--- /dev/null
+#!/bin/bash
+
+# this script prints 'true' if any ancestor process name is any of $REGEXPS
+
+REGEXPS="debci autopkgtest adt"
+
+set -e
+
+walk()
+{
+ pid=$1
+
+ [ ! -r /proc/$pid/cmdline ] && exit 1
+
+ name=$(ps -p $pid -o cmd | tail -1)
+ for exp in $REGEXPS
+ do
+ if grep -e $exp <<< $name >/dev/null ; then
+ echo true
+ exit
+ fi
+ done
+
+ ppid=$(ps -o ppid= $pid | tr -d ' ')
+ walk $ppid
+}
+
+walk $$
--- /dev/null
+suricata (1:6.0.5-3) unstable; urgency=medium
+
+ * Add patch to handle undefined LEVEL1_DCACHE_LINESIZE.
+
+ -- Sascha Steinbiss <satta@debian.org> Wed, 01 Jun 2022 11:33:06 +0200
+
+suricata (1:6.0.5-2) unstable; urgency=medium
+
+ * Introduce patch to fix segfaulting autopkgtests on s390x.
+
+ -- Sascha Steinbiss <satta@debian.org> Thu, 28 Apr 2022 08:51:06 +0200
+
+suricata (1:6.0.5-1) unstable; urgency=medium
+
+ * New upstream release.
+ * Raise libhtp minimum dependency version to 0.5.40.
+
+ -- Sascha Steinbiss <satta@debian.org> Thu, 21 Apr 2022 19:53:32 +0200
+
+suricata (1:6.0.4-3) unstable; urgency=medium
+
+ * Remove suricata-oinkmaster binary package.
+
+ -- Sascha Steinbiss <satta@debian.org> Tue, 14 Dec 2021 15:24:47 +0100
+
+suricata (1:6.0.4-2) unstable; urgency=medium
+
+ * Raise libhtp minimum dependency version to 0.5.39.
+
+ -- Sascha Steinbiss <satta@debian.org> Thu, 18 Nov 2021 22:57:47 +0100
+
+suricata (1:6.0.4-1) unstable; urgency=medium
+
+ * New upstream release.
+
+ -- Sascha Steinbiss <satta@debian.org> Thu, 18 Nov 2021 22:00:08 +0100
+
+suricata (1:6.0.3-2) unstable; urgency=medium
+
+ * Use 'command -v' instead of 'which' in suricata-oinkmaster cron file.
+ This avoids a runtime deprecation warning on recent versions, and fixes
+ piuparts cron job tests.
+
+ -- Sascha Steinbiss <satta@debian.org> Mon, 30 Aug 2021 20:56:18 +0200
+
+suricata (1:6.0.3-1) unstable; urgency=medium
+
+ * Upload to unstable post-release.
+ * Remove patch applied upstream.
+
+ -- Sascha Steinbiss <satta@debian.org> Wed, 18 Aug 2021 16:33:31 +0200
+
+suricata (1:6.0.3-1~exp2) experimental; urgency=medium
+
+ * Also use libatomic workaround on powerpc.
+
+ -- Sascha Steinbiss <satta@debian.org> Thu, 01 Jul 2021 19:44:53 +0200
+
+suricata (1:6.0.3-1~exp1) experimental; urgency=medium
+
+ * New upstream release.
+ * Bump Standards-Version.
+ * Add Rules-Requires-Root: no.
+ * Raise libhtp minimum version B-D to 0.5.38.
+
+ -- Sascha Steinbiss <satta@debian.org> Wed, 30 Jun 2021 23:51:24 +0200
+
+suricata (1:6.0.2-1~exp1) experimental; urgency=medium
+
+ * Fix conditional variable use in d/rules.
+ * New upstream release.
+ * Use libhtp 0.5.37.
+
+ -- Sascha Steinbiss <satta@debian.org> Fri, 11 Dec 2020 09:45:02 +0100
+
+suricata (1:6.0.1-3) unstable; urgency=medium
+
+ * Address CVE-2021-35063 by backporting upstream fix.
+ Closes: #990835
+
+ -- Sascha Steinbiss <satta@debian.org> Mon, 19 Jul 2021 13:26:22 +0200
+
+suricata (1:6.0.1-2) unstable; urgency=medium
+
+ * Also specify explicit separate '-latomic' reference on mipsel.
+ This addresses a remaining FTBFS there.
+
+ -- Sascha Steinbiss <satta@debian.org> Fri, 11 Dec 2020 09:35:57 +0100
+
+suricata (1:6.0.1-1) unstable; urgency=medium
+
+ * New upstream release.
+ * Disable Prelude support.
+ This is broken upstream, see https://redmine.openinfosecfoundation.org/issues/4065
+ * Bump libhtp dependency to 0.5.36.
+ * Disable suricata-update, as it is a separate package in Debian.
+ * Add patches to fix builds with new Autoconf scripts.
+ * Use debhelper 13.
+ * Include upstream's man pages.
+ * Add workaround for missing '-latomic' symbols on armel.
+
+ -- Sascha Steinbiss <satta@debian.org> Thu, 08 Oct 2020 22:23:17 +0200
+
+suricata (1:5.0.3-1) unstable; urgency=medium
+
+ * New upstream release.
+ * Use /run instead of /var/run for pidfiles. Thanks to Michael Berg for the
+ patch.
+ Closes: #954435
+ * Bump libhtp dependency to 0.5.33.
+ * Remove nonexistent Files entries in d/copyright.
+ * Use correct DEB_LDFLAGS_MAINT_APPEND in d/rules..
+
+ -- Sascha Steinbiss <satta@debian.org> Wed, 29 Apr 2020 09:34:49 +0200
+
+suricata (1:5.0.2-3) unstable; urgency=medium
+
+ * Source upload to enable testing migration.
+ * Bump Standards-Version.
+
+ -- Sascha Steinbiss <satta@debian.org> Sat, 22 Feb 2020 12:47:50 +0100
+
+suricata (1:5.0.2-2) unstable; urgency=medium
+
+ * Add --allow-multiple-definition linker flag to work around FTBFS on armel.
+ Closes: #951765
+
+ -- Sascha Steinbiss <satta@debian.org> Sat, 22 Feb 2020 12:23:52 +0100
+
+suricata (1:5.0.2-1) unstable; urgency=medium
+
+ * New upstream release.
+ Closes: #951654
+ * Add patch from upstream to build without needing if_tunnel.h.
+ This avoids a potentially foreign arch build-dep for eBPF builds.
+ Thanks to Eric Leblond.
+ * Drop patches applied upstream.
+ * Use debhelper-compat.
+ * Mark autopkgtests requiring a control socket as potentially flaky.
+ We cannot always predict the timing on all archs and do not want to
+ use them for CI gating.
+ Closes: #951721
+ * Bring d/copyright up to date with current code base.
+
+ -- Sascha Steinbiss <satta@debian.org> Thu, 20 Feb 2020 14:55:23 +0100
+
+suricata (1:4.1.5-2) unstable; urgency=medium
+
+ * Add versioned Depends on at least libhtp version used for building.
+
+ -- Sascha Steinbiss <satta@debian.org> Wed, 09 Oct 2019 13:13:40 +0200
+
+suricata (1:4.1.5-1) unstable; urgency=medium
+
+ * New upstream release.
+
+ -- Sascha Steinbiss <satta@debian.org> Wed, 25 Sep 2019 10:24:50 +0200
+
+suricata (1:4.1.4-7) unstable; urgency=medium
+
+ * Prevent file clash with other packages writing into the Python3
+ module root directory (suricata/__init__.py).
+ * Add patch to make suricatactl Python3-compatible.
+
+ -- Sascha Steinbiss <satta@debian.org> Wed, 18 Sep 2019 20:55:51 +0200
+
+suricata (1:4.1.4-6) unstable; urgency=medium
+
+ * Make Python components use Python3.
+ Closes: #938603
+
+ -- Sascha Steinbiss <satta@debian.org> Sat, 07 Sep 2019 17:47:44 +0200
+
+suricata (1:4.1.4-5) unstable; urgency=medium
+
+ * Add patch to fix FTBFS on recent kernels. Thanks to Aurelien Jarno for
+ pointing this out.
+ Closes: #934316
+
+ -- Sascha Steinbiss <satta@debian.org> Mon, 12 Aug 2019 12:48:29 +0200
+
+suricata (1:4.1.4-4) unstable; urgency=medium
+
+ [ Hilko Bengen ]
+ * Patch: add --with-ebpf-includes, point to proper include directory for
+ kernel headers, fixing FTBFS on i386
+
+ [ Sascha Steinbiss ]
+ * Only build eBPF programs on archs with available dependencies.
+
+ -- Sascha Steinbiss <satta@debian.org> Wed, 24 Jul 2019 10:34:25 +0200
+
+suricata (1:4.1.4-3) unstable; urgency=medium
+
+ * Fix cross building by including patch that addresses abuse of
+ AC_CHECK_FILE. Thanks to Helmut Grohne for the patch.
+ Closes: #923174
+ * Enable building with eBPF support.
+ Thanks to Hilko Bengen for the patch.
+ Closes: #917816
+ * Create temporary CARGO_HOME to allow building with new cargo
+ versions when $HOME is nonexistent.
+ * Make autopkgtest more robust when external resources are unavailable.
+ Closes: #932463
+ * Bump debhelper and compat to 12.
+ * Add Pre-Depends by Lintian's suggestion.
+
+ -- Sascha Steinbiss <satta@debian.org> Tue, 09 Jul 2019 16:47:49 +0200
+
+suricata (1:4.1.4-2) unstable; urgency=medium
+
+ * Do not install suricata-update, recommend external pkg instead.
+ Closes: #924096
+
+ -- Sascha Steinbiss <satta@debian.org> Thu, 02 May 2019 17:15:48 +0200
+
+suricata (1:4.1.4-1) unstable; urgency=medium
+
+ * New upstream version 4.1.4
+ - Bugs and security fixes
+ * Refreshed quilt patches
+
+ -- Pierre Chifflier <pollux@debian.org> Wed, 01 May 2019 11:44:13 +0200
+
+suricata (1:4.1.3-1) unstable; urgency=medium
+
+ * New upstream version 4.1.3
+ * Refreshed quilt patches
+
+ -- Pierre Chifflier <pollux@debian.org> Fri, 08 Mar 2019 10:24:43 +0100
+
+suricata (1:4.1.2-2) unstable; urgency=medium
+
+ * Upload to unstable.
+
+ -- Sascha Steinbiss <satta@debian.org> Wed, 09 Jan 2019 12:53:47 +0100
+
+suricata (1:4.1.2-1) experimental; urgency=medium
+
+ * New upstream release.
+ * Add myself to uploaders.
+ * Do not remove Rust vendor directory on distclean (Closes: #915154)
+
+ -- Sascha Steinbiss <satta@debian.org> Sun, 23 Dec 2018 10:48:27 +0000
+
+suricata (1:4.1.0-2) experimental; urgency=medium
+
+ * Disable Rust on armel for now (FTBFS)
+ * Add liblz4-dev to build-deps to enable pcap compression
+ * Update build-dependency on python:any to fix FTCBFS (Closes: #909606)
+
+ -- Pierre Chifflier <pollux@debian.org> Mon, 26 Nov 2018 11:07:08 +0100
+
+suricata (1:4.1.0-1) experimental; urgency=medium
+
+ [ Arturo Borrero Gonzalez ]
+ * libhtp: bump soname to libhtp-0.5.24-1
+
+ [ Pierre Chifflier ]
+ * New upstream version 1:4.1.0
+ * Refreshed quilt patches
+ * Update python code directory
+ * Enable rust support (i386 and amd64 only for now)
+ * Also enable Rust on ARM architectures
+
+ -- Pierre Chifflier <pollux@debian.org> Thu, 15 Nov 2018 13:29:23 -0800
+
+suricata (1:4.0.6-1) unstable; urgency=medium
+
+ * New upstream version 1:4.0.6
+
+ -- Pierre Chifflier <pollux@debian.org> Mon, 12 Nov 2018 09:19:39 +0100
+
+suricata (1:4.0.5-1) unstable; urgency=medium
+
+ [ Sascha Steinbiss ]
+ * Add patches to help with cross-compiling. Thanks to Helmut Grohne
+ for the patch.
+ Closes: #895996
+ * Add patches to fix building on ia64.
+ Thanks to Jason Duerstock and Adrian Bunk for the patches.
+ Closes: #890432
+ * Fix spelling in debian/patches/reproducible.patch.
+ * Remove obsolete X-Python-Version hint.
+ * Use updated watchfile source URL with https support.
+ * Remove obsolete --parallel dh parameter.
+ * Use canonical Salsa Vcs-Git URL.
+
+ [ Pierre Chifflier ]
+ * New upstream version 1:4.0.5
+
+ -- Pierre Chifflier <pollux@debian.org> Wed, 18 Jul 2018 17:14:02 +0200
+
+suricata (1:4.0.4-1) unstable; urgency=medium
+
+ * [3f18cd8] d/control: refresh git URLs
+ * [17da106] New upstream version 4.0.4 (Closes: #889842) fixes CVE-2018-6794
+ * [00fcf17] d/compat: bump debhelper compat level to 11
+ * [45dc0db] d/control: bump std-version to 4.1.3
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Wed, 14 Feb 2018 11:33:33 +0100
+
+suricata (1:4.0.3-1) unstable; urgency=medium
+
+ [ Sascha Steinbiss ]
+ * [aece4d6] New upstream version 4.0.3
+ * [c23b64f] refresh patches
+
+ [ Arturo Borrero Gonzalez ]
+ * [7f077ca] d/control: bump std-version to 4.1.2
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Wed, 13 Dec 2017 11:42:18 +0100
+
+suricata (1:4.0.1-2) unstable; urgency=medium
+
+ * [d9998f8] suricata-oinkmaster.conf: update ETOPEN ruleset for suricata 4.0.0
+ (Closes: #882442)
+ * [0beae03] suricata-oinkmaster-updater.8: fix typos
+ * [6e7ae75] d/: get rid of dh --with autotools-dev
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Thu, 23 Nov 2017 13:41:09 +0100
+
+suricata (1:4.0.1-1) unstable; urgency=medium
+
+ * [72d28e5] d/control: upgrade std-version to 4.1.0
+ * [ea1e317] d/control: upgrade std-version to 4.1.1
+ * [14fea39] d/: switch to debhelper compat 10
+ * [a4715b8] New upstream version 4.0.1
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Sat, 21 Oct 2017 12:09:27 +0200
+
+suricata (1:4.0.0-5) unstable; urgency=medium
+
+ * [392c5b2] d/t/control: allow-stderr for the internal unittest test
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Wed, 20 Sep 2017 20:27:12 +0200
+
+suricata (1:4.0.0-4) unstable; urgency=medium
+
+ * [93ee9030] d/control: enable libluajit-5.1-dev build-dep on mipsel
+ (Closes: #873832)
+ * [9527fe94] d/t/control: run suricata -u from the source tree
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Fri, 08 Sep 2017 06:06:47 +0200
+
+suricata (1:4.0.0-3) unstable; urgency=medium
+
+ [ Arturo Borrero Gonzalez ]
+ * [aa53ce82] suricata-oinkmaster-updater.8: fix typo
+ * [2d171d5a] suricata-oinkmaster-updater.8: clarify paragraph
+ * [90c76777] d/rules: disable dh_auto_test
+ * [5b311761] suricata: switch to use dbgsym package
+ * [9b12c48d] d/control: bump std-versions to 4.0.1
+
+ [ Sascha Steinbiss ]
+ * [c353985a] enable libevent support (Closes: #872908)
+ * [49ff3181] enable luajit on mipsel (Closes: #858545)
+
+ [ Arturo Borrero Gonzalez ]
+ * [50ab7eae] suricata.service: update online docs link
+ * [5098fd7b] d/control: add dh-python to build-deps
+ * [f070d160] d/watch: implement signature verification
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Tue, 29 Aug 2017 23:22:48 +0200
+
+suricata (1:4.0.0-2) unstable; urgency=medium
+
+ * [449b4202] d/t/control: running suricata unittest requires
+ geoip-database installed
+ * [0bd02487] d/building-in-ci.sh: be more robust
+ * [edd49e4a] d/watch: more robust approach for upstream tarball generation
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Tue, 15 Aug 2017 13:45:45 +0200
+
+suricata (1:4.0.0-1) unstable; urgency=medium
+
+ * [636f10f] d/rules: actually use dh-systemd (Closes: #861732)
+ * [c728ed0] d/rules: cleanup comments
+ * [f0d9adb] suricata: switch to src:libhtp instead of the bundled one
+ * [fa5f8be] New upstream version 4.0.0-rc1
+ * [fac7566] suricata: remove Build-Conflict with libhtp-dev
+ * [1bce782] suricata: explicit build-dep on new src:libhtp
+ * [f3aec1c] d/suricata.preinst: use strict mode (Closes: #866280)
+ * [c831659] suricata: support for internal unittest in autopktest
+ * [557ded7] New upstream version 4.0.0
+ * [5d41b6c] d/t/control: the internal suricata unittest is a command test
+ * [7f4feaa] d/changelog: add missing entry for 4.0.0-beta1-1~exp1
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Fri, 28 Jul 2017 05:29:48 +0200
+
+suricata (4.0.0-beta1-1~exp1) unstable; urgency=medium
+
+ * [c21347df] New upstream version 4.0.0-beta1
+ * [5661b3cc] libhtp: bump soname to libhtp-0.5.24-1
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Fri, 09 Jun 2017 20:52:10 +0200
+
+suricata (3.2.1-1) unstable; urgency=medium
+
+ [ Arturo Borrero Gonzalez ]
+ * Rebuild for unstable from 3.2.1-1~exp2 (experimental).
+
+ [ Sascha Steinbiss ]
+ * [d0c3629] detect valid interface in autopkgtest
+ * [2d3ae00] fix typo in service file
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Thu, 16 Mar 2017 09:04:03 +0100
+
+suricata (3.2.1-1~exp2) experimental; urgency=medium
+
+ [ Sascha Steinbiss ]
+ * [ced48e4] suricata: migrate from old split binary scheme (Closes: #855573)
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Mon, 20 Feb 2017 13:29:37 +0100
+
+suricata (3.2.1-1~exp1) experimental; urgency=medium
+
+ * [67004c8] New upstream version 3.2.1
+ * [05b1756] d/control: bump dependency on libhyperscan
+ * [4483d1c] suricata: drop suricata-hyperscan binary package (Closes: #851647)
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Wed, 15 Feb 2017 20:54:17 +0100
+
+suricata (3.2-2) unstable; urgency=medium
+
+ * Rebuild for unstable.
