FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

Please give me your LTO-4 or better tape library and I'll put it to good use.
Port details
suricata High Performance Network IDS, IPS and Security Monitoring engine
2.0.8_1 security on this many watch lists=9 search for ports that depend on this port An older version of this port was marked as vulnerable. Find issues related to this port Report an issue related to this port
Maintainer: koobs@FreeBSD.org search for ports maintained by this maintainer
Port Added: 01 Sep 2010 15:32:48
License: GPLv2
The Suricata Engine is an Open Source Next Generation Intrusion Detection and
Prevention Engine developed by the Open Information Security Foundation (OISF).

This engine is not intended to just replace or emulate the existing tools in
the industry, but will bring new ideas and technologies to the field.

OISF is part of and funded by the Department of Homeland Security's Directorate
for Science and Technology HOST program (Homeland Open Security Technology),
by the Navy's Space and Naval Warfare Systems Command (SPAWAR), as well as
through the very generous support of the members of the OISF Consortium.

More information about the Consortium is available, as well as a list of our
current Consortium Members.

WWW: http://openinfosecfoundation.org
SVNWeb : Homepage : Distfiles Availability : PortsMon

NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:
  1. autoconf-2.69 : devel/autoconf
  2. autoheader-2.69 : devel/autoconf
  3. autoreconf-2.69 : devel/autoconf
  4. aclocal-1.15 : devel/automake
  5. automake-1.15 : devel/automake
  6. libtoolize : devel/libtool
  7. gmake : devel/gmake
  8. pkgconf : devel/pkgconf
Library dependencies:
  1. libpcre.so : devel/pcre
  2. libnet.so : net/libnet
  3. libyaml.so : textproc/libyaml
  4. libhtp.so : devel/libhtp
  5. libjansson.so : devel/jansson
  6. libprelude.so : security/libprelude
There are no ports dependent upon this port

To install the port: cd /usr/ports/security/suricata/ && make install clean
To add the package: pkg install security/suricata


Configuration Options
===> The following configuration options are available for suricata-2.0.8_1:
     GEOIP=off: GeoIP support
     HTP_PORT=on: Use libhtp from ports
     IPFW=on: IPFW and IP Divert support for inline IDP
     JSON=on: JSON output support
     NSS=off: File checksums and SSL/TLS fingerprinting
     PORTS_PCAP=off: Use libpcap from ports
     PRELUDE=on: Prelude support for NIDS alerts
     SC=off: Suricata socket client (suricatasc)
     TESTS=off: Unit tests in suricata binary
====> Scripting: you can only select none or one of them
     LUA=off: LUA scripting support
     LUAJIT=off: LuaJIT scripting support
===> Use 'make config' to modify these settings

USES:
autoreconf cpe gmake libtool pathfix pkgconfig

Master Sites:
  1. http://distcache.FreeBSD.org/ports-distfiles/
  2. http://mirrors.rit.edu/zi/
  3. http://www.openinfosecfoundation.org/download/

Number of commits found: 46

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
13 May 2015 00:17:57
Original commit files touched by this commit  2.0.8_1
Revision:386186
koobs search for other commits by this committer
security/suricata: Add PPPoE support

Backport upstream Pull Request #1416 [1] adding support for
LINKTYPE_NULL.

[1] https://github.com/inliniac/suricata/pull/1416
[2] https://redmine.openinfosecfoundation.org/issues/1445

Submitted by: Bill Meeks <bmeeks8 bellsouth net> (via gnn)
12 May 2015 10:49:23
Original commit files touched by this commit  2.0.8
Revision:386134
koobs search for other commits by this committer
security/suricata: Update to 2.0.8

- Update to 2.0.8

This release fixes a bug in the DER parser which is used to
decode SSL/TLS certificates and could crash Suricata [1]

Security: CVE-2015-0971
Security: fe910ed6-f88d-11e4-9ae3-0050562a4d7b

MFH:		2015Q2
Security:	CVE-2015-0971
Security:	fe910ed6-f88d-11e4-9ae3-0050562a4d7b
27 Apr 2015 16:05:52
Original commit files touched by this commit  2.0.6_1
Revision:384861 This port version is marked as vulnerable.
antoine search for other commits by this committer
- Add JSON to OPTIONS_DEFAULT to match default configuration where eve-log
  support is enabled
- Package threshold.config configuration file

PR:		197937
Approved by:	koobs (maintainer)
15 Apr 2015 19:12:19
Original commit files touched by this commit  2.0.6
Revision:384068 This port version is marked as vulnerable.
amdmi3 search for other commits by this committer
- Add CPE info

Approved by:	portmgr blanket
27 Jan 2015 10:47:49
Original commit files touched by this commit  2.0.6
Revision:377991 This port version is marked as vulnerable.
koobs search for other commits by this committer
devel/libhtp, security/suricata: Use iconv:translit

Use translit for USES=iconv, fixing a build error on specific (10-STABLE r???)
versions of FreeBSD that dont contain a libiconv implementation with certain
features [1] in base.

