blob: 9910cf451c69b150c5c148cc1c8b0ec7b1885395 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
|
# Created by: Patrick Tracanelli <eksffa@freebsdbrasil.com.br>
# $FreeBSD$
PORTNAME= suricata
PORTVERSION= 1.3.4
PORTREVISION= 3
CATEGORIES= security
MASTER_SITES= http://www.openinfosecfoundation.org/download/ \
http://mirrors.rit.edu/zi/
MAINTAINER= wxs@FreeBSD.org
COMMENT= Open Source next generation IDS/IPS engine by OISF
LICENSE= GPLv2
LICENSE_FILE= ${WRKSRC}/LICENSE
LIB_DEPENDS= pcre:${PORTSDIR}/devel/pcre \
yaml:${PORTSDIR}/textproc/libyaml \
htp:${PORTSDIR}/devel/libhtp
LIB_DEPENDS+= net:${PORTSDIR}/net/libnet
USE_AUTOTOOLS= automake autoconf libtool
USES= pkgconfig
USE_RC_SUBR= suricata
LIBNET_CONFIG?= ${LOCALBASE}/bin/libnet11-config
OPTIONS_DEFINE= IPFW PRELUDE PORTS_PCAP DAG
OPTIONS_DEFAULT=IPFW
IPFW_DESC= Enable ipfw/ipdivert for IPS usage
PRELUDE_DESC= Enable Prelude NIDS integration
PORTS_PCAP_DESC=Use libpcap from ports
DAG_DESC= Enable Endace DAG Support
.include <bsd.port.options.mk>
SUB_FILES= pkg-message
HAS_CONFIGURE= yes
USE_GMAKE= yes
USE_LDCONFIG= yes
CONFIGURE_ARGS+=--enable-non-bundled-htp --enable-gccprotect \
--with-libpcre-includes=${LOCALBASE}/include \
--with-libpcre-libraries=${LOCALBASE}/lib \
--with-libyaml-includes=${LOCALBASE}/include \
--with-libyaml-libraries=${LOCALBASE}/lib \
--with-libnet-includes=${LOCALBASE}/include/libnet11 \
--with-libnet-libraries=${LOCALBASE}/lib/libnet11
CONFIG_DIR?= ${PREFIX}/etc/suricata
CONFIG_FILES= suricata.yaml classification.config reference.config
RULES_DIR= ${PREFIX}/etc/suricata/rules
LOGS_DIR= /var/log/suricata
.include <bsd.port.pre.mk>
.if ${ARCH} == "ia64" || ${ARCH} == "powerpc" || ${ARCH} == "sparc64"
BROKEN= Does not compile on ia64, powerpc, or sparc64
.endif
.if ${CC} == "clang" || ${CXX} == "clang++"
BROKEN= Does not build when compiled with clang
.endif
.if ${PORT_OPTIONS:MPRELUDE}
LIB_DEPENDS+= prelude:${PORTSDIR}/security/libprelude
CONFIGURE_ARGS+= --enable-prelude \
--with-libprelude-prefix=${LOCALBASE}
PLIST_SUB+= PRELUDE=""
.endif
.if ${PORT_OPTIONS:MIPFW}
CONFIGURE_ARGS+= --enable-ipfw
.endif
.if ${PORT_OPTIONS:MPORTS_PCAP}
LIB_DEPENDS+= pcap:${PORTSDIR}/net/libpcap
CONFIGURE_ARGS+= --with-libpcap-includes=${LOCALBASE}/include \
--with-libpcap-libraries=${LOCALBASE}/lib
.else
CONFIGURE_ARGS+= --with-libpcap-includes=/usr/include \
--with-libpcap-libraries=/usr/lib
.endif
.if ${PORT_OPTIONS:MDAG}
CONFIGURE_ARGS+= --enable-dag \
--with-dag-includes=${LOCALBASE}/include \
--with-dag-libraries=${LOCALBASE}/lib
.endif
AUTOTOOLSFILES= aclocal.m4 libhtp/aclocal.m4
post-patch:
@${REINPLACE_CMD} -Ee 's|^(install-data-am: )install-pkgconfigDATA|\1|' ${WRKSRC}/libhtp/Makefile.in
.for f in ${AUTOTOOLSFILES}
@${REINPLACE_CMD} -e 's|1.11.3|%%AUTOMAKE_APIVER%%|g' ${WRKSRC}/${f}
.endfor
pre-install:
@${REINPLACE_CMD} -e 's|/etc/suricata|${PREFIX}/etc/suricata|g' ${WRKSRC}/suricata.yaml
post-install:
[ -d ${CONFIG_DIR} ] || ${MKDIR} ${CONFIG_DIR}
[ -d ${RULES_DIR} ] || ${MKDIR} ${RULES_DIR}
[ -d ${LOGS_DIR} ] || ${MKDIR} ${LOGS_DIR}
.for f in ${CONFIG_FILES}
${INSTALL_DATA} ${WRKSRC}/${f} ${CONFIG_DIR}/${f}-sample
@if [ ! -f ${CONFIG_DIR}/${f} ]; then \
${CP} -p ${CONFIG_DIR}/${f}-sample ${CONFIG_DIR}/${f} ; \
fi
.endfor
@${CAT} ${PKGMESSAGE}
.include <bsd.port.post.mk>
|
