alright.... made a dockerfile for "suricata-indev".
-
Canonical DDOS is affecting my dockerfiles for Dalton. They use ubuntu as the base for installing and compiling Suricata containers.
Looks like I'm pioneering
debian:latestcontainers today.Trixie removed libpcre3 from the package list, so that means I have to acuire and compile pcre8.45 from sourceforge in order to compile successfully. Feels grody, but whatever.
@da_667 oh jeez, pcre is a build dependency for Suricata?
-
@da_667 oh jeez, pcre is a build dependency for Suricata?
@huronbikes technically no, but it is a dependency for hyperscan, which is a library that improves PCRE performance for Suricata greatly. And also, I think pcre is required for snort 2.9.x, which I am still required to support.
-
@huronbikes technically no, but it is a dependency for hyperscan, which is a library that improves PCRE performance for Suricata greatly. And also, I think pcre is required for snort 2.9.x, which I am still required to support.
@da_667 yowza.
-
@da_667 Sourceforge? Wear gloves.
-
@astraleureka @da_667 No idea but that's hilarious.
-
@astraleureka @da_667 No idea but that's hilarious.
-
-
@da_667 yowza.
@da_667 I don't know if it would be of interest to you but I am trying to set up a Suricata build docker container using Alpine.
-
@da_667 I don't know if it would be of interest to you but I am trying to set up a Suricata build docker container using Alpine.
@huronbikes interesting
-
@huronbikes interesting
@da_667 https://codeberg.org/huronbikes/suricata-docker/src/branch/main/build/Dockerfile
It's a start, so far it builds on my local machine. To be truly useful, I would need to figure out packaging the build artifacts and creating a target image to actually run Suricata.
-
@da_667 https://codeberg.org/huronbikes/suricata-docker/src/branch/main/build/Dockerfile
It's a start, so far it builds on my local machine. To be truly useful, I would need to figure out packaging the build artifacts and creating a target image to actually run Suricata.
@da_667 I'll have to do some work getting hyperscan going for that too. I did the initial cut on my m3 mac so I'll have to deal with processor-architecture specific things since hyperscan appears to be amd64 only.
-
@da_667 I'll have to do some work getting hyperscan going for that too. I did the initial cut on my m3 mac so I'll have to deal with processor-architecture specific things since hyperscan appears to be amd64 only.
@huronbikes you want to look into vectorscan. That's multi-arch.
-
R relay@relay.infosec.exchange shared this topic
