| Message ID | 20220107215230.1672766-2-fontaine.fabrice@gmail.com |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [v6,1/2] package/libpcap: add host variant | expand |
On 07/01/2022 22:52, Fabrice Fontaine wrote: > The Zeek Network Security Monitor > > Zeek is a powerful network analysis framework that is much different > from the typical IDS you may know. (Zeek is the new name for the > long-established Bro system.) > > Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Applied both to master, thanks, with two modifications: - select python3 instead of depends; - patch python path in post-patch instead of post-install. Regards, Arnout > --- > Changes v5 -> v6: > - Set ZEEK_PYTHON_PREFIX > > Changes v4 -> v5: > - host-python3 is mandatory > > Changes v3 -> v4: > - Bump to latest version (4.1.1) and drop patch (already in version) > - python 2 support dropped since > https://github.com/zeek/zeek/commit/eeec219a66ed89235093fb63753d6baf6c21de78 > - BSD-3-Clause added since > https://github.com/zeek/zeek/commit/d070709c573fc01a40735a6c921a9095988306cc > > Changes v2 -> v3 (after review of Thomas Petazzoni): > - Bump to version 3.2.2 (security fixes) > - Add host-zeek dependencies > - Install bifcl and binpac to HOST_DIR > > Changes v1 -> v2: > - Bump to version 3.2.0 > - Drop second and third patches (already in version) > - Update ZEEK_SITE > - Update indentation in hash file (two spaces) > - Update third party licences > > DEVELOPERS | 1 + > package/Config.in | 1 + > package/zeek/Config.in | 43 ++++++++++++++++++++ > package/zeek/zeek.hash | 6 +++ > package/zeek/zeek.mk | 92 ++++++++++++++++++++++++++++++++++++++++++ > 5 files changed, 143 insertions(+) > create mode 100644 package/zeek/Config.in > create mode 100644 package/zeek/zeek.hash > create mode 100644 package/zeek/zeek.mk > > diff --git a/DEVELOPERS b/DEVELOPERS > index 7874677f7e..bc82015789 100644 > --- a/DEVELOPERS > +++ b/DEVELOPERS > @@ -935,6 +935,7 @@ F: package/tinycbor/ > F: package/tinydtls/ > F: package/tinymembench/ > F: package/whois/ > +F: package/zeek/ > > N: Fabrice Goucem <fabrice.goucem@oss.nxp.com> > F: board/freescale/imx6ullevk/ > diff --git a/package/Config.in b/package/Config.in > index 3a0cc0c585..3b37448a41 100644 > --- a/package/Config.in > +++ b/package/Config.in > @@ -2407,6 +2407,7 @@ endif > source "package/xinetd/Config.in" > source "package/xl2tp/Config.in" > source "package/xtables-addons/Config.in" > + source "package/zeek/Config.in" > source "package/znc/Config.in" > > endmenu > diff --git a/package/zeek/Config.in b/package/zeek/Config.in > new file mode 100644 > index 0000000000..e474251aeb > --- /dev/null > +++ b/package/zeek/Config.in > @@ -0,0 +1,43 @@ > +config BR2_PACKAGE_ZEEK > + bool "zeek" > + depends on BR2_USE_MMU # fork() > + depends