# Copyright 1999-2018 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2

EAPI=5

inherit autotools eutils user

DESCRIPTION="High performance Network IDS, IPS and Network Security Monitoring engine"
HOMEPAGE="https://suricata-ids.org/"
SRC_URI="https://www.openinfosecfoundation.org/download/${P}.tar.gz"

LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~amd64 ~x86"
IUSE="+af-packet control-socket cuda debug +detection geoip hardened logrotate lua luajit nflog +nfqueue redis test python install-full system-libhtp bpf afl"

DEPEND="
	>=dev-libs/jansson-2.2
	dev-libs/libpcre
	dev-libs/libyaml
	net-libs/libnet:*
	net-libs/libnfnetlink
	dev-libs/nspr
	dev-libs/nss
	system-libhtp? ( >=net-libs/libhtp-0.5.31 )
	!system-libhtp? ( sys-libs/zlib )
	net-libs/libpcap
	sys-apps/file
	virtual/cargo
	cuda?       ( dev-util/nvidia-cuda-toolkit )
	geoip?      ( dev-libs/geoip )
	lua?        ( dev-lang/lua:* )
	luajit?     ( dev-lang/luajit:* )
	nflog?      ( net-libs/libnetfilter_log )
	nfqueue?    ( net-libs/libnetfilter_queue )
	redis?      ( dev-libs/hiredis )
	logrotate?      ( app-admin/logrotate )
	sys-libs/libcap-ng
	bpf? ( sys-devel/clang[llvm_targets_BPF] )
"
# #446814
#	prelude?    ( dev-libs/libprelude )
#	pfring?     ( sys-process/numactl net-libs/pf_ring)
RDEPEND="${DEPEND}"

pkg_setup() {
	enewgroup ${PN}
	enewuser ${PN} -1 -1 /var/lib/${PN} "${PN}"
}

src_prepare() {
#	epatch "${FILESDIR}"/${P}_configure-lua-flags.patch
	eautoreconf
}

src_configure() {
	local myeconfargs=(
		--localstatedir=/var/
		--enable-gccmarch-native=no
		$(use_enable system-libhtp non-bundled-htp)
		$(use_enable af-packet)
		$(use_enable detection)
		$(use_enable nfqueue)
		$(use_enable python)
		$(use_enable test coccinelle)
		$(use_enable test unittests)
		$(use_enable control-socket unix-socket)
		$(use_enable cuda)
		$(use_enable geoip)
		$(use_enable hardened gccprotect)
		$(use_enable nflog)
		$(use_enable redis hiredis)
		# $(use_enable pfring)
		# $(use_enable prelude)
		$(use_enable lua)
		$(use_enable luajit)
		$(use_enable debug)
		$(use_enable bpf ebpf-build)
		$(use_enable afl)
	)

# this should be used when pf_ring use flag support will be added
# 	LIBS+="-lrt -lnuma"

	use debug && export CFLAGS="-ggdb -O0"

	econf LIBS="${LIBS}" ${myeconfargs[@]}
}

src_install() {
	local i='install install-conf'
	# updater required python, but sometimes something else
	ewarn "rules will be installed into /usr/share/$PN/rules, download temporary broken"
	use install-full && i=install-full # experimental
	emake DESTDIR="${D}" $i

#	insinto "/etc/${PN}"
#	doins {classification,reference,threshold}.config suricata.yaml

	dodir "/var/lib/${PN}"
	dodir "/var/log/${PN}"

	fowners -R ${PN}: "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"
	fperms 750 "/var/lib/${PN}" "/var/log/${PN}" "/etc/${PN}"

	newinitd "${FILESDIR}/${PN}-init" ${PN}
	newconfd "${FILESDIR}/${PN}-conf" ${PN}

	if use logrotate; then
		insopts -m0644
		insinto /etc/logrotate.d
		newins "${FILESDIR}"/${PN}-logrotate ${PN}
	fi
}

pkg_postinst() {
	elog "The ${PN} init script expects to find the path to the configuration"
	elog "file as well as extra options in /etc/conf.d."
	elog ""
	elog "To create more than one ${PN} service, simply create a new .yaml file for it"
	elog "then create a symlink to the init script from a link called"
	elog "${PN}.foo - like so"
	elog "   cd /etc/${PN}"
	elog "   ${EDITOR##*/} suricata-foo.yaml"
	elog "   cd /etc/init.d"
	elog "   ln -s ${PN} ${PN}.foo"
	elog "Then edit /etc/conf.d/${PN} and make sure you specify sensible options for foo."
	elog ""
	elog "You can create as many ${PN}.foo* services as you wish."

	if use logrotate; then
		elog "You enabled the logrotate USE flag. Please make sure you correctly set up the ${PN} logrotate config file in /etc/logrotate.d/."
	fi

	if use debug; then
		elog "You enabled the debug USE flag. Please read this link to report bugs upstream:"
		elog "https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs"
		elog "You need to also ensure the FEATURES variable in make.conf contains the"
		elog "'nostrip' option to produce useful core dumps or back traces."
	fi
}