diff options
Diffstat (limited to 'framework/src/suricata/doc/INSTALL.WINDOWS')
| -rw-r--r-- | framework/src/suricata/doc/INSTALL.WINDOWS | 181 |
1 files changed, 0 insertions, 181 deletions
diff --git a/framework/src/suricata/doc/INSTALL.WINDOWS b/framework/src/suricata/doc/INSTALL.WINDOWS deleted file mode 100644 index f03bd37b..00000000 --- a/framework/src/suricata/doc/INSTALL.WINDOWS +++ /dev/null @@ -1,181 +0,0 @@ -Before you start -================ - -An up to date version of this document can be found online: -https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Windows - -Alternatively, an installation document for using CYGWIN instead of MinGW can -be found here: -https://redmine.openinfosecfoundation.org/attachments/download/676/SurWinInstallGuide.pdf - -This file describes how to build and run Suricata on Windows. Currently -Windows XP and above are supported. - - -Preparing the build environment -=============================== - -1. Setup MinGW environment from http://mingw.org - -Do not use the automatic installer as it is deprecated. Manually unpack -the following packages to c:\mingw (use newer versions if you like): - - * binutils - o binutils-2.20–1-mingw32-bin.tar.gz - * mingw-runtime (dev and dll): - o mingwrt-3.17-mingw32-dll.tar.gz - o mingwrt-3.17-mingw32-dev.tar.gz - * w32api - o w32api-3.14-mingw32-dev.tar.gz - * required runtime libraries for GCC (gmp, libiconv, MPFR and pthreads): - o gmp-4.2.4-mingw32-dll.tar.gz - o libiconv-1.13.1–1-mingw32-dll-2.tar.lzma - o mpfr-2.4.1-mingw32-dll.tar.gz - o pthreads-w32–2.8.0-mingw32-dll.tar.gz - * gcc-core (bin and dll): - o gcc-core-4.4.0-mingw32-bin.tar.gz - o gcc-core-4.4.0-mingw32-dll.tar.gz - * make - o make-3.81–20090914-mingw32-bin.tar.gz - * zlib - o libz-1.2.3-1-mingw32-dll-1.tar.gz - o libz-1.2.3-1-mingw32-dev.tar.gz - -2. Install MSYS - - http://sourceforge.net/projects/mingw/files/ - - MSYS-1.0.11.exe (MSYS Base System) - msysDTK-1.0.1.exe (MSYS Suplementary Tools) - autoconf-2.63–1-msys-1.0.11-bin.tar.lzma - automake-1.11–1-msys-1.0.11-bin.tar.lzma - libtool-2.2.7a-1-msys-1.0.11-bin.tar.lzma - - MSYS will ask questions during the installation: - Accept Post Install: [y] - MinGW Installed? : [y] - path to MinGW: [c:/MinGW] - -3. Install pkg-config taken from http://wiki.videolan.org/Win32CompileMSYSNew#PKG-CONFIG - Download and extract the following into c:\Msys\1.0 - http://ftp.gnome.org/pub/GNOME/binaries/win32/glib/2.18/glib_2.18.2-1_win32.zip - ftp://ftp.gnome.org/pub/gnome/binaries/win32/dependencies/pkg-config_0.23-3_win32.zip - ftp://ftp.gnome.org/pub/gnome/binaries/win32/dependencies/pkg-config-dev_0.23-3_win32.zip - - Set PKG_CONFIG_PATH=/win32/lib/pkgconfig - - (e.g. by adding the Windows enviroment variable PKG_CONFIG_PATH in "Control Panel"->"System"->"Advanced System Settings"->"Environment Variables" and setting the value to /win32/lib/pkgconfig) - - -4. Get git - - Download portable GIT from this URL: - http://code.google.com/p/msysgit/ - - - unpack to /msys/1.0 - - don't forget to edit your ~/.gitconfig to at least give youreself a name :-) - -5. Get libpcre - - http://www.pcre.org/ - - ./configure --enable-utf8 --disable-cpp --prefix=/mingw - make - make install - -6. Get libyaml - - http://pyyaml.org/wiki/LibYAML - - It does not support mingw compilation. However it works in static mode: - - ./configure --prefix=/mingw CFLAGS="-DYAML_DECLARE_STATIC" - make - make install - -7. Get libpcap - - Guide can be found here: - - Download Devlopers pack http://www.winpcap.org/devel.htm - - Download and install a coresponding installer package http://www.winpcap.org/install/default.htm (to have the driver in the system) - - Copy includes to c:/mingw/include and libs (.a) to c:/mingw/lib - - Rename libwpcap to libpcap - -8. Get and compile Suricata - - git clone git://phalanx.openinfosecfoundation.org/oisf.git - cd oisf - - Because of some weird autools port bug we do the following: - dos2unix.exe libhtp/configure.ac - dos2unix.exe libhtp/htp.pc.in - dos2unix.exe libhtp/Makefile.am - - ./autogen.sh - ./configure CFLAGS="-DYAML_DECLARE_STATIC" - # add --enable-nfqueue as parameter to configure to enable inline mode - make - -If everything goes well, you'll end up with suricata.exe in src/.lib. To test it -you will need libpcre-0.dll, libz-1.dll, and pthreadGC2.dll which you already have somewhere -under c:/mingw or c:/msys. To prepare the runtime environment: - - - copy the executable and the DLLs to a dedicated directory - - get there classification.config and suricata.yaml - - edit suricata.yaml (at least set the directories correctly) - -PCAP Mode -========= - -Make sure you have winpcap runtime and driver installed and then: - - - determine your eth device UUID in the registry: - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\ - - now cross your fingers and do: - suricata.exe -c suricata.yaml -i \DEVICE\{your device uuid} - - -Inline Mode -=========== - -You need to downoad, compile and install netfilterforwin (the netfilter.sys -driver and Windows port of the libnetfilter_queue library): - -1. Download and install Windows Driver Kit from Microsoft - - http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=36a2630f-5d56-43b5-b996-7633f2ec14ff - -2. Download netfilterforwin - - http://sourceforge.net/projects/netfilterforwin/ - - Unpack it so the netfilterforwin directory (omit the version from its name) - is beside the oisf directory. - -3. Compile the driver - - - Open the build environment from you Start menu: - Start->All Programs->windows Driver Kits->WDK xxxx.yyyy.z->Build Environments - ->Windows Server 2003->x86 Free Build Environment - (or the one which is proper for your system) - - cd to netfilterforwin/netfilter - - enter command: - nmake - -4. Install the driver - - - copy inf/* files and the freshly built netfilter.sys to a separate directory - - open network connecions - - right-click an interface, select properties - - click install... - - select service - - click add - - click 'have disk...' - - browse to the directory with the inf files and netfilter.sys, select netfilter.inf anc click ok - - confirm everything - - You should have the driver installed now. - -5. Run Suricata in inline mode: - - suricata.exe -c suricata.yaml -q 0 |