PR:		196720 [1]
Reported by:	<trond.endrestol ximalas info>
18 Jan 2015 07:12:37
Original commit files touched by this commit  2.0.6
Revision:377282 This port version is marked as vulnerable.
koobs search for other commits by this committer
security/suricata: Update to 2.0.6, add lots of OPTIONS

- Update to 2.0.6
- Update pkg-plist
- Add LICENSE_FILE
- Add OPTIONS for:

  * LUA scripting support
  * LUAjit scripting support
  * Suricata socket client

- Fix a reverse logic bug for JSON option
- Suricata links to nspr as a dependent of nss, add it to LIB_DEPENDS
- Create LOGS_DIR post-install
- Add patch to fix upstream issue 1353 [1]

[1] https://redmine.openinfosecfoundation.org/issues/1353

PR:		196801
Submitted by:	cheffo freebsd-bg org (with changes)
22 Dec 2014 15:11:55
Original commit files touched by this commit  2.0.5
Revision:375243 This port version is marked as vulnerable.
koobs search for other commits by this committer
security/suricata: Update to 2.0.5, Add NSS support

- Update to 2.0.5
- Add NSS option for file checksum and fingerprint support [1]
- Add default rules files [1]
- Add USES=autoreconf, remove USE_AUTOTOOLS and friends
- Override PATHFIX_MAKEFILEIN
- Use the install-strip target
- Fix HTP_PORT_CONFLICT_OFF typo (CONFLICT*S*)
- USES=iconv when using the bundled HTP version
- Cleanup and fix OPTION descriptions
- Sort OPTIONS and helpers
- Use the existing NO_HTP_PORT variable in pkg-plist (OPTIONS_SUB), remove
  MHTP_PORT conditional accordingly

PR:		194953 [1]
Submitted by:	Bill Meeks <bmeeks8 bellsouth net> [1]
11 Nov 2014 15:57:53
Original commit files touched by this commit  2.0.4
Revision:372453 This port version is marked as vulnerable.
garga search for other commits by this committer
- Update suricata to 2.0.4 [1]
- Added JSON knob - this allows Suricata to be compiled with JSON output support
- Added GEOIP knob - this allows Suricata to support rules with geoip word
- Added HTP_PORT knob - this make the use of www/libhtp-suricata optional. E.g.
  user can choose between build-in and port version.
- Unbreak PLIST renaming sample files from -sample to .sample

PR:		193220 [1]
Submitted by:	cheffo [1]
Approved by:	maintainer timeout (> 2 months)
Security:	CVE-2014-6603
31 Oct 2014 15:40:38
Original commit files touched by this commit  2.0.3
Revision:371859 This port version is marked as vulnerable.
bapt search for other commits by this committer
Simplify plist by using @sample and @dir
23 Aug 2014 12:08:16
Original commit files touched by this commit  2.0.3
Revision:365723 This port version is marked as vulnerable.
koobs search for other commits by this committer
security/suricata: Update to 2.0.3, Modernize

Now that libprelude is safe from EXPIRE and has been staged [1], and
devel/libhtp
now *actually* links against libiconv even though autoconf detection was fine
[2] ... Have fun!

- Update to 2.0.3
- Switch libhtp to the upstream version port (devel/libhtp)
- Use USES=libtool
- Use OPTIONS helpers and other OPTIONS_* goodies
- Sort USE(S)* section
- Deprecate USE_AUTOTOOLS (USES instead)
- Deprecate AUTOMAKE_ARGS, ACLOCAL_ARGS (no longer necessary)
- Update COMMENT
- Add m4 macro for checking compiler flags and add relevent
  check to configure.ac. Our GCC doesn't like
  -Wno-error=unused-result and upstreams configure bits arent as
  portable as they could be.

