[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/files/, net-analyzer/suricata/
commit: 2befe2774f886be18f6897f2b4ff63094fdd9126
Author: Marek Szuba gentoo org>
AuthorDate: Wed Apr 24 12:37:24 2024 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Apr 24 12:38:20 2024 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2befe277
net-analyzer/suricata: add 7.0.5, drop 7.0.4
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 4 +--
.../suricata-7.0.3_fix-build-with-gcc14.patch | 39 --
.../suricata-7.0.5_configure-fortify_source.patch | 18 ++
...suricata-7.0.4.ebuild => suricata-7.0.5.ebuild} | 4 +--
4 files changed, 22 insertions(+), 43 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index f41fad6e6ffa..fdaacd396d1e 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,2 @@
-DIST suricata-7.0.4.tar.gz 23610769 BLAKE2B
6c85ee7134548261a5a766ee3e7c0ce095ef478e9323342f17bb48eb0abc74035a66212c7f7e6ba45bd2efd552d82ad6d218d4b09279877f60526f8f79de9764
SHA512
098364a5f0b2c14bf3a0c8895ec9c94a23edd990468f618fa35181c54405be6db012a6e97981e0024140864342764df97101be73308c835d6fabf6cd98a7ffc3
-DIST suricata-7.0.4.tar.gz.sig 566 BLAKE2B
56a8d3ba556a233b0f27a992c20e2654a44f5205bfd731662e96f1a6cf5e925d00014f2d379458c917527415c5c3020f897528fb35e6681bcbddde670567e6f0
SHA512
f2694f9a6cc4d644bb629ae49deef22517a970a78fa500384b51b3ed9119fdfa4ff4a4524de55d3b02bf16dc36c52419bc0424f65dd02b0b56349c5d2fc00a52
+DIST suricata-7.0.5.tar.gz 23612189 BLAKE2B
9a44e4561edcc8909853b88779aa520a79b684ca9114479a95b2b34f8e34b6a0f5887d4b332dddb9da225335d7642089345e7f245a1ebce68f42f38126eb4b58
SHA512
4eae28a78e1e9595c7f37215e9cccdf417235eadf3c8a9dc4cb531d7dc3fb353c903154ee745df7a44620d28b84f15d6db95e5f0562744ff7cbaac398d34
+DIST suricata-7.0.5.tar.gz.sig 566 BLAKE2B
f1e4885f92d13e3168ae44b2fd2b134e1eee9a71f4d92ee8e60df65af3558f4dfa64919955dc60d597d0ef6c6a92b505ab5974fc2f07cd8dc8b4d889eaa4b4c2
SHA512
5f6c2904441c0cb414990a89a2c5a640da9ef25b572512cb2dbb607c7e469186982299acc98414067f8119c8e7c2d433f1b8cf38d1a3c95235a493311230bfc7
diff --git
a/net-analyzer/suricata/files/suricata-7.0.3_fix-build-with-gcc14.patch
b/net-analyzer/suricata/files/suricata-7.0.3_fix-build-with-gcc14.patch
deleted file mode 100644
index 7ebacf76852c..
--- a/net-analyzer/suricata/files/suricata-7.0.3_fix-build-with-gcc14.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-Bug: From b5280929c58559c178415ce199157b5c87171258 Mon Sep 17 00:00:00 2001
-From: Brahmajit Das
-Date: Tue, 20 Feb 2024 12:05:57 +0530
-Subject: [PATCH 1/1] Fix passing incompatible pointer type with GCC 14
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-GCC 14 (and newer compilers like Clang 16) enables
--Wincompatible-pointer-types by default, along with some other flags.
-Thus resulting in build errors such as
-
-util-host-info.c: In function ‘SCKernelVersionIsAtLeast’:
-util-host-info.c:94:31: error: passing argument 1 of
‘pcre2_substring_list_free_8’ from incompatible pointer type
[-Wincompatible-pointer-types]
- 94 | pcre2_substring_list_free((PCRE2_SPTR *)list);
- | ^~
- | |
- | const PCRE2_UCHAR8 ** {aka const
unsigned char **}
-
-Removing the casting make suricata build with GCC 14.
-
-First discovered on Gentoo Linux with GCC 14
-
-Bug: https://bugs.gentoo.org/925011
-Signed-off-by: Brahmajit Das
a/src/util-host-info.c
-+++ b/src/util-host-info.c
-@@ -91,7 +91,7 @@ int SCKernelVersionIsAtLeast(int major, int minor)
- err = true;
- }
-
--pcre2_substring_list_free((PCRE2_SPTR *)list);
-+pcre2_substring_list_free(list);
- pcre2_match_data_free(version_regex_match);
- pcre2_code_free(version_regex);
-
---
-2.43.2
-
diff --git
a/net-analyzer/suricata/files/suricata-7.0.5_configure-fortify_source.patch
b/net-analyzer/suricata/files/suricata-7.0.5_configure-fortify_source.patch
new file mode 100644
index ..302f9bb382f3
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata-7.0.5_configure-fortify_source.patch
@@ -0,0 +1,18 @@
+--- a/configure.ac
b/configure.ac
+@@ -339,15 +339,6 @@
+ [AC_MSG_RESULT(no)])
+ CFLAGS="${TMPCFLAGS}"
+
+-#compile-time best-practices errors for certain libc functions,
provides checks of buffer lengths and memory regions
+-AC_MSG_CHECKING(for -D_FORTIFY_SOURCE=2)
+-TMPCFLAGS="${CFLAGS}"
+-CFLAGS="${CFLAGS} -D_FORTIFY_SOURCE=2"
+-AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]],
[[]])],[SECCFLAGS="${SECCFLAGS} -D_FORTIFY_SOURCE=2"
+-AC_MSG_RESULT(yes)],
+-[AC_MSG_RESULT(no)])
+-CFLAGS="${TMPCFLAGS}"
+-
+ #compile-time warnings about misuse of format strings
+ AC_MSG_CHECKING(for -Wformat -Wformat-security)
+
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: e186e58718acb87a9f12802b237ace95d8a7d906
Author: Marek Szuba gentoo org>
AuthorDate: Sun Apr 7 00:01:37 2024 +
Commit: Marek Szuba gentoo org>
CommitDate: Sun Apr 7 01:04:00 2024 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e186e587
net-analyzer/suricata: add 7.0.4, drop 7.0.3
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest| 4 ++--
.../suricata/{suricata-7.0.3.ebuild => suricata-7.0.4.ebuild} | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 9e0bba5db148..f41fad6e6ffa 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,2 @@
-DIST suricata-7.0.3.tar.gz 23599903 BLAKE2B
b42044428ae5ac4ecd6b41d083f0f3ac5839bf9a0734c3a64bb5e9a6f1a0ffe0c1f5da262f4e167461836bd26ebf9238ec9c0c213ba61f6419b6af1314f3becb
SHA512
5a19a00118b86cd9c9b8a4b8399d8deda23beb19a6a6ed49e82240a1a5d4549490f3ce72743f5990c200850e8a64e3a51f45b8c1b8088bdd16aa12341dbf64aa
-DIST suricata-7.0.3.tar.gz.sig 566 BLAKE2B
3befe75463a26493b660dc21721e2628a4889d5397d0ada6aa51bd9c748487130dfb56f3fa25b5514411adeaf0b385ee7e9d664ab0af9b6b0a2bef719bdc904f
SHA512
a08274708f3aee891b018da613fa60cf66ca09b41f70ed1e89b57d5e778bf97058d71c6ad8c529926783287ddd0f20337957e03ff59b3500c207a4ef7936bfdf
+DIST suricata-7.0.4.tar.gz 23610769 BLAKE2B
6c85ee7134548261a5a766ee3e7c0ce095ef478e9323342f17bb48eb0abc74035a66212c7f7e6ba45bd2efd552d82ad6d218d4b09279877f60526f8f79de9764
SHA512
098364a5f0b2c14bf3a0c8895ec9c94a23edd990468f618fa35181c54405be6db012a6e97981e0024140864342764df97101be73308c835d6fabf6cd98a7ffc3
+DIST suricata-7.0.4.tar.gz.sig 566 BLAKE2B
56a8d3ba556a233b0f27a992c20e2654a44f5205bfd731662e96f1a6cf5e925d00014f2d379458c917527415c5c3020f897528fb35e6681bcbddde670567e6f0
SHA512
f2694f9a6cc4d644bb629ae49deef22517a970a78fa500384b51b3ed9119fdfa4ff4a4524de55d3b02bf16dc36c52419bc0424f65dd02b0b56349c5d2fc00a52
diff --git a/net-analyzer/suricata/suricata-7.0.3.ebuild
b/net-analyzer/suricata/suricata-7.0.4.ebuild
similarity index 99%
rename from net-analyzer/suricata/suricata-7.0.3.ebuild
rename to net-analyzer/suricata/suricata-7.0.4.ebuild
index 31a877d45e4f..60817c7c0306 100644
--- a/net-analyzer/suricata/suricata-7.0.3.ebuild
+++ b/net-analyzer/suricata/suricata-7.0.4.ebuild
@@ -39,7 +39,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.46
+ >=net-libs/libhtp-0.5.47
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, net-analyzer/suricata/files/
commit: 07e1f3e359b3cfe01d8ef3a1e263af2f8acc23b4
Author: Marek Szuba gentoo org>
AuthorDate: Wed Feb 28 21:34:39 2024 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Feb 28 21:46:10 2024 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=07e1f3e3
net-analyzer/suricata: drop 6.0.15
No versions affected by the latest batch of CVEs left in the tree.
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 2 -
6_configure-no-sphinx-pdflatex-automagic.patch | 26 ---
net-analyzer/suricata/suricata-6.0.15.ebuild | 212 -
3 files changed, 240 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 241154b314b8..9e0bba5db148 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,4 +1,2 @@
-DIST suricata-6.0.15.tar.gz 27903106 BLAKE2B
cf5c2d5760e52f0b4eb0276feb89e056d74ef5478e3158a047fbdec14022aa6e0ba986b7ee9f9ec49e2ebb3f206c7d71ad8ce8dc4eb9a6b48b4ba38c96c2f1c6
SHA512
ec9904fdc57e594653e3f48794c602429412fc85377630600b96081cfeb21361c353ce54d564c01ef0400885c508b49bd8c7a5d8b4482d45155b2007907107a9
-DIST suricata-6.0.15.tar.gz.sig 566 BLAKE2B
f9f5fd9df55c9854f4da3765673df094a3979324714b0f81f787abc3eaa811d01e42cf8b892c5ae558e5f453b82f84dcebd4548a0cfafca00582adc595a11bbf
SHA512
e938715fe22699b623d70bcd70e69d3acb2bfa322ecb9a8a19b272eb5ba378b34974c3114419bbb07fb46b805bc160344d0bdb567acb887832e4c18734fef9a8
DIST suricata-7.0.3.tar.gz 23599903 BLAKE2B
b42044428ae5ac4ecd6b41d083f0f3ac5839bf9a0734c3a64bb5e9a6f1a0ffe0c1f5da262f4e167461836bd26ebf9238ec9c0c213ba61f6419b6af1314f3becb
SHA512
5a19a00118b86cd9c9b8a4b8399d8deda23beb19a6a6ed49e82240a1a5d4549490f3ce72743f5990c200850e8a64e3a51f45b8c1b8088bdd16aa12341dbf64aa
DIST suricata-7.0.3.tar.gz.sig 566 BLAKE2B
3befe75463a26493b660dc21721e2628a4889d5397d0ada6aa51bd9c748487130dfb56f3fa25b5514411adeaf0b385ee7e9d664ab0af9b6b0a2bef719bdc904f
SHA512
a08274708f3aee891b018da613fa60cf66ca09b41f70ed1e89b57d5e778bf97058d71c6ad8c529926783287ddd0f20337957e03ff59b3500c207a4ef7936bfdf
diff --git
a/net-analyzer/suricata/files/suricata-5.0.6_configure-no-sphinx-pdflatex-automagic.patch
b/net-analyzer/suricata/files/suricata-5.0.6_configure-no-sphinx-pdflatex-automagic.patch
deleted file mode 100644
index be5805e67f87..
---
a/net-analyzer/suricata/files/suricata-5.0.6_configure-no-sphinx-pdflatex-automagic.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-No configure options to disable looking for these, redundant for releases
-because the tarballs already contain both PDF documentation and man pages,
-and as of 2021-05-11 doc generation is not compatible with sphinx-4.0.0+
-due to conf.py calling long-deprecated app.add_stylesheet() rather
-than app.add_css_file().
-
a/configure.ac
-+++ b/configure.ac
-@@ -2423,7 +2423,7 @@
- fi
-
- # sphinx for documentation
--AC_PATH_PROG(HAVE_SPHINXBUILD, sphinx-build, "no")
-+HAVE_SPHINXBUILD="no"
- if test "$HAVE_SPHINXBUILD" = "no"; then
-enable_sphinxbuild=no
-if test -e "$srcdir/doc/userguide/suricata.1"; then
-@@ -2434,7 +2434,7 @@
- AM_CONDITIONAL([HAVE_SURICATA_MAN], [test "x$have_suricata_man" = "xyes"])
-
- # pdflatex for the pdf version of the user manual
--AC_PATH_PROG(HAVE_PDFLATEX, pdflatex, "no")
-+HAVE_PDFLATEX="no"
- if test "$HAVE_PDFLATEX" = "no"; then
-enable_pdflatex=no
- fi
diff --git a/net-analyzer/suricata/suricata-6.0.15.ebuild
b/net-analyzer/suricata/suricata-6.0.15.ebuild
deleted file mode 100644
index 045ebbc38788..
--- a/net-analyzer/suricata/suricata-6.0.15.ebuild
+++ /dev/null
@@ -1,212 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-LUA_COMPAT=( lua5-1 luajit )
-PYTHON_COMPAT=( python3_{10..12} )
-
-inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd
tmpfiles verify-sig
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
-HOMEPAGE="https://suricata.io/;
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
- verify-sig? (
https://www.openinfosecfoundation.org/download/${P}.tar.gz.sig )"
-
-LICENSE="GPL-2"
-SLOT="0/6"
-KEYWORDS="~amd64 ~riscv ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
hyperscan lua lz4 nflog +nfqueue redis systemd test"
-VERIFY_SIG_OPENPGP_KEY_PATH="/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
-
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- bpf? ( af-packet )
- lua? ( ${LUA_REQUIRED_USE} )"
-
-RDEPEND="${PYTHON_DEPS}
- acct-group/suricata
- acct-user/suricata
- dev-libs/jansson:=
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- $(python_gen_cond_dep '
-
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, net-analyzer/suricata/files/
commit: 4c54d76e8fab4063a74490103bace21d972a4d9d
Author: Marek Szuba gentoo org>
AuthorDate: Wed Feb 28 21:25:33 2024 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Feb 28 21:46:09 2024 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4c54d76e
net-analyzer/suricata: add 7.0.3, remove 7.0.2 and 7.0.2-r1
Includes Brahmajit's patch for the gcc-14 issue, as it is yet to be
fixed upstream.
Closes: https://bugs.gentoo.org/925011
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 4 +-
.../suricata-7.0.3_fix-build-with-gcc14.patch | 39
net-analyzer/suricata/suricata-7.0.2.ebuild| 221 -
...icata-7.0.2-r1.ebuild => suricata-7.0.3.ebuild} | 3 +-
4 files changed, 43 insertions(+), 224 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index adabc7aa76bc..241154b314b8 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,4 +1,4 @@
DIST suricata-6.0.15.tar.gz 27903106 BLAKE2B
cf5c2d5760e52f0b4eb0276feb89e056d74ef5478e3158a047fbdec14022aa6e0ba986b7ee9f9ec49e2ebb3f206c7d71ad8ce8dc4eb9a6b48b4ba38c96c2f1c6
SHA512
ec9904fdc57e594653e3f48794c602429412fc85377630600b96081cfeb21361c353ce54d564c01ef0400885c508b49bd8c7a5d8b4482d45155b2007907107a9
DIST suricata-6.0.15.tar.gz.sig 566 BLAKE2B
f9f5fd9df55c9854f4da3765673df094a3979324714b0f81f787abc3eaa811d01e42cf8b892c5ae558e5f453b82f84dcebd4548a0cfafca00582adc595a11bbf
SHA512
e938715fe22699b623d70bcd70e69d3acb2bfa322ecb9a8a19b272eb5ba378b34974c3114419bbb07fb46b805bc160344d0bdb567acb887832e4c18734fef9a8
-DIST suricata-7.0.2.tar.gz 23445403 BLAKE2B
5af50f6f0d91ba233b1cc373c073e72824f10d6df20c27041d5fd11d25c7be6b1941beccf0fb18612d6277eaa7bb1d47d8fedbd34f580ba87d352c45d4d51725
SHA512
bca6eb64495d36fcc83522e29a8ec24653752930d001191fca1d72de5513537fdb8c1805fc45afe55b5fb3a68cf3747af609eec46070505dcd5d9e53c0ed9b95
-DIST suricata-7.0.2.tar.gz.sig 566 BLAKE2B
8a931361acfa5e945fe9a3a03b38c65ff7f59da88a9af9c3f5a4b15ec880de6f22038a45d27c480c75489df0a90373f3cee44c48a266226fae89c00ed78b6e5f
SHA512
0a46c8fef1d68f76c08c314613e558027dc7700a72628b5708dbc36c5c1943d816120c569692103d75d284cd7027cdda0d4ef9ab436992d7d2ec101e18aa5056
+DIST suricata-7.0.3.tar.gz 23599903 BLAKE2B
b42044428ae5ac4ecd6b41d083f0f3ac5839bf9a0734c3a64bb5e9a6f1a0ffe0c1f5da262f4e167461836bd26ebf9238ec9c0c213ba61f6419b6af1314f3becb
SHA512
5a19a00118b86cd9c9b8a4b8399d8deda23beb19a6a6ed49e82240a1a5d4549490f3ce72743f5990c200850e8a64e3a51f45b8c1b8088bdd16aa12341dbf64aa
+DIST suricata-7.0.3.tar.gz.sig 566 BLAKE2B
3befe75463a26493b660dc21721e2628a4889d5397d0ada6aa51bd9c748487130dfb56f3fa25b5514411adeaf0b385ee7e9d664ab0af9b6b0a2bef719bdc904f
SHA512
a08274708f3aee891b018da613fa60cf66ca09b41f70ed1e89b57d5e778bf97058d71c6ad8c529926783287ddd0f20337957e03ff59b3500c207a4ef7936bfdf
diff --git
a/net-analyzer/suricata/files/suricata-7.0.3_fix-build-with-gcc14.patch
b/net-analyzer/suricata/files/suricata-7.0.3_fix-build-with-gcc14.patch
new file mode 100644
index ..7ebacf76852c
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata-7.0.3_fix-build-with-gcc14.patch
@@ -0,0 +1,39 @@
+Bug: From b5280929c58559c178415ce199157b5c87171258 Mon Sep 17 00:00:00 2001
+From: Brahmajit Das
+Date: Tue, 20 Feb 2024 12:05:57 +0530
+Subject: [PATCH 1/1] Fix passing incompatible pointer type with GCC 14
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+GCC 14 (and newer compilers like Clang 16) enables
+-Wincompatible-pointer-types by default, along with some other flags.
+Thus resulting in build errors such as
+
+util-host-info.c: In function ‘SCKernelVersionIsAtLeast’:
+util-host-info.c:94:31: error: passing argument 1 of
‘pcre2_substring_list_free_8’ from incompatible pointer type
[-Wincompatible-pointer-types]
+ 94 | pcre2_substring_list_free((PCRE2_SPTR *)list);
+ | ^~
+ | |
+ | const PCRE2_UCHAR8 ** {aka const
unsigned char **}
+
+Removing the casting make suricata build with GCC 14.
+
+First discovered on Gentoo Linux with GCC 14
+
+Bug: https://bugs.gentoo.org/925011
+Signed-off-by: Brahmajit Das
+--- a/src/util-host-info.c
b/src/util-host-info.c
+@@ -91,7 +91,7 @@ int SCKernelVersionIsAtLeast(int major, int minor)
+ err = true;
+ }
+
+-pcre2_substring_list_free((PCRE2_SPTR *)list);
++pcre2_substring_list_free(list);
+ pcre2_match_data_free(version_regex_match);
+ pcre2_code_free(version_regex);
+
+--
+2.43.2
+
diff --git a/net-analyzer/suricata/suricata-7.0.2.ebuild
b/net-analyzer/suricata/suricata-7.0.2.ebuild
deleted file mode 100644
index 93fe2558be37..
--- a/net-analyzer/suricata/suricata-7.0.2.ebuild
+++ /dev/null
@@ -1,221 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: befc4ee3450687083e60cd85b490902af4eac91a
Author: Matoro Mahri matoro tk>
AuthorDate: Mon Jan 22 17:39:39 2024 +
Commit: Ionen Wolkens gentoo org>
CommitDate: Tue Jan 23 05:04:44 2024 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=befc4ee3
net-analyzer/suricata: Keyword 7.0.2-r1 x86, #918871
Signed-off-by: Matoro Mahri matoro.tk>
Signed-off-by: Ionen Wolkens gentoo.org>
net-analyzer/suricata/suricata-7.0.2-r1.ebuild | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/suricata-7.0.2-r1.ebuild
b/net-analyzer/suricata/suricata-7.0.2-r1.ebuild
index 9f79f08d97d4..897087d2c82d 100644
--- a/net-analyzer/suricata/suricata-7.0.2-r1.ebuild
+++ b/net-analyzer/suricata/suricata-7.0.2-r1.ebuild
@@ -15,7 +15,7 @@
SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
LICENSE="GPL-2"
SLOT="0/7"
-KEYWORDS="~amd64 ~riscv"
+KEYWORDS="~amd64 ~riscv ~x86"
IUSE="+af-packet af-xdp bpf control-socket cuda debug +detection geoip
hardened hyperscan lua lz4 nflog +nfqueue redis systemd test"
VERIFY_SIG_OPENPGP_KEY_PATH="/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: ea846f743f1a3f7d6874f22353479121f153bb1f
Author: Petr Vaněk gentoo org>
AuthorDate: Wed Nov 29 09:23:32 2023 +
Commit: Petr Vaněk gentoo org>
CommitDate: Wed Nov 29 21:12:17 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ea846f74
net-analyzer/suricata: switch to dev-libs/vectorscan
Signed-off-by: Petr Vaněk gentoo.org>
net-analyzer/suricata/suricata-7.0.2-r1.ebuild | 221 +
1 file changed, 221 insertions(+)
diff --git a/net-analyzer/suricata/suricata-7.0.2-r1.ebuild
b/net-analyzer/suricata/suricata-7.0.2-r1.ebuild
new file mode 100644
index ..67cffa1955a5
--- /dev/null
+++ b/net-analyzer/suricata/suricata-7.0.2-r1.ebuild
@@ -0,0 +1,221 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+LUA_COMPAT=( lua5-1 luajit )
+PYTHON_COMPAT=( python3_{10..12} )
+
+inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd
tmpfiles verify-sig
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
+HOMEPAGE="https://suricata.io/;
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
+ verify-sig? (
https://www.openinfosecfoundation.org/download/${P}.tar.gz.sig )"
+
+LICENSE="GPL-2"
+SLOT="0/7"
+KEYWORDS="~amd64 ~riscv"
+IUSE="+af-packet af-xdp bpf control-socket cuda debug +detection geoip
hardened hyperscan lua lz4 nflog +nfqueue redis systemd test"
+VERIFY_SIG_OPENPGP_KEY_PATH="/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ af-xdp? ( bpf )
+ bpf? ( af-packet )
+ lua? ( ${LUA_REQUIRED_USE} )"
+
+RDEPEND="${PYTHON_DEPS}
+ acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson:=
+ dev-libs/libpcre2
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_USEDEP}]
+ ')
+ >=net-libs/libhtp-0.5.45
+ net-libs/libpcap
+ sys-apps/file
+ sys-libs/libcap-ng
+ af-xdp? ( net-libs/xdp-tools )
+ bpf?( dev-libs/libbpf )
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/libmaxminddb:= )
+ hyperscan? ( dev-libs/vectorscan:= )
+ lua?( ${LUA_DEPS} )
+ lz4?( app-arch/lz4 )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue?( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis:= )"
+DEPEND="${RDEPEND}
+ >=sys-devel/autoconf-2.69-r5
+ virtual/rust"
+BDEPEND="verify-sig? ( >=sec-keys/openpgp-keys-oisf-20200807 )"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.7_configure-no-hyperscan-automagic.patch"
+ "${FILESDIR}/${PN}-6.0.0_default-config.patch"
+ "${FILESDIR}/${PN}-7.0.2_configure-no-sphinx-pdflatex-automagic.patch"
+)
+
+pkg_pretend() {
+ if use af-xdp && use kernel_linux; then
+ if kernel_is -lt 4 18; then
+ ewarn "Kernel 4.18 or newer is required for AF_XDP"
+ fi
+ fi
+
+ if use bpf && use kernel_linux; then
+ if kernel_is -lt 4 15; then
+ ewarn "Kernel 4.15 or newer is necessary to use all XDP
features like the CPU redirect map"
+ fi
+
+ CONFIG_CHECK="~XDP_SOCKETS"
+ ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it
impossible for Suricata to load XDP programs. "
+ ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
+ check_extra_config
+ fi
+}
+
+src_prepare() {
+ default
+ sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//'
"${S}/doc/Makefile.am" || die
+ eautoreconf
+}
+
+src_configure() {
+ # Bug #861242
+ filter-lto
+
+ local myeconfargs=(
+ "--localstatedir=/var" \
+ "--runstatedir=/run" \
+ "--enable-non-bundled-htp" \
+ "--enable-gccmarch-native=no" \
+ "--enable-python" \
+ $(use_enable af-packet) \
+ $(use_enable af-xdp) \
+ $(use_enable bpf ebpf) \
+ $(use_enable control-socket unix-socket) \
+ $(use_enable cuda) \
+ $(use_enable detection) \
+ $(use_enable geoip) \
+ $(use_enable hardened gccprotect) \
+ $(use_enable hardened pie) \
+ $(use_enable hyperscan) \
+ $(use_enable lz4) \
+ $(use_enable nflog) \
+ $(use_enable nfqueue) \
+ $(use_enable redis hiredis) \
+ $(use_enable test unittests) \
+ "--disable-coccinelle"
+ )
+
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 0b6d8739571b574f8d417331c2acfc15e16f2514
Author: Marek Szuba gentoo org>
AuthorDate: Wed Oct 25 22:01:27 2023 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Oct 25 22:04:29 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0b6d8739
net-analyzer/suricata: add 6.0.15
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 2 +
net-analyzer/suricata/suricata-6.0.15.ebuild | 212 +++
2 files changed, 214 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 60f9530b2507..1f871c0b4c9e 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,5 +1,7 @@
DIST suricata-6.0.13.tar.gz 27411308 BLAKE2B
47dcc47253c462510494dac35a4aa41a110f62bca148871d86509b76ac0c2a873b9fbb9fc981e65897d6443032c27c9f9eeb0fae524f4e56306ed01fe6e32b01
SHA512
7b7ea4b01b6ec4662db1e875e940d667b0aa71b7b91dccf72d32b644c6291814c3fde0c69c96c138d2f1e2412c92456fede823d61c3b7ba63f4bae0edc2dbb0d
DIST suricata-6.0.13.tar.gz.sig 566 BLAKE2B
880dccc4db0f322bd11f123fb2ad012a2904e4bee5ed0c2f161e0baee7054acde2234a9da94184ba67a5bb7adab1da10ca00c7850ae1a046dea07b91297b8476
SHA512
3578087d3ee4bcc8e0f6bd704e42d553b4baf208fc04002f4931bf8d23babe7727a25720c52143a3c423f1cc1f5513105e177fd4368b40927d6fe7234db9de65
+DIST suricata-6.0.15.tar.gz 27903106 BLAKE2B
cf5c2d5760e52f0b4eb0276feb89e056d74ef5478e3158a047fbdec14022aa6e0ba986b7ee9f9ec49e2ebb3f206c7d71ad8ce8dc4eb9a6b48b4ba38c96c2f1c6
SHA512
ec9904fdc57e594653e3f48794c602429412fc85377630600b96081cfeb21361c353ce54d564c01ef0400885c508b49bd8c7a5d8b4482d45155b2007907107a9
+DIST suricata-6.0.15.tar.gz.sig 566 BLAKE2B
f9f5fd9df55c9854f4da3765673df094a3979324714b0f81f787abc3eaa811d01e42cf8b892c5ae558e5f453b82f84dcebd4548a0cfafca00582adc595a11bbf
SHA512
e938715fe22699b623d70bcd70e69d3acb2bfa322ecb9a8a19b272eb5ba378b34974c3114419bbb07fb46b805bc160344d0bdb567acb887832e4c18734fef9a8
DIST suricata-7.0.0.tar.gz 23426302 BLAKE2B
dc5026ee32dd679c18d8953048f7694c6ef69e9b60d91153e1fad5f0d757ccfcb0423ed6f3e21a27f02f6647476923d5c90e1ba83656249509414316f06cd18b
SHA512
b512a8d9e7ce26b362be4e4b1e27b97c0fd6dad109e440d6227916a373e85341336782c0870a2b380fa215f4d2e8d86728f105a6af75d8662d746cee1752347d
DIST suricata-7.0.0.tar.gz.sig 566 BLAKE2B
11033671642c953282fbb0dda0647d12ee143b16e1ee6202f0cc9bcee94eb123139e075ea860002851c2d37f3c9c7e90b72ef22c6cd0ea82dbf63d2bad852068
SHA512
216463c103c5f5fed3cb83190e78939b1efb6fcfe3f6bb8a023ff8a8df85fd7ad024fcc1d9720f196c6dbe3a3c80285a3689bf6e575ff51253a1e5df1a142fcb
DIST suricata-7.0.2.tar.gz 23445403 BLAKE2B
5af50f6f0d91ba233b1cc373c073e72824f10d6df20c27041d5fd11d25c7be6b1941beccf0fb18612d6277eaa7bb1d47d8fedbd34f580ba87d352c45d4d51725
SHA512
bca6eb64495d36fcc83522e29a8ec24653752930d001191fca1d72de5513537fdb8c1805fc45afe55b5fb3a68cf3747af609eec46070505dcd5d9e53c0ed9b95
diff --git a/net-analyzer/suricata/suricata-6.0.15.ebuild
b/net-analyzer/suricata/suricata-6.0.15.ebuild
new file mode 100644
index ..df6ba0f72b6f
--- /dev/null
+++ b/net-analyzer/suricata/suricata-6.0.15.ebuild
@@ -0,0 +1,212 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+LUA_COMPAT=( lua5-1 luajit )
+PYTHON_COMPAT=( python3_{10..12} )
+
+inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd
tmpfiles verify-sig
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
+HOMEPAGE="https://suricata.io/;
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
+ verify-sig? (
https://www.openinfosecfoundation.org/download/${P}.tar.gz.sig )"
+
+LICENSE="GPL-2"
+SLOT="0/6"
+KEYWORDS="~amd64 ~riscv ~x86"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
hyperscan lua lz4 nflog +nfqueue redis systemd test"
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ bpf? ( af-packet )
+ lua? ( ${LUA_REQUIRED_USE} )"
+
+RDEPEND="${PYTHON_DEPS}
+ acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson:=
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_USEDEP}]
+ ')
+ >=net-libs/libhtp-0.5.45
+ net-libs/libpcap
+ sys-apps/file
+ sys-libs/libcap-ng
+ bpf?( https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html;
+ fi
+
+ if use debug; then
+ elog
+ elog "You have enabled the debug USE flag. Please read this
link to report bugs upstream:"
+ elog
"https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs;
+
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: fa6a92286aa5b09aa5cfc106758c45d69be4bf76
Author: Marek Szuba gentoo org>
AuthorDate: Wed Oct 25 22:01:39 2023 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Oct 25 22:04:30 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fa6a9228
net-analyzer/suricata: drop 6.0.13, 7.0.0
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 4 -
net-analyzer/suricata/suricata-6.0.13.ebuild | 212 -
net-analyzer/suricata/suricata-7.0.0.ebuild | 221 ---
3 files changed, 437 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 1f871c0b4c9e..adabc7aa76bc 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,8 +1,4 @@
-DIST suricata-6.0.13.tar.gz 27411308 BLAKE2B
47dcc47253c462510494dac35a4aa41a110f62bca148871d86509b76ac0c2a873b9fbb9fc981e65897d6443032c27c9f9eeb0fae524f4e56306ed01fe6e32b01
SHA512
7b7ea4b01b6ec4662db1e875e940d667b0aa71b7b91dccf72d32b644c6291814c3fde0c69c96c138d2f1e2412c92456fede823d61c3b7ba63f4bae0edc2dbb0d
-DIST suricata-6.0.13.tar.gz.sig 566 BLAKE2B
880dccc4db0f322bd11f123fb2ad012a2904e4bee5ed0c2f161e0baee7054acde2234a9da94184ba67a5bb7adab1da10ca00c7850ae1a046dea07b91297b8476
SHA512
3578087d3ee4bcc8e0f6bd704e42d553b4baf208fc04002f4931bf8d23babe7727a25720c52143a3c423f1cc1f5513105e177fd4368b40927d6fe7234db9de65
DIST suricata-6.0.15.tar.gz 27903106 BLAKE2B
cf5c2d5760e52f0b4eb0276feb89e056d74ef5478e3158a047fbdec14022aa6e0ba986b7ee9f9ec49e2ebb3f206c7d71ad8ce8dc4eb9a6b48b4ba38c96c2f1c6
SHA512
ec9904fdc57e594653e3f48794c602429412fc85377630600b96081cfeb21361c353ce54d564c01ef0400885c508b49bd8c7a5d8b4482d45155b2007907107a9
DIST suricata-6.0.15.tar.gz.sig 566 BLAKE2B
f9f5fd9df55c9854f4da3765673df094a3979324714b0f81f787abc3eaa811d01e42cf8b892c5ae558e5f453b82f84dcebd4548a0cfafca00582adc595a11bbf
SHA512
e938715fe22699b623d70bcd70e69d3acb2bfa322ecb9a8a19b272eb5ba378b34974c3114419bbb07fb46b805bc160344d0bdb567acb887832e4c18734fef9a8
-DIST suricata-7.0.0.tar.gz 23426302 BLAKE2B
dc5026ee32dd679c18d8953048f7694c6ef69e9b60d91153e1fad5f0d757ccfcb0423ed6f3e21a27f02f6647476923d5c90e1ba83656249509414316f06cd18b
SHA512
b512a8d9e7ce26b362be4e4b1e27b97c0fd6dad109e440d6227916a373e85341336782c0870a2b380fa215f4d2e8d86728f105a6af75d8662d746cee1752347d
-DIST suricata-7.0.0.tar.gz.sig 566 BLAKE2B
11033671642c953282fbb0dda0647d12ee143b16e1ee6202f0cc9bcee94eb123139e075ea860002851c2d37f3c9c7e90b72ef22c6cd0ea82dbf63d2bad852068
SHA512
216463c103c5f5fed3cb83190e78939b1efb6fcfe3f6bb8a023ff8a8df85fd7ad024fcc1d9720f196c6dbe3a3c80285a3689bf6e575ff51253a1e5df1a142fcb
DIST suricata-7.0.2.tar.gz 23445403 BLAKE2B
5af50f6f0d91ba233b1cc373c073e72824f10d6df20c27041d5fd11d25c7be6b1941beccf0fb18612d6277eaa7bb1d47d8fedbd34f580ba87d352c45d4d51725
SHA512
bca6eb64495d36fcc83522e29a8ec24653752930d001191fca1d72de5513537fdb8c1805fc45afe55b5fb3a68cf3747af609eec46070505dcd5d9e53c0ed9b95
DIST suricata-7.0.2.tar.gz.sig 566 BLAKE2B
8a931361acfa5e945fe9a3a03b38c65ff7f59da88a9af9c3f5a4b15ec880de6f22038a45d27c480c75489df0a90373f3cee44c48a266226fae89c00ed78b6e5f
SHA512
0a46c8fef1d68f76c08c314613e558027dc7700a72628b5708dbc36c5c1943d816120c569692103d75d284cd7027cdda0d4ef9ab436992d7d2ec101e18aa5056
diff --git a/net-analyzer/suricata/suricata-6.0.13.ebuild
b/net-analyzer/suricata/suricata-6.0.13.ebuild
deleted file mode 100644
index 4ea91dc87cfe..
--- a/net-analyzer/suricata/suricata-6.0.13.ebuild
+++ /dev/null
@@ -1,212 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-LUA_COMPAT=( lua5-1 luajit )
-PYTHON_COMPAT=( python3_{9..11} )
-
-inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd
tmpfiles verify-sig
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
-HOMEPAGE="https://suricata.io/;
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
- verify-sig? (
https://www.openinfosecfoundation.org/download/${P}.tar.gz.sig )"
-
-LICENSE="GPL-2"
-SLOT="0/6"
-KEYWORDS="~amd64 ~riscv ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
hyperscan lua lz4 nflog +nfqueue redis systemd test"
-VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
-
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- bpf? ( af-packet )
- lua? ( ${LUA_REQUIRED_USE} )"
-
-RDEPEND="${PYTHON_DEPS}
- acct-group/suricata
- acct-user/suricata
- dev-libs/jansson:=
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- $(python_gen_cond_dep '
- dev-python/pyyaml[${PYTHON_USEDEP}]
- ')
- >=net-libs/libhtp-0.5.44
- net-libs/libpcap
- sys-apps/file
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/files/, net-analyzer/suricata/
commit: f9c0cfde624dc27b32b3681e678fdf8f19af04aa
Author: Marek Szuba gentoo org>
AuthorDate: Wed Oct 25 21:56:36 2023 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Oct 25 22:04:28 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f9c0cfde
net-analyzer/suricata: add 7.0.2
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 2 +
2_configure-no-sphinx-pdflatex-automagic.patch | 20 ++
net-analyzer/suricata/suricata-7.0.2.ebuild| 221 +
3 files changed, 243 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 1fff5793c937..60f9530b2507 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -2,3 +2,5 @@ DIST suricata-6.0.13.tar.gz 27411308 BLAKE2B
47dcc47253c462510494dac35a4aa41a110
DIST suricata-6.0.13.tar.gz.sig 566 BLAKE2B
880dccc4db0f322bd11f123fb2ad012a2904e4bee5ed0c2f161e0baee7054acde2234a9da94184ba67a5bb7adab1da10ca00c7850ae1a046dea07b91297b8476
SHA512
3578087d3ee4bcc8e0f6bd704e42d553b4baf208fc04002f4931bf8d23babe7727a25720c52143a3c423f1cc1f5513105e177fd4368b40927d6fe7234db9de65
DIST suricata-7.0.0.tar.gz 23426302 BLAKE2B
dc5026ee32dd679c18d8953048f7694c6ef69e9b60d91153e1fad5f0d757ccfcb0423ed6f3e21a27f02f6647476923d5c90e1ba83656249509414316f06cd18b
SHA512
b512a8d9e7ce26b362be4e4b1e27b97c0fd6dad109e440d6227916a373e85341336782c0870a2b380fa215f4d2e8d86728f105a6af75d8662d746cee1752347d
DIST suricata-7.0.0.tar.gz.sig 566 BLAKE2B
11033671642c953282fbb0dda0647d12ee143b16e1ee6202f0cc9bcee94eb123139e075ea860002851c2d37f3c9c7e90b72ef22c6cd0ea82dbf63d2bad852068
SHA512
216463c103c5f5fed3cb83190e78939b1efb6fcfe3f6bb8a023ff8a8df85fd7ad024fcc1d9720f196c6dbe3a3c80285a3689bf6e575ff51253a1e5df1a142fcb
+DIST suricata-7.0.2.tar.gz 23445403 BLAKE2B
5af50f6f0d91ba233b1cc373c073e72824f10d6df20c27041d5fd11d25c7be6b1941beccf0fb18612d6277eaa7bb1d47d8fedbd34f580ba87d352c45d4d51725
SHA512
bca6eb64495d36fcc83522e29a8ec24653752930d001191fca1d72de5513537fdb8c1805fc45afe55b5fb3a68cf3747af609eec46070505dcd5d9e53c0ed9b95
+DIST suricata-7.0.2.tar.gz.sig 566 BLAKE2B
8a931361acfa5e945fe9a3a03b38c65ff7f59da88a9af9c3f5a4b15ec880de6f22038a45d27c480c75489df0a90373f3cee44c48a266226fae89c00ed78b6e5f
SHA512
0a46c8fef1d68f76c08c314613e558027dc7700a72628b5708dbc36c5c1943d816120c569692103d75d284cd7027cdda0d4ef9ab436992d7d2ec101e18aa5056
diff --git
a/net-analyzer/suricata/files/suricata-7.0.2_configure-no-sphinx-pdflatex-automagic.patch
b/net-analyzer/suricata/files/suricata-7.0.2_configure-no-sphinx-pdflatex-automagic.patch
new file mode 100644
index ..07fddac0a6d2
--- /dev/null
+++
b/net-analyzer/suricata/files/suricata-7.0.2_configure-no-sphinx-pdflatex-automagic.patch
@@ -0,0 +1,20 @@
+--- a/configure.ac
b/configure.ac
+@@ -2231,7 +2231,7 @@
+ fi
+
+ # sphinx-build for documentation, and also check for a new enough version
+-AC_PATH_PROG([SPHINX_BUILD], [sphinx-build], [no])
++SPHINX_BUILD="no"
+ if test "$SPHINX_BUILD" != "no"; then
+ MIN_SPHINX_BUILD_VERSION="3.4.3"
+ sphinx_build_version=$($SPHINX_BUILD --version 2>&1 | cut -d' ' -f2-)
+@@ -2257,7 +2257,7 @@
+ AM_CONDITIONAL([HAVE_SURICATA_MAN], [test "x$have_suricata_man" = "xyes"])
+
+ # pdflatex for the pdf version of the user manual
+-AC_PATH_PROG(HAVE_PDFLATEX, pdflatex, "no")
++HAVE_PDFLATEX="no"
+ if test "$HAVE_PDFLATEX" = "no"; then
+enable_pdflatex=no
+ fi
diff --git a/net-analyzer/suricata/suricata-7.0.2.ebuild
b/net-analyzer/suricata/suricata-7.0.2.ebuild
new file mode 100644
index ..a5ec879adeaf
--- /dev/null
+++ b/net-analyzer/suricata/suricata-7.0.2.ebuild
@@ -0,0 +1,221 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+LUA_COMPAT=( lua5-1 luajit )
+PYTHON_COMPAT=( python3_{10..12} )
+
+inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd
tmpfiles verify-sig
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
+HOMEPAGE="https://suricata.io/;
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
+ verify-sig? (
https://www.openinfosecfoundation.org/download/${P}.tar.gz.sig )"
+
+LICENSE="GPL-2"
+SLOT="0/7"
+KEYWORDS="~amd64 ~riscv ~x86"
+IUSE="+af-packet af-xdp bpf control-socket cuda debug +detection geoip
hardened hyperscan lua lz4 nflog +nfqueue redis systemd test"
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ af-xdp? ( bpf )
+ bpf? ( af-packet )
+ lua? ( ${LUA_REQUIRED_USE} )"
+
+RDEPEND="${PYTHON_DEPS}
+ acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson:=
+ dev-libs/libpcre2
+ dev-libs/libyaml
+ net-libs/libnet:*
+
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 042427cddd54f9811988dc61798ee7c7288ecd3f
Author: Marek Szuba gentoo org>
AuthorDate: Wed Aug 16 17:06:10 2023 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Aug 16 17:08:40 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=042427cd
net-analyzer/suricata: drop 6.0.12
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 2 -
net-analyzer/suricata/suricata-6.0.12.ebuild | 212 ---
2 files changed, 214 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index d3bafea16736..1fff5793c937 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,5 +1,3 @@
-DIST suricata-6.0.12.tar.gz 27388535 BLAKE2B
3cd16072014e814ec116bbde6649a0230200e447884028fef0440cbbc38a36b28c1edb39098e4089ee966890464bcd2573ea82d3e35e6d034ad465ac20c4c0b6
SHA512
aa8a51e0c6b04640a9df3ca46d736c23f213561a0f47e9022f0bd10cf4652b6912ff576fb6db0b663fcae5ab5a80ef5048da3a323326fb2b6d56d8ef7c0c
-DIST suricata-6.0.12.tar.gz.sig 566 BLAKE2B
50102891a3efec7a52e16bf7c3842cbdf3e9feb0f9a1fe34ab714ea1b5f01c02aafec74c7252b1bb0b0da0242c4f4eb1771c74aef06f356672f6e5bcc405b1a8
SHA512
b3cfb4791599e9c48a46cd39e28d74022ac2aa7b6cb04ceff70ae66a5e4b1e166caa48a47869c37cffd82e6eae1f65744ca3d84521f8808f90210039f31b
DIST suricata-6.0.13.tar.gz 27411308 BLAKE2B
47dcc47253c462510494dac35a4aa41a110f62bca148871d86509b76ac0c2a873b9fbb9fc981e65897d6443032c27c9f9eeb0fae524f4e56306ed01fe6e32b01
SHA512
7b7ea4b01b6ec4662db1e875e940d667b0aa71b7b91dccf72d32b644c6291814c3fde0c69c96c138d2f1e2412c92456fede823d61c3b7ba63f4bae0edc2dbb0d
DIST suricata-6.0.13.tar.gz.sig 566 BLAKE2B
880dccc4db0f322bd11f123fb2ad012a2904e4bee5ed0c2f161e0baee7054acde2234a9da94184ba67a5bb7adab1da10ca00c7850ae1a046dea07b91297b8476
SHA512
3578087d3ee4bcc8e0f6bd704e42d553b4baf208fc04002f4931bf8d23babe7727a25720c52143a3c423f1cc1f5513105e177fd4368b40927d6fe7234db9de65
DIST suricata-7.0.0.tar.gz 23426302 BLAKE2B
dc5026ee32dd679c18d8953048f7694c6ef69e9b60d91153e1fad5f0d757ccfcb0423ed6f3e21a27f02f6647476923d5c90e1ba83656249509414316f06cd18b
SHA512
b512a8d9e7ce26b362be4e4b1e27b97c0fd6dad109e440d6227916a373e85341336782c0870a2b380fa215f4d2e8d86728f105a6af75d8662d746cee1752347d
diff --git a/net-analyzer/suricata/suricata-6.0.12.ebuild
b/net-analyzer/suricata/suricata-6.0.12.ebuild
deleted file mode 100644
index 9b453e9fdbc6..
