Dockerfile 8.97 KB
Newer Older
Alija's avatar
Alija committed
1
2
FROM ubuntu:16.04

3
4
# Partially based on https://sublimerobots.com/2017/07/installing-snort-3-b237-in-ubuntu

5
ENV DOWNLOAD_DIR 	/home/temp
6
7
ENV SNORT_DIR_AUTO	snort_auto
ENV SNORT_DIR_CMAKE	snort_cmake
8
ENV SNORT_PRJ_DIR	snort_project_cdt
9
ENV SNORT_DIR		/opt/snort
10
ENV SNORT_VER		3.0.0-239
11
ENV SNORT_VER_M		3.0.0
12
13
ENV SNORT_EXTRA_VER	1.0.0-239
ENV DAQ_VER		2.2.2
14
15
16
ENV HWLOC_VER		1.11.8
ENV LUAJIT_VER		2.0.5
ENV SSL_VER		1.1.0g
17
18
ENV PCAP_VER		1.8.1
ENV PCRE_VER		8.41
19
20
ENV PKG_CONFIG_VER	0.29.2
ENV ZLIB_VER 		1.2.11
21
22
23
24
25
ENV LIBSAFEC_VER	10052013
ENV RAGEL_VER		6.10
ENV BOOST_VER		1.64.0
ENV BOOST_DIR		boost_1_64_0
ENV HYPERSCAN_VER	4.5.1
26
27
# ENV LIBDNET_GIT	https://github.com/dugsong/libdnet.git
ENV LIBDNET_GIT		https://github.com/jncornett/libdnet.git
28
29
ENV LUA_PATH		/opt/snort/include/snort/lua/\?.lua\;\;
ENV SNORT_LUA_PATH      /opt/snort/etc/snort
30
ENV JAVA_HOME 		/usr/lib/jvm/java-8-oracle
31
32
33

# Needed tools
RUN apt-get update && apt-get install -y \
34
    wget \
35
36
    cmake-curses-gui \
    gdb
37
38

# Snort Dependencies #######################################
39
RUN apt-get install linux-headers-$(uname -r) -y
40

41
42
43
44
45
46
47
48
49
50
51
# Prerequisites
RUN apt-get install -y \
    build-essential \
    autotools-dev \
    libpcap-dev

# DAQ Prerequisites
RUN apt-get install -y \
    bison \
    flex

52
53
54
55
# Hyperscan Prerequisities
RUN apt-get install -y \
    python

56
57
58
59
60
61
62
63
64
65
66
67
68
69
# for compiling source from github
RUN apt-get install -y \
    libtool \
    git \
    autoconf

# Recommended software (optional)
RUN apt-get install -y \
    liblzma-dev \
    cpputest \
    libsqlite3-dev \
    cmake

# Documentation
70
71
72
73
RUN apt-get install -y \
    asciidoc \
    dblatex \
    source-highlight
74
75
    

76
# Download packages need for snort
77
# git clone https://github.com/snortadmin/snort3.git && \
78
79
# wget -qO- https://github.com/snortadmin/snort3/archive/master.tar.gz | tar xvz && \
# wget -qO- https://github.com/Xiche/libdaq/archive/v$DAQ_VER.tar.gz | tar xvz && \
80
RUN mkdir -p $DOWNLOAD_DIR && cd $DOWNLOAD_DIR && mkdir $SNORT_DIR_AUTO && mkdir $SNORT_DIR_CMAKE && \
81
82
83
84
    wget -qO- http://downloads.sourceforge.net/project/safeclib/libsafec-10052013.tar.gz | tar xvz && \
    wget -qO- http://www.colm.net/files/ragel/ragel-$RAGEL_VER.tar.gz | tar xvz && \
    wget -qO- https://dl.bintray.com/boostorg/release/$BOOST_VER/source/$BOOST_DIR.tar.gz | tar xvz && \
    wget -qO- https://github.com/01org/hyperscan/archive/v$HYPERSCAN_VER.tar.gz | tar xvz && \
85
    cd $SNORT_DIR_AUTO && \
86
    wget -qO- https://www.snort.org/downloads/snortplus/snort-$SNORT_VER-auto.tar.gz | tar xvz && \
87
88
    wget -qO- https://www.snort.org/downloads/snortplus/snort_extra-$SNORT_EXTRA_VER-auto.tar.gz | tar xvz && cd .. && \
    cd $SNORT_DIR_CMAKE && \
89
    wget -qO- https://www.snort.org/downloads/snortplus/snort-$SNORT_VER-cmake.tar.gz | tar xvz && \
90
    wget -qO- https://www.snort.org/downloads/snortplus/snort_extra-$SNORT_EXTRA_VER-cmake.tar.gz | tar xvz && cd .. && \
91
    wget -qO- https://www.snort.org/downloads/snortplus/daq-$DAQ_VER.tar.gz | tar xvz && \
92
93
94
95
    git clone $LIBDNET_GIT && \
    wget -qO- https://www.open-mpi.org/software/hwloc/v1.11/downloads/hwloc-$HWLOC_VER.tar.gz | tar xvz && \
    wget -qO- http://luajit.org/download/LuaJIT-$LUAJIT_VER.tar.gz | tar xvz && \
    wget -qO- https://www.openssl.org/source/openssl-$SSL_VER.tar.gz | tar xvz && \
96
97
    wget -qO- http://www.tcpdump.org/release/libpcap-$PCAP_VER.tar.gz | tar xvz && \
    wget -qO- ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-$PCRE_VER.tar.gz | tar xvz && \
98
99
    wget -qO- https://pkg-config.freedesktop.org/releases/pkg-config-$PKG_CONFIG_VER.tar.gz | tar xvz && \
    wget -qO- www.zlib.net/zlib-$ZLIB_VER.tar.gz | tar xvz
100

