aboutsummaryrefslogtreecommitdiffstats
path: root/framework/src/suricata/doc/Windows.txt
diff options
context:
space:
mode:
Diffstat (limited to 'framework/src/suricata/doc/Windows.txt')
-rw-r--r--framework/src/suricata/doc/Windows.txt189
1 files changed, 189 insertions, 0 deletions
diff --git a/framework/src/suricata/doc/Windows.txt b/framework/src/suricata/doc/Windows.txt
new file mode 100644
index 00000000..ce94b1fe
--- /dev/null
+++ b/framework/src/suricata/doc/Windows.txt
@@ -0,0 +1,189 @@
+Autogenerated on 2012-11-29
+from - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Windows
+
+
+Windows
+
+NOTE -
+A new instruction set for Suricata installation (and/or compilation from
+scratch) can be found here:
+https://redmine.openinfosecfoundation.org/projects/suricata/files
+also a windows binary - self extracting auto install package is available here:
+http://www.openinfosecfoundation.org/index.php/download-suricata
+
+Preparing the build environment
+
+The instructions below should be followed in the order they appear. If your
+configuration requires unique actions to compile the package and/or you
+significantly modify the configure shell script, please e-mail the details of
+your requirements and/or solution to bugreports@openinfosecfoundation.org.
+Set up MinGW environment from http://mingw.org/
+Do not use the automatic installer, as it is deprecated. Instead, manually
+unpack the following packages to c:\mingw (you may use newer versions if you
+prefer):
+
+
+ * binutils
+ o binutils-2.20-1-mingw32-bin.tar.gz
+ * mingw-runtime (dev and dll)
+ o mingwrt-3.17-mingw32-dll.tar.gz
+ o mingwrt-3.17-mingw32-dev.tar.gz
+ * w32api
+ o w32api-3.14-mingw32-dev.tar.gz
+ * Required runtime libraries for GCC (gmp, libiconv, MPFR and pthreads)
+ o gmp-4.2.4-mingw32-dll.tar.gz
+ o libiconv-1.13.1-1-mingw32-dll-2.tar.lzma
+ o mpfr-2.4.1-mingw32-dll.tar.gz
+ o pthreads-w32-2.8.0-mingw32-dll.tar.gz
+ * gcc-core (bin and dll)
+ o gcc-core-4.4.0-mingw32-bin.tar.gz
+ o gcc-core-4.4.0-mingw32-dll.tar.gz
+ * make
+ o make-3.81-20090914-mingw32-bin.tar.gz
+ * zlib
+ o libz-1.2.3-1-mingw32-dll-1.tar.gz
+ + libz-1.2.3-1-mingw32-dev.tar.gz
+
+
+Download MSYS
+
+Get MSYS from http://sourceforge.net/projects/mingw/files/ and install
+
+ MSYS-1.0.11.exe (MSYS Base System)
+ msysDTK-1.0.1.exe (MSYS Suplementary Tools)
+ autoconf-2.63-1-msys-1.0.11-bin.tar.lzma
+ automake-1.11-1-msys-1.0.11-bin.tar.lzma
+ libtool-2.2.7a-1-msys-1.0.11-bin.tar.lzma
+
+MSYS will ask the following questions during installation.
