net-analyzer / suricata

High performance Network IDS, IPS and Network Security Monitoring engine

Official package sites : https://suricata.io/ ·

v6.0.3-r1 :: 0/6 :: gentoo

Modified
License
GPL-2
Keywords
~amd64 ~riscv ~x86
USE flags
af-packet bpf control-socket cuda debug detection geoip hardened hyperscan lua lz4 nflog nfqueue redis systemd test

v5.0.7-r1 :: 0/5 :: gentoo

Modified
License
GPL-2
Keywords
~amd64 ~x86
USE flags
af-packet bpf control-socket cuda debug detection geoip hardened hyperscan lua lz4 nflog nfqueue redis systemd test

General

af-packet
Enable AF_PACKET support
bpf
Enable support for eBPF (as well as XDP if supported by the kernel and the NIC driver) for low-level, high-speed packet processing
control-socket
Enable unix socket
cuda
Enable NVIDIA Cuda computations support
debug
Enable extra debug codepaths, like asserts and extra output. If you want to get meaningful backtraces see https://wiki.gentoo.org/wiki/Project:Quality_Assurance/Backtraces
detection
Enable detection modules
geoip
Add geoip support for country and city lookup based on IPs
hardened
Activate default security enhancements for toolchain (gcc, glibc, binutils)
hyperscan
Enable high-performance regex matching with Hyperscan
lua
Enable Lua scripting support
lz4
Enable support for compressed pcap logging using the LZ4 algorithm
nflog
Enable libnetfilter_log support
nfqueue
Enable NFQUEUE support for inline IDP
redis
Enable Redis support
systemd
Enable use of systemd-specific libraries and features like socket activation or session tracking
test
Enable dependencies and/or preparations necessary to run tests (usually controlled by FEATURES=test but can be toggled independently)

kernel

linux
KERNEL setting for system using the Linux kernel

lua_single_target

lua5-1
Build for Lua 5.1 only
luajit
Build for LuaJIT only

python_single_target

python3_10
Build for Python 3.10 only
python3_8
Build for Python 3.8 only
python3_9
Build for Python 3.9 only

acct-group / suricata : Group for Suricata IDS

acct-user / suricata : User for Suricata IDS

app-arch / lz4 : Extremely Fast Compression algorithm

dev-lang / lua : A powerful light-weight programming language designed for extending applications

dev-lang / luajit : Just-In-Time Compiler for the Lua programming language

dev-lang / python : An interpreted, interactive, object-oriented programming language

dev-lang / python-exec : Python script wrapper

dev-libs / hiredis : Minimalistic C client library for the Redis database

dev-libs / hyperscan : High-performance regular expression matching library

dev-libs / jansson : C library for encoding, decoding and manipulating JSON data

dev-libs / libbpf : Stand-alone build of libbpf from the Linux kernel

dev-libs / libmaxminddb : C library for the MaxMind DB file format

dev-libs / libpcre : Perl-compatible regular expression library

dev-libs / libyaml : YAML 1.1 parser and emitter written in C

dev-libs / nspr : Netscape Portable Runtime

dev-libs / nss : Mozilla's Network Security Services library that implements PKI support

dev-python / pyyaml : YAML parser and emitter for Python

dev-util / nvidia-cuda-toolkit : NVIDIA CUDA Toolkit (compiler and friends)

net-libs / libhtp : security-aware parser for the HTTP protocol and the related bits and pieces

net-libs / libnet : library providing an API for commonly used low-level network functions

net-libs / libnetfilter_log : Interface to packets that have been logged by the kernel packet filter

net-libs / libnetfilter_queue : API to packets that have been queued by the kernel packet filter

net-libs / libnfnetlink : the low-level library for netfilter related kernel/userspace communication

net-libs / libpcap : A system-independent library for user-level network packet capture

