svn commit: r402907 - in head/security/suricata: . files
Kubilay Kocak
koobs at FreeBSD.org
Fri Dec 4 05:42:19 UTC 2015
Author: koobs
Date: Fri Dec 4 05:42:17 2015
New Revision: 402907
URL: https://svnweb.freebsd.org/changeset/ports/402907
Log:
security/suricata: Add rules files, netmap startup support
- Install missing rules files [1]
- Add netmap support and simplify pid file naming [2]
PR: 204838 [1], 204834 [2]
Submitted by: Bill Meeks <bmeeks8 bellsouth net> [1]
Submitted by: Franco Fichtner <franco opnsense org> [2]
Modified:
head/security/suricata/Makefile
head/security/suricata/files/suricata.in
head/security/suricata/pkg-plist
Modified: head/security/suricata/Makefile
==============================================================================
--- head/security/suricata/Makefile Fri Dec 4 02:06:07 2015 (r402906)
+++ head/security/suricata/Makefile Fri Dec 4 05:42:17 2015 (r402907)
@@ -116,7 +116,9 @@ LIBNET_CONFIG?= ${LOCALBASE}/bin/libnet1
CONFIG_DIR?= ${ETCDIR}
CONFIG_FILES= suricata.yaml classification.config reference.config threshold.config
RULES_DIR= ${CONFIG_DIR}/rules
-RULES_FILES= decoder-events.rules dns-events.rules files.rules http-events.rules smtp-events.rules stream-events.rules tls-events.rules
+RULES_FILES= app-layer-events.rules decoder-events.rules dns-events.rules files.rules \
+ http-events.rules modbus-events.rules smtp-events.rules stream-events.rules \
+ tls-events.rules
LOGS_DIR?= /var/log/${PORTNAME}
.include <bsd.port.pre.mk>
Modified: head/security/suricata/files/suricata.in
==============================================================================
--- head/security/suricata/files/suricata.in Fri Dec 4 02:06:07 2015 (r402906)
+++ head/security/suricata/files/suricata.in Fri Dec 4 05:42:17 2015 (r402907)
@@ -17,6 +17,8 @@
# Default: ${PREFIX}/etc/suricata/suricata.yaml
# suricata_divertport (int): Port to create divert socket (Inline Mode)
# Default: 8000
+# suricata_netmap (str): Set to YES to enable netmap (Inline Mode)
+# Default: NO
. /etc/rc.subr
@@ -32,11 +34,20 @@ load_rc_config $name
[ -z "$suricata_conf" ] && suricata_conf="%%PREFIX%%/etc/suricata/suricata.yaml"
[ -z "$suricata_flags" ] && suricata_flags="-D"
[ -z "$suricata_divertport" ] && suricata_divertport="8000"
+[ -z "$suricata_netmap" ] && suricata_netmap="NO"
-[ -n "$suricata_interface" ] && suricata_flags="$suricata_flags -i $suricata_interface --pidfile /var/run/suricata_${suricata_interface}.pid" \
- && pidfile="/var/run/suricata_${suricata_interface}.pid"
-[ -z "$suricata_interface" ] && suricata_flags="$suricata_flags -d $suricata_divertport --pidfile /var/run/suricata_inline.pid" \
- && pidfile="/var/run/suricata_inline.pid" && info "Inline Mode on divert port $suricata_divertport (suricata_interface not defined)"
-[ -n "$suricata_conf" ] && suricata_flags="$suricata_flags -c $suricata_conf"
+if [ -n "$suricata_interface" ]; then
+ suricata_flags="$suricata_flags -i $suricata_interface"
+elif [ "$suricata_netmap" != "NO" ]; then
+ suricata_flags="$suricata_flags --netmap"
+else
+ suricata_flags="$suricata_flags -d $suricata_divertport"
+ info "Inline Mode on divert port $suricata_divertport (suricata_interface not defined)"
+fi
+
+pidfile="/var/run/suricata.pid"
+suricata_flags="$suricata_flags --pidfile $pidfile"
+
+[ -n "$suricata_conf" ] && suricata_flags="$suricata_flags -c $suricata_conf"
run_rc_command "$1"
Modified: head/security/suricata/pkg-plist
==============================================================================
--- head/security/suricata/pkg-plist Fri Dec 4 02:06:07 2015 (r402906)
+++ head/security/suricata/pkg-plist Fri Dec 4 05:42:17 2015 (r402907)
@@ -60,15 +60,17 @@ bin/suricata
@sample %%ETCDIR%%/classification.config.sample
@sample %%ETCDIR%%/reference.config.sample
@sample %%ETCDIR%%/threshold.config.sample
+%%ETCDIR%%/rules/app-layer-events.rules
%%ETCDIR%%/rules/decoder-events.rules
%%ETCDIR%%/rules/dns-events.rules
%%ETCDIR%%/rules/files.rules
%%ETCDIR%%/rules/http-events.rules
+%%ETCDIR%%/rules/modbus-events.rules
%%ETCDIR%%/rules/smtp-events.rules
%%ETCDIR%%/rules/stream-events.rules
%%ETCDIR%%/rules/tls-events.rules
@dir etc/suricata/rules
@dir etc/suricata
@dir(root,wheel,0700) /var/log/suricata
- at unexec if [ -d %D/%%ETCDIR%% ]; then echo "==> If you are permanently removing this port, you should do a ``rm -rf ${PKG_PREFIX}/etc/suricata`` to remove any configuration files left."; fi
+ at unexec if [ -d %D/%%ETCDIR%% ]; then echo "==> If you are permanently removing this port, run ``rm -rf ${PKG_PREFIX}/etc/suricata`` to remove configuration files."; fi
@dir %%DOCSDIR%%
More information about the svn-ports-all
mailing list