[1] http://svnweb.freebsd.org/changeset/ports/365562
[2] http://svnweb.freebsd.org/changeset/ports/364955

Requested by:	many
21 Aug 2014 14:58:55
Original commit files touched by this commit  1.4.6_3
Revision:365562 This port version is marked as vulnerable.
koobs search for other commits by this committer
security/libprelude: Take MAINTAINER'ship, STAGE & Modernize

- Take Maintainership
- Enable STAGE support
- Tweak MASTER_SITES https -> http (portlint)
- Add LICENSE and LICENSE_FILE
- Deprecate USE_AUTOTOOLS for libtool (-> USES)
- Sort USES and OPTIONS
- Use OPTIONS helpers as much as possible for now [1]
- Add --enable-static to CONFIGURE_ARGS to retain the static lib
- Assign and Use ETCDIR rather than hardcoding
- Use the install-strip install target
- Update pkg-plist, use @sample and other goodies

While I'm here, bump dependent ports since our SHLIB major version has
changed

[1] https://reviews.freebsd.org/D665

Approved by: portmgr (implicit, bump unstaged port)
16 Jul 2014 08:44:05
Original commit files touched by this commit  1.4.6_2
Revision:362053 This port version is marked as vulnerable.
bapt search for other commits by this committer
Fix some non default LIB_DEPENDS

With hat:	portmgr
14 Jul 2014 15:38:39
Original commit files touched by this commit  1.4.6_2
Revision:361791  Sanity Test Failure This port version is marked as vulnerable.
tijl search for other commits by this committer
- Convert net/libnet to USES=libtool and bump dependent ports
- Add INSTALL_TARGET=install-strip

Approved by:	portmgr (implicit, bump unstaged port)
05 Dec 2013 11:58:23
Original commit files touched by this commit  1.4.6_1
Revision:335661 This port version is marked as vulnerable.
koobs search for other commits by this committer
security/suricata: Remove unsupported DAG (Endace Capture) OPTION

This OPTION is non-functional as it requires hardware support and libdag from
Endace, which is not available in, nor recommended to be built via the ports
tree.

This OPTION also incorrectly added CONFIGURE_ARGS without adding any
LIB_DEPENDS, which broke configure: during build when the option was enabled.

Reported by:	mat (via pkg-fallout, via IRC)
17 Nov 2013 03:09:13
Original commit files touched by this commit  1.4.6
Revision:334051 This port version is marked as vulnerable.
koobs search for other commits by this committer
security/suricata: Update to 1.4.6, Switch to libhtp-suricata, Un-BROKEN Clang.

- Update to 1.4.6
- Switch to the correct library in www/libhtp-suricata
- Take maintainership
- Enable STAGE support
- Remove uneccessary patches
- Configure: Add libhtp include and library location
- Configure: Add /var to --localstatedir
- Configure: Disable Python support explicitly
- QA: Remove BROKEN with clang
- QA: Update to new LIB_DEPENDS format
- QA: Use ETCDIR instead of custom path for CONFIG_DIR and RULES_DIR
- QA: Replace hardcoded strings with ${PORTNAME}
- QA: Add documentation and %%DOCSDIR%% to pkg-plist
(Only the first 15 lines of the commit message are shown above View all of this commit message)
20 Sep 2013 22:55:26
Original commit files touched by this commit  1.3.4_3
Revision:327769 This port version is marked as vulnerable.
bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
security)
30 Apr 2013 23:16:21
Original commit files touched by this commit  1.3.4_3
Revision:316970 This port version is marked as vulnerable.
wxs search for other commits by this committer
Take this port under my wing.
28 Apr 2013 14:05:44
Original commit files touched by this commit  1.3.4_3
Revision:316727 This port version is marked as vulnerable.
zi search for other commits by this committer
- Back to the pool
23 Apr 2013 14:20:28
Original commit files touched by this commit  1.3.4_3
Revision:316355 This port version is marked as vulnerable.
bapt search for other commits by this committer
Finish converting the whole ports tree to USES=pkgconfig
18 Feb 2013 21:13:02
Original commit files touched by this commit  1.3.4_3
Revision:312526 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- update libnet to 1.1.6
- build shared lib
- fix dependend ports when libnet.so.8 was linked in
- fix dependend ports when includes where missing
15 Dec 2012 23:52:36
Original commit files touched by this commit  1.3.4_2
Revision:308972 This port version is marked as vulnerable.
pawel search for other commits by this committer
Bump ports affected by security/libprelude update
10 Dec 2012 19:11:12
Original commit files touched by this commit  1.3.4_1
Revision:308630  Sanity Test Failure
mm search for other commits by this committer
Update PCRE to 8.32
Introduces the UTF-32 library pcre32
Bump PORTREVISION in dependent ports
18 Nov 2012 05:52:08
Original commit files touched by this commit  1.3.4
Revision:307528 This port version is marked as vulnerable.
zi search for other commits by this committer
- Update to 1.3.4

