Message ID | 20200622105359.31340-1-guillaume.bressaix@gmail.com |
---|---|
State | Accepted |
Headers | show |
Series | [1/1] package/libnids: new package | expand |
Hello Guillaume, On Mon, 22 Jun 2020 12:53:59 +0200 "Guillaume W. Bres" <guillaume.bressaix@gmail.com> wrote: > Libnids is a C based networking library, > part of networking intrusion detection tools. > It can watch network traffic & provide informations. > > Signed-off-by: Guillaume W. Bres <guillaume.bressaix@gmail.com> I have applied your patch, with a number of changes. See below for comments, and see the final commit at: https://git.buildroot.org/buildroot/commit/?id=b6ce06cd64b0d85c9065c60fad933c8585730320 > +config BR2_PACKAGE_LIBNIDS > + bool "libnids" > + depends on BR2_TOOLCHAIN_USES_GLIBC glibc is not required: it builds fine with uclibc. > + select BR2_PACKAGE_LIBGLIB2 This dependency is not mandatory, so I dropped it. It should be easy to re-add it with a follow-up patch. > + select BR2_PACKAGE_LIBNET This dependency is not mandatory, so I dropped it. Re-adding it is possible, but will need some tweaks in the configure.in script. > + select BR2_PACKAGE_LIBPCAP This dependency is indeed mandatory. > +LIBNIDS_VERSION = 1.24 > +LIBNIDS_SITE = https://sourceforge.net/projects/libnids/files/libnids/$(LIBNIDS_VERSION) > +LIBNIDS_LICENSE = GPL-2.0 > +LIBNIDS_LICENSE_FILES = COPYING > +LIBNIDS_INSTALL_STAGING = YES You forgot the _DEPENDENCIES variable, so nothing ensured that your dependencies are built before this package. > +LIBNIDS_CONF_OPTS += \ > + prefix="$(STAGING_DIR)/usr" \ > + exec_prefix="$(STAGING_DIR)/usr" So, I instead fixed this by: (1) Adding a patch for the configure.in script that changes the detection of libpcap to use pkg-config (2) Passing the appropriate install_prefix value at install time, since the hand-written Makefile.in use install_prefix and not DESTDIR If you need the libglib and libnet optional dependencies, don't hesitate to send follow-up patches to add support for them. Thanks! Thomas
Hello Thomas, thank you for your input glibc is not required: it builds fine with uclibc. > > + select BR2_PACKAGE_LIBGLIB2 This dependency is not mandatory, so I dropped it. It should be easy to > re-add it with a follow-up patch. Ok, I did not see the configure script had options to disable them, it's better to have a default package compatible with everyone (2) Passing the appropriate install_prefix value at install time, since the hand-written Makefile.in use install_prefix and not DESTDIR it's cleaner to override at the given step (I'll keep that!) if you need the libglib and libnet optional dependencies, don't > hesitate to send follow-up patches to add support for them. I need to check whether I need libglib because it's not obvious. But I certainly need libnet. Let's say I introduce a "BR2_PACKAGE_LIBNIDS_WITH_LIBNET" option, if I add a 0002-patch to also have libnet checked with pkg-config, Is it fine with you having a patch always applied, even though we are in the --disable-libnet context? Guillaume W. Bres Software engineer <guillaume.bressaix@gmail.com> Le lun. 22 juin 2020 à 22:27, Thomas Petazzoni <thomas.petazzoni@bootlin.com> a écrit : > Hello Guillaume, > > On Mon, 22 Jun 2020 12:53:59 +0200 > "Guillaume W. Bres" <guillaume.bressaix@gmail.com> wrote: > > > Libnids is a C based networking library, > > part of networking intrusion detection tools. > > It can watch network traffic & provide informations. > > > > Signed-off-by: Guillaume W. Bres <guillaume.bressaix@gmail.com> > > I have applied your patch, with a number of changes. See below for > comments, and see the final commit at: > > > https://git.buildroot.org/buildroot/commit/?id=b6ce06cd64b0d85c9065c60fad933c8585730320 > > > > +config BR2_PACKAGE_LIBNIDS > > + bool "libnids" > > + depends on BR2_TOOLCHAIN_USES_GLIBC > > glibc is not required: it builds fine with uclibc. > > > + select BR2_PACKAGE_LIBGLIB2 > > This dependency is