security/suricata: merge suricata-devel

2018-12-18 11:10:58 +01:00 · 2018-12-18 11:10:58 +01:00 · b59169d9eb
commit b59169d9eb
parent 0bb37e94c9
11 changed files with 157 additions and 615 deletions
--- a/opnsense/suricata-devel/Makefile
+++ b/opnsense/suricata-devel/Makefile
@ -1,154 +0,0 @@
-# $FreeBSD$
-
-PORTNAME=	suricata
-PKGNAMESUFFIX=	-devel
-DISTVERSION=	4.1.1
-CATEGORIES=	security
-MASTER_SITES=	https://www.openinfosecfoundation.org/download/
-
-MAINTAINER=	franco@opnsense.org
-COMMENT=	High Performance Network IDS, IPS and Security Monitoring engine
-
-LICENSE=	GPLv2
-LICENSE_FILE=	${WRKSRC}/LICENSE
-
-LIB_DEPENDS=	libpcre.so:devel/pcre \
-		libnet.so:net/libnet \
-		liblz4.so:archivers/liblz4 \
-		libyaml.so:textproc/libyaml
-
-USES=		autoreconf cpe gmake iconv:translit libtool pathfix pkgconfig
-
-CONFLICTS_INSTALL=libhtp suricata
-
-USE_LDCONFIG=	yes
-USE_RC_SUBR=	${PORTNAME}
-
-GNU_CONFIGURE=	yes
-
-USE_HARDENING=	pie:configure safestack
-
-CPE_VENDOR=	openinfosecfoundation
-
-INSTALL_TARGET=		install-strip
-TEST_TARGET=		check
-
-OPTIONS_DEFINE=		GEOIP IPFW JSON NETMAP NSS PORTS_PCAP PRELUDE \
-			PYTHON REDIS RUST TESTS
-OPTIONS_DEFINE_amd64=	HYPERSCAN
-OPTIONS_DEFAULT=	IPFW JSON NETMAP PYTHON RUST
-OPTIONS_SUB=		yes
-
-OPTIONS_RADIO=		SCRIPTS
-OPTIONS_RADIO_SCRIPTS=	LUA LUAJIT
-
-SCRIPTS_DESC=		Scripting
-
-GEOIP_DESC=		GeoIP support
-HYPERSCAN_DESC=		Hyperscan support
-IPFW_DESC=		IPFW and IP Divert support for inline IDP
-JSON_DESC=		JSON output support
-LUAJIT_DESC=		LuaJIT scripting support
-LUA_DESC=		LUA scripting support
-NETMAP_DESC=		Netmap support for inline IDP
-NSS_DESC=		File checksums and SSL/TLS fingerprinting
-PORTS_PCAP_DESC=	Use libpcap from ports
-PRELUDE_DESC=		Prelude support for NIDS alerts
-PYTHON_DESC=		Python-based update and control utilities
-REDIS_DESC=		Redis output support
-RUST_DESC=		Rust parser support
-TESTS_DESC=		Unit tests in suricata binary
-
-GEOIP_LIB_DEPENDS=		libGeoIP.so:net/GeoIP
-GEOIP_CONFIGURE_ON=		--enable-geoip
-
-HYPERSCAN_LIB_DEPENDS=		libhs.so:devel/hyperscan
-HYPERSCAN_CONFIGURE_ON=		--with-libhs-includes=${LOCALBASE}/include \
-				--with-libhs-libraries=${LOCALBASE}/lib
-
-IPFW_CONFIGURE_ON=		--enable-ipfw
-
-JSON_LIB_DEPENDS=		libjansson.so:devel/jansson
-JSON_CONFIGURE_ON=		--with-libjansson-includes=${LOCALBASE}/include \
-				--with-libjansson-libraries=${LOCALBASE}/lib
-
-LUA_USES=			lua:51
-LUA_CONFIGURE_ON=		--enable-lua \
-				--with-liblua-includes=${LUA_INCDIR} \
-				--with-liblua-libraries=${LUA_LIBDIR}
-
-LUAJIT_LIB_DEPENDS=		libluajit-5.1.so:lang/luajit
-LUAJIT_CONFIGURE_ON=		--enable-luajit
-
-NSS_LIB_DEPENDS=		libnss3.so:security/nss \
-				libnspr4.so:devel/nspr
-NSS_CONFIGURE_OFF=		--disable-nss --disable-nspr
-NSS_CONFIGURE_ON=		--with-libnss-includes=${LOCALBASE}/include/nss/nss \
-				--with-libnss-libraries=${LOCALBASE}/lib \
-				--with-libnspr-libraries=${LOCALBASE}/lib \
-				--with-libnspr-includes=${LOCALBASE}/include/nspr
-
-NETMAP_CONFIGURE_ENABLE=	netmap
-
-PORTS_PCAP_LIB_DEPENDS=		libpcap.so.1:net/libpcap
-PORTS_PCAP_CONFIGURE_ON=	--with-libpcap-includes=${LOCALBASE}/include \
-				--with-libpcap-libraries=${LOCALBASE}/lib
-PORTS_PCAP_CONFIGURE_OFF=	--with-libpcap-includes=/usr/include \
-				--with-libpcap-libraries=/usr/lib
-
-PRELUDE_LIB_DEPENDS=		libprelude.so:security/libprelude \
-				libgnutls.so:security/gnutls \
-				libgcrypt.so:security/libgcrypt \
-				libgpg-error.so:security/libgpg-error \
-				libltdl.so:devel/libltdl
-PRELUDE_CONFIGURE_ENABLE=	prelude
-PRELUDE_CONFIGURE_ON=		--with-libprelude-prefix=${LOCALBASE}
-
-PYTHON_USES=			python:2.7
-PYTHON_CONFIGURE_ENABLE=	python
-PYTHON_RUN_DEPENDS=		${PYTHON_PKGNAMEPREFIX}yaml>0:devel/py-yaml@${PY_FLAVOR}
-
-REDIS_LIB_DEPENDS=		libhiredis.so:databases/hiredis
-REDIS_CONFIGURE_ON=		--enable-hiredis \
-				--with-libhiredis-includes=${LOCALBASE}/include \
-				--with-libhiredis-libraries=${LOCALBASE}/lib
-
-RUST_BUILD_DEPENDS=		rustc:lang/rust
-RUST_CONFIGURE_ENABLE=		rust
-
-TESTS_CONFIGURE_ENABLE=		unittests
-
-SUB_FILES=	pkg-message
-
-CONFIGURE_ARGS+=--enable-gccprotect \
-		--enable-bundled-htp \
-		--with-libpcre-includes=${LOCALBASE}/include \
-		--with-libpcre-libraries=${LOCALBASE}/lib \
-		--with-libyaml-includes=${LOCALBASE}/include \
-		--with-libyaml-libraries=${LOCALBASE}/lib \
-		--with-libnet-includes=${LOCALBASE}/include \
-		--with-libnet-libraries=${LOCALBASE}/lib \
-		--with-libhtp-includes=${LOCALBASE}/include/ \
-		--with-libhtp-libraries=${LOCALBASE}/lib \
-	        --disable-gccmarch-native
-
-CONFIG_DIR?=	${ETCDIR}
-CONFIG_FILES=	suricata.yaml classification.config reference.config threshold.config
-LOGS_DIR?=	/var/log/${PORTNAME}
-
-pre-patch:
-	@${CP} ${FILESDIR}/ax_check_compile_flag.m4 ${WRKSRC}/m4
-
-post-install:
-	@${MKDIR} ${STAGEDIR}${CONFIG_DIR}
-	@${MKDIR} ${STAGEDIR}${LOGS_DIR}
-.for f in ${CONFIG_FILES}
-	${INSTALL_DATA} ${WRKSRC}/${f} ${STAGEDIR}${CONFIG_DIR}/${f}.sample
-.endfor
-
-post-install-PYTHON-on:
-	(cd ${STAGEDIR}${PREFIX} \
-	&& ${PYTHON_CMD} ${PYTHON_LIBDIR}/compileall.py \
-	-d ${PYTHONPREFIX_SITELIBDIR} -f ${PYTHONPREFIX_SITELIBDIR:S;${PREFIX}/;;})
-
-.include <bsd.port.mk>
--- a/opnsense/suricata-devel/distinfo
+++ b/opnsense/suricata-devel/distinfo
@ -1,3 +0,0 @@
-TIMESTAMP = 1545102533
-SHA256 (suricata-4.1.1.tar.gz) = c30058072029e7fde09133674d9f2f840a674eecbeae1f8b1779a3aae8166bb0
-SIZE (suricata-4.1.1.tar.gz) = 15579715
--- a/opnsense/suricata-devel/files/ax_check_compile_flag.m4
+++ b/opnsense/suricata-devel/files/ax_check_compile_flag.m4
@ -1,74 +0,0 @@
-# ===========================================================================
