一 准备
准备安装的版本是6.0.2 安装的系统是CentOS Linux release 7.9.2009 (Core)。
yum -y install epel-release yum-plugin-copr
yum -y install libpcre3 libpcre3-dbg libpcre3-dev build-essential libpcap-dev libnet1-dev libyaml-0-2 libyaml-dev pkg-config zlib1g zlib1g-dev libcap-ng-dev libcap-ng0 make libmagic-dev libnss3-dev libgeoip-dev liblua5.1-dev libhiredis-dev libevent-dev python-yaml rustc carg
yum -y install pkg-config
yum -y install gcc libpcap-devel pcre-devel libyaml-devel file-devel zlib-devel jansson-devel nss-devel libcap-ng-devel libnet-devel tar make libnetfilter_queue-devel lua-devel
yum -y install libtools
二 安装
export RUSTUP_DIST_SERVER=https://mirrors.ustc.edu.cn/rust-static
export RUSTUP_UPDATE_ROOT=https://mirrors.ustc.edu.cn/rust-static/rustup
准备安装 rust
执行 wget https://cdn.jsdelivr.net/gh/rust-lang-nursery/rustup.rs/rustup-init.sh
执行环境变量的配置source $HOME/.cargo/env
至此,rust安装结束
可以执行suricata 目录下的./augentsh
会产生 configure
./configure --prefix=/opt/suricata --enable-unix-socket --with-libnss-libraries=/usr/lib64 --with-libnss-includes=/usr/include/nss3 --with-libnspr-libraries=/usr/lib64 --with-libnspr-includes=/usr/include/nspr4 --enable-non-bundled-htp --with-libhtp-includes=/usr/local/include/htp --with-libhtp-libraries=/usr/local/lib
发现个错误:
ERROR! libhtp was found but it is neither >= 0.5.37, nor the dev 0.5.X
下载:
https://codeload.github.com/OISF/libhtp/zip/refs/tags/0.5.41
sh ./autogen.sh && make && make install
export PKG_CONFIG_PATH=$PKG_CONFIG_PATH:/usr/local/lib/pkgconfig
继续执行报错:
checking for cargo vendor support... yes
checking for ./rust/dist/rust-bindings.h... no
checking for ./rust/gen/rust-bindings.h... no
checking for cbindgen... no
Warning: cbindgen too old or not found, it is required to
generate header files.
To install: cargo install --force cbindgen
configure: error: cbindgen required
在执行安装cargo install –force cbindgen
在执行安装之前,先配置好cargo的源
执行vi ~/.cargo/config
添加如下内容
image.png
安装好后,继续configure
然后执行:
make && make install && make install conf
但是执行:
make install full
报错:
make[1]: Leaving directory `/home/suricata/suricata-suricata-6.0.2'
make install-rules
make[1]: Entering directory `/home/suricata/suricata-suricata-6.0.2'
error: rules not installed as suricata-update not available
make[1]: *** [install-rules] Error 1
make[1]: Leaving directory `/home/suricata/suricata-suricata-6.0.2'
make: *** [install-full] Error 2
执行:
yum install python3-pip
yum install python-yaml
pip3 install suricata-update
执行:
python3 /usr/local/bin/suricata-update
下载失败,直接手工下载:
https://rules.emergingthreats.net/open/suricata-6.0.2/emerging.rules.tar.gz
三 参考:
[https://blog.csdn.net/qq_38601892/article/details/123944112](https://blog.csdn.net/qq_38601892/article/details/123944112)
[https://blog.csdn.net/isxiaole/article/details/123282267](https://blog.csdn.net/isxiaole/article/details/123282267)
[https://blog.csdn.net/weixin_42785632/article/details/125638748](https://blog.csdn.net/weixin_42785632/article/details/125638748)
网友评论