blob: f19106f2e6ebc743a9169dceb16f0f4ac797c873 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
|
# Contributor: Michael Pirogov <vbnet.ru@gmail.com>
# Contributor: Stuart Cardall <developer at it-offshore dot co.uk>
# Maintainer: Steve McMaster <code@mcmaster.io>
pkgname=suricata
pkgver=7.0.5
pkgrel=0
pkgdesc="High performance Network IDS, IPS and Network Security Monitoring engine"
url="https://suricata.io/"
arch="all"
license="GPL-2.0-only"
makedepends="
autoconf
automake
cargo
file-dev
geoip-dev
hiredis-dev
jansson-dev
libbpf-dev
libcap-ng-dev
libhtp-dev
libmaxminddb-dev
libnetfilter_log-dev
libnetfilter_queue-dev
libnet-dev
libnfnetlink-dev
libpcap-dev
lz4-dev
nspr-dev
nss-dev
pcre2-dev
rust
yaml-dev
"
depends="python3 py3-yaml"
subpackages="$pkgname-doc $pkgname-openrc"
install="$pkgname.post-install"
source="https://www.openinfosecfoundation.org/download/suricata-$pkgver.tar.gz
$pkgname.confd
$pkgname.initd
$pkgname.logrotate
10-nflog.patch
"
# secfixes:
# 6.0.4-r0:
# - CVE-2021-37592
# - CVE-2021-45098
# 6.0.3-r0:
# - CVE-2021-35063
case "$CARCH" in
ppc64le|riscv64|loongarch64)
_lua="" ;;
*)
_lua="--enable-luajit"
makedepends="$makedepends luajit-dev" ;;
esac
case "$CARCH" in
x86_64|aarch64|ppc64le)
makedepends="$makedepends vectorscan-dev" ;;
esac
build() {
./configure \
--build=$CBUILD \
--host=$CHOST \
--prefix=/usr \
--sysconfdir=/etc \
--mandir=/usr/share/man \
--localstatedir=/var \
--enable-ebpf \
--enable-non-bundled-htp \
--enable-nflog \
--enable-nfqueue \
--disable-gccmarch-native \
--enable-hiredis \
--enable-geoip \
--enable-gccprotect \
--enable-pie \
"$_lua" \
--enable-rust
make
}
check() {
case "$CARCH" in
ppc64le)
# ppc64le optimizes out FlowGetLastTimeAsParts somehow, causing cargo test to fail
echo "check() disabled on ppc64le" ;;
*)
make check ;;
esac
}
package() {
make DESTDIR="$pkgdir" install
make DESTDIR="$pkgdir" install-conf
cd "$srcdir"
install -D -m 755 $pkgname.initd "$pkgdir"/etc/init.d/$pkgname
install -D -m 644 $pkgname.confd "$pkgdir"/etc/conf.d/$pkgname
install -D -m 644 $pkgname.logrotate "$pkgdir"/etc/logrotate.d/$pkgname
# install rules
mkdir -p "$pkgdir"/etc/$pkgname/rules
install -Dm644 "$builddir"/rules/*.rules "$pkgdir"/etc/$pkgname/rules/
}
sha512sums="
4eae28a78e1e9595c7f37215e9cccdf417235eadf3c8a9dc4cb531d7dc3fb353c903154ee745df7a44620d299998b84f15d6db95e5f0562744ff7cbaac398d34 suricata-7.0.5.tar.gz
ed7c78a80192f3f3ed433330df323beccb6079b5413289b9e9faa3fceea2c536de93de7372968d8605abd1618d73c9319ee39d86b16eed22e7313c8667252f5d suricata.confd
258c6d60fc878dc1c7b7bf93cc758080050f591084a1edf7f1aac81ccb523c73615716616fedd0269f9ac5ef2fa7adcb3e2cefd714754bac5571e9806b6781be suricata.initd
4f76a35bcde78c9860701897fe19bb84cc46bbc429124c4cb2e94cf3330f00ebe8067c0d7f3f83478e9b95323adb947e5081658f455657c4d03c682abe707534 suricata.logrotate
86f50f1ff75bf54d23b473d272e3d6d0fb17f6ae6686fd2fd6c5d908a80029368a987ee725111f311a48d1a66e11d41978b7c8b5aa76411a9d85a737a7a2f62b 10-nflog.patch
"
|