not mandatory, so I dropped it. It should be easy to > re-add it with a follow-up patch. > > > + select BR2_PACKAGE_LIBNET > > This dependency is not mandatory, so I dropped it. Re-adding it is > possible, but will need some tweaks in the configure.in script. > > > + select BR2_PACKAGE_LIBPCAP > > This dependency is indeed mandatory. > > > > +LIBNIDS_VERSION = 1.24 > > +LIBNIDS_SITE = > https://sourceforge.net/projects/libnids/files/libnids/$(LIBNIDS_VERSION) > > +LIBNIDS_LICENSE = GPL-2.0 > > +LIBNIDS_LICENSE_FILES = COPYING > > +LIBNIDS_INSTALL_STAGING = YES > > You forgot the _DEPENDENCIES variable, so nothing ensured that your > dependencies are built before this package. > > > +LIBNIDS_CONF_OPTS += \ > > + prefix="$(STAGING_DIR)/usr" \ > > + exec_prefix="$(STAGING_DIR)/usr" > > So, I instead fixed this by: > > (1) Adding a patch for the configure.in script that changes the > detection of libpcap to use pkg-config > > (2) Passing the appropriate install_prefix value at install time, > since the hand-written Makefile.in use install_prefix and not DESTDIR > > If you need the libglib and libnet optional dependencies, don't > hesitate to send follow-up patches to add support for them. > > Thanks! > > Thomas > -- > Thomas Petazzoni, CTO, Bootlin > Embedded Linux and Kernel engineering > https://bootlin.com >
correction: Let's say I introduce a "BR2_PACKAGE_LIBNIDS_WITH_LIBNET" option, > I will rather check in the .mk script if BR2_PACKAGE_LIBNET is in use and adapt dependencies & configure flags, rather than introducing a BR2_PACKAGE_LIBNIDS_ sub option. question about the patch still applies though Guillaume W. Bres Software engineer <guillaume.bressaix@gmail.com> Le mar. 23 juin 2020 à 11:01, Guillaume Bres <guillaume.bressaix@gmail.com> a écrit : > Hello Thomas, > > thank you for your input > > glibc is not required: it builds fine with uclibc. >> > + select BR2_PACKAGE_LIBGLIB2 > > This dependency is not mandatory, so I dropped it. It should be easy to >> re-add it with a follow-up patch. > > > Ok, I did not see the configure script had options to disable them, it's > better to have a default package compatible with everyone > > (2) Passing the appropriate install_prefix value at install time, > > since the hand-written Makefile.in use install_prefix and not DESTDIR > > > it's cleaner to override at the given step (I'll keep that!) > > if you need the libglib and libnet optional dependencies, don't >> hesitate to send follow-up patches to add support for them. > > > I need to check whether I need libglib because it's not obvious. But I > certainly need libnet. > > Let's say I introduce a "BR2_PACKAGE_LIBNIDS_WITH_LIBNET" option, > if I add a 0002-patch to also have libnet checked with pkg-config, > Is it fine with you having a patch always applied, even though we are in > the --disable-libnet context? > > Guillaume W. Bres > Software engineer > <guillaume.bressaix@gmail.com> > > > Le lun. 22 juin 2020 à 22:27, Thomas Petazzoni < > thomas.petazzoni@bootlin.com> a écrit : > >> Hello Guillaume, >> >> On Mon, 22 Jun 2020 12:53:59 +0200 >> "Guillaume W. Bres" <guillaume.bressaix@gmail.com> wrote: >> >> > Libnids is a C based networking library, >> > part of networking intrusion detection tools. >> > It can watch network traffic & provide informations. >> > >> > Signed-off-by: Guillaume W. Bres <guillaume.bressaix@gmail.com> >> >> I have applied your patch, with a number of changes. See below for >> comments, and see the final commit at: >> >> >> https://git.buildroot.org/buildroot/commit/?id=b6ce06cd64b0d85c9065c60fad933c8585730320 >> >> >> > +config BR2_PACKAGE_LIBNIDS >> > + bool "libnids" >> > + depends on BR2_TOOLCHAIN_USES_GLIBC >> >> glibc is not required: it builds fine with uclibc. >> >> > + select BR2_PACKAGE_LIBGLIB2 >> >> This dependency is not mandatory, so I dropped it. It should be easy to >> re-add it with a follow-up patch. >> >> > + select BR2_PACKAGE_LIBNET >> >> This