From owner-svn-ports-all@freebsd.org Sun Dec 9 01:31:32 2018 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4581D1330B86; Sun, 9 Dec 2018 01:31:32 +0000 (UTC) (envelope-from swills@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id DB6B871A9D; Sun, 9 Dec 2018 01:31:31 +0000 (UTC) (envelope-from swills@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id BDBD02243; Sun, 9 Dec 2018 01:31:31 +0000 (UTC) (envelope-from swills@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wB91VViN003664; Sun, 9 Dec 2018 01:31:31 GMT (envelope-from swills@FreeBSD.org) Received: (from swills@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wB91VVvS003661; Sun, 9 Dec 2018 01:31:31 GMT (envelope-from swills@FreeBSD.org) Message-Id: <201812090131.wB91VVvS003661@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: swills set sender to swills@FreeBSD.org using -f From: Steve Wills Date: Sun, 9 Dec 2018 01:31:31 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r487007 - head/security/suricata X-SVN-Group: ports-head X-SVN-Commit-Author: swills X-SVN-Commit-Paths: head/security/suricata X-SVN-Commit-Revision: 487007 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: DB6B871A9D X-Spamd-Result: default: False [-2.95 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.997,0]; NEURAL_HAM_SHORT(-0.96)[-0.963,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]; NEURAL_HAM_LONG(-0.99)[-0.992,0] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 09 Dec 2018 01:31:32 -0000 Author: swills Date: Sun Dec 9 01:31:30 2018 New Revision: 487007 URL: https://svnweb.freebsd.org/changeset/ports/487007 Log: security/suricata: update to 4.1 PR: 231839 Submitted by: Franco Fichtner (maintainer) Modified: head/security/suricata/Makefile (contents, props changed) head/security/suricata/distinfo (contents, props changed) head/security/suricata/pkg-plist (contents, props changed) Modified: head/security/suricata/Makefile ============================================================================== --- head/security/suricata/Makefile Sun Dec 9 01:09:28 2018 (r487006) +++ head/security/suricata/Makefile Sun Dec 9 01:31:30 2018 (r487007) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= suricata -DISTVERSION= 4.0.6 +DISTVERSION= 4.1.0 CATEGORIES= security MASTER_SITES= https://www.openinfosecfoundation.org/download/ @@ -14,9 +14,13 @@ LICENSE_FILE= ${WRKSRC}/LICENSE LIB_DEPENDS= libpcre.so:devel/pcre \ libnet.so:net/libnet \ + liblz4.so:archivers/liblz4 \ libyaml.so:textproc/libyaml -USES= autoreconf cpe gmake libtool pathfix pkgconfig +USES= autoreconf cpe gmake iconv:translit libtool pathfix pkgconfig + +CONFLICTS_INSTALL=libhtp + USE_LDCONFIG= yes USE_RC_SUBR= ${PORTNAME} @@ -27,8 +31,8 @@ CPE_VENDOR= openinfosecfoundation INSTALL_TARGET= install-strip TEST_TARGET= check -OPTIONS_DEFINE= GEOIP HTP_PORT IPFW JSON NETMAP NSS PORTS_PCAP PRELUDE \ - REDIS SC TESTS +OPTIONS_DEFINE= GEOIP IPFW JSON NETMAP NSS PORTS_PCAP PRELUDE \ + REDIS RUST SC TESTS OPTIONS_DEFINE_amd64= HYPERSCAN OPTIONS_DEFAULT= IPFW JSON NETMAP PRELUDE OPTIONS_SUB= yes @@ -40,29 +44,22 @@ SCRIPTS_DESC= Scripting GEOIP_DESC= GeoIP support HYPERSCAN_DESC= Hyperscan support -HTP_PORT_DESC= Use libhtp from ports IPFW_DESC= IPFW and IP Divert support for inline IDP JSON_DESC= JSON output support -LUA_DESC= LUA scripting support LUAJIT_DESC= LuaJIT scripting support +LUA_DESC= LUA scripting support NETMAP_DESC= Netmap support for inline IDP NSS_DESC= File checksums and SSL/TLS fingerprinting PORTS_PCAP_DESC= Use libpcap from ports PRELUDE_DESC= Prelude support for NIDS alerts REDIS_DESC= Redis output support +RUST_DESC= Rust parser support SC_DESC= Suricata socket client (suricatasc) TESTS_DESC= Unit tests in suricata binary GEOIP_LIB_DEPENDS= libGeoIP.so:net/GeoIP GEOIP_CONFIGURE_ON= --enable-geoip -HTP_PORT_BUILD_DEPENDS= libhtp>=0.5.27:devel/libhtp -HTP_PORT_LIB_DEPENDS= libhtp.so:devel/libhtp -HTP_PORT_CONFIGURE_ON= --enable-non-bundled-htp -HTP_PORT_CONFIGURE_OFF= --enable-bundled-htp -HTP_PORT_CONFLICTS_INSTALL_OFF= libhtp -HTP_PORT_USES_OFF= iconv:translit - HYPERSCAN_LIB_DEPENDS= libhs.so:devel/hyperscan HYPERSCAN_CONFIGURE_ON= --with-libhs-includes=${LOCALBASE}/include \ --with-libhs-libraries=${LOCALBASE}/lib @@ -110,6 +107,9 @@ REDIS_CONFIGURE_ON= --enable-hiredis \ --with-libhiredis-includes=${LOCALBASE}/include \ --with-libhiredis-libraries=${LOCALBASE}/lib +RUST_BUILD_DEPENDS= rustc:lang/rust +RUST_CONFIGURE_ENABLE= rust + SC_USES= python:2.7 SC_CONFIGURE_ENABLE= python @@ -118,6 +118,7 @@ TESTS_CONFIGURE_ENABLE= unittests SUB_FILES= pkg-message CONFIGURE_ARGS+=--enable-gccprotect \ + --enable-bundled-htp \ --with-libpcre-includes=${LOCALBASE}/include \ --with-libpcre-libraries=${LOCALBASE}/lib \ --with-libyaml-includes=${LOCALBASE}/include \ @@ -130,10 +131,6 @@ CONFIGURE_ARGS+=--enable-gccprotect \ CONFIG_DIR?= ${ETCDIR} CONFIG_FILES= suricata.yaml classification.config reference.config threshold.config -RULES_DIR= ${CONFIG_DIR}/rules -RULES_FILES= app-layer-events.rules decoder-events.rules dns-events.rules files.rules \ - http-events.rules modbus-events.rules smtp-events.rules stream-events.rules \ - tls-events.rules LOGS_DIR?