Just FYI. This and the other two are in the queue, I'll look at them later today or tomorrow at the latest. I just didn't want you to be concerned something was lost.
-J. [[oe] [meta-networking][PATCH v3 1/3] snort: add recipe] On 13.11.04 (Mon 10:39) b40...@freescale.com wrote: > From: Chunrong Guo <b40...@freescale.com> > > *snort - a free lightweight network intrusion detection > system for UNIX and Windows > > Signed-off-by: Chunrong Guo <b40...@freescale.com> > --- > .../snort/files/disable-dap-address-space-id.patch | 52 +++++++++ > .../snort/files/disable-inaddr-none.patch | 75 ++++++++++++++ > .../recipes-connectivity/snort/files/snort.init | 109 > ++++++++++++++++++++ > .../recipes-connectivity/snort/snort_2.9.4.6.bb | 71 +++++++++++++ > 4 files changed, 307 insertions(+), 0 deletions(-) > create mode 100644 > meta-networking/recipes-connectivity/snort/files/disable-dap-address-space-id.patch > create mode 100644 > meta-networking/recipes-connectivity/snort/files/disable-inaddr-none.patch > create mode 100644 > meta-networking/recipes-connectivity/snort/files/snort.init > create mode 100644 > meta-networking/recipes-connectivity/snort/snort_2.9.4.6.bb > > diff --git > a/meta-networking/recipes-connectivity/snort/files/disable-dap-address-space-id.patch > > b/meta-networking/recipes-connectivity/snort/files/disable-dap-address-space-id.patch > new file mode 100644 > index 0000000..39e5c9c > --- /dev/null > +++ > b/meta-networking/recipes-connectivity/snort/files/disable-dap-address-space-id.patch > @@ -0,0 +1,52 @@ > +Upstream-Status:Inappropriate [embedded specific] > + > +fix the below error: > +checking for dap address space id... configure: > +configure: error: cannot run test program while cross compiling > + > + > +Signed-off-by: Chunrong Guo <b40...@freescale.com> > + > +--- a/configure.in 2013-08-23 00:06:37.239361932 -0500 > ++++ b/configure.in 2013-08-23 00:07:32.860266534 -0500 > +@@ -679,23 +679,23 @@ > + > + AC_CHECK_FUNCS([daq_hup_apply] [daq_acquire_with_meta]) > + > +-AC_MSG_CHECKING([for daq address space ID]) > +-AC_RUN_IFELSE( > +-[AC_LANG_PROGRAM( > +-[[ > +-#include <daq.h> > +-]], > +-[[ > +- DAQ_PktHdr_t hdr; > +- hdr.address_space_id = 0; > +-]])], > +-[have_daq_address_space_id="yes"], > +-[have_daq_address_space_id="no"]) > +-AC_MSG_RESULT($have_daq_address_space_id) > +-if test "x$have_daq_address_space_id" = "xyes"; then > +- AC_DEFINE([HAVE_DAQ_ADDRESS_SPACE_ID],[1], > +- [DAQ version supports address space ID in header.]) > +-fi > ++#AC_MSG_CHECKING([for daq address space ID]) > ++#AC_RUN_IFELSE( > ++#[AC_LANG_PROGRAM( > ++#[[ > ++##include <daq.h> > ++#]], > ++#[[ > ++# DAQ_PktHdr_t hdr; > ++# hdr.address_space_id = 0; > ++#]])], > ++have_daq_address_space_id="yes" > ++#[have_daq_address_space_id="no"]) > ++#AC_MSG_RESULT($have_daq_address_space_id) > ++#if test "x$have_daq_address_space_id" = "xyes"; then > ++# AC_DEFINE([HAVE_DAQ_ADDRESS_SPACE_ID],[1], > ++# [DAQ version supports address space ID in header.]) > ++#fi > + > + # any sparc platform has to have this one defined. > + AC_MSG_CHECKING(for sparc) > diff --git > a/meta-networking/recipes-connectivity/snort/files/disable-inaddr-none.patch > b/meta-networking/recipes-connectivity/snort/files/disable-inaddr-none.patch > new file mode 100644 > index 0000000..9dafe63 > --- /dev/null > +++ > b/meta-networking/recipes-connectivity/snort/files/disable-inaddr-none.patch > @@ -0,0 +1,75 @@ > +Upstream-Status: Inappropriate [embedded specific] > + > +fix the below error: > +checking for INADDR_NONE... configure: > +configure: error: cannot run test program while cross compiling > + > +Signed-off-by: Chunrong Guo <b40...