--- a/net-analyzer/suricata/suricata-6.0.12.ebuild
+++ /dev/null
@@ -1,212 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-LUA_COMPAT=( lua5-1 luajit )
-PYTHON_COMPAT=( python3_{9..11} )
-
-inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd
tmpfiles verify-sig
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
-HOMEPAGE="https://suricata.io/;
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
- verify-sig? (
https://www.openinfosecfoundation.org/download/${P}.tar.gz.sig )"
-
-LICENSE="GPL-2"
-SLOT="0/6"
-KEYWORDS="~amd64 ~riscv ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
hyperscan lua lz4 nflog +nfqueue redis systemd test"
-VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
-
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- bpf? ( af-packet )
- lua? ( ${LUA_REQUIRED_USE} )"
-
-RDEPEND="${PYTHON_DEPS}
- acct-group/suricata
- acct-user/suricata
- dev-libs/jansson:=
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- $(python_gen_cond_dep '
- dev-python/pyyaml[${PYTHON_USEDEP}]
- ')
- >=net-libs/libhtp-0.5.43
- net-libs/libpcap
- sys-apps/file
- sys-libs/libcap-ng
- bpf?( https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html;
- fi
-
- if use debug; then
- elog
- elog "You have enabled the debug USE flag. Please read this
link to report bugs upstream:"
- elog
"https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs;
- elog "You need to also ensure the FEATURES variable in
make.conf contains the"
- elog "'nostrip' option to produce useful core dumps or back
traces."
- fi
-
- elog
- if [[ -z "${REPLACING_VERSIONS}" ]]; then
- elog "To download and install an initial set of rules, run:"
- elog "suricata-update"
- fi
- elog
-}
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 6d239f1820f40bccbc6bee23e88c2ac5a2b1dc52
Author: Stijn Tintel linux-ipv6 be>
AuthorDate: Thu Jul 27 13:27:03 2023 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Aug 16 17:08:39 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6d239f18
net-analyzer/suricata: add 7.0.0
Closes: https://bugs.gentoo.org/911313
Signed-off-by: Stijn Tintel linux-ipv6.be>
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 2 +
net-analyzer/suricata/metadata.xml | 1 +
net-analyzer/suricata/suricata-7.0.0.ebuild | 221
3 files changed, 224 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 85d27e588a21..d3bafea16736 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -2,3 +2,5 @@ DIST suricata-6.0.12.tar.gz 27388535 BLAKE2B
3cd16072014e814ec116bbde6649a023020
DIST suricata-6.0.12.tar.gz.sig 566 BLAKE2B
50102891a3efec7a52e16bf7c3842cbdf3e9feb0f9a1fe34ab714ea1b5f01c02aafec74c7252b1bb0b0da0242c4f4eb1771c74aef06f356672f6e5bcc405b1a8
SHA512
b3cfb4791599e9c48a46cd39e28d74022ac2aa7b6cb04ceff70ae66a5e4b1e166caa48a47869c37cffd82e6eae1f65744ca3d84521f8808f90210039f31b
DIST suricata-6.0.13.tar.gz 27411308 BLAKE2B
47dcc47253c462510494dac35a4aa41a110f62bca148871d86509b76ac0c2a873b9fbb9fc981e65897d6443032c27c9f9eeb0fae524f4e56306ed01fe6e32b01
SHA512
7b7ea4b01b6ec4662db1e875e940d667b0aa71b7b91dccf72d32b644c6291814c3fde0c69c96c138d2f1e2412c92456fede823d61c3b7ba63f4bae0edc2dbb0d
DIST suricata-6.0.13.tar.gz.sig 566 BLAKE2B
880dccc4db0f322bd11f123fb2ad012a2904e4bee5ed0c2f161e0baee7054acde2234a9da94184ba67a5bb7adab1da10ca00c7850ae1a046dea07b91297b8476
SHA512
3578087d3ee4bcc8e0f6bd704e42d553b4baf208fc04002f4931bf8d23babe7727a25720c52143a3c423f1cc1f5513105e177fd4368b40927d6fe7234db9de65
+DIST suricata-7.0.0.tar.gz 23426302 BLAKE2B
dc5026ee32dd679c18d8953048f7694c6ef69e9b60d91153e1fad5f0d757ccfcb0423ed6f3e21a27f02f6647476923d5c90e1ba83656249509414316f06cd18b
SHA512
b512a8d9e7ce26b362be4e4b1e27b97c0fd6dad109e440d6227916a373e85341336782c0870a2b380fa215f4d2e8d86728f105a6af75d8662d746cee1752347d
+DIST suricata-7.0.0.tar.gz.sig 566 BLAKE2B
11033671642c953282fbb0dda0647d12ee143b16e1ee6202f0cc9bcee94eb123139e075ea860002851c2d37f3c9c7e90b72ef22c6cd0ea82dbf63d2bad852068
SHA512
216463c103c5f5fed3cb83190e78939b1efb6fcfe3f6bb8a023ff8a8df85fd7ad024fcc1d9720f196c6dbe3a3c80285a3689bf6e575ff51253a1e5df1a142fcb
diff --git a/net-analyzer/suricata/metadata.xml
b/net-analyzer/suricata/metadata.xml
index f55796e7f1ed..ab8f1004e969 100644
--- a/net-analyzer/suricata/metadata.xml
+++ b/net-analyzer/suricata/metadata.xml
@@ -7,6 +7,7 @@
Enable AF_PACKET support
+Enable AF_XDP support
Enable support for eBPF (as well as XDP if supported by
the kernel and the NIC driver)
for low-level, high-speed packet processing
Enable unix socket
diff --git a/net-analyzer/suricata/suricata-7.0.0.ebuild
b/net-analyzer/suricata/suricata-7.0.0.ebuild
new file mode 100644
index ..f66b8fc5a628
--- /dev/null
+++ b/net-analyzer/suricata/suricata-7.0.0.ebuild
@@ -0,0 +1,221 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+LUA_COMPAT=( lua5-1 luajit )
+PYTHON_COMPAT=( python3_{10..12} )
+
+inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd
tmpfiles verify-sig
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
+HOMEPAGE="https://suricata.io/;
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
+ verify-sig? (
https://www.openinfosecfoundation.org/download/${P}.tar.gz.sig )"
+
+LICENSE="GPL-2"
+SLOT="0/7"
+KEYWORDS="~amd64 ~riscv ~x86"
+IUSE="+af-packet af-xdp bpf control-socket cuda debug +detection geoip
hardened hyperscan lua lz4 nflog +nfqueue redis systemd test"
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ af-xdp? ( bpf )
+ bpf? ( af-packet )
+ lua? ( ${LUA_REQUIRED_USE} )"
+
+RDEPEND="${PYTHON_DEPS}
+ acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson:=
+ dev-libs/libpcre2
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_USEDEP}]
+ ')
+ >=net-libs/libhtp-0.5.45
+ net-libs/libpcap
+ sys-apps/file
+ sys-libs/libcap-ng
+ af-xdp? ( net-libs/xdp-tools )
+ bpf?( dev-libs/libbpf )
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/libmaxminddb:= )
+ hyperscan? ( dev-libs/hyperscan )
+ lua?( ${LUA_DEPS} )
+ lz4?(
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 777280c0f9eb5db9ca0e0098c0a690c2506ff50f
Author: Marek Szuba gentoo org>
AuthorDate: Tue Jun 27 20:45:30 2023 +
Commit: Marek Szuba gentoo org>
CommitDate: Tue Jun 27 21:56:22 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=777280c0
net-analyzer/suricata: add 6.0.13, drop 6.0.11
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest| 4 ++--
.../suricata/{suricata-6.0.11.ebuild => suricata-6.0.13.ebuild} | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 549fe68db0a7..85d27e588a21 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,4 +1,4 @@
-DIST suricata-6.0.11.tar.gz 27408130 BLAKE2B
41b37168e6c50b32971ad8c0541f3bc1981152c8360bbfc261a9abab5dc229425bef92fe19db5d0ec7cf32abff71acca62934c411aea79f5c8f9b38bd6422ee4
SHA512
b9b23aa9f71e9ce9c15312d14624133f772a0df82059a7c911cfb028ff00ba0eb39c7c263cb7f4612d2199c262cef1682c06f8b416a36e37dfb4277f12cb2ce9
-DIST suricata-6.0.11.tar.gz.sig 566 BLAKE2B
fb6854b4bade28d4ff5850dace2e71955d587a3a0346bd158796564a3d3440940b90edc85be330ca8f8f903b35c9a7abf01dc2a570f7a74f492ca0bda70b
SHA512
4ab0b2823d0260cbb17c1dc25dcf1511b772fd5369555b6f1db9db1cc5bbb66092f1b6c4e4b6f01ee76a6003c51444b44e8529ea6f994a554c42e267295e8dc3
DIST suricata-6.0.12.tar.gz 27388535 BLAKE2B
3cd16072014e814ec116bbde6649a0230200e447884028fef0440cbbc38a36b28c1edb39098e4089ee966890464bcd2573ea82d3e35e6d034ad465ac20c4c0b6
SHA512
aa8a51e0c6b04640a9df3ca46d736c23f213561a0f47e9022f0bd10cf4652b6912ff576fb6db0b663fcae5ab5a80ef5048da3a323326fb2b6d56d8ef7c0c
DIST suricata-6.0.12.tar.gz.sig 566 BLAKE2B
50102891a3efec7a52e16bf7c3842cbdf3e9feb0f9a1fe34ab714ea1b5f01c02aafec74c7252b1bb0b0da0242c4f4eb1771c74aef06f356672f6e5bcc405b1a8
SHA512
b3cfb4791599e9c48a46cd39e28d74022ac2aa7b6cb04ceff70ae66a5e4b1e166caa48a47869c37cffd82e6eae1f65744ca3d84521f8808f90210039f31b
+DIST suricata-6.0.13.tar.gz 27411308 BLAKE2B
47dcc47253c462510494dac35a4aa41a110f62bca148871d86509b76ac0c2a873b9fbb9fc981e65897d6443032c27c9f9eeb0fae524f4e56306ed01fe6e32b01
SHA512
7b7ea4b01b6ec4662db1e875e940d667b0aa71b7b91dccf72d32b644c6291814c3fde0c69c96c138d2f1e2412c92456fede823d61c3b7ba63f4bae0edc2dbb0d
+DIST suricata-6.0.13.tar.gz.sig 566 BLAKE2B
880dccc4db0f322bd11f123fb2ad012a2904e4bee5ed0c2f161e0baee7054acde2234a9da94184ba67a5bb7adab1da10ca00c7850ae1a046dea07b91297b8476
SHA512
3578087d3ee4bcc8e0f6bd704e42d553b4baf208fc04002f4931bf8d23babe7727a25720c52143a3c423f1cc1f5513105e177fd4368b40927d6fe7234db9de65
diff --git a/net-analyzer/suricata/suricata-6.0.11.ebuild
b/net-analyzer/suricata/suricata-6.0.13.ebuild
similarity index 99%
rename from net-analyzer/suricata/suricata-6.0.11.ebuild
rename to net-analyzer/suricata/suricata-6.0.13.ebuild
index 9b453e9fdbc6..4ea91dc87cfe 100644
--- a/net-analyzer/suricata/suricata-6.0.11.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.13.ebuild
@@ -38,7 +38,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.43
+ >=net-libs/libhtp-0.5.44
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: bde43f80ec498f0ecd941ffd08fe5a7141f6ce09
Author: Marek Szuba gentoo org>
AuthorDate: Thu May 11 11:40:23 2023 +
Commit: Marek Szuba gentoo org>
CommitDate: Thu May 11 11:59:32 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bde43f80
net-analyzer/suricata: add 6.0.12, drop 6.0.10
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest| 4 ++--
.../suricata/{suricata-6.0.10.ebuild => suricata-6.0.12.ebuild} | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 6d54b18e09db..549fe68db0a7 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,4 +1,4 @@
-DIST suricata-6.0.10.tar.gz 27374715 BLAKE2B
a2b334c0139ead0b914ba6039c116ebad30dd3b5c0d4bb751f608af83e1487a67b96224ffe61635468dc49a9e44f03a76facf2af66582ba18e364f233029b532
SHA512
3e49d491cf1fb56a6773308380cae826016041018c18753d18529572712a6ffa415df2798805bffdf8482312fdb69c3f2e05f38870a5b725d333f928b840e1e2
-DIST suricata-6.0.10.tar.gz.sig 566 BLAKE2B
911c3587911dd6b8fbf0932608b2eb80928223d5ed6636abfd9355fcdf6fcb2ff0e3d064d472d2c89417679c68d496ee105dd0cee1f3e8c33de9cd6c90290d9d
SHA512
5c6ab8937d82472b0bccae00c94094ee503ac423884d958947f276a4f2d7e9a88646e5ca8deb4b03cb4d035238774a6cd20ddbea9a08a6c5b45b646c1458dca8
DIST suricata-6.0.11.tar.gz 27408130 BLAKE2B
41b37168e6c50b32971ad8c0541f3bc1981152c8360bbfc261a9abab5dc229425bef92fe19db5d0ec7cf32abff71acca62934c411aea79f5c8f9b38bd6422ee4
SHA512
b9b23aa9f71e9ce9c15312d14624133f772a0df82059a7c911cfb028ff00ba0eb39c7c263cb7f4612d2199c262cef1682c06f8b416a36e37dfb4277f12cb2ce9
DIST suricata-6.0.11.tar.gz.sig 566 BLAKE2B
fb6854b4bade28d4ff5850dace2e71955d587a3a0346bd158796564a3d3440940b90edc85be330ca8f8f903b35c9a7abf01dc2a570f7a74f492ca0bda70b
SHA512
4ab0b2823d0260cbb17c1dc25dcf1511b772fd5369555b6f1db9db1cc5bbb66092f1b6c4e4b6f01ee76a6003c51444b44e8529ea6f994a554c42e267295e8dc3
+DIST suricata-6.0.12.tar.gz 27388535 BLAKE2B
3cd16072014e814ec116bbde6649a0230200e447884028fef0440cbbc38a36b28c1edb39098e4089ee966890464bcd2573ea82d3e35e6d034ad465ac20c4c0b6
SHA512
aa8a51e0c6b04640a9df3ca46d736c23f213561a0f47e9022f0bd10cf4652b6912ff576fb6db0b663fcae5ab5a80ef5048da3a323326fb2b6d56d8ef7c0c
+DIST suricata-6.0.12.tar.gz.sig 566 BLAKE2B
50102891a3efec7a52e16bf7c3842cbdf3e9feb0f9a1fe34ab714ea1b5f01c02aafec74c7252b1bb0b0da0242c4f4eb1771c74aef06f356672f6e5bcc405b1a8
SHA512
b3cfb4791599e9c48a46cd39e28d74022ac2aa7b6cb04ceff70ae66a5e4b1e166caa48a47869c37cffd82e6eae1f65744ca3d84521f8808f90210039f31b
diff --git a/net-analyzer/suricata/suricata-6.0.10.ebuild
b/net-analyzer/suricata/suricata-6.0.12.ebuild
similarity index 99%
rename from net-analyzer/suricata/suricata-6.0.10.ebuild
rename to net-analyzer/suricata/suricata-6.0.12.ebuild
index bcc930edadc3..9b453e9fdbc6 100644
--- a/net-analyzer/suricata/suricata-6.0.10.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.12.ebuild
@@ -38,7 +38,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.42
+ >=net-libs/libhtp-0.5.43
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 15ad928b7ee2e7463637cdc1d40411a4145b1b35
Author: Marek Szuba gentoo org>
AuthorDate: Sun Apr 16 20:02:40 2023 +
Commit: Marek Szuba gentoo org>
CommitDate: Sun Apr 16 20:03:02 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=15ad928b
net-analyzer/suricata: add 6.0.11, drop 6.0.9
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 4 ++--
.../{suricata-6.0.9.ebuild => suricata-6.0.11.ebuild} | 13 +
2 files changed, 7 insertions(+), 10 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index d74a829df4e1..6d54b18e09db 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,4 +1,4 @@
DIST suricata-6.0.10.tar.gz 27374715 BLAKE2B
a2b334c0139ead0b914ba6039c116ebad30dd3b5c0d4bb751f608af83e1487a67b96224ffe61635468dc49a9e44f03a76facf2af66582ba18e364f233029b532
SHA512
3e49d491cf1fb56a6773308380cae826016041018c18753d18529572712a6ffa415df2798805bffdf8482312fdb69c3f2e05f38870a5b725d333f928b840e1e2
DIST suricata-6.0.10.tar.gz.sig 566 BLAKE2B
911c3587911dd6b8fbf0932608b2eb80928223d5ed6636abfd9355fcdf6fcb2ff0e3d064d472d2c89417679c68d496ee105dd0cee1f3e8c33de9cd6c90290d9d
SHA512
5c6ab8937d82472b0bccae00c94094ee503ac423884d958947f276a4f2d7e9a88646e5ca8deb4b03cb4d035238774a6cd20ddbea9a08a6c5b45b646c1458dca8
-DIST suricata-6.0.9.tar.gz 27352128 BLAKE2B
966657eeff216894f6357989f0317b7c5eed82602ca2381269446cbe4c015be449f5598726b2f58924f20aca30c4e130ecafe642ea4ce39f1671f46093292551
SHA512
09a24a90db11e74da2d584904987c2d751243a95cf237d13a8b57cdffc6659281c9d572404caea657e637d7eed01ecfe40bdfcfc79c09e1ca8eb26637dddbb6c
-DIST suricata-6.0.9.tar.gz.sig 566 BLAKE2B
1ac1bb67caef5e5827127befd269de03ec697a351e80575d1f0f729c491be3601cc2e9372e87f762aefcb8c15403f94f122e3d626061e2215b8edcda38c46f37
SHA512
0df7d1f83bd1adb4e87b0afeada99c64b2aa50fdfb9eda5d44043f4447bceda50a057e78db2397f882efbe7440ba7e3f5db9e610f679938e5ed461f175d70c6f
+DIST suricata-6.0.11.tar.gz 27408130 BLAKE2B
41b37168e6c50b32971ad8c0541f3bc1981152c8360bbfc261a9abab5dc229425bef92fe19db5d0ec7cf32abff71acca62934c411aea79f5c8f9b38bd6422ee4
SHA512
b9b23aa9f71e9ce9c15312d14624133f772a0df82059a7c911cfb028ff00ba0eb39c7c263cb7f4612d2199c262cef1682c06f8b416a36e37dfb4277f12cb2ce9
+DIST suricata-6.0.11.tar.gz.sig 566 BLAKE2B
fb6854b4bade28d4ff5850dace2e71955d587a3a0346bd158796564a3d3440940b90edc85be330ca8f8f903b35c9a7abf01dc2a570f7a74f492ca0bda70b
SHA512
4ab0b2823d0260cbb17c1dc25dcf1511b772fd5369555b6f1db9db1cc5bbb66092f1b6c4e4b6f01ee76a6003c51444b44e8529ea6f994a554c42e267295e8dc3
diff --git a/net-analyzer/suricata/suricata-6.0.9.ebuild
b/net-analyzer/suricata/suricata-6.0.11.ebuild
similarity index 96%
rename from net-analyzer/suricata/suricata-6.0.9.ebuild
rename to net-analyzer/suricata/suricata-6.0.11.ebuild
index 7f150ca4dc8d..9b453e9fdbc6 100644
--- a/net-analyzer/suricata/suricata-6.0.9.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.11.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2022 Gentoo Authors
+# Copyright 1999-2023 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
@@ -38,7 +38,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.42
+ >=net-libs/libhtp-0.5.43
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
@@ -119,6 +119,7 @@ src_configure() {
if use debug; then
myeconfargs+=( $(use_enable debug) )
# so we can get a backtrace according to "reporting bugs" on
upstream web site
+ QA_FLAGS_IGNORED="usr/bin/${PN}"
CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
else
econf ${myeconfargs[@]}
@@ -145,7 +146,7 @@ src_install() {
fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+ fperms 6750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
newinitd "${FILESDIR}/${PN}.initd" ${PN}
newconfd "${FILESDIR}/${PN}.confd" ${PN}
@@ -205,11 +206,7 @@ pkg_postinst() {
elog
if [[ -z "${REPLACING_VERSIONS}" ]]; then
elog "To download and install an initial set of rules, run:"
- elog "emerge --config =${CATEGORY}/${PF}"
+ elog "suricata-update"
fi
elog
}
-
-pkg_config() {
- suricata-update
-}
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 8532e51714ce99ea6db20cfedde4d976291e70d3
Author: Marek Szuba gentoo org>
AuthorDate: Wed Mar 22 23:02:00 2023 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Mar 22 23:43:34 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8532e517
net-analyzer/suricata: make rule-file and update dirs setuid suricata
So that it is possible to run suricata-update as root (which according
to upstream documentation is still very much allowed) but have suricata
itself drop its privileges, without having to manually change the
ownership of downloaded files. In the long run it would be nice for
suricata-update to drop privileges as well - but that's something
for upstream to take care of, and setuid suricata on the relevant
directories appears to work fine.
Closes: https://bugs.gentoo.org/900627
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/suricata-6.0.10.ebuild | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/suricata-6.0.10.ebuild
b/net-analyzer/suricata/suricata-6.0.10.ebuild
index 697b19988894..bcc930edadc3 100644
--- a/net-analyzer/suricata/suricata-6.0.10.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.10.ebuild
@@ -146,7 +146,7 @@ src_install() {
fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- fperms 2750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
+ fperms 6750 "/var/lib/${PN}/rules" "/var/lib/${PN}/update"
newinitd "${FILESDIR}/${PN}.initd" ${PN}
newconfd "${FILESDIR}/${PN}.confd" ${PN}
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: b17adffd47e3d9b107b7c25fb1f17a2edf3df605
Author: Marek Szuba gentoo org>
AuthorDate: Wed Mar 1 22:29:51 2023 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Mar 1 23:11:58 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b17adffd
net-analyzer/suricata: allow ignoring CFLAGS for USE=debug
We set specific compiler flags when Suricata is built in debug mode in
order to confirm with upstream bug-reporting policy.
Closes: https://bugs.gentoo.org/889748
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/suricata-6.0.10.ebuild | 1 +
1 file changed, 1 insertion(+)
diff --git a/net-analyzer/suricata/suricata-6.0.10.ebuild
b/net-analyzer/suricata/suricata-6.0.10.ebuild
index 69445880fb19..697b19988894 100644
--- a/net-analyzer/suricata/suricata-6.0.10.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.10.ebuild
@@ -119,6 +119,7 @@ src_configure() {
if use debug; then
myeconfargs+=( $(use_enable debug) )
# so we can get a backtrace according to "reporting bugs" on
upstream web site
+ QA_FLAGS_IGNORED="usr/bin/${PN}"
CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
else
econf ${myeconfargs[@]}
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 8b6d65a2f8918e747d3801e689c9349f9de02140
Author: Marek Szuba gentoo org>
AuthorDate: Wed Feb 1 10:47:06 2023 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Feb 1 10:50:37 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8b6d65a2
net-analyzer/suricata: add 6.0.10
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 2 +
net-analyzer/suricata/suricata-6.0.10.ebuild | 211 +++
2 files changed, 213 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 2314e0a6d360..d2780384de9a 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,3 +1,5 @@
+DIST suricata-6.0.10.tar.gz 27374715 BLAKE2B
a2b334c0139ead0b914ba6039c116ebad30dd3b5c0d4bb751f608af83e1487a67b96224ffe61635468dc49a9e44f03a76facf2af66582ba18e364f233029b532
SHA512
3e49d491cf1fb56a6773308380cae826016041018c18753d18529572712a6ffa415df2798805bffdf8482312fdb69c3f2e05f38870a5b725d333f928b840e1e2
+DIST suricata-6.0.10.tar.gz.sig 566 BLAKE2B
911c3587911dd6b8fbf0932608b2eb80928223d5ed6636abfd9355fcdf6fcb2ff0e3d064d472d2c89417679c68d496ee105dd0cee1f3e8c33de9cd6c90290d9d
SHA512
5c6ab8937d82472b0bccae00c94094ee503ac423884d958947f276a4f2d7e9a88646e5ca8deb4b03cb4d035238774a6cd20ddbea9a08a6c5b45b646c1458dca8
DIST suricata-6.0.8.tar.gz 32697425 BLAKE2B
1e445885f3a672081cbb8f17de9fb0fa21a2c618b80ea8d3d9362c0475149d833986cac047ad90b1c1a5b5b19025ff501a695e0f197c00457859b3858f51ecba
SHA512
ab1eceedde70179e4a447297039e64132e0a2361e8424ad42c9037273a3f6eaf4c8d5d0306af6f26c8b373636b621ac1d7d505952306d9170c6a87e6fb863b61
DIST suricata-6.0.8.tar.gz.sig 566 BLAKE2B
817756401d628e49fb0f54faca05d87131711946aa641d0f0a5957fa2f5d6378e1b5cafeaf67b176b66cb0be0afd790aea1312042a195535e57571276aef1edc
SHA512
d0d354b6fca3ef088e2371d6262f4bd45fb06747fcc32519510e690ced933d828fc1acf64d8d1b17d0360ce280905e5bf4b1c9fb8016d82cdee57a432bded884
DIST suricata-6.0.9.tar.gz 27352128 BLAKE2B
966657eeff216894f6357989f0317b7c5eed82602ca2381269446cbe4c015be449f5598726b2f58924f20aca30c4e130ecafe642ea4ce39f1671f46093292551
SHA512
09a24a90db11e74da2d584904987c2d751243a95cf237d13a8b57cdffc6659281c9d572404caea657e637d7eed01ecfe40bdfcfc79c09e1ca8eb26637dddbb6c
diff --git a/net-analyzer/suricata/suricata-6.0.10.ebuild
b/net-analyzer/suricata/suricata-6.0.10.ebuild
new file mode 100644
index ..69445880fb19
--- /dev/null
+++ b/net-analyzer/suricata/suricata-6.0.10.ebuild
@@ -0,0 +1,211 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+LUA_COMPAT=( lua5-1 luajit )
+PYTHON_COMPAT=( python3_{9..11} )
+
+inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd
tmpfiles verify-sig
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
+HOMEPAGE="https://suricata.io/;
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
+ verify-sig? (
https://www.openinfosecfoundation.org/download/${P}.tar.gz.sig )"
+
+LICENSE="GPL-2"
+SLOT="0/6"
+KEYWORDS="~amd64 ~riscv ~x86"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
hyperscan lua lz4 nflog +nfqueue redis systemd test"
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ bpf? ( af-packet )
+ lua? ( ${LUA_REQUIRED_USE} )"
+
+RDEPEND="${PYTHON_DEPS}
+ acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson:=
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_USEDEP}]
+ ')
+ >=net-libs/libhtp-0.5.42
+ net-libs/libpcap
+ sys-apps/file
+ sys-libs/libcap-ng
+ bpf?( https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html;
+ fi
+
+ if use debug; then
+ elog
+ elog "You have enabled the debug USE flag. Please read this
link to report bugs upstream:"
+ elog
"https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs;
+ elog "You need to also ensure the FEATURES variable in
make.conf contains the"
+ elog "'nostrip' option to produce useful core dumps or back
traces."
+ fi
+
+ elog
+ if [[ -z "${REPLACING_VERSIONS}" ]]; then
+ elog "To download and install an initial set of rules, run:"
+ elog "suricata-update"
+ fi
+ elog
+}
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: d84c3680afade906ec0cfcb2822c7cb2e75ad785
Author: Marek Szuba gentoo org>
AuthorDate: Wed Feb 1 10:47:34 2023 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Feb 1 10:50:38 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d84c3680
net-analyzer/suricata: drop 6.0.8-r1
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 2 -
net-analyzer/suricata/suricata-6.0.8-r1.ebuild | 215 -
2 files changed, 217 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index d2780384de9a..d74a829df4e1 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,6 +1,4 @@
DIST suricata-6.0.10.tar.gz 27374715 BLAKE2B
a2b334c0139ead0b914ba6039c116ebad30dd3b5c0d4bb751f608af83e1487a67b96224ffe61635468dc49a9e44f03a76facf2af66582ba18e364f233029b532
SHA512
3e49d491cf1fb56a6773308380cae826016041018c18753d18529572712a6ffa415df2798805bffdf8482312fdb69c3f2e05f38870a5b725d333f928b840e1e2
DIST suricata-6.0.10.tar.gz.sig 566 BLAKE2B
911c3587911dd6b8fbf0932608b2eb80928223d5ed6636abfd9355fcdf6fcb2ff0e3d064d472d2c89417679c68d496ee105dd0cee1f3e8c33de9cd6c90290d9d
SHA512
5c6ab8937d82472b0bccae00c94094ee503ac423884d958947f276a4f2d7e9a88646e5ca8deb4b03cb4d035238774a6cd20ddbea9a08a6c5b45b646c1458dca8
-DIST suricata-6.0.8.tar.gz 32697425 BLAKE2B
1e445885f3a672081cbb8f17de9fb0fa21a2c618b80ea8d3d9362c0475149d833986cac047ad90b1c1a5b5b19025ff501a695e0f197c00457859b3858f51ecba
SHA512
ab1eceedde70179e4a447297039e64132e0a2361e8424ad42c9037273a3f6eaf4c8d5d0306af6f26c8b373636b621ac1d7d505952306d9170c6a87e6fb863b61
-DIST suricata-6.0.8.tar.gz.sig 566 BLAKE2B
817756401d628e49fb0f54faca05d87131711946aa641d0f0a5957fa2f5d6378e1b5cafeaf67b176b66cb0be0afd790aea1312042a195535e57571276aef1edc
SHA512
d0d354b6fca3ef088e2371d6262f4bd45fb06747fcc32519510e690ced933d828fc1acf64d8d1b17d0360ce280905e5bf4b1c9fb8016d82cdee57a432bded884
DIST suricata-6.0.9.tar.gz 27352128 BLAKE2B
966657eeff216894f6357989f0317b7c5eed82602ca2381269446cbe4c015be449f5598726b2f58924f20aca30c4e130ecafe642ea4ce39f1671f46093292551
SHA512
09a24a90db11e74da2d584904987c2d751243a95cf237d13a8b57cdffc6659281c9d572404caea657e637d7eed01ecfe40bdfcfc79c09e1ca8eb26637dddbb6c
DIST suricata-6.0.9.tar.gz.sig 566 BLAKE2B
1ac1bb67caef5e5827127befd269de03ec697a351e80575d1f0f729c491be3601cc2e9372e87f762aefcb8c15403f94f122e3d626061e2215b8edcda38c46f37
SHA512
0df7d1f83bd1adb4e87b0afeada99c64b2aa50fdfb9eda5d44043f4447bceda50a057e78db2397f882efbe7440ba7e3f5db9e610f679938e5ed461f175d70c6f
diff --git a/net-analyzer/suricata/suricata-6.0.8-r1.ebuild
b/net-analyzer/suricata/suricata-6.0.8-r1.ebuild
deleted file mode 100644
index f43461cd5001..
--- a/net-analyzer/suricata/suricata-6.0.8-r1.ebuild
+++ /dev/null
@@ -1,215 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-LUA_COMPAT=( lua5-1 luajit )
-PYTHON_COMPAT=( python3_{9..11} )
-
-inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd
tmpfiles verify-sig
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
-HOMEPAGE="https://suricata.io/;
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
- verify-sig? (
https://www.openinfosecfoundation.org/download/${P}.tar.gz.sig )"
-
-LICENSE="GPL-2"
-SLOT="0/6"
-KEYWORDS="~amd64 ~riscv ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
hyperscan lua lz4 nflog +nfqueue redis systemd test"
-VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
-
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- bpf? ( af-packet )
- lua? ( ${LUA_REQUIRED_USE} )"
-
-RDEPEND="${PYTHON_DEPS}
- acct-group/suricata
- acct-user/suricata
- dev-libs/jansson:=
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- $(python_gen_cond_dep '
- dev-python/pyyaml[${PYTHON_USEDEP}]
- ')
- >=net-libs/libhtp-0.5.41
- net-libs/libpcap
- sys-apps/file
- sys-libs/libcap-ng
- bpf?( https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html;
- fi
-
- if use debug; then
- elog
- elog "You have enabled the debug USE flag. Please read this
link to report bugs upstream:"
- elog
"https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs;
- elog "You need to also ensure the FEATURES variable in
make.conf contains the"
- elog "'nostrip' option to produce useful core dumps or back
traces."
- fi
-
- elog
- if [[ -z "${REPLACING_VERSIONS}" ]]; then
- elog "To download and install an
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 56123cf7a6c8f01ae24fe2b8cd958201e95c816f
Author: Marek Szuba gentoo org>
AuthorDate: Fri Dec 2 09:46:02 2022 +
Commit: Marek Szuba gentoo org>
CommitDate: Fri Dec 2 10:00:06 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=56123cf7
net-analyzer/suricata: add 6.0.9
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 2 +
net-analyzer/suricata/suricata-6.0.9.ebuild | 215
2 files changed, 217 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 3be5cf6b3c89..2314e0a6d360 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,4 @@
DIST suricata-6.0.8.tar.gz 32697425 BLAKE2B
1e445885f3a672081cbb8f17de9fb0fa21a2c618b80ea8d3d9362c0475149d833986cac047ad90b1c1a5b5b19025ff501a695e0f197c00457859b3858f51ecba
SHA512
ab1eceedde70179e4a447297039e64132e0a2361e8424ad42c9037273a3f6eaf4c8d5d0306af6f26c8b373636b621ac1d7d505952306d9170c6a87e6fb863b61
DIST suricata-6.0.8.tar.gz.sig 566 BLAKE2B
817756401d628e49fb0f54faca05d87131711946aa641d0f0a5957fa2f5d6378e1b5cafeaf67b176b66cb0be0afd790aea1312042a195535e57571276aef1edc
SHA512
d0d354b6fca3ef088e2371d6262f4bd45fb06747fcc32519510e690ced933d828fc1acf64d8d1b17d0360ce280905e5bf4b1c9fb8016d82cdee57a432bded884
+DIST suricata-6.0.9.tar.gz 27352128 BLAKE2B
966657eeff216894f6357989f0317b7c5eed82602ca2381269446cbe4c015be449f5598726b2f58924f20aca30c4e130ecafe642ea4ce39f1671f46093292551
SHA512
09a24a90db11e74da2d584904987c2d751243a95cf237d13a8b57cdffc6659281c9d572404caea657e637d7eed01ecfe40bdfcfc79c09e1ca8eb26637dddbb6c
+DIST suricata-6.0.9.tar.gz.sig 566 BLAKE2B
1ac1bb67caef5e5827127befd269de03ec697a351e80575d1f0f729c491be3601cc2e9372e87f762aefcb8c15403f94f122e3d626061e2215b8edcda38c46f37
SHA512
0df7d1f83bd1adb4e87b0afeada99c64b2aa50fdfb9eda5d44043f4447bceda50a057e78db2397f882efbe7440ba7e3f5db9e610f679938e5ed461f175d70c6f
diff --git a/net-analyzer/suricata/suricata-6.0.9.ebuild
b/net-analyzer/suricata/suricata-6.0.9.ebuild
new file mode 100644
index ..7f150ca4dc8d
--- /dev/null
+++ b/net-analyzer/suricata/suricata-6.0.9.ebuild
@@ -0,0 +1,215 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+LUA_COMPAT=( lua5-1 luajit )
+PYTHON_COMPAT=( python3_{9..11} )
+
+inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd
tmpfiles verify-sig
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
+HOMEPAGE="https://suricata.io/;
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
+ verify-sig? (
https://www.openinfosecfoundation.org/download/${P}.tar.gz.sig )"
+
+LICENSE="GPL-2"
+SLOT="0/6"
+KEYWORDS="~amd64 ~riscv ~x86"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
hyperscan lua lz4 nflog +nfqueue redis systemd test"
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ bpf? ( af-packet )
+ lua? ( ${LUA_REQUIRED_USE} )"
+
+RDEPEND="${PYTHON_DEPS}
+ acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson:=
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_USEDEP}]
+ ')
+ >=net-libs/libhtp-0.5.42
+ net-libs/libpcap
+ sys-apps/file
+ sys-libs/libcap-ng
+ bpf?( https://${PN}.readthedocs.io/en/${P}/capture-hardware/ebpf-xdp.html;
+ fi
+
+ if use debug; then
+ elog
+ elog "You have enabled the debug USE flag. Please read this
link to report bugs upstream:"
+ elog
"https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs;
+ elog "You need to also ensure the FEATURES variable in
make.conf contains the"
+ elog "'nostrip' option to produce useful core dumps or back
traces."
+ fi
+
+ elog
+ if [[ -z "${REPLACING_VERSIONS}" ]]; then
+ elog "To download and install an initial set of rules, run:"
+ elog "emerge --config =${CATEGORY}/${PF}"
+ fi
+ elog
+}
+
+pkg_config() {
+ suricata-update
+}
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: fa455e775b038a6b8e1c0fe57df3ed0d39882955
Author: Marek Szuba gentoo org>
AuthorDate: Wed Nov 9 22:59:42 2022 +
Commit: Marek Szuba gentoo org>
CommitDate: Thu Nov 10 00:42:08 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fa455e77
net-analyzer/suricata: do not mention version 5 any more
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/suricata-6.0.8-r1.ebuild | 6 +-
1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/net-analyzer/suricata/suricata-6.0.8-r1.ebuild
b/net-analyzer/suricata/suricata-6.0.8-r1.ebuild
index 9b39a338afc0..1caffbd09a2c 100644
--- a/net-analyzer/suricata/suricata-6.0.8-r1.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.8-r1.ebuild
@@ -203,11 +203,7 @@ pkg_postinst() {
fi
elog
- if [[ -n "${REPLACING_VERSIONS}" ]]; then
- ewarn "Since version 6.0.0 Suricata no longer supports the
unified2 output format commonly used"
- ewarn "in legacy, Snort-compatible IDS solutions, e.g. ones
based on net-analyzer/barnyard2."
- ewarn "If you need unified2 support, please continue to use
suricata-5."
