Windows build instructions

Developers
1

Hello, guys

I’m aware on building windows suricata binary from source. Is there actual instructions on it? Seems that doc\INSTALL.WINDOWS is outdated (broken links, e.t.c).

I want to integrate suricata client with my server, that uses custom log transfer protocol. But initially I have problem with building it in Windows 10 environment (both cygwin and mingw). Is there any “Best practice” on building it (windows versions, cygwin\mingw versions, e.t.c)?

Thanks for the answers!

2

Not a full guide, but this is how we build in github-ci on msys/mingw:

1 Like
3

Can you also please try/confirm the build instructions from here - Eve.json windows timestamp field has "Eastern Daylight Time" appended to timestamp - #8 by pevma ?

1 Like
4

Thank you, guys!

I was inspired your both answers to write script of build automation for Windows (semi-automation, but who cares). So it satisfied my purposes.

Aware of PowerShell syntax:

msys2_shell.cmd -defterm -no-start -here -mingw64 -c "yes | pacman -Syuu"

msys2_shell.cmd -defterm -no-start -here -mingw64 -c $(@"
yes | pacman -S --noconfirm --needed base-devel \
mingw-w64-x86_64-toolchain subversion
"@ -replace "\\`n"," ")

msys2_shell.cmd -defterm -no-start -mingw64 -here -c $(@"
yes | pacman -S --noconfirm \
mingw64/mingw-w64-x86_64-libtool mingw64/mingw-w64-x86_64-pcre \
mingw64/mingw-w64-x86_64-lua mingw64/mingw-w64-x86_64-geoip \
mingw64/mingw-w64-x86_64-luajit-git wget jansson  jansson-devel libpcre pcre \
pcre-devel gcc  gcc-libs  make autoconf autogen automake git libyaml \
libyaml-devel zlib zlib-devel pkg-config mingw64/mingw-w64-x86_64-nspr \
mingw64/mingw-w64-x86_64-nss mingw64/mingw-w64-x86_64-rust \
mingw64/mingw-w64-x86_64-python3-yaml mingw64/mingw-w64-x86_64-jansson \
msys/jansson-devel msys/jansson mingw-w64-x86_64-toolchain automake1.16 \
automake-wrapper autoconf libtool libyaml-devel pcre-devel jansson-devel \
make mingw-w64-x86_64-libyaml mingw-w64-x86_64-pcre mingw-w64-x86_64-rust \
mingw-w64-x86_64-jansson unzip p7zip python-setuptools mingw-w64-x86_64-python-yaml \
mingw-w64-x86_64-jq mingw-w64-x86_64-libxml2
"@ -replace "\\`n"," ")

msys2_shell.cmd -defterm -no-start -mingw64 -here -c $(@"
mkdir /npcap-sdk \
&& curl -O https://nmap.org/npcap/dist/npcap-sdk-1.07.zip \
&& unzip npcap-sdk-1.07.zip -d /npcap-sdk
"@ -replace "\\`n"," ")

msys2_shell.cmd -defterm -no-start -mingw64 -here -c  $(@"
git clone -b suricata-6.0.2 https://github.com/OISF/suricata.git \
&& cd suricata \
&& git clone https://github.com/OISF/libhtp.git -b 0.5.x
"@ -replace "\\`n"," ")

msys2_shell.cmd -defterm -no-start -mingw64 -here -c  $(@"
cd suricata \
&& cargo install cbindgen
"@ -replace "\\`n"," ")

msys2_shell.cmd -defterm -no-start -mingw64 -here -c  $(@"
curl -s -O https://nmap.org/npcap/dist/npcap-1.00.exe \
&& 7z -y x -o/npcap-bin npcap-1.00.exe && cp /npcap-bin/*.dll ./suricata
"@ -replace "\\`n"," ")

msys2_shell.cmd -defterm -no-start -mingw64 -here -c  $(@"
cd suricata \
&& export PATH=`$PATH:/c/Users/$env:USERNAME/.cargo/bin \
&& ./autogen.sh \
&& ./configure \
--with-libpcap-includes=/npcap-sdk/Include/ --with-libpcap-libraries=/npcap-sdk/Lib/x64/ \
--with-libnss-libraries=/mingw64/lib/ --with-libnss-includes=/mingw64/include/nss3/ \
--with-libnspr-libraries=/mingw64/lib/ --with-libnspr-includes=/mingw64/include/nspr/ \
--enable-lua --disable-gccmarch-native --enable-gccprotect \
&& make clean \
&& make -j 2
"@ -replace "\\`n"," ")

msys2_shell.cmd -defterm -no-start -mingw64 -here -c  $(@"
mkdir -p /c/Program\ files/Suricata/{log,rules} \
&& cd suricata \
&& cp ./src/.libs/suricata.exe /c/Program\ files/Suricata \
&& cp ./suricata.yaml /c/Program\ files/Suricata \
&& cp ./rules/*.rules /c/Program\ files/Suricata/rules \
&& cp ./threshold.config /c/Program\ files/Suricata \
&& cp /c/msys64/mingw64/bin/{libGeoIP-1.dll,libssp-0.dll,libjansson-4.dll,libwinpthread-1.dll,\
liblzma-5.dll,libyaml-0-2.dll,libnspr4.dll,lua54.dll,libpcre-1.dll,nss3.dll,libplc4.dll,\
nssutil3.dll,libplds4.dll,zlib1.dll} /c/Program\ files/Suricata
"@ -replace "\\`n","")

The link to the whole script: https://github.com/unuaunco/suricata-win-build/blob/main/Build-SuricataSources.ps1

It was tested on clean Azure Windows 10 Pro v20H2 (OS Build 19042.1052) image.

5

Thank you very much for sharing the script!

1 Like