doc: improve doc on compiling with eBPF support

author Eric Leblond <eric@regit.org>

Sun, 23 Jun 2019 14:58:09 +0000 (16:58 +0200)

committer Victor Julien <victor@inliniac.net>

Fri, 23 Aug 2019 11:42:08 +0000 (13:42 +0200)
author Eric Leblond <eric@regit.org>
Sun, 23 Jun 2019 14:58:09 +0000 (16:58 +0200)
committer Victor Julien <victor@inliniac.net>
Fri, 23 Aug 2019 11:42:08 +0000 (13:42 +0200)
diff --git a/doc/userguide/capture-hardware/ebpf-xdp.rst b/doc/userguide/capture-hardware/ebpf-xdp.rst

index db05d82cb30aa517559fb0725129cf610e00827c..ef0c12c3233f6108043cd53d34d2c3400294d923 100644 (file)
--- a/doc/userguide/capture-hardware/ebpf-xdp.rst
+++ b/doc/userguide/capture-hardware/ebpf-xdp.rst
@@ -71,12 +71,17 @@ Kernel
  
  You need to run a kernel 4.13 or newer.
  
-Clang
-~~~~~
+Clang and dependencies
+~~~~~~~~~~~~~~~~~~~~~~
  
  Make sure you have clang (>=3.9) installed on the system  ::
  
- sudo apt-get install clang
+ sudo apt install clang
+
+Some i386 headers will also be needed as eBPF is not x86_64 and some include headers
+are architecture specific ::
+
+ sudo apt install libc6-dev-i386 --no-install-recommends
  
  libbpf
  ~~~~~~
@@ -93,6 +98,8 @@ Now, you can build and install the library ::
   sudo make install_headers
   sudo ldconfig
  
+In some cases your system will not find the libbpf library that is installed under
+`/usr/lib64` so you may need to modify your ldconfig configuration.
  
  Compile and install Suricata
  ----------------------------
author	Eric Leblond <eric@regit.org>
	Sun, 23 Jun 2019 14:58:09 +0000 (16:58 +0200)
committer	Victor Julien <victor@inliniac.net>
	Fri, 23 Aug 2019 11:42:08 +0000 (13:42 +0200)