|
|
|
|
@ -16,24 +16,24 @@ install-data-am:
|
|
|
|
|
install-full: install install-conf install-rules
|
|
|
|
|
|
|
|
|
|
install-conf:
|
|
|
|
|
install -d $(e_sysconfdir)
|
|
|
|
|
@test -e $(e_sysconfdir)/suricata.yaml || install -m 600 $(top_srcdir)/suricata.yaml $(e_sysconfdir)
|
|
|
|
|
@test -e $(e_sysconfdir)/classification.config || install -m 600 $(top_srcdir)/classification.config $(e_sysconfdir)
|
|
|
|
|
@test -e $(e_sysconfdir)/reference.config || install -m 600 $(top_srcdir)/reference.config $(e_sysconfdir)
|
|
|
|
|
install -d $(localstatedir)/log/suricata/files
|
|
|
|
|
install -d "$(e_sysconfdir)"
|
|
|
|
|
@test -e "$(e_sysconfdir)/suricata.yaml" || install -m 600 "$(top_srcdir)/suricata.yaml" "$(e_sysconfdir)"
|
|
|
|
|
@test -e "$(e_sysconfdir)/classification.config" || install -m 600 "$(top_srcdir)/classification.config" "$(e_sysconfdir)"
|
|
|
|
|
@test -e "$(e_sysconfdir)/reference.config" || install -m 600 "$(top_srcdir)/reference.config" "$(e_sysconfdir)"
|
|
|
|
|
install -d "$(e_logfilesdir)"
|
|
|
|
|
|
|
|
|
|
install-rules:
|
|
|
|
|
install -d $(e_sysconfdir)/rules
|
|
|
|
|
wget -qO - http://rules.emergingthreats.net/open/suricata/emerging.rules.tar.gz | tar -x -z -C $(e_sysconfdir) -f -
|
|
|
|
|
@test -e $(e_sysconfdir)/rules/decoder-events.rules || install -m 600 $(top_srcdir)/rules/decoder-events.rules $(e_sysconfdir)/rules/
|
|
|
|
|
@test -e $(e_sysconfdir)/rules/stream-events.rules || install -m 600 $(top_srcdir)/rules/stream-events.rules $(e_sysconfdir)/rules/
|
|
|
|
|
@test -e $(e_sysconfdir)/rules/smtp-events.rules || install -m 600 $(top_srcdir)/rules/smtp-events.rules $(e_sysconfdir)/rules/
|
|
|
|
|
@test -e $(e_sysconfdir)/rules/http-events.rules || install -m 600 $(top_srcdir)/rules/http-events.rules $(e_sysconfdir)/rules/
|
|
|
|
|
install -d "$(e_sysconfrulesdir)"
|
|
|
|
|
wget -qO - http://rules.emergingthreats.net/open/suricata/emerging.rules.tar.gz | tar -x -z -C "$(e_sysconfdir)" -f -
|
|
|
|
|
@test -e "$(e_sysconfrulesdir)decoder-events.rules" || install -m 600 "$(top_srcdir)/rules/decoder-events.rules" "$(e_sysconfrulesdir)"
|
|
|
|
|
@test -e "$(e_sysconfrulesdir)stream-events.rules" || install -m 600 "$(top_srcdir)/rules/stream-events.rules" "$(e_sysconfrulesdir)"
|
|
|
|
|
@test -e "$(e_sysconfrulesdir)smtp-events.rules" || install -m 600 "$(top_srcdir)/rules/smtp-events.rules" "$(e_sysconfrulesdir)"
|
|
|
|
|
@test -e "$(e_sysconfrulesdir)http-events.rules" || install -m 600 "$(top_srcdir)/rules/http-events.rules" "$(e_sysconfrulesdir)"
|
|
|
|
|
@echo ""
|
|
|
|
|
@echo "You can now start suricata by running as root something like '$(bindir)/suricata -c $(e_sysconfdir)/suricata.yaml -i eth0'."
|
|
|
|
|
@echo ""
|
|
|
|
|
@echo "If a library like libhtp.so is not found, you can run suricata with:"
|
|
|
|
|
@echo "'LD_LIBRARY_PATH=$(prefix)/lib $(bindir)/suricata -c $(e_sysconfdir)/suricata.yaml -i eth0'."
|
|
|
|
|
@echo "'LD_LIBRARY_PATH="$(prefix)/lib" "$(bindir)/suricata" -c "$(e_sysconfdir)/suricata.yaml" -i eth0'."
|
|
|
|
|
@echo ""
|
|
|
|
|
@echo "While rules are installed now, it's highly recommended to use a rule manager for maintaining rules."
|
|
|
|
|
@echo "The two most common are Oinkmaster and Pulledpork. For a guide see:"
|
|
|
|
|
|
Victor Julien
13 years ago