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Tue, 10 Jan 2017 09:27:59 +0100
+
+suricata (3.2-2~exp1) experimental; urgency=medium
+
+ [ Sascha Steinbiss ]
+ * [8c7704d] suricata: add hyperscan support (Closes: #846143)
+
+ [ Arturo Borrero Gonzalez ]
+ * [209d2cf] suricata: add remaining hyperscan support
+
+ [ Sascha Steinbiss ]
+ * [ec9b28a] set +x bit on d/suricata-hyperscan.install
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Thu, 22 Dec 2016 09:01:29 +0100
+
+suricata (3.2-1) unstable; urgency=medium
+
+ [ Arturo Borrero Gonzalez ]
+ * [04f5cc3] d/control: update suricata homepage to suricata-ids.org
+ (Closes: #844603)
+
+ [ Sascha Steinbiss ]
+ * [b1cd09c] d/t/control: add some time to settle in autopkgtest
+
+ [ Arturo Borrero Gonzalez ]
+ * [dde83f1] New upstream version 3.2
+ * [c55dda2] d/patches/debian-default-cfg.patch: refresh patch
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Thu, 01 Dec 2016 16:22:50 +0100
+
+suricata (3.1.3-3) unstable; urgency=medium
+
+ * [e7a248d] d/tests/control: allow-stderr in the suricata-oinkmaster-updater
+ command
+ * [2caf89b] d/control: make libhtp packages Multi-Arch: same
+ * [825cef4] d/libhtp-0.5.23-1.lintian-overrides: generalize override
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Thu, 10 Nov 2016 09:42:29 +0100
+
+suricata (3.1.3-2) unstable; urgency=medium
+
+ * [5c395f9] d/tests/control: rearange suricatasc command tests
+ * [789723b] d/tests/control: fix typo in test command 'suricatas'
+ * [353e030] d/changelog: clean word with typo from the changelog
+ * [b4cf113] d/: add libhtp-0.5.23-1.lintian-overrides
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Wed, 09 Nov 2016 13:44:17 +0100
+
+suricata (3.1.3-1) unstable; urgency=medium
+
+ [ Arturo Borrero Gonzalez ]
+ * [165d14e] suricata-oinkmaster: move the update script to /usr/sbin
+ (Closes: #838129)
+ * [2e21734] d/tests/control: add a basic test for suricata-oinkmaster-updater
+ * [be640f3] suricata: split libhtp to separate binary packages
+ * [c41567a] suricata-oinkmaster: add manpage for suricata-oinkmaster-updater
+ * [b5b6483] d/copyright: refresh file
+ * [2be2225] d/control: add references to IPS and firewall
+ * [bd6a9ed] d/: add symbols file for libhtp
+ * [f61be7d] suricata-oinkmaster-updater.8: fix typo
+ * [ead4a84] d/: update email address to 'arturo@debian.org'
+ * [36d9b9d] d/: refresh date of manpages
+
+ [ Sascha Steinbiss ]
+ * [da1c3c6] d/suricata.logrotate: use 'copytruncate' instead of 'create'
+
+ [ Arturo Borrero Gonzalez ]
+ * [cd9d5d4] New upstream version 3.1.3
+ * [f32a582] libhtp: symbols: refresh file
+ * [1e3edb0] libhtp: bump soname
+ * [d46497e] d/control: suricata depends on lsb-base
+ * [08a6195] d/copyright: refresh copyright owner for some libhtp files
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Tue, 08 Nov 2016 08:51:58 +0100
+
+suricata (3.1.2-2) unstable; urgency=medium
+
+ * [482c6f6] d/tests/control: allow-stderr for systemd-service-test.sh
+ * [a4eff10] d/tests/control: add tests for suricatasc
+ * [892096c] d/suricata.8: fix typo 'inet' vs 'init'
+
+ -- Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Thu, 08 Sep 2016 12:46:44 +0200
+
+suricata (3.1.2-1) unstable; urgency=medium
+
+ * [4e0605d] Revert "suricata: drop support for sysvinit"
+ * [f5abe38] d/patches: add reproducible.patch.
+ Thanks to Christoph Berg <myon@debian.org> for the pointers.
+ * [6569809] New upstream version 3.1.2
+ * [5fea3a6] d/suricata.service: include Restart=on-failure
+ * [d1a973d] d/suricata.service: add ProtectSystem=full and ProtectHome=true
+ * [8e1cddd] d/tests/systemd-service-test.sh: don't test the reload operation by now
+ * [87c00b1] d/suricata.maintscript: factorize renaming of old config file
+ (Closes: #835643)
+ * [55c7a32] d/oinkmaster/suricata-oinkmaster-updater: drop warnings
+ * [7651669] d/oinkmaster/suricata-oinkmaster-updater: cleanup file
+
+ -- Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Wed, 07 Sep 2016 13:25:13 +0200
+
+suricata (3.1.1-4) unstable; urgency=medium
+
+ * [c9b6efd] d/tests/: add new systemd-service-test.sh test
+ * [848a40f] d/README.Debian: this is not a beta release
+ * [0afb007] d/README.Debian: update file with systemd information
+ * [234ec55] d/suricata.8: update manpage
+ * [ebd6a8a] suricata: drop support for sysvinit
+ * [d8fae07] d/suricata.service: get rid of environment variables
+ * [5fe5359] d/suricata.service: use suricatasc for stop and reload
+ * [2ffd606] d/tests/systemd-service-test.sh: add tests for daemon reload
+ * [5196c36] d/suricata.service: require network-online.target (Closes:
+ #835168)
+
+ -- Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Thu, 25 Aug 2016 14:14:20 +0200
+
+suricata (3.1.1-3) unstable; urgency=medium
+
+ * [22d26a5] suricata-oinkmaster-updater: prevent bogus if evaluation
+ * [4805c7a] suricata-oinkmaster-updater: dont exit with error if missing
+ requirements (Closes: #834029)
+
+ -- Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Tue, 16 Aug 2016 13:53:12 +0200
+
+suricata (3.1.1-2) unstable; urgency=medium
+
+ * [833f1c5] d/: add new binary package suricata-oinkmaster
+ * [6155001] d/suricata.service: remove duplicated -D switch in
+ ExecStart=
+ * [6ebbd82] d/patches: add debian-default-cfg.patch [enable unix socket
+ by default]
+ * [2286eb4] d/suricatasc.1: update manpage
+
+ -- Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Thu, 28 Jul 2016 13:21:30 +0200
+
+suricata (3.1.1-1) unstable; urgency=medium
+
+ * [cafb099] d/suricata: rename suricata main conffile to
+ /etc/suricata/suricata.yaml
+ * [445c957] suricata: add systemd service file
+ * [94b93bf] Imported Upstream version 3.1.1
+
+ -- Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Mon, 25 Jul 2016 11:12:03 +0200
+
+suricata (3.1-1) unstable; urgency=medium
+
+ * [d2cce67] d/control: add Vcs-Browser and Vcs-Git information
+ * [8bb2030] Imported Upstream version 3.1
+
+ -- Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Tue, 21 Jun 2016 11:00:55 +0200
+
+suricata (3.0.1-2) unstable; urgency=medium
+
+ * [178f3cf] suricata: add libgeoip support
+ * [c8a0a0a] d/control: bump std-version to 3.9.8
+ * [523203d] d/control: wrap-and-sort
+ * [e5abae9] suricata: add hiredis support
+ * [9ec82b8] d/control: get rid of XS-Testsuite directive
+
+ -- Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Mon, 23 May 2016 11:39:40 +0200
+
+suricata (3.0.1-1) unstable; urgency=medium
+
+ * Imported Upstream version 3.0.1
+ * Bump Standards Version to 3.9.7
+
+ -- Pierre Chifflier <pollux@debian.org> Fri, 08 Apr 2016 10:58:35 +0200
+
+suricata (3.0-1) unstable; urgency=medium
+
+ * Imported Upstream version 3.0
+
+ -- Pierre Chifflier <pollux@debian.org> Thu, 28 Jan 2016 06:02:41 +0100
+
+suricata (2.0.11-1) unstable; urgency=medium
+
+ * Imported Upstream version 2.0.11
+
+ -- Pierre Chifflier <pollux@debian.org> Thu, 07 Jan 2016 10:17:16 +0100
+
+suricata (2.0.10-2) unstable; urgency=medium
+
+ [ Arturo Borrero Gonzalez ]
+ * d/copyright: update file to follow Debian Policy 3.9.6.1
+ * d/control: bump standards to 3.9.6
+ * suricata: add nflog support (Closes: #775074)
+ * d/: wrap-and-sort
+ * d/control: architecture is linux-any
+ * d/rules: don't include upstream install documentation
+ * d/tests: add first basic test
+ * d/control: add missing Testsuite declaration
+ * suritaca: add package suricata-dbg (Closes: #753438)
+ * suricata sysvinit: fix libtcmalloc-minimal integration (Closes: #725249)
+ * d/suricata.init: cleanup file
+ * suricatasc: add manpage
+
+ [ Pierre Chifflier ]
+ * Merge unstable-next branch
+ * Fix dependencies and priority for -dbg package
+ * Install manpage for suricatasc
+
+ -- Pierre Chifflier <pollux@debian.org> Tue, 05 Jan 2016 21:02:40 +0100
+
+suricata (2.0.10-1) unstable; urgency=medium
+
+ * Imported Upstream version 2.0.10
+
+ -- Pierre Chifflier <pollux@debian.org> Thu, 26 Nov 2015 10:35:53 +0100
+
+suricata (2.0.9-1) unstable; urgency=medium
+
+ * Imported Upstream version 2.0.9
+ * Update watch file
+
+ -- Pierre Chifflier <pollux@debian.org> Fri, 25 Sep 2015 19:19:53 +0200
+
+suricata (2.0.8-1) unstable; urgency=high
+
+ [ Arturo Borrero Gonzalez ]
+ * d/suricata.logrotate: add logrotate configuration (Closes: #767249)
+ * d/patches: patch suricatasc to prevent depends on python-symplejson
+ (Closes: #759475)
+ * Revert "d/patches: patch suricatasc to prevent depends on python-symplejson"
+
+ [ Pierre Chifflier ]
+ * Imported Upstream version 2.0.8
+ * Bump Standards Version to 3.9.6
+ Fixes CVE-2015-0971 (Integer overflow in the DER parser)
+
+ -- Pierre Chifflier <pollux@debian.org> Thu, 07 May 2015 11:03:19 +0200
+
+suricata (2.0.7-2) unstable; urgency=medium
+
+ [ Arturo Borrero Gonzalez ]
+ * d/suricata.init: fix proc nfqueue file checking (Closes: #725301)
+
+ [ Pierre Chifflier ]
+ * Check for both proc entries for nfqueue (backwards compatibility) and
+ issue warning only
+
+ -- Pierre Chifflier <pollux@debian.org> Sun, 15 Mar 2015 11:17:27 +0100
+
+suricata (2.0.7-1) unstable; urgency=medium
+
+ [ Pierre Chifflier ]
+ * Imported Upstream version 2.0.7
+ * Fix problems with upstream version import
+
+ -- Pierre Chifflier <pollux@debian.org> Thu, 12 Mar 2015 07:06:49 +0100
+
+suricata (2.0.6-3) unstable; urgency=medium
+
+ [ Arturo Borrero Gonzalez ]
+ * suricata: don't deploy .so links
+
+ [ Pierre Chifflier ]
+ * Add missing installation files (Closes: #778724)
+ * Fix .so symlinks removal
+ * Update default-rules-path
+
+ -- Pierre Chifflier <pollux@debian.org> Thu, 19 Feb 2015 11:55:05 +0100
+
+suricata (2.0.6-2) unstable; urgency=medium
+
+ [ Arturo Borrero Gonzalez ]
+ * d/patches: drop 10-fix-missing-script-autoreconf.patch (Closes: #778670)
+ * d/rules: prevent not .so libhtp files from entering binary suricata package
+
+ [ Pierre Chifflier ]
+ * Add conflicts/replaces fields for transition from libhtp (Closes: #778668)
+
+ -- Pierre Chifflier <pollux@debian.org> Wed, 18 Feb 2015 11:19:31 +0100
+
+suricata (2.0.6-1) unstable; urgency=medium
+
+ [ Pierre Chifflier ]
+ * Imported Upstream version 2.0.6
+ * Add Arturo to uploaders
+
+ [ Arturo Borrero Gonzalez ]
+ * suricata: use embedded copy of libhtp (Closes: #772551)
+
+ -- Pierre Chifflier <pollux@debian.org> Tue, 17 Feb 2015 11:31:22 +0100
+
+suricata (2.0.4-1) unstable; urgency=high
+
+ * Imported Upstream version 2.0.4
+ * Security: fix out-of-bounds access in SSH parser (Closes: #762828)
+ * Urgency high, CVE-2014-6603
+ Stable and Oldstable versions are not affected.
+
+ -- Pierre Chifflier <pollux@debian.org> Fri, 10 Oct 2014 13:19:59 +0200
+
+suricata (2.0.3-1) unstable; urgency=medium
+
+ * Imported Upstream version 2.0.3
+
+ -- Pierre Chifflier <pollux@debian.org> Wed, 20 Aug 2014 15:06:21 +0200
+
+suricata (2.0.2-1) unstable; urgency=medium
+
+ * Imported Upstream version 2.0.2
+
+ -- Pierre Chifflier <pollux@debian.org> Sun, 29 Jun 2014 18:27:56 +0200
+
+suricata (2.0-1) unstable; urgency=medium
+
+ * Imported Upstream version 2.0
+ * Update build, require a recent libhtp, and disable coccinelle tests.
+ * Upload to unstable
+
+ -- Pierre Chifflier <pollux@debian.org> Wed, 02 Apr 2014 20:23:10 +0200
+
+suricata (1.4.7-1) unstable; urgency=low
+
+ * Imported Upstream version 1.4.7
+ * Bump Standards Version to 3.9.5
+ * Run autoreconf during build to fix some errors caused by different
+ autotools versions
+
+ -- Pierre Chifflier <pollux@debian.org> Sun, 29 Dec 2013 11:29:57 +0100
+
+suricata (1.4.6-1) unstable; urgency=low
+
+ * Imported Upstream version 1.4.6
+
+ -- Pierre Chifflier <pollux@debian.org> Sun, 06 Oct 2013 18:52:34 +0200
+
+suricata (1.4.5-1) unstable; urgency=low
+
+ * Imported Upstream version 1.4.5
+ * Prepare transition for suricata 2.0 by conflicting with libhtp >= 0.5
+
+ -- Pierre Chifflier <pollux@debian.org> Tue, 20 Aug 2013 16:44:45 +0200
+
+suricata (1.4.3-1) unstable; urgency=low
+
+ * Imported Upstream version 1.4.3
+
+ -- Pierre Chifflier <pollux@debian.org> Thu, 04 Jul 2013 11:50:13 +0200
+
+suricata (1.4.2-1) unstable; urgency=low
+
+ * Imported Upstream version 1.4.2
+
+ -- Pierre Chifflier <pollux@debian.org> Wed, 29 May 2013 16:24:52 +0200
+
+suricata (1.4.1-1) unstable; urgency=low
+
+ * Imported Upstream version 1.4.1
+ * Install python control script (add dependency on python, and use
+ dh_python2 for build)
+ * Bump Standards Version to 3.9.4
+ * Fix removal of pid file in init script (Closes: #700547)
+ Thanks to Игорь Козинов <madvampik@gmail.com>.
+ * Add support for af-packet mode in init script (Closes: #697928).
+ Thanks to Jamie Strandboge <jamie@ubuntu.com>.
