4 files changed, 38 insertions, 19 deletions

diff --git a/security/suricata/Makefile b/security/suricata/Makefile
index 75b6243f8804..cecc698c8d02 100644
--- a/security/suricata/Makefile
+++ b/security/suricata/Makefile
@@ -7,6 +7,7 @@
 
 PORTNAME=	suricata
 PORTVERSION=	1.2.1
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES=	http://www.openinfosecfoundation.org/download/
 
@@ -18,7 +19,6 @@ LICENSE_FILE=	${WRKSRC}/LICENSE
 
 LIB_DEPENDS=	pcre.1:${PORTSDIR}/devel/pcre \
 		yaml:${PORTSDIR}/textproc/libyaml \
-		pcap.1:${PORTSDIR}/net/libpcap \
 		htp-0.2.1:${PORTSDIR}/devel/libhtp
 
 BUILD_DEPENDS+=	${LIBNET_CONFIG}:${PORTSDIR}/net/libnet \
@@ -32,17 +32,25 @@ LIBNET_CONFIG?=	${LOCALBASE}/bin/libnet11-config
 
 OPTIONS=	IPFW "Enable IPFW/IPDIVERT for IPS usage" on \
 		PRELUDE "Enable Prelude NIDS integration" off \
+		PORTS_PCAP "Use libpcap from ports" off \
 		DAG "Enable Endace DAG Support" off
 
-CFLAGS+=	-I${LOCALBASE}/include -L${LOCALBASE}/lib
+.include <bsd.port.options.mk>
 
 SUB_FILES=	pkg-message
 HAS_CONFIGURE=	yes
 USE_GMAKE=	yes
 USE_LDCONFIG=	yes
+CONFIGURE_ARGS+=--enable-non-bundled-htp --enable-gccprotect \
+		--with-libpcre-includes=${LOCALBASE}/include \
+		--with-libpcre-libraries=${LOCALBASE}/lib \
+		--with-libyaml-includes=${LOCALBASE}/include \
+		--with-libyaml-libraries=${LOCALBASE}/lib \
+		--with-libnet-includes=${LOCALBASE}/include/libnet11 \
+		--with-libnet-libraries=${LOCALBASE}/lib/libnet11
 
 CONFIG_DIR?=	${PREFIX}/etc/suricata
-CONFIG_FILES=	suricata.yaml classification.config
+CONFIG_FILES=	suricata.yaml classification.config reference.config
 RULES_DIR=	${PREFIX}/etc/suricata/rules
 LOGS_DIR=	/var/log/suricata
 
@@ -54,7 +62,8 @@ BROKEN=		Does not compile on ia64, powerpc, or sparc64
 
 .if defined(WITH_PRELUDE)
 LIB_DEPENDS+=		prelude.20:${PORTSDIR}/security/libprelude
-CONFIGURE_ARGS+=	--enable-prelude
+CONFIGURE_ARGS+=	--enable-prelude \
+			--with-libprelude-prefix=${LOCALBASE}
 PLIST_SUB+=		PRELUDE=""
 .endif
 
@@ -62,8 +71,19 @@ PLIST_SUB+=		PRELUDE=""
 CONFIGURE_ARGS+=	--enable-ipfw
 .endif
 
+.if defined(WITH_PORTS_PCAP)
+LIB_DEPENDS+=		pcap.1:${PORTSDIR}/net/libpcap
+CONFIGURE_ARGS+=	--with-libpcap-includes=${LOCALBASE}/include \
+			--with-libpcap-libraries=${LOCALBASE}/lib
+.else
+CONFIGURE_ARGS+=	--with-libpcap-includes=/usr/include \
+			--with-libpcap-libraries=/usr/lib
+.endif
+
 .if defined(WITH_DAG)
-CONFIGURE_ARGS+=	--enable-dag
+CONFIGURE_ARGS+=	--enable-dag \
+			--with-dag-includes=${LOCALBASE}/include \
+			--with-dag-libraries=${LOCALBASE}/lib
 .endif
 
 post-patch:
diff --git a/security/suricata/files/pkg-message.in b/security/suricata/files/pkg-message.in
index 7e0b205d8d02..3a21fe944758 100644
--- a/security/suricata/files/pkg-message.in
+++ b/security/suricata/files/pkg-message.in
@@ -1,7 +1,7 @@
 =========================================================================
 If you want to run Suricata in IDS mode, add to /etc/rc.conf:
 
