1DESCRIPTION = "snort - a free lightweight network intrusion detection system for UNIX and Windows."
2HOMEPAGE = "http://www.snort.org/"
3SECTION = "net"
4LICENSE = "GPL-2.0-only"
5LIC_FILES_CHKSUM = "file://COPYING;md5=78fa8ef966b48fbf9095e13cc92377c5"
6
7DEPENDS = "xz libpcap libpcre daq libdnet util-linux daq-native libtirpc bison-native"
8
9SRC_URI = "https://www.snort.org/downloads/archive/snort/${BP}.tar.gz \
10    file://snort.init \
11    file://volatiles.99_snort \
12    file://0001-libpcap-search-sysroot-for-headers.patch \
13    file://fix-host-contamination-when-enable-static-daq.patch \
14    file://disable-run-test-program-while-cross-compiling.patch \
15    file://configure.in-disable-tirpc-checking-for-fedora.patch \
16"
17SRC_URI[sha256sum] = "b12fc6db72afb58987a2bf1954b8f45bde02047c235513c7663857b9506369c7"
18
19UPSTREAM_CHECK_URI = "https://www.snort.org/downloads"
20UPSTREAM_CHECK_REGEX = "snort-(?P<pver>\d+(\.\d+)+)\.tar"
21
22inherit autotools gettext update-rc.d pkgconfig
23
24INITSCRIPT_NAME = "snort"
25INITSCRIPT_PARAMS = "defaults"
26
27EXTRA_OECONF = " \
28    --enable-gre \
29    --enable-linux-smp-stats \
30    --enable-reload \
31    --enable-reload-error-restart \
32    --enable-targetbased \
33    --enable-static-daq \
34    --with-dnet-includes=${STAGING_INCDIR} \
35    --with-dnet-libraries=${STAGING_LIBDIR} \
36    --with-libpcre-includes=${STAGING_INCDIR} \
37    --with-libpcre-libraries=${STAGING_LIBDIR} \
38    --with-daq-includes=${STAGING_INCDIR} \
39    --with-daq-libraries=${STAGING_LIBDIR} \
40"
41
42# if you want to disable it, you need to patch configure.in first
43# AC_CHECK_HEADERS([openssl/sha.h],, SHA_H="no")
44# is called even with --without-openssl-includes
45PACKAGECONFIG ?= "openssl lzma"
46PACKAGECONFIG[openssl] = "--with-openssl-includes=${STAGING_INCDIR} --with-openssl-libraries=${STAGING_LIBDIR}, --without-openssl-includes --without-openssl-libraries, openssl,"
47PACKAGECONFIG[lzma] = "--with-lzma-includes=${STAGING_INCDIR} --with-lzma-libraries=${STAGING_LIBDIR}, --without-lzma-includes --without-lzma-libraries, xz,"
48PACKAGECONFIG[appid] = "--enable-open-appid, --disable-open-appid, luajit, bash"
49
50CFLAGS += "-I${STAGING_INCDIR}/tirpc"
51LDFLAGS += " -ltirpc"
52
53do_install:append() {
54    install -d ${D}${sysconfdir}/snort/rules
55    install -d ${D}${sysconfdir}/snort/preproc_rules
56    install -d ${D}${sysconfdir}/init.d
57    for i in map config conf dtd; do
58        cp ${S}/etc/*.$i ${D}${sysconfdir}/snort/
59    done
60
61    # fix the hardcoded path and lib name
62    # comment out the rules that are not provided
63    sed -i -e 's#/usr/local/lib#${libdir}#' \
64           -e 's#\.\./\(.*rules\)#${sysconfdir}/snort/\1#' \
65           -e 's#\(libsf_engine.so\)#\1.0#' \
66           -e 's/^\(include $RULE_PATH\)/#\1/' \
67           -e 's/^\(dynamicdetection\)/#\1/' \
68           -e '/preprocessor reputation/,/blacklist/ s/^/#/' \
69           ${D}${sysconfdir}/snort/snort.conf
70
71    cp ${S}/preproc_rules/*.rules ${D}${sysconfdir}/snort/preproc_rules/
72    install -m 755 ${WORKDIR}/snort.init ${D}${sysconfdir}/init.d/snort
73
74    install -d ${D}${sysconfdir}/default/volatiles
75    install -m 0644 ${WORKDIR}/volatiles.99_snort ${D}${sysconfdir}/default/volatiles/99_snort
76
77    sed -i -e 's|-ffile-prefix-map[^ ]*||g; s|-fdebug-prefix-map[^ ]*||g; s|-fmacro-prefix-map[^ ]*||g; s|${STAGING_DIR_TARGET}||g' ${D}${libdir}/pkgconfig/*.pc
78}
79
80pkg_postinst:${PN}() {
81    if [ -z "$D" ] && [ -e ${sysconfdir}/init.d/populate-volatile.sh ]; then
82        ${sysconfdir}/init.d/populate-volatile.sh update
83    fi
84}
85
86FILES:${PN} += " \
87    ${libdir}/snort_dynamicengine/*.so.* \
88    ${libdir}/snort_dynamicpreprocessor/*.so.* \
89    ${libdir}/snort_dynamicrules/*.so.* \
90"
91FILES:${PN}-dbg += " \
92    ${libdir}/snort_dynamicengine/.debug \
93    ${libdir}/snort_dynamicpreprocessor/.debug \
94    ${libdir}/snort_dynamicrules/.debug \
95"
96FILES:${PN}-staticdev += " \
97    ${libdir}/snort_dynamicengine/*.a \
98    ${libdir}/snort_dynamicpreprocessor/*.a \
99    ${libdir}/snort_dynamicrules/*.a \
100    ${libdir}/snort/dynamic_preproc/*.a \
101    ${libdir}/snort/dynamic_output/*.a \
102"
103FILES:${PN}-dev += " \
104    ${libdir}/snort_dynamicengine/*.la \
105    ${libdir}/snort_dynamicpreprocessor/*.la \
106    ${libdir}/snort_dynamicrules/*.la \
107    ${libdir}/snort_dynamicengine/*.so \
108    ${libdir}/snort_dynamicpreprocessor/*.so \
109    ${libdir}/snort_dynamicrules/*.so \
110    ${prefix}/src/snort_dynamicsrc \
111"
112