[Oisf-devel] Can we install suricata on Red Hat?

Robert Clove cloverobert at gmail.com
Wed May 8 00:51:15 EDT 2013 

On Thu, May 2, 2013 at 2:24 PM, Duarte Silva <duarte.silva at serializing.me>wrote:

> On Thursday 02 May 2013 14:01:29 Robert Clove wrote:
> > Hi Duarte,
> > Source mean suricata source can you please guide me some steps for
>
> Source means, building Suricata from it's source. There are the guides on
> the
> Suricata wiki that deal with that.
>
> > epel-release-5-3.noarch.rpm
>
> In RedHat it's a pretty bad idea to add the EPEL repository, I would advise
> against that. Are you sure you can't register the machine in the RHN?
> Otherwise you will have to download everything manually which is a pain.
>
> The machines I'm using are RHN registered, I only had to download some
> dependencies that weren't available manually, follows the list (some
> dependencies that are on this list have been downloaded because I was also
> installing Barnyard and at the time I was using PF_RING):
>
>  - Installed from RedHat Network
>
> # yum install kernel-devel flex bison gcc gcc-c++ make subversion wget
> pcre-
> devel pcre file-devel file zlib-devel zlib nspr-devel nspr nss-devel nss
> man git
> libtool mysql mysql-devel
>
>  - Downloaded manually from other repositories (note that these are from
> el6,
> you have to download the corresponding to el5)
>
>
> http://mirror.centos.org/centos/6/os/x86_64/Packages/libcap-ng-0.6.4-3.el6_0.1.x86_64.rpm
>
> http://mirror.centos.org/centos/6/os/x86_64/Packages/libcap-ng-devel-0.6.4-3.el6_0.1.x86_64.rpm
>
> http://mirror.centos.org/centos/6/os/x86_64/Packages/pkgconfig-0.23-9.1.el6.x86_64.rpm
>
> http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/libyaml-0.1.4-1.el6.rf.x86_64.rpm
>
> http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/libyaml-devel-0.1.4-1.el6.rf.x86_64.rpm
>
> http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/libnet-1.1.2.1-2.2.el6.rf.x86_64.rpm
>
> >
> > and
> > libpcap libpcap-devel libnet libnet-devel pcre
> >
> > On Thu, May 2, 2013 at 1:57 PM, Duarte Silva
> <duarte.silva at serializing.me>wrote:
> > > Hi Robert,
> > >
> > > yes, build from source :) I currently have three deployments of
> Suricata,
> > > all
> > > in RedHat 6. I have installed the necessary development/runtime
> > > dependencies
> > > and build from the source code.
> > >
> > > It's a little trial and error though.
> > >
> > > Best regards,
> > > Duarte Silva
> > >
> > > On Thursday 02 May 2013 12:38:05 Robert Clove wrote:
> > > > i got into the problem that:-
> > > >
> > > > I was following the link
> > > >
> https://redmine.openinfosecfoundation.org/projects/suricata/wiki/CentOS5
> > > > I have Red Hat Enterprise Linux Client release 5.2 (Tikanga)
> > > > when i run
> > > >
> > > > sudo rpm -Uvh
> > >
> > >
> http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.
> > > r
> > >
> > > > pm
> > > >
> > > > i get the error :-
> > > > Retrieving
> > >
> > >
> http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.
> > > r
> > >
> > > > pm error: skipping
> > >
> > >
> http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.
> > > rp>
> > > > m - transfer failed - Unknown or unexpected error
> > > >
> > > > I found that the my system is not registered to RHN is there any
> other
> > >
> > > way?
> > >
> > > > Thanks
> > > >
> > > > On Tue, Apr 23, 2013 at 5:30 PM, Peter Manev <petermanev at gmail.com>
> > >
> > > wrote:
> > > > > On Tue, Apr 23, 2013 at 1:50 PM, Robert Clove <
> cloverobert at gmail.com>
> > > > >
> > > > > wrote:
> > > > > > Hello,
> > > > > >
> > > > > > Can we install suricata on Red Hat?
> > > > > > If so ,can you guide me with the steps of installation as i have
> the
> > > > >
> > > > > source
> > > > >
> > > > > > code.
> > > > > >
> > > > > >
> > > > > >
> > > > > > Thanks
> > > > > >
> > > > > >
> > > > > > _______________________________________________
> > >
> > > > > > Suricata IDS Devel mailing list:
> > > oisf-devel at openinfosecfoundation.org
> > >
> > > > > > Site: http://suricata-ids.org | Participate:
> > > > > > http://suricata-ids.org/participate/
> > > > >
> > > > > > List:
> > > > >
> https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel
> > > > >
> > > > > > Redmine: https://redmine.openinfosecfoundation.org/
> > > > >
> > > > > Hi,
> > > > > Yes absolutelly -
> > >
> > >
> https://redmine.openinfosecfoundation.org/projects/suricata/wiki/CentOS_64
> > >
> > > > >
> _Installation_%28with_unix_socket_geoip_profiling_and_MD5_features%29
> > > > >
> > > > > The above is for CentOS - but it should work for RedHat as the two
> are
> > > > > supposed to be 100% compatible.
> > > > >
> > > > > Thanks
> > > > >
> > > > > --
> > > > > Regards,
> > > > > Peter Manev
>


Thanks for the reply i am finally installing suricata on the CentOS 5.8
When i ran the following command

sudo rpm -Uvh http://rules.emergingthreatspro.com/projects/emergingrepo/x86_64/libnetfilter_queue-0.0.15-1.x86_64.rpm
\

an error comes
error: Failed dependencies:
        libnfnetlink.so.0()(64bit) is needed by
libnetfilter_queue-0.0.15-1.x86_64

Now what to do i tryed to find the above on net and also installing
but again error

rpm -Uhv libnfnetlink-1.0.0-1.el6.x86_64.rpm
warning: libnfnetlink-1.0.0-1.el6.x86_64.rpm: Header V3 RSA/SHA256
signature: NOKEY, key ID c105b9de
error: Failed dependencies:
        rpmlib(FileDigests) <= 4.6.0-1 is needed by
libnfnetlink-1.0.0-1.el6.x86_64
        rpmlib(PayloadIsXz) <= 5.2-1 is needed by
libnfnetlink-1.0.0-1.el6.x86_64

Please suggest solution
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-devel/attachments/20130508/9d5b72b6/attachment.html>

More information about the Oisf-devel mailing list