[RE: [oe] [meta-networking][PATCH v2 1/3] snort : add recipe] On 13.11.01 (Fri 07:15) Chunrong Guo wrote:
> Hello,joe > > I investigate barnyard2 and barnyard . > I have the following conclusions: > 1) Barnyard2 maintains majority of the command syntax of barnyard. > 2) Barnyard has not seen an updated in over 4 years and is not > going to be maintained by the original developers. > 3) Barnyard2 is a very popular plugin . > > I will submit new patch about " snort + Barnyard2". Thanks. That was my read on barnyard v. barnyard2 as well but it is good to know you've verified my impression. I saw the latest version (please do try to ensure you tag them with meta-networking in the subject) and I'll have a look at them and try them out later this morning. -J. > > Thanks, > chunrong > > -----Original Message----- > From: Joe MacDonald [mailto:[email protected]] > Sent: Wednesday, October 30, 2013 8:49 PM > To: Guo Chunrong-B40290 > Cc: [email protected] > Subject: Re: [oe] [meta-networking][PATCH v2 1/3] snort : add recipe > > [RE: [oe] [meta-networking][PATCH v2 1/3] snort : add recipe] On 13.10.30 > (Wed 01:40) Guo Chunrong-B40290 wrote: > > > Hi, Joe MacDonald > > > > Thank you for your comments. > > > > The current snort simply do not need sysvinit config. > > I apologize, I don't mean to belabor the point, but can you point me at that > information? http://www.snort.org/docs/ contains a lot of documentation > around getting snort started on various systems and there are a number of > startup scripts there that indicate they belong in /etc/init.d of their > respective distributions. Perhaps things have changed in the most recent > version of snort, but the "Snort Startup Scripts" section seem to apply to > the versions of snort you're proposing we include in meta-networking. > > Also, please don't forget about the include path and barnyard questions. > > Thanks. > > -J. > > > > > > > Thanks, > > Chunrong > > > > -----Original Message----- > > From: Joe MacDonald [mailto:[email protected]] > > Sent: Wednesday, October 30, 2013 3:20 AM > > To: [email protected] > > Cc: Guo Chunrong-B40290 > > Subject: Re: [oe] [meta-networking][PATCH v2 1/3] snort : add recipe > > > > Hi Chunrong, > > > > Sorry about the confusion here, there were still at least a couple of > > outstanding questions / requests, I thought. > > > > I had a quick look back at the latest barnyard recipe and it appears to be > > removing the include path as opposed to using -I=/usr/include/pcap that > > Khem suggested, I was hoping to hear back on the question I had as well WRT > > barnyard versus barnyard2 (I could make the license tweak myself since I'm > > confident that won't invalidate any of your work) and the Gentoo mirror as > > the primary source for this version of Barnyard. > > > > I also noticed that in the most recent version of the snort recipe the > > sysvinit components have been dropped entirely. Was that due to > > problems inheriting update-rc.d as Koen suggested? (Or perhaps the > > current snort simply doesn't have a functional sysvinit config? I > > hope that's not the case.) I'm probably not the