aboutsummaryrefslogtreecommitdiff
path: root/security/suricata
Commit message (Collapse)AuthorAgeFilesLines
* Update to 3.2.1.Mathieu Arnold2017-03-044-9/+20
| | | | | | | | | | | | Pass maintainership to submitter. PR: 217143 Submitted by: Franco Fichtner Approved by: maintainer timeout Sponsored by: Absolight Notes: svn path=/head/; revision=435393
* Use USES=pathfix where applicable.Mathieu Arnold2016-10-211-2/+0
| | | | | | | | | | | PR: 213195 Submitted by: mat Exp-run by: antoine Sponsored by: Absolight Differential Revision: https://reviews.freebsd.org/D8093 Notes: svn path=/head/; revision=424427
* security/suricata: Update to 3.1.2Kubilay Kocak2016-10-203-7/+6
| | | | | | | | | | | | | | - Update PORTVERSION and distinfo checksum (3.1.2) - Update pkg-plist https://github.com/inliniac/suricata/blob/suricata-3.1.2/ChangeLog PR: 212815 Submitted by: Franco Fichtner <franco opnsense org> Notes: svn path=/head/; revision=424303
* devel/nspr, security/nss: drop version from SONAMEJan Beich2016-10-091-1/+1
| | | | | | | | | | | | | | | | | | | | | No other downstream appends synthetic library version, and doing so causes underlinking due to fragile build system (see below). Not to mention being unable to swap out bundled libs from upstream builds. $ cc -lplds4 -L/usr/local/lib /usr/lib/crt1.o: In function `_start1': crt1_c.c:(.text+0xa6): undefined reference to `main' /usr/local/lib/libplds4.so: undefined reference to `pthread_set_name_np' /usr/local/lib/libplds4.so: undefined reference to `pthread_create' /usr/local/lib/libplds4.so: undefined reference to `pthread_condattr_init' /usr/local/lib/libplds4.so: undefined reference to `pthread_setschedparam' /usr/local/lib/libplds4.so: undefined reference to `pthread_getschedparam' PR: 213144 Exp-run by: antoine Notes: svn path=/head/; revision=423591
* Most commonly used build systems support silent builds, when theyDmitry Marakasov2016-09-091-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | hide actual commands executed and only show short summary line (like "CC foo.c"). CMake and ninja enable this by default, some autotools using ports do as well. This is unacceptable because we need complete build logs at any time, so we now switch to verbose build logs unconditionally. Note that this change deliberately affects ALL builds and not only package builds on cluster, because we need to be sure that user experiencing failure can always provide informative build log regardless of settings and without rerunning the build. Change summary: - Always do verbose builds for cmake, ninja and GNU configure (the latter includes check if --disable-silent-rules is actually supported by the configure script; there are isolated cases when it's not true) - Remove CMAKE_VERBOSE, NINJA_VERBOSE and CONFIGURE_ARGS=--disable-silent-rules from all ports which set them for this is no longer needed - Revert hacks for --disable-silent-rules support priorly committed to biology/ncbi-blast+ and net-p2p/mldonkey - no longer needed as well Submitted by: amdmi3 Reviewed by: mat Exp-run by: antoine Approved by: portmgr (mat, antoine) Differential Revision: D7534 Notes: svn path=/head/; revision=421635
* security/suricata: Fix libpcap LIB_DEPENDSKubilay Kocak2016-08-061-1/+3
| | | | | | | | | | | | | | | | | Fix the PORTS_PCAP option LIB_DEPENDS entry ambiguously depending on net/libpcap, which should be libpcap.so.1 so as not to be satisfied with the pcap library provided by base. [1] While I'm here: - Explicitly BUILD_DEPEND on libhtp >= 0.5.20, as configure breaks when that minimum version is not available. PR: 211578 Reported by: marino [1] Notes: svn path=/head/; revision=419735
* security/suricata: Fix plist with HTP_PORT option disabledKubilay Kocak2016-08-011-2/+2
| | | | | | | | | | | | | Update pkg-plist entry for shared library version missed due to not testing with HTP_PORT disabled. Pointyhat: koobs PR: 210490 Reported by: Franco Fichtner <franco opnsense org> Notes: svn path=/head/; revision=419424
* security/suricata: Update to 3.1.1Kubilay Kocak2016-07-313-11/+11