-#   http://www.gnu.org/software/autoconf-archive/ax_check_compile_flag.html
-# ===========================================================================
-#
-# SYNOPSIS
-#
-#   AX_CHECK_COMPILE_FLAG(FLAG, [ACTION-SUCCESS], [ACTION-FAILURE], [EXTRA-FLAGS], [INPUT])
-#
-# DESCRIPTION
-#
-#   Check whether the given FLAG works with the current language's compiler
-#   or gives an error.  (Warnings, however, are ignored)
-#
-#   ACTION-SUCCESS/ACTION-FAILURE are shell commands to execute on
-#   success/failure.
-#
-#   If EXTRA-FLAGS is defined, it is added to the current language's default
-#   flags (e.g. CFLAGS) when the check is done.  The check is thus made with
-#   the flags: "CFLAGS EXTRA-FLAGS FLAG".  This can for example be used to
-#   force the compiler to issue an error when a bad flag is given.
-#
-#   INPUT gives an alternative input source to AC_COMPILE_IFELSE.
-#
-#   NOTE: Implementation based on AX_CFLAGS_GCC_OPTION. Please keep this
-#   macro in sync with AX_CHECK_{PREPROC,LINK}_FLAG.
-#
-# LICENSE
-#
-#   Copyright (c) 2008 Guido U. Draheim <guidod@gmx.de>
-#   Copyright (c) 2011 Maarten Bosmans <mkbosmans@gmail.com>
-#
-#   This program is free software: you can redistribute it and/or modify it
-#   under the terms of the GNU General Public License as published by the
-#   Free Software Foundation, either version 3 of the License, or (at your
-#   option) any later version.
-#
-#   This program is distributed in the hope that it will be useful, but
-#   WITHOUT ANY WARRANTY; without even the implied warranty of
-#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
-#   Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License along
-#   with this program. If not, see <http://www.gnu.org/licenses/>.
-#
-#   As a special exception, the respective Autoconf Macro's copyright owner
-#   gives unlimited permission to copy, distribute and modify the configure
-#   scripts that are the output of Autoconf when processing the Macro. You
-#   need not follow the terms of the GNU General Public License when using
-#   or distributing such scripts, even though portions of the text of the
-#   Macro appear in them. The GNU General Public License (GPL) does govern
-#   all other use of the material that constitutes the Autoconf Macro.
-#
-#   This special exception to the GPL applies to versions of the Autoconf
-#   Macro released by the Autoconf Archive. When you make and distribute a
-#   modified version of the Autoconf Macro, you may extend this special
-#   exception to the GPL to apply to your modified version as well.
-
-#serial 3
-
-AC_DEFUN([AX_CHECK_COMPILE_FLAG],
-[AC_PREREQ(2.59)dnl for _AC_LANG_PREFIX
-AS_VAR_PUSHDEF([CACHEVAR],[ax_cv_check_[]_AC_LANG_ABBREV[]flags_$4_$1])dnl
-AC_CACHE_CHECK([whether _AC_LANG compiler accepts $1], CACHEVAR, [
-  ax_check_save_flags=$[]_AC_LANG_PREFIX[]FLAGS
-  _AC_LANG_PREFIX[]FLAGS="$[]_AC_LANG_PREFIX[]FLAGS $4 $1"
-  AC_COMPILE_IFELSE([m4_default([$5],[AC_LANG_PROGRAM()])],
-    [AS_VAR_SET(CACHEVAR,[yes])],
-    [AS_VAR_SET(CACHEVAR,[no])])
-  _AC_LANG_PREFIX[]FLAGS=$ax_check_save_flags])
-AS_IF([test x"AS_VAR_GET(CACHEVAR)" = xyes],
-  [m4_default([$2], :)],
-  [m4_default([$3], :)])
-AS_VAR_POPDEF([CACHEVAR])dnl
-])dnl AX_CHECK_COMPILE_FLAGS
--- a/opnsense/suricata-devel/files/patch-configure.ac
+++ b/opnsense/suricata-devel/files/patch-configure.ac
@ -1,15 +0,0 @@
--- configure.ac.orig	2017-02-15 07:54:17 UTC
-+++ configure.ac
-@@ -935,8 +935,10 @@
-             AS_HELP_STRING([--enable-prelude], [Enable Prelude support for alerts]),,[enable_prelude=no])
-     # Prelude doesn't work with -Werror
-     STORECFLAGS="${CFLAGS}"
-    CFLAGS="${CFLAGS} -Wno-error=unused-result"
-
-+    AX_CHECK_COMPILE_FLAG([-Wno-error=unused-result], 
-+        [CFLAGS="${CFLAGS} -Wno-error=unused-result"],
-+        [])
-+       
-     AS_IF([test "x$enable_prelude" = "xyes"], [
-         AM_PATH_LIBPRELUDE(0.9.9, , AC_MSG_ERROR(Cannot find libprelude: Is libprelude-config in the path?), no)
-         if test "x${LIBPRELUDE_CFLAGS}" != "x"; then
--- a/opnsense/suricata-devel/files/pkg-message.in
+++ b/opnsense/suricata-devel/files/pkg-message.in
@ -1,44 +0,0 @@
-===========================================================================
-
-If you want to run Suricata in IDS mode, add to /etc/rc.conf:
-
-	suricata_enable="YES"
-	suricata_interface="<if>"
-
-NOTE: Declaring suricata_interface is MANDATORY for Suricata in IDS Mode.
-
-However, if you want to run Suricata in Inline IPS Mode in divert(4) mode,
-add to /etc/rc.conf:
-
-	suricata_enable="YES"
-	suricata_divertport="8000"
-
-NOTE:
-	Suricata won't start in IDS mode without an interface configured.
-	Therefore if you omit suricata_interface from rc.conf, FreeBSD's
-	rc.d/suricata will automatically try to start Suricata in IPS Mode
-	(on divert port 8000, by default).
-
-Alternatively, if you want to run Suricata in Inline IPS Mode in high-speed
-netmap(4) mode, add to /etc/rc.conf:
-
-	suricata_enable="YES"
-	suricata_netmap="YES"
-
-NOTE:
-	Suricata requires additional interface settings in the configuration
-	file to run in netmap(4) mode.
-
-RULES: Suricata IDS/IPS Engine comes without rules by default. You should
-add rules by yourself and set an updating strategy. To do so, please visit:
-
- http://www.openinfosecfoundation.org/documentation/rules.html
- http://www.openinfosecfoundation.org/documentation/emerging-threats.html
-
-You may want to try BPF in zerocopy mode to test performance improvements:
-
-	sysctl -w net.bpf.zerocopy_enable=1
-
-Don't forget to add net.bpf.zerocopy_enable=1 to /etc/sysctl.conf
-
-===========================================================================
