diff options
author | Marek Szuba <marecki@gentoo.org> | 2019-12-16 15:56:33 +0000 |
---|---|---|
committer | Marek Szuba <marecki@gentoo.org> | 2019-12-16 16:05:06 +0000 |
commit | da28437322994c655e77d94dcd82d01d575fce58 (patch) | |
tree | de4c18ff781f3285295e2064eaeccdcf292f3ca7 /net-analyzer/suricata/files | |
parent | media-fonts/glass-tty-vt220: arm64 stable (bug #702796) (diff) | |
download | gentoo-da28437322994c655e77d94dcd82d01d575fce58.tar.gz gentoo-da28437322994c655e77d94dcd82d01d575fce58.tar.bz2 gentoo-da28437322994c655e77d94dcd82d01d575fce58.zip |
net-analyzer/suricata: bump to 5.0.0 and EAPI 7
Package-Manager: Portage-2.3.79, Repoman-2.3.16
Signed-off-by: Marek Szuba <marecki@gentoo.org>
Diffstat (limited to 'net-analyzer/suricata/files')
5 files changed, 122 insertions, 0 deletions
diff --git a/net-analyzer/suricata/files/suricata-5.0.0_configure-lua-flags.patch b/net-analyzer/suricata/files/suricata-5.0.0_configure-lua-flags.patch new file mode 100644 index 000000000000..be956fd94d40 --- /dev/null +++ b/net-analyzer/suricata/files/suricata-5.0.0_configure-lua-flags.patch @@ -0,0 +1,16 @@ +--- a/configure.ac ++++ b/configure.ac +@@ -1749,11 +1749,11 @@ + # liblua + AC_ARG_ENABLE(lua, + AS_HELP_STRING([--enable-lua],[Enable Lua support]), +- [ enable_lua="$enableval"], ++ [], + [ enable_lua="no"]) + AC_ARG_ENABLE(luajit, + AS_HELP_STRING([--enable-luajit],[Enable Luajit support]), +- [ enable_luajit="$enableval"], ++ [], + [ enable_luajit="no"]) + if test "$enable_lua" = "yes"; then + if test "$enable_luajit" = "yes"; then diff --git a/net-analyzer/suricata/files/suricata-5.0.0_configure-no-lz4-automagic.patch b/net-analyzer/suricata/files/suricata-5.0.0_configure-no-lz4-automagic.patch new file mode 100644 index 000000000000..5efce46f6d9f --- /dev/null +++ b/net-analyzer/suricata/files/suricata-5.0.0_configure-no-lz4-automagic.patch @@ -0,0 +1,23 @@ +--- a/configure.ac ++++ b/configure.ac +@@ -2292,7 +2292,11 @@ + fi + + # Check for lz4 +-enable_liblz4="yes" ++AC_ARG_ENABLE(lz4, ++ AS_HELP_STRING([--enable-lz4], [Enable compressed pcap logging using liblz4]), ++ [enable_liblz4=$enableval], ++ [enable_liblz4=yes]) ++if test "x$enable_liblz4" != "xno"; then + AC_CHECK_LIB(lz4, LZ4F_createCompressionContext, , enable_liblz4="no") + + if test "$enable_liblz4" = "no"; then +@@ -2306,6 +2310,7 @@ + echo " yum install lz4-devel" + echo + fi ++fi + + # get cache line size + AC_PATH_PROG(HAVE_GETCONF_CMD, getconf, "no") diff --git a/net-analyzer/suricata/files/suricata-5.0.0_default-config.patch b/net-analyzer/suricata/files/suricata-5.0.0_default-config.patch new file mode 100644 index 000000000000..07a45c9a5747 --- /dev/null +++ b/net-analyzer/suricata/files/suricata-5.0.0_default-config.patch @@ -0,0 +1,61 @@ +--- a/suricata.yaml.in ++++ b/suricata.yaml.in +@@ -203,8 +203,9 @@ + # https://suricata.readthedocs.io/en/latest/output/eve/eve-json-output.html#dns-v1-format + + # As of Suricata 5.0, version 2 of the eve dns output +- # format is the default. +- #version: 2 ++ # format is the default - but the daemon produces a warning to that effect ++ # at start-up if this isn't explicitly set. ++ version: 2 + + # Enable/disable this logger. Default: enabled. + #enabled: yes +@@ -978,9 +979,9 @@ + ## + + # Run suricata as user and group. +-#run-as: +-# user: suri +-# group: suri ++run-as: ++ user: suricata ++ group: suricata + + # Some logging module will use that name in event as identifier. The default + # value is the hostname +@@ -1806,16 +1807,28 @@ + hashmode: hash5tuplesorted + + ## +-## Configure Suricata to load Suricata-Update managed rules. +-## +-## If this section is completely commented out move down to the "Advanced rule +-## file configuration". ++## Configure Suricata to load default rules it comes with. + ## + + default-rule-path: @e_defaultruledir@ + + rule-files: +- - suricata.rules ++ - /etc/suricata/rules/app-layer-events.rules ++ - /etc/suricata/rules/decoder-events.rules ++ - /etc/suricata/rules/dhcp-events.rules ++ - /etc/suricata/rules/dnp3-events.rules ++ - /etc/suricata/rules/dns-events.rules ++ - /etc/suricata/rules/files.rules ++ - /etc/suricata/rules/http-events.rules ++ - /etc/suricata/rules/ipsec-events.rules ++ - /etc/suricata/rules/kerberos-events.rules ++ - /etc/suricata/rules/modbus-events.rules ++ - /etc/suricata/rules/nfs-events.rules ++ - /etc/suricata/rules/ntp-events.rules ++ - /etc/suricata/rules/smb-events.rules ++ - /etc/suricata/rules/smtp-events.rules ++ - /etc/suricata/rules/stream-events.rules ++ - /etc/suricata/rules/tls-events.rules + + ## + ## Auxiliary configuration files. diff --git a/net-analyzer/suricata/files/suricata.service b/net-analyzer/suricata/files/suricata.service new file mode 100644 index 000000000000..5e617388018f --- /dev/null +++ b/net-analyzer/suricata/files/suricata.service @@ -0,0 +1,21 @@ +[Unit] +Description=Suricata IDS/IDP daemon +After=network.target +Requires=network.target +Documentation=man:suricata(8) man:suricatasc(8) +Documentation=https://redmine.openinfosecfoundation.org/projects/suricata/wiki + +[Service] +Type=forking +Environment=OPTIONS='-c /etc/suricata/suricata.yaml' +CapabilityBoundingSet=CAP_NET_ADMIN +PIDFile=/var/run/suricata/suricata.pid +ExecStart=/usr/bin/suricata --pidfile /var/run/suricata/suricata.pid $OPTIONS +ExecReload=/bin/kill -HUP $MAINPID +ExecStop=/bin/kill $MAINPID +PrivateTmp=yes +ProtectHome=yes + +[Install] +WantedBy=multi-user.target + diff --git a/net-analyzer/suricata/files/suricata.tmpfiles b/net-analyzer/suricata/files/suricata.tmpfiles new file mode 100644 index 000000000000..46fe50842978 --- /dev/null +++ b/net-analyzer/suricata/files/suricata.tmpfiles @@ -0,0 +1 @@ +d /var/run/suricata - - - - |