sys-apps / file : identify a file's format by scanning binary data for patterns

sys-devel / autoconf : Used to create autoconfiguration files

sys-libs / libcap-ng : POSIX 1003.1e capabilities

virtual / rust : Virtual for Rust language compiler

acct-group / suricata : Group for Suricata IDS

acct-user / suricata : User for Suricata IDS

app-arch / lz4 : Extremely Fast Compression algorithm

dev-lang / lua : A powerful light-weight programming language designed for extending applications

dev-lang / luajit : Just-In-Time Compiler for the Lua programming language

dev-lang / python : An interpreted, interactive, object-oriented programming language

dev-lang / python-exec : Python script wrapper

dev-libs / hiredis : Minimalistic C client library for the Redis database

dev-libs / hyperscan : High-performance regular expression matching library

dev-libs / jansson : C library for encoding, decoding and manipulating JSON data

dev-libs / libbpf : Stand-alone build of libbpf from the Linux kernel

dev-libs / libmaxminddb : C library for the MaxMind DB file format

dev-libs / libpcre : Perl-compatible regular expression library

dev-libs / libyaml : YAML 1.1 parser and emitter written in C

dev-libs / nspr : Netscape Portable Runtime

dev-libs / nss : Mozilla's Network Security Services library that implements PKI support

dev-python / pyyaml : YAML parser and emitter for Python

dev-util / nvidia-cuda-toolkit : NVIDIA CUDA Toolkit (compiler and friends)

net-libs / libhtp : security-aware parser for the HTTP protocol and the related bits and pieces

net-libs / libnet : library providing an API for commonly used low-level network functions

net-libs / libnetfilter_log : Interface to packets that have been logged by the kernel packet filter

net-libs / libnetfilter_queue : API to packets that have been queued by the kernel packet filter

net-libs / libnfnetlink : the low-level library for netfilter related kernel/userspace communication

net-libs / libpcap : A system-independent library for user-level network packet capture

