The purpose of this document is to build Suricata on Windows for the purpose of development and CI. It does not cover installing or running Suricata on Windows.
Install msys2-x86_64.
Download the Npcap Windows installer and install it.
Then download the SDK zip file and extract to C:\npcap.
From the Windows start menu, launch "MSYS2 MinGW 64-bit".
pacman -Sy \
automake \
autoconf \
gcc \
git \
jansson-devel \
libtool \
libyaml-devel \
make \
mingw-w64-x86_64-rust \
mingw-w64-x86_64-pcre \
mingw-w64-x86_64-jansson \
mingw-w64-x86_64-libyaml \
mingw-w64-x86_64-nss \
mingw-w64-x86_64-nspr \
pcre-devel \
pkg-config \
python3
cargo install --root /usr --force cbindgen
If you wish to run Suricata-Verify:
pacman -Sy python3-pip mingw-w64-x86_64-jq
pip3 install PyYAML
git clone https://github.com/OISF/suricata
git clone https://github.com/OISF/libhtp suricata/libhtp
cd suricata
./autogen.sh
./configure --enable-gccprotect \
--with-libpcap-libraries=/c/npcap/Lib/x64 \
--with-libpcap-includes=/c/npcap/Include \
--enable-gccprotect
To run Suricata-Verify on Windows you should use the MSYS2 Python, and not the mingw version of Python. Example:
/usr/bin/python3 /path/to/suricata-verify/run.py
There are issues with Python mingw-w64-x86_64-python3, it doesn’t appear to work as well in the unix-like environment of MSYS2.
TODO
- How do you specify an interface in Windows, etc...
lost one step:
should copy c:\program files\system32\npcap\wpcap.dll to /mingw64/bin/