1 files changed, 88 insertions, 0 deletions
diff --git a/recipes-security/suricata/suricata_4.0.5.bb b/recipes-security/suricata/suricata_4.0.5.bb
new file mode 100644
index 0000000..6ccf3d2
--- /dev/null
+++ b/recipes-security/suricata/suricata_4.0.5.bb
@@ -0,0 +1,88 @@
+SUMMARY = "The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine"
+require suricata.inc
+LIC_FILES_CHKSUM = "file://LICENSE;beginline=1;endline=2;md5=c70d8d3310941dcdfcd1e02800a1f548"
+SRC_URI += "https://rules.emergingthreats.net/open/suricata-4.0/emerging.rules.tar.gz;name=rules"
+SRC_URI += " \
+           file://volatiles.03_suricata \
+           file://suricata.yaml \
+           file://suricata.service \
+           "
+SRC_URI[rules.md5sum] = "7e8b570d318c98bff65f2ddc457122cb"
+SRC_URI[rules.sha256sum] = "229e3035804c2b816092c6eea09e35f9db0ea421758551a7a740cdd9c15e3feb"
+inherit autotools-brokensep pkgconfig python-dir systemd 
+CFLAGS += "-D_DEFAULT_SOURCE"
+CACHED_CONFIGUREVARS = "ac_cv_header_htp_htp_h=yes ac_cv_lib_htp_htp_conn_create=yes \
+                        ac_cv_path_HAVE_WGET=no ac_cv_path_HAVE_CURL=no "
+EXTRA_OECONF += " --disable-debug \
+    --enable-non-bundled-htp \
+    --disable-gccmarch-native \
+    "
+PACKAGECONFIG ??= "htp jansson file pcre yaml pcap cap-ng net nfnetlink nss nspr"
+PACKAGECONFIG[htp] = "--with-libhtp-includes=${STAGING_INCDIR} --with-libhtp-libraries=${STAGING_LIBDIR}, ,libhtp,"
+PACKAGECONFIG[pcre] = "--with-libpcre-includes=${STAGING_INCDIR} --with-libpcre-libraries=${STAGING_LIBDIR}, ,libpcre ," 
+PACKAGECONFIG[yaml] = "--with-libyaml-includes=${STAGING_INCDIR} --with-libyaml-libraries=${STAGING_LIBDIR}, ,libyaml ,"
+PACKAGECONFIG[pcap] = "--with-libpcap-includes=${STAGING_INCDIR} --with-libpcap-libraries=${STAGING_LIBDIR}, ,libpcap ," 
+PACKAGECONFIG[cap-ng] = "--with-libcap_ng-includes=${STAGING_INCDIR} --with-libcap_ng-libraries=${STAGING_LIBDIR}, ,libcap-ng , "
+PACKAGECONFIG[net] = "--with-libnet-includes=${STAGING_INCDIR} --with-libnet-libraries=${STAGING_LIBDIR}, , libnet," 
+PACKAGECONFIG[nfnetlink] = "--with-libnfnetlink-includes=${STAGING_INCDIR} --with-libnfnetlink-libraries=${STAGING_LIBDIR}, ,libnfnetlink ,"
+PACKAGECONFIG[nfq] = "--enable-nfqueue, --disable-nfqueue,libnetfilter-queue,"
+PACKAGECONFIG[jansson] = "--with-libjansson-includes=${STAGING_INCDIR} --with-libjansson-libraries=${STAGING_LIBDIR},,jansson, jansson"
+PACKAGECONFIG[file] = ",,file, file"
+PACKAGECONFIG[nss] = "--with-libnss-includes=${STAGING_INCDIR} --with-libnss-libraries=${STAGING_LIBDIR}, nss, nss," 
+PACKAGECONFIG[nspr] = "--with-libnspr-includes=${STAGING_INCDIR} --with-libnspr-libraries=${STAGING_LIBDIR}, nspr, nspr," 
+PACKAGECONFIG[python] = "--enable-python, --disable-python, python, python" 
