Skip to content
This repository has been archived by the owner on Apr 16, 2021. It is now read-only.

Suricata 1.1.1 #168

Closed
GoogleCodeExporter opened this issue Mar 24, 2015 · 2 comments
Closed

Suricata 1.1.1 #168

GoogleCodeExporter opened this issue Mar 24, 2015 · 2 comments
Labels
auto-migrated Priority-Low Type-Enhancement

Comments

@GoogleCodeExporter
Copy link 

http://www.openinfosecfoundation.org/index.php/component/content/article/140-sur
icata-111-available

Original issue reported on code.google.com by doug.bu...@gmail.com on 8 Dec 2011 at 12:38
@GoogleCodeExporter
Copy link
Author 

# Created the DEB:
wget http://www.openinfosecfoundation.org/download/suricata-1.1.1.tar.gz
tar zxvf suricata-1.1.1.tar.gz 
cd suricata-1.1.1
./configure --enable-af-packet --disable-gccmarch-native
make
sudo checkinstall

# Verified:
suricata -V
dpkg --info securityonion-suricata_1.1.1-1_i386.deb 

# Disabled Suricata decoder-events.rules and stream-events.rules and packaged 
into DEB:
sudo vi /etc/suricata/suricata.yaml
# - decoder-events.rules
# - stream-events.rules
/var/lib/gems/1.8/bin/fpm -s dir -t deb -n securityonion-suricata-config -v 
20111213 /etc/suricata/

# Updated security-onion-upgrade.sh:
sed -i 's| |=|g' $CONF
source $CONF
if [ "$VERSION" = "20111202" ]; then
        NEW="20111213"
        echo "**********************************************"   | $LOGGER
        echo "* Upgrading from $VERSION to $NEW."               | $LOGGER
        echo "**********************************************"   | $LOGGER
        DIR="/nsm/backup/$NEW"
        mkdir -p $DIR                                           | $LOGGER
        cd $DIR

        echo "* Installing new Suricata"                        | $LOGGER
        FILE=securityonion-suricata_1.1.1-1_i386.deb
        wget -q http://sourceforge.net/projects/security-onion/files/$NEW/$FILE -O $FILE | $LOGGER
        dpkg -i $FILE                                           | $LOGGER

        echo "* Installing new Suricata config"                 | $LOGGER
        FILE=securityonion-suricata-config_"$NEW"_i386.deb
        wget -q http://sourceforge.net/projects/security-onion/files/$NEW/$FILE -O $FILE | $LOGGER
        dpkg -i $FILE                                           | $LOGGER

        echo "* Copying suricata.yaml to sensor directories"    | $LOGGER
        grep -v "^#" /etc/nsm/sensortab |awk '{print $1}' |while read SENSOR
        do
                mkdir -p $DIR/"$SENSOR"/
                cp /etc/nsm/"$SENSOR"/suricata.yaml $DIR/"$SENSOR"/
                cp /etc/suricata/suricata.yaml /etc/nsm/"$SENSOR"/
        done

        if grep -i "suricata" /etc/nsm/securityonion.conf >/dev/null
        then
                nsm_sensor_ps-restart --only-snort-alert        | $LOGGER
        fi

        sed -i "s|VERSION=$VERSION|VERSION=$NEW|g" $CONF        | $LOGGER
        echo "* Upgrade to $NEW complete."                      | $LOGGER
        echo 
fi

Original comment by doug.bu...@gmail.com on 12 Dec 2011 at 9:11

  • Added labels: ****
  • Removed labels: ****

@GoogleCodeExporter
Copy link
Author 

Published:
http://securityonion.blogspot.com/2011/12/security-onion-20111213-now-available.
html

Original comment by doug.bu...@gmail.com on 13 Dec 2011 at 11:09

  • Changed state: Verified
  • Added labels: ****
  • Removed labels: ****

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
auto-migrated Priority-Low Type-Enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@GoogleCodeExporter