diff --git a/doc/INSTALL b/doc/INSTALL index 2494e8bbc5..964ec26ac1 100644 --- a/doc/INSTALL +++ b/doc/INSTALL @@ -1,16 +1,24 @@ About ===== Suricata is a multi-threaded intrusion detection/prevention engine. -After getting the git copy, you will need to get some depends. +engine available from the Open Information Security Foundation +(http://www.openinfosecfoundation.org). + +Suricata and the HTP library are licensed under the GPLv2. A copy of this +license is available in this tarball, or at: +http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt + Build Requirements ================== gcc +make +g++ + +If building from the git repository you will also need: automake autoconf libtool -make -g++ Library Requirements @@ -19,260 +27,537 @@ libpcre libnet 1.1.x libyaml libpcap -libnetfilter-queue and libfnetlink (optional for use with ./configure --enable-nfq) -libpthread (should be part of most glibc's) -libpfring(optional for use with ./configure --enable-pfring) +libnetfilter-queue and libfnetlink (optional for use with + ./configure --enable-nfq) +libpthread (should be part of most glibc's) +libpfring (optional for use with ./configure --enable-pfring) +libz +htp + For Debian/Ubuntu Users ======================= - cd your_local_git_branch - sudo apt-get -y install libpcre3 libpcre3-dbg libpcre3-dev build-essential autoconf automake libtool libpcap-dev libnet1-dev libyaml-0-1 libyaml-dev + sudo apt-get -y install libpcre3 libpcre3-dbg libpcre3-dev \ + build-essential autoconf automake libtool libpcap-dev libnet1-dev \ + libyaml-0-1 libyaml-dev zlib1g zlib1g-dev + + ### HTP + wget http://www.openinfosecfoundation.org/download/htp-current.tar.gz + tar -xzvf htp-current.tar.gz + cd htp- + ./configure + make + make install + ldconfig - #if using ubuntu-8.04 to use prebuilt yaml packages you need to uncomment the following two lines in your /etc/apt/sources.list to enable hardy-backports. - #deb http://us.archive.ubuntu.com/ubuntu/ hardy-backports main restricted universe multiverse - #deb-src http://us.archive.ubuntu.com/ubuntu/ hardy-backports main restricted universe multiverse + #if using ubuntu-8.04 to use prebuilt yaml packages you need to + uncomment the following two lines in your /etc/apt/sources.list to + enable hardy-backports. + #deb http://us.archive.ubuntu.com/ubuntu/ hardy-backports main + restricted universe multiverse + #deb-src http://us.archive.ubuntu.com/ubuntu/ hardy-backports main + restricted universe multiverse #if building with IPS capabilities via ./configure --enable-nfq - sudo apt-get -y install libnetfilter-queue-dev libnetfilter-queue1 libnfnetlink-dev libnfnetlink0 - + sudo apt-get -y install libnetfilter-queue-dev libnetfilter-queue1 + libnfnetlink-dev libnfnetlink0 + + ### Suricata: + wget http://www.openinfosecfoundation.org/download/suricata-current.tar.gz + tar -xvzf suricata-current.tar.gz + cd suricata. + + If building from git sources: bash autojunk.sh - ./configure --enable-unittests - sudo mkdir /var/log/eidps/ - cd src + + #else + ./configure + sudo mkdir /var/log/suricata/ make - ./eidps + make install + + For Fedora Core Users ===================== - cd your_local_git_branch - sudo yum -y install libpcap libpcap-devel libnet libnet-devel pcre pcre-devel gcc gcc-c++ automake autoconf libtool make libyaml libyaml-devel + sudo yum -y install libpcap libpcap-devel libnet libnet-devel pcre \ + pcre-devel gcc gcc-c++ automake autoconf libtool make libyaml \ + libyaml-devel zlib zlib-devel - #if building with IPS capabilities via ./configure --enable-nfq - sudo yum -y install libnfnetlink libnfnetlink-devel libnetfilter_queue libnetfilter_queue-devel + ### HTP + wget http://www.openinfosecfoundation.org/download/htp-current.tar.gz + tar -xzvf htp-current.tar.gz + cd htp- + ./configure + make + make install + ldconfig + #if building with IPS capabilities via ./configure --enable-nfq + sudo yum -y install libnfnetlink libnfnetlink-devel \ + libnetfilter_queue libnetfilter_queue-devel + + ### Suricata: + #Retrieve and install Suricata + wget http://www.openinfosecfoundation.org/download/suricata-current.tar.gz + tar -xvzf suricata-current.tar.gz + cd suricata. + + If building from git sources: bash autojunk.sh - ./configure --enable-unittests - sudo mkdir /var/log/eidps/ - cd src + + #else + ./configure + sudo mkdir /var/log/suricata/ make - ./eidps + make install + + For CentOS5 Users ================= - cd your_local_git_branch - - #You will be required to use the fedora EPEL repository for some packages to enable this repo it is the same for i386 or x86_64 + #You will be required to use the fedora EPEL repository for some + packages to enable this repo it is the same for i386 or x86_64 sudo rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.rpm - sudo yum -y install libpcap