<div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, May 2, 2013 at 2:24 PM, Duarte Silva <span dir="ltr"><<a href="mailto:duarte.silva@serializing.me" target="_blank">duarte.silva@serializing.me</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div class="im">On Thursday 02 May 2013 14:01:29 Robert Clove wrote:<br>
> Hi Duarte,<br>
> Source mean suricata source can you please guide me some steps for<br>
<br>
</div>Source means, building Suricata from it's source. There are the guides on the<br>
Suricata wiki that deal with that.<br>
<br>
> epel-release-5-3.noarch.rpm<br>
<br>
In RedHat it's a pretty bad idea to add the EPEL repository, I would advise<br>
against that. Are you sure you can't register the machine in the RHN?<br>
Otherwise you will have to download everything manually which is a pain.<br>
<br>
The machines I'm using are RHN registered, I only had to download some<br>
dependencies that weren't available manually, follows the list (some<br>
dependencies that are on this list have been downloaded because I was also<br>
installing Barnyard and at the time I was using PF_RING):<br>
<br>
- Installed from RedHat Network<br>
<br>
# yum install kernel-devel flex bison gcc gcc-c++ make subversion wget pcre-<br>
devel pcre file-devel file zlib-devel zlib nspr-devel nspr nss-devel nss man git<br>
libtool mysql mysql-devel<br>
<br>
- Downloaded manually from other repositories (note that these are from el6,<br>
you have to download the corresponding to el5)<br>
<br>
<a href="http://mirror.centos.org/centos/6/os/x86_64/Packages/libcap-ng-0.6.4-3.el6_0.1.x86_64.rpm" target="_blank">http://mirror.centos.org/centos/6/os/x86_64/Packages/libcap-ng-0.6.4-3.el6_0.1.x86_64.rpm</a><br>
<a href="http://mirror.centos.org/centos/6/os/x86_64/Packages/libcap-ng-devel-0.6.4-3.el6_0.1.x86_64.rpm" target="_blank">http://mirror.centos.org/centos/6/os/x86_64/Packages/libcap-ng-devel-0.6.4-3.el6_0.1.x86_64.rpm</a><br>
<a href="http://mirror.centos.org/centos/6/os/x86_64/Packages/pkgconfig-0.23-9.1.el6.x86_64.rpm" target="_blank">http://mirror.centos.org/centos/6/os/x86_64/Packages/pkgconfig-0.23-9.1.el6.x86_64.rpm</a><br>
<a href="http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/libyaml-0.1.4-1.el6.rf.x86_64.rpm" target="_blank">http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/libyaml-0.1.4-1.el6.rf.x86_64.rpm</a><br>
<a href="http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/libyaml-devel-0.1.4-1.el6.rf.x86_64.rpm" target="_blank">http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/libyaml-devel-0.1.4-1.el6.rf.x86_64.rpm</a><br>
<a href="http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/libnet-1.1.2.1-2.2.el6.rf.x86_64.rpm" target="_blank">http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/libnet-1.1.2.1-2.2.el6.rf.x86_64.rpm</a><br>
<div class=""><div class="h5"><br>
><br>
> and<br>
> libpcap libpcap-devel libnet libnet-devel pcre<br>
><br>
> On Thu, May 2, 2013 at 1:57 PM, Duarte Silva<br>
<<a href="mailto:duarte.silva@serializing.me">duarte.silva@serializing.me</a>>wrote:<br>
> > Hi Robert,<br>
> ><br>
> > yes, build from source :) I currently have three deployments of Suricata,<br>
> > all<br>
> > in RedHat 6. I have installed the necessary development/runtime<br>
> > dependencies<br>
> > and build from the source code.<br>
> ><br>
> > It's a little trial and error though.<br>
> ><br>
> > Best regards,<br>
> > Duarte Silva<br>
> ><br>
> > On Thursday 02 May 2013 12:38:05 Robert Clove wrote:<br>
> > > i got into the problem that:-<br>
> > ><br>
> > > I was following the link<br>
> > > <a href="https://redmine.openinfosecfoundation.org/projects/suricata/wiki/CentOS5" target="_blank">https://redmine.openinfosecfoundation.org/projects/suricata/wiki/CentOS5</a><br>
> > > I have Red Hat Enterprise Linux Client release 5.2 (Tikanga)<br>
> > > when i run<br>
> > ><br>
> > > sudo rpm -Uvh<br>
> ><br>
> > <a href="http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch" target="_blank">http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch</a>.<br>
> > r<br>
> ><br>
> > > pm<br>
> > ><br>
> > > i get the error :-<br>
> > > Retrieving<br>
> ><br>
> > <a href="http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch" target="_blank">http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch</a>.<br>
> > r<br>
> ><br>
> > > pm error: skipping<br>
> ><br>
> > <a href="http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch" target="_blank">http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch</a>.<br>
> > rp><br>
> > > m - transfer failed - Unknown or unexpected error<br>
> > ><br>
> > > I found that the my system is not registered to RHN is there any other<br>
> ><br>
> > way?<br>
> ><br>
> > > Thanks<br>
> > ><br>
> > > On Tue, Apr 23, 2013 at 5:30 PM, Peter Manev <<a href="mailto:petermanev@gmail.com">petermanev@gmail.com</a>><br>
> ><br>
> > wrote:<br>
> > > > On Tue, Apr 23, 2013 at 1:50 PM, Robert Clove <<a href="mailto:cloverobert@gmail.com">cloverobert@gmail.com</a>><br>
> > > ><br>
> > > > wrote:<br>
> > > > > Hello,<br>
> > > > ><br>
> > > > > Can we install suricata on Red Hat?<br>
> > > > > If so ,can you guide me with the steps of installation as i have the<br>
> > > ><br>
> > > > source<br>
> > > ><br>
> > > > > code.<br>
> > > > ><br>
> > > > ><br>
> > > > ><br>
> > > > > Thanks<br>
> > > > ><br>
> > > > ><br>
> > > > > _______________________________________________<br>
> ><br>
> > > > > Suricata IDS Devel mailing list:<br>
> > <a href="mailto:oisf-devel@openinfosecfoundation.org">oisf-devel@openinfosecfoundation.org</a><br>
> ><br>
> > > > > Site: <a href="http://suricata-ids.org" target="_blank">http://suricata-ids.org</a> | Participate:<br>
> > > > > <a href="http://suricata-ids.org/participate/" target="_blank">http://suricata-ids.org/participate/</a><br>
> > > ><br>
> > > > > List:<br>
> > > > <a href="https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel" target="_blank">https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel</a><br>
> > > ><br>
> > > > > Redmine: <a href="https://redmine.openinfosecfoundation.org/" target="_blank">https://redmine.openinfosecfoundation.org/</a><br>
> > > ><br>
> > > > Hi,<br>
> > > > Yes absolutelly -<br>
> ><br>
> > <a href="https://redmine.openinfosecfoundation.org/projects/suricata/wiki/CentOS_64" target="_blank">https://redmine.openinfosecfoundation.org/projects/suricata/wiki/CentOS_64</a><br>
> ><br>
> > > > _Installation_%28with_unix_socket_geoip_profiling_and_MD5_features%29<br>
> > > ><br>
> > > > The above is for CentOS - but it should work for RedHat as the two are<br>
> > > > supposed to be 100% compatible.<br>
> > > ><br>
> > > > Thanks<br>
> > > ><br>
> > > > --<br>
> > > > Regards,<br>
> > > > Peter Manev<br>
</div></div></blockquote></div><br><br></div><div class="gmail_extra">Thanks for the reply i am finally installing suricata on the CentOS 5.8 <br></div><div class="gmail_extra">When i ran the following command <br><pre>sudo rpm -Uvh <a href="http://rules.emergingthreatspro.com/projects/emergingrepo/x86_64/libnetfilter_queue-0.0.15-1.x86_64.rpm">http://rules.emergingthreatspro.com/projects/emergingrepo/x86_64/libnetfilter_queue-0.0.15-1.x86_64.rpm</a> \<br>
<br></pre><pre>an error comes <br>error: Failed dependencies:<br> libnfnetlink.so.0()(64bit) is needed by libnetfilter_queue-0.0.15-1.x86_64<br><br></pre><pre>Now what to do i tryed to find the above on net and also installing but again error <br>
<br></pre>rpm -Uhv libnfnetlink-1.0.0-1.el6.x86_64.rpm <br>warning: libnfnetlink-1.0.0-1.el6.x86_64.rpm: Header V3 RSA/SHA256 signature: NOKEY, key ID c105b9de<br>error: Failed dependencies:<br> rpmlib(FileDigests) <= 4.6.0-1 is needed by libnfnetlink-1.0.0-1.el6.x86_64<br>
rpmlib(PayloadIsXz) <= 5.2-1 is needed by libnfnetlink-1.0.0-1.el6.x86_64<br><br></div><div class="gmail_extra">Please suggest solution<br></div><div class="gmail_extra"><br></div></div>