- else
+ if [[ -z "${REPLACING_VERSIONS}" ]]; then
elog "To download and install an initial set of rules, run:"
elog "emerge --config =${CATEGORY}/${PF}"
fi
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 4cc4a0c4fc45b09318bd4a9a73032270f30748b5
Author: Marek Szuba gentoo org>
AuthorDate: Tue Nov 1 12:58:35 2022 +
Commit: Marek Szuba gentoo org>
CommitDate: Tue Nov 1 13:10:33 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4cc4a0c4
net-analyzer/suricata: revbump for Python shebang change
Was going to make some additional potentially revbump-requiring tweaking
but have run out of time for now.
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/{suricata-6.0.8.ebuild => suricata-6.0.8-r1.ebuild} | 0
1 file changed, 0 insertions(+), 0 deletions(-)
diff --git a/net-analyzer/suricata/suricata-6.0.8.ebuild
b/net-analyzer/suricata/suricata-6.0.8-r1.ebuild
similarity index 100%
rename from net-analyzer/suricata/suricata-6.0.8.ebuild
rename to net-analyzer/suricata/suricata-6.0.8-r1.ebuild
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: ccd5c182f09cb41b255b1c1ba6c2226e6158de5e
Author: Marek Szuba gentoo org>
AuthorDate: Tue Nov 1 00:27:56 2022 +
Commit: Marek Szuba gentoo org>
CommitDate: Tue Nov 1 00:36:30 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ccd5c182
net-analyzer/suricata: fix shebangs in installed Python scripts
Closes: https://bugs.gentoo.org/878855
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/suricata-6.0.8.ebuild | 2 ++
1 file changed, 2 insertions(+)
diff --git a/net-analyzer/suricata/suricata-6.0.8.ebuild
b/net-analyzer/suricata/suricata-6.0.8.ebuild
index 5176b2844776..9b39a338afc0 100644
--- a/net-analyzer/suricata/suricata-6.0.8.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.8.ebuild
@@ -128,6 +128,8 @@ src_configure() {
src_install() {
emake DESTDIR="${D}" install
python_optimize
+ # Bug #878855
+ python_fix_shebang "${ED}"/usr/bin/
if use bpf; then
rm -f ebpf/Makefile.{am,in} || die
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 9da636ee58895a292c2eabc921b986b6cf1993f7
Author: Marek Szuba gentoo org>
AuthorDate: Tue Oct 4 00:34:18 2022 +
Commit: Marek Szuba gentoo org>
CommitDate: Tue Oct 4 00:52:51 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9da636ee
net-analyzer/suricata: add 6.0.8, drop 6.0.6-r1
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest| 4 ++--
.../suricata/{suricata-6.0.6-r1.ebuild => suricata-6.0.8.ebuild} | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 0d0da5219528..3be5cf6b3c89 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,2 @@
-DIST suricata-6.0.6.tar.gz 32651139 BLAKE2B
de0a73c618c1e2777019de6b29be5224db1885840cba8d05ad4a83fc082408e5d8b16d2c6055701f5d279852a99bea5dea01bed58ad0148afd76c1158e693f16
SHA512
184e5a2f3a68de33198f6f0e681710b3f04ed083081ef989dba77d1afb78922c5afdcdaa18ca92c6ed79b98134a3c42b13e1f3e91d20ea10ca74a692f93c5101
-DIST suricata-6.0.6.tar.gz.sig 566 BLAKE2B
07a1d3ccf434eb0bff36009d36b449ed3295e78ca217efc3bfb722169f80e513621878077e5d2e6a5085db6dff3dfcb0d37ca3d125b590b4ba56a6135293377b
SHA512
8dc242af8d176699c710c27ec4ebc37c1363ebed1601de9a6f5a81a393079eff4680e6912674872861d905cfe85dfa610c2a66a9a79980603868bb9d515ffe29
+DIST suricata-6.0.8.tar.gz 32697425 BLAKE2B
1e445885f3a672081cbb8f17de9fb0fa21a2c618b80ea8d3d9362c0475149d833986cac047ad90b1c1a5b5b19025ff501a695e0f197c00457859b3858f51ecba
SHA512
ab1eceedde70179e4a447297039e64132e0a2361e8424ad42c9037273a3f6eaf4c8d5d0306af6f26c8b373636b621ac1d7d505952306d9170c6a87e6fb863b61
+DIST suricata-6.0.8.tar.gz.sig 566 BLAKE2B
817756401d628e49fb0f54faca05d87131711946aa641d0f0a5957fa2f5d6378e1b5cafeaf67b176b66cb0be0afd790aea1312042a195535e57571276aef1edc
SHA512
d0d354b6fca3ef088e2371d6262f4bd45fb06747fcc32519510e690ced933d828fc1acf64d8d1b17d0360ce280905e5bf4b1c9fb8016d82cdee57a432bded884
diff --git a/net-analyzer/suricata/suricata-6.0.6-r1.ebuild
b/net-analyzer/suricata/suricata-6.0.8.ebuild
similarity index 99%
rename from net-analyzer/suricata/suricata-6.0.6-r1.ebuild
rename to net-analyzer/suricata/suricata-6.0.8.ebuild
index eb585ca69101..5176b2844776 100644
--- a/net-analyzer/suricata/suricata-6.0.6-r1.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.8.ebuild
@@ -38,7 +38,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.40
+ >=net-libs/libhtp-0.5.41
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 748cdd7b6cc6c2c5b3fd4ab2796e12054b8d666a
Author: Marek Szuba gentoo org>
AuthorDate: Thu Sep 1 11:59:55 2022 +
Commit: Marek Szuba gentoo org>
CommitDate: Thu Sep 1 11:59:55 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=748cdd7b
net-analyzer/suricata: require () APIs were deprecated since libbpf-0.8.0
and have been removed before 1.0 release; see
https://lore.kernel.org/bpf/Yrwhi2VWtxF+QJk6@boxer/T/
Closes: https://bugs.gentoo.org/867757
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/suricata-6.0.6-r1.ebuild | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/suricata-6.0.6-r1.ebuild
b/net-analyzer/suricata/suricata-6.0.6-r1.ebuild
index aa3162a55d94..eb585ca69101 100644
--- a/net-analyzer/suricata/suricata-6.0.6-r1.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.6-r1.ebuild
@@ -42,7 +42,7 @@ RDEPEND="${PYTHON_DEPS}
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
- bpf?( >=dev-libs/libbpf-0.1.0 )
+ bpf?(
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/files/, profiles/, net-analyzer/suricata/
commit: 0d7e04faf5b1c641c4cc783fd4f156fee1bde66b
Author: Marek Szuba gentoo org>
AuthorDate: Wed Aug 31 15:31:52 2022 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Aug 31 15:33:40 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0d7e04fa
net-analyzer/suricata: drop EOLed major version 5
Closes: https://bugs.gentoo.org/862813
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 1 -
net-analyzer/suricata/files/suricata-5.0.1-conf| 62 --
net-analyzer/suricata/files/suricata-5.0.1-init| 147 --
.../files/suricata-5.0.1_default-config.patch | 27 ---
net-analyzer/suricata/suricata-5.0.10.ebuild | 211 -
profiles/package.mask | 5 -
6 files changed, 453 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 4c10e0066966..0d0da5219528 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,3 +1,2 @@
-DIST suricata-5.0.10.tar.gz 29391642 BLAKE2B
b5c83b9882e89894c3dedb7f536d584a20bbeab24236752e528171db6589a6308422c8b0be4f433fc63b8cfc227aa0b67935a4aece943b10f4577398ea9ed467
SHA512
c59719d42a236ac7421e0bcf6894f113c8f7518e2b5dde558cbe57c12b68b86ef700bae3f4047c6b2677a784061951fc9d058e9f59b11846279da06e9649ac56
DIST suricata-6.0.6.tar.gz 32651139 BLAKE2B
de0a73c618c1e2777019de6b29be5224db1885840cba8d05ad4a83fc082408e5d8b16d2c6055701f5d279852a99bea5dea01bed58ad0148afd76c1158e693f16
SHA512
184e5a2f3a68de33198f6f0e681710b3f04ed083081ef989dba77d1afb78922c5afdcdaa18ca92c6ed79b98134a3c42b13e1f3e91d20ea10ca74a692f93c5101
DIST suricata-6.0.6.tar.gz.sig 566 BLAKE2B
07a1d3ccf434eb0bff36009d36b449ed3295e78ca217efc3bfb722169f80e513621878077e5d2e6a5085db6dff3dfcb0d37ca3d125b590b4ba56a6135293377b
SHA512
8dc242af8d176699c710c27ec4ebc37c1363ebed1601de9a6f5a81a393079eff4680e6912674872861d905cfe85dfa610c2a66a9a79980603868bb9d515ffe29
diff --git a/net-analyzer/suricata/files/suricata-5.0.1-conf
b/net-analyzer/suricata/files/suricata-5.0.1-conf
deleted file mode 100644
index 7f22113dbf0d..
--- a/net-analyzer/suricata/files/suricata-5.0.1-conf
+++ /dev/null
@@ -1,62 +0,0 @@
-# Config file for /etc/init.d/suricata*
-
-# Where config files are stored. Default:
-
-# SURICATA_DIR="/etc/suricata"
-
-# Pass options to each suricata service.
-#
-# You can launch more than one service at the same time with different options.
-# This can be useful in a multi-queue gateway, for example.
-# You can expand on the Suricata inline example found at:
-# http://suricata.readthedocs.io/en/latest/setting-up-ipsinline-for-linux.html
-# Instead of configuring iptables to send traffic to just one queue, you can
configure it to "load balance"
-# on several queues. You can then have a Suricata instance processing traffic
for each queue.
-# This should help improve performance on the gateway/firewall.
-#
-# Suppose you configured iptables to use queues 0 and 1 named q0 and q1. You
can now do the following:
-# ln -s /etc/init.d/suricata /etc/init.d/suricata.q0
-# ln -s /etc/init.d/suricata /etc/init.d/suricata.q1
-# cp /etc/suricata/suricata.yaml /etc/suricata/suricata-q0.yaml
-# cp /etc/suricata/suricata.yaml /etc/suricata/suricata-q1.yaml
-#
-# Edit both suricata-q{0,1}.yaml files and set values accordingly.
-# You can override these yaml config file names with SURICATA_CONF* below
(optional).
-# This allows you to use the same yaml config file for multiple instances as
long as you override
-# sensible options such as the log file paths.
-# SURICATA_CONF_q0="suricata-queues.yaml"
-# SURICATA_CONF_q1="suricata-queues.yaml"
-# SURICATA_CONF="suricata.yaml"
-
-# You can define the options here:
-# NB: avoid using -l, -c, --user, --group and setting
logging.outputs.1.file.filename as the init script will try to set them for you.
-
-# SURICATA_OPTS_q0="-q 0"
-# SURICATA_OPTS_q1="-q 1"
-
-# If you want to use ${SURICATA_DIR}/suricata.yaml and start the service with
/etc/init.d/suricata
-# then you can set:
-
-SURICATA_OPTS="--af-packet"
-
-# Log paths listed here will be created by the init script and will override
the log path
-# set in the yaml file, if present.
-# SURICATA_LOG_FILE_q0="/var/log/suricata/q0/suricata.log"
-# SURICATA_LOG_FILE_q1="/var/log/suricata/q1/suricata.log"
-# SURICATA_LOG_FILE="/var/log/suricata/suricata.log"
-
-# Run as user/group.
-# Do not define if you want to run as root or as the user defined in the yaml
config file (run-as).
-# The ebuild should have created the dedicated user/group suricata:suricata
for you to specify here below.
-# SURICATA_USER_q0="suricata"
-# SURICATA_GROUP_q0="suricata"
-# SURICATA_USER_q1="suricata"
-# SURICATA_GROUP_q1="suricata"
-# SURICATA_USER="suricata"
-# SURICATA_GROUP="suricata"
-
-# Suricata processes can take a long time to shut down.
-# If necessary, adjust timeout in seconds to be used when calling stop from
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 273a7f92150be905787cd14cb7896bc844fed7e1
Author: Marek Szuba gentoo org>
AuthorDate: Wed Aug 24 15:16:23 2022 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Aug 24 15:36:16 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=273a7f92
net-analyzer/suricata: enable py3.11
Builds, tests and installs fine with this Python version.
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/suricata-6.0.6.ebuild | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/suricata-6.0.6.ebuild
b/net-analyzer/suricata/suricata-6.0.6.ebuild
index 751a280a7b5d..a3816e04eee7 100644
--- a/net-analyzer/suricata/suricata-6.0.6.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.6.ebuild
@@ -4,7 +4,7 @@
EAPI=8
LUA_COMPAT=( lua5-1 luajit )
-PYTHON_COMPAT=( python3_{8..10} )
+PYTHON_COMPAT=( python3_{8..11} )
inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd
tmpfiles
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/files/, net-analyzer/suricata/
commit: cfb2e41c5dff7fa16debdb27c58fcdfb66f3c5b8
Author: Marek Szuba gentoo org>
AuthorDate: Wed Aug 24 15:34:28 2022 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Aug 24 15:36:18 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cfb2e41c
net-analyzer/suricata: remove bashisms from the init script
Closes: https://bugs.gentoo.org/840945
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/files/suricata.confd | 62 +
net-analyzer/suricata/files/suricata.initd | 147 +
...icata-6.0.6.ebuild => suricata-6.0.6-r1.ebuild} | 4 +-
3 files changed, 211 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/files/suricata.confd
b/net-analyzer/suricata/files/suricata.confd
new file mode 100644
index ..7f22113dbf0d
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata.confd
@@ -0,0 +1,62 @@
+# Config file for /etc/init.d/suricata*
+
+# Where config files are stored. Default:
+
+# SURICATA_DIR="/etc/suricata"
+
+# Pass options to each suricata service.
+#
+# You can launch more than one service at the same time with different options.
+# This can be useful in a multi-queue gateway, for example.
+# You can expand on the Suricata inline example found at:
+# http://suricata.readthedocs.io/en/latest/setting-up-ipsinline-for-linux.html
+# Instead of configuring iptables to send traffic to just one queue, you can
configure it to "load balance"
+# on several queues. You can then have a Suricata instance processing traffic
for each queue.
+# This should help improve performance on the gateway/firewall.
+#
+# Suppose you configured iptables to use queues 0 and 1 named q0 and q1. You
can now do the following:
+# ln -s /etc/init.d/suricata /etc/init.d/suricata.q0
+# ln -s /etc/init.d/suricata /etc/init.d/suricata.q1
+# cp /etc/suricata/suricata.yaml /etc/suricata/suricata-q0.yaml
+# cp /etc/suricata/suricata.yaml /etc/suricata/suricata-q1.yaml
+#
+# Edit both suricata-q{0,1}.yaml files and set values accordingly.
+# You can override these yaml config file names with SURICATA_CONF* below
(optional).
+# This allows you to use the same yaml config file for multiple instances as
long as you override
+# sensible options such as the log file paths.
+# SURICATA_CONF_q0="suricata-queues.yaml"
+# SURICATA_CONF_q1="suricata-queues.yaml"
+# SURICATA_CONF="suricata.yaml"
+
+# You can define the options here:
+# NB: avoid using -l, -c, --user, --group and setting
logging.outputs.1.file.filename as the init script will try to set them for you.
+
+# SURICATA_OPTS_q0="-q 0"
+# SURICATA_OPTS_q1="-q 1"
+
+# If you want to use ${SURICATA_DIR}/suricata.yaml and start the service with
/etc/init.d/suricata
+# then you can set:
+
+SURICATA_OPTS="--af-packet"
+
+# Log paths listed here will be created by the init script and will override
the log path
+# set in the yaml file, if present.
+# SURICATA_LOG_FILE_q0="/var/log/suricata/q0/suricata.log"
+# SURICATA_LOG_FILE_q1="/var/log/suricata/q1/suricata.log"
+# SURICATA_LOG_FILE="/var/log/suricata/suricata.log"
+
+# Run as user/group.
+# Do not define if you want to run as root or as the user defined in the yaml
config file (run-as).
+# The ebuild should have created the dedicated user/group suricata:suricata
for you to specify here below.
+# SURICATA_USER_q0="suricata"
+# SURICATA_GROUP_q0="suricata"
+# SURICATA_USER_q1="suricata"
+# SURICATA_GROUP_q1="suricata"
+# SURICATA_USER="suricata"
+# SURICATA_GROUP="suricata"
+
+# Suricata processes can take a long time to shut down.
+# If necessary, adjust timeout in seconds to be used when calling stop from
the init script.
+# Examples:
+# SURICATA_MAX_WAIT_ON_STOP="300"
+# SURICATA_MAX_WAIT_ON_STOP="SIGTERM/30"
diff --git a/net-analyzer/suricata/files/suricata.initd
b/net-analyzer/suricata/files/suricata.initd
new file mode 100644
index ..154636ef828e
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata.initd
@@ -0,0 +1,147 @@
+#!/sbin/openrc-run
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+SURICATA_BIN=/usr/bin/suricata
+SURICATA_DIR=${SURICATA_DIR:-/etc/suricata}
+SURICATA=${SVCNAME#*.}
+SURICATAID=$(shell_var "${SURICATA}")
+if [ -n "${SURICATA}" ] && [ ${SVCNAME} != "suricata" ]; then
+eval SURICATACONF=\$SURICATA_CONF_${SURICATAID}
+[ ${#SURICATACONF} -eq 0 ] &&
SURICATACONF="${SURICATA_DIR}/suricata-${SURICATA}.yaml" ||
SURICATACONF="${SURICATA_DIR}/${SURICATACONF}"
+SURICATAPID="/run/suricata/suricata.${SURICATA}.pid"
+eval SURICATAOPTS=\$SURICATA_OPTS_${SURICATAID}
+eval SURICATALOGPATH=\$SURICATA_LOG_FILE_${SURICATAID}
+eval SURICATAUSER=\$SURICATA_USER_${SURICATAID}
+eval SURICATAGROUP=\$SURICATA_GROUP_${SURICATAID}
+else
+SURICATACONF=${SURICATA_CONF}
+[ ${#SURICATACONF} -eq 0 ] && SURICATACONF="${SURICATA_DIR}/suricata.yaml"
|| SURICATACONF="${SURICATA_DIR}/${SURICATACONF}"
+
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 4e48545f46682625aa2fae6ffe25e86096c583a5
Author: Marek Szuba gentoo org>
AuthorDate: Wed Aug 24 15:17:08 2022 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Aug 24 15:36:16 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4e48545f
net-analyzer/suricata: add USE=verify-sig support
Suggested-by: Jonathan Davies protonmail.com>
Closes: https://github.com/gentoo/gentoo/pull/24615
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 1 +
net-analyzer/suricata/suricata-6.0.6.ebuild | 7 +--
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 57121c96f9d8..4c10e0066966 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,3 @@
DIST suricata-5.0.10.tar.gz 29391642 BLAKE2B
b5c83b9882e89894c3dedb7f536d584a20bbeab24236752e528171db6589a6308422c8b0be4f433fc63b8cfc227aa0b67935a4aece943b10f4577398ea9ed467
SHA512
c59719d42a236ac7421e0bcf6894f113c8f7518e2b5dde558cbe57c12b68b86ef700bae3f4047c6b2677a784061951fc9d058e9f59b11846279da06e9649ac56
DIST suricata-6.0.6.tar.gz 32651139 BLAKE2B
de0a73c618c1e2777019de6b29be5224db1885840cba8d05ad4a83fc082408e5d8b16d2c6055701f5d279852a99bea5dea01bed58ad0148afd76c1158e693f16
SHA512
184e5a2f3a68de33198f6f0e681710b3f04ed083081ef989dba77d1afb78922c5afdcdaa18ca92c6ed79b98134a3c42b13e1f3e91d20ea10ca74a692f93c5101
+DIST suricata-6.0.6.tar.gz.sig 566 BLAKE2B
07a1d3ccf434eb0bff36009d36b449ed3295e78ca217efc3bfb722169f80e513621878077e5d2e6a5085db6dff3dfcb0d37ca3d125b590b4ba56a6135293377b
SHA512
8dc242af8d176699c710c27ec4ebc37c1363ebed1601de9a6f5a81a393079eff4680e6912674872861d905cfe85dfa610c2a66a9a79980603868bb9d515ffe29
diff --git a/net-analyzer/suricata/suricata-6.0.6.ebuild
b/net-analyzer/suricata/suricata-6.0.6.ebuild
index a3816e04eee7..054eb7c52431 100644
--- a/net-analyzer/suricata/suricata-6.0.6.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.6.ebuild
@@ -6,16 +6,18 @@ EAPI=8
LUA_COMPAT=( lua5-1 luajit )
PYTHON_COMPAT=( python3_{8..11} )
-inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd
tmpfiles
+inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd
tmpfiles verify-sig
DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
HOMEPAGE="https://suricata.io/;
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz
+ verify-sig? (
https://www.openinfosecfoundation.org/download/${P}.tar.gz.sig )"
LICENSE="GPL-2"
SLOT="0/6"
KEYWORDS="~amd64 ~riscv ~x86"
IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
hyperscan lua lz4 nflog +nfqueue redis systemd test"
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}/usr/share/openpgp-keys/openinfosecfoundation.org.asc"
RESTRICT="!test? ( test )"
@@ -52,6 +54,7 @@ RDEPEND="${PYTHON_DEPS}
DEPEND="${RDEPEND}
>=sys-devel/autoconf-2.69-r5
virtual/rust"
+BDEPEND="verify-sig? ( >=sec-keys/openpgp-keys-oisf-20200807 )"
PATCHES=(
"${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 7f4e93388771731395d5848538531f6419f843f3
Author: Marek Szuba gentoo org>
AuthorDate: Wed Jul 27 23:43:33 2022 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Jul 27 23:43:33 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7f4e9338
net-analyzer/suricata: filter out LTO flags
Triggers type mismatches as demonstrated in the linked bug.
Don't bother doing the same with suricata-5, it is mere days
away from its end of life.
Closes: https://bugs.gentoo.org/861242
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/suricata-6.0.6.ebuild | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/suricata-6.0.6.ebuild
b/net-analyzer/suricata/suricata-6.0.6.ebuild
index 1170a44de6b0..751a280a7b5d 100644
--- a/net-analyzer/suricata/suricata-6.0.6.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.6.ebuild
@@ -6,7 +6,7 @@ EAPI=8
LUA_COMPAT=( lua5-1 luajit )
PYTHON_COMPAT=( python3_{8..10} )
-inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
+inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd
tmpfiles
DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
HOMEPAGE="https://suricata.io/;
@@ -80,6 +80,9 @@ src_prepare() {
}
src_configure() {
+ # Bug #861242
+ filter-lto
+
local myeconfargs=(
"--localstatedir=/var" \
"--runstatedir=/run" \
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 6174a0f40918932e75a92b8892e7f2884ad493b0
Author: Marek Szuba gentoo org>
AuthorDate: Wed Jul 13 13:40:31 2022 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Jul 13 15:55:24 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6174a0f4
net-analyzer/suricata: drop 5.0.8-r1, 6.0.4-r1
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 2 -
net-analyzer/suricata/suricata-5.0.8-r1.ebuild | 207
net-analyzer/suricata/suricata-6.0.4-r1.ebuild | 211 -
3 files changed, 420 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 835e03888260..b2e75432ae3d 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,4 +1,2 @@
-DIST suricata-5.0.8.tar.gz 29272209 BLAKE2B
5c13aea176b477c620d1ed294310ee84ec706abbc740a23d66722297c09b61f253bbe17700cd58f8ce439987c9b13f312aba37d911b6522e4848e7c1b0cd
SHA512
a3b355f158f72ed7b43304069ed81b1ebcb331a9fc3e7cfd2e4d04e33369cec1f654f80a2d3df86af74b631235c49068ff992c8715fe868e5ae6b5aff5642891
DIST suricata-5.0.9.tar.gz 29365601 BLAKE2B
02ab99585233a47b1577e55060ba1141c339718e5bd39b6f4d38bb9384fd459aae353f313083048128507f9023a8bcfea3e5a5bcc9ea0c75cfc9c288ca9db6b6
SHA512
5097bb0d62df05343628579a880eb57182c36c757f707ecaa6c2a8f54e759d8e42357f55630f33bb84e8cd98b783745e1525bdf08ef370754860a3b6aecf2fa4
-DIST suricata-6.0.4.tar.gz 32498036 BLAKE2B
083c08ab0878352c425e18184c07866640e5cbe4838749eeb934857bfb486e4b78e7f9ac724289e8ea30b33fe637484cc6da7bc78231e5419b747e22e5a9b6dc
SHA512
8dccea669e50758def06fe3f3e8d5048d76b27a80b5f96a7b56d2ab6e4da358d8b17ec2d764e1b53cc6a1334ee0b14191cc80f5dcf18cc4d804d5c530290adf0
DIST suricata-6.0.5.tar.gz 32605145 BLAKE2B
6fb85eee9a9e5d97eeed5b55f72230261a5cc9c28f0f6ea0cb39f795e1b0ea9655d7bcc3016812f42adc8a9a18e7234c371e05e907686c54214b29a506b38494
SHA512
8b15a8756846faed4120eef75641a6595d06ec9282a934f4d740bba6d01f08b4e876bf6c53559ab571aba5fab70dcc70d891c82978d6b60ab86ab0ae9660368e
diff --git a/net-analyzer/suricata/suricata-5.0.8-r1.ebuild
b/net-analyzer/suricata/suricata-5.0.8-r1.ebuild
deleted file mode 100644
index d2ee545bc674..
--- a/net-analyzer/suricata/suricata-5.0.8-r1.ebuild
+++ /dev/null
@@ -1,207 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-LUA_COMPAT=( lua5-1 luajit )
-PYTHON_COMPAT=( python3_{8..10} )
-
-inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
-HOMEPAGE="https://suricata.io/;
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
-
-LICENSE="GPL-2"
-SLOT="0/5"
-KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
hyperscan lua lz4 nflog +nfqueue redis systemd test"
-
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- bpf? ( af-packet )
- lua? ( ${LUA_REQUIRED_USE} )"
-
-RDEPEND="${PYTHON_DEPS}
- acct-group/suricata
- acct-user/suricata
- dev-libs/jansson:=
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- $(python_gen_cond_dep '
- dev-python/pyyaml[${PYTHON_USEDEP}]
- ')
- >=net-libs/libhtp-0.5.39
- net-libs/libpcap
- sys-apps/file
- sys-libs/libcap-ng
- bpf?( >=dev-libs/libbpf-0.1.0 )
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/libmaxminddb )
- hyperscan? ( dev-libs/hyperscan )
- lua?( ${LUA_DEPS} )
- lz4?( app-arch/lz4 )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue?( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis:= )"
-DEPEND="${RDEPEND}
- >=sys-devel/autoconf-2.69-r5
- virtual/rust"
-
-PATCHES=(
- "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
- "${FILESDIR}/${PN}-5.0.1_default-config.patch"
- "${FILESDIR}/${PN}-5.0.6_configure-no-sphinx-pdflatex-automagic.patch"
- "${FILESDIR}/${PN}-5.0.7_configure-no-hyperscan-automagic.patch"
-)
-
-pkg_pretend() {
- if use bpf && use kernel_linux; then
- if kernel_is -lt 4 15; then
- ewarn "Kernel 4.15 or newer is necessary to use all XDP
features like the CPU redirect map"
- fi
-
- CONFIG_CHECK="~XDP_SOCKETS"
- ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it
impossible for Suricata to load XDP programs. "
- ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
- check_extra_config
- fi
-}
-
-src_prepare() {
- default
- sed -ie 's/docdir =.*/docdir =
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 26370f71e40abad8193f8447c471b5c2d93a6d29
Author: Marek Szuba gentoo org>
AuthorDate: Wed Jul 13 13:57:13 2022 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Jul 13 15:55:26 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=26370f71
net-analyzer/suricata: add 6.0.6 and 5.0.10, remove old
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest| 4 ++--
.../suricata/{suricata-5.0.9.ebuild => suricata-5.0.10.ebuild}| 4
.../suricata/{suricata-6.0.5.ebuild => suricata-6.0.6.ebuild} | 0
3 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index b2e75432ae3d..57121c96f9d8 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,2 @@
-DIST suricata-5.0.9.tar.gz 29365601 BLAKE2B
02ab99585233a47b1577e55060ba1141c339718e5bd39b6f4d38bb9384fd459aae353f313083048128507f9023a8bcfea3e5a5bcc9ea0c75cfc9c288ca9db6b6
SHA512
5097bb0d62df05343628579a880eb57182c36c757f707ecaa6c2a8f54e759d8e42357f55630f33bb84e8cd98b783745e1525bdf08ef370754860a3b6aecf2fa4
-DIST suricata-6.0.5.tar.gz 32605145 BLAKE2B
6fb85eee9a9e5d97eeed5b55f72230261a5cc9c28f0f6ea0cb39f795e1b0ea9655d7bcc3016812f42adc8a9a18e7234c371e05e907686c54214b29a506b38494
SHA512
8b15a8756846faed4120eef75641a6595d06ec9282a934f4d740bba6d01f08b4e876bf6c53559ab571aba5fab70dcc70d891c82978d6b60ab86ab0ae9660368e
+DIST suricata-5.0.10.tar.gz 29391642 BLAKE2B
b5c83b9882e89894c3dedb7f536d584a20bbeab24236752e528171db6589a6308422c8b0be4f433fc63b8cfc227aa0b67935a4aece943b10f4577398ea9ed467
SHA512
c59719d42a236ac7421e0bcf6894f113c8f7518e2b5dde558cbe57c12b68b86ef700bae3f4047c6b2677a784061951fc9d058e9f59b11846279da06e9649ac56
+DIST suricata-6.0.6.tar.gz 32651139 BLAKE2B
de0a73c618c1e2777019de6b29be5224db1885840cba8d05ad4a83fc082408e5d8b16d2c6055701f5d279852a99bea5dea01bed58ad0148afd76c1158e693f16
SHA512
184e5a2f3a68de33198f6f0e681710b3f04ed083081ef989dba77d1afb78922c5afdcdaa18ca92c6ed79b98134a3c42b13e1f3e91d20ea10ca74a692f93c5101
diff --git a/net-analyzer/suricata/suricata-5.0.9.ebuild
b/net-analyzer/suricata/suricata-5.0.10.ebuild
similarity index 97%
rename from net-analyzer/suricata/suricata-5.0.9.ebuild
rename to net-analyzer/suricata/suricata-5.0.10.ebuild
index 585a9b6114bd..bcc45a9635c7 100644
--- a/net-analyzer/suricata/suricata-5.0.9.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.10.ebuild
@@ -152,6 +152,10 @@ src_install() {
pkg_postinst() {
tmpfiles_process ${PN}.conf
+ ewarn
+ ewarn "The 5.0 branch of ${PN} will reach the end of life (EOL) on
2022-08-01, after which date upstream will no longer produce or release fixes
for this branch."
+ ewarn
+
elog
if use systemd; then
elog "Suricata requires either the mode of operation (e.g.
--af-packet) or the interface to listen on (e.g. -i eth0)"
diff --git a/net-analyzer/suricata/suricata-6.0.5.ebuild
b/net-analyzer/suricata/suricata-6.0.6.ebuild
similarity index 100%
rename from net-analyzer/suricata/suricata-6.0.5.ebuild
rename to net-analyzer/suricata/suricata-6.0.6.ebuild
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 724b39f227f162ab77bd1f53aab0b1f306311bd6
Author: Marek Szuba gentoo org>
AuthorDate: Mon Apr 25 22:33:37 2022 +
Commit: Marek Szuba gentoo org>
CommitDate: Mon Apr 25 22:57:12 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=724b39f2
net-analyzer/suricata: add 5.0.9
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 1 +
net-analyzer/suricata/suricata-5.0.9.ebuild | 207
2 files changed, 208 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index f72537a77d01..a1800d4a5d4a 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,3 @@
DIST suricata-5.0.8.tar.gz 29272209 BLAKE2B
5c13aea176b477c620d1ed294310ee84ec706abbc740a23d66722297c09b61f253bbe17700cd58f8ce439987c9b13f312aba37d911b6522e4848e7c1b0cd
SHA512
a3b355f158f72ed7b43304069ed81b1ebcb331a9fc3e7cfd2e4d04e33369cec1f654f80a2d3df86af74b631235c49068ff992c8715fe868e5ae6b5aff5642891
+DIST suricata-5.0.9.tar.gz 29365601 BLAKE2B
02ab99585233a47b1577e55060ba1141c339718e5bd39b6f4d38bb9384fd459aae353f313083048128507f9023a8bcfea3e5a5bcc9ea0c75cfc9c288ca9db6b6
SHA512
5097bb0d62df05343628579a880eb57182c36c757f707ecaa6c2a8f54e759d8e42357f55630f33bb84e8cd98b783745e1525bdf08ef370754860a3b6aecf2fa4
DIST suricata-6.0.4.tar.gz 32498036 BLAKE2B
083c08ab0878352c425e18184c07866640e5cbe4838749eeb934857bfb486e4b78e7f9ac724289e8ea30b33fe637484cc6da7bc78231e5419b747e22e5a9b6dc
SHA512
8dccea669e50758def06fe3f3e8d5048d76b27a80b5f96a7b56d2ab6e4da358d8b17ec2d764e1b53cc6a1334ee0b14191cc80f5dcf18cc4d804d5c530290adf0
diff --git a/net-analyzer/suricata/suricata-5.0.9.ebuild
b/net-analyzer/suricata/suricata-5.0.9.ebuild
new file mode 100644
index ..585a9b6114bd
--- /dev/null
+++ b/net-analyzer/suricata/suricata-5.0.9.ebuild
@@ -0,0 +1,207 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+LUA_COMPAT=( lua5-1 luajit )
+PYTHON_COMPAT=( python3_{8..10} )
+
+inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
+HOMEPAGE="https://suricata.io/;
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
+
+LICENSE="GPL-2"
+SLOT="0/5"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
hyperscan lua lz4 nflog +nfqueue redis systemd test"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ bpf? ( af-packet )
+ lua? ( ${LUA_REQUIRED_USE} )"
+
+RDEPEND="${PYTHON_DEPS}
+ acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson:=
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_USEDEP}]
+ ')
+ >=net-libs/libhtp-0.5.40
+ net-libs/libpcap
+ sys-apps/file
+ sys-libs/libcap-ng
+ bpf?( >=dev-libs/libbpf-0.1.0 )
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/libmaxminddb )
+ hyperscan? ( dev-libs/hyperscan )
+ lua?( ${LUA_DEPS} )
+ lz4?( app-arch/lz4 )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue?( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis:= )"
+DEPEND="${RDEPEND}
+ >=sys-devel/autoconf-2.69-r5
+ virtual/rust"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.1_default-config.patch"
+ "${FILESDIR}/${PN}-5.0.6_configure-no-sphinx-pdflatex-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.7_configure-no-hyperscan-automagic.patch"
+)
+
+pkg_pretend() {
+ if use bpf && use kernel_linux; then
+ if kernel_is -lt 4 15; then
+ ewarn "Kernel 4.15 or newer is necessary to use all XDP
features like the CPU redirect map"
+ fi
+
+ CONFIG_CHECK="~XDP_SOCKETS"
+ ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it
impossible for Suricata to load XDP programs. "
+ ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
+ check_extra_config
+ fi
+}
+
+src_prepare() {
+ default
+ sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//'
"${S}/doc/Makefile.am" || die
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ "--localstatedir=/var" \
+ "--runstatedir=/run" \
+ "--enable-non-bundled-htp" \
+ "--enable-gccmarch-native=no" \
+ "--enable-python" \
+ $(use_enable af-packet) \
+ $(use_enable bpf ebpf) \
+
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 80d4d1209925988ef4495aaea68516cf18f07b9d
Author: Marek Szuba gentoo org>
AuthorDate: Mon Apr 25 22:46:00 2022 +
Commit: Marek Szuba gentoo org>
CommitDate: Mon Apr 25 22:57:13 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=80d4d120
net-analyzer/suricata: add 6.0.5
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 1 +
net-analyzer/suricata/suricata-6.0.5.ebuild | 211
2 files changed, 212 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index a1800d4a5d4a..835e03888260 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,3 +1,4 @@
DIST suricata-5.0.8.tar.gz 29272209 BLAKE2B
5c13aea176b477c620d1ed294310ee84ec706abbc740a23d66722297c09b61f253bbe17700cd58f8ce439987c9b13f312aba37d911b6522e4848e7c1b0cd
SHA512
a3b355f158f72ed7b43304069ed81b1ebcb331a9fc3e7cfd2e4d04e33369cec1f654f80a2d3df86af74b631235c49068ff992c8715fe868e5ae6b5aff5642891
DIST suricata-5.0.9.tar.gz 29365601 BLAKE2B
02ab99585233a47b1577e55060ba1141c339718e5bd39b6f4d38bb9384fd459aae353f313083048128507f9023a8bcfea3e5a5bcc9ea0c75cfc9c288ca9db6b6
SHA512
5097bb0d62df05343628579a880eb57182c36c757f707ecaa6c2a8f54e759d8e42357f55630f33bb84e8cd98b783745e1525bdf08ef370754860a3b6aecf2fa4
DIST suricata-6.0.4.tar.gz 32498036 BLAKE2B
083c08ab0878352c425e18184c07866640e5cbe4838749eeb934857bfb486e4b78e7f9ac724289e8ea30b33fe637484cc6da7bc78231e5419b747e22e5a9b6dc
SHA512
8dccea669e50758def06fe3f3e8d5048d76b27a80b5f96a7b56d2ab6e4da358d8b17ec2d764e1b53cc6a1334ee0b14191cc80f5dcf18cc4d804d5c530290adf0
+DIST suricata-6.0.5.tar.gz 32605145 BLAKE2B
6fb85eee9a9e5d97eeed5b55f72230261a5cc9c28f0f6ea0cb39f795e1b0ea9655d7bcc3016812f42adc8a9a18e7234c371e05e907686c54214b29a506b38494
SHA512
8b15a8756846faed4120eef75641a6595d06ec9282a934f4d740bba6d01f08b4e876bf6c53559ab571aba5fab70dcc70d891c82978d6b60ab86ab0ae9660368e
diff --git a/net-analyzer/suricata/suricata-6.0.5.ebuild
b/net-analyzer/suricata/suricata-6.0.5.ebuild
new file mode 100644
index ..1170a44de6b0
--- /dev/null
+++ b/net-analyzer/suricata/suricata-6.0.5.ebuild
@@ -0,0 +1,211 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+LUA_COMPAT=( lua5-1 luajit )
+PYTHON_COMPAT=( python3_{8..10} )
+
+inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
+HOMEPAGE="https://suricata.io/;
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
+
+LICENSE="GPL-2"
+SLOT="0/6"
+KEYWORDS="~amd64 ~riscv ~x86"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
hyperscan lua lz4 nflog +nfqueue redis systemd test"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ bpf? ( af-packet )
+ lua? ( ${LUA_REQUIRED_USE} )"
+
+RDEPEND="${PYTHON_DEPS}
+ acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson:=
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_USEDEP}]
+ ')
+ >=net-libs/libhtp-0.5.40
+ net-libs/libpcap
+ sys-apps/file
+ sys-libs/libcap-ng
+ bpf?( >=dev-libs/libbpf-0.1.0 )
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/libmaxminddb:= )
+ hyperscan? ( dev-libs/hyperscan )
+ lua?( ${LUA_DEPS} )
+ lz4?( app-arch/lz4 )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue?( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis:= )"
+DEPEND="${RDEPEND}
+ >=sys-devel/autoconf-2.69-r5
+ virtual/rust"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.6_configure-no-sphinx-pdflatex-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.7_configure-no-hyperscan-automagic.patch"
+ "${FILESDIR}/${PN}-6.0.0_default-config.patch"
+)
+
+pkg_pretend() {
+ if use bpf && use kernel_linux; then
+ if kernel_is -lt 4 15; then
+ ewarn "Kernel 4.15 or newer is necessary to use all XDP
features like the CPU redirect map"
+ fi
+
+ CONFIG_CHECK="~XDP_SOCKETS"
+ ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it
impossible for Suricata to load XDP programs. "
+ ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
+ check_extra_config
+ fi
+}
+
+src_prepare() {
+ default
+ sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//'
"${S}/doc/Makefile.am" || die
+ eautoreconf
+}
+
+src_configure() {
+ local
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 494e977970384142327ea2dfd7bd0b9bf79e2d23
Author: Sam James gentoo org>
AuthorDate: Wed Mar 23 01:21:47 2022 +
Commit: Sam James gentoo org>
CommitDate: Wed Mar 23 01:21:47 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=494e9779
net-analyzer/suricata: add subslot dep on hiredis
They break ABI liberally.