@freescale.com> > + > + > +--- a/configure.in 2013-08-21 03:56:17.197414789 -0500 > ++++ b/configure.in 2013-08-21 23:19:05.298553560 -0500 > +@@ -281,25 +281,7 @@ > + AC_CHECK_TYPES([boolean]) > + > + # In case INADDR_NONE is not defined (like on Solaris) > +-have_inaddr_none="no" > +-AC_MSG_CHECKING([for INADDR_NONE]) > +-AC_RUN_IFELSE( > +-[AC_LANG_PROGRAM( > +-[[ > +-#include <sys/types.h> > +-#include <netinet/in.h> > +-#include <arpa/inet.h> > +-]], > +-[[ > +- if (inet_addr("10,5,2") == INADDR_NONE); > +- return 0; > +-]])], > +-[have_inaddr_none="yes"], > +-[have_inaddr_none="no"]) > +-AC_MSG_RESULT($have_inaddr_none) > +-if test "x$have_inaddr_none" = "xno"; then > +- AC_DEFINE([INADDR_NONE],[-1],[For INADDR_NONE definition]) > +-fi > ++have_inaddr_none="yes" > + > + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ > + #include <stdio.h> > +@@ -397,21 +379,21 @@ > + fi > + fi > + > +-AC_MSG_CHECKING([for pcap_lex_destroy]) > +-AC_RUN_IFELSE( > +-[AC_LANG_PROGRAM( > +-[[ > +-#include <pcap.h> > +-]], > +-[[ > +- pcap_lex_destroy(); > +-]])], > +-[have_pcap_lex_destroy="yes"], > +-[have_pcap_lex_destroy="no"]) > +-AC_MSG_RESULT($have_pcap_lex_destroy) > +-if test "x$have_pcap_lex_destroy" = "xyes"; then > +- AC_DEFINE([HAVE_PCAP_LEX_DESTROY],[1],[Can cleanup lex buffer stack > created by pcap bpf filter]) > +-fi > ++#AC_MSG_CHECKING([for pcap_lex_destroy]) > ++#AC_RUN_IFELSE( > ++#[AC_LANG_PROGRAM( > ++#[[ > ++##include <pcap.h> > ++#]], > ++#[[ > ++# pcap_lex_destroy(); > ++#]])], > ++have_pcap_lex_destroy="yes" > ++#[have_pcap_lex_destroy="no"]) > ++#AC_MSG_RESULT($have_pcap_lex_destroy) > ++#if test "x$have_pcap_lex_destroy" = "xyes"; then > ++# AC_DEFINE([HAVE_PCAP_LEX_DESTROY],[1],[Can cleanup lex buffer stack > created by pcap bpf filter]) > ++#fi > + > + AC_MSG_CHECKING([for pcap_lib_version]) > + AC_LINK_IFELSE( > diff --git a/meta-networking/recipes-connectivity/snort/files/snort.init > b/meta-networking/recipes-connectivity/snort/files/snort.init > new file mode 100644 > index 0000000..91cb343 > --- /dev/null > +++ b/meta-networking/recipes-connectivity/snort/files/snort.init > @@ -0,0 +1,109 @@ > +#!/bin/sh > +# > +# Snort Startup Script modified for OpenEmbedded > +# > + > +# Script variables > + > +LAN_INTERFACE="$2" > +RETURN_VAL=0 > +BINARY=/usr/bin/snort > +PATH=/bin:/usr/bin > +PID=/var/run/snort_${LAN_INTERFACE}_ids.pid > +DEL_PID=$PID > +LOGDIR="/var/log/snort" > +DATE=`/bin/date +%Y%m%d` > +CONFIG_FILE=/etc/snort/snort.conf > +PROG=snort > +USER=root > +GROUP=root > + > +if [ ! -x "$BINARY" ]; then > + echo "ERROR: $BINARY not found." > + exit 1 > +fi > + > > +if [ ! -r "$CONFIG_FILE" ]; then > + echo "ERROR: $CONFIG_FILE not found." > + exit 1 > +fi > + > +start() > +{ > + > + [ -n "$LAN_INTERFACE" ] || return 0 > + # Check if log diratory is present. Otherwise, create it. > + if [ ! -d $LOGDIR/$DATE ]; then > + mkdir -d $LOGDIR/$DATE > + /bin/chown -R $USER:$USER $LOGDIR/$DATE > + /bin/chmod -R 700 $LOGDIR/$DATE > + fi > + > + /bin/echo "Starting $PROG: " > + # Snort parameters > + # -D Run Snort in background (daemon) mode > + # -i <if> Listen on interface <if> > + # -u <uname> Run snort uid as <uname> user (or uid) > + # -g <gname> Run snort uid as <gname> group (or gid) > + # -c Load configuration file > + # -N Turn off logging (alerts still work) (removed to enable logging) :) > + # -l Log to directory > + # -t Chroots process to directory after initialization > + # -R <id> Include 'id' in snort_intf<id>.pid file name > + > + $BINARY -D -i $LAN_INTERFACE -u $USER -g $GROUP -c $CONFIG_FILE -l > $LOGDIR/$DATE -t $LOGDIR/$DATE -R _ids > + /bin/echo "$PROG startup complete." > + return $RETURN_VAL > +} > + > +stop() > +{ > + if [ -s $PID ]; then > + /bin/echo "Stopping $PROG with PID `cat $PID`: " > + kill -TERM `cat $PID` 2>/dev/null > + RETURN_VAL=$? > + /bin/echo "$PROG shutdown complete." > + [ -e $DEL_PID ] && rm -f $DEL_PID > + [ -e $DEL_PID.lck ] && rm -f $DEL_PID.lck > + else > + /bin/echo "ERROR: PID in $PID file not found." > + RETURN_VAL=1 > + fi > + return $RETURN_VAL > +} > + > +status() { > + if [ -s $PID ]; then > + echo "$PROG is running as pid `cat $PID`:" > + else > + echo "$PROG is not running." > + fi > +} > + > +restart() > +{ > + stop > + start > + RETURN_VAL=$? > + return $RETURN_VAL > +} > + > +case "$1" in > + start) > + start > + ;; > + stop) > + stop > + ;; > + status) > + status > + ;; > + restart|reload) > + restart > + ;; > + *) > + /bin/echo "Usage: $0 {start|stop|status|restart|reload}" > + RETURN_VAL=1 > +esac > + > +exit $RETURN_VAL > diff --git a/meta-networking/recipes-connectivity/snort/snort_2.9.4.6.bb > b/meta-networking/recipes-connectivity/snort/snort_2.9.4.6.bb > new file mode 100644 > index 0000000..829146d > --- /dev/null > +++ b/meta-networking/recipes-connectivity/snort/snort_2.9.4.6.bb > @@ -0,0 +1,71 @@ > +DESCRIPTION = "snort - a free lightweight network intrusion detection system > for UNIX and Windows." > +HOMEPAGE = "http://www.snort.org/" > +LICENSE = "GPL-2.0" > +LIC_FILES_CHKSUM = "file://COPYING;md5=78fa8ef966b48fbf9095e13cc92377c5" > + > +DEPENDS = "libpcap libpcre daq libdnet" > + > + > +SRC_URI = " ${GENTOO_MIRROR}/${BP}.tar.gz;name=tarball \ > + file://snort.init \ > + file://disable-inaddr-none.patch \ > + file://disable-dap-address-space-id.patch " > + > +SRC_URI[tarball.md5sum] = "4111df01a4f21bd1d328a18b76d625bd" > +SRC_URI[tarball.sha256sum] = > "cfaa5390b1840aaaa68a6c05a7077dd92cb916e6186a014baa451d43cdb0b3bc" > + > +inherit autotools gettext update-rc.d > + > +INITSCRIPT_NAME = "snort" > +INITSCRIPT_PARAMS = "defaults" > + > +EXTRA_OECONF = " \ > + --enable-gre \ > + --enable-linux-smp-stats \ > + --enable-reload \ > + --enable-reload-error-restart \ > + --enable-targetbased \ > + --disable-static-daq \ > + " > + > +do_install_append() { > + install -d ${D}/${sysconfdir}/snort/rules > + install -d ${D}/${sysconfdir}/snort/preproc_rules > + install -d ${D}${sysconfdir}/init.d > + for i in map config conf dtd; do > + cp ${S}/etc/*.$i ${D}/${sysconfdir}/snort/ > + done > + cp ${S}/preproc_rules/*.rules ${D}/${sysconfdir}/snort/preproc_rules/ > + install -m 755 ${WORKDIR}/snort.init ${D}/${sysconfdir}/init.d/snort > + mkdir -p ${D}/${localstatedir}/log/snort > + install -d ${D}/var/log/snort > +} > + > +FILES_${PN} += " \ > + ${libdir}/snort_dynamicengine/*.so.* \ > + ${libdir}/snort_dynamicpreprocessor/*.so.* \ > + ${libdir}/snort_dynamicrules/*.so.* \ > + " > +FILES_${PN}-dbg += " \ > + ${libdir}/snort_dynamicengine/.debug \ > + ${libdir}/snort_dynamicpreprocessor/.debug \ > + ${libdir}/snort_dynamicrules/.debug \ > + " > +FILES_${PN}-staticdev += " \ > + ${libdir}/snort_dynamicengine/*.a \ > + ${libdir}/snort_dynamicpreprocessor/*.a \ > + ${libdir}/snort_dynamicrules/*.a \ > + ${libdir}/snort/dynamic_preproc/*.a \ > + ${libdir}/snort/dynamic_output/*.a \ > + " > +FILES_${PN}-dev += " \ > + ${libdir}/snort_dynamicengine/*.la \ > + ${libdir}/snort_dynamicpreprocessor/*.la \ > + ${libdir}/snort_dynamicrules/*.la \ > + ${libdir}/snort_dynamicengine/*.so \ > + ${libdir}/snort_dynamicpreprocessor/*.so \ > + ${libdir}/snort_dynamicrules/*.so \ > + ${prefix}/src/snort_dynamicsrc \ > + " > + > +RRECOMMENDS_${PN} += "barnyard2" -- -Joe MacDonald. :wq
signature.asc
Description: Digital signature
_______________________________________________ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel