diff options
| -rw-r--r-- | recipes/suricata/suricata/default | 7 | ||||
| -rw-r--r-- | recipes/suricata/suricata/init | 46 | ||||
| -rw-r--r-- | recipes/suricata/suricata/logrotate | 12 | ||||
| -rw-r--r-- | recipes/suricata/suricata/volatiles | 2 | ||||
| -rw-r--r-- | recipes/suricata/suricata_1.0.1.bb | 55 |
5 files changed, 122 insertions, 0 deletions
diff --git a/recipes/suricata/suricata/default b/recipes/suricata/suricata/default new file mode 100644 index 0000000000..53ef415a0d --- /dev/null +++ b/recipes/suricata/suricata/default @@ -0,0 +1,7 @@ +# Set listen (pcap/nfqueue/pf_ring) parameters for suricata here, like: +# +# SURICATA_PARAMS="-i eth0" +# or +# SURICATA_PARAMS="-q 100" +# +# Default it none and suricata won't be started
\ No newline at end of file diff --git a/recipes/suricata/suricata/init b/recipes/suricata/suricata/init new file mode 100644 index 0000000000..eea03ef5cc --- /dev/null +++ b/recipes/suricata/suricata/init @@ -0,0 +1,46 @@ +#!/bin/sh +# Suricata init file (rather simplistic) + +DAEMON=/usr/bin/suricata +DESC="IDS/IPS service" +NAME="suricata" +DEFAULT_FILE=/etc/default/suricata +CONF_FILE=/etc/suricata/suricata.yaml +PID_FILE=/var/run/suricata.pid + +if [ -f /etc/default/suricata ]; then + . /etc/default/suricata +fi + +if [ "x$SURICATA_PARAMS" == "x" ]; then + echo "No SURICATA_PARAMS defined in default file, won't run Suricata" >&2 + exit 1 +fi + +case "$1" in + start) + echo -n "Starting $DESC: " + start-stop-daemon --oknodo -S -x $DAEMON -p $PID_FILE -- $SURICATA_PARAMS -c $CONF_FILE -D --pidfile $PID_FILE + echo "$NAME." + ;; + stop) + echo -n "Stopping $DESC: " + start-stop-daemon -K -p $PID_FILE + for i in `seq 1 5`; do + if start-stop-daemon -p $PID -t -K >/dev/null 2>&1; then + break; + fi + sleep 1 + done + ;; + restart|force-reload) + $0 stop + $0 start + ;; + *) + echo "Usage: $0 {start|stop|restart|force-reload}" >&2 + exit 2 + ;; +esac + +exit 0
\ No newline at end of file diff --git a/recipes/suricata/suricata/logrotate b/recipes/suricata/suricata/logrotate new file mode 100644 index 0000000000..dd4bac42f4 --- /dev/null +++ b/recipes/suricata/suricata/logrotate @@ -0,0 +1,12 @@ +/var/log/suricata/*.log /var/log/suricata/*.alert{ + size 32M + missingok + compress + delaycompress + rotate 10 + sharedscripts + postrotate + /etc/init.d/suricata restart + endscript +} + diff --git a/recipes/suricata/suricata/volatiles b/recipes/suricata/suricata/volatiles new file mode 100644 index 0000000000..55092f5fb8 --- /dev/null +++ b/recipes/suricata/suricata/volatiles @@ -0,0 +1,2 @@ +# <type> <owner> <group> <mode> <path> <linksource> +d root root 0755 /var/log/suricata none
\ No newline at end of file diff --git a/recipes/suricata/suricata_1.0.1.bb b/recipes/suricata/suricata_1.0.1.bb new file mode 100644 index 0000000000..e6f569e67d --- /dev/null +++ b/recipes/suricata/suricata_1.0.1.bb @@ -0,0 +1,55 @@ +DESCRIPTION = "The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine" +LICENSE = "GPLv2" +HOMEPAGE = "http://openinfosecfoundation.org/" +DEPENDS = "libhtp libyaml libprelude libnetfilter-queue libnet libpcap libpcre libpfring" + +PR = "r1" + +SRC_URI = " \ + http://www.openinfosecfoundation.org/download/suricata-${PV}.tar.gz \ + file://volatiles \ + file://logrotate \ + file://default \ + file://init \ + " +SRC_URI[md5sum] = "ad42b854ef2b44499f0f1d1531b1ca36" +SRC_URI[sha256sum] = "7fbc8fe89a0a30171eddb8b066ab7e6ec811d14a73aa6bc9cea26fc1f36f4be4" + +EXTRA_OECONF = " \ + --enable-nfqueue \ + --enable-prelude \ + --enable-pfring \ + --enable-non-bundled-htp \ + --with-libnet-includes=${STAGING_INCDIR} \ + --with-libnet-libraries=${STAGING_LIBDIR} \ + " + +inherit autotools + +do_install_append() { + install -d ${D}${sysconfdir}/default/volatiles + install -d ${D}${sysconfdir}/init.d + install -d ${D}${sysconfdir}/logrotate.d + install -d ${D}${sysconfdir}/suricata + install -m 0644 suricata.yaml ${D}${sysconfdir}/suricata/ + install -m 0644 classification.config ${D}${sysconfdir}/suricata/ + install -m 0644 ${WORKDIR}/volatiles ${D}${sysconfdir}/default/volatiles/suricata + install -m 0644 ${WORKDIR}/logrotate ${D}${sysconfdir}/logrotate.d/suricata + install -m 0644 ${WORKDIR}/default ${D}${sysconfdir}/default/suricata + install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/suricata +} + +pkg_postinst_${PN}() { + ${sysconfdir}/init.d/populate-volatile.sh update +} + +PACKAGES =+ "${PN}-logrotate" +FILES_${PN}-logrotate = "${sysconfdir}/logrotate.d/suricata" +RRECOMMENDS_${PN} += "${PN}-logrotate" +RSUGGESTS_${PN}-logrotate += "logrotate" + +CONFFILES_${PN} = " \ + ${sysconfdir}/default/suricata \ + ${sysconfdir}/suricata/suricata.yaml \ + ${sysconfdir}/suricata/classification.config \ + "
\ No newline at end of file |