Signed-off-by: Sam James gentoo.org>
.../suricata/{suricata-5.0.8.ebuild => suricata-5.0.8-r1.ebuild}| 4 ++--
.../suricata/{suricata-6.0.4.ebuild => suricata-6.0.4-r1.ebuild}| 6 +++---
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/net-analyzer/suricata/suricata-5.0.8.ebuild
b/net-analyzer/suricata/suricata-5.0.8-r1.ebuild
similarity index 98%
rename from net-analyzer/suricata/suricata-5.0.8.ebuild
rename to net-analyzer/suricata/suricata-5.0.8-r1.ebuild
index ed531092db95..d2ee545bc674 100644
--- a/net-analyzer/suricata/suricata-5.0.8.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.8-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2021 Gentoo Authors
+# Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
@@ -48,7 +48,7 @@ RDEPEND="${PYTHON_DEPS}
lz4?( app-arch/lz4 )
nflog? ( net-libs/libnetfilter_log )
nfqueue?( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis )"
+ redis? ( dev-libs/hiredis:= )"
DEPEND="${RDEPEND}
>=sys-devel/autoconf-2.69-r5
virtual/rust"
diff --git a/net-analyzer/suricata/suricata-6.0.4.ebuild
b/net-analyzer/suricata/suricata-6.0.4-r1.ebuild
similarity index 98%
rename from net-analyzer/suricata/suricata-6.0.4.ebuild
rename to net-analyzer/suricata/suricata-6.0.4-r1.ebuild
index 398159ce0adf..4404a037f1c3 100644
--- a/net-analyzer/suricata/suricata-6.0.4.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.4-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2021 Gentoo Authors
+# Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
@@ -42,13 +42,13 @@ RDEPEND="${PYTHON_DEPS}
sys-libs/libcap-ng
bpf?( >=dev-libs/libbpf-0.1.0 )
cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/libmaxminddb )
+ geoip? ( dev-libs/libmaxminddb:= )
hyperscan? ( dev-libs/hyperscan )
lua?( ${LUA_DEPS} )
lz4?( app-arch/lz4 )
nflog? ( net-libs/libnetfilter_log )
nfqueue?( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis )"
+ redis? ( dev-libs/hiredis:= )"
DEPEND="${RDEPEND}
>=sys-devel/autoconf-2.69-r5
virtual/rust"
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: b056aee1282fd05f028ff9133fdd2f80dd353d4f
Author: Marek Szuba gentoo org>
AuthorDate: Fri Nov 19 11:56:38 2021 +
Commit: Marek Szuba gentoo org>
CommitDate: Fri Nov 19 14:58:49 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b056aee1
net-analyzer/suricata: add 5.0.8, drop 5.0.7-r2
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 2 +-
.../suricata/{suricata-5.0.7-r2.ebuild => suricata-5.0.8.ebuild}| 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index b50527fd8c9f..f369f3fa3c53 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,2 @@
-DIST suricata-5.0.7.tar.gz 29211384 BLAKE2B
939e672d9df61863c7adcc4bf52f5620e3760f0d6178362828474b1a72c4e3a69bf1ab52a3220c0069ae5a545c56307553c2796166af488a72a2568782a8
SHA512
dce3929c796e04778eb9437bd4c7203aa9dae56be0baa4b7d986d3eedff3bfc71aa2886ecdeed9d87ec3d88cd3060ff8ef01540d15eb857698a2c4696da5899c
+DIST suricata-5.0.8.tar.gz 29272209 BLAKE2B
5c13aea176b477c620d1ed294310ee84ec706abbc740a23d66722297c09b61f253bbe17700cd58f8ce439987c9b13f312aba37d911b6522e4848e7c1b0cd
SHA512
a3b355f158f72ed7b43304069ed81b1ebcb331a9fc3e7cfd2e4d04e33369cec1f654f80a2d3df86af74b631235c49068ff992c8715fe868e5ae6b5aff5642891
DIST suricata-6.0.3.tar.gz 32421197 BLAKE2B
c1b339823f2caab73aeb82f96fb703834cd3ca9f0f60662cf340cbc36734aea47106d49869bd70cf3acb419e954ca37bcd22ad1b2d789597bf36f8fe7ceebe11
SHA512
186b871959988ca7cbd0d69e725aed18af915f93363c7ecc0ffa20d8ad8f50a326be08452d085772b1df84ef25258ef0dd6b35d41b0988cb1c653e60aeb103a2
diff --git a/net-analyzer/suricata/suricata-5.0.7-r2.ebuild
b/net-analyzer/suricata/suricata-5.0.8.ebuild
similarity index 99%
rename from net-analyzer/suricata/suricata-5.0.7-r2.ebuild
rename to net-analyzer/suricata/suricata-5.0.8.ebuild
index 8fb9132b46eb..ed531092db95 100644
--- a/net-analyzer/suricata/suricata-5.0.7-r2.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.8.ebuild
@@ -36,7 +36,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.38
+ >=net-libs/libhtp-0.5.39
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 499df2554ab088ec1b6cc98a74f1efeb2fa77248
Author: Marek Szuba gentoo org>
AuthorDate: Fri Nov 19 11:59:49 2021 +
Commit: Marek Szuba gentoo org>
CommitDate: Fri Nov 19 14:58:50 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=499df255
net-analyzer/suricata: add 6.0.4, drop 6.0.3-r2
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 2 +-
.../suricata/{suricata-6.0.3-r2.ebuild => suricata-6.0.4.ebuild}| 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index f369f3fa3c53..f72537a77d01 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,2 @@
DIST suricata-5.0.8.tar.gz 29272209 BLAKE2B
5c13aea176b477c620d1ed294310ee84ec706abbc740a23d66722297c09b61f253bbe17700cd58f8ce439987c9b13f312aba37d911b6522e4848e7c1b0cd
SHA512
a3b355f158f72ed7b43304069ed81b1ebcb331a9fc3e7cfd2e4d04e33369cec1f654f80a2d3df86af74b631235c49068ff992c8715fe868e5ae6b5aff5642891
-DIST suricata-6.0.3.tar.gz 32421197 BLAKE2B
c1b339823f2caab73aeb82f96fb703834cd3ca9f0f60662cf340cbc36734aea47106d49869bd70cf3acb419e954ca37bcd22ad1b2d789597bf36f8fe7ceebe11
SHA512
186b871959988ca7cbd0d69e725aed18af915f93363c7ecc0ffa20d8ad8f50a326be08452d085772b1df84ef25258ef0dd6b35d41b0988cb1c653e60aeb103a2
+DIST suricata-6.0.4.tar.gz 32498036 BLAKE2B
083c08ab0878352c425e18184c07866640e5cbe4838749eeb934857bfb486e4b78e7f9ac724289e8ea30b33fe637484cc6da7bc78231e5419b747e22e5a9b6dc
SHA512
8dccea669e50758def06fe3f3e8d5048d76b27a80b5f96a7b56d2ab6e4da358d8b17ec2d764e1b53cc6a1334ee0b14191cc80f5dcf18cc4d804d5c530290adf0
diff --git a/net-analyzer/suricata/suricata-6.0.3-r2.ebuild
b/net-analyzer/suricata/suricata-6.0.4.ebuild
similarity index 99%
rename from net-analyzer/suricata/suricata-6.0.3-r2.ebuild
rename to net-analyzer/suricata/suricata-6.0.4.ebuild
index d8e374f6afc6..398159ce0adf 100644
--- a/net-analyzer/suricata/suricata-6.0.3-r2.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.4.ebuild
@@ -36,7 +36,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.38
+ >=net-libs/libhtp-0.5.39
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 6f982349b5961e2e0b4ca96d4db20e92645a62a6
Author: Sam James gentoo org>
AuthorDate: Sat Sep 25 19:03:22 2021 +
Commit: Sam James gentoo org>
CommitDate: Sat Sep 25 19:08:11 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6f982349
net-analyzer/suricata: add libjansson subslot dep
Earlier versions of libjansson lacked symbol versioning, causing crashes.
Bug: https://bugs.gentoo.org/812119
Signed-off-by: Sam James gentoo.org>
.../suricata/{suricata-5.0.7-r1.ebuild => suricata-5.0.7-r2.ebuild} | 2 +-
.../suricata/{suricata-6.0.3-r1.ebuild => suricata-6.0.3-r2.ebuild} | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/suricata-5.0.7-r1.ebuild
b/net-analyzer/suricata/suricata-5.0.7-r2.ebuild
similarity index 99%
rename from net-analyzer/suricata/suricata-5.0.7-r1.ebuild
rename to net-analyzer/suricata/suricata-5.0.7-r2.ebuild
index 58594b6169a..8fb9132b46e 100644
--- a/net-analyzer/suricata/suricata-5.0.7-r1.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.7-r2.ebuild
@@ -26,7 +26,7 @@ REQUIRED_USE="${PYTHON_REQUIRED_USE}
RDEPEND="${PYTHON_DEPS}
acct-group/suricata
acct-user/suricata
- dev-libs/jansson
+ dev-libs/jansson:=
dev-libs/libpcre
dev-libs/libyaml
net-libs/libnet:*
diff --git a/net-analyzer/suricata/suricata-6.0.3-r1.ebuild
b/net-analyzer/suricata/suricata-6.0.3-r2.ebuild
similarity index 99%
rename from net-analyzer/suricata/suricata-6.0.3-r1.ebuild
rename to net-analyzer/suricata/suricata-6.0.3-r2.ebuild
index 29b2cdff3c0..d8e374f6afc 100644
--- a/net-analyzer/suricata/suricata-6.0.3-r1.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.3-r2.ebuild
@@ -26,7 +26,7 @@ REQUIRED_USE="${PYTHON_REQUIRED_USE}
RDEPEND="${PYTHON_DEPS}
acct-group/suricata
acct-user/suricata
- dev-libs/jansson
+ dev-libs/jansson:=
dev-libs/libpcre
dev-libs/libyaml
net-libs/libnet:*
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/files/, net-analyzer/suricata/
commit: 006177dd01fe7fa3b6dbe378189b0cba1e9e69ee
Author: Marek Szuba gentoo org>
AuthorDate: Fri Sep 3 12:28:57 2021 +
Commit: Marek Szuba gentoo org>
CommitDate: Fri Sep 3 12:28:57 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=006177dd
net-analyzer/suricata: get rid of dev-libs/hyperscan automagic
Signed-off-by: Marek Szuba gentoo.org>
...ta-5.0.7_configure-no-hyperscan-automagic.patch | 24 ++
net-analyzer/suricata/suricata-5.0.7-r1.ebuild | 3 ++-
net-analyzer/suricata/suricata-6.0.3-r1.ebuild | 3 ++-
3 files changed, 28 insertions(+), 2 deletions(-)
diff --git
a/net-analyzer/suricata/files/suricata-5.0.7_configure-no-hyperscan-automagic.patch
b/net-analyzer/suricata/files/suricata-5.0.7_configure-no-hyperscan-automagic.patch
new file mode 100644
index 000..69a857408ee
--- /dev/null
+++
b/net-analyzer/suricata/files/suricata-5.0.7_configure-no-hyperscan-automagic.patch
@@ -0,0 +1,24 @@
+--- a/configure.ac
b/configure.ac
+@@ -729,8 +729,11 @@
+ fi
+
+ # libhs
+-enable_hyperscan="no"
+-
++AC_ARG_ENABLE(hyperscan,
++ AS_HELP_STRING([--enable-hyperscan], [Enable high-performance
regex matching with hyperscan]),
++ [enable_hyperscan=$enableval],
++ [enable_hyperscan=no])
++if test "x$enable_hyperscan" != "xno"; then
+ # Try pkg-config first:
+ PKG_CHECK_MODULES([libhs], libhs,, [with_pkgconfig_libhs=no])
+ if test "$with_pkgconfig_libhs" != "no"; then
+@@ -765,6 +768,7 @@
+ enable_hyperscan="no"
+ fi
+ fi
++fi
+ AS_IF([test "x$enable_hyperscan" = "xyes"], [AC_DEFINE([BUILD_HYPERSCAN],
[1], [Intel Hyperscan support enabled])])
+
+ # libyaml
diff --git a/net-analyzer/suricata/suricata-5.0.7-r1.ebuild
b/net-analyzer/suricata/suricata-5.0.7-r1.ebuild
index 8d11af4dcc5..58594b6169a 100644
--- a/net-analyzer/suricata/suricata-5.0.7-r1.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.7-r1.ebuild
@@ -53,11 +53,11 @@ DEPEND="${RDEPEND}
>=sys-devel/autoconf-2.69-r5
virtual/rust"
-# TODO: get rid of hyperscan automagic as well
PATCHES=(
"${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
"${FILESDIR}/${PN}-5.0.1_default-config.patch"
"${FILESDIR}/${PN}-5.0.6_configure-no-sphinx-pdflatex-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.7_configure-no-hyperscan-automagic.patch"
)
pkg_pretend() {
@@ -94,6 +94,7 @@ src_configure() {
$(use_enable geoip) \
$(use_enable hardened gccprotect) \
$(use_enable hardened pie) \
+ $(use_enable hyperscan) \
$(use_enable lz4) \
$(use_enable nflog) \
$(use_enable nfqueue) \
diff --git a/net-analyzer/suricata/suricata-6.0.3-r1.ebuild
b/net-analyzer/suricata/suricata-6.0.3-r1.ebuild
index 64dd427cc0d..29b2cdff3c0 100644
--- a/net-analyzer/suricata/suricata-6.0.3-r1.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.3-r1.ebuild
@@ -53,10 +53,10 @@ DEPEND="${RDEPEND}
>=sys-devel/autoconf-2.69-r5
virtual/rust"
-# TODO: get rid of hyperscan automagic as well
PATCHES=(
"${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
"${FILESDIR}/${PN}-5.0.6_configure-no-sphinx-pdflatex-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.7_configure-no-hyperscan-automagic.patch"
"${FILESDIR}/${PN}-6.0.0_default-config.patch"
)
@@ -94,6 +94,7 @@ src_configure() {
$(use_enable geoip) \
$(use_enable hardened gccprotect) \
$(use_enable hardened pie) \
+ $(use_enable hyperscan) \
$(use_enable lz4) \
$(use_enable nflog) \
$(use_enable nfqueue) \
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: a8a3cbd2d2b367b5cae15ce5545c1041b7e7a6c9
Author: Marek Szuba gentoo org>
AuthorDate: Fri Sep 3 12:13:38 2021 +
Commit: Marek Szuba gentoo org>
CommitDate: Fri Sep 3 12:15:30 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a8a3cbd2
net-analyzer/suricata: add TODO note about hyperscan automagic
Even with USE=-hyperscan, if dev-libs/hyperscan is present at configure
time it is pulled in. Same deal as with lz4 earlier.
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/suricata-5.0.7-r1.ebuild | 1 +
net-analyzer/suricata/suricata-6.0.3-r1.ebuild | 1 +
2 files changed, 2 insertions(+)
diff --git a/net-analyzer/suricata/suricata-5.0.7-r1.ebuild
b/net-analyzer/suricata/suricata-5.0.7-r1.ebuild
index eed3b8e26ae..8d11af4dcc5 100644
--- a/net-analyzer/suricata/suricata-5.0.7-r1.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.7-r1.ebuild
@@ -53,6 +53,7 @@ DEPEND="${RDEPEND}
>=sys-devel/autoconf-2.69-r5
virtual/rust"
+# TODO: get rid of hyperscan automagic as well
PATCHES=(
"${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
"${FILESDIR}/${PN}-5.0.1_default-config.patch"
diff --git a/net-analyzer/suricata/suricata-6.0.3-r1.ebuild
b/net-analyzer/suricata/suricata-6.0.3-r1.ebuild
index fae8b5b7a3f..64dd427cc0d 100644
--- a/net-analyzer/suricata/suricata-6.0.3-r1.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.3-r1.ebuild
@@ -53,6 +53,7 @@ DEPEND="${RDEPEND}
>=sys-devel/autoconf-2.69-r5
virtual/rust"
+# TODO: get rid of hyperscan automagic as well
PATCHES=(
"${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
"${FILESDIR}/${PN}-5.0.6_configure-no-sphinx-pdflatex-automagic.patch"
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 0c78c2e5256c800d5e1538aec8891dfdbcb31b7f
Author: Jonathan Davies protonmail com>
AuthorDate: Fri Sep 3 00:00:02 2021 +
Commit: Marek Szuba gentoo org>
CommitDate: Fri Sep 3 12:15:28 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0c78c2e5
net-analyzer/suricata: Add hyperscan USE flag.
Signed-off-by: Jonathan Davies protonmail.com>
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/metadata.xml | 1 +
.../suricata/{suricata-5.0.7.ebuild => suricata-5.0.7-r1.ebuild} | 3 ++-
.../suricata/{suricata-6.0.3.ebuild => suricata-6.0.3-r1.ebuild} | 3 ++-
3 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/metadata.xml
b/net-analyzer/suricata/metadata.xml
index 87689ee5189..36501eaa4f5 100644
--- a/net-analyzer/suricata/metadata.xml
+++ b/net-analyzer/suricata/metadata.xml
@@ -12,6 +12,7 @@
Enable unix socket
Enable NVIDIA Cuda computations support
Enable detection modules
+Enable high-performance regex matching with
Hyperscan
Enable support for compressed pcap logging using the LZ4
algorithm
Enable libnetfilter_log support
Enable NFQUEUE support for inline IDP
diff --git a/net-analyzer/suricata/suricata-5.0.7.ebuild
b/net-analyzer/suricata/suricata-5.0.7-r1.ebuild
similarity index 98%
rename from net-analyzer/suricata/suricata-5.0.7.ebuild
rename to net-analyzer/suricata/suricata-5.0.7-r1.ebuild
index b2e2f7e436d..eed3b8e26ae 100644
--- a/net-analyzer/suricata/suricata-5.0.7.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.7-r1.ebuild
@@ -15,7 +15,7 @@
SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
LICENSE="GPL-2"
SLOT="0/5"
KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened lua
lz4 nflog +nfqueue redis systemd test"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
hyperscan lua lz4 nflog +nfqueue redis systemd test"
RESTRICT="!test? ( test )"
@@ -43,6 +43,7 @@ RDEPEND="${PYTHON_DEPS}
bpf?( >=dev-libs/libbpf-0.1.0 )
cuda? ( dev-util/nvidia-cuda-toolkit )
geoip? ( dev-libs/libmaxminddb )
+ hyperscan? ( dev-libs/hyperscan )
lua?( ${LUA_DEPS} )
lz4?( app-arch/lz4 )
nflog? ( net-libs/libnetfilter_log )
diff --git a/net-analyzer/suricata/suricata-6.0.3.ebuild
b/net-analyzer/suricata/suricata-6.0.3-r1.ebuild
similarity index 98%
rename from net-analyzer/suricata/suricata-6.0.3.ebuild
rename to net-analyzer/suricata/suricata-6.0.3-r1.ebuild
index 7e48fc1c6d5..fae8b5b7a3f 100644
--- a/net-analyzer/suricata/suricata-6.0.3.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.3-r1.ebuild
@@ -15,7 +15,7 @@
SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
LICENSE="GPL-2"
SLOT="0/6"
KEYWORDS="~amd64 ~riscv ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened lua
lz4 nflog +nfqueue redis systemd test"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
hyperscan lua lz4 nflog +nfqueue redis systemd test"
RESTRICT="!test? ( test )"
@@ -43,6 +43,7 @@ RDEPEND="${PYTHON_DEPS}
bpf?( >=dev-libs/libbpf-0.1.0 )
cuda? ( dev-util/nvidia-cuda-toolkit )
geoip? ( dev-libs/libmaxminddb )
+ hyperscan? ( dev-libs/hyperscan )
lua?( ${LUA_DEPS} )
lz4?( app-arch/lz4 )
nflog? ( net-libs/libnetfilter_log )
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 3534f1f4d94222a87764e9da0dfeecd7af1ebc02
Author: Marek Szuba gentoo org>
AuthorDate: Mon Aug 23 21:28:43 2021 +
Commit: Marek Szuba gentoo org>
CommitDate: Mon Aug 23 21:29:09 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3534f1f4
net-analyzer/suricata: keyword 6.0.3 for ~riscv
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/suricata-6.0.3.ebuild | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/suricata-6.0.3.ebuild
b/net-analyzer/suricata/suricata-6.0.3.ebuild
index 6b5b71ffe43..7e48fc1c6d5 100644
--- a/net-analyzer/suricata/suricata-6.0.3.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.3.ebuild
@@ -14,7 +14,7 @@
SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
LICENSE="GPL-2"
SLOT="0/6"
-KEYWORDS="~amd64 ~x86"
+KEYWORDS="~amd64 ~riscv ~x86"
IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened lua
lz4 nflog +nfqueue redis systemd test"
RESTRICT="!test? ( test )"
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 54b4acb81dc95c75a9ed8c521dfed50bd9cefa12
Author: Marek Szuba gentoo org>
AuthorDate: Sun Jul 25 20:54:56 2021 +
Commit: Marek Szuba gentoo org>
CommitDate: Sun Jul 25 20:58:41 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=54b4acb8
net-analyzer/suricata: install logrotate files unconditionally
No revbump in order to avoid forcing everyone to reinstall.
Suggested-by: Sam James gentoo.org>
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/metadata.xml | 1 -
net-analyzer/suricata/suricata-5.0.7.ebuild | 11 ---
net-analyzer/suricata/suricata-6.0.3.ebuild | 11 ---
3 files changed, 8 insertions(+), 15 deletions(-)
diff --git a/net-analyzer/suricata/metadata.xml
b/net-analyzer/suricata/metadata.xml
index 457a2fbd2e8..87689ee5189 100644
--- a/net-analyzer/suricata/metadata.xml
+++ b/net-analyzer/suricata/metadata.xml
@@ -12,7 +12,6 @@
Enable unix socket
Enable NVIDIA Cuda computations support
Enable detection modules
-Install logrotate rule
Enable support for compressed pcap logging using the LZ4
algorithm
Enable libnetfilter_log support
Enable NFQUEUE support for inline IDP
diff --git a/net-analyzer/suricata/suricata-5.0.7.ebuild
b/net-analyzer/suricata/suricata-5.0.7.ebuild
index d8e5826ae3a..50b8ba84db3 100644
--- a/net-analyzer/suricata/suricata-5.0.7.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.7.ebuild
@@ -15,7 +15,7 @@
SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
LICENSE="GPL-2"
SLOT="0/5"
KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
logrotate lua lz4 nflog +nfqueue redis systemd test"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened lua
lz4 nflog +nfqueue redis systemd test"
RESTRICT="!test? ( test )"
@@ -43,7 +43,6 @@ RDEPEND="${PYTHON_DEPS}
bpf?( >=dev-libs/libbpf-0.1.0 )
cuda? ( dev-util/nvidia-cuda-toolkit )
geoip? ( dev-libs/libmaxminddb )
- logrotate? ( app-admin/logrotate )
lua?( ${LUA_DEPS} )
lz4?( app-arch/lz4 )
nflog? ( net-libs/libnetfilter_log )
@@ -142,11 +141,9 @@ src_install() {
systemd_dounit "${FILESDIR}"/${PN}.service
newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
- if use logrotate; then
- insopts -m0644
- insinto /etc/logrotate.d
- newins etc/${PN}.logrotate ${PN}
- fi
+ insopts -m0644
+ insinto /etc/logrotate.d
+ newins etc/${PN}.logrotate ${PN}
}
pkg_postinst() {
diff --git a/net-analyzer/suricata/suricata-6.0.3.ebuild
b/net-analyzer/suricata/suricata-6.0.3.ebuild
index da57e2c8b34..c6dfbc4f14b 100644
--- a/net-analyzer/suricata/suricata-6.0.3.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.3.ebuild
@@ -15,7 +15,7 @@
SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
LICENSE="GPL-2"
SLOT="0/6"
KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
logrotate lua lz4 nflog +nfqueue redis systemd test"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened lua
lz4 nflog +nfqueue redis systemd test"
RESTRICT="!test? ( test )"
@@ -43,7 +43,6 @@ RDEPEND="${PYTHON_DEPS}
bpf?( >=dev-libs/libbpf-0.1.0 )
cuda? ( dev-util/nvidia-cuda-toolkit )
geoip? ( dev-libs/libmaxminddb )
- logrotate? ( app-admin/logrotate )
lua?( ${LUA_DEPS} )
lz4?( app-arch/lz4 )
nflog? ( net-libs/libnetfilter_log )
@@ -142,11 +141,9 @@ src_install() {
systemd_dounit "${FILESDIR}"/${PN}.service
newtmpfiles "${FILESDIR}"/${PN}.tmpfiles ${PN}.conf
- if use logrotate; then
- insopts -m0644
- insinto /etc/logrotate.d
- newins etc/${PN}.logrotate ${PN}
- fi
+ insopts -m0644
+ insinto /etc/logrotate.d
+ newins etc/${PN}.logrotate ${PN}
}
pkg_postinst() {
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 8d163145761f32befd627eb7dbeafa75fe577be7
Author: Marek Szuba gentoo org>
AuthorDate: Thu Jul 1 09:41:25 2021 +
Commit: Marek Szuba gentoo org>
CommitDate: Thu Jul 1 09:41:25 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8d163145
net-analyzer/suricata: add 5.0.7, drop 5.0.6
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest| 2 +-
.../suricata/{suricata-5.0.6.ebuild => suricata-5.0.7.ebuild} | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 24be5f65d70..80b973ee171 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,2 @@
-DIST suricata-5.0.6.tar.gz 29136659 BLAKE2B
97d95cadd54d44bd82424322c08ad04be2122cdae5763995f7aefe4a75872091dd7d289e89e47a5ad9fbce570964f11331d848db7fe7ec4c2be9a0f8b62fadff
SHA512
73580721683f929a90b6b59673842c051fe44ee7b8d8d890106aad09952d5b8a8f3716f168c41b33feb5c32e0106f5926125313cc11b27bc5a9c65e90b21888f
+DIST suricata-5.0.7.tar.gz 29211384 BLAKE2B
939e672d9df61863c7adcc4bf52f5620e3760f0d6178362828474b1a72c4e3a69bf1ab52a3220c0069ae5a545c56307553c2796166af488a72a2568782a8
SHA512
dce3929c796e04778eb9437bd4c7203aa9dae56be0baa4b7d986d3eedff3bfc71aa2886ecdeed9d87ec3d88cd3060ff8ef01540d15eb857698a2c4696da5899c
DIST suricata-6.0.2.tar.gz 30514801 BLAKE2B
20604fa3332a9d99a1a30db55a0ccd689af0e08e686cd6739d6c4390456acc28d34702704f7e25537463b0c23600d123de361a227f9ef2420ee5c2b11df2866a
SHA512
230a74a5442cfa066c56528036b64c173702238c5075161119eaad08d320e528d3510c51095297f120030177fed9c84076d00f567f7a3a4cbdb23d382966cf00
diff --git a/net-analyzer/suricata/suricata-5.0.6.ebuild
b/net-analyzer/suricata/suricata-5.0.7.ebuild
similarity index 99%
rename from net-analyzer/suricata/suricata-5.0.6.ebuild
rename to net-analyzer/suricata/suricata-5.0.7.ebuild
index a48eacb1a1e..d8e5826ae3a 100644
--- a/net-analyzer/suricata/suricata-5.0.6.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.7.ebuild
@@ -4,7 +4,7 @@
EAPI=7
LUA_COMPAT=( lua5-1 luajit )
-PYTHON_COMPAT=( python3_{7..10} )
+PYTHON_COMPAT=( python3_{8..10} )
inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
@@ -36,7 +36,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.37
+ >=net-libs/libhtp-0.5.38
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 506079cafa0b3a1417ba678192df931c24d98c41
Author: Marek Szuba gentoo org>
AuthorDate: Thu Jul 1 09:46:04 2021 +
Commit: Marek Szuba gentoo org>
CommitDate: Thu Jul 1 09:46:11 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=506079ca
net-analyzer/suricata: add 6.0.3, drop 6.0.2
Now with rust-1.53 compatibility and without CVE-2021-35063.
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 2 +-
.../{suricata-6.0.2.ebuild => suricata-6.0.3.ebuild} | 18 +++---
2 files changed, 4 insertions(+), 16 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 80b973ee171..b50527fd8c9 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,2 @@
DIST suricata-5.0.7.tar.gz 29211384 BLAKE2B
939e672d9df61863c7adcc4bf52f5620e3760f0d6178362828474b1a72c4e3a69bf1ab52a3220c0069ae5a545c56307553c2796166af488a72a2568782a8
SHA512
dce3929c796e04778eb9437bd4c7203aa9dae56be0baa4b7d986d3eedff3bfc71aa2886ecdeed9d87ec3d88cd3060ff8ef01540d15eb857698a2c4696da5899c
-DIST suricata-6.0.2.tar.gz 30514801 BLAKE2B
20604fa3332a9d99a1a30db55a0ccd689af0e08e686cd6739d6c4390456acc28d34702704f7e25537463b0c23600d123de361a227f9ef2420ee5c2b11df2866a
SHA512
230a74a5442cfa066c56528036b64c173702238c5075161119eaad08d320e528d3510c51095297f120030177fed9c84076d00f567f7a3a4cbdb23d382966cf00
+DIST suricata-6.0.3.tar.gz 32421197 BLAKE2B
c1b339823f2caab73aeb82f96fb703834cd3ca9f0f60662cf340cbc36734aea47106d49869bd70cf3acb419e954ca37bcd22ad1b2d789597bf36f8fe7ceebe11
SHA512
186b871959988ca7cbd0d69e725aed18af915f93363c7ecc0ffa20d8ad8f50a326be08452d085772b1df84ef25258ef0dd6b35d41b0988cb1c653e60aeb103a2
diff --git a/net-analyzer/suricata/suricata-6.0.2.ebuild
b/net-analyzer/suricata/suricata-6.0.3.ebuild
similarity index 88%
rename from net-analyzer/suricata/suricata-6.0.2.ebuild
rename to net-analyzer/suricata/suricata-6.0.3.ebuild
index 5a9b9a7ab1a..da57e2c8b34 100644
--- a/net-analyzer/suricata/suricata-6.0.2.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.3.ebuild
@@ -4,7 +4,7 @@
EAPI=7
LUA_COMPAT=( lua5-1 luajit )
-PYTHON_COMPAT=( python3_{7..10} )
+PYTHON_COMPAT=( python3_{8..10} )
inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
@@ -36,7 +36,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.37
+ >=net-libs/libhtp-0.5.38
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
@@ -51,7 +51,7 @@ RDEPEND="${PYTHON_DEPS}
redis? ( dev-libs/hiredis )"
DEPEND="${RDEPEND}
>=sys-devel/autoconf-2.69-r5
- /dev/null | grep -F -- 'release:' |
awk '{ print $2 }')
- [[ -z ${version_rust} ]] && die "Failed to read version from rustc!"
- if ver_test "${version_rust}" -ge "1.53.0"; then
- eerror "This version of ${PN} does not support Rust 1.53.0+.
Please switch to an older version using"
- eerror "eselect rust"
- eerror "before emerging ${PN}."
- die "Unsupported version of Rust selected"
- fi
-
if use bpf && use kernel_linux; then
if kernel_is -lt 4 15; then
ewarn "Kernel 4.15 or newer is necessary to use all XDP
features like the CPU redirect map"
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 7a2e9ee518178d40409d8d27384ac0c84b2b3ae9
Author: Marek Szuba gentoo org>
AuthorDate: Mon Jun 21 15:59:50 2021 +
Commit: Marek Szuba gentoo org>
CommitDate: Mon Jun 21 16:03:38 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7a2e9ee5
net-analyzer/suricata: limit version of currently selected rust
While simply limiting the version of virtual/rust in dependencies is
likely enough for most users at present, if someone has got both rust
and rust-bin emerged the virtual will only affect the version of one of
them - and it is possible that the version currently set as active
by "eselect rust" is not a supported one.
Closes: https://bugs.gentoo.org/797370
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/suricata-6.0.2.ebuild | 14 +-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/suricata-6.0.2.ebuild
b/net-analyzer/suricata/suricata-6.0.2.ebuild
index 739d881823d..5a9b9a7ab1a 100644
--- a/net-analyzer/suricata/suricata-6.0.2.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.2.ebuild
@@ -51,7 +51,7 @@ RDEPEND="${PYTHON_DEPS}
redis? ( dev-libs/hiredis )"
DEPEND="${RDEPEND}
>=sys-devel/autoconf-2.69-r5
- /dev/null | grep -F -- 'release:' |
awk '{ print $2 }')
+ [[ -z ${version_rust} ]] && die "Failed to read version from rustc!"
+ if ver_test "${version_rust}" -ge "1.53.0"; then
+ eerror "This version of ${PN} does not support Rust 1.53.0+.
Please switch to an older version using"
+ eerror "eselect rust"
+ eerror "before emerging ${PN}."
+ die "Unsupported version of Rust selected"
+ fi
+
if use bpf && use kernel_linux; then
if kernel_is -lt 4 15; then
ewarn "Kernel 4.15 or newer is necessary to use all XDP
features like the CPU redirect map"
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 0ba3e306a8c728ad5eaf3e2577859e57820bd28e
Author: Marek Szuba gentoo org>
AuthorDate: Mon Jun 21 14:41:53 2021 +
Commit: Marek Szuba gentoo org>
CommitDate: Mon Jun 21 14:54:16 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0ba3e306
net-analyzer/suricata-6.0.2: restrict Rust version
The bundled lexical-core-0.6.7 is not compatible with rust-1.53 due to
stabilisation of ::BITS, see
https://github.com/rust-lang/rust/issues/81654 . Already fixed by
lexical-core upstream (in version 0.7.5) but I haven't had much luck
backporting this to 0.6.7.
Suricata-5 is not affected because it doesn't use this Rust module.
Closes: https://bugs.gentoo.org/797370
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/suricata-6.0.2.ebuild | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/suricata-6.0.2.ebuild
b/net-analyzer/suricata/suricata-6.0.2.ebuild
index ac72587b971..0ffe354ceb0 100644
--- a/net-analyzer/suricata/suricata-6.0.2.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.2.ebuild
@@ -51,7 +51,7 @@ RDEPEND="${PYTHON_DEPS}
redis? ( dev-libs/hiredis )"
DEPEND="${RDEPEND}
>=sys-devel/autoconf-2.69-r5
- virtual/rust"
+
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 7eabf62a749bd0028ddeb4774030d5c738025f50
Author: Marek Szuba gentoo org>
AuthorDate: Mon Jun 21 14:53:48 2021 +
Commit: Marek Szuba gentoo org>
CommitDate: Mon Jun 21 14:54:20 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7eabf62a
net-analyzer/suricata: update HOMEPAGE
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/suricata-5.0.6.ebuild | 2 +-
net-analyzer/suricata/suricata-6.0.2.ebuild | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/suricata-5.0.6.ebuild
b/net-analyzer/suricata/suricata-5.0.6.ebuild
index ac0387dc315..a48eacb1a1e 100644
--- a/net-analyzer/suricata/suricata-5.0.6.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.6.ebuild
@@ -9,7 +9,7 @@ PYTHON_COMPAT=( python3_{7..10} )
inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
-HOMEPAGE="https://suricata-ids.org/;
+HOMEPAGE="https://suricata.io/;
SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
LICENSE="GPL-2"
diff --git a/net-analyzer/suricata/suricata-6.0.2.ebuild
b/net-analyzer/suricata/suricata-6.0.2.ebuild
index 0ffe354ceb0..739d881823d 100644
--- a/net-analyzer/suricata/suricata-6.0.2.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.2.ebuild
@@ -9,7 +9,7 @@ PYTHON_COMPAT=( python3_{7..10} )
inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
-HOMEPAGE="https://suricata-ids.org/;
+HOMEPAGE="https://suricata.io/;
SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
LICENSE="GPL-2"
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 1c381489bdc4603c9447884f1b5748994792b2b9
Author: Marek Szuba gentoo org>
AuthorDate: Mon May 17 16:12:56 2021 +
Commit: Marek Szuba gentoo org>
CommitDate: Mon May 17 16:15:16 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1c381489
net-analyzer/suricata: support python3_10
Build, test and install fine, Python tools such as suricatactl or
suricata-update appear to function properly too.
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/suricata-5.0.6.ebuild | 2 +-
net-analyzer/suricata/suricata-6.0.2.ebuild | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/suricata-5.0.6.ebuild
b/net-analyzer/suricata/suricata-5.0.6.ebuild
index defd0c6f7f8..ac0387dc315 100644
--- a/net-analyzer/suricata/suricata-5.0.6.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.6.ebuild
@@ -4,7 +4,7 @@
EAPI=7
LUA_COMPAT=( lua5-1 luajit )
-PYTHON_COMPAT=( python3_{7..9} )
+PYTHON_COMPAT=( python3_{7..10} )
inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
diff --git a/net-analyzer/suricata/suricata-6.0.2.ebuild
b/net-analyzer/suricata/suricata-6.0.2.ebuild
index 061242b9a52..ac72587b971 100644
--- a/net-analyzer/suricata/suricata-6.0.2.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.2.ebuild
@@ -4,7 +4,7 @@
EAPI=7
LUA_COMPAT=( lua5-1 luajit )
-PYTHON_COMPAT=( python3_{7..9} )
+PYTHON_COMPAT=( python3_{7..10} )
inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/files/, net-analyzer/suricata/
commit: b4dd6303339ca68635747819b7fb67fb34390c61
Author: Marek Szuba gentoo org>
AuthorDate: Tue May 11 22:00:57 2021 +
Commit: Marek Szuba gentoo org>
CommitDate: Tue May 11 22:07:18 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b4dd6303
net-analyzer/suricata: leave sphinx-build and pdflatex alone
Upstream build scripts look for the two and if they are present, attempt
to generate documentation. Automagic aside, this presently only works
with Sphinx versions older than 4.0.0 - and in any case release tarballs
include both PDF guides and man pages.
Closes: https://bugs.gentoo.org/789528
Signed-off-by: Marek Szuba gentoo.org>
6_configure-no-sphinx-pdflatex-automagic.patch | 26 ++
net-analyzer/suricata/suricata-5.0.6.ebuild| 1 +
net-analyzer/suricata/suricata-6.0.2.ebuild| 1 +
3 files changed, 28 insertions(+)
diff --git
a/net-analyzer/suricata/files/suricata-5.0.6_configure-no-sphinx-pdflatex-automagic.patch
b/net-analyzer/suricata/files/suricata-5.0.6_configure-no-sphinx-pdflatex-automagic.patch
new file mode 100644
index 000..be5805e67f8
--- /dev/null
+++
b/net-analyzer/suricata/files/suricata-5.0.6_configure-no-sphinx-pdflatex-automagic.patch
@@ -0,0 +1,26 @@
+No configure options to disable looking for these, redundant for releases
+because the tarballs already contain both PDF documentation and man pages,
+and as of 2021-05-11 doc generation is not compatible with sphinx-4.0.0+
+due to conf.py calling long-deprecated app.add_stylesheet() rather
+than app.add_css_file().
