summaryrefslogtreecommitdiff
path: root/net-analyzer/suricata
diff options
context:
space:
mode:
authorV3n3RiX <venerix@redcorelinux.org>2020-01-15 15:51:32 +0000
committerV3n3RiX <venerix@redcorelinux.org>2020-01-15 15:51:32 +0000
commit21435953e16cda318a82334ddbadb3b5c36d9ea7 (patch)
treee1810a4b135afce04b34862ef0fab2bfaeb8aeca /net-analyzer/suricata
parent7bc9c63c9da678a7e6fceb095d56c634afd22c56 (diff)
gentoo resync : 15.01.2020
Diffstat (limited to 'net-analyzer/suricata')
-rw-r--r--net-analyzer/suricata/Manifest16
-rw-r--r--net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch16
-rw-r--r--net-analyzer/suricata/files/suricata-4.0.4_sockios.patch13
-rw-r--r--net-analyzer/suricata/files/suricata-5.0.1-conf (renamed from net-analyzer/suricata/files/suricata-4.0.4-conf)2
-rw-r--r--net-analyzer/suricata/files/suricata-5.0.1-init (renamed from net-analyzer/suricata/files/suricata-4.0.4-init)8
-rw-r--r--net-analyzer/suricata/files/suricata-5.0.1_configure-no-lz4-automagic.patch23
-rw-r--r--net-analyzer/suricata/files/suricata-5.0.1_default-config.patch27
-rw-r--r--net-analyzer/suricata/files/suricata.service19
-rw-r--r--net-analyzer/suricata/files/suricata.tmpfiles1
-rw-r--r--net-analyzer/suricata/metadata.xml9
-rw-r--r--net-analyzer/suricata/suricata-4.0.4.ebuild171
-rw-r--r--net-analyzer/suricata/suricata-5.0.1.ebuild196
12 files changed, 286 insertions, 215 deletions
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 5260932c6316..dd9b600ed057 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,8 +1,10 @@
-AUX suricata-4.0.4-conf 2767 BLAKE2B fe356820f57a8a7b068b66fd8c012c94a9bffdc8a62e2bd4a2210a9625778fa358a303bc770aeb4b1600ed8da5443533c50356ac4dfdabce6d0438ba246e1cd4 SHA512 fd3aec48b4e7e52f192af117f3cda063c5614f33082986dca4e3bdf7a46d62655cd03a1d723db9d36a1b1f84964dc2273e3bf00fb23648902639b18a64025d6b
-AUX suricata-4.0.4-init 5496 BLAKE2B ea7922c300f3f42450e9c84b696a1389887ec062588a29cab201a70a2a2c1d52ce63d89642d85c584737594606ddc212d84632308de401504db80c60226872de SHA512 3b0294a0db38524f2a5126fb66000700cee2f1d10a10f35b5cb2a3598c4e41de72015719bbcf70da46f15505f2ac4b3afb2a4fa040fae68f0b1088ae40d5457b
-AUX suricata-4.0.4_configure-lua-flags.patch 502 BLAKE2B 14693f51888ba8d41a736a91065d1376e542d7c41d53dcc3ed9edd95d10f1db30a51d8b244154406a98338f844e67e2f836bcfc44bfa6dd6d0ffc19332c6a2c0 SHA512 a1be159aa592f2121b5e3fde70485e6a502cdfbd15fc76056e6ca1401a94ab7eddf1639728fa402f754ca546229aa5fd6fc05c243be761475c9249a7206b2830
-AUX suricata-4.0.4_sockios.patch 298 BLAKE2B 2a3fd2b8ace6363f90ad52f2f9802cd9565d3aabcc1d5fec4b2b0b9690110d7b28fa8d6be39d357b9dded7f2f09ba9b21e3837d92cac42483e0015ef76669ec8 SHA512 416cc3ff7636f7938e35a449bea41d2f4a02dacb80dce0821091db690279f966ef048a036a4b47b9f9208039b9103366500afcd0d6b3e85d8fe96372a0b3921a