--- a/opnsense/suricata-devel/files/suricata.in
+++ b/opnsense/suricata-devel/files/suricata.in
@ -1,68 +0,0 @@
-#!/bin/sh
-# $FreeBSD$
-
-# PROVIDE: suricata
-# REQUIRE: DAEMON
-# BEFORE: LOGIN
-# KEYWORD: shutdown
-
-# Add the following lines to /etc/rc.conf to enable suricata:
-# suricata_enable (bool):	Set to YES to enable suricata
-# 				Default: NO
-# suricata_flags (str):		Extra flags passed to suricata
-#				Default: -D
-# suricata_interface (str):	Network interface(s) to sniff
-#				Default: "" 
-# suricata_conf (str):		Suricata configuration file
-#				Default: ${PREFIX}/etc/suricata/suricata.yaml
-# suricata_divertport (int):	Port to create divert socket (Inline Mode)
-#				Default: 8000
-# suricata_netmap (str):	Set to YES to enable netmap (Inline Mode)
-#				Default: NO
-# suricata_user (str):		Set the user to run suricata as
-#				Default: root
-# suricata_pidfile (str):	Pidfile to store pid of suricata process
-#				Default: /var/run/suricata.pid
-
-. /etc/rc.subr
-
-name="suricata"
-rcvar=suricata_enable
-
-start_precmd="suricata_prestart"
-command="%%PREFIX%%/bin/suricata"
-
-load_rc_config $name
-
-[ -z "$suricata_enable" ]	&& suricata_enable="NO"
-[ -z "$suricata_conf" ]		&& suricata_conf="%%PREFIX%%/etc/suricata/suricata.yaml"
-[ -z "$suricata_flags" ]	&& suricata_flags="-D"
-[ -z "$suricata_divertport" ]	&& suricata_divertport="8000"
-[ -z "$suricata_netmap" ]	&& suricata_netmap="NO"
-[ -z "$suricata_user" ]		&& suricata_user="root"
-[ -z "$suricata_pidfile" ]	&& suricata_pidfile="/var/run/suricata.pid"
-
-if [ -n "$suricata_interface" ]; then
-	for interface in $suricata_interface; do
-		suricata_flags="$suricata_flags --pcap=$interface"
-	done
-elif [ "$suricata_netmap" != "NO" ]; then
-	suricata_flags="$suricata_flags --netmap"
-else
-	suricata_flags="$suricata_flags -d $suricata_divertport"
-	info "Inline Mode on divert port $suricata_divertport (suricata_interface not defined)"
-fi
-
-pidfile=$suricata_pidfile
-suricata_flags="$suricata_flags --pidfile $pidfile"
-
-[ -n "$suricata_conf" ]	&& suricata_flags="$suricata_flags -c $suricata_conf"
-
-suricata_prestart()
-{
-	if ! run_rc_command status > /dev/null; then
-		rm -f "$pidfile"
-	fi
-}
-
-run_rc_command "$1"
--- a/opnsense/suricata-devel/pkg-descr
+++ b/opnsense/suricata-devel/pkg-descr
@ -1,15 +0,0 @@
-The Suricata Engine is an Open Source Next Generation Intrusion Detection and
-Prevention Engine developed by the Open Information Security Foundation (OISF).
-
-This engine is not intended to just replace or emulate the existing tools in
-the industry, but will bring new ideas and technologies to the field.
-
-OISF is part of and funded by the Department of Homeland Security's Directorate
-for Science and Technology HOST program (Homeland Open Security Technology),
-by the Navy's Space and Naval Warfare Systems Command (SPAWAR), as well as
-through the very generous support of the members of the OISF Consortium.
-
-More information about the Consortium is available, as well as a list of our
-current Consortium Members.
-
-WWW: https://suricata-ids.org
--- a/opnsense/suricata-devel/pkg-plist
+++ b/opnsense/suricata-devel/pkg-plist
@ -1,152 +0,0 @@
-bin/suricata
-%%PYTHON%%bin/suricata-update
-%%PYTHON%%bin/suricatactl
-%%PYTHON%%bin/suricatasc
-include/htp/bstr.h
-include/htp/bstr_builder.h
-include/htp/htp.h
-include/htp/htp_base64.h
-include/htp/htp_config.h
-include/htp/htp_connection_parser.h
-include/htp/htp_core.h
-include/htp/htp_decompressors.h
-include/htp/htp_hooks.h
-include/htp/htp_list.h
-include/htp/htp_multipart.h
-include/htp/htp_table.h
-include/htp/htp_transaction.h
-include/htp/htp_urlencoded.h
-include/htp/htp_utf8_decoder.h
-include/htp/htp_version.h
-lib/libhtp.a
-lib/libhtp.so
-lib/libhtp.so.2
-lib/libhtp.so.2.0.0
-libdata/pkgconfig/htp.pc
-man/man1/suricata.1.gz
-%%DOCSDIR%%/AUTHORS
-%%DOCSDIR%%/Basic_Setup.txt
-%%DOCSDIR%%/GITGUIDE
-%%DOCSDIR%%/INSTALL
-%%DOCSDIR%%/INSTALL.PF_RING
-%%DOCSDIR%%/INSTALL.WINDOWS
-%%DOCSDIR%%/NEWS
-%%DOCSDIR%%/README
-%%DOCSDIR%%/Setting_up_IPSinline_for_Linux.txt
-%%DOCSDIR%%/TODO
-%%DOCSDIR%%/Third_Party_Installation_Guides.txt
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata-4.1.1-py%%PYTHON_VER%%.egg-info
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/__init__.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/__init__.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/config/__init__.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/config/__init__.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/config/defaults.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/config/defaults.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/ctl/__init__.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/ctl/__init__.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/ctl/filestore.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/ctl/filestore.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/ctl/loghandler.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/ctl/loghandler.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/ctl/main.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/ctl/main.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/ctl/test_filestore.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/ctl/test_filestore.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/sc/__init__.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/sc/__init__.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/sc/suricatasc.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/sc/suricatasc.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/__init__.