summaryrefslogtreecommitdiff
path: root/tools/sppc/build/ubuntu/suricata/Dockerfile.18.04
blob: 6ef7b73a40d3976c1ddbf908d141f39e6ef97e10 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
FROM yasufum/suricata-base:18.04

ARG rte_sdk
ARG rte_target
ARG home_dir
ARG dpdk_repo
ARG dpdk_branch
ARG suricata_repo
ARG suricata_branch
ARG suricata_dir

ENV http_proxy ${http_proxy}
ENV https_proxy $https_proxy
ENV no_proxy ${no_proxy}
ENV RTE_SDK ${rte_sdk}
ENV RTE_TARGET ${rte_target}
ENV INSTALL_SURICATA_SH install_suricata.sh
ENV PATH ${rte_sdk}/${rte_target}/app:${PATH}
ENV PATH ${home_dir}/${suricata_dir}/src:${PATH}
ENV DEBIAN_FRONTEND noninteractive

# NOTE: There two ways for compiling suricata with DPDK. One is using sources
# of tar ball, and another one is from github. If building suricata container
# image, second case is failed because `source-dpdk.c` is not excluding from
# Makefile for a reason I do not know why. However, you can compile it after
# launching the container, but you have to compile everytime you launch the
# container.
# Tow of cases labeled as `Case 1` and `Case 2` in sections below and this
# Dockerfile support both of compilation, and default is first one. If you
# use `Case 2`, you comment out `Case 1` and activate `Case 2` by yourself.

# NOTE: You can another case `Case 3`, but it does not work currently.

ENV SURICATA_SRCDIR suricata-4.1.4
ENV SURICATA_TGZ ${SURICATA_SRCDIR}.tar.gz
ENV SURICATA_DOWNLOAD https://www.openinfosecfoundation.org/download/${SURICATA_TGZ}

WORKDIR $home_dir
RUN git clone ${dpdk_branch} ${dpdk_repo}

# Compile DPDK
WORKDIR ${rte_sdk}
RUN make config T=${rte_target} O=${rte_target}
WORKDIR ${rte_sdk}/${rte_target}
RUN make -j 4

# NOTE: Case 1
#WORKDIR ${home_dir}
#RUN wget ${SURICATA_DOWNLOAD}
#RUN tar zxvf ${SURICATA_TGZ}
#WORKDIR ${home_dir}/${SURICATA_SRCDIR}
#RUN RTE_SDK=${rte_sdk} RTE_TARGET=${rte_target} autoconf
#RUN RTE_SDK=${rte_sdk} RTE_TARGET=${rte_target} sh configure --enable-dpdk
#RUN make -j 10
#ENV PATH ${SURICATA_SRCDIR}/src:${PATH}

# NOTE: Case 2
# Compiling suricata with Dockerfile is failed if clone suricata
# while building this image. So, do it after app container is launched.
# Create suricata install script.
WORKDIR ${home_dir}
RUN echo "#!/bin/bash" > ${home_dir}/${INSTALL_SURICATA_SH}
RUN echo "" >> ${home_dir}/${INSTALL_SURICATA_SH}
RUN echo "git clone ${suricata_repo}" >> ${home_dir}/${INSTALL_SURICATA_SH}
RUN echo "cd ${suricata_dir}" >> ${home_dir}/${INSTALL_SURICATA_SH}
RUN echo "autoconf" >> ${home_dir}/${INSTALL_SURICATA_SH}
RUN echo "./configure --enable-dpdk" >> ${home_dir}/${INSTALL_SURICATA_SH}
RUN echo "make -j 10" >> ${home_dir}/${INSTALL_SURICATA_SH}
RUN echo "make install" >> ${home_dir}/${INSTALL_SURICATA_SH}
RUN chmod 775 ${home_dir}/${INSTALL_SURICATA_SH}

# NOTE: Case 3 Compiling suricata with Dockerfile does not work
# Compile suricata
#RUN git clone ${suricata_branch} ${suricata_repo}
#WORKDIR ${home_dir}/${suricata_dir}
#RUN RTE_SDK=${rte_sdk} RTE_TARGET=${rte_target} autoconf
#RUN RTE_SDK=${rte_sdk} RTE_TARGET=${rte_target} sh configure --enable-dpdk
#RUN make -j 10

# Set working directory when container is launched
WORKDIR ${home_dir}
ADD env.sh ${home_dir}/env.sh
RUN echo "source ${home_dir}/env.sh" >> ${home_dir}/.bashrc