From 764a16d55f2ab0a632b87375ab4b41ac71d74220 Mon Sep 17 00:00:00 2001 From: Roman I Khimov Date: Fri, 30 Jul 2010 17:49:32 +0400 Subject: suricata: new recipe The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. Signed-off-by: Roman I Khimov --- recipes/suricata/suricata/default | 7 +++++ recipes/suricata/suricata/init | 46 +++++++++++++++++++++++++++++++ recipes/suricata/suricata/logrotate | 12 ++++++++ recipes/suricata/suricata/volatiles | 2 ++ recipes/suricata/suricata_1.0.1.bb | 55 +++++++++++++++++++++++++++++++++++++ 5 files changed, 122 insertions(+) create mode 100644 recipes/suricata/suricata/default create mode 100644 recipes/suricata/suricata/init create mode 100644 recipes/suricata/suricata/logrotate create mode 100644 recipes/suricata/suricata/volatiles create mode 100644 recipes/suricata/suricata_1.0.1.bb (limited to 'recipes/suricata') diff --git a/recipes/suricata/suricata/default b/recipes/suricata/suricata/default new file mode 100644 index 0000000000..53ef415a0d --- /dev/null +++ b/recipes/suricata/suricata/default @@ -0,0 +1,7 @@ +# Set listen (pcap/nfqueue/pf_ring) parameters for suricata here, like: +# +# SURICATA_PARAMS="-i eth0" +# or +# SURICATA_PARAMS="-q 100" +# +# Default it none and suricata won't be started \ No newline at end of file diff --git a/recipes/suricata/suricata/init b/recipes/suricata/suricata/init new file mode 100644 index 0000000000..eea03ef5cc --- /dev/null +++ b/recipes/suricata/suricata/init @@ -0,0 +1,46 @@ +#!/bin/sh +# Suricata init file (rather simplistic) + +DAEMON=/usr/bin/suricata +DESC="IDS/IPS service" +NAME="suricata" +DEFAULT_FILE=/etc/default/suricata +CONF_FILE=/etc/suricata/suricata.yaml +PID_FILE=/var/run/suricata.pid + +if [ -f /etc/default/suricata ]; then + . /etc/default/suricata +fi + +if [ "x$SURICATA_PARAMS" == "x" ]; then + echo "No SURICATA_PARAMS defined in default file, won't run Suricata" >&2 + exit 1 +fi + +case "$1" in + start) + echo -n "Starting $DESC: " + start-stop-daemon --oknodo -S -x $DAEMON -p $PID_FILE -- $SURICATA_PARAMS -c $CONF_FILE -D --pidfile $PID_FILE + echo "$NAME." + ;; + stop) + echo -n "Stopping $DESC: " + start-stop-daemon -K -p $PID_FILE + for i in `seq 1 5`; do + if start-stop-daemon -p $PID -t -K >/dev/null 2>&1; then + break; + fi + sleep 1 + done + ;; + restart|force-reload) + $0 stop + $0 start + ;; + *) + echo "Usage: $0 {start|stop|restart|force-reload}" >&2 + exit 2 + ;; +esac + +exit 0 \ No newline at end of file diff --git a/recipes/suricata/suricata/logrotate b/recipes/suricata/suricata/logrotate new file mode 100644 index 0000000000..dd4bac42f4 --- /dev/null +++ b/recipes/suricata/suricata/logrotate @@ -0,0 +1,12 @@ +/var/log/suricata/*.log /var/log/suricata/*.alert{ + size 32M + missingok + compress + delaycompress + rotate 10 + sharedscripts + postrotate + /etc/init.d/suricata restart + endscript +} + diff --git a/recipes/suricata/suricata/volatiles b/recipes/suricata/suricata/volatiles new file mode 100644 index 0000000000..55092f5fb8 --- /dev/null +++ b/recipes/suricata/suricata/volatiles @@ -0,0 +1,2 @@ +# +d root root 0755 /var/log/suricata none \ No newline at end of file diff --git a/recipes/suricata/suricata_1.0.1.bb b/recipes/suricata/suricata_1.0.1.bb new file mode 100644 index 0000000000..e6f569e67d --- /dev/null +++ b/recipes/suricata/suricata_1.0.1.bb @@ -0,0 +1,55 @@ +DESCRIPTION = "The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine" +LICENSE = "GPLv2" +HOMEPAGE = "http://openinfosecfoundation.org/" +DEPENDS = "libhtp libyaml libprelude libnetfilter-queue libnet libpcap libpcre libpfring" + +PR = "r1" + +SRC_URI = " \ + http://www.openinfosecfoundation.org/download/suricata-${PV}.tar.gz \ + file://volatiles \ + file://logrotate \ + file://default \ + file://init \ + " +SRC_URI[md5sum] = "ad42b854ef2b44499f0f1d1531b1ca36" +SRC_URI[sha256sum] = "7fbc8fe89a0a30171eddb8b066ab7e6ec811d14a73aa6bc9cea26fc1f36f4be4" + +EXTRA_OECONF = " \ + --enable-nfqueue \ + --enable-prelude \ + --enable-pfring \ + --enable-non-bundled-htp \ + --with-libnet-includes=${STAGING_INCDIR} \ + --with-libnet-libraries=${STAGING_LIBDIR} \ + " + +inherit autotools + +do_install_append() { + install -d ${D}${sysconfdir}/default/volatiles + install -d ${D}${sysconfdir}/init.d + install -d ${D}${sysconfdir}/logrotate.d + install -d ${D}${sysconfdir}/suricata + install -m 0644 suricata.yaml ${D}${sysconfdir}/suricata/ + install -m 0644 classification.config ${D}${sysconfdir}/suricata/ + install -m 0644 ${WORKDIR}/volatiles ${D}${sysconfdir}/default/volatiles/suricata + install -m 0644 ${WORKDIR}/logrotate ${D}${sysconfdir}/logrotate.d/suricata + install -m 0644 ${WORKDIR}/default ${D}${sysconfdir}/default/suricata + install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/suricata +} + +pkg_postinst_${PN}() { + ${sysconfdir}/init.d/populate-volatile.sh update +} + +PACKAGES =+ "${PN}-logrotate" +FILES_${PN}-logrotate = "${sysconfdir}/logrotate.d/suricata" +RRECOMMENDS_${PN} += "${PN}-logrotate" +RSUGGESTS_${PN}-logrotate += "logrotate" + +CONFFILES_${PN} = " \ + ${sysconfdir}/default/suricata \ + ${sysconfdir}/suricata/suricata.yaml \ + ${sysconfdir}/suricata/classification.config \ + " \ No newline at end of file -- cgit 1.2.3-korg