From b02aa61b2d364dc83a0880019808c25d64101020 Mon Sep 17 00:00:00 2001
From: Steven Foerster <steven@cyber5k.com>
Date: Mon, 15 Feb 2021 07:35:27 -0500
Subject: [PATCH] suricata script

---
 scripts/subinstallers/platform.sh |  3 +++
 scripts/subinstallers/suricata.sh | 34 +++++++++++++++++++++++++++++++
 2 files changed, 37 insertions(+)
 create mode 100644 scripts/subinstallers/suricata.sh

diff --git a/scripts/subinstallers/platform.sh b/scripts/subinstallers/platform.sh
index a619a95..a62dc88 100755
--- a/scripts/subinstallers/platform.sh
+++ b/scripts/subinstallers/platform.sh
@@ -5,13 +5,16 @@
 UNAME=$(uname | tr "[:upper:]" "[:lower:]")
 DISTRO=""
 VERSION_ID=""
+VERSION_CODENAME=""
 # If Linux, try to determine specific distribution
 if [ "$UNAME" == "linux" ]; then
     # use /etc/os-release to get distro 
     DISTRO=$(cat /etc/os-release | awk -F= '/^ID=/{print $2}')
     VERSION_ID=$(cat /etc/os-release | awk -F= '/^VERSION_ID=/{print $2}' | tr -d '"')
+    VERSION_CODENAME=$(cat /etc/os-release | awk -F= '/^VERSION_CODENAME=/{print $2}' | tr -d '"')
 fi
 
 figlet "UNAME: $UNAME"
 figlet "DISTRO: $DISTRO"
 figlet "VERSION: $VERSION_ID"
+figlet "CODENAME: $VERSION_CODENAME"
diff --git a/scripts/subinstallers/suricata.sh b/scripts/subinstallers/suricata.sh
new file mode 100644
index 0000000..aee8f64
--- /dev/null
+++ b/scripts/subinstallers/suricata.sh
@@ -0,0 +1,34 @@
+#!/bin/bash
+
+# minimal dependencies
+sudo -E apt-get install libpcre3 libpcre3-dbg libpcre3-dev build-essential libpcap-dev   \
+                libyaml-0-2 libyaml-dev pkg-config zlib1g zlib1g-dev \
+                make libmagic-dev libjansson libjansson-dev
+
+## recommended dependencies
+#sudo -E apt-get install libpcre3 libpcre3-dbg libpcre3-dev build-essential libpcap-dev   \
+#                libnet1-dev libyaml-0-2 libyaml-dev pkg-config zlib1g zlib1g-dev \
+#                libcap-ng-dev libcap-ng0 make libmagic-dev         \
+#                libgeoip-dev liblua5.1-dev libhiredis-dev libevent-dev \
+#                python-yaml rustc cargo
+
+# iptables/nftables integration
+sudo -E apt-get install libnetfilter-queue-dev libnetfilter-queue1  \
+                libnetfilter-log-dev libnetfilter-log1      \
+                libnfnetlink-dev libnfnetlink0
+
+
+if [ "$DISTRO" == "ubuntu" ]; then
+    echo "Installing Suricata Ubuntu PPA"
+    sudo -E add-apt-repository ppa:oisf/suricata-stable
+    sudo -E apt-get update
+    sudo -E apt-get install suricata
+elif [ "$DISTRO" == "debian" ]; then
+    echo "deb http://http.debian.net/debian $VERSION_CODENAME-backports main" | \
+        sudo -E tee -a /etc/apt/sources.list.d/backports.list
+    sudo -E apt-get update
+    sudo -E apt-get install suricata -t ${VERSION_CODENAME}-backports
+else
+    echo "Basic Suricata installation"
+    sudo -E apt-get install suricata
+fi