Browse Source

snort3: new package

Signed-off-by: W. Michael Petullo <mike@flyn.org>
lilik-openwrt-22.03
W. Michael Petullo 6 years ago
parent
commit
53df351850
4 changed files with 199 additions and 0 deletions
  1. +102
    -0
      net/snort3/Makefile
  2. +4
    -0
      net/snort3/files/snort.config
  3. +41
    -0
      net/snort3/files/snort.init
  4. +52
    -0
      net/snort3/patches/001-compile.patch

+ 102
- 0
net/snort3/Makefile View File

@ -0,0 +1,102 @@
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=snort3
PKG_VERSION:=3.0.0-beta
PKG_VERSION_SHORT:=3.0.0
PKG_RELEASE:=1
PKG_LICENSE:=GPL-2.0
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
PKG_SOURCE:=snort-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.snort.org/downloads/snortplus/
PKG_HASH:=ea4079c551002e4d83586f05b3ecdae72706a46ec223339b87ce60f7ae30b8a2
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)/snort-$(PKG_VERSION_SHORT)
PKG_FIXUP:=autoreconf
PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/cmake.mk
define Package/snort3
SUBMENU:=Firewall
SECTION:=net
CATEGORY:=Network
DEPENDS:=+libstdcpp +libdaq +libdnet +libopenssl +libpcap +libpcre +libpthread +libuuid +zlib +libhwloc +libtirpc +luajit
TITLE:=Lightweight Network Intrusion Detection System
URL:=http://www.snort.org/
MENU:=1
endef
define Package/snort3/description
Snort is an open source network intrusion detection and prevention system.
It is capable of performing real-time traffic analysis, alerting, blocking
and packet logging on IP networks. It utilizes a combination of protocol
analysis and pattern matching in order to detect anomalies, misuse and
attacks.
endef
CMAKE_OPTIONS += \
-DENABLE_STATIC_DAQ:BOOL=NO \
-DENABLE_COREFILES:BOOL=NO \
-DENABLE_GDB:BOOL=NO \
-DMAKE_DOC:BOOL=NO \
-DMAKE_HTML_DOC:BOOL=NO \
-DMAKE_PDF_DOC:BOOL=NO \
-DMAKE_TEXT_DOC:BOOL=NO \
TARGET_CFLAGS += -I$(STAGING_DIR)/usr/include/tirpc
TARGET_LDFLAGS += -ltirpc
define Package/snort3/conffiles
/etc/config/snort
endef
define Package/snort3/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) \
$(PKG_INSTALL_DIR)/usr/bin/snort \
$(1)/usr/bin/
$(INSTALL_BIN) \
$(PKG_INSTALL_DIR)/usr/bin/u2{boat,spewfoo} \
$(1)/usr/bin/
$(INSTALL_DIR) $(1)/usr/lib/snort
$(CP) \
$(PKG_INSTALL_DIR)/usr/lib/snort/daqs/daq_hext.so \
$(1)/usr/lib/snort/
$(CP) \
$(PKG_INSTALL_DIR)/usr/lib/snort/daqs/daq_file.so \
$(1)/usr/lib/snort/
$(INSTALL_DIR) $(1)/usr/share/lua
$(CP) \
$(PKG_INSTALL_DIR)/usr/include/snort/lua/snort_plugin.lua \
$(1)/usr/share/lua/
$(CP) \
$(PKG_INSTALL_DIR)/usr/include/snort/lua/snort_config.lua \
$(1)/usr/share/lua/
$(INSTALL_DIR) $(1)/etc/snort
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) \
./files/snort.init \
$(1)/etc/init.d/snort
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) \
./files/snort.config \
$(1)/etc/config/snort
endef
$(eval $(call BuildPackage,snort3))

+ 4
- 0
net/snort3/files/snort.config View File

@ -0,0 +1,4 @@
config snort 'snort'
option config_dir '/etc/snort/etc/'
option alert_module 'alert_syslog'
option interface 'eth0'

