suricata: add suricata ebpf xdp capture mode

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>

lfs/suricata

@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 6.0.16
+VER        = 6.0.9
 
 THISAPP    = suricata-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 831d18072b52bfdd8379ac43a99b1660e575b04a805034371c1341f7fb4875f1b110d2f35bbf7eb7834f2b6b44cafdb939b32dbc50b43c4657277fa24c4dd3f4
+$(DL_FILE)_BLAKE2 = 52e2d64a9afe1e231fdc4b0aed8f920a5b80d5f8a0a78b41641069356947b3003902f9117f113b526f499379e1b1f1885461396713a748d4b3fb50571eec2fa3
 
 install : $(TARGET)
 
@@ -72,10 +72,12 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
 	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/suricata/suricata-disable-sid-2210059.patch
 	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/suricata/suricata-5.0.8-fix-level1-cache-line-size-detection.patch
-	cd $(DIR_APP) && LDFLAGS="$(LDFLAGS)" ./configure \
+	cd $(DIR_APP) && CC=clang LDFLAGS="$(LDFLAGS)" ./configure \
 		--prefix=/usr \
 		--sysconfdir=/etc \
 		--localstatedir=/var \
+		--enable-ebpf \
+		--enable-ebpf-build \
 		--enable-gccprotect \
 		--disable-gccmarch-native \
 		--enable-non-bundled-htp \
@@ -91,11 +93,15 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	cd $(DIR_APP) && make install
 	cd $(DIR_APP) && make install-conf
 
+	#Copy suricata bpf program to /usr/lib/bpf
+	cd $(DIR_APP) && cp -f ebpf/xdp_filter.bpf /usr/lib/bpf/
+
 	# Remove default suricata config file.
 	rm -rvf /etc/suricata/suricata.yaml
 
 	# Install IPFire related config file.
 	install -m 0644 $(DIR_SRC)/config/suricata/suricata.yaml /etc/suricata
+	install -m 0644 $(DIR_SRC)/config/suricata/suricata-xdp.yaml /etc/suricata
 
 	# Create emtpy rules directory.
 	-mkdir -p /var/lib/suricata