diff options
author | Alyssa Ross <hi@alyssa.is> | 2019-08-14 00:20:49 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2019-08-14 00:23:16 +0000 |
commit | 4999a38db7c5de0ea9f514a12ecd4133cce647f3 (patch) | |
tree | bbb659ab07fda4c9b98053499b7e3f046ac6d5dc /nixpkgs/pkgs/applications/networking/ids | |
parent | f9abd30e11337cf07034f2cc8ad1691aa4a69386 (diff) | |
parent | 8746c77a383f5c76153c7a181f3616d273acfa2a (diff) | |
download | nixlib-4999a38db7c5de0ea9f514a12ecd4133cce647f3.tar nixlib-4999a38db7c5de0ea9f514a12ecd4133cce647f3.tar.gz nixlib-4999a38db7c5de0ea9f514a12ecd4133cce647f3.tar.bz2 nixlib-4999a38db7c5de0ea9f514a12ecd4133cce647f3.tar.lz nixlib-4999a38db7c5de0ea9f514a12ecd4133cce647f3.tar.xz nixlib-4999a38db7c5de0ea9f514a12ecd4133cce647f3.tar.zst nixlib-4999a38db7c5de0ea9f514a12ecd4133cce647f3.zip |
Merge commit '8746c77a383f5c76153c7a181f3616d273acfa2a'
Diffstat (limited to 'nixpkgs/pkgs/applications/networking/ids')
-rw-r--r-- | nixpkgs/pkgs/applications/networking/ids/suricata/default.nix | 125 |
1 files changed, 125 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/applications/networking/ids/suricata/default.nix b/nixpkgs/pkgs/applications/networking/ids/suricata/default.nix new file mode 100644 index 000000000000..3cd5fe4b8ea5 --- /dev/null +++ b/nixpkgs/pkgs/applications/networking/ids/suricata/default.nix @@ -0,0 +1,125 @@ +{ stdenv +, lib +, fetchurl +, pkgconfig +, makeWrapper +, file +, geoip +, hyperscan +, jansson +, libcap_ng +, libevent +, libnet +, libnetfilter_log +, libnetfilter_queue +, libnfnetlink +, libpcap +, libyaml +, luajit +, nspr +, nss +, pcre +, python +, zlib +, redisSupport ? true, redis, hiredis +, rustSupport ? true, rustc, cargo +}: let + libmagic = file; + hyperscanSupport = stdenv.system == "x86_64-linux" || stdenv.system == "i686-linux"; +in +stdenv.mkDerivation rec { + pname = "suricata"; + version = "4.1.4"; + + src = fetchurl { + url = "https://www.openinfosecfoundation.org/download/${pname}-${version}.tar.gz"; + sha256 = "02901wjf90171rhkymcgp0h48hkn3wv8iwrhz4d8ppraz68hv99d"; + }; + + nativeBuildInputs = [ + makeWrapper + pkgconfig + ]; + + buildInputs = [ + geoip + jansson + libcap_ng + libevent + libmagic + libnet + libnetfilter_log + libnetfilter_queue + libnfnetlink + libpcap + libyaml + luajit + nspr + nss + pcre + python + zlib + ] + ++ lib.optional hyperscanSupport [ hyperscan ] + ++ lib.optional redisSupport [ redis hiredis ] + ++ lib.optional rustSupport [ rustc cargo ] + ; + + enableParallelBuilding = true; + + configureFlags = [ + "--disable-gccmarch-native" + "--enable-afl" + "--enable-af-packet" + "--enable-gccprotect" + "--enable-geoip" + "--enable-luajit" + "--enable-nflog" + "--enable-nfqueue" + "--enable-pie" + "--disable-prelude" + "--enable-python" + "--enable-unix-socket" + "--localstatedir=/var" + "--sysconfdir=/etc" + "--with-libnet-includes=${libnet}/include" + "--with-libnet-libraries=${libnet}/lib" + ] + ++ lib.optional hyperscanSupport [ + "--with-libhs-includes=${hyperscan}/include" + "--with-libhs-libraries=${hyperscan}/lib" + ] + ++ lib.optional redisSupport [ "--enable-hiredis" ] + ++ lib.optional rustSupport [ + "--enable-rust" + "--enable-rust-experimental" + ]; + + installFlags = [ + "e_localstatedir=\${TMPDIR}" + "e_logdir=\${TMPDIR}" + "e_logcertsdir=\${TMPDIR}" + "e_logfilesdir=\${TMPDIR}" + "e_rundir=\${TMPDIR}" + "e_sysconfdir=\${out}/etc/suricata" + "e_sysconfrulesdir=\${out}/etc/suricata/rules" + "localstatedir=\${TMPDIR}" + "runstatedir=\${TMPDIR}" + "sysconfdir=\${out}/etc" + ]; + + installTargets = "install install-conf"; + + postInstall = '' + wrapProgram "$out/bin/suricatasc" \ + --prefix PYTHONPATH : $PYTHONPATH:$(toPythonPath "$out") + ''; + + meta = with stdenv.lib; { + description = "A free and open source, mature, fast and robust network threat detection engine"; + homepage = "https://suricata-ids.org"; + license = licenses.gpl2; + platforms = platforms.linux; + maintainers = with maintainers; [ magenbluten ]; + }; +} |