--- /dev/null
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=snort3
+PKG_VERSION:=3.0.0-beta
+PKG_VERSION_SHORT:=3.0.0
+PKG_RELEASE:=1
+
+PKG_LICENSE:=GPL-2.0
+PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
+
+PKG_SOURCE:=snort-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://www.snort.org/downloads/snortplus/
+PKG_HASH:=ea4079c551002e4d83586f05b3ecdae72706a46ec223339b87ce60f7ae30b8a2
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)/snort-$(PKG_VERSION_SHORT)
+PKG_FIXUP:=autoreconf
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+define Package/snort3
+ SUBMENU:=Firewall
+ SECTION:=net
+ CATEGORY:=Network
+ DEPENDS:=+libstdcpp +libdaq +libdnet +libopenssl +libpcap +libpcre +libpthread +libuuid +zlib +libhwloc +libtirpc +luajit
+ TITLE:=Lightweight Network Intrusion Detection System
+ URL:=http://www.snort.org/
+ MENU:=1
+endef
+
+define Package/snort3/description
+ Snort is an open source network intrusion detection and prevention system.
+ It is capable of performing real-time traffic analysis, alerting, blocking
+ and packet logging on IP networks. It utilizes a combination of protocol
+ analysis and pattern matching in order to detect anomalies, misuse and
+ attacks.
+endef
+
+CMAKE_OPTIONS += \
+ -DENABLE_STATIC_DAQ:BOOL=NO \
+ -DENABLE_COREFILES:BOOL=NO \
+ -DENABLE_GDB:BOOL=NO \
+ -DMAKE_DOC:BOOL=NO \
+ -DMAKE_HTML_DOC:BOOL=NO \
+ -DMAKE_PDF_DOC:BOOL=NO \
+ -DMAKE_TEXT_DOC:BOOL=NO \
+
+TARGET_CFLAGS += -I$(STAGING_DIR)/usr/include/tirpc
+TARGET_LDFLAGS += -ltirpc
+
+define Package/snort3/conffiles
+/etc/config/snort
+endef
+
+define Package/snort3/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) \
+ $(PKG_INSTALL_DIR)/usr/bin/snort \
+ $(1)/usr/bin/
+
+ $(INSTALL_BIN) \
+ $(PKG_INSTALL_DIR)/usr/bin/u2{boat,spewfoo} \
+ $(1)/usr/bin/
+
+ $(INSTALL_DIR) $(1)/usr/lib/snort
+ $(CP) \
+ $(PKG_INSTALL_DIR)/usr/lib/snort/daqs/daq_hext.so \
+ $(1)/usr/lib/snort/
+
+ $(CP) \
+ $(PKG_INSTALL_DIR)/usr/lib/snort/daqs/daq_file.so \
+ $(1)/usr/lib/snort/
+
+ $(INSTALL_DIR) $(1)/usr/share/lua
+ $(CP) \
+ $(PKG_INSTALL_DIR)/usr/include/snort/lua/snort_plugin.lua \
+ $(1)/usr/share/lua/
+
+ $(CP) \
+ $(PKG_INSTALL_DIR)/usr/include/snort/lua/snort_config.lua \
+ $(1)/usr/share/lua/
+
+ $(INSTALL_DIR) $(1)/etc/snort
+
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) \
+ ./files/snort.init \
+ $(1)/etc/init.d/snort
+
+ $(INSTALL_DIR) $(1)/etc/config
+ $(INSTALL_CONF) \
+ ./files/snort.config \
+ $(1)/etc/config/snort
+endef
+
+$(eval $(call BuildPackage,snort3))
--- /dev/null
+#!/bin/sh /etc/rc.common
+
+START=99
+STOP=10
+
+USE_PROCD=1
+PROG=/usr/bin/snort
+
+validate_snort_section() {
+ uci_validate_section snort snort "${1}" \
+ 'config_dir:string' \
+ 'alert_module:string' \
+ 'interface:string'
+}
+
+start_service() {
+ local config_file interface
+
+ validate_snort_section snort || {
+ echo "validation failed"
+ return 1
+ }
+
+ procd_open_instance
+ procd_set_param command $PROG -q --daq-dir /usr/lib/daq/ -i "$interface" -c "$config_dir/snort.lua" -A "$alert_module"
+ procd_set_param env SNORT_LUA_PATH="$config_dir"
+ procd_set_param file $CONFIGFILE
+ procd_set_param respawn
+ procd_close_instance
+}
+
+stop_service()
+{
+ service_stop ${PROG}
+}
+
+service_triggers()
+{
+ procd_add_reload_trigger "snort"
+ procd_add_validation validate_snort_section
+}
--- /dev/null
+diff -u --recursive snort-3.0.0-vanilla/daqs/daq_file.c snort-3.0.0/daqs/daq_file.c
+--- snort-3.0.0-vanilla/daqs/daq_file.c 2018-08-28 02:01:02.000000000 -0400
++++ snort-3.0.0/daqs/daq_file.c 2019-03-28 23:03:25.292770141 -0400
+@@ -33,7 +33,7 @@
+
+ #include <sys/types.h>
+ #include <sys/time.h>
+-#include <sys/unistd.h>
++#include <unistd.h>
+
+ #include <daq_api.h>
+ #include <sfbpf_dlt.h>
+diff -u --recursive snort-3.0.0-vanilla/daqs/daq_hext.c snort-3.0.0/daqs/daq_hext.c
+--- snort-3.0.0-vanilla/daqs/daq_hext.c 2018-08-28 02:01:02.000000000 -0400
++++ snort-3.0.0/daqs/daq_hext.c 2019-03-28 22:54:15.738207157 -0400
+@@ -35,7 +35,7 @@
+ #include <arpa/inet.h>
+ #include <sys/types.h>
+ #include <sys/time.h>
+-#include <sys/unistd.h>
++#include <unistd.h>
+ #include <sys/socket.h>
+
+ #include <daq_api.h>
+diff -u --recursive snort-3.0.0-vanilla/src/network_inspectors/appid/service_plugins/service_rpc.cc snort-3.0.0/src/network_inspectors/appid/service_plugins/service_rpc.cc
+--- snort-3.0.0-vanilla/src/network_inspectors/appid/service_plugins/service_rpc.cc 2018-08-28 02:01:02.000000000 -0400
++++ snort-3.0.0/src/network_inspectors/appid/service_plugins/service_rpc.cc 2019-03-28 22:32:04.211783669 -0400
+@@ -27,6 +27,7 @@
+
+ #include <netdb.h>
+
++#include <tirpc/rpc/rpcent.h>
+ #if defined(__FreeBSD__) || defined(__OpenBSD__)
+ #include <rpc/rpc.h>
+ #elif defined(__sun)
+diff -u --recursive snort-3.0.0-vanilla/src/utils/util.cc snort-3.0.0/src/utils/util.cc
+--- snort-3.0.0-vanilla/src/utils/util.cc 2018-08-28 02:01:02.000000000 -0400
++++ snort-3.0.0/src/utils/util.cc 2019-03-28 22:16:16.860942230 -0400
+@@ -605,13 +605,8 @@
+ {
+ static THREAD_LOCAL char buf[128];
+
+-#if (defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE < 200112L && \
+- defined(_XOPEN_SOURCE) && _XOPEN_SOURCE < 600) || _GNU_SOURCE
+- return strerror_r(errnum, buf, sizeof(buf));
+-#else
+ (void)strerror_r(errnum, buf, sizeof(buf));
+ return buf;
+-#endif
+ }
+
+ char* snort_strndup(const char* src, size_t dst_size)
projects / feed / packages.git / commitdiff