+AUX suricata-5.0.1-conf 2771 BLAKE2B c9f9ac6707f71ace993bcf730df5aab11a6e59fcbb636140a110d2ec636587bca600938af55a7d709ed0994c38095c0a8d505d2af9912ea3aaf1be20e098043f SHA512 4c8c1d0c101e850b39358605451df37427bb94f1b55836078aeb0b4e3720f5bdef01d4bc9d4ddfb3436c822c7bd8796112409421a7d90cf40ec81a6a24c3d6dd
+AUX suricata-5.0.1-init 5480 BLAKE2B 48c9484c824f7216d1c4d64394a60b5a5b2c1f5781e8faa775d56765680dd27cb886daf61da7e93f78469f2947f38bd044804acc79f2fb3c40477aff0f470f13 SHA512 6756cebe424b057884904e716af05e74bf2cfc47461a6081b4ff45144d1fefb568ffc3aaffb8162efa3272fea535d0f93632b4778d9c80d64fca26740471ed49
+AUX suricata-5.0.1_configure-no-lz4-automagic.patch 601 BLAKE2B 01874b39d89a8872a35a102018e2e11208549f60790e88f988a689ba09c59fb915bbffccb6db454a8d8d4fee0ccf69b51cd5d2cde11cb6f2a1c401cb74c5c49d SHA512 d26fc7e0193ea3ddd5436964a26bbbfed847890d513c4e7181a0faceb0a688df8ca35ad68045ecd006a25da93d345a942c593f8711f81dff5f63d13e599f78b0
+AUX suricata-5.0.1_default-config.patch 813 BLAKE2B 5758447f2dc6fa50bb6a388c2c83bd35927cf90b66a10e51e5058869e09c05810c037da025a9d26486e33077a06bfe8ba08698618e091bdc40a255d8322062c7 SHA512 0f6337d5bff60cd57f3a3a3edcb82abde9acc6848b158cac1b8f945fc7a228340c420d53a2c5f558d5b5e2b7645f6b104e8105b260245209ba782966d6f04a7c
AUX suricata-logrotate 161 BLAKE2B d55edb7e36cc27819b6fba26778eff3cc66bfc5c04877e36e27ef9adcf3f003c10cff787b317e00a32a4c764c2180f90c9abd3f81e877d73bd2c892d5ca2d161 SHA512 c22a85667460df9b7b1fd15af1e4472dd5b7d1726a43f3b621547a884dcd64ff49b0728767d6a4dc70c413dd8997905e3753fa94c82cda34e4aaf903ebdb1cec
-DIST suricata-4.0.4.tar.gz 12511121 BLAKE2B d9dfb00a45c2e9810409a8ce91a83e23ebce20eb28492bf24f9688d292b5805dca932c39cc673cf1148325fe5ef7936dda7f6c7819605753cb2e2ddc1cf5dba0 SHA512 6e158aa6d3edb9d11e0df3f986392ee2ae49ab4dfb978288ced4484dbe5c08ae061db2a566be6d22cf14bd0b88f87f9cb9c0a657d7fc44e099b8783d933c771e
-EBUILD suricata-4.0.4.ebuild 4771 BLAKE2B f52e9e40f2da2a016122b09d30c34aa2467e1f2a682a5161677501d9a9c479fbf66b995b8ae9d5454e6fe7080f229e4961707fdf6e3e7e5ea133ffb84e5f2d1f SHA512 76ff00070b17bd39d1fb532a0d5f56113e6b30c3d6adb8473f0494b6440b45a967e21a846150cd97b03a99e84fc271a72057a4b2013921a13c2c2cc8b2a65cba
-MISC metadata.xml 775 BLAKE2B faf442e43b5388b3a24b57ee3aa73ea22eb0f230bd7bfbdee98bc4ec0be260f52f47cf7caa67d44d3498cdba58e18c487741a295149c64cf2b4631a141537e8a SHA512 e9407a4c043553a31b1a66c6b45d352444368567eef3bfa4af26e64bb84a70a81bcc7a21e48dba7e532a3115c7086932e22b75a05b00ba1f84b59d4d7ec187c6
+AUX suricata.service 501 BLAKE2B 00631ada0d2993eae97a028ef950b031b91bb3af346ee3538bd7f0deb9d76bb8552761b4666a3ac80673fe31ffd95424f2ff71e35db0f5fe6667b32478fab4c4 SHA512 4e4e87735731fd0e18ab26e536e7904833a19ce8785ffdd15b22d494673c73044137908feee74800486960f9efd09d1ddc2c75a490a2e35ef06caf23c7439a0c
