svn commit: r334051 - in head/security/suricata: . files
Kubilay Kocak
koobs at FreeBSD.org
Sun Nov 17 03:09:14 UTC 2013
Author: koobs
Date: Sun Nov 17 03:09:13 2013
New Revision: 334051
URL: http://svnweb.freebsd.org/changeset/ports/334051
Log:
security/suricata: Update to 1.4.6, Switch to libhtp-suricata, Un-BROKEN Clang.
- Update to 1.4.6
- Switch to the correct library in www/libhtp-suricata
- Take maintainership
- Enable STAGE support
- Remove uneccessary patches
- Configure: Add libhtp include and library location
- Configure: Add /var to --localstatedir
- Configure: Disable Python support explicitly
- QA: Remove BROKEN with clang
- QA: Update to new LIB_DEPENDS format
- QA: Use ETCDIR instead of custom path for CONFIG_DIR and RULES_DIR
- QA: Replace hardcoded strings with ${PORTNAME}
- QA: Add documentation and %%DOCSDIR%% to pkg-plist
- QA: Add TESTS option to include unit tests in binary
- QA: Add regression-test target (TMPDIR is not prefix safe)
- QA: Replace USE_GMAKE with USES=gmake
- QA: Remove automake from USE_AUTOTOOLS
- QA: Remove LICENSE_FILE for those listed in bsd.licenses.db.mk
- QA: Remove post-patch target
- QA: Sort USE/USES and combine LIB_DEPENDS
- QA: Clarify and tweak OPTIONS descriptions
Reviewed by: wxs, mva, Johannes Meixner
Approved by: wxs (maintainer)
Deleted:
head/security/suricata/files/patch-src__app-layer-htp.c
head/security/suricata/files/patch-src__suricata-common.h
Modified:
head/security/suricata/Makefile
head/security/suricata/distinfo
head/security/suricata/pkg-plist (contents, props changed)
Modified: head/security/suricata/Makefile
==============================================================================
--- head/security/suricata/Makefile Sun Nov 17 02:58:44 2013 (r334050)
+++ head/security/suricata/Makefile Sun Nov 17 03:09:13 2013 (r334051)
@@ -2,58 +2,57 @@
# $FreeBSD$
PORTNAME= suricata
-PORTVERSION= 1.3.4
-PORTREVISION= 3
+PORTVERSION= 1.4.6
CATEGORIES= security
MASTER_SITES= http://www.openinfosecfoundation.org/download/ \
http://mirrors.rit.edu/zi/
-MAINTAINER= wxs at FreeBSD.org
+MAINTAINER= koobs at FreeBSD.org
COMMENT= Open Source next generation IDS/IPS engine by OISF
LICENSE= GPLv2
-LICENSE_FILE= ${WRKSRC}/LICENSE
-LIB_DEPENDS= pcre:${PORTSDIR}/devel/pcre \
- yaml:${PORTSDIR}/textproc/libyaml \
- htp:${PORTSDIR}/devel/libhtp
+LIB_DEPENDS= libpcre.so:${PORTSDIR}/devel/pcre \
+ libhtp.so:${PORTSDIR}/www/libhtp-suricata \
+ libnet.so:${PORTSDIR}/net/libnet \
+ libyaml.so:${PORTSDIR}/textproc/libyaml
-LIB_DEPENDS+= net:${PORTSDIR}/net/libnet
-
-USE_AUTOTOOLS= automake autoconf libtool
-USES= pkgconfig
-
-USE_RC_SUBR= suricata
-
-LIBNET_CONFIG?= ${LOCALBASE}/bin/libnet11-config
-
-OPTIONS_DEFINE= IPFW PRELUDE PORTS_PCAP DAG
+OPTIONS_DEFINE= IPFW PRELUDE PORTS_PCAP DAG TESTS
OPTIONS_DEFAULT=IPFW
-IPFW_DESC= Enable ipfw/ipdivert for IPS usage
-PRELUDE_DESC= Enable Prelude NIDS integration
+IPFW_DESC= Enable IPFW and IP Divert support for inline IDP
+PRELUDE_DESC= Enable Prelude support for NIDS alerts
PORTS_PCAP_DESC=Use libpcap from ports
