snort: initial import from old-packages

Signed-off-by: Luka Perkov <luka@openwrt.org>
2015-01-23 16:34:29 +01:00 · 2015-01-23 16:34:29 +01:00 · 155398e723
parent ab1c7a43e3
commit 155398e723
4 changed files with 350 additions and 0 deletions
--- a/net/snort/Makefile
+++ b/net/snort/Makefile
@ -0,0 +1,202 @@
+#
+# Copyright (C) 2006-2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=snort
+PKG_VERSION:=2.9.7.0
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://www.snort.org/downloads/snort/
+PKG_MD5SUM:=c2a45bc56441ee9456478f219dd8d1e2
+
+PKG_BUILD_DEPENDS:=librpc
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
+PKG_FIXUP:=autoreconf
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/snort/Default
+  SUBMENU:=Firewall
+  SECTION:=net
+  CATEGORY:=Network
+  DEPENDS:=+libdaq +libdnet +libopenssl +libpcap +libpcre +libpthread +libuuid +zlib
+  TITLE:=Lightweight Network Intrusion Detection System
+  URL:=http://www.snort.org/
+endef
+
+define Package/snort/Default/description
+  Snort is an open source network intrusion detection and prevention system.
+  It is capable of performing real-time traffic analysis, alerting, blocking
+  and packet logging on IP networks.  It utilizes a combination of protocol
+  analysis and pattern matching in order to detect anomalies, misuse and
+  attacks.
+endef
+
+define Package/snort
+  $(call Package/snort/Default)
+  VARIANT:=basic
+endef
+
+define Package/snort/description
+  $(call Package/snort/Default/description)
+endef
+
+define Package/snort-mysql
+  $(call Package/snort/Default)
+  DEPENDS+= +libmysqlclient
+  TITLE+= (MySQL)
+  VARIANT:=mysql
+endef
+
+define Package/snort-mysql/description
+  $(call Package/snort/Default/description)
+  This package contains snort with support for logging to a MySQL database.
+endef
+
+define Package/snort-pgsql
+  $(call Package/snort/Default)
+  DEPENDS+= +libpq +libuuid
+  TITLE+= (PostgreSQL)
+  VARIANT:=pgsql
+endef
+
+define Package/snort-pgsql/description
+  $(call Package/snort/Default/description)
+  This package contains snort with support for logging to a PostgreSQL database.
+endef
+
+CONFIGURE_ARGS += \
+	--prefix="/usr" \
+	--enable-flexresp \
+	--with-dnet-includes="$(STAGING_DIR)/usr/include" \
+	--with-dnet-libraries="$(STAGING_DIR)/usr/lib" \
+	--with-libpcap-includes="$(STAGING_DIR)/usr/include" \
+	--with-libpcap-libraries="$(STAGING_DIR)/usr/lib" \
+	--with-libpcre-includes="$(STAGING_DIR)/usr/include" \
+	--with-libpcre-libraries="$(STAGING_DIR)/usr/lib" \
+	--with-daq-includes="$(STAGING_DIR)/usr/include" \
+	--with-daq-libraries="$(STAGING_DIR)/usr/lib" \
+	--disable-static-daq
+
+CONFIGURE_VARS += \
+	CPPFLAGS="$$$$CPPFLAGS -I$(STAGING_DIR)/usr/include/mysql" \
+	LDFLAGS="$$$$LDFLAGS -L$(STAGING_DIR)/usr/lib/mysql" \
+	PATH="$(STAGING_DIR)/usr/lib/libnet-1.0.x/bin:$$$$PATH"
+
+MAKE_FLAGS += \
+	extra_incl=""
+
+ifeq ($(BUILD_VARIANT),basic)
+  CONFIGURE_ARGS += \
+	--without-mysql \
+	--without-postgresql
+endif
+ifeq ($(BUILD_VARIANT),mysql)
+  CONFIGURE_VARS += \
+	mysql_has_reconnect=yes
+  CONFIGURE_ARGS += \
+	--with-mysql="$(STAGING_DIR)/usr" \
+	--without-postgresql
+endif
+ifeq ($(BUILD_VARIANT),pgsql)
+  CONFIGURE_ARGS += \
+	--without-mysql \
+	--with-postgresql="$(STAGING_DIR)/usr"
+endif
+
+define Build/InstallDev
+	$(INSTALL_DIR) $(STAGING_DIR)/usr/include/snort/dynamic_preproc
+	$(CP) \
+		$(PKG_INSTALL_DIR)/usr/include/snort/dynamic_preproc/* \
+		$(STAGING_DIR)/usr/include/snort/dynamic_preproc/
+	$(INSTALL_DIR) $(STAGING_DIR)/usr/lib/snort/dynamic_preproc
+	$(CP) \
+		$(PKG_INSTALL_DIR)/usr/lib/snort/dynamic_preproc/* \
+		$(STAGING_DIR)/usr/lib/snort/dynamic_preproc/
+	$(INSTALL_DIR) $(STAGING_DIR)/usr/lib/snort_dynamicengine
+	$(CP) \
+		$(PKG_INSTALL_DIR)/usr/lib/snort_dynamicengine/* \
+		$(STAGING_DIR)/usr/lib/snort_dynamicengine/
+	$(INSTALL_DIR) $(STAGING_DIR)/usr/lib/snort_dynamicpreprocessor
+	$(CP) \
+		$(PKG_INSTALL_DIR)/usr/lib/snort_dynamicpreprocessor/* \
+		$(STAGING_DIR)/usr/lib/snort_dynamicpreprocessor/
+endef
+
+define Package/snort/conffiles
+/etc/config/snort
+/etc/snort/snort.conf
+endef
+
+Package/snort-mysql/conffiles = $(Package/snort/conffiles)
+Package/snort-mysql/install = $(Package/snort/install)
+
+Package/snort-pgsql/conffiles = $(Package/snort/conffiles)
+Package/snort-pgsql/install = $(Package/snort/install)
+
+define Package/snort/install
+	$(INSTALL_DIR) $(1)/usr/bin
+	$(INSTALL_BIN) \
+		$(PKG_INSTALL_DIR)/usr/bin/snort  \
+		$(1)/usr/bin/snort
+
+	$(INSTALL_BIN) \
+		$(PKG_INSTALL_DIR)/usr/bin/u2{boat,spewfoo} \
+		$(1)/usr/bin
+
+	$(INSTALL_DIR) $(1)/usr/lib/snort_dynamicengine
+	$(CP) \
+		$(PKG_INSTALL_DIR)/usr/lib/snort_dynamicengine/libsf_engine.so* \
+		$(1)/usr/lib/snort_dynamicengine/
+
+	$(INSTALL_DIR) $(1)/usr/lib/snort_dynamicpreprocessor
+	$(CP) \
+		$(PKG_INSTALL_DIR)/usr/lib/snort_dynamicpreprocessor/libsf*.so* \
+		$(1)/usr/lib/snort_dynamicpreprocessor/
+
+	$(INSTALL_DIR) $(1)/etc/snort
+	$(INSTALL_CONF) \
+		$(PKG_BUILD_DIR)/etc/snort.conf \
+		$(1)/etc/snort/
+	$(INSTALL_CONF) \
+		$(PKG_BUILD_DIR)/etc/attribute_table.dtd \
+		$(1)/etc/snort/
+	$(INSTALL_CONF) \
+		$(PKG_BUILD_DIR)/etc/classification.config \
+		$(1)/etc/snort/
+	$(INSTALL_CONF) \
+		$(PKG_BUILD_DIR)/etc/gen-msg.map \
+		$(1)/etc/snort/
+	$(INSTALL_CONF) \
+			$(PKG_BUILD_DIR)/etc/reference.config \
+			$(1)/etc/snort/
+	$(INSTALL_CONF) \
+		$(PKG_BUILD_DIR)/etc/unicode.map \
+		$(1)/etc/snort/
+
+	$(INSTALL_DIR) $(1)/etc/snort/preproc_rules
+	$(INSTALL_CONF) \
+		$(PKG_BUILD_DIR)/preproc_rules/*.rules \
+		$(1)/etc/snort/preproc_rules/
+
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_BIN) \
+		./files/snort.init \
+		$(1)/etc/init.d/snort
+
+	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_CONF) \
+		./files/snort.config \
+		$(1)/etc/config/snort
+endef
+
+$(eval $(call BuildPackage,snort))
+$(eval $(call BuildPackage,snort-mysql))
+$(eval $(call BuildPackage,snort-pgsql))
--- a/net/snort/files/snort.config
+++ b/net/snort/files/snort.config
@ -0,0 +1,3 @@
+config snort 'snort'
+	option config_file '/etc/snort/snort.conf'
+	option interface 'lo'
--- a/net/snort/files/snort.init
+++ b/net/snort/files/snort.init
@ -0,0 +1,40 @@
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2015 OpenWrt.org
+
+START=90
+STOP=10
+
+USE_PROCD=1
+PROG=/usr/bin/snort
+
+validate_snort_section() {
+	uci_validate_section snort snort "${1}" \
+		'config_file:string' \
+		'interface:string'
+}
+
+start_service() {
+	local config_file interface
+
+	validate_snort_section snort || {
+		echo "validation failed"
+		return 1
+	}
+
+	procd_open_instance
+	procd_set_param command $PROG "-q" "--daq-dir" "/usr/lib/daq/" "-i" "$interface" "-s" "-N"
+	procd_set_param file $CONFIGFILE
+	procd_set_param respawn
+	procd_close_instance
+}
+
+stop_service()
+{
+	service_stop ${PROG}
+}
+
+service_triggers()
+{
+	procd_add_reload_trigger "snort"
+	procd_add_validation validate_snort_section
+}
--- a/net/snort/patches/001-compile.patch
+++ b/net/snort/patches/001-compile.patch
@ -0,0 +1,105 @@
+--- /dev/null
+++ b/acinclude.m4
+@@ -0,0 +1 @@
+sinclude(m4/libprelude.m4)
+--- a/configure.in
+++ b/configure.in
+@@ -285,21 +285,7 @@ AC_CHECK_TYPES([int8_t,int16_t,int32_t,i
+ AC_CHECK_TYPES([boolean])
+ 
+ # In case INADDR_NONE is not defined (like on Solaris)
+-have_inaddr_none="no"
+-AC_MSG_CHECKING([for INADDR_NONE])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <sys/types.h>
+-#include <netinet/in.h>
+-#include <arpa/inet.h>
+-]],
+-[[
+-	if (inet_addr("10,5,2") == INADDR_NONE);
+-    return 0;
+-]])],
+-[have_inaddr_none="yes"],
+-[have_inaddr_none="no"])
+have_inaddr_none="yes"
+ AC_MSG_RESULT($have_inaddr_none)
+ if test "x$have_inaddr_none" = "xno"; then
+ 	AC_DEFINE([INADDR_NONE],[-1],[For INADDR_NONE definition])
+@@ -433,16 +419,7 @@ if test "x$LPCAP" = "xno"; then
+ fi
+ 
+ AC_MSG_CHECKING([for pcap_lex_destroy])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <pcap.h>
+-]],
+-[[
+-   pcap_lex_destroy();
+-]])],
+-[have_pcap_lex_destroy="yes"],
+-[have_pcap_lex_destroy="no"])
+have_pcap_lex_destroy="yes"
+ AC_MSG_RESULT($have_pcap_lex_destroy)
+ if test "x$have_pcap_lex_destroy" = "xyes"; then
+     AC_DEFINE([HAVE_PCAP_LEX_DESTROY],[1],[Can cleanup lex buffer stack created by pcap bpf filter])
+@@ -727,54 +704,21 @@ if test "x$ac_cv_func_daq_dp_add_dc" = "
+ 
+ fi
+ 
+-AC_MSG_CHECKING([for daq address space ID])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+-   DAQ_PktHdr_t hdr;
+-   hdr.address_space_id = 0;
+-]])],
+-[have_daq_address_space_id="yes"],
+-[have_daq_address_space_id="no"])
+have_daq_address_space_id="yes"
+ AC_MSG_RESULT($have_daq_address_space_id)
+ if test "x$have_daq_address_space_id" = "xyes"; then
+     AC_DEFINE([HAVE_DAQ_ADDRESS_SPACE_ID],[1],
+         [DAQ version supports address space ID in header.])
+ fi
+ 
+-AC_MSG_CHECKING([for daq flow ID])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+-   DAQ_PktHdr_t hdr;
+-   hdr.flow_id = 0;
+-]])],
+-[have_daq_flow_id="yes"],
+-[have_daq_flow_id="no"])
+have_daq_flow_id="yes"
+ AC_MSG_RESULT($have_daq_flow_id)
+ if test "x$have_daq_flow_id" = "xyes"; then
+     AC_DEFINE([HAVE_DAQ_FLOW_ID],[1],
+         [DAQ version supports flow ID in header.])
+ fi
+ 
+-AC_MSG_CHECKING([for DAQ_VERDICT_RETRY])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+-   DAQ_Verdict verdict;
+-   verdict = DAQ_VERDICT_RETRY;
+-]])],
+-[have_daq_verdict_retry="yes"],
+-[have_daq_verdict_retry="no"])
+have_daq_verdict_retry="yes"
+ AC_MSG_RESULT($have_daq_verdict_retry)
+ if test "x$have_daq_verdict_retry" = "xyes"; then
+     AC_DEFINE([HAVE_DAQ_VERDICT_RETRY],[1],