diff options
author | Yi Zhao <yi.zhao@windriver.com> | 2018-07-24 10:33:33 +0800 |
---|---|---|
committer | Khem Raj <raj.khem@gmail.com> | 2018-07-26 20:10:07 -0700 |
commit | 6d960cf729ed238916bb42e3bf6db9d9c2f5dd4d (patch) | |
tree | f9a8a876ca1de9668874c6f672920a6505c6d7ea /meta-networking/recipes-connectivity/snort/snort_2.9.11.1.bb | |
parent | e4031bcc78ba92f661b257442a0fa13c5dc4b912 (diff) | |
download | meta-openembedded-contrib-6d960cf729ed238916bb42e3bf6db9d9c2f5dd4d.tar.gz |
snort: upgrade 2.9.7.5 -> 2.9.11.1
* Update SRC_URI
* Drop 0001-fix-do_package-failed-since-snort-2.9.7.0.patch since the
issue had been fixed upstream.
* Drop the following patches and merge their modifications to
disable-run-test-program-while-cross-compiling.patch:
disable-dap-address-space-id.patch
disable-daq-flow-id.patch
disable-daq-verdict-retry.patch
disable-inaddr-none.patch
* Add disable-run-test-program-while-cross-compiling.patch to fix
configure error: cannot run test program while cross compiling.
The variables have_daq_real_addresses, have_daq_ext_modflow,
have_daq_queryflow, have_daq_data_channel_flags and
have_daq_data_channel_separate_ip_versions are set to no since they
are for daq 2.2.2 but we have daq 2.0.6 in meta-networking layer.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-networking/recipes-connectivity/snort/snort_2.9.11.1.bb')
-rw-r--r-- | meta-networking/recipes-connectivity/snort/snort_2.9.11.1.bb | 103 |
1 files changed, 103 insertions, 0 deletions
diff --git a/meta-networking/recipes-connectivity/snort/snort_2.9.11.1.bb b/meta-networking/recipes-connectivity/snort/snort_2.9.11.1.bb new file mode 100644 index 0000000000..fdf41bfbda --- /dev/null +++ b/meta-networking/recipes-connectivity/snort/snort_2.9.11.1.bb @@ -0,0 +1,103 @@ +DESCRIPTION = "snort - a free lightweight network intrusion detection system for UNIX and Windows." +HOMEPAGE = "http://www.snort.org/" +SECTION = "net" +LICENSE = "GPL-2.0" +LIC_FILES_CHKSUM = "file://COPYING;md5=78fa8ef966b48fbf9095e13cc92377c5" + +DEPENDS = "xz libpcap libpcre daq libdnet util-linux daq-native libtirpc" + +SRC_URI = "https://www.snort.org/downloads/snort/${BP}.tar.gz \ + file://snort.init \ + file://0001-libpcap-search-sysroot-for-headers.patch \ + file://fix-host-contamination-when-enable-static-daq.patch \ + file://disable-run-test-program-while-cross-compiling.patch \ +" + +SRC_URI[md5sum] = "378e3938b2b5c8e358f942d0ffce18cc" +SRC_URI[sha256sum] = "9f6b3aeac5a109f55504bd370564ac431cb1773507929dc461626898f33f46cd" + +UPSTREAM_CHECK_URI = "https://www.snort.org/downloads" +UPSTREAM_CHECK_REGEX = "snort-(?P<pver>\d+(\.\d+)+)\.tar" + +inherit autotools gettext update-rc.d pkgconfig + +INITSCRIPT_NAME = "snort" +INITSCRIPT_PARAMS = "defaults" + +EXTRA_OECONF = " \ + --enable-gre \ + --enable-linux-smp-stats \ + --enable-reload \ + --enable-reload-error-restart \ + --enable-targetbased \ + --enable-static-daq \ + --with-dnet-includes=${STAGING_INCDIR} \ + --with-dnet-libraries=${STAGING_LIBDIR} \ + --with-libpcre-includes=${STAGING_INCDIR} \ + --with-libpcre-libraries=${STAGING_LIBDIR} \ + --with-daq-includes=${STAGING_INCDIR} \ + --with-daq-libraries=${STAGING_LIBDIR} \ +" + +# if you want to disable it, you need to patch configure.in first +# AC_CHECK_HEADERS([openssl/sha.h],, SHA_H="no") +# is called even with --without-openssl-includes +PACKAGECONFIG ?= "openssl lzma" +PACKAGECONFIG[openssl] = "--with-openssl-includes=${STAGING_INCDIR} --with-openssl-libraries=${STAGING_LIBDIR}, --without-openssl-includes --without-openssl-libraries, openssl," +PACKAGECONFIG[lzma] = "--with-lzma-includes=${STAGING_INCDIR} --with-lzma-libraries=${STAGING_LIBDIR}, --without-lzma-includes --without-lzma-libraries, xz," + +CFLAGS += "-I${STAGING_INCDIR}/tirpc" +LDFLAGS += " -ltirpc" + +do_install_append() { + install -d ${D}${sysconfdir}/snort/rules + install -d ${D}${sysconfdir}/snort/preproc_rules + install -d ${D}${sysconfdir}/init.d + for i in map config conf dtd; do + cp ${S}/etc/*.$i ${D}${sysconfdir}/snort/ + done + + # fix the hardcoded path and lib name + # comment out the rules that are not provided + sed -i -e 's#/usr/local/lib#${libdir}#' \ + -e 's#\.\./\(.*rules\)#${sysconfdir}/snort/\1#' \ + -e 's#\(libsf_engine.so\)#\1.0#' \ + -e 's/^\(include $RULE_PATH\)/#\1/' \ + -e 's/^\(dynamicdetection\)/#\1/' \ + -e '/preprocessor reputation/,/blacklist/ s/^/#/' \ + ${D}${sysconfdir}/snort/snort.conf + + cp ${S}/preproc_rules/*.rules ${D}${sysconfdir}/snort/preproc_rules/ + install -m 755 ${WORKDIR}/snort.init ${D}${sysconfdir}/init.d/snort + mkdir -p ${D}${localstatedir}/log/snort + install -d ${D}/var/log/snort + + sed -i 's/-fdebug-prefix-map[^ ]*//g; s#${STAGING_DIR_TARGET}##g' ${D}${libdir}/pkgconfig/*.pc +} + +FILES_${PN} += " \ + ${libdir}/snort_dynamicengine/*.so.* \ + ${libdir}/snort_dynamicpreprocessor/*.so.* \ + ${libdir}/snort_dynamicrules/*.so.* \ +" +FILES_${PN}-dbg += " \ + ${libdir}/snort_dynamicengine/.debug \ + ${libdir}/snort_dynamicpreprocessor/.debug \ + ${libdir}/snort_dynamicrules/.debug \ +" +FILES_${PN}-staticdev += " \ + ${libdir}/snort_dynamicengine/*.a \ + ${libdir}/snort_dynamicpreprocessor/*.a \ + ${libdir}/snort_dynamicrules/*.a \ + ${libdir}/snort/dynamic_preproc/*.a \ + ${libdir}/snort/dynamic_output/*.a \ +" +FILES_${PN}-dev += " \ + ${libdir}/snort_dynamicengine/*.la \ + ${libdir}/snort_dynamicpreprocessor/*.la \ + ${libdir}/snort_dynamicrules/*.la \ + ${libdir}/snort_dynamicengine/*.so \ + ${libdir}/snort_dynamicpreprocessor/*.so \ + ${libdir}/snort_dynamicrules/*.so \ + ${prefix}/src/snort_dynamicsrc \ +" |