From patchwork Wed Jan 10 09:18:10 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Sergio Prado <sergio.prado@e-labworks.com>
X-Patchwork-Id: 858113
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=pass (mailfrom) smtp.mailfrom=busybox.net
	(client-ip=140.211.166.138; helo=whitealder.osuosl.org;
	envelope-from=buildroot-bounces@busybox.net;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=e-labworks-com.20150623.gappssmtp.com
	header.i=@e-labworks-com.20150623.gappssmtp.com
	header.b="KrJi6EBF"; dkim-atps=neutral
Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 3zGk356DByz9ryQ
	for <incoming@patchwork.ozlabs.org>;
	Wed, 10 Jan 2018 20:18:57 +1100 (AEDT)
Received: from localhost (localhost [127.0.0.1])
	by whitealder.osuosl.org (Postfix) with ESMTP id 5708389719;
	Wed, 10 Jan 2018 09:18:54 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from whitealder.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id jUuf0hVuYagI; Wed, 10 Jan 2018 09:18:50 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by whitealder.osuosl.org (Postfix) with ESMTP id A00CE89726;
	Wed, 10 Jan 2018 09:18:50 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136])
	by ash.osuosl.org (Postfix) with ESMTP id 866BA1C0D4C
	for <buildroot@lists.busybox.net>;
	Wed, 10 Jan 2018 09:18:49 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by silver.osuosl.org (Postfix) with ESMTP id 82B8330475
	for <buildroot@lists.busybox.net>;
	Wed, 10 Jan 2018 09:18:49 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from silver.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id FaMCmiWcF9mE for <buildroot@lists.busybox.net>;
	Wed, 10 Jan 2018 09:18:45 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from mail-qk0-f174.google.com (mail-qk0-f174.google.com
	[209.85.220.174])
	by silver.osuosl.org (Postfix) with ESMTPS id 7048A2FA52
	for <buildroot@buildroot.org>; Wed, 10 Jan 2018 09:18:45 +0000 (UTC)
Received: by mail-qk0-f174.google.com with SMTP id u76so3221568qku.11
	for <buildroot@buildroot.org>; Wed, 10 Jan 2018 01:18:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=e-labworks-com.20150623.gappssmtp.com; s=20150623;
	h=from:to:cc:subject:date:message-id;
	bh=khXP+dptsQdXOQFoXGnFeIXSehsb4HJxq/fbIB8YYKU=;
	b=KrJi6EBFRiunD4Num5dIBJEP1yeLUJ88GIafUW7m0Mdr+3X6w1+wfdNMbOyvlukdfG
	qT52HjpOCqQIfmsh74wFVcFDyBfRnajq3QTs2R1Qzle/fbYZx6gNOUglpzStOgXJpBSc
	oXfJCbGxgKwP7nyGtjYRLT6VDsjX/3HJpPbeo+PJcyCC9x4V2BWNuNQVJk99AxdvklI5
	4/fynX7LENZNnWBzd8KwFEzfeW034hZNrxNMCgD2lpZ11bYC9aLNmcCzd98KPLVI3kJB
	wnQWRdSrqFx7eqRdEljOjD5XUoIOkEg9205S83eDmzXJSRtDL0s8SPIveHOdAKvkcMYm
	w/nw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id;
	bh=khXP+dptsQdXOQFoXGnFeIXSehsb4HJxq/fbIB8YYKU=;
	b=mxgCkXESAtfm5otik+vmhjYnV1P7046YS2qkueleOWA4o1Ttu6q3y+LcOiWB8/MwRz
	QwPCIKE73jKL3lgwHzEUJuwCFnVllQob3eOiXVe1/+EduT88l4/EDxJB52iHLp6W3Hg4
	J4O5PIkkwPffOqKS6VqU4u3myX08QVRl3xwrpGl62ef/IJvoupjwUmpfZXAeg6XW2pTm
	jJiiSbDEuh/biLcDY0k7ovNFHhvGosHUXjgiNakORRAwydu4CalSqGuz2DWfLl5wnoeb
	IrisX/x49zWY0HNsJ9diT5/7j7PR0SKY4o1QIbBlZUDJ8bIqO1A6BHX+AWO+rfVA1r0e
	seXQ==
X-Gm-Message-State: AKwxytcerM4J8dUZ51sfxdNGZHlUQW74LV8A3vUg7cSjSrk7j4FAn4y9
	Mxk3D38c6j3vSLZtLVQ8N3gUiv9i
X-Google-Smtp-Source: 
 ACJfBothPXtyyJFLAB7UyLXBuBuYhoSlWuhMfqIW27r2abfE8YmNbySwGBaDAII3HjUPFP7WCbMMcw==
X-Received: by 10.55.147.133 with SMTP id v127mr25753461qkd.81.1515575923984;
	Wed, 10 Jan 2018 01:18:43 -0800 (PST)
Received: from localhost.localdomain ([189.100.34.201])
	by smtp.gmail.com with ESMTPSA id
	y65sm10439757qke.24.2018.01.10.01.18.42
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Wed, 10 Jan 2018 01:18:43 -0800 (PST)
From: Sergio Prado <sergio.prado@e-labworks.com>
To: buildroot@buildroot.org
Date: Wed, 10 Jan 2018 07:18:10 -0200
Message-Id: <1515575890-29518-1-git-send-email-sergio.prado@e-labworks.com>
X-Mailer: git-send-email 1.9.1
Subject: [Buildroot] [PATCH v2] snort: new package
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.24
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=subscribe>
Cc: Sergio Prado <sergio.prado@e-labworks.com>
MIME-Version: 1.0
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

Tested on Beaglebone Black.

