The Fedora 28+ does not have inbuilt SunRPC support in glibc and is
separately availble in tirpc package. So it enables tirpc checking for
fedora in configure.
Drop this piece of code since we had specify '-ltirpc' in LDFLAGS
explicitly. Otherwise it will cause a compile-host-path QA issue if the
host is Fedora 28+:
cc1: warning: include location "/usr/include/tirpc" is unsafe for
cross-compilation [-Wpoison-system-directories]
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* Add PACKAGECONFIG[appid] for application identification support.
* Set the variables 'have_daq_packet_trace' and
'have_daq_verdict_reason' to 'no' since they are only supported in daq
2.2.2 but not in 2.0.6.
* Cleanup snort.init script and fix the incorrect argument of mkdir
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* Update SRC_URI
* Drop 0001-fix-do_package-failed-since-snort-2.9.7.0.patch since the
issue had been fixed upstream.
* Drop the following patches and merge their modifications to
disable-run-test-program-while-cross-compiling.patch:
disable-dap-address-space-id.patch
disable-daq-flow-id.patch
disable-daq-verdict-retry.patch
disable-inaddr-none.patch
* Add disable-run-test-program-while-cross-compiling.patch to fix
configure error: cannot run test program while cross compiling.
The variables have_daq_real_addresses, have_daq_ext_modflow,
have_daq_queryflow, have_daq_data_channel_flags and
have_daq_data_channel_separate_ip_versions are set to no since they
are for daq 2.2.2 but we have daq 2.0.6 in meta-networking layer.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
WARNING:
Some of the context lines in patches were ignored. This can lead to incorrectly applied patches.
The context lines in the patches can be updated with devtool:
devtool modify <recipe>
devtool finish --force-patch-refresh <recipe> <layer_path>
Then the updated patches and the source tree (in devtool's workspace)
should be reviewed to make sure the patches apply in the correct place
and don't introduce duplicate lines (which can, and does happen
when some of the context is ignored). Further information:
http://lists.openembedded.org/pipermail/openembedded-core/2018-March/148675.htmlhttps://bugzilla.yoctoproject.org/show_bug.cgi?id=10450
Details:
checking file configure.in
Hunk #1 succeeded at 698 with fuzz 2 (off
and others
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The /etc/snort/snort.conf doesn't work since
there are hardcoded paths and lib names, and
it tries to include many rules that are not
provided.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
When start snort, it shows error and quit:
| --== Initializing Snort ==--
| Initializing Output Plugins!
| ERROR: Can't find pcap DAQ!
| Fatal Error, Quitting..
Fix by enable static daq for snort and enable static build for daq. snort calls
command daq-modules-config which is from daq-native to get required daq static
libraries and library path. Add package daq-native and add patch for snort to
filter library path out to avoid host contamination issue.
Add daq-native's dependency libnet-native too. And daq-native also depends on
libpcap-native from layer oe-core.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Add lzma to PACKAGECONFIG to remove below warning:
WARNING: snort-2.9.7.5-r0 do_package_qa: QA Issue:
snort rdepends on liblzma, but it isn't a build dependency,
missing xz in DEPENDS or PACKAGECONFIG? [build-deps]
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Fix paths in pkgconfig files and remove snort from blacklist.
Also add 'xz' to DEPENDS to avoid the following QA issue.
WARNING: snort-2.9.7.5-r0 do_package_qa: QA Issue: snort rdepends on liblzma, but it isn't a build dependency, missing xz in DEPENDS or PACKAGECONFIG? [build-deps]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Upgrade snort from 2.9.6.0 to 2.9.7.5, as its dependency upgrade daq from
2.0.2 to 2.0.6, and accordingly update the patches:
* Add 2 new patches for snort to solve the cross compile issues
* Discard 2 snort patches since it is not needed
* Refresh the patch for daq new version
* Remove redundant '/' to getting round the rpm debugedit bug:
canonicalization unexpectedly shrank character
Signed-off-by: Zhiquan Li <zhiquan.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
There is an incorrect m4_define() in configure.in which will result in an
infinite recursion, and it doesn't make sense, since snort 2.9.7 it has been
commented out. We follow this solution to fix it.
Signed-off-by: Zhiquan Li <zhiquan.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
SECTION has been used inconsistently throughout the recipes in this layer.
Convert them to all use the same convention.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* fixes floating dependency:
WARNING: QA Issue: snort rdepends on util-linux-libuuid but it isn't a build dependency? [build-deps]
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* otherwise the result isn't deterministic
WARN: packages/armv5te-oe-linux-gnueabi/snort/snort/latest lost dependency on libcrypto
* enable it by default, disabling currently doesn't work, because there are --with flags for
openssl, but then configure.in still checks for sha.h header with
AC_CHECK_HEADERS([openssl/sha.h],, SHA_H="no")
and autodetects it, I'll leave patching configure to someone who
is actually using snort (this issue was reported many times and
nobody seems to care).
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* otherwise m4 eats all memory and is killed by OOMK
[1051138.019784] Out of memory: Kill process 26264 (m4) score 860 or sacrifice child
[1051138.019788] Killed process 26264 (m4) total-vm:23062712kB, anon-rss:15066516kB, file-rss:100kB
* very strange, but m4 and snort sometimes have strange side-effects,
from first google result:
http://www.hipforums.com/newforums/showthread.php?t=466568
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
1. looks like snort dropped reference to barnyard2. At least it's missing in configure.
Also download link to barnyard2 is not available now. Drop this package.
2. update snort version from 2.9.4.6 to 2.9.6.0.
3. fix libdnet paths.
Signed-off-by: Maxim Uvarov <maxim.uvarov@linaro.org>
Signed-off-by: Joe MacDonald <joe@deserted.net>
*snort - a free lightweight network intrusion detection
system for UNIX and Windows
Signed-off-by: Chunrong Guo <B40290@freescale.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
Yi Zhao
Khem Raj
Mingli Yu
Martin Jansa
Armin Kuster
Jackie Huang
Kai Kang
Qi.Chen@windriver.com
Zhiquan Li
Joe MacDonald
Roy.Li
Maxim Uvarov
Chunrong Guo