This project contains code to build .deb and .rpm packages for the Suricata IDS. The packages will allow you to install Suricata in a manner that is compatible with the Observable Networks monitoring service.
The .deb should work with Ubuntu 14.04 and 16.04. The .rpm should work with RHEL-compatible distributions (like CentOS). Versions 6 and 7 are supported.
For RHEL/CentOS 6, Python 2.7 is recommended. You may install the python27 package from the IUS repository.
The packages to install are listed below. On RHEL / CentOS you will need to first install the EPEL repository to get some of these packages. For more information on building Suricata, see the Suricata wiki.
| Ubuntu systems | RHEL / CentOS systems |
|---|---|
| autoconf | autoconf |
| automake | automake |
| build-essential | gcc, gcc-c++ |
| libcap-ng0, libcap-ng-dev | libcap-ng,libcap-ng-devel |
| libpcap-dev | libpcap, libpcap-devel |
| libjansson4, libjansson-dev | jansson, jansson-devel |
| libmagic-dev | file-devel |
| libnet1-dev | libnet, libnet-devel |
| libpcre3, libpcre3-dev | pcre, pcre-devel |
| libtool | libtool |
| libyaml-0-2, libyaml-dev | libyaml, libyaml-devel |
| make | make |
| zlib1g, zlib1g-dev | zlib, zlib-devel |
You will also need to install libhtp.
To build the .deb and .rpm files you will need a working Ruby installation capable of installing the fpm gem.
Issue make build_suricata and then make deb or make rpm to create the packages.
Suricata is licensed under the GNU General Public License (version 2). See the Suricata license for more information.
The packaging work done in this project is licensed under the Apache License (version 2.0). See the Apache license for more information.