From patchwork Thu Mar 14 21:25:59 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fabrice Fontaine X-Patchwork-Id: 1056711 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=busybox.net (client-ip=140.211.166.137; helo=fraxinus.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="pr9/JSEZ"; dkim-atps=neutral Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 44L1xG5q07z9s3q for ; Fri, 15 Mar 2019 08:26:42 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 1B96786D2C; Thu, 14 Mar 2019 21:26:40 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x60SpiD_zHFG; Thu, 14 Mar 2019 21:26:39 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by fraxinus.osuosl.org (Postfix) with ESMTP id 3C6CE86D2F; Thu, 14 Mar 2019 21:26:39 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by ash.osuosl.org (Postfix) with ESMTP id 1C8CC1BF38A for ; Thu, 14 Mar 2019 21:26:38 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 1979F87C1C for ; Thu, 14 Mar 2019 21:26:38 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GFGnf9Lriw4q for ; Thu, 14 Mar 2019 21:26:36 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mail-wm1-f67.google.com (mail-wm1-f67.google.com [209.85.128.67]) by whitealder.osuosl.org (Postfix) with ESMTPS id 94E5587C17 for ; Thu, 14 Mar 2019 21:26:36 +0000 (UTC) Received: by mail-wm1-f67.google.com with SMTP id f3so4617701wmj.4 for ; Thu, 14 Mar 2019 14:26:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=TmFXtcinAegBoeQ5igwNwcT5ZX6qrkCTWksAc4epGsE=; b=pr9/JSEZOj3yNCBMbFiXK5aZn43FfgSvCO0IOEcwIqyhXX7Uax020cZmYyyfBHJEaH 4dxyTGvue/xJ0wwffQ7dFMxBSmccozW1FVWSDeXxVFxjItFDY8XotHw12nn/djknr4l0 TAWLglH03F7UB9fJ8k8EPVUaWXh216KjK5mkUIyj0exHXua68VJf4xfe+XZtvnRiUjHS m2GsPAzMJHZCa5H559yj/PlNJMV/C7B0+EWTy6J5m1HkDMtg35KZIZQEAV21WpMfsV9X eo6dyzymCdO9eNhQpS8fSgs5pnd8FuubENua2ct74/fiVHi3MlrkMxyKPggCOLGOpS4C jM3w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=TmFXtcinAegBoeQ5igwNwcT5ZX6qrkCTWksAc4epGsE=; b=Zxz7Fck+qRfpNcp7XVhGtVJ6HGbT92P82Nfd4nGjhgcamy38drGhbeswN+I5Uf4CBx X7Ko70l0Ra0TV5MFODGle46GoRxUDju+hm9bmhyt52q1Jw87sgeRKbq3Rc//jilEz4QZ d+jly5fz8JsWAbdqQtXFr23XxwuSjQmwLkay/ZADglGfmMrBUgAnoB+C6NIsfu1WU/23 FSc/A7FOIEMuDp1kwbvAZ5C0juiW9TWojYvuo4rz66PwADmbPxXD6cphP8+cXqLH13iD l/avI8+aXtsp+1A7Z/Tou1nDIBbcK8c8Dp0a31p4BMUaD16ZPAS3HuCOrT6PEIIQ4DkV ylTg== X-Gm-Message-State: APjAAAVQw7N9gchgJdHkN45w++6D4wC7bzf+HFFraP1Ae10cLkQynEo1 xqyZYfaow1SWNo8QxcpIXYHcXPSG X-Google-Smtp-Source: APXvYqxZJJhbEu44qd8jxwVV1b8Lo5wzI0NJddvP07BO5vnpVCmUjexPp2l2jl775J5m8Mf0sn4aow== X-Received: by 2002:a1c:9c0e:: with SMTP id f14mr366671wme.78.1552598794840; Thu, 14 Mar 2019 14:26:34 -0700 (PDT) Received: from localhost.localdomain ([80.12.34.164]) by smtp.gmail.com with ESMTPSA id a24sm4209296wmm.1.2019.03.14.14.26.33 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 14 Mar 2019 14:26:34 -0700 (PDT) From: Fabrice Fontaine To: buildroot@buildroot.org Date: Thu, 14 Mar 2019 22:25:59 +0100 Message-Id: <20190314212600.20918-1-fontaine.fabrice@gmail.com> X-Mailer: git-send-email 2.14.1 Subject: [Buildroot] [PATCH 1/2] package/libhtp: new package X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Fabrice Fontaine MIME-Version: 1.0 Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. https://github.com/OISF/libhtp Signed-off-by: Fabrice Fontaine --- DEVELOPERS | 1 + package/Config.in | 1 + .../0001-fix-build-without-GNU-libiconv.patch | 60 ++++++++++++++++++++++ package/libhtp/Config.in | 9 ++++ package/libhtp/libhtp.hash | 3 ++ package/libhtp/libhtp.mk | 20 ++++++++ 6 files changed, 94 insertions(+) create mode 100644 package/libhtp/0001-fix-build-without-GNU-libiconv.patch create mode 100644 package/libhtp/Config.in create mode 100644 package/libhtp/libhtp.hash create mode 100644 package/libhtp/libhtp.mk diff --git a/DEVELOPERS b/DEVELOPERS index 36e2295d2d..24737b858f 100644 --- a/DEVELOPERS +++ b/DEVELOPERS @@ -784,6 +784,7 @@ F: package/libgee/ F: package/libglib2/ F: package/libgtk2/ F: package/libgtk3/ +F: package/libhtp/ F: package/libidn/ F: package/libidn2/ F: package/libjpeg/ diff --git a/package/Config.in b/package/Config.in index 85a37f2c0b..bb57afab08 100644 --- a/package/Config.in +++ b/package/Config.in @@ -1534,6 +1534,7 @@ menu "Networking" source "package/libeXosip2/Config.in" source "package/libfcgi/Config.in" source "package/libgsasl/Config.in" + source "package/libhtp/Config.in" source "package/libhttpparser/Config.in" source "package/libidn/Config.in" source "package/libidn2/Config.in" diff --git a/package/libhtp/0001-fix-build-without-GNU-libiconv.patch b/package/libhtp/0001-fix-build-without-GNU-libiconv.patch new file mode 100644 index 0000000000..8f6cddf2da --- /dev/null +++ b/package/libhtp/0001-fix-build-without-GNU-libiconv.patch @@ -0,0 +1,60 @@ +From 1531a8e9b91b567979a2a0d7fd6a4c2e9126b01c Mon Sep 17 00:00:00 2001 +From: Fabrice Fontaine +Date: Wed, 6 Mar 2019 23:06:54 +0100 +Subject: [PATCH] fix build without GNU libiconv + +iconvctl is only defined in GNU libiconv so check for the availability +of this function before using it + +Signed-off-by: Fabrice Fontaine +[Upstream status: https://github.com/OISF/libhtp/pull/193] +--- + configure.ac | 18 ++++++++++++++++++ + htp/htp_transcoder.c | 2 +- + 2 files changed, 19 insertions(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index 7f0a58d..388ec7b 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -155,6 +155,24 @@ sinclude(m4/lib-link.m4) + sinclude(m4/lib-prefix.m4) + AM_ICONV + ++# iconvctl is not standard, it is defined only in GNU libiconv ++AC_MSG_CHECKING(for iconvctl) ++TMPLIBS="${LIBS}" ++LIBS="${LIBS} ${LIBICONV}" ++ ++AC_TRY_LINK([#include ++ #include ], ++ [int iconv_param = 0; ++ iconv_t cd = iconv_open("",""); ++ iconvctl(cd, ICONV_SET_DISCARD_ILSEQ, &iconv_param); ++ iconv_close(cd);], ++ [ac_cv_func_iconvctl=yes]) ++AC_MSG_RESULT($ac_cv_func_iconvctl) ++if test "$ac_cv_func_iconvctl" == yes; then ++ AC_DEFINE(HAVE_ICONVCTL,1,"Define to 1 if you have the `iconvctl' function.") ++fi ++LIBS="${TMPLIBS}" ++ + dnl ----------------------------------------------- + dnl Check and enable the GCC opts we want to use. + dnl We may need to add more checks +diff --git a/htp/htp_transcoder.c b/htp/htp_transcoder.c +index 57ff74c..d8e8280 100644 +--- a/htp/htp_transcoder.c ++++ b/htp/htp_transcoder.c +@@ -64,7 +64,7 @@ int htp_transcode_params(htp_connp_t *connp, htp_table_t **params, int destroy_o + return HTP_ERROR; + } + +- #if (_LIBICONV_VERSION >= 0x0108) ++ #if (_LIBICONV_VERSION >= 0x0108 && HAVE_ICONVCTL) + int iconv_param = 