@ -1,16 +1,24 @@
About
=====
Suricata is a multi-threaded intrusion detection/prevention engine.
After getting the git copy, you will need to get some depends.
engine available from the Open Information Security Foundation
(http://www.openinfosecfoundation.org).
Suricata and the HTP library are licensed under the GPLv2. A copy of this
license is available in this tarball, or at:
http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
Build Requirements
==================
gcc
make
g++
If building from the git repository you will also need:
automake
autoconf
libtool
make
g++
Library Requirements
@ -19,260 +27,537 @@ libpcre
libnet 1.1.x
libyaml
libpcap
libnetfilter-queue and libfnetlink (optional for use with ./configure --enable-nfq)
libpthread (should be part of most glibc's)
libpfring(optional for use with ./configure --enable-pfring)
libnetfilter-queue and libfnetlink (optional for use with
./configure --enable-nfq)
libpthread (should be part of most glibc's)
libpfring (optional for use with ./configure --enable-pfring)
libz
htp
For Debian/Ubuntu Users
=======================
cd your_local_git_branch
sudo apt-get -y install libpcre3 libpcre3-dbg libpcre3-dev build-essential autoconf automake libtool libpcap-dev libnet1-dev libyaml-0-1 libyaml-dev
sudo apt-get -y install libpcre3 libpcre3-dbg libpcre3-dev \
build-essential autoconf automake libtool libpcap-dev libnet1-dev \
libyaml-0-1 libyaml-dev zlib1g zlib1g-dev
### HTP
wget http://www.openinfosecfoundation.org/download/htp-current.tar.gz
tar -xzvf htp-current.tar.gz
cd htp-<version>
./configure
make
make install
ldconfig
#if using ubuntu-8.04 to use prebuilt yaml packages you need to uncomment the following two lines in your /etc/apt/sources.list to enable hardy-backports.
#deb http://us.archive.ubuntu.com/ubuntu/ hardy-backports main restricted universe multiverse
#deb-src http://us.archive.ubuntu.com/ubuntu/ hardy-backports main restricted universe multiverse
#if using ubuntu-8.04 to use prebuilt yaml packages you need to
uncomment the following two lines in your /etc/apt/sources.list to
enable hardy-backports.
#deb http://us.archive.ubuntu.com/ubuntu/ hardy-backports main
restricted universe multiverse
#deb-src http://us.archive.ubuntu.com/ubuntu/ hardy-backports main
restricted universe multiverse
#if building with IPS capabilities via ./configure --enable-nfq
sudo apt-get -y install libnetfilter-queue-dev libnetfilter-queue1 libnfnetlink-dev libnfnetlink0
sudo apt-get -y install libnetfilter-queue-dev libnetfilter-queue1
libnfnetlink-dev libnfnetlink0
### Suricata:
wget http://www.openinfosecfoundation.org/download/suricata-current.tar.gz
tar -xvzf suricata-current.tar.gz
cd suricata.<version>
If building from git sources:
bash autojunk.sh
./configure --enable-unittests
sudo mkdir /var/log/eidps/
cd src
#else
./configure
sudo mkdir /var/log/suricata/
make
./eidps
make install
For Fedora Core Users
=====================
cd your_local_git_branch
sudo yum -y install libpcap libpcap-devel libnet libnet-devel pcre pcre-devel gcc gcc-c++ automake autoconf libtool make libyaml libyaml-devel
sudo yum -y install libpcap libpcap-devel libnet libnet-devel pcre \
pcre-devel gcc gcc-c++ automake autoconf libtool make libyaml \
libyaml-devel zlib zlib-devel
#if building with IPS capabilities via ./configure --enable-nfq
sudo yum -y install libnfnetlink libnfnetlink-devel libnetfilter_queue libnetfilter_queue-devel
### HTP
wget http://www.openinfosecfoundation.org/download/htp-current.tar.gz
tar -xzvf htp-current.tar.gz
cd htp-<version>
./configure
make
make install
ldconfig
#if building with IPS capabilities via ./configure --enable-nfq
sudo yum -y install libnfnetlink libnfnetlink-devel \
libnetfilter_queue libnetfilter_queue-devel
### Suricata:
#Retrieve and install Suricata
wget http://www.openinfosecfoundation.org/download/suricata-current.tar.gz
tar -xvzf suricata-current.tar.gz
cd suricata.<version>
If building from git sources:
bash autojunk.sh
./configure --enable-unittests
sudo mkdir /var/log/eidps/
cd src
#else
./configure
sudo mkdir /var/log/suricata/
make
./eidps
make install
For CentOS5 Users
=================
cd your_local_git_branch
#You will be required to use the fedora EPEL repository for some packages to enable this repo it is the same for i386 or x86_64
#You will be required to use the fedora EPEL repository for some
packages to enable this repo it is the same for i386 or x86_64
sudo rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.rpm
sudo yum -y install libpcap libpcap-devel libnet libnet-devel pcre pcre-devel gcc automake autoconf libtool make gcc-c++ libyaml libyaml-devel
sudo yum -y install libpcap libpcap-devel libnet libnet-devel pcre \
pcre-devel gcc automake autoconf libtool make gcc-c++ libyaml \
libyaml-devel zlib zlib-devel
#if building with IPS capabilities via ./configure --enable-nfq there are no pre-built packages in CentOS base or EPEL for libnfnetlink and libnetfilter_queue.