-DAG_DESC= Enable Endace DAG Support
+DAG_DESC= Enable Endace DAG capture support
+TESTS_DESC= Enable unit tests in suricata binary
+
+USE_AUTOTOOLS= autoconf libtool
+USE_LDCONFIG= yes
+USE_RC_SUBR= ${PORTNAME}
+USES= gmake pkgconfig
+GNU_CONFIGURE= yes
-NO_STAGE= yes
.include <bsd.port.options.mk>
SUB_FILES= pkg-message
-HAS_CONFIGURE= yes
-USE_GMAKE= yes
-USE_LDCONFIG= yes
-CONFIGURE_ARGS+=--enable-non-bundled-htp --enable-gccprotect \
- --with-libpcre-includes=${LOCALBASE}/include \
- --with-libpcre-libraries=${LOCALBASE}/lib \
- --with-libyaml-includes=${LOCALBASE}/include \
- --with-libyaml-libraries=${LOCALBASE}/lib \
- --with-libnet-includes=${LOCALBASE}/include/libnet11 \
- --with-libnet-libraries=${LOCALBASE}/lib/libnet11
-CONFIG_DIR?= ${PREFIX}/etc/suricata
+CONFIGURE_ARGS+=--enable-non-bundled-htp --enable-gccprotect \
+ --with-libpcre-includes=${LOCALBASE}/include \
+ --with-libpcre-libraries=${LOCALBASE}/lib \
+ --with-libyaml-includes=${LOCALBASE}/include \
+ --with-libyaml-libraries=${LOCALBASE}/lib \
+ --with-libnet-includes=${LOCALBASE}/include/libnet11 \
+ --with-libnet-libraries=${LOCALBASE}/lib/libnet11 \
+ --with-libhtp-includes=${LOCALBASE}/include/ \
+ --with-libhtp-libraries=${LOCALBASE}/lib \
+ --localstatedir=/var/
+CONFIGURE_ENV+= ac_cv_path_HAVE_PYTHON_CONFIG=no
+
+LIBNET_CONFIG?= ${LOCALBASE}/bin/libnet11-config
+CONFIG_DIR?= ${ETCDIR}
CONFIG_FILES= suricata.yaml classification.config reference.config
-RULES_DIR= ${PREFIX}/etc/suricata/rules
-LOGS_DIR= /var/log/suricata
+RULES_DIR= ${CONFIG_DIR}/rules
+LOGS_DIR?= /var/log/${PORTNAME}
.include <bsd.port.pre.mk>
@@ -61,10 +60,6 @@ LOGS_DIR= /var/log/suricata
BROKEN= Does not compile on ia64, powerpc, or sparc64
.endif
-.if ${CC} == "clang" || ${CXX} == "clang++"
-BROKEN= Does not build when compiled with clang
-.endif
-
.if ${PORT_OPTIONS:MPRELUDE}
LIB_DEPENDS+= prelude:${PORTSDIR}/security/libprelude
CONFIGURE_ARGS+= --enable-prelude \
@@ -91,27 +86,29 @@ CONFIGURE_ARGS+= --enable-dag \
--with-dag-libraries=${LOCALBASE}/lib
.endif
-AUTOTOOLSFILES= aclocal.m4 libhtp/aclocal.m4
-
-post-patch:
- @${REINPLACE_CMD} -Ee 's|^(install-data-am: )install-pkgconfigDATA|\1|' ${WRKSRC}/libhtp/Makefile.in
-.for f in ${AUTOTOOLSFILES}
- @${REINPLACE_CMD} -e 's|1.11.3|%%AUTOMAKE_APIVER%%|g' ${WRKSRC}/${f}
-.endfor
+.if ${PORT_OPTIONS:MTESTS}
+CONFIGURE_ARGS+= --enable-unittests
+.else
+CONFIGURE_ARGS+= --disable-unittests
+.endif
pre-install:
- @${REINPLACE_CMD} -e 's|/etc/suricata|${PREFIX}/etc/suricata|g' ${WRKSRC}/suricata.yaml
+ @${REINPLACE_CMD} -e 's|/etc/suricata|${CONFIG_DIR}|g' ${WRKSRC}/suricata.yaml
post-install:
- [ -d ${CONFIG_DIR} ] || ${MKDIR} ${CONFIG_DIR}
- [ -d ${RULES_DIR} ] || ${MKDIR} ${RULES_DIR}
- [ -d ${LOGS_DIR} ] || ${MKDIR} ${LOGS_DIR}
+ ${MKDIR} ${STAGEDIR}${CONFIG_DIR}
+ ${MKDIR} ${STAGEDIR}${RULES_DIR}
.for f in ${CONFIG_FILES}
- ${INSTALL_DATA} ${WRKSRC}/${f} ${CONFIG_DIR}/${f}-sample
- @if [ ! -f ${CONFIG_DIR}/${f} ]; then \
- ${CP} -p ${CONFIG_DIR}/${f}-sample ${CONFIG_DIR}/${f} ; \
- fi
+ ${INSTALL_DATA} ${WRKSRC}/${f} ${STAGEDIR}${CONFIG_DIR}/${f}-sample