0; + iconvctl(cd, ICONV_SET_TRANSLITERATE, &iconv_param); + iconv_param = 1; +-- +2.14.1 + diff --git a/package/libhtp/Config.in b/package/libhtp/Config.in new file mode 100644 index 0000000000..98b9e2adea --- /dev/null +++ b/package/libhtp/Config.in @@ -0,0 +1,9 @@ +config BR2_PACKAGE_LIBHTP + bool "libhtp" + select BR2_PACKAGE_LIBICONV if !BR2_ENABLE_LOCALE + select BR2_PACKAGE_ZLIB + help + LibHTP is a security-aware parser for the HTTP protocol and + the related bits and pieces. + + https://github.com/OISF/libhtp diff --git a/package/libhtp/libhtp.hash b/package/libhtp/libhtp.hash new file mode 100644 index 0000000000..be68547be2 --- /dev/null +++ b/package/libhtp/libhtp.hash @@ -0,0 +1,3 @@ +# Locally computed: +sha256 7384f8461ad0431e9247c49b37a73929b284f39408d1f11b80949b188069b638 libhtp-0.5.30.tar.gz +sha256 87c93904e5434c81622ea690c2b90097b9f162aaa92a96542649a157dbf98d15 LICENSE diff --git a/package/libhtp/libhtp.mk b/package/libhtp/libhtp.mk new file mode 100644 index 0000000000..7606684b31 --- /dev/null +++ b/package/libhtp/libhtp.mk @@ -0,0 +1,20 @@ +################################################################################ +# +# libhtp +# +################################################################################ + +LIBHTP_VERSION = 0.5.30 +LIBHTP_SITE = $(call github,OISF,libhtp,$(LIBHTP_VERSION)) +LIBHTP_LICENSE = BSD-3-Clause +LIBHTP_LICENSE_FILES = LICENSE +LIBHTP_DEPENDENCIES = \ + $(if $(BR2_PACKAGE_LIBICONV),libiconv) \ + zlib +LIBHTP_INSTALL_STAGING = YES +# From git +LIBHTP_AUTORECONF = YES + +LIBHTP_CONF_ENV = NO_STACK_PROTECTOR=$(if $(BR2_TOOLCHAIN_HAS_SSP),no,true) + +$(eval $(autotools-package)) From patchwork Thu Mar 14 21:26:00 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fabrice Fontaine X-Patchwork-Id: 1056712 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=busybox.net (client-ip=140.211.166.133; helo=hemlock.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="gHvNsdm7"; dkim-atps=neutral Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 44L1xP66rCz9s3q for ; Fri, 15 Mar 2019 08:26:49 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id 6A6628826F; Thu, 14 Mar 2019 21:26:46 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cQ3pSZV6oi8R; Thu, 14 Mar 2019 21:26:44 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by hemlock.osuosl.org (Postfix) with ESMTP id 17AE788262; Thu, 14 Mar 2019 21:26:44 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by ash.osuosl.org (Postfix) with ESMTP id 133F71BF38A for ; Thu, 14 Mar 2019 21:26:43 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id 0D07A22115 for ; Thu, 14 Mar 2019 21:26:43 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XhhVznejQ+KF for ; Thu, 14 Mar 2019 21:26:42 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mail-wm1-f65.google.com (mail-wm1-f65.google.com [209.85.128.65]) by silver.osuosl.org (Postfix) with ESMTPS id ACDDC220FB for ; Thu, 14 Mar 2019 21:26:41 +0000 (UTC) Received: by mail-wm1-f65.google.com with SMTP id c13so7764245wmb.0 for ; Thu, 14 Mar 2019 14:26:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=QC5r7xAh98QY1MAHevt7x5kQOtbb21WKJ2yG/C57FhU=; b=gHvNsdm7VD4y/R0YBtSsTpSQqryTsdzTYlYlDegPsF4MsRGyFKB+zBzHeXaylzLuOI EvqI/3UaDhYL8MFw7L5b1M2liPmyEhB6uyDprtRh6XE7jOoQQlpXUJ6QYoThHU4G2gFG