+AUX suricata.tmpfiles 24 BLAKE2B 150b74a6775137704915015871ab4455b8d0b9204a75c398ea746e9194b0c0a787904f9015b98f36a685fac0dbb0fcb43746096dd403bf882afa5dfef12af94d SHA512 1530aed4efb35f988e2f0134388ea11ffc3ba1f217845a2c5dd47f947983ed4d343126e49d66a86ca7894ff60b5134464ddbe07509dcc80c001131f09cb7e2dd
+DIST suricata-5.0.1.tar.gz 23721536 BLAKE2B 529837e8e4d6c33d2093df8208bf03519e0d60deef92eadf9d0a44b7416eae2f900b2f72349815acb86d9bdd9d4253bbc5d7c4c1a34157f544982b0788291624 SHA512 db0797a7992abf0ddf170cb603fdac06b0ff92278bb91343860bccbbe029ea0e83131dfb9805ca44bcbbe3925502119259e350a17e94209b21d1f8b610d965a6
+EBUILD suricata-5.0.1.ebuild 6159 BLAKE2B 09a165bbee254f1b7d6b8a5ede8f3514301d58b85291f8336dc02d0c8c3c1ee5b89fdc63837af5bec3bb038ad8d5b919e13976a55af584a2620f6da5da36d492 SHA512 cde3097df89de194d045ea22843b9b4924b69fb7bb8fced588c8d3865cdafb5e14db0e22a065fec743835fa525d836f4ade6d02e4f469e76b81e46d5e5b2f482
+MISC metadata.xml 1015 BLAKE2B 355c550ad2fe7a37d69b92f0bd710824d68a3353be687876449ad5b7d8e2c98b06b833e59ebcf479410aff09dce71e1f7f64be860c348f3d6c3519cd8fe2acf2 SHA512 0837e07a0130baff435e684b47a6b463991aec73b4f570672d0091a70adf163c5e83d19887e1575f12db783d6246050777011d25dc658fe4767cd3fe8fc1d4a5
diff --git a/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch b/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch
deleted file mode 100644
index bad66359afa1..000000000000
--- a/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch
+++ /dev/null
@@ -1,16 +0,0 @@
---- a/configure.ac
-+++ b/configure.ac
-@@ -1749,11 +1749,11 @@
- # liblua
- AC_ARG_ENABLE(lua,
- AS_HELP_STRING([--enable-lua],[Enable Lua support]),
-- [ enable_lua="yes"],
-+ [],
- [ enable_lua="no"])
- AC_ARG_ENABLE(luajit,
- AS_HELP_STRING([--enable-luajit],[Enable Luajit support]),
-- [ enable_luajit="yes"],
-+ [],
- [ enable_luajit="no"])
- if test "$enable_lua" = "yes"; then
- if test "$enable_luajit" = "yes"; then
diff --git a/net-analyzer/suricata/files/suricata-4.0.4_sockios.patch b/net-analyzer/suricata/files/suricata-4.0.4_sockios.patch
deleted file mode 100644
index a341d9c159f1..000000000000
--- a/net-analyzer/suricata/files/suricata-4.0.4_sockios.patch
+++ /dev/null
@@ -1,13 +0,0 @@
---- src/source-af-packet.c.orig 2019-09-08 20:50:06.416466432 +0200
-+++ src/source-af-packet.c 2019-09-08 20:53:26.144471385 +0200
-@@ -70,6 +70,10 @@
-
- #ifdef HAVE_AF_PACKET
-
-+#ifdef HAVE_LINUX_SOCKIOS_H
-+#include <linux/sockios.h>
-+#endif
-+
- #if HAVE_SYS_IOCTL_H
- #include <sys/ioctl.h>
- #endif
diff --git a/net-analyzer/suricata/files/suricata-4.0.4-conf b/net-analyzer/suricata/files/suricata-5.0.1-conf
index 655b947fdd9b..7f22113dbf0d 100644
--- a/net-analyzer/suricata/files/suricata-4.0.4-conf
+++ b/net-analyzer/suricata/files/suricata-5.0.1-conf
@@ -37,7 +37,7 @@
# If you want to use ${SURICATA_DIR}/suricata.yaml and start the service with /etc/init.d/suricata
# then you can set:
-SURICATA_OPTS="-i eth0"
+SURICATA_OPTS="--af-packet"
