Created attachment 151729 [details] suricata 2.0.6 patch This patch update suricata to version 2.0.6 but also adds few more knobs and change some default so binary package is more useful. - update to 2.0.6 - Enable json output support by default - Enable geoip support by default - Enable lua/luajit by default - Add support for nss/nspr and enable by default - Add option for installing suricatasc (python dependency) - Allow the socket to be set in any location (this is used as a workaround for this bug - https://redmine.openinfosecfoundation.org/issues/1353) - create suricata log dir and add to plist suricata-2.0.6.portlint.log: (all warnings exist in current port) WARN: Makefile: use ".if ${PORT_OPTIONS:MDOCS}" to wrap installation of files into /usr/local/share/doc. WARN: Makefile: possible use of absolute pathname "/var/log/${PORTNAME}". WARN: Makefile: possible use of absolute pathname "/tmp". WARN: Makefile: possible direct use of "files" "RULES_FILES= decoder-events.rules dns-events.rules files.rules http-events.rules smtp-events.rules stream-events.rules tls-events.rules" found. if so, use ${FILESDIR} instead. 0 fatal errors and 4 warnings found.
Auto-assigned to maintainer koobs@FreeBSD.org
Created attachment 151730 [details] poudriere testport log file.
Thanks for your submission :) I think I note a couple of typo's: +SC_DESC= Build and install suricatasc If not, then the following block is: +.if ${PORT_OPTIONS:MSC} --------------------^ And neither are set in OPTIONS_DEFINE ... +NSPR_LIB_DEPENDS= .. +NSPRS_CONFIGURE_ON= .. -----^ I assume the following was a reversed logic bug? -JSON_CONFIGURE_OFF= --with-libjansson-includes=${LOCALBASE}/include +JSON_CONFIGURE_ON= --with-libjansson-includes=${LOCALBASE}/include Additionally, we want to use OPTIONS helpers for the MSC option block Can you also comment on the following * Removal of the pre-install block * + ${MKDIR} ${STAGEDIR}${LOGS_DIR} I'm not 100% on all the additions to OPTIONS_DEFAULT yet either
Hi Kubilay, Please see my notes below: ================= I do not see the typo for "SC" Here is the example from the handbook: OPTIONS_DEFINE= OPT1 .include <bsd.port.options.mk> .if ${PORT_OPTIONS:MOPT1} CONFIGURE_ARGS+= --enable-test .else CONFIGURE_ARGS+= --disable-test .endif So SC -> PORT_OPTIONS:MSC? ================= NSPRS_CONFIGURE_ON is a typo - I'll fix and provide new patch. ================= I believe JSON_CONFIGURE_ON is the correct statement - add this path only if JSON support is enabled e.g. CONFIGURE_ON? https://www.freebsd.org/doc/en_US.ISO8859-1/books/porters-handbook/makefile-options.html - 5.12.3.5. OPT_CONFIGURE_ON ================= MDIR -> - create suricata log dir and add to plist Suricata depends on an non-existent log dir /var/log/suricata, so I have added it in the port (with permission 0700) ================= OPTIONS_DEFAULT - Honestly I always prepare my own binary packages and do not depend on defaults, but if you want to experiment on a soekris box for example and do not have your own build cluster (or time to bother) it's much easier to have support for modern features in suricata by default.
Created attachment 151734 [details] suricata-2.0.6.patch (2nd attempt) compared to previous patch: - convert to OPTIONS helpers - fix typo
Created attachment 151735 [details] suricata-2.0.6.log poudriere testport
A commit references this bug: Author: koobs Date: Sun Jan 18 07:12:38 UTC 2015 New revision: 377282 URL: https://svnweb.freebsd.org/changeset/ports/377282 Log: security/suricata: Update to 2.0.6, add lots of OPTIONS - Update to 2.0.6 - Update pkg-plist - Add LICENSE_FILE - Add OPTIONS for: * LUA scripting support * LUAjit scripting support * Suricata socket client - Fix a reverse logic bug for JSON option - Suricata links to nspr as a dependent of nss, add it to LIB_DEPENDS - Create LOGS_DIR post-install - Add patch to fix upstream issue 1353 [1] [1] https://redmine.openinfosecfoundation.org/issues/1353 PR: 196801 Submitted by: cheffo freebsd-bg org (with changes) Changes: head/security/suricata/Makefile head/security/suricata/distinfo head/security/suricata/files/patch-scripts_suricatasc_suricatasc.in head/security/suricata/pkg-plist
Committed, with changes, thanks cheffo! :)