dependency is not mandatory, so I dropped it. Re-adding it is >> possible, but will need some tweaks in the configure.in script. >> >> > + select BR2_PACKAGE_LIBPCAP >> >> This dependency is indeed mandatory. >> >> >> > +LIBNIDS_VERSION = 1.24 >> > +LIBNIDS_SITE = >> https://sourceforge.net/projects/libnids/files/libnids/$(LIBNIDS_VERSION) >> > +LIBNIDS_LICENSE = GPL-2.0 >> > +LIBNIDS_LICENSE_FILES = COPYING >> > +LIBNIDS_INSTALL_STAGING = YES >> >> You forgot the _DEPENDENCIES variable, so nothing ensured that your >> dependencies are built before this package. >> >> > +LIBNIDS_CONF_OPTS += \ >> > + prefix="$(STAGING_DIR)/usr" \ >> > + exec_prefix="$(STAGING_DIR)/usr" >> >> So, I instead fixed this by: >> >> (1) Adding a patch for the configure.in script that changes the >> detection of libpcap to use pkg-config >> >> (2) Passing the appropriate install_prefix value at install time, >> since the hand-written Makefile.in use install_prefix and not DESTDIR >> >> If you need the libglib and libnet optional dependencies, don't >> hesitate to send follow-up patches to add support for them. >> >> Thanks! >> >> Thomas >> -- >> Thomas Petazzoni, CTO, Bootlin >> Embedded Linux and Kernel engineering >> https://bootlin.com >> >
Sorry for the rapid posts about the same topic, but on the other hand, further discussions will be more fruitful First off, it turns out libnids in the current configuration completely fits my needs ----- Trying to build libnids with libnet: - libnet does not have a pkg-config description file, so what I previously said/thought cannot apply - unfortunately because of that, removing --disable-libnet option from configure, has LNETLIB & LNET_CFLAGS pointing to /usr/include - they have a --with-libnet option, I tried something like --with-libnet=$(STAGING_DIR), but they look for a very specific combination if test -f $withval/include/libnet.h -a -f $withval/lib/libnet.a -a -f > $withval/libnet-config ; then (line 133 in $libnids/configure.in) > - $withval/include/libnet.h exists, we have a $withval/lib/libnet.la but that is not exactly what they want, $withval/libnet-config does not exist - so at the moment I am not able to submit anything further about this topic, because of the combination of files they look for. I don't think messing with $libnids/configure.in is an option either, that would be too dirty - I am not familiar with pkg-config at the moment, I don't know if we can "activate libnet.pc" and have pkg-config look for it ----- Trying to build libnids with glib2 if possible - no problem, I may submit a patch in a near future Guillaume W. Bres Software engineer <guillaume.bressaix@gmail.com> Le mar. 23 juin 2020 à 11:07, Guillaume Bres <guillaume.bressaix@gmail.com> a écrit : > correction: > > Let's say I introduce a "BR2_PACKAGE_LIBNIDS_WITH_LIBNET" option, >> > > I will rather check in the .mk script if BR2_PACKAGE_LIBNET is in use and > adapt dependencies & configure flags, > rather than introducing a BR2_PACKAGE_LIBNIDS_ sub option. > > question about the patch still applies though > > Guillaume W. Bres > Software engineer > <guillaume.bressaix@gmail.com> > > > Le mar. 23 juin 2020 à 11:01, Guillaume Bres <guillaume.bressaix@gmail.com> > a écrit : > >> Hello Thomas, >> >> thank you for your input >> >> glibc is not required: it builds fine with uclibc. >>> > + select BR2_PACKAGE_LIBGLIB2 >> >> This dependency is not mandatory, so I dropped it. It should be easy to >>> re-add it with a follow-up patch. >> >> >> Ok, I did not see the configure script had options to disable them, it's >> better to have a default package compatible with everyone >> >> (2) Passing the appropriate install_prefix value at install time, >> >> since the hand-written Makefile.in use install_prefix and not DESTDIR >> >> >> it's cleaner to override at the given step (I'll keep that!) >> >> if you need the libglib and libnet optional dependencies, don't >>> hesitate to send follow-up patches