Suricata IDS on OpenBSD 4.8

Suricata is a new open-source intrusion detection product from Open InfoSec Foundation, much like and mostly compatible with well-known Snort. Suricata is still in beta and it didn't compile cleanly on OpenBSD. Now it does.

The attached patch is for Suricata 1.1beta1 (download source). I've used the following configuration options:

CFLAGS="-I/usr/local/include" LDFLAGS="-L/usr/local/lib" ./configure --sysconfdir=/etc --enable-gccprotect

On my OpenBSD 4.8 it compiles and runs cleanly. You will need some additional packages (pkg_add) - here's my list. I guess autoconf, yaml, net and pcre were needed for compilation. You also want snort for basic rules.

autoconf-2.62p0 automatically configure source code on many Un*x platforms
gettext-0.18.1 GNU gettext
help2man-1.29p0 GNU help2man
libiconv-1.13p1 character set conversion library
libnet- raw IP packet construction library
libyaml-0.1.2 YAML 1.1 parser and emitter written in C
metaauto-0.9 wrapper for gnu auto*
pcre-8.02p1 perl-compatible regular expression library
snort-2.8.6 highly flexible sniffer/NIDS
vim-7.2.444-no_x11 vi clone, many additional features

suricata-openbsd.diff4.83 KB