| | | | | | | | | | | | | | | | | | * Update PORTVERSION and distinfo checksum (3.1.1) [1] * Update pkg-plist for shared library bump [2] * Use postunexec instead of unexec in pkg-plist * Group common OPTIONS_* entries * Group *_TARGET entries https://github.com/inliniac/suricata/blob/suricata-3.1.1/ChangeLog PR: 210490 [1][2] Submitted by: Stewart Morgan <stewart.morgan gmail com> [1] Submitted by: Franco Fichtner <franco opnsense org> [2] Notes: svn path=/head/; revision=419381
* Remove ${PORTSDIR}/ from dependencies, categories r, s, t, and u.Mathieu Arnold2016-04-011-11/+11
| | | | | | | | With hat: portmgr Sponsored by: Absolight Notes: svn path=/head/; revision=412349
* - Update security/gnutls to 3.4.10.Tijl Coosemans2016-03-271-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Rename the LIBDANE option DANE because that's the name of the protocol supported by libgnutls-dane and gnutls-cli. Also clarify the option description. - Add an IDN option. - libgnutls-openssl has been removed in 3.4. Some ports used this library in their LIB_DEPENDS but no port actually required it. - Some old API functions have been removed. Ports that used these have been updated or patched to use the new API. - Add a patch to print/cups to prevent overlinking of libgnutls.so. - Bump PORTREVISION on dependent ports. net-im/jabber: This port used the old API to give users fine grained control over which crypto algorithms were used via a configuration file. It's not immediately obvious how to port this to the new API so the port always uses the defaults now. www/hydra: Mark BROKEN. This uses more removed calls than the other ports, is said to be alpha quality and not fully functional and has been abandoned 10 years ago. PR: 207768 Exp-run by: antoine Approved by: portmgr (antoine) Notes: svn path=/head/; revision=411990
* Install net/libnet headers and libraries back in the location where otherTijl Coosemans2016-03-201-5/+3
| | | | | | | | | | | | ports expect it. The files were put in a different location to avoid a conflict with net/libnet10 but this port has been removed a while ago now. PR: 208122 Exp-run by: antoine Approved by: portmgr (antoine) Notes: svn path=/head/; revision=411432
* security/suricata: Add netmap IPS mode to pkg-messageKubilay Kocak2016-02-042-1/+13
| | | | | | | | PR: 206875 Submitted by: Franco Fichtner <franco opnsense org> Notes: svn path=/head/; revision=408015
* security/suricata: Update to 3.0Kubilay Kocak2016-02-022-3/+3
| | | | | | | | | | | | | | | | - Switch from DISTVERSION to PORTVERSION - Update PORTVERION and distinfo checksum (3.0) Changes: * http://suricata-ids.org/2016/01/27/suricata-3-0-available/ * https://redmine.openinfosecfoundation.org/versions/80 PR: 206690 Submitted by: Franco Fichtner <franco opnsense org> Notes: svn path=/head/; revision=407829
* security/suricata: Update to 3.0 RC3Kubilay Kocak2015-12-243-6/+6
| | | | | | | | | | | | | - Update DISTVERSION and distinfo checksum (3.0RC3) - Pet portlint (makepatch: patch UTC time) Merry Christmas All! HO HO HO PR: 205306 Submitted by: Franco Fichtner <franco opnsense org> Notes: svn path=/head/; revision=404358
* security/suricata: Add rules files, netmap startup supportKubilay Kocak2015-12-043-7/+22
| | | | | | | | | | | | - Install missing rules files [1] - Add netmap support and simplify pid file naming [2] PR: 204838 [1], 204834 [2] Submitted by: Bill Meeks <bmeeks8 bellsouth net> [1] Submitted by: Franco Fichtner <franco opnsense org> [2] Notes: svn path=/head/; revision=402907
* security/suricata: Update to 3.0 RC1Kubilay Kocak2015-11-265-300/+24
| | | | | | | | | | | | | - Update to 3.0 release candidate 1 (Welcome Netmap support!) - Update pkg-plist accordingly - Add NETMAP option (Enabled by default for packages) - Sort OPTIONS_* alphabetically - Enable verbose builds - Remove patches (upstreamed) - Update test target Notes: svn path=/head/; revision=402436
* Remove mirrors.mit.edu from MASTER_SITES, no 2.x tarball available thereRenato Botelho2015-11-231-2/+1
| | | | | | | | Approved by: koobs (maintainer) Sponsored by: Rubicon Communications (Netgate) Notes: svn path=/head/; revision=402273
* security/suricata: Update to 2.0.9Kubilay Kocak2015-10-223-6/+7
