[Oisf-devel] Can we install suricata on Red Hat?

Duarte Silva duarte.silva at serializing.me
Thu May 2 08:54:53 UTC 2013


On Thursday 02 May 2013 14:01:29 Robert Clove wrote:
> Hi Duarte,
> Source mean suricata source can you please guide me some steps for

Source means, building Suricata from it's source. There are the guides on the 
Suricata wiki that deal with that.

> epel-release-5-3.noarch.rpm

In RedHat it's a pretty bad idea to add the EPEL repository, I would advise 
against that. Are you sure you can't register the machine in the RHN? 
Otherwise you will have to download everything manually which is a pain.

The machines I'm using are RHN registered, I only had to download some 
dependencies that weren't available manually, follows the list (some 
dependencies that are on this list have been downloaded because I was also 
installing Barnyard and at the time I was using PF_RING):

 - Installed from RedHat Network

# yum install kernel-devel flex bison gcc gcc-c++ make subversion wget pcre-
devel pcre file-devel file zlib-devel zlib nspr-devel nspr nss-devel nss man git 
libtool mysql mysql-devel

 - Downloaded manually from other repositories (note that these are from el6, 
you have to download the corresponding to el5)

http://mirror.centos.org/centos/6/os/x86_64/Packages/libcap-ng-0.6.4-3.el6_0.1.x86_64.rpm
http://mirror.centos.org/centos/6/os/x86_64/Packages/libcap-ng-devel-0.6.4-3.el6_0.1.x86_64.rpm
http://mirror.centos.org/centos/6/os/x86_64/Packages/pkgconfig-0.23-9.1.el6.x86_64.rpm
http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/libyaml-0.1.4-1.el6.rf.x86_64.rpm
http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/libyaml-devel-0.1.4-1.el6.rf.x86_64.rpm
http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/libnet-1.1.2.1-2.2.el6.rf.x86_64.rpm

> 
> and
> libpcap libpcap-devel libnet libnet-devel pcre
> 
> On Thu, May 2, 2013 at 1:57 PM, Duarte Silva 
<duarte.silva at serializing.me>wrote:
> > Hi Robert,
> > 
> > yes, build from source :) I currently have three deployments of Suricata,
> > all
> > in RedHat 6. I have installed the necessary development/runtime
> > dependencies
> > and build from the source code.
> > 
> > It's a little trial and error though.
> > 
> > Best regards,
> > Duarte Silva
> > 
> > On Thursday 02 May 2013 12:38:05 Robert Clove wrote:
> > > i got into the problem that:-
> > > 
> > > I was following the link
> > > https://redmine.openinfosecfoundation.org/projects/suricata/wiki/CentOS5
> > > I have Red Hat Enterprise Linux Client release 5.2 (Tikanga)
> > > when i run
> > > 
> > > sudo rpm -Uvh
> > 
> > http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.
> > r
> > 
> > > pm
> > > 
> > > i get the error :-
> > > Retrieving
> > 
> > http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.
> > r
> > 
> > > pm error: skipping
> > 
> > http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.
> > rp> 
> > > m - transfer failed - Unknown or unexpected error
> > > 
> > > I found that the my system is not registered to RHN is there any other
> > 
> > way?
> > 
> > > Thanks
> > > 
> > > On Tue, Apr 23, 2013 at 5:30 PM, Peter Manev <petermanev at gmail.com>
> > 
> > wrote:
> > > > On Tue, Apr 23, 2013 at 1:50 PM, Robert Clove <cloverobert at gmail.com>
> > > > 
> > > > wrote:
> > > > > Hello,
> > > > > 
> > > > > Can we install suricata on Red Hat?
> > > > > If so ,can you guide me with the steps of installation as i have the
> > > > 
> > > > source
> > > > 
> > > > > code.
> > > > > 
> > > > > 
> > > > > 
> > > > > Thanks
> > > > > 
> > > > > 
> > > > > _______________________________________________
> > 
> > > > > Suricata IDS Devel mailing list:
> > oisf-devel at openinfosecfoundation.org
> > 
> > > > > Site: http://suricata-ids.org | Participate:
> > > > > http://suricata-ids.org/participate/
> > > > 
> > > > > List:
> > > > https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel
> > > > 
> > > > > Redmine: https://redmine.openinfosecfoundation.org/
> > > > 
> > > > Hi,
> > > > Yes absolutelly -
> > 
> > https://redmine.openinfosecfoundation.org/projects/suricata/wiki/CentOS_64
> > 
> > > > _Installation_%28with_unix_socket_geoip_profiling_and_MD5_features%29
> > > > 
> > > > The above is for CentOS - but it should work for RedHat as the two are
> > > > supposed to be 100% compatible.
> > > > 
> > > > Thanks
> > > > 
> > > > --
> > > > Regards,
> > > > Peter Manev



More information about the Oisf-devel mailing list