Build-tested with test-pkg.

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
---
Changes v1 -> v2 (as reviewed by Thomas Petazzoni):
  - patching configure.in instead of configure
  - using STAGING_DIR to pass libpcap headers location to configure
---
 DEVELOPERS                                         |   1 +
 package/Config.in                                  |   1 +
 .../snort/0001-Fix-cross-compilation-errors.patch  | 290 +++++++++++++++++++++
 package/snort/Config.in                            |  25 ++
 package/snort/snort.hash                           |   6 +
 package/snort/snort.mk                             |  31 +++
 6 files changed, 354 insertions(+)
 create mode 100644 package/snort/0001-Fix-cross-compilation-errors.patch
 create mode 100644 package/snort/Config.in
 create mode 100644 package/snort/snort.hash
 create mode 100644 package/snort/snort.mk

diff --git a/DEVELOPERS b/DEVELOPERS
index 999e7d3300b6..4a8be05f8825 100644
--- a/DEVELOPERS
+++ b/DEVELOPERS
@@ -1584,6 +1584,7 @@ F:	package/daq/
 F:	package/libgdiplus/
 F:	package/mongodb/
 F:	package/pimd/
+F:	package/snort/
 F:	package/stella/
 F:	package/traceroute/
 F:	package/tunctl/
diff --git a/package/Config.in b/package/Config.in
index 729d660d525b..26e5fc8786a6 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -1798,6 +1798,7 @@ endif
 	source "package/shellinabox/Config.in"
 	source "package/smcroute/Config.in"
 	source "package/sngrep/Config.in"
+	source "package/snort/Config.in"
 	source "package/socat/Config.in"
 	source "package/socketcand/Config.in"
 	source "package/softether/Config.in"
diff --git a/package/snort/0001-Fix-cross-compilation-errors.patch b/package/snort/0001-Fix-cross-compilation-errors.patch
new file mode 100644
index 000000000000..b3cad44229c3
--- /dev/null
+++ b/package/snort/0001-Fix-cross-compilation-errors.patch
@@ -0,0 +1,290 @@
+From 0c3d43c5f189b24504a809af9eaa1d2741a18bea Mon Sep 17 00:00:00 2001
+From: Sergio Prado <sergio.prado@e-labworks.com>
+Date: Tue, 9 Jan 2018 22:24:40 -0200
+Subject: [PATCH] Fix cross compilation errors
+
+Prevent configure script from trying to run programs in a cross
+compilation environment.
+
+Also remove unsafe header/library path used in cross-compilation.
