From 40d067e9ec948cec976475225f4c265a639d2835 Mon Sep 17 00:00:00 2001 From: Victor Julien Date: Thu, 29 Nov 2012 13:27:36 +0100 Subject: [PATCH] Update docs from wiki --- doc/Basic_Setup.txt | 85 +++++++++++-------- doc/CentOS5.txt | 33 +++++-- doc/CentOS_56_Installation.txt | 37 ++++++-- doc/Debian_Installation.txt | 41 +++++++-- doc/Fedora_Core.txt | 37 ++++++-- doc/FreeBSD_8.txt | 41 +++++++-- doc/HTP_library_installation.txt | 2 +- doc/Installation_from_GIT_with_PCRE-JIT.txt | 2 +- ..._CUDA_and_PFRING_on_Scientific_Linux_6.txt | 25 +++--- ...lation_with_CUDA_on_Scientific_Linux_6.txt | 2 +- ...lation_with_CUDA_on_Ubuntu_server_1104.txt | 2 +- doc/Installation_with_PF_RING.txt | 2 +- doc/Mac_OS_X_106x.txt | 13 +-- doc/OpenBSD_Installation_from_GIT.txt | 25 +++++- doc/Setting_up_IPSinline_for_Linux.txt | 2 +- doc/Third_Party_Installation_Guides.txt | 2 +- doc/Ubuntu_Installation.txt | 40 +++++++-- doc/Ubuntu_Installation_from_GIT.txt | 30 ++++++- doc/Windows.txt | 8 +- 19 files changed, 326 insertions(+), 103 deletions(-) diff --git a/doc/Basic_Setup.txt b/doc/Basic_Setup.txt index 1dff3a9644..1769e1d484 100644 --- a/doc/Basic_Setup.txt +++ b/doc/Basic_Setup.txt @@ -1,4 +1,4 @@ -Autogenerated on 2012-01-11 +Autogenerated on 2012-11-29 from - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Basic_Setup @@ -13,52 +13,66 @@ Start with creating a directory for Suricata's log information. To prepare the system for using it, enter: - cd /etc - -Followed by: - - sudo mkdir suricata - -In this example the directory created is named 'suricata'. It is possible to -choose the name you prefer. -Then enter: - - cd ~/suricata/oisf + sudo mkdir /etc/suricata The next step is to copy classification.config, reference.config and -suricata.yaml from the oisf directory to the /etc/suricata directory. Do so by -entering the following: +suricata.yaml from the base build/installation directory (ex. from git it will +be the oisf directory) to the /etc/suricata directory. Do so by entering the +following: sudo cp classification.config /etc/suricata sudo cp reference.config /etc/suricata sudo cp suricata.yaml /etc/suricata +Auto setup + +You can also use the available auto setup features of Suricata: +ex: + + ./configure && make && make install-conf + +make install-conf +would do the regular "make install" and then it would automatically create/ +setup all the necessary directories and suricata.yaml for you. + + ./configure && make && make install-rules + +make install-rules +would do the regular "make install" and then it would automatically download +and set up the latest ruleset from Emerging Threats available for Suricata + + ./configure && make && make install-full + +make install-full +would combine everything mentioned above (install-conf and install-rules) - and +will present you with a ready to run (configured and set up) Suricata + Setting variables Make sure every variable of the vars, address-groups and port-groups in the -yaml file is set correctly for your needs. -You need to set the ip-address(es) of your home network at HOME_NET. -It is recommended to set EXTERNAL_NET to !$HOMENET_NET. This way, every ip- -address but the -one set at HOME_NET will be treated as external. -It is also possible to set EXTERNAL_NET to 'any', only the recommended setting -is more precise and lowers the change that false positives will be generated. -HTTP_SERVERS, SMTP_SERVERS , SQL_SERVERS , DNS_SERVERS and TELNET_SERVERS are -by default set to HOME_NET. AIM_SERVERS is by default set at 'any'. These -variables have to be set for servers on your network. -All settings have to be set precise to let it have a more accurate effect. +yaml file is set correctly for your needs. A full explanation is available in +the Rule_vars_section_of_the_yaml. You need to set the ip-address(es) of your +local network at HOME_NET. It is recommended to set EXTERNAL_NET to !