[oe-commits] Roman I Khimov : suricata: new recipe

git version control git at git.openembedded.org
Thu Aug 5 06:44:52 UTC 2010 

Module: openembedded.git
Branch: org.openembedded.dev
Commit: 764a16d55f2ab0a632b87375ab4b41ac71d74220
URL:    http://gitweb.openembedded.net/?p=openembedded.git&a=commit;h=764a16d55f2ab0a632b87375ab4b41ac71d74220

Author: Roman I Khimov <khimov at altell.ru>
Date:   Fri Jul 30 17:49:32 2010 +0400

suricata: new recipe

The Suricata Engine is an Open Source Next Generation Intrusion Detection
and Prevention Engine. This engine is not intended to just replace or emulate
the existing tools in the industry, but will bring new ideas and technologies
to the field.

Signed-off-by: Roman I Khimov <khimov at altell.ru>

---

 recipes/suricata/suricata/default   |    7 ++++
 recipes/suricata/suricata/init      |   46 +++++++++++++++++++++++++++++
 recipes/suricata/suricata/logrotate |   12 +++++++
 recipes/suricata/suricata/volatiles |    2 +
 recipes/suricata/suricata_1.0.1.bb  |   55 +++++++++++++++++++++++++++++++++++
 5 files changed, 122 insertions(+), 0 deletions(-)

diff --git a/recipes/suricata/suricata/default b/recipes/suricata/suricata/default
new file mode 100644
index 0000000..53ef415
--- /dev/null
+++ b/recipes/suricata/suricata/default
@@ -0,0 +1,7 @@
+# Set listen (pcap/nfqueue/pf_ring) parameters for suricata here, like:
+#
+# SURICATA_PARAMS="-i eth0"
+# or
+# SURICATA_PARAMS="-q 100"
+#
+# Default it none and suricata won't be started
\ No newline at end of file
diff --git a/recipes/suricata/suricata/init b/recipes/suricata/suricata/init
new file mode 100644
index 0000000..eea03ef
--- /dev/null
+++ b/recipes/suricata/suricata/init
@@ -0,0 +1,46 @@
+#!/bin/sh
+# Suricata init file (rather simplistic)
+
+DAEMON=/usr/bin/suricata
+DESC="IDS/IPS service"
+NAME="suricata"
+DEFAULT_FILE=/etc/default/suricata
+CONF_FILE=/etc/suricata/suricata.yaml
+PID_FILE=/var/run/suricata.pid
+
+if [ -f /etc/default/suricata ]; then
+	. /etc/default/suricata
+fi
+
+if [ "x$SURICATA_PARAMS" == "x" ]; then
+	echo "No SURICATA_PARAMS defined in default file, won't run Suricata" >&2
+	exit 1
+fi
+
+case "$1" in
+	start)
+		echo -n "Starting $DESC: "
+		start-stop-daemon --oknodo -S -x $DAEMON -p $PID_FILE -- $SURICATA_PARAMS -c $CONF_FILE -D --pidfile $PID_FILE
+		echo "$NAME."
+	;;
+	stop)
+		echo -n "Stopping $DESC: "
+		start-stop-daemon -K -p $PID_FILE
+		for i in `seq 1 5`; do
+			if start-stop-daemon -p $PID -t -K >/dev/null 2>&1; then
+				break;
+			fi
+			sleep 1
+		done
+	;;
+	restart|force-reload)
+		$0 stop
+		$0 start
+	;;
+	*)
+		echo "Usage: $0 {start|stop|restart|force-reload}" >&2
+		exit 2
+	;;
+esac
+
+exit 0
\ No newline at end of file
diff --git a/recipes/suricata/suricata/logrotate b/recipes/suricata/suricata/logrotate
new file mode 100644
index 0000000..dd4bac4
--- /dev/null
+++ b/recipes/suricata/suricata/logrotate
@@ -0,0 +1,12 @@
+/var/log/suricata/*.log /var/log/suricata/*.alert{
+    size 32M
+    missingok
+    compress
+    delaycompress
+    rotate 10
+    sharedscripts
+    postrotate
+	/etc/init.d/suricata restart
+    endscript
+}
+
diff --git a/recipes/suricata/suricata/volatiles b/recipes/suricata/suricata/volatiles
new file mode 100644
index 0000000..55092f5
--- /dev/null
+++ b/recipes/suricata/suricata/volatiles
@@ -0,0 +1,2 @@
+# <type> <owner> <group> <mode> <path> <linksource>
+d root root 0755 /var/log/suricata none
\ No newline at end of file
diff --git a/recipes/suricata/suricata_1.0.1.bb b/recipes/suricata/suricata_1.0.1.bb
new file mode 100644
index 0000000..e6f569e
--- /dev/null
+++ b/recipes/suricata/suricata_1.0.1.bb
@@ -0,0 +1,55 @@
+DESCRIPTION = "The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine"
+LICENSE = "GPLv2"
+HOMEPAGE = "http://openinfosecfoundation.org/"
+DEPENDS = "libhtp libyaml libprelude libnetfilter-queue libnet libpcap libpcre libpfring"
+
+PR = "r1"
+
+SRC_URI = " \
+	http://www.openinfosecfoundation.org/download/suricata-${PV}.tar.gz \
+	file://volatiles \
+	file://logrotate \
+	file://default \
+	file://init \
+	"
+SRC_URI[md5sum] = "ad42b854ef2b44499f0f1d1531b1ca36"
+SRC_URI[sha256sum] = "7fbc8fe89a0a30171eddb8b066ab7e6ec811d14a73aa6bc9cea26fc1f36f4be4"
+
+EXTRA_OECONF = " \
+	--enable-nfqueue \
+	--enable-prelude \
+	--enable-pfring \
+	--enable-non-bundled-htp \
+	--with-libnet-includes=${STAGING_INCDIR} \
+	--with-libnet-libraries=${STAGING_LIBDIR} \
+	"
+
+inherit autotools
+
+do_install_append() {
+	install -d ${D}${sysconfdir}/default/volatiles
+	install -d ${D}${sysconfdir}/init.d
+	install -d ${D}${sysconfdir}/logrotate.d
+	install -d ${D}${sysconfdir}/suricata
+	install -m 0644 suricata.yaml ${D}${sysconfdir}/suricata/
+	install -m 0644 classification.config ${D}${sysconfdir}/suricata/
+	install -m 0644 ${WORKDIR}/volatiles ${D}${sysconfdir}/default/volatiles/suricata
+	install -m 0644 ${WORKDIR}/logrotate ${D}${sysconfdir}/logrotate.d/suricata
+	install -m 0644 ${WORKDIR}/default ${D}${sysconfdir}/default/suricata
+	install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/suricata
+}
+
+pkg_postinst_${PN}() {
+	${sysconfdir}/init.d/populate-volatile.sh update
+}
+
+PACKAGES =+ "${PN}-logrotate"
+FILES_${PN}-logrotate = "${sysconfdir}/logrotate.d/suricata"
+RRECOMMENDS_${PN} += "${PN}-logrotate"
+RSUGGESTS_${PN}-logrotate += "logrotate"
+
+CONFFILES_${PN} = " \
+	${sysconfdir}/default/suricata \
+	${sysconfdir}/suricata/suricata.yaml \
+	${sysconfdir}/suricata/classification.config \
+	"
\ No newline at end of file

More information about the Openembedded-commits mailing list