summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarek Szuba <marecki@gentoo.org>2018-06-11 15:02:10 +0100
committerMarek Szuba <marecki@gentoo.org>2018-06-11 15:04:06 +0100
commitc35f490c5944f47bdcc633d70056ee8f433c3a44 (patch)
treea3194d5a6b02dbbdcbb6415d959bbcc85f0ca5e9 /net-analyzer
parentdev-libs/openssl: Add Fedora Hobble-EC patch (diff)
downloadgentoo-c35f490c5944f47bdcc633d70056ee8f433c3a44.tar.gz
gentoo-c35f490c5944f47bdcc633d70056ee8f433c3a44.tar.bz2
gentoo-c35f490c5944f47bdcc633d70056ee8f433c3a44.zip
net-analyzer/suricata: bump to 4.0.4 + fix Lua USE flags
Invoking maintainer timeout on both issues. Closes: https://bugs.gentoo.org/652344 Package-Manager: Portage-2.3.40, Repoman-2.3.9
Diffstat (limited to 'net-analyzer')
-rw-r--r--net-analyzer/suricata/Manifest1
-rw-r--r--net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch16
-rw-r--r--net-analyzer/suricata/suricata-4.0.4.ebuild168
3 files changed, 185 insertions, 0 deletions
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index b3ab446f9d99..cc70d0f72834 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1 +1,2 @@
DIST suricata-4.0.3.tar.gz 12392388 BLAKE2B 9b6338b343ff85f070d61608ff9dc7f25df868fdffbc13b5a8d245cb3db5cd757cb1785c827c388653b2f8a7977129259671900bc1abfebeb878a668b4058bdf SHA512 aa6b6d1ae86efad0184ba4fa06375f34334e07c22b7b1f82bf17fcb0ae48ad7f867bced57ab4f713de01583965e1260cb82e1355f78002071b689dddd3b53892
+DIST suricata-4.0.4.tar.gz 12511121 BLAKE2B d9dfb00a45c2e9810409a8ce91a83e23ebce20eb28492bf24f9688d292b5805dca932c39cc673cf1148325fe5ef7936dda7f6c7819605753cb2e2ddc1cf5dba0 SHA512 6e158aa6d3edb9d11e0df3f986392ee2ae49ab4dfb978288ced4484dbe5c08ae061db2a566be6d22cf14bd0b88f87f9cb9c0a657d7fc44e099b8783d933c771e
diff --git a/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch b/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch
new file mode 100644
index 000000000000..bad66359afa1
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch
@@ -0,0 +1,16 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -1749,11 +1749,11 @@
+ # liblua
+ AC_ARG_ENABLE(lua,
+ AS_HELP_STRING([--enable-lua],[Enable Lua support]),
+- [ enable_lua="yes"],
++ [],
+ [ enable_lua="no"])
+ AC_ARG_ENABLE(luajit,
+ AS_HELP_STRING([--enable-luajit],[Enable Luajit support]),
+- [ enable_luajit="yes"],
++ [],
+ [ enable_luajit="no"])
+ if test "$enable_lua" = "yes"; then
+ if test "$enable_luajit" = "yes"; then
diff --git a/net-analyzer/suricata/suricata-4.0.4.ebuild b/net-analyzer/suricata/suricata-4.0.4.ebuild
new file mode 100644
index 000000000000..2622dccdb3b7
--- /dev/null
+++ b/net-analyzer/suricata/suricata-4.0.4.ebuild
@@ -0,0 +1,168 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=5
+
+inherit autotools eutils user
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="https://suricata-ids.org/"
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet control-socket cuda debug +detection geoip hardened logrotate lua luajit nflog +nfqueue redis +rules test"
+
+DEPEND="
+ >=dev-libs/jansson-2.2
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ >=net-libs/libhtp-0.5.20
+ net-libs/libpcap
+ sys-apps/file
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/geoip )
+ lua? ( dev-lang/lua:* )
+ luajit? ( dev-lang/luajit:* )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue? ( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis )
+ logrotate? ( app-admin/logrotate )
+ sys-libs/libcap-ng
+"
+# #446814
+# prelude? ( dev-libs/libprelude )