$HOME_NET. +This way, every ip-address but the one set at HOME_NET will be treated as +external. It is also possible to set EXTERNAL_NET to 'any', only the +recommended setting is more precise and lowers the change that false positives +will be generated. HTTP_SERVERS, SMTP_SERVERS , SQL_SERVERS , DNS_SERVERS and +TELNET_SERVERS are by default set to HOME_NET. AIM_SERVERS is by default set at +'any'. These variables have to be set for servers on your network. All settings +have to be set to let it have a more accurate effect. Next, make sure the following ports are set to your needs: HTTP_PORTS, SHELLCODE_PORTS, ORACLE_PORTS and SSH_PORTS. -In the near future you can set the host-os-policy to your needs. +Finally, set the host-os-policy to your needs. See Host_OS_Policy_in_the_yaml +for a full explanation. windows:[] bsd: [] - bsd_right: [] - old_linux: [] + bsd-right: [] + old-linux: [] linux: [10.0.0.0/8, 192.168.1.100, "8762:2352:6241:7245:E000:0000:0000: 0000"] - old_solaris: [] + old-solaris: [] solaris: ["::1"] hpux10: [] hpux11: [] @@ -67,6 +81,8 @@ In the near future you can set the host-os-policy to your needs. vista: [] windows2k3: [] +Note that bug #499 may prevent you from setting old-linux, bsd-right and old- +solaris right now. Interface cards @@ -80,7 +96,8 @@ To start the engine and include the interface card of your preference, enter: sudo suricata -c /etc/suricata/suricata.yaml -i wlan0 Instead of wlan0, you can enter the interface card of your preference. -To see if the engine is working correctly and registrates traffic, enter: +To see if the engine is working correctly and receives and inspects traffic, +enter: cd /var/log/suricata @@ -90,10 +107,10 @@ Followed by: And: - tail -n 33 stats.log + tail -n 50 stats.log -To make sure the information displayed is up-dated, enter before http.log and -stats.log: +To make sure the information displayed is up-dated in real time, use the - +f option before http.log and stats.log: - tail -f http.log + tail -f http.log stats.log diff --git a/doc/CentOS5.txt b/doc/CentOS5.txt index c2d189954c..bce84459b0 100644 --- a/doc/CentOS5.txt +++ b/doc/CentOS5.txt @@ -1,4 +1,4 @@ -Autogenerated on 2012-01-11 +Autogenerated on 2012-11-29 from - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/CentOS5 @@ -76,9 +76,9 @@ Suricata To download and build Suricata, enter the following: - wget http://www.openinfosecfoundation.org/download/suricata-1.0.5.tar.gz - tar -xvzf suricata-1.0.5.tar.gz - cd suricata-1.0.5 + wget http://www.openinfosecfoundation.org/download/suricata-1.3.3.tar.gz + tar -xvzf suricata-1.3.3.tar.gz + cd suricata-1.3.3 If you are building from Git sources, enter all the following commands: @@ -86,8 +86,31 @@ If you are building from Git sources, enter all the following commands: If you are not building from Git sources, enter only: - ./configure + ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var make sudo make install + +Auto setup + +You can also use the available auto setup features of Suricata: +ex: + + ./configure && make && make install-conf + +make install-conf +would do the regular "make install" and then it would automatically create/ +setup all the necessary directories and suricata.yaml for you. + + ./configure && make && make install-rules + +make install-rules +would do the regular "make install" and then it would automatically download +and set up the latest ruleset from Emerging Threats available for Suricata + + ./configure && make && make install-full + +make install-full +would combine everything mentioned above (install-conf and install-rules) - and +will present you with a ready to run (configured and set up) Suricata Please continue with the Basic_Setup. diff --git a/doc/CentOS_56_Installation.txt b/doc/CentOS_56_Installation.txt index 2b9d6f16f5..8bb835f1fe 100644 --- a/doc/CentOS_56_Installation.txt +++ b/doc/CentOS_56_Installation.txt @@ -1,4 +1,4 @@ -Autogenerated on 2012-01-11 +Autogenerated on 2012-11-29 from - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/CentOS_56_Installation @@ -10,8 +10,8 @@ Pre-installation requirements You will have to use the Fedora EPEL repository for some packages to enable this repository. It is the same