| | | | | | | | | | | | | | | | | | | | - Update PORTVERSION and distinfo checksum (2.0.9) Changes: https://github.com/inliniac/suricata/blob/suricata-2.0.9/ChangeLog While I'm here, - Standardize the length of pkg-message separators and add spaces between them and the text body. <idea> It would be cool if the ports framework could wrap these pkg-message's in standard formatting for all ports automagically</idea> Requested by: Martin Olsson (via email) Notes: svn path=/head/; revision=399967
* security/suricata: Disable -march=nativeKubilay Kocak2015-09-281-1/+2
| | | | | | | | | | | | | | | | | | | | | Suricata currently builds with GCC -march=native by default. This can create problems if, for example, packages of this port are built on ATOM servers but installed on AMD processors. In these and other cases where the build host is not equal to the target host, suricata can generate an Illegal instruction and refuse to start. It is ultimately preferable to explicitly cross-build and/or optimize compilation for target architectures and processors. See: PEP20. PR: 203296 Submitted by: Olivier Cochard <olivier cochard me> Tested by: Olivier Cochard <olivier cochard me> MFH: 2015Q3 Notes: svn path=/head/; revision=398101
* Remove BROKEN on Tier-2 systems statements which no longer true at leastAlexey Dokuchaev2015-09-201-4/+0
| | | | | | | | | | on PowerPC (verified for all of them) and some also on SPARC (whenever I was able to test those on flame.freebsd.org) and even IA64 (which should be OK to remove anyways, because it was never really supported system in ports land and was officially killed in -CURRENT a while ago. Notes: svn path=/head/; revision=397374
* security/suricata: Add PPPoE supportKubilay Kocak2015-05-132-0/+265
| | | | | | | | | | | | | Backport upstream Pull Request #1416 [1] adding support for LINKTYPE_NULL. [1] https://github.com/inliniac/suricata/pull/1416 [2] https://redmine.openinfosecfoundation.org/issues/1445 Submitted by: Bill Meeks <bmeeks8 bellsouth net> (via gnn) Notes: svn path=/head/; revision=386186
* security/suricata: Update to 2.0.8Kubilay Kocak2015-05-122-4/+3
| | | | | | | | | | | | | | | | | - Update to 2.0.8 This release fixes a bug in the DER parser which is used to decode SSL/TLS certificates and could crash Suricata [1] Security: CVE-2015-0971 Security: fe910ed6-f88d-11e4-9ae3-0050562a4d7b MFH: 2015Q2 Security: CVE-2015-0971 Security: fe910ed6-f88d-11e4-9ae3-0050562a4d7b Notes: svn path=/head/; revision=386134
* - Add JSON to OPTIONS_DEFAULT to match default configuration where eve-logAntoine Brodin2015-04-272-2/+4
| | | | | | | | | | | support is enabled - Package threshold.config configuration file PR: 197937 Approved by: koobs (maintainer) Notes: svn path=/head/; revision=384861
* - Add CPE infoDmitry Marakasov2015-04-151-1/+3
| | | | | | | Approved by: portmgr blanket Notes: svn path=/head/; revision=384068
* devel/libhtp, security/suricata: Use iconv:translitKubilay Kocak2015-01-271-2/+2
| | | | | | | | | | | | Use translit for USES=iconv, fixing a build error on specific (10-STABLE r???) versions of FreeBSD that dont contain a libiconv implementation with certain features [1] in base. PR: 196720 [1] Reported by: <trond.endrestol ximalas info> Notes: svn path=/head/; revision=377991
* security/suricata: Update to 2.0.6, add lots of OPTIONSKubilay Kocak2015-01-184-27/+77
| | | | | | | | | | | | | | | | | | | | | | | | - Update to 2.0.6 - Update pkg-plist - Add LICENSE_FILE - Add OPTIONS for: * LUA scripting support * LUAjit scripting support * Suricata socket client - Fix a reverse logic bug for JSON option - Suricata links to nspr as a dependent of nss, add it to LIB_DEPENDS - Create LOGS_DIR post-install - Add patch to fix upstream issue 1353 [1] [1] https://redmine.openinfosecfoundation.org/issues/1353 PR: 196801 Submitted by: cheffo freebsd-bg org (with changes) Notes: svn path=/head/; revision=377282
* security/suricata: Update to 2.0.5, Add NSS supportKubilay Kocak2014-12-223-53/+72
