# # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. # include $(TOPDIR)/rules.mk PKG_NAME:=snort3 PKG_VERSION:=3.1.81.0 PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/snort3/snort3/archive/refs/tags/ PKG_HASH:=d4093b0bfde013b3ad246cbc87bbd6c0cc09dfb9b4978b1a76b4ab27abf6d03a PKG_MAINTAINER:=W. Michael Petullo , John Audia PKG_LICENSE:=GPL-2.0-only PKG_LICENSE_FILES:=COPYING PKG_CPE_ID:=cpe:/a:snort:snort include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/cmake.mk define Package/snort3 SUBMENU:=Firewall SECTION:=net CATEGORY:=Network DEPENDS:= \ +(TARGET_x86||TARGET_x86_64):hyperscan-runtime \ +(TARGET_x86||TARGET_x86_64):gperftools-runtime \ +libstdcpp +libdaq3 +libdnet +libopenssl +libpcap +libpcre +libpthread \ +libuuid +zlib +libhwloc +libtirpc @HAS_LUAJIT_ARCH +luajit +libatomic \ +kmod-nft-queue +liblzma +ucode +ucode-mod-fs +ucode-mod-uci TITLE:=Lightweight Network Intrusion Detection System URL:=http://www.snort.org/ MENU:=1 endef define Package/snort3/description Snort is an open source network intrusion detection and prevention system. It is capable of performing real-time traffic analysis, alerting, blocking and packet logging on IP networks. It utilizes a combination of protocol analysis and pattern matching in order to detect anomalies, misuse and attacks. endef # Hyperscan and gperftools only builds for x86 ifdef CONFIG_TARGET_x86_64 CMAKE_OPTIONS += -DHS_INCLUDE_DIRS=$(STAGING_DIR)/usr/include/hs endif # Hyperscan and gperftools only builds for x86 ifdef CONFIG_TARGET_x86_64 CMAKE_OPTIONS += -DHS_INCLUDE_DIRS=$(STAGING_DIR)/usr/include/hs \ -DENABLE_TCMALLOC=ON \ -DTCMALLOC_LIBRARIES=$(STAGING_DIR)/usr/lib/libtcmalloc.so endif CMAKE_OPTIONS += \ -DUSE_TIRPC:BOOL=YES \ -DENABLE_STATIC_DAQ:BOOL=NO \ -DDAQ_INCLUDE_DIR=$(STAGING_DIR)/usr/include/daq3 \ -DDAQ_LIBRARIES_DIR_HINT:PATH=$(STAGING_DIR)/usr/lib/daq3 \ -DFLEX_INCLUDES:PATH=$(STAGING_DIR_HOST)/include \ -DENABLE_COREFILES:BOOL=NO \ -DENABLE_GDB:BOOL=NO \ -DMAKE_DOC:BOOL=NO \ -DMAKE_HTML_DOC:BOOL=NO \ -DMAKE_PDF_DOC:BOOL=NO \ -DMAKE_TEXT_DOC:BOOL=NO \ -DHAVE_LIBUNWIND=OFF \ -DHAVE_LZMA=ON TARGET_CFLAGS += -I$(STAGING_DIR)/usr/include/daq3 -I$(STAGING_DIR)/usr/include/tirpc TARGET_LDFLAGS += -L$(STAGING_DIR)/usr/lib/daq3 -ltirpc define Package/snort3/conffiles /etc/config/snort /etc/snort/ endef define Package/snort3/install $(INSTALL_DIR) $(1)/usr/bin $(INSTALL_BIN) \ $(PKG_INSTALL_DIR)/usr/bin/snort \ $(1)/usr/bin/ $(INSTALL_BIN) \ $(PKG_INSTALL_DIR)/usr/bin/snort2lua \ $(1)/usr/bin/ $(INSTALL_BIN) \ $(PKG_INSTALL_DIR)/usr/bin/u2{boat,spewfoo} \ $(1)/usr/bin/ $(INSTALL_BIN) \ ./files/snort-{mgr,rules} \ $(1)/usr/bin/ $(INSTALL_DIR) $(1)/usr/lib/snort $(CP) \ $(PKG_INSTALL_DIR)/usr/lib/snort/daq/daq_hext.so \ $(1)/usr/lib/snort/ $(CP) \ $(PKG_INSTALL_DIR)/usr/lib/snort/daq/daq_file.so \ $(1)/usr/lib/snort/ $(INSTALL_DIR) $(1)/usr/share/lua $(CP) \ $(PKG_INSTALL_DIR)/usr/include/snort/lua/snort_plugin.lua \ $(1)/usr/share/lua/ $(INSTALL_DIR) $(1)/usr/share/snort $(INSTALL_CONF) \ ./files/main.uc \ $(1)/usr/share/snort/ $(INSTALL_DIR) $(1)/usr/share/snort/templates $(INSTALL_CONF) \ ./files/nftables.uc \ $(1)/usr/share/snort/templates/ $(INSTALL_CONF) \ ./files/snort.uc \ $(1)/usr/share/snort/templates/ $(INSTALL_DIR) $(1)/etc/snort/{rules,lists,builtin_rules,so_rules} $(INSTALL_CONF) \ $(PKG_INSTALL_DIR)/usr/etc/snort/*.lua \ $(1)/etc/snort $(INSTALL_CONF) \ $(PKG_INSTALL_DIR)/usr/etc/snort/file_magic.rules \ $(1)/etc/snort $(INSTALL_DIR) $(1)/etc/init.d $(INSTALL_BIN) \ ./files/snort.init \ $(1)/etc/init.d/snort $(INSTALL_DIR) $(1)/etc/config $(INSTALL_CONF) \ ./files/snort.config \ $(1)/etc/config/snort sed \ -i \ -e "/^-- HOME_NET and EXTERNAL_NET/ i -- The values for the two variables HOME_NET and EXTERNAL_NET have been" \ -e "/^-- HOME_NET and EXTERNAL_NET/ i -- moved to /etc/config/snort, so do not modify them here without good" \ -e "/^-- HOME_NET and EXTERNAL_NET/ i -- reason.\n" \ -e 's/^\(HOME_NET\s\+=\)/--\1/g' \ -e 's/^\(EXTERNAL_NET\s\+=\)/--\1/g' \ $(1)/etc/snort/snort.lua sed \ -i -e "s/^\\(RULE_PATH\\s\\+=\\).*/\\1 'rules'/g" \ -e "s/^\\(BUILTIN_RULE_PATH\\s\\+=\\).*/\\1 'builtin_rules'/g" \ -e "s/^\\(PLUGIN_RULE_PATH\\s\\+=\\).*/\\1 'so_rules'/g" \ -e "s/^\\(WHITE_LIST_PATH\\s\\+=\\).*/\\1 'lists'/g" \ -e "s/^\\(BLACK_LIST_PATH\\s\\+=\\).*/\\1 'lists'/g" \ $(1)/etc/snort/snort_defaults.lua endef $(eval $(call BuildPackage,snort3))