to add support for them. >> >> >> I need to check whether I need libglib because it's not obvious. But I >> certainly need libnet. >> >> Let's say I introduce a "BR2_PACKAGE_LIBNIDS_WITH_LIBNET" option, >> if I add a 0002-patch to also have libnet checked with pkg-config, >> Is it fine with you having a patch always applied, even though we are in >> the --disable-libnet context? >> >> Guillaume W. Bres >> Software engineer >> <guillaume.bressaix@gmail.com> >> >> >> Le lun. 22 juin 2020 à 22:27, Thomas Petazzoni < >> thomas.petazzoni@bootlin.com> a écrit : >> >>> Hello Guillaume, >>> >>> On Mon, 22 Jun 2020 12:53:59 +0200 >>> "Guillaume W. Bres" <guillaume.bressaix@gmail.com> wrote: >>> >>> > Libnids is a C based networking library, >>> > part of networking intrusion detection tools. >>> > It can watch network traffic & provide informations. >>> > >>> > Signed-off-by: Guillaume W. Bres <guillaume.bressaix@gmail.com> >>> >>> I have applied your patch, with a number of changes. See below for >>> comments, and see the final commit at: >>> >>> >>> https://git.buildroot.org/buildroot/commit/?id=b6ce06cd64b0d85c9065c60fad933c8585730320 >>> >>> >>> > +config BR2_PACKAGE_LIBNIDS >>> > + bool "libnids" >>> > + depends on BR2_TOOLCHAIN_USES_GLIBC >>> >>> glibc is not required: it builds fine with uclibc. >>> >>> > + select BR2_PACKAGE_LIBGLIB2 >>> >>> This dependency is not mandatory, so I dropped it. It should be easy to >>> re-add it with a follow-up patch. >>> >>> > + select BR2_PACKAGE_LIBNET >>> >>> This dependency is not mandatory, so I dropped it. Re-adding it is >>> possible, but will need some tweaks in the configure.in script. >>> >>> > + select BR2_PACKAGE_LIBPCAP >>> >>> This dependency is indeed mandatory. >>> >>> >>> > +LIBNIDS_VERSION = 1.24 >>> > +LIBNIDS_SITE = >>> https://sourceforge.net/projects/libnids/files/libnids/$(LIBNIDS_VERSION) >>> > +LIBNIDS_LICENSE = GPL-2.0 >>> > +LIBNIDS_LICENSE_FILES = COPYING >>> > +LIBNIDS_INSTALL_STAGING = YES >>> >>> You forgot the _DEPENDENCIES variable, so nothing ensured that your >>> dependencies are built before this package. >>> >>> > +LIBNIDS_CONF_OPTS += \ >>> > + prefix="$(STAGING_DIR)/usr" \ >>> > + exec_prefix="$(STAGING_DIR)/usr" >>> >>> So, I instead fixed this by: >>> >>> (1) Adding a patch for the configure.in script that changes the >>> detection of libpcap to use pkg-config >>> >>> (2) Passing the appropriate install_prefix value at install time, >>> since the hand-written Makefile.in use install_prefix and not DESTDIR >>> >>> If you need the libglib and libnet optional dependencies, don't >>> hesitate to send follow-up patches to add support for them. >>> >>> Thanks! >>> >>> Thomas >>> -- >>> Thomas Petazzoni, CTO, Bootlin >>> Embedded Linux and Kernel engineering >>> https://bootlin.com >>> >>
Hello, On Tue, 23 Jun 2020 11:01:30 +0200 Guillaume Bres <guillaume.bressaix@gmail.com> wrote: > Let's say I introduce a "BR2_PACKAGE_LIBNIDS_WITH_LIBNET" option, As you discovered and replied later in the thread, don't add a sub-option: simply check in the .mk file if BR2_PACKAGE_LIBDNET is enabled. > if I add a 0002-patch to also have libnet checked with pkg-config, > Is it fine with you having a patch always applied, even though we are in > the --disable-libnet context? The patches should always all be applied. In theory, all patches are supposed to be submitted to the upstream project, and the upstream project will not conditionally apply the patch depending on whether libnet support is enabled or not. Thomas