+ 41
- 0
net/snort3/files/snort.init View File

@ -0,0 +1,41 @@
#!/bin/sh /etc/rc.common
START=99
STOP=10
USE_PROCD=1
PROG=/usr/bin/snort
validate_snort_section() {
uci_validate_section snort snort "${1}" \
'config_dir:string' \
'alert_module:string' \
'interface:string'
}
start_service() {
local config_file interface
validate_snort_section snort || {
echo "validation failed"
return 1
}
procd_open_instance
procd_set_param command $PROG -q --daq-dir /usr/lib/daq/ -i "$interface" -c "$config_dir/snort.lua" -A "$alert_module"
procd_set_param env SNORT_LUA_PATH="$config_dir"
procd_set_param file $CONFIGFILE
procd_set_param respawn
procd_close_instance
}
stop_service()
{
service_stop ${PROG}
}
service_triggers()
{
procd_add_reload_trigger "snort"
procd_add_validation validate_snort_section
}

+ 52
- 0
net/snort3/patches/001-compile.patch View File

@ -0,0 +1,52 @@
diff -u --recursive snort-3.0.0-vanilla/daqs/daq_file.c snort-3.0.0/daqs/daq_file.c
--- snort-3.0.0-vanilla/daqs/daq_file.c 2018-08-28 02:01:02.000000000 -0400
+++ snort-3.0.0/daqs/daq_file.c 2019-03-28 23:03:25.292770141 -0400
@@ -33,7 +33,7 @@
#include <sys/types.h>
#include <sys/time.h>
-#include <sys/unistd.h>
+#include <unistd.h>
#include <daq_api.h>
#include <sfbpf_dlt.h>
diff -u --recursive snort-3.0.0-vanilla/daqs/daq_hext.c snort-3.0.0/daqs/daq_hext.c
--- snort-3.0.0-vanilla/daqs/daq_hext.c 2018-08-28 02:01:02.000000000 -0400
+++ snort-3.0.0/daqs/daq_hext.c 2019-03-28 22:54:15.738207157 -0400
@@ -35,7 +35,7 @@
#include <arpa/inet.h>
#include <sys/types.h>
#include <sys/time.h>
-#include <sys/unistd.h>
+#include <unistd.h>
#include <sys/socket.h>
#include <daq_api.h>
diff -u --recursive snort-3.0.0-vanilla/src/network_inspectors/appid/service_plugins/service_rpc.cc snort-3.0.0/src/network_inspectors/appid/service_plugins/service_rpc.cc
--- snort-3.0.0-vanilla/src/network_inspectors/appid/service_plugins/service_rpc.cc 2018-08-28 02:01:02.000000000 -0400
+++ snort-3.0.0/src/network_inspectors/appid/service_plugins/service_rpc.cc 2019-03-28 22:32:04.211783669 -0400
@@ -27,6 +27,7 @@
#include <netdb.h>
+#include <tirpc/rpc/rpcent.h>
#if defined(__FreeBSD__) || defined(__OpenBSD__)
#include <rpc/rpc.h>
#elif defined(__sun)
diff -u --recursive snort-3.0.0-vanilla/src/utils/util.cc snort-3.0.0/src/utils/util.cc
--- snort-3.0.0-vanilla/src/utils/util.cc 2018-08-28 02:01:02.000000000 -0400
+++ snort-3.0.0/src/utils/util.cc 2019-03-28 22:16:16.860942230 -0400
@@ -605,13 +605,8 @@
{
static THREAD_LOCAL char buf[128];
-#if (defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE < 200112L && \
- defined(_XOPEN_SOURCE) && _XOPEN_SOURCE < 600) || _GNU_SOURCE
- return strerror_r(errnum, buf, sizeof(buf));
-#else
(void)strerror_r(errnum, buf, sizeof(buf));
return buf;
-#endif
}
char* snort_strndup(const char* src, size_t dst_size)

Loading…
Cancel
Save