mirror of https://github.com/OISF/suricata
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
116 lines
2.8 KiB
Plaintext
116 lines
2.8 KiB
Plaintext
Autogenerated on 2012-11-29
|
|
from - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Ubuntu_Installation_from_GIT
|
|
|
|
|
|
Ubuntu Installation from GIT
|
|
|
|
In this document will be explained how to install and use the most recent code
|
|
of Suricata on Ubuntu. Installing from GIT on other operating systems is
|
|
basically the same, except that some commands are Ubuntu-specific (like sudo
|
|
and apt-get). In case you are using another operating system, you should
|
|
replace those commands by your operating-specific commands.
|
|
|
|
Pre-installation requirements
|
|
|
|
Before you can build Suricata for your system, run the following command to
|
|
ensure that you have everything you need for the installation.
|
|
|
|
sudo apt-get -y install libpcre3 libpcre3-dbg libpcre3-dev \
|
|
build-essential autoconf automake libtool libpcap-dev libnet1-dev \
|
|
libyaml-0-2 libyaml-dev zlib1g zlib1g-dev libcap-ng-dev libcap-ng0 \
|
|
make libmagic-dev
|
|
|
|
|
|
sudo apt-get install git-core
|
|
|
|
Depending on the current status of your system, it may take a while to complete
|
|
this process.
|
|
|
|
HTP
|
|
|
|
HTP is bundled with Suricata and installed automatically. If you need to
|
|
install HTP manually for other reasons, instructions can be found at HTP
|
|
library_installation.
|
|
|
|
IPS
|
|
|
|
By default, Suricata works as an IDS. If you want to use it as a IDS and IPS
|
|
program, enter:
|
|
|
|
sudo apt-get -y install libnetfilter-queue-dev libnetfilter-queue1
|
|
libnfnetlink-dev libnfnetlink0
|
|
|
|
|
|
Suricata
|
|
|
|
First, it is convenient to create a directory for Suricata. Name it 'suricata'
|
|
for example. Open the terminal and enter:
|
|
|
|
mkdir suricata
|
|
|
|
Followed by:
|
|
|
|
cd suricata
|
|
|
|
Next, enter the following line in the terminal:
|
|
|
|
git clone git://phalanx.openinfosecfoundation.org/oisf.git
|
|
|
|
|
|
cd oisf
|
|
|
|
Followed by:
|
|
|
|
./autogen.sh
|
|
|
|
To configure, please enter:
|
|
|
|
./configure
|
|
|
|
To compile, please enter:
|
|
|
|
make
|
|
|
|
To install Suricata, enter:
|
|
|
|
sudo make install
|
|
sudo ldconfig
|
|
|
|
|
|
Auto setup
|
|
|
|
You can also use the available auto setup features of Suricata:
|
|
ex:
|
|
|
|
./configure && make && make install-conf
|
|
|
|
|
|
make install-conf
|
|
would do the regular "make install" and then it would automatically create/
|
|
setup all the necessary directories and suricata.yaml for you.
|
|
|
|
./configure && make && make install-rules
|
|
|
|
|
|
make install-rules
|
|
would do the regular "make install" and then it would automatically download
|
|
and set up the latest ruleset from Emerging Threats available for Suricata
|
|
|
|
./configure && make && make install-full
|
|
|
|
|
|
make install-full
|
|
would combine everything mentioned above (install-conf and install-rules) - and
|
|
will present you with a ready to run (configured and set up) Suricata
|
|
Please continue with Basic_Setup.
|
|
In case you have already made a map for the most recent code, downloaded the
|
|
code into that map, and want to download recent code again, please enter:
|
|
|
|
cd suricata/oisf
|
|
|
|
next, enter:
|
|
|
|
git pull
|
|
|
|
After that, you start again at running autogen.
|