# have all needed files, that a GNU package needs
AUTOMAKE_OPTIONS = foreign 1.4
ACLOCAL_AMFLAGS = -I m4
-EXTRA_DIST = ChangeLog COPYING LICENSE suricata.yaml \
+EXTRA_DIST = ChangeLog COPYING LICENSE suricata.yaml.in \
classification.config \
reference.config
if BUILD_LIBHTP
endif
SUBDIRS = $(HTP_DIR) src qa rules doc
+install-data-am:
+ @echo "Run 'make install-conf' if you want to install initial configuration files. Or 'make install-full' to install configuration and rules";
+
+install-full: install-conf install-rules
+
+install-conf:
+ install -d $(sysconfdir)
+ test -e $(sysconfdir)/suricata.yaml || install -m 600 $(top_srcdir)/suricata.yaml $(sysconfdir)
+ test -e $(sysconfdir)/classification.config || install -m 600 $(top_srcdir)/classification.config $(sysconfdir)
+ test -e $(sysconfdir)/reference.config || install -m 600 $(top_srcdir)/reference.config $(sysconfdir)
+ install -d $(localstatedir)/log/suricata
+
+install-rules:
+ install -d $(sysconfdir)/rules
+ wget -qO - http://rules.emergingthreats.net/open/suricata/emerging.rules.tar.gz | tar zkxv -C $(sysconfdir)
+ test -e $(sysconfdir)/rules/decoder-events.rules || install -m 600 $(top_srcdir)/rules/decoder-events.rules $(sysconfdir)/rules/
+ test -e $(sysconfdir)/rules/stream-events.rules || install -m 600 $(top_srcdir)/rules/stream-events.rules $(sysconfdir)/rules/
+ test -e $(sysconfdir)/rules/smtp-events.rules || install -m 600 $(top_srcdir)/rules/smtp-events.rules $(sysconfdir)/rules/
+ test -e $(sysconfdir)/rules/http-events.rules || install -m 600 $(top_srcdir)/rules/http-events.rules $(sysconfdir)/rules/
+ @echo "You can now start suricata by running as root something like '$(bindir)/suricata -c $(sysconfdir)/suricata.yaml -i eth0'"
AC_MSG_CHECKING([host os])
# If no host os was detected, try with uname
- if test -z "$host" ; then
+ if test -z "$host" ; then
host="`uname`"
fi
echo -n "installation for $host OS... \c"
*-*-mingw32*)
CFLAGS="${CFLAGS} -DOS_WIN32"
LDFLAGS="${LDFLAGS} -lws2_32"
+ WINDOWS_PATH="yes"
+ ;;
+ *-*-cygwin)
+ WINDOWS_PATH="yes"
;;
*)
AC_MSG_WARN([unsupported OS this may or may not work])
AC_SUBST(LDFLAGS)
AC_SUBST(CPPFLAGS)
-AC_OUTPUT(Makefile src/Makefile qa/Makefile qa/coccinelle/Makefile rules/Makefile doc/Makefile)
+define([EXPAND_VARIABLE],
+[$2=[$]$1
+if test $prefix = 'NONE'; then
+ prefix="/usr/local"
+fi
+while true; do
+ case "[$]$2" in
+ *\[$]* ) eval "$2=[$]$2" ;;
+ *) break ;;
+ esac
+done
+eval "$2=[$]$2$3"
+])dnl EXPAND_VARIABLE
+
+# suricata log dir
+if test "$WINDOWS_PATH" = "yes"; then
+ systemtype="`systeminfo | grep \"System Type\"`"
+ case $systemtype in
+ *x64*)
+ e_logdir="C:\\Program Files (x86)\\Suricata\\log\\"
+ e_sysconfdir="C:\\Program Files (x86)\\Suricata\\"
+ e_magic_file="C:\\Program Files (x86)\\Suricata\\magic.mgc"
+ ;;
+ *)
+ e_logdir="C:\\Program Files\\Suricata\\log\\"
+ e_sysconfdir="C:\\Program Files\\Suricata\\"
+ e_magic_file="C:\\Program Files\\Suricata\\magic.mgc"
+ ;;
+ esac
+else
+ EXPAND_VARIABLE(localstatedir, e_logdir, "/log/suricata")
+ EXPAND_VARIABLE(sysconfdir, e_sysconfdir, "/")
+ e_magic_file="/usr/share/file/magic"
+fi
+AC_SUBST(e_logdir)
+AC_SUBST(e_sysconfdir)
+AC_SUBST(e_magic_file)
+
+AC_OUTPUT(Makefile src/Makefile qa/Makefile qa/coccinelle/Makefile rules/Makefile doc/Makefile suricata.yaml)
echo "
Suricata Configuration:
GCC Profile enabled: ${enable_gccprofile}
Old barnyard2 support: ${enable_old_barnyard2}
Non-bundled htp: ${enable_non_bundled_htp}
- PCRE jit: ${pcre_jit_available}
-"
+ PCRE jit: ${pcre_jit_available}"
+
+echo "
+To build and install run 'make' and 'make install'.
