Versions
v6.0.1-r100 :: 0 :: gentoo
- Modified
- License
- GPL-2
- Keywords
- ~amd64 ~x86
- USE flags
- af-packet bpf control-socket cuda debug detection geoip hardened logrotate lua lz4 nflog nfqueue redis systemd test
v6.0.1 :: 0 :: gentoo
- Modified
- License
- GPL-2
- Keywords
- ~amd64 ~x86
- USE flags
- af-packet bpf control-socket cuda debug detection geoip hardened logrotate lua luajit lz4 nflog nfqueue redis systemd test
v6.0.0 :: 0 :: gentoo
- Modified
- License
- GPL-2
- Keywords
- ~amd64 ~x86
- USE flags
- af-packet bpf control-socket cuda debug detection geoip hardened logrotate lua luajit lz4 nflog nfqueue redis systemd test
v5.0.5 :: 0 :: gentoo
- Modified
- License
- GPL-2
- Keywords
- ~amd64 ~x86
- USE flags
- af-packet bpf control-socket cuda debug detection geoip hardened logrotate lua luajit lz4 nflog nfqueue redis systemd test
v5.0.4 :: 0 :: gentoo
- Modified
- License
- GPL-2
- Keywords
- ~amd64 ~x86
- USE flags
- af-packet bpf control-socket cuda debug detection geoip hardened logrotate lua luajit lz4 nflog nfqueue redis systemd test
USE flags
General
- af-packet
- Enable AF_PACKET support
- bpf
- Enable support for eBPF (as well as XDP if supported by the kernel and the NIC driver) for low-level, high-speed packet processing
- control-socket
- Enable unix socket
- cuda
- Enable NVIDIA Cuda computations support
- debug
- Enable extra debug codepaths, like asserts and extra output. If you want to get meaningful backtraces see https://wiki.gentoo.org/wiki/Project:Quality_Assurance/Backtraces
- detection
- Enable detection modules
- geoip
- Add geoip support for country and city lookup based on IPs
- hardened
- Activate default security enhancements for toolchain (gcc, glibc, binutils)
- logrotate
- Install logrotate rule
- lua
- Enable Lua scripting support
- luajit
- Use dev-lang/luajit instead of dev-lang/lua (ineffective with USE=-lua)
- lz4
- Enable support for compressed pcap logging using the LZ4 algorithm
- nflog
- Enable libnetfilter_log support
- nfqueue
- Enable NFQUEUE support for inline IDP
- redis
- Enable Redis support
- systemd
- Enable use of systemd-specific libraries and features like socket activation or session tracking
- test
- Enable dependencies and/or preparations necessary to run tests (usually controlled by FEATURES=test but can be toggled independently)
kernel
- linux
- KERNEL setting for system using the Linux kernel
lua_single_target
- lua5-1
- Build for Lua 5.1 only
- luajit
- Build for LuaJIT only
python_single_target
- python3_7
- Build for Python 3.7 only
- python3_8
- Build for Python 3.8 only
- python3_9
- Build for Python 3.9 only
Dependencies
acct-group / suricata : Group for Suricata IDS
acct-user / suricata : User for Suricata IDS
app-admin / logrotate : Rotates, compresses, and mails system logs
app-arch / lz4 : Extremely Fast Compression algorithm
dev-lang / lua : A powerful light-weight programming language designed for extending applications
dev-lang / luajit : Just-In-Time Compiler for the Lua programming language
dev-lang / python : An interpreted, interactive, object-oriented programming language
dev-lang / python-exec : Python script wrapper
dev-libs / hiredis : Minimalistic C client library for the Redis database
dev-libs / jansson : C library for encoding, decoding and manipulating JSON data
dev-libs / libbpf : Stand-alone build of libbpf from the Linux kernel
dev-libs / libmaxminddb : C library for the MaxMind DB file format
dev-libs / libpcre : Perl-compatible regular expression library
dev-libs / libyaml : YAML 1.1 parser and emitter written in C
dev-libs / nspr : Netscape Portable Runtime
dev-libs / nss : Mozilla's Network Security Services library that implements PKI support
dev-python / pyyaml : YAML parser and emitter for Python
dev-util / nvidia-cuda-toolkit : NVIDIA CUDA Toolkit (compiler and friends)
net-libs / libhtp : security-aware parser for the HTTP protocol and the related bits and pieces
net-libs / libnet : library providing an API for commonly used low-level network functions
net-libs / libnetfilter_log : interface to packets that have been logged by the kernel packet filter
net-libs / libnetfilter_queue : API to packets that have been queued by the kernel packet filter
net-libs / libnfnetlink : the low-level library for netfilter related kernel/userspace communication
net-libs / libpcap : A system-independent library for user-level network packet capture
sys-apps / file : identify a file's format by scanning binary data for patterns
sys-devel / autoconf : Used to create autoconfiguration files
Runtime Dependencies
acct-group / suricata : Group for Suricata IDS
acct-user / suricata : User for Suricata IDS
app-admin / logrotate : Rotates, compresses, and mails system logs