sys-apps / file : identify a file's format by scanning binary data for patterns

sys-libs / libcap-ng : POSIX 1003.1e capabilities

virtual / tmpfiles : Virtual to select between different tmpfiles.d handlers

Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: get rid of dev-libs/hyperscan automagic
Signed-off-by: Marek Szuba <marecki@gentoo.org>
Marek Szuba · gentoo
net-analyzer/suricata: add TODO note about hyperscan automagic
Even with USE=-hyperscan, if dev-libs/hyperscan is present at configure time it is pulled in. Same deal as with lz4 earlier. Signed-off-by: Marek Szuba <marecki@gentoo.org>
Jonathan Davies · gentoo
net-analyzer/suricata: Add hyperscan USE flag.
Signed-off-by: Jonathan Davies <jpds@protonmail.com> Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: keyword 6.0.3 for ~riscv
Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Sam James · gentoo
net-analyzer/suricata: [QA] call tmpfiles_process in pkg_postinst
This is needed to actually apply the tmpfiles configuration we've installed in the ebuild. See tmpfiles.eclass documentation. Package-Manager: Portage-3.0.20, Repoman-3.0.3 Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: install logrotate files unconditionally
No revbump in order to avoid forcing everyone to reinstall. Suggested-by: Sam James <sam@gentoo.org> Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: add 6.0.3, drop 6.0.2
Now with rust-1.53 compatibility and without CVE-2021-35063. Signed-off-by: Marek Szuba <marecki@gentoo.org>
Marek Szuba · gentoo
net-analyzer/suricata: add 5.0.7, drop 5.0.6
Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: limit version of currently selected rust
While simply limiting the version of virtual/rust in dependencies is likely enough for most users at present, if someone has got both rust and rust-bin emerged the virtual will only affect the version of one of them - and it is possible that the version currently set as active by "eselect rust" is not a supported one. Closes: https://bugs.gentoo.org/797370 Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: update HOMEPAGE
Signed-off-by: Marek Szuba <marecki@gentoo.org>
Marek Szuba · gentoo
net-analyzer/suricata-6.0.2: restrict Rust version
The bundled lexical-core-0.6.7 is not compatible with rust-1.53 due to stabilisation of <integer>::BITS, see https://github.com/rust-lang/rust/issues/81654 . Already fixed by lexical-core upstream (in version 0.7.5) but I haven't had much luck backporting this to 0.6.7. Suricata-5 is not affected because it doesn't use this Rust module. Closes: https://bugs.gentoo.org/797370 Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: support python3_10
Build, test and install fine, Python tools such as suricatactl or suricata-update appear to function properly too. Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: leave sphinx-build and pdflatex alone
Upstream build scripts look for the two and if they are present, attempt to generate documentation. Automagic aside, this presently only works with Sphinx versions older than 4.0.0 - and in any case release tarballs include both PDF guides and man pages. Closes: https://bugs.gentoo.org/789528 Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Sam James · gentoo
net-analyzer/suricata: flag-o-matic--, missing die
Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Theo Anderson · gentoo
net-analyzer/suricata: migrate to tmpfiles.eclass
Package-Manager: Portage-3.0.16, Repoman-3.0.2 Signed-off-by: Theo Anderson <telans@posteo.de> Signed-off-by: David Seifert <soap@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: bump v6 to 6.0.2
Signed-off-by: Marek Szuba <marecki@gentoo.org>
Marek Szuba · gentoo
net-analyzer/suricata: bump v5 to 5.0.6
Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Michał Górny · gentoo
*/*: Remove obsolete values from PYTHON_COMPAT
Signed-off-by: Michał Górny <mgorny@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: migrate v5 to lua-single.eclass as well
Signed-off-by: Marek Szuba <marecki@gentoo.org>
Marek Szuba · gentoo
net-analyzer/suricata: remove old
Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: bump the old stable branch to 5.0.5
Signed-off-by: Marek Szuba <marecki@gentoo.org>
Marek Szuba · gentoo
net-analyzer/suricata: bump to 6.0.1
Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: limit unmigrated ebuilds to dev-lang/lua:0
Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: migrate to lua-single.eclass