-	suricata_enable="YES" 
+	suricata_enable="YES"
 	suricata_interface="<if>"
 
 NOTE: Declaring suricata_interface is MANDATORY for Suricata in IDS Mode.
@@ -11,7 +11,7 @@ However, if you wanna run Suricata in Inline IPS Mode, add to /etc/rc.conf:
 	suricata_enable="YES"
 	suricata_divertport="8000"
 
-NOTA BENE:
+NOTE:
 	Suricata won't start in IDS mode without an interface configured.
 	Therefore if you omit suricata_interface from rc.conf, FreeBSD's
 	rc.d/suricata will automatically try to start Suricata in IPS Mode
diff --git a/security/suricata/pkg-descr b/security/suricata/pkg-descr
index a0d4a32145cb..2f07ad0d5c6c 100644
--- a/security/suricata/pkg-descr
+++ b/security/suricata/pkg-descr
@@ -10,13 +10,6 @@ by the Navy's Space and Naval Warfare Systems Command (SPAWAR), as well as
 through the very generous support of the members of the OISF Consortium.
 
 More information about the Consortium is available, as well as a list of our
-current Consortium Members. 
-
-The Suricata Engine and the HTP Library are available to use under the GPLv2. 
-
-The HTP Library is an HTTP normalizer and parser written by Ivan Ristic of
-Mod Security fame for the OISF. This integrates and provides very advanced
-processing of HTTP streams for Suricata. The HTP library is required by the
-engine but may also be used independently in a range of applications and tools. 
+current Consortium Members.
 
 WWW: http://openinfosecfoundation.org
diff --git a/security/suricata/pkg-plist b/security/suricata/pkg-plist
index 3e313c1960c6..b1112e458504 100644
--- a/security/suricata/pkg-plist
+++ b/security/suricata/pkg-plist
@@ -1,7 +1,13 @@
 bin/suricata
-etc/suricata/suricata.yaml
+@unexec if cmp  -s %D/etc/suricata/suricata.yaml-sample %D/etc/suricata/suricata.yaml; then rm -f %D/etc/suricata/suricata.yaml; fi
 etc/suricata/suricata.yaml-sample
+@exec if [ ! -f %D/etc/suricata/suricata.yaml ] ; then cp -p %D/%F %B/suricata.yaml; fi
+@unexec if cmp  -s %D/etc/suricata/classification.config-sample %D/etc/suricata/classification.config; then rm -f %D/etc/suricata/classification.config; fi
 etc/suricata/classification.config-sample
-etc/suricata/classification.config
-@unexec /bin/rmdir %D/etc/suricata/rules 2>/dev/null || true
-@unexec /bin/rmdir %D/etc/suricata 2>/dev/null || true
+@exec if [ ! -f %D/etc/suricata/classification.config ] ; then cp -p %D/%F %B/classification.config; fi
+@unexec if cmp  -s %D/etc/suricata/reference.config-sample %D/etc/suricata/reference.config; then rm -f %D/etc/suricata/reference.config; fi
+etc/suricata/reference.config-sample
+@exec if [ ! -f %D/etc/suricata/reference.config ] ; then cp -p %D/%F %B/reference.config; fi
+@dirrmtry etc/suricata/rules
+@dirrmtry etc/suricata
+@unexec if [ -d %D/%%ETCDIR%% ]; then echo "==> If you are permanently removing this port, you should do a ``rm -rf ${PKG_PREFIX}/etc/suricata`` to remove any configuration files left."; fi