| 
									
										
										
										
											2020-02-14 15:28:06 +00:00
										 |  |  | FROM alpine:latest | 
					
						
							| 
									
										
										
										
											2019-06-07 13:00:20 +00:00
										 |  |  | # | 
					
						
							| 
									
										
										
										
											2017-10-13 18:58:14 +00:00
										 |  |  | # Include dist | 
					
						
							|  |  |  | ADD dist/ /root/dist/ | 
					
						
							| 
									
										
										
										
											2019-06-07 13:00:20 +00:00
										 |  |  | # | 
					
						
							| 
									
										
										
										
											2017-10-13 18:58:14 +00:00
										 |  |  | # Install packages | 
					
						
							| 
									
										
										
										
											2020-02-14 15:28:06 +00:00
										 |  |  | RUN apk -U --no-cache add \ | 
					
						
							| 
									
										
										
										
											2018-05-23 13:02:19 +00:00
										 |  |  |                  ca-certificates \ | 
					
						
							|  |  |  |                  curl \ | 
					
						
							|  |  |  |                  file \ | 
					
						
							| 
									
										
										
										
											2020-02-14 15:28:06 +00:00
										 |  |  |                  libcap \ | 
					
						
							|  |  |  |                  wget && \ | 
					
						
							|  |  |  |     apk -U add --repository http://dl-cdn.alpinelinux.org/alpine/edge/community \ | 
					
						
							|  |  |  |                  suricata && \ | 
					
						
							| 
									
										
										
										
											2019-06-07 13:00:20 +00:00
										 |  |  | # | 
					
						
							| 
									
										
										
										
											2017-10-13 18:58:14 +00:00
										 |  |  | # Setup user, groups and configs | 
					
						
							|  |  |  |     addgroup -g 2000 suri && \ | 
					
						
							|  |  |  |     adduser -S -H -u 2000 -D -g 2000 suri && \ | 
					
						
							| 
									
										
										
										
											2019-03-26 16:26:47 +00:00
										 |  |  |     chmod 644 /etc/suricata/*.config && \ | 
					
						
							| 
									
										
										
										
											2018-05-23 13:02:19 +00:00
										 |  |  |     cp /root/dist/suricata.yaml /etc/suricata/suricata.yaml && \ | 
					
						
							|  |  |  |     cp /root/dist/*.bpf /etc/suricata/ && \ | 
					
						
							| 
									
										
										
										
											2019-06-07 13:00:20 +00:00
										 |  |  | # | 
					
						
							| 
									
										
										
										
											2017-10-13 18:58:14 +00:00
										 |  |  | # Download the latest EmergingThreats ruleset, replace rulebase and enable all rules | 
					
						
							|  |  |  |     cp /root/dist/update.sh /usr/bin/ && \ | 
					
						
							| 
									
										
										
										
											2018-03-30 16:41:46 +00:00
										 |  |  |     chmod 755 /usr/bin/update.sh && \ | 
					
						
							|  |  |  |     update.sh OPEN && \ | 
					
						
							| 
									
										
										
										
											2019-06-07 13:00:20 +00:00
										 |  |  | # | 
					
						
							| 
									
										
										
										
											2017-10-13 18:58:14 +00:00
										 |  |  | # Clean up | 
					
						
							|  |  |  |     rm -rf /root/* && \ | 
					
						
							| 
									
										
										
										
											2019-10-22 15:20:23 +00:00
										 |  |  |     rm -rf /tmp/* && \ | 
					
						
							| 
									
										
										
										
											2017-10-13 18:58:14 +00:00
										 |  |  |     rm -rf /var/cache/apk/* | 
					
						
							| 
									
										
										
										
											2019-06-07 13:00:20 +00:00
										 |  |  | # | 
					
						
							| 
									
										
										
										
											2017-10-13 18:58:14 +00:00
										 |  |  | # Start suricata | 
					
						
							| 
									
										
										
										
											2018-09-11 12:19:26 +00:00
										 |  |  | STOPSIGNAL SIGINT | 
					
						
							| 
									
										
										
										
											2018-05-23 13:02:19 +00:00
										 |  |  | CMD SURICATA_CAPTURE_FILTER=$(update.sh $OINKCODE) && exec suricata -v -F $SURICATA_CAPTURE_FILTER -i $(/sbin/ip address | grep '^2: ' | awk '{ print $2 }' | tr -d [:punct:]) |