+
+--- a/configure.ac
b/configure.ac
+@@ -2423,7 +2423,7 @@
+ fi
+
+ # sphinx for documentation
+-AC_PATH_PROG(HAVE_SPHINXBUILD, sphinx-build, "no")
++HAVE_SPHINXBUILD="no"
+ if test "$HAVE_SPHINXBUILD" = "no"; then
+enable_sphinxbuild=no
+if test -e "$srcdir/doc/userguide/suricata.1"; then
+@@ -2434,7 +2434,7 @@
+ AM_CONDITIONAL([HAVE_SURICATA_MAN], [test "x$have_suricata_man" = "xyes"])
+
+ # pdflatex for the pdf version of the user manual
+-AC_PATH_PROG(HAVE_PDFLATEX, pdflatex, "no")
++HAVE_PDFLATEX="no"
+ if test "$HAVE_PDFLATEX" = "no"; then
+enable_pdflatex=no
+ fi
diff --git a/net-analyzer/suricata/suricata-5.0.6.ebuild
b/net-analyzer/suricata/suricata-5.0.6.ebuild
index 46d1458df40..defd0c6f7f8 100644
--- a/net-analyzer/suricata/suricata-5.0.6.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.6.ebuild
@@ -56,6 +56,7 @@ DEPEND="${RDEPEND}
PATCHES=(
"${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
"${FILESDIR}/${PN}-5.0.1_default-config.patch"
+ "${FILESDIR}/${PN}-5.0.6_configure-no-sphinx-pdflatex-automagic.patch"
)
pkg_pretend() {
diff --git a/net-analyzer/suricata/suricata-6.0.2.ebuild
b/net-analyzer/suricata/suricata-6.0.2.ebuild
index 7171dc94415..061242b9a52 100644
--- a/net-analyzer/suricata/suricata-6.0.2.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.2.ebuild
@@ -55,6 +55,7 @@ DEPEND="${RDEPEND}
PATCHES=(
"${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.6_configure-no-sphinx-pdflatex-automagic.patch"
"${FILESDIR}/${PN}-6.0.0_default-config.patch"
)
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 3859b4a949038ff5d333dc68b1d2c49b11cefffe
Author: Sam James gentoo org>
AuthorDate: Sat Apr 3 19:20:03 2021 +
Commit: Sam James gentoo org>
CommitDate: Sat Apr 3 19:52:57 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3859b4a9
net-analyzer/suricata: flag-o-matic--, missing die
Signed-off-by: Sam James gentoo.org>
net-analyzer/suricata/suricata-5.0.6.ebuild | 4 ++--
net-analyzer/suricata/suricata-6.0.2.ebuild | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/net-analyzer/suricata/suricata-5.0.6.ebuild
b/net-analyzer/suricata/suricata-5.0.6.ebuild
index b3efab9fb84..46d1458df40 100644
--- a/net-analyzer/suricata/suricata-5.0.6.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.6.ebuild
@@ -6,7 +6,7 @@ EAPI=7
LUA_COMPAT=( lua5-1 luajit )
PYTHON_COMPAT=( python3_{7..9} )
-inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd
tmpfiles
+inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
HOMEPAGE="https://suricata-ids.org/;
@@ -121,7 +121,7 @@ src_install() {
python_optimize
if use bpf; then
- rm -f ebpf/Makefile.{am,in}
+ rm -f ebpf/Makefile.{am,in} || die
dodoc -r ebpf/
keepdir /usr/libexec/suricata/ebpf
fi
diff --git a/net-analyzer/suricata/suricata-6.0.2.ebuild
b/net-analyzer/suricata/suricata-6.0.2.ebuild
index 18b52aaae03..7171dc94415 100644
--- a/net-analyzer/suricata/suricata-6.0.2.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.2.ebuild
@@ -6,7 +6,7 @@ EAPI=7
LUA_COMPAT=( lua5-1 luajit )
PYTHON_COMPAT=( python3_{7..9} )
-inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd
tmpfiles
+inherit autotools linux-info lua-single python-single-r1 systemd tmpfiles
DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
HOMEPAGE="https://suricata-ids.org/;
@@ -121,7 +121,7 @@ src_install() {
python_optimize
if use bpf; then
- rm -f ebpf/Makefile.{am,in}
+ rm -f ebpf/Makefile.{am,in} || die
dodoc -r ebpf/
keepdir /usr/libexec/suricata/ebpf
fi
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 42768b1b5f4c1873cf7c13af37d4cf79dbc2ff7a
Author: Marek Szuba gentoo org>
AuthorDate: Thu Mar 4 14:12:03 2021 +
Commit: Marek Szuba gentoo org>
CommitDate: Thu Mar 4 14:47:15 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=42768b1b
net-analyzer/suricata: bump v6 to 6.0.2
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 2 +-
.../suricata/{suricata-6.0.1-r100.ebuild => suricata-6.0.2.ebuild} | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 9cc78dd7d9a..24be5f65d70 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,2 @@
DIST suricata-5.0.6.tar.gz 29136659 BLAKE2B
97d95cadd54d44bd82424322c08ad04be2122cdae5763995f7aefe4a75872091dd7d289e89e47a5ad9fbce570964f11331d848db7fe7ec4c2be9a0f8b62fadff
SHA512
73580721683f929a90b6b59673842c051fe44ee7b8d8d890106aad09952d5b8a8f3716f168c41b33feb5c32e0106f5926125313cc11b27bc5a9c65e90b21888f
-DIST suricata-6.0.1.tar.gz 30460439 BLAKE2B
55a24fa2f653a0a80f51e1ab102bb7046bd1f67d60c64c139b485086f4d8e0f5db58906bc33a7b5bdb76ba37b8206ded99b08034c4c292cf16d595bcafc7acc0
SHA512
be57150afc238b6627731e4463297e67469b66241779f5af3d1bd93bfad4fde41a5371298b54a06c7c3ea324e5642753ca57900173989ac738d663a85e9c33f4
+DIST suricata-6.0.2.tar.gz 30514801 BLAKE2B
20604fa3332a9d99a1a30db55a0ccd689af0e08e686cd6739d6c4390456acc28d34702704f7e25537463b0c23600d123de361a227f9ef2420ee5c2b11df2866a
SHA512
230a74a5442cfa066c56528036b64c173702238c5075161119eaad08d320e528d3510c51095297f120030177fed9c84076d00f567f7a3a4cbdb23d382966cf00
diff --git a/net-analyzer/suricata/suricata-6.0.1-r100.ebuild
b/net-analyzer/suricata/suricata-6.0.2.ebuild
similarity index 98%
rename from net-analyzer/suricata/suricata-6.0.1-r100.ebuild
rename to net-analyzer/suricata/suricata-6.0.2.ebuild
index 64ce2211725..028ea37b43e 100644
--- a/net-analyzer/suricata/suricata-6.0.1-r100.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.2.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2020 Gentoo Authors
+# Copyright 1999-2021 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
@@ -13,7 +13,7 @@ HOMEPAGE="https://suricata-ids.org/;
SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
LICENSE="GPL-2"
-SLOT="0"
+SLOT="0/6"
KEYWORDS="~amd64 ~x86"
IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
logrotate lua lz4 nflog +nfqueue redis systemd test"
@@ -36,7 +36,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.36
+ >=net-libs/libhtp-0.5.37
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 234bc1ebf74a9163253407cbfa4a89c9e8807efb
Author: Marek Szuba gentoo org>
AuthorDate: Thu Mar 4 14:10:58 2021 +
Commit: Marek Szuba gentoo org>
CommitDate: Thu Mar 4 14:47:11 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=234bc1eb
net-analyzer/suricata: bump v5 to 5.0.6
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest| 2 +-
.../suricata/{suricata-5.0.5-r1.ebuild => suricata-5.0.6.ebuild} | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 5a442b0ea2e..9cc78dd7d9a 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,2 @@
-DIST suricata-5.0.5.tar.gz 29094537 BLAKE2B
c2a5897836117abe9ca39b3a03de36c4d5667d3e64dc1befd77a7b777e4191439a497e3042e6d00b80ae31c8c4f18347cb2e6833e8db5f64b31c8ab1cf557ac5
SHA512
5f26731e0a0134fdecc8e76a68a69584bacb614ba4fd56b74f27abe62ab7d80135908eeaae38c9a03101f069d83597b3c7c69000bdd2a2e6bfe87f7a98de4e16
+DIST suricata-5.0.6.tar.gz 29136659 BLAKE2B
97d95cadd54d44bd82424322c08ad04be2122cdae5763995f7aefe4a75872091dd7d289e89e47a5ad9fbce570964f11331d848db7fe7ec4c2be9a0f8b62fadff
SHA512
73580721683f929a90b6b59673842c051fe44ee7b8d8d890106aad09952d5b8a8f3716f168c41b33feb5c32e0106f5926125313cc11b27bc5a9c65e90b21888f
DIST suricata-6.0.1.tar.gz 30460439 BLAKE2B
55a24fa2f653a0a80f51e1ab102bb7046bd1f67d60c64c139b485086f4d8e0f5db58906bc33a7b5bdb76ba37b8206ded99b08034c4c292cf16d595bcafc7acc0
SHA512
be57150afc238b6627731e4463297e67469b66241779f5af3d1bd93bfad4fde41a5371298b54a06c7c3ea324e5642753ca57900173989ac738d663a85e9c33f4
diff --git a/net-analyzer/suricata/suricata-5.0.5-r1.ebuild
b/net-analyzer/suricata/suricata-5.0.6.ebuild
similarity index 99%
rename from net-analyzer/suricata/suricata-5.0.5-r1.ebuild
rename to net-analyzer/suricata/suricata-5.0.6.ebuild
index a87e7c8fa16..ef4c372ec11 100644
--- a/net-analyzer/suricata/suricata-5.0.5-r1.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.6.ebuild
@@ -13,7 +13,7 @@ HOMEPAGE="https://suricata-ids.org/;
SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
LICENSE="GPL-2"
-SLOT="0"
+SLOT="0/5"
KEYWORDS="~amd64 ~x86"
IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
logrotate lua lz4 nflog +nfqueue redis systemd test"
@@ -36,7 +36,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.36
+ >=net-libs/libhtp-0.5.37
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: f77e3d5c7199873514045c900961f6f24e747283
Author: Marek Szuba gentoo org>
AuthorDate: Mon Jan 25 14:20:10 2021 +
Commit: Marek Szuba gentoo org>
CommitDate: Mon Jan 25 17:37:26 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f77e3d5c
net-analyzer/suricata: migrate v5 to lua-single.eclass as well
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/suricata-5.0.5-r1.ebuild | 204 +
1 file changed, 204 insertions(+)
diff --git a/net-analyzer/suricata/suricata-5.0.5-r1.ebuild
b/net-analyzer/suricata/suricata-5.0.5-r1.ebuild
new file mode 100644
index 000..9fd6cb85894
--- /dev/null
+++ b/net-analyzer/suricata/suricata-5.0.5-r1.ebuild
@@ -0,0 +1,204 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+LUA_COMPAT=( lua5-1 luajit )
+PYTHON_COMPAT=( python3_{6..9} )
+
+inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
+HOMEPAGE="https://suricata-ids.org/;
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
logrotate lua lz4 nflog +nfqueue redis systemd test"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ bpf? ( af-packet )
+ lua? ( ${LUA_REQUIRED_USE} )"
+
+RDEPEND="${PYTHON_DEPS}
+ acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_USEDEP}]
+ ')
+ >=net-libs/libhtp-0.5.36
+ net-libs/libpcap
+ sys-apps/file
+ sys-libs/libcap-ng
+ bpf?( >=dev-libs/libbpf-0.1.0 )
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/libmaxminddb )
+ logrotate? ( app-admin/logrotate )
+ lua?( ${LUA_DEPS} )
+ lz4?( app-arch/lz4 )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue?( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis )"
+DEPEND="${RDEPEND}
+ >=sys-devel/autoconf-2.69-r5
+ virtual/rust"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.1_default-config.patch"
+)
+
+pkg_pretend() {
+ if use bpf && use kernel_linux; then
+ if kernel_is -lt 4 15; then
+ ewarn "Kernel 4.15 or newer is necessary to use all XDP
features like the CPU redirect map"
+ fi
+
+ CONFIG_CHECK="~XDP_SOCKETS"
+ ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it
impossible for Suricata to load XDP programs. "
+ ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
+ check_extra_config
+ fi
+}
+
+src_prepare() {
+ default
+ sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//'
"${S}/doc/Makefile.am" || die
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ "--localstatedir=/var" \
+ "--runstatedir=/run" \
+ "--enable-non-bundled-htp" \
+ "--enable-gccmarch-native=no" \
+ "--enable-python" \
+ $(use_enable af-packet) \
+ $(use_enable bpf ebpf) \
+ $(use_enable control-socket unix-socket) \
+ $(use_enable cuda) \
+ $(use_enable detection) \
+ $(use_enable geoip) \
+ $(use_enable hardened gccprotect) \
+ $(use_enable hardened pie) \
+ $(use_enable lz4) \
+ $(use_enable nflog) \
+ $(use_enable nfqueue) \
+ $(use_enable redis hiredis) \
+ $(use_enable test unittests) \
+ "--disable-coccinelle"
+ )
+ if use lua; then
+ if use lua_single_target_luajit; then
+ myeconfargs+=( --enable-luajit )
+ else
+ myeconfargs+=( --enable-lua )
+ fi
+ fi
+
+ if use debug; then
+ myeconfargs+=( $(use_enable debug) )
+ # so we can get a backtrace according to "reporting bugs" on
upstream web site
+ CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
+ else
+ econf ${myeconfargs[@]}
+ fi
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+ python_optimize
+
+ if use bpf; then
+ rm -f ebpf/Makefile.{am,in}
+ dodoc -r ebpf/
+ keepdir /usr/libexec/suricata/ebpf
+ fi
+
+
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: b094a228961abc4f94be9b1bb783753fa779d947
Author: Marek Szuba gentoo org>
AuthorDate: Mon Jan 25 14:19:54 2021 +
Commit: Marek Szuba gentoo org>
CommitDate: Mon Jan 25 17:37:29 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b094a228
net-analyzer/suricata: remove old
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 2 -
net-analyzer/suricata/suricata-5.0.4.ebuild | 197 ---
net-analyzer/suricata/suricata-5.0.5.ebuild | 197 ---
net-analyzer/suricata/suricata-6.0.0.ebuild | 203
net-analyzer/suricata/suricata-6.0.1.ebuild | 203
5 files changed, 802 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 4393b479fd5..5a442b0ea2e 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,4 +1,2 @@
-DIST suricata-5.0.4.tar.gz 29091046 BLAKE2B
38526ca39d2460d630fdd9e804f36c74bfcde54a529748896779b549ed1b55174d6080ddad8933ddfd26004f4e78748a503832f47ee5f52d84a133643aef482b
SHA512
e5da14f80b628968e146839b828971e888fd0158b2ecbbcc15c0f42fda2bdcc8ad89632ba05cc45c88d88e537452e77f8e2f3a5e09ecd038d0d38b1a8cf8cea6
DIST suricata-5.0.5.tar.gz 29094537 BLAKE2B
c2a5897836117abe9ca39b3a03de36c4d5667d3e64dc1befd77a7b777e4191439a497e3042e6d00b80ae31c8c4f18347cb2e6833e8db5f64b31c8ab1cf557ac5
SHA512
5f26731e0a0134fdecc8e76a68a69584bacb614ba4fd56b74f27abe62ab7d80135908eeaae38c9a03101f069d83597b3c7c69000bdd2a2e6bfe87f7a98de4e16
-DIST suricata-6.0.0.tar.gz 30832555 BLAKE2B
9cea05b07520924706e961efed6a45b9ba73388a25777f43c1a90497aa00ec200bad15863b7b17b84e622c79309365596853423776da9c3d103c2a8c1126a0d2
SHA512
3c30f6f57c0e8a24992ff2b4ce8ce166d3c0d4b28c8f5e79434d04de9f2016773be01a1689fedfc9e54ff1c8bc9838206bc28f3ff2e47d60102a7016f1062ec3
DIST suricata-6.0.1.tar.gz 30460439 BLAKE2B
55a24fa2f653a0a80f51e1ab102bb7046bd1f67d60c64c139b485086f4d8e0f5db58906bc33a7b5bdb76ba37b8206ded99b08034c4c292cf16d595bcafc7acc0
SHA512
be57150afc238b6627731e4463297e67469b66241779f5af3d1bd93bfad4fde41a5371298b54a06c7c3ea324e5642753ca57900173989ac738d663a85e9c33f4
diff --git a/net-analyzer/suricata/suricata-5.0.4.ebuild
b/net-analyzer/suricata/suricata-5.0.4.ebuild
deleted file mode 100644
index 077c14ece6d..000
--- a/net-analyzer/suricata/suricata-5.0.4.ebuild
+++ /dev/null
@@ -1,197 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{6..9} )
-
-inherit autotools flag-o-matic linux-info python-single-r1 systemd
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
-HOMEPAGE="https://suricata-ids.org/;
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
logrotate lua luajit lz4 nflog +nfqueue redis systemd test"
-
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- ?? ( lua luajit )
- bpf? ( af-packet )"
-
-RDEPEND="${PYTHON_DEPS}
- acct-group/suricata
- acct-user/suricata
- dev-libs/jansson
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- $(python_gen_cond_dep '
- dev-python/pyyaml[${PYTHON_USEDEP}]
- ')
- >=net-libs/libhtp-0.5.35
- net-libs/libpcap
- sys-apps/file
- sys-libs/libcap-ng
- bpf?( >=dev-libs/libbpf-0.1.0 )
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/libmaxminddb )
- logrotate? ( app-admin/logrotate )
- lua?( dev-lang/lua:0= )
- luajit? ( dev-lang/luajit:* )
- lz4?( app-arch/lz4 )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue?( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis )"
-DEPEND="${RDEPEND}
- >=sys-devel/autoconf-2.69-r5
- virtual/rust"
-
-PATCHES=(
- "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
- "${FILESDIR}/${PN}-5.0.1_default-config.patch"
-)
-
-pkg_pretend() {
- if use bpf && use kernel_linux; then
- if kernel_is -lt 4 15; then
- ewarn "Kernel 4.15 or newer is necessary to use all XDP
features like the CPU redirect map"
- fi
-
- CONFIG_CHECK="~XDP_SOCKETS"
- ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it
impossible for Suricata to load XDP programs. "
- ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
- check_extra_config
- fi
-}
-
-src_prepare() {
- default
- sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//'
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, profiles/
commit: afe7a2be12b92b58850bb4381217043ca72be03d
Author: Marek Szuba gentoo org>
AuthorDate: Sun Dec 6 22:00:54 2020 +
Commit: Marek Szuba gentoo org>
CommitDate: Sun Dec 6 22:02:38 2020 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=afe7a2be
net-analyzer/suricata: bump to 6.0.1
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 1 +
0.0-r100.ebuild => suricata-6.0.1-r100.ebuild} | 2 +-
...ata-6.0.0-r100.ebuild => suricata-6.0.1.ebuild} | 23 +-
profiles/package.mask | 2 +-
4 files changed, 12 insertions(+), 16 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index fde179dd2cb..ea206e75187 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1,3 @@
DIST suricata-5.0.4.tar.gz 29091046 BLAKE2B
38526ca39d2460d630fdd9e804f36c74bfcde54a529748896779b549ed1b55174d6080ddad8933ddfd26004f4e78748a503832f47ee5f52d84a133643aef482b
SHA512
e5da14f80b628968e146839b828971e888fd0158b2ecbbcc15c0f42fda2bdcc8ad89632ba05cc45c88d88e537452e77f8e2f3a5e09ecd038d0d38b1a8cf8cea6
DIST suricata-6.0.0.tar.gz 30832555 BLAKE2B
9cea05b07520924706e961efed6a45b9ba73388a25777f43c1a90497aa00ec200bad15863b7b17b84e622c79309365596853423776da9c3d103c2a8c1126a0d2
SHA512
3c30f6f57c0e8a24992ff2b4ce8ce166d3c0d4b28c8f5e79434d04de9f2016773be01a1689fedfc9e54ff1c8bc9838206bc28f3ff2e47d60102a7016f1062ec3
+DIST suricata-6.0.1.tar.gz 30460439 BLAKE2B
55a24fa2f653a0a80f51e1ab102bb7046bd1f67d60c64c139b485086f4d8e0f5db58906bc33a7b5bdb76ba37b8206ded99b08034c4c292cf16d595bcafc7acc0
SHA512
be57150afc238b6627731e4463297e67469b66241779f5af3d1bd93bfad4fde41a5371298b54a06c7c3ea324e5642753ca57900173989ac738d663a85e9c33f4
diff --git a/net-analyzer/suricata/suricata-6.0.0-r100.ebuild
b/net-analyzer/suricata/suricata-6.0.1-r100.ebuild
similarity index 99%
copy from net-analyzer/suricata/suricata-6.0.0-r100.ebuild
copy to net-analyzer/suricata/suricata-6.0.1-r100.ebuild
index 872fafeef3a..3d6679536b4 100644
--- a/net-analyzer/suricata/suricata-6.0.0-r100.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.1-r100.ebuild
@@ -36,7 +36,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.35
+ >=net-libs/libhtp-0.5.36
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
diff --git a/net-analyzer/suricata/suricata-6.0.0-r100.ebuild
b/net-analyzer/suricata/suricata-6.0.1.ebuild
similarity index 93%
rename from net-analyzer/suricata/suricata-6.0.0-r100.ebuild
rename to net-analyzer/suricata/suricata-6.0.1.ebuild
index 872fafeef3a..6602a4b80ad 100644
--- a/net-analyzer/suricata/suricata-6.0.0-r100.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.1.ebuild
@@ -3,10 +3,9 @@
EAPI=7
-LUA_COMPAT=( lua5-1 luajit )
PYTHON_COMPAT=( python3_{6..9} )
-inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd
+inherit autotools flag-o-matic linux-info python-single-r1 systemd
DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
HOMEPAGE="https://suricata-ids.org/;
@@ -15,13 +14,13 @@
SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
logrotate lua lz4 nflog +nfqueue redis systemd test"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
logrotate lua luajit lz4 nflog +nfqueue redis systemd test"
RESTRICT="!test? ( test )"
REQUIRED_USE="${PYTHON_REQUIRED_USE}
- bpf? ( af-packet )
- lua? ( ${LUA_REQUIRED_USE} )"
+ ?? ( lua luajit )
+ bpf? ( af-packet )"
RDEPEND="${PYTHON_DEPS}
acct-group/suricata
@@ -36,7 +35,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.35
+ >=net-libs/libhtp-0.5.36
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
@@ -44,7 +43,8 @@ RDEPEND="${PYTHON_DEPS}
cuda? ( dev-util/nvidia-cuda-toolkit )
geoip? ( dev-libs/libmaxminddb )
logrotate? ( app-admin/logrotate )
- lua?( ${LUA_DEPS} )
+ lua?( dev-lang/lua:0= )
+ luajit? ( dev-lang/luajit:* )
lz4?( app-arch/lz4 )
nflog? ( net-libs/libnetfilter_log )
nfqueue?( net-libs/libnetfilter_queue )
@@ -92,6 +92,8 @@ src_configure() {
$(use_enable geoip) \
$(use_enable hardened gccprotect) \
$(use_enable hardened pie) \
+ $(use_enable lua) \
+ $(use_enable luajit) \
$(use_enable lz4) \
$(use_enable nflog) \
$(use_enable nfqueue) \
@@ -99,13
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 57724f05b683513e331b327d9bc589a099d335b6
Author: Marek Szuba gentoo org>
AuthorDate: Sun Dec 6 22:01:39 2020 +
Commit: Marek Szuba gentoo org>
CommitDate: Sun Dec 6 22:02:41 2020 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=57724f05
net-analyzer/suricata: bump the old stable branch to 5.0.5
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 1 +
net-analyzer/suricata/suricata-5.0.5.ebuild | 197
2 files changed, 198 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index ea206e75187..4393b479fd5 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,3 +1,4 @@
DIST suricata-5.0.4.tar.gz 29091046 BLAKE2B
38526ca39d2460d630fdd9e804f36c74bfcde54a529748896779b549ed1b55174d6080ddad8933ddfd26004f4e78748a503832f47ee5f52d84a133643aef482b
SHA512
e5da14f80b628968e146839b828971e888fd0158b2ecbbcc15c0f42fda2bdcc8ad89632ba05cc45c88d88e537452e77f8e2f3a5e09ecd038d0d38b1a8cf8cea6
+DIST suricata-5.0.5.tar.gz 29094537 BLAKE2B
c2a5897836117abe9ca39b3a03de36c4d5667d3e64dc1befd77a7b777e4191439a497e3042e6d00b80ae31c8c4f18347cb2e6833e8db5f64b31c8ab1cf557ac5
SHA512
5f26731e0a0134fdecc8e76a68a69584bacb614ba4fd56b74f27abe62ab7d80135908eeaae38c9a03101f069d83597b3c7c69000bdd2a2e6bfe87f7a98de4e16
DIST suricata-6.0.0.tar.gz 30832555 BLAKE2B
9cea05b07520924706e961efed6a45b9ba73388a25777f43c1a90497aa00ec200bad15863b7b17b84e622c79309365596853423776da9c3d103c2a8c1126a0d2
SHA512
3c30f6f57c0e8a24992ff2b4ce8ce166d3c0d4b28c8f5e79434d04de9f2016773be01a1689fedfc9e54ff1c8bc9838206bc28f3ff2e47d60102a7016f1062ec3
DIST suricata-6.0.1.tar.gz 30460439 BLAKE2B
55a24fa2f653a0a80f51e1ab102bb7046bd1f67d60c64c139b485086f4d8e0f5db58906bc33a7b5bdb76ba37b8206ded99b08034c4c292cf16d595bcafc7acc0
SHA512
be57150afc238b6627731e4463297e67469b66241779f5af3d1bd93bfad4fde41a5371298b54a06c7c3ea324e5642753ca57900173989ac738d663a85e9c33f4
diff --git a/net-analyzer/suricata/suricata-5.0.5.ebuild
b/net-analyzer/suricata/suricata-5.0.5.ebuild
new file mode 100644
index 000..db9ee04aadb
--- /dev/null
+++ b/net-analyzer/suricata/suricata-5.0.5.ebuild
@@ -0,0 +1,197 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{6..9} )
+
+inherit autotools flag-o-matic linux-info python-single-r1 systemd
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
+HOMEPAGE="https://suricata-ids.org/;
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
logrotate lua luajit lz4 nflog +nfqueue redis systemd test"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ ?? ( lua luajit )
+ bpf? ( af-packet )"
+
+RDEPEND="${PYTHON_DEPS}
+ acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_USEDEP}]
+ ')
+ >=net-libs/libhtp-0.5.36
+ net-libs/libpcap
+ sys-apps/file
+ sys-libs/libcap-ng
+ bpf?( >=dev-libs/libbpf-0.1.0 )
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/libmaxminddb )
+ logrotate? ( app-admin/logrotate )
+ lua?( dev-lang/lua:0= )
+ luajit? ( dev-lang/luajit:* )
+ lz4?( app-arch/lz4 )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue?( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis )"
+DEPEND="${RDEPEND}
+ >=sys-devel/autoconf-2.69-r5
+ virtual/rust"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.1_default-config.patch"
+)
+
+pkg_pretend() {
+ if use bpf && use kernel_linux; then
+ if kernel_is -lt 4 15; then
+ ewarn "Kernel 4.15 or newer is necessary to use all XDP
features like the CPU redirect map"
+ fi
+
+ CONFIG_CHECK="~XDP_SOCKETS"
+ ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it
impossible for Suricata to load XDP programs. "
+ ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
+ check_extra_config
+ fi
+}
+
+src_prepare() {
+ default
+ sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//'
"${S}/doc/Makefile.am" || die
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ "--localstatedir=/var" \
+ "--runstatedir=/run" \
+ "--enable-non-bundled-htp" \
+
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 7c476fc8e3073f2bb277ff3775b14aff3505ee1c
Author: Marek Szuba gentoo org>
AuthorDate: Thu Dec 3 12:39:22 2020 +
Commit: Marek Szuba gentoo org>
CommitDate: Thu Dec 3 12:54:11 2020 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7c476fc8
net-analyzer/suricata: limit unmigrated ebuilds to dev-lang/lua:0
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/suricata-5.0.4.ebuild | 2 +-
net-analyzer/suricata/suricata-6.0.0.ebuild | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/suricata-5.0.4.ebuild
b/net-analyzer/suricata/suricata-5.0.4.ebuild
index e618aa1e0bc..077c14ece6d 100644
--- a/net-analyzer/suricata/suricata-5.0.4.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.4.ebuild
@@ -43,7 +43,7 @@ RDEPEND="${PYTHON_DEPS}
cuda? ( dev-util/nvidia-cuda-toolkit )
geoip? ( dev-libs/libmaxminddb )
logrotate? ( app-admin/logrotate )
- lua?( dev-lang/lua:* )
+ lua?( dev-lang/lua:0= )
luajit? ( dev-lang/luajit:* )
lz4?( app-arch/lz4 )
nflog? ( net-libs/libnetfilter_log )
diff --git a/net-analyzer/suricata/suricata-6.0.0.ebuild
b/net-analyzer/suricata/suricata-6.0.0.ebuild
index 5f5d14e3eec..6a00d0c18c9 100644
--- a/net-analyzer/suricata/suricata-6.0.0.ebuild
+++ b/net-analyzer/suricata/suricata-6.0.0.ebuild
@@ -43,7 +43,7 @@ RDEPEND="${PYTHON_DEPS}
cuda? ( dev-util/nvidia-cuda-toolkit )
geoip? ( dev-libs/libmaxminddb )
logrotate? ( app-admin/logrotate )
- lua?( dev-lang/lua:* )
+ lua?( dev-lang/lua:0= )
luajit? ( dev-lang/luajit:* )
lz4?( app-arch/lz4 )
nflog? ( net-libs/libnetfilter_log )
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: b9b248bc69259902555d6c2a622a3d2e97a45355
Author: Marek Szuba gentoo org>
AuthorDate: Wed Oct 14 13:55:12 2020 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Oct 14 14:42:31 2020 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b9b248bc
net-analyzer/suricata: migrate to lua-single.eclass
Both the documentation and the autoconf script only mention luajit and
lua5.1 so limit compatibility to these two.
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/suricata-6.0.0-r100.ebuild | 208 +++
1 file changed, 208 insertions(+)
diff --git a/net-analyzer/suricata/suricata-6.0.0-r100.ebuild
b/net-analyzer/suricata/suricata-6.0.0-r100.ebuild
new file mode 100644
index 000..872fafeef3a
--- /dev/null
+++ b/net-analyzer/suricata/suricata-6.0.0-r100.ebuild
@@ -0,0 +1,208 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+LUA_COMPAT=( lua5-1 luajit )
+PYTHON_COMPAT=( python3_{6..9} )
+
+inherit autotools flag-o-matic linux-info lua-single python-single-r1 systemd
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
+HOMEPAGE="https://suricata-ids.org/;
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
logrotate lua lz4 nflog +nfqueue redis systemd test"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ bpf? ( af-packet )
+ lua? ( ${LUA_REQUIRED_USE} )"
+
+RDEPEND="${PYTHON_DEPS}
+ acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_USEDEP}]
+ ')
+ >=net-libs/libhtp-0.5.35
+ net-libs/libpcap
+ sys-apps/file
+ sys-libs/libcap-ng
+ bpf?( >=dev-libs/libbpf-0.1.0 )
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/libmaxminddb )
+ logrotate? ( app-admin/logrotate )
+ lua?( ${LUA_DEPS} )
+ lz4?( app-arch/lz4 )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue?( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis )"
+DEPEND="${RDEPEND}
+ >=sys-devel/autoconf-2.69-r5
+ virtual/rust"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
+ "${FILESDIR}/${PN}-6.0.0_default-config.patch"
+)
+
+pkg_pretend() {
+ if use bpf && use kernel_linux; then
+ if kernel_is -lt 4 15; then
+ ewarn "Kernel 4.15 or newer is necessary to use all XDP
features like the CPU redirect map"
+ fi
+
+ CONFIG_CHECK="~XDP_SOCKETS"
+ ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it
impossible for Suricata to load XDP programs. "
+ ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
+ check_extra_config
+ fi
+}
+
+src_prepare() {
+ default
+ sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//'
"${S}/doc/Makefile.am" || die
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ "--localstatedir=/var" \
+ "--runstatedir=/run" \
+ "--enable-non-bundled-htp" \
+ "--enable-gccmarch-native=no" \
+ "--enable-python" \
+ $(use_enable af-packet) \
+ $(use_enable bpf ebpf) \
+ $(use_enable control-socket unix-socket) \
+ $(use_enable cuda) \
+ $(use_enable detection) \
+ $(use_enable geoip) \
+ $(use_enable hardened gccprotect) \
+ $(use_enable hardened pie) \
+ $(use_enable lz4) \
+ $(use_enable nflog) \
+ $(use_enable nfqueue) \
+ $(use_enable redis hiredis) \
+ $(use_enable test unittests) \
+ "--disable-coccinelle"
+ )
+ if use lua; then
+ if use lua_single_target_luajit; then
+ myeconfargs+=( --enable-luajit )
+ else
+ myeconfargs+=( --enable-lua )
+ fi
+ fi
+
+ if use debug; then
+ myeconfargs+=( $(use_enable debug) )
+ # so we can get a backtrace according to "reporting bugs" on
upstream web site
+ CFLAGS="-ggdb -O0" econf ${myeconfargs[@]}
+ else
+ econf ${myeconfargs[@]}
+ fi
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+ python_optimize
+
+ if use bpf; then
+ rm -f
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, net-analyzer/suricata/files/
commit: a8e82003db4b6ef62cf260263bafc1cc32f33acc
Author: Marek Szuba gentoo org>
AuthorDate: Fri Oct 9 12:09:22 2020 +
Commit: Marek Szuba gentoo org>
CommitDate: Fri Oct 9 12:14:16 2020 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a8e82003
net-analyzer/suricata: bump to 6.0.0
Okay, this has turned out to be easier than I thought it might be.
Note to self: since suricata-6 no longer supports unified2 output and
suricata-5 is still supported upstream (even 4 will only reach end of
life on 2020-12-31), keep the latter around for at least a bit longer.
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 1 +
.../files/suricata-6.0.0_default-config.patch | 27 +++
net-analyzer/suricata/suricata-6.0.0.ebuild| 203 +
3 files changed, 231 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 06edb9b7cc8..fde179dd2cb 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1 +1,2 @@
DIST suricata-5.0.4.tar.gz 29091046 BLAKE2B
38526ca39d2460d630fdd9e804f36c74bfcde54a529748896779b549ed1b55174d6080ddad8933ddfd26004f4e78748a503832f47ee5f52d84a133643aef482b
SHA512
e5da14f80b628968e146839b828971e888fd0158b2ecbbcc15c0f42fda2bdcc8ad89632ba05cc45c88d88e537452e77f8e2f3a5e09ecd038d0d38b1a8cf8cea6
+DIST suricata-6.0.0.tar.gz 30832555 BLAKE2B
9cea05b07520924706e961efed6a45b9ba73388a25777f43c1a90497aa00ec200bad15863b7b17b84e622c79309365596853423776da9c3d103c2a8c1126a0d2
SHA512
3c30f6f57c0e8a24992ff2b4ce8ce166d3c0d4b28c8f5e79434d04de9f2016773be01a1689fedfc9e54ff1c8bc9838206bc28f3ff2e47d60102a7016f1062ec3
diff --git a/net-analyzer/suricata/files/suricata-6.0.0_default-config.patch
b/net-analyzer/suricata/files/suricata-6.0.0_default-config.patch
new file mode 100644
index 000..03e0f1cda94
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata-6.0.0_default-config.patch
@@ -0,0 +1,27 @@
+--- a/suricata.yaml.in
b/suricata.yaml.in
+@@ -209,8 +209,9 @@
+ #
https://suricata.readthedocs.io/en/latest/output/eve/eve-json-output.html#dns-v1-format
+
+ # As of Suricata 5.0, version 2 of the eve dns output
+-# format is the default.
+-#version: 2
++# format is the default - but the daemon produces a warning to
that effect
++# at start-up if this isn't explicitly set.
++version: 2
+
+ # Enable/disable this logger. Default: enabled.
+ #enabled: yes
+@@ -988,9 +989,9 @@
+ ##
+
+ # Run Suricata with a specific user-id and group-id:
+-#run-as:
+-# user: suri
+-# group: suri
++run-as:
++ user: suricata
++ group: suricata
+
+ # Some logging modules will use that name in event as identifier. The default
+ # value is the hostname
diff --git a/net-analyzer/suricata/suricata-6.0.0.ebuild
b/net-analyzer/suricata/suricata-6.0.0.ebuild
new file mode 100644
index 000..5f5d14e3eec
--- /dev/null
+++ b/net-analyzer/suricata/suricata-6.0.0.ebuild
@@ -0,0 +1,203 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{6..9} )
+
+inherit autotools flag-o-matic linux-info python-single-r1 systemd
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
+HOMEPAGE="https://suricata-ids.org/;
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
logrotate lua luajit lz4 nflog +nfqueue redis systemd test"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ ?? ( lua luajit )
+ bpf? ( af-packet )"
+
+RDEPEND="${PYTHON_DEPS}
+ acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_USEDEP}]
+ ')
+ >=net-libs/libhtp-0.5.35
+ net-libs/libpcap
+ sys-apps/file
+ sys-libs/libcap-ng
+ bpf?( >=dev-libs/libbpf-0.1.0 )
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/libmaxminddb )
+ logrotate? ( app-admin/logrotate )
+ lua?( dev-lang/lua:* )
+ luajit? ( dev-lang/luajit:* )
+ lz4?( app-arch/lz4 )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue?( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis )"
+DEPEND="${RDEPEND}
+ >=sys-devel/autoconf-2.69-r5
+ virtual/rust"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
+ "${FILESDIR}/${PN}-6.0.0_default-config.patch"
+)
+
+pkg_pretend() {
+
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 6b0add7f82cb3990a9b95d3931ce94981884dca4
Author: Marek Szuba gentoo org>
AuthorDate: Fri Oct 9 11:34:30 2020 +
Commit: Marek Szuba gentoo org>
CommitDate: Fri Oct 9 11:40:52 2020 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6b0add7f
net-analyzer/suricata: bump to 5.0.4
6.0.0 is out now too but it may or may not take time to package, and
5.0.4 fixes some potential security issues detected by Oss-Fuzz.
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest| 2 +-
.../suricata/{suricata-5.0.3.ebuild => suricata-5.0.4.ebuild} | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index b4800d771b4..06edb9b7cc8 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1 +1 @@
-DIST suricata-5.0.3.tar.gz 23744731 BLAKE2B
51dfd6fb8a1208e499f178f679f2b3cf6a2632a659fb5b58baa747da64fb37a1c9345b51b2bb3f5c33f9a3fc9208ab52cb6e8dc6ddb38b7c19124f7345ca
SHA512
4e0ad2ae33537cb074d549b3cc162c5ed115605cb142a96cbf66d1341799eaad96b307fd6ad4679e344e51d00065b3573bfb26bd60468f12addb144b112e4f72
+DIST suricata-5.0.4.tar.gz 29091046 BLAKE2B
38526ca39d2460d630fdd9e804f36c74bfcde54a529748896779b549ed1b55174d6080ddad8933ddfd26004f4e78748a503832f47ee5f52d84a133643aef482b
SHA512
e5da14f80b628968e146839b828971e888fd0158b2ecbbcc15c0f42fda2bdcc8ad89632ba05cc45c88d88e537452e77f8e2f3a5e09ecd038d0d38b1a8cf8cea6
diff --git a/net-analyzer/suricata/suricata-5.0.3.ebuild
b/net-analyzer/suricata/suricata-5.0.4.ebuild
similarity index 98%
rename from net-analyzer/suricata/suricata-5.0.3.ebuild
rename to net-analyzer/suricata/suricata-5.0.4.ebuild
index d159cf584da..e618aa1e0bc 100644
--- a/net-analyzer/suricata/suricata-5.0.3.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.4.ebuild
@@ -35,11 +35,11 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.33
+ >=net-libs/libhtp-0.5.35
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
- bpf?( >=dev-libs/libbpf-0.0.6 )
+ bpf?( >=dev-libs/libbpf-0.1.0 )
cuda? ( dev-util/nvidia-cuda-toolkit )
geoip? ( dev-libs/libmaxminddb )
logrotate? ( app-admin/logrotate )
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 2fa67aeb1448e023feb007a4f83003c759013924
Author: Marek Szuba gentoo org>
AuthorDate: Fri Jul 17 19:30:28 2020 +
Commit: Marek Szuba gentoo org>
CommitDate: Fri Jul 17 20:09:59 2020 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2fa67aeb
net-analyzer/suricata: support python3_9
Builds, tests and installs fine, and at least suricata-update works
without problems.
Tested pypy3 support as well and it needs work, somehow Python modules
for this implementation end up in /usr/site-packages. Tools work fine
once the modules have been manually moved to the right directory,
though.
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/suricata-5.0.3.ebuild | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/suricata-5.0.3.ebuild
b/net-analyzer/suricata/suricata-5.0.3.ebuild
index c1f707b1342..d159cf584da 100644
--- a/net-analyzer/suricata/suricata-5.0.3.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.3.ebuild
@@ -3,7 +3,7 @@
EAPI=7
-PYTHON_COMPAT=( python3_{6,7,8} )
+PYTHON_COMPAT=( python3_{6..9} )
inherit autotools flag-o-matic linux-info python-single-r1 systemd
@@ -65,7 +65,7 @@ pkg_pretend() {
fi
CONFIG_CHECK="~XDP_SOCKETS"
- ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it
impossible for Suricata will to load XDP programs. "
+ ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it
impossible for Suricata to load XDP programs. "
ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
check_extra_config
fi
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 00b295187723410950b9e6fed2b221a68bdacb5b
Author: Marek Szuba gentoo org>
AuthorDate: Fri May 22 20:58:25 2020 +
Commit: Marek Szuba gentoo org>
CommitDate: Fri May 22 21:01:55 2020 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=00b29518
net-analyzer/suricata: bump to 5.0.3 + remove 5.0.2
Bug: https://bugs.gentoo.org/724536
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 2 +-
net-analyzer/suricata/{suricata-5.0.2.ebuild => suricata-5.0.3.ebuild} | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 0d9c0caa06c..b4800d771b4 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1 +1 @@
-DIST suricata-5.0.2.tar.gz 23735393 BLAKE2B
3fd9bac597cda59cbeb3d902eccf15e4b873b56b44967a1cad9e99e041f06778ffd4f8ea1378f0df3fa84f2cabd6ac13eda7a2cb233e80a75c27bf7c4e5f7cd0
SHA512
e288f6aee9f8fafb8fa811d2c83a89a29434edc24e05542e172852dc139b9d0bb474d35ddbdc4723df04e7a8b4e70e181c822a4fb1315ba2879c3c7a5c16ef16
+DIST suricata-5.0.3.tar.gz 23744731 BLAKE2B
51dfd6fb8a1208e499f178f679f2b3cf6a2632a659fb5b58baa747da64fb37a1c9345b51b2bb3f5c33f9a3fc9208ab52cb6e8dc6ddb38b7c19124f7345ca
SHA512
4e0ad2ae33537cb074d549b3cc162c5ed115605cb142a96cbf66d1341799eaad96b307fd6ad4679e344e51d00065b3573bfb26bd60468f12addb144b112e4f72
diff --git a/net-analyzer/suricata/suricata-5.0.2.ebuild
b/net-analyzer/suricata/suricata-5.0.3.ebuild
similarity index 99%
rename from net-analyzer/suricata/suricata-5.0.2.ebuild
rename to net-analyzer/suricata/suricata-5.0.3.ebuild
index b2dc6c2e8b0..c1f707b1342 100644
--- a/net-analyzer/suricata/suricata-5.0.2.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.3.ebuild
@@ -35,7 +35,7 @@ RDEPEND="${PYTHON_DEPS}
$(python_gen_cond_dep '
dev-python/pyyaml[${PYTHON_USEDEP}]
')
- >=net-libs/libhtp-0.5.32
+ >=net-libs/libhtp-0.5.33
net-libs/libpcap
sys-apps/file
sys-libs/libcap-ng
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 3af306d8750b3693dd04e3bed2c6a40a5258718a
Author: Marek Szuba gentoo org>
AuthorDate: Thu Apr 23 21:10:21 2020 +
Commit: Marek Szuba gentoo org>
CommitDate: Thu Apr 23 21:10:54 2020 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3af306d8
net-analyzer/suricata: remove old
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 1 -
net-analyzer/suricata/suricata-5.0.1-r1.ebuild | 201 -
2 files changed, 202 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 15bad1cad76..0d9c0caa06c 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1 @@
-DIST suricata-5.0.1.tar.gz 23721536 BLAKE2B
529837e8e4d6c33d2093df8208bf03519e0d60deef92eadf9d0a44b7416eae2f900b2f72349815acb86d9bdd9d4253bbc5d7c4c1a34157f544982b0788291624
SHA512
db0797a7992abf0ddf170cb603fdac06b0ff92278bb91343860bccbbe029ea0e83131dfb9805ca44bcbbe3925502119259e350a17e94209b21d1f8b610d965a6
DIST suricata-5.0.2.tar.gz 23735393 BLAKE2B
3fd9bac597cda59cbeb3d902eccf15e4b873b56b44967a1cad9e99e041f06778ffd4f8ea1378f0df3fa84f2cabd6ac13eda7a2cb233e80a75c27bf7c4e5f7cd0
SHA512
e288f6aee9f8fafb8fa811d2c83a89a29434edc24e05542e172852dc139b9d0bb474d35ddbdc4723df04e7a8b4e70e181c822a4fb1315ba2879c3c7a5c16ef16
diff --git a/net-analyzer/suricata/suricata-5.0.1-r1.ebuild
b/net-analyzer/suricata/suricata-5.0.1-r1.ebuild
deleted file mode 100644
index e74f32fee51..000
--- a/net-analyzer/suricata/suricata-5.0.1-r1.ebuild
+++ /dev/null
@@ -1,201 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{6,7,8} )
-
-inherit autotools flag-o-matic linux-info python-single-r1 systemd
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
-HOMEPAGE="https://suricata-ids.org/;
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
logrotate lua luajit lz4 nflog +nfqueue redis systemd test"
-
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- ?? ( lua luajit )
- bpf? ( af-packet )"
-
-CDEPEND="acct-group/suricata
- acct-user/suricata
- dev-libs/jansson
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- $(python_gen_cond_dep '
- dev-python/pyyaml[${PYTHON_MULTI_USEDEP}]
- ')
- >=net-libs/libhtp-0.5.32
- net-libs/libpcap
- sys-apps/file
- sys-libs/libcap-ng
- bpf?( >=dev-libs/libbpf-0.0.6 )
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/libmaxminddb )
- logrotate? ( app-admin/logrotate )
- lua?( dev-lang/lua:* )
- luajit? ( dev-lang/luajit:* )
- lz4?( app-arch/lz4 )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue?( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis )"
-DEPEND="${CDEPEND}
- >=sys-devel/autoconf-2.69-r5
- virtual/rust"
-RDEPEND="${CDEPEND}
- ${PYTHON_DEPS}"
-
-PATCHES=(
- "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
- "${FILESDIR}/${PN}-5.0.1_default-config.patch"
-)
-
-pkg_pretend() {
- if use bpf && use kernel_linux; then
- if kernel_is -lt 4 15; then
- ewarn "Kernel 4.15 or newer is necessary to use all XDP
features like the CPU redirect map"
- fi
-
- CONFIG_CHECK="~XDP_SOCKETS"
- ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it
impossible for Suricata will to load XDP programs. "
- ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
- check_extra_config
- fi
-}
-
-src_prepare() {
- # Bug #707204
- append-cflags $(test-flags-CC -fcommon)
-
- default
- sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//'
"${S}/doc/Makefile.am"
- eautoreconf
-}
-
-src_configure() {
- local myeconfargs=(
- "--localstatedir=/var" \
- "--runstatedir=/run" \
- "--enable-non-bundled-htp" \
- "--enable-gccmarch-native=no" \
- "--enable-python" \
- $(use_enable af-packet) \
- $(use_enable bpf ebpf) \
- $(use_enable control-socket unix-socket) \
- $(use_enable cuda) \
- $(use_enable detection) \
- $(use_enable geoip) \
- $(use_enable hardened gccprotect) \
- $(use_enable hardened pie) \
- $(use_enable lua) \
- $(use_enable luajit) \
-
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: a061032bd203f7986591189957a1008aecc9268a
Author: Marek Szuba gentoo org>
AuthorDate: Thu Apr 23 20:59:56 2020 +
Commit: Marek Szuba gentoo org>
CommitDate: Thu Apr 23 21:10:48 2020 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a061032b
net-analyzer/suricata: add missing "|| die" guard to sed call
Also, some cosmetic changes to dependencies.
