-
Notifications
You must be signed in to change notification settings - Fork 287
How to compile latest Suricata on SELKS
Peter Manev edited this page Apr 16, 2019
·
23 revisions
SELKS comes with prepackaged and installed Suricata ready to go and configured. Those packages will be automatically upgraded during regular apt-get update && apt-get dist-upgrade.
If you would like to compile and install your own version of Suricata or compile and install the latest available Suricata dev edition (git) here is how you can do it:
Make sure you have all needed packages:
root@SELKS:/opt# apt-get install libpcre3 libpcre3-dbg libpcre3-dev \ build-essential autoconf automake libtool libpcap-dev libnet1-dev \ libyaml-0-2 libyaml-dev pkg-config zlib1g zlib1g-dev libcap-ng-dev \ libcap-ng0 make libmagic-dev git-core libnetfilter-queue-dev rustc \ libnetfilter-queue1 libnfnetlink-dev libnfnetlink0 libluajit-5.1-dev \ libhtp-dev libnss3-dev libnspr4-dev libjansson-dev libhyperscan-dev
Get the latest dev edition:
root@SELKS:/opt# git clone git://phalanx.openinfosecfoundation.org/oisf.git \ && cd oisf && git clone https://github.com/OISF/libhtp.git -b 0.5.x
Configure, compile and install:
root@SELKS:/opt/oisf# ./autogen.sh root@SELKS:/opt/oisf# ./configure \ --prefix=/usr/ --sysconfdir=/etc/ --localstatedir=/var/ \ --enable-nfqueue --enable-non-bundled-htp --disable-gccmarch-native \ --enable-geoip --enable-gccprotect --enable-luajit --enable-pie root@SELKS:/opt/oisf# make clean && make && make install
Restart Suricata service:
root@SELKS:/opt# systemctl restart suricata
Check with:
root@SELKS:/opt# suricata --build-info root@SELKS:/opt# systemctl status suricata
Done!