Both the documentation and the autoconf script only mention luajit and lua5.1 so limit compatibility to these two. Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: bump to 6.0.0
Okay, this has turned out to be easier than I thought it might be. Note to self: since suricata-6 no longer supports unified2 output and suricata-5 is still supported upstream (even 4 will only reach end of life on 2020-12-31), keep the latter around for at least a bit longer. Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: bump to 5.0.4
6.0.0 is out now too but it may or may not take time to package, and 5.0.4 fixes some potential security issues detected by Oss-Fuzz. Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: support python3_9
Builds, tests and installs fine, and at least suricata-update works without problems. Tested pypy3 support as well and it needs work, somehow Python modules for this implementation end up in /usr/site-packages. Tools work fine once the modules have been manually moved to the right directory, though. Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: bump to 5.0.3 + remove 5.0.2
Bug: https://bugs.gentoo.org/724536 Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: remove old
Signed-off-by: Marek Szuba <marecki@gentoo.org>
Marek Szuba · gentoo
net-analyzer/suricata: add missing "|| die" guard to sed call
Also, some cosmetic changes to dependencies. Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: bump to 5.0.2
Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Michał Górny · gentoo
net-analyzer/suricata: Switch to PYTHON_MULTI_USEDEP API
Signed-off-by: Michał Górny <mgorny@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: build with -fno-common / gcc-10
Tried fixing the code but it turns out it would require a non-trivial amount of changes so let's just force -fcommon. Tested using gcc-9 with -fno-common included in CFLAGS. Closes: https://bugs.gentoo.org/707204 Package-Manager: Portage-2.3.84, Repoman-2.3.20 Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: depend on virtual/rust, not dev-lang/rust
In other words, do not force users to build Rust from source. Closes: https://bugs.gentoo.org/703346 Package-Manager: Portage-2.3.79, Repoman-2.3.16 Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: fix typo in postinst messages
Package-Manager: Portage-2.3.79, Repoman-2.3.16 Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: remove old
Package-Manager: Portage-2.3.79, Repoman-2.3.16 Signed-off-by: Marek Szuba <marecki@gentoo.org>
Marek Szuba · gentoo
net-analyzer/suricata: bump to 5.0.1
Further clean-up of old ebuilds, tools are no longer optional, there is now a config phase to download an initial rule set using suricata-update. Closes: https://bugs.gentoo.org/703184 Package-Manager: Portage-2.3.79, Repoman-2.3.16 Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: remove vulnerable 4.0.4
Bug: https://bugs.gentoo.org/690196 Bug: https://bugs.gentoo.org/686428 Package-Manager: Portage-2.3.79, Repoman-2.3.16 Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: bump to 5.0.0 and EAPI 7
Package-Manager: Portage-2.3.79, Repoman-2.3.16 Signed-off-by: Marek Szuba <marecki@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Michał Górny · gentoo
*/*: [QA] Fix trivial cases of MissingTestRestrict
The result was achieved via the following pipeline: pkgcheck scan -c RestrictTestCheck -R FormatReporter \ --format '{category}/{package}/{package}-{version}.ebuild' | xargs -n32 grep -L RESTRICT | xargs -n32 sed -i -e '/^IUSE=.*test/aRESTRICT="!test? ( test )"' The resulting metadata was compared before and after the change. Few Go ebuilds had to be fixed manually due to implicit RESTRICT=strip added by the eclass. Two ebuilds have to be fixed because of multiline IUSE. Suggested-by: Robin H. Johnson <robbat2@gentoo.org> Closes: https://github.com/gentoo/gentoo/pull/13942 Signed-off-by: Michał Górny <mgorny@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Slawomir Lis · gentoo
net-analyzer/suricata: fixed installations warnings
Package-Manager: Portage-2.3.75, Repoman-2.3.17 Signed-off-by: Slawek Lis <slis@gentoo.org>
Slawomir Lis · gentoo
net-analyzer/suricata: Updated init.d and conf.d default pathes
Package-Manager: Portage-2.3.75, Repoman-2.3.17 Signed-off-by: Slawek Lis <slis@gentoo.org>
Slawomir Lis · gentoo
net-analyzer/suricata: fixed build error related with SIOCGSTAMP
