ghcr.io/idaholab/malcolm/suricata:26.06.0 linux/amd64

ghcr.io/idaholab/malcolm/suricata:26.06.0 - 国内下载镜像源 浏览次数:9

ghcr.io/idaholab/malcolm/suricata是Malcolm网络流量分析工具集中的Suricata组件镜像。Suricata是一款开源的入侵检测系统(IDS)、入侵防御系统(IPS)及网络安全监控工具,该镜像用于在Malcolm生态中实现网络流量的实时检测、威胁识别与日志生成,支持规则匹配等功能,助力用户进行网络安全监控与威胁分析。

源镜像 ghcr.io/idaholab/malcolm/suricata:26.06.0
国内镜像 swr.cn-north-4.myhuaweicloud.com/ddn-k8s/ghcr.io/idaholab/malcolm/suricata:26.06.0
镜像ID sha256:cedd38cddd97a608dee9c3f139817b29ab26f6527a0a4f604e53771830f146e2
镜像TAG 26.06.0
大小 379.84MB
镜像源 ghcr.io
CMD /usr/local/bin/supervisord -c /etc/supervisord.conf -n
启动入口 /usr/bin/tini -- /usr/local/bin/docker-uid-gid-setup.sh /usr/local/bin/service_check_passthrough.sh -s suricata /usr/local/bin/docker_entrypoint.sh
工作目录 /var/run/suricata
OS/平台 linux/amd64
浏览量 9 次
贡献者
镜像创建 2026-05-27T22:04:25.184271419Z
同步时间 2026-06-13 18:01
目录挂载
/etc/suricata /opt/suricata/include-configs /opt/suricata/rules /var/lib/suricata /var/log/suricata /var/run/suricata
环境变量
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin DEBIAN_FRONTEND=noninteractive TERM=xterm PYTHONDONTWRITEBYTECODE=1 PYTHONUNBUFFERED=1 DEFAULT_UID=1000 DEFAULT_GID=1000 PUSER=suricata PGROUP=suricata PUSER_PRIV_DROP=false PUSER_RLIMIT_UNLOCK=true SUPERCRONIC_VERSION=0.2.46 SUPERCRONIC_URL=https://github.com/aptible/supercronic/releases/download/v0.2.46/supercronic-linux- SUPERCRONIC_CRONTAB=/etc/crontab YQ_VERSION=4.53.2 YQ_URL=https://github.com/mikefarah/yq/releases/download/v4.53.2/yq_linux_ SURICATA_VERSION_PATTERN=1:8.0.* SURICATA_CONFIG_DIR=/etc/suricata SURICATA_CONFIG_FILE=/etc/suricata/suricata.yaml SURICATA_CUSTOM_RULES_DIR=/opt/suricata/rules SURICATA_DEFAULT_RULES_DIR=/opt/suricata/rules-default SURICATA_CUSTOM_CONFIG_DIR=/opt/suricata/include-configs SURICATA_LOG_DIR=/var/log/suricata SURICATA_MANAGED_DIR=/var/lib/suricata SURICATA_MANAGED_RULES_DIR=/var/lib/suricata/rules SURICATA_RUN_DIR=/var/run/suricata SURICATA_UPDATE_CONFIG_FILE=/etc/suricata/update.yaml SURICATA_UPDATE_DIR=/var/lib/suricata/update SURICATA_UPDATE_SOURCES_DIR=/var/lib/suricata/update/sources SURICATA_UPDATE_CACHE_DIR=/var/lib/suricata/update/cache PCAP_PIPELINE_VERBOSITY= PCAP_MONITOR_HOST=pcap-monitor AUTO_TAG=true SURICATA_PCAP_PROCESSOR=true SURICATA_CRON=true SURICATA_AUTO_ANALYZE_PCAP_FILES=false SURICATA_AUTO_ANALYZE_PCAP_PROCESSES=1 SURICATA_AUTO_ANALYZE_PCAP_THREADS=0 SURICATA_CUSTOM_RULES_ONLY=false SURICATA_DISABLE_SIDS= SURICATA_UPDATE_RULES=false SURICATA_UPDATE_DEBUG=false SURICATA_UPDATE_ETOPEN=true SURICATA_LIVE_CAPTURE=false SURICATA_ROTATED_PCAP=false PCAP_IFACE=lo PCAP_IFACE_TWEAK=false PCAP_FILTER= PCAP_NODE_NAME=malcolm PCAP_PROCESSED_DIRECTORY=/data/pcap/processed PUSER_CHOWN=/etc/suricata;/opt/suricata/rules;/opt/suricata/include-configs;/var/log/suricata;/var/lib/suricata;/var/run/suricata;/etc/supervisor.d BUILD_DATE=2026-05-27T22:03:21Z MALCOLM_VERSION=26.06.0 VCS_REVISION=381a66a
镜像标签
malcolm@inl.gov: maintainer malcolm@inl.gov: org.opencontainers.image.authors 2026-05-27T22:03:21Z: org.opencontainers.image.created Malcolm container providing Suricata: org.opencontainers.image.description https://github.com/idaholab/Malcolm/blob/main/README.md: org.opencontainers.image.documentation 381a66a: org.opencontainers.image.revision https://github.com/idaholab/Malcolm: org.opencontainers.image.source ghcr.io/idaholab/malcolm/suricata: org.opencontainers.image.title https://github.com/idaholab/Malcolm: org.opencontainers.image.url Idaho National Laboratory: org.opencontainers.image.vendor 26.06.0: org.opencontainers.image.version
镜像安全扫描 查看Trivy扫描报告

系统OS: debian 13.5 扫描引擎: Trivy 扫描时间: 2026-06-13 18:01

低危漏洞:162 中危漏洞:149 高危漏洞:62 严重漏洞:12
ghcr.io/idaholab/malcolm/suricata:26.06.0 (debian 13.5) (debian) Python (python-pkg) usr/bin/yq (gobinary) usr/local/bin/supercronic (gobinary)
无权限下载?点我修复 生成Docker Run命令 生成Kubernetes YAML资源

Docker拉取命令 

docker pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/ghcr.io/idaholab/malcolm/suricata:26.06.0
docker tag  swr.cn-north-4.myhuaweicloud.com/ddn-k8s/ghcr.io/idaholab/malcolm/suricata:26.06.0  ghcr.io/idaholab/malcolm/suricata:26.06.0

Containerd拉取命令 

ctr images pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/ghcr.io/idaholab/malcolm/suricata:26.06.0
ctr images tag  swr.cn-north-4.myhuaweicloud.com/ddn-k8s/ghcr.io/idaholab/malcolm/suricata:26.06.0  ghcr.io/idaholab/malcolm/suricata:26.06.0

Shell快速替换命令 

sed -i 's#ghcr.io/idaholab/malcolm/suricata:26.06.0#swