<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.MsoPlainText, li.MsoPlainText, div.MsoPlainText
{mso-style-priority:99;
mso-style-link:"Plain Text Char";
margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:#1F497D;}
span.PlainTextChar
{mso-style-name:"Plain Text Char";
mso-style-priority:99;
mso-style-link:"Plain Text";
font-family:"Calibri",sans-serif;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Here is my understanding of this..<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">There was a thread on this a while back.. they won’t update until 4.0 version is EOL.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal">Suricata EOL policy: <a href="https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsuricata-ids.org%2Fabout%2Feol-policy%2F&data=02%7C01%7Ccraig.edgmand%40okstate.edu%7C9451ca06c6954db4c6f108d665bbdc32%7C2a69c91de8494e34a230cdf8b27e1964%7C0%7C0%7C636808254868071291&sdata=yE0GRBtPceNm1CRg9eRoRYsyiXf%2BxefcO0zwPjg7fec%3D&reserved=0" target="_blank">
https://suricata-ids.org/about/eol-policy/</a><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Here was an e-mail from the RPM maintainer.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoPlainText">Hi All,<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">For anyone using CentOS/RHEL/etc. is there an interest in having the latest and greatest available in RPM format?<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">For some background, the general guidelines around packages in EPEL is to maintain package stability over latest and greatest. Following in that spirit the EPEL package is usually the oldest stable/supported version of suricata, for
example suricata-4.0.6 is what is currently available in EPEL.<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">EPEL will track the 4.0.x series until it becomes EOL then it will get updated to the newest release.<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">That being said, it's possible to do builds in COPR that are the newest packages for CentOS/RHEL and use at least the same configuration/build flags we use in the EPEL releases. It's also possible to do hyperscan enabled suricata builds
for EL with COPR.<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">Also, if you aren't using the EPEL RPM package why not? We obviously want to make the package usable by as many people as possible so any feedback is appreciated.<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">Thanks in advance!<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">JT<o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> Oisf-users <oisf-users-bounces@lists.openinfosecfoundation.org>
<b>On Behalf Of </b>Kaushal Shriyan<br>
<b>Sent:</b> Thursday, February 21, 2019 12:05 PM<br>
<b>To:</b> oisf-users@lists.openinfosecfoundation.org<br>
<b>Subject:</b> [Oisf-users] Suricata Version 4.1.2 rpm binary version not available in epel repo<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal" align="center" style="text-align:center;background:yellow"><span style="color:black">**External Email - Please verify sender email address before responding.**<o:p></o:p></span></p>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<p class="MsoNormal">Hi,<o:p></o:p></p>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">I am running CentOS Linux release 7.6.1810 (Core) and have enabled EPEL repo. When i install Suricata IDS/IPS application, I see the below version<o:p></o:p></p>
</div>
<div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<div>
<p class="MsoNormal"># cat /etc/redhat-release<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">CentOS Linux release 7.6.1810 (Core)<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">#<o:p></o:p></p>
</div>
</div>
<div>
<p class="MsoNormal">#rpm -qa | grep suricata<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">suricata-4.0.6-1.el7.x86_64<o:p></o:p></p>
</div>
</div>
<div>
<p class="MsoNormal">#<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Whereas when i look at <a href="https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsuricata-ids.org%2Fdownload%2F&data=02%7C01%7Ccraig.edgmand%40okstate.edu%7C3b757477b89a45b68b7f08d698271a7f%7C2a69c91de8494e34a230cdf8b27e1964%7C0%7C0%7C636863691047884151&sdata=VcF7UcalEspr8S6LguJUFQoEQLarvulaiPl45DnXHeY%3D&reserved=0">https://suricata-ids.org/download/</a>
i don't see Suricata stable release 4.1.2 as rpm binary in the EPEL repository.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Any help will be highly appreciated.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Best Regards,<o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</body>
</html>