Created attachment 149299 [details] Patch file for Suricata 2.0.4 Update the Suricata 2.0.4 port to: (1) Include the 7 missing default rules files that should reside in /etc/suricata/rules after an install. These files are: decoder-events.rules dns-events.rules files.rules http-events.rules smtp-events.rules stream-events.rules tls-events.rules (2) Add support for calculating md5 hash of captured files when that option is enabled. This requires compiling with the libnss3 library. The attached patch file contains the required changes.
Fix synopsis and assign to maintainer.
Comments about the change you proposed: - @sample macros are only for configuration files, it installs the conf file as .sample, and a copy without the suffix. At deinstall time, if user never touched conf files without suffix, it is safely removed too, otherwise it's kept. Those rules files should be added only as simple files on pkg-plist. - Regarding nss dependency, do you believe it should be mandatory? Or we could have an OPTION to enable/disable it according user's option
Created attachment 149324 [details] Updated patch to replace @sample with simple files This is an updated patch file that drops using @sample for the default rules files and adds them as simple files instead to pkg-plist.
In my opinion the inclusion of the NSS library for enabling MD5 calculation for captured files should be left as a default dependent just like the YAML support library.
A commit references this bug: Author: koobs Date: Mon Dec 22 15:11:56 UTC 2014 New revision: 375243 URL: https://svnweb.freebsd.org/changeset/ports/375243 Log: security/suricata: Update to 2.0.5, Add NSS support - Update to 2.0.5 - Add NSS option for file checksum and fingerprint support [1] - Add default rules files [1] - Add USES=autoreconf, remove USE_AUTOTOOLS and friends - Override PATHFIX_MAKEFILEIN - Use the install-strip target - Fix HTP_PORT_CONFLICT_OFF typo (CONFLICT*S*) - USES=iconv when using the bundled HTP version - Cleanup and fix OPTION descriptions - Sort OPTIONS and helpers - Use the existing NO_HTP_PORT variable in pkg-plist (OPTIONS_SUB), remove MHTP_PORT conditional accordingly PR: 194953 [1] Submitted by: Bill Meeks <bmeeks8 bellsouth net> [1] Changes: head/security/suricata/Makefile head/security/suricata/distinfo head/security/suricata/pkg-plist
Committed, with changes. Thank you Bill!