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/__init__.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/__init__.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/__init__.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/addsource.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/addsource.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/disablesource.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/disablesource.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/enablesource.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/enablesource.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/listenabledsources.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/listenabledsources.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/listsources.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/listsources.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/removesource.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/removesource.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/updatesources.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/updatesources.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/compat/__init__.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/compat/__init__.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/compat/argparse/__init__.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/compat/argparse/__init__.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/compat/argparse/argparse.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/compat/argparse/argparse.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/compat/ordereddict.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/compat/ordereddict.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/config.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/config.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/configs/__init__.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/configs/__init__.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/configs/disable.conf
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/configs/drop.conf
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/configs/enable.conf
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/configs/modify.conf
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/configs/threshold.in
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/configs/update.yaml
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/data/__init__.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/data/__init__.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/data/index.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/data/index.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/data/update.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/data/update.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/engine.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/engine.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/exceptions.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/exceptions.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/extract.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/extract.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/loghandler.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/loghandler.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/main.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/main.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/maps.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/maps.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/net.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/net.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/notes.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/notes.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/rule.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/rule.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/sources.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/sources.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/util.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/util.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/version.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/version.pyc
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata_update-1.0.1-py%%PYTHON_VER%%.egg-info
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricatasc/__init__.py
-%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricatasc/__init__.pyc
-@sample %%ETCDIR%%/classification.config.sample
-@sample %%ETCDIR%%/reference.config.sample
-@sample %%ETCDIR%%/suricata.yaml.sample
-@sample %%ETCDIR%%/threshold.config.sample
-%%DATADIR%%/rules/app-layer-events.rules
-%%DATADIR%%/rules/decoder-events.rules
-%%DATADIR%%/rules/dnp3-events.rules
-%%DATADIR%%/rules/dns-events.rules
-%%DATADIR%%/rules/files.rules
-%%DATADIR%%/rules/http-events.rules
-%%DATADIR%%/rules/ipsec-events.rules
-%%DATADIR%%/rules/kerberos-events.rules
-%%DATADIR%%/rules/modbus-events.rules
-%%DATADIR%%/rules/nfs-events.rules
-%%DATADIR%%/rules/ntp-events.rules
-%%DATADIR%%/rules/smb-events.rules
-%%DATADIR%%/rules/smtp-events.rules
-%%DATADIR%%/rules/stream-events.rules
-%%DATADIR%%/rules/tls-events.rules
-@dir %%DATADIR%%
-@dir %%ETCDIR%%
-@dir include/htp
-@dir(root,wheel,0700) /var/log/suricata
-@postunexec if [ -d %D/%%ETCDIR%% ]; then echo "==> If you are permanently removing this port, run ``rm -rf ${PKG_PREFIX}/%%ETCDIR%%`` to remove configuration files."; fi
-@dir %%DOCSDIR%%
--- a/security/suricata/Makefile
+++ b/security/suricata/Makefile
@ -2,7 +2,7 @@
 # $FreeBSD$