+
+ -- Pierre Chifflier <pollux@debian.org> Tue, 21 May 2013 12:42:45 +0200
+
+suricata (1.4-3) unstable; urgency=low
+
+ * Add configure flag for luajit only on supported architectures
+
+ -- Pierre Chifflier <pollux@debian.org> Sat, 22 Dec 2012 16:38:41 +0100
+
+suricata (1.4-2) unstable; urgency=low
+
+ * Fix error in init script, stop trying to manage suricata pid file
+ * Use arch-specific build dependencies for libluajit-5.1-dev, it is not
+ available on all architectures
+
+ -- Pierre Chifflier <pollux@debian.org> Sat, 22 Dec 2012 15:39:57 +0100
+
+suricata (1.4-1) unstable; urgency=low
+
+ * Imported Upstream version 1.4
+ * Enable Jansson and LuaJIT support, and add libjansson-dev libluajit-5.1-dev
+ to build-deps
+ * Add python to recommends, for the suricatasc script
+ * Create /var/run/suricata directory when starting daemon
+
+ -- Pierre Chifflier <pollux@debian.org> Fri, 14 Dec 2012 00:02:51 +0100
+
+suricata (1.3.5-1) unstable; urgency=low
+
+ * Imported Upstream version 1.3.5
+
+ -- Pierre Chifflier <pollux@debian.org> Thu, 06 Dec 2012 21:13:56 +0100
+
+suricata (1.3.4-1) unstable; urgency=low
+
+ * Imported Upstream version 1.3.4
+
+ -- Pierre Chifflier <pollux@debian.org> Sat, 17 Nov 2012 09:56:08 +0100
+
+suricata (1.3.3-1) unstable; urgency=low
+
+ * Imported Upstream version 1.3.3
+
+ -- Pierre Chifflier <pollux@debian.org> Sat, 03 Nov 2012 09:38:36 +0100
+
+suricata (1.3.2-1) unstable; urgency=low
+
+ * Imported Upstream version 1.3.2
+
+ -- Pierre Chifflier <pollux@debian.org> Sat, 13 Oct 2012 12:18:33 +0200
+
+suricata (1.3-1) unstable; urgency=low
+
+ * Imported Upstream version 1.3
+ * Add build-dependency on libnss3-dev and libnspr4-dev
+ * Bump Standards Version to 3.9.3
+
+ -- Pierre Chifflier <pollux@debian.org> Sun, 22 Jul 2012 22:27:36 +0200
+
+suricata (1.2.1-2) unstable; urgency=low
+
+ * Use override targets in rules files (Closes: #666330)
+ * Add support for parallel build in debian/rules
+
+ -- Pierre Chifflier <pollux@debian.org> Thu, 12 Apr 2012 01:56:48 +0200
+
+suricata (1.2.1-1) unstable; urgency=low
+
+ * Imported Upstream version 1.2.1
+ * Add libmagic-dev to build-deps
+ * Convert to DH version 9
+ - Switch from hardening-wrapper to dpkg-buildflags
+
+ -- Pierre Chifflier <pollux@debian.org> Mon, 23 Jan 2012 21:47:26 +0100
+
+suricata (1.1.1-2) unstable; urgency=low
+
+ * Add *.config files to default installation
+ * Trigger rebuild with libhtp versioned symbols
+
+ -- Pierre Chifflier <pollux@debian.org> Thu, 05 Jan 2012 08:20:24 +0100
+
+suricata (1.1.1-1) unstable; urgency=low
+
+ * Imported Upstream version 1.1.1
+ * Add configure option --enable-af-packet
+
+ -- Pierre Chifflier <pollux@debian.org> Wed, 07 Dec 2011 21:52:53 +0100
+
+suricata (1.1-1) unstable; urgency=low
+
+ * Imported Upstream version 1.1
+ * Add instructions on getting new rules using oinkmaster
+ * Add Recommends on oinkmaster
+ * Move snort-rules-default to Recommends
+
+ -- Pierre Chifflier <pollux@debian.org> Thu, 17 Nov 2011 23:20:51 +0100
+
+suricata (1.0.5-1) unstable; urgency=low
+
+ * Imported Upstream version 1.0.5
+
+ -- Pierre Chifflier <pollux@debian.org> Wed, 27 Jul 2011 08:20:25 +0200
+
+suricata (1.0.4-1) unstable; urgency=low
+
+ * Imported Upstream version 1.0.4
+ * Bump Standards Version to 3.9.2
+ * Enable hardening-wrapper
+
+ -- Pierre Chifflier <pollux@debian.org> Sat, 25 Jun 2011 13:45:44 +0200
+
+suricata (1.0.3-1) unstable; urgency=low
+
+ * Imported Upstream version 1.0.3
+
+ -- Pierre Chifflier <pollux@debian.org> Wed, 13 Apr 2011 16:59:32 +0200
+
+suricata (1.0.2-2) unstable; urgency=low
+
+ * Add init script (thanks to Edward Fjellskål)
+ * Switch to dpkg-source 3.0 (quilt) format
+
+ -- Pierre Chifflier <pollux@debian.org> Sun, 19 Dec 2010 18:35:50 +0100
+
+suricata (1.0.2-1) unstable; urgency=low
+
+ * New Upstream version 1.0.2 (Closes: #598389)
+
+ -- Pierre Chifflier <pollux@debian.org> Wed, 29 Sep 2010 10:02:52 +0200
+
+suricata (1.0.1-1) unstable; urgency=low
+
+ * Imported Upstream version 1.0.1 (Closes: #591559)
+ * Bump Standards version to 3.9.1
+ * Create /var/log/suricata (Closes: #590861)
+
+ -- Pierre Chifflier <pollux@debian.org> Wed, 11 Aug 2010 14:45:14 +0200
+
+suricata (1.0.0-1) unstable; urgency=low
+
+ * Imported Upstream version 1.0.0
+ * Remove arch=native flag from build (Closes: #587714)
+ * Bump Standards version to 3.9.0
+
+ -- Pierre Chifflier <pollux@debian.org> Thu, 01 Jul 2010 21:28:41 +0200
+
+suricata (0.9.2-1) unstable; urgency=low
+
+ * Imported Upstream version 0.9.2
+
+ -- Pierre Chifflier <pollux@debian.org> Sat, 19 Jun 2010 17:39:14 +0200
+
+suricata (0.9.1-1) unstable; urgency=low
+
+ * Imported Upstream version 0.9.1
+ * Update watch file
+
+ -- Pierre Chifflier <pollux@debian.org> Wed, 26 May 2010 23:09:07 +0200
+
+suricata (0.9.0-1) unstable; urgency=low
+
+ * Imported Upstream version 0.9.0
+ * Add libcap-ng-dev to build-deps
+
+ -- Pierre Chifflier <pollux@debian.org> Sun, 09 May 2010 10:43:44 +0200
+
+suricata (0.8.2-1) unstable; urgency=low
+
+ * Imported Upstream version 0.8.2
+ * Force selection of external libhtp during build
+ * Enable Prelude support
+ * Update watch file
+
+ -- Pierre Chifflier <pollux@debian.org> Sun, 02 May 2010 10:50:05 +0200
+
+suricata (0.8.0-2) unstable; urgency=low
+
+ * Update debian/copyright to include all files
+
+ -- Pierre Chifflier <pollux@debian.org> Sun, 21 Feb 2010 21:45:33 +0100
+
+suricata (0.8.0-1) unstable; urgency=low
+
+ * Initial release (Closes: #563422)
+
+ -- Pierre Chifflier <pollux@debian.org> Sat, 30 Jan 2010 18:25:05 +0100
--- /dev/null
+Source: suricata
+Section: net
+Priority: optional
+Maintainer: Pierre Chifflier <pollux@debian.org>
+Uploaders: Arturo Borrero Gonzalez <arturo@debian.org>,
+ Sascha Steinbiss <satta@debian.org>
+Build-Depends: debhelper-compat (= 13),
+ dh-python,
+ libbpf-dev [amd64 arm64 armel armhf i386 ppc64el s390x ppc64 sparc64 x32],
+ clang [amd64 arm64 armel armhf i386 ppc64el s390x ppc64 sparc64 x32],
+ llvm [amd64 arm64 armel armhf i386 ppc64el s390x ppc64 sparc64 x32],
+ libcap-ng-dev,
+ libelf-dev [amd64 arm64 armel armhf i386 ppc64el s390x ppc64 sparc64 x32],
+ libevent-dev,
+ libgeoip-dev,
+ libhiredis-dev,
+ libjansson-dev,
+ libluajit-5.1-dev [i386 amd64 powerpc mips mipsel armel armhf],
+ libhyperscan-dev (>= 4.4.0) [i386 amd64 x32],
+ rustc (>= 1.28.0),
+ cargo (>= 0.29.0),
+ liblz4-dev,
+ libmagic-dev,
+ libmaxminddb-dev,
+ libnet1-dev | libnet-dev,
+ libnetfilter-log-dev,
+ libnetfilter-queue-dev,
+ libnspr4-dev,
+ libnss3-dev,
+ libpcap-dev,
+ libpcre3-dev,
+ libyaml-dev,
+ python3:any,
+ zlib1g-dev | libz-dev,
+ libhtp-dev (>= 1:0.5.40),
+ procps
+Standards-Version: 4.5.1
+Rules-Requires-Root: no
+Homepage: https://www.suricata-ids.org/
+Vcs-Browser: https://salsa.debian.org/pkg-suricata-team/pkg-suricata
+Vcs-Git: https://salsa.debian.org/pkg-suricata-team/pkg-suricata.git
+
+Package: suricata
+Architecture: linux-any
+Pre-Depends: dpkg (>= 1.15.7.2), ${misc:Pre-Depends}
+Depends: ${misc:Depends}, ${python3:Depends}, ${shlibs:Depends}, libhtp2 (>= ${libhtp:Version}~), lsb-base (>= 3.0-6)
+Conflicts: libhtp1 (<< 0.5.16), suricata-hyperscan (<< 3.2)
+Replaces: libhtp1 (<< 0.5.16), suricata-hyperscan (<< 3.2)
+Recommends: python3, snort-rules-default, suricata-update
+Suggests: libtcmalloc-minimal4
+Description: Next Generation Intrusion Detection and Prevention Tool
+ Suricata is a network Intrusion Detection System (IDS). It is based on
+ rules (and is fully compatible with snort rules) to detect a variety of
+ attacks / probes by searching packet content.
+ .
+ It can also be used as Intrusion Prevention System (IPS), and as higher layer
+ firewall.
+ .
+ This new Engine supports Multi-Threading, Automatic Protocol Detection
+ (IP, TCP, UDP, ICMP, HTTP, TLS, FTP and SMB), Gzip Decompression, Fast
+ IP Matching and coming soon hardware acceleration on CUDA and OpenCL GPU
+ cards.
+ .
+ This version has inline (NFQUEUE) support enabled.
--- /dev/null
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: suricata
+Source: https://suricata-ids.org/download/
+Files-Excluded: libhtp
+
+Files: *
+Copyright: 2007-2020 Open Information Security Foundation
+License: GPL-2
+
+Files: aclocal.m4
+Copyright: 1996-2017 Free Software Foundation, Inc.
+ 2004 Scott James Remnant <scott@netsplit.com>
+ 2012-2015 Dan Nicholson <dbn.lists@gmail.com>
+License: GPL-2+
+
+Files: compile
+ config.sub
+ configure
+Copyright: 1992-2018 Free Software Foundation, Inc.
+License: GPL-2
+
+Files: config.guess
+Copyright: 1992-2018 Free Software Foundation, Inc.
+License: GPL-3
+
+Files: contrib/Makefile.am
+Copyright: 2007-2020 Open Information Security Foundation
+License: GPL-2
+
+Files: contrib/file_processor/*
+Copyright: 2007-2020 Open Information Security Foundation
+License: GPL-2
+
+Files: contrib/file_processor/Action/Makefile.in
+Copyright: 1989, 1991-2015, Free Software Foundation, Inc.
+License: GPL-2
+
+Files: contrib/file_processor/Makefile.in
+Copyright: 1989, 1991-2015, Free Software Foundation, Inc.
+License: GPL-2
+
+Files: contrib/file_processor/Processor/Makefile.in
+Copyright: 1989, 1991-2015, Free Software Foundation, Inc.
+License: GPL-2
+
+Files: contrib/file_processor/file_processor.pl
+Copyright: 2012, Martin Holste
+License: GPL-2
+
+Files: contrib/suri-graphite
+Copyright: 2013, 2015, Eric Leblond <eric@regit.org>
+License: GPL-2
+
+Files: debian/*
+Copyright: 2010 Pierre Chifflier <pollux@debian.org>
+ 2019-2020 Sascha Steinbiss <satta@debian.org>
+License: GPL-2
+
+Files: debian/oinkmaster/*
+Copyright: 2016 Arturo Borrero Gonzalez <arturo@debian.org>
+License: GPL-2
+
+Files: doc/Makefile.in
+ doc/userguide/Makefile.in
+Copyright: 1989, 1991-2015, Free Software Foundation, Inc.
+License: GPL-2
+
+Files: install-sh
+Copyright: 1994, X Consortium
+License: Expat
+
+Files: ebpf/Makefile.in
+ etc/Makefile.in
+ python/Makefile.in
+ qa/Makefile.in
+ qa/coccinelle/Makefile.in
+ rules/Makefile.in
+ rust/Makefile.in
+ src/Makefile.in
+ suricata-update/Makefile*
+Copyright: 1994-2017 Free Software Foundation, Inc.
+License: GPL-2
+
+Files: ebpf/include/linux/bpf.h
+Copyright: 2011-2014 PLUMgrid
+License: GPL-2
+
+Files: python/suricata/ctl/loghandler.py
+Copyright: 2017 Open Information Security Foundation
+ 2016 Jason Ish
+License: GPL-2
+
+Files: qa/coccinelle/sz3.cocci
+Copyright: 2012 LIP6/INRIA
+License: GPL-2
+
+Files: qa/wirefuzz.pl
+Copyright: 2010-2015 Open Information Security Foundation
+License: GPL-2
+
+Files: rust/gen/*
+Copyright: 2017 Open Information Security Foundation
+License: GPL-2
+
+Files: rust/vendor/autocfg*/*
+Copyright: 2018 Josh Stone <cuviper@gmail.com>
+License: MIT or Apache-2.0
+
+Files: rust/vendor/base64/*
+Copyright: 2015 Alice Maz
+License: MIT or Apache-2.0
+
+Files: rust/vendor/bitflags/*
+Copyright: 2014 The Rust Project Developers
+License: MIT or Apache-2.0
+
+Files: rust/vendor/build_const/*
+Copyright: 2017 Garrett Berg, vitiral@gmail.com
+License: MIT
+
+Files: rust/vendor/byteorder/*
+Copyright: 2015 Andrew Gallant
+License: MIT or Unlicense
+
+Files: rust/vendor/cloudabi/*
+Copyright: 2016-2018 Nuxi (https://nuxi.nl/) and contributors
+License: BSD-2-clause
+
+Files: rust/vendor/cookie-factory/*
+Copyright: 2017 Geoffroy Couprie <geo.couprie@gmail.com>
+License: MIT
+
+Files: rust/vendor/crc/*
+Copyright: 2017 crc-rs Developers
+License: MIT or Apache-2.0
+
+Files: rust/vendor/der-parser/*
+Copyright: 2017 Pierre Chifflier <chifflier@wzdftpd.net>
+License: MIT or Apache-2.0
+
+Files: rust/vendor/enum_primitive/*
+Copyright: 2015 Anders Kaseorg <andersk@mit.edu>
+License: MIT
+
+Files: rust/vendor/fuchsia-cprng/*
+Copyright: 2019 The Fuchsia Authors
+License: BSD-3-clause
+
+Files: rust/vendor/ipsec-parser/*
+Copyright: 2017 Pierre Chifflier <chifflier@wzdftpd.net>
+License: MIT or Apache-2.0
+
+Files: rust/vendor/kerberos-parser/*
+Copyright: 2017 Pierre Chifflier <chifflier@wzdftpd.net>
+License: MIT or Apache-2.0
+
+Files: rust/vendor/libc/*
+Copyright: 2014 The Rust Project Developers
+License: MIT or Apache-2.0
+
+Files: rust/vendor/memchr/*
+Copyright: 2015 Andrew Gallant <jamslam@gmail.com>
+License: Unlicense or MIT
+
+Files: rust/vendor/nom/*
+Copyright: 2014-2018 Geoffroy Couprie <contact@geoffroycouprie.com>
+License: MIT
+
+Files: rust/vendor/ntp-parser/*
+Copyright: 2017 Pierre Chifflier <chifflier@wzdftpd.net>
+License: MIT or Apache-2.0
+
+Files: rust/vendor/num*/*
+Copyright: 2014 The Rust Project Developers
+License: MIT or Apache-2.0
+
+Files: rust/vendor/phf*/*
+Copyright: 2014-2016 Steven Fackler <sfackler@gmail.com>
+License: MIT
+
+Files: rust/vendor/proc-macro2/*
+Copyright: 2014 Alex Crichton <alex@alexcrichton.com>
+License: MIT or Apache-2.0
+
+Files: rust/vendor/quote/*
+Copyright: 2016 The Rust Project Developers
+License: MIT or Apache-2.0
+
+Files: rust/vendor/rand*/*
+Copyright: 2018 The Rand Project Developers
+ 2014 The Rust Project Developers
+License: MIT or Apache-2.0
+
+Files: rust/vendor/rand_pcg/*
+Copyright: 2014-2017 Melissa O'Neill and PCG Project contributors
+ 2018 Developers of the Rand project
+License: MIT or Apache-2.0
+
+Files: rust/vendor/rdrand/*
+Copyright: 2014 Simonas Kazlauskas <rdrand@kazlauskas.me>
+License: ISC
+
+Files: rust/vendor/rusticata-macros/*
+Copyright: 2017 Pierre Chifflier <chifflier@wzdftpd.net>
+License: MIT or Apache-2.0
+
+Files: rust/vendor/siphasher/*
+Copyright: 2012-2016 The Rust Project Developers
+License: MIT or Apache-2.0
+
+Files: rust/vendor/snmp-parser/*
+Copyright: 2017 Pierre Chifflier <chifflier@wzdftpd.net>
+License: MIT or Apache-2.0
+
+Files: rust/vendor/syn/*
+Copyright: David Tolnay <dtolnay@gmail.com>
+License: MIT or Apache-2.0
+
+Files: rust/vendor/time/*
+Copyright: 2014 The Rust Project Developers
+License: MIT or Apache-2.0
+
+Files: rust/vendor/tls-parser/*
+Copyright: 2017 Pierre Chifflier <chifflier@wzdftpd.net>
+License: MIT or Apache-2.0
+
+Files: rust/vendor/unicode-xid/*
+Copyright: 2015 The Rust Project Developers
+License: MIT or Apache-2.0
+
+Files: rust/vendor/version_check/*
+Copyright: 2017-2018 Sergio Benitez <sb@sergio.bz>
+License: MIT or Apache-2.0
+
+Files: rust/vendor/widestring/*
+Copyright: 2016 Kathryn Long <squeeself@gmail.com>
+License: MIT or Apache-2.0
+
+Files: rust/vendor/winapi*/*
+Copyright: 2015-2018 The winapi-rs Developers
+License: MIT or Apache-2.0
+
+Files: rust/vendor/x509-parser/*
+Copyright: 2017 Pierre Chifflier <chifflier@wzdftpd.net>
+License: MIT or Apache-2.0
+
+Files: src/Makefile.am
+ src/util-hash-lookup3.c
+ src/util-hash-lookup3.h
+Copyright: 2008 Victor Julien <victor@inliniac.net>
+License: GPL-2
+
+Files: src/app-layer-htp-libhtp.c
+ src/app-layer-htp-libhtp.h
+Copyright: 2010-2013, Qualys, Inc.
+ 2009, 2010, Open Information Security Foundation
+License: BSD-3-clause
+
+Files: src/app-layer-modbus.c
+ src/app-layer-modbus.h
+ src/detect-engine-modbus.c
+ src/detect-engine-modbus.h
+ src/detect-modbus.c
+ src/detect-modbus.h
+ src/detect-tls.c
+ src/detect-tls.h
+ src/util-decode-der-get.c
+ src/util-decode-der-get.h
+ src/util-decode-der.c
+ src/util-decode-der.h
+Copyright: 2011-2015, ANSSI
+License: BSD-3-clause
+
+Files: src/queue.h
+ src/win32-syslog.h
+Copyright: 1982, 1986, 1988, 1991, 1993, The Regents of the University of California.