#If you wish you can use the rpms in the emerging threats CentOS 5 repo.
### HTP
wget http://www.openinfosecfoundation.org/download/htp-current.tar.gz
tar -xzvf htp-current.tar.gz
cd htp-<version>
./configure
make
make install
ldconfig
#i386
sudo rpm -Uvh http://www.emergingthreats.net/emergingrepo/i386/libnetfilter_queue-0.0.15-1.i386.rpm http://www.emergingthreats.net/emergingrepo/i386/libnetfilter_queue-devel-0.0.15-1.i386.rpm http://www.emergingthreats.net/emergingrepo/i386/libnfnetlink-0.0.30-1.i386.rpm http://www.emergingthreats.net/emergingrepo/i386/libnfnetlink-devel-0.0.30-1.i386.rpm
#if building with IPS capabilities via ./configure --enable-nfq there
are no pre-built packages in CentOS base or EPEL for libnfnetlink and
libnetfilter_queue.
#If you wish you can use the rpms in the emerging threats CentOS 5
repo.
#i386
sudo rpm -Uvh http://www.emergingthreats.net/emergingrepo/i386/libnetfilter_queue-0.0.15-1.i386.rpm \
http://www.emergingthreats.net/emergingrepo/i386/libnetfilter_queue-devel-0.0.15-1.i386.rpm \
http://www.emergingthreats.net/emergingrepo/i386/libnfnetlink-0.0.30-1.i386.rpm \
http://www.emergingthreats.net/emergingrepo/i386/libnfnetlink-devel-0.0.30-1.i386.rpm
#x86_64
sudo rpm -Uvh http://www.emergingthreats.net/emergingrepo/x86_64/libnetfilter_queue-0.0.15-1.x86_64.rpm http://www.emergingthreats.net/emergingrepo/x86_64/libnetfilter_queue-devel-0.0.15-1.x86_64.rpm http://www.emergingthreats.net/emergingrepo/x86_64/libnfnetlink-0.0.30-1.x86_64.rpm http://www.emergingthreats.net/emergingrepo/x86_64/libnfnetlink-devel-0.0.30-1.x86_64.rpm
sudo rpm -Uvh http://www.emergingthreats.net/emergingrepo/x86_64/libnetfilter_queue-0.0.15-1.x86_64.rpm \
http://www.emergingthreats.net/emergingrepo/x86_64/libnetfilter_queue-devel-0.0.15-1.x86_64.rpm \
http://www.emergingthreats.net/emergingrepo/x86_64/libnfnetlink-0.0.30-1.x86_64.rpm \
http://www.emergingthreats.net/emergingrepo/x86_64/libnfnetlink-devel-0.0.30-1.x86_64.rpm
### Suricata:
#Retrieve and install Suricata
wget http://www.openinfosecfoundation.org/download/suricata-current.tar.gz
tar -xvzf suricata-current.tar.gz
cd suricata.<version>
If building from git sources:
bash autojunk.sh
./configure --enable-unittests
sudo mkdir /var/log/eidps/
cd src
#else
./configure
sudo mkdir /var/log/suricata/
make
./eidps
make install
For Mac OS X Users
==================
# The following instructions has been tested with Snow Leopard, Mac OS X 10.6.1.
# First of all you need an essential developmnet environment like gcc/make. You can also download and install a set basic set of development tools Xcode from http://developer.apple.com/technology/xcode.html . You need macports to fetch the depends
# By default macports place the libraries at /opt/local/lib and /opt/local/include. The configuration should take care of this.