Feature safe:	yes
02 Nov 2012 19:10:30
Original commit files touched by this commit  1.3.3
Revision:306882 This port version is marked as vulnerable.
zi search for other commits by this committer
- Update to 1.3.3

Feature safe:	yes
10 Oct 2012 11:42:05
Original commit files touched by this commit  1.3.2
Revision:305642 This port version is marked as vulnerable.
zi search for other commits by this committer
- Update to 1.3.2
06 Sep 2012 02:17:33
Original commit files touched by this commit  1.3.1
Revision:303732 This port version is marked as vulnerable.
zi search for other commits by this committer
- Update to 1.3.1
06 Sep 2012 02:07:35
Original commit files touched by this commit  1.3_1
Revision:303731 This port version is marked as vulnerable.
zi search for other commits by this committer
- Add in workaround for compatibility with libhtp >= 0.3
- Bump PORTREVISION
26 Jul 2012 05:40:24
Original commit files touched by this commit  1.3
 This port version is marked as vulnerable.
bapt search for other commits by this committer
new devel/pkgconf added to replace devel/pkg-config. new version of pkg-config
are no more self hosting so we are stuck with 0.25 version while pkgconf provide
the same set of features as 0.27 and a compatible frontend. A symlink to
pkg-config has been added for convenience and compatibility

This also introduces a new macro to use pkgconf in your ports:
USE_PKGCONFIG

it can take the following arguments:
 - yes (meaning build only dep)
 - build (meaning build only dep)
 - run (meaning run only dep)
 - both (meaning run and build dep)

From now USE_GNOME= pkgconfig is deprecated in favour of USE_PKGCONFIG
The old gnome macro has been modified to use pkgconf but still the sameway: run
and build dep to avoid large breakage.

While here fix some ports relying on pkg-config but not specifying it, fix some
ports broken because testing wrong .pc files, and fix ports using pkg-config
--version to determine pkg-config version instead of
pkg-config --modversion pkg-config like recommanded by pkg-config

With Hat:	portmgr
Exp-runs by:	bapt (pointhat-west), beat (pointyhat)
16 Jul 2012 11:18:35
Original commit files touched by this commit  1.3
 This port version is marked as vulnerable.
zi search for other commits by this committer
- Mark BROKEN when compiling with clang
11 Jul 2012 02:36:53
Original commit files touched by this commit  1.3
 This port version is marked as vulnerable.
zi search for other commits by this committer
- Update to 1.3
- Convert to OptionsNG
11 May 2012 20:38:09
Original commit files touched by this commit  1.2.1_1
 This port version is marked as vulnerable.
ade search for other commits by this committer
Update autoconf to 2.69 and automake to 1.12

PR:             166836
Tested by:      Multiple -exp runs (pav)
23 Mar 2012 14:27:51
Original commit files touched by this commit  1.2.1_1
 This port version is marked as vulnerable.
zi search for other commits by this committer
- Update mirror URL on my ports

Feature safe:   yes
13 Mar 2012 12:04:26
Original commit files touched by this commit  1.2.1_1
 This port version is marked as vulnerable.
zi search for other commits by this committer
- Do not overwrite files from devel/libhtp [1]
- Do not overwrite customized config files [1]
- Optionally depend on libpcap from ports (off by default) [1]
- Detect and use gcc hardening options by default
- Cleanup language/whitespace
- Bump PORTREVISION

PR:             ports/164237 [1]
Submitted by:   Geoffroy Desvernay <dgeo@centrale-marseille.fr> [1]
Feature safe:   yes
23 Feb 2012 14:05:49
Original commit files touched by this commit  1.2.1
 This port version is marked as vulnerable.
zi search for other commits by this committer
- Update to 1.2.1 [1]
- Reset maintainership due to multiple maintainer timeouts
- Take maintainership

PR:             ports/164471 [1]
Submitted by:   Nikolay Denev <ndenev@gmail.com> [1]
14 Feb 2012 12:45:35
Original commit files touched by this commit  1.1.1_1
 This port version is marked as vulnerable.
mm search for other commits by this committer
Bump pcre library dependency due to 8.30 update
14 Jan 2012 08:57:23
Original commit files touched by this commit  1.1.1
 This port version is marked as vulnerable.
dougb search for other commits by this committer
In the rc.d scripts, change assignments to rcvar to use the
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().

In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other.
10 Jan 2012 19:34:02
Original commit files touched by this commit  1.1.1
 This port version is marked as vulnerable.
wxs search for other commits by this committer
- Update to 1.1.1.
- Use libhtp from ports instead of the bundled one.
- Remove check for 6.x.

