aboutsummaryrefslogtreecommitdiffstats
path: root/community/suricata/APKBUILD
blob: c87e573a736b4657e0be3f77e72b54b1510bac75 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
# Contributor: Michael Pirogov <vbnet.ru@gmail.com>
# Contributor: Stuart Cardall <developer at it-offshore dot co.uk>
# Maintainer: Steve McMaster <code@mcmaster.io>
pkgname=suricata
pkgver=6.0.3
pkgrel=2
pkgdesc="High performance Network IDS, IPS and Network Security Monitoring engine"
url="https://suricata-ids.org/"
# s390x lacks rust support, x86 segfault on build
arch="all !s390x !riscv64 !x86"
license="GPL-2.0-only"
makedepends="
	autoconf
	automake
	cargo
	file-dev
	geoip-dev
	hiredis-dev
	jansson-dev
	libcap-ng-dev
	libhtp-dev>=0.5.25
	libmaxminddb-dev
	libnetfilter_log-dev
	libnetfilter_queue-dev
	libnet-dev
	libnfnetlink-dev
	libpcap-dev
	libtool
	lz4-dev
	nspr-dev
	nss-dev
	pcre-dev
	rust
	yaml-dev
	"
depends="python3 py3-yaml"
subpackages="$pkgname-doc $pkgname-openrc"
install="$pkgname.post-install"
source="https://www.openinfosecfoundation.org/download/suricata-$pkgver.tar.gz
	$pkgname.confd
	$pkgname.initd
	$pkgname.logrotate
	10-nflog.patch
	"

# secfixes:
#   6.0.3-r0:
#    - CVE-2021-35063

case "$CARCH" in
	x86|x86_64|aarch64)
		_lua="--enable-luajit"
		makedepends="$makedepends luajit-dev vectorscan-dev" ;;
	ppc64le)
		# ppc64le has missing symbols with luajit and lua
		_lua="" ;;
	*)
		_lua="--enable-luajit"
		makedepends="$makedepends luajit-dev" ;;
esac

prepare() {
	default_prepare
	autoreconf -vif
}

build() {
	HAVE_PYTHON=/usr/bin/python3 ./configure \
		--build=$CBUILD \
		--host=$CHOST \
		--prefix=/usr \
		--sysconfdir=/etc \
		--mandir=/usr/share/man \
		--localstatedir=/var \
		--enable-non-bundled-htp \
		--enable-nflog \
		--enable-nfqueue \
		--disable-gccmarch-native \
		--enable-hiredis \
		--enable-geoip \
		--enable-gccprotect \
		--enable-pie \
		"$_lua" \
		--enable-rust
	make
}

check() {
	make check
}

package() {
	make DESTDIR="$pkgdir" install
	make DESTDIR="$pkgdir" install-conf

	cd "$srcdir"
	install -D -m 755 $pkgname.initd "$pkgdir"/etc/init.d/$pkgname
	install -D -m 644 $pkgname.confd "$pkgdir"/etc/conf.d/$pkgname
	install -D -m 644 $pkgname.logrotate "$pkgdir"/etc/logrotate.d/$pkgname

	# install rules
	mkdir -p "$pkgdir"/etc/$pkgname/rules
	install -Dm644 "$builddir"/rules/*.rules "$pkgdir"/etc/$pkgname/rules/
}
sha512sums="
186b871959988ca7cbd0d69e725aed18af915f93363c7ecc0ffa20d8ad8f50a326be08452d085772b1df84ef25258ef0dd6b35d41b0988cb1c653e60aeb103a2  suricata-6.0.3.tar.gz
ed7c78a80192f3f3ed433330df323beccb6079b5413289b9e9faa3fceea2c536de93de7372968d8605abd1618d73c9319ee39d86b16eed22e7313c8667252f5d  suricata.confd
258c6d60fc878dc1c7b7bf93cc758080050f591084a1edf7f1aac81ccb523c73615716616fedd0269f9ac5ef2fa7adcb3e2cefd714754bac5571e9806b6781be  suricata.initd
4f76a35bcde78c9860701897fe19bb84cc46bbc429124c4cb2e94cf3330f00ebe8067c0d7f3f83478e9b95323adb947e5081658f455657c4d03c682abe707534  suricata.logrotate
e0e5a03c9b681bd1b5ac44b450ae896f32c99cd95a9247ad075b5a1428ae2c476d93abc449c20e43ae472edbc0b6a4f00b1b9b022a5eea7bb086fcc0accd42ed  10-nflog.patch
"