 PORTNAME=	suricata
-DISTVERSION=	4.0.6
+DISTVERSION=	4.1.1
 CATEGORIES=	security
 MASTER_SITES=	https://www.openinfosecfoundation.org/download/

@ -12,13 +12,15 @@ COMMENT=	High Performance Network IDS, IPS and Security Monitoring engine
 LICENSE=	GPLv2
 LICENSE_FILE=	${WRKSRC}/LICENSE

-CONFLICTS_INSTALL=suricata-devel
-
 LIB_DEPENDS=	libpcre.so:devel/pcre \
 		libnet.so:net/libnet \
+		liblz4.so:archivers/liblz4 \
 		libyaml.so:textproc/libyaml

-USES=		autoreconf cpe gmake libtool pathfix pkgconfig
+USES=		autoreconf cpe gmake iconv:translit libtool pathfix pkgconfig
+
+CONFLICTS_INSTALL=libhtp
+
 USE_LDCONFIG=	yes
 USE_RC_SUBR=	${PORTNAME}

@ -31,10 +33,10 @@ CPE_VENDOR=	openinfosecfoundation
 INSTALL_TARGET=		install-strip
 TEST_TARGET=		check

-OPTIONS_DEFINE=		GEOIP HTP_PORT IPFW JSON NETMAP NSS PORTS_PCAP PRELUDE \
-			REDIS SC TESTS
+OPTIONS_DEFINE=		GEOIP IPFW JSON NETMAP NSS PORTS_PCAP PRELUDE \
+			PYTHON REDIS RUST TESTS
 OPTIONS_DEFINE_amd64=	HYPERSCAN
-OPTIONS_DEFAULT=	IPFW JSON NETMAP PRELUDE
+OPTIONS_DEFAULT=	IPFW JSON NETMAP PYTHON RUST
 OPTIONS_SUB=		yes

