diff options
| author | Roman I Khimov <khimov@altell.ru> | 2010-07-30 17:49:32 +0400 |
|---|---|---|
| committer | Roman I Khimov <khimov@altell.ru> | 2010-08-05 10:44:22 +0400 |
| commit | 764a16d55f2ab0a632b87375ab4b41ac71d74220 (patch) | |
| tree | e7c66757a1aac0aa16dd6d6757cbfcb2b6b58d2d | |
| parent | 5e02e8de46439e09aa527813f335b785cd389ecf (diff) | |
suricata: new recipe
The Suricata Engine is an Open Source Next Generation Intrusion Detection
and Prevention Engine. This engine is not intended to just replace or emulate
the existing tools in the industry, but will bring new ideas and technologies
to the field.
Signed-off-by: Roman I Khimov <khimov@altell.ru>
| -rw-r--r-- | recipes/suricata/suricata/default | 7 | ||||
| -rw-r--r-- | recipes/suricata/suricata/init | 46 | ||||
| -rw-r--r-- | recipes/suricata/suricata/logrotate | 12 | ||||
| -rw-r--r-- | recipes/suricata/suricata/volatiles | 2 | ||||
| -rw-r--r-- | recipes/suricata/suricata_1.0.1.bb | 55 |
5 files changed, 122 insertions, 0 deletions
diff --git a/recipes/suricata/suricata/default b/recipes/suricata/suricata/default new file mode 100644 index 0000000000..53ef415a0d --- /dev/null +++ b/recipes/suricata/suricata/default @@ -0,0 +1,7 @@ +# Set listen (pcap/nfqueue/pf_ring) parameters for suricata here, like: +# +# SURICATA_PARAMS="-i eth0" +# or +# SURICATA_PARAMS="-q 100" +# +# Default it none and suricata won't be started
\ No newline at end of file diff --git a/recipes/suricata/suricata/init b/recipes/suricata/suricata/init new file mode 100644 index 0000000000..eea03ef5cc --- /dev/null +++ b/recipes/suricata/suricata/init @@ -0,0 +1,46 @@ +#!/bin/sh +# Suricata init file (rather simplistic) + +DAEMON=/usr/bin/suricata +DESC="IDS/IPS service" +NAME="suricata" +DEFAULT_FILE=/etc/default/suricata +CONF_FILE=/etc/suricata/suricata.yaml +PID_FILE=/var/run/suricata.pid + +if [ -f /etc/default/suricata ]; then + . /etc/default/suricata +fi + +if [ "x$SURICATA_PARAMS" == "x" ]; then + echo "No SURICATA_PARAMS defined in default file, won't run Suricata" >&2 + exit 1 +fi + +case "$1" in + start) + echo -n "Starting $DESC: " + start-stop-daemon --oknodo -S -x $DAEMON -p $PID_FILE -- $SURICATA_PARAMS -c $CONF_FILE -D --pidfile $PID_FILE + echo "$NAME." + ;; + stop) + echo -n "Stopping $DESC: " + start-stop-daemon -K -p $PID_FILE + for i in `seq 1 5`; do + if start-stop-daemon -p $PID -t -K >/dev/null 2>&1; then + break; + fi + sleep 1 + done + ;; + restart|force-reload) + $0 stop + $0 start + ;; + *) + echo "Usage: $0 {start|stop|restart|force-reload}" >&2 + exit 2 + ;; +esac + +exit 0
\ No newline at end of file diff --git a/recipes/suricata/suricata/logrotate b/recipes/suricata/suricata/logrotate new file mode 100644 index 0000000000..dd4bac42f4 --- /dev/null +++ b/recipes/suricata/suricata/logrotate @@ -0,0 +1,12 @@ +/var/log/suricata/*.log /var/log/suricata/*.alert{ + size 32M + missingok + compress + delaycompress + rotate 10 + sharedscripts + postrotate + /etc/init.d/suricata restart + endscript +} + diff --git a/recipes/suricata/suricata/volatiles b/recipes/suricata/suricata/volatiles new file mode 100644 index 0000000000..55092f5fb8 --- /dev/null +++ b/recipes/suricata/suricata/volatiles @@ -0,0 +1,2 @@ +# <type> <owner> <group> <mode> <path> <linksource> +d root root 0755 /var/log/suricata none
\ No newline at end of file diff --git a/recipes/suricata/suricata_1.0.1.bb b/recipes/suricata/suricata_1.0.1.bb new file mode 100644 index 0000000000..e6f569e67d --- /dev/null +++ b/recipes/suricata/suricata_1.0.1.bb @@ -0,0 +1,55 @@ +DESCRIPTION = "The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine" +LICENSE = "GPLv2" +HOMEPAGE = "http://openinfosecfoundation.org/" +DEPENDS = "libhtp libyaml libprelude libnetfilter-queue libnet libpcap libpcre libpfring" + +PR = "r1" + +SRC_URI = " \ + http://www.openinfosecfoundation.org/download/suricata-${PV}.tar.gz \ + file://volatiles \ + file://logrotate \ + file://default \ + file://init \ + " +SRC_URI[md5sum] = "ad42b854ef2b44499f0f1d1531b1ca36" +SRC_URI[sha256sum] = "7fbc8fe89a0a30171eddb8b066ab7e6ec811d14a73aa6bc9cea26fc1f36f4be4" + +EXTRA_OECONF = " \ + --enable-nfqueue \ + --enable-prelude \ + --enable-pfring \ + --enable-non-bundled-htp \ + --with-libnet-includes=${STAGING_INCDIR} \ + --with-libnet-libraries=${STAGING_LIBDIR} \ + " + +inherit autotools + +do_install_append() { + install -d ${D}${sysconfdir}/default/volatiles + install -d ${D}${sysconfdir}/init.d + install -d ${D}${sysconfdir}/logrotate.d + install -d ${D}${sysconfdir}/suricata + install -m 0644 suricata.yaml ${D}${sysconfdir}/suricata/ + install -m 0644 classification.config ${D}${sysconfdir}/suricata/ + install -m 0644 ${WORKDIR}/volatiles ${D}${sysconfdir}/default/volatiles/suricata + install -m 0644 ${WORKDIR}/logrotate ${D}${sysconfdir}/logrotate.d/suricata + install -m 0644 ${WORKDIR}/default ${D}${sysconfdir}/default/suricata + install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/suricata +} + +pkg_postinst_${PN}() { + ${sysconfdir}/init.d/populate-volatile.sh update +} + +PACKAGES =+ "${PN}-logrotate" +FILES_${PN}-logrotate = "${sysconfdir}/logrotate.d/suricata" +RRECOMMENDS_${PN} += "${PN}-logrotate" +RSUGGESTS_${PN}-logrotate += "logrotate" + +CONFFILES_${PN} = " \ + ${sysconfdir}/default/suricata \ + ${sysconfdir}/suricata/suricata.yaml \ + ${sysconfdir}/suricata/classification.config \ + "
\ No newline at end of file |