| | | | | | | | | | | | | | | | | | | | | - Update to 2.0.5 - Add NSS option for file checksum and fingerprint support [1] - Add default rules files [1] - Add USES=autoreconf, remove USE_AUTOTOOLS and friends - Override PATHFIX_MAKEFILEIN - Use the install-strip target - Fix HTP_PORT_CONFLICT_OFF typo (CONFLICT*S*) - USES=iconv when using the bundled HTP version - Cleanup and fix OPTION descriptions - Sort OPTIONS and helpers - Use the existing NO_HTP_PORT variable in pkg-plist (OPTIONS_SUB), remove MHTP_PORT conditional accordingly PR: 194953 [1] Submitted by: Bill Meeks <bmeeks8 bellsouth net> [1] Notes: svn path=/head/; revision=375243
* - Update suricata to 2.0.4 [1]Renato Botelho2014-11-113-12/+49
| | | | | | | | | | | | | | | | - Added JSON knob - this allows Suricata to be compiled with JSON output support - Added GEOIP knob - this allows Suricata to support rules with geoip word - Added HTP_PORT knob - this make the use of www/libhtp-suricata optional. E.g. user can choose between build-in and port version. - Unbreak PLIST renaming sample files from -sample to .sample PR: 193220 [1] Submitted by: cheffo [1] Approved by: maintainer timeout (> 2 months) Security: CVE-2014-6603 Notes: svn path=/head/; revision=372453
* Simplify plist by using @sample and @dirBaptiste Daroussin2014-10-311-14/+4
| | | | Notes: svn path=/head/; revision=371859
* security/suricata: Update to 2.0.3, ModernizeKubilay Kocak2014-08-234-46/+122
| | | | | | | | | | | | | | | | | | | | | | | | | | | Now that libprelude is safe from EXPIRE and has been staged [1], and devel/libhtp now *actually* links against libiconv even though autoconf detection was fine [2] ... Have fun! - Update to 2.0.3 - Switch libhtp to the upstream version port (devel/libhtp) - Use USES=libtool - Use OPTIONS helpers and other OPTIONS_* goodies - Sort USE(S)* section - Deprecate USE_AUTOTOOLS (USES instead) - Deprecate AUTOMAKE_ARGS, ACLOCAL_ARGS (no longer necessary) - Update COMMENT - Add m4 macro for checking compiler flags and add relevent check to configure.ac. Our GCC doesn't like -Wno-error=unused-result and upstreams configure bits arent as portable as they could be. [1] http://svnweb.freebsd.org/changeset/ports/365562 [2] http://svnweb.freebsd.org/changeset/ports/364955 Requested by: many Notes: svn path=/head/; revision=365723
* security/libprelude: Take MAINTAINER'ship, STAGE & ModernizeKubilay Kocak2014-08-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | - Take Maintainership - Enable STAGE support - Tweak MASTER_SITES https -> http (portlint) - Add LICENSE and LICENSE_FILE - Deprecate USE_AUTOTOOLS for libtool (-> USES) - Sort USES and OPTIONS - Use OPTIONS helpers as much as possible for now [1] - Add --enable-static to CONFIGURE_ARGS to retain the static lib - Assign and Use ETCDIR rather than hardcoding - Use the install-strip install target - Update pkg-plist, use @sample and other goodies While I'm here, bump dependent ports since our SHLIB major version has changed [1] https://reviews.freebsd.org/D665 Approved by: portmgr (implicit, bump unstaged port) Notes: svn path=/head/; revision=365562
* Fix some non default LIB_DEPENDSBaptiste Daroussin2014-07-161-2/+2
| | | | | | | With hat: portmgr Notes: svn path=/head/; revision=362053
* - Convert net/libnet to USES=libtool and bump dependent portsTijl Coosemans2014-07-141-1/+1
| | | | | | | | | - Add INSTALL_TARGET=install-strip Approved by: portmgr (implicit, bump unstaged port) Notes: svn path=/head/; revision=361791
* security/suricata: Remove unsupported DAG (Endace Capture) OPTIONKubilay Kocak2013-12-051-8/+2
| | | | | | | | | | | | | | This OPTION is non-functional as it requires hardware support and libdag from Endace, which is not available in, nor recommended to be built via the ports tree. This OPTION also incorrectly added CONFIGURE_ARGS without adding any LIB_DEPENDS, which broke configure: during build when the option was enabled. Reported by: mat (via pkg-fallout, via IRC) Notes: svn path=/head/; revision=335661
* security/suricata: Update to 1.4.6, Switch to libhtp-suricata, Un-BROKEN Clang.Kubilay Kocak2013-11-175-120/+85