only one still making > > use of sysvinit stuff in some scenarios. :-) > > > > -J. > > > > [Re: [oe] [meta-networking][PATCH v2 1/3] snort : add recipe] On 13.10.28 > > (Mon 02:23) Guo Chunrong-B40290 wrote: > > > > > pings > > > > > > -----Original Message----- > > > From: Guo Chunrong-B40290 > > > Sent: Friday, October 18, 2013 4:22 PM > > > To: [email protected] > > > Cc: Liu Ting-B28495; Luo Zhenhua-B19537; Guo Chunrong-B40290 > > > Subject: [meta-networking][PATCH v2 1/3] snort : add recipe > > > > > > From: Chunrong Guo <[email protected]> > > > > > > *snort - a free lightweight network intrusion detection > > > system for UNIX and Windows > > > > > > Signed-off-by: Chunrong Guo <[email protected]> > > > --- > > > .../snort/files/disable-dap-address-space-id.patch | 52 ++++++++++++++ > > > .../snort/files/disable-inaddr-none.patch | 75 > > > ++++++++++++++++++++ > > > .../recipes-connectivity/snort/snort_2.9.4.6.bb | 64 > > > +++++++++++++++++ > > > 3 files changed, 191 insertions(+), 0 deletions(-) create mode > > > 100644 > > > meta-networking/recipes-connectivity/snort/files/disable-dap-address > > > -s > > > pace-id.patch create mode 100644 > > > meta-networking/recipes-connectivity/snort/files/disable-inaddr-none > > > .p > > > atch create mode 100644 > > > meta-networking/recipes-connectivity/snort/snort_2.9.4.6.bb > > > > > > diff --git > > > a/meta-networking/recipes-connectivity/snort/files/disable-dap-addre > > > ss > > > -space-id.patch > > > b/meta-networking/recipes-connectivity/snort/files/disable-dap-addre > > > ss > > > -space-id.patch > > > new file mode 100644 > > > index 0000000..39e5c9c > > > --- /dev/null > > > +++ b/meta-networking/recipes-connectivity/snort/files/disable-dap-a > > > +++ dd > > > +++ re > > > +++ ss-space-id.patch > > > @@ -0,0 +1,52 @@ > > > +Upstream-Status:Inappropriate [embedded specific] > > > + > > > +fix the below error: > > > +checking for dap address space id... configure: > > > +configure: error: cannot run test program while cross compiling > > > + > > > + > > > +Signed-off-by: Chunrong Guo <[email protected]> > > > + > > > +--- a/configure.in 2013-08-23 00:06:37.239361932 -0500 > > > ++++ b/configure.in 2013-08-23 00:07:32.860266534 -0500 > > > +@@ -679,23 +679,23 @@ > > > + > > > + AC_CHECK_FUNCS([daq_hup_apply] [daq_acquire_with_meta]) > > > + > > > +-AC_MSG_CHECKING([for daq address space ID]) -AC_RUN_IFELSE( > > > +-[AC_LANG_PROGRAM( -[[ -#include <daq.h> -]], -[[ > > > +- DAQ_PktHdr_t hdr; > > > +- hdr.address_space_id = 0; > > > +-]])], > > > +-[have_daq_address_space_id="yes"], > > > +-[have_daq_address_space_id="no"]) > > > +-AC_MSG_RESULT($have_daq_address_space_id) > > > +-if test "x$have_daq_address_space_id" = "xyes"; then > > > +- AC_DEFINE([HAVE_DAQ_ADDRESS_SPACE_ID],[1], > > > +- [DAQ version supports address space ID in header.]) > > > +-fi > > > ++#AC_MSG_CHECKING([for daq address space ID]) #AC_RUN_IFELSE( > > > ++#[AC_LANG_PROGRAM( #[[ ##include <daq.h> #]], #[[ > > > ++# DAQ_PktHdr_t hdr; > > > ++# hdr.address_space_id = 0; > > > ++#]])], > > > ++have_daq_address_space_id="yes" > > > ++#[have_daq_address_space_id="no"]) > > > ++#AC_MSG_RESULT($have_daq_address_space_id) > > > ++#if