for i386 and x86_64: - sudo rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/x86_64/epel- - release-5-4.noarch.rpm + sudo rpm -Uvh http://dl.fedoraproject.org/pub/epel/5/x86_64/epel-release-5- + 4.noarch.rpm Before you can build Suricata for your system, run the following command to ensure that you have everything you need for the installation. @@ -76,9 +76,9 @@ Suricata To download and build Suricata, enter the following: - wget http://www.openinfosecfoundation.org/download/suricata-1.0.5.tar.gz - tar -xvzf suricata-1.0.5.tar.gz - cd suricata-1.0.5 + wget http://www.openinfosecfoundation.org/download/suricata-1.3.3.tar.gz + tar -xvzf suricata-1.3.3.tar.gz + cd suricata-1.3.3 If you are building from Git sources, enter all the following commands: @@ -86,8 +86,31 @@ If you are building from Git sources, enter all the following commands: If you are not building from Git sources, enter only: - ./configure + ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var make sudo make install + +Auto setup + +You can also use the available auto setup features of Suricata: +ex: + + ./configure && make && make install-conf + +make install-conf +would do the regular "make install" and then it would automatically create/ +setup all the necessary directories and suricata.yaml for you. + + ./configure && make && make install-rules + +make install-rules +would do the regular "make install" and then it would automatically download +and set up the latest ruleset from Emerging Threats available for Suricata + + ./configure && make && make install-full + +make install-full +would combine everything mentioned above (install-conf and install-rules) - and +will present you with a ready to run (configured and set up) Suricata Please continue with the Basic_Setup. diff --git a/doc/Debian_Installation.txt b/doc/Debian_Installation.txt index 206cff21de..878e0dd6f7 100644 --- a/doc/Debian_Installation.txt +++ b/doc/Debian_Installation.txt @@ -1,4 +1,4 @@ -Autogenerated on 2012-01-11 +Autogenerated on 2012-11-29 from - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Debian_Installation @@ -14,7 +14,8 @@ otherwise it will not work. apt-get -y install libpcre3 libpcre3-dbg libpcre3-dev \ build-essential autoconf automake libtool libpcap-dev libnet1-dev \ - libyaml-0-1 libyaml-dev zlib1g zlib1g-dev + libyaml-0-2 libyaml-dev zlib1g zlib1g-dev libmagic-dev libcap-ng-dev \ + pkg-config Depending on the current status of your system, it may take a while to complete this process. @@ -38,22 +39,23 @@ Suricata To download and build Suricata, enter the following: - wget http://www.openinfosecfoundation.org/download/suricata-1.0.5.tar.gz - tar -xvzf suricata-1.0.5.tar.gz - cd suricata-1.0.5/ + wget http://www.openinfosecfoundation.org/download/suricata-1.3.3.tar.gz + tar -xvzf suricata-1.3.3.tar.gz + cd suricata-1.3.3 Compile and install the program If you plan to build Suricata with IPS capabilities, enter: - ./configure --enable-nfqueue + ./configure --enable-nfqueue --prefix=/usr --sysconfdir=/etc -- + localstatedir=/var instead of - ./configure + ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var Continue with the next commands: - ./configure + ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var make make install @@ -62,4 +64,27 @@ library, enter: ldconfig + +Auto setup + +You can also use the available auto setup features of Suricata: +ex: + + ./configure && make && make install-conf + +make install-conf +would do the regular "make install" and then it would automatically create/ +setup all the necessary directories and suricata.yaml for you. + + ./configure && make && make install-rules + +make install-rules +would do the regular "make install" and then it would automatically download +and set up the latest ruleset from Emerging Threats available for Suricata + + ./configure && make && make install-full + +make install-full +would combine everything mentioned above (install-conf and install-rules) - and +will present you with a ready to run (configured and set up) Suricata Please continue with the