# The following instructions has been tested with Snow Leopard,
Mac OS X 10.6.1.
# First of all you need an essential developmnet environment like
gcc/make. You can also download and install a set basic set of
development tools Xcode from
http://developer.apple.com/technology/xcode.html
# You need macports to fetch the depends
# By default macports place the libraries at /opt/local/lib and
/opt/local/include. The configuration should take care of this.
port install autoconf automake gcc44 make libnet11 libpcap pcre \
libyaml libtool
export AC_PROG_LIBTOOL=$( which libtool )
### HTP
wget http://www.openinfosecfoundation.org/download/htp-current.tar.gz
tar -xzvf htp-current.tar.gz
cd htp-<version>
./configure
make
make install
ldconfig
### Suricata:
#Retrieve and install Suricata
wget http://www.openinfosecfoundation.org/download/suricata-current.tar.gz
tar -xvzf suricata-current.tar.gz
cd suricata.<version>
If building from git sources:
bash autojunk.sh
#else
./configure
sudo mkdir /var/log/suricata/
make
make install
port install autoconf automake gcc44 make libnet11 libpcap pcre libyaml libtool
cd your_local_git_branch
export AC_PROG_LIBTOOL=$( which libtool )
#If autojunk, or ./configure fail, re export AC_PROG_LIBTOOL and try
one more time.
For FreeBSD 8 Users
===================
pkg_add -r autoconf262 automake19 gcc45 libyaml pcre libtool \
libnet11 libpcap gmake
### HTP
wget http://www.openinfosecfoundation.org/download/htp-current.tar.gz
tar -xzvf htp-current.tar.gz
cd htp-<version>
./configure
make
make install
ldconfig
### Suricata:
#Retrieve and install Suricata
wget http://www.openinfosecfoundation.org/download/suricata-current.tar.gz
tar -xvzf suricata-current.tar.gz
cd suricata.<version>
If building from git sources:
bash autojunk.sh
sudo mkdir /var/log/eidps/
./configure --enable-unittests
cd src/
#else
./configure
sudo mkdir /var/log/suricata/
make
./eidps
make install
#additionally FreeBSD 8 has support for zero-copy bpf in libpcap to
try out this functionality issue the following command and then
start,restart the engine.
sysctl net.bpf.zerocopy_enable=1
#If autojunk, or ./configure fail, re export AC_PROG_LIBTOOL and try one more time.
*****************
Basic Installation
==================
These are generic installation instructions.
The `configure' shell script attempts to guess correct values for
various system-dependent variables used during compilation. It uses
those values to create a `Makefile' in each directory of the package.
It may also create one or more `.h' files containing system-dependent
definitions. Finally, it creates a shell script `config.status' that
you can run in the future to recreate the current configuration, a file
`config.cache' that saves the results of its tests to speed up
reconfiguring, and a file `config.log' containing compiler output
(useful mainly for debugging `configure').
The details below contain general installation instructions and
information.
As development on the Suricata engine progresses these instructions
will be updated.
As an open source project, it is important that you (the users) provide
feedback that allows OISF to identify and address your needs rapidly.
Therefore, if you identify any bugs or difficulties in the installation
process, please forward detailed information to OISF using the following
email address:
If you need to do unusual things to compile the package, please try
to figure out how `configure' could check whether to do them, and mail
diffs or instructions to the address given in the `README' so they can
be considered for the next release. If at some point `config.cache'
contains results you don't want to keep, you may remove or edit it.
bugreports@openinfosecfoundation.org
The file `configure.in' is used to create `configure' by a program
called `autoconf'. You only need `configure.in' if you want to change
it or regenerate `configure' using a newer version of `autoconf'.
All submissions will be reviewed, prioritized and addressed for inclusion
in future releases of the Suricata engine and/or this document.
The simplest way to compile this package is:
1. `cd' to the directory containing the package's source code and type
`./configure' to configure the package for your system. If you're
using `csh' on an old version of System V, you might need to type
`sh ./configure' instead to prevent `csh' from trying to execute
`configure' itself.
The configure shell script attempts to determine correct values for
the various system-dependent variables used during the compile process.
The values identified in this process are used to create a Makefile in
each directory of the package. One or more .h files may also be created
at this time containing required system-dependent definitions. The files
created are:
- a shell script config.status, this script can be utilized in
the future to recreate the current configuration
- a config.cache file that saves the results of its tests to speed up
reconfiguring
- and a config.log file that contains compiler output (useful mainly for
debugging configure)
Running `configure' takes a while. While running, it prints some
messages telling which features it is checking for.
2. Type `make' to compile the package.
If your configuration requires unique actions to compile the package
and/or you significantly modify the configure shell script, please
forward the details of your requirements and/or solution using the
following email address:
3. Type `make install' to install the programs and any data files and
bugreports@openinfosecfoundation.org
All submissions will be addressed for inclusion in the next release.
If at some point config.cache contains results that are no longer
required, the cache can be removed and/or edited to eliminate those
results.
The file configure.in is used to create configure utilizing a
program called autoconf. The configure.in file is only required if
you need to change or regenerate configure using a newer version of
autoconf.
General Compile Instructions for this Package are:
==================================================
1. cd to the directory containing the Suricata package source code and
enter ./configure to configure the package for your system. If
using csh on an old version of System V, users might need to enter
sh ./configure instead to prevent csh from trying to execute
configure automatically.
This process (running configure) will take some time. While this
process runs, messages detailing the configuration progress (i.e.
which features it is checking for, etc...) will be displayed on the
screen.
2. Type make to compile the package.
3. Type make install to install the programs and any data files and
documentation.
4. You can remove the program binaries and object files from the
source code directory by typing `make clean'.
4. The program binaries and object files can be removed from the
source code directory by typing make clean.
Ruleset and Log File Details
============================
Once the Suricata engine is compiled and installed, users must define
(or reference) the location that the ruleset is stored. Suricata is
compatible with standard Snort rulesets. A sample standard configuration
file can be found in the Suricata base directory. This file is called
'suricata.yaml'. In this file, configuration details are entered that set
the location for log files, log file and alert formats, and rule variable
definitions.
Network Variables are in the format of
VARIABLE:"[X.Y.Z.A/NETMASK]"
For example:
The Variable HOME_NET (for a home network with the IP range
192.168.0.0/16) would be represented as
HOME_NET:"[192.168.0.0/16]"
When setting a variable to the value of another variable, the variable
referenced must be quoted. For example to set the variable HTTP_SERVERS to HOME_NET, HTTP_SERVERS would be configured as:
HTTP_SERVERS:"$HOME_NET".
Compilers and Options
=====================
Some systems require unusual options for compilation or linking that
the `configure' script does not know about. You can give `configure'
initial values for variables by setting them in the environment. Using
a Bourne-compatible shell, you can do that on the command line like
this:
Some systems may require unique or unusual options or linking in the
compile process that the `configure' script is not able to identify
automatically. Users are able to enter initial values for configure
variables by setting them in the environment.
For Example:
- a Bourne-compatible shell, would require a command line entry as
displayed below:
CC=c89 CFLAGS=-O2 LIBS=-lposix ./configure
Or on systems that have the `env' program, you can do it like this:
- systems that have the env program, will utilize the following command
line entry:
env CPPFLAGS=-I/usr/local/include LDFLAGS=-s ./configure
Compiling For Multiple Architectures
====================================
You can compile the package for more than one kind of computer at the
same time, by placing the object files for each architecture in their
own directory. To do this, you must use a version of `make' that
supports the `VPATH' variable, such as GNU `make'. `cd' to the
directory where you want the object files and executables to go and run
the `configure' script. `configure' automatically checks for the
source code in the directory that `configure' is in and in `..'.
If you have to use a `make' that does not supports the `VPATH'
variable, you have to compile the package for one architecture at a time
in the source code directory. After you have installed the package for
one architecture, use `make distclean' before reconfiguring for another
architecture.
The Suricata engine package may be compiled for more than one kind of
computer simultaneously by placing the object files for each architecture
in their own directory.
Installation Names
==================
By default, `make install' will install the package's files in
`/usr/local/bin', `/usr/local/man', etc. You can specify an
installation prefix other than `/usr/local' by giving `configure' the
option `--prefix=PATH'.
To do this, users must use a version of make that supports the `VPATH'
variable, such as GNU make.
You can specify separate installation prefixes for
architecture-specific files and architecture-independent files. If you
give `configure' the option `--exec-prefix=PATH', the package will use
PATH as the prefix for installing programs and libraries.
Documentation and other data files will still use the regular prefix.
- cd to the directory where the object files and executables are to be
stored and run the `configure script. configure automatically searches
for the source code in the directory that configure is stored in and in
‘
If the package supports it, you can cause programs to be installed
with an extra prefix or suffix on their names by giving `configure' the
option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'.
Optional Features
=================
If a user is using a make that does not supports the VPATH variable,
the package can only be compiled for one architecture at a time in the
source code directory. After completing package installation for one
architecture, make distclean must be executed before reconfiguring for
another architecture.
Some packages pay attention to `--enable-FEATURE' options to
`configure', where FEATURE indicates an optional part of the package.
They may also pay attention to `--with-PACKAGE' options, where PACKAGE
is something like `gnu-as' or `x' (for the X Window System). The
`README' should mention any `--enable-' and `--with-' options that the
package recognizes.
For packages that use the X Window System, `configure' can usually
find the X include and library files automatically, but if it doesn't,
you can use the `configure' options `--x-includes=DIR' and
`--x-libraries=DIR' to specify their locations.
Specifying the System Type
==========================
There may be some features `configure' can not figure out
automatically, but needs to determine by the type of host the package
will run on. Usually `configure' can figure that out, but if it prints
a message saying it can not guess the host type, give it the
`--host=TYPE' option. TYPE can either be a short name for the system
type, such as `sun4', or a canonical name with three fields:
CPU-COMPANY-SYSTEM
See the file `config.sub' for the possible values of each field. If
`config.sub' isn't included in this package, then this package doesn't
need to know the host type.
If you are building compiler tools for cross-compiling, you can also
use the `--target=TYPE' option to select the type of system they will
produce code for and the `--build=TYPE' option to select the type of
system on which you are compiling the package.
Sharing Defaults
================
If you want to set default values for `configure' scripts to share,
you can create a site shell script called `config.site' that gives
default values for variables like `CC', `cache_file', and `prefix'.
`configure' looks for `PREFIX/share/config.site' if it exists, then
`PREFIX/etc/config.site' if it exists. Or, you can set the
`CONFIG_SITE' environment variable to the location of the site script.
A warning: not all `configure' scripts look for a site script.
Operation Controls
Installation Names
==================
`configure' recognizes the following options to control how it
operates.
`--cache-file=FILE'
Use and save the results of the tests in FILE instead of
`./config.cache'. Set FILE to `/dev/null' to disable caching, for
debugging `configure'.
By default, make install will install the package's files in
/usr/local/bin, /usr/local/man, etc... An installation prefix other than
/usr/local can be configured by giving configure the option --prefix=PATH.
`--help'
Print a summary of the options to `configure', and exit.
Separate installation prefixes can be configured for
architecture-specific files and architecture-independent files. By
entering --exec-prefix=PATH into the configure, the package will use
PATH as the prefix for installing programs and libraries. Documentation
and other data files will still use the regular prefix.
`--quiet'
`--silent'
`-q'
Do not print messages saying which checks are being made.
If supported by the package, users can configure programs to be
installed with an extra prefix or suffix on their names by giving
configure the option --program-prefix=PREFIX or --program-suffix=SUFFIX.
`--srcdir=DIR'
Look for the package's source code in directory DIR. Usually
`configure' can determine that directory automatically.
`--version'
Print the version of Autoconf used to generate the `configure'
script, and exit.
Configure Options
==================
./configure --help
`configure' configures this package to adapt to many kinds of systems.
Usage: ./configure [OPTION]... [VAR=VALUE]...
To assign environment variables (e.g., CC, CFLAGS...), specify them as
VAR=VALUE. See below for descriptions of some of the useful variables.
Defaults for the options are specified in brackets.
Configuration:
-h, --help display this help and exit
--help=short display options specific to this package
--help=recursive display the short help of all the included
packages
-V, --version display version information and exit
-q, --quiet, --silent do not print `checking...' messages
--cache-file=FILE cache test results in FILE [disabled]
-C, --config-cache alias for `--cache-file=config.cache'
-n, --no-create do not create output files
--srcdir=DIR find the sources in DIR [configure dir or `..']
Installation directories:
--prefix=PREFIX install architecture-independent files in PREFIX
[/usr/local]
--exec-prefix=EPREFIX install architecture-dependent files in EPREFIX
[PREFIX]
By default, `make install' will install all the files in
`/usr/local/bin', `/usr/local/lib' etc. You can specify
an installation prefix other than `/usr/local' using `--prefix',
for instance `--prefix=$HOME'.
For better control, use the options below.
Fine tuning of the installation directories:
--bindir=DIR user executables [EPREFIX/bin]
--sbindir=DIR system admin executables [EPREFIX/sbin]
--libexecdir=DIR program executables [EPREFIX/libexec]
--sysconfdir=DIR read-only single-machine data [PREFIX/etc]
--sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
--localstatedir=DIR modifiable single-machine data [PREFIX/var]
--libdir=DIR object code libraries [EPREFIX/lib]
--includedir=DIR C header files [PREFIX/include]
--oldincludedir=DIR C header files for non-gcc [/usr/include]
--datarootdir=DIR read-only arch.-independent data root [PREFIX/share]
--datadir=DIR read-only architecture-independent data [DATAROOTDIR]
--infodir=DIR info documentation [DATAROOTDIR/info]
--localedir=DIR locale-dependent data [DATAROOTDIR/locale]
--mandir=DIR man documentation [DATAROOTDIR/man]
--docdir=DIR documentation root [DATAROOTDIR/doc/PACKAGE]
--htmldir=DIR html documentation [DOCDIR]
--dvidir=DIR dvi documentation [DOCDIR]
--pdfdir=DIR pdf documentation [DOCDIR]
--psdir=DIR ps documentation [DOCDIR]
Program names:
--program-prefix=PREFIX prepend PREFIX to installed program names
--program-suffix=SUFFIX append SUFFIX to installed program names
--program-transform-name=PROGRAM run sed PROGRAM on installed program names
System types:
--build=BUILD configure for building on BUILD [guessed]
--host=HOST cross-compile to build programs to run on HOST [BUILD]
Optional Features:
--disable-option-checking ignore unrecognized --enable/--with options
--disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no)
--enable-FEATURE[=ARG] include FEATURE [ARG=yes]
--disable-dependency-tracking speeds up one-time build
--enable-dependency-tracking do not reject slow dependency extractors
--enable-shared[=PKGS] build shared libraries [default=yes]
--enable-static[=PKGS] build static libraries [default=yes]
--enable-fast-install[=PKGS]
optimize for fast installation [default=yes]
--disable-libtool-lock avoid locking (might break parallel builds)
--enable-gccprotect Detect and use gcc hardening options
--enable-nfqueue Enable NFQUEUE support for inline IDP
--enable-pfring Enable Native PF_RING support
--enable-unittests Enable compilation of the unit tests
--enable-debug Enable debug output
Optional Packages:
--with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
--without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no)
--with-pic try to use only PIC/non-PIC objects [default=use
both]
--with-gnu-ld assume the C compiler uses GNU ld [default=no]
--with-libpcre-includes=DIR libpcre include directory
--with-libpcre-libraries=DIR libpcre library directory
--with-libyaml-includes=DIR libyaml include directory
--with-libyaml-libraries=DIR libyaml library directory
--with-libpthread-includes=DIR libpthread include directory
--with-libpthread-libraries=DIR libpthread library directory
--with-libnfnetlink-includes=DIR libnfnetlink include directory
--with-libnfnetlink-libraries=DIR libnfnetlink library directory
--with-libnetfilter_queue-includes=DIR libnetfilter_queue include directory
--with-libnetfilter_queue-libraries=DIR libnetfilter_queue
library directory
--with-libnet-includes=DIR libnet include directory
--with-libnet-libraries=DIR libnet library directory
--with-libpfring-includes=DIR libpfring include directory
--with-libpfring-libraries=DIR libpfring library directory
--with-libpcap-includes=DIR libpcap include directory
--with-libpcap-libraries=DIR libpcap library directory
--with-libhtp-includes=DIR libhtp include directory
--with-libhtp-libraries=DIR libhtp library directory
Some influential environment variables:
CC C compiler command
CFLAGS C compiler flags
LDFLAGS linker flags, e.g. -L<lib dir> if you have libraries in a
nonstandard directory <lib dir>
LIBS libraries to pass to the linker, e.g. -l<library>
CPPFLAGS C/C++/Objective C preprocessor flags, e.g. -I<include dir> if
you have headers in a nonstandard directory <include dir>
CPP C preprocessor
Use these variables to override the choices made by `configure' or to help
it to find libraries and programs with nonstandard names/locations.
`configure' also accepts some other, not widely useful, options.
Victor Julien
15 years ago