+License: BSD-3-clause
+
+Files: src/util-decode-mime.c
+ src/util-decode-mime.h
+Copyright: 2012, BAE Systems
+License: GPL-2
+
+Files: src/util-fix_checksum.c
+ src/util-fix_checksum.h
+Copyright: 2002-2008, Henning Brauer
+ 2001, Daniel Hartmeier
+License: BSD-2-clause
+Comment:
+ In addition to the BSD license, the authors state the following:
+ Effort sponsored in part by the Defense Advanced Research Projects
+ Agency (DARPA) and Air Force Research Laboratory, Air Force
+ Materiel Command, USAF, under agreement number F30602-01-2-0537
+
+Files: src/util-strlcatu.c
+ src/util-strlcpyu.c
+Copyright: 1998, Todd C. Miller <Todd.Miller@courtesan.com>
+License: BSD-3-clause
+
+Files: src/tree.h
+Copyright: 2002 Niels Provos <provos@citi.umich.edu>
+License: BSD-2-clause
+
+Files: suricata-update/*
+Copyright: 2017-2019 Open Information Security Foundation
+ 2013-2017 Jason Ish
+License: GPL-2
+
+Files: suricata-update/suricata/update/compat/ordereddict.py
+Copyright: 2009 Raymond Hettinger
+License: MIT
+
+License: BSD-3-clause
+ The BSD License
+ .
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are
+ met:
+ .
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ .
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ .
+ * Neither the name of foo nor the names of its
+ contributors may be used to endorse or promote products derived from
+ this software without specific prior written permission.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
+ CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+License: Expat
+ The MIT License
+ .
+ Permission is hereby granted, free of charge, to any person
+ obtaining a copy of this software and associated
+ documentation files (the "Software"), to deal in the Software
+ without restriction, including without limitation the rights to
+ use, copy, modify, merge, publish, distribute, sublicense,
+ and/or sell copies of the Software, and to permit persons to
+ whom the Software is furnished to do so, subject to the
+ following conditions:
+ .
+ The above copyright notice and this permission notice shall
+ be included in all copies or substantial portions of the
+ Software.
+ .
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT
+ WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
+ INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR
+ PURPOSE AND NONINFRINGEMENT. IN NO EVENT
+ SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+ TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ CONNECTION WITH THE SOFTWARE OR THE USE OR
+ OTHER DEALINGS IN THE SOFTWARE.
+
+License: GPL-2
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU Library General Public License as published by
+ the Free Software Foundation.
+ .
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU Library General Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>
+ .
+ On Debian systems, the complete text of the GNU General
+ Public License version 2 can be found in "/usr/share/common-licenses/GPL-2".
+
+License: GPL-2+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 dated June, 1991, or (at
+ your option) any later version.
+ .
+ On Debian systems, the complete text of version 2 of the GNU General
+ Public License can be found in '/usr/share/common-licenses/GPL-2'.
+
+License: GPL-3
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 3 dated June, 2007.
+ .
+ On Debian systems, the complete text of version 3 of the GNU General
+ Public License can be found in '/usr/share/common-licenses/GPL-3'.
+
+License: Apache-2.0
+ Debian systems provide the Apache 2.0 license in
+ /usr/share/common-licenses/Apache-2.0
+
+License: MIT
+ Permission is hereby granted, free of charge, to any person obtaining a copy
+ of this software and associated documentation files (the "Software"), to deal
+ in the Software without restriction, including without limitation the rights
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ copies of the Software, and to permit persons to whom the Software is
+ furnished to do so, subject to the following conditions:
+ .
+ The above copyright notice and this permission notice shall be included in all
+ copies or substantial portions of the Software.
+ .
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ SOFTWARE.
+
+License: Unlicense
+ This is free and unencumbered software released into the public domain.
+ .
+ Anyone is free to copy, modify, publish, use, compile, sell, or
+ distribute this software, either in source code form or as a compiled
+ binary, for any purpose, commercial or non-commercial, and by any
+ means.
+ .
+ In jurisdictions that recognize copyright laws, the author or authors
+ of this software dedicate any and all copyright interest in the
+ software to the public domain. We make this dedication for the benefit
+ of the public at large and to the detriment of our heirs and
+ successors. We intend this dedication to be an overt act of
+ relinquishment in perpetuity of all present and future rights to this
+ software under copyright law.
+ .
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ OTHER DEALINGS IN THE SOFTWARE.
+
+License: BSD-2-clause
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are
+ met:
+ .
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+License: ISC
+ Permission to use, copy, modify, and/or distribute this software for any purpose with or without
+ fee is hereby granted, provided that the above copyright notice and this permission notice appear
+ in all copies.
+ .
+ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS
+ SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
+ NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF
+ THIS SOFTWARE.
\ No newline at end of file
--- /dev/null
+usr/lib/*/lib*.so.*
--- /dev/null
+# false positive, the link is there. Somehow lintian is confused
+libhtp-0.5.24-1: dev-pkg-without-shlib-symlink
--- /dev/null
+libhtp-0.5.24.so.1 libhtp-0.5.24-1 #MINVER#
+ bstr_add@Base 3.1.3
+ bstr_add_c@Base 3.1.3
+ bstr_add_c_noex@Base 3.1.3
+ bstr_add_mem@Base 3.1.3
+ bstr_add_mem_noex@Base 3.1.3
+ bstr_add_noex@Base 3.1.3
+ bstr_adjust_len@Base 3.1.3
+ bstr_adjust_realptr@Base 3.1.3
+ bstr_adjust_size@Base 3.1.3
+ bstr_alloc@Base 3.1.3
+ bstr_begins_with@Base 3.1.3
+ bstr_begins_with_c@Base 3.1.3
+ bstr_begins_with_c_nocase@Base 3.1.3
+ bstr_begins_with_mem@Base 3.1.3
+ bstr_begins_with_mem_nocase@Base 3.1.3
+ bstr_begins_with_nocase@Base 3.1.3
+ bstr_builder_append_c@Base 3.1.3
+ bstr_builder_append_mem@Base 3.1.3
+ bstr_builder_appendn@Base 3.1.3
+ bstr_builder_clear@Base 3.1.3
+ bstr_builder_create@Base 3.1.3
+ bstr_builder_destroy@Base 3.1.3
+ bstr_builder_size@Base 3.1.3
+ bstr_builder_to_str@Base 3.1.3
+ bstr_char_at@Base 3.1.3
+ bstr_char_at_end@Base 3.1.3
+ bstr_chop@Base 3.1.3
+ bstr_chr@Base 3.1.3
+ bstr_cmp@Base 3.1.3
+ bstr_cmp_c@Base 3.1.3
+ bstr_cmp_c_nocase@Base 3.1.3
+ bstr_cmp_mem@Base 3.1.3
+ bstr_cmp_mem_nocase@Base 3.1.3
+ bstr_cmp_nocase@Base 3.1.3
+ bstr_dup@Base 3.1.3
+ bstr_dup_c@Base 3.1.3
+ bstr_dup_ex@Base 3.1.3
+ bstr_dup_lower@Base 3.1.3
+ bstr_dup_mem@Base 3.1.3
+ bstr_expand@Base 3.1.3
+ bstr_free@Base 3.1.3
+ bstr_index_of@Base 3.1.3
+ bstr_index_of_c@Base 3.1.3
+ bstr_index_of_c_nocase@Base 3.1.3
+ bstr_index_of_mem@Base 3.1.3
+ bstr_index_of_mem_nocase@Base 3.1.3
+ bstr_index_of_nocase@Base 3.1.3
+ bstr_rchr@Base 3.1.3
+ bstr_to_lowercase@Base 3.1.3
+ bstr_util_cmp_mem@Base 3.1.3
+ bstr_util_cmp_mem_nocase@Base 3.1.3
+ bstr_util_mem_index_of_c@Base 3.1.3
+ bstr_util_mem_index_of_c_nocase@Base 3.1.3
+ bstr_util_mem_index_of_mem@Base 3.1.3
+ bstr_util_mem_index_of_mem_nocase@Base 3.1.3
+ bstr_util_mem_to_pint@Base 3.1.3
+ bstr_util_mem_trim@Base 3.1.3
+ bstr_util_memdup_to_c@Base 3.1.3
+ bstr_util_strdup_to_c@Base 3.1.3
+ bstr_wrap_c@Base 3.1.3
+ bstr_wrap_mem@Base 3.1.3
+ fprint_bstr@Base 3.1.3
+ fprint_raw_data@Base 3.1.3
+ fprint_raw_data_ex@Base 3.1.3
+ htp_base64_decode@Base 3.1.3
+ htp_base64_decode_bstr@Base 3.1.3
+ htp_base64_decode_mem@Base 3.1.3
+ htp_base64_decode_single@Base 3.1.3
+ htp_base64_decoder_init@Base 3.1.3
+ htp_ch_multipart_callback_request_body_data@Base 3.1.3
+ htp_ch_multipart_callback_request_headers@Base 3.1.3
+ htp_ch_urlencoded_callback_request_body_data@Base 3.1.3
+ htp_ch_urlencoded_callback_request_headers@Base 3.1.3
+ htp_ch_urlencoded_callback_request_line@Base 3.1.3
+ htp_chomp@Base 3.1.3
+ htp_config_copy@Base 3.1.3
+ htp_config_create@Base 3.1.3
+ htp_config_destroy@Base 3.1.3
+ htp_config_get_user_data@Base 3.1.3
+ htp_config_register_log@Base 3.1.3
+ htp_config_register_multipart_parser@Base 3.1.3
+ htp_config_register_request_body_data@Base 3.1.3
+ htp_config_register_request_complete@Base 3.1.3
+ htp_config_register_request_file_data@Base 3.1.3
+ htp_config_register_request_header_data@Base 3.1.3
+ htp_config_register_request_headers@Base 3.1.3
+ htp_config_register_request_line@Base 3.1.3
+ htp_config_register_request_start@Base 3.1.3
+ htp_config_register_request_trailer@Base 3.1.3
+ htp_config_register_request_trailer_data@Base 3.1.3
+ htp_config_register_request_uri_normalize@Base 3.1.3
+ htp_config_register_response_body_data@Base 3.1.3
+ htp_config_register_response_complete@Base 3.1.3
+ htp_config_register_response_header_data@Base 3.1.3
+ htp_config_register_response_headers@Base 3.1.3
+ htp_config_register_response_line@Base 3.1.3
+ htp_config_register_response_start@Base 3.1.3
+ htp_config_register_response_trailer@Base 3.1.3
+ htp_config_register_response_trailer_data@Base 3.1.3
+ htp_config_register_transaction_complete@Base 3.1.3
+ htp_config_register_urlencoded_parser@Base 3.1.3
+ htp_config_set_backslash_convert_slashes@Base 3.1.3
+ htp_config_set_bestfit_map@Base 3.1.3
+ htp_config_set_bestfit_replacement_byte@Base 3.1.3
+ htp_config_set_control_chars_unwanted@Base 3.1.3
+ htp_config_set_convert_lowercase@Base 3.1.3
+ htp_config_set_extract_request_files@Base 3.1.3
+ htp_config_set_field_limits@Base 3.1.3
+ htp_config_set_log_level@Base 3.1.3
+ htp_config_set_nul_encoded_terminates@Base 3.1.3
+ htp_config_set_nul_encoded_unwanted@Base 3.1.3
+ htp_config_set_nul_raw_terminates@Base 3.1.3
+ htp_config_set_nul_raw_unwanted@Base 3.1.3
+ htp_config_set_parse_request_auth@Base 3.1.3
+ htp_config_set_parse_request_cookies@Base 3.1.3
+ htp_config_set_path_separators_compress@Base 3.1.3
+ htp_config_set_path_separators_decode@Base 3.1.3
+ htp_config_set_path_separators_encoded_unwanted@Base 3.1.3
+ htp_config_set_plusspace_decode@Base 3.1.3
+ htp_config_set_requestline_leading_whitespace_unwanted@Base 3.1.3
+ htp_config_set_response_decompression@Base 3.1.3
+ htp_config_set_response_decompression_layer_limit@Base 3.1.3
+ htp_config_set_server_personality@Base 3.1.3
+ htp_config_set_tmpdir@Base 3.1.3
+ htp_config_set_tx_auto_destroy@Base 3.1.3
+ htp_config_set_u_encoding_decode@Base 3.1.3
+ htp_config_set_u_encoding_unwanted@Base 3.1.3
+ htp_config_set_url_encoding_invalid_handling@Base 3.1.3
+ htp_config_set_url_encoding_invalid_unwanted@Base 3.1.3
+ htp_config_set_user_data@Base 3.1.3
+ htp_config_set_utf8_convert_bestfit@Base 3.1.3
+ htp_config_set_utf8_invalid_unwanted@Base 3.1.3
+ htp_conn_close@Base 3.1.3
+ htp_conn_create@Base 3.1.3
+ htp_conn_destroy@Base 3.1.3
+ htp_conn_open@Base 3.1.3
+ htp_conn_remove_tx@Base 3.1.3
+ htp_conn_track_inbound_data@Base 3.1.3
+ htp_conn_track_outbound_data@Base 3.1.3
+ htp_connp_REQ_BODY_CHUNKED_DATA@Base 3.1.3
+ htp_connp_REQ_BODY_CHUNKED_DATA_END@Base 3.1.3
+ htp_connp_REQ_BODY_CHUNKED_LENGTH@Base 3.1.3
+ htp_connp_REQ_BODY_DETERMINE@Base 3.1.3
+ htp_connp_REQ_BODY_IDENTITY@Base 3.1.3
+ htp_connp_REQ_CONNECT_CHECK@Base 3.1.3
+ htp_connp_REQ_CONNECT_PROBE_DATA@Base 3.1.3
+ htp_connp_REQ_CONNECT_WAIT_RESPONSE@Base 3.1.3
+ htp_connp_REQ_FINALIZE@Base 3.1.3
+ htp_connp_REQ_HEADERS@Base 3.1.3
+ htp_connp_REQ_IDLE@Base 3.1.3
+ htp_connp_REQ_IGNORE_DATA_AFTER_HTTP_0_9@Base 3.1.3
+ htp_connp_REQ_LINE@Base 3.1.3
+ htp_connp_REQ_LINE_complete@Base 3.1.3
+ htp_connp_REQ_PROTOCOL@Base 3.1.3
+ htp_connp_RES_BODY_CHUNKED_DATA@Base 3.1.3
+ htp_connp_RES_BODY_CHUNKED_DATA_END@Base 3.1.3
+ htp_connp_RES_BODY_CHUNKED_LENGTH@Base 3.1.3
+ htp_connp_RES_BODY_DETERMINE@Base 3.1.3
+ htp_connp_RES_BODY_IDENTITY_CL_KNOWN@Base 3.1.3
+ htp_connp_RES_BODY_IDENTITY_STREAM_CLOSE@Base 3.1.3
+ htp_connp_RES_FINALIZE@Base 3.1.3
+ htp_connp_RES_HEADERS@Base 3.1.3
+ htp_connp_RES_IDLE@Base 3.1.3
+ htp_connp_RES_LINE@Base 3.1.3
+ htp_connp_clear_error@Base 3.1.3
+ htp_connp_close@Base 3.1.3
+ htp_connp_create@Base 3.1.3
+ htp_connp_destroy@Base 3.1.3
+ htp_connp_destroy_all@Base 3.1.3
+ htp_connp_destroy_decompressors@Base 3.1.3
+ htp_connp_get_connection@Base 3.1.3
+ htp_connp_get_in_tx@Base 3.1.3
+ htp_connp_get_last_error@Base 3.1.3
+ htp_connp_get_out_tx@Base 3.1.3
+ htp_connp_get_user_data@Base 3.1.3
+ htp_connp_in_reset@Base 3.1.3
+ htp_connp_in_state_as_string@Base 3.1.3
+ htp_connp_is_line_folded@Base 3.1.3
+ htp_connp_is_line_ignorable@Base 3.1.3
+ htp_connp_is_line_terminator@Base 3.1.3
+ htp_connp_open@Base 3.1.3
+ htp_connp_out_state_as_string@Base 3.1.3
+ htp_connp_req_data@Base 3.1.3
+ htp_connp_req_data_consumed@Base 3.1.3
+ htp_connp_req_receiver_finalize_clear@Base 3.1.3
+ htp_connp_res_data@Base 3.1.3
+ htp_connp_res_data_consumed@Base 3.1.3
+ htp_connp_res_receiver_finalize_clear@Base 3.1.3