101
102
103
# Zlib
WORKDIR $DOWNLOAD_DIR/zlib-$ZLIB_VER
RUN ./configure && make && make install
104
105
106
107
108
109
110
111
112
113
114
115
116

# Pkg Config
WORKDIR $DOWNLOAD_DIR/pkg-config-$PKG_CONFIG_VER
RUN ./configure --with-internal-glib && make && make install

# PCAP
WORKDIR $DOWNLOAD_DIR/libpcap-$PCAP_VER
RUN ./configure && make && make install

# PCRE
WORKDIR $DOWNLOAD_DIR/pcre-$PCRE_VER
RUN ./configure && make && make install

117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
# OpenSSL
WORKDIR $DOWNLOAD_DIR/openssl-$SSL_VER
RUN ./config && make && make install

# LuaJIT
WORKDIR $DOWNLOAD_DIR/LuaJIT-$LUAJIT_VER
RUN make && make install

# hwloc
WORKDIR $DOWNLOAD_DIR/hwloc-$HWLOC_VER
RUN ./configure && make && make install

# libdnet
WORKDIR $DOWNLOAD_DIR/libdnet
RUN ./configure && make && make install

133
134
135
136
137
138
139
140
141
142
143
144
145
146
# libsafec
WORKDIR $DOWNLOAD_DIR/libsafec-10052013
RUN ./configure && make && make install

# Ragel
WORKDIR $DOWNLOAD_DIR/ragel-$RAGEL_VER
RUN ./configure && make && make install

# Hyperscan
WORKDIR $DOWNLOAD_DIR
RUN mkdir hyperscan-$HYPERSCAN_VER-build && cd hyperscan-$HYPERSCAN_VER-build && \
    cmake -DCMAKE_INSTALL_PREFIX=/usr/local \
          -DBOOST_ROOT=$DOWNLOAD_DIR/$BOOST_DIR/ \
          ../hyperscan-$HYPERSCAN_VER && \
147
    make && make install && ./bin/unit-hyperscan
148
149
    

150
151
152
153
154
155
# netmap
#WORKDIR $DOWNLOAD_DIR
#RUN git clone https://github.com/luigirizzo/netmap.git && \
#    cd netmap && ./configure --no-drivers && make && make install

# DAQ
156
WORKDIR $DOWNLOAD_DIR/daq-$DAQ_VER
157
RUN ./configure && make && make install && ldconfig
158
159

# Snort 3
160
161
162
WORKDIR $DOWNLOAD_DIR/$SNORT_DIR_CMAKE/snort-$SNORT_VER_M-a4
#RUN autoreconf -isvf && ./configure_cmake.sh --prefix=$SNORT_DIR && cd build && make -j 8 install
RUN ./configure_cmake.sh --prefix=$SNORT_DIR && cd build && make -j 8 install
163
RUN ln -s /opt/snort/bin/snort /usr/sbin/snort
164
165
#RUN sh -c "echo 'export LUA_PATH=/opt/snort/include/snort/lua/\?.lua\;\;' >> ~/.bashrc"
#RUN sh -c "echo 'export SNORT_LUA_PATH=/opt/snort/etc/snort' >> ~/.bashrc
166