Closes: https://bugs.gentoo.org/692546 Package-Manager: Portage-2.3.75, Repoman-2.3.17 Signed-off-by: Slawek Lis <slis@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Marek Szuba · gentoo
net-analyzer/suricata: remove vulnerable 4.0.3
Bug: https://bugs.gentoo.org/647664 Package-Manager: Portage-2.3.40, Repoman-2.3.9
Marek Szuba · gentoo
net-analyzer/suricata: bump to 4.0.4 + fix Lua USE flags
Invoking maintainer timeout on both issues. Closes: https://bugs.gentoo.org/652344 Package-Manager: Portage-2.3.40, Repoman-2.3.9
Repository mirror & CI · gentoo
Merge updates from master
Michael Mair-Keimberger · gentoo
net-analyzer/suricata: use HTTPs
Slawomir Lis · gentoo
net-analyzer/suricata: fixed problems with compilation
Fixed problems with compilation using lua and luajit Package-Manager: Portage-2.3.36, Repoman-2.3.9
Michał Górny · gentoo
net-analyzer/suricata: [QA] Use standard meaning of USE=luajit
Fix the package to use standard meaning for USE=luajit instead of making it exclusive with USE=lua.
Slawomir Lis · gentoo
net-analyzer/suricata: removed old version
To fix vulnerability reported in bug https://bugs.gentoo.org/635662 Dropped versions: 2.0.11, 3.0.1, 3.1.3, 3.2-r1, 3.2.1, 3.2 Package-Manager: Portage-2.3.20, Repoman-2.3.6
Slawomir Lis · gentoo
net-analyzer/suricata: version bump to 4.0.3
This should fix security problems reported in https://bugs.gentoo.org/635662 Package-Manager: Portage-2.3.20, Repoman-2.3.6
Slawomir Lis · gentoo
net-analyzer/suricata: Solved conflicting use flags
Use flags LUA and LUAJIT cannot be set at the same time. Reported in bug 625814 Reported-By: deference@null.net Package-Manager: Portage-2.3.6, Repoman-2.3.3
Robin H. Johnson · gentoo
Drop $Id$ per council decision in bug #611234.
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
Slawomir Lis · gentoo
net-analyzer/suricata: version bump to 3.2.1
Reported in #609426 Package-Manager: Portage-2.3.3, Repoman-2.3.1
T. Malfatti · gentoo
media-libs/portaudio: Version bump
Slawomir Lis · gentoo
net-analyzer/suricata: fixing error with logrotate file
As reported in bug 604904 Package-Manager: Portage-2.3.3, Repoman-2.3.1
Slawomir Lis · gentoo
net-analyzer/suricata: postinst log message fix
Package-Manager: Portage-2.3.3, Repoman-2.3.1
Slawomir Lis · gentoo
net-analyzer/suricata: Dropping user privs in init script
Bug #602590 Package-Manager: Portage-2.3.3, Repoman-2.3.1
Slawomir Lis · gentoo
net-analyzer/suricata: Updated suricata logging and added logrotate file
I've also bumped revision number, as there are many changes, and those fixes should finally close bug 602590. Thanks to Vieri <rentorbuy@yahoo.com> for support. Package-Manager: Portage-2.3.3, Repoman-2.3.1
Slawomir Lis · gentoo
net-analyzer/suricata: updated init script and config file
Updated way the script starts suricata, it allows to define config values inline now. Details in bug 602590. Package-Manager: Portage-2.3.3, Repoman-2.3.1
Slawomir Lis · gentoo
net-analyzer/suricata: Updated init script
Applied patches sent in order to bug 602590. Now it's possible to run one or many instances of suricata. Thanks to Vieri <rentorbuy@yahoo.com> for help. Package-Manager: Portage-2.3.3, Repoman-2.3.1
Slawomir Lis · gentoo
net-analyzer/suricata: Drop old version
Dropped versions: 3.1 and 3.1.2 Package-Manager: Portage-2.3.3, Repoman-2.3.1
Slawomir Lis · gentoo
net-analyzer/suricata: Version bump to 3.2
Reported in bug 602590. Reported-By: Vieri <rentorbuy@yahoo.com> Package-Manager: Portage-2.3.3, Repoman-2.3.1
Slawomir Lis · gentoo
net-analyzer/suricata: version bump to 3.1.3
Package-Manager: portage-2.3.2
Slawomir Lis · gentoo
net-analyzer/suricata: version bump to 3.1.2
This update is needed and resolves #587786 Reported in #595524 Reported-By: bgo <bgo@9dt.de> Package-Manager: portage-2.3.1
Slawomir Lis · gentoo
fixed #587548
Package-Manager: portage-2.3.0_rc1
Slawomir Lis · gentoo
version bump, metadata update
Package-Manager: portage-2.3.0_rc1
Slawomir Lis · gentoo
version bump (#580824)
Package-Manager: portage-2.2.28
Slawomir Lis · gentoo
drop system-htp use flag (#575144)
Package-Manager: portage-2.2.27
Slawomir Lis · gentoo
useflag to use libhtp instead of bundled one (#575144)
Package-Manager: portage-2.2.27
Slawomir Lis · gentoo
Added detection USE flag, drop old
Package-Manager: portage-2.2.27
Slawomir Lis · gentoo
version bump
Package-Manager: portage-2.2.26
Slawomir Lis · gentoo
Fixed #569636
Package-Manager: portage-2.2.26
Slawomir Lis · gentoo
Added suricata ebuild (#437564)
Package-Manager: portage-2.2.26