blob: a00e8ea158e733c31e6d08cb7c892618e2ee4094 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
|
# Created by: Patrick Tracanelli <eksffa@freebsdbrasil.com.br>
# $FreeBSD$
PORTNAME= suricata
PORTVERSION= 3.0
PORTREVISION= 1
CATEGORIES= security
MASTER_SITES= http://www.openinfosecfoundation.org/download/
MAINTAINER= koobs@FreeBSD.org
COMMENT= High Performance Network IDS, IPS and Security Monitoring engine
LICENSE= GPLv2
LICENSE_FILE= ${WRKSRC}/LICENSE
LIB_DEPENDS= libpcre.so:${PORTSDIR}/devel/pcre \
libnet.so:${PORTSDIR}/net/libnet \
libyaml.so:${PORTSDIR}/textproc/libyaml
USES= autoreconf cpe gmake libtool pathfix pkgconfig
USE_LDCONFIG= yes
USE_RC_SUBR= ${PORTNAME}
GNU_CONFIGURE= yes
CPE_VENDOR= openinfosecfoundation
INSTALL_TARGET= install-strip
PATHFIX_MAKEFILEIN= Makefile.am
OPTIONS_DEFINE= GEOIP HTP_PORT IPFW JSON NETMAP NSS PORTS_PCAP PRELUDE SC TESTS
OPTIONS_DEFAULT= HTP_PORT IPFW JSON NETMAP PRELUDE
OPTIONS_RADIO= SCRIPTS
OPTIONS_RADIO_SCRIPTS= LUA LUAJIT
OPTIONS_SUB= yes
SCRIPTS_DESC= Scripting
GEOIP_DESC= GeoIP support
HTP_PORT_DESC= Use libhtp from ports
IPFW_DESC= IPFW and IP Divert support for inline IDP
JSON_DESC= JSON output support
LUA_DESC= LUA scripting support
LUAJIT_DESC= LuaJIT scripting support
NETMAP_DESC= Netmap support for inline IDP
NSS_DESC= File checksums and SSL/TLS fingerprinting
PORTS_PCAP_DESC= Use libpcap from ports
PRELUDE_DESC= Prelude support for NIDS alerts
SC_DESC= Suricata socket client (suricatasc)
TESTS_DESC= Unit tests in suricata binary
GEOIP_LIB_DEPENDS= libGeoIP.so:${PORTSDIR}/net/GeoIP
GEOIP_CONFIGURE_ON= --enable-geoip
HTP_PORT_LIB_DEPENDS= libhtp.so:${PORTSDIR}/devel/libhtp
HTP_PORT_CONFIGURE_ON= --enable-non-bundled-htp
HTP_PORT_CONFIGURE_OFF= --enable-bundled-htp
HTP_PORT_CONFLICTS_INSTALL_OFF= libhtp-[0-9]* libhtp-suricata
HTP_PORT_USES_OFF= iconv:translit
IPFW_CONFIGURE_ON= --enable-ipfw
JSON_LIB_DEPENDS= libjansson.so:${PORTSDIR}/devel/jansson
JSON_CONFIGURE_ON= --with-libjansson-includes=${LOCALBASE}/include \
--with-libjansson-libraries=${LOCALBASE}/lib
LUA_USES= lua:51
LUA_CONFIGURE_ON= --enable-lua \
--with-liblua-includes=${LUA_INCDIR} \
--with-liblua-libraries=${LUA_LIBDIR}
LUAJIT_LIB_DEPENDS= libluajit-5.1.so:${PORTSDIR}/lang/luajit
LUAJIT_CONFIGURE_ON= --enable-luajit
NSS_LIB_DEPENDS= libnss3.so:${PORTSDIR}/security/nss \
libnspr4.so:${PORTSDIR}/devel/nspr
NSS_CONFIGURE_ON= --with-libnss-includes=${LOCALBASE}/include/nss/nss \
--with-libnss-libraries=${LOCALBASE}/lib \
--with-libnspr-libraries=${LOCALBASE}/lib \
--with-libnspr-includes=${LOCALBASE}/include/nspr
NETMAP_CONFIGURE_ENABLE= netmap
PORTS_PCAP_LIB_DEPENDS= libpcap.so:${PORTSDIR}/net/libpcap
PORTS_PCAP_CONFIGURE_ON= --with-libpcap-includes=${LOCALBASE}/include \
--with-libpcap-libraries=${LOCALBASE}/lib
PORTS_PCAP_CONFIGURE_OFF= --with-libpcap-includes=/usr/include \
--with-libpcap-libraries=/usr/lib
PRELUDE_LIB_DEPENDS= libprelude.so:${PORTSDIR}/security/libprelude
PRELUDE_CONFIGURE_ENABLE= prelude
PRELUDE_CONFIGURE_ON= --with-libprelude-prefix=${LOCALBASE}
SC_USES= python
SC_CONFIGURE_ENV= ac_cv_path_HAVE_PYTHON_CONFIG=yes
SC_CONFIGURE_ENV_OFF= ac_cv_path_HAVE_PYTHON_CONFIG=no
TESTS_CONFIGURE_ENABLE= unittests
SUB_FILES= pkg-message
CONFIGURE_ARGS+=--enable-gccprotect \
--disable-silent-rules \
--with-libpcre-includes=${LOCALBASE}/include \
--with-libpcre-libraries=${LOCALBASE}/lib \
--with-libyaml-includes=${LOCALBASE}/include \
--with-libyaml-libraries=${LOCALBASE}/lib \
--with-libnet-includes=${LOCALBASE}/include \
--with-libnet-libraries=${LOCALBASE}/lib \
--with-libhtp-includes=${LOCALBASE}/include/ \
--with-libhtp-libraries=${LOCALBASE}/lib \
--disable-gccmarch-native
CONFIG_DIR?= ${ETCDIR}
CONFIG_FILES= suricata.yaml classification.config reference.config threshold.config
RULES_DIR= ${CONFIG_DIR}/rules
RULES_FILES= app-layer-events.rules decoder-events.rules dns-events.rules files.rules \
http-events.rules modbus-events.rules smtp-events.rules stream-events.rules \
tls-events.rules
LOGS_DIR?= /var/log/${PORTNAME}
.include <bsd.port.pre.mk>
pre-patch:
${CP} ${FILESDIR}/ax_check_compile_flag.m4 ${WRKSRC}/m4
post-install:
${MKDIR} ${STAGEDIR}${CONFIG_DIR}
${MKDIR} ${STAGEDIR}${RULES_DIR}
${MKDIR} ${STAGEDIR}${LOGS_DIR}
.for f in ${CONFIG_FILES}
${INSTALL_DATA} ${WRKSRC}/${f} ${STAGEDIR}${CONFIG_DIR}/${f}.sample
.endfor
.for f in ${RULES_FILES}
${INSTALL_DATA} ${WRKSRC}/rules/${f} ${STAGEDIR}${RULES_DIR}/${f}
.endfor
.if ${PORT_OPTIONS:MSC}
(cd ${STAGEDIR}${PREFIX} \
&& ${PYTHON_CMD} ${PYTHON_LIBDIR}/compileall.py \
-d ${PYTHONPREFIX_SITELIBDIR} -f ${PYTHONPREFIX_SITELIBDIR:S;${PREFIX}/;;})
.endif
TEST_TARGET= check
.include <bsd.port.post.mk>
|