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/suricata-5.0.2.ebuild | 11 +--
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/net-analyzer/suricata/suricata-5.0.2.ebuild
b/net-analyzer/suricata/suricata-5.0.2.ebuild
index 19940f3c9fb..b2dc6c2e8b0 100644
--- a/net-analyzer/suricata/suricata-5.0.2.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.2.ebuild
@@ -22,7 +22,8 @@ REQUIRED_USE="${PYTHON_REQUIRED_USE}
?? ( lua luajit )
bpf? ( af-packet )"
-CDEPEND="acct-group/suricata
+RDEPEND="${PYTHON_DEPS}
+ acct-group/suricata
acct-user/suricata
dev-libs/jansson
dev-libs/libpcre
@@ -32,7 +33,7 @@ CDEPEND="acct-group/suricata
dev-libs/nspr
dev-libs/nss
$(python_gen_cond_dep '
- dev-python/pyyaml[${PYTHON_MULTI_USEDEP}]
+ dev-python/pyyaml[${PYTHON_USEDEP}]
')
>=net-libs/libhtp-0.5.32
net-libs/libpcap
@@ -48,11 +49,9 @@ CDEPEND="acct-group/suricata
nflog? ( net-libs/libnetfilter_log )
nfqueue?( net-libs/libnetfilter_queue )
redis? ( dev-libs/hiredis )"
-DEPEND="${CDEPEND}
+DEPEND="${RDEPEND}
>=sys-devel/autoconf-2.69-r5
virtual/rust"
-RDEPEND="${CDEPEND}
- ${PYTHON_DEPS}"
PATCHES=(
"${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
@@ -74,7 +73,7 @@ pkg_pretend() {
src_prepare() {
default
- sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//'
"${S}/doc/Makefile.am"
+ sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//'
"${S}/doc/Makefile.am" || die
eautoreconf
}
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: a4873f5bac8cb283f0827abfca1d44e99c383fae
Author: Marek Szuba gentoo org>
AuthorDate: Wed Mar 4 09:44:09 2020 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Mar 4 09:44:09 2020 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a4873f5b
net-analyzer/suricata: bump to 5.0.2
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 1 +
net-analyzer/suricata/suricata-5.0.2.ebuild | 198
2 files changed, 199 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index ac5ea56c85b..15bad1cad76 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1 +1,2 @@
DIST suricata-5.0.1.tar.gz 23721536 BLAKE2B
529837e8e4d6c33d2093df8208bf03519e0d60deef92eadf9d0a44b7416eae2f900b2f72349815acb86d9bdd9d4253bbc5d7c4c1a34157f544982b0788291624
SHA512
db0797a7992abf0ddf170cb603fdac06b0ff92278bb91343860bccbbe029ea0e83131dfb9805ca44bcbbe3925502119259e350a17e94209b21d1f8b610d965a6
+DIST suricata-5.0.2.tar.gz 23735393 BLAKE2B
3fd9bac597cda59cbeb3d902eccf15e4b873b56b44967a1cad9e99e041f06778ffd4f8ea1378f0df3fa84f2cabd6ac13eda7a2cb233e80a75c27bf7c4e5f7cd0
SHA512
e288f6aee9f8fafb8fa811d2c83a89a29434edc24e05542e172852dc139b9d0bb474d35ddbdc4723df04e7a8b4e70e181c822a4fb1315ba2879c3c7a5c16ef16
diff --git a/net-analyzer/suricata/suricata-5.0.2.ebuild
b/net-analyzer/suricata/suricata-5.0.2.ebuild
new file mode 100644
index 000..19940f3c9fb
--- /dev/null
+++ b/net-analyzer/suricata/suricata-5.0.2.ebuild
@@ -0,0 +1,198 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{6,7,8} )
+
+inherit autotools flag-o-matic linux-info python-single-r1 systemd
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
+HOMEPAGE="https://suricata-ids.org/;
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet bpf control-socket cuda debug +detection geoip hardened
logrotate lua luajit lz4 nflog +nfqueue redis systemd test"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ ?? ( lua luajit )
+ bpf? ( af-packet )"
+
+CDEPEND="acct-group/suricata
+ acct-user/suricata
+ dev-libs/jansson
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_MULTI_USEDEP}]
+ ')
+ >=net-libs/libhtp-0.5.32
+ net-libs/libpcap
+ sys-apps/file
+ sys-libs/libcap-ng
+ bpf?( >=dev-libs/libbpf-0.0.6 )
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/libmaxminddb )
+ logrotate? ( app-admin/logrotate )
+ lua?( dev-lang/lua:* )
+ luajit? ( dev-lang/luajit:* )
+ lz4?( app-arch/lz4 )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue?( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis )"
+DEPEND="${CDEPEND}
+ >=sys-devel/autoconf-2.69-r5
+ virtual/rust"
+RDEPEND="${CDEPEND}
+ ${PYTHON_DEPS}"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-5.0.1_configure-no-lz4-automagic.patch"
+ "${FILESDIR}/${PN}-5.0.1_default-config.patch"
+)
+
+pkg_pretend() {
+ if use bpf && use kernel_linux; then
+ if kernel_is -lt 4 15; then
+ ewarn "Kernel 4.15 or newer is necessary to use all XDP
features like the CPU redirect map"
+ fi
+
+ CONFIG_CHECK="~XDP_SOCKETS"
+ ERROR_XDP_SOCKETS="CONFIG_XDP_SOCKETS is not set, making it
impossible for Suricata will to load XDP programs. "
+ ERROR_XDP_SOCKETS+="Other eBPF features should work normally."
+ check_extra_config
+ fi
+}
+
+src_prepare() {
+ default
+ sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//'
"${S}/doc/Makefile.am"
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ "--localstatedir=/var" \
+ "--runstatedir=/run" \
+ "--enable-non-bundled-htp" \
+ "--enable-gccmarch-native=no" \
+ "--enable-python" \
+ $(use_enable af-packet) \
+ $(use_enable bpf ebpf) \
+ $(use_enable control-socket unix-socket) \
+ $(use_enable cuda) \
+ $(use_enable detection) \
+ $(use_enable geoip) \
+ $(use_enable hardened gccprotect) \
+ $(use_enable hardened pie) \
+ $(use_enable lua) \
+ $(use_enable luajit) \
+ $(use_enable lz4) \
+ $(use_enable nflog) \
+ $(use_enable
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: e079e3cc9126887c71f1cd7130157e17c1ea31ac
Author: Marek Szuba gentoo org>
AuthorDate: Wed Feb 5 15:29:31 2020 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Feb 5 15:30:35 2020 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e079e3cc
net-analyzer/suricata: build with -fno-common / gcc-10
Tried fixing the code but it turns out it would require a non-trivial
amount of changes so let's just force -fcommon. Tested using gcc-9 with
-fno-common included in CFLAGS.
Closes: https://bugs.gentoo.org/707204
Package-Manager: Portage-2.3.84, Repoman-2.3.20
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/suricata-5.0.1.ebuild | 7 +--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/suricata-5.0.1.ebuild
b/net-analyzer/suricata/suricata-5.0.1.ebuild
index 67694740597..d09d4b1a984 100644
--- a/net-analyzer/suricata/suricata-5.0.1.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.1.ebuild
@@ -1,11 +1,11 @@
-# Copyright 1999-2019 Gentoo Authors
+# Copyright 1999-2020 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
PYTHON_COMPAT=( python3_{6,7,8} )
-inherit autotools linux-info python-single-r1 systemd
+inherit autotools flag-o-matic linux-info python-single-r1 systemd
DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
HOMEPAGE="https://suricata-ids.org/;
@@ -71,6 +71,9 @@ pkg_pretend() {
}
src_prepare() {
+ # Bug #707204
+ append-cflags $(test-flags-CC -fcommon)
+
default
sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//'
"${S}/doc/Makefile.am"
eautoreconf
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/files/
commit: 4b9cd1de4a4962f4d2df2b65ff31f0ec1a97de2d
Author: Marek Szuba gentoo org>
AuthorDate: Wed Jan 22 11:48:28 2020 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Jan 22 11:50:58 2020 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4b9cd1de
net-analyzer/suricata: remove custom logrotate config
Recent versions of suricata come with official logrotate configuration
and older versions have since been removed from the tree.
Suggested-by: Michael Mair-Keimberger gmail.com>
Closes: https://github.com/gentoo/gentoo/pull/14404
Package-Manager: Portage-2.3.84, Repoman-2.3.20
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/files/suricata-logrotate | 10 --
1 file changed, 10 deletions(-)
diff --git a/net-analyzer/suricata/files/suricata-logrotate
b/net-analyzer/suricata/files/suricata-logrotate
deleted file mode 100644
index 7b22283ec7c..000
--- a/net-analyzer/suricata/files/suricata-logrotate
+++ /dev/null
@@ -1,10 +0,0 @@
-/var/log/suricata/*.log /var/log/suricata/*.json {
- rotate 3
- missingok
- nocompress
- create
- sharedscripts
- postrotate
- /etc/init.d/suricata relog
- endscript
-}
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 225a6a736d4c216d370d510a6a40c8a4f7622adf
Author: Marek Szuba gentoo org>
AuthorDate: Fri Dec 20 10:17:43 2019 +
Commit: Marek Szuba gentoo org>
CommitDate: Fri Dec 20 10:18:03 2019 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=225a6a73
net-analyzer/suricata: depend on virtual/rust, not dev-lang/rust
In other words, do not force users to build Rust from source.
Closes: https://bugs.gentoo.org/703346
Package-Manager: Portage-2.3.79, Repoman-2.3.16
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/suricata-5.0.1.ebuild | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/suricata-5.0.1.ebuild
b/net-analyzer/suricata/suricata-5.0.1.ebuild
index 1618cee4705..67694740597 100644
--- a/net-analyzer/suricata/suricata-5.0.1.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.1.ebuild
@@ -48,7 +48,7 @@ CDEPEND="acct-group/suricata
redis? ( dev-libs/hiredis )"
DEPEND="${CDEPEND}
>=sys-devel/autoconf-2.69-r5
- dev-lang/rust"
+ virtual/rust"
RDEPEND="${CDEPEND}
${PYTHON_DEPS}"
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: c8ecb922ecf5a2685f265df3d0a0536aba0ce5bf
Author: Marek Szuba gentoo org>
AuthorDate: Thu Dec 19 14:59:17 2019 +
Commit: Marek Szuba gentoo org>
CommitDate: Thu Dec 19 15:17:15 2019 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c8ecb922
net-analyzer/suricata: fix typo in postinst messages
Package-Manager: Portage-2.3.79, Repoman-2.3.16
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/suricata-5.0.1.ebuild | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net-analyzer/suricata/suricata-5.0.1.ebuild
b/net-analyzer/suricata/suricata-5.0.1.ebuild
index ecb34b71784..1618cee4705 100644
--- a/net-analyzer/suricata/suricata-5.0.1.ebuild
+++ b/net-analyzer/suricata/suricata-5.0.1.ebuild
@@ -147,7 +147,7 @@ pkg_postinst() {
if use systemd; then
elog "Suricata requires either the mode of operation (e.g.
--af-packet) or the interface to listen on (e.g. -i eth0)"
elog "to be specified on the command line. The provided systemd
unit launches Suricata in af-packet mode and relies"
- elog "on file configuration to specify interfaces, should you
prefer to run it different you will have to customise"
+ elog "on file configuration to specify interfaces, should you
prefer to run it differently you will have to customise"
elog "said unit. The simplest way of doing it is to override
the Environment=OPTIONS='...' line using a .conf file"
elog "placed in the directory
${EPREFIX}/etc/systemd/system/suricata.service.d/ ."
elog "For details, see the section on drop-in directories in
systemd.unit(5)."
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, net-analyzer/suricata/files/
commit: 4bbf99b0dbf76f352c0b123cba32cfbd90080fb3
Author: Marek Szuba gentoo org>
AuthorDate: Wed Dec 18 14:17:32 2019 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Dec 18 14:21:49 2019 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4bbf99b0
net-analyzer/suricata: bump to 5.0.1
Further clean-up of old ebuilds, tools are no longer optional, there is
now a config phase to download an initial rule set using
suricata-update.
Closes: https://bugs.gentoo.org/703184
Package-Manager: Portage-2.3.79, Repoman-2.3.16
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 1 +
net-analyzer/suricata/files/suricata-5.0.1-conf| 62 +++
net-analyzer/suricata/files/suricata-5.0.1-init| 147
...suricata-5.0.1_configure-no-lz4-automagic.patch | 23 +++
.../files/suricata-5.0.1_default-config.patch | 27 +++
net-analyzer/suricata/files/suricata.service | 2 +-
net-analyzer/suricata/files/suricata.tmpfiles | 2 +-
net-analyzer/suricata/suricata-5.0.1.ebuild| 196 +
8 files changed, 458 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 16a7c6ae731..9247b853f30 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1 +1,2 @@
DIST suricata-5.0.0.tar.gz 23689051 BLAKE2B
701625d50dacbeb846d7ea1c3aad3980969c1c0124c007d843353fe25b7e579378d2cd125db4660e33fff1f8cf20eac4bbafe280ba6ff31f988fb6c42b29b6aa
SHA512
0dc8941fdf29d615531eeda6f6076052cca79fda6dda3c96300c08b343a64a1700fd23dd83a03507009ab7c9b19c91b65ee65e704f55ddee17764b71e9e2911e
+DIST suricata-5.0.1.tar.gz 23721536 BLAKE2B
529837e8e4d6c33d2093df8208bf03519e0d60deef92eadf9d0a44b7416eae2f900b2f72349815acb86d9bdd9d4253bbc5d7c4c1a34157f544982b0788291624
SHA512
db0797a7992abf0ddf170cb603fdac06b0ff92278bb91343860bccbbe029ea0e83131dfb9805ca44bcbbe3925502119259e350a17e94209b21d1f8b610d965a6
diff --git a/net-analyzer/suricata/files/suricata-5.0.1-conf
b/net-analyzer/suricata/files/suricata-5.0.1-conf
new file mode 100644
index 000..7f22113dbf0
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata-5.0.1-conf
@@ -0,0 +1,62 @@
+# Config file for /etc/init.d/suricata*
+
+# Where config files are stored. Default:
+
+# SURICATA_DIR="/etc/suricata"
+
+# Pass options to each suricata service.
+#
+# You can launch more than one service at the same time with different options.
+# This can be useful in a multi-queue gateway, for example.
+# You can expand on the Suricata inline example found at:
+# http://suricata.readthedocs.io/en/latest/setting-up-ipsinline-for-linux.html
+# Instead of configuring iptables to send traffic to just one queue, you can
configure it to "load balance"
+# on several queues. You can then have a Suricata instance processing traffic
for each queue.
+# This should help improve performance on the gateway/firewall.
+#
+# Suppose you configured iptables to use queues 0 and 1 named q0 and q1. You
can now do the following:
+# ln -s /etc/init.d/suricata /etc/init.d/suricata.q0
+# ln -s /etc/init.d/suricata /etc/init.d/suricata.q1
+# cp /etc/suricata/suricata.yaml /etc/suricata/suricata-q0.yaml
+# cp /etc/suricata/suricata.yaml /etc/suricata/suricata-q1.yaml
+#
+# Edit both suricata-q{0,1}.yaml files and set values accordingly.
+# You can override these yaml config file names with SURICATA_CONF* below
(optional).
+# This allows you to use the same yaml config file for multiple instances as
long as you override
+# sensible options such as the log file paths.
+# SURICATA_CONF_q0="suricata-queues.yaml"
+# SURICATA_CONF_q1="suricata-queues.yaml"
+# SURICATA_CONF="suricata.yaml"
+
+# You can define the options here:
+# NB: avoid using -l, -c, --user, --group and setting
logging.outputs.1.file.filename as the init script will try to set them for you.
+
+# SURICATA_OPTS_q0="-q 0"
+# SURICATA_OPTS_q1="-q 1"
+
+# If you want to use ${SURICATA_DIR}/suricata.yaml and start the service with
/etc/init.d/suricata
+# then you can set:
+
+SURICATA_OPTS="--af-packet"
+
+# Log paths listed here will be created by the init script and will override
the log path
+# set in the yaml file, if present.
+# SURICATA_LOG_FILE_q0="/var/log/suricata/q0/suricata.log"
+# SURICATA_LOG_FILE_q1="/var/log/suricata/q1/suricata.log"
+# SURICATA_LOG_FILE="/var/log/suricata/suricata.log"
+
+# Run as user/group.
+# Do not define if you want to run as root or as the user defined in the yaml
config file (run-as).
+# The ebuild should have created the dedicated user/group suricata:suricata
for you to specify here below.
+# SURICATA_USER_q0="suricata"
+# SURICATA_GROUP_q0="suricata"
+# SURICATA_USER_q1="suricata"
+# SURICATA_GROUP_q1="suricata"
+# SURICATA_USER="suricata"
+# SURICATA_GROUP="suricata"
+
+# Suricata processes can take a long time to shut down.
+# If necessary, adjust timeout in seconds to be used when calling stop from
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/files/, net-analyzer/suricata/
commit: eab781daa429d8d9cb5cd1a1d8baefcae4afbffc
Author: Marek Szuba gentoo org>
AuthorDate: Wed Dec 18 14:20:18 2019 +
Commit: Marek Szuba gentoo org>
CommitDate: Wed Dec 18 14:21:52 2019 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eab781da
net-analyzer/suricata: remove old
Package-Manager: Portage-2.3.79, Repoman-2.3.16
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 1 -
net-analyzer/suricata/files/suricata-5.0.0-conf| 62 ---
net-analyzer/suricata/files/suricata-5.0.0-init| 147
.../files/suricata-5.0.0_configure-lua-flags.patch | 16 --
...suricata-5.0.0_configure-no-lz4-automagic.patch | 23 ---
.../files/suricata-5.0.0_default-config.patch | 61 ---
net-analyzer/suricata/metadata.xml | 2 -
net-analyzer/suricata/suricata-5.0.0.ebuild| 185 -
8 files changed, 497 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 9247b853f30..ac5ea56c85b 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1 @@
-DIST suricata-5.0.0.tar.gz 23689051 BLAKE2B
701625d50dacbeb846d7ea1c3aad3980969c1c0124c007d843353fe25b7e579378d2cd125db4660e33fff1f8cf20eac4bbafe280ba6ff31f988fb6c42b29b6aa
SHA512
0dc8941fdf29d615531eeda6f6076052cca79fda6dda3c96300c08b343a64a1700fd23dd83a03507009ab7c9b19c91b65ee65e704f55ddee17764b71e9e2911e
DIST suricata-5.0.1.tar.gz 23721536 BLAKE2B
529837e8e4d6c33d2093df8208bf03519e0d60deef92eadf9d0a44b7416eae2f900b2f72349815acb86d9bdd9d4253bbc5d7c4c1a34157f544982b0788291624
SHA512
db0797a7992abf0ddf170cb603fdac06b0ff92278bb91343860bccbbe029ea0e83131dfb9805ca44bcbbe3925502119259e350a17e94209b21d1f8b610d965a6
diff --git a/net-analyzer/suricata/files/suricata-5.0.0-conf
b/net-analyzer/suricata/files/suricata-5.0.0-conf
deleted file mode 100644
index 655b947fdd9..000
--- a/net-analyzer/suricata/files/suricata-5.0.0-conf
+++ /dev/null
@@ -1,62 +0,0 @@
-# Config file for /etc/init.d/suricata*
-
-# Where config files are stored. Default:
-
-# SURICATA_DIR="/etc/suricata"
-
-# Pass options to each suricata service.
-#
-# You can launch more than one service at the same time with different options.
-# This can be useful in a multi-queue gateway, for example.
-# You can expand on the Suricata inline example found at:
-# http://suricata.readthedocs.io/en/latest/setting-up-ipsinline-for-linux.html
-# Instead of configuring iptables to send traffic to just one queue, you can
configure it to "load balance"
-# on several queues. You can then have a Suricata instance processing traffic
for each queue.
-# This should help improve performance on the gateway/firewall.
-#
-# Suppose you configured iptables to use queues 0 and 1 named q0 and q1. You
can now do the following:
-# ln -s /etc/init.d/suricata /etc/init.d/suricata.q0
-# ln -s /etc/init.d/suricata /etc/init.d/suricata.q1
-# cp /etc/suricata/suricata.yaml /etc/suricata/suricata-q0.yaml
-# cp /etc/suricata/suricata.yaml /etc/suricata/suricata-q1.yaml
-#
-# Edit both suricata-q{0,1}.yaml files and set values accordingly.
-# You can override these yaml config file names with SURICATA_CONF* below
(optional).
-# This allows you to use the same yaml config file for multiple instances as
long as you override
-# sensible options such as the log file paths.
-# SURICATA_CONF_q0="suricata-queues.yaml"
-# SURICATA_CONF_q1="suricata-queues.yaml"
-# SURICATA_CONF="suricata.yaml"
-
-# You can define the options here:
-# NB: avoid using -l, -c, --user, --group and setting
logging.outputs.1.file.filename as the init script will try to set them for you.
-
-# SURICATA_OPTS_q0="-q 0"
-# SURICATA_OPTS_q1="-q 1"
-
-# If you want to use ${SURICATA_DIR}/suricata.yaml and start the service with
/etc/init.d/suricata
-# then you can set:
-
-SURICATA_OPTS="-i eth0"
-
-# Log paths listed here will be created by the init script and will override
the log path
-# set in the yaml file, if present.
-# SURICATA_LOG_FILE_q0="/var/log/suricata/q0/suricata.log"
-# SURICATA_LOG_FILE_q1="/var/log/suricata/q1/suricata.log"
-# SURICATA_LOG_FILE="/var/log/suricata/suricata.log"
-
-# Run as user/group.
-# Do not define if you want to run as root or as the user defined in the yaml
config file (run-as).
-# The ebuild should have created the dedicated user/group suricata:suricata
for you to specify here below.
-# SURICATA_USER_q0="suricata"
-# SURICATA_GROUP_q0="suricata"
-# SURICATA_USER_q1="suricata"
-# SURICATA_GROUP_q1="suricata"
-# SURICATA_USER="suricata"
-# SURICATA_GROUP="suricata"
-
-# Suricata processes can take a long time to shut down.
-# If necessary, adjust timeout in seconds to be used when calling stop from
the init script.
-# Examples:
-# SURICATA_MAX_WAIT_ON_STOP="300"
-# SURICATA_MAX_WAIT_ON_STOP="SIGTERM/30"
diff --git a/net-analyzer/suricata/files/suricata-5.0.0-init
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/files/
commit: 53159693f527b217acadfb345933d9fd16c46e2c Author: Marek Szuba gentoo org> AuthorDate: Tue Dec 17 00:16:19 2019 + Commit: Marek Szuba gentoo org> CommitDate: Tue Dec 17 00:16:19 2019 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=53159693 net-analyzer/suricata: tweak the systemd unit a bit Some of the ideas I picked up from https://gist.github.com/stupidpupil/4edcbe2046b3b22c81c606efee0492d7 do not quite work at present, namely: - limiting capabilities to CAP_NET_ADMIN causes problems e.g. when switching to an unprivileged user or while trying to load eBPF files. Just get rid of it; - suricata can now be launched just fine without Type=forking. Moreover, /run is now used instead of /var/run in the unit file so that systemd doesn't complain about the use of legacy paths. No revbump because even the updated unit does not run out of the box due to specifying neither an interface nor a mode of operations on the command line. Package-Manager: Portage-2.3.79, Repoman-2.3.16 Signed-off-by: Marek Szuba gentoo.org> net-analyzer/suricata/files/suricata.service | 8 +++- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/net-analyzer/suricata/files/suricata.service b/net-analyzer/suricata/files/suricata.service index 5e617388018..294ec637348 100644 --- a/net-analyzer/suricata/files/suricata.service +++ b/net-analyzer/suricata/files/suricata.service @@ -6,11 +6,9 @@ Documentation=man:suricata(8) man:suricatasc(8) Documentation=https://redmine.openinfosecfoundation.org/projects/suricata/wiki [Service] -Type=forking -Environment=OPTIONS='-c /etc/suricata/suricata.yaml' -CapabilityBoundingSet=CAP_NET_ADMIN -PIDFile=/var/run/suricata/suricata.pid -ExecStart=/usr/bin/suricata --pidfile /var/run/suricata/suricata.pid $OPTIONS +Environment=OPTIONS='-c /etc/suricata/suricata.yaml --af-packet' +PIDFile=/run/suricata/suricata.pid +ExecStart=/usr/bin/suricata --pidfile /run/suricata/suricata.pid $OPTIONS ExecReload=/bin/kill -HUP $MAINPID ExecStop=/bin/kill $MAINPID PrivateTmp=yes
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/files/, net-analyzer/suricata/
commit: f3fe5e0ccbcf0af56e2d7e0c2c6231a2026df2f9
Author: Marek Szuba gentoo org>
AuthorDate: Mon Dec 16 18:10:25 2019 +
Commit: Marek Szuba gentoo org>
CommitDate: Mon Dec 16 18:10:25 2019 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f3fe5e0c
net-analyzer/suricata: remove vulnerable 4.0.4
Bug: https://bugs.gentoo.org/690196
Bug: https://bugs.gentoo.org/686428
Package-Manager: Portage-2.3.79, Repoman-2.3.16
Signed-off-by: Marek Szuba gentoo.org>
net-analyzer/suricata/Manifest | 1 -
.../files/suricata-4.0.4_configure-lua-flags.patch | 16 --
.../suricata/files/suricata-4.0.4_sockios.patch| 13 --
.../{suricata-4.0.4-conf => suricata-5.0.0-conf} | 0
.../{suricata-4.0.4-init => suricata-5.0.0-init} | 0
net-analyzer/suricata/suricata-4.0.4.ebuild| 171 -
net-analyzer/suricata/suricata-5.0.0.ebuild| 4 +-
7 files changed, 2 insertions(+), 203 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 72532b86510..16a7c6ae731 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1 @@
-DIST suricata-4.0.4.tar.gz 12511121 BLAKE2B
d9dfb00a45c2e9810409a8ce91a83e23ebce20eb28492bf24f9688d292b5805dca932c39cc673cf1148325fe5ef7936dda7f6c7819605753cb2e2ddc1cf5dba0
SHA512
6e158aa6d3edb9d11e0df3f986392ee2ae49ab4dfb978288ced4484dbe5c08ae061db2a566be6d22cf14bd0b88f87f9cb9c0a657d7fc44e099b8783d933c771e
DIST suricata-5.0.0.tar.gz 23689051 BLAKE2B
701625d50dacbeb846d7ea1c3aad3980969c1c0124c007d843353fe25b7e579378d2cd125db4660e33fff1f8cf20eac4bbafe280ba6ff31f988fb6c42b29b6aa
SHA512
0dc8941fdf29d615531eeda6f6076052cca79fda6dda3c96300c08b343a64a1700fd23dd83a03507009ab7c9b19c91b65ee65e704f55ddee17764b71e9e2911e
diff --git
a/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch
b/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch
deleted file mode 100644
index bad66359afa..000
--- a/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch
+++ /dev/null
@@ -1,16 +0,0 @@
a/configure.ac
-+++ b/configure.ac
-@@ -1749,11 +1749,11 @@
- # liblua
- AC_ARG_ENABLE(lua,
- AS_HELP_STRING([--enable-lua],[Enable Lua support]),
-- [ enable_lua="yes"],
-+ [],
- [ enable_lua="no"])
- AC_ARG_ENABLE(luajit,
- AS_HELP_STRING([--enable-luajit],[Enable Luajit support]),
-- [ enable_luajit="yes"],
-+ [],
- [ enable_luajit="no"])
- if test "$enable_lua" = "yes"; then
- if test "$enable_luajit" = "yes"; then
diff --git a/net-analyzer/suricata/files/suricata-4.0.4_sockios.patch
b/net-analyzer/suricata/files/suricata-4.0.4_sockios.patch
deleted file mode 100644
index a341d9c159f..000
--- a/net-analyzer/suricata/files/suricata-4.0.4_sockios.patch
+++ /dev/null
@@ -1,13 +0,0 @@
src/source-af-packet.c.orig2019-09-08 20:50:06.416466432 +0200
-+++ src/source-af-packet.c 2019-09-08 20:53:26.144471385 +0200
-@@ -70,6 +70,10 @@
-
- #ifdef HAVE_AF_PACKET
-
-+#ifdef HAVE_LINUX_SOCKIOS_H
-+#include
-+#endif
-+
- #if HAVE_SYS_IOCTL_H
- #include
- #endif
diff --git a/net-analyzer/suricata/files/suricata-4.0.4-conf
b/net-analyzer/suricata/files/suricata-5.0.0-conf
similarity index 100%
rename from net-analyzer/suricata/files/suricata-4.0.4-conf
rename to net-analyzer/suricata/files/suricata-5.0.0-conf
diff --git a/net-analyzer/suricata/files/suricata-4.0.4-init
b/net-analyzer/suricata/files/suricata-5.0.0-init
similarity index 100%
rename from net-analyzer/suricata/files/suricata-4.0.4-init
rename to net-analyzer/suricata/files/suricata-5.0.0-init
diff --git a/net-analyzer/suricata/suricata-4.0.4.ebuild
b/net-analyzer/suricata/suricata-4.0.4.ebuild
deleted file mode 100644
index 2ea320ca46b..000
--- a/net-analyzer/suricata/suricata-4.0.4.ebuild
+++ /dev/null
@@ -1,171 +0,0 @@
-# Copyright 1999-2019 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-
-inherit autotools eutils user
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
-HOMEPAGE="https://suricata-ids.org/;
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet control-socket cuda debug +detection geoip hardened logrotate
lua luajit nflog +nfqueue redis +rules test"
-RESTRICT="!test? ( test )"
-
-DEPEND="
- >=dev-libs/jansson-2.2
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- >=net-libs/libhtp-0.5.20
- net-libs/libpcap
- sys-apps/file
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/geoip )
- lua?( dev-lang/lua:* )
- luajit? (
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: c1210bc476d8126c337aa416fb8018377e8a0490 Author: Marek Szuba gentoo org> AuthorDate: Mon Dec 16 15:58:12 2019 + Commit: Marek Szuba gentoo org> CommitDate: Mon Dec 16 16:05:09 2019 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c1210bc4 net-analyzer/suricata: add self to the list of maintainers Package-Manager: Portage-2.3.79, Repoman-2.3.16 Signed-off-by: Marek Szuba gentoo.org> net-analyzer/suricata/metadata.xml | 4 1 file changed, 4 insertions(+) diff --git a/net-analyzer/suricata/metadata.xml b/net-analyzer/suricata/metadata.xml index bc25d72f088..cc49d0aa09f 100644 --- a/net-analyzer/suricata/metadata.xml +++ b/net-analyzer/suricata/metadata.xml @@ -4,6 +4,10 @@ s...@gentoo.org + +mare...@gentoo.org +Marek Szuba + Enable AF_PACKET support Enable support for eBPF (as well as XDP if supported by the kernel and the NIC driver)
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, net-analyzer/suricata/files/
commit: da28437322994c655e77d94dcd82d01d575fce58 Author: Marek Szuba gentoo org> AuthorDate: Mon Dec 16 15:56:33 2019 + Commit: Marek Szuba gentoo org> CommitDate: Mon Dec 16 16:05:06 2019 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=da284373 net-analyzer/suricata: bump to 5.0.0 and EAPI 7 Package-Manager: Portage-2.3.79, Repoman-2.3.16 Signed-off-by: Marek Szuba gentoo.org> net-analyzer/suricata/Manifest | 1 + .../files/suricata-5.0.0_configure-lua-flags.patch | 16 ++ ...suricata-5.0.0_configure-no-lz4-automagic.patch | 23 +++ .../files/suricata-5.0.0_default-config.patch | 61 +++ net-analyzer/suricata/files/suricata.service | 21 +++ net-analyzer/suricata/files/suricata.tmpfiles | 1 + net-analyzer/suricata/metadata.xml | 6 +- net-analyzer/suricata/suricata-5.0.0.ebuild| 185 + 8 files changed, 313 insertions(+), 1 deletion(-) diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest index fe67675774d..72532b86510 100644 --- a/net-analyzer/suricata/Manifest +++ b/net-analyzer/suricata/Manifest @@ -1 +1,2 @@ DIST suricata-4.0.4.tar.gz 12511121 BLAKE2B d9dfb00a45c2e9810409a8ce91a83e23ebce20eb28492bf24f9688d292b5805dca932c39cc673cf1148325fe5ef7936dda7f6c7819605753cb2e2ddc1cf5dba0 SHA512 6e158aa6d3edb9d11e0df3f986392ee2ae49ab4dfb978288ced4484dbe5c08ae061db2a566be6d22cf14bd0b88f87f9cb9c0a657d7fc44e099b8783d933c771e +DIST suricata-5.0.0.tar.gz 23689051 BLAKE2B 701625d50dacbeb846d7ea1c3aad3980969c1c0124c007d843353fe25b7e579378d2cd125db4660e33fff1f8cf20eac4bbafe280ba6ff31f988fb6c42b29b6aa SHA512 0dc8941fdf29d615531eeda6f6076052cca79fda6dda3c96300c08b343a64a1700fd23dd83a03507009ab7c9b19c91b65ee65e704f55ddee17764b71e9e2911e diff --git a/net-analyzer/suricata/files/suricata-5.0.0_configure-lua-flags.patch b/net-analyzer/suricata/files/suricata-5.0.0_configure-lua-flags.patch new file mode 100644 index 000..be956fd94d4 --- /dev/null +++ b/net-analyzer/suricata/files/suricata-5.0.0_configure-lua-flags.patch @@ -0,0 +1,16 @@ +--- a/configure.ac b/configure.ac +@@ -1749,11 +1749,11 @@ + # liblua + AC_ARG_ENABLE(lua, + AS_HELP_STRING([--enable-lua],[Enable Lua support]), +- [ enable_lua="$enableval"], ++ [], + [ enable_lua="no"]) + AC_ARG_ENABLE(luajit, + AS_HELP_STRING([--enable-luajit],[Enable Luajit support]), +- [ enable_luajit="$enableval"], ++ [], + [ enable_luajit="no"]) + if test "$enable_lua" = "yes"; then + if test "$enable_luajit" = "yes"; then diff --git a/net-analyzer/suricata/files/suricata-5.0.0_configure-no-lz4-automagic.patch b/net-analyzer/suricata/files/suricata-5.0.0_configure-no-lz4-automagic.patch new file mode 100644 index 000..5efce46f6d9 --- /dev/null +++ b/net-analyzer/suricata/files/suricata-5.0.0_configure-no-lz4-automagic.patch @@ -0,0 +1,23 @@ +--- a/configure.ac b/configure.ac +@@ -2292,7 +2292,11 @@ + fi + + # Check for lz4 +-enable_liblz4="yes" ++AC_ARG_ENABLE(lz4, ++ AS_HELP_STRING([--enable-lz4], [Enable compressed pcap logging using liblz4]), ++ [enable_liblz4=$enableval], ++ [enable_liblz4=yes]) ++if test "x$enable_liblz4" != "xno"; then + AC_CHECK_LIB(lz4, LZ4F_createCompressionContext, , enable_liblz4="no") + + if test "$enable_liblz4" = "no"; then +@@ -2306,6 +2310,7 @@ + echo " yum install lz4-devel" + echo + fi ++fi + + # get cache line size + AC_PATH_PROG(HAVE_GETCONF_CMD, getconf, "no") diff --git a/net-analyzer/suricata/files/suricata-5.0.0_default-config.patch b/net-analyzer/suricata/files/suricata-5.0.0_default-config.patch new file mode 100644 index 000..07a45c9a574 --- /dev/null +++ b/net-analyzer/suricata/files/suricata-5.0.0_default-config.patch @@ -0,0 +1,61 @@ +--- a/suricata.yaml.in b/suricata.yaml.in +@@ -203,8 +203,9 @@ + # https://suricata.readthedocs.io/en/latest/output/eve/eve-json-output.html#dns-v1-format + + # As of Suricata 5.0, version 2 of the eve dns output +-# format is the default. +-#version: 2 ++# format is the default - but the daemon produces a warning to that effect ++# at start-up if this isn't explicitly set. ++version: 2 + + # Enable/disable this logger. Default: enabled. + #enabled: yes +@@ -978,9 +979,9 @@ + ## + + # Run suricata as user and group. +-#run-as: +-# user: suri +-# group: suri ++run-as: ++ user: suricata ++ group: suricata + + # Some logging module will use that name in event as identifier. The default + # value is the hostname +@@ -1806,16 +1807,28 @@ + hashmode: hash5tuplesorted + + ## +-## Configure Suricata to load Suricata-Update managed rules. +-## +-## If this section is completely commented out move
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, net-analyzer/suricata/files/
commit: bbf4c30078e27adf7f6af90223cf03a333b2eb28
Author: Slawomir Lis gentoo org>
AuthorDate: Sun Sep 8 19:02:22 2019 +
Commit: Slawek Lis gentoo org>
CommitDate: Sun Sep 8 19:24:41 2019 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bbf4c300
net-analyzer/suricata: Updated init.d and conf.d default pathes
Package-Manager: Portage-2.3.75, Repoman-2.3.17
Signed-off-by: Slawek Lis gentoo.org>
.../suricata/files/{suricata-4.0.3-conf => suricata-4.0.4-conf} | 0
.../suricata/files/{suricata-4.0.3-init => suricata-4.0.4-init} | 2 +-
net-analyzer/suricata/suricata-4.0.4.ebuild | 4 ++--
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/net-analyzer/suricata/files/suricata-4.0.3-conf
b/net-analyzer/suricata/files/suricata-4.0.4-conf
similarity index 100%
rename from net-analyzer/suricata/files/suricata-4.0.3-conf
rename to net-analyzer/suricata/files/suricata-4.0.4-conf
diff --git a/net-analyzer/suricata/files/suricata-4.0.3-init
b/net-analyzer/suricata/files/suricata-4.0.4-init
similarity index 99%
rename from net-analyzer/suricata/files/suricata-4.0.3-init
rename to net-analyzer/suricata/files/suricata-4.0.4-init
index f54ba3a5e23..1db8137f31a 100644
--- a/net-analyzer/suricata/files/suricata-4.0.3-init
+++ b/net-analyzer/suricata/files/suricata-4.0.4-init
@@ -1,5 +1,5 @@
#!/sbin/openrc-run
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
SURICATA_BIN=/usr/bin/suricata
diff --git a/net-analyzer/suricata/suricata-4.0.4.ebuild
b/net-analyzer/suricata/suricata-4.0.4.ebuild
index f476bfe2ae2..eea47cd01bd 100644
--- a/net-analyzer/suricata/suricata-4.0.4.ebuild
+++ b/net-analyzer/suricata/suricata-4.0.4.ebuild
@@ -131,8 +131,8 @@ src_install() {
fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
- newinitd "${FILESDIR}/${PN}-4.0.3-init" ${PN}
- newconfd "${FILESDIR}/${PN}-4.0.3-conf" ${PN}
+ newinitd "${FILESDIR}/${P}-init" ${PN}
+ newconfd "${FILESDIR}/${P}-conf" ${PN}
if use logrotate; then
insopts -m0644
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 31be0335f7697f18ac28a8364636f1b0c0635f44
Author: Slawomir Lis gentoo org>
AuthorDate: Sun Sep 8 19:20:10 2019 +
Commit: Slawek Lis gentoo org>
CommitDate: Sun Sep 8 19:24:42 2019 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=31be0335
net-analyzer/suricata: fixed installations warnings
Package-Manager: Portage-2.3.75, Repoman-2.3.17
Signed-off-by: Slawek Lis gentoo.org>
net-analyzer/suricata/suricata-4.0.4.ebuild | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/suricata-4.0.4.ebuild
b/net-analyzer/suricata/suricata-4.0.4.ebuild
index eea47cd01bd..98ed94d5b7d 100644
--- a/net-analyzer/suricata/suricata-4.0.4.ebuild
+++ b/net-analyzer/suricata/suricata-4.0.4.ebuild
@@ -48,6 +48,7 @@ pkg_setup() {
src_prepare() {
epatch "${FILESDIR}/${P}_configure-lua-flags.patch"
epatch "${FILESDIR}/${P}_sockios.patch"
+ sed -ie 's/docdir =.*/docdir = ${datarootdir}\/doc\/'${PF}'\//'
"${S}/doc/Makefile.am"
eautoreconf
}
@@ -125,8 +126,8 @@ src_install() {
doins rules/*.rules
fi
- dodir "/var/lib/${PN}"
- dodir "/var/log/${PN}"
+ keepdir "/var/lib/${PN}"
+ keepdir "/var/log/${PN}"
fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/files/, net-analyzer/suricata/
commit: dc1b127212527643b0346fe711558136bfc25ad0
Author: Slawomir Lis gentoo org>
AuthorDate: Sun Sep 8 18:58:59 2019 +
Commit: Slawek Lis gentoo org>
CommitDate: Sun Sep 8 19:24:40 2019 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dc1b1272
net-analyzer/suricata: fixed build error related with SIOCGSTAMP
Closes: https://bugs.gentoo.org/692546
Package-Manager: Portage-2.3.75, Repoman-2.3.17
Signed-off-by: Slawek Lis gentoo.org>
net-analyzer/suricata/files/suricata-4.0.4_sockios.patch | 13 +
net-analyzer/suricata/suricata-4.0.4.ebuild | 5 +++--
2 files changed, 16 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/files/suricata-4.0.4_sockios.patch
b/net-analyzer/suricata/files/suricata-4.0.4_sockios.patch
new file mode 100644
index 000..a341d9c159f
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata-4.0.4_sockios.patch
@@ -0,0 +1,13 @@
+--- src/source-af-packet.c.orig2019-09-08 20:50:06.416466432 +0200
src/source-af-packet.c 2019-09-08 20:53:26.144471385 +0200
+@@ -70,6 +70,10 @@
+
+ #ifdef HAVE_AF_PACKET
+
++#ifdef HAVE_LINUX_SOCKIOS_H
++#include
++#endif
++
+ #if HAVE_SYS_IOCTL_H
+ #include
+ #endif
diff --git a/net-analyzer/suricata/suricata-4.0.4.ebuild
b/net-analyzer/suricata/suricata-4.0.4.ebuild
index 2622dccdb3b..f476bfe2ae2 100644
--- a/net-analyzer/suricata/suricata-4.0.4.ebuild
+++ b/net-analyzer/suricata/suricata-4.0.4.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=5
@@ -46,7 +46,8 @@ pkg_setup() {
}
src_prepare() {
- epatch "${FILESDIR}"/${P}_configure-lua-flags.patch
+ epatch "${FILESDIR}/${P}_configure-lua-flags.patch"
+ epatch "${FILESDIR}/${P}_sockios.patch"
eautoreconf
}
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 5073a26b023b9b579b550c2d92fe949d9dbda2a5
Author: Marek Szuba gentoo org>
AuthorDate: Mon Jun 11 14:03:15 2018 +
Commit: Marek Szuba gentoo org>
CommitDate: Mon Jun 11 14:04:06 2018 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5073a26b
net-analyzer/suricata: remove vulnerable 4.0.3
Bug: https://bugs.gentoo.org/647664
Package-Manager: Portage-2.3.40, Repoman-2.3.9
net-analyzer/suricata/Manifest | 1 -
net-analyzer/suricata/suricata-4.0.3.ebuild | 167
2 files changed, 168 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index cc70d0f7283..fe67675774d 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,2 +1 @@
-DIST suricata-4.0.3.tar.gz 12392388 BLAKE2B
9b6338b343ff85f070d61608ff9dc7f25df868fdffbc13b5a8d245cb3db5cd757cb1785c827c388653b2f8a7977129259671900bc1abfebeb878a668b4058bdf
SHA512
aa6b6d1ae86efad0184ba4fa06375f34334e07c22b7b1f82bf17fcb0ae48ad7f867bced57ab4f713de01583965e1260cb82e1355f78002071b6893b53892
DIST suricata-4.0.4.tar.gz 12511121 BLAKE2B
d9dfb00a45c2e9810409a8ce91a83e23ebce20eb28492bf24f9688d292b5805dca932c39cc673cf1148325fe5ef7936dda7f6c7819605753cb2e2ddc1cf5dba0
SHA512
6e158aa6d3edb9d11e0df3f986392ee2ae49ab4dfb978288ced4484dbe5c08ae061db2a566be6d22cf14bd0b88f87f9cb9c0a657d7fc44e099b8783d933c771e
diff --git a/net-analyzer/suricata/suricata-4.0.3.ebuild
b/net-analyzer/suricata/suricata-4.0.3.ebuild
deleted file mode 100644
index 501a7c7a03a..000
--- a/net-analyzer/suricata/suricata-4.0.3.ebuild
+++ /dev/null
@@ -1,167 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-
-inherit autotools eutils user
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
-HOMEPAGE="https://suricata-ids.org/;
-SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet control-socket cuda debug +detection geoip hardened logrotate
lua luajit nflog +nfqueue redis +rules test"
-
-DEPEND="
- >=dev-libs/jansson-2.2
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- >=net-libs/libhtp-0.5.20
- net-libs/libpcap
- sys-apps/file
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/geoip )
- lua?( dev-lang/lua:* )
- luajit? ( dev-lang/luajit:* )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue?( net-libs/libnetfilter_queue )
- redis? ( dev-libs/hiredis )
- logrotate? ( app-admin/logrotate )
- sys-libs/libcap-ng
-"
-# #446814
-# prelude?( dev-libs/libprelude )
-# pfring? ( sys-process/numactl net-libs/pf_ring)
-RDEPEND="${DEPEND}"
-
-pkg_setup() {
- enewgroup ${PN}
- enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
-}
-
-src_prepare() {
- eautoreconf
-}
-
-src_configure() {
- local myeconfargs=(
- "--localstatedir=/var/" \
- "--enable-non-bundled-htp" \
- $(use_enable af-packet) \
- $(use_enable detection) \
- $(use_enable nfqueue) \
- $(use_enable test coccinelle) \
- $(use_enable test unittests) \
- $(use_enable control-socket unix-socket)
- )
-
- if use cuda ; then
- myeconfargs+=( $(use_enable cuda) )
- fi
- if use geoip ; then
- myeconfargs+=( $(use_enable geoip) )
- fi
- if use hardened ; then
- myeconfargs+=( $(use_enable hardened gccprotect) )
- fi
- if use nflog ; then
- myeconfargs+=( $(use_enable nflog) )
- fi
- if use redis ; then
- myeconfargs+=( $(use_enable redis hiredis) )
- fi
- # not supported yet (no pfring in portage)
-# if use pfring ; then
-# myeconfargs+=( $(use_enable pfring) )
-# fi
- # no libprelude in portage
-# if use prelude ; theng
-# myeconfargs+=( $(use_enable prelude) )
-# fi
- if use lua ; then
- myeconfargs+=( $(use_enable lua) )
- fi
- if use luajit ; then
- myeconfargs+=( $(use_enable luajit) )
- fi
- if (use !lua) && (use !luajit) ; then
- myeconfargs+=(
- --disable-lua
- --disable-luajit
- )
- fi
-
-# this should be used when pf_ring use flag support will be added
-# LIBS+="-lrt -lnuma"
-
- # avoid upstream configure script trying to add -march=native to CFLAGS
- myeconfargs+=( --enable-gccmarch-native=no )
-
- if use debug ; then
- myeconfargs+=( $(use_enable debug) )
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, net-analyzer/suricata/files/
commit: c35f490c5944f47bdcc633d70056ee8f433c3a44
Author: Marek Szuba gentoo org>
AuthorDate: Mon Jun 11 14:02:10 2018 +
Commit: Marek Szuba gentoo org>
CommitDate: Mon Jun 11 14:04:06 2018 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c35f490c
net-analyzer/suricata: bump to 4.0.4 + fix Lua USE flags
Invoking maintainer timeout on both issues.
