From 8879b125d26e8db1a5633de5a9c692eb2d1c4f83 Mon Sep 17 00:00:00 2001 From: Ashlee Young Date: Wed, 9 Sep 2015 22:21:41 -0700 Subject: suricata checkin based on commit id a4bce14770beee46a537eda3c3f6e8e8565d5d0a Change-Id: I9a214fa0ee95e58fc640e50bd604dac7f42db48f --- framework/src/suricata/doc/Mac_OS_X_106x.txt | 72 ++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 framework/src/suricata/doc/Mac_OS_X_106x.txt (limited to 'framework/src/suricata/doc/Mac_OS_X_106x.txt') diff --git a/framework/src/suricata/doc/Mac_OS_X_106x.txt b/framework/src/suricata/doc/Mac_OS_X_106x.txt new file mode 100644 index 00000000..0f76a047 --- /dev/null +++ b/framework/src/suricata/doc/Mac_OS_X_106x.txt @@ -0,0 +1,72 @@ +Autogenerated on 2012-11-29 +from - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Mac_OS_X_106x + + +Mac OS X (10.6.x) + + +Pre-installation requirements + +These instructions have been tested with Mac OS X (10.6.1). To begin, you will +need an essential development environment much like gcc/make. You can download +Xcode from http://developer.apple.com/technology/xcode.html. +MacPorts is required for you to fetch the depends, so you will also need to +install MacPorts, if you have not already done so. The online installation +guide is located at http://guide.macports.org/#installing. +Before you can build Suricata for your system, you must run the following +command to ensure that you have everything you need for the installation. + + port install autoconf automake gcc44 make libnet11 libpcap pcre \ + libyaml libtool + export AC_PROG_LIBTOOL=$( which libtool ) + +Depending on the current status of your system, it may take a while to complete +this process. + +HTP + +HTP is bundled with Suricata and installed automatically. If you need to +install HTP manually for other reasons, instructions can be found at HTP +library_installation. + +IPS + +If you would like to have IPS capabilities with IPFW, then you should run +configure like this: + + ./configure --enable-ipfw --prefix=/usr --sysconfdir=/etc --localstatedir=/ + var + +and execute the rest of the commands the same as above. + +Suricata + +To download and build Suricata, enter the following: + + wget http://www.openinfosecfoundation.org/download/suricata-1.3.3.tar.gz + tar -xvzf suricata-1.3.3.tar.gz + cd suricata-1.3.3 + +You will also need to have an ipfw rule set for the engine to see the packets +from ipfw. For example: + + ipfw add 100 divert 8000 ip from any to any + +The 8000 above should be the same number you pass on the command line of +suricata with the option -d, that is, -d 8000: + + suricata -c config_file.yaml -d 8000 + +You will need a Suricata rule set with IPS options (drop, reject, etc). For +this, please refer to the Emerging Threats rule sets. +If you are building from Git sources, enter the following: + + bash autogen.sh + +If you are not building from Git sources, enter the following: + + ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var + make + sudo make install + +Please continue with the Basic_Setup. -- cgit 1.2.3-korg