2 # This is free software, licensed under the GNU General Public License v2.
3 # See /LICENSE for more information.
6 include $(TOPDIR
)/rules.mk
12 PKG_SOURCE
:=$(PKG_VERSION
).
tar.gz
13 PKG_SOURCE_URL
:=https
://github.com
/snort3
/snort3
/archive
/refs
/tags/
14 PKG_HASH
:=cb98c0d15caa7c84da24995e8521f42f4e86a860b9748418154d8649b6a0db2d
16 PKG_MAINTAINER
:=W. Michael Petullo
<mike@flyn.org
>, John Audia
<therealgraysky@proton.me
>
17 PKG_LICENSE
:=GPL-2.0
-only
18 PKG_LICENSE_FILES
:=COPYING
19 PKG_CPE_ID
:=cpe
:/a
:snort
:snort
21 include $(INCLUDE_DIR
)/package.mk
22 include $(INCLUDE_DIR
)/cmake.mk
28 DEPENDS
:=+libstdcpp
+libdaq3
+libdnet
+libopenssl
+libpcap
+libpcre
+libpthread
+libuuid
+zlib
+libhwloc
+libtirpc @HAS_LUAJIT_ARCH
+luajit
+libatomic
+kmod-nft-queue
+liblzma
29 TITLE
:=Lightweight Network Intrusion Detection System
30 URL
:=http
://www.snort.org
/
34 define Package
/snort3
/description
35 Snort is an open source network intrusion detection and prevention system.
36 It is capable of performing real-time traffic analysis
, alerting
, blocking
37 and packet logging on IP networks. It utilizes a combination of protocol
38 analysis and pattern matching in order to detect anomalies
, misuse and
43 -DUSE_TIRPC
:BOOL
=YES \
44 -DENABLE_STATIC_DAQ
:BOOL
=NO \
45 -DDAQ_INCLUDE_DIR
=$(STAGING_DIR
)/usr
/include/daq3 \
46 -DDAQ_LIBRARIES_DIR_HINT
:PATH
=$(STAGING_DIR
)/usr
/lib
/daq3 \
47 -DFLEX_INCLUDES
:PATH
=$(STAGING_DIR_HOST
)/include \
48 -DENABLE_COREFILES
:BOOL
=NO \
49 -DENABLE_GDB
:BOOL
=NO \
51 -DMAKE_HTML_DOC
:BOOL
=NO \
52 -DMAKE_PDF_DOC
:BOOL
=NO \
53 -DMAKE_TEXT_DOC
:BOOL
=NO \
54 -DHAVE_LIBUNWIND
=OFF \
57 TARGET_CFLAGS
+= -I
$(STAGING_DIR
)/usr
/include/daq3
-I
$(STAGING_DIR
)/usr
/include/tirpc
58 TARGET_LDFLAGS
+= -L
$(STAGING_DIR
)/usr
/lib
/daq3
-ltirpc
60 define Package
/snort3
/conffiles
65 define Package
/snort3
/install
66 $(INSTALL_DIR
) $(1)/usr
/bin
68 $(PKG_INSTALL_DIR
)/usr
/bin
/snort \
72 $(PKG_INSTALL_DIR
)/usr
/bin
/snort2lua \
76 $(PKG_INSTALL_DIR
)/usr
/bin
/u2
{boat
,spewfoo
} \
80 .
/files
/snort-
{mgr
,rules
} \
83 $(INSTALL_DIR
) $(1)/usr
/lib
/snort
85 $(PKG_INSTALL_DIR
)/usr
/lib
/snort
/daq
/daq_hext.so \
89 $(PKG_INSTALL_DIR
)/usr
/lib
/snort
/daq
/daq_file.so \
92 $(INSTALL_DIR
) $(1)/usr
/share
/lua
94 $(PKG_INSTALL_DIR
)/usr
/include/snort
/lua
/snort_plugin.lua \
97 $(INSTALL_DIR
) $(1)/usr
/share
/snort
100 $(1)/usr
/share
/snort
/
102 $(INSTALL_DIR
) $(1)/usr
/share
/snort
/templates
104 .
/files
/nftables.uc \
105 $(1)/usr
/share
/snort
/templates
/
108 $(1)/usr
/share
/snort
/templates
/
110 $(INSTALL_DIR
) $(1)/etc
/snort
/{rules
,lists
,builtin_rules
,so_rules
}
113 $(PKG_INSTALL_DIR
)/usr
/etc
/snort
/*.lua \
116 $(PKG_INSTALL_DIR
)/usr
/etc
/snort
/file_magic.rules \
119 $(INSTALL_DIR
) $(1)/etc
/init.d
122 $(1)/etc
/init.d
/snort
124 $(INSTALL_DIR
) $(1)/etc
/config
126 .
/files
/snort.config \
127 $(1)/etc
/config
/snort
131 -e
"/^-- HOME_NET and EXTERNAL_NET/ i -- The values for the two variables HOME_NET and EXTERNAL_NET have been" \
132 -e
"/^-- HOME_NET and EXTERNAL_NET/ i -- moved to /etc/config/snort, so do not modify them here without good" \
133 -e
"/^-- HOME_NET and EXTERNAL_NET/ i -- reason.\n" \
134 -e
's/^\(HOME_NET\s\+=\)/--\1/g' \
135 -e
's/^\(EXTERNAL_NET\s\+=\)/--\1/g' \
136 $(1)/etc
/snort
/snort.lua
138 -i
-e
"s/^\\(RULE_PATH\\s\\+=\\).*/\\1 'rules'/g" \
139 -e
"s/^\\(BUILTIN_RULE_PATH\\s\\+=\\).*/\\1 'builtin_rules'/g" \
140 -e
"s/^\\(PLUGIN_RULE_PATH\\s\\+=\\).*/\\1 'so_rules'/g" \
141 -e
"s/^\\(WHITE_LIST_PATH\\s\\+=\\).*/\\1 'lists'/g" \
142 -e
"s/^\\(BLACK_LIST_PATH\\s\\+=\\).*/\\1 'lists'/g" \
143 $(1)/etc
/snort
/snort_defaults.lua
146 $(eval
$(call BuildPackage
,snort3
))