# Log paths listed here will be created by the init script and will override the log path
# set in the yaml file, if present.
diff --git a/net-analyzer/suricata/files/suricata-4.0.4-init b/net-analyzer/suricata/files/suricata-5.0.1-init
index 1db8137f31a4..89f92803cedf 100644
--- a/net-analyzer/suricata/files/suricata-4.0.4-init
+++ b/net-analyzer/suricata/files/suricata-5.0.1-init
@@ -9,7 +9,7 @@ SURICATAID=$(shell_var "${SURICATA}")
if [ -n "${SURICATA}" ] && [ ${SVCNAME} != "suricata" ]; then
eval SURICATACONF=\$SURICATA_CONF_${SURICATAID}
[ ${#SURICATACONF} -eq 0 ] && SURICATACONF="${SURICATA_DIR}/suricata-${SURICATA}.yaml" || SURICATACONF="${SURICATA_DIR}/${SURICATACONF}"
- SURICATAPID="/var/run/suricata/suricata.${SURICATA}.pid"
+ SURICATAPID="/run/suricata/suricata.${SURICATA}.pid"
eval SURICATAOPTS=\$SURICATA_OPTS_${SURICATAID}
eval SURICATALOGPATH=\$SURICATA_LOG_FILE_${SURICATAID}
eval SURICATAUSER=\$SURICATA_USER_${SURICATAID}
@@ -17,7 +17,7 @@ if [ -n "${SURICATA}" ] && [ ${SVCNAME} != "suricata" ]; then
else
SURICATACONF=${SURICATA_CONF}
[ ${#SURICATACONF} -eq 0 ] && SURICATACONF="${SURICATA_DIR}/suricata.yaml" || SURICATACONF="${SURICATA_DIR}/${SURICATACONF}"
- SURICATAPID="/var/run/suricata/suricata.pid"
+ SURICATAPID="/run/suricata/suricata.pid"
SURICATAOPTS=${SURICATA_OPTS}
SURICATALOGPATH=${SURICATA_LOG_FILE}
SURICATAUSER=${SURICATA_USER}
@@ -43,8 +43,8 @@ depend() {
}
checkconfig() {
- if [ ! -d "/var/run/suricata" ] ; then
- checkpath -d /var/run/suricata
+ if [ ! -d "/run/suricata" ] ; then
+ checkpath -d /run/suricata
fi
if [ ${#SURICATALOGPATH} -gt 0 ]; then
SURICATALOGFILE=$( basename ${SURICATALOGPATH} )
diff --git a/net-analyzer/suricata/files/suricata-5.0.1_configure-no-lz4-automagic.patch b/net-analyzer/suricata/files/suricata-5.0.1_configure-no-lz4-automagic.patch
new file mode 100644
index 000000000000..5efce46f6d9f
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata-5.0.1_configure-no-lz4-automagic.patch
@@ -0,0 +1,23 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -2292,7 +2292,11 @@
+ fi
+
+ # Check for lz4
+-enable_liblz4="yes"
++AC_ARG_ENABLE(lz4,
++ AS_HELP_STRING([--enable-lz4], [Enable compressed pcap logging using liblz4]),
++ [enable_liblz4=$enableval],
++ [enable_liblz4=yes])
++if test "x$enable_liblz4" != "xno"; then
+ AC_CHECK_LIB(lz4, LZ4F_createCompressionContext, , enable_liblz4="no")
+
+ if test "$enable_liblz4" = "no"; then
+@@ -2306,6 +2310,7 @@
+ echo " yum install lz4-devel"
+ echo
+ fi
++fi
+
+ # get cache line size
+ AC_PATH_PROG(HAVE_GETCONF_CMD, getconf, "no")
diff --git a/net-analyzer/suricata/files/suricata-5.0.1_default-config.patch b/net-analyzer/suricata/files/suricata-5.0.1_default-config.patch
new file mode 100644
index 000000000000..ef1b1f63ad4f
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata-5.0.1_default-config.patch
@@ -0,0 +1,27 @@
+--- a/suricata.yaml.in
++++ b/suricata.yaml.in
+@@ -203,8 +203,9 @@
+ # https://suricata.readthedocs.io/en/latest/output/eve/eve-json-output.html#dns-v1-format
+
+ # As of Suricata 5.0, version 2 of the eve dns output
+- # format is the default.
+- #version: 2
++ # format is the default - but the daemon produces a warning to that effect
