[Oisf-devel] Can we install suricata on Red Hat?

Victor Julien victor at inliniac.net
Wed May 8 09:08:38 UTC 2013 

On 05/08/2013 06:51 AM, Robert Clove wrote:
> 
> 
> 
> On Thu, May 2, 2013 at 2:24 PM, Duarte Silva
> <duarte.silva at serializing.me <mailto:duarte.silva at serializing.me>> wrote:
> 
>     On Thursday 02 May 2013 14:01:29 Robert Clove wrote:
>     > Hi Duarte,
>     > Source mean suricata source can you please guide me some steps for
> 
>     Source means, building Suricata from it's source. There are the
>     guides on the
>     Suricata wiki that deal with that.
> 
>     > epel-release-5-3.noarch.rpm
> 
>     In RedHat it's a pretty bad idea to add the EPEL repository, I would
>     advise
>     against that. Are you sure you can't register the machine in the RHN?
>     Otherwise you will have to download everything manually which is a pain.
> 
>     The machines I'm using are RHN registered, I only had to download some
>     dependencies that weren't available manually, follows the list (some
>     dependencies that are on this list have been downloaded because I
>     was also
>     installing Barnyard and at the time I was using PF_RING):
> 
>      - Installed from RedHat Network
> 
>     # yum install kernel-devel flex bison gcc gcc-c++ make subversion
>     wget pcre-
>     devel pcre file-devel file zlib-devel zlib nspr-devel nspr nss-devel
>     nss man git
>     libtool mysql mysql-devel
> 
>      - Downloaded manually from other repositories (note that these are
>     from el6,
>     you have to download the corresponding to el5)
> 
>     http://mirror.centos.org/centos/6/os/x86_64/Packages/libcap-ng-0.6.4-3.el6_0.1.x86_64.rpm
>     http://mirror.centos.org/centos/6/os/x86_64/Packages/libcap-ng-devel-0.6.4-3.el6_0.1.x86_64.rpm
>     http://mirror.centos.org/centos/6/os/x86_64/Packages/pkgconfig-0.23-9.1.el6.x86_64.rpm
>     http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/libyaml-0.1.4-1.el6.rf.x86_64.rpm
>     http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/libyaml-devel-0.1.4-1.el6.rf.x86_64.rpm
>     http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/libnet-1.1.2.1-2.2.el6.rf.x86_64.rpm
> 
>     >
>     > and
>     > libpcap libpcap-devel libnet libnet-devel pcre
>     >
>     > On Thu, May 2, 2013 at 1:57 PM, Duarte Silva
>     <duarte.silva at serializing.me <mailto:duarte.silva at serializing.me>>wrote:
>     > > Hi Robert,
>     > >
>     > > yes, build from source :) I currently have three deployments of
>     Suricata,
>     > > all
>     > > in RedHat 6. I have installed the necessary development/runtime
>     > > dependencies
>     > > and build from the source code.
>     > >
>     > > It's a little trial and error though.
>     > >
>     > > Best regards,
>     > > Duarte Silva
>     > >
>     > > On Thursday 02 May 2013 12:38:05 Robert Clove wrote:
>     > > > i got into the problem that:-
>     > > >
>     > > > I was following the link
>     > > >
>     https://redmine.openinfosecfoundation.org/projects/suricata/wiki/CentOS5
>     > > > I have Red Hat Enterprise Linux Client release 5.2 (Tikanga)
>     > > > when i run
>     > > >
>     > > > sudo rpm -Uvh
>     > >
>     > >
>     http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.
>     > > r
>     > >
>     > > > pm
>     > > >
>     > > > i get the error :-
>     > > > Retrieving
>     > >
>     > >
>     http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.
>     > > r
>     > >
>     > > > pm error: skipping
>     > >
>     > >
>     http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.
>     > > rp>
>     > > > m - transfer failed - Unknown or unexpected error
>     > > >
>     > > > I found that the my system is not registered to RHN is there
>     any other
>     > >
>     > > way?
>     > >
>     > > > Thanks
>     > > >
>     > > > On Tue, Apr 23, 2013 at 5:30 PM, Peter Manev
>     <petermanev at gmail.com <mailto:petermanev at gmail.com>>
>     > >
>     > > wrote:
>     > > > > On Tue, Apr 23, 2013 at 1:50 PM, Robert Clove
>     <cloverobert at gmail.com <mailto:cloverobert at gmail.com>>
>     > > > >
>     > > > > wrote:
>     > > > > > Hello,
>     > > > > >
>     > > > > > Can we install suricata on Red Hat?
>     > > > > > If so ,can you guide me with the steps of installation as
>     i have the
>     > > > >
>     > > > > source
>     > > > >
>     > > > > > code.
>     > > > > >
>     > > > > >
>     > > > > >
>     > > > > > Thanks
>     > > > > >
>     > > > > >
>     > > > > > _______________________________________________
>     > >
>     > > > > > Suricata IDS Devel mailing list:
>     > > oisf-devel at openinfosecfoundation.org
>     <mailto:oisf-devel at openinfosecfoundation.org>
>     > >
>     > > > > > Site: http://suricata-ids.org | Participate:
>     > > > > > http://suricata-ids.org/participate/
>     > > > >
>     > > > > > List:
>     > > > >
>     https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel
>     > > > >
>     > > > > > Redmine: https://redmine.openinfosecfoundation.org/
>     > > > >
>     > > > > Hi,
>     > > > > Yes absolutelly -
>     > >
>     > >
>     https://redmine.openinfosecfoundation.org/projects/suricata/wiki/CentOS_64
>     > >
>     > > > >
>     _Installation_%28with_unix_socket_geoip_profiling_and_MD5_features%29
>     > > > >
>     > > > > The above is for CentOS - but it should work for RedHat as
>     the two are
>     > > > > supposed to be 100% compatible.
>     > > > >
>     > > > > Thanks
>     > > > >
>     > > > > --
>     > > > > Regards,
>     > > > > Peter Manev
> 
> 
> 
> Thanks for the reply i am finally installing suricata on the CentOS 5.8
> When i ran the following command
> 
> sudo rpm -Uvh http://rules.emergingthreatspro.com/projects/emergingrepo/x86_64/libnetfilter_queue-0.0.15-1.x86_64.rpm \
> 
> 
> an error comes 
> error: Failed dependencies:
>         libnfnetlink.so.0()(64bit) is needed by libnetfilter_queue-0.0.15-1.x86_64
> 
> Now what to do i tryed to find the above on net and also installing but again error 
> 
> 
> rpm -Uhv libnfnetlink-1.0.0-1.el6.x86_64.rpm
> warning: libnfnetlink-1.0.0-1.el6.x86_64.rpm: Header V3 RSA/SHA256
> signature: NOKEY, key ID c105b9de
> error: Failed dependencies:
>         rpmlib(FileDigests) <= 4.6.0-1 is needed by
> libnfnetlink-1.0.0-1.el6.x86_64
>         rpmlib(PayloadIsXz) <= 5.2-1 is needed by
> libnfnetlink-1.0.0-1.el6.x86_64
> 
> Please suggest solution

Compiling the netfilter libraries from source is really simple, just a
matter of downloading them and a few ./configure, make, make install's.
You can get them from www.netfilter.org.

-- 
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------

More information about the Oisf-devel mailing list