On Tue, 23 Jun 2020 14:14:20 +0200 Guillaume Bres <guillaume.bressaix@gmail.com> wrote: > Trying to build libnids with libnet: > > - libnet does not have a pkg-config description file, so what I > previously said/thought cannot apply Gah. > - unfortunately because of that, removing --disable-libnet option from > configure, has LNETLIB & LNET_CFLAGS pointing to /usr/include Right. > - they have a --with-libnet option, I tried something like > --with-libnet=$(STAGING_DIR), but they look for a very specific combination > > if test -f $withval/include/libnet.h -a -f $withval/lib/libnet.a -a -f > > $withval/libnet-config ; then (line 133 in $libnids/configure.in) Their handling of the --with-libXXX value is completely non-standard. They expect it to be pointed to the *build* directory of the library, and not to a sysroot where it has been installed. I had the same issue with libpcap, which is why I switched to using pkg-config. > - $withval/include/libnet.h exists, we have a $withval/lib/libnet.la but > that is not exactly what they want, $withval/libnet-config does not exist > - so at the moment I am not able to submit anything further about this > topic, because of the combination of files they look for. I don't think > messing with $libnids/configure.in is an option either, that would be > too dirty Well, we already mess with the configure.in script: see my patch 0001 that changes the configure.in script to add support for using pkg-config to check for libpcap's availability. > - I am not familiar with pkg-config at the moment, I don't know if we > can "activate libnet.pc" and have pkg-config look for it If you don't need libnet support as you're saying at the beginning of this e-mail, then we can simply keep the --disable-libnet and that's it. Thomas
diff --git a/DEVELOPERS b/DEVELOPERS index dc9fa8a718..fb6d4cec64 100644 --- a/DEVELOPERS +++ b/DEVELOPERS @@ -1053,6 +1053,7 @@ F: package/c-icap-modules/ F: package/sdl2/ N: Guillaume William Brs <guillaume.bressaix@gmail.com> +F: package/libnids/ F: package/liquid-dsp/ F: package/pixiewps/ F: package/python-pybind/ diff --git a/package/Config.in b/package/Config.in index dc24921e0f..e2bb004015 100644 --- a/package/Config.in +++ b/package/Config.in @@ -1710,6 +1710,7 @@ menu "Networking" source "package/libnfnetlink/Config.in" source "package/libnftnl/Config.in" source "package/libnice/Config.in" + source "package/libnids/Config.in" source "package/libnl/Config.in" source "package/liboauth/Config.in" source "package/liboping/Config.in" diff --git a/package/libnids/Config.in b/package/libnids/Config.in new file mode 100644 index 0000000000..ba3beee7f2 --- /dev/null +++ b/package/libnids/Config.in @@ -0,0 +1,19 @@ +comment "libnids requires a glibc toolchain" + depends on !BR2_TOOLCHAIN_USES_GLIBC + +config BR2_PACKAGE_LIBNIDS + bool "libnids" + depends on BR2_TOOLCHAIN_USES_GLIBC + select BR2_PACKAGE_LIBGLIB2 + select BR2_PACKAGE_LIBNET + select BR2_PACKAGE_LIBPCAP + help + Libnids is an implementation of an E-component + of Network Intrusion Detection System. + libnids watches all local network traffic, + and provides convenient information on them to + perform further analysis. + Libnids offers IP defragmentation, + TCP stream assembly, TCP port scan detection. + + http://libnids.sourceforge.net/ diff --git a/package/libnids/libnids.hash b/package/libnids/libnids.hash new file mode 100644 index 0000000000..4a2949c39d --- /dev/null +++ b/package/libnids/libnids.hash @@ -0,0 +1,3 @@ +# Locally calculated +sha256 314b4793e0902fbf1fdb7fb659af37a3c1306ed1aad5d1c84de6c931b351d359 libnids-1.24.tar.gz +sha256 91df39d1816bfb17a4dda2d3d2c83b1f6f2d38d53e53e41e8f97ad5ac46a0cad COPYING diff --git a/package/libnids/libnids.mk b/package/libnids/libnids.mk new file mode 100644 index 0000000000..5e83aade33 --- /dev/null +++ b/package/libnids/libnids.mk @@ -0,0 +1,17 @@ +################################################################################ +# +# libnids +# +################################################################################ + +LIBNIDS_VERSION = 1.24 +LIBNIDS_SITE = https://sourceforge.net/projects/libnids/files/libnids/$(LIBNIDS_VERSION) +LIBNIDS_LICENSE = GPL-2.0 +LIBNIDS_LICENSE_FILES = COPYING +LIBNIDS_INSTALL_STAGING = YES + +LIBNIDS_CONF_OPTS += \ + prefix="$(STAGING_DIR)/usr" \ + exec_prefix="$(STAGING_DIR)/usr" + +$(eval $(autotools-package))