--- /dev/null
+#
+# Copyright (C) 2006-2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=snort
+PKG_VERSION:=2.9.7.0
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://www.snort.org/downloads/snort/
+PKG_MD5SUM:=c2a45bc56441ee9456478f219dd8d1e2
+
+PKG_BUILD_DEPENDS:=librpc
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
+PKG_FIXUP:=autoreconf
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/snort/Default
+ SUBMENU:=Firewall
+ SECTION:=net
+ CATEGORY:=Network
+ DEPENDS:=+libdaq +libdnet +libopenssl +libpcap +libpcre +libpthread +libuuid +zlib
+ TITLE:=Lightweight Network Intrusion Detection System
+ URL:=http://www.snort.org/
+endef
+
+define Package/snort/Default/description
+ Snort is an open source network intrusion detection and prevention system.
+ It is capable of performing real-time traffic analysis, alerting, blocking
+ and packet logging on IP networks. It utilizes a combination of protocol
+ analysis and pattern matching in order to detect anomalies, misuse and
+ attacks.
+endef
+
+define Package/snort
+ $(call Package/snort/Default)
+ VARIANT:=basic
+endef
+
+define Package/snort/description
+ $(call Package/snort/Default/description)
+endef
+
+define Package/snort-mysql
+ $(call Package/snort/Default)
+ DEPENDS+= +libmysqlclient
+ TITLE+= (MySQL)
+ VARIANT:=mysql
+endef
+
+define Package/snort-mysql/description
+ $(call Package/snort/Default/description)
+ This package contains snort with support for logging to a MySQL database.
+endef
+
+define Package/snort-pgsql
+ $(call Package/snort/Default)
+ DEPENDS+= +libpq +libuuid
+ TITLE+= (PostgreSQL)
+ VARIANT:=pgsql
+endef
+
+define Package/snort-pgsql/description
+ $(call Package/snort/Default/description)
+ This package contains snort with support for logging to a PostgreSQL database.
+endef
+
+CONFIGURE_ARGS += \
+ --prefix="/usr" \
+ --enable-flexresp \
+ --with-dnet-includes="$(STAGING_DIR)/usr/include" \
+ --with-dnet-libraries="$(STAGING_DIR)/usr/lib" \
+ --with-libpcap-includes="$(STAGING_DIR)/usr/include" \
+ --with-libpcap-libraries="$(STAGING_DIR)/usr/lib" \
+ --with-libpcre-includes="$(STAGING_DIR)/usr/include" \
+ --with-libpcre-libraries="$(STAGING_DIR)/usr/lib" \
+ --with-daq-includes="$(STAGING_DIR)/usr/include" \
+ --with-daq-libraries="$(STAGING_DIR)/usr/lib" \
+ --disable-static-daq
+
+CONFIGURE_VARS += \
+ CPPFLAGS="$$$$CPPFLAGS -I$(STAGING_DIR)/usr/include/mysql" \
+ LDFLAGS="$$$$LDFLAGS -L$(STAGING_DIR)/usr/lib/mysql" \
+ PATH="$(STAGING_DIR)/usr/lib/libnet-1.0.x/bin:$$$$PATH"
+
+MAKE_FLAGS += \
+ extra_incl=""
+
+ifeq ($(BUILD_VARIANT),basic)
+ CONFIGURE_ARGS += \
+ --without-mysql \
+ --without-postgresql
+endif
+ifeq ($(BUILD_VARIANT),mysql)
+ CONFIGURE_VARS += \