+export logdir = "${localstatedir}/log"
+do_install_append () {
+    install -d ${D}${sysconfdir}/suricata
+    oe_runmake install-conf DESTDIR=${D}
+    # mimic move of downloaded rules to e_sysconfrulesdir
+    cp -rf  ${WORKDIR}/rules ${D}${sysconfdir}/suricata
+    oe_runmake install-rules DESTDIR=${D}
+    install -d ${D}${sysconfdir}/suricata ${D}${sysconfdir}/default/volatiles
+    install -m 0644 ${WORKDIR}/volatiles.03_suricata  ${D}${sysconfdir}/default/volatiles/volatiles.03_suricata
+    install -m 0644 ${S}/threshold.config ${D}${sysconfdir}/suricata
+    install -d ${D}${systemd_unitdir}/system
+    sed  -e s:/etc:${sysconfdir}:g \
+         -e s:/var/run:/run:g \
+         -e s:/var:${localstatedir}:g \
+         -e s:/usr/bin:${bindir}:g \
+         -e s:/bin/kill:${base_bindir}/kill:g \
+         -e s:/usr/lib:${libdir}:g \
+         ${WORKDIR}/suricata.service > ${D}${systemd_unitdir}/system/suricata.service
+}
+pkg_postinst_ontarget_${PN} () {
+if [ -e /etc/init.d/populate-volatile.sh ] ; then
+    ${sysconfdir}/init.d/populate-volatile.sh update
+fi
+}
+SYSTEMD_PACKAGES = "${PN}"
+PACKAGES =+ "${PN}-socketcontrol"
+FILES_${PN} += "${systemd_unitdir} /run"
+FILES_${PN}-socketcontrol = "${bindir}/suricatasc ${PYTHON_SITEPACKAGES_DIR}"
+CONFFILES_${PN} = "${sysconfdir}/suricata/suricata.yaml"
+RDEPENDS_${PN}-python = "python"

diff --git a/recipes-security/suricata/suricata_4.0.5.bb b/recipes-security/suricata/suricata_4.0.5.bb new file mode 100644 index 0000000..6ccf3d2 --- /dev/null +++ b/recipes-security/suricata/suricata_4.0.5.bb
@@ -0,0 +1,88 @@
	1	SUMMARY = "The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine"
	2
	3	require suricata.inc
	4
	5	LIC_FILES_CHKSUM = "file://LICENSE;beginline=1;endline=2;md5=c70d8d3310941dcdfcd1e02800a1f548"
	6
	7	SRC_URI += "https://rules.emergingthreats.net/open/suricata-4.0/emerging.rules.tar.gz;name=rules"
	8
	9	SRC_URI += " \
	10	file://volatiles.03_suricata \
	11	file://suricata.yaml \
	12	file://suricata.service \
	13	"
	14
	15	SRC_URI[rules.md5sum] = "7e8b570d318c98bff65f2ddc457122cb"
	16	SRC_URI[rules.sha256sum] = "229e3035804c2b816092c6eea09e35f9db0ea421758551a7a740cdd9c15e3feb"
	17
	18	inherit autotools-brokensep pkgconfig python-dir systemd
	19
	20	CFLAGS += "-D_DEFAULT_SOURCE"
	21
	22	CACHED_CONFIGUREVARS = "ac_cv_header_htp_htp_h=yes ac_cv_lib_htp_htp_conn_create=yes \
	23	ac_cv_path_HAVE_WGET=no ac_cv_path_HAVE_CURL=no "
	24
	25	EXTRA_OECONF += " --disable-debug \
	26	--enable-non-bundled-htp \
	27	--disable-gccmarch-native \
	28	"
	29
	30	PACKAGECONFIG ??= "htp jansson file pcre yaml pcap cap-ng net nfnetlink nss nspr"
	31	PACKAGECONFIG[htp] = "--with-libhtp-includes=${STAGING_INCDIR} --with-libhtp-libraries=${STAGING_LIBDIR}, ,libhtp,"
