blob: 52096fa36c436cf6fd962af96c23431f1c6dbed4 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
|
# Created by: Patrick Tracanelli <eksffa@freebsdbrasil.com.br>
# $FreeBSD$
PORTNAME= suricata
DISTVERSION= 4.1.4
PORTREVISION= 2
CATEGORIES= security
MASTER_SITES= https://www.openinfosecfoundation.org/download/
MAINTAINER= franco@opnsense.org
COMMENT= High Performance Network IDS, IPS and Security Monitoring engine
LICENSE= GPLv2
LICENSE_FILE= ${WRKSRC}/LICENSE
LIB_DEPENDS= libpcre.so:devel/pcre \
libnet.so:net/libnet \
liblz4.so:archivers/liblz4 \
libyaml.so:textproc/libyaml
USES= autoreconf cpe gmake iconv:translit libtool pathfix pkgconfig
CONFLICTS_INSTALL=libhtp
USE_LDCONFIG= yes
USE_RC_SUBR= ${PORTNAME}
PLIST_SUB= PORTVERSION=${PORTVERSION}
GNU_CONFIGURE= yes
CPE_VENDOR= openinfosecfoundation
INSTALL_TARGET= install-strip
TEST_TARGET= check
OPTIONS_DEFINE= IPFW JSON NETMAP NSS PORTS_PCAP PRELUDE \
PYTHON REDIS RUST TESTS
OPTIONS_DEFINE_amd64= HYPERSCAN
OPTIONS_DEFAULT= IPFW JSON NETMAP PYTHON RUST
OPTIONS_SUB= yes
OPTIONS_RADIO= SCRIPTS
OPTIONS_RADIO_SCRIPTS= LUA LUAJIT
SCRIPTS_DESC= Scripting
HYPERSCAN_DESC= Hyperscan support
IPFW_DESC= IPFW and IP Divert support for inline IDP
JSON_DESC= JSON output support
LUAJIT_DESC= LuaJIT scripting support
LUA_DESC= LUA scripting support
NETMAP_DESC= Netmap support for inline IDP
NSS_DESC= File checksums and SSL/TLS fingerprinting
PORTS_PCAP_DESC= Use libpcap from ports
PRELUDE_DESC= Prelude support for NIDS alerts
PYTHON_DESC= Python-based update and control utilities
REDIS_DESC= Redis output support
RUST_DESC= Rust parser support
TESTS_DESC= Unit tests in suricata binary
HYPERSCAN_LIB_DEPENDS= libhs.so:devel/hyperscan
HYPERSCAN_CONFIGURE_ON= --with-libhs-includes=${LOCALBASE}/include \
--with-libhs-libraries=${LOCALBASE}/lib
IPFW_CONFIGURE_ON= --enable-ipfw
JSON_LIB_DEPENDS= libjansson.so:devel/jansson
JSON_CONFIGURE_ON= --with-libjansson-includes=${LOCALBASE}/include \
--with-libjansson-libraries=${LOCALBASE}/lib
LUA_USES= lua:51
LUA_CONFIGURE_ON= --enable-lua \
--with-liblua-includes=${LUA_INCDIR} \
--with-liblua-libraries=${LUA_LIBDIR}
LUAJIT_LIB_DEPENDS= libluajit-5.1.so:lang/luajit
LUAJIT_CONFIGURE_ON= --enable-luajit
NSS_LIB_DEPENDS= libnss3.so:security/nss \
libnspr4.so:devel/nspr
NSS_CONFIGURE_OFF= --disable-nss --disable-nspr
NSS_CONFIGURE_ON= --with-libnss-includes=${LOCALBASE}/include/nss/nss \
--with-libnss-libraries=${LOCALBASE}/lib \
--with-libnspr-libraries=${LOCALBASE}/lib \
--with-libnspr-includes=${LOCALBASE}/include/nspr
NETMAP_CONFIGURE_ENABLE= netmap
PORTS_PCAP_LIB_DEPENDS= libpcap.so.1:net/libpcap
PORTS_PCAP_CONFIGURE_ON= --with-libpcap-includes=${LOCALBASE}/include \
--with-libpcap-libraries=${LOCALBASE}/lib
PORTS_PCAP_CONFIGURE_OFF= --with-libpcap-includes=/usr/include \
--with-libpcap-libraries=/usr/lib
PRELUDE_LIB_DEPENDS= libprelude.so:security/libprelude \
libgnutls.so:security/gnutls \
libgcrypt.so:security/libgcrypt \
libgpg-error.so:security/libgpg-error \
libltdl.so:devel/libltdl
PRELUDE_CONFIGURE_ENABLE= prelude
PRELUDE_CONFIGURE_ON= --with-libprelude-prefix=${LOCALBASE}
PYTHON_USES= python
PYTHON_USE= PYTHON=py3kplist
PYTHON_CONFIGURE_ENABLE= python
PYTHON_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}yaml>0:devel/py-yaml@${PY_FLAVOR}
PYTHON_BUILD_DEPENDS= ${PYTHON_RUN_DEPENDS}
REDIS_LIB_DEPENDS= libhiredis.so:databases/hiredis
REDIS_CONFIGURE_ON= --enable-hiredis \
--with-libhiredis-includes=${LOCALBASE}/include \
--with-libhiredis-libraries=${LOCALBASE}/lib
RUST_BUILD_DEPENDS= rustc:lang/${RUST_DEFAULT}
RUST_CONFIGURE_ENABLE= rust
TESTS_CONFIGURE_ENABLE= unittests
SUB_FILES= pkg-message
CONFIGURE_ARGS+=--enable-gccprotect \
--enable-bundled-htp \
--with-libpcre-includes=${LOCALBASE}/include \
--with-libpcre-libraries=${LOCALBASE}/lib \
--with-libyaml-includes=${LOCALBASE}/include \
--with-libyaml-libraries=${LOCALBASE}/lib \
--with-libnet-includes=${LOCALBASE}/include \
--with-libnet-libraries=${LOCALBASE}/lib \
--with-libhtp-includes=${LOCALBASE}/include/ \
--with-libhtp-libraries=${LOCALBASE}/lib \
--disable-gccmarch-native
CONFIG_DIR?= ${ETCDIR}
CONFIG_FILES= suricata.yaml classification.config reference.config threshold.config
LOGS_DIR?= /var/log/${PORTNAME}
pre-patch:
@${CP} ${FILESDIR}/ax_check_compile_flag.m4 ${WRKSRC}/m4
post-patch-PYTHON-on:
@${REINPLACE_CMD} -e "/AC_PATH_PROGS.*HAVE_PYTHON/ s/python[^,]*,/${PYTHON_VERSION},/g" \
${WRKSRC}/configure.ac
post-install:
@${MKDIR} ${STAGEDIR}${CONFIG_DIR}
@${MKDIR} ${STAGEDIR}${LOGS_DIR}
.for f in ${CONFIG_FILES}
${INSTALL_DATA} ${WRKSRC}/${f} ${STAGEDIR}${CONFIG_DIR}/${f}.sample
.endfor
post-install-PYTHON-on:
(cd ${STAGEDIR}${PREFIX} \
&& ${PYTHON_CMD} ${PYTHON_LIBDIR}/compileall.py \
-d ${PYTHONPREFIX_SITELIBDIR} -f ${PYTHONPREFIX_SITELIBDIR:S;${PREFIX}/;;})
.include <bsd.port.mk>
|