on BR2_INSTALL_LIBSTDCPP > + depends on !BR2_STATIC_LIBS > + depends on BR2_TOOLCHAIN_HAS_THREADS > + depends on BR2_USE_WCHAR > + select BR2_PACKAGE_LIBPCAP > + select BR2_PACKAGE_MUSL_FTS if !BR2_TOOLCHAIN_USES_GLIBC > + select BR2_PACKAGE_OPENSSL > + select BR2_PACKAGE_ZLIB > + help > + The Zeek Network Security Monitor > + > + Zeek is a powerful network analysis framework that is much > + different from the typical IDS you may know. (Zeek is the new > + name for the long-established Bro system.) > + > + https://www.zeek.org > + > +if BR2_PACKAGE_ZEEK > + > +config BR2_PACKAGE_ZEEK_ZEEKCTL > + bool "zeekctl" > + depends on BR2_PACKAGE_PYTHON3 > + select BR2_PACKAGE_BASH # runtime > + select BR2_PACKAGE_BUSYBOX_SHOW_OTHERS # bash > + select BR2_PACKAGE_PYTHON3_CURSES > + select BR2_PACKAGE_PYTHON3_HASHLIB > + select BR2_PACKAGE_PYTHON3_SQLITE > + select BR2_PACKAGE_PYTHON3_ZLIB > + help > + Tool for managing Zeek deployments > + > +comment "zeekctl tools needs python3" > + depends on !BR2_PACKAGE_PYTHON3 > + > +endif > + > +comment "zeek needs a toolchain w/ C++, wchar, threads, dynamic library" > + depends on BR2_USE_MMU > + depends on !BR2_INSTALL_LIBSTDCPP || !BR2_USE_WCHAR || \ > + !BR2_TOOLCHAIN_HAS_THREADS || BR2_STATIC_LIBS > diff --git a/package/zeek/zeek.hash b/package/zeek/zeek.hash > new file mode 100644 > index 0000000000..05e57b5024 > --- /dev/null > +++ b/package/zeek/zeek.hash > @@ -0,0 +1,6 @@ > +# Locally computed: > +sha256 8c0afc999a8dd1c1f677a5cf818479b99c2d527e679e1ef99fb1b03f989c0373 zeek-4.1.1.tar.gz > + > +# Hash for license files: > +sha256 b2817e2fb935805ec9fc0e90c6b971efd810d9aedfc646bc5fcb535221e0266a COPYING > +sha256 1a451eca7b3826a7df62991ba90dd6d23ff03d28c2eefb7f8c4f8b1eac97a61b COPYING.3rdparty > diff --git a/package/zeek/zeek.mk b/package/zeek/zeek.mk > new file mode 100644 > index 0000000000..90f9584603 > --- /dev/null > +++ b/package/zeek/zeek.mk > @@ -0,0 +1,92 @@ > +################################################################################ > +# > +# zeek > +# > +################################################################################ > + > +ZEEK_VERSION = 4.1.1 > +ZEEK_SITE = https://download.zeek.org > +ZEEK_LICENSE = \ > + BSD-3-Clause (zeek, C++ Actor Framework, ConvertUTF.c, CardinalityCounter.cc, pybind11), \ > + Public Domain (sqlite), \ > + MIT (doctest, libkqueue, RapidJSON, tsl-ordered-map, bro_inet_ntop.c), \ > + LGPL-3.0+ (Multifast Project), \ > + BSD-2-Clause (event.h), \ > + BSD-3-Clause (in_cksum.cc) \ > + BSD-4-Clause (Patricia.c, strsep.c, bsd-getopt-long.c), \ > + Apache-2.0 (highwayhash, folly), \ > + MPL-2.0 (mozilla-ca-list.zeek) > +ZEEK_LICENSE_FILES = COPYING COPYING.3rdparty > +ZEEK_SUPPORTS_IN_SOURCE_BUILD = NO > +ZEEK_DEPENDENCIES = \ > + host-bison \ > + host-flex \ > + host-pkgconf \ > + host-python3 \ > + host-zeek \ > + $(if $(BR2_PACKAGE_LIBKRB5),libkrb5) \ > + $(if $(BR2_PACKAGE_LIBMAXMINDDB),libmaxminddb) \ > + libpcap \ > + openssl \ > + $(if $(BR2_PACKAGE_ROCKSDB),rocksdb) \ > + zlib > +HOST_ZEEK_DEPENDENCIES = \ > + host-bison \ > + host-flex \ > + host-pkgconf \ > + host-python3 \ > + host-libpcap \ > + host-openssl \ > + host-zlib > + > +ZEEK_CONF_OPTS = \ > + -DBIFCL_EXE_PATH=$(HOST_DIR)/bin/bifcl \ > + -DBINPAC_EXE_PATH=$(HOST_DIR)/bin/binpac \ > + -DBROKER_DISABLE_DOCS=ON \ > + -DBROKER_DISABLE_TESTS=ON \ > + -DINSTALL_AUX_TOOLS=ON \ > + -DZEEK_ETC_INSTALL_DIR=/etc > + > +define ZEEK_FIX_PYTHON_PATH > + $(SED) 's,@PYTHON_EXECUTABLE@,/usr/bin/python,' \ > + $(@D)/auxil/zeekctl/ZeekControl/ssh_runner.py > +endef > + > +ZEEK_POST_INSTALL_TARGET_HOOKS += ZEEK_FIX_PYTHON_PATH > + > +ifeq ($(BR2_PACKAGE_JEMALLOC),y) > +ZEEK_DEPENDENCIES += jemalloc > +ZEEK_CONF_OPTS += -DENABLE_JEMALLOC=ON > +else > +ZEEK_CONF_OPTS += -DENABLE_JEMALLOC=OFF > +endif > + > +ifeq ($(BR2_PACKAGE_ZEEK_ZEEKCTL),y) > +ZEEK_DEPENDENCIES += host-swig python3 > +ZEEK_CONF_OPTS += \ > + -DDISABLE_PYTHON_BINDINGS=OFF \ > + -DINSTALL_ZEEKCTL=ON \ > + -DPY_MOD_INSTALL_DIR=/usr/lib/zeekctl \ > + -DZEEK_PYTHON_PREFIX=/usr > +else > +ZEEK_CONF_OPTS += \ > + -DDISABLE_PYTHON_BINDINGS=ON \ > + -DINSTALL_ZEEKCTL=OFF > +endif > + > +ifneq ($(BR2_TOOLCHAIN_USES_GLIBC),y) > +ZEEK_DEPENDENCIES += musl-fts > +ZEEK_CONF_OPTS += -DCMAKE_EXE_LINKER_FLAGS=-lfts > +endif > + > +HOST_ZEEK_MAKE_OPTS = binpac bifcl > + > +define HOST_ZEEK_INSTALL_CMDS > + $(INSTALL) -D -m 0755 $(HOST_ZEEK_BUILDDIR)/auxil/bifcl/bifcl \ > + $(HOST_DIR)/bin/bifcl > + $(INSTALL) -D -m 0755 $(HOST_ZEEK_BUILDDIR)/auxil/binpac/src/binpac \ > + $(HOST_DIR)/bin/binpac > +endef > + > +$(eval $(cmake-package)) > +$(eval $(host-cmake-package))
diff --git a/DEVELOPERS b/DEVELOPERS index 7874677f7e..bc82015789 100644 --- a/DEVELOPERS +++ b/DEVELOPERS @@ -935,6 +935,7 @@ F: package/tinycbor/ F: package/tinydtls/ F: package/tinymembench/ F: package/whois/ +F: package/zeek/ N: Fabrice Goucem <fabrice.goucem@oss.nxp.com> F: board/freescale/imx6ullevk/ diff --git a/package/Config.in b/package/Config.in index 3a0cc0c585..3b37448a41 100644 --- a/package/Config.in +++ b/package/Config.in @@ -2407,6 +2407,7 @@ endif source "package/xinetd/Config.in" source "package/xl2tp/Config.in" source "package/xtables-addons/Config.in" + source "package/zeek/Config.in" source "package/znc/Config.in" endmenu diff --git a/package/zeek/Config.in b/package/zeek/Config.in new file mode 100644 index 0000000000..e474251aeb --- /dev/null +++ b/package/zeek/Config.in @@ -0,0 +1,43 @@ +config BR2_PACKAGE_ZEEK + bool "zeek" + depends on BR2_USE_MMU # fork() + depends on BR2_INSTALL_LIBSTDCPP + depends on !BR2_STATIC_LIBS + depends on BR2_TOOLCHAIN_HAS_THREADS + depends on BR2_USE_WCHAR + select BR2_PACKAGE_LIBPCAP + select BR2_PACKAGE_MUSL_FTS if !BR2_TOOLCHAIN_USES_GLIBC + select BR2_PACKAGE_OPENSSL + select BR2_PACKAGE_ZLIB + help + The Zeek Network Security Monitor + + Zeek is a powerful network analysis framework that is much + different from the typical IDS you may know. (Zeek is the new + name for the long-established Bro system.) + + https://www.zeek.org + +if BR2_PACKAGE_ZEEK + +config BR2_PACKAGE_ZEEK_ZEEKCTL + bool "zeekctl" + depends on BR2_PACKAGE_PYTHON3 + select BR2_PACKAGE_BASH # runtime + select BR2_PACKAGE_BUSYBOX_SHOW_OTHERS # bash + select BR2_PACKAGE_PYTHON3_CURSES + select BR2_PACKAGE_PYTHON3_HASHLIB + select BR2_PACKAGE_PYTHON3_SQLITE + select BR2_PACKAGE_PYTHON3_ZLIB + help + Tool for managing Zeek deployments + +comment "zeekctl tools needs python3" + depends on !BR2_PACKAGE_PYTHON3 + +endif + +comment "zeek needs a toolchain w/ C++, wchar, threads, dynamic library" + depends on BR2_USE_MMU + depends on !BR2_INSTALL_LIBSTDCPP || !BR2_USE_WCHAR || \ + !BR2_TOOLCHAIN_HAS_THREADS || BR2_STATIC_LIBS diff --git a/package/zeek/zeek.hash b/package/zeek/zeek.hash new file mode 100644 index 0000000000..05e57b5024 --- /dev/null +++ b/package/zeek/zeek.hash @@ -0,0 +1,6 @@ +# Locally computed: +sha256 8c0afc999a8dd1c1f677a5cf818479b99c2d527e679e1ef99fb1b03f989c0373 zeek-4.1.1.tar.gz + +# Hash for license files: +sha256 b2817e2fb935805ec9fc0e90c6b971efd810d9aedfc646bc5fcb535221e0266a COPYING +sha256 1a451eca7b3826a7df62991ba90dd6d23ff03d28c2eefb7f8c4f8b1eac97a61b COPYING.3rdparty diff --git a/package/zeek/zeek.mk b/package/zeek/zeek.mk new file mode 100644 index 0000000000..90f9584603 --- /dev/null +++ b/package/zeek/zeek.mk @@ -0,0 +1,92 @@ +################################################################################ +# +# zeek +# +################################################################################ + +ZEEK_VERSION = 4.1.1 +ZEEK_SITE = https://download.zeek.org +ZEEK_LICENSE = \ + BSD-3-Clause (zeek, C++ Actor Framework, ConvertUTF.c, CardinalityCounter.cc, pybind11), \ + Public Domain (sqlite), \ + MIT (doctest, libkqueue, RapidJSON, tsl-ordered-map, bro_inet_ntop.c), \ + LGPL-3.0+ (Multifast Project), \ + BSD-2-Clause (event.h), \ + BSD-3-Clause (in_cksum.cc) \ + BSD-4-Clause (Patricia.c, strsep.c, bsd-getopt-long.c), \ + Apache-2.0 (highwayhash, folly), \ + MPL-2.0 (mozilla-ca-list.zeek) +ZEEK_LICENSE_FILES = COPYING COPYING.3rdparty +ZEEK_SUPPORTS_IN_SOURCE_BUILD = NO +ZEEK_DEPENDENCIES = \ + host-bison \ + host-flex \ + host-pkgconf \ + host-python3 \ + host-zeek \ + $(if $(BR2_PACKAGE_LIBKRB5),libkrb5) \ + $(if $(BR2_PACKAGE_LIBMAXMINDDB),libmaxminddb) \ + libpcap \ + openssl \ + $(if $(BR2_PACKAGE_ROCKSDB),rocksdb) \ + zlib +HOST_ZEEK_DEPENDENCIES = \ + host-bison \ + host-flex \ + host-pkgconf \ + host-python3 \ + host-libpcap \ + host-openssl \ + host-zlib + +ZEEK_CONF_OPTS = \ + -DBIFCL_EXE_PATH=$(HOST_DIR)/bin/bifcl \ + -DBINPAC_EXE_PATH=$(HOST_DIR)/bin/binpac \ + -DBROKER_DISABLE_DOCS=ON \ + -DBROKER_DISABLE_TESTS=ON \ + -DINSTALL_AUX_TOOLS=ON \ + -DZEEK_ETC_INSTALL_DIR=/etc + +define ZEEK_FIX_PYTHON_PATH + $(SED) 's,@PYTHON_EXECUTABLE@,/usr/bin/python,' \ + $(@D)/auxil/zeekctl/ZeekControl/ssh_runner.py +endef + +ZEEK_POST_INSTALL_TARGET_HOOKS += ZEEK_FIX_PYTHON_PATH + +ifeq ($(BR2_PACKAGE_JEMALLOC),y) +ZEEK_DEPENDENCIES += jemalloc +ZEEK_CONF_OPTS += -DENABLE_JEMALLOC=ON +else +ZEEK_CONF_OPTS += -DENABLE_JEMALLOC=OFF +endif + +ifeq ($(BR2_PACKAGE_ZEEK_ZEEKCTL),y) +ZEEK_DEPENDENCIES += host-swig python3 +ZEEK_CONF_OPTS += \ + -DDISABLE_PYTHON_BINDINGS=OFF \ + -DINSTALL_ZEEKCTL=ON \ + -DPY_MOD_INSTALL_DIR=/usr/lib/zeekctl \ + -DZEEK_PYTHON_PREFIX=/usr +else +ZEEK_CONF_OPTS += \ + -DDISABLE_PYTHON_BINDINGS=ON \ + -DINSTALL_ZEEKCTL=OFF +endif + +ifneq ($(BR2_TOOLCHAIN_USES_GLIBC),y) +ZEEK_DEPENDENCIES += musl-fts +ZEEK_CONF_OPTS += -DCMAKE_EXE_LINKER_FLAGS=-lfts +endif + +HOST_ZEEK_MAKE_OPTS = binpac bifcl + +define HOST_ZEEK_INSTALL_CMDS + $(INSTALL) -D -m 0755 $(HOST_ZEEK_BUILDDIR)/auxil/bifcl/bifcl \ + $(HOST_DIR)/bin/bifcl + $(INSTALL) -D -m 0755 $(HOST_ZEEK_BUILDDIR)/auxil/binpac/src/binpac \ + $(HOST_DIR)/bin/binpac +endef + +$(eval $(cmake-package)) +$(eval $(host-cmake-package))
The Zeek Network Security Monitor Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. (Zeek is the new name for the long-established Bro system.) Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> --- Changes v5 -> v6: - Set ZEEK_PYTHON_PREFIX Changes v4 -> v5: - host-python3 is mandatory Changes v3 -> v4: - Bump to latest version (4.1.1) and drop patch (already in version) - python 2 support dropped since https://github.com/zeek/zeek/commit/eeec219a66ed89235093fb63753d6baf6c21de78 - BSD-3-Clause added since https://github.com/zeek/zeek/commit/d070709c573fc01a40735a6c921a9095988306cc Changes v2 -> v3 (after review of Thomas Petazzoni): - Bump to version 3.2.2 (security fixes) - Add host-zeek dependencies - Install bifcl and binpac to HOST_DIR Changes v1 -> v2: - Bump to version 3.2.0 - Drop second and third patches (already in version) - Update ZEEK_SITE - Update indentation in hash file (two spaces) - Update third party licences DEVELOPERS | 1 + package/Config.in | 1 + package/zeek/Config.in | 43 ++++++++++++++++++++ package/zeek/zeek.hash | 6 +++ package/zeek/zeek.mk | 92 ++++++++++++++++++++++++++++++++++++++++++ 5 files changed, 143 insertions(+) create mode 100644 package/zeek/Config.in create mode 100644 package/zeek/zeek.hash create mode 100644 package/zeek/zeek.mk