+
+Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
+---
+ configure.in | 160 +++++------------------------------------------------------
+ 1 file changed, 13 insertions(+), 147 deletions(-)
+
+diff --git a/configure.in b/configure.in
+index 4b3a5dbbf450..13798ce80ae7 100644
+--- a/configure.in
++++ b/configure.in
+@@ -71,7 +71,6 @@ case "$host" in
+     linux="yes"
+     AC_DEFINE([LINUX],[1],[Define if Linux])
+     AC_SUBST(extra_incl)
+-    extra_incl="-I/usr/include/pcap"
+     ;;
+   *-hpux10*|*-hpux11*)
+     AC_DEFINE([HPUX],[1],[Define if HP-UX 10 or 11])
+@@ -282,21 +281,8 @@ AC_CHECK_TYPES([int8_t,int16_t,int32_t,int64_t])
+ AC_CHECK_TYPES([boolean])
+ 
+ # In case INADDR_NONE is not defined (like on Solaris)
+-have_inaddr_none="no"
++have_inaddr_none="yes"
+ AC_MSG_CHECKING([for INADDR_NONE])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <sys/types.h>
+-#include <netinet/in.h>
+-#include <arpa/inet.h>
+-]],
+-[[
+-	if (inet_addr("10,5,2") == INADDR_NONE);
+-    return 0;
+-]])],
+-[have_inaddr_none="yes"],
+-[have_inaddr_none="no"])
+ AC_MSG_RESULT($have_inaddr_none)
+ if test "x$have_inaddr_none" = "xno"; then
+ 	AC_DEFINE([INADDR_NONE],[-1],[For INADDR_NONE definition])
+@@ -428,17 +414,8 @@ if test "x$LPCAP" = "xno"; then
+   fi
+ fi
+ 
++have_pcap_lex_destroy="yes"
+ AC_MSG_CHECKING([for pcap_lex_destroy])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <pcap.h>
+-]],
+-[[
+-   pcap_lex_destroy();
+-]])],
+-[have_pcap_lex_destroy="yes"],
+-[have_pcap_lex_destroy="no"])
+ AC_MSG_RESULT($have_pcap_lex_destroy)
+ if test "x$have_pcap_lex_destroy" = "xyes"; then
+     AC_DEFINE([HAVE_PCAP_LEX_DESTROY],[1],[Can cleanup lex buffer stack created by pcap bpf filter])
+@@ -715,18 +692,8 @@ fi
+ 
+ AC_CHECK_FUNCS([daq_hup_apply] [daq_acquire_with_meta] [daq_dp_add_dc])
+ 
++have_daq_real_addresses="no"
+ AC_MSG_CHECKING([for daq real addresses])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+-   DAQ_PktHdr_t hdr;
+-   hdr.n_real_dPort = 0;
+-]])],
+-[have_daq_real_addresses="yes"],
+-[have_daq_real_addresses="no"])
+ AC_MSG_RESULT($have_daq_real_addresses)
+ if test "x$have_daq_real_addresses" = "xyes"; then
+     AC_DEFINE([HAVE_DAQ_REAL_ADDRESSES],[1],
+@@ -753,56 +720,24 @@ if test "x$ac_cv_func_daq_dp_add_dc" = "xyes"; then
+ 
+ fi
+ 
++have_daq_address_space_id="yes"
+ AC_MSG_CHECKING([for daq address space ID])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+-   DAQ_PktHdr_t hdr;
+-   hdr.address_space_id = 0;
+-]])],
+-[have_daq_address_space_id="yes"],
+-[have_daq_address_space_id="no"])
+ AC_MSG_RESULT($have_daq_address_space_id)
+ if test "x$have_daq_address_space_id" = "xyes"; then
+     AC_DEFINE([HAVE_DAQ_ADDRESS_SPACE_ID],[1],
+         [DAQ version supports address space ID in header.])
+ fi
+ 
++have_daq_flow_id="yes"
+ AC_MSG_CHECKING([for daq flow ID])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+-   DAQ_PktHdr_t hdr;
+-   hdr.flow_id = 0;
+-]])],
+-[have_daq_flow_id="yes"],
+-[have_daq_flow_id="no"])
+ AC_MSG_RESULT($have_daq_flow_id)
+ if test "x$have_daq_flow_id" = "xyes"; then
+     AC_DEFINE([HAVE_DAQ_FLOW_ID],[1],
+         [DAQ version supports flow ID in header.])
+ fi
+ 
++have_daq_ext_modflow="no"
+ AC_MSG_CHECKING([for daq extended flow modifiers])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+-   DAQ_ModFlow_t mod;
+-   mod.type = 0;
+-   mod.length = 0;
+-   mod.value = NULL;
+-]])],
+-[have_daq_ext_modflow="yes"],
+-[have_daq_ext_modflow="no"])
+ AC_MSG_RESULT($have_daq_ext_modflow)
+ if test "x$have_daq_ext_modflow" = "xyes"; then
+     CCONFIGFLAGS="${CCONFIGFLAGS} -DHAVE_DAQ_EXT_MODFLOW"
+@@ -810,20 +745,8 @@ if test "x$have_daq_ext_modflow" = "xyes"; then
+         [DAQ version supports extended flow modifiers.])
