From 93823571609177fe6a7208f6bd3af32cc98b40c2 Mon Sep 17 00:00:00 2001 From: GTrunsec Date: Sun, 1 Mar 2020 16:48:23 -0800 Subject: [PATCH 1/3] zeek: fix hardlinking duplicate files --- .../networking/ids/zeek/default.nix | 7 ++- .../networking/ids/zeek/script.nix | 62 +++++++++++++++++++ 2 files changed, 68 insertions(+), 1 deletion(-) create mode 100644 pkgs/applications/networking/ids/zeek/script.nix diff --git a/pkgs/applications/networking/ids/zeek/default.nix b/pkgs/applications/networking/ids/zeek/default.nix index 947abc39c21a..302a5c913f4f 100644 --- a/pkgs/applications/networking/ids/zeek/default.nix +++ b/pkgs/applications/networking/ids/zeek/default.nix @@ -1,6 +1,8 @@ {stdenv, fetchurl, cmake, flex, bison, openssl, libpcap, zlib, file, curl , libmaxminddb, gperftools, python, swig, rocksdb }: - +let + preConfigure = (import ./script.nix); +in stdenv.mkDerivation rec { pname = "zeek"; version = "3.0.1"; @@ -13,6 +15,9 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ cmake flex bison file ]; buildInputs = [ openssl libpcap zlib curl libmaxminddb gperftools python swig rocksdb ]; + #see issue https://github.com/zeek/zeek/issues/804 to modify hardlinking duplicate files. + inherit preConfigure; + enableParallelBuilding = true; cmakeFlags = [ diff --git a/pkgs/applications/networking/ids/zeek/script.nix b/pkgs/applications/networking/ids/zeek/script.nix new file mode 100644 index 000000000000..10a2d11a1489 --- /dev/null +++ b/pkgs/applications/networking/ids/zeek/script.nix @@ -0,0 +1,62 @@ +'' + sed -i "1i##! test dpd" $PWD/scripts/base/frameworks/dpd/__load__.zeek + sed -i "1i##! test x509" $PWD/scripts/base/files/x509/__load__.zeek + sed -i "1i##! test files-extract" $PWD/scripts/base/files/extract/__load__.zeek + sed -i "1i##! test files-hash" $PWD/scripts/base/files/hash/__load__.zeek + sed -i "1i##! test files-pe" $PWD/scripts/base/files/pe/__load__.zeek + sed -i "1i##! test analyzer" $PWD/scripts/base/frameworks/analyzer/__load__.zeek + sed -i "1i##! test cluster" $PWD/scripts/base/frameworks/cluster/__load__.zeek + sed -i "1i##! test config" $PWD/scripts/base/frameworks/config/__load__.zeek + sed -i "1i##! test contro" $PWD/scripts/base/frameworks/control/__load__.zeek + sed -i "1i##! test files" $PWD/scripts/base/frameworks/files/__load__.zeek + sed -i "1i##! test files-magic" $PWD/scripts/base/frameworks/files/magic/__load__.zeek + sed -i "1i##! test input" $PWD/scripts/base/frameworks/input/__load__.zeek + sed -i "1i##! test intel" $PWD/scripts/base/frameworks/intel/__load__.zeek + sed -i "1i##! test logging" $PWD/scripts/base/frameworks/logging/__load__.zeek + sed -i "1i##! test logging-postprocessors" $PWD/scripts/base/frameworks/logging/postprocessors/__load__.zeek + sed -i "1i##! test netcontrol" $PWD/scripts/base/frameworks/netcontrol/__load__.zeek + sed -i "1i##! test netcontrol-plugins" $PWD/scripts/base/frameworks/netcontrol/plugins/__load__.zeek + sed -i "1i##! test notice" $PWD/scripts/base/frameworks/notice/__load__.zeek + sed -i "1i##! test openflow" $PWD/scripts/base/frameworks/openflow/__load__.zeek + sed -i "1i##! test openflow-plugins" $PWD/scripts/base/frameworks/openflow/plugins/__load__.zeek + sed -i "1i##! test packet-filter" $PWD/scripts/base/frameworks/packet-filter/__load__.zeek + sed -i "1i##! test reporter" $PWD/scripts/base/frameworks/reporter/__load__.zeek + sed -i "1i##! test signatures" $PWD/scripts/base/frameworks/signatures/__load__.zeek + sed -i "1i##! test software" $PWD/scripts/base/frameworks/software/__load__.zeek + sed -i "1i##! test sumstats" $PWD/scripts/base/frameworks/sumstats/__load__.zeek + sed -i "1i##! test sumstats-plugins" $PWD/scripts/base/frameworks/sumstats/plugins/__load__.zeek + sed -i "1i##! test conn" $PWD/scripts/base/protocols/conn/__load__.zeek + sed -i "1i##! test dce-rpc" $PWD/scripts/base/protocols/dce-rpc/__load__.zeek + sed -i "1i##! test dhcp" $PWD/scripts/base/protocols/dhcp/__load__.zeek + sed -i "1i##! test dnp3" $PWD/scripts/base/protocols/dnp3/__load__.zeek + sed -i "1i##! test dns" $PWD/scripts/base/protocols/dns/__load__.zeek + sed -i "1i##! test ftp" $PWD/scripts/base/protocols/ftp/__load__.zeek + sed -i "1i##! test http" $PWD/scripts/base/protocols/http/__load__.zeek + sed -i "1i##! test imap" $PWD/scripts/base/protocols/imap/__load__.zeek + sed -i "1i##! test irc" $PWD/scripts/base/protocols/irc/__load__.zeek + sed -i "1i##! test krb" $PWD/scripts/base/protocols/krb/__load__.zeek + sed -i "1i##! test modbus" $PWD/scripts/base/protocols/modbus/__load__.zeek + sed -i "1i##! test mqtt" $PWD/scripts/base/protocols/mqtt/__load__.zeek + sed -i "1i##! test mysql" $PWD/scripts/base/protocols/mysql/__load__.zeek + sed -i "1i##! test ntlm" $PWD/scripts/base/protocols/ntlm/__load__.zeek + sed -i "1i##! test ntp" $PWD/scripts/base/protocols/ntp/__load__.zeek + sed -i "1i##! test pop3" $PWD/scripts/base/protocols/pop3/__load__.zeek + sed -i "1i##! test radius" $PWD/scripts/base/protocols/radius/__load__.zeek + sed -i "1i##! test rdp" $PWD/scripts/base/protocols/rdp/__load__.zeek + sed -i "1i##! test rfb" $PWD/scripts/base/protocols/rfb/__load__.zeek + sed -i "1i##! test sip" $PWD/scripts/base/protocols/sip/__load__.zeek + sed -i "1i##! test smb" $PWD/scripts/base/protocols/smb/__load__.zeek + sed -i "1i##! test smtp" $PWD/scripts/base/protocols/smtp/__load__.zeek + sed -i "1i##! test snmp" $PWD/scripts/base/protocols/snmp/__load__.zeek + sed -i "1i##! test socks" $PWD/scripts/base/protocols/socks/__load__.zeek + sed -i "1i##! test ssh" $PWD/scripts/base/protocols/ssh/__load__.zeek + sed -i "1i##! test ssl" $PWD/scripts/base/protocols/ssl/__load__.zeek + sed -i "1i##! test syslog" $PWD/scripts/base/protocols/syslog/__load__.zeek + sed -i "1i##! test xmpp" $PWD/scripts/base/protocols/xmpp/__load__.zeek + sed -i "1i##! test unified2" $PWD/scripts/policy/files/unified2/__load__.zeek + sed -i "1i##! test intel-seen" $PWD/scripts/policy/frameworks/intel/seen/__load__.zeek + sed -i "1i##! test notice" $PWD/scripts/policy/frameworks/notice/__load__.zeek + sed -i "1i##! test barnyard2" $PWD/scripts/policy/integration/barnyard2/__load__.zeek + sed -i "1i##! test collective-intel" $PWD/scripts/policy/integration/collective-intel/__load__.zeek + sed -i "1i##! test detect-traceroute" $PWD/scripts/policy/misc/detect-traceroute/__load__.zeek +'' From 43f394ac951afacb38f17360d79b399b466cd054 Mon Sep 17 00:00:00 2001 From: GTrunsec Date: Sun, 1 Mar 2020 16:50:43 -0800 Subject: [PATCH 2/3] zeek: 3.0.1 -> 3.0.2 --- pkgs/applications/networking/ids/zeek/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/ids/zeek/default.nix b/pkgs/applications/networking/ids/zeek/default.nix index 302a5c913f4f..79cc390ec275 100644 --- a/pkgs/applications/networking/ids/zeek/default.nix +++ b/pkgs/applications/networking/ids/zeek/default.nix @@ -5,11 +5,11 @@ let in stdenv.mkDerivation rec { pname = "zeek"; - version = "3.0.1"; + version = "3.0.2"; src = fetchurl { url = "https://www.zeek.org/downloads/zeek-${version}.tar.gz"; - sha256 = "1lhik212wrbi092qizc08f3i0b9pj318sxwm0abc5jc3v3pz7x3r"; + sha256 = "0d5agk6yc4xyx2lwfx6r1psks1373h53m0icyka1jf15b4zjg3m7"; }; nativeBuildInputs = [ cmake flex bison file ]; From baa9bc9c0963b6fcc39a5f138fe36f537133aa8f Mon Sep 17 00:00:00 2001 From: GTrunsec Date: Thu, 12 Mar 2020 15:48:13 -0700 Subject: [PATCH 3/3] fix zeek mirror address and update to 3.0.3 --- pkgs/applications/networking/ids/zeek/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/networking/ids/zeek/default.nix b/pkgs/applications/networking/ids/zeek/default.nix index 79cc390ec275..9d1df501369f 100644 --- a/pkgs/applications/networking/ids/zeek/default.nix +++ b/pkgs/applications/networking/ids/zeek/default.nix @@ -5,11 +5,11 @@ let in stdenv.mkDerivation rec { pname = "zeek"; - version = "3.0.2"; + version = "3.0.3"; src = fetchurl { - url = "https://www.zeek.org/downloads/zeek-${version}.tar.gz"; - sha256 = "0d5agk6yc4xyx2lwfx6r1psks1373h53m0icyka1jf15b4zjg3m7"; + url = "https://old.zeek.org/downloads/zeek-${version}.tar.gz"; + sha256 = "0xlw5v83qbgy23wdcddmvan2pid28mw745g4fc1z5r18kp67i8a2"; }; nativeBuildInputs = [ cmake flex bison file ];