+You can run 'make install-conf' if you want to install initial configuration files.
+Running 'make install-full' will install configuration and rules and provide you a ready-to-run suricata."
# The default logging directory. Any log or output file will be
# placed here if its not specified with a full path name. This can be
# overridden with the -l command line parameter.
-default-log-dir: /var/log/suricata
+default-log-dir: @e_logdir@
# Configure the type of alert (and other) logging you would like.
outputs:
# Magic file. The extension .mgc is added to the value here.
#magic-file: /usr/share/file/magic
+magic-file: @e_magic_file@
# When running in NFQ inline mode, it is possible to use a simulated
# non-terminal NFQUEUE verdict.
# Set the default rule path here to search for the files.
# if not set, it will look at the current working dir
-default-rule-path: /etc/suricata/rules/
+default-rule-path: @e_sysconfdir@rules
rule-files:
- - attack-responses.rules
- - backdoor.rules
- - bad-traffic.rules
- - chat.rules
- - ddos.rules
- - deleted.rules
- - dns.rules
- - dos.rules
- - experimental.rules
- - exploit.rules
- - finger.rules
- - ftp.rules
- - icmp-info.rules
- - icmp.rules
- - imap.rules
- - info.rules
- - local.rules
- - misc.rules
- - multimedia.rules
- - mysql.rules
- - netbios.rules
- - nntp.rules
- - oracle.rules
- - other-ids.rules
- - p2p.rules
- - policy.rules
- - pop2.rules
- - pop3.rules
- - porn.rules
- - rpc.rules
- - rservices.rules
- - scada.rules
- - scan.rules
- - shellcode.rules
- - smtp.rules
- - snmp.rules
- - specific-threats.rules
- - spyware-put.rules
- - sql.rules
- - telnet.rules
- - tftp.rules
- - virus.rules
- - voip.rules
- - web-activex.rules
- - web-attacks.rules
- - web-cgi.rules
- - web-client.rules
- - web-coldfusion.rules
- - web-frontpage.rules
- - web-iis.rules
- - web-misc.rules
- - web-php.rules
- - x11.rules
+ - botcc.rules
+ - ciarmy.rules
+ - compromised.rules
+ - drop.rules
+ - dshield.rules
+ - emerging-activex.rules
- emerging-attack_response.rules
+ - emerging-chat.rules
+ - emerging-current_events.rules
+ - emerging-deleted.rules
+ - emerging-dns.rules
- emerging-dos.rules
- emerging-exploit.rules
- - emerging-game.rules
+ - emerging-ftp.rules
+ - emerging-games.rules
+ - emerging-icmp_info.rules
+ - emerging-icmp.rules
+ - emerging-imap.rules
- emerging-inappropriate.rules
- emerging-malware.rules
+ - emerging-misc.rules
+ - emerging-mobile_malware.rules
+ - emerging-netbios.rules
- emerging-p2p.rules
- emerging-policy.rules
+ - emerging-pop3.rules
+ - emerging-rpc.rules
+ - emerging-scada.rules
- emerging-scan.rules
+ - emerging-shellcode.rules
+ - emerging-smtp.rules
+ - emerging-snmp.rules
+ - emerging-sql.rules
+ - emerging-telnet.rules
+ - emerging-tftp.rules
+ - emerging-trojan.rules
+ - emerging-user_agents.rules
- emerging-virus.rules
- emerging-voip.rules
- - emerging-web.rules
- emerging-web_client.rules
- emerging-web_server.rules
- emerging-web_specific_apps.rules
- - emerging-user_agents.rules
- - emerging-current_events.rules
+ - emerging-worm.rules
+ - rbn-malvertisers.rules
+ - rbn.rules
+ - tor.rules
- decoder-events.rules # available in suricata sources under rules dir
- stream-events.rules # available in suricata sources under rules dir
- http-events.rules # available in suricata sources under rules dir
- smtp-events.rules # available in suricata sources under rules dir
-classification-file: /etc/suricata/classification.config
-reference-config-file: /etc/suricata/reference.config
+classification-file: @e_sysconfdir@classification.config
+reference-config-file: @e_sysconfdir@reference.config
# Holds variables that would be used by the engine.
vars:
projects / thirdparty / suricata.git / commitdiff