libpcap-devel libnet libnet-devel pcre pcre-devel gcc automake autoconf libtool make gcc-c++ libyaml libyaml-devel + sudo yum -y install libpcap libpcap-devel libnet libnet-devel pcre \ + pcre-devel gcc automake autoconf libtool make gcc-c++ libyaml \ + libyaml-devel zlib zlib-devel - #if building with IPS capabilities via ./configure --enable-nfq there are no pre-built packages in CentOS base or EPEL for libnfnetlink and libnetfilter_queue. - #If you wish you can use the rpms in the emerging threats CentOS 5 repo. + ### HTP + wget http://www.openinfosecfoundation.org/download/htp-current.tar.gz + tar -xzvf htp-current.tar.gz + cd htp- + ./configure + make + make install + ldconfig - #i386 - sudo rpm -Uvh http://www.emergingthreats.net/emergingrepo/i386/libnetfilter_queue-0.0.15-1.i386.rpm http://www.emergingthreats.net/emergingrepo/i386/libnetfilter_queue-devel-0.0.15-1.i386.rpm http://www.emergingthreats.net/emergingrepo/i386/libnfnetlink-0.0.30-1.i386.rpm http://www.emergingthreats.net/emergingrepo/i386/libnfnetlink-devel-0.0.30-1.i386.rpm + #if building with IPS capabilities via ./configure --enable-nfq there + are no pre-built packages in CentOS base or EPEL for libnfnetlink and + libnetfilter_queue. + #If you wish you can use the rpms in the emerging threats CentOS 5 + repo. + #i386 + sudo rpm -Uvh http://www.emergingthreats.net/emergingrepo/i386/libnetfilter_queue-0.0.15-1.i386.rpm \ + + http://www.emergingthreats.net/emergingrepo/i386/libnetfilter_queue-devel-0.0.15-1.i386.rpm \ + http://www.emergingthreats.net/emergingrepo/i386/libnfnetlink-0.0.30-1.i386.rpm \ + http://www.emergingthreats.net/emergingrepo/i386/libnfnetlink-devel-0.0.30-1.i386.rpm + #x86_64 - sudo rpm -Uvh http://www.emergingthreats.net/emergingrepo/x86_64/libnetfilter_queue-0.0.15-1.x86_64.rpm http://www.emergingthreats.net/emergingrepo/x86_64/libnetfilter_queue-devel-0.0.15-1.x86_64.rpm http://www.emergingthreats.net/emergingrepo/x86_64/libnfnetlink-0.0.30-1.x86_64.rpm http://www.emergingthreats.net/emergingrepo/x86_64/libnfnetlink-devel-0.0.30-1.x86_64.rpm - + sudo rpm -Uvh http://www.emergingthreats.net/emergingrepo/x86_64/libnetfilter_queue-0.0.15-1.x86_64.rpm \ + http://www.emergingthreats.net/emergingrepo/x86_64/libnetfilter_queue-devel-0.0.15-1.x86_64.rpm \ + http://www.emergingthreats.net/emergingrepo/x86_64/libnfnetlink-0.0.30-1.x86_64.rpm \ + http://www.emergingthreats.net/emergingrepo/x86_64/libnfnetlink-devel-0.0.30-1.x86_64.rpm + + + ### Suricata: + #Retrieve and install Suricata + wget http://www.openinfosecfoundation.org/download/suricata-current.tar.gz + tar -xvzf suricata-current.tar.gz + cd suricata. + + If building from git sources: bash autojunk.sh - ./configure --enable-unittests - sudo mkdir /var/log/eidps/ - cd src + + #else + ./configure + sudo mkdir /var/log/suricata/ make - ./eidps + make install + For Mac OS X Users ================== - # The following instructions has been tested with Snow Leopard, Mac OS X 10.6.1. - # First of all you need an essential developmnet environment like gcc/make. You can also download and install a set basic set of development tools Xcode from http://developer.apple.com/technology/xcode.html . You need macports to fetch the depends - # By default macports place the libraries at /opt/local/lib and /opt/local/include. The configuration should take care of this. + # The following instructions has been tested with Snow Leopard, + Mac OS X 10.6.1. + # First of all you need an essential developmnet environment like + gcc/make. You can also download and install a set basic set of + development tools Xcode from + http://developer.apple.com/technology/xcode.html + # You need macports to fetch the depends + # By default macports place the libraries at /opt/local/lib and + /opt/local/include. The configuration should take care of this. + + port install autoconf automake gcc44 make libnet11 libpcap pcre \ + libyaml libtool + export AC_PROG_LIBTOOL=$( which libtool ) + + ### HTP + wget http://www.openinfosecfoundation.org/download/htp-current.tar.gz + tar -xzvf htp-current.tar.gz + cd htp- + ./configure + make + make install + ldconfig + + ### Suricata: + #Retrieve and install Suricata + wget http://www.openinfosecfoundation.org/download/suricata-current.tar.gz + tar -xvzf suricata-current.tar.gz + cd suricata. + + If building from git sources: + bash autojunk.sh + + #else + ./configure + sudo mkdir /var/log/suricata/ + make + make install - port install autoconf automake gcc44 make libnet11 libpcap pcre libyaml libtool - cd your_local_git_branch - export AC_PROG_LIBTOOL=$( which libtool ) + #If autojunk, or ./configure fail, re export AC_PROG_LIBTOOL and try + one more time. + + + +For FreeBSD 8 Users +=================== + + pkg_add -r autoconf262 automake19 gcc45 libyaml pcre libtool \ + libnet11 libpcap gmake + + ### HTP + wget http://www.openinfosecfoundation.org/download/htp-current.tar.gz + tar -xzvf htp-current.tar.gz + cd htp- + ./configure + make + make install + ldconfig + + ### Suricata: + #Retrieve and install Suricata + wget http://www.openinfosecfoundation.org/download/suricata-current.tar.gz + tar -xvzf suricata-current.tar.gz + cd suricata. + + If building from git sources: bash autojunk.sh - sudo mkdir /var/log/eidps/ - ./configure --enable-unittests - cd src/ + + #else + ./configure + sudo mkdir /var/log/suricata/ make - ./eidps + make install + + + #additionally FreeBSD 8 has support for zero-copy bpf in libpcap to + try out this functionality issue the following command and then + start,restart the engine. + + sysctl net.bpf.zerocopy_enable=1 - #If autojunk, or ./configure fail, re export AC_PROG_LIBTOOL and try one more time. -***************** Basic Installation ================== - These are generic installation instructions. - The `configure' shell script attempts to guess correct values for -various system-dependent variables used during compilation. It uses -those values to create a `Makefile' in each directory of the package. -It may also create one or more `.h' files containing system-dependent -definitions. Finally, it creates a shell script `config.status' that -you can run in the future to recreate the current configuration, a file -`config.cache' that saves the results of its tests to speed up -reconfiguring, and a file `config.log' containing compiler output -(useful mainly for debugging `configure'). + The details below contain general installation instructions and +information. + + As development on the Suricata engine progresses these instructions +will be updated. + + As an open source project, it is important that you (the users) provide +feedback that allows OISF to identify and address your needs rapidly. +Therefore, if you identify any bugs or difficulties in the installation +process, please forward detailed information to OISF using the following +email address: - If you need to do unusual things to compile the package, please try -to figure out how `configure' could check whether to do them, and mail -diffs or instructions to the address given in the `README' so they can -be considered for the next release. If at some point `config.cache' -contains results you don't want to keep, you may remove or edit it. +bugreports@openinfosecfoundation.org - The file `configure.in' is used to create `configure' by a program -called `autoconf'. You only need `configure.in' if you want to change -it or regenerate `configure' using a newer version of `autoconf'. +All submissions will be reviewed, prioritized and addressed for inclusion +in future releases of the Suricata engine and/or this document. -The simplest way to compile this package is: - 1. `cd' to the directory containing the package's source code and type - `./configure' to configure the package for your system. If you're - using `csh' on an old version of System V, you might need to type - `sh ./configure' instead to prevent `csh' from trying to execute - `configure' itself. + The configure shell script attempts to determine correct values for +the various system-dependent variables used during the compile process. +The values identified in this process are used to create a Makefile in +each directory of the package. One or more .h files may also be created +at this time containing required system-dependent definitions. The files +created are: +- a shell script config.status, this script can be utilized in +the future to recreate the current configuration +- a config.cache file that saves the results of its tests to speed up +reconfiguring +- and a config.log file that contains compiler output (useful mainly for +debugging configure) - Running `configure' takes a while. While running, it prints some - messages telling which features it is checking for. - 2. Type `make' to compile the package. + If your configuration requires unique actions to compile the package +and/or you significantly modify the configure shell script, please +forward the details of your requirements and/or solution using the +following email address: - 3. Type `make install' to install the programs and any data files and +bugreports@openinfosecfoundation.org + +All submissions will be addressed for inclusion in the next release. + + + If at some point config.cache contains results that are no longer +required, the cache can be removed and/or edited to eliminate those +results. + + + The file configure.in is used to create configure utilizing a +program called autoconf. The configure.in file is only required if +you need to change or regenerate configure using a newer version of +autoconf. + + +General Compile Instructions for this Package are: +================================================== + + + 1. cd to the directory containing the Suricata package source code and + enter ./configure to configure the package for your system. If + using csh on an old version of System V, users might need to enter + sh ./configure instead to prevent csh from trying to execute + configure automatically. + + This process (running configure) will take some time. While this + process runs, messages detailing the configuration progress (i.e. + which features it is checking for, etc...) will be displayed on the + screen. + + 2. Type make to compile the package. + + 3. Type make install to install the programs and any data files and documentation. - 4. You can remove the program binaries and object files from the - source code directory by typing `make clean'. + 4. The program binaries and object files can be removed from the + source code directory by typing make clean. + + +Ruleset and Log File Details +============================ + + + Once the Suricata engine is compiled and installed, users must define +(or reference) the location that the ruleset is stored. Suricata is +compatible with standard Snort rulesets. A sample standard configuration +file can be found in the Suricata base directory. This file is called +'suricata.yaml'. In this file, configuration details are entered that set +the location for log files, log file and alert formats, and rule variable +definitions. + +Network Variables are in the format of + +VARIABLE:"[X.Y.Z.A/NETMASK]" + +For example: + +The Variable HOME_NET (for a home network with the IP range +192.168.0.0/16) would be represented as + +HOME_NET:"[192.168.0.0/16]" + + +When setting a variable to the value of another variable, the variable +referenced must be quoted. For example to set the variable HTTP_SERVERS to HOME_NET, HTTP_SERVERS would be configured as: + +HTTP_SERVERS:"$HOME_NET". + + Compilers and Options ===================== - Some systems require unusual options for compilation or linking that -the `configure' script does not know about. You can give `configure' -initial values for variables by setting them in the environment. Using -a Bourne-compatible shell, you can do that on the command line like -this: + + Some systems may require unique or unusual options or linking in the +compile process that the `configure' script is not able to identify +automatically. Users are able to enter initial values for configure +variables by setting them in the environment. + +For Example: +- a Bourne-compatible shell, would require a command line entry as +displayed below: CC=c89 CFLAGS=-O2 LIBS=-lposix ./configure -Or on systems that have the `env' program, you can do it like this: +- systems that have the env program, will utilize the following command +line entry: env CPPFLAGS=-I/usr/local/include LDFLAGS=-s ./configure + + Compiling For Multiple Architectures ==================================== - You can compile the package for more than one kind of computer at the -same time, by placing the object files for each architecture in their -own directory. To do this, you must use a version of `make' that -supports the `VPATH' variable, such as GNU `make'. `cd' to the -directory where you want the object files and executables to go and run -the `configure' script. `configure' automatically checks for the -source code in the directory that `configure' is in and in `..'. - If you have to use a `make' that does not supports the `VPATH' -variable, you have to compile the package for one architecture at a time -in the source code directory. After you have installed the package for -one architecture, use `make distclean' before reconfiguring for another -architecture. + The Suricata engine package may be compiled for more than one kind of +computer simultaneously by placing the object files for each architecture +in their own directory. -Installation Names -================== - By default, `make install' will install the package's files in -`/usr/local/bin', `/usr/local/man', etc. You can specify an -installation prefix other than `/usr/local' by giving `configure' the -option `--prefix=PATH'. +To do this, users must use a version of make that supports the `VPATH' +variable, such as GNU make. - You can specify separate installation prefixes for -architecture-specific files and architecture-independent files. If you -give `configure' the option `--exec-prefix=PATH', the package will use -PATH as the prefix for installing programs and libraries. -Documentation and other data files will still use the regular prefix. +- cd to the directory where the object files and executables are to be +stored and run the `configure script. configure automatically searches +for the source code in the directory that configure is stored in and in +‘..'. - If the package supports it, you can cause programs to be installed -with an extra prefix or suffix on their names by giving `configure' the -option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'. -Optional Features -================= + If a user is using a make that does not supports the VPATH variable, +the package can only be compiled for one architecture at a time in the +source code directory. After completing package installation for one +architecture, make distclean must be executed before reconfiguring for +another architecture. - Some packages pay attention to `--enable-FEATURE' options to -`configure', where FEATURE indicates an optional part of the package. -They may also pay attention to `--with-PACKAGE' options, where PACKAGE -is something like `gnu-as' or `x' (for the X Window System). The -`README' should mention any `--enable-' and `--with-' options that the -package recognizes. - - For packages that use the X Window System, `configure' can usually -find the X include and library files automatically, but if it doesn't, -you can use the `configure' options `--x-includes=DIR' and -`--x-libraries=DIR' to specify their locations. - -Specifying the System Type -========================== - - There may be some features `configure' can not figure out -automatically, but needs to determine by the type of host the package -will run on. Usually `configure' can figure that out, but if it prints -a message saying it can not guess the host type, give it the -`--host=TYPE' option. TYPE can either be a short name for the system -type, such as `sun4', or a canonical name with three fields: - CPU-COMPANY-SYSTEM - -See the file `config.sub' for the possible values of each field. If -`config.sub' isn't included in this package, then this package doesn't -need to know the host type. - - If you are building compiler tools for cross-compiling, you can also -use the `--target=TYPE' option to select the type of system they will -produce code for and the `--build=TYPE' option to select the type of -system on which you are compiling the package. - -Sharing Defaults -================ - - If you want to set default values for `configure' scripts to share, -you can create a site shell script called `config.site' that gives -default values for variables like `CC', `cache_file', and `prefix'. -`configure' looks for `PREFIX/share/config.site' if it exists, then -`PREFIX/etc/config.site' if it exists. Or, you can set the -`CONFIG_SITE' environment variable to the location of the site script. -A warning: not all `configure' scripts look for a site script. - -Operation Controls + +Installation Names ================== - `configure' recognizes the following options to control how it -operates. -`--cache-file=FILE' - Use and save the results of the tests in FILE instead of - `./config.cache'. Set FILE to `/dev/null' to disable caching, for - debugging `configure'. + By default, make install will install the package's files in +/usr/local/bin, /usr/local/man, etc... An installation prefix other than +/usr/local can be configured by giving configure the option --prefix=PATH. -`--help' - Print a summary of the options to `configure', and exit. + Separate installation prefixes can be configured for +architecture-specific files and architecture-independent files. By +entering --exec-prefix=PATH into the configure, the package will use +PATH as the prefix for installing programs and libraries. Documentation +and other data files will still use the regular prefix. -`--quiet' -`--silent' -`-q' - Do not print messages saying which checks are being made. + If supported by the package, users can configure programs to be +installed with an extra prefix or suffix on their names by giving +configure the option --program-prefix=PREFIX or --program-suffix=SUFFIX. -`--srcdir=DIR' - Look for the package's source code in directory DIR. Usually - `configure' can determine that directory automatically. -`--version' - Print the version of Autoconf used to generate the `configure' - script, and exit. +Configure Options +================== + +./configure --help +`configure' configures this package to adapt to many kinds of systems. + +Usage: ./configure [OPTION]... [VAR=VALUE]... + +To assign environment variables (e.g., CC, CFLAGS...), specify them as +VAR=VALUE. See below for descriptions of some of the useful variables. + +Defaults for the options are specified in brackets. + +Configuration: + -h, --help display this help and exit + --help=short display options specific to this package + --help=recursive display the short help of all the included + packages + -V, --version display version information and exit + -q, --quiet, --silent do not print `checking...' messages + --cache-file=FILE cache test results in FILE [disabled] + -C, --config-cache alias for `--cache-file=config.cache' + -n, --no-create do not create output files + --srcdir=DIR find the sources in DIR [configure dir or `..'] + +Installation directories: + --prefix=PREFIX install architecture-independent files in PREFIX + [/usr/local] + --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX + [PREFIX] + +By default, `make install' will install all the files in +`/usr/local/bin', `/usr/local/lib' etc. You can specify +an installation prefix other than `/usr/local' using `--prefix', +for instance `--prefix=$HOME'. + +For better control, use the options below. + +Fine tuning of the installation directories: + --bindir=DIR user executables [EPREFIX/bin] + --sbindir=DIR system admin executables [EPREFIX/sbin] + --libexecdir=DIR program executables [EPREFIX/libexec] + --sysconfdir=DIR read-only single-machine data [PREFIX/etc] + --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] + --localstatedir=DIR modifiable single-machine data [PREFIX/var] + --libdir=DIR object code libraries [EPREFIX/lib] + --includedir=DIR C header files [PREFIX/include] + --oldincludedir=DIR C header files for non-gcc [/usr/include] + --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] + --datadir=DIR read-only architecture-independent data [DATAROOTDIR] + --infodir=DIR info documentation [DATAROOTDIR/info] + --localedir=DIR locale-dependent data [DATAROOTDIR/locale] + --mandir=DIR man documentation [DATAROOTDIR/man] + --docdir=DIR documentation root [DATAROOTDIR/doc/PACKAGE] + --htmldir=DIR html documentation [DOCDIR] + --dvidir=DIR dvi documentation [DOCDIR] + --pdfdir=DIR pdf documentation [DOCDIR] + --psdir=DIR ps documentation [DOCDIR] + +Program names: + --program-prefix=PREFIX prepend PREFIX to installed program names + --program-suffix=SUFFIX append SUFFIX to installed program names + --program-transform-name=PROGRAM run sed PROGRAM on installed program names + +System types: + --build=BUILD configure for building on BUILD [guessed] + --host=HOST cross-compile to build programs to run on HOST [BUILD] + +Optional Features: + --disable-option-checking ignore unrecognized --enable/--with options + --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) + --enable-FEATURE[=ARG] include FEATURE [ARG=yes] + --disable-dependency-tracking speeds up one-time build + --enable-dependency-tracking do not reject slow dependency extractors + --enable-shared[=PKGS] build shared libraries [default=yes] + --enable-static[=PKGS] build static libraries [default=yes] + --enable-fast-install[=PKGS] + optimize for fast installation [default=yes] + --disable-libtool-lock avoid locking (might break parallel builds) + --enable-gccprotect Detect and use gcc hardening options + --enable-nfqueue Enable NFQUEUE support for inline IDP + --enable-pfring Enable Native PF_RING support + --enable-unittests Enable compilation of the unit tests + --enable-debug Enable debug output + +Optional Packages: + --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] + --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) + --with-pic try to use only PIC/non-PIC objects [default=use + both] + --with-gnu-ld assume the C compiler uses GNU ld [default=no] + --with-libpcre-includes=DIR libpcre include directory + --with-libpcre-libraries=DIR libpcre library directory + --with-libyaml-includes=DIR libyaml include directory + --with-libyaml-libraries=DIR libyaml library directory + --with-libpthread-includes=DIR libpthread include directory + --with-libpthread-libraries=DIR libpthread library directory + --with-libnfnetlink-includes=DIR libnfnetlink include directory + --with-libnfnetlink-libraries=DIR libnfnetlink library directory + --with-libnetfilter_queue-includes=DIR libnetfilter_queue include directory + --with-libnetfilter_queue-libraries=DIR libnetfilter_queue +library directory + --with-libnet-includes=DIR libnet include directory + --with-libnet-libraries=DIR libnet library directory + --with-libpfring-includes=DIR libpfring include directory + --with-libpfring-libraries=DIR libpfring library directory + --with-libpcap-includes=DIR libpcap include directory + --with-libpcap-libraries=DIR libpcap library directory + --with-libhtp-includes=DIR libhtp include directory + --with-libhtp-libraries=DIR libhtp library directory + +Some influential environment variables: + CC C compiler command + CFLAGS C compiler flags + LDFLAGS linker flags, e.g. -L if you have libraries in a + nonstandard directory + LIBS libraries to pass to the linker, e.g. -l + CPPFLAGS C/C++/Objective C preprocessor flags, e.g. -I if + you have headers in a nonstandard directory + CPP C preprocessor + +Use these variables to override the choices made by `configure' or to help +it to find libraries and programs with nonstandard names/locations. -`configure' also accepts some other, not widely useful, options.