Closes: https://bugs.gentoo.org/652344
Package-Manager: Portage-2.3.40, Repoman-2.3.9
net-analyzer/suricata/Manifest | 1 +
.../files/suricata-4.0.4_configure-lua-flags.patch | 16 ++
net-analyzer/suricata/suricata-4.0.4.ebuild| 168 +
3 files changed, 185 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index b3ab446f9d9..cc70d0f7283 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1 +1,2 @@
DIST suricata-4.0.3.tar.gz 12392388 BLAKE2B
9b6338b343ff85f070d61608ff9dc7f25df868fdffbc13b5a8d245cb3db5cd757cb1785c827c388653b2f8a7977129259671900bc1abfebeb878a668b4058bdf
SHA512
aa6b6d1ae86efad0184ba4fa06375f34334e07c22b7b1f82bf17fcb0ae48ad7f867bced57ab4f713de01583965e1260cb82e1355f78002071b6893b53892
+DIST suricata-4.0.4.tar.gz 12511121 BLAKE2B
d9dfb00a45c2e9810409a8ce91a83e23ebce20eb28492bf24f9688d292b5805dca932c39cc673cf1148325fe5ef7936dda7f6c7819605753cb2e2ddc1cf5dba0
SHA512
6e158aa6d3edb9d11e0df3f986392ee2ae49ab4dfb978288ced4484dbe5c08ae061db2a566be6d22cf14bd0b88f87f9cb9c0a657d7fc44e099b8783d933c771e
diff --git
a/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch
b/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch
new file mode 100644
index 000..bad66359afa
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata-4.0.4_configure-lua-flags.patch
@@ -0,0 +1,16 @@
+--- a/configure.ac
b/configure.ac
+@@ -1749,11 +1749,11 @@
+ # liblua
+ AC_ARG_ENABLE(lua,
+ AS_HELP_STRING([--enable-lua],[Enable Lua support]),
+- [ enable_lua="yes"],
++ [],
+ [ enable_lua="no"])
+ AC_ARG_ENABLE(luajit,
+ AS_HELP_STRING([--enable-luajit],[Enable Luajit support]),
+- [ enable_luajit="yes"],
++ [],
+ [ enable_luajit="no"])
+ if test "$enable_lua" = "yes"; then
+ if test "$enable_luajit" = "yes"; then
diff --git a/net-analyzer/suricata/suricata-4.0.4.ebuild
b/net-analyzer/suricata/suricata-4.0.4.ebuild
new file mode 100644
index 000..2622dccdb3b
--- /dev/null
+++ b/net-analyzer/suricata/suricata-4.0.4.ebuild
@@ -0,0 +1,168 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=5
+
+inherit autotools eutils user
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
+HOMEPAGE="https://suricata-ids.org/;
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet control-socket cuda debug +detection geoip hardened logrotate
lua luajit nflog +nfqueue redis +rules test"
+
+DEPEND="
+ >=dev-libs/jansson-2.2
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ >=net-libs/libhtp-0.5.20
+ net-libs/libpcap
+ sys-apps/file
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/geoip )
+ lua?( dev-lang/lua:* )
+ luajit? ( dev-lang/luajit:* )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue?( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis )
+ logrotate? ( app-admin/logrotate )
+ sys-libs/libcap-ng
+"
+# #446814
+# prelude?( dev-libs/libprelude )
+# pfring? ( sys-process/numactl net-libs/pf_ring)
+RDEPEND="${DEPEND}"
+
+pkg_setup() {
+ enewgroup ${PN}
+ enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
+}
+
+src_prepare() {
+ epatch "${FILESDIR}"/${P}_configure-lua-flags.patch
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ "--localstatedir=/var/" \
+ "--enable-non-bundled-htp" \
+ $(use_enable af-packet) \
+ $(use_enable detection) \
+ $(use_enable nfqueue) \
+ $(use_enable test coccinelle) \
+ $(use_enable test unittests) \
+ $(use_enable control-socket unix-socket)
+ )
+
+ if use cuda ; then
+ myeconfargs+=( $(use_enable cuda) )
+ fi
+ if use geoip ; then
+ myeconfargs+=( $(use_enable geoip) )
+ fi
+ if use hardened ; then
+ myeconfargs+=( $(use_enable hardened gccprotect) )
+ fi
+ if use nflog ; then
+ myeconfargs+=( $(use_enable nflog) )
+ fi
+
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 0cd38eeec9f055befc5e16d1b714252905eb387c
Author: Michael Mair-Keimberger gmail com>
AuthorDate: Sun Jun 3 09:27:21 2018 +
Commit: Aaron Bauman gentoo org>
CommitDate: Sun Jun 3 13:48:19 2018 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0cd38eee
net-analyzer/suricata: use HTTPs
net-analyzer/suricata/suricata-4.0.3.ebuild | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/suricata-4.0.3.ebuild
b/net-analyzer/suricata/suricata-4.0.3.ebuild
index 19c4e17ebb2..501a7c7a03a 100644
--- a/net-analyzer/suricata/suricata-4.0.3.ebuild
+++ b/net-analyzer/suricata/suricata-4.0.3.ebuild
@@ -6,8 +6,8 @@ EAPI=5
inherit autotools eutils user
DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
-HOMEPAGE="http://suricata-ids.org/;
-SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz;
+HOMEPAGE="https://suricata-ids.org/;
+SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz;
LICENSE="GPL-2"
SLOT="0"
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 2e6b7a4b972c110a62877daf862231eb99c08c1f
Author: Slawomir Lis gentoo org>
AuthorDate: Fri May 11 07:40:16 2018 +
Commit: Slawek Lis gentoo org>
CommitDate: Fri May 11 07:43:27 2018 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2e6b7a4b
net-analyzer/suricata: fixed problems with compilation
Fixed problems with compilation using lua and luajit
Package-Manager: Portage-2.3.36, Repoman-2.3.9
net-analyzer/suricata/suricata-4.0.3.ebuild | 19 +--
1 file changed, 9 insertions(+), 10 deletions(-)
diff --git a/net-analyzer/suricata/suricata-4.0.3.ebuild
b/net-analyzer/suricata/suricata-4.0.3.ebuild
index e501c9c775b..19c4e17ebb2 100644
--- a/net-analyzer/suricata/suricata-4.0.3.ebuild
+++ b/net-analyzer/suricata/suricata-4.0.3.ebuild
@@ -27,10 +27,8 @@ DEPEND="
sys-apps/file
cuda? ( dev-util/nvidia-cuda-toolkit )
geoip? ( dev-libs/geoip )
- lua? (
- !luajit? ( dev-lang/lua:* )
- luajit? ( dev-lang/luajit:* )
- )
+ lua?( dev-lang/lua:* )
+ luajit? ( dev-lang/luajit:* )
nflog? ( net-libs/libnetfilter_log )
nfqueue?( net-libs/libnetfilter_queue )
redis? ( dev-libs/hiredis )
@@ -83,15 +81,16 @@ src_configure() {
# myeconfargs+=( $(use_enable pfring) )
# fi
# no libprelude in portage
-# if use prelude ; then
+# if use prelude ; theng
# myeconfargs+=( $(use_enable prelude) )
# fi
if use lua ; then
- myeconfargs+=(
- $(use_enable !luajit lua)
- $(use_enable luajit)
- )
- else
+ myeconfargs+=( $(use_enable lua) )
+ fi
+ if use luajit ; then
+ myeconfargs+=( $(use_enable luajit) )
+ fi
+ if (use !lua) && (use !luajit) ; then
myeconfargs+=(
--disable-lua
--disable-luajit
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: d4e40e0eb9740bbeec133addc8ccfff64cde699b
Author: Michał Górny gentoo org>
AuthorDate: Mon Feb 26 22:17:25 2018 +
Commit: Michał Górny gentoo org>
CommitDate: Mon Mar 26 19:33:10 2018 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d4e40e0e
net-analyzer/suricata: [QA] Use standard meaning of USE=luajit
Fix the package to use standard meaning for USE=luajit instead of making
it exclusive with USE=lua.
net-analyzer/suricata/metadata.xml | 1 -
net-analyzer/suricata/suricata-4.0.3.ebuild | 21 +
2 files changed, 13 insertions(+), 9 deletions(-)
diff --git a/net-analyzer/suricata/metadata.xml
b/net-analyzer/suricata/metadata.xml
index 58878c64f05..0afee5625d1 100644
--- a/net-analyzer/suricata/metadata.xml
+++ b/net-analyzer/suricata/metadata.xml
@@ -9,7 +9,6 @@
Enable unix socket
Enable NVIDIA Cuda computations support
Enable detection modules
-Enable Luajit support
Enable libnetfilter_log support
Enable NFQUEUE support for inline IDP
Enable Redis support
diff --git a/net-analyzer/suricata/suricata-4.0.3.ebuild
b/net-analyzer/suricata/suricata-4.0.3.ebuild
index 604eae665be..e501c9c775b 100644
--- a/net-analyzer/suricata/suricata-4.0.3.ebuild
+++ b/net-analyzer/suricata/suricata-4.0.3.ebuild
@@ -14,8 +14,6 @@ SLOT="0"
KEYWORDS="~amd64 ~x86"
IUSE="+af-packet control-socket cuda debug +detection geoip hardened logrotate
lua luajit nflog +nfqueue redis +rules test"
-REQUIRED_USE="lua? ( !luajit )"
-
DEPEND="
>=dev-libs/jansson-2.2
dev-libs/libpcre
@@ -29,8 +27,10 @@ DEPEND="
sys-apps/file
cuda? ( dev-util/nvidia-cuda-toolkit )
geoip? ( dev-libs/geoip )
- lua?( dev-lang/lua:* )
- luajit? ( dev-lang/luajit:* )
+ lua? (
+ !luajit? ( dev-lang/lua:* )
+ luajit? ( dev-lang/luajit:* )
+ )
nflog? ( net-libs/libnetfilter_log )
nfqueue?( net-libs/libnetfilter_queue )
redis? ( dev-libs/hiredis )
@@ -87,10 +87,15 @@ src_configure() {
# myeconfargs+=( $(use_enable prelude) )
# fi
if use lua ; then
- myeconfargs+=( $(use_enable lua) )
- fi
- if use luajit ; then
- myeconfargs+=( $(use_enable luajit) )
+ myeconfargs+=(
+ $(use_enable !luajit lua)
+ $(use_enable luajit)
+ )
+ else
+ myeconfargs+=(
+ --disable-lua
+ --disable-luajit
+ )
fi
# this should be used when pf_ring use flag support will be added
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/files/
commit: 7d77530345a974246cf27c24e66233448b4ae7dd
Author: Slawomir Lis gentoo org>
AuthorDate: Wed Jan 24 07:25:41 2018 +
Commit: Slawek Lis gentoo org>
CommitDate: Wed Jan 24 07:26:04 2018 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7d775303
net-analyzer/suricata: cleaned unneeded patch files
Package-Manager: Portage-2.3.20, Repoman-2.3.6
.../suricata/files/fortify_source-numeric.patch| 11 --
net-analyzer/suricata/files/json.patch | 10 --
net-analyzer/suricata/files/magic-location.patch | 13 --
net-analyzer/suricata/files/suricata-3.2-conf | 62 -
net-analyzer/suricata/files/suricata-3.2-init | 147 -
net-analyzer/suricata/files/suricata-3.2.1-conf| 62 -
net-analyzer/suricata/files/suricata-3.2.1-init| 147 -
7 files changed, 452 deletions(-)
diff --git a/net-analyzer/suricata/files/fortify_source-numeric.patch
b/net-analyzer/suricata/files/fortify_source-numeric.patch
deleted file mode 100644
index 0a7f4827ea0..000
--- a/net-analyzer/suricata/files/fortify_source-numeric.patch
+++ /dev/null
@@ -1,11 +0,0 @@
a/src/suricata.c 2015-10-02 00:21:55.634213646 +0200
-+++ b/src/suricata.c 2015-10-02 00:22:39.143940007 +0200
-@@ -774,7 +774,7 @@
- printf("compiled with -fstack-protector-all\n");
- #endif
- #ifdef _FORTIFY_SOURCE
--printf("compiled with _FORTIFY_SOURCE=%d\n", _FORTIFY_SOURCE);
-+printf("compiled with _FORTIFY_SOURCE\n");
- #endif
- #ifdef CLS
- printf("L1 cache line size (CLS)=%d\n", CLS);
diff --git a/net-analyzer/suricata/files/json.patch
b/net-analyzer/suricata/files/json.patch
deleted file mode 100644
index a542f351640..000
--- a/net-analyzer/suricata/files/json.patch
+++ /dev/null
@@ -1,10 +0,0 @@
src/output-json.h.orig 2015-11-21 21:56:24.996289587 +0100
-+++ src/output-json.h 2015-11-21 21:57:11.419622642 +0100
-@@ -28,6 +28,7 @@
-
- #ifdef HAVE_LIBJANSSON
-
-+#include
- #include "suricata-common.h"
- #include "util-buffer.h"
- #include "util-logopenfile.h"
diff --git a/net-analyzer/suricata/files/magic-location.patch
b/net-analyzer/suricata/files/magic-location.patch
deleted file mode 100644
index 02681f934b0..000
--- a/net-analyzer/suricata/files/magic-location.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-diff --git a/configure.ac b/configure.ac
-index 8b41eb0..3cdf0e7 100644
a/configure.ac
-+++ b/configure.ac
-@@ -182,7 +182,7 @@
- fi
- echo -n "installation for $host OS... "
-
--e_magic_file="/usr/share/file/magic"
-+e_magic_file="/usr/share/misc/magic.mgc"
- case "$host" in
- *-*-*freebsd*)
- LUA_PC_NAME="lua-5.1"
diff --git a/net-analyzer/suricata/files/suricata-3.2-conf
b/net-analyzer/suricata/files/suricata-3.2-conf
deleted file mode 100644
index 655b947fdd9..000
--- a/net-analyzer/suricata/files/suricata-3.2-conf
+++ /dev/null
@@ -1,62 +0,0 @@
-# Config file for /etc/init.d/suricata*
-
-# Where config files are stored. Default:
-
-# SURICATA_DIR="/etc/suricata"
-
-# Pass options to each suricata service.
-#
-# You can launch more than one service at the same time with different options.
-# This can be useful in a multi-queue gateway, for example.
-# You can expand on the Suricata inline example found at:
-# http://suricata.readthedocs.io/en/latest/setting-up-ipsinline-for-linux.html
-# Instead of configuring iptables to send traffic to just one queue, you can
configure it to "load balance"
-# on several queues. You can then have a Suricata instance processing traffic
for each queue.
-# This should help improve performance on the gateway/firewall.
-#
-# Suppose you configured iptables to use queues 0 and 1 named q0 and q1. You
can now do the following:
-# ln -s /etc/init.d/suricata /etc/init.d/suricata.q0
-# ln -s /etc/init.d/suricata /etc/init.d/suricata.q1
-# cp /etc/suricata/suricata.yaml /etc/suricata/suricata-q0.yaml
-# cp /etc/suricata/suricata.yaml /etc/suricata/suricata-q1.yaml
-#
-# Edit both suricata-q{0,1}.yaml files and set values accordingly.
-# You can override these yaml config file names with SURICATA_CONF* below
(optional).
-# This allows you to use the same yaml config file for multiple instances as
long as you override
-# sensible options such as the log file paths.
-# SURICATA_CONF_q0="suricata-queues.yaml"
-# SURICATA_CONF_q1="suricata-queues.yaml"
-# SURICATA_CONF="suricata.yaml"
-
-# You can define the options here:
-# NB: avoid using -l, -c, --user, --group and setting
logging.outputs.1.file.filename as the init script will try to set them for you.
-
-# SURICATA_OPTS_q0="-q 0"
-# SURICATA_OPTS_q1="-q 1"
-
-# If you want to use ${SURICATA_DIR}/suricata.yaml and start the service with
/etc/init.d/suricata
-# then you can set:
-
-SURICATA_OPTS="-i eth0"
-
-# Log paths listed here will be created by the init script and will override
the log path
-# set in the yaml file, if present.
-#
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 9a69b3e675e006bd67b9a95d7cc043982b0c253a
Author: Slawomir Lis gentoo org>
AuthorDate: Wed Jan 24 07:00:02 2018 +
Commit: Slawek Lis gentoo org>
CommitDate: Wed Jan 24 07:00:02 2018 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9a69b3e6
net-analyzer/suricata: removed old version
To fix vulnerability reported in bug https://bugs.gentoo.org/635662
Dropped versions: 2.0.11, 3.0.1, 3.1.3, 3.2-r1, 3.2.1, 3.2
Package-Manager: Portage-2.3.20, Repoman-2.3.6
net-analyzer/suricata/Manifest | 5 -
net-analyzer/suricata/suricata-2.0.11.ebuild | 116 ---
net-analyzer/suricata/suricata-3.0.1.ebuild | 112 --
net-analyzer/suricata/suricata-3.1.3.ebuild | 116 ---
net-analyzer/suricata/suricata-3.2-r1.ebuild | 163 ---
net-analyzer/suricata/suricata-3.2.1.ebuild | 161 --
net-analyzer/suricata/suricata-3.2.ebuild| 147
7 files changed, 820 deletions(-)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 3115c23a894..b3ab446f9d9 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,6 +1 @@
-DIST suricata-2.0.11.tar.gz 3091124 BLAKE2B
5cc99982d2041f0fd405ae1aee01c3955f8780a49148b64cd98061f60dbba9ced5d56e57247883480dfb06f587b231c4527eb59052d9e4c1341a8dafe6f20b90
SHA512
659e893fef3cdcca8440f2af7596d5cc58b142d3350b9ea5ba57d855c6759a00adafeb15a1dfe91dd55eca1437487eb4e842b4e2913d12417f0b906ca3d54ec9
-DIST suricata-3.0.1.tar.gz 3315637 BLAKE2B
f92e8f4b9708b265eda2476dbedaaa3a5c417561befc4d4c0bca15669545f07cd681a6e4e60f9290c97072dffb9ced473ca5fbbd4250d1df002353f1de87b759
SHA512
cd10f5b19dd7b6ccbed668263b54d93738842191e71391b040aa7fc2049ac597feb38cd333f07b15d30ebeaf778f6abe18b72215e609891608dca094531c7fd8
-DIST suricata-3.1.3.tar.gz 3340627 BLAKE2B
6dff61a876591485fc32053912abfe8ec2ac23ff40ed63e4140d3c494adbf83b7310afae67f0b2c552f45c6ec9ed02db94635b3d90e4ac74e3da8de3a611f65b
SHA512
d29c2c4344d52ba3d8c5ed4331a35b512e323c9a13a73e3039df6406d8c6389d05e3b311db6b561125c12dfbea67b121afbdecb7f0a5cb0594cf339b492726fb
-DIST suricata-3.2.1.tar.gz 11754332 BLAKE2B
1f72f9460c363aa86933a7105f0267d89e5b7e11db8668d30f2e84a545856cc53e4edc403f434533271697fc73d45fbd9ea2ce2cc4f07c245ba0724e3d0cae60
SHA512
6b0e5565368a085f059f62c9862364a9fcd970158b17671a25bcbed9b3ef8fcf857b1760a6d186ebe3227dde45070bc69a8b0d0bfd341f39a4d42ef93d12f290
-DIST suricata-3.2.tar.gz 11732080 BLAKE2B
e5315edc7fb42792f165ebc6b43b3bef8ca8151857305adb6ac1cd2bbf93f5f679ac9762ac48836bf94dfdfc820e4dc7fdcaa73a2b609e3128524f39cd24c741
SHA512
327f5a62449af44f6cb95220e1ff9bf61b51db7bd25f2b1e8def3e8650ba754304cf9d02fc30b46b6cbaa6b5f94fa3d4be90edb8a293ff3b6c0927b596a2976e
DIST suricata-4.0.3.tar.gz 12392388 BLAKE2B
9b6338b343ff85f070d61608ff9dc7f25df868fdffbc13b5a8d245cb3db5cd757cb1785c827c388653b2f8a7977129259671900bc1abfebeb878a668b4058bdf
SHA512
aa6b6d1ae86efad0184ba4fa06375f34334e07c22b7b1f82bf17fcb0ae48ad7f867bced57ab4f713de01583965e1260cb82e1355f78002071b6893b53892
diff --git a/net-analyzer/suricata/suricata-2.0.11.ebuild
b/net-analyzer/suricata/suricata-2.0.11.ebuild
deleted file mode 100644
index cebe46b654e..000
--- a/net-analyzer/suricata/suricata-2.0.11.ebuild
+++ /dev/null
@@ -1,116 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-
-inherit autotools eutils user
-
-DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
-HOMEPAGE="http://suricata-ids.org/;
-SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz;
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="+af-packet control-socket cuda debug +detection geoip hardened lua
luajit nflog +nfqueue +rules test"
-
-DEPEND="
- >=dev-libs/jansson-2.2
- dev-libs/libpcre
- dev-libs/libyaml
- net-libs/libnet:*
- net-libs/libnfnetlink
- dev-libs/nspr
- dev-libs/nss
- >=net-libs/libhtp-0.5.18
- net-libs/libpcap
- sys-apps/file
- cuda? ( dev-util/nvidia-cuda-toolkit )
- geoip? ( dev-libs/geoip )
- lua?( dev-lang/lua:* )
- luajit? ( dev-lang/luajit:* )
- nflog? ( net-libs/libnetfilter_log )
- nfqueue?( net-libs/libnetfilter_queue )
-"
-# #446814
-# prelude?( dev-libs/libprelude )
-# pfring? ( sys-process/numactl net-libs/pf_ring)
-RDEPEND="${DEPEND}"
-
-pkg_setup() {
- enewgroup ${PN}
- enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
-}
-
-src_prepare() {
- epatch "${FILESDIR}/fortify_source-numeric.patch"
- epatch "${FILESDIR}/magic-location.patch"
- epatch "${FILESDIR}/json.patch"
-
- eautoreconf
-}
-
-src_configure() {
- local myeconfargs=(
- "--localstatedir=/var/" \
- "--enable-non-bundled-htp" \
-
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/files/
commit: 8a31f163e2cf8cc4e5f003a984ad06e070fefe17
Author: Slawomir Lis gentoo org>
AuthorDate: Tue Jan 23 18:56:59 2018 +
Commit: Slawek Lis gentoo org>
CommitDate: Tue Jan 23 18:57:14 2018 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8a31f163
net-analyzer/suricata: added missed conf.d and init.d files
Closes: https://bugs.gentoo.org/645484
Package-Manager: Portage-2.3.20, Repoman-2.3.6
net-analyzer/suricata/files/suricata-4.0.3-conf | 62 ++
net-analyzer/suricata/files/suricata-4.0.3-init | 147
2 files changed, 209 insertions(+)
diff --git a/net-analyzer/suricata/files/suricata-4.0.3-conf
b/net-analyzer/suricata/files/suricata-4.0.3-conf
new file mode 100644
index 000..655b947fdd9
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata-4.0.3-conf
@@ -0,0 +1,62 @@
+# Config file for /etc/init.d/suricata*
+
+# Where config files are stored. Default:
+
+# SURICATA_DIR="/etc/suricata"
+
+# Pass options to each suricata service.
+#
+# You can launch more than one service at the same time with different options.
+# This can be useful in a multi-queue gateway, for example.
+# You can expand on the Suricata inline example found at:
+# http://suricata.readthedocs.io/en/latest/setting-up-ipsinline-for-linux.html
+# Instead of configuring iptables to send traffic to just one queue, you can
configure it to "load balance"
+# on several queues. You can then have a Suricata instance processing traffic
for each queue.
+# This should help improve performance on the gateway/firewall.
+#
+# Suppose you configured iptables to use queues 0 and 1 named q0 and q1. You
can now do the following:
+# ln -s /etc/init.d/suricata /etc/init.d/suricata.q0
+# ln -s /etc/init.d/suricata /etc/init.d/suricata.q1
+# cp /etc/suricata/suricata.yaml /etc/suricata/suricata-q0.yaml
+# cp /etc/suricata/suricata.yaml /etc/suricata/suricata-q1.yaml
+#
+# Edit both suricata-q{0,1}.yaml files and set values accordingly.
+# You can override these yaml config file names with SURICATA_CONF* below
(optional).
+# This allows you to use the same yaml config file for multiple instances as
long as you override
+# sensible options such as the log file paths.
+# SURICATA_CONF_q0="suricata-queues.yaml"
+# SURICATA_CONF_q1="suricata-queues.yaml"
+# SURICATA_CONF="suricata.yaml"
+
+# You can define the options here:
+# NB: avoid using -l, -c, --user, --group and setting
logging.outputs.1.file.filename as the init script will try to set them for you.
+
+# SURICATA_OPTS_q0="-q 0"
+# SURICATA_OPTS_q1="-q 1"
+
+# If you want to use ${SURICATA_DIR}/suricata.yaml and start the service with
/etc/init.d/suricata
+# then you can set:
+
+SURICATA_OPTS="-i eth0"
+
+# Log paths listed here will be created by the init script and will override
the log path
+# set in the yaml file, if present.
+# SURICATA_LOG_FILE_q0="/var/log/suricata/q0/suricata.log"
+# SURICATA_LOG_FILE_q1="/var/log/suricata/q1/suricata.log"
+# SURICATA_LOG_FILE="/var/log/suricata/suricata.log"
+
+# Run as user/group.
+# Do not define if you want to run as root or as the user defined in the yaml
config file (run-as).
+# The ebuild should have created the dedicated user/group suricata:suricata
for you to specify here below.
+# SURICATA_USER_q0="suricata"
+# SURICATA_GROUP_q0="suricata"
+# SURICATA_USER_q1="suricata"
+# SURICATA_GROUP_q1="suricata"
+# SURICATA_USER="suricata"
+# SURICATA_GROUP="suricata"
+
+# Suricata processes can take a long time to shut down.
+# If necessary, adjust timeout in seconds to be used when calling stop from
the init script.
+# Examples:
+# SURICATA_MAX_WAIT_ON_STOP="300"
+# SURICATA_MAX_WAIT_ON_STOP="SIGTERM/30"
diff --git a/net-analyzer/suricata/files/suricata-4.0.3-init
b/net-analyzer/suricata/files/suricata-4.0.3-init
new file mode 100644
index 000..f54ba3a5e23
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata-4.0.3-init
@@ -0,0 +1,147 @@
+#!/sbin/openrc-run
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+SURICATA_BIN=/usr/bin/suricata
+SURICATA_DIR=${SURICATA_DIR:-/etc/suricata}
+SURICATA=${SVCNAME#*.}
+SURICATAID=$(shell_var "${SURICATA}")
+if [ -n "${SURICATA}" ] && [ ${SVCNAME} != "suricata" ]; then
+eval SURICATACONF=\$SURICATA_CONF_${SURICATAID}
+[ ${#SURICATACONF} -eq 0 ] &&
SURICATACONF="${SURICATA_DIR}/suricata-${SURICATA}.yaml" ||
SURICATACONF="${SURICATA_DIR}/${SURICATACONF}"
+SURICATAPID="/var/run/suricata/suricata.${SURICATA}.pid"
+eval SURICATAOPTS=\$SURICATA_OPTS_${SURICATAID}
+eval SURICATALOGPATH=\$SURICATA_LOG_FILE_${SURICATAID}
+eval SURICATAUSER=\$SURICATA_USER_${SURICATAID}
+eval SURICATAGROUP=\$SURICATA_GROUP_${SURICATAID}
+else
+SURICATACONF=${SURICATA_CONF}
+[ ${#SURICATACONF} -eq 0 ] && SURICATACONF="${SURICATA_DIR}/suricata.yaml"
|| SURICATACONF="${SURICATA_DIR}/${SURICATACONF}"
+SURICATAPID="/var/run/suricata/suricata.pid"
+
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 78745195e87a1b2b6698d6600d74da6932ebcadd
Author: Slawomir Lis gentoo org>
AuthorDate: Tue Jan 23 09:15:07 2018 +
Commit: Slawek Lis gentoo org>
CommitDate: Tue Jan 23 09:15:19 2018 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=78745195
net-analyzer/suricata: version bump to 4.0.3
This should fix security problems reported in https://bugs.gentoo.org/635662
Package-Manager: Portage-2.3.20, Repoman-2.3.6
net-analyzer/suricata/Manifest | 1 +
net-analyzer/suricata/suricata-4.0.3.ebuild | 163
2 files changed, 164 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index dee7b9c1e63..3115c23a894 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -3,3 +3,4 @@ DIST suricata-3.0.1.tar.gz 3315637 BLAKE2B
f92e8f4b9708b265eda2476dbedaaa3a5c417
DIST suricata-3.1.3.tar.gz 3340627 BLAKE2B
6dff61a876591485fc32053912abfe8ec2ac23ff40ed63e4140d3c494adbf83b7310afae67f0b2c552f45c6ec9ed02db94635b3d90e4ac74e3da8de3a611f65b
SHA512
d29c2c4344d52ba3d8c5ed4331a35b512e323c9a13a73e3039df6406d8c6389d05e3b311db6b561125c12dfbea67b121afbdecb7f0a5cb0594cf339b492726fb
DIST suricata-3.2.1.tar.gz 11754332 BLAKE2B
1f72f9460c363aa86933a7105f0267d89e5b7e11db8668d30f2e84a545856cc53e4edc403f434533271697fc73d45fbd9ea2ce2cc4f07c245ba0724e3d0cae60
SHA512
6b0e5565368a085f059f62c9862364a9fcd970158b17671a25bcbed9b3ef8fcf857b1760a6d186ebe3227dde45070bc69a8b0d0bfd341f39a4d42ef93d12f290
DIST suricata-3.2.tar.gz 11732080 BLAKE2B
e5315edc7fb42792f165ebc6b43b3bef8ca8151857305adb6ac1cd2bbf93f5f679ac9762ac48836bf94dfdfc820e4dc7fdcaa73a2b609e3128524f39cd24c741
SHA512
327f5a62449af44f6cb95220e1ff9bf61b51db7bd25f2b1e8def3e8650ba754304cf9d02fc30b46b6cbaa6b5f94fa3d4be90edb8a293ff3b6c0927b596a2976e
+DIST suricata-4.0.3.tar.gz 12392388 BLAKE2B
9b6338b343ff85f070d61608ff9dc7f25df868fdffbc13b5a8d245cb3db5cd757cb1785c827c388653b2f8a7977129259671900bc1abfebeb878a668b4058bdf
SHA512
aa6b6d1ae86efad0184ba4fa06375f34334e07c22b7b1f82bf17fcb0ae48ad7f867bced57ab4f713de01583965e1260cb82e1355f78002071b6893b53892
diff --git a/net-analyzer/suricata/suricata-4.0.3.ebuild
b/net-analyzer/suricata/suricata-4.0.3.ebuild
new file mode 100644
index 000..604eae665be
--- /dev/null
+++ b/net-analyzer/suricata/suricata-4.0.3.ebuild
@@ -0,0 +1,163 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=5
+
+inherit autotools eutils user
+
+DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring
engine"
+HOMEPAGE="http://suricata-ids.org/;
+SRC_URI="http://www.openinfosecfoundation.org/download/${P}.tar.gz;
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+af-packet control-socket cuda debug +detection geoip hardened logrotate
lua luajit nflog +nfqueue redis +rules test"
+
+REQUIRED_USE="lua? ( !luajit )"
+
+DEPEND="
+ >=dev-libs/jansson-2.2
+ dev-libs/libpcre
+ dev-libs/libyaml
+ net-libs/libnet:*
+ net-libs/libnfnetlink
+ dev-libs/nspr
+ dev-libs/nss
+ >=net-libs/libhtp-0.5.20
+ net-libs/libpcap
+ sys-apps/file
+ cuda? ( dev-util/nvidia-cuda-toolkit )
+ geoip? ( dev-libs/geoip )
+ lua?( dev-lang/lua:* )
+ luajit? ( dev-lang/luajit:* )
+ nflog? ( net-libs/libnetfilter_log )
+ nfqueue?( net-libs/libnetfilter_queue )
+ redis? ( dev-libs/hiredis )
+ logrotate? ( app-admin/logrotate )
+ sys-libs/libcap-ng
+"
+# #446814
+# prelude?( dev-libs/libprelude )
+# pfring? ( sys-process/numactl net-libs/pf_ring)
+RDEPEND="${DEPEND}"
+
+pkg_setup() {
+ enewgroup ${PN}
+ enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
+}
+
+src_prepare() {
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ "--localstatedir=/var/" \
+ "--enable-non-bundled-htp" \
+ $(use_enable af-packet) \
+ $(use_enable detection) \
+ $(use_enable nfqueue) \
+ $(use_enable test coccinelle) \
+ $(use_enable test unittests) \
+ $(use_enable control-socket unix-socket)
+ )
+
+ if use cuda ; then
+ myeconfargs+=( $(use_enable cuda) )
+ fi
+ if use geoip ; then
+ myeconfargs+=( $(use_enable geoip) )
+ fi
+ if use hardened ; then
+ myeconfargs+=( $(use_enable hardened gccprotect) )
+ fi
+ if use nflog ; then
+ myeconfargs+=( $(use_enable nflog) )
+ fi
+ if use redis ; then
+ myeconfargs+=( $(use_enable redis hiredis) )
+ fi
+ # not supported yet (no pfring in portage)
+# if use pfring ; then
+# myeconfargs+=( $(use_enable pfring) )
+# fi
+ # no libprelude in portage
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: 8610c416bfc5e5fb30a1925c6d5dbbce5537baab Author: Slawomir Lis gentoo org> AuthorDate: Mon Jul 24 08:29:45 2017 + Commit: Slawek Lis gentoo org> CommitDate: Mon Jul 24 08:30:03 2017 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8610c416 net-analyzer/suricata: Solved conflicting use flags Use flags LUA and LUAJIT cannot be set at the same time. Reported in bug 625814 Reported-By: deference null.net Package-Manager: Portage-2.3.6, Repoman-2.3.3 net-analyzer/suricata/suricata-3.2-r1.ebuild | 2 ++ 1 file changed, 2 insertions(+) diff --git a/net-analyzer/suricata/suricata-3.2-r1.ebuild b/net-analyzer/suricata/suricata-3.2-r1.ebuild index 419c56ac26d..f6aa21dbcc4 100644 --- a/net-analyzer/suricata/suricata-3.2-r1.ebuild +++ b/net-analyzer/suricata/suricata-3.2-r1.ebuild @@ -14,6 +14,8 @@ SLOT="0" KEYWORDS="~amd64 ~x86" IUSE="+af-packet control-socket cuda debug +detection geoip hardened logrotate lua luajit nflog +nfqueue redis +rules test" +REQUIRED_USE="lua? ( !luajit )" + DEPEND=" >=dev-libs/jansson-2.2 dev-libs/libpcre
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/files/, net-analyzer/suricata/
commit: 8613b63b558801c7a1c904358505b65b5906d1a3
Author: Slawomir Lis gentoo org>
AuthorDate: Fri Feb 17 05:39:45 2017 +
Commit: Slawek Lis gentoo org>
CommitDate: Fri Feb 17 05:39:45 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8613b63b
net-analyzer/suricata: version bump to 3.2.1
Reported in #609426
Package-Manager: Portage-2.3.3, Repoman-2.3.1
net-analyzer/suricata/Manifest | 1 +
net-analyzer/suricata/files/suricata-3.2.1-conf | 62 +
net-analyzer/suricata/files/suricata-3.2.1-init | 148 ++
net-analyzer/suricata/suricata-3.2.1.ebuild | 162
4 files changed, 373 insertions(+)
diff --git a/net-analyzer/suricata/Manifest b/net-analyzer/suricata/Manifest
index 4730f83276..06c2f94487 100644
--- a/net-analyzer/suricata/Manifest
+++ b/net-analyzer/suricata/Manifest
@@ -1,4 +1,5 @@
DIST suricata-2.0.11.tar.gz 3091124 SHA256
c607f1e18e5636830f42a83f7c67e1466f07db82853f3a9dba4ab8c6c3bc656e SHA512
659e893fef3cdcca8440f2af7596d5cc58b142d3350b9ea5ba57d855c6759a00adafeb15a1dfe91dd55eca1437487eb4e842b4e2913d12417f0b906ca3d54ec9
WHIRLPOOL
5cfa55abd90284a0a3441853af9db18075a23fa5661d89448b409b8fdd1031ad348d76d455b7dfe7b2688e69633f5bbb65dc060cc2426af017ab1bcb824c9ac5
DIST suricata-3.0.1.tar.gz 3315637 SHA256
74c685f8da51b3f038a7b8185bdbed274aca25daf64ac7ea01eea60636727f26 SHA512
cd10f5b19dd7b6ccbed668263b54d93738842191e71391b040aa7fc2049ac597feb38cd333f07b15d30ebeaf778f6abe18b72215e609891608dca094531c7fd8
WHIRLPOOL
a1f6c8ee760cac9e3daa3358e89d30b4a24441fb975214ae2fe165fcb697b4292e035007323041febdc0d8f09b1515aba76f60f1e437d865193db3deb25d
DIST suricata-3.1.3.tar.gz 3340627 SHA256
bd89c269e29b03a8898ccabccfb7fcab11c1aa036444772e117705f3b37b4174 SHA512
d29c2c4344d52ba3d8c5ed4331a35b512e323c9a13a73e3039df6406d8c6389d05e3b311db6b561125c12dfbea67b121afbdecb7f0a5cb0594cf339b492726fb
WHIRLPOOL
720f668480bfa05e7e6c32bb63f09af6d38e46b909ab4d0d9879cd069436215eb3b4bb1778147de82344b6879a1b3e04da0af2e14084bb1b74472ecc727c4ebe
+DIST suricata-3.2.1.tar.gz 11754332 SHA256
0e0b0cf49016804bb2fb1fc4327341617e76a67902f4e03e0ef6d16c1d7d3994 SHA512
6b0e5565368a085f059f62c9862364a9fcd970158b17671a25bcbed9b3ef8fcf857b1760a6d186ebe3227dde45070bc69a8b0d0bfd341f39a4d42ef93d12f290
WHIRLPOOL
6469191d11f8bd3cf4fab80650d4fbf380c74e3502867e446f57fd297d3f8bbd9b23e452dcb2c559496e8f64f9e9822c5f0303a6351ec13a32fd172a39d3ca05
DIST suricata-3.2.tar.gz 11732080 SHA256
41cbe19c6fd6bd51ebcbc29063f558e2fbba4a2450e5809fee2e461f16a4ed68 SHA512
327f5a62449af44f6cb95220e1ff9bf61b51db7bd25f2b1e8def3e8650ba754304cf9d02fc30b46b6cbaa6b5f94fa3d4be90edb8a293ff3b6c0927b596a2976e
WHIRLPOOL
b6d4c2c08e34da2b4dee4087831a0a9dcad836737489e2599938d74b74c624e455d0f1299ef7c4e70df038ac13dcd29344c2117b44310f8dc42d9f0fad0c3e15
diff --git a/net-analyzer/suricata/files/suricata-3.2.1-conf
b/net-analyzer/suricata/files/suricata-3.2.1-conf
new file mode 100644
index 00..655b947fdd
--- /dev/null
+++ b/net-analyzer/suricata/files/suricata-3.2.1-conf
@@ -0,0 +1,62 @@
+# Config file for /etc/init.d/suricata*
+
+# Where config files are stored. Default:
+
+# SURICATA_DIR="/etc/suricata"
+
+# Pass options to each suricata service.