 OPTIONS_RADIO=		SCRIPTS
@ -44,29 +46,22 @@ SCRIPTS_DESC=		Scripting

 GEOIP_DESC=		GeoIP support
 HYPERSCAN_DESC=		Hyperscan support
-HTP_PORT_DESC=		Use libhtp from ports
 IPFW_DESC=		IPFW and IP Divert support for inline IDP
 JSON_DESC=		JSON output support
-LUA_DESC=		LUA scripting support
 LUAJIT_DESC=		LuaJIT scripting support
+LUA_DESC=		LUA scripting support
 NETMAP_DESC=		Netmap support for inline IDP
 NSS_DESC=		File checksums and SSL/TLS fingerprinting
 PORTS_PCAP_DESC=	Use libpcap from ports
 PRELUDE_DESC=		Prelude support for NIDS alerts
+PYTHON_DESC=		Python-based update and control utilities
 REDIS_DESC=		Redis output support
-SC_DESC=		Suricata socket client (suricatasc)
+RUST_DESC=		Rust parser support
 TESTS_DESC=		Unit tests in suricata binary

 GEOIP_LIB_DEPENDS=		libGeoIP.so:net/GeoIP
 GEOIP_CONFIGURE_ON=		--enable-geoip

-HTP_PORT_BUILD_DEPENDS=		libhtp>=0.5.27:devel/libhtp
-HTP_PORT_LIB_DEPENDS=		libhtp.so:devel/libhtp
-HTP_PORT_CONFIGURE_ON=		--enable-non-bundled-htp
-HTP_PORT_CONFIGURE_OFF=		--enable-bundled-htp
-HTP_PORT_CONFLICTS_INSTALL_OFF=	libhtp
-HTP_PORT_USES_OFF=		iconv:translit
-
 HYPERSCAN_LIB_DEPENDS=		libhs.so:devel/hyperscan
 HYPERSCAN_CONFIGURE_ON=		--with-libhs-includes=${LOCALBASE}/include \
 				--with-libhs-libraries=${LOCALBASE}/lib
@ -109,19 +104,24 @@ PRELUDE_LIB_DEPENDS=		libprelude.so:security/libprelude \
 PRELUDE_CONFIGURE_ENABLE=	prelude
 PRELUDE_CONFIGURE_ON=		--with-libprelude-prefix=${LOCALBASE}

+PYTHON_USES=			python:2.7
+PYTHON_CONFIGURE_ENABLE=	python
+PYTHON_RUN_DEPENDS=		${PYTHON_PKGNAMEPREFIX}yaml>0:devel/py-yaml@${PY_FLAVOR}
+
 REDIS_LIB_DEPENDS=		libhiredis.so:databases/hiredis
 REDIS_CONFIGURE_ON=		--enable-hiredis \
 				--with-libhiredis-includes=${LOCALBASE}/include \
 				--with-libhiredis-libraries=${LOCALBASE}/lib

-SC_USES=			python:2.7
-SC_CONFIGURE_ENABLE=		python
+RUST_BUILD_DEPENDS=		rustc:lang/rust
+RUST_CONFIGURE_ENABLE=		rust

 TESTS_CONFIGURE_ENABLE=		unittests

 SUB_FILES=	pkg-message

 CONFIGURE_ARGS+=--enable-gccprotect \
+		--enable-bundled-htp \
 		--with-libpcre-includes=${LOCALBASE}/include \
 		--with-libpcre-libraries=${LOCALBASE}/lib \
 		--with-libyaml-includes=${LOCALBASE}/include \
@ -134,10 +134,6 @@ CONFIGURE_ARGS+=--enable-gccprotect \

 CONFIG_DIR?=	${ETCDIR}
 CONFIG_FILES=	suricata.yaml classification.config reference.config threshold.config
-RULES_DIR=	${CONFIG_DIR}/rules
-RULES_FILES=	app-layer-events.rules decoder-events.rules dns-events.rules files.rules \
-		http-events.rules modbus-events.rules smtp-events.rules stream-events.rules \
-		tls-events.rules
 LOGS_DIR?=	/var/log/${PORTNAME}

 pre-patch:
@ -145,16 +141,12 @@ pre-patch:

 post-install:
 	@${MKDIR} ${STAGEDIR}${CONFIG_DIR}
-	@${MKDIR} ${STAGEDIR}${RULES_DIR}
 	@${MKDIR} ${STAGEDIR}${LOGS_DIR}
 .for f in ${CONFIG_FILES}
 	${INSTALL_DATA} ${WRKSRC}/${f} ${STAGEDIR}${CONFIG_DIR}/${f}.sample
 .endfor
-.for f in ${RULES_FILES}
-	${INSTALL_DATA} ${WRKSRC}/rules/${f} ${STAGEDIR}${RULES_DIR}/${f}
-.endfor

