Thanasis Naskos / CUREX - Knowledge Extraction Analytics - KEA

Blame view

CEPTD/docker/suricata/Dockerfile 1.91 KB
edit raw normal view history
1af67b45b   Thanasis Naskos   Updating Suricata... 
1
 
  FROM alpine:3.12.0
0d8c0f816   Thanasis Naskos   initial commit 
2
3
4
5
6
7
8
9
10
11
 
  #
  # Include dist
  ADD dist/ /root/dist/
  #
  # Install packages
  RUN apk -U --no-cache add \
                   ca-certificates \
                   curl \
                   file \
                   libcap \
1af67b45b   Thanasis Naskos   Updating Suricata... 
12
13
14
15
16
17
18
19
20
 
                   libnet \
                   wget \
                   python3 \
                   python3-dev && \
                   if [ ! -e /usr/bin/python ]; then ln -sf python3 /usr/bin/python ; fi && \
                   python3 -m ensurepip && \
                   rm -r /usr/lib/python*/ensurepip && \
                   pip3 install --no-cache --upgrade pip setuptools wheel && \
                   if [ ! -e /usr/bin/pip ]; then ln -s pip3 /usr/bin/pip ; fi && \
0d8c0f816   Thanasis Naskos   initial commit 
21
22
 
  		 apk -U add --repository http://dl-cdn.alpinelinux.org/alpine/edge/community \
                   suricata && \
0d8c0f816   Thanasis Naskos   initial commit 
23
24
 
  #
  # Install python module
1af67b45b   Thanasis Naskos   Updating Suricata... 
25
 
      pip install sqlitedict && \
0d8c0f816   Thanasis Naskos   initial commit 
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
 
  #
  # Setup user, groups, configs and scripts
      addgroup -g 2000 suri && \
      adduser -S -H -u 2000 -D -g 2000 suri && \
      chmod 644 /etc/suricata/*.config && \
      cp /root/dist/suricata.yaml /etc/suricata/suricata.yaml && \
      cp /root/dist/*.bpf /etc/suricata/ && \
  	cp /root/dist/create_capec_db.py /usr/bin && \
  	cp /root/dist/process_suricata_log.py /usr/bin && \
      chmod 755 /usr/bin/create_capec_db.py && \  
      chmod 755 /usr/bin/process_suricata_log.py && \ 
      mkdir /opt/capec && \
      chmod a+rwx -R /opt/capec && \
  #
  # Download the latest EmergingThreats ruleset, replace rulebase and enable all rules
      cp /root/dist/setup-rules.sh /usr/bin/ && \
      chmod 755 /usr/bin/setup-rules.sh && \
      setup-rules.sh  && \
  #
  # Download the latest CAPEC, CWE, CVE and suricata rules mapping to create CAPEC db
      cp /root/dist/setup-capec.sh /usr/bin/ && \
      chmod 755 /usr/bin/setup-capec.sh && \
      setup-capec.sh  && \
  #
  # Clean up
      rm -rf /root/* && \
      rm -rf /tmp/* && \
      rm -rf /var/cache/apk/*
  
  COPY docker-entrypoint.sh /usr/local/bin
  ENTRYPOINT ["docker-entrypoint.sh"]