test "x$have_daq_address_space_id" = "xyes"; then > > > ++# AC_DEFINE([HAVE_DAQ_ADDRESS_SPACE_ID],[1], > > > ++# [DAQ version supports address space ID in header.]) > > > ++#fi > > > + > > > + # any sparc platform has to have this one defined. > > > + AC_MSG_CHECKING(for sparc) > > > diff --git > > > a/meta-networking/recipes-connectivity/snort/files/disable-inaddr-no > > > ne > > > .patch > > > b/meta-networking/recipes-connectivity/snort/files/disable-inaddr-no > > > ne > > > .patch > > > new file mode 100644 > > > index 0000000..9dafe63 > > > --- /dev/null > > > +++ b/meta-networking/recipes-connectivity/snort/files/disable-inadd > > > +++ r- > > > +++ no > > > +++ ne.patch > > > @@ -0,0 +1,75 @@ > > > +Upstream-Status: Inappropriate [embedded specific] > > > + > > > +fix the below error: > > > +checking for INADDR_NONE... configure: > > > +configure: error: cannot run test program while cross compiling > > > + > > > +Signed-off-by: Chunrong Guo <[email protected]> > > > + > > > + > > > +--- a/configure.in 2013-08-21 03:56:17.197414789 -0500 > > > ++++ b/configure.in 2013-08-21 23:19:05.298553560 -0500 > > > +@@ -281,25 +281,7 @@ > > > + AC_CHECK_TYPES([boolean]) > > > + > > > + # In case INADDR_NONE is not defined (like on Solaris) > > > +-have_inaddr_none="no" > > > +-AC_MSG_CHECKING([for INADDR_NONE]) -AC_RUN_IFELSE( > > > +-[AC_LANG_PROGRAM( -[[ -#include <sys/types.h> -#include > > > +<netinet/in.h> -#include <arpa/inet.h> -]], -[[ > > > +- if (inet_addr("10,5,2") == INADDR_NONE); > > > +- return 0; > > > +-]])], > > > +-[have_inaddr_none="yes"], > > > +-[have_inaddr_none="no"]) > > > +-AC_MSG_RESULT($have_inaddr_none) > > > +-if test "x$have_inaddr_none" = "xno"; then > > > +- AC_DEFINE([INADDR_NONE],[-1],[For INADDR_NONE definition]) > > > +-fi > > > ++have_inaddr_none="yes" > > > + > > > + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ > > > + #include <stdio.h> > > > +@@ -397,21 +379,21 @@ > > > + fi > > > + fi > > > + > > > +-AC_MSG_CHECKING([for pcap_lex_destroy]) -AC_RUN_IFELSE( > > > +-[AC_LANG_PROGRAM( -[[ -#include <pcap.h> -]], -[[ > > > +- pcap_lex_destroy(); > > > +-]])], > > > +-[have_pcap_lex_destroy="yes"], > > > +-[have_pcap_lex_destroy="no"]) > > > +-AC_MSG_RESULT($have_pcap_lex_destroy) > > > +-if test "x$have_pcap_lex_destroy" = "xyes"; then > > > +- AC_DEFINE([HAVE_PCAP_LEX_DESTROY],[1],[Can cleanup lex buffer stack > > > created by pcap bpf filter]) > > > +-fi > > > ++#AC_MSG_CHECKING([for pcap_lex_destroy]) #AC_RUN_IFELSE( > > > ++#[AC_LANG_PROGRAM( #[[ ##include <pcap.h> #]], #[[ > > > ++# pcap_lex_destroy(); > > > ++#]])], > > > ++have_pcap_lex_destroy="yes" > > > ++#[have_pcap_lex_destroy="no"]) > > > ++#AC_MSG_RESULT($have_pcap_lex_destroy) > > > ++#if test "x$have_pcap_lex_destroy" = "xyes"; then > > > ++# AC_DEFINE([HAVE_PCAP_LEX_DESTROY],[1],[Can cleanup lex buffer > > > stack created by pcap bpf filter]) > > > ++#fi > > > + > > > + AC_MSG_CHECKING([for pcap_lib_version]) AC_LINK_IFELSE( > > > diff --git > > > a/meta-networking/recipes-connectivity/snort/snort_2.9.4.6.bb > > > b/meta-networking/recipes-connectivity/snort/snort_2.9.4.6.bb > > > new file mode 100644 > > > index 0000000..8639639 > > > --- /dev/null > > > +++ b/meta-networking/recipes-connectivity/snort/snort_2.9.4.6.bb > > > @@ -0,0 +1,64 @@ > > > +DESCRIPTION = "snort - a free lightweight network intrusion detection > > > system for UNIX and Windows." > > > +HOMEPAGE = "http://www.snort.org/"; > > > +LICENSE = "GPL-2.0" > > > +LIC_FILES_CHKSUM = "file://COPYING;md5=78fa8ef966b48fbf9095e13cc92377c5" > > > + > > > +DEPENDS = "libpcap libpcre daq libdnet" > > > + > > > + > > > +SRC_URI = " ${GENTOO_MIRROR}/${BP}.tar.gz;name=tarball \ > > > + file://disable-inaddr-none.patch \ > > > + file://disable-dap-address-space-id.patch " > > > + > > > +SRC_URI[tarball.md5sum] = "4111df01a4f21bd1d328a18b76d625bd" > > > +SRC_URI[tarball.sha256sum] = > > > "cfaa5390b1840aaaa68a6c05a7077dd92cb916e6186a014baa451d43cdb0b3bc" > > > + > > > +inherit autotools gettext > > > + > > > +EXTRA_OECONF = " \ > > > + --enable-gre \ > > > + --enable-linux-smp-stats \ > > > + --enable-reload \ > > > + --enable-reload-error-restart \ > > > + --enable-targetbased \ > > > + --disable-static-daq \ > > > + " > > > + > > > +do_install_append() { > > > + install -d ${D}/${sysconfdir}/snort/rules > > > + install -d ${D}/${sysconfdir}/snort/preproc_rules > > > + for i in map config conf dtd; do > > > + cp ${S}/etc/*.$i ${D}/${sysconfdir}/snort/ > > > + done > > > + cp ${S}/preproc_rules/*.rules ${D}/${sysconfdir}/snort/preproc_rules/ > > > + mkdir -p ${D}/${localstatedir}/log/snort } > > > + > > > +FILES_${PN} += " \ > > > + ${libdir}/snort_dynamicengine/*.so.* \ > > > + ${libdir}/snort_dynamicpreprocessor/*.so.* \ > > > + ${libdir}/snort_dynamicrules/*.so.* \ > > > + " > > > +FILES_${PN}-dbg += " \ > > > + ${libdir}/snort_dynamicengine/.debug \ > > > + ${libdir}/snort_dynamicpreprocessor/.debug \ > > > + ${libdir}/snort_dynamicrules/.debug \ > > > + " > > > +FILES_${PN}-staticdev += " \ > > > + ${libdir}/snort_dynamicengine/*.a \ > > > + ${libdir}/snort_dynamicpreprocessor/*.a \ > > > + ${libdir}/snort_dynamicrules/*.a \ > > > + ${libdir}/snort/dynamic_preproc/*.a \ > > > + ${libdir}/snort/dynamic_output/*.a \ > > > + " > > > +FILES_${PN}-dev += " \ > > > + ${libdir}/snort_dynamicengine/*.la \ > > > + ${libdir}/snort_dynamicpreprocessor/*.la \ > > > + ${libdir}/snort_dynamicrules/*.la \ > > > + ${libdir}/snort_dynamicengine/*.so \ > > > + ${libdir}/snort_dynamicpreprocessor/*.so \ > > > + ${libdir}/snort_dynamicrules/*.so \ > > > + ${prefix}/src/snort_dynamicsrc \ > > > + " > > > + > > > +RRECOMMENDS_${PN} += "barnyard" > > > -- > > > 1.7.5.4 > > > > > > > > > _______________________________________________ > > > Openembedded-devel mailing list > > > [email protected] > > > http://lists.openembedded.org/mailman/listinfo/openembedded-devel > > > > -- > > -Joe MacDonald. > > :wq > > > > -- > -Joe MacDonald. > :wq -- -Joe MacDonald. :wq
signature.asc
Description: Digital signature
_______________________________________________ Openembedded-devel mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-devel