Basic_Setup. diff --git a/doc/Fedora_Core.txt b/doc/Fedora_Core.txt index 6f37d685a9..4eecb34356 100644 --- a/doc/Fedora_Core.txt +++ b/doc/Fedora_Core.txt @@ -1,8 +1,8 @@ -Autogenerated on 2012-01-11 +Autogenerated on 2012-11-29 from - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Fedora_Core -Fedora Core +Fedora pre-installation requirements @@ -12,7 +12,7 @@ ensure that you have everything you need for the installation. sudo yum -y install libpcap libpcap-devel libnet libnet-devel pcre \ pcre-devel gcc gcc-c++ automake autoconf libtool make libyaml \ - libyaml-devel zlib zlib-devel libcap-ng libcap-ng-devel + libyaml-devel zlib zlib-devel libcap-ng libcap-ng-devel file-devel file Depending on the current status of your system, it may take a while to complete this process. @@ -36,9 +36,9 @@ Suricata To download and build Suricata, enter the following: - wget http://www.openinfosecfoundation.org/download/suricata-1.0.5.tar.gz - tar -xvzf suricata-1.0.5.tar.gz - cd suricata-1.0.5 + wget http://www.openinfosecfoundation.org/download/suricata-1.3.3.tar.gz + tar -xvzf suricata-1.3.3.tar.gz + cd suricata-1.3.3 If you are building from Git sources, enter all the following commands: @@ -46,8 +46,31 @@ If you are building from Git sources, enter all the following commands: If you are not building from Git sources, enter only the following: - ./configure + ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var make sudo make install + +Auto setup + +You can also use the available auto setup features of Suricata: +ex: + + ./configure && make && make install-conf + +make install-conf +would do the regular "make install" and then it would automatically create/ +setup all the necessary directories and suricata.yaml for you. + + ./configure && make && make install-rules + +make install-rules +would do the regular "make install" and then it would automatically download +and set up the latest ruleset from Emerging Threats available for Suricata + + ./configure && make && make install-full + +make install-full +would combine everything mentioned above (install-conf and install-rules) - and +will present you with a ready to run (configured and set up) Suricata Please continue with the Basic_Setup. diff --git a/doc/FreeBSD_8.txt b/doc/FreeBSD_8.txt index 670ea0fdc3..d3709c5842 100644 --- a/doc/FreeBSD_8.txt +++ b/doc/FreeBSD_8.txt @@ -1,8 +1,8 @@ -Autogenerated on 2012-01-11 +Autogenerated on 2012-11-29 from - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/FreeBSD_8 -FreeBSD 8 +FreeBSD 8 & 9 Pre-installation requirements @@ -11,10 +11,16 @@ Before you can build Suricata for your system, run the following command to ensure that you have everything you need for the installation. Make sure you enter all commands as root/super-user, otherwise it will not work. +For FreeBSD 8: pkg_add -r autoconf262 automake19 gcc45 libyaml pcre libtool \ libnet11 libpcap gmake +For FreeBSD 9.0: + + pkg_add -r autoconf268 automake111 gcc libyaml pcre libtool \ + libnet11 libpcap gmake + Depending on the current status of your system, it may take a while to complete this process. @@ -47,9 +53,9 @@ Suricata To download and build Suricata, enter the following: - wget http://www.openinfosecfoundation.org/download/suricata-1.0.5.tar.gz - tar -xvzf suricata-1.0.5.tar.gz - cd suricata-1.0.5 + wget http://www.openinfosecfoundation.org/download/suricata-1.3.3.tar.gz + tar -xvzf suricata-1.3.3.tar.gz + cd suricata-1.3.3 If you are building from Git sources, enter all the following commands until the end of this file: @@ -59,7 +65,7 @@ the end of this file: If you are not building from Git sources, do not enter the above mentioned commands. Continue enter the following: - ./configure + ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var make make install zerocopy bpf @@ -70,4 +76,27 @@ issue the following command and then start/restart the engine: sysctl net.bpf.zerocopy_enable=1 + +Auto setup + +You can also use the available auto setup features of Suricata: +ex: + + ./configure && make && make install-conf + +make install-conf +would do the regular "make install" and then it would automatically create/ +setup all the necessary directories and suricata.yaml for you. + + ./configure && make && make install-rules + +make install-rules +would do the regular "make install" and then it would automatically download +and set up the latest ruleset from Emerging Threats available for Suricata + + ./configure && make && make install-full + +make install-full +would combine everything mentioned above (install-conf and install-rules) - and +will present you with a ready to run (configured and set up) Suricata Please continue with the Basic_Setup. diff --git a/doc/HTP_library_installation.txt b/doc/HTP_library_installation.txt index 626d64d0a8..827262ff54 100644 --- a/doc/HTP_library_installation.txt +++ b/doc/HTP_library_installation.txt @@ -1,4 +1,4 @@ -Autogenerated on 2012-01-11 +Autogenerated on 2012-11-29 from - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/HTP_library_installation diff --git a/doc/Installation_from_GIT_with_PCRE-JIT.txt b/doc/Installation_from_GIT_with_PCRE-JIT.txt index 1fce57df4c..93aecb0b5b 100644 --- a/doc/Installation_from_GIT_with_PCRE-JIT.txt +++ b/doc/Installation_from_GIT_with_PCRE-JIT.txt @@ -1,4 +1,4 @@ -Autogenerated on 2012-01-11 +Autogenerated on 2012-11-29 from - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Installation_from_GIT_with_PCRE-JIT diff --git a/doc/Installation_with_CUDA_and_PFRING_on_Scientific_Linux_6.txt b/doc/Installation_with_CUDA_and_PFRING_on_Scientific_Linux_6.txt index e23813d0b8..18ea5d1027 100644 --- a/doc/Installation_with_CUDA_and_PFRING_on_Scientific_Linux_6.txt +++ b/doc/Installation_with_CUDA_and_PFRING_on_Scientific_Linux_6.txt @@ -1,4 +1,4 @@ -Autogenerated on 2012-01-11 +Autogenerated on 2012-11-29 from - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Installation_with_CUDA_and_PFRING_on_Scientific_Linux_6 @@ -51,19 +51,22 @@ line to your /etc/rc.local file. PF_RING -Get latest PF_RING from http://sourceforge.net/projects/ntop/files/PF_RING/. -For example (v4.7.1 is necessary for Suricata 1.1beta2): +Go to your download directory and get the latest PF_RING: - wget http://sourceforge.net/projects/ntop/files/PF_RING/PF_RING-4.7.1.tar.gz/ - download - tar -xzvf PF_RING-4.7.1.tar.gz - cd PF_RING-4.7.1/ + svn export https://svn.ntop.org/svn/ntop/trunk/PF_RING/ pfring-svn- + latest -Next, build & install kernel and userland: +Compile and install +Next, enter the following commands for configuration and installation: - make - cd kernel; make install - cd ../userland/lib; make install + cd pfring-svn-latest/kernel + make && sudo make install + cd ../userland/lib + ./configure --prefix=/usr/local/pfring && make && sudo make install + cd ../libpcap-1.1.1-ring + ./configure --prefix=/usr/local/pfring && make && sudo make install + cd ../tcpdump-4.1.1 + ./configure --prefix=/usr/local/pfring && make && sudo make install Load the pf_ring kernel module: diff --git a/doc/Installation_with_CUDA_on_Scientific_Linux_6.txt b/doc/Installation_with_CUDA_on_Scientific_Linux_6.txt index 476f4e72c8..604ee8bcfc 100644 --- a/doc/Installation_with_CUDA_on_Scientific_Linux_6.txt +++ b/doc/Installation_with_CUDA_on_Scientific_Linux_6.txt @@ -1,4 +1,4 @@ -Autogenerated on 2012-01-11 +Autogenerated on 2012-11-29 from - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Installation_with_CUDA_on_Scientific_Linux_6 diff --git a/doc/Installation_with_CUDA_on_Ubuntu_server_1104.txt b/doc/Installation_with_CUDA_on_Ubuntu_server_1104.txt index 27adc85fde..9c6c82fafa 100644 --- a/doc/Installation_with_CUDA_on_Ubuntu_server_1104.txt +++ b/doc/Installation_with_CUDA_on_Ubuntu_server_1104.txt @@ -1,4 +1,4 @@ -Autogenerated on 2012-01-11 +Autogenerated on 2012-11-29 from - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Installation_with_CUDA_on_Ubuntu_server_1104 diff --git a/doc/Installation_with_PF_RING.txt b/doc/Installation_with_PF_RING.txt index bf341de70b..ea4f417238 100644 --- a/doc/Installation_with_PF_RING.txt +++ b/doc/Installation_with_PF_RING.txt @@ -1,4 +1,4 @@ -Autogenerated on 2012-01-11 +Autogenerated on 2012-11-29 from - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Installation_with_PF_RING diff --git a/doc/Mac_OS_X_106x.txt b/doc/Mac_OS_X_106x.txt index 1d3449427d..0f76a0470d 100644 --- a/doc/Mac_OS_X_106x.txt +++ b/doc/Mac_OS_X_106x.txt @@ -1,4 +1,4 @@ -Autogenerated on 2012-01-11 +Autogenerated on 2012-11-29 from - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Mac_OS_X_106x @@ -34,7 +34,8 @@ IPS If you would like to have IPS capabilities with IPFW, then you should run configure like this: - ./configure --enable-ipfw + ./configure --enable-ipfw --prefix=/usr --sysconfdir=/etc --localstatedir=/ + var and execute the rest of the commands the same as above. @@ -42,9 +43,9 @@ Suricata To download and build Suricata, enter the following: - wget http://www.openinfosecfoundation.org/download/suricata-1.0.5.tar.gz - tar -xvzf suricata-1.0.5.tar.gz - cd suricata-1.0.5 + wget http://www.openinfosecfoundation.org/download/suricata-1.3.3.tar.gz + tar -xvzf suricata-1.3.3.tar.gz + cd suricata-1.3.3 You will also need to have an ipfw rule set for the engine to see the packets from ipfw. For example: @@ -64,7 +65,7 @@ If you are building from Git sources, enter the following: If you are not building from Git sources, enter the following: - ./configure + ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var make sudo make install diff --git a/doc/OpenBSD_Installation_from_GIT.txt b/doc/OpenBSD_Installation_from_GIT.txt index 56f1d2fae9..b5f270000b 100644 --- a/doc/OpenBSD_Installation_from_GIT.txt +++ b/doc/OpenBSD_Installation_from_GIT.txt @@ -1,4 +1,4 @@ -Autogenerated on 2012-01-11 +Autogenerated on 2012-11-29 from - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/OpenBSD_Installation_from_GIT @@ -52,5 +52,28 @@ To build and install Suricata, enter the following in your command line: make make install + +Auto setup + +You can also use the available auto setup features of Suricata: +ex: + + ./configure && make && make install-conf + +make install-conf +would do the regular "make install" and then it would automatically create/ +setup all the necessary directories and suricata.yaml for you. + + ./configure && make && make install-rules + +make install-rules +would do the regular "make install" and then it would automatically download +and set up the latest ruleset from Emerging Threats available for Suricata + + ./configure && make && make install-full + +make install-full +would combine everything mentioned above (install-conf and install-rules) - and +will present you with a ready to run (configured and set up) Suricata Next, continue with the Basic_Setup. Source: http://home.regit.org/?p=478 diff --git a/doc/Setting_up_IPSinline_for_Linux.txt b/doc/Setting_up_IPSinline_for_Linux.txt index f1d3e4208d..68eaceacce 100644 --- a/doc/Setting_up_IPSinline_for_Linux.txt +++ b/doc/Setting_up_IPSinline_for_Linux.txt @@ -1,4 +1,4 @@ -Autogenerated on 2012-01-11 +Autogenerated on 2012-11-29 from - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Setting_up_IPSinline_for_Linux diff --git a/doc/Third_Party_Installation_Guides.txt b/doc/Third_Party_Installation_Guides.txt index 457e87f1b1..4028d2924e 100644 --- a/doc/Third_Party_Installation_Guides.txt +++ b/doc/Third_Party_Installation_Guides.txt @@ -1,4 +1,4 @@ -Autogenerated on 2012-01-11 +Autogenerated on 2012-11-29 from - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Third_Party_Installation_Guides diff --git a/doc/Ubuntu_Installation.txt b/doc/Ubuntu_Installation.txt index 6a95e1e840..7bf9084649 100644 --- a/doc/Ubuntu_Installation.txt +++ b/doc/Ubuntu_Installation.txt @@ -1,4 +1,4 @@ -Autogenerated on 2012-01-11 +Autogenerated on 2012-11-29 from - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Ubuntu_Installation @@ -13,7 +13,7 @@ ensure that you have everything you need for the installation. sudo apt-get -y install libpcre3 libpcre3-dbg libpcre3-dev \ build-essential autoconf automake libtool libpcap-dev libnet1-dev \ libyaml-0-2 libyaml-dev