app-arch / lz4 : Extremely Fast Compression algorithm
dev-lang / lua : A powerful light-weight programming language designed for extending applications
dev-lang / luajit : Just-In-Time Compiler for the Lua programming language
dev-lang / python : An interpreted, interactive, object-oriented programming language
dev-lang / python-exec : Python script wrapper
dev-libs / hiredis : Minimalistic C client library for the Redis database
dev-libs / jansson : C library for encoding, decoding and manipulating JSON data
dev-libs / libbpf : Stand-alone build of libbpf from the Linux kernel
dev-libs / libmaxminddb : C library for the MaxMind DB file format
dev-libs / libpcre : Perl-compatible regular expression library
dev-libs / libyaml : YAML 1.1 parser and emitter written in C
dev-libs / nspr : Netscape Portable Runtime
dev-libs / nss : Mozilla's Network Security Services library that implements PKI support
dev-python / pyyaml : YAML parser and emitter for Python
dev-util / nvidia-cuda-toolkit : NVIDIA CUDA Toolkit (compiler and friends)
net-libs / libhtp : security-aware parser for the HTTP protocol and the related bits and pieces
net-libs / libnet : library providing an API for commonly used low-level network functions
net-libs / libnetfilter_log : interface to packets that have been logged by the kernel packet filter
net-libs / libnetfilter_queue : API to packets that have been queued by the kernel packet filter
net-libs / libnfnetlink : the low-level library for netfilter related kernel/userspace communication
net-libs / libpcap : A system-independent library for user-level network packet capture
sys-apps / file : identify a file's format by scanning binary data for patterns
Change logs
- Repository mirror & CI · gentoo
Merge updates from master - Marek Szuba · gentoo
net-analyzer/suricata: bump the old stable branch to 5.0.5
Signed-off-by: Marek Szuba <marecki@gentoo.org> - Marek Szuba · gentoo
net-analyzer/suricata: bump to 6.0.1
Signed-off-by: Marek Szuba <marecki@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Marek Szuba · gentoo
net-analyzer/suricata: limit unmigrated ebuilds to dev-lang/lua:0
Signed-off-by: Marek Szuba <marecki@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Marek Szuba · gentoo
net-analyzer/suricata: migrate to lua-single.eclass
Both the documentation and the autoconf script only mention luajit and lua5.1 so limit compatibility to these two. Signed-off-by: Marek Szuba <marecki@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Marek Szuba · gentoo
net-analyzer/suricata: bump to 6.0.0
Okay, this has turned out to be easier than I thought it might be. Note to self: since suricata-6 no longer supports unified2 output and suricata-5 is still supported upstream (even 4 will only reach end of life on 2020-12-31), keep the latter around for at least a bit longer. Signed-off-by: Marek Szuba <marecki@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Marek Szuba · gentoo
net-analyzer/suricata: bump to 5.0.4
6.0.0 is out now too but it may or may not take time to package, and 5.0.4 fixes some potential security issues detected by Oss-Fuzz. Signed-off-by: Marek Szuba <marecki@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Marek Szuba · gentoo
net-analyzer/suricata: support python3_9
Builds, tests and installs fine, and at least suricata-update works without problems. Tested pypy3 support as well and it needs work, somehow Python modules for this implementation end up in /usr/site-packages. Tools work fine once the modules have been manually moved to the right directory, though. Signed-off-by: Marek Szuba <marecki@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Marek Szuba · gentoo
net-analyzer/suricata: bump to 5.0.3 + remove 5.0.2
Bug: https://bugs.gentoo.org/724536 Signed-off-by: Marek Szuba <marecki@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Marek Szuba · gentoo
net-analyzer/suricata: remove old
Signed-off-by: Marek Szuba <marecki@gentoo.org> - Marek Szuba · gentoo
net-analyzer/suricata: add missing "|| die" guard to sed call
Also, some cosmetic changes to dependencies. Signed-off-by: Marek Szuba <marecki@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Marek Szuba · gentoo
net-analyzer/suricata: bump to 5.0.2
Signed-off-by: Marek Szuba <marecki@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Michał Górny · gentoo
net-analyzer/suricata: Switch to PYTHON_MULTI_USEDEP API
Signed-off-by: Michał Górny <mgorny@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Marek Szuba · gentoo
net-analyzer/suricata: build with -fno-common / gcc-10
