snort: introducing inline snort support via nfq daq

2 files changed, 13 insertions, 3 deletions

diff --git a/pkgs/applications/networking/ids/daq/default.nix b/pkgs/applications/networking/ids/daq/default.nix
index c4a82966238a..9339bfef6e03 100644
--- a/pkgs/applications/networking/ids/daq/default.nix
+++ b/pkgs/applications/networking/ids/daq/default.nix
@@ -1,4 +1,4 @@
-{stdenv, fetchurl, flex, bison, libpcap}:
+{stdenv, fetchurl, flex, bison, libpcap, libdnet, libnfnetlink, libnetfilter_queue}:
 
 stdenv.mkDerivation rec {
   name = "daq-2.0.5";
@@ -9,7 +9,9 @@ stdenv.mkDerivation rec {
     sha256 = "0vdwb0r9kdlgj4g0i0swafbc7qik0zmks17mhqji8cl7hpdva13p";
   };
 
-  buildInputs = [ flex bison libpcap ];
+  buildInputs = [ flex bison libpcap libdnet libnfnetlink libnetfilter_queue];
+
+  configureFlags = "--enable-nfq-module=yes --with-dnet-includes=${libdnet}/includes --with-dnet-libraries=${libdnet}/lib"; 
 
   meta = {
     description = "Data AcQuisition library (DAQ), for packet I/O";
diff --git a/pkgs/applications/networking/ids/snort/default.nix b/pkgs/applications/networking/ids/snort/default.nix
index ea7e09626994..4a8007796b1c 100644
--- a/pkgs/applications/networking/ids/snort/default.nix
+++ b/pkgs/applications/networking/ids/snort/default.nix
@@ -1,4 +1,4 @@
-{stdenv, fetchurl, libpcap, pcre, libdnet, daq, zlib, flex, bison}:
+{stdenv, makeWrapper, fetchurl, libpcap, pcre, libdnet, daq, zlib, flex, bison}:
 
 stdenv.mkDerivation rec {
   version = "2.9.7.2";
@@ -11,6 +11,14 @@ stdenv.mkDerivation rec {
   };
   
   buildInputs = [ libpcap pcre libdnet daq zlib flex bison ];
+
+  enableParallelBuilding = true;
+
+  configureFlags = "--disable-static-daq --enable-control-socket --with-daq-includes=${daq}/includes --with-daq-libraries=${daq}/lib";
+
+  postInstall = ''
+    wrapProgram $out/bin/snort --add-flags "--daq-dir ${daq}/lib/daq"
+  '';
   
   meta = {
     description = "Network intrusion prevention and detection system (IDS/IPS)";