+
+ Accept Post Install: [y]
+ MinGW Installed? : [y]
+ path to MinGW: [c:/MinGW]
+
+
+Download pkg-config
+
+Install pkg-config taken from http://wiki.videolan.org/Win32CompileMSYSNew#PKG-
+CONFIG
+Download and extract the following into c:\Msys\1.0
+
+ http://ftp.gnome.org/pub/GNOME/binaries/win32/glib/2.18/glib_2.18.2-
+ 1_win32.zip
+ ftp://ftp.gnome.org/pub/gnome/binaries/win32/dependencies/pkg-config_0.23-
+ 3_win32.zip
+ ftp://ftp.gnome.org/pub/gnome/binaries/win32/dependencies/pkg-config-
+ dev_0.23-3_win32.zip
+
+
+ Set PKG_CONFIG_PATH=/win32/lib/pkgconfig
+
+(e.g. by adding the Windows environment variable PKG_CONFIG_PATH in "Control
+Panel"->"System"->"Advanced System Settings"->"Environment Variables" and
+setting the value to /win32/lib/pkgconfig)
+
+Download Git sources
+
+Get Git sources from http://code.google.com/p/msysgit/
+Unpack to /msys/1.0
+Remember to edit ~/.gitconfig to set your username
+
+Download libpcre
+
+Get libpcre from http://www.pcre.org/
+
+ ./configure --enable-utf8 --disable-cpp --prefix=/mingw
+ make
+ make install
+
+
+Download libyaml
+
+Download libyaml from http://pyyaml.org/wiki/LibYAML
+Though libyaml does not support mingw compilation, it does work in static mode.
+
+ ./configure --prefix=/mingw CFLAGS="-DYAML_DECLARE_STATIC"
+ make
+ make install
+
+
+Download libpcap
+
+Download the developer pack from http://www.winpcap.org/devel.htm
+To have the driver in the system, download and install a corresponding
+installer package from http://www.winpcap.org/install/default.htm
+Copy includes to c:/mingw/include and libs (.a) to c:/mingw/lib
+Rename libwpcap.a to libpcap.a
+
+Get and compile Suricata
+
+
+ git clone git://phalanx.openinfosecfoundation.org/oisf.git
+ cd oisf
+
+Because of an autotools port bug, you will need to do the following:
+
+ dos2unix.exe libhtp/configure.ac
+ dos2unix.exe libhtp/htp.pc.in
+ dos2unix.exe libhtp/Makefile.am
+
+ ./autogen.sh
+ ./configure CFLAGS="-DYAML_DECLARE_STATIC"
+
+Add --enable-nfqueue as a configurable parameter to enable inline mode.
+
+ make
+
+If the full installation is successful, suricata.exe will be located in
+src/.lib. To test your build, you will need libpcre-0.dll, libz-1.dll, and
+pthreadGC2.dll, all of which should already be installed under c:/mingw or c:/
+msys.
+preparing the runtime environment.
+To prepare the runtime environment, you must copy the executable and DLLs to a
+dedicated directory. Get the classification.config and suricata.yaml, and then
+edit suricata.yaml to ensure the directories are correctly identified.
+pcap mode
+If you have not already done so, install winpcap runtime and its driver. Then,
+determine your eth device UUID in the registry:
+
+ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\
+ suricata.exe -c suricata.yaml -i \device\
+
+In the example above, device should be replaced with your device uuid.
+
+Inline mode
+
+To operate in inline mode, you must download, compile and install
+netfilterforwin, which is the netfilter.sys driver and Windows port of the
+libnetfilter_queue library.
+Download and install the Windows Driver Kit from Microsoft
+http://www.microsoft.com/downloads/
+details.aspx?displaylang=en&FamilyID=36a2630f-5d56-43b5-b996-7633f2ec14ff
+Download netfilterforwin from http://sourceforge.net/projects/netfilterforwin/
+Unpack it so the netfilterforwin directory is beside the oisf directory. You
+must omit the version from its name.
+Compile the driver
+Open the correct build environment from your Start menu
+Start > All Programs > Windows Driver Kits > WDK xxxx.yyyy.z > Build
+Environments > Windows Server 2003 > x86 Free Build Environment
+At your command line prompt, enter the following:
+
+ cd netfilterforwin/netfilter
+ nmake
+
+Install the driver
+Copy inf/* files and the freshly built netfilter.sys to a separate directory,
+and then open the network connections.
+Right-click an interface, then select Properties
+Click install...
+Select Service
+Click Add
+Click Have disk...
+Browse to the directory with the inf files and netfilter.sys, select
+netfilter.inf, and then click Ok.
+Confirm everything
+The driver is now installed.
+Run Suricata in inline mode
+
+ suricata.exe -c suricata.yaml -q 0
+