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Update to 1.4.6 - Switch to the correct library in www/libhtp-suricata - Take maintainership - Enable STAGE support - Remove uneccessary patches - Configure: Add libhtp include and library location - Configure: Add /var to --localstatedir - Configure: Disable Python support explicitly - QA: Remove BROKEN with clang - QA: Update to new LIB_DEPENDS format - QA: Use ETCDIR instead of custom path for CONFIG_DIR and RULES_DIR - QA: Replace hardcoded strings with ${PORTNAME} - QA: Add documentation and %%DOCSDIR%% to pkg-plist - QA: Add TESTS option to include unit tests in binary - QA: Add regression-test target (TMPDIR is not prefix safe) - QA: Replace USE_GMAKE with USES=gmake - QA: Remove automake from USE_AUTOTOOLS - QA: Remove LICENSE_FILE for those listed in bsd.licenses.db.mk - QA: Remove post-patch target - QA: Sort USE/USES and combine LIB_DEPENDS - QA: Clarify and tweak OPTIONS descriptions Reviewed by: wxs, mva, Johannes Meixner Approved by: wxs (maintainer) Notes: svn path=/head/; revision=334051
* Add NO_STAGE all over the place in preparation for the staging support (cat: ↵Baptiste Daroussin2013-09-201-0/+1
| | | | | | | security) Notes: svn path=/head/; revision=327769
* Take this port under my wing.Wesley Shields2013-04-301-1/+1
| | | | Notes: svn path=/head/; revision=316970
* - Back to the poolRyan Steinmetz2013-04-281-1/+1
| | | | Notes: svn path=/head/; revision=316727
* Finish converting the whole ports tree to USES=pkgconfigBaptiste Daroussin2013-04-231-1/+1
| | | | Notes: svn path=/head/; revision=316355
* - update libnet to 1.1.6Dirk Meyer2013-02-181-2/+2
| | | | | | | | | - build shared lib - fix dependend ports when libnet.so.8 was linked in - fix dependend ports when includes where missing Notes: svn path=/head/; revision=312526
* Bump ports affected by security/libprelude updatePawel Pekala2012-12-151-6/+2
| | | | Notes: svn path=/head/; revision=308972
* Update PCRE to 8.32Martin Matuska2012-12-101-0/+1
| | | | | | | | Introduces the UTF-32 library pcre32 Bump PORTREVISION in dependent ports Notes: svn path=/head/; revision=308630
* - Update to 1.3.4Ryan Steinmetz2012-11-182-3/+3
| | | | | | | Feature safe: yes Notes: svn path=/head/; revision=307528
* - Update to 1.3.3Ryan Steinmetz2012-11-022-3/+3
| | | | | | | Feature safe: yes Notes: svn path=/head/; revision=306882
* - Update to 1.3.2Ryan Steinmetz2012-10-104-6/+58
| | | | Notes: svn path=/head/; revision=305642
* - Update to 1.3.1Ryan Steinmetz2012-09-062-4/+3
| | | | Notes: svn path=/head/; revision=303732
* - Add in workaround for compatibility with libhtp >= 0.3Ryan Steinmetz2012-09-062-0/+12
| | | | | | | - Bump PORTREVISION Notes: svn path=/head/; revision=303731
* new devel/pkgconf added to replace devel/pkg-config. new version of pkg-configBaptiste Daroussin2012-07-261-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | are no more self hosting so we are stuck with 0.25 version while pkgconf provide the same set of features as 0.27 and a compatible frontend. A symlink to pkg-config has been added for convenience and compatibility This also introduces a new macro to use pkgconf in your ports: USE_PKGCONFIG it can take the following arguments: - yes (meaning build only dep) - build (meaning build only dep) - run (meaning run only dep) - both (meaning run and build dep) From now USE_GNOME= pkgconfig is deprecated in favour of USE_PKGCONFIG The old gnome macro has been modified to use pkgconf but still the sameway: run and build dep to avoid large breakage. While here fix some ports relying on pkg-config but not specifying it, fix some ports broken because testing wrong .pc files, and fix ports using pkg-config --version to determine pkg-config version instead of pkg-config --modversion pkg-config like recommanded by pkg-config With Hat: portmgr Exp-runs by: bapt (pointhat-west), beat (pointyhat) Notes: svn path=/head/; revision=301539
* - Mark BROKEN when compiling with clangRyan Steinmetz2012-07-161-0/+4
| | | | Notes: svn path=/head/; revision=300941
* - Update to 1.3Ryan Steinmetz2012-07-112-17/+19
| | | | | | | - Convert to OptionsNG Notes: svn path=/head/; revision=300749
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-21 07:24:31 +0000