+ mysql_has_reconnect=yes
+ CONFIGURE_ARGS += \
+ --with-mysql="$(STAGING_DIR)/usr" \
+ --without-postgresql
+endif
+ifeq ($(BUILD_VARIANT),pgsql)
+ CONFIGURE_ARGS += \
+ --without-mysql \
+ --with-postgresql="$(STAGING_DIR)/usr"
+endif
+
+define Build/InstallDev
+ $(INSTALL_DIR) $(STAGING_DIR)/usr/include/snort/dynamic_preproc
+ $(CP) \
+ $(PKG_INSTALL_DIR)/usr/include/snort/dynamic_preproc/* \
+ $(STAGING_DIR)/usr/include/snort/dynamic_preproc/
+ $(INSTALL_DIR) $(STAGING_DIR)/usr/lib/snort/dynamic_preproc
+ $(CP) \
+ $(PKG_INSTALL_DIR)/usr/lib/snort/dynamic_preproc/* \
+ $(STAGING_DIR)/usr/lib/snort/dynamic_preproc/
+ $(INSTALL_DIR) $(STAGING_DIR)/usr/lib/snort_dynamicengine
+ $(CP) \
+ $(PKG_INSTALL_DIR)/usr/lib/snort_dynamicengine/* \
+ $(STAGING_DIR)/usr/lib/snort_dynamicengine/
+ $(INSTALL_DIR) $(STAGING_DIR)/usr/lib/snort_dynamicpreprocessor
+ $(CP) \
+ $(PKG_INSTALL_DIR)/usr/lib/snort_dynamicpreprocessor/* \
+ $(STAGING_DIR)/usr/lib/snort_dynamicpreprocessor/
+endef
+
+define Package/snort/conffiles
+/etc/config/snort
+/etc/snort/snort.conf
+endef
+
+Package/snort-mysql/conffiles = $(Package/snort/conffiles)
+Package/snort-mysql/install = $(Package/snort/install)
+
+Package/snort-pgsql/conffiles = $(Package/snort/conffiles)
+Package/snort-pgsql/install = $(Package/snort/install)
+
+define Package/snort/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) \
+ $(PKG_INSTALL_DIR)/usr/bin/snort \
+ $(1)/usr/bin/snort
+
+ $(INSTALL_BIN) \
+ $(PKG_INSTALL_DIR)/usr/bin/u2{boat,spewfoo} \
+ $(1)/usr/bin
+
+ $(INSTALL_DIR) $(1)/usr/lib/snort_dynamicengine
+ $(CP) \
+ $(PKG_INSTALL_DIR)/usr/lib/snort_dynamicengine/libsf_engine.so* \
+ $(1)/usr/lib/snort_dynamicengine/
+
+ $(INSTALL_DIR) $(1)/usr/lib/snort_dynamicpreprocessor
+ $(CP) \
+ $(PKG_INSTALL_DIR)/usr/lib/snort_dynamicpreprocessor/libsf*.so* \
+ $(1)/usr/lib/snort_dynamicpreprocessor/
+
+ $(INSTALL_DIR) $(1)/etc/snort
+ $(INSTALL_CONF) \
+ $(PKG_BUILD_DIR)/etc/snort.conf \
+ $(1)/etc/snort/
+ $(INSTALL_CONF) \
+ $(PKG_BUILD_DIR)/etc/attribute_table.dtd \
+ $(1)/etc/snort/
+ $(INSTALL_CONF) \
+ $(PKG_BUILD_DIR)/etc/classification.config \
+ $(1)/etc/snort/
+ $(INSTALL_CONF) \
+ $(PKG_BUILD_DIR)/etc/gen-msg.map \
+ $(1)/etc/snort/
+ $(INSTALL_CONF) \
+ $(PKG_BUILD_DIR)/etc/reference.config \
+ $(1)/etc/snort/
+ $(INSTALL_CONF) \
+ $(PKG_BUILD_DIR)/etc/unicode.map \
+ $(1)/etc/snort/
+
+ $(INSTALL_DIR) $(1)/etc/snort/preproc_rules
+ $(INSTALL_CONF) \
+ $(PKG_BUILD_DIR)/preproc_rules/*.rules \
+ $(1)/etc/snort/preproc_rules/
+
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) \
+ ./files/snort.init \
+ $(1)/etc/init.d/snort
+
+ $(INSTALL_DIR) $(1)/etc/config
+ $(INSTALL_CONF) \
+ ./files/snort.config \
