1DESCRIPTION = "snort - a free lightweight network intrusion detection system for UNIX and Windows."
2HOMEPAGE = "http://www.snort.org/"
3SECTION = "net"
4LICENSE = "GPL-2.0-only"
5LIC_FILES_CHKSUM = "file://COPYING;md5=78fa8ef966b48fbf9095e13cc92377c5"
6
7DEPENDS = "xz libpcap libpcre daq libdnet util-linux daq-native libtirpc bison-native"
8
9SRC_URI = "https://www.snort.org/downloads/archive/snort/${BP}.tar.gz \
10    file://snort.init \
11    file://snort.service \
12    file://snort.default \
13    file://volatiles.99_snort \
14    file://0001-libpcap-search-sysroot-for-headers.patch \
15    file://fix-host-contamination-when-enable-static-daq.patch \
16    file://disable-run-test-program-while-cross-compiling.patch \
17    file://configure.in-disable-tirpc-checking-for-fedora.patch \
18"
19SRC_URI[sha256sum] = "29400e13f53b1831e0b8b10ec1224a1cbaa6dc1533a5322a20dd80bb84b4981c"
20
21UPSTREAM_CHECK_URI = "https://www.snort.org/downloads"
22UPSTREAM_CHECK_REGEX = "snort-(?P<pver>\d+(\.\d+)+)\.tar"
23
24inherit autotools gettext update-rc.d pkgconfig systemd
25
26INITSCRIPT_NAME = "snort"
27INITSCRIPT_PARAMS = "defaults"
28
29SYSTEMD_PACKAGES = "${PN}"
30SYSTEMD_SERVICE:${PN} = "snort.service"
31SYSTEMD_AUTO_ENABLE = "disable"
32
33EXTRA_OECONF = " \
34    --enable-gre \
35    --enable-linux-smp-stats \
36    --enable-reload \
37    --enable-reload-error-restart \
38    --enable-targetbased \
39    --enable-static-daq \
40    --with-dnet-includes=${STAGING_INCDIR} \
41    --with-dnet-libraries=${STAGING_LIBDIR} \
42    --with-libpcre-includes=${STAGING_INCDIR} \
43    --with-libpcre-libraries=${STAGING_LIBDIR} \
44    --with-daq-includes=${STAGING_INCDIR} \
45    --with-daq-libraries=${STAGING_LIBDIR} \
46"
47
48# if you want to disable it, you need to patch configure.in first
49# AC_CHECK_HEADERS([openssl/sha.h],, SHA_H="no")
50# is called even with --without-openssl-includes
51PACKAGECONFIG ?= "openssl lzma"
52PACKAGECONFIG[openssl] = "--with-openssl-includes=${STAGING_INCDIR} --with-openssl-libraries=${STAGING_LIBDIR}, --without-openssl-includes --without-openssl-libraries, openssl,"
53PACKAGECONFIG[lzma] = "--with-lzma-includes=${STAGING_INCDIR} --with-lzma-libraries=${STAGING_LIBDIR}, --without-lzma-includes --without-lzma-libraries, xz,"
54PACKAGECONFIG[appid] = "--enable-open-appid, --disable-open-appid, luajit, bash"
55
56CFLAGS += "-I${STAGING_INCDIR}/tirpc"
57LDFLAGS += " -ltirpc"
58
59do_install:append() {
60    install -d ${D}${sysconfdir}/snort/rules
61    install -d ${D}${sysconfdir}/snort/preproc_rules
62    install -d ${D}${sysconfdir}/init.d
63    for i in map config conf dtd; do
64        cp ${S}/etc/*.$i ${D}${sysconfdir}/snort/
65    done
66
67    # fix the hardcoded path and lib name
68    # comment out the rules that are not provided
69    sed -i -e 's#/usr/local/lib#${libdir}#' \
70           -e 's#\.\./\(.*rules\)#${sysconfdir}/snort/\1#' \
71           -e 's#\(libsf_engine.so\)#\1.0#' \
72           -e 's/^\(include $RULE_PATH\)/#\1/' \
73           -e 's/^\(dynamicdetection\)/#\1/' \
74           -e '/preprocessor reputation/,/blacklist/ s/^/#/' \
75           ${D}${sysconfdir}/snort/snort.conf
76
77    cp ${S}/preproc_rules/*.rules ${D}${sysconfdir}/snort/preproc_rules/
78    if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then
79        install -m 755 ${WORKDIR}/snort.init ${D}${sysconfdir}/init.d/snort
80    fi
81
82    if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
83        install -d ${D}/${systemd_system_unitdir}
84        install -m 644 ${WORKDIR}/snort.service ${D}/${systemd_system_unitdir}
85        # Install default environment file
86        install -d ${D}/${sysconfdir}/default
87        install -m 0644 ${WORKDIR}/snort.default ${D}${sysconfdir}/default/snort
88    fi
89    install -d ${D}${sysconfdir}/default/volatiles
90    install -m 0644 ${WORKDIR}/volatiles.99_snort ${D}${sysconfdir}/default/volatiles/99_snort
91
92    sed -i -e 's|-ffile-prefix-map[^ ]*||g; s|-fdebug-prefix-map[^ ]*||g; s|-fmacro-prefix-map[^ ]*||g; s|${STAGING_DIR_TARGET}||g' ${D}${libdir}/pkgconfig/*.pc
93}
94
95pkg_postinst:${PN}() {
96    if [ -z "$D" ] && [ -e ${sysconfdir}/init.d/populate-volatile.sh ]; then
97        ${sysconfdir}/init.d/populate-volatile.sh update
98    fi
99}
100
101FILES:${PN} += " \
102    ${libdir}/snort_dynamicengine/*.so.* \
103    ${libdir}/snort_dynamicpreprocessor/*.so.* \
104    ${libdir}/snort_dynamicrules/*.so.* \
105    ${systemd_system_unitdir}/snort.service \
106"
107FILES:${PN}-dbg += " \
108    ${libdir}/snort_dynamicengine/.debug \
109    ${libdir}/snort_dynamicpreprocessor/.debug \
110    ${libdir}/snort_dynamicrules/.debug \
111"
112FILES:${PN}-staticdev += " \
113    ${libdir}/snort_dynamicengine/*.a \
114    ${libdir}/snort_dynamicpreprocessor/*.a \
115    ${libdir}/snort_dynamicrules/*.a \
116    ${libdir}/snort/dynamic_preproc/*.a \
117    ${libdir}/snort/dynamic_output/*.a \
118"
119FILES:${PN}-dev += " \
120    ${libdir}/snort_dynamicengine/*.la \
121    ${libdir}/snort_dynamicpreprocessor/*.la \
122    ${libdir}/snort_dynamicrules/*.la \
123    ${libdir}/snort_dynamicengine/*.so \
124    ${libdir}/snort_dynamicpreprocessor/*.so \
125    ${libdir}/snort_dynamicrules/*.so \
126    ${prefix}/src/snort_dynamicsrc \
127"
128