Postinst suricata package script hangs on hosts without direct internet connectivity - can not download rules
Problem exist for packages from ubuntu stable ppa: https://launchpad.net/~oisf/+archive/ubuntu/suricata-stable
Now postinst script contains this:
/usr/bin/wget -qO - https://rules.emergingthreats.net/open/suricata/emerging.rules.tar.gz | tar -x -z -C "/etc/suricata/" -f -
If you try to install suricata on some host without direct connectivity to internet, installation hangs for a long time. This is normal case: this host can get updates via some proxy, or with some external downloader. For example, PCI DSS requires IDS for hosts in DB environment, and prohibits direct internet access for that hosts.
I suggest to change this lines to
# Quick check availability and then try to download rules /usr/bin/wget --timeout=10 -qO - https://rules.emergingthreats.net/open/suricata/ > /dev/null && \ /usr/bin/wget -qO - https://rules.emergingthreats.net/open/suricata/emerging.rules.tar.gz | tar -x -z -C "/etc/suricata/" -f -
Now I have to fix this by adding to
on this hosts.
Updated by Peter Manev over 6 years ago
Pavel - do you mind testing the package from here - https://launchpad.net/~oisf/+archive/ubuntu/suricata-ids-ips and see if it does fix that. It is the same as 3.0.1 stable however it includes the suggestion.