Project

General

Profile

OpenSuse Installation

This installation guide has been tested with:
  • Suricata 3.0 on OpenSuse Leap 42.1
  • Suricata 3.0 on OpenSuse 13.2
  • Suricata 4.0.5 on OpenSuse Leap 15

Pre-Installation Requirements:

Before you can build Suricata, run the following command to ensure that all dependencies are installed:

zypper install -n wget tar gcc pkg-config pcre-devel libyaml-devel \
    libpcap-devel zlib-devel file-devel make libnetfilter_queue-devel \
    libjansson-devel mozilla-nss-devel libcap-ng-devel lua53-devel

Suricata 4

wget https://www.openinfosecfoundation.org/download/suricata-4.0.5.tar.gz

tar -xvf suricata-4.0.5.tar.gz

cd suricata-4.0.5

For Leap 15

CPPFLAGS="-I/usr/include/libnetfilter_queue/ -I/usr/include/libnfnetlink/" ./configure \
    --prefix=/usr --sysconfdir=/etc --localstatedir=/var --enable-nfqueue --enable-lua

Suricata 3

wget http://www.openinfosecfoundation.org/download/suricata-3.1.tar.gz

tar -xvzf suricata-3.1.tar.gz

cd suricata-3.1

For OpenSuse Leap 42.1:

CPPFLAGS="-I/usr/include/libnetfilter_queue -I/usr/include/libnfnetlink-1.0.1" ./configure \
    --prefix=/usr --sysconfdir=/etc --localstatedir=/var --enable-nfqueue --enable-lua

For OpenSuse 13.2:

CPPFLAGS="-I/usr/include/libnetfilter_queue-1.0.2 -I/usr/include/libnfnetlink-1.0.1" ./configure \
    --prefix=/usr --sysconfdir=/etc --localstatedir=/var --enable-nfqueue --enable-lua

Make

make

sudo make install

sudo ldconfig

Auto setup

You can also use the available auto setup features of Suricata:

ex:

make install-conf

make install-conf
will do the regular "make install" and then it will automatically create/setup all the necessary directories and suricata.yaml for you.

make install-rules

make install-rules
will do the regular "make install" and then it will automatically download and set up the latest ruleset from Emerging Threats available for Suricata

make install-full

make install-full
will combine everything mentioned above (install-conf and install-rules) - and will present you with a ready to run (configured and set up) Suricata

Then continue on to Basic Setup.