Blame view
CEPTD/docker/suricata/Dockerfile
1.56 KB
0d8c0f816
initial commit
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 |
FROM alpine:latest
#
# Include dist
ADD dist/ /root/dist/
#
# Install packages
RUN apk -U --no-cache add \
ca-certificates \
curl \
file \
libcap \
python3 \
python3-dev \
wget && \
apk -U add --repository http://dl-cdn.alpinelinux.org/alpine/edge/community \
suricata && \
pip3 install --no-cache-dir --upgrade pip && \
#
# Install python module
pip3 install sqlitedict && \
#
# Setup user, groups, configs and scripts
addgroup -g 2000 suri && \
adduser -S -H -u 2000 -D -g 2000 suri && \
chmod 644 /etc/suricata/*.config && \
cp /root/dist/suricata.yaml /etc/suricata/suricata.yaml && \
cp /root/dist/*.bpf /etc/suricata/ && \
cp /root/dist/create_capec_db.py /usr/bin && \
cp /root/dist/process_suricata_log.py /usr/bin && \
chmod 755 /usr/bin/create_capec_db.py && \
chmod 755 /usr/bin/process_suricata_log.py && \
mkdir /opt/capec && \
chmod a+rwx -R /opt/capec && \
#
# Download the latest EmergingThreats ruleset, replace rulebase and enable all rules
cp /root/dist/setup-rules.sh /usr/bin/ && \
chmod 755 /usr/bin/setup-rules.sh && \
setup-rules.sh && \
#
# Download the latest CAPEC, CWE, CVE and suricata rules mapping to create CAPEC db
cp /root/dist/setup-capec.sh /usr/bin/ && \
chmod 755 /usr/bin/setup-capec.sh && \
setup-capec.sh && \
#
# Clean up
rm -rf /root/* && \
rm -rf /tmp/* && \
rm -rf /var/cache/apk/*
COPY docker-entrypoint.sh /usr/local/bin
ENTRYPOINT ["docker-entrypoint.sh"]
|