++ # at start-up if this isn't explicitly set.
++ version: 2
+
+ # Enable/disable this logger. Default: enabled.
+ #enabled: yes
+@@ -978,9 +979,9 @@
+ ##
+
+ # Run suricata as user and group.
+-#run-as:
+-# user: suri
+-# group: suri
++run-as:
++ user: suricata
++ group: suricata
+
+ # Some logging module will use that name in event as identifier. The default
+ # value is the hostname
diff --git a/net-analyzer/suricata/files/suricata.service b/net-analyzer/suricata/files/suricata.service
new file mode 100644
index 000000000000..1fb056957ec5
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata.service
@@ -0,0 +1,19 @@
+[Unit]
+Description=Suricata IDS/IDP daemon
+After=network.target
+Requires=network.target
+Documentation=man:suricata(8) man:suricatasc(8)
+Documentation=https://suricata.readthedocs.io/
+
+[Service]
+Environment=OPTIONS='-c /etc/suricata/suricata.yaml --af-packet'
+PIDFile=/run/suricata/suricata.pid
+ExecStart=/usr/bin/suricata --pidfile /run/suricata/suricata.pid $OPTIONS
+ExecReload=/bin/kill -HUP $MAINPID
+ExecStop=/bin/kill $MAINPID
+PrivateTmp=yes
+ProtectHome=yes
+
+[Install]
+WantedBy=multi-user.target
+
diff --git a/net-analyzer/suricata/files/suricata.tmpfiles b/net-analyzer/suricata/files/suricata.tmpfiles
new file mode 100644
index 000000000000..a6e784cc37c7
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata.tmpfiles
@@ -0,0 +1 @@
+d /run/suricata - - - -
diff --git a/net-analyzer/suricata/metadata.xml b/net-analyzer/suricata/metadata.xml
index 0afee5625d1a..457a2fbd2e8a 100644
--- a/net-analyzer/suricata/metadata.xml
+++ b/net-analyzer/suricata/metadata.xml
@@ -2,17 +2,20 @@
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="person">
- <email>slis@gentoo.org</email>
+ <email>marecki@gentoo.org</email>
+ <name>Marek Szuba</name>
</maintainer>
<use>
<flag name="af-packet">Enable AF_PACKET support</flag>
+ <flag name="bpf">Enable support for eBPF (as well as XDP if supported by the kernel and the NIC driver)
+ for low-level, high-speed packet processing</flag>
<flag name="control-socket">Enable unix socket</flag>
<flag name="cuda">Enable NVIDIA Cuda computations support</flag>
<flag name="detection">Enable detection modules</flag>
+ <flag name="logrotate">Install logrotate rule</flag>
+ <flag name="lz4">Enable support for compressed pcap logging using the LZ4 algorithm</flag>
<flag name="nflog">Enable libnetfilter_log support</flag>
<flag name="nfqueue">Enable NFQUEUE support for inline IDP</flag>
<flag name="redis">Enable Redis support</flag>
- <flag name="rules">Install default ruleset</flag>
- <flag name="logrotate">Install logrotate rule</flag>
</use>
</pkgmetadata>
diff --git a/net-analyzer/suricata/suricata-4.0.4.ebuild b/net-analyzer/suricata/suricata-4.0.4.ebuild
deleted file mode 100644
index 2ea320ca46ba..000000000000
--- a/net-analyzer/suricata/suricata-4.0.4.ebuild
+++ /dev/null
@@ -1,171 +0,0 @@
-# Copyright 1999-2019 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-
-inherit autotools eutils user
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
-HOMEPAGE="https://suricata-ids.org/"
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet control-socket cuda debug +detection geoip hardened logrotate lua luajit nflog +nfqueue redis +rules test"
