diff options
Diffstat (limited to 'meta-networking/recipes-connectivity/snort')
-rw-r--r-- | meta-networking/recipes-connectivity/snort/snort/disable-run-test-program-while-cross-compiling.patch | 2 | ||||
-rw-r--r-- | meta-networking/recipes-connectivity/snort/snort/snort.default | 1 | ||||
-rw-r--r-- | meta-networking/recipes-connectivity/snort/snort/snort.service | 12 | ||||
-rw-r--r-- | meta-networking/recipes-connectivity/snort/snort3/0001-cmake-Check-for-HP-libunwind.patch | 33 | ||||
-rw-r--r-- | meta-networking/recipes-connectivity/snort/snort3/0001-cmake-Pass-noline-flag-to-flex.patch | 31 | ||||
-rw-r--r-- | meta-networking/recipes-connectivity/snort/snort3_3.1.84.0.bb | 38 | ||||
-rw-r--r-- | meta-networking/recipes-connectivity/snort/snort_2.9.20.bb (renamed from meta-networking/recipes-connectivity/snort/snort_2.9.19.bb) | 24 |
7 files changed, 136 insertions, 5 deletions
diff --git a/meta-networking/recipes-connectivity/snort/snort/disable-run-test-program-while-cross-compiling.patch b/meta-networking/recipes-connectivity/snort/snort/disable-run-test-program-while-cross-compiling.patch index 30ec174395..98c20b6ecf 100644 --- a/meta-networking/recipes-connectivity/snort/snort/disable-run-test-program-while-cross-compiling.patch +++ b/meta-networking/recipes-connectivity/snort/snort/disable-run-test-program-while-cross-compiling.patch @@ -6,7 +6,7 @@ Subject: [PATCH] Disable run test program while cross compiling fix configure error: configure: error: cannot run test program while cross compiling -Upstream-Status:Inappropriate [embedded specific] +Upstream-Status: Inappropriate [embedded specific] Signed-off-by: Yi Zhao <yi.zhao@windriver.com> --- diff --git a/meta-networking/recipes-connectivity/snort/snort/snort.default b/meta-networking/recipes-connectivity/snort/snort/snort.default new file mode 100644 index 0000000000..f1f67c55c0 --- /dev/null +++ b/meta-networking/recipes-connectivity/snort/snort/snort.default @@ -0,0 +1 @@ +INTERFACES="eth0" diff --git a/meta-networking/recipes-connectivity/snort/snort/snort.service b/meta-networking/recipes-connectivity/snort/snort/snort.service new file mode 100644 index 0000000000..487328c1b0 --- /dev/null +++ b/meta-networking/recipes-connectivity/snort/snort/snort.service @@ -0,0 +1,12 @@ +[Unit] +Description=Snort NIDS Daemon +After=syslog.target network.target + +[Service] +Type=simple +EnvironmentFile=/etc/default/snort +ExecStartPre=/bin/mkdir -p /var/log/snort +ExecStart=/usr/bin/snort -q -c /etc/snort/snort.conf -l /var/log/snort -i $INTERFACES + +[Install] +WantedBy=multi-user.target diff --git a/meta-networking/recipes-connectivity/snort/snort3/0001-cmake-Check-for-HP-libunwind.patch b/meta-networking/recipes-connectivity/snort/snort3/0001-cmake-Check-for-HP-libunwind.patch new file mode 100644 index 0000000000..7b7a0d098f --- /dev/null +++ b/meta-networking/recipes-connectivity/snort/snort3/0001-cmake-Check-for-HP-libunwind.patch @@ -0,0 +1,33 @@ +From 433a412fad2ab0383ac3c625d183a71684f2b97b Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Tue, 20 Feb 2024 15:35:14 -0800 +Subject: [PATCH] cmake: Check for HP libunwind + +This is to ensure that cmake does not detect LLVM unwinder, which +can provide the support for some HP unwinder functionality but not all +e.g. unw_strerror goes missing. By checking for libunwind-common.h in +tests we ensure that this test passes only with HP libunwind. + +Upstream-Status: Inappropriate [OE-Specific] + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + cmake/FindLibunwind.cmake | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/cmake/FindLibunwind.cmake b/cmake/FindLibunwind.cmake +index f66800a18..1ad66fc83 100644 +--- a/cmake/FindLibunwind.cmake ++++ b/cmake/FindLibunwind.cmake +@@ -22,7 +22,7 @@ find_package(PkgConfig QUIET) + pkg_check_modules(PC_LIBUNWIND libunwind) + + find_path(LIBUNWIND_INCLUDE_DIRS +- NAMES libunwind.h ++ NAMES libunwind-common.h + HINTS ${PC_LIBUNWIND_INCLUDE_DIRS} + ) + +-- +2.43.2 + diff --git a/meta-networking/recipes-connectivity/snort/snort3/0001-cmake-Pass-noline-flag-to-flex.patch b/meta-networking/recipes-connectivity/snort/snort3/0001-cmake-Pass-noline-flag-to-flex.patch new file mode 100644 index 0000000000..ec7b90cfb4 --- /dev/null +++ b/meta-networking/recipes-connectivity/snort/snort3/0001-cmake-Pass-noline-flag-to-flex.patch @@ -0,0 +1,31 @@ +From 417ed0045b3d04f539a8eb18b07a208c75f6c7e1 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Tue, 20 Feb 2024 16:08:20 -0800 +Subject: [PATCH] cmake: Pass --noline flag to flex + +This ensures that line directive is not emitted into lexer output which +could be absolute build paths, since these files end up in dbg packages +this can be flagged as a build/packaging warning. + +Upstream-Status: Pending +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + cmake/configure_options.cmake | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/cmake/configure_options.cmake b/cmake/configure_options.cmake +index f3673f399..fbd0bd2c3 100644 +--- a/cmake/configure_options.cmake ++++ b/cmake/configure_options.cmake +@@ -28,7 +28,7 @@ if ( ENABLE_LARGE_PCAP ) + endif ( ENABLE_LARGE_PCAP ) + + # Flex Lexer +-set ( FLEX_FLAGS "-Ca" ) ++set ( FLEX_FLAGS "-Ca --noline" ) + + # documentation + +-- +2.43.2 + diff --git a/meta-networking/recipes-connectivity/snort/snort3_3.1.84.0.bb b/meta-networking/recipes-connectivity/snort/snort3_3.1.84.0.bb new file mode 100644 index 0000000000..ee84aa17e7 --- /dev/null +++ b/meta-networking/recipes-connectivity/snort/snort3_3.1.84.0.bb @@ -0,0 +1,38 @@ +SUMMARY = "snort3" +DESCRIPTION = "snort3 - a free lightweight network intrusion detection system for UNIX and Windows." +HOMEPAGE = "http://www.snort.org/" +SECTION = "net" +LICENSE = "GPL-2.0-only" +LIC_FILES_CHKSUM = "file://COPYING;md5=78fa8ef966b48fbf9095e13cc92377c5" + +DEPENDS = "flex-native hwloc libdaq libdnet libpcap libpcre libtirpc libunwind luajit zlib" + +SRC_URI = "git://github.com/snort3/snort3.git;protocol=https;branch=master \ + file://0001-cmake-Check-for-HP-libunwind.patch \ + file://0001-cmake-Pass-noline-flag-to-flex.patch" +SRCREV = "e7312efd840d66a52a2019abe1db7cc89ca0f39a" + +S = "${WORKDIR}/git" + +PACKAGES =+ "${PN}-scripts" + +inherit cmake pkgconfig + +do_install:append() { + sed -i "s#${RECIPE_SYSROOT_NATIVE}##g; s#${RECIPE_SYSROOT}##g" ${D}${libdir}/pkgconfig/snort.pc +} + +FILES:${PN} += "${libdir}/snort/daq/*.so" + +FILES:${PN}-scripts = "${bindir}/appid_detector_builder.sh" + +RDEPENDS:${PN}-scripts += "bash" + +# mips64/ppc/ppc64/riscv64/riscv32 is not supported in this release +COMPATIBLE_HOST:mipsarchn32 = "null" +COMPATIBLE_HOST:mipsarchn64 = "null" +COMPATIBLE_HOST:powerpc = "null" +COMPATIBLE_HOST:powerpc64 = "null" +COMPATIBLE_HOST:powerpc64le = "null" +COMPATIBLE_HOST:riscv64 = "null" +COMPATIBLE_HOST:riscv32 = "null" diff --git a/meta-networking/recipes-connectivity/snort/snort_2.9.19.bb b/meta-networking/recipes-connectivity/snort/snort_2.9.20.bb index 9c479d2200..8b9092b418 100644 --- a/meta-networking/recipes-connectivity/snort/snort_2.9.19.bb +++ b/meta-networking/recipes-connectivity/snort/snort_2.9.20.bb @@ -1,29 +1,35 @@ DESCRIPTION = "snort - a free lightweight network intrusion detection system for UNIX and Windows." HOMEPAGE = "http://www.snort.org/" SECTION = "net" -LICENSE = "GPL-2.0" +LICENSE = "GPL-2.0-only" LIC_FILES_CHKSUM = "file://COPYING;md5=78fa8ef966b48fbf9095e13cc92377c5" DEPENDS = "xz libpcap libpcre daq libdnet util-linux daq-native libtirpc bison-native" SRC_URI = "https://www.snort.org/downloads/archive/snort/${BP}.tar.gz \ file://snort.init \ + file://snort.service \ + file://snort.default \ file://volatiles.99_snort \ file://0001-libpcap-search-sysroot-for-headers.patch \ file://fix-host-contamination-when-enable-static-daq.patch \ file://disable-run-test-program-while-cross-compiling.patch \ file://configure.in-disable-tirpc-checking-for-fedora.patch \ " -SRC_URI[sha256sum] = "b12fc6db72afb58987a2bf1954b8f45bde02047c235513c7663857b9506369c7" +SRC_URI[sha256sum] = "29400e13f53b1831e0b8b10ec1224a1cbaa6dc1533a5322a20dd80bb84b4981c" UPSTREAM_CHECK_URI = "https://www.snort.org/downloads" UPSTREAM_CHECK_REGEX = "snort-(?P<pver>\d+(\.\d+)+)\.tar" -inherit autotools gettext update-rc.d pkgconfig +inherit autotools gettext update-rc.d pkgconfig systemd INITSCRIPT_NAME = "snort" INITSCRIPT_PARAMS = "defaults" +SYSTEMD_PACKAGES = "${PN}" +SYSTEMD_SERVICE:${PN} = "snort.service" +SYSTEMD_AUTO_ENABLE = "disable" + EXTRA_OECONF = " \ --enable-gre \ --enable-linux-smp-stats \ @@ -69,8 +75,17 @@ do_install:append() { ${D}${sysconfdir}/snort/snort.conf cp ${S}/preproc_rules/*.rules ${D}${sysconfdir}/snort/preproc_rules/ - install -m 755 ${WORKDIR}/snort.init ${D}${sysconfdir}/init.d/snort + if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then + install -m 755 ${WORKDIR}/snort.init ${D}${sysconfdir}/init.d/snort + fi + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -d ${D}/${systemd_system_unitdir} + install -m 644 ${WORKDIR}/snort.service ${D}/${systemd_system_unitdir} + # Install default environment file + install -d ${D}/${sysconfdir}/default + install -m 0644 ${WORKDIR}/snort.default ${D}${sysconfdir}/default/snort + fi install -d ${D}${sysconfdir}/default/volatiles install -m 0644 ${WORKDIR}/volatiles.99_snort ${D}${sysconfdir}/default/volatiles/99_snort @@ -87,6 +102,7 @@ FILES:${PN} += " \ ${libdir}/snort_dynamicengine/*.so.* \ ${libdir}/snort_dynamicpreprocessor/*.so.* \ ${libdir}/snort_dynamicrules/*.so.* \ + ${systemd_system_unitdir}/snort.service \ " FILES:${PN}-dbg += " \ ${libdir}/snort_dynamicengine/.debug \ |