zlib1g zlib1g-dev libcap-ng-dev libcap-ng0 \ - make + make libmagic-dev Depending on the current status of your system, it may take a while to complete this process. @@ -37,24 +37,48 @@ Suricata To download and build Suricata, enter the following: - wget http://www.openinfosecfoundation.org/download/suricata-1.0.5.tar.gz - tar -xvzf suricata-1.0.5.tar.gz - cd suricata-1.0.5/ + wget http://www.openinfosecfoundation.org/download/suricata-1.3.3.tar.gz + tar -xvzf suricata-1.3.3.tar.gz + cd suricata-1.3.3 Compile and install the engine If you plan to build Suricata with IPS capabilities, enter: - ./configure --enable-nfqueue + ./configure --enable-nfqueue --prefix=/usr --sysconfdir=/etc -- + localstatedir=/var instead of - ./configure + ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var Continue with the next commands: - ./configure + ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var make sudo make install sudo ldconfig + +Auto setup + +You can also use the available auto setup features of Suricata: +ex: + + ./configure && make && make install-conf + +make install-conf +would do the regular "make install" and then it would automatically create/ +setup all the necessary directories and suricata.yaml for you. + + ./configure && make && make install-rules + +make install-rules +would do the regular "make install" and then it would automatically download +and set up the latest ruleset from Emerging Threats available for Suricata + + ./configure && make && make install-full + +make install-full +would combine everything mentioned above (install-conf and install-rules) - and +will present you with a ready to run (configured and set up) Suricata Please continue with Basic_Setup. diff --git a/doc/Ubuntu_Installation_from_GIT.txt b/doc/Ubuntu_Installation_from_GIT.txt index 4b8ea7a57e..086f8431ba 100644 --- a/doc/Ubuntu_Installation_from_GIT.txt +++ b/doc/Ubuntu_Installation_from_GIT.txt @@ -1,4 +1,4 @@ -Autogenerated on 2012-01-11 +Autogenerated on 2012-11-29 from - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Ubuntu_Installation_from_GIT @@ -18,7 +18,7 @@ ensure that you have everything you need for the installation. sudo apt-get -y install libpcre3 libpcre3-dbg libpcre3-dev \ build-essential autoconf automake libtool libpcap-dev libnet1-dev \ libyaml-0-2 libyaml-dev zlib1g zlib1g-dev libcap-ng-dev libcap-ng0 \ - make + make libmagic-dev sudo apt-get install git-core @@ -76,6 +76,32 @@ To install Suricata, enter: sudo make install sudo ldconfig + +Auto setup + +You can also use the available auto setup features of Suricata: +ex: + + ./configure && make && make install-conf + + +make install-conf +would do the regular "make install" and then it would automatically create/ +setup all the necessary directories and suricata.yaml for you. + + ./configure && make && make install-rules + + +make install-rules +would do the regular "make install" and then it would automatically download +and set up the latest ruleset from Emerging Threats available for Suricata + + ./configure && make && make install-full + + +make install-full +would combine everything mentioned above (install-conf and install-rules) - and +will present you with a ready to run (configured and set up) Suricata Please continue with Basic_Setup. In case you have already made a map for the most recent code, downloaded the code into that map, and want to download recent code again, please enter: diff --git a/doc/Windows.txt b/doc/Windows.txt index ce2a41adcd..ce94b1fe9a 100644 --- a/doc/Windows.txt +++ b/doc/Windows.txt @@ -1,9 +1,15 @@ -Autogenerated on 2012-01-11 +Autogenerated on 2012-11-29 from - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Windows Windows +NOTE - +A new instruction set for Suricata installation (and/or compilation from +scratch) can be found here: +https://redmine.openinfosecfoundation.org/projects/suricata/files +also a windows binary - self extracting auto install package is available here: +http://www.openinfosecfoundation.org/index.php/download-suricata Preparing the build environment