Suricata not recognising packets, but tshark does

ish · June 12, 2020, 9:48pm

Thanks. I got 5.0.3 installed. For completeness, here is what I did:

Added:

deb http://httpredir.debian.org/debian buster-backports main contrib

to /etc/apt/sources.list.

I then had to do:

gpg --recv-keys 04EE7237B7D453EC
gpg --recv-keys 648ACFD622F3D138

gpg --export 04EE7237B7D453EC | sudo apt-key add -
gpg --export 648ACFD622F3D138 | sudo apt-key add -

Then manually download and install libbpf:

curl -OL http://security.debian.org/debian-security/pool/updates/main/l/linux/libbpf4.19_4.19.118-2+deb10u1_armhf.deb
dpkg -i libbpf4.19_4.19.118-2+deb10u1_armhf.deb

Now Suricata successfully installed:

apt -t buster-backports suricata

Topic		Replies	Views
Suricata not logging incoming packets Help	7	1129	December 29, 2020
Http traffic is not detected after updating to Suricata 7 Help	17	352	February 13, 2024
Testing ping alert rule Rules suricata	5	3193	July 27, 2022
I can only see the first alert of a rule Help	2	1674	December 15, 2020
Weird result when comparing Suricata detections with snort (using same traffic) - what am I missing? Help	4	776	December 13, 2021

Suricata not recognising packets, but tshark does

Related Topics