-post-install-SC-on:
+post-install-PYTHON-on:
 	(cd ${STAGEDIR}${PREFIX} \
 	&& ${PYTHON_CMD} ${PYTHON_LIBDIR}/compileall.py \
 	-d ${PYTHONPREFIX_SITELIBDIR} -f ${PYTHONPREFIX_SITELIBDIR:S;${PREFIX}/;;})
--- a/security/suricata/distinfo
+++ b/security/suricata/distinfo
@ -1,3 +1,3 @@
-TIMESTAMP = 1541507025
-SHA256 (suricata-4.0.6.tar.gz) = cbab847b33fc625b7a92241fdce2e1ca47b8bb415c9114de70819394229679a4
-SIZE (suricata-4.0.6.tar.gz) = 12575428
+TIMESTAMP = 1545102533
+SHA256 (suricata-4.1.1.tar.gz) = c30058072029e7fde09133674d9f2f840a674eecbeae1f8b1779a3aae8166bb0
+SIZE (suricata-4.1.1.tar.gz) = 15579715
--- a/security/suricata/pkg-plist
+++ b/security/suricata/pkg-plist
@ -1,77 +1,152 @@
 bin/suricata
+%%PYTHON%%bin/suricata-update
+%%PYTHON%%bin/suricatactl
+%%PYTHON%%bin/suricatasc
+include/htp/bstr.h
+include/htp/bstr_builder.h
+include/htp/htp.h
+include/htp/htp_base64.h
+include/htp/htp_config.h
+include/htp/htp_connection_parser.h
+include/htp/htp_core.h
+include/htp/htp_decompressors.h
+include/htp/htp_hooks.h
+include/htp/htp_list.h
+include/htp/htp_multipart.h
+include/htp/htp_table.h
+include/htp/htp_transaction.h
+include/htp/htp_urlencoded.h
+include/htp/htp_utf8_decoder.h
+include/htp/htp_version.h
+lib/libhtp.a
+lib/libhtp.so
+lib/libhtp.so.2
+lib/libhtp.so.2.0.0
+libdata/pkgconfig/htp.pc
 man/man1/suricata.1.gz
-%%SC%%bin/suricatasc
 %%DOCSDIR%%/AUTHORS
 %%DOCSDIR%%/Basic_Setup.txt
-%%DOCSDIR%%/CentOS5.txt
-%%DOCSDIR%%/CentOS_56_Installation.txt
-%%DOCSDIR%%/Debian_Installation.txt
-%%DOCSDIR%%/Fedora_Core.txt
-%%DOCSDIR%%/FreeBSD_8.txt
 %%DOCSDIR%%/GITGUIDE
-%%DOCSDIR%%/HTP_library_installation.txt
 %%DOCSDIR%%/INSTALL
 %%DOCSDIR%%/INSTALL.PF_RING
 %%DOCSDIR%%/INSTALL.WINDOWS
-%%DOCSDIR%%/Installation_from_GIT_with_PCRE-JIT.txt
-%%DOCSDIR%%/Installation_from_GIT_with_PF_RING_on_Ubuntu_server_1104.txt
-%%DOCSDIR%%/Installation_with_CUDA_and_PFRING_on_Scientific_Linux_6.txt
-%%DOCSDIR%%/Installation_with_CUDA_and_PF_RING_on_Ubuntu_server_1104.txt
-%%DOCSDIR%%/Installation_with_CUDA_on_Scientific_Linux_6.txt
-%%DOCSDIR%%/Installation_with_CUDA_on_Ubuntu_server_1104.txt
-%%DOCSDIR%%/Installation_with_PF_RING.txt
-%%DOCSDIR%%/Mac_OS_X_106x.txt
 %%DOCSDIR%%/NEWS
-%%DOCSDIR%%/OpenBSD_Installation_from_GIT.txt
 %%DOCSDIR%%/README
 %%DOCSDIR%%/Setting_up_IPSinline_for_Linux.txt
 %%DOCSDIR%%/TODO
 %%DOCSDIR%%/Third_Party_Installation_Guides.txt
-%%DOCSDIR%%/Ubuntu_Installation.txt
-%%DOCSDIR%%/Ubuntu_Installation_from_GIT.txt
-%%DOCSDIR%%/Windows.txt
-%%NO_HTP_PORT%%include/htp/bstr.h
-%%NO_HTP_PORT%%include/htp/bstr_builder.h
-%%NO_HTP_PORT%%include/htp/htp.h
-%%NO_HTP_PORT%%include/htp/htp_base64.h
-%%NO_HTP_PORT%%include/htp/htp_config.h
-%%NO_HTP_PORT%%include/htp/htp_connection_parser.h
-%%NO_HTP_PORT%%include/htp/htp_core.h
-%%NO_HTP_PORT%%include/htp/htp_decompressors.h
-%%NO_HTP_PORT%%include/htp/htp_hooks.h
-%%NO_HTP_PORT%%include/htp/htp_list.h
-%%NO_HTP_PORT%%include/htp/htp_multipart.h
-%%NO_HTP_PORT%%include/htp/htp_table.h
-%%NO_HTP_PORT%%include/htp/htp_transaction.h
-%%NO_HTP_PORT%%include/htp/htp_urlencoded.h
-%%NO_HTP_PORT%%include/htp/htp_utf8_decoder.h
-%%NO_HTP_PORT%%include/htp/htp_version.h
-%%NO_HTP_PORT%%lib/libhtp.a
-%%NO_HTP_PORT%%lib/libhtp.so
-%%NO_HTP_PORT%%lib/libhtp.so.2
-%%NO_HTP_PORT%%lib/libhtp.so.2.0.0
-%%NO_HTP_PORT%%libdata/pkgconfig/htp.pc
-%%NO_HTP_PORT%%@dir include/htp
-%%SC%%%%PYTHON_SITELIBDIR%%/suricatasc-0.9-py%%PYTHON_VER%%.egg-info
-%%SC%%%%PYTHON_SITELIBDIR%%/suricatasc/__init__.py
-%%SC%%%%PYTHON_SITELIBDIR%%/suricatasc/__init__.pyc
-%%SC%%%%PYTHON_SITELIBDIR%%/suricatasc/suricatasc.py
-%%SC%%%%PYTHON_SITELIBDIR%%/suricatasc/suricatasc.pyc
-@sample %%ETCDIR%%/suricata.yaml.sample
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata-4.1.1-py%%PYTHON_VER%%.egg-info
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/__init__.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/__init__.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/config/__init__.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/config/__init__.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/config/defaults.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/config/defaults.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/ctl/__init__.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/ctl/__init__.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/ctl/filestore.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/ctl/filestore.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/ctl/loghandler.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/ctl/loghandler.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/ctl/main.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/ctl/main.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/ctl/test_filestore.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/ctl/test_filestore.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/sc/__init__.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/sc/__init__.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/sc/suricatasc.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/sc/suricatasc.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/__init__.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/__init__.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/__init__.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/__init__.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/addsource.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/addsource.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/disablesource.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/disablesource.