Tried fixing the code but it turns out it would require a non-trivial amount of changes so let's just force -fcommon. Tested using gcc-9 with -fno-common included in CFLAGS. Closes: https://bugs.gentoo.org/707204 Package-Manager: Portage-2.3.84, Repoman-2.3.20 Signed-off-by: Marek Szuba <marecki@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Marek Szuba · gentoo
net-analyzer/suricata: depend on virtual/rust, not dev-lang/rust
In other words, do not force users to build Rust from source. Closes: https://bugs.gentoo.org/703346 Package-Manager: Portage-2.3.79, Repoman-2.3.16 Signed-off-by: Marek Szuba <marecki@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Marek Szuba · gentoo
net-analyzer/suricata: fix typo in postinst messages
Package-Manager: Portage-2.3.79, Repoman-2.3.16 Signed-off-by: Marek Szuba <marecki@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Marek Szuba · gentoo
net-analyzer/suricata: remove old
Package-Manager: Portage-2.3.79, Repoman-2.3.16 Signed-off-by: Marek Szuba <marecki@gentoo.org> - Marek Szuba · gentoo
net-analyzer/suricata: bump to 5.0.1
Further clean-up of old ebuilds, tools are no longer optional, there is now a config phase to download an initial rule set using suricata-update. Closes: https://bugs.gentoo.org/703184 Package-Manager: Portage-2.3.79, Repoman-2.3.16 Signed-off-by: Marek Szuba <marecki@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Marek Szuba · gentoo
net-analyzer/suricata: remove vulnerable 4.0.4
Bug: https://bugs.gentoo.org/690196 Bug: https://bugs.gentoo.org/686428 Package-Manager: Portage-2.3.79, Repoman-2.3.16 Signed-off-by: Marek Szuba <marecki@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Marek Szuba · gentoo
net-analyzer/suricata: bump to 5.0.0 and EAPI 7
Package-Manager: Portage-2.3.79, Repoman-2.3.16 Signed-off-by: Marek Szuba <marecki@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Michał Górny · gentoo
*/*: [QA] Fix trivial cases of MissingTestRestrict
The result was achieved via the following pipeline: pkgcheck scan -c RestrictTestCheck -R FormatReporter \ --format '{category}/{package}/{package}-{version}.ebuild' | xargs -n32 grep -L RESTRICT | xargs -n32 sed -i -e '/^IUSE=.*test/aRESTRICT="!test? ( test )"' The resulting metadata was compared before and after the change. Few Go ebuilds had to be fixed manually due to implicit RESTRICT=strip added by the eclass. Two ebuilds have to be fixed because of multiline IUSE. Suggested-by: Robin H. Johnson <robbat2@gentoo.org> Closes: https://github.com/gentoo/gentoo/pull/13942 Signed-off-by: Michał Górny <mgorny@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Slawomir Lis · gentoo
net-analyzer/suricata: fixed installations warnings
Package-Manager: Portage-2.3.75, Repoman-2.3.17 Signed-off-by: Slawek Lis <slis@gentoo.org> - Slawomir Lis · gentoo
net-analyzer/suricata: Updated init.d and conf.d default pathes
Package-Manager: Portage-2.3.75, Repoman-2.3.17 Signed-off-by: Slawek Lis <slis@gentoo.org> - Slawomir Lis · gentoo
net-analyzer/suricata: fixed build error related with SIOCGSTAMP
Closes: https://bugs.gentoo.org/692546 Package-Manager: Portage-2.3.75, Repoman-2.3.17 Signed-off-by: Slawek Lis <slis@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Marek Szuba · gentoo
net-analyzer/suricata: remove vulnerable 4.0.3
Bug: https://bugs.gentoo.org/647664 Package-Manager: Portage-2.3.40, Repoman-2.3.9 - Marek Szuba · gentoo
net-analyzer/suricata: bump to 4.0.4 + fix Lua USE flags
Invoking maintainer timeout on both issues. Closes: https://bugs.gentoo.org/652344 Package-Manager: Portage-2.3.40, Repoman-2.3.9 - Repository mirror & CI · gentoo
Merge updates from master - Michael Mair-Keimberger · gentoo
net-analyzer/suricata: use HTTPs - Slawomir Lis · gentoo
net-analyzer/suricata: fixed problems with compilation
Fixed problems with compilation using lua and luajit Package-Manager: Portage-2.3.36, Repoman-2.3.9 - Michał Górny · gentoo
net-analyzer/suricata: [QA] Use standard meaning of USE=luajit
Fix the package to use standard meaning for USE=luajit instead of making it exclusive with USE=lua. - Slawomir Lis · gentoo
net-analyzer/suricata: removed old version
To fix vulnerability reported in bug https://bugs.gentoo.org/635662 Dropped versions: 2.0.11, 3.0.1, 3.1.3, 3.2-r1, 3.2.1, 3.2 Package-Manager: Portage-2.3.20, Repoman-2.3.6 - Slawomir Lis · gentoo
net-analyzer/suricata: version bump to 4.0.3
This should fix security problems reported in https://bugs.gentoo.org/635662 Package-Manager: Portage-2.3.20, Repoman-2.3.6 - Slawomir Lis · gentoo
net-analyzer/suricata: Solved conflicting use flags
Use flags LUA and LUAJIT cannot be set at the same time. Reported in bug 625814 Reported-By: deference@null.net Package-Manager: Portage-2.3.6, Repoman-2.3.3 - Robin H. Johnson · gentoo
Drop $Id$ per council decision in bug #611234.
