Unverified Commit c1bdbaa9 authored by Brian McGillion's avatar Brian McGillion
Browse files

snort: init at 3.6.3.0 



Snort 3 aka snort++ is the next generation Snort IPS (Intrusion
Prevention System).

snort3 is actively maintained and developed unlike the snort2 baseline
so this with replace the old snort2 as the default version.

snort2 is not yet removed from the pkgs to allow folks to utilize that
if required.

In addition to the primary binary `snort` there is `snort2lua` a tool to
convert Snort 2.X conf and rules to the new form.

Signed-off-by: default avatarBrian McGillion <bmg.avoin@gmail.com>
parent ba3b6a7f

pkgs/by-name/sn/snort/0001-cmake-fix-pkg-config-path-for-libdir.patch

0 → 100644
+47 −0
Original line number Diff line number Diff line 
From a4dd3bf78fc8d4c22b40ddb4e91f525012703a5a Mon Sep 17 00:00:00 2001

From: Brian McGillion <bmg.avoin@gmail.com>

Date: Mon, 10 Feb 2025 23:31:47 +0400

Subject: [PATCH] cmake: fix pkg-config path for libdir



on systems that prefer absolute paths there is a mixing and matching of

the relative and absolute paths that can result in the below creation of

libdir having the prefix and the full path appended to it.



** added to highlight



``prefix=/nix/store/3npvhj5wfwhc0q42qwiinj64bzfb1vvz-snort-3.6.3.0

exec_prefix=${prefix}

bindir=${exec_prefix}/bin

**libdir=${prefix}//nix/store/3npvhj5wfwhc0q42qwiinj64bzfb1vvz-snort-3.6.3.0/lib**

includedir=${prefix}/include

datarootdir=${prefix}/share

datadir=${datarootdir}

mandir=${datarootdir}/man

infodir=${datarootdir}/info

``



In order to preserve backwards compatibility we will use the cmake

fullpath option ${CMAKE_INSTALL_FULL_LIBDIR} in place of

${prefix}/${CMAKE_INSTALL_LIBDIR} which will support both contexts.



Signed-off-by: Brian McGillion <bmg.avoin@gmail.com>

---

 cmake/create_pkg_config.cmake | 2 +-

 1 file changed, 1 insertion(+), 1 deletion(-)



diff --git a/cmake/create_pkg_config.cmake b/cmake/create_pkg_config.cmake

index 300350cbd..4ce8b16e6 100644

--- a/cmake/create_pkg_config.cmake

+++ b/cmake/create_pkg_config.cmake

@@ -5,7 +5,7 @@

 set(prefix "${CMAKE_INSTALL_PREFIX}")

 set(exec_prefix "\${prefix}")

 set(bindir "\${exec_prefix}/bin")

-set(libdir "\${prefix}/${CMAKE_INSTALL_LIBDIR}")

+set(libdir "\${CMAKE_INSTALL_FULL_LIBDIR}")

 set(includedir "\${prefix}/include")

 set(datarootdir "\${prefix}/share")

 set(datadir "\${datarootdir}")

-- 

2.47.2

pkgs/by-name/sn/snort/package.nix

0 → 100644
+66 −0
Original line number Diff line number Diff line 
{

  lib,

  stdenv,

  fetchFromGitHub,

  cmake,

  libdaq,

  libdnet,

  flex,

  hwloc,

  luajit,

  openssl,

  libpcap,

  pcre2,

  pkg-config,

  zlib,

  xz,

}:



stdenv.mkDerivation (finalAttrs: {

  pname = "snort";

  version = "3.6.3.0";



  src = fetchFromGitHub {

    owner = "snort3";

    repo = "snort3";

    rev = "refs/tags/${finalAttrs.version}";

    hash = "sha256-loMmmpoaEncW31FUIE9Zf9w635Prvke6vCY+mIt6oGI=";

  };



  nativeBuildInputs = [

    libdaq

    pkg-config

    cmake

  ];



  buildInputs = [

    libdaq

    libpcap

    stdenv.cc.cc # libstdc++

    libdnet

    flex

    hwloc

    luajit

    openssl

    libpcap

    pcre2

    zlib

    xz

  ];



  # Patch that is tracking upstream PR https://github.com/snort3/snort3/pull/399

  patches = [ ./0001-cmake-fix-pkg-config-path-for-libdir.patch ];



  enableParallelBuilding = true;



  meta = {

    description = "Network intrusion prevention and detection system (IDS/IPS)";

    homepage = "https://www.snort.org";

    maintainers = with lib.maintainers; [

      aycanirican

      brianmcgillion

    ];

    license = lib.licenses.gpl2;

    platforms = with lib.platforms; linux;

  };

})