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/enablesource.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/enablesource.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/listenabledsources.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/listenabledsources.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/listsources.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/listsources.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/removesource.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/removesource.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/updatesources.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/commands/updatesources.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/compat/__init__.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/compat/__init__.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/compat/argparse/__init__.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/compat/argparse/__init__.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/compat/argparse/argparse.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/compat/argparse/argparse.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/compat/ordereddict.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/compat/ordereddict.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/config.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/config.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/configs/__init__.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/configs/__init__.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/configs/disable.conf
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/configs/drop.conf
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/configs/enable.conf
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/configs/modify.conf
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/configs/threshold.in
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/configs/update.yaml
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/data/__init__.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/data/__init__.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/data/index.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/data/index.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/data/update.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/data/update.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/engine.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/engine.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/exceptions.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/exceptions.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/extract.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/extract.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/loghandler.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/loghandler.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/main.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/main.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/maps.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/maps.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/net.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/net.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/notes.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/notes.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/rule.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/rule.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/sources.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/sources.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/util.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/util.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/version.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata/update/version.pyc
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricata_update-1.0.1-py%%PYTHON_VER%%.egg-info
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricatasc/__init__.py
+%%PYTHON%%%%PYTHON_SITELIBDIR%%/suricatasc/__init__.pyc
@sample %%ETCDIR%%/classification.config.sample
@sample %%ETCDIR%%/reference.config.sample
+@sample %%ETCDIR%%/suricata.yaml.sample
@sample %%ETCDIR%%/threshold.config.sample
-%%ETCDIR%%/rules/app-layer-events.rules
-%%ETCDIR%%/rules/decoder-events.rules
-%%ETCDIR%%/rules/dns-events.rules
-%%ETCDIR%%/rules/files.rules
-%%ETCDIR%%/rules/http-events.rules
-%%ETCDIR%%/rules/modbus-events.rules
-%%ETCDIR%%/rules/smtp-events.rules
-%%ETCDIR%%/rules/stream-events.rules
-%%ETCDIR%%/rules/tls-events.rules
-@dir etc/suricata/rules
-@dir etc/suricata
+%%DATADIR%%/rules/app-layer-events.rules
+%%DATADIR%%/rules/decoder-events.rules
+%%DATADIR%%/rules/dnp3-events.rules
+%%DATADIR%%/rules/dns-events.rules
+%%DATADIR%%/rules/files.rules
+%%DATADIR%%/rules/http-events.rules
+%%DATADIR%%/rules/ipsec-events.rules
+%%DATADIR%%/rules/kerberos-events.rules
+%%DATADIR%%/rules/modbus-events.rules
+%%DATADIR%%/rules/nfs-events.rules
+%%DATADIR%%/rules/ntp-events.rules
+%%DATADIR%%/rules/smb-events.rules
+%%DATADIR%%/rules/smtp-events.rules
+%%DATADIR%%/rules/stream-events.rules
+%%DATADIR%%/rules/tls-events.rules
+@dir %%DATADIR%%
+@dir %%ETCDIR%%
+@dir include/htp
@dir(root,wheel,0700) /var/log/suricata
-@postunexec if [ -d %D/%%ETCDIR%% ]; then echo "==> If you are permanently removing this port, run ``rm -rf ${PKG_PREFIX}/etc/suricata`` to remove configuration files."; fi
+@postunexec if [ -d %D/%%ETCDIR%% ]; then echo "==> If you are permanently removing this port, run ``rm -rf ${PKG_PREFIX}/%%ETCDIR%%`` to remove configuration files."; fi
@dir %%DOCSDIR%%