167
168
169
# Snort Eclipse CDT Project
WORKDIR $DOWNLOAD_DIR
RUN mkdir $SNORT_PRJ_DIR && cd $SNORT_PRJ_DIR && \
170
    cmake ../$SNORT_DIR_CMAKE/snort-$SNORT_VER_M-a4 -G"Eclipse CDT4 - Unix Makefiles"
171
172
173

# Install java
# add-apt-repository -y ppa:webupd8team/java && \
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
#RUN \
#  echo oracle-java8-installer shared/accepted-oracle-license-v1-1 select true | debconf-set-selections && \
#  echo "deb http://ppa.launchpad.net/webupd8team/java/ubuntu xenial main" > /etc/apt/sources.list.d/webupd8team-ubuntu-java-xenial.list && \
#  apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7B2C3B0889BF5709A105D03AC2518248EEA14886 && \
#  echo 'deb http://deb.debian.org/debian jessie-backports main' > /etc/apt/sources.list.d/jessie-backports.list && \
#  apt-get update && \
#  apt-get install -y oracle-java8-installer && \
#  rm -rf /var/lib/apt/lists/* && \
#  rm -rf /var/cache/oracle-jdk8-installer

#CMD ["/bin/bash"]
#RUN apt-get update && apt-get install -y --no-install-recommends   ca-certificates   curl   wget  && rm -rf /var/lib/apt/lists/* 
#RUN apt-get update && apt-get install -y --no-install-recommends   bzr   git   mercurial   openssh-client   subversion     procps  && rm -rf /var/lib/apt/lists/*
#RUN apt-get update && apt-get install -y --no-install-recommends   bzip2   unzip   xz-utils  && rm -rf /var/lib/apt/lists/*
#RUN echo 'deb http://deb.debian.org/debian jessie-backports main' > /etc/apt/sources.list.d/jessie-backports.list 
#ENV LANG=C.UTF-8
#RUN {   echo '#!/bin/sh';   echo 'set -e'; \
#        echo;   echo 'dirname "$(dirname "$(readlink -f "$(which javac || which java)")")"'; \
#     } > /usr/local/bin/docker-java-home  && \
#    chmod +x /usr/local/bin/docker-java-home
#ENV JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
#ENV JAVA_VERSION=8u111
#ENV JAVA_DEBIAN_VERSION=8u111-b14-2~bpo8+1
#ENV CA_CERTIFICATES_JAVA_VERSION=20140324
#RUN set -x  && apt-get update  && apt-get install -y \
#    openjdk-8-jdk="$JAVA_DEBIAN_VERSION" \
#    ca-certificates-java="$CA_CERTIFICATES_JAVA_VERSION"  && \
#    rm -rf /var/lib/apt/lists/*  && [ "$JAVA_HOME" = "$(docker-java-home)" ]
#RUN /var/lib/dpkg/info/ca-certificates-java.postinst configure

RUN apt-get update && \
    apt-get upgrade -y && \
    apt-get install -y  software-properties-common && \
    add-apt-repository ppa:webupd8team/java -y && \
    apt-get update && \
    echo oracle-java7-installer shared/accepted-oracle-license-v1-1 select true | /usr/bin/debconf-set-selections && \
    apt-get install -y oracle-java8-installer && \
    apt-get clean

RUN apt-get install dbus-x11 packagekit-gtk3-module libcanberra-gtk-module -y

# Replace 1000 with your user / group id
RUN export uid=1000 gid=1000 && \
    mkdir -p /home/developer && \
    echo "developer:x:${uid}:${gid}:Developer,,,:/home/developer:/bin/bash" >> /etc/passwd && \
    echo "developer:x:${uid}:" >> /etc/group && \
    mkdir -p /etc/sudoers.d && \	
    echo "developer ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/developer && \
    chmod 0440 /etc/sudoers.d/developer && \
    chown ${uid}:${gid} -R /home/developer

RUN apt-get install libcanberra-gtk-module libcanberra-gtk3-module -y
226
227
228
229
230
231

# Eclipse CDT
WORKDIR $DOWNLOAD_DIR
RUN wget -qO- http://eclipse.mirror.rafal.ca/technology/epp/downloads/release/oxygen/R/eclipse-cpp-oxygen-R-linux-gtk-x86_64.tar.gz | tar xvz && \
    mv eclipse /opt/

232
233
234
RUN chmod 777 /home/developer
RUN chown -R developer:developer /home/temp/$SNORT_PRJ_DIR
RUN chmod 777 /home/temp
235

236
237
238
239
USER developer
CMD ["/opt/eclipse/eclipse"]
#WORKDIR /home/$DOWNLOAD_DIR
# CMD ["/bin/bash"]
240
241
# RUN apt-get install -y nautilus
# CMD ["nautilus"]
242