+ htp_connp_set_user_data@Base 3.1.3
+ htp_connp_tx_create@Base 3.1.3
+ htp_connp_tx_remove@Base 3.1.3
+ htp_convert_method_to_number@Base 3.1.3
+ htp_decode_path_inplace@Base 3.1.3
+ htp_extract_quoted_string_as_bstr@Base 3.1.3
+ htp_get_version@Base 3.1.3
+ htp_gzip_decompressor_create@Base 3.1.3
+ htp_hook_copy@Base 3.1.3
+ htp_hook_create@Base 3.1.3
+ htp_hook_destroy@Base 3.1.3
+ htp_hook_register@Base 3.1.3
+ htp_hook_run_all@Base 3.1.3
+ htp_hook_run_one@Base 3.1.3
+ htp_is_folding_char@Base 3.1.3
+ htp_is_line_empty@Base 3.1.3
+ htp_is_line_whitespace@Base 3.1.3
+ htp_is_lws@Base 3.1.3
+ htp_is_separator@Base 3.1.3
+ htp_is_space@Base 3.1.3
+ htp_is_text@Base 3.1.3
+ htp_is_token@Base 3.1.3
+ htp_list_array_clear@Base 3.1.3
+ htp_list_array_create@Base 3.1.3
+ htp_list_array_destroy@Base 3.1.3
+ htp_list_array_get@Base 3.1.3
+ htp_list_array_pop@Base 3.1.3
+ htp_list_array_push@Base 3.1.3
+ htp_list_array_replace@Base 3.1.3
+ htp_list_array_shift@Base 3.1.3
+ htp_list_array_size@Base 3.1.3
+ htp_log@Base 3.1.3
+ htp_mpart_part_create@Base 3.1.3
+ htp_mpart_part_destroy@Base 3.1.3
+ htp_mpart_part_finalize_data@Base 3.1.3
+ htp_mpart_part_handle_data@Base 3.1.3
+ htp_mpart_part_parse_c_d@Base 3.1.3
+ htp_mpart_part_process_headers@Base 3.1.3
+ htp_mpartp_create@Base 3.1.3
+ htp_mpartp_destroy@Base 3.1.3
+ htp_mpartp_finalize@Base 3.1.3
+ htp_mpartp_find_boundary@Base 3.1.3
+ htp_mpartp_get_multipart@Base 3.1.3
+ htp_mpartp_parse@Base 3.1.3
+ htp_mpartp_parse_header@Base 3.1.3
+ htp_mpartp_run_request_file_data_hook@Base 3.1.3
+ htp_normalize_hostname_inplace@Base 3.1.3
+ htp_normalize_parsed_uri@Base 3.1.3
+ htp_normalize_uri_path_inplace@Base 3.1.3
+ htp_parse_authorization@Base 3.1.3
+ htp_parse_authorization_basic@Base 3.1.3
+ htp_parse_authorization_digest@Base 3.1.3
+ htp_parse_chunked_length@Base 3.1.3
+ htp_parse_content_length@Base 3.1.3
+ htp_parse_cookies_v0@Base 3.1.3
+ htp_parse_ct_header@Base 3.1.3
+ htp_parse_header_hostport@Base 3.1.3
+ htp_parse_hostport@Base 3.1.3
+ htp_parse_positive_integer_whitespace@Base 3.1.3
+ htp_parse_protocol@Base 3.1.3
+ htp_parse_request_header_generic@Base 3.1.3
+ htp_parse_request_line_apache_2_2@Base 3.1.3
+ htp_parse_request_line_generic@Base 3.1.3
+ htp_parse_request_line_generic_ex@Base 3.1.3
+ htp_parse_response_header_generic@Base 3.1.3
+ htp_parse_response_line_generic@Base 3.1.3
+ htp_parse_single_cookie_v0@Base 3.1.3
+ htp_parse_status@Base 3.1.3
+ htp_parse_uri@Base 3.1.3
+ htp_parse_uri_hostport@Base 3.1.3
+ htp_php_parameter_processor@Base 3.1.3
+ htp_process_request_header_apache_2_2@Base 3.1.3
+ htp_process_request_header_generic@Base 3.1.3
+ htp_process_response_header_generic@Base 3.1.3
+ htp_req_run_hook_body_data@Base 3.1.3
+ htp_res_run_hook_body_data@Base 3.1.3
+ htp_table_add@Base 3.1.3
+ htp_table_addk@Base 3.1.3
+ htp_table_addn@Base 3.1.3
+ htp_table_clear@Base 3.1.3
+ htp_table_clear_ex@Base 3.1.3
+ htp_table_create@Base 3.1.3
+ htp_table_destroy@Base 3.1.3
+ htp_table_destroy_ex@Base 3.1.3
+ htp_table_get@Base 3.1.3
+ htp_table_get_c@Base 3.1.3
+ htp_table_get_index@Base 3.1.3
+ htp_table_get_mem@Base 3.1.3
+ htp_table_size@Base 3.1.3
+ htp_transcode_bstr@Base 3.1.3
+ htp_transcode_params@Base 3.1.3
+ htp_treat_response_line_as_body@Base 3.1.3
+ htp_tx_create@Base 3.1.3
+ htp_tx_destroy@Base 3.1.3
+ htp_tx_destroy_incomplete@Base 3.1.3
+ htp_tx_finalize@Base 3.1.3
+ htp_tx_get_is_config_shared@Base 3.1.3
+ htp_tx_get_user_data@Base 3.1.3
+ htp_tx_is_complete@Base 3.1.3
+ htp_tx_register_request_body_data@Base 3.1.3
+ htp_tx_register_response_body_data@Base 3.1.3
+ htp_tx_req_add_param@Base 3.1.3
+ htp_tx_req_get_param@Base 3.1.3
+ htp_tx_req_get_param_ex@Base 3.1.3
+ htp_tx_req_has_body@Base 3.1.3
+ htp_tx_req_process_body_data@Base 3.1.3
+ htp_tx_req_process_body_data_ex@Base 3.1.3
+ htp_tx_req_set_header@Base 3.1.3
+ htp_tx_req_set_headers_clear@Base 3.1.3
+ htp_tx_req_set_line@Base 3.1.3
+ htp_tx_req_set_method@Base 3.1.3
+ htp_tx_req_set_method_number@Base 3.1.3
+ htp_tx_req_set_parsed_uri@Base 3.1.3
+ htp_tx_req_set_protocol@Base 3.1.3
+ htp_tx_req_set_protocol_0_9@Base 3.1.3
+ htp_tx_req_set_protocol_number@Base 3.1.3
+ htp_tx_req_set_uri@Base 3.1.3
+ htp_tx_request_progress_as_string@Base 3.1.3
+ htp_tx_res_process_body_data@Base 3.1.3
+ htp_tx_res_process_body_data_ex@Base 3.1.3
+ htp_tx_res_set_header@Base 3.1.3
+ htp_tx_res_set_headers_clear@Base 3.1.3
+ htp_tx_res_set_protocol_number@Base 3.1.3
+ htp_tx_res_set_status_code@Base 3.1.3
+ htp_tx_res_set_status_line@Base 3.1.3
+ htp_tx_res_set_status_message@Base 3.1.3
+ htp_tx_response_progress_as_string@Base 3.1.3
+ htp_tx_set_config@Base 3.1.3
+ htp_tx_set_user_data@Base 3.1.3
+ htp_tx_state_request_complete@Base 3.1.3
+ htp_tx_state_request_complete_partial@Base 3.1.3
+ htp_tx_state_request_headers@Base 3.1.3
+ htp_tx_state_request_line@Base 3.1.3
+ htp_tx_state_request_start@Base 3.1.3
+ htp_tx_state_response_complete@Base 3.1.3
+ htp_tx_state_response_complete_ex@Base 3.1.3
+ htp_tx_state_response_headers@Base 3.1.3
+ htp_tx_state_response_line@Base 3.1.3
+ htp_tx_state_response_start@Base 3.1.3
+ htp_tx_urldecode_params_inplace@Base 3.1.3
+ htp_tx_urldecode_uri_inplace@Base 3.1.3
+ htp_unparse_uri_noencode@Base 3.1.3
+ htp_uri_alloc@Base 3.1.3
+ htp_uri_free@Base 3.1.3
+ htp_urldecode_inplace@Base 3.1.3
+ htp_urldecode_inplace_ex@Base 3.1.3
+ htp_urlenp_create@Base 3.1.3
+ htp_urlenp_destroy@Base 3.1.3
+ htp_urlenp_finalize@Base 3.1.3
+ htp_urlenp_parse_complete@Base 3.1.3
+ htp_urlenp_parse_partial@Base 3.1.3
+ htp_utf8_decode@Base 3.1.3
+ htp_utf8_decode_allow_overlong@Base 3.1.3
+ htp_utf8_decode_path_inplace@Base 3.1.3
+ htp_utf8_validate_path@Base 3.1.3
+ htp_validate_hostname@Base 3.1.3
+ strlcat@Base 3.1.3
+ strlcpy@Base 3.1.3
--- /dev/null
+Description: handle undefined LEVEL1_DCACHE_LINESIZE
+ On some platforms (riscv64, s390x) this value is undefined as returned from getconf.
+ We also need to handle this to avoid using the string undefined blindly in further
+ #defines, which would otherwise cause compile errors.
+Author: Sascha Steinbiss <satta@debian.org>
+Applied-Upstream: https://github.com/OISF/suricata/pull/7350
+Last-Update: 2022-06-01
+--- a/configure.ac
++++ b/configure.ac
+@@ -2447,7 +2447,7 @@
+ AC_PATH_PROG(HAVE_GETCONF_CMD, getconf, "no")
+ if test "$HAVE_GETCONF_CMD" != "no"; then
+ CLS=$(getconf LEVEL1_DCACHE_LINESIZE)
+- if [test "$CLS" != "" && test "$CLS" != "0"]; then
++ if [test "$CLS" != "undefined" && "$CLS" != "" && test "$CLS" != "0"]; then
+ AC_DEFINE_UNQUOTED([CLS],[${CLS}],[L1 cache line size])
+ else
+ AC_DEFINE([CLS],[64],[L1 cache line size])
--- /dev/null
+From 6f7636cfc6dffb387afe21f4f3bff119f8d8e033 Mon Sep 17 00:00:00 2001
+From: Eric Leblond <eric@regit.org>
+Date: Thu, 31 Oct 2019 13:29:56 +0100
+Subject: [PATCH] ebpf: avoid to include if_tunnel.h
+
+This is causing a dependency issue as file from another architecture
+have to be installed.
+---
+ ebpf/xdp_lb.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+--- a/ebpf/xdp_lb.c
++++ b/ebpf/xdp_lb.c
+@@ -26,7 +26,6 @@
+ /* Workaround to avoid the need of 32bit headers */
+ #define _LINUX_IF_H
+ #define IFNAMSIZ 16
+-#include <linux/if_tunnel.h>
+ #include <linux/ip.h>
+ #include <linux/ipv6.h>
+ #include <linux/tcp.h>
+@@ -35,6 +34,12 @@
+
+ #include "hash_func01.h"
+
++#define GRE_CSUM __cpu_to_be16(0x8000)
++#define GRE_ROUTING __cpu_to_be16(0x4000)
++#define GRE_KEY __cpu_to_be16(0x2000)
++#define GRE_SEQ __cpu_to_be16(0x1000)
++#define GRE_VERSION __cpu_to_be16(0x0007)
++
+ #define LINUX_VERSION_CODE 263682
+
+ /* Hashing initval */
--- /dev/null
+Description: fix CIDRFromMask() on s390x
+ This addresses a segfault on that platform which breaks testing transition.
+Author: Sascha Steinbiss <satta@debian.org>
+Forwarded: https://github.com/OISF/suricata/pull/7332
+Last-Update: 2022-04-30
+--- a/src/runmode-unittests.c
++++ b/src/runmode-unittests.c
+@@ -208,6 +208,7 @@
+ SourceWinDivertRegisterTests();
+ #endif
+ SCProtoNameRegisterTests();
++ UtilCIDRTests();
+ }
+ #endif
+
+--- a/src/util-cidr.c
++++ b/src/util-cidr.c
+@@ -25,10 +25,38 @@
+
+ #include "suricata-common.h"
+ #include "util-cidr.h"
++#include "util-unittest.h"
+
+ /** \brief turn 32 bit mask into CIDR
+ * \retval cidr cidr value or -1 if the netmask can't be expressed as cidr
+ */
++
++#if (defined(__s390__) || defined(__s390x__) || defined(__zarch__))
++
++int CIDRFromMask(uint32_t netmask)
++{
++ netmask = ntohl(netmask);
++ if (netmask == 0) {
++ return 0;
++ }
++ int p = 0;
++ bool seen_1 = false;
++ while (netmask > 0) {
++ if (netmask & 1) {
++ seen_1 = true;
++ p++;
++ } else {
++ if (seen_1) {
++ return -1;
++ }
++ }
++ netmask >>= 1;
++ }
++ return p;
++}
++
++#else
++
+ int CIDRFromMask(uint32_t netmask)
+ {
+ if (netmask == 0) {
+@@ -52,6 +80,8 @@
+ return lead_1;
+ }
+
++#endif
++
+ uint32_t CIDRGet(int cidr)
+ {
+ if (cidr <= 0 || cidr > 32)
+@@ -95,3 +125,61 @@
+ in6->s6_addr[i] = in6->s6_addr[i] >> 1;
+ }
+ }
++
++#ifdef UNITTESTS
++
++static int CIDRFromMaskTest01(void)
++{
++ struct in_addr in;
++ int v = inet_pton(AF_INET, "255.255.255.0", &in);
++
++ FAIL_IF(v <= 0);
++ FAIL_IF_NOT(24 == CIDRFromMask(in.s_addr));
++
++ PASS;
++}
++
++static int CIDRFromMaskTest02(void)
++{
++ struct in_addr in;
++ int v = inet_pton(AF_INET, "255.255.0.42", &in);
++
++ FAIL_IF(v <= 0);
++ FAIL_IF_NOT(-1 == CIDRFromMask(in.s_addr));
++
++ PASS;
++}
++
++static int CIDRFromMaskTest03(void)
++{
++ struct in_addr in;
++ int v = inet_pton(AF_INET, "0.0.0.0", &in);
++
++ FAIL_IF(v <= 0);
++ FAIL_IF_NOT(0 == CIDRFromMask(in.s_addr));
++
++ PASS;
++}
++
++static int CIDRFromMaskTest04(void)
++{
++ struct in_addr in;
++ int v = inet_pton(AF_INET, "255.255.255.255", &in);
++
++ FAIL_IF(v <= 0);
++ FAIL_IF_NOT(32 == CIDRFromMask(in.s_addr));
++
++ PASS;
++}
++
++#endif /* UNITTESTS */
++
++void UtilCIDRTests(void)
++{
++#ifdef UNITTESTS
++ UtRegisterTest("CIDRFromMaskTest01", CIDRFromMaskTest01);
++ UtRegisterTest("CIDRFromMaskTest02", CIDRFromMaskTest02);
++ UtRegisterTest("CIDRFromMaskTest03", CIDRFromMaskTest03);
++ UtRegisterTest("CIDRFromMaskTest04", CIDRFromMaskTest04);
++#endif /* UNITTESTS */
++}
+--- a/src/util-cidr.h
++++ b/src/util-cidr.h
+@@ -28,5 +28,7 @@
+ uint32_t CIDRGet(int);
+ void CIDRGetIPv6(int cidr, struct in6_addr *in6);
+
++void UtilCIDRTests(void);
++
+ #endif /* __UTIL_NETMASK_H__ */
+
--- /dev/null
+From: Hilko Bengen <bengen@debian.org>
+Date: Tue, 22 Jan 2019 18:10:47 +0100
+Subject: configure: Introduce CLANG variable
+
+---
+ configure.ac | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+--- a/configure.ac
++++ b/configure.ac
+@@ -38,6 +38,15 @@
+
+ AC_SUBST([CLANG])
+
++ AC_ARG_WITH([clang],
++ [CLANG compiler],
++ [CLANG="$withval"],
++ [AS_IF([test "$compiler" = clang],
++ [CLANG="$CC"],
++ [AC_PATH_PROG([CLANG],[clang])])])
++
++ AC_SUBST([CLANG])
++
+ case "$compiler" in
+ clang)
+ CLANG_CFLAGS="-Wextra -Werror-implicit-function-declaration -Wno-error=unused-command-line-argument"
--- /dev/null
+--- a/configure.ac
++++ b/configure.ac
+@@ -77,8 +77,8 @@
+ AC_PATH_PROG(HAVE_CYGPATH, cygpath, "no")
+ AM_CONDITIONAL([HAVE_CYGPATH], [test "x$HAVE_CYGPATH" != "xno"])
+
+- AC_PATH_PROG(HAVE_PKG_CONFIG, pkg-config, "no")
+- if test "$HAVE_PKG_CONFIG" = "no"; then
++ PKG_PROG_PKG_CONFIG
++ if test "x$PKG_CONFIG" = "x"; then
+ echo
+ echo " ERROR! pkg-config not found, go get it "
+ echo " http://pkg-config.freedesktop.org/wiki/ "
--- /dev/null
+From: Arturo Borrero Gonzalez <arturo@debian.org>
+Subject: Debian default configuration
+ This patch sets Debian defaults for suricata configuration.
+ .
+ Currently, it sets a proper path for suricata unix socket.
+Forwarded: not-needed
+Last-Update: 2016-12-01
+
+--- a/suricata.yaml.in
++++ b/suricata.yaml.in
+@@ -1067,8 +1067,8 @@
+ # activated in live capture mode. You can use the filename variable to set
+ # the file name of the socket.
+ unix-command:
+- enabled: auto
+- #filename: custom.socket
++ enabled: yes
++ filename: @e_localstatedir@suricata-command.socket
+
+ # Magic file. The extension .mgc is added to the value here.
+ #magic-file: /usr/share/file/magic
+--- a/src/unix-manager.c
++++ b/src/unix-manager.c
+@@ -53,7 +53,7 @@
+ # endif
+ #endif
+
+-#define SOCKET_PATH LOCAL_STATE_DIR "/run/suricata/"
++#define SOCKET_PATH LOCAL_STATE_DIR "/"
+ #define SOCKET_FILENAME "suricata-command.socket"
+ #define SOCKET_TARGET SOCKET_PATH SOCKET_FILENAME
+
+--- a/configure.ac
++++ b/configure.ac
+@@ -2757,7 +2757,7 @@
+ EXPAND_VARIABLE(localstatedir, e_logfilesdir, "/log/suricata/files")
+ EXPAND_VARIABLE(localstatedir, e_logcertsdir, "/log/suricata/certs")
+ EXPAND_VARIABLE(sysconfdir, e_sysconfdir, "/suricata/")
+- EXPAND_VARIABLE(localstatedir, e_localstatedir, "/run/suricata")
++ EXPAND_VARIABLE(localstatedir, e_localstatedir, "/run/")
+ EXPAND_VARIABLE(datadir, e_datarulesdir, "/suricata/rules")
+ EXPAND_VARIABLE(localstatedir, e_datadir, "/lib/suricata/data")
+ EXPAND_VARIABLE(ruledirprefix, e_defaultruledir, "/suricata/rules")
--- /dev/null
+Description: do not clean vendor directory on distclean
+ dh_auto_clean calls make distclean, which in the case of Suricata also
+ removes the vendor directory. This breaks repeated builds.
