aboutsummaryrefslogtreecommitdiff
path: root/security/zeek/Makefile
blob: 1f01fc9b8ff8ee5d54ecc172bb2e90705ebcea30 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
PORTNAME=	zeek
DISTVERSION=	5.0.6
CATEGORIES=	security
MASTER_SITES=	https://download.zeek.org/
DISTFILES=	${DISTNAME}${EXTRACT_SUFX}

MAINTAINER=	leres@FreeBSD.org
COMMENT=	System for detecting network intruders in real-time
WWW=		https://www.zeek.org/

LICENSE=	BSD3CLAUSE

BROKEN_FreeBSD_12_powerpc64=	does not build: error: zero-size array 'names'

BUILD_DEPENDS=	bison>=3.3:devel/bison \
		cmake>=3.15.0:devel/cmake \
		flex>=2.6:textproc/flex \
		swig>=4.0.2:devel/swig
LIB_DEPENDS=	libcares.so:dns/c-ares
RUN_DEPENDS=	c-ares>=1.18.1:dns/c-ares

USES=		bison cmake compiler:c++17-lang cpe gettext-runtime perl5 \
		python shebangfix ssl

USE_LDCONFIG=	yes

BINARY_ALIAS=	python3=${PYTHON_CMD}

PORTSCOUT=	limit:0,even

CXXFLAGS_powerpc64=	-mpower8-vector

SHEBANG_FILES=	auxil/zeekctl/auxil/trace-summary/trace-summary

SUB_FILES=	pkg-message
NO_MTREE=	yes

CMAKE_ON=	BROKER_DISABLE_DOC_EXAMPLES BROKER_DISABLE_TESTS \
		BUILD_SHARED_LIBS BUILD_STATIC_BROKER INSTALL_AUX_TOOLS
CMAKE_ARGS=	-DCARES_ROOT_DIR:PATH=${PREFIX} \
		-DCMAKE_EXE_LINKER_FLAGS="${OPENSSL_LDFLAGS}" \
		-DPY_MOD_INSTALL_DIR:PATH=${PREFIX}/lib/zeekctl \
		-DZEEK_ETC_INSTALL_DIR:PATH=${PREFIX}/etc \
		-DZEEK_MAN_INSTALL_PATH=${MANPREFIX}/man \
		-DZEEK_ROOT_DIR:PATH=${PREFIX} \
		-DZEEK_SCRIPT_INSTALL_PATH:PATH=${PREFIX}/share/zeek

ZEEKUSER?=	zeek
ZEEKGROUP?=	zeek
PLIST_SUB+=	ARCH=${UNAME_M} \
		LCASE_OPSYS=${OPSYS:tl} \
		ZEEKGROUP=${ZEEKGROUP} \
		ZEEKUSER=${ZEEKUSER}

USERS=		${ZEEKUSER}
GROUPS=		${ZEEKGROUP}

OPTIONS_DEFINE=	GEOIP2 IPSUMDUMP LBL_CF LBL_HF NETMAP PERFTOOLS SPICY ZEEKCTL \
		ZKG

OPTIONS_SINGLE=			BUILD_TYPE
OPTIONS_SINGLE_BUILD_TYPE=	DEBUG MINSIZEREL RELEASE RELWITHDEBINFO

OPTIONS_DEFAULT=	GEOIP2 IPSUMDUMP LBL_CF LBL_HF NETMAP RELEASE ZEEKCTL \
			ZKG
OPTIONS_DEFAULT_aarch64=	SPICY
OPTIONS_DEFAULT_amd64=	SPICY
OPTIONS_DEFAULT_armv6=	SPICY
OPTIONS_DEFAULT_armv7=	SPICY
OPTIONS_DEFAULT_i386=	SPICY
OPTIONS_SUB=		yes

DEBUG_DESC=		Optimizations off, debug symbols/flags on
GEOIP2_DESC=		Build with GeoIP2 (MaxMindDB) support
IPSUMDUMP_DESC=		Enables traffic summaries
LBL_CF_DESC=		Unix time to formated time/date filter support
LBL_HF_DESC=		Address to hostname filter support
MINSIZEREL_DESC=	Optimizations on, debug symbols/flags off
NETMAP_DESC=		Native Netmap Packet IOSource for Zeek
PERFTOOLS_DESC=		Use Perftools to improve memory & CPU usage
RELEASE_DESC=		Optimizations on, debug symbols/flags off
RELWITHDEBINFO_DESC=	Optimizations/debug symbols on, debug flags off
SPICY_DESC=		Enable the Spicy parser generator
ZEEKCTL_DESC=		ZeekControl support (implies IPSUMDUMP)
ZKG_DESC=		Zeek package manager support

ZEEKCTL_IMPLIES=	IPSUMDUMP

GEOIP2_LIB_DEPENDS=		libmaxminddb.so:net/libmaxminddb
IPSUMDUMP_BUILD_DEPENDS=	ipsumdump:net/ipsumdump
IPSUMDUMP_RUN_DEPENDS=		ipsumdump:net/ipsumdump
LBL_CF_RUN_DEPENDS=		${LOCALBASE}/bin/cf:sysutils/lbl-cf
LBL_HF_RUN_DEPENDS=		${LOCALBASE}/bin/hf:sysutils/lbl-hf
NETMAP_GH_TUPLE=		zeek:zeek-netmap:v2.0.0:zeek_netmap
NETMAP_USE=			GITHUB=nodefault
PERFTOOLS_BUILD_DEPENDS=	${LOCALBASE}/bin/perftools-pprof:devel/google-perftools
PERFTOOLS_CMAKE_BOOL=		ENABLE_PERFTOOLS
PERFTOOLS_RUN_DEPENDS=		${LOCALBASE}/bin/perftools-pprof:devel/google-perftools
SPICY_CMAKE_OFF=		-DDISABLE_SPICY=ON
ZEEKCTL_BUILD_DEPENDS=		${LOCALBASE}/bin/bash:shells/bash \
				${PYTHON_PKGNAMEPREFIX}sqlite3>0:databases/py-sqlite3@${PY_FLAVOR}
ZEEKCTL_CMAKE_BOOL=		INSTALL_ZEEKCTL
ZEEKCTL_RUN_DEPENDS=		${LOCALBASE}/bin/bash:shells/bash \
				${PYTHON_PKGNAMEPREFIX}sqlite3>0:databases/py-sqlite3@${PY_FLAVOR}
ZKG_RUN_DEPENDS=		${PYTHON_PKGNAMEPREFIX}zkg>=2.7.1:security/py-zkg@${PY_FLAVOR}
.include <bsd.port.options.mk>

.if ${PORT_OPTIONS:MDEBUG}
CMAKE_BUILD_TYPE=	Debug
STRIP=
.elif ${PORT_OPTIONS:MMINSIZEREL}
CMAKE_BUILD_TYPE=	MinSizeRel
.elif ${PORT_OPTIONS:MRELEASE}
CMAKE_BUILD_TYPE=	Release
.elif ${PORT_OPTIONS:MRELWITHDEBINFO}
CMAKE_BUILD_TYPE=	RelWithDebInfo
STRIP=
.endif

.if ${PORT_OPTIONS:MZEEKCTL}
USE_RC_SUBR=	zeek
.endif

post-extract:
	@${RM} -rf ${WRKSRC}/auxil/c-ares

post-patch:
	${REINPLACE_CMD} -e '\|/usr/local/|s|$$| ${STAGEDIR}${PREFIX}/|' \
	    ${WRKSRC_zeek_netmap}/cmake/FindNetmap.cmake

post-install-ZEEKCTL-on:
	${MKDIR} ${STAGEDIR}${PREFIX}/logs
	${MKDIR} ${STAGEDIR}${PREFIX}/spool/tmp
	${MKDIR} ${STAGEDIR}${PREFIX}/spool/installed-scripts-do-not-touch/auto
	${MKDIR} ${STAGEDIR}${PREFIX}/spool/installed-scripts-do-not-touch/site
.for F in zeekctl.cfg networks.cfg node.cfg
	${MV} ${STAGEDIR}${PREFIX}/etc/${F} ${STAGEDIR}${PREFIX}/etc/${F}.sample
.endfor
	${RM} ${STAGEDIR}${PREFIX}/share/zeekctl/scripts/zeekctl-config.sh
	${LN} -s ../../../spool/zeekctl-config.sh \
	    ${STAGEDIR}${PREFIX}/share/zeekctl/scripts/zeekctl-config.sh

post-install:
	${MV} ${STAGEDIR}${DATADIR}/site/local.zeek \
	    ${STAGEDIR}${DATADIR}/site/local.zeek.sample
	@${RM} -rf ${STAGEDIR}${PREFIX}/var
	@${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/zeek-cut

post-install-SPICY-on:
	@${RM} -rf ${STAGEDIR}${PREFIX}/include/hilti/rt/3rdparty/SafeInt/Archive
	@${RM} -rf ${STAGEDIR}${PREFIX}/include/hilti/rt/3rdparty/SafeInt/Test
	@${RMDIR} ${STAGEDIR}${PREFIX}/include/zeek/builtin-plugins/spicy-plugin/bin
	@${RMDIR} ${STAGEDIR}${PREFIX}/include/zeek/builtin-plugins/spicy-plugin/cmake
	@${RM} -rf ${STAGEDIR}${PREFIX}/include/zeek/builtin-plugins/spicy-plugin/include
	@${RMDIR} ${STAGEDIR}${PREFIX}/include/zeek/builtin-plugins/spicy-plugin/spicy
	@${RM} -rf ${STAGEDIR}${PREFIX}/include/zeek/builtin-plugins/spicy-plugin/src
	@${RM} -rf ${STAGEDIR}${PREFIX}/include/zeek/builtin-plugins/spicy-plugin/tests
	@${RMDIR} ${STAGEDIR}${PREFIX}/include/zeek/script_opt/CPP/maint
	@${RMDIR} ${STAGEDIR}${PREFIX}/lib/zeek-spicy/modules

pre-install-ZEEKCTL-on:
	${MKDIR} ${STAGEDIR}${PREFIX}/etc/rc.d

post-install-NETMAP-on:
	${MKDIR} ${WRKDIR}/zeek-bin
	${CP} ${STAGEDIR}${PREFIX}/bin/zeek-config ${WRKDIR}/zeek-bin
	${REINPLACE_CMD} -e 's|${PREFIX}|${STAGEDIR}${PREFIX}|g' \
	    ${WRKDIR}/zeek-bin/zeek-config
	cd ${WRKSRC_zeek_netmap} && ${SETENV} PATH=${WRKDIR}/zeek-bin:${PATH} \
	    ./configure --with-netmap=/usr \
	    --install-root=${STAGEDIR}${PREFIX}/lib/zeek/plugins
	cd ${WRKSRC_zeek_netmap}/build && make && make install
	@${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/zeek/plugins/Zeek_Netmap/lib/Zeek-Netmap.freebsd-${UNAME_M}.so

.include <bsd.port.pre.mk>

# Would like to use ARCH (uname -p) but it's not always correct (e.g. arm64)
UNAME_M!=	${UNAME} -m

.include <bsd.port.post.mk>