+ fi
+ 
++have_daq_queryflow="no"
+ AC_MSG_CHECKING([for daq query flow])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+-   DAQ_QueryFlow_t mod;
+-   mod.type = 0;
+-   mod.length = 0;
+-   mod.value = NULL;
+-]])],
+-[have_daq_queryflow="yes"],
+-[have_daq_queryflow="no"])
+ AC_MSG_RESULT($have_daq_queryflow)
+ if test "x$have_daq_queryflow" = "xyes"; then
+     CCONFIGFLAGS="${CCONFIGFLAGS} -DHAVE_DAQ_QUERYFLOW"
+@@ -831,17 +754,8 @@ if test "x$have_daq_queryflow" = "xyes"; then
+         [DAQ version supports query flow.])
+ fi
+ 
++have_daq_data_channel_flags="no"
+ AC_MSG_CHECKING([for daq data channel flags])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+-   DAQ_Data_Channel_Params_t params;
+-]])],
+-[have_daq_data_channel_flags="yes"],
+-[have_daq_data_channel_flags="no"])
+ AC_MSG_RESULT($have_daq_data_channel_flags)
+ if test "x$have_daq_data_channel_flags" = "xyes"; then
+     CCONFIGFLAGS="${CCONFIGFLAGS} -DHAVE_DAQ_DATA_CHANNEL_PARAMS"
+@@ -849,18 +763,8 @@ if test "x$have_daq_data_channel_flags" = "xyes"; then
+         [DAQ version supports data channel.])
+ fi
+ 
++have_daq_data_channel_separate_ip_versions="no"
+ AC_MSG_CHECKING([for separate IP versions on pinhole endpoints])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+-   DAQ_DP_key_t dpKey;
+-   dpKey.src_af = 0;
+-]])],
+-[have_daq_data_channel_separate_ip_versions="yes"],
+-[have_daq_data_channel_separate_ip_versions="no"])
+ AC_MSG_RESULT($have_daq_data_channel_separate_ip_versions)
+ if test "x$have_daq_data_channel_separate_ip_versions" = "xyes"; then
+     CCONFIGFLAGS="${CCONFIGFLAGS} -DHAVE_DAQ_DATA_CHANNEL_SEPARATE_IP_VERSIONS"
+@@ -868,36 +772,16 @@ if test "x$have_daq_data_channel_separate_ip_versions" = "xyes"; then
+         [DAQ version supports separate IP versions on pinhole endpoints.])
+ fi
+ 
++have_daq_verdict_retry="yes"
+ AC_MSG_CHECKING([for DAQ_VERDICT_RETRY])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+-   DAQ_Verdict verdict;
+-   verdict = DAQ_VERDICT_RETRY;
+-]])],
+-[have_daq_verdict_retry="yes"],
+-[have_daq_verdict_retry="no"])
+ AC_MSG_RESULT($have_daq_verdict_retry)
+ if test "x$have_daq_verdict_retry" = "xyes"; then
+     AC_DEFINE([HAVE_DAQ_VERDICT_RETRY],[1],
+         [DAQ version supports DAQ_VERDICT_RETRY in DAQ_Verdict.])
+ fi
+ 
++have_daq_packet_trace="no"
+ AC_MSG_CHECKING([for daq packet trace])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+-   DAQ_PktHdr_t hdr;
+-   hdr.flags = DAQ_PKT_FLAG_TRACE_ENABLED;
+-]])],
+-[have_daq_packet_trace="yes"],
+-[have_daq_packet_trace="no"])
+ AC_MSG_RESULT($have_daq_packet_trace)
+ if test "x$have_daq_packet_trace" = "xyes"; then
+     AC_DEFINE([HAVE_DAQ_PKT_TRACE],[1],
+@@ -906,18 +790,8 @@ else
+     echo "DAQ version doesn't support packet trace."