+ $(1)/etc/config/snort
+endef
+
+$(eval $(call BuildPackage,snort))
+$(eval $(call BuildPackage,snort-mysql))
+$(eval $(call BuildPackage,snort-pgsql))
--- /dev/null
+--- /dev/null
++++ b/acinclude.m4
+@@ -0,0 +1 @@
++sinclude(m4/libprelude.m4)
+--- a/configure.in
++++ b/configure.in
+@@ -285,21 +285,7 @@ AC_CHECK_TYPES([int8_t,int16_t,int32_t,i
+ AC_CHECK_TYPES([boolean])
+
+ # In case INADDR_NONE is not defined (like on Solaris)
+-have_inaddr_none="no"
+-AC_MSG_CHECKING([for INADDR_NONE])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <sys/types.h>
+-#include <netinet/in.h>
+-#include <arpa/inet.h>
+-]],
+-[[
+- if (inet_addr("10,5,2") == INADDR_NONE);
+- return 0;
+-]])],
+-[have_inaddr_none="yes"],
+-[have_inaddr_none="no"])
++have_inaddr_none="yes"
+ AC_MSG_RESULT($have_inaddr_none)
+ if test "x$have_inaddr_none" = "xno"; then
+ AC_DEFINE([INADDR_NONE],[-1],[For INADDR_NONE definition])
+@@ -433,16 +419,7 @@ if test "x$LPCAP" = "xno"; then
+ fi
+
+ AC_MSG_CHECKING([for pcap_lex_destroy])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <pcap.h>
+-]],
+-[[
+- pcap_lex_destroy();
+-]])],
+-[have_pcap_lex_destroy="yes"],
+-[have_pcap_lex_destroy="no"])
++have_pcap_lex_destroy="yes"
+ AC_MSG_RESULT($have_pcap_lex_destroy)
+ if test "x$have_pcap_lex_destroy" = "xyes"; then
+ AC_DEFINE([HAVE_PCAP_LEX_DESTROY],[1],[Can cleanup lex buffer stack created by pcap bpf filter])
+@@ -727,54 +704,21 @@ if test "x$ac_cv_func_daq_dp_add_dc" = "
+
+ fi
+
+-AC_MSG_CHECKING([for daq address space ID])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+- DAQ_PktHdr_t hdr;
+- hdr.address_space_id = 0;
+-]])],
+-[have_daq_address_space_id="yes"],
+-[have_daq_address_space_id="no"])
++have_daq_address_space_id="yes"
+ AC_MSG_RESULT($have_daq_address_space_id)
+ if test "x$have_daq_address_space_id" = "xyes"; then
+ AC_DEFINE([HAVE_DAQ_ADDRESS_SPACE_ID],[1],
+ [DAQ version supports address space ID in header.])
+ fi
+
+-AC_MSG_CHECKING([for daq flow ID])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+- DAQ_PktHdr_t hdr;
+- hdr.flow_id = 0;
+-]])],
+-[have_daq_flow_id="yes"],
+-[have_daq_flow_id="no"])
++have_daq_flow_id="yes"
+ AC_MSG_RESULT($have_daq_flow_id)
+ if test "x$have_daq_flow_id" = "xyes"; then
+ AC_DEFINE([HAVE_DAQ_FLOW_ID],[1],
+ [DAQ version supports flow ID in header.])
+ fi
+
+-AC_MSG_CHECKING([for DAQ_VERDICT_RETRY])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+- DAQ_Verdict verdict;
+- verdict = DAQ_VERDICT_RETRY;
+-]])],
+-[have_daq_verdict_retry="yes"],
+-[have_daq_verdict_retry="no"])
++have_daq_verdict_retry="yes"
+ AC_MSG_RESULT($have_daq_verdict_retry)
+ if test "x$have_daq_verdict_retry" = "xyes"; then
+ AC_DEFINE([HAVE_DAQ_VERDICT_RETRY],[1],