suricata: enable eBPF build

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
2026-04-26 10:52:57 +02:00 · 2025-04-16 19:39:34 -07:00
parent 14dce6df0c
commit f27e7b914c
2 changed files with 7 additions and 1 deletions
--- a/config/rootfiles/common/suricata
+++ b/config/rootfiles/common/suricata
@@ -3,6 +3,7 @@ etc/suricata/suricata.yaml
 usr/bin/suricata
 usr/bin/suricata-watcher
 usr/sbin/convert-ids-backend-files
+usr/lib/bpf/xdp_filter.bpf
 #usr/share/doc/suricata
 #usr/share/doc/suricata/AUTHORS
 #usr/share/doc/suricata/Basic_Setup.txt
--- a/lfs/suricata
+++ b/lfs/suricata
@@ -71,10 +71,12 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	@$(PREBUILD)
 	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
 	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/suricata/suricata-disable-sid-2210059.patch
-	cd $(DIR_APP) && LDFLAGS="$(LDFLAGS)" ./configure \
+	cd $(DIR_APP) && CC=clang LDFLAGS="$(LDFLAGS)" ./configure \
 		--prefix=/usr \
 		--sysconfdir=/etc \
 		--localstatedir=/var \
+		--enable-ebpf \
+		--enable-ebpf-build \
 		--enable-gccprotect \
 		--disable-gccmarch-native \
 		--enable-non-bundled-htp \
@@ -90,6 +92,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	cd $(DIR_APP) && make install
 	cd $(DIR_APP) && make install-conf

+        #Copy suricata bpf program to /usr/lib/bpf
+	cd $(DIR_APP) && cp -f ebpf/xdp_filter.bpf /usr/lib/bpf/
+
 	# Remove default suricata config file.
 	rm -rvf /etc/suricata/suricata.yaml