Qzd4tsjRPiwu9OX9bF3jukJJL19NaNlFGsUE2ypMSb6YbcDejUDw68AFs5yJxeJjYbtQ KMVX0XCSxXWnal0dM2yV/fvSA2wD4Z1zeT5vkoenY3isQPwW2WDdSX2goBEtkb6o6Mld geiOzR/Skm8dBHoxA+6C80oSMz9ixBDeZ5WTpnVEoxoETyTkfj4MyNN7R494QUXSgmOD mAkg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=QC5r7xAh98QY1MAHevt7x5kQOtbb21WKJ2yG/C57FhU=; b=j9/BMRkXYdHXvyqRl756RHIeCh6ashqpQBnV+jpPUwHDBjj5T690yHKizE0v+yhTy6 BNIOlFFqTxPKxipJUF4jFedGNdpbKB37x00EDiXVwZjyiN6t4/tjz9/3L9Uj224dq2LK j2rawGmD4WZyglTxO9+fYSSyLMNUjGFSTbRGwPswS8VW5DRJ6ajtuwLvF0Dkwt51xi/w cNXSDUGttTew6juFzQqjoPKvyPxZb3fc0dfvqcmwfXPc52j0G2N9nrqCgJdPjPSmYR5J WvwIkGnfJU8crWyQ9gWSTSoJLBq4+a1DsrbdpWdSQoNVH/0eIVtsDroWUpUEBuOoAy4b aKhA== X-Gm-Message-State: APjAAAW5z+bq41liGvUTw752qYBShGExEMtUYrl/IzE6TBxk5h/FDyu/ juBNCKttHQsl9Toa3UFPq7bfwg6e X-Google-Smtp-Source: APXvYqwSKsERz0HCTIS7+kJc5y3OpXWXiEsrbDqDRj/5Rxx89J8EA1/6w6VP+whVR0dkzaq2kldGFw== X-Received: by 2002:a1c:e0d7:: with SMTP id x206mr346673wmg.152.1552598799888; Thu, 14 Mar 2019 14:26:39 -0700 (PDT) Received: from localhost.localdomain ([80.12.34.164]) by smtp.gmail.com with ESMTPSA id a24sm4209296wmm.1.2019.03.14.14.26.38 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 14 Mar 2019 14:26:39 -0700 (PDT) From: Fabrice Fontaine To: buildroot@buildroot.org Date: Thu, 14 Mar 2019 22:26:00 +0100 Message-Id: <20190314212600.20918-2-fontaine.fabrice@gmail.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20190314212600.20918-1-fontaine.fabrice@gmail.com> References: <20190314212600.20918-1-fontaine.fabrice@gmail.com> Subject: [Buildroot] [PATCH 2/2] package/suricata: new package X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Fabrice Fontaine MIME-Version: 1.0 Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" Suricata is a free and open source, mature, fast and robust network threat detection engine. The Suricata engine is capable of real time intrusion detection (IDS), inline intrusion prevention (IPS), network security monitoring (NSM) and offline pcap processing. https://suricata-ids.org Signed-off-by: Fabrice Fontaine --- DEVELOPERS | 1 + package/Config.in | 1 + package/suricata/Config.in | 22 +++++++ package/suricata/S99suricata | 39 ++++++++++++ package/suricata/suricata.hash | 6 ++ package/suricata/suricata.mk | 131 ++++++++++++++++++++++++++++++++++++++ package/suricata/suricata.service | 13 ++++ 7 files changed, 213 insertions(+) create mode 100644 package/suricata/Config.in create mode 100644 package/suricata/S99suricata create mode 100644 package/suricata/suricata.hash create mode 100644 package/suricata/suricata.mk create mode 100644 package/suricata/suricata.service diff --git a/DEVELOPERS b/DEVELOPERS index 24737b858f..a9bec63849 100644 --- a/DEVELOPERS +++ b/DEVELOPERS @@ -818,6 +818,7 @@ F: package/oprofile/ F: package/pcmanfm/ F: package/rygel/ F: package/safeclib/ +F: package/suricata/ F: package/tinycbor/ F: package/tinydtls/ F: package/tinymembench/ diff --git a/package/Config.in b/package/Config.in index bb57afab08..4538ac8307 100644 --- a/package/Config.in +++ b/package/Config.in @@ -2018,6 +2018,7 @@ endif source "package/sslh/Config.in" source "package/strongswan/Config.in" source "package/stunnel/Config.in" + source "package/suricata/Config.in" source "package/tcpdump/Config.in" source "package/tcping/Config.in" source "package/tcpreplay/Config.in" diff --git a/package/suricata/Config.in b/package/suricata/Config.in new file mode 100644 index 0000000000..2add34956e --- /dev/null +++ b/package/suricata/Config.in @@ -0,0 +1,22 @@ +config BR2_PACKAGE_SURICATA + bool "suricata" + depends on BR2_USE_MMU # fork() + depends on BR2_USE_WCHAR + depends on BR2_TOOLCHAIN_HAS_THREADS + select BR2_PACKAGE_LIBHTP + select BR2_PACKAGE_LIBPCAP + select BR2_PACKAGE_LIBYAML + select BR2_PACKAGE_PCRE + help + Suricata is a free and open source, mature, fast and robust + network threat detection engine. + + The Suricata engine is capable of real time intrusion + detection (IDS), inline intrusion prevention (IPS), network + security monitoring (NSM) and offline pcap processing. + + https://suricata-ids.org + +comment "suricata needs a toolchain w/ wchar, threads" + depends on BR2_USE_MMU + depends on !BR2_USE_WCHAR || !BR2_TOOLCHAIN_HAS_THREADS diff --git a/package/suricata/S99suricata b/package/suricata/S99suricata new file mode 100644 index 0000000000..35a034b179 --- /dev/null +++ b/package/suricata/S99suricata @@ -0,0 +1,39 @@ +#!/bin/sh + +NAME=suricata +PIDFILE=/var/run/$NAME.pid +DAEMON=/usr/bin/$NAME +DAEMON_ARGS="-c /etc/suricata/suricata.yaml -i eth0" + +start() { + printf "Starting $NAME: " + mkdir -p /var/log/suricata + start-stop-daemon -S -q -m -b -p $PIDFILE --exec $DAEMON -- $DAEMON_ARGS + [ $? = 0 ] && echo "OK" || echo "FAIL" +} +stop() { + printf "Stopping $NAME: " + start-stop-daemon -K -q -p $PIDFILE + [ $? = 0 ] && echo "OK" || echo "FAIL" +} +restart() { + stop + start +} + +case "$1" in + start) + start + ;; + stop) + stop + ;; + restart|reload) + restart + ;; + *) + echo "Usage: $0 {start|stop|restart}" + exit 1 +esac + +exit $? diff --git a/package/suricata/suricata.hash b/package/suricata/suricata.hash new file mode 100644 index 0000000000..44ada0115a --- /dev/null +++ b/package/suricata/suricata.hash @@ -0,0 +1,6 @@ +# Locally computed: +sha256 6cda6c80b753ce36483c6be535358b971f3890b9aa27a58c2d2f7e89dd6c6aa0 suricata-4.1.3.tar.gz + +# Hash for license files: +sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING +sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 LICENSE diff --git a/package/suricata/suricata.mk b/package/suricata/suricata.mk new file mode 100644 index 0000000000..4b1e90435a --- /dev/null +++ b/package/suricata/suricata.mk @@ -0,0 +1,131 @@ +################################################################################ +# +# suricata +# +################################################################################ + +SURICATA_VERSION = 4.1.3 +SURICATA_SITE = https://www.openinfosecfoundation.org/download +SURICATA_LICENSE = GPL-2.0 +SURICATA_LICENSE_FILES = COPYING LICENSE + +SURICATA_DEPENDENCIES = \ + host-pkgconf \ + $(if $(BR2_PACKAGE_JANSSON),jansson) \ + $(if $(BR2_PACKAGE_LIBCAP_NG),libcap-ng) \ + $(if $(BR2_PACKAGE_LIBEVENT),libevent) \ + libhtp \ + $(if $(BR2_PACKAGE_LIBNFNETLINK),libnfnetlink) \ + libpcap \ + libyaml \ + $(if $(BR2_PACKAGE_LZ4),lz4) \ + $(if $(BR2_PACKAGE_LZMA),lzma) \ + pcre + +SURICATA_CONF_OPTS = \ + --disable-pie \ + --disable-rust \ + --disable-suricata-update \ + --enable-non-bundled-htp + +# install: install