telekom-security/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-07-02 01:27:27 -04:00
Code Issues Packages Projects Releases Wiki Activity

update logrotating, cleanup.sh, add Suricata ET Pro support, tweaking

Browse Source
This commit is contained in:
Marco Ochse
2018-03-30 16:41:46 +00:00
parent 201aa85e68
commit df6e4dcd44
7 changed files with 74 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
docker/suricata/Dockerfile
View File

@ -1,13 +1,17 @@
FROM alpine
MAINTAINER MO
# Include dist
ADD dist/ /root/dist/
# Install packages
RUN apk -U upgrade && \
apk add bash ca-certificates file procps wget && \
apk -U add --repository https://dl-cdn.alpinelinux.org/alpine/edge/community \
apk add bash \
ca-certificates \
file \
libcap \
procps \
wget && \
apk -U add --repository http://dl-cdn.alpinelinux.org/alpine/edge/community \
suricata && \
# Setup user, groups and configs
@ -18,12 +22,12 @@ RUN apk -U upgrade && \
# Download the latest EmergingThreats ruleset, replace rulebase and enable all rules
cp /root/dist/update.sh /usr/bin/ && \
chmod u+x /usr/bin/update.sh && \
update.sh && \
chmod 755 /usr/bin/update.sh && \
update.sh OPEN && \
# Clean up
rm -rf /root/* && \
rm -rf /var/cache/apk/*
# Start suricata
CMD update.sh && suricata -v -F /etc/suricata/capture-filter.bpf -i $(/sbin/ip address | grep '^2: ' | awk '{ print $2 }' | tr -d [:punct:])
CMD update.sh $OINKCODE && suricata -v -F /etc/suricata/capture-filter.bpf -i $(/sbin/ip address | grep '^2: ' | awk '{ print $2 }' | tr -d [:punct:])