-RESTRICT="!test? ( test )"
-
-DEPEND="
- >=dev-libs/jansson-2.2
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- >=net-libs/libhtp-0.5.20
- net-libs/libpcap
- sys-apps/file
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/geoip )
- lua? ( dev-lang/lua:* )
- luajit? ( dev-lang/luajit:* )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue? ( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis )
- logrotate? ( app-admin/logrotate )
- sys-libs/libcap-ng
-"
-# #446814
-# prelude? ( dev-libs/libprelude )
-# pfring? ( sys-process/numactl net-libs/pf_ring)
-RDEPEND="${DEPEND}"
-
-pkg_setup() {
- enewgroup ${PN}
- enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
-}
-
-src_prepare() {
- epatch "${FILESDIR}/${P}_configure-lua-flags.patch"
- epatch "${FILESDIR}/${P}_sockios.patch"
- sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am"
- eautoreconf
-}
-
-src_configure() {
- local myeconfargs=(
- "--localstatedir=/var/" \
- "--enable-non-bundled-htp" \
- $(use_enable af-packet) \
- $(use_enable detection) \
- $(use_enable nfqueue) \
- $(use_enable test coccinelle) \
- $(use_enable test unittests) \
- $(use_enable control-socket unix-socket)
- )
-
- if use cuda ; then
- myeconfargs+=( $(use_enable cuda) )
- fi
- if use geoip ; then
- myeconfargs+=( $(use_enable geoip) )
- fi
- if use hardened ; then
- myeconfargs+=( $(use_enable hardened gccprotect) )
- fi
- if use nflog ; then
- myeconfargs+=( $(use_enable nflog) )
- fi
- if use redis ; then
- myeconfargs+=( $(use_enable redis hiredis) )
- fi
- # not supported yet (no pfring in portage)
-# if use pfring ; then
-# myeconfargs+=( $(use_enable pfring) )
-# fi
- # no libprelude in portage
-# if use prelude ; theng
-# myeconfargs+=( $(use_enable prelude) )
-# fi
- if use lua ; then
- myeconfargs+=( $(use_enable lua) )
- fi
- if use luajit ; then
- myeconfargs+=( $(use_enable luajit) )
- fi
- if (use !lua) && (use !luajit) ; then
- myeconfargs+=(
- --disable-lua
- --disable-luajit
- )
- fi
-
-# this should be used when pf_ring use flag support will be added
-# LIBS+="-lrt -lnuma"
-
- # avoid upstream configure script trying to add -march=native to CFLAGS
- myeconfargs+=( --enable-gccmarch-native=no )
-
- if use debug ; then
- myeconfargs+=( $(use_enable debug) )
- # so we can get a backtrace according to "reporting bugs" on upstream web site
- CFLAGS="-ggdb -O0" econf LIBS="${LIBS}" ${myeconfargs[@]}
- else
- econf LIBS="${LIBS}" ${myeconfargs[@]}
- fi
-}
-
-src_install() {
- emake DESTDIR="${D}" install
-
- insinto "/etc/${PN}"
- doins {classification,reference,threshold}.config suricata.yaml
-
- if use rules ; then
- insinto "/etc/${PN}/rules"
- doins rules/*.rules
- fi
-
- keepdir "/var/lib/${PN}"
- keepdir "/var/log/${PN}"
-
- fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
-
- newinitd "${FILESDIR}/${P}-init" ${PN}
- newconfd "${FILESDIR}/${P}-conf" ${PN}
-
- if use logrotate; then
- insopts -m0644
- insinto /etc/logrotate.d
- newins "${FILESDIR}"/${PN}-logrotate ${PN}
- fi
-}
-
-pkg_postinst() {
- elog "The ${PN} init script expects to find the path to the configuration"
- elog "file as well as extra options in /etc/conf.d."
- elog ""
- elog "To create more than one ${PN} service, simply create a new .yaml file for it"
- elog "then create a symlink to the init script from a link called"
- elog "${PN}.foo - like so"
- elog " cd /etc/${PN}"
- elog " ${EDITOR##*/} suricata-foo.yaml"
- elog " cd /etc/init.d"
- elog " ln -s ${PN} ${PN}.foo"
- elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
- elog ""
- elog "You can create as many ${PN}.foo* services as you wish."
-
- if use logrotate; then
- elog "You enabled the logrotate USE flag. Please make sure you correctly set up the ${PN} logrotate config file in /etc/logrotate.d/."
- fi
-
- if use debug; then
- elog "You enabled the debug USE flag. Please read this link to report bugs upstream:"
- elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
- elog "You need to also ensure the FEATURES variable in make.conf contains the"
- elog "'nostrip' option to produce useful core dumps or back traces."
- fi
-}
diff --git a/net-analyzer/suricata/suricata-5.0.1.ebuild b/net-analyzer/suricata/suricata-5.0.1.ebuild
new file mode 100644
index 000000000000..676947405976
--- /dev/null
+++ b/net-analyzer/suricata/suricata-5.0.1.ebuild
@@ -0,0 +1,196 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{6,7,8} )
+
+inherit autotools linux-info python-single-r1 systemd
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
+HOMEPAGE="https://suricata-ids.org/"
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened logrotate lua luajit lz4 nflog +nfqueue redis systemd test"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ ?? ( lua luajit )
+ bpf? ( af-packet )"
+
+CDEPEND="acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ dev-python/pyyaml[${PYTHON_USEDEP}]
+ >=net-libs/libhtp-0.5.32
+ net-libs/libpcap
+ sys-apps/file
+ sys-libs/libcap-ng
+ bpf? ( >=dev-libs/libbpf-0.0.6 )
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/libmaxminddb )
+ logrotate? ( app-admin/logrotate )
+ lua? ( dev-lang/lua:* )
+ luajit? ( dev-lang/luajit:* )
+ lz4? ( app-arch/lz4 )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue? ( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis )"
+DEPEND="${CDEPEND}
+ >=sys-devel/autoconf-2.69-r5
+ virtual/rust"
+RDEPEND="${CDEPEND}
+ ${PYTHON_DEPS}"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.1_default-config.patch"
+)
+
+pkg_pretend() {
+ if use bpf && use kernel_linux; then
+ if kernel_is -lt 4 15; then
+ ewarn "Kernel 4.15 or newer is necessary to use all XDP features like the CPU redirect map"
+ fi
+
+ CONFIG_CHECK="~XDP_SOCKETS"
+ ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it impossible for Suricata will to load XDP programs. "
+ ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
+ check_extra_config
+ fi
+}
+
+src_prepare() {
+ default
+ sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//' "${S}/doc/Makefile.am"
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ "--localstatedir=/var" \
+ "--runstatedir=/run" \
+ "--enable-non-bundled-htp" \
+ "--enable-gccmarch-native=no" \
+ "--enable-python" \
+ $(use_enable af-packet) \
+ $(use_enable bpf ebpf) \
+ $(use_enable control-socket unix-socket) \
+ $(use_enable cuda) \
+ $(use_enable detection) \
+ $(use_enable geoip) \
+ $(use_enable hardened gccprotect) \
+ $(use_enable hardened pie) \
+ $(use_enable lua) \
+ $(use_enable luajit) \
+ $(use_enable lz4) \
+ $(use_enable nflog) \
+ $(use_enable nfqueue) \
+ $(use_enable redis hiredis) \
+ $(use_enable test unittests) \
+ "--disable-coccinelle"
+ )
+
+ if use debug; then
+ myeconfargs+=( $(use_enable debug) )
+ # so we can get a backtrace according to "reporting bugs" on upstream web site
+ CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
+ else
+ econf ${myeconfargs[@]}
+ fi
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+ python_optimize
+
+ if use bpf; then
+ rm -f ebpf/Makefile.{am,in}
+ dodoc -r ebpf/
+ keepdir /usr/libexec/suricata/ebpf
+ fi
+
+ insinto "/etc/${PN}"
+ doins etc/{classification,reference}.config threshold.config suricata.yaml
+
+ keepdir "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+ keepdir "/var/log/${PN}"
+
+ fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
+ fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+
+ newinitd "${FILESDIR}/${PN}-5.0.1-init" ${PN}
+ newconfd "${FILESDIR}/${PN}-5.0.1-conf" ${PN}
+ systemd_dounit "${FILESDIR}"/${PN}.service
+ systemd_newtmpfilesd "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
+
+ if use logrotate; then
+ insopts -m0644
+ insinto /etc/logrotate.d
+ newins etc/${PN}.logrotate ${PN}
+ fi
+}
+
+pkg_postinst() {
+ elog ""
+ if use systemd; then
+ elog "Suricata requires either the mode of operation (e.g. --af-packet) or the interface to listen on (e.g. -i eth0)"
+ elog "to be specified on the command line. The provided systemd unit launches Suricata in af-packet mode and relies"
+ elog "on file configuration to specify interfaces, should you prefer to run it differently you will have to customise"
+ elog "said unit. The simplest way of doing it is to override the Environment=OPTIONS='...' line using a .conf file"
+ elog "placed in the directory ${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
+ elog "For details, see the section on drop-in directories in systemd.unit(5)."
+ else
+ elog "The ${PN} init script expects to find the path to the configuration"
+ elog "file as well as extra options in /etc/conf.d."
+ elog ""
+ elog "To create more than one ${PN} service, simply create a new .yaml file for it"
+ elog "then create a symlink to the init script from a link called"
+ elog "${PN}.foo - like so"
+ elog " cd /etc/${PN}"
+ elog " ${EDITOR##*/} suricata-foo.yaml"
+ elog " cd /etc/init.d"
+ elog " ln -s ${PN} ${PN}.foo"
+ elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
+ elog ""
+ elog "You can create as many ${PN}.foo* services as you wish."
+ fi
+
+ if use bpf; then
+ elog ""
+ elog "eBPF/XDP files must be compiled (using sys-devel/clang[llvm_targets_BPF]) before use"
+ elog "because their configuration is hard-coded. You can find the default ones in"
+ elog " ${EPREFIX}/usr/share/doc/${PF}/ebpf"
+ elog "and the common location for eBPF bytecode is"
+ elog " ${EPREFIX}/usr/libexec/${PN}"
+ elog "For more information, see https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html"
+ fi
+
+ if use debug; then
+ elog ""
+ elog "You have enabled the debug USE flag. Please read this link to report bugs upstream:"
+ elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
+ elog "You need to also ensure the FEATURES variable in make.conf contains the"
+ elog "'nostrip' option to produce useful core dumps or back traces."
+ fi
+
+ elog ""
+ elog "To download and install an initial set of rules, run:"
+ elog " emerge --config =${CATEGORY}/${PF}"
+ elog ""
+}
+
+pkg_config() {
+ suricata-update
+}