Apr 172011
Suricata 1.1beta2 has brought OpenBSD to the list of supported operating system. I’m a total newbie to OpenBSD so excuse me for the lack of respect of OpenBSD standards and usages in this documentation. Here’s the different step, I’ve used to finalize the port starting from a fresh install of OpenBSD. If you want to use source taken from git, you will need to install building tools:
pkg_add git libtool
automake and autoconf need to be installed to. For a OpenBSD 4.8, one can run:
pkg_add autoconf-2.61p3 automake-1.10.3
For a OpenBSD 5.[01], one can run:
pkg_add autoconf-2.61p3 automake-1.10.3p3
For OpenBDS 5.2:
pkg_add autoconf-2.61p3 automake-1.10.3p6
Autoconf 2.61 is know to work, some other versions triggers a compilation failure. Then you can simply clone the repository and run autogen:
git clone git://phalanx.openinfosecfoundation.org/oisf.git
cd oisf
Before running configure, you need to add the dependencies:
pkg_add gcc pcre libyaml libmagic libnet-
Now, we’re almost done and we can run configure:
CPPFLAGS="-I/usr/local/include" CFLAGS="-L/usr/local/lib" ./configure --prefix=/opt/suricata
You can now run make and make install to build and install suricata.

  4 Responses to “Building Suricata under OpenBSD”

  1. I think it should be quite easy to add this to the ports system. There is a article of that in french linux magazine of last month, and it didn’t seems much harder than a .deb or a .rpm ( in fact, based on my experience, ports/emerge is simpler than rpm or deb ).

  2. Hi Michael 😉

    Hmm could be funny, I will give a look.

  3. Hi, great write up. Could I recommend you add pkg_add libmagic to the installation pre-requisites.

    BTW I have this working (not fully tested) on OpenBSD 5.8 w/ autoconf 2.69 and automake 1.15


  4. Oh crap you did… I have an old version of the instructions from the Suricata source package download.

    Nothing to see hear, move along.

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>