Suricata 6.0.6 fails to compile with pf_ring 8

Well you are obviously able to get external sources to your system, NTOP
provides RPMs you can download as well, then install locally instead of
using the system package manager.

That said, how exactly do you perform security updates to this system if
you don’t have external access? It is a hugely bad idea to run Suricata
or any other IDS on systems that are not regularly patched.

I don’t know if it was my environment or what, but I used the package manager on the corresponding virtual machine with the Internet to follow the documentation, and there were other issues, such as version dependencies between packages, and I couldn’t find the required packages on Google, which seemed like more problems were being introduced to solve one problem.

There are absolutely no problems with Suricata 6.0.8 and PF_RING 8 - if
you are still encountering issues, sounds like your system is not
properly configured or doesn’t have the all the requirements installed,
which should be automatic when using the package manager.

I suggest moving on to something else in this case since you don’t seem
to have the accesses a normal and secure operating system would have.

Looks like, at least with gcc-12 on Ubuntu 22.0 4LTS, the std=c11 option on the suricata autoconf file is what is causing the compilation errors. Otherwise it doesn’t seem to be picking up the u_char defs from sys/types.


I just began to experience this on a fresh install, the solution is
adding CFLAGS=“-D_GNU_SOURCE” at the end of the configure command

Thanks to Lucas Sismis for the tip found on this page


Thank you very much.
Finally, it should be the operating system problem, because it is an offline environment, many package configurations should also have problems, and finally changed back to the familiar 7.8 system.