+Author: Sascha Steinbiss <satta@debian.org>
+Last-Update: 2018-12-26
+--- a/rust/Makefile.am
++++ b/rust/Makefile.am
+@@ -65,7 +65,7 @@
+ rm -f Cargo.lock
+
+ maintainerclean-local:
+- rm -rf vendor gen
++ rm -rf gen
+
+ check:
+ CARGO_HOME="$(CARGO_HOME)" @rustup_home@ \
--- /dev/null
+From: Eric Leblond <eric@regit.org>
+Date: Wed, 17 Jul 2019 12:35:12 +0200
+Subject: [PATCH] af-packet: fix build on recent Linux kernels
+--- a/src/source-af-packet.c
++++ b/src/source-af-packet.c
+@@ -68,6 +68,10 @@
+ #include <linux/sockios.h>
+ #endif
+
++#if HAVE_LINUX_SOCKIOS_H
++#include <linux/sockios.h>
++#endif
++
+ #ifdef HAVE_PACKET_EBPF
+ #include "util-ebpf.h"
+ #include <bpf/libbpf.h>
--- /dev/null
+--- a/configure.ac
++++ b/configure.ac
+@@ -497,11 +497,12 @@
+ [
+ AS_IF([test "$CLANG" != no],
+ [
+- llc_candidates=$($CLANG --version | \
+- awk '/^clang version/ {
+- split($3, v, ".");
+- printf("llc-%s.%s llc-%s llc", v[[1]], v[[2]], v[[1]])
+- }')
++ #llc_candidates=$($CLANG --version | \
++ # awk '/^clang version/ {
++ # split($3, v, ".");
++ # printf("llc-%s.%s llc-%s llc", v[[1]], v[[2]], v[[1]])
++ # }')
++ llc_candidates=llc
+ AC_CHECK_PROGS([LLC], [$llc_candidates], "no")
+ if test "$LLC" = "no"; then
+ AC_MSG_ERROR([unable to find any of $llc_candidates needed to build ebpf files])
--- /dev/null
+Description: Don't use __USE_GNU
+ __USE_GNU is a glibc-internal symbol.
+ AC_USE_SYSTEM_EXTENSIONS is the proper autoconf
+ way to enable extensions.
+Author: Adrian Bunk <bunk@debian.org>
+
+--- a/configure.ac
++++ b/configure.ac
+@@ -6,6 +6,7 @@
+ AM_INIT_AUTOMAKE([tar-ustar subdir-objects])
+
+ AC_LANG([C])
++ AC_USE_SYSTEM_EXTENSIONS
+ LT_INIT
+ PKG_PROG_PKG_CONFIG
+
+--- a/src/suricata-common.h
++++ b/src/suricata-common.h
+@@ -33,9 +33,6 @@
+ #define TRUE 1
+ #define FALSE 0
+
+-#define _GNU_SOURCE
+-#define __USE_GNU
+-
+ #if HAVE_CONFIG_H
+ #include <autoconf.h>
+ #endif
--- /dev/null
+Description: do not install the suricata Python module
+ Suricata's Python tools only import submodules of 'suricata'. Not installing
+ this module ensures that there is no chance of having an __init__.py in the
+ root module directory that might clash with other packages, e.g. suricata-
+ update.
+Author: Sascha Steinbiss <satta@debian.org>
+Bug: https://redmine.openinfosecfoundation.org/issues/3156
+Last-Update: 2019-09-18
+--- a/python/setup.py
++++ b/python/setup.py
+@@ -49,7 +49,6 @@
+ author_email='oisf-devel@lists.openinfosecfoundation.org, eric@regit.org',
+ url='https://www.suricata-ids.org/',
+ packages=[
+- "suricata",
+ "suricata.config",
+ "suricata.ctl",
+ "suricata.sc",
--- /dev/null
+From: Arturo Borrero Gonzalez <arturo@debian.org>
+Subject: Patch to make the suricata build reproducible
+ This patch makes some changes to the suricata build to make it reproducible
+ .
+ Currently, it only filters out the -fdebug-prefix-map CFLAG which embeds
+ the build path.
+Forwarded: not-needed
+Last-Update: 2016-09-05
+
+--- a/configure.ac
++++ b/configure.ac
+@@ -2884,7 +2884,8 @@
+ echo
+ echo "$SURICATA_BUILD_CONF"
+ echo "printf(" >src/build-info.h
+-echo "$SURICATA_BUILD_CONF" | sed -e 's/^/"/' | sed -e 's/$/\\n"/' >>src/build-info.h
++echo "$SURICATA_BUILD_CONF" | sed -e 's/^/"/' | sed -e 's/$/\\n"/' \
++ | sed 's/-fdebug-prefix-map=.*=. //' >>src/build-info.h
+ echo ");" >>src/build-info.h
+
+ echo "
--- /dev/null
+reproducible.patch
+debian-default-cfg.patch
+cross.patch
+no-use-gnu.patch
+fix-repeated-builds.patch
+configure-clang-variable.patch
+with-ebpf-includes.patch
+import-sockio-h.patch
+remove-conflicting-python-file.patch
+avoid-to-include-if_tunnel-h.patch
+llc.patch
+bigendian-cidr.patch
+LEVEL1_DCACHE_LINESIZE.patch
--- /dev/null
+From: Hilko Bengen <bengen@debian.org>
+Date: Tue, 23 Jul 2019 14:43:21 +0200
+Subject: Add --with-ebpf-includes parameter
+
+---
+ configure.ac | 4 ++++
+ ebpf/Makefile.am | 3 +--
+ 2 files changed, 5 insertions(+), 2 deletions(-)
+
+--- a/configure.ac
++++ b/configure.ac
+@@ -509,6 +509,10 @@
+ AC_SUBST(LLC)
+ ],
+ [AC_MSG_ERROR([clang needed to build ebpf files])])
++ AC_ARG_WITH(ebpf_includes,
++ [ --with-ebpf-includes=DIR include directory for building eBPF programs],
++ [AC_SUBST([ebpf_includes],["$withval"])],
++ [AC_SUBST([ebpf_includes],["/usr/include/${build_alias}"])])
+ ])
+
+ # enable debug output
+--- a/ebpf/Makefile.am
++++ b/ebpf/Makefile.am
+@@ -4,7 +4,7 @@
+ if BUILD_EBPF
+
+ # Maintaining a local copy of UAPI linux/bpf.h
+-BPF_CFLAGS = -Iinclude
++BPF_CFLAGS = -Iinclude -I$(ebpf_includes)
+
+ BPF_TARGETS = lb.bpf
+ BPF_TARGETS += filter.bpf
+@@ -19,7 +19,6 @@
+ $(BPF_TARGETS): %.bpf: %.c
+ # From C-code to LLVM-IR format suffix .ll (clang -S -emit-llvm)
+ ${CLANG} -Wall $(BPF_CFLAGS) -O2 \
+- -I/usr/include/$(build_cpu)-$(build_os)/ \
+ -D__KERNEL__ -D__ASM_SYSREG_H \
+ -target bpf -S -emit-llvm $< -o ${@:.bpf=.ll}
+ # From LLVM-IR to BPF-bytecode in ELF-obj file
--- /dev/null
+#!/usr/bin/make -f
+
+# verbose mode
+export DH_VERBOSE=1
+
+SURICATA_DESTDIR = $(CURDIR)/debian/tmp
+export DEB_BUILD_MAINT_OPTIONS = hardening=+pie,+bindnow
+export CARGO_HOME = $(CURDIR)/debian/cargohome
+
+include /usr/share/dpkg/architecture.mk
+
+# workaround for linking issue on some archs
+export DEB_LDFLAGS_MAINT_APPEND = -Wl,--allow-multiple-definition
+EXTRA_ATOMIC_ARCHS = armel mipsel powerpc
+ifneq (,$(findstring $(DEB_HOST_ARCH),$(EXTRA_ATOMIC_ARCHS)))
+ DEB_LDFLAGS_MAINT_APPEND += -latomic
+ export DEB_LDFLAGS_MAINT_APPEND
+endif
+
+LUAJIT_ARCHS = i386 amd64 powerpc mips mipsel armel armhf
+HYPERSCAN_ARCHS = i386 amd64 hurd-i386 kfreebsd-amd64 x32
+RUST_ARCHS = i386 amd64
+EBPF_ARCHS = amd64 arm64 armel armhf i386 ppc64el s390x ppc64 sparc64 x32
+
+LIBHTP_PKG_VERSION=$(shell apt-cache policy libhtp2 | grep Installed | cut -f2- -d: | cut -c2-)
+
+ifneq (,$(findstring $(DEB_HOST_ARCH),$(LUAJIT_ARCHS)))
+ ENABLE_LUAJIT="--enable-luajit"
+endif
+
+ifneq (,$(findstring $(DEB_HOST_ARCH),$(HYPERSCAN_ARCHS)))
+ ENABLE_HYPERSCAN="--enable-libhs"
+endif
+
+ifneq (,$(findstring $(DEB_HOST_ARCH),$(RUST_ARCHS)))
+ ENABLE_HYPERSCAN="--enable-rust"
+endif
+
+CI ?= $(shell $(CURDIR)/debian/building-in-ci.sh)
+ifeq ($(CI),true)
+ ENABLE_UNITTESTS="--enable-unittests"
+endif
+
+ifneq (,$(findstring $(DEB_HOST_ARCH),$(EBPF_ARCHS)))
+ ENABLE_EBPF=--enable-ebpf --enable-ebpf-build \
+ --with-ebpf-includes=/usr/include/$(DEB_HOST_MULTIARCH)
+endif
+
+CONFIGURE_ARGS = --enable-af-packet --enable-nfqueue --enable-nflog \
+ --enable-gccprotect --disable-gccmarch-native \
+ --with-libnss-includes=/usr/include/nss --with-libnss-libraries=/usr/lib/$(DEB_HOST_MULTIARCH) \
+ --with-libnspr-includes=/usr/include/nspr --with-libnspr-libraries=/usr/lib/$(DEB_HOST_MULTIARCH) \
+ --with-libevent-includes=/usr/include --with-libevent-libraries=/usr/lib/$(DEB_HOST_MULTIARCH) \
+ --disable-coccinelle \
+ --enable-geoip --enable-hiredis \
+ --enable-non-bundled-htp \
+ --disable-suricata-update \
+ $(ENABLE_LUAJIT) \
+ $(ENABLE_HYPERSCAN) \
+ $(ENABLE_UNITTESTS) \
+ $(ENABLE_EBPF)
+
+override_dh_auto_configure:
+ dh_auto_configure -- $(CONFIGURE_ARGS)
+
+override_dh_auto_build:
+ uname -a
+ mkdir -p $(CARGO_HOME)
+ dh_auto_build
+
+override_dh_auto_clean:
+ rm -rf $(CARGO_HOME)
+ rm -f debian/suricata.substvars
+
+override_dh_auto_install:
+ dh_auto_install --destdir=$(SURICATA_DESTDIR)
+ rm -rf $(SURICATA_DESTDIR)/usr/lib/python*;\
+ (cd python &&\
+ python3 -B setup.py install --install-layout=deb --prefix $(SURICATA_DESTDIR)/usr)
+ # clean upstream install documentation
+ rm -rf $(SURICATA_DESTDIR)/usr/share/doc/suricata/*
+ $(foreach file, $(wildcard ebpf/*bpf), \
+ install -D -t $(SURICATA_DESTDIR)/usr/lib/suricata/ebpf $(file) ;\
+ )
+
+override_dh_strip:
+ dh_strip --dbgsym-migration='suricata-dbg (<< 1:4.0.0-2~)'
+
+override_dh_auto_test:
+ # do nothing
+
+override_dh_missing:
+ dh_missing --list-missing
+
+override_dh_gencontrol:
+ echo "libhtp:Version=$(LIBHTP_PKG_VERSION)" >> debian/suricata.substvars
+ dh_gencontrol
+
+%:
+ dh $@ --with python3
--- /dev/null
+3.0 (quilt)
--- /dev/null
+.\" Man page generated from reStructuredText.
+.
+.TH "SURICATA" "1" "Nov 08, 2020" "6.0.1" "Suricata"
+.SH NAME
+suricata \- Suricata
+.
+.nr rst2man-indent-level 0
+.
+.de1 rstReportMargin
+\\$1 \\n[an-margin]
+level \\n[rst2man-indent-level]
+level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
+-
+\\n[rst2man-indent0]
+\\n[rst2man-indent1]
+\\n[rst2man-indent2]
+..
+.de1 INDENT
+.\" .rstReportMargin pre:
+. RS \\$1
+. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
+. nr rst2man-indent-level +1
+.\" .rstReportMargin post:
+..
+.de UNINDENT
+. RE
+.\" indent \\n[an-margin]
+.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.nr rst2man-indent-level -1
+.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
+..
+.SH SYNOPSIS
+.sp
+\fBsuricata\fP [OPTIONS] [BPF FILTER]
+.SH DESCRIPTION
+.sp
+\fBsuricata\fP is a high performance Network IDS, IPS and Network Security
+Monitoring engine. Open Source and owned by a community run non\-profit
+foundation, the Open Information Security Foundation (OISF).
+.sp
+\fBsuricata\fP can be used to analyze live traffic and pcap files. It can
+generate alerts based on rules. \fBsuricata\fP will generate traffic logs.
+.sp
+When used with live traffic \fBsuricata\fP can be passive or active. Active
+modes are: inline in a L2 bridge setup, inline with L3 integration with
+host filewall (NFQ, IPFW, WinDivert), or out of band using active responses.
+.SH OPTIONS
+.INDENT 0.0
+.TP
+.B \-h
+Display a brief usage overview.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-V
+Displays the version of Suricata.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-c <path>
+Path to configuration file.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-T
+Test configuration.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-v
+Increase the verbosity of the Suricata application logging by
+increasing the log level from the default. This option can be
+passed multiple times to further increase the verbosity.
+.INDENT 7.0
+.IP \(bu 2
+\-v: INFO
+.IP \(bu 2
+\-vv: PERF
+.IP \(bu 2
+\-vvv: CONFIG
+.IP \(bu 2
+\-vvvv: DEBUG
+.UNINDENT
+.sp
+This option will not decrease the log level set in the
+configuration file if it is already more verbose than the level
+requested with this option.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-r <path>
+Run in pcap offline mode (replay mode) reading files from pcap file. If
+<path> specifies a directory, all files in that directory will be processed
+in order of modified time maintaining flow state between files.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-pcap\-file\-continuous
+Used with the \-r option to indicate that the mode should stay alive until
+interrupted. This is useful with directories to add new files and not reset
+flow state between files.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-pcap\-file\-recursive
+.TP
+.B Used with the \-r option when the path provided is a directory. This option
+.TP
+.B enables recursive traversal into subdirectories to a maximum depth of 255.
+.TP
+.B This option cannot be combined with \-\-pcap\-file\-continuous. Symlinks are
+.TP
+.B ignored.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-pcap\-file\-delete
+Used with the \-r option to indicate that the mode should delete pcap files
+after they have been processed. This is useful with pcap\-file\-continuous to
+continuously feed files to a directory and have them cleaned up when done. If
+this option is not set, pcap files will not be deleted after processing.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-i <interface>
+After the \-i option you can enter the interface card you would like
+to use to sniff packets from. This option will try to use the best
+capture method available. Can be used several times to sniff packets from
+several interfaces.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-pcap[=<device>]
+Run in PCAP mode. If no device is provided the interfaces
+provided in the \fIpcap\fP section of the configuration file will be
+used.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-af\-packet[=<device>]
+Enable capture of packet using AF_PACKET on Linux. If no device is
+supplied, the list of devices from the af\-packet section in the
+yaml is used.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-q <queue id>
+Run inline of the NFQUEUE queue ID provided. May be provided
+multiple times.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-s <filename.rules>
+With the \-s option you can set a file with signatures, which will
+be loaded together with the rules set in the yaml.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-S <filename.rules>
+With the \-S option you can set a file with signatures, which will
+be loaded exclusively, regardless of the rules set in the yaml.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-l <directory>
+With the \-l option you can set the default log directory. If you
+already have the default\-log\-dir set in yaml, it will not be used
+by Suricata if you use the \-l option. It will use the log dir that
+is set with the \-l option. If you do not set a directory with
+the \-l option, Suricata will use the directory that is set in yaml.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-D
+Normally if you run Suricata on your console, it keeps your console
+occupied. You can not use it for other purposes, and when you close
+the window, Suricata stops running. If you run Suricata as daemon
+(using the \-D option), it runs at the background and you will be
+able to use the console for other tasks without disturbing the
+engine running.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-runmode <runmode>
+With the \fI\-\-runmode\fP option you can set the runmode that you would
+like to use. This command line option can override the yaml runmode
+option.
+.sp
+Runmodes are: \fIworkers\fP, \fIautofp\fP and \fIsingle\fP\&.
+.sp
+For more information about runmodes see Runmodes in the user guide.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-F <bpf filter file>
+Use BPF filter from file.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-k [all|none]
+Force (all) the checksum check or disable (none) all checksum
+checks.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-user=<user>
+Set the process user after initialization. Overrides the user
+provided in the \fIrun\-as\fP section of the configuration file.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-group=<group>
+Set the process group to group after initialization. Overrides the
+group provided in the \fIrun\-as\fP section of the configuration file.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-pidfile <file>
+Write the process ID to file. Overrides the \fIpid\-file\fP option in
+the configuration file and forces the file to be written when not
+running as a daemon.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-init\-errors\-fatal
+Exit with a failure when errors are encountered loading signatures.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-disable\-detection
+Disable the detection engine.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-dump\-config
+Dump the configuration loaded from the configuration file to the
+terminal and exit.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-dump\-features
+Dump the features provided by Suricata modules and exit. Features
+list (a subset of) the configuration values and are intended to
+assist with comparing provided features with those required by
+one or more rules.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-build\-info
+Display the build information the Suricata was built with.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-list\-app\-layer\-protos
+List all supported application layer protocols.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-list\-keywords=[all|csv|<kword>]
+List all supported rule keywords.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-list\-runmodes
+List all supported run modes.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-set <key>=<value>
+Set a configuration value. Useful for overriding basic
+configuration parameters. For example, to change the default log
+directory:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+\-\-set default\-log\-dir=/var/tmp
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+This option cannot be used to add new entries to a list in the
+configuration file, such as a new output. It can only be used to
+modify a value in a list that already exists.
+.sp
+For example, to disable the \fBeve\-log\fP in the default
+configuration file:
+.INDENT 7.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+\-\-set outputs.1.eve\-log.enabled=no
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Also note that the index values may change as the \fBsuricata.yaml\fP
+is updated.
+.sp
+See the output of \fB\-\-dump\-config\fP for existing values that could
+be modified with their index.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-engine\-analysis
+Print reports on analysis of different sections in the engine and
+exit. Please have a look at the conf parameter engine\-analysis on
+what reports can be printed
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-unix\-socket=<file>
+Use file as the Suricata unix control socket. Overrides the
+\fIfilename\fP provided in the \fIunix\-command\fP section of the
+configuration file.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-reject\-dev=<device>
+Use \fIdevice\fP to send out RST / ICMP error packets with
+the \fIreject\fP keyword.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-pcap\-buffer\-size=<size>
+Set the size of the PCAP buffer (0 \- 2147483647).
