[MacPorts] #42858: [NEW] suricata 1.4.7
MacPorts
noreply at macports.org
Tue Mar 10 18:46:13 PDT 2015
#42858: [NEW] suricata 1.4.7
-------------------------+--------------------------------
Reporter: jul_bsd@… | Owner: macports-tickets@…
Type: submission | Status: new
Priority: Normal | Milestone:
Component: ports | Version: 2.2.1
Resolution: | Keywords:
Port: suricata |
-------------------------+--------------------------------
Comment (by mschamschula@…):
Replying to [comment:13 jul_bsd@…]:
> I merged your changes for 2.1.7 but
> - not sure you want rules files directly in etc, especially as from a
security point of view, you will not use default set but other like
EmergingThreats (that you can download w oinkmaster) and it includes them
> - the jansson header was already added in common.h but an update was
needed
> - strlcat/copy patch included by upstream and not needed anymore
> - destroot/install is fine
>
> but at configuration check, still have
>
> {{{
> # suricata -c /opt/local/etc/suricata/suricata.yaml -T 2>&1 |grep -v
Warning
> 10/3/2015 -- 19:37:19 - <Info> - Running suricata under test mode
> 10/3/2015 -- 19:37:19 - <Notice> - This is Suricata version 2.0.7
RELEASE
> 10/3/2015 -- 19:37:19 - <Error> - [ERRCODE: SC_ERR_MAGIC_LOAD(197)] -
magic_load failed: File 5.22 supports only version 12 magic files.
`/usr/share/file/magic.mgc' is version 7
> }}}
>
> which I referenced here
https://redmine.openinfosecfoundation.org/issues/1268
>
> did you met this issue? solved it?
>
> Thanks
As you noted, the changes here are not enough to get things working.
1) There currently is no oinkmaster port, so I downloaded it and put the
perl script into ~/bin
2) I manually edited a few more things:
Make sure that logging to file is enabled in
/opt/local/etc/suricata/suricata.yaml
{{{
- file:
enabled: yes
filename: /opt/local/var/log/suricata/suricata.log
}}}
also use MacPort's libmagic:
{{{
#magic-file: /opt/local/share/misc/magic
magic-file: /usr/share/file/magic
}}}
to
{{{
magic-file: /opt/local/share/misc/magic
#magic-file: /usr/share/file/magic
}}}
--
Ticket URL: <https://trac.macports.org/ticket/42858#comment:14>
MacPorts <https://www.macports.org/>
Ports system for OS X
More information about the macports-tickets
mailing list