svn commit: r443829 - in head/security/suricata: . files

Richard Gallamore ultima at FreeBSD.org
Sun Jun 18 15:06:35 UTC 2017 

Author: ultima
Date: Sun Jun 18 15:06:34 2017
New Revision: 443829
URL: https://svnweb.freebsd.org/changeset/ports/443829

Log:
  * Updated to 3.2.2
  * Depends on libhtp 0.5.24 or greater
  * Listen on multiple PCAP interfaces via RC script
  * Dependencies added in the 3.2.1 update move to the PRELUDE option where they belong
  
   - Support additional runmodes for unix-socket
   - make install-full can have race conditions on OSX
   - af-packet: faulty VLAN handling in tpacket-v3 mode
   - bad checksum 0xffff
   - ippair: xbit unset memory leak
   - file store: file log / file store mismatch with multiple files
   - app-layer: fix memleak on bad traffic
   - http body handling: failed assertion
   - ippair: pair is direction sensitive
   - defrag – overlap issue in linux policy
   - unix socket: race condition on start up
  
  PR:		220026
  Submitted by:	Franco Fichtner <franco at opnsense.org> (maintainer)
  Reviewed by:	matthew (mentor)
  Approved by:	matthew (mentor)
  Differential Revision:	https://reviews.freebsd.org/D11251

Modified:
  head/security/suricata/Makefile
  head/security/suricata/distinfo
  head/security/suricata/files/suricata.in
  head/security/suricata/pkg-plist

Modified: head/security/suricata/Makefile
==============================================================================
--- head/security/suricata/Makefile	Sun Jun 18 14:02:35 2017	(r443828)
+++ head/security/suricata/Makefile	Sun Jun 18 15:06:34 2017	(r443829)
@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	suricata
-PORTVERSION=	3.2.1
+PORTVERSION=	3.2.2
 CATEGORIES=	security
 MASTER_SITES=	http://www.openinfosecfoundation.org/download/
 
@@ -14,10 +14,6 @@ LICENSE_FILE=	${WRKSRC}/LICENSE
 
 LIB_DEPENDS=	libpcre.so:devel/pcre \
 		libnet.so:net/libnet \
-		libgnutls.so:security/gnutls \
-		libgcrypt.so:security/libgcrypt \
-		libgpg-error.so:security/libgpg-error \
-		libltdl.so:devel/libltdl \
 		libyaml.so:textproc/libyaml
 
 USES=		autoreconf cpe gmake libtool pathfix pkgconfig
@@ -58,7 +54,7 @@ TESTS_DESC=		Unit tests in suricata binary
 GEOIP_LIB_DEPENDS=		libGeoIP.so:net/GeoIP
 GEOIP_CONFIGURE_ON=		--enable-geoip
 
-HTP_PORT_BUILD_DEPENDS=		libhtp>=0.5.20:devel/libhtp
+HTP_PORT_BUILD_DEPENDS=		libhtp>=0.5.24:devel/libhtp
 HTP_PORT_LIB_DEPENDS=		libhtp.so:devel/libhtp
 HTP_PORT_CONFIGURE_ON=		--enable-non-bundled-htp
 HTP_PORT_CONFIGURE_OFF=		--enable-bundled-htp
@@ -98,7 +94,11 @@ PORTS_PCAP_CONFIGURE_ON=	--with-libpcap-includes=${LOC
 PORTS_PCAP_CONFIGURE_OFF=	--with-libpcap-includes=/usr/include \
 				--with-libpcap-libraries=/usr/lib
 
-PRELUDE_LIB_DEPENDS=		libprelude.so:security/libprelude
+PRELUDE_LIB_DEPENDS=		libprelude.so:security/libprelude \
+				libgnutls.so:security/gnutls \
+				libgcrypt.so:security/libgcrypt \
+				libgpg-error.so:security/libgpg-error \
+				libltdl.so:devel/libltdl
 PRELUDE_CONFIGURE_ENABLE=	prelude
 PRELUDE_CONFIGURE_ON=		--with-libprelude-prefix=${LOCALBASE}
 

Modified: head/security/suricata/distinfo
==============================================================================
--- head/security/suricata/distinfo	Sun Jun 18 14:02:35 2017	(r443828)
+++ head/security/suricata/distinfo	Sun Jun 18 15:06:34 2017	(r443829)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1487168316
-SHA256 (suricata-3.2.1.tar.gz) = 0e0b0cf49016804bb2fb1fc4327341617e76a67902f4e03e0ef6d16c1d7d3994
-SIZE (suricata-3.2.1.tar.gz) = 11754332
+TIMESTAMP = 1497119063
+SHA256 (suricata-3.2.2.tar.gz) = b1d8e5e53a76fbc89712d10ca8e2208f68f6fc2def0e6ac82e9693bb586a49cb
+SIZE (suricata-3.2.2.tar.gz) = 11758084

Modified: head/security/suricata/files/suricata.in
==============================================================================
--- head/security/suricata/files/suricata.in	Sun Jun 18 14:02:35 2017	(r443828)
+++ head/security/suricata/files/suricata.in	Sun Jun 18 15:06:34 2017	(r443829)
@@ -10,8 +10,8 @@
 # suricata_enable (bool):	Set to YES to enable suricata
 # 				Default: NO
 # suricata_flags (str):		Extra flags passed to suricata
-#				Default: -D -q
-# suricata_interface (str):	Network interface to sniff
+#				Default: -D
+# suricata_interface (str):	Network interface(s) to sniff
 #				Default: "" 
 # suricata_conf (str):		Suricata configuration file
 #				Default: ${PREFIX}/etc/suricata/suricata.yaml
@@ -37,7 +37,9 @@ load_rc_config $name
 [ -z "$suricata_netmap" ]	&& suricata_netmap="NO"
 
 if [ -n "$suricata_interface" ]; then
-	suricata_flags="$suricata_flags -i $suricata_interface"
+	for interface in $suricata_interface; do
+		suricata_flags="$suricata_flags --pcap=$interface"
+	done
 elif [ "$suricata_netmap" != "NO" ]; then
 	suricata_flags="$suricata_flags --netmap"
 else

Modified: head/security/suricata/pkg-plist
==============================================================================
--- head/security/suricata/pkg-plist	Sun Jun 18 14:02:35 2017	(r443828)
+++ head/security/suricata/pkg-plist	Sun Jun 18 15:06:34 2017	(r443829)
@@ -46,8 +46,8 @@ man/man1/suricata.1.gz
 %%NO_HTP_PORT%%include/htp/htp_urlencoded.h
 %%NO_HTP_PORT%%include/htp/htp_utf8_decoder.h
 %%NO_HTP_PORT%%include/htp/htp_version.h
-%%NO_HTP_PORT%%lib/libhtp-0.5.23.so.1
-%%NO_HTP_PORT%%lib/libhtp-0.5.23.so.1.0.0
+%%NO_HTP_PORT%%lib/libhtp-0.5.24.so.1
+%%NO_HTP_PORT%%lib/libhtp-0.5.24.so.1.0.0
 %%NO_HTP_PORT%%lib/libhtp.a
 %%NO_HTP_PORT%%lib/libhtp.so
 %%NO_HTP_PORT%%libdata/pkgconfig/htp.pc

More information about the svn-ports-all mailing list