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-netmap[=<device>]
+Enable capture of packet using NETMAP on FreeBSD or Linux. If no
+device is supplied, the list of devices from the netmap section
+in the yaml is used.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-pfring[=<device>]
+Enable PF_RING packet capture. If no device provided, the devices in
+the Suricata configuration will be used.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-pfring\-cluster\-id <id>
+Set the PF_RING cluster ID.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-pfring\-cluster\-type <type>
+Set the PF_RING cluster type (cluster_round_robin, cluster_flow).
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-d <divert\-port>
+Run inline using IPFW divert mode.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-dag <device>
+Enable packet capture off a DAG card. If capturing off a specific
+stream the stream can be select using a device name like
+"dag0:4". This option may be provided multiple times read off
+multiple devices and/or streams.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-napatech
+Enable packet capture using the Napatech Streams API.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-erf\-in=<file>
+Run in offline mode reading the specific ERF file (Endace
+extensible record format).
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-simulate\-ips
+Simulate IPS mode when running in a non\-IPS mode.
+.UNINDENT
+.SH OPTIONS FOR DEVELOPERS
+.INDENT 0.0
+.TP
+.B \-u
+Run the unit tests and exit. Requires that Suricata be configured
+with \fI\-\-enable\-unittests\fP\&.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-U, \-\-unittest\-filter=REGEX
+With the \-U option you can select which of the unit tests you want
+to run. This option uses REGEX. Example of use: suricata \-u \-U
+http
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-list\-unittests
+Lists available unit tests.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-fatal\-unittests
+Enables fatal failure on a unit test error. Suricata will exit
+instead of continuing more tests.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B \-\-unittests\-coverage
+Display unit test coverage report.
+.UNINDENT
+.SH SIGNALS
+.sp
+Suricata will respond to the following signals:
+.sp
+SIGUSR2
+.INDENT 0.0
+.INDENT 3.5
+Causes Suricata to perform a live rule reload.
+.UNINDENT
+.UNINDENT
+.sp
+SIGHUP
+.INDENT 0.0
+.INDENT 3.5
+Causes Suricata to close and re\-open all log files. This can be
+used to re\-open log files after they may have been moved away by
+log rotation utilities.
+.UNINDENT
+.UNINDENT
+.SH FILES AND DIRECTORIES
+.INDENT 0.0
+.TP
+.B /usr/local/etc/suricata/suricata.yaml
+Default location of the Suricata configuration file.
+.TP
+.B /usr/local/var/log/suricata
+Default Suricata log directory.
+.UNINDENT
+.SH EXAMPLES
+.sp
+To capture live traffic from interface \fIeno1\fP:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+suricata \-i eno1
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+To analyze a pcap file and output logs to the CWD:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+suricata \-r /path/to/capture.pcap
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+To capture using \fIAF_PACKET\fP and override the flow memcap setting from the \fIsuricata.yaml\fP:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+suricata \-\-af\-packet \-\-set flow.memcap=1gb
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+To analyze a pcap file with a custom rule file:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+suricata \-r /pcap/to/capture.pcap \-S /path/to/custom.rules
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SH BUGS
+.sp
+Please visit Suricata\(aqs support page for information about submitting
+bugs or feature requests.
+.SH NOTES
+.INDENT 0.0
+.IP \(bu 2
+Suricata Home Page
+.INDENT 2.0
+.INDENT 3.5
+\fI\%https://suricata\-ids.org/\fP
+.UNINDENT
+.UNINDENT
+.IP \(bu 2
+Suricata Support Page
+.INDENT 2.0
+.INDENT 3.5
+\fI\%https://suricata\-ids.org/support/\fP
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.SH COPYRIGHT
+2016-2019, OISF
+.\" Generated by docutils manpage writer.
+.
--- /dev/null
+Suricata for Debian
+-------------------
+
+The engine is an Open Source Next Generation Intrusion Detection and
+Prevention Tool, not intended to just replace or emulate the existing tools in
+the industry, but to bring new ideas and technologies to the field.
+
+To run the engine with default configuration on interface eth0 (in live mode),
+run the following command (as root):
+ suricata -c /etc/suricata/suricata.yaml -i eth0
+
+To run in live NFQUEUE mode, use (as root):
+ suricata -c /etc/suricata/suricata.yaml -q $QUEUE_ID
+
+You can also run suricata on a PCAP file:
+ suricata -c /etc/suricata/suricata.yaml -r file.pcap
+
+
+Daemon system integration
+-------------------------
+
+The suricata daemon comes preconfigured to run as a system daemon with systemd.
+
+You can start/stop the daemon with:
+ % sudo systemctl start suricata.service
+ % sudo systemctl stop suricata.service
+
+You should copy /lib/systemd/system/suricata.service to
+/etc/systemd/system/suricata.service and adapt the configuration to your needs.
+
+The sysvinit script and related files (/etc/init.d/suricata and
+/etc/default/suricata) will be eventually discarted at some point in the
+future. The /etc/default/suricata file is ignored by the default
+suricata.service file.
+
+By now, there is no integration between suricata and libsystemd (so, options
+like the watchdog are not supported).
+
+
+Updating Rules
+--------------
+
+You should edit /etc/suricata/suricata.yaml and adjust it to fit your needs.
+The recommended way to update rules is via suricata-update (also packaged in Debian).
--- /dev/null
+# Default config for Suricata
+
+# set to yes to start the server in the init.d script
+RUN=no
+
+# Configuration file to load
+SURCONF=/etc/suricata/suricata.yaml
+
+# Listen mode: pcap, nfqueue or af-packet
+# depending on this value, only one of the two following options
+# will be used (af-packet uses neither).
+# Please note that IPS mode is only available when using nfqueue
+LISTENMODE=nfqueue
+
+# Interface to listen on (for pcap mode)
+IFACE=eth0
+
+# Queue number to listen on (for nfqueue mode)
+NFQUEUE=0
+
+# Load Google TCMALLOC if libtcmalloc-minimal4 is installed
+# This _might_ give you very very small performance gain....
+TCMALLOC="YES"
+
+# Pid file
+PIDFILE=/var/run/suricata.pid
--- /dev/null
+etc/suricata
+var/log/suricata
--- /dev/null
+#!/bin/sh -e
+#
+### BEGIN INIT INFO
+# Provides: suricata
+# Required-Start: $time $network $local_fs $remote_fs
+# Required-Stop: $remote_fs
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Next Generation IDS/IPS
+# Description: Intrusion detection system that will
+# capture traffic from the network cards and will
+# match against a set of known attacks.
+### END INIT INFO
+
+# Source function library.
+. /lib/lsb/init-functions
+
+if test -f /etc/default/suricata; then
+ . /etc/default/suricata
+else
+ echo "/etc/default/suricata is missing... bailing out!" >&2
+ exit 1
+fi
+
+# We'll add up all the options above and use them
+NAME=suricata
+DAEMON=/usr/bin/$NAME
+
+# Use this if you want the user to explicitly set 'RUN' in
+# /etc/default/
+if [ "x$RUN" != "xyes" ] ; then
+ log_failure_msg "$NAME disabled, please adjust the configuration to your needs "
+ log_failure_msg "and then set RUN to 'yes' in /etc/default/$NAME to enable it."
+ exit 0
+fi
+
+check_root() {
+ if [ "$(id -u)" != "0" ]; then
+ log_failure_msg "You must be root to start, stop or restart $NAME."
+ exit 4
+ fi
+}
+
+check_nfqueue() {
+ if [ ! \( -e /proc/net/netfilter/nfnetlink_queue -o -e /proc/net/netfilter/nf_queue \) ]; then
+ log_warning_msg "NFQUEUE support not found !"
+ log_warning_msg "Please ensure the nfnetlink_queue module is loaded or built in kernel"
+ fi
+}
+
+check_run_dir() {
+ if [ ! -d /var/run/suricata ]; then
+ mkdir /var/run/suricata
+ chmod 0755 /var/run/suricata
+ fi
+}
+
+load_libtcmalloc_minimal() {
+ lib="/usr/lib/libtcmalloc_minimal.so.4"
+
+ if [ -f "$lib" ] && [ "x$TCMALLOC" = "xYES" ]; then
+ export LD_PRELOAD="$lib"
+ fi
+}
+
+check_root
+
+case "$LISTENMODE" in
+nfqueue)
+ IDMODE="IPS (nfqueue)"
+ LISTEN_OPTIONS=" -q $NFQUEUE"
+ check_nfqueue
+ ;;
+pcap)
+ IDMODE="IDS (pcap)"
+ LISTEN_OPTIONS=" -i $IFACE"
+ ;;
+af-packet)
+ IDMODE="IDS (af-packet)"
+ LISTEN_OPTIONS=" --af-packet"
+ ;;
+*)
+ echo "Unsupported listen mode $LISTENMODE, aborting"
+ exit 1
+ ;;
+esac
+
+SURICATA_OPTIONS=" -c $SURCONF --pidfile $PIDFILE $LISTEN_OPTIONS -D"
+
+# See how we were called.
+case "$1" in
+start)
+ if [ -f $PIDFILE ]; then
+ PID1=$(cat $PIDFILE)
+ if kill -0 "$PID1" 2>/dev/null; then
+ echo "$NAME is already running with PID $PID1"
+ exit 0
+ fi
+ fi
+ check_run_dir
+ echo -n "Starting suricata in $IDMODE mode..."
+ load_libtcmalloc_minimal
+ $DAEMON $SURICATA_OPTIONS > /var/log/suricata/suricata-start.log 2>&1 &
+ echo " done."
+ ;;
+stop)
+ echo -n "Stopping suricata: "
+ if [ -f $PIDFILE ]; then
+ PID2=$(cat $PIDFILE)
+ else
+ echo " No PID file found; not running?"
+ exit 0;
+ fi
+ start-stop-daemon --oknodo --stop --quiet --pidfile=$PIDFILE --exec $DAEMON
+ if [ -n "$PID2" ]; then
+ kill "$PID2"
+ ret=$?
+ sleep 2
+ if kill -0 "$PID2" 2>/dev/null; then
+ ret=$?
+ echo -n "Waiting . "
+ cnt=0
+ while kill -0 "$PID2" 2>/dev/null; do
+ ret=$?
+ cnt=$(expr "$cnt" + 1)
+ if [ "$cnt" -gt 10 ]; then
+ kill -9 "$PID2"
+ break
+ fi
+ sleep 2
+ echo -n ". "
+ done
+ fi
+ fi
+ if [ -e $PIDFILE ]; then
+ rm $PIDFILE > /dev/null 2>&1
+ fi
+ echo " done."
+ ;;
+status)
+ # Check if running...
+ if [ -s $PIDFILE ]; then
+ PID3=$(cat $PIDFILE)
+ if kill -0 "$PID3" 2>/dev/null; then
+ echo "$NAME is running with PID $PID3"
+ exit 0
+ else
+ echo "PID file $PIDFILE exists, but process not running!"
+ fi
+ else
+ echo "$NAME not running!"
+ fi
+ ;;
+restart)
+ $0 stop
+ $0 start
+ ;;
+force-reload)
+ $0 stop
+ $0 start
+ ;;
+*)
+ echo "Usage: $0 {start|stop|restart|status}"
+ exit 1
+esac
+
+exit 0
--- /dev/null
+etc/classification.config /etc/suricata
+etc/reference.config /etc/suricata
+rules/*.rules /etc/suricata/rules
+suricata.yaml /etc/suricata
+threshold.config /etc/suricata
+usr/bin
+usr/lib
--- /dev/null
+# these are eBPF files
+suricata: binary-from-other-architecture usr/lib/suricata/ebpf/*
+suricata: unstripped-binary-or-object usr/lib/suricata/ebpf/*
--- /dev/null
+/var/log/suricata/*.log
+/var/log/suricata/*.json
+{
+ rotate 14
+ missingok
+ compress
+ copytruncate
+ sharedscripts
+ postrotate
+ /bin/kill -HUP $(cat /var/run/suricata.pid)
+ endscript
+}
--- /dev/null
+# Rename file
+mv_conffile /etc/suricata/suricata-debian.yaml /etc/suricata/suricata.yaml 3.1-1 suricata
--- /dev/null
+debian/suricata.1
+debian/suricatasc.1
+debian/suricatactl.1
+debian/suricatactl-filestore.1
--- /dev/null
+#!/bin/sh
+
+set -e
+
+# we do not need alternatives anymore
+if update-alternatives --quiet --query suricata 2> /dev/null; then
+ echo "Removing legacy alternatives for Hyperscan/non-Hyperscan versions"
+ update-alternatives --remove-all suricata
+fi
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+[Unit]
+Description=Suricata IDS/IDP daemon
+After=network.target network-online.target
+Requires=network-online.target
+Documentation=man:suricata(8) man:suricatasc(8)
+Documentation=https://suricata-ids.org/docs/
+
+[Service]
+Type=forking
+#Environment=LD_PRELOAD=/usr/lib/libtcmalloc_minimal.so.4
+PIDFile=/run/suricata.pid
+ExecStart=/usr/bin/suricata -D --af-packet -c /etc/suricata/suricata.yaml --pidfile /run/suricata.pid
+ExecReload=/usr/bin/suricatasc -c reload-rules ; /bin/kill -HUP $MAINPID
+ExecStop=/usr/bin/suricatasc -c shutdown
+Restart=on-failure
+ProtectSystem=full
+ProtectHome=true
+
+[Install]
+WantedBy=multi-user.target
--- /dev/null
+.\" Man page generated from reStructuredText.
+.
+.TH "SURICATACTL-FILESTORE" "1" "Nov 08, 2020" "6.0.1" "Suricata"
+.SH NAME
+suricatactl-filestore \- Perform actions on filestore
+.
+.nr rst2man-indent-level 0
+.
+.de1 rstReportMargin
+\\$1 \\n[an-margin]
+level \\n[rst2man-indent-level]
+level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
+-
+\\n[rst2man-indent0]
+\\n[rst2man-indent1]
+\\n[rst2man-indent2]
+..
+.de1 INDENT
+.\" .rstReportMargin pre:
+. RS \\$1
+. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
+. nr rst2man-indent-level +1
+.\" .rstReportMargin post:
+..
+.de UNINDENT
+. RE
+.\" indent \\n[an-margin]
+.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.nr rst2man-indent-level -1
+.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
+..
+.SH SYNOPSIS
+.sp
+\fBsuricatactl filestore\fP [\-h] <command> [<args>]
+.SH DESCRIPTION
+.sp
+This command lets you perform certain operations on Suricata filestore.
+.SH OPTIONS
+.INDENT 0.0
+.TP
+.B \-h
+.UNINDENT
+.sp
+Get help about the available commands.
+.SH COMMANDS
+.sp
+\fBprune [\-h|\-\-help] [\-n|\-\-dry\-run] [\-v|verbose] [\-q|\-\-quiet] \-d <DIRECTORY>
+\-\-age <AGE>\fP
+.sp
+Prune files older than a given age.
+.sp
+\-d <DIRECTORY> | \-\-directory <DIRECTORY> is a required argument which tells
+that user must provide the suricata filestore directory on which all the
+specified operations are to be performed.
+.sp
+\-\-age <AGE> is a required argument asking the age of the files. Files older
+than the age mentioned with this option shall be pruned.
+.sp
+\-h | \-\-help is an optional argument with which you can ask for help about the
+command usage.
+.sp
+\-n | \-\-dry\-run is an optional argument which makes the utility print only what
+would happen
+.sp
+\-v | \-\-verbose is an optional argument to increase the verbosity of command.
+.sp
+\-q | \-\-quiet is an optional argument that helps log errors and warnings only
+and keep silent about everything else.
+.SH BUGS
+.sp
+Please visit Suricata\(aqs support page for information about submitting
+bugs or feature requests.
+.SH NOTES
+.INDENT 0.0
+.IP \(bu 2
+Suricata Home Page
+.INDENT 2.0
+.INDENT 3.5
+\fI\%https://suricata\-ids.org/\fP
+.UNINDENT
+.UNINDENT
+.IP \(bu 2
+Suricata Support Page
+.INDENT 2.0
+.INDENT 3.5
+\fI\%https://suricata\-ids.org/support/\fP
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.SH COPYRIGHT
+2016-2019, OISF
+.\" Generated by docutils manpage writer.
+.
--- /dev/null
+.\" Man page generated from reStructuredText.
+.
+.TH "SURICATACTL" "1" "Nov 08, 2020" "6.0.1" "Suricata"
+.SH NAME
+suricatactl \- Suricata Control
+.
+.nr rst2man-indent-level 0
+.
+.de1 rstReportMargin
+\\$1 \\n[an-margin]
+level \\n[rst2man-indent-level]
+level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
+-
+\\n[rst2man-indent0]
+\\n[rst2man-indent1]
+\\n[rst2man-indent2]
+..
+.de1 INDENT
+.\" .rstReportMargin pre:
+. RS \\$1
+. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
+. nr rst2man-indent-level +1
+.\" .rstReportMargin post:
+..
+.de UNINDENT
+. RE
+.\" indent \\n[an-margin]
+.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.nr rst2man-indent-level -1
+.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
+..
+.SH SYNOPSIS
+.sp
+\fBsuricatactl\fP [\-h] <command> [<args>]
+.SH DESCRIPTION
+.sp
+This tool helps control Suricata\(aqs features.
+.SH OPTIONS
+.INDENT 0.0
+.TP
+.B \-h
+.UNINDENT
+.sp
+Get help about the available commands.
+.SH COMMANDS
+.sp
+\fBsuricatactl\-filestore(1)\fP
+.SH BUGS
+.sp
+Please visit Suricata\(aqs support page for information about submitting
+bugs or feature requests.
+.SH NOTES
+.INDENT 0.0
+.IP \(bu 2
+Suricata Home Page
+.INDENT 2.0
+.INDENT 3.5
+\fI\%https://suricata\-ids.org/\fP
+.UNINDENT
+.UNINDENT
+.IP \(bu 2
+Suricata Support Page
+.INDENT 2.0
+.INDENT 3.5
+\fI\%https://suricata\-ids.org/support/\fP
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.SH COPYRIGHT
+2016-2019, OISF
+.\" Generated by docutils manpage writer.
