daq: enable nfq module build

NFQ is the new and improved way to process iptables packets. Snort IPS mode requires this module in some cases. Before the patch: $ snort --daq-list Available DAQ modules: pcap(v3): readback live multi unpriv ipfw(v3): live inline multi unpriv dump(v3): readback live inline multi unpriv afpacket(v5): live inline multi unpriv After the patch: $ snort --daq-list Available DAQ modules: pcap(v3): readback live multi unpriv nfq(v7): live inline multi ipfw(v3): live inline multi unpriv dump(v3): readback live inline multi unpriv afpacket(v5): live inline multi unpriv Also update 0001-correct-the-location-of-unistd.h.patch to fix build with musl. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2026-06-02 01:50:18 +00:00 · 2023-07-28 17:02:55 +08:00
parent 0eedaa5461
commit dd18c5fea7
2 changed files with 24 additions and 7 deletions
@@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=f9ce51a65dd738dc1ae631d8b21c40e0"

 PARALLEL_MAKE = ""

-DEPENDS = "libpcap libpcre libdnet bison-native"
+DEPENDS = "libpcap libpcre libdnet bison-native libnetfilter-queue"

 SRC_URI = "http://fossies.org/linux/misc/daq-${PV}.tar.gz \
           file://disable-run-test-program-while-cross-compiling.patch \
@@ -19,7 +19,7 @@ SRC_URI[sha256sum] = "bdc4e5a24d1ea492c39ee213a63c55466a2e8114b6a9abed609927ae13
 #
 # never look to /usr/local lib while cross compiling

-EXTRA_OECONF = "--disable-nfq-module --disable-ipq-module --includedir=${includedir} \
+EXTRA_OECONF = "--enable-nfq-module --disable-ipq-module --includedir=${includedir} \
    --with-libpcap-includes=${STAGING_INCDIR} --with-dnet-includes=${STAGING_LIBDIR}"

 PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}"
@@ -1,14 +1,15 @@
-From 10e7d4e4bfcb70344d18f0d4ce36068475747f25 Mon Sep 17 00:00:00 2001
+From b7d54de51553f6d09906c355bd0dd326890c8fe4 Mon Sep 17 00:00:00 2001
 From: Khem Raj <raj.khem@gmail.com>
 Date: Wed, 29 Mar 2017 15:59:43 -0700
 Subject: [PATCH] correct the location of unistd.h

-Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 Upstream-Status: Pending

+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
 os-daq-modules/daq_ipfw.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
+ os-daq-modules/daq_nfq.c  | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)

 diff --git a/os-daq-modules/daq_ipfw.c b/os-daq-modules/daq_ipfw.c
 index 016beb0..c2a4175 100644
@@ -26,6 +27,22 @@ index 016beb0..c2a4175 100644
 
 #include <netinet/in.h>
 #include <sys/socket.h>
+diff --git a/os-daq-modules/daq_nfq.c b/os-daq-modules/daq_nfq.c
+index 33021c0..4de94b6 100644
+--- a/os-daq-modules/daq_nfq.c
+++ b/os-daq-modules/daq_nfq.c
+@@ -24,10 +24,10 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+#include <unistd.h>
+ 
+ #include <sys/types.h>
+ #include <sys/time.h>
+-#include <sys/unistd.h>
+ 
+ #include <netinet/ip.h>
+ 
 -- 
-2.12.1
+2.25.1