From owner-svn-ports-all@freebsd.org Fri Dec 4 05:42:18 2015 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E7F7FA407A6; Fri, 4 Dec 2015 05:42:18 +0000 (UTC) (envelope-from koobs@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BC9F11BB5; Fri, 4 Dec 2015 05:42:18 +0000 (UTC) (envelope-from koobs@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id tB45gH96090107; Fri, 4 Dec 2015 05:42:17 GMT (envelope-from koobs@FreeBSD.org) Received: (from koobs@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id tB45gHLE090104; Fri, 4 Dec 2015 05:42:17 GMT (envelope-from koobs@FreeBSD.org) Message-Id: <201512040542.tB45gHLE090104@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: koobs set sender to koobs@FreeBSD.org using -f From: Kubilay Kocak Date: Fri, 4 Dec 2015 05:42:17 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r402907 - in head/security/suricata: . files X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Dec 2015 05:42:19 -0000 Author: koobs Date: Fri Dec 4 05:42:17 2015 New Revision: 402907 URL: https://svnweb.freebsd.org/changeset/ports/402907 Log: security/suricata: Add rules files, netmap startup support - Install missing rules files [1] - Add netmap support and simplify pid file naming [2] PR: 204838 [1], 204834 [2] Submitted by: Bill Meeks [1] Submitted by: Franco Fichtner [2] Modified: head/security/suricata/Makefile head/security/suricata/files/suricata.in head/security/suricata/pkg-plist Modified: head/security/suricata/Makefile ============================================================================== --- head/security/suricata/Makefile Fri Dec 4 02:06:07 2015 (r402906) +++ head/security/suricata/Makefile Fri Dec 4 05:42:17 2015 (r402907) @@ -116,7 +116,9 @@ LIBNET_CONFIG?= ${LOCALBASE}/bin/libnet1 CONFIG_DIR?= ${ETCDIR} CONFIG_FILES= suricata.yaml classification.config reference.config threshold.config RULES_DIR= ${CONFIG_DIR}/rules -RULES_FILES= decoder-events.rules dns-events.rules files.rules http-events.rules smtp-events.rules stream-events.rules tls-events.rules +RULES_FILES= app-layer-events.rules decoder-events.rules dns-events.rules files.rules \ + http-events.rules modbus-events.rules smtp-events.rules stream-events.rules \ + tls-events.rules LOGS_DIR?= /var/log/${PORTNAME} .include Modified: head/security/suricata/files/suricata.in ============================================================================== --- head/security/suricata/files/suricata.in Fri Dec 4 02:06:07 2015 (r402906) +++ head/security/suricata/files/suricata.in Fri Dec 4 05:42:17 2015 (r402907) @@ -17,6 +17,8 @@ # Default: ${PREFIX}/etc/suricata/suricata.yaml # suricata_divertport (int): Port to create divert socket (Inline Mode) # Default: 8000 +# suricata_netmap (str): Set to YES to enable netmap (Inline Mode) +# Default: NO . /etc/rc.subr @@ -32,11 +34,20 @@ load_rc_config $name [ -z "$suricata_conf" ] && suricata_conf="%%PREFIX%%/etc/suricata/suricata.yaml" [ -z "$suricata_flags" ] && suricata_flags="-D" [ -z "$suricata_divertport" ] && suricata_divertport="8000" +[ -z "$suricata_netmap" ] && suricata_netmap="NO" -[ -n "$suricata_interface" ] && suricata_flags="$suricata_flags -i $suricata_interface --pidfile /var/run/suricata_${suricata_interface}.pid" \ - && pidfile="/var/run/suricata_${suricata_interface}.pid" -[ -z "$suricata_interface" ] && suricata_flags="$suricata_flags -d $suricata_divertport --pidfile /var/run/suricata_inline.pid" \ - && pidfile="/var/run/suricata_inline.pid" && info "Inline Mode on divert port $suricata_divertport (suricata_interface not defined)" -[ -n "$suricata_conf" ] && suricata_flags="$suricata_flags -c $suricata_conf" +if [ -n "$suricata_interface" ]; then + suricata_flags="$suricata_flags -i $suricata_interface" +elif [ "$suricata_netmap" != "NO" ]; then + suricata_flags="$suricata_flags --netmap" +else + suricata_flags="$suricata_flags -d $suricata_divertport" + info "Inline Mode on divert port $suricata_divertport (suricata_interface not defined)" +fi + +pidfile="/var/run/suricata.pid" +suricata_flags="$suricata_flags --pidfile $pidfile" + +[ -n "$suricata_conf" ] && suricata_flags="$suricata_flags -c $suricata_conf" run_rc_command "$1" Modified: head/security/suricata/pkg-plist ============================================================================== --- head/security/suricata/pkg-plist Fri Dec 4 02:06:07 2015 (r402906) +++ head/security/suricata/pkg-plist Fri Dec 4 05:42:17 2015 (r402907) @@ -60,15 +60,17 @@ bin/suricata @sample %%ETCDIR%%/classification.config.sample @sample %%ETCDIR%%/reference.config.sample @sample %%ETCDIR%%/threshold.config.sample +%%ETCDIR%%/rules/app-layer-events.rules %%ETCDIR%%/rules/decoder-events.rules %%ETCDIR%%/rules/dns-events.rules %%ETCDIR%%/rules/files.rules %%ETCDIR%%/rules/http-events.rules +%%ETCDIR%%/rules/modbus-events.rules %%ETCDIR%%/rules/smtp-events.rules %%ETCDIR%%/rules/stream-events.rules %%ETCDIR%%/rules/tls-events.rules @dir etc/suricata/rules @dir etc/suricata @dir(root,wheel,0700) /var/log/suricata -@unexec if [ -d %D/%%ETCDIR%% ]; then echo "==> If you are permanently removing this port, you should do a ``rm -rf ${PKG_PREFIX}/etc/suricata`` to remove any configuration files left."; fi +@unexec if [ -d %D/%%ETCDIR%% ]; then echo "==> If you are permanently removing this port, run ``rm -rf ${PKG_PREFIX}/etc/suricata`` to remove configuration files."; fi @dir %%DOCSDIR%%