]> git.ipfire.org Git - ipfire-2.x.git/blobdiff - lfs/suricata
projects / ipfire-2.x.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next-suricata
[ipfire-2.x.git] / lfs / suricata
diff --git a/lfs/snort b/lfs/suricata
similarity index 74%
rename from lfs/snort
rename to lfs/suricata
index 813c05c148578925326691550f821f7e9ef2a3fa..0c3593d37b52ddb68a536ed71b5452a07e432059 100644 (file)
--- a/lfs/snort
+++ b/lfs/suricata
@@ -24,9 +24,9 @@
 
 include Config
 
-VER        = 2.9.11.1
+VER        = 4.0.5
 
-THISAPP    = snort-$(VER)
+THISAPP    = suricata-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
 DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = 378e3938b2b5c8e358f942d0ffce18cc
+$(DL_FILE)_MD5 = ea0cb823d6a86568152f75ade6de442f
 
 install : $(TARGET)
 
@@ -69,35 +69,35 @@ $(subst %,%_MD5,$(objects)) :
 
 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        @$(PREBUILD)
-       @rm -rf $(DIR_APP) $(DIR_SRC)/snort* && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+       @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
        cd $(DIR_APP) && ./configure \
                --prefix=/usr \
-               --sysconfdir=/etc/snort \
-               --target=i586 \
-               --enable-linux-smp-stats \
-               --enable-gre --enable-mpls \
-               --enable-targetbased \
-               --enable-ppm \
-               --enable-non-ether-decoders \
-               --enable-perfprofiling \
-               --enable-active-response \
-               --enable-normalizer \
-               --enable-reload \
-               --enable-react \
-               --enable-flexresp3
-
-       cd $(DIR_APP) && make
+               --sysconfdir=/etc \
+               --localstatedir=/var \
+               --enable-gccprotect \
+               --disable-gccmarch-native \
+               --enable-non-bundled-htp \
+               --enable-nfqueue \
+               --disable-static
+       cd $(DIR_APP) && make $(MAKETUNING)
        cd $(DIR_APP) && make install
-       mv /usr/bin/snort /usr/sbin/
-       -mkdir -p /etc/snort/rules
-
-       cd $(DIR_APP) && install -m 0644  \
-               etc/reference.config etc/classification.config /etc/snort/rules
-       cd $(DIR_APP) && install -m 0644 etc/unicode.map /etc/snort
-       install -m 0644 $(DIR_SRC)/config/snort/snort.conf /etc/snort
-       cp /etc/snort/snort.conf /etc/snort/snort.conf.template
-       chown -R nobody:nobody /etc/snort
-       -mkdir -p /var/log/snort
-       chown -R snort:snort /var/log/snort
-       @rm -rf $(DIR_APP) $(DIR_SRC)/snort*
+       cd $(DIR_APP) && make install-conf
+
+       # Remove default suricata config file.
+       rm -rvf /etc/suricata/suricata.yaml
+
+       # Install IPFire related config file.
+       install -m 0644 $(DIR_SRC)/config/suricata/suricata.yaml /etc/suricata
+
+       # Create emtpy rules directory.
+       -mkdir -p /var/lib/suricata
+
+       # Move config files for references, threshold and classification
+       # to the rules directory.
+       mv /etc/suricata/*.config /var/lib/suricata
+
+       # Create logging directory.
+       -mkdir -p /var/log/suricata
+
+       @rm -rf $(DIR_APP)
        @$(POSTBUILD)
IPFire 2.x development tree