= /var/log/${PORTNAME} pre-patch: @@ -141,13 +138,9 @@ pre-patch: post-install: @${MKDIR} ${STAGEDIR}${CONFIG_DIR} - @${MKDIR} ${STAGEDIR}${RULES_DIR} @${MKDIR} ${STAGEDIR}${LOGS_DIR} .for f in ${CONFIG_FILES} ${INSTALL_DATA} ${WRKSRC}/${f} ${STAGEDIR}${CONFIG_DIR}/${f}.sample -.endfor -.for f in ${RULES_FILES} - ${INSTALL_DATA} ${WRKSRC}/rules/${f} ${STAGEDIR}${RULES_DIR}/${f} .endfor post-install-SC-on: Modified: head/security/suricata/distinfo ============================================================================== --- head/security/suricata/distinfo Sun Dec 9 01:09:28 2018 (r487006) +++ head/security/suricata/distinfo Sun Dec 9 01:31:30 2018 (r487007) @@ -1,3 +1,3 @@ -TIMESTAMP = 1541507025 -SHA256 (suricata-4.0.6.tar.gz) = cbab847b33fc625b7a92241fdce2e1ca47b8bb415c9114de70819394229679a4 -SIZE (suricata-4.0.6.tar.gz) = 12575428 +TIMESTAMP = 1541509849 +SHA256 (suricata-4.1.0.tar.gz) = bd9b00fb4fc255566d4d8a8b52eb4977b4e8b49b37710d166cba75e6a93a504a +SIZE (suricata-4.1.0.tar.gz) = 15602196 Modified: head/security/suricata/pkg-plist ============================================================================== --- head/security/suricata/pkg-plist Sun Dec 9 01:09:28 2018 (r487006) +++ head/security/suricata/pkg-plist Sun Dec 9 01:31:30 2018 (r487007) @@ -1,77 +1,65 @@ bin/suricata +include/htp/bstr.h +include/htp/bstr_builder.h +include/htp/htp.h +include/htp/htp_base64.h +include/htp/htp_config.h +include/htp/htp_connection_parser.h +include/htp/htp_core.h +include/htp/htp_decompressors.h +include/htp/htp_hooks.h +include/htp/htp_list.h +include/htp/htp_multipart.h +include/htp/htp_table.h +include/htp/htp_transaction.h +include/htp/htp_urlencoded.h +include/htp/htp_utf8_decoder.h +include/htp/htp_version.h +lib/libhtp.a +lib/libhtp.so +lib/libhtp.so.2 +lib/libhtp.so.2.0.0 +libdata/pkgconfig/htp.pc man/man1/suricata.1.gz %%SC%%bin/suricatasc %%DOCSDIR%%/AUTHORS %%DOCSDIR%%/Basic_Setup.txt -%%DOCSDIR%%/CentOS5.txt -%%DOCSDIR%%/CentOS_56_Installation.txt -%%DOCSDIR%%/Debian_Installation.txt -%%DOCSDIR%%/Fedora_Core.txt -%%DOCSDIR%%/FreeBSD_8.txt %%DOCSDIR%%/GITGUIDE -%%DOCSDIR%%/HTP_library_installation.txt %%DOCSDIR%%/INSTALL %%DOCSDIR%%/INSTALL.PF_RING %%DOCSDIR%%/INSTALL.WINDOWS -%%DOCSDIR%%/Installation_from_GIT_with_PCRE-JIT.txt -%%DOCSDIR%%/Installation_from_GIT_with_PF_RING_on_Ubuntu_server_1104.txt -%%DOCSDIR%%/Installation_with_CUDA_and_PFRING_on_Scientific_Linux_6.txt -%%DOCSDIR%%/Installation_with_CUDA_and_PF_RING_on_Ubuntu_server_1104.txt -%%DOCSDIR%%/Installation_with_CUDA_on_Scientific_Linux_6.txt -%%DOCSDIR%%/Installation_with_CUDA_on_Ubuntu_server_1104.txt -%%DOCSDIR%%/Installation_with_PF_RING.txt -%%DOCSDIR%%/Mac_OS_X_106x.txt %%DOCSDIR%%/NEWS -%%DOCSDIR%%/OpenBSD_Installation_from_GIT.txt %%DOCSDIR%%/README %%DOCSDIR%%/Setting_up_IPSinline_for_Linux.txt %%DOCSDIR%%/TODO %%DOCSDIR%%/Third_Party_Installation_Guides.txt -%%DOCSDIR%%/Ubuntu_Installation.txt -%%DOCSDIR%%/Ubuntu_Installation_from_GIT.txt -%%DOCSDIR%%/Windows.txt -%%NO_HTP_PORT%%include/htp/bstr.h -%%NO_HTP_PORT%%include/htp/bstr_builder.h -%%NO_HTP_PORT%%include/htp/htp.h -%%NO_HTP_PORT%%include/htp/htp_base64.h -%%NO_HTP_PORT%%include/htp/htp_config.h -%%NO_HTP_PORT%%include/htp/htp_connection_parser.h -%%NO_HTP_PORT%%include/htp/htp_core.h -%%NO_HTP_PORT%%include/htp/htp_decompressors.h -%%NO_HTP_PORT%%include/htp/htp_hooks.h -%%NO_HTP_PORT%%include/htp/htp_list.h -%%NO_HTP_PORT%%include/htp/htp_multipart.h -%%NO_HTP_PORT%%include/htp/htp_table.h -%%NO_HTP_PORT%%include/htp/htp_transaction.h -%%NO_HTP_PORT%%include/htp/htp_urlencoded.h -%%NO_HTP_PORT%%include/htp/htp_utf8_decoder.h -%%NO_HTP_PORT%%include/htp/htp_version.h -%%NO_HTP_PORT%%lib/libhtp.a -%%NO_HTP_PORT%%lib/libhtp.so -%%NO_HTP_PORT%%lib/libhtp.so.2 -%%NO_HTP_PORT%%lib/libhtp.so.2.0.0 -%%NO_HTP_PORT%%libdata/pkgconfig/htp.pc -%%NO_HTP_PORT%%@dir include/htp %%SC%%%%PYTHON_SITELIBDIR%%/suricatasc-0.9-py%%PYTHON_VER%%.egg-info %%SC%%%%PYTHON_SITELIBDIR%%/suricatasc/__init__.py %%SC%%%%PYTHON_SITELIBDIR%%/suricatasc/__init__.pyc %%SC%%%%PYTHON_SITELIBDIR%%/suricatasc/suricatasc.py %%SC%%%%PYTHON_SITELIBDIR%%/suricatasc/suricatasc.pyc -@sample %%ETCDIR%%/suricata.yaml.sample @sample %%ETCDIR%%/classification.config.sample @sample %%ETCDIR%%/reference.config.sample +@sample %%ETCDIR%%/suricata.yaml.sample @sample %%ETCDIR%%/threshold.config.sample -%%ETCDIR%%/rules/app-layer-events.rules -%%ETCDIR%%/rules/decoder-events.rules -%%ETCDIR%%/rules/dns-events.rules -%%ETCDIR%%/rules/files.rules -%%ETCDIR%%/rules/http-events.rules -%%ETCDIR%%/rules/modbus-events.rules -%%ETCDIR%%/rules/smtp-events.rules -%%ETCDIR%%/rules/stream-events.rules -%%ETCDIR%%/rules/tls-events.rules -@dir etc/suricata/rules -@dir etc/suricata +%%DATADIR%%/rules/app-layer-events.rules +%%DATADIR%%/rules/decoder-events.rules +%%DATADIR%%/rules/dnp3-events.rules +%%DATADIR%%/rules/dns-events.rules +%%DATADIR%%/rules/files.rules +%%DATADIR%%/rules/http-events.rules +%%DATADIR%%/rules/ipsec-events.rules +%%DATADIR%%/rules/kerberos-events.rules +%%DATADIR%%/rules/modbus-events.rules +%%DATADIR%%/rules/nfs-events.rules +%%DATADIR%%/rules/ntp-events.rules +%%DATADIR%%/rules/smb-events.rules +%%DATADIR%%/rules/smtp-events.rules +%%DATADIR%%/rules/stream-events.rules +%%DATADIR%%/rules/tls-events.rules +@dir %%DATADIR%% +@dir %%ETCDIR%% +@dir include/htp @dir(root,wheel,0700) /var/log/suricata -@postunexec if [ -d %D/%%ETCDIR%% ]; then echo "==> If you are permanently removing this port, run ``rm -rf ${PKG_PREFIX}/etc/suricata`` to remove configuration files."; fi +@postunexec if [ -d %D/%%ETCDIR%% ]; then echo "==> If you are permanently removing this port, run ``rm -rf ${PKG_PREFIX}/%%ETCDIR%%`` to remove configuration files."; fi @dir %%DOCSDIR%%