+#
+# You can launch more than one service at the same time with different options.
+# This can be useful in a multi-queue gateway, for example.
+# You can expand on the Suricata inline example found at:
+# http://suricata.readthedocs.io/en/latest/setting-up-ipsinline-for-linux.html
+# Instead of configuring iptables to send traffic to just one queue, you can
configure it to "load balance"
+# on several queues. You can then have a Suricata instance processing traffic
for each queue.
+# This should help improve performance on the gateway/firewall.
+#
+# Suppose you configured iptables to use queues 0 and 1 named q0 and q1. You
can now do the following:
+# ln -s /etc/init.d/suricata /etc/init.d/suricata.q0
+# ln -s /etc/init.d/suricata /etc/init.d/suricata.q1
+# cp /etc/suricata/suricata.yaml /etc/suricata/suricata-q0.yaml
+# cp /etc/suricata/suricata.yaml /etc/suricata/suricata-q1.yaml
+#
+# Edit both suricata-q{0,1}.yaml files and set values accordingly.
+# You can override these yaml config file names with SURICATA_CONF* below
(optional).
+# This allows you to use the same yaml config file for multiple instances as
long as you override
+# sensible options such as the log file paths.
+# SURICATA_CONF_q0="suricata-queues.yaml"
+# SURICATA_CONF_q1="suricata-queues.yaml"
+# SURICATA_CONF="suricata.yaml"
+
+# You can define the options here:
+# NB: avoid using -l, -c, --user, --group and setting
logging.outputs.1.file.filename as the init script will try to set them for you.
+
+# SURICATA_OPTS_q0="-q 0"
+# SURICATA_OPTS_q1="-q 1"
+
+# If you want to use ${SURICATA_DIR}/suricata.yaml and start the service with
/etc/init.d/suricata
+# then you can set:
+
+SURICATA_OPTS="-i eth0"
+
+# Log paths
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/files/
commit: 52c57d2e8707113c2b019013c83706b584b59bc7 Author: Slawomir Lis gentoo org> AuthorDate: Mon Jan 16 12:27:54 2017 + Commit: Slawek Lis gentoo org> CommitDate: Mon Jan 16 12:27:54 2017 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=52c57d2e net-analyzer/suricata: updated config file Bug report: #605754 Package-Manager: Portage-2.3.3, Repoman-2.3.1 net-analyzer/suricata/files/suricata-3.2-conf | 6 ++ 1 file changed, 6 insertions(+) diff --git a/net-analyzer/suricata/files/suricata-3.2-conf b/net-analyzer/suricata/files/suricata-3.2-conf index d8466b4..655b947 100644 --- a/net-analyzer/suricata/files/suricata-3.2-conf +++ b/net-analyzer/suricata/files/suricata-3.2-conf @@ -54,3 +54,9 @@ SURICATA_OPTS="-i eth0" # SURICATA_GROUP_q1="suricata" # SURICATA_USER="suricata" # SURICATA_GROUP="suricata" + +# Suricata processes can take a long time to shut down. +# If necessary, adjust timeout in seconds to be used when calling stop from the init script. +# Examples: +# SURICATA_MAX_WAIT_ON_STOP="300" +# SURICATA_MAX_WAIT_ON_STOP="SIGTERM/30"
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/files/
commit: 33f785f6d2650b7bd8556bb58c95468b4d3a0ac1
Author: Slawomir Lis gentoo org>
AuthorDate: Mon Jan 16 12:25:22 2017 +
Commit: Slawek Lis gentoo org>
CommitDate: Mon Jan 16 12:25:22 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=33f785f6
net-analyzer/suricata: updated init script
As reported in bug #605754, updated init script stop()
function to take correct method of stopping long-running
suricata shutdown
Reported-by: Vieri yahoo.com>
Package-Manager: Portage-2.3.3, Repoman-2.3.1
net-analyzer/suricata/files/suricata-3.2-init | 36 +++
1 file changed, 4 insertions(+), 32 deletions(-)
diff --git a/net-analyzer/suricata/files/suricata-3.2-init
b/net-analyzer/suricata/files/suricata-3.2-init
index 9ffedf4..05f05dd 100644
--- a/net-analyzer/suricata/files/suricata-3.2-init
+++ b/net-analyzer/suricata/files/suricata-3.2-init
@@ -1,5 +1,5 @@
#!/sbin/openrc-run
-# Copyright 1999-2016 Gentoo Foundation
+# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$
@@ -27,6 +27,7 @@ fi
SURICATAUSER=${SURICATAUSER:-${SURICATA_USER}}
SURICATAGROUP=${SURICATAGROUP:-${SURICATA_GROUP}}
[ -e ${SURICATACONF} ] && SURICATAOPTS="-c ${SURICATACONF} ${SURICATAOPTS}"
+[[ -z "${SURICATA_MAX_WAIT_ON_STOP// }" ]] || SURICATA_RETRY="--retry
${SURICATA_MAX_WAIT_ON_STOP}"
description="Suricata IDS/IPS"
extra_commands="checkconfig dump"
@@ -111,37 +112,8 @@ start() {
stop() {
ebegin "Stopping ${SVCNAME}"
- initpidinfo
- start-stop-daemon --stop --quiet --pidfile ${SURICATAPID} >/dev/null
2>&1
- einfo "Waiting for ${SVCNAME} to shut down. This can take a while..."
- # max wait: 5 minutes as it can take quite a while on some systems with
heavy traffic
- local cnt=300
- while [ -e ${SURICATAPID} ] && [ $cnt -gt 0 ]; do
- cnt=$(expr $cnt - 1)
- sleep 1
- echo -ne "$cnt seconds left before we give up checking the PID
file...\r"
- done
- # under certain conditions suricata can be pretty slow and the PID can
persist long after the pidfile has been removed
- # max wait for process to terminate: 1 minute
- if [ ${#SUR_PID} -gt 0 ]; then
- cnt=60
- SUR_PID_CHECK="$(ps -eo pid | grep -c ${SUR_PID})"
- if [ $((SUR_PID_CHECK)) -ne 0 ]; then
- einfo "The PID file ${SURICATAPID} is gone but the ${SVCNAME}
PID ${SUR_PID} is still running."
- einfo "Waiting for process to shut down on its own. This can
take a while..."
- fi
- while [ $((SUR_PID_CHECK)) -ne 0 ]; do
- cnt=$(expr $cnt - 1)
- if [ $cnt -lt 1 ] ; then
- eend 1 "Failed. You might need to kill PID ${SUR_PID} or
find out why it can't be stopped."
- break
- fi
- sleep 1
- echo -ne "$cnt seconds left before we give up checking PID
${SUR_PID}...\r"
- SUR_PID_CHECK="$(ps -eo pid | grep -c ${SUR_PID})"
- done
- fi
- eend 0
+ start-stop-daemon --stop ${SURICATA_RETRY} --quiet --pidfile
${SURICATAPID} >/dev/null 2>&1
+ eend $?
}
reload() {
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/files/
commit: 0ec42d4b8fe37e81b2d54a51ce2463ca1ba31080
Author: Slawomir Lis gentoo org>
AuthorDate: Mon Jan 9 07:21:33 2017 +
Commit: Slawek Lis gentoo org>
CommitDate: Mon Jan 9 07:21:49 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0ec42d4b
net-analyzer/suricata: fixed logrotate file
Package-Manager: Portage-2.3.3, Repoman-2.3.1
net-analyzer/suricata/files/suricata-logrotate | 25 ++---
1 file changed, 10 insertions(+), 15 deletions(-)
diff --git a/net-analyzer/suricata/files/suricata-logrotate
b/net-analyzer/suricata/files/suricata-logrotate
index a8edcc6..7b22283 100644
--- a/net-analyzer/suricata/files/suricata-logrotate
+++ b/net-analyzer/suricata/files/suricata-logrotate
@@ -1,15 +1,10 @@
/usr/portage/net-analyzer/suricata/files/suricata-logrotate
2016-12-28 10:34:11.0 +0100
-+++ /usr/local/portage/net-analyzer/suricata/files/suricata-logrotate
2016-12-29 08:59:51.390256659 +0100
-@@ -1,6 +1,10 @@
--/var/log/suricata/* {
-+/var/log/suricata/*.log /var/log/suricata/*.json {
-+ rotate 3
- missingok
-+ nocompress
-+ create
-+ sharedscripts
- postrotate
-- /etc/init.d/suricata reload
-+ /etc/init.d/suricata relog
- endscript
- }
+/var/log/suricata/*.log /var/log/suricata/*.json {
+ rotate 3
+ missingok
+ nocompress
+ create
+ sharedscripts
+ postrotate
+ /etc/init.d/suricata relog
+ endscript
+}
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: cb5cefc064378a810126ac76a888ff668ae3015b
Author: Slawomir Lis gentoo org>
AuthorDate: Sat Jan 7 10:27:20 2017 +
Commit: Slawek Lis gentoo org>
CommitDate: Sat Jan 7 10:25:42 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cb5cefc0
net-analyzer/suricata: fixing error with logrotate file
As reported in bug 604904
Package-Manager: Portage-2.3.3, Repoman-2.3.1
net-analyzer/suricata/suricata-3.2-r1.ebuild | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/suricata-3.2-r1.ebuild
b/net-analyzer/suricata/suricata-3.2-r1.ebuild
index 0d4739e..9d39b83 100644
--- a/net-analyzer/suricata/suricata-3.2-r1.ebuild
+++ b/net-analyzer/suricata/suricata-3.2-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2016 Gentoo Foundation
+# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$
@@ -130,7 +130,7 @@ src_install() {
if use logrotate; then
insopts -m0644
insinto /etc/logrotate.d
- newins "${FILESDIR}"/${PN}.logrotate ${PN}
+ newins "${FILESDIR}"/${PN}-logrotate ${PN}
fi
}
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/files/
commit: 4b0a9ae167be4dc0cc9db385c84fd705a1b64301
Author: Slawomir Lis gentoo org>
AuthorDate: Fri Dec 30 07:53:42 2016 +
Commit: Slawek Lis gentoo org>
CommitDate: Fri Dec 30 07:53:42 2016 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4b0a9ae1
net-analyzer/suricata: updated logrotate config file
Package-Manager: Portage-2.3.3, Repoman-2.3.1
net-analyzer/suricata/files/suricata-logrotate | 21 +++--
1 file changed, 15 insertions(+), 6 deletions(-)
diff --git a/net-analyzer/suricata/files/suricata-logrotate
b/net-analyzer/suricata/files/suricata-logrotate
index 0dc145b..a8edcc6 100644
--- a/net-analyzer/suricata/files/suricata-logrotate
+++ b/net-analyzer/suricata/files/suricata-logrotate
@@ -1,6 +1,15 @@
-/var/log/suricata/* {
- missingok
- postrotate
- /etc/init.d/suricata reload
- endscript
-}
+--- /usr/portage/net-analyzer/suricata/files/suricata-logrotate
2016-12-28 10:34:11.0 +0100
/usr/local/portage/net-analyzer/suricata/files/suricata-logrotate
2016-12-29 08:59:51.390256659 +0100
+@@ -1,6 +1,10 @@
+-/var/log/suricata/* {
++/var/log/suricata/*.log /var/log/suricata/*.json {
++ rotate 3
+ missingok
++ nocompress
++ create
++ sharedscripts
+ postrotate
+- /etc/init.d/suricata reload
++ /etc/init.d/suricata relog
+ endscript
+ }
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/files/
commit: f3eaaf161bf666f9c10b6e333bfaaf1a55a81a0b
Author: Slawomir Lis gentoo org>
AuthorDate: Thu Dec 29 06:23:33 2016 +
Commit: Slawek Lis gentoo org>
CommitDate: Thu Dec 29 06:23:33 2016 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f3eaaf16
net-analyzer/suricata: fix in init script
Package-Manager: Portage-2.3.3, Repoman-2.3.1
net-analyzer/suricata/files/suricata-3.2-init | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/net-analyzer/suricata/files/suricata-3.2-init
b/net-analyzer/suricata/files/suricata-3.2-init
index b276f49..9ffedf4 100644
--- a/net-analyzer/suricata/files/suricata-3.2-init
+++ b/net-analyzer/suricata/files/suricata-3.2-init
@@ -26,7 +26,7 @@ else
fi
SURICATAUSER=${SURICATAUSER:-${SURICATA_USER}}
SURICATAGROUP=${SURICATAGROUP:-${SURICATA_GROUP}}
-[ -e ${SURICATACONF} ] && SURICATAOPTS="${SURICATAOPTS} -c ${SURICATACONF}"
+[ -e ${SURICATACONF} ] && SURICATAOPTS="-c ${SURICATACONF} ${SURICATAOPTS}"
description="Suricata IDS/IPS"
extra_commands="checkconfig dump"
@@ -47,7 +47,7 @@ checkconfig() {
checkpath -d /var/run/suricata
fi
if [ ${#SURICATALOGPATH} -gt 0 ]; then
- SURICATALOGFILE=$( basename ${SURICATA_LOG_FILE} )
+ SURICATALOGFILE=$( basename ${SURICATALOGPATH} )
SURICATALOGFILE=${SURICATALOGFILE:-suricata.log}
SURICATALOGPATH=$( dirname ${SURICATALOGPATH} )
if [ ! -d "${SURICATALOGPATH}" ] ; then
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/
commit: d6a9c58d4a29fb0fdb4e78e976a34cb0bd18f08d
Author: Slawomir Lis gentoo org>
AuthorDate: Wed Dec 28 13:25:09 2016 +
Commit: Slawek Lis gentoo org>
CommitDate: Wed Dec 28 13:25:36 2016 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d6a9c58d
net-analyzer/suricata: postinst log message fix
Package-Manager: Portage-2.3.3, Repoman-2.3.1
net-analyzer/suricata/suricata-3.2-r1.ebuild | 2 ++
1 file changed, 2 insertions(+)
diff --git a/net-analyzer/suricata/suricata-3.2-r1.ebuild
b/net-analyzer/suricata/suricata-3.2-r1.ebuild
index ee724a5..0d4739e 100644
--- a/net-analyzer/suricata/suricata-3.2-r1.ebuild
+++ b/net-analyzer/suricata/suricata-3.2-r1.ebuild
@@ -156,5 +156,7 @@ pkg_postinst() {
if use debug; then
elog "You enabled the debug USE flag. Please read this link to
report bugs upstream:"
elog
"https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs;
+ elog "You need to also ensure the FEATURES variable in
make.conf contains the"
+ elog "'nostrip' option to produce useful core dumps or back
traces."
fi
}
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, net-analyzer/suricata/files/
commit: 2c174cb604c2c99f9d9e8ac4fab438d0aedf7ab1
Author: Slawomir Lis gentoo org>
AuthorDate: Wed Dec 28 12:59:11 2016 +
Commit: Slawek Lis gentoo org>
CommitDate: Wed Dec 28 12:59:11 2016 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2c174cb6
net-analyzer/suricata: Dropping user privs in init script
Bug #602590
Package-Manager: Portage-2.3.3, Repoman-2.3.1
net-analyzer/suricata/files/suricata-3.2-conf | 12 -
net-analyzer/suricata/files/suricata-3.2-init | 39 ---
net-analyzer/suricata/suricata-3.2-r1.ebuild | 5 ++--
3 files changed, 43 insertions(+), 13 deletions(-)
diff --git a/net-analyzer/suricata/files/suricata-3.2-conf
b/net-analyzer/suricata/files/suricata-3.2-conf
index fc6885d..d8466b4 100644
--- a/net-analyzer/suricata/files/suricata-3.2-conf
+++ b/net-analyzer/suricata/files/suricata-3.2-conf
@@ -29,7 +29,7 @@
# SURICATA_CONF="suricata.yaml"
# You can define the options here:
-# NB: avoid using -l, -c and setting logging.outputs.1.file.filename as the
init script will try to set them for you.
+# NB: avoid using -l, -c, --user, --group and setting
logging.outputs.1.file.filename as the init script will try to set them for you.
# SURICATA_OPTS_q0="-q 0"
# SURICATA_OPTS_q1="-q 1"
@@ -44,3 +44,13 @@ SURICATA_OPTS="-i eth0"
# SURICATA_LOG_FILE_q0="/var/log/suricata/q0/suricata.log"
# SURICATA_LOG_FILE_q1="/var/log/suricata/q1/suricata.log"
# SURICATA_LOG_FILE="/var/log/suricata/suricata.log"
+
+# Run as user/group.
+# Do not define if you want to run as root or as the user defined in the yaml
config file (run-as).
+# The ebuild should have created the dedicated user/group suricata:suricata
for you to specify here below.
+# SURICATA_USER_q0="suricata"
+# SURICATA_GROUP_q0="suricata"
+# SURICATA_USER_q1="suricata"
+# SURICATA_GROUP_q1="suricata"
+# SURICATA_USER="suricata"
+# SURICATA_GROUP="suricata"
diff --git a/net-analyzer/suricata/files/suricata-3.2-init
b/net-analyzer/suricata/files/suricata-3.2-init
index 1717dbb..b276f49 100644
--- a/net-analyzer/suricata/files/suricata-3.2-init
+++ b/net-analyzer/suricata/files/suricata-3.2-init
@@ -13,13 +13,19 @@ if [ -n "${SURICATA}" ] && [ ${SVCNAME} != "suricata" ];
then
SURICATAPID="/var/run/suricata/suricata.${SURICATA}.pid"
eval SURICATAOPTS=\$SURICATA_OPTS_${SURICATAID}
eval SURICATALOGPATH=\$SURICATA_LOG_FILE_${SURICATAID}
+eval SURICATAUSER=\$SURICATA_USER_${SURICATAID}
+eval SURICATAGROUP=\$SURICATA_GROUP_${SURICATAID}
else
SURICATACONF=${SURICATA_CONF}
[ ${#SURICATACONF} -eq 0 ] && SURICATACONF="${SURICATA_DIR}/suricata.yaml"
|| SURICATACONF="${SURICATA_DIR}/${SURICATACONF}"
SURICATAPID="/var/run/suricata/suricata.pid"
SURICATAOPTS=${SURICATA_OPTS}
SURICATALOGPATH=${SURICATA_LOG_FILE}
+SURICATAUSER=${SURICATA_USER}
+SURICATAGROUP=${SURICATA_GROUP}
fi
+SURICATAUSER=${SURICATAUSER:-${SURICATA_USER}}
+SURICATAGROUP=${SURICATAGROUP:-${SURICATA_GROUP}}
[ -e ${SURICATACONF} ] && SURICATAOPTS="${SURICATAOPTS} -c ${SURICATACONF}"
description="Suricata IDS/IPS"
@@ -37,11 +43,6 @@ depend() {
}
checkconfig() {
- if [ ! -e ${SURICATACONF} ] ; then
- einfo "The configuration file ${SURICATACONF} was not found."
- einfo "If this is OK then make sure you set enough options for
${SVCNAME} in /etc/conf.d/suricata."
- einfo "Take a look at the suricata arguments --set and
--dump-config."
- fi
if [ ! -d "/var/run/suricata" ] ; then
checkpath -d /var/run/suricata
fi
@@ -52,9 +53,22 @@ checkconfig() {
if [ ! -d "${SURICATALOGPATH}" ] ; then
checkpath -d "${SURICATALOGPATH}"
fi
+ if [ ${#SURICATAUSER} -gt 0 ] && [ ${#SURICATAGROUP} -gt 0 ] &&
[ -e "${SURICATALOGPATH}" ]; then
+ chown ${SURICATAUSER}:${SURICATAGROUP}
"${SURICATALOGPATH}" || return 1
+ chown ${SURICATAUSER}:${SURICATAGROUP}
"${SURICATALOGPATH}"/* >/dev/null 2>&1 3>&1
+ fi
SURICATAOPTS="${SURICATAOPTS} --set
logging.outputs.1.file.filename=${SURICATALOGPATH}/${SURICATALOGFILE}"
SURICATALOGPATH="-l ${SURICATALOGPATH}"
fi
+ if [ ! -e ${SURICATACONF} ] ; then
+ einfo "The configuration file ${SURICATACONF} was not found."
+ einfo "If this is OK then make sure you set enough options for
${SVCNAME} in /etc/conf.d/suricata."
+ einfo "Take a look at the suricata arguments --set and
--dump-config."
+ fi
+ if [ ${#SURICATAUSER} -gt 0 ] && [ ${#SURICATAGROUP} -gt 0 ]; then
+ einfo "${SVCNAME} will run as user
${SURICATAUSER}:${SURICATAGROUP}."
+ SURICATAOPTS="${SURICATAOPTS} --user=${SURICATAUSER}
--group=${SURICATAGROUP}"
+ fi
}
initpidinfo() {
@@ -77,8 +91,7 @@ checkpidinfo() {
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, net-analyzer/suricata/files/
commit: a382935f837f6a18529793813228cb2731e9d36f
Author: Slawomir Lis gentoo org>
AuthorDate: Wed Dec 28 09:34:11 2016 +
Commit: Slawek Lis gentoo org>
CommitDate: Wed Dec 28 09:34:11 2016 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a382935f
net-analyzer/suricata: Updated suricata logging and added logrotate file
I've also bumped revision number, as there are many changes, and those fixes
should finally close bug 602590.
Thanks to Vieri yahoo.com> for support.
Package-Manager: Portage-2.3.3, Repoman-2.3.1
net-analyzer/suricata/files/suricata-3.2-conf | 11 +-
net-analyzer/suricata/files/suricata-3.2-init | 28 +++--
net-analyzer/suricata/files/suricata-logrotate | 6 +
net-analyzer/suricata/metadata.xml | 1 +
net-analyzer/suricata/suricata-3.2-r1.ebuild | 161 +
5 files changed, 189 insertions(+), 18 deletions(-)
diff --git a/net-analyzer/suricata/files/suricata-3.2-conf
b/net-analyzer/suricata/files/suricata-3.2-conf
index d900ade..fc6885d 100644
--- a/net-analyzer/suricata/files/suricata-3.2-conf
+++ b/net-analyzer/suricata/files/suricata-3.2-conf
@@ -41,11 +41,6 @@ SURICATA_OPTS="-i eth0"
# Log paths listed here will be created by the init script and will override
the log path
# set in the yaml file, if present.
-# SURICATA_LOG_PATH_q0="/var/log/suricata/q0"
-# SURICATA_LOG_PATH_q1="/var/log/suricata/q1"
-# SURICATA_LOG_PATH="/var/log/suricata"
-# SURICATA_LOG_FILE="suricata.log"
-
-# You can view all the available options you can set with --set
-# and check the full config settings in an easily parsable format.
-# SURICATA_DUMP=1
+# SURICATA_LOG_FILE_q0="/var/log/suricata/q0/suricata.log"
+# SURICATA_LOG_FILE_q1="/var/log/suricata/q1/suricata.log"
+# SURICATA_LOG_FILE="/var/log/suricata/suricata.log"
diff --git a/net-analyzer/suricata/files/suricata-3.2-init
b/net-analyzer/suricata/files/suricata-3.2-init
index 3ec6afd..1717dbb 100644
--- a/net-analyzer/suricata/files/suricata-3.2-init
+++ b/net-analyzer/suricata/files/suricata-3.2-init
@@ -12,18 +12,23 @@ if [ -n "${SURICATA}" ] && [ ${SVCNAME} != "suricata" ];
then
[ ${#SURICATACONF} -eq 0 ] &&
SURICATACONF="${SURICATA_DIR}/suricata-${SURICATA}.yaml" ||
SURICATACONF="${SURICATA_DIR}/${SURICATACONF}"
SURICATAPID="/var/run/suricata/suricata.${SURICATA}.pid"
eval SURICATAOPTS=\$SURICATA_OPTS_${SURICATAID}
-eval SURICATALOGPATH=\$SURICATA_LOG_PATH_${SURICATAID}
+eval SURICATALOGPATH=\$SURICATA_LOG_FILE_${SURICATAID}
else
SURICATACONF=${SURICATA_CONF}
[ ${#SURICATACONF} -eq 0 ] && SURICATACONF="${SURICATA_DIR}/suricata.yaml"
|| SURICATACONF="${SURICATA_DIR}/${SURICATACONF}"
SURICATAPID="/var/run/suricata/suricata.pid"
SURICATAOPTS=${SURICATA_OPTS}
-SURICATALOGPATH=${SURICATA_LOG_PATH}
+SURICATALOGPATH=${SURICATA_LOG_FILE}
fi
[ -e ${SURICATACONF} ] && SURICATAOPTS="${SURICATAOPTS} -c ${SURICATACONF}"
-extra_commands="checkconfig"
+description="Suricata IDS/IPS"
+extra_commands="checkconfig dump"
+description_checkconfig="Check config for ${SVCNAME}"
+description_dump="List all config values that can be used with --set"
extra_started_commands="reload relog"
+description_reload="Live rule and config reload"
+description_relog="Close and re-open all log files"
depend() {
need net
@@ -41,10 +46,12 @@ checkconfig() {
checkpath -d /var/run/suricata
fi
if [ ${#SURICATALOGPATH} -gt 0 ]; then
+ SURICATALOGFILE=$( basename ${SURICATA_LOG_FILE} )
+ SURICATALOGFILE=${SURICATALOGFILE:-suricata.log}
+ SURICATALOGPATH=$( dirname ${SURICATALOGPATH} )
if [ ! -d "${SURICATALOGPATH}" ] ; then
checkpath -d "${SURICATALOGPATH}"
fi
- SURICATALOGFILE=${SURICATA_LOG_FILE:-suricata.log}
SURICATAOPTS="${SURICATAOPTS} --set
logging.outputs.1.file.filename=${SURICATALOGPATH}/${SURICATALOGFILE}"
SURICATALOGPATH="-l ${SURICATALOGPATH}"
fi
@@ -77,12 +84,6 @@ checkpidinfo() {
start() {
checkconfig || return 1
- if [ $((SURICATA_DUMP)) -eq 1 ]; then
- einfo "Dumping ${SVCNAME} config values and quitting."
- ${SURICATA_BIN} --dump-config --pidfile ${SURICATAPID}
${SURICATAOPTS} ${SURICATALOGPATH}
- einfo "You need to disable SURICATA_DUMP to start ${SVCNAME}."
- return 1
- fi
ebegin "Starting ${SVCNAME}"
start-stop-daemon --start --quiet --exec ${SURICATA_BIN} \
-- --pidfile ${SURICATAPID} -D ${SURICATAOPTS}
${SURICATALOGPATH} >/dev/null 2>&1
@@ -145,3 +146,10 @@ relog() {
start-stop-daemon --signal HUP --pidfile ${SURICATAPID}
eend $?
}
+
+dump() {
+ checkconfig || return 1
+ ebegin "Dumping ${SVCNAME} config values and quitting."
+ ${SURICATA_BIN} --dump-config --pidfile ${SURICATAPID}
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/files/
commit: 46b93f31143ddd9e2c0d2d45332a0feeefc3df84
Author: Slawomir Lis gentoo org>
AuthorDate: Tue Dec 27 10:43:03 2016 +
Commit: Slawek Lis gentoo org>
CommitDate: Tue Dec 27 10:43:03 2016 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=46b93f31
net-analyzer/suricata: Updated init script
Now it's able to override config filename and point to log directory.
Related to #602590
Thanks to Vieri yahoo.com>
Package-Manager: Portage-2.3.3, Repoman-2.3.1
net-analyzer/suricata/files/suricata-3.2-conf | 23 ++--
net-analyzer/suricata/files/suricata-3.2-init | 30 +--
2 files changed, 45 insertions(+), 8 deletions(-)
diff --git a/net-analyzer/suricata/files/suricata-3.2-conf
b/net-analyzer/suricata/files/suricata-3.2-conf
index 61715ba..d900ade 100644
--- a/net-analyzer/suricata/files/suricata-3.2-conf
+++ b/net-analyzer/suricata/files/suricata-3.2-conf
@@ -19,9 +19,17 @@
# ln -s /etc/init.d/suricata /etc/init.d/suricata.q1
# cp /etc/suricata/suricata.yaml /etc/suricata/suricata-q0.yaml
# cp /etc/suricata/suricata.yaml /etc/suricata/suricata-q1.yaml
+#
# Edit both suricata-q{0,1}.yaml files and set values accordingly.
-#
-# You can then define the following options here:
+# You can override these yaml config file names with SURICATA_CONF* below
(optional).
+# This allows you to use the same yaml config file for multiple instances as
long as you override
+# sensible options such as the log file paths.
+# SURICATA_CONF_q0="suricata-queues.yaml"
+# SURICATA_CONF_q1="suricata-queues.yaml"
+# SURICATA_CONF="suricata.yaml"
+
+# You can define the options here:
+# NB: avoid using -l, -c and setting logging.outputs.1.file.filename as the
init script will try to set them for you.
# SURICATA_OPTS_q0="-q 0"
# SURICATA_OPTS_q1="-q 1"
@@ -30,3 +38,14 @@
# then you can set:
SURICATA_OPTS="-i eth0"
+
+# Log paths listed here will be created by the init script and will override
the log path
+# set in the yaml file, if present.
+# SURICATA_LOG_PATH_q0="/var/log/suricata/q0"
+# SURICATA_LOG_PATH_q1="/var/log/suricata/q1"
+# SURICATA_LOG_PATH="/var/log/suricata"
+# SURICATA_LOG_FILE="suricata.log"
+
+# You can view all the available options you can set with --set
+# and check the full config settings in an easily parsable format.
+# SURICATA_DUMP=1
diff --git a/net-analyzer/suricata/files/suricata-3.2-init
b/net-analyzer/suricata/files/suricata-3.2-init
index d612815..3ec6afd 100644
--- a/net-analyzer/suricata/files/suricata-3.2-init
+++ b/net-analyzer/suricata/files/suricata-3.2-init
@@ -8,13 +8,17 @@ SURICATA_DIR=${SURICATA_DIR:-/etc/suricata}
SURICATA=${SVCNAME#*.}
SURICATAID=$(shell_var "${SURICATA}")
if [ -n "${SURICATA}" ] && [ ${SVCNAME} != "suricata" ]; then
-SURICATACONF="${SURICATA_DIR}/suricata-${SURICATA}.yaml"
+eval SURICATACONF=\$SURICATA_CONF_${SURICATAID}
+[ ${#SURICATACONF} -eq 0 ] &&
SURICATACONF="${SURICATA_DIR}/suricata-${SURICATA}.yaml" ||
SURICATACONF="${SURICATA_DIR}/${SURICATACONF}"
SURICATAPID="/var/run/suricata/suricata.${SURICATA}.pid"
eval SURICATAOPTS=\$SURICATA_OPTS_${SURICATAID}
+eval SURICATALOGPATH=\$SURICATA_LOG_PATH_${SURICATAID}
else
-SURICATACONF="${SURICATA_DIR}/suricata.yaml"
+SURICATACONF=${SURICATA_CONF}
+[ ${#SURICATACONF} -eq 0 ] && SURICATACONF="${SURICATA_DIR}/suricata.yaml"
|| SURICATACONF="${SURICATA_DIR}/${SURICATACONF}"
SURICATAPID="/var/run/suricata/suricata.pid"
SURICATAOPTS=${SURICATA_OPTS}
+SURICATALOGPATH=${SURICATA_LOG_PATH}
fi
[ -e ${SURICATACONF} ] && SURICATAOPTS="${SURICATAOPTS} -c ${SURICATACONF}"
@@ -36,6 +40,14 @@ checkconfig() {
if [ ! -d "/var/run/suricata" ] ; then
checkpath -d /var/run/suricata
fi
+ if [ ${#SURICATALOGPATH} -gt 0 ]; then
+ if [ ! -d "${SURICATALOGPATH}" ] ; then
+ checkpath -d "${SURICATALOGPATH}"
+ fi
+ SURICATALOGFILE=${SURICATA_LOG_FILE:-suricata.log}
+ SURICATAOPTS="${SURICATAOPTS} --set
logging.outputs.1.file.filename=${SURICATALOGPATH}/${SURICATALOGFILE}"
+ SURICATALOGPATH="-l ${SURICATALOGPATH}"
+ fi
}
initpidinfo() {
@@ -65,13 +77,19 @@ checkpidinfo() {
start() {
checkconfig || return 1
+ if [ $((SURICATA_DUMP)) -eq 1 ]; then
+ einfo "Dumping ${SVCNAME} config values and quitting."
+ ${SURICATA_BIN} --dump-config --pidfile ${SURICATAPID}
${SURICATAOPTS} ${SURICATALOGPATH}
+ einfo "You need to disable SURICATA_DUMP to start ${SVCNAME}."
+ return 1
+ fi
ebegin "Starting ${SVCNAME}"
start-stop-daemon --start --quiet --exec ${SURICATA_BIN} \
- -- --pidfile ${SURICATAPID} -D ${SURICATAOPTS} >/dev/null 2>&1
+ -- --pidfile ${SURICATAPID} -D ${SURICATAOPTS}
${SURICATALOGPATH} >/dev/null 2>&1
local SUR_EXIT=$?
if [
[gentoo-commits] repo/gentoo:master commit in: net-analyzer/suricata/, net-analyzer/suricata/files/
commit: a43050c1456321619ef97dfdeb5a158593fef58d
Author: Slawomir Lis gentoo org>
AuthorDate: Tue Dec 27 07:33:10 2016 +
Commit: Slawek Lis gentoo org>
CommitDate: Tue Dec 27 07:33:10 2016 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a43050c1
net-analyzer/suricata: updated init script and config file
Updated way the script starts suricata, it allows to define config values
inline now.
Details in bug 602590.
Package-Manager: Portage-2.3.3, Repoman-2.3.1
net-analyzer/suricata/files/suricata-3.2-conf | 4 ++--
net-analyzer/suricata/files/suricata-3.2-init | 26 --
net-analyzer/suricata/suricata-3.2.ebuild | 2 --
3 files changed, 14 insertions(+), 18 deletions(-)
diff --git a/net-analyzer/suricata/files/suricata-3.2-conf
b/net-analyzer/suricata/files/suricata-3.2-conf
index bc6e281..61715ba 100644
--- a/net-analyzer/suricata/files/suricata-3.2-conf
+++ b/net-analyzer/suricata/files/suricata-3.2-conf
@@ -23,8 +23,8 @@
#
# You can then define the following options here:
-# SURICATA_OPTS_q0="-i eth0"
-# SURICATA_OPTS_q1="-i eth1"
+# SURICATA_OPTS_q0="-q 0"
+# SURICATA_OPTS_q1="-q 1"
# If you want to use ${SURICATA_DIR}/suricata.yaml and start the service with
/etc/init.d/suricata
# then you can set:
diff --git a/net-analyzer/suricata/files/suricata-3.2-init
b/net-analyzer/suricata/files/suricata-3.2-init
index 3a9c356..d612815 100644
--- a/net-analyzer/suricata/files/suricata-3.2-init
+++ b/net-analyzer/suricata/files/suricata-3.2-init
@@ -16,6 +16,7 @@ else
SURICATAPID="/var/run/suricata/suricata.pid"
SURICATAOPTS=${SURICATA_OPTS}
fi
+[ -e ${SURICATACONF} ] && SURICATAOPTS="${SURICATAOPTS} -c ${SURICATACONF}"
extra_commands="checkconfig"
extra_started_commands="reload relog"
@@ -28,8 +29,9 @@ depend() {
checkconfig() {
if [ ! -e ${SURICATACONF} ] ; then
- eerror "You need to create ${SURICATACONF} to run ${SVCNAME}."
- return 1
+ einfo "The configuration file ${SURICATACONF} was not found."
+ einfo "If this is OK then make sure you set enough options for
${SVCNAME} in /etc/conf.d/suricata."
+ einfo "Take a look at the suricata arguments --set and
--dump-config."
fi
if [ ! -d "/var/run/suricata" ] ; then
checkpath -d /var/run/suricata
@@ -37,7 +39,7 @@ checkconfig() {
}
initpidinfo() {
- [ -f ${SURICATAPID} ] && SUR_PID="$(cat ${SURICATAPID})"
+ [ -e ${SURICATAPID} ] && SUR_PID="$(cat ${SURICATAPID})"
if [ ${#SUR_PID} -gt 0 ]; then
SUR_PID_CHECK="$(ps -eo pid | grep -c ${SUR_PID})"
SUR_USER="$(ps -p ${SUR_PID} --no-headers -o user)"
@@ -46,7 +48,7 @@ initpidinfo() {
checkpidinfo() {
initpidinfo
-if [ ! -f ${SURICATAPID} ]; then
+if [ ! -e ${SURICATAPID} ]; then
eerror "${SVCNAME} isn't running"
return 1
elif [ ${#SUR_PID} -eq 0 ] || [ $((SUR_PID_CHECK)) -ne 1 ]; then
@@ -65,12 +67,11 @@ start() {
checkconfig || return 1
ebegin "Starting ${SVCNAME}"
start-stop-daemon --start --quiet --exec ${SURICATA_BIN} \
- -- --pidfile ${SURICATAPID} -D ${SURICATAOPTS} \
--c ${SURICATACONF} >/dev/null 2>&1
+ -- --pidfile ${SURICATAPID} -D ${SURICATAOPTS} >/dev/null 2>&1
local SUR_EXIT=$?
if [ $((SUR_EXIT)) -ne 0 ]; then
einfo "Could not start ${SURICATA_BIN} with:"
- einfo "--pidfile ${SURICATAPID} -D ${SURICATAOPTS} -c
${SURICATACONF}"
+ einfo "--pidfile ${SURICATAPID} -D ${SURICATAOPTS}"
einfo "Exit code ${SUR_EXIT}"
fi
eend ${SUR_EXIT}
@@ -80,14 +81,13 @@ stop() {
ebegin "Stopping ${SVCNAME}"
initpidinfo
start-stop-daemon --stop --quiet --pidfile ${SURICATAPID} >/dev/null
2>&1
- einfon "Waiting for ${SVCNAME} to shut down. This can take a while..."
- echo
+ einfo "Waiting for ${SVCNAME} to shut down. This can take a while..."
# max wait: 5 minutes as it can take quite a while on some systems with
heavy traffic
local cnt=300
- while [ -f ${SURICATAPID} ] && [ $cnt -gt 0 ]; do
+ while [ -e ${SURICATAPID} ] && [ $cnt -gt 0 ]; do
cnt=$(expr $cnt - 1)
sleep 1
- echo -ne "$cnt seconds left before we give up checking the PID
file...\r"
+ einfo -ne "$cnt seconds left before we give up checking the PID
file...\r"
done
# under certain conditions suricata can be pretty slow and the PID can
persist long after the pidfile has been removed
# max wait for process to terminate: 1 minute
@@ -95,19 +95,17 @@ stop() {
cnt=60
SUR_PID_CHECK="$(ps -eo pid | grep -c ${SUR_PID})"
if [ $((SUR_PID_CHECK)) -ne 0 ]; then
- echo
einfo "The PID file ${SURICATAPID} is