binaries +# install-conf: install initial configuration files +# install-full: install binaries, configuration and rules (rules will be +# download through wget/curl) +SURICATA_INSTALL_TARGET_OPTS = DESTDIR=$(TARGET_DIR) install install-conf + +ifeq ($(BR2_PACKAGE_FILE),y) +SURICATA_DEPENDENCIES += file +SURICATA_CONF_OPTS += --enable-libmagic +else +SURICATA_CONF_OPTS += --disable-libmagic +endif + +ifeq ($(BR2_PACKAGE_GEOIP),y) +SURICATA_DEPENDENCIES += geoip +SURICATA_CONF_OPTS += --enable-geoip +else +SURICATA_CONF_OPTS += --disable-geoip +endif + +ifeq ($(BR2_PACKAGE_HIREDIS),y) +SURICATA_DEPENDENCIES += hiredis +SURICATA_CONF_OPTS += --enable-hiredis +else +SURICATA_CONF_OPTS += --disable-hiredis +endif + +ifeq ($(BR2_PACKAGE_LIBNET),y) +SURICATA_DEPENDENCIES += libnet +SURICATA_CONF_OPTS += --with-libnet-includes=$(STAGING_DIR)/usr/include +endif + +ifeq ($(BR2_PACKAGE_LIBNETFILTER_LOG),y) +SURICATA_DEPENDENCIES += libnetfilter_log +SURICATA_CONF_OPTS += --enable-nflog +else +SURICATA_CONF_OPTS += --disable-nflog +endif + +ifeq ($(BR2_PACKAGE_LIBNETFILTER_QUEUE),y) +SURICATA_DEPENDENCIES += libnetfilter_queue +SURICATA_CONF_OPTS += --enable-nfqueue +else +SURICATA_CONF_OPTS += --disable-nfqueue +endif + +ifeq ($(BR2_PACKAGE_LIBNSPR),y) +SURICATA_DEPENDENCIES += libnspr +SURICATA_CONF_OPTS += --enable-nspr +else +SURICATA_CONF_OPTS += --disable-nspr +endif + +ifeq ($(BR2_PACKAGE_LIBNSS),y) +SURICATA_DEPENDENCIES += libnss +SURICATA_CONF_OPTS += --enable-nss +else +SURICATA_CONF_OPTS += --disable-nss +endif + +ifeq ($(BR2_PACKAGE_LUA),y) +SURICATA_CONF_OPTS += --enable-lua +SURICATA_DEPENDENCIES += lua +else +SURICATA_CONF_OPTS += --disable-lua +endif + +ifeq ($(BR2_PACKAGE_LUAJIT),y) +SURICATA_CONF_OPTS += --enable-luajit +SURICATA_DEPENDENCIES += luajit +else +SURICATA_CONF_OPTS += --disable-luajit +endif + +ifeq ($(BR2_PACKAGE_PYTHON),y) +SURICATA_CONF_OPTS += --enable-python +SURICATA_DEPENDENCIES += python +else +SURICATA_CONF_OPTS += --disable-python +endif + +ifeq ($(BR2_TOOLCHAIN_HAS_SSP),y) +SURICATA_CONF_OPTS += --enable-gccprotect +else +SURICATA_CONF_OPTS += --disable-gccprotect +endif + +define SURICATA_INSTALL_INIT_SYSV + $(INSTALL) -D -m 0755 package/suricata/S99suricata \ + $(TARGET_DIR)/etc/init.d/S99suricata +endef + +define SURICATA_INSTALL_INIT_SYSTEMD + $(INSTALL) -D -m 644 package/suricata/suricata.service \ + $(TARGET_DIR)/usr/lib/systemd/system/suricata.service + mkdir -p $(TARGET_DIR)/etc/systemd/system/multi-user.target.wants + ln -sf ../../../../usr/lib/systemd/system/suricata.service \ + $(TARGET_DIR)/etc/systemd/system/multi-user.target.wants/suricata.service +endef + +$(eval $(autotools-package)) diff --git a/package/suricata/suricata.service b/package/suricata/suricata.service new file mode 100644 index 0000000000..ca0be02dae --- /dev/null +++ b/package/suricata/suricata.service @@ -0,0 +1,13 @@ +[Unit] +Description=Suricata Intrusion Detection Service +After=network.target + +[Service] +ExecStartPre=/bin/rm -f /var/run/suricata.pid +ExecStartPre=/usr/bin/mkdir -p /var/log/suricata +ExecStart=/usr/bin/suricata -c /etc/suricata/suricata.yaml -i eth0 --pidfile /var/run/suricata.pid +ExecReload=/bin/kill -USR2 $MAINPID +Restart=always + +[Install] +WantedBy=multi-user.target