+.
--- /dev/null
+.\" Man page generated from reStructuredText.
+.
+.TH "SURICATASC" "1" "Nov 08, 2020" "6.0.1" "Suricata"
+.SH NAME
+suricatasc \- Tool to interact via unix socket
+.
+.nr rst2man-indent-level 0
+.
+.de1 rstReportMargin
+\\$1 \\n[an-margin]
+level \\n[rst2man-indent-level]
+level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
+-
+\\n[rst2man-indent0]
+\\n[rst2man-indent1]
+\\n[rst2man-indent2]
+..
+.de1 INDENT
+.\" .rstReportMargin pre:
+. RS \\$1
+. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
+. nr rst2man-indent-level +1
+.\" .rstReportMargin post:
+..
+.de UNINDENT
+. RE
+.\" indent \\n[an-margin]
+.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.nr rst2man-indent-level -1
+.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
+..
+.SH SYNOPSIS
+.sp
+\fBsuricatasc\fP
+.SH DESCRIPTION
+.sp
+Suricata socket control tool
+.SH COMMANDS
+.INDENT 0.0
+.TP
+.B shutdown
+Shut Suricata instance down.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B command\-list
+List available commands.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B help
+Get help about the available commands.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B version
+Print the version of Suricata instance.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B uptime
+Display the uptime of Suricata.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B running\-mode
+Display running mode. This can either be \fIworkers\fP, \fIautofp\fP or \fIsingle\fP\&.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B capture\-mode
+Display the capture mode. This can be either of \fIPCAP_DEV\fP,
+\fIPCAP_FILE\fP, \fIPFRING(DISABLED)\fP, \fINFQ\fP, \fINFLOG\fP, \fIIPFW\fP, \fIERF_FILE\fP,
+\fIERF_DAG\fP, \fIAF_PACKET_DEV\fP, \fINETMAP(DISABLED)\fP, \fIUNIX_SOCKET\fP or
+\fIWINDIVERT(DISABLED)\fP\&.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B conf\-get <variable>
+Get configuration value for a given variable. Variable to be provided can be
+either of the configuration parameters that are written in suricata.yaml.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B dump\-counters
+Dump Suricata\(aqs performance counters.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B ruleset\-reload\-rules
+Reload the ruleset and wait for completion.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B reload\-rules
+Alias .. describe \fIruleset\-reload\-rules\fP\&.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B ruleset\-reload\-nonblocking
+Reload ruleset and proceed without waiting.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B ruleset\-reload\-time
+Return time of last reload.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B ruleset\-stats
+Display the number of rules loaded and failed.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B ruleset\-failed\-rules
+Display the list of failed rules.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B register\-tenant\-handler <id> <htype> [hargs]
+Register a tenant handler with the specified mapping.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B unregister\-tenant\-handler <id> <htype> [hargs]
+Unregister a tenant handler with the specified mapping.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B register\-tenant <id> <filename>
+Register tenant with a particular ID and filename.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B reload\-tenant <id> <filename>
+Reload a tenant with specified ID and filename.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B unregister\-tenant <id>
+Unregister tenant with a particular ID.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B add\-hostbit <ipaddress> <hostbit> <expire>
+Add hostbit on a host IP with a particular bit name and time of expiry.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B remove\-hostbit <ipaddress> <hostbit>
+Remove hostbit on a host IP with specified IP address and bit name.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B list\-hostbit <ipaddress>
+List hostbit for a particular host IP.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B reopen\-log\-files
+Reopen log files to be run after external log rotation.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B memcap\-set <config> <memcap>
+Update memcap value of a specified item.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B memcap\-show <config>
+Show memcap value of a specified item.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B memcap\-list
+List all memcap values available.
+.UNINDENT
+.SH PCAP MODE COMMANDS
+.INDENT 0.0
+.TP
+.B pcap\-file <file> <dir> [tenant] [continuous] [delete\-when\-done]
+Add pcap files to Suricata for sequential processing. The generated
+log/alert files will be put into the directory specified as second argument.
+Make sure to provide absolute path to the files and directory. It is
+acceptable to add multiple files without waiting the result.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B pcap\-file\-continuous <file> <dir> [tenant] [delete\-when\-done]
+Add pcap files to Suricata for sequential processing. Directory will be
+monitored for new files being added until there is a use of
+\fBpcap\-interrupt\fP or directory is moved or deleted.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B pcap\-file\-number
+Number of pcap files waiting to get processed.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B pcap\-file\-list
+List of queued pcap files.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B pcap\-last\-processed
+Processed time of last file in milliseconds since epoch.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B pcap\-interrupt
+Terminate the current state by interrupting directory processing.
+.UNINDENT
+.INDENT 0.0
+.TP
+.B pcap\-current
+Currently processed file.
+.UNINDENT
+.SH BUGS
+.sp
+Please visit Suricata\(aqs support page for information about submitting
+bugs or feature requests.
+.SH NOTES
+.INDENT 0.0
+.IP \(bu 2
+Suricata Home Page
+.INDENT 2.0
+.INDENT 3.5
+\fI\%https://suricata\-ids.org/\fP
+.UNINDENT
+.UNINDENT
+.IP \(bu 2
+Suricata Support Page
+.INDENT 2.0
+.INDENT 3.5
+\fI\%https://suricata\-ids.org/support/\fP
+.UNINDENT
+.UNINDENT
+.UNINDENT
+.SH COPYRIGHT
+2016-2019, OISF
+.\" Generated by docutils manpage writer.
+.
--- /dev/null
+Test-Command: suricata --build-info
+Depends: @
+
+Test-Command: suricatasc -c "version"
+Depends: @
+Restrictions: needs-root, isolation-container, flaky
+
+Test-Command: suricatasc -c "command-list"
+Depends: @
+Restrictions: needs-root, isolation-container, flaky
+
+Test-Command: suricatasc -c "capture-mode"
+Depends: @
+Restrictions: needs-root, isolation-container, flaky
+
+Test-Command: sleep 10 && suricatasc -c "dump-counters"
+Depends: @
+Restrictions: needs-root, isolation-container
+
+Test-Command: suricatasc -c "uptime"
+Depends: @
+Restrictions: needs-root, isolation-container, flaky
+
+Test-Command: suricatasc -c "reload-rules"
+Depends: @
+Restrictions: needs-root, isolation-container, flaky
+
+Test-Command: suricatasc -c "iface-list"
+Depends: @
+Restrictions: needs-root, isolation-container, flaky
+
+Test-Command: suricatasc -c "shutdown"
+Depends: @
+Restrictions: needs-root, isolation-container, flaky
+
+Test-Command: sleep 10 && suricatasc -c "running-mode"
+Depends: @
+Restrictions: needs-root, isolation-container, flaky
+
+Tests: systemd-service-test.sh
+Depends: @, systemd, procps
+Restrictions: needs-root, isolation-container, allow-stderr
+
+Test-Command: src/suricata -u
+Depends: @, @builddeps@, procps, geoip-database
+Restrictions: needs-root, isolation-container, build-needed, allow-stderr
--- /dev/null
+#!/bin/sh
+
+set -ex
+
+SERVICE="suricata.service"
+ETC_SERVICE_FILE="/etc/systemd/system/${SERVICE}"
+LIB_SERVICE_FILE="/lib/systemd/system/${SERVICE}"
+CONFIG_FILE="/etc/suricata/suricata.yaml"
+IFACE=$(ip route show | awk '/default/ {print $5}')
+
+if [ ! -r "$LIB_SERVICE_FILE" ] ; then
+ : ERROR unable to read $LIB_SERVICE_FILE
+ exit 1
+fi
+if [ ! -w "$CONFIG_FILE" ] ; then
+ : ERROR unable to write to $CONFIG_FILE
+ exit 1
+fi
+
+systemctl_action()
+{
+ if ! systemctl $1 $SERVICE ; then
+ journalctl -u $SERVICE
+ return 1
+ fi
+ return 0
+}
+
+echo "
+%YAML 1.1
+---
+default-rule-path: /etc/suricata/rules
+rule-files:
+ - tor.rules
+ - http-events.rules
+ - smtp-events.rules
+ - dns-events.rules
+ - tls-events.rules
+classification-file: /etc/suricata/classification.config
+reference-config-file: /etc/suricata/reference.config
+default-log-dir: /var/log/suricata/
+af-packet:
+ - interface: $IFACE
+ cluster-id: 99
+ cluster-type: cluster_flow
+ defrag: yes
+ - interface: default
+ tpacket-v3: yes
+ block-size: 131072
+app-layer:
+ protocols:
+ ssh:
+ enabled: yes
+host-mode: auto
+unix-command:
+ enabled: yes
+ filename: /var/run/suricata-command.socket
+detect:
+ profile: medium
+ custom-values:
+ toclient-groups: 3
+ toserver-groups: 25
+ sgh-mpm-context: auto
+ inspection-recursion-limit: 3000
+ grouping:
+ profiling:
+ grouping:
+ dump-to-disk: false
+ include-rules: false
+ include-mpm-stats: false
+mpm-algo: auto
+spm-algo: auto
+" > $CONFIG_FILE
+
+#
+# before start, package installation may start the daemon
+#
+if systemctl -q is-active $SERVICE ; then
+ : WARNING initial service running, stopping now
+ if ! systemctl_action stop ; then
+ : ERROR cant stop initial service
+ exit 1
+ fi
+fi
+
+#
+# First run of the daemon and basic checks
+#
+if ! systemctl_action start ; then
+ : ERROR cant start the service
+ exit 1
+fi
+sleep 10 # wait for service startup
+systemctl status $SERVICE
+
+#
+# Restart the daemon
+#
+if ! systemctl_action restart ; then
+ : ERROR unable to restart the service
+ exit 1
+fi
+
+sleep 10 # wait for serive startup
+if ! systemctl -q is-active $SERVICE ; then
+ journalctl -u $SERVICE
+ : ERROR service not active after restart
+ exit 1
+fi
+
+#
+# Reload the daemon
+#
+
+: WARNING: Not testing daemon reload: it timeouts in ci.debian.net
+
+#if ! systemctl_action reload ; then
+# : ERROR unable to reload the service
+# exit 1
+#fi
+
+#sleep 10 # wait for service reload
+#if ! systemctl -q is-active $SERVICE ; then
+# journalctl -u $SERVICE
+# : ERROR service not active after reload
+# exit 1
+#fi
+
+: INFO all tests OK
+exit 0
--- /dev/null
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBF8tFVkBEADEEXYv9T6kntaOafPMsBXJPFflcpM4VdXCnEmkY2zcQzfZ+fUB
+kyc6Lh1W07EPd4zGri4Hu9V8nfH5z+23oMmvVrUgbwU62u7ioUhMEpEtLbaLCWL9
+6HSlA4XWwjJhALXKFNMWtWT5BiHHty4jXvLl/KlbYtNrV+BuWDZsSiCRto134His
+Uozb82Yp76qhxdFXdUkXa7PYXJ40EYg9du4Z2l8qP3VWjDHDDrXtoChIgnTmkXkF
+0AdNx9jd9OSugQbJMqi7IV2wvA4xErKMujL+7ytxdMsV0WS39dPOn1mPclYLlnq6
+XDaXcVcHpXOQfC0qniKAHA9ngdKPPG5aJ7DqnZx+G4HBOAf0qnqCT2HBzvJovDuF
+7LdITO+nUiuThlh26oIoRqOfFgIAKDO+F/fRFIJYFt7q5OEwiL9HmlR7UrjLyHb8
+TqWhxocZHvP0ex6qTFMlUOZFaLVD/OC0lMFZDtHNfWIyWLmRIP4CGYia7RDyEEvn
+rHqK7NCF93K5UNUuBZmWNZ5r7/wKccLSYz7wAgkeWaKBAX7bQLspTZUYOOd8Kf5+
+uYlkLd1ju1wHqR7MrVb8/l6Q7cEIpLj+1ou6HeEsKyH1oZ8BQVzkVWIHmz7gaumV
+RKiycSnGqi8UnlFRUbZTW5ChLb7BL+ncBI3MuvrXvB6Ps7RlDPBD4D5AJQARAQAB
+tFBPcGVuIEluZm9ybWF0aW9uIFNlY3VyaXR5IEZvdW5kYXRpb24gKE9JU0YpIDxy
+ZWxlYXNlc0BvcGVuaW5mb3NlY2ZvdW5kYXRpb24ub3JnPokCVAQTAQoAPhYhBLNv
+2vJgfhDo/6ieXiupyYzN8ek6BQJfLRVZAhsDBQkJZgGABQsJCAcCBhUKCQgLAgQW
+AgMBAh4BAheAAAoJECupyYzN8ek6BAMP/jbjbJgNNYHQpueS6q7Jx1pNsDJ0Iqlr
+2AIfrvMAkvNCQALWMoKsSPYbx+lLhTMKP48wwUTu4PcagaZ74W41kFAHN6ituIeY
+QJ7nyNaccu4KRMLvWsL/LVimGIfQZDWgGvJd/ggAXZcCeSiWblCqs7isGpGwGktv
+O6M824BZo2tmqBOtcL/nn3xD5v3dOM2uUr4N7qEmVQgJpYY/d5GNy2576jLT1EQ7
+Nq8VW0b76yZ7SQqX/mRA3KGJRi3/qnXsuxDdQd8hzxr4+QnH1cFjYtwsJlzzf2gm
+87ZbcuNf/BccH0Nt/hRkm7wIfJgXADKdCUAb60F6Ov95+aZ4hpK/Q6jJcCF9WSEZ
+UjklpYzWhSoC5AvqKcLOOnfLGfdF+gKwCD+hLvBwtkDZyYnLSkaKQ3eWbesoZnl0
+uDZAgy+4UCsh4c6DmtF2YeByybmd+cOfxZqRNIGUzC5u5ROsulB4gNjCtaTrY2ug
+r0br16ypXHA8M3PB+EAF08pg1PNETecdQ+uWZmYn2vAAi0lh1YREuIaFK+P5RziU
+m1uwfmsTEy7xnrHfWTZyiWdDCsjhppRiUNCqXh76ChDh2cNbiiGK7EgNLeUEyplx
+s60hfa4Ht0tmo3S3R2JRs4Usn0fKigR1Vv589qjDI1DNbFC/01/IFXrKjERzdm20
+ruUEU7TOqiUwuQINBF8tFVkBEADCAk7fTNtLlFDOAmXNxW+5ILRBehswEaZvAN5J
+rhc9bz4dMSWQajprEAl8HFRctEUkYHyi7cwcUPrelhwjnxOH3LuVeLLtm9i3wTCX
+NUvHeOWr4DBLYnwiYZ6t7U+Isd/IQRTo9l1vBEwdMOAs7FfqSmoGvJspd42dOi4r
+ph6JNss4FE5GTrb4oTx0ZrAIh7mT17e16TZywrZWKFZnl+G/YqmSolGtOrkhzm18
+l3mTa/v4hq4u+ZS8Qd9ng62sl8Ls5Krx3JCBdxn849WRJ6myS7R+hvQeLR9YH/YL
+ioUVzxHXmF2xlENYsbEsVAEsHUb2G5Ot+uQcUpC2u9uzw05L+zhCbd4ffW5eTsGv
+d51LvBMV1b0VUjWEmTgzqFNI5ElBnpjZ3W2eiAAWrLnGACO5Lxzf5VeWYaTDJo8O
+GBYSoHovjYrFI8ZQq7J1skM/YBXROTb4zSc8rL1w81VFLvFu6lOzIA15s5iLRko7
+LSKKom04Q8BNZ1nUydlxvo/5fu4VGYtWMliWUOIePIMT1EgBqYDfQyZ/h4gSMc7j
+jgb2JDfq/7WueoVTy8CNuOzewRYQOU/5P34o341Q0WO2tFNrohUqG9oDHf3Fj8eg
+VwWuRv+eDUmgbpisqVoj2hH1PM45Hcp62RHJasMWUmPIlCNKfvd8+fj3+zjaAN8r
+4Fv0YwARAQABiQI8BBgBCgAmFiEEs2/a8mB+EOj/qJ5eK6nJjM3x6ToFAl8tFVkC
+GwwFCQlmAYAACgkQK6nJjM3x6TpE0Q/7B31BrekzAIqV4gu6wE6xXe4GwzHYsQjW
+MJ0zQFXy3xPeRwVuFhfEOfX23HIpzvlM5h8OJCyifYu8vpbjqJ0/bEoUIERjQ0qe
+24H8tETRWsF5xRn8FwItdU+8dBsdH77JopAf3qmKPi6PZoobb0mf6mvqK/ootiIg
+8ATzbaIizw5oa4XZsjOwTh9vP7/VUAD7I8i2sxjw4BzLI9Ee4Mx+3ei95TQEXdRl
+jLEIH+2DLkKZTY1czfMuWAJsWpE+xewVBgm6zB0eS51HPZAhSaMmJefJeybnG4Er
+MFdWPPMXzNbr056TQzL1WIdHvB3SLSnA+MSHI8tp3LpHIqHibL1HQpUwDZo1G7jK
+hXcfEMAjwVJInNPOKJo93+mgTOqt0HZvnrGtFpUGBWivGLXguDW/m++Cv7hY3M7g
+I48G8dSmATEfyC0zaMACD2xmfjg86gkWsgio1Hpym/4oVDBVdT7CEXuN53QsQH5Y
+4XlEJh2l/fDMBAqtPmOkH6Zl3v6PLnzrkDbVEl1Nid/Oak6h6RSbAaI+uSACPTMq
+bHEYDF5K/2N6gu6/6aS6JzgCqr7G63Jghh1NtoKzmDfMl2nVL2virZDREUP7tBGa
+HegFin/SNaQ/vyu4kp/Y0Q6/BnN8Pa/1ngrkxwu/fAm4wq0DNArbf15fjCC0AgYZ
+z9qESk6L8Cs=
+=Rr5U
+-----END PGP PUBLIC KEY BLOCK-----
--- /dev/null
+# watch control file for uscan
+# run the "uscan" command to check for upstream updates and more.
+# See uscan(1) for format
+
+# Compulsory line, this is a version 3 file
+version=3
+
+opts=pgpsigurlmangle=s/$/.sig/ https://openinfosecfoundation.org/download/ suricata-([\d\.]*)\.tar\.gz
projects / suricata.git / commitdiff