	32	PACKAGECONFIG[pcre] = "--with-libpcre-includes=${STAGING_INCDIR} --with-libpcre-libraries=${STAGING_LIBDIR}, ,libpcre ,"
	33	PACKAGECONFIG[yaml] = "--with-libyaml-includes=${STAGING_INCDIR} --with-libyaml-libraries=${STAGING_LIBDIR}, ,libyaml ,"
	34	PACKAGECONFIG[pcap] = "--with-libpcap-includes=${STAGING_INCDIR} --with-libpcap-libraries=${STAGING_LIBDIR}, ,libpcap ,"
	35	PACKAGECONFIG[cap-ng] = "--with-libcap_ng-includes=${STAGING_INCDIR} --with-libcap_ng-libraries=${STAGING_LIBDIR}, ,libcap-ng , "
	36	PACKAGECONFIG[net] = "--with-libnet-includes=${STAGING_INCDIR} --with-libnet-libraries=${STAGING_LIBDIR}, , libnet,"
	37	PACKAGECONFIG[nfnetlink] = "--with-libnfnetlink-includes=${STAGING_INCDIR} --with-libnfnetlink-libraries=${STAGING_LIBDIR}, ,libnfnetlink ,"
	38	PACKAGECONFIG[nfq] = "--enable-nfqueue, --disable-nfqueue,libnetfilter-queue,"
	39
	40	PACKAGECONFIG[jansson] = "--with-libjansson-includes=${STAGING_INCDIR} --with-libjansson-libraries=${STAGING_LIBDIR},,jansson, jansson"
	41	PACKAGECONFIG[file] = ",,file, file"
	42	PACKAGECONFIG[nss] = "--with-libnss-includes=${STAGING_INCDIR} --with-libnss-libraries=${STAGING_LIBDIR}, nss, nss,"
	43	PACKAGECONFIG[nspr] = "--with-libnspr-includes=${STAGING_INCDIR} --with-libnspr-libraries=${STAGING_LIBDIR}, nspr, nspr,"
	44	PACKAGECONFIG[python] = "--enable-python, --disable-python, python, python"
	45
	46	export logdir = "${localstatedir}/log"
	47
	48	do_install_append () {
	49
	50	install -d ${D}${sysconfdir}/suricata
	51
	52	oe_runmake install-conf DESTDIR=${D}
	53
	54	# mimic move of downloaded rules to e_sysconfrulesdir
	55	cp -rf ${WORKDIR}/rules ${D}${sysconfdir}/suricata
	56
	57	oe_runmake install-rules DESTDIR=${D}
	58
	59	install -d ${D}${sysconfdir}/suricata ${D}${sysconfdir}/default/volatiles
	60	install -m 0644 ${WORKDIR}/volatiles.03_suricata ${D}${sysconfdir}/default/volatiles/volatiles.03_suricata
	61
	62	install -m 0644 ${S}/threshold.config ${D}${sysconfdir}/suricata
	63
	64	install -d ${D}${systemd_unitdir}/system
	65	sed -e s:/etc:${sysconfdir}:g \
	66	-e s:/var/run:/run:g \
	67	-e s:/var:${localstatedir}:g \
	68	-e s:/usr/bin:${bindir}:g \
	69	-e s:/bin/kill:${base_bindir}/kill:g \
	70	-e s:/usr/lib:${libdir}:g \
	71	${WORKDIR}/suricata.service > ${D}${systemd_unitdir}/system/suricata.service
	72	}
	73
	74	pkg_postinst_ontarget_${PN} () {
	75	if [ -e /etc/init.d/populate-volatile.sh ] ; then
	76	${sysconfdir}/init.d/populate-volatile.sh update
	77	fi
	78	}
	79
	80	SYSTEMD_PACKAGES = "${PN}"
	81
	82	PACKAGES =+ "${PN}-socketcontrol"
	83	FILES_${PN} += "${systemd_unitdir} /run"
	84	FILES_${PN}-socketcontrol = "${bindir}/suricatasc ${PYTHON_SITEPACKAGES_DIR}"
	85
	86	CONFFILES_${PN} = "${sysconfdir}/suricata/suricata.yaml"
	87
	88	RDEPENDS_${PN}-python = "python"