.endfor
- @${CAT} ${PKGMESSAGE}
+
+TMPDIR?= /tmp
+TESTDIR= ${TMPDIR}/${PORTNAME}
+
+regression-test: build
+ ${RM} -rf ${TESTDIR}
+ ${MKDIR} ${TESTDIR}
+ cd ${WRKSRC}/src && ./suricata -u -l ${TESTDIR}
+ ${RM} -rf ${TESTDIR}
.include <bsd.port.post.mk>
Modified: head/security/suricata/distinfo
==============================================================================
--- head/security/suricata/distinfo Sun Nov 17 02:58:44 2013 (r334050)
+++ head/security/suricata/distinfo Sun Nov 17 03:09:13 2013 (r334051)
@@ -1,2 +1,2 @@
-SHA256 (suricata-1.3.4.tar.gz) = cc1bdf30a8dc013eeac071d623c092bdd0e36609427967e68955b573cff361eb
-SIZE (suricata-1.3.4.tar.gz) = 2348824
+SHA256 (suricata-1.4.6.tar.gz) = 5cf5d76dd63d06b993912301edc8afa06f886d0b68740239cc7df49b00800f8e
+SIZE (suricata-1.4.6.tar.gz) = 2508956
Modified: head/security/suricata/pkg-plist
==============================================================================
--- head/security/suricata/pkg-plist Sun Nov 17 02:58:44 2013 (r334050)
+++ head/security/suricata/pkg-plist Sun Nov 17 03:09:13 2013 (r334051)
@@ -1,4 +1,33 @@
bin/suricata
+%%DOCSDIR%%/AUTHORS
+%%DOCSDIR%%/Basic_Setup.txt
+%%DOCSDIR%%/CentOS5.txt
+%%DOCSDIR%%/CentOS_56_Installation.txt
+%%DOCSDIR%%/Debian_Installation.txt
+%%DOCSDIR%%/Fedora_Core.txt
+%%DOCSDIR%%/FreeBSD_8.txt
+%%DOCSDIR%%/GITGUIDE
+%%DOCSDIR%%/HTP_library_installation.txt
+%%DOCSDIR%%/INSTALL
+%%DOCSDIR%%/INSTALL.PF_RING
+%%DOCSDIR%%/INSTALL.WINDOWS
+%%DOCSDIR%%/Installation_from_GIT_with_PCRE-JIT.txt
+%%DOCSDIR%%/Installation_from_GIT_with_PF_RING_on_Ubuntu_server_1104.txt
+%%DOCSDIR%%/Installation_with_CUDA_and_PFRING_on_Scientific_Linux_6.txt
+%%DOCSDIR%%/Installation_with_CUDA_and_PF_RING_on_Ubuntu_server_1104.txt
+%%DOCSDIR%%/Installation_with_CUDA_on_Scientific_Linux_6.txt
+%%DOCSDIR%%/Installation_with_CUDA_on_Ubuntu_server_1104.txt
+%%DOCSDIR%%/Installation_with_PF_RING.txt
+%%DOCSDIR%%/Mac_OS_X_106x.txt
+%%DOCSDIR%%/NEWS
+%%DOCSDIR%%/OpenBSD_Installation_from_GIT.txt
+%%DOCSDIR%%/README
+%%DOCSDIR%%/Setting_up_IPSinline_for_Linux.txt
+%%DOCSDIR%%/TODO
+%%DOCSDIR%%/Third_Party_Installation_Guides.txt
+%%DOCSDIR%%/Ubuntu_Installation.txt
+%%DOCSDIR%%/Ubuntu_Installation_from_GIT.txt
+%%DOCSDIR%%/Windows.txt
@unexec if cmp -s %D/etc/suricata/suricata.yaml-sample %D/etc/suricata/suricata.yaml; then rm -f %D/etc/suricata/suricata.yaml; fi
etc/suricata/suricata.yaml-sample
@exec if [ ! -f %D/etc/suricata/suricata.yaml ] ; then cp -p %D/%F %B/suricata.yaml; fi
@@ -9,5 +38,7 @@ etc/suricata/classification.config-sampl
etc/suricata/reference.config-sample
@exec if [ ! -f %D/etc/suricata/reference.config ] ; then cp -p %D/%F %B/reference.config; fi
@dirrmtry etc/suricata/rules
+ at exec mkdir -p %D/etc/suricata/rules
@dirrmtry etc/suricata
@unexec if [ -d %D/%%ETCDIR%% ]; then echo "==> If you are permanently removing this port, you should do a ``rm -rf ${PKG_PREFIX}/etc/suricata`` to remove any configuration files left."; fi
+ at dirrm %%DOCSDIR%%
More information about the svn-ports-all
mailing list