2 # This is free software, licensed under the GNU General Public License v2.
3 # See /LICENSE for more information.
6 include $(TOPDIR
)/rules.mk
12 PKG_SOURCE
:=$(PKG_VERSION
).
tar.gz
13 PKG_SOURCE_URL
:=https
://github.com
/snort3
/snort3
/archive
/refs
/tags/
14 PKG_HASH
:=d4093b0bfde013b3ad246cbc87bbd6c0cc09dfb9b4978b1a76b4ab27abf6d03a
16 PKG_MAINTAINER
:=W. Michael Petullo
<mike@flyn.org
>, John Audia
<therealgraysky@proton.me
>
17 PKG_LICENSE
:=GPL-2.0
-only
18 PKG_LICENSE_FILES
:=COPYING
19 PKG_CPE_ID
:=cpe
:/a
:snort
:snort
21 include $(INCLUDE_DIR
)/package.mk
22 include $(INCLUDE_DIR
)/cmake.mk
29 +(TARGET_x86||TARGET_x86_64
):hyperscan-runtime \
30 +libstdcpp
+libdaq3
+libdnet
+libopenssl
+libpcap
+libpcre
+libpthread \
31 +libuuid
+zlib
+libhwloc
+libtirpc @HAS_LUAJIT_ARCH
+luajit
+libatomic \
32 +kmod-nft-queue
+liblzma
+ucode
+ucode-mod-fs
+ucode-mod-uci
33 TITLE
:=Lightweight Network Intrusion Detection System
34 URL
:=http
://www.snort.org
/
38 define Package
/snort3
/description
39 Snort is an open source network intrusion detection and prevention system.
40 It is capable of performing real-time traffic analysis
, alerting
, blocking
41 and packet logging on IP networks. It utilizes a combination of protocol
42 analysis and pattern matching in order to detect anomalies
, misuse and
46 # Hyperscan and gperftools only builds for x86
47 ifdef CONFIG_TARGET_x86_64
48 CMAKE_OPTIONS
+= -DHS_INCLUDE_DIRS
=$(STAGING_DIR
)/usr
/include/hs
52 -DUSE_TIRPC
:BOOL
=YES \
53 -DENABLE_STATIC_DAQ
:BOOL
=NO \
54 -DDAQ_INCLUDE_DIR
=$(STAGING_DIR
)/usr
/include/daq3 \
55 -DDAQ_LIBRARIES_DIR_HINT
:PATH
=$(STAGING_DIR
)/usr
/lib
/daq3 \
56 -DFLEX_INCLUDES
:PATH
=$(STAGING_DIR_HOST
)/include \
57 -DENABLE_COREFILES
:BOOL
=NO \
58 -DENABLE_GDB
:BOOL
=NO \
60 -DMAKE_HTML_DOC
:BOOL
=NO \
61 -DMAKE_PDF_DOC
:BOOL
=NO \
62 -DMAKE_TEXT_DOC
:BOOL
=NO \
63 -DHAVE_LIBUNWIND
=OFF \
66 TARGET_CFLAGS
+= -I
$(STAGING_DIR
)/usr
/include/daq3
-I
$(STAGING_DIR
)/usr
/include/tirpc
67 TARGET_LDFLAGS
+= -L
$(STAGING_DIR
)/usr
/lib
/daq3
-ltirpc
69 define Package
/snort3
/conffiles
74 define Package
/snort3
/install
75 $(INSTALL_DIR
) $(1)/usr
/bin
77 $(PKG_INSTALL_DIR
)/usr
/bin
/snort \
81 $(PKG_INSTALL_DIR
)/usr
/bin
/snort2lua \
85 $(PKG_INSTALL_DIR
)/usr
/bin
/u2
{boat
,spewfoo
} \
89 .
/files
/snort-
{mgr
,rules
} \
92 $(INSTALL_DIR
) $(1)/usr
/lib
/snort
94 $(PKG_INSTALL_DIR
)/usr
/lib
/snort
/daq
/daq_hext.so \
98 $(PKG_INSTALL_DIR
)/usr
/lib
/snort
/daq
/daq_file.so \
101 $(INSTALL_DIR
) $(1)/usr
/share
/lua
103 $(PKG_INSTALL_DIR
)/usr
/include/snort
/lua
/snort_plugin.lua \
106 $(INSTALL_DIR
) $(1)/usr
/share
/snort
109 $(1)/usr
/share
/snort
/
111 $(INSTALL_DIR
) $(1)/usr
/share
/snort
/templates
113 .
/files
/nftables.uc \
114 $(1)/usr
/share
/snort
/templates
/
117 $(1)/usr
/share
/snort
/templates
/
119 $(INSTALL_DIR
) $(1)/etc
/snort
/{rules
,lists
,builtin_rules
,so_rules
}
122 $(PKG_INSTALL_DIR
)/usr
/etc
/snort
/*.lua \
125 $(PKG_INSTALL_DIR
)/usr
/etc
/snort
/file_magic.rules \
128 $(INSTALL_DIR
) $(1)/etc
/init.d
131 $(1)/etc
/init.d
/snort
133 $(INSTALL_DIR
) $(1)/etc
/config
135 .
/files
/snort.config \
136 $(1)/etc
/config
/snort
140 -e
"/^-- HOME_NET and EXTERNAL_NET/ i -- The values for the two variables HOME_NET and EXTERNAL_NET have been" \
141 -e
"/^-- HOME_NET and EXTERNAL_NET/ i -- moved to /etc/config/snort, so do not modify them here without good" \
142 -e
"/^-- HOME_NET and EXTERNAL_NET/ i -- reason.\n" \
143 -e
's/^\(HOME_NET\s\+=\)/--\1/g' \
144 -e
's/^\(EXTERNAL_NET\s\+=\)/--\1/g' \
145 $(1)/etc
/snort
/snort.lua
147 -i
-e
"s/^\\(RULE_PATH\\s\\+=\\).*/\\1 'rules'/g" \
148 -e
"s/^\\(BUILTIN_RULE_PATH\\s\\+=\\).*/\\1 'builtin_rules'/g" \
149 -e
"s/^\\(PLUGIN_RULE_PATH\\s\\+=\\).*/\\1 'so_rules'/g" \
150 -e
"s/^\\(WHITE_LIST_PATH\\s\\+=\\).*/\\1 'lists'/g" \
151 -e
"s/^\\(BLACK_LIST_PATH\\s\\+=\\).*/\\1 'lists'/g" \
152 $(1)/etc
/snort
/snort_defaults.lua
155 $(eval
$(call BuildPackage
,snort3
))