+ fi
+ 
++have_daq_verdict_reason="no"
+ AC_MSG_CHECKING([for daq verdict reason])
+-AC_RUN_IFELSE(
+-[AC_LANG_PROGRAM(
+-[[
+-#include <daq.h>
+-]],
+-[[
+-   DAQ_ModFlow_t fl;
+-   fl.type = DAQ_MODFLOW_TYPE_VER_REASON;
+-]])],
+-[have_daq_verdict_reason="yes"],
+-[have_daq_verdict_reason="no"])
+ AC_MSG_RESULT($have_daq_verdict_reason)
+ if test "x$have_daq_verdict_reason" = "xyes"; then
+     AC_DEFINE([HAVE_DAQ_VERDICT_REASON],[1],
+@@ -944,16 +818,8 @@ fi
+ if eval "echo $host_cpu|grep -i sparc >/dev/null"; then
+     OLD_CFLAGS="$CFLAGS"
+     CFLAGS="$CFLAGS -mcpu=v9 "
++    sparcv9="no"
+     AC_MSG_CHECKING([for sparc %time register])
+-    AC_RUN_IFELSE(
+-    [AC_LANG_PROGRAM(
+-    [[]],
+-    [[
+-        int val;
+-        __asm__ __volatile__("rd %%tick, %0" : "=r"(val));
+-    ]])],
+-    [sparcv9="yes"],
+-    [sparcv9="no"])
+     AC_MSG_RESULT($sparcv9)
+     if test "x$sparcv9" = "xyes"; then
+         AC_DEFINE([SPARCV9],[1],[For sparc v9 with %time register])
+-- 
+1.9.1
+
diff --git a/package/snort/Config.in b/package/snort/Config.in
new file mode 100644
index 000000000000..d1a59d505004
--- /dev/null
+++ b/package/snort/Config.in
@@ -0,0 +1,25 @@
+config BR2_PACKAGE_SNORT
+	bool "snort"
+	depends on BR2_USE_WCHAR
+	depends on BR2_USE_MMU # fork()
+	depends on !BR2_STATIC_LIBS # daq
+	depends on BR2_TOOLCHAIN_HAS_NATIVE_RPC || BR2_TOOLCHAIN_HAS_THREADS # libtirpc
+	select BR2_PACKAGE_LIBPCAP
+	select BR2_PACKAGE_DAQ
+	select BR2_PACKAGE_PCRE
+	select BR2_PACKAGE_LIBTIRPC if !BR2_TOOLCHAIN_HAS_NATIVE_RPC
+	help
+	  Snort is a free and open source network intrusion
+	  prevention system (IPS) and network intrusion detection
+	  system (IDS). It can perform protocol analysis, content
+	  searching/matching, and can be used to detect a variety
+	  of attacks and probes, such as buffer overflows, stealth
+	  port scans, CGI attacks, SMB probes, OS fingerprinting
+	  attempts, and much more.
+
+	  https://www.snort.org
+
+comment "snort needs a toolchain w/ wchar, threads, dynamic library"
+	depends on BR2_USE_MMU
+	depends on !BR2_USE_WCHAR || BR2_STATIC_LIBS || \
+		!(BR2_TOOLCHAIN_HAS_THREADS || BR2_TOOLCHAIN_HAS_NATIVE_RPC)
diff --git a/package/snort/snort.hash b/package/snort/snort.hash
new file mode 100644
index 000000000000..211e862b7fc0
--- /dev/null
+++ b/package/snort/snort.hash
@@ -0,0 +1,6 @@
+# Locally computed:
+sha256 9f6b3aeac5a109f55504bd370564ac431cb1773507929dc461626898f33f46cd  snort-2.9.11.1.tar.gz
+
+# Hash for license files:
+sha256 f98260a6d3e5ef4ede8a2a6b698e5ac91d64c09243f7171e1c5b17b920a835c7  LICENSE
+sha256 3f1cbfb20bb2c608e1a474421880d08b8cba6abb00ab7736d22c481d71656a6d  COPYING
diff --git a/package/snort/snort.mk b/package/snort/snort.mk
new file mode 100644
index 000000000000..e43bced21b89
--- /dev/null
+++ b/package/snort/snort.mk
@@ -0,0 +1,31 @@
+################################################################################
+#
+# snort
+#
+################################################################################
+
+SNORT_VERSION = 2.9.11.1
+SNORT_SOURCE = snort-$(SNORT_VERSION).tar.gz
+SNORT_SITE = https://www.snort.org/downloads/snort
+SNORT_LICENSE = GPL-2.0
+SNORT_LICENSE_FILES = LICENSE COPYING
+
+SNORT_DEPENDENCIES = libpcap daq pcre
+
+# patching configure.in
+SNORT_AUTORECONF = YES
+
+SNORT_CONF_OPTS = \
+	--with-libpcap-includes=$(STAGING_DIR)/usr/include/pcap \
+	--disable-static-daq
+
+ifeq ($(BR2_PACKAGE_LIBTIRPC),y)
+SNORT_DEPENDENCIES += libtirpc host-pkgconf
+SNORT_CFLAGS += `$(PKG_CONFIG_HOST_BINARY) --cflags libtirpc`
+SNORT_LIBS += `$(PKG_CONFIG_HOST_BINARY) --libs libtirpc`
+endif
+
+SNORT_CONF_ENV = \
+	CFLAGS="$(TARGET_CFLAGS) $(SNORT_CFLAGS)" LIBS="$(SNORT_LIBS)"
+
+$(eval $(autotools-package))