Suricata broken link

[thiago-tud]

Installation fails:

Run 'make install-conf' if you want to install initial configuration files. Or 'make install-full' to install configuration and rules
make[2]: Leaving directory '/tmp/suricata'
make[1]: Leaving directory '/tmp/suricata'
install -d "/opt/suricata/etc/suricata/"
install -d "/var/log/suricata/files"
install -d "/var/log/suricata/certs"
install -d "/var/run/"
install -m 770 -d "/var/run/suricata"
install -d "/opt/suricata/etc/suricata/rules"
/usr/bin/wget -qO - http://rules.emergingthreats.net/open/suricata-2.0/emerging.rules.tar.gz | tar -x -z -C "/opt/suricata/etc/suricata/" -f -

gzip: stdin: not in gzip format
tar: Child returned status 1
tar: Error is not recoverable: exiting now
Makefile:888: recipe for target 'install-rules' failed
make: *** [install-rules] Error 2

[bbkarabulut]

I am having the same problem. Does anyone know the solution?

[ridart44]

i also got this problem. Has anyone fixed the problem?

[Kiwawa]

This "bug" is actually due to that MHN uses a fork of Suricata that is getting rather old. (https://github.com/threatstream/suricata) The fork have the Emerging Threats OPEN Ruleset version 2.0 hard coded in Makefile.am,. The Emerging Threats OPEN Ruleset have of today risen to version 5.0.0.

To fix this (without knowing if the rulesets are compatible, just fixing the script), add a SED replace in the deploy.sh script between line 72 and 73 (in my deploy.sh anyway, it's after using git to fetch threatstreams fork and then cd ./suricata):

sed -i 's/-2.0/-5.0.0/g' Makefile.am

Then run the ./deploy.sh script again, with the same options.

[bbkarabulut]

https://alibaba-cloud.medium.com/how-to-install-suricata-ids-on-ubuntu-16-04-b6dcca70472c

I have installed externally from here.