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org> - Slawomir Lis · gentoo
net-analyzer/suricata: version bump to 3.2.1
Reported in #609426 Package-Manager: Portage-2.3.3, Repoman-2.3.1 - T. Malfatti · gentoo
media-libs/portaudio: Version bump - Slawomir Lis · gentoo
net-analyzer/suricata: fixing error with logrotate file
As reported in bug 604904 Package-Manager: Portage-2.3.3, Repoman-2.3.1 - Slawomir Lis · gentoo
net-analyzer/suricata: postinst log message fix
Package-Manager: Portage-2.3.3, Repoman-2.3.1 - Slawomir Lis · gentoo
net-analyzer/suricata: Dropping user privs in init script
Bug #602590 Package-Manager: Portage-2.3.3, Repoman-2.3.1 - Slawomir Lis · gentoo
net-analyzer/suricata: Updated suricata logging and added logrotate file
I've also bumped revision number, as there are many changes, and those fixes should finally close bug 602590. Thanks to Vieri <rentorbuy@yahoo.com> for support. Package-Manager: Portage-2.3.3, Repoman-2.3.1 - Slawomir Lis · gentoo
net-analyzer/suricata: updated init script and config file
Updated way the script starts suricata, it allows to define config values inline now. Details in bug 602590. Package-Manager: Portage-2.3.3, Repoman-2.3.1 - Slawomir Lis · gentoo
net-analyzer/suricata: Updated init script
Applied patches sent in order to bug 602590. Now it's possible to run one or many instances of suricata. Thanks to Vieri <rentorbuy@yahoo.com> for help. Package-Manager: Portage-2.3.3, Repoman-2.3.1 - Slawomir Lis · gentoo
net-analyzer/suricata: Drop old version
Dropped versions: 3.1 and 3.1.2 Package-Manager: Portage-2.3.3, Repoman-2.3.1 - Slawomir Lis · gentoo
net-analyzer/suricata: Version bump to 3.2
Reported in bug 602590. Reported-By: Vieri <rentorbuy@yahoo.com> Package-Manager: Portage-2.3.3, Repoman-2.3.1 - Slawomir Lis · gentoo
net-analyzer/suricata: version bump to 3.1.3
Package-Manager: portage-2.3.2 - Slawomir Lis · gentoo
net-analyzer/suricata: version bump to 3.1.2
This update is needed and resolves #587786 Reported in #595524 Reported-By: bgo <bgo@9dt.de> Package-Manager: portage-2.3.1 - Slawomir Lis · gentoo
fixed #587548
Package-Manager: portage-2.3.0_rc1 - Slawomir Lis · gentoo
version bump, metadata update
Package-Manager: portage-2.3.0_rc1 - Slawomir Lis · gentoo
version bump (#580824)
Package-Manager: portage-2.2.28 - Slawomir Lis · gentoo
drop system-htp use flag (#575144)
Package-Manager: portage-2.2.27 - Slawomir Lis · gentoo
useflag to use libhtp instead of bundled one (#575144)
Package-Manager: portage-2.2.27 - Slawomir Lis · gentoo
Added detection USE flag, drop old
Package-Manager: portage-2.2.27 - Slawomir Lis · gentoo
version bump
Package-Manager: portage-2.2.26 - Slawomir Lis · gentoo
Fixed #569636
Package-Manager: portage-2.2.26 - Slawomir Lis · gentoo
Added suricata ebuild (#437564)
Package-Manager: portage-2.2.26