstream configure script trying to add -march=native to CFLAGS + myeconfargs+=( --enable-gccmarch-native=no ) + + if use debug ; then + myeconfargs+=( $(use_enable debug) ) + # so we can get a backtrace according to "reporting bugs" on upstream web site + CFLAGS="-ggdb -O0" econf LIBS="${LIBS}" ${myeconfargs[@]} + else + econf LIBS="${LIBS}" ${myeconfargs[@]} + fi +} + +src_install() { + emake DESTDIR="${D}" install + + insinto "/etc/${PN}" + doins {classification,reference,threshold}.config suricata.yaml + + if use rules ; then + insinto "/etc/${PN}/rules" + doins rules/*.rules + fi + + dodir "/var/lib/${PN}" + dodir "/var/log/${PN}" + + fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}" + fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}" + + newinitd "${FILESDIR}/${PN}-4.0.3-init" ${PN} + newconfd "${FILESDIR}/${PN}-4.0.3-conf" ${PN} + + if use logrotate; then + insopts -m0644 + insinto /etc/logrotate.d + newins "${FILESDIR}"/${PN}-logrotate ${PN} + fi +} + +pkg_postinst() { + elog "The ${PN} init script expects to find the path to the configuration" + elog "file as well as extra options in /etc/conf.d." + elog "" + elog "To create more than one ${PN} service, simply create a new .yaml file for it" + elog "then create a symlink to the init script from a link called" + elog "${PN}.foo - like so" + elog " cd /etc/${PN}" + elog " ${EDITOR##*/} suricata-foo.yaml" + elog " cd /etc/init.d" + elog " ln -s ${PN} ${PN}.foo" + elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo." + elog "" + elog "You can create as many ${PN}.foo* services as you wish." + + if use logrotate; then + elog "You enabled the logrotate USE flag. Please make sure you correctly set up the ${PN} logrotate config file in /etc/logrotate.d/." + fi + + if use debug; then + elog "You enabled the debug USE flag. Please read this link to report bugs upstream:" + elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs" + elog "You need to also ensure the FEATURES variable in make.conf contains the" + elog "'nostrip' option to produce useful core dumps or back traces." + fi +} |