PR:             ports/163603
Submitted by:   wxs@
Approved by:    eksffa@freebsdbrasil.com.br (maintiner timeout)
08 Jan 2012 07:01:25
Original commit files touched by this commit  1.0.3
 This port version is marked as vulnerable.
eadler search for other commits by this committer
Repeated words are are hard to to find sometimes.

Approved by:    portmgr (itetcu)
19 Jul 2011 21:14:31
Original commit files touched by this commit  1.0.3
 This port version is marked as vulnerable.
zi search for other commits by this committer
Add DAG Support
Fix build when using custom LOCALBASE/PREFIX
Pacify portlint(1)

PR:             ports/158147
Submitted by:   rpsfa@rit.edu (me)
Approved by:    maintainer timeout, tabthorpe (mentor)
22 Jun 2011 00:29:16
Original commit files touched by this commit  1.0.3
 This port version is marked as vulnerable.
wxs search for other commits by this committer
- Update to 1.0.3.
- Add LICENSE.

PR:             ports/157860
Submitted by:   Ryan Steinmetz <rpsfa@rit.edu>
Approved by:    Patrick Tracanelli <eksffa@freebsdbrasil.com.br> (maintainer)
04 Dec 2010 07:34:27
Original commit files touched by this commit  1.0.1_1
 This port version is marked as vulnerable.
ade search for other commits by this committer
Sync to new bsd.autotools.mk
16 Oct 2010 11:52:47
Original commit files touched by this commit  1.0.1_1
 This port version is marked as vulnerable.
ade search for other commits by this committer
Punt autoconf267->autoconf268
17 Sep 2010 09:31:03
Original commit files touched by this commit  1.0.1_1
 This port version is marked as vulnerable.
linimon search for other commits by this committer
Mark as broken on sparc64 (and, by implication, the other tier-2 archs).

Hat:            portmgr
15 Sep 2010 18:35:24
Original commit files touched by this commit  1.0.1_1
 This port version is marked as vulnerable.
ade search for other commits by this committer
Autotools update.   Read ports/UPDATING 20100915 for details.

Approved by:    portmgr (for Mk/bsd.port.mk part)
Tested by:      Multiple -exp runs
09 Sep 2010 11:41:48
Original commit files touched by this commit  1.0.1
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Mark BROKEN on 6.X: does not configure

PR:             ports/150393 (based on)
Submitted by:   Patrick Tracanelli <eksffa@freebsdbrasil.com.br> (maintainer)
01 Sep 2010 15:31:52
Original commit files touched by this commit  1.0.1
 This port version is marked as vulnerable.
jmelo search for other commits by this committer
The Suricata Engine is an Open Source Next Generation Intrusion Detection and
Prevention Engine developed by the Open Information Security Foundation (OISF).

This engine is not intended to just replace or emulate the existing tools in
the industry, but will bring new ideas and technologies to the field.

OISF is part of and funded by the Department of Homeland Security's Directorate
for Science and Technology HOST program (Homeland Open Security Technology),
by the the Navy's Space and Naval Warfare Systems Command (SPAWAR), as well as
through the very generous support of the members of the OISF Consortium.

More information about the Consortium is available, as well as a list of our
current Consortium Members.

The Suricata Engine and the HTP Library are available to use under the GPLv2.

The HTP Library is an HTTP normalizer and parser written by Ivan Ristic of
Mod Security fame for the OISF. This integrates and provides very advanced
processing of HTTP streams for Suricata. The HTP library is required by the
engine but may also be used independently in a range of applications and tools.

WWW: http://openinfosecfoundation.org

PR:             ports/150191
Submitted by:   Patrick Tracanelli <eksffa@freebsdbrasil.com.br>

Number of commits found: 46

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
graphvizAug 29
firefoxAug 28
firefox*Aug 28
firefox-esrAug 28
firefox-esr*Aug 28
libxul*Aug 28
linux-firefoxAug 28
linux-firefox*Aug 28
linux-seamonkey*Aug 28
linux-thunderbird*Aug 28
seamonkey*Aug 28
thunderbird*Aug 28
libpgf*Aug 26
goAug 25
go14Aug 25

27 vulnerabilities affecting 63 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 25189
Broken 194
Deprecated 42
Ignore 498
Forbidden 1
Restricted 204
No CDROM 94
Vulnerable 41
Expired 11
Set to expire 26
Interactive 0
new 24 hours 10
new 48 hours12
new 7 days17
new fortnight95
new month208

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.