66include $(TOPDIR ) /rules.mk
77
88PKG_NAME: =snort3
9- PKG_VERSION: =3.9.5 .0
10- PKG_RELEASE: =6
9+ PKG_VERSION: =3.10.0 .0
10+ PKG_RELEASE: =1
1111
1212PKG_SOURCE: =$(PKG_NAME ) -$(PKG_VERSION ) .tar.gz
1313PKG_SOURCE_URL: =https://codeload.github.com/snort3/snort3/tar.gz/$(PKG_VERSION ) ?
14- PKG_HASH: =e2e36a8db2c4c26a6ff58ea58839339260319eba25d0eb901ddb7210f4fa4b4c
14+ PKG_HASH: =fbd6619e612998330f8459486158a3ea571473218628d9011982aaf238e480e2
1515
1616PKG_MAINTAINER: =W. Michael Petullo <mike@flyn.org>, John Audia <therealgraysky@proton.me>
1717PKG_LICENSE: =GPL-2.0-only
@@ -28,8 +28,9 @@ define Package/snort3
2828 DEPENDS:=+libstdcpp +libdaq3 +libdnet +libopenssl +libpcap +libpcre2 \
2929 +libpthread +libuuid +zlib +libhwloc +USE_MUSL:libtirpc @HAS_LUAJIT_ARCH +luajit +libatomic \
3030 +kmod-nft-queue +liblzma +ucode +ucode-mod-fs +ucode-mod-uci \
31- +PACKAGE_gperftools-runtime:gperftools-runtime \
32- +PACKAGE_hyperscan-runtime:hyperscan-runtime
31+ +PACKAGE_gperftools:gperftools \
32+ +PACKAGE_vectorscan:vectorscan
33+ USERID:=snort=975:snort=975
3334 TITLE:=Lightweight Network Intrusion Detection System
3435 URL:=http://www.snort.org/
3536 MENU:=1
@@ -41,6 +42,14 @@ define Package/snort3/description
4142 and packet logging on IP networks. It utilizes a combination of protocol
4243 analysis and pattern matching in order to detect anomalies, misuse and
4344 attacks.
45+
46+ Note:
47+ When compiling from source, and if your target supports them, optionally
48+ enable runtime dependencies for improved performance:
49+ - gperftools
50+ - vectorscan
51+ These are not enabled by default and must be manually selected in menuconfig
52+ to take advantage of their benefits.
4453endef
4554
4655CMAKE_OPTIONS += \
@@ -57,9 +66,9 @@ CMAKE_OPTIONS += \
5766 -DMAKE_TEXT_DOC:BOOL=NO \
5867 -DHAVE_LIBUNWIND=OFF \
5968 -DHAVE_LZMA=ON \
60- -DENABLE_TCMALLOC=$(if $(CONFIG_PACKAGE_gperftools-runtime ) ,ON,OFF) \
61- -DENABLE_HYPERSCAN=$(if $(CONFIG_PACKAGE_hyperscan-runtime ) ,ON,OFF) \
62- $(if $(CONFIG_PACKAGE_hyperscan-runtime ) ,-DHS_INCLUDE_DIRS=$(STAGING_DIR ) /usr/include/hs)
69+ -DENABLE_TCMALLOC=$(if $(CONFIG_PACKAGE_gperftools ) ,ON,OFF) \
70+ -DENABLE_HYPERSCAN=$(if $(CONFIG_PACKAGE_vectorscan ) ,ON,OFF) \
71+ $(if $(CONFIG_PACKAGE_vectorscan ) ,-DHS_INCLUDE_DIRS=$(STAGING_DIR ) /usr/include/hs)
6372
6473TARGET_CFLAGS += -I$(STAGING_DIR ) /usr/include/daq3
6574
@@ -103,22 +112,6 @@ define Package/snort3/install
103112
104113 $(INSTALL_DIR ) $(1 ) /etc/config
105114 $(INSTALL_CONF ) ./files/snort.config $(1 ) /etc/config/snort
106-
107- sed \
108- -i \
109- -e "/^-- HOME_NET and EXTERNAL_NET/ i -- The values for the two variables HOME_NET and EXTERNAL_NET have been" \
110- -e "/^-- HOME_NET and EXTERNAL_NET/ i -- moved to /etc/config/snort, so do not modify them here without good" \
111- -e "/^-- HOME_NET and EXTERNAL_NET/ i -- reason.\n" \
112- -e 's/^\(HOME_NET\s\+=\)/--\1/g' \
113- -e 's/^\(EXTERNAL_NET\s\+=\)/--\1/g' \
114- $(1 ) /etc/snort/snort.lua
115- sed \
116- -i -e "s/^\\(RULE_PATH\\s\\+=\\).*/\\1 'rules'/g" \
117- -e "s/^\\(BUILTIN_RULE_PATH\\s\\+=\\).*/\\1 'builtin_rules'/g" \
118- -e "s/^\\(PLUGIN_RULE_PATH\\s\\+=\\).*/\\1 'so_rules'/g" \
119- -e "s/^\\(WHITE_LIST_PATH\\s\\+=\\).*/\\1 'lists'/g" \
120- -e "s/^\\(BLACK_LIST_PATH\\s\\+=\\).*/\\1 'lists'/g" \
121- $(1 ) /etc/snort/snort_defaults.lua
122115endef
123116
124117$(eval $(call BuildPackage,snort3))
0 commit comments