+# pfring? ( sys-process/numactl net-libs/pf_ring)
+RDEPEND="${DEPEND}"
+
+pkg_setup() {
+ enewgroup ${PN}
+ enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
+}
+
+src_prepare() {
+ epatch "${FILESDIR}"/${P}_configure-lua-flags.patch
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ "--localstatedir=/var/" \
+ "--enable-non-bundled-htp" \
+ $(use_enable af-packet) \
+ $(use_enable detection) \
+ $(use_enable nfqueue) \
+ $(use_enable test coccinelle) \
+ $(use_enable test unittests) \
+ $(use_enable control-socket unix-socket)
+ )
+
+ if use cuda ; then
+ myeconfargs+=( $(use_enable cuda) )
+ fi
+ if use geoip ; then
+ myeconfargs+=( $(use_enable geoip) )
+ fi
+ if use hardened ; then
+ myeconfargs+=( $(use_enable hardened gccprotect) )
+ fi
+ if use nflog ; then
+ myeconfargs+=( $(use_enable nflog) )
+ fi
+ if use redis ; then
+ myeconfargs+=( $(use_enable redis hiredis) )
+ fi
+ # not supported yet (no pfring in portage)
+# if use pfring ; then
+# myeconfargs+=( $(use_enable pfring) )
+# fi
+ # no libprelude in portage
+# if use prelude ; theng
+# myeconfargs+=( $(use_enable prelude) )
+# fi
+ if use lua ; then
+ myeconfargs+=( $(use_enable lua) )
+ fi
+ if use luajit ; then
+ myeconfargs+=( $(use_enable luajit) )
+ fi
+ if (use !lua) && (use !luajit) ; then
+ myeconfargs+=(
+ --disable-lua
+ --disable-luajit
+ )
+ fi
+
+# this should be used when pf_ring use flag support will be added
+# LIBS+="-lrt -lnuma"
+
+ # avoid upstream configure script trying to add -march=native to CFLAGS
+ myeconfargs+=( --enable-gccmarch-native=no )
+
+ if use debug ; then
+ myeconfargs+=( $(use_enable debug) )
+ # so we can get a backtrace according to "reporting bugs" on upstream web site
+ CFLAGS="-ggdb -O0" econf LIBS="${LIBS}" ${myeconfargs[@]}
+ else
+ econf LIBS="${LIBS}" ${myeconfargs[@]}
+ fi
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+
+ insinto "/etc/${PN}"
+ doins {classification,reference,threshold}.config suricata.yaml
+
+ if use rules ; then
+ insinto "/etc/${PN}/rules"
+ doins rules/*.rules
+ fi
+
+ dodir "/var/lib/${PN}"
+ dodir "/var/log/${PN}"
+
+ fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+
+ newinitd "${FILESDIR}/${PN}-4.0.3-init" ${PN}
+ newconfd "${FILESDIR}/${PN}-4.0.3-conf" ${PN}
+
+ if use logrotate; then
+ insopts -m0644
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}"/${PN}-logrotate ${PN}
+ fi
+}
+
+pkg_postinst() {
+ elog "The ${PN} init script expects to find the path to the configuration"
+ elog "file as well as extra options in /etc/conf.d."
+ elog ""
+ elog "To create more than one ${PN} service, simply create a new .yaml file for it"
+ elog "then create a symlink to the init script from a link called"
+ elog "${PN}.foo - like so"
+ elog " cd /etc/${PN}"
+ elog " ${EDITOR##*/} suricata-foo.yaml"
+ elog " cd /etc/init.d"
+ elog " ln -s ${PN} ${PN}.foo"
+ elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
+ elog ""
+ elog "You can create as many ${PN}.foo* services as you wish."
+
+ if use logrotate; then
+ elog "You enabled the logrotate USE flag. Please make sure you correctly set up the ${PN} logrotate config file in /etc/logrotate.d/."
+ fi
+
+ if use debug; then
+ elog "You enabled the debug USE flag. Please read this link to report bugs upstream:"
+ elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
+ elog "You need to also ensure the FEATURES variable in make.conf contains the"
+ elog "'nostrip' option to produce useful core dumps or back traces."
+ fi
+}