blob: 419c56ac26d846a5b4aea077067fb44e2641838d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
|
# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI=5
inherit autotools eutils user
DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
HOMEPAGE="http://suricata-ids.org/"
SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~amd64 ~x86"
IUSE="+af-packet control-socket cuda debug +detection geoip hardened logrotate lua luajit nflog +nfqueue redis +rules test"
DEPEND="
>=dev-libs/jansson-2.2
dev-libs/libpcre
dev-libs/libyaml
net-libs/libnet:*
net-libs/libnfnetlink
dev-libs/nspr
dev-libs/nss
>=net-libs/libhtp-0.5.20
net-libs/libpcap
sys-apps/file
cuda? ( dev-util/nvidia-cuda-toolkit )
geoip? ( dev-libs/geoip )
lua? ( dev-lang/lua:* )
luajit? ( dev-lang/luajit:* )
nflog? ( net-libs/libnetfilter_log )
nfqueue? ( net-libs/libnetfilter_queue )
redis? ( dev-libs/hiredis )
logrotate? ( app-admin/logrotate )
sys-libs/libcap-ng
"
# #446814
# prelude? ( dev-libs/libprelude )
# pfring? ( sys-process/numactl net-libs/pf_ring)
RDEPEND="${DEPEND}"
pkg_setup() {
enewgroup ${PN}
enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
}
src_prepare() {
eautoreconf
}
src_configure() {
local myeconfargs=(
"--localstatedir=/var/" \
"--enable-non-bundled-htp" \
$(use_enable af-packet) \
$(use_enable detection) \
$(use_enable nfqueue) \
$(use_enable test coccinelle) \
$(use_enable test unittests) \
$(use_enable control-socket unix-socket)
)
if use cuda ; then
myeconfargs+=( $(use_enable cuda) )
fi
if use geoip ; then
myeconfargs+=( $(use_enable geoip) )
fi
if use hardened ; then
myeconfargs+=( $(use_enable hardened gccprotect) )
fi
if use nflog ; then
myeconfargs+=( $(use_enable nflog) )
fi
if use redis ; then
myeconfargs+=( $(use_enable redis hiredis) )
fi
# not supported yet (no pfring in portage)
# if use pfring ; then
# myeconfargs+=( $(use_enable pfring) )
# fi
# no libprelude in portage
# if use prelude ; then
# myeconfargs+=( $(use_enable prelude) )
# fi
if use lua ; then
myeconfargs+=( $(use_enable lua) )
fi
if use luajit ; then
myeconfargs+=( $(use_enable luajit) )
fi
# this should be used when pf_ring use flag support will be added
# LIBS+="-lrt -lnuma"
# avoid upstream configure script trying to add -march=native to CFLAGS
myeconfargs+=( --enable-gccmarch-native=no )
if use debug ; then
myeconfargs+=( $(use_enable debug) )
# so we can get a backtrace according to "reporting bugs" on upstream web site
CFLAGS="-ggdb -O0" econf LIBS="${LIBS}" ${myeconfargs[@]}
else
econf LIBS="${LIBS}" ${myeconfargs[@]}
fi
}
src_install() {
emake DESTDIR="${D}" install
insinto "/etc/${PN}"
doins {classification,reference,threshold}.config suricata.yaml
if use rules ; then
insinto "/etc/${PN}/rules"
doins rules/*.rules
fi
dodir "/var/lib/${PN}"
dodir "/var/log/${PN}"
fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
newinitd "${FILESDIR}/${P}-init" ${PN}
newconfd "${FILESDIR}/${P}-conf" ${PN}
if use logrotate; then
insopts -m0644
insinto /etc/logrotate.d
newins "${FILESDIR}"/${PN}-logrotate ${PN}
fi
}
pkg_postinst() {
elog "The ${PN} init script expects to find the path to the configuration"
elog "file as well as extra options in /etc/conf.d."
elog ""
elog "To create more than one ${PN} service, simply create a new .yaml file for it"
elog "then create a symlink to the init script from a link called"
elog "${PN}.foo - like so"
elog " cd /etc/${PN}"
elog " ${EDITOR##*/} suricata-foo.yaml"
elog " cd /etc/init.d"
elog " ln -s ${PN} ${PN}.foo"
elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
elog ""
elog "You can create as many ${PN}.foo* services as you wish."
if use logrotate; then
elog "You enabled the logrotate USE flag. Please make sure you correctly set up the ${PN} logrotate config file in /etc/logrotate.d/."
fi
if use debug; then
elog "You enabled the debug USE flag. Please read this link to report bugs upstream:"
elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
elog "You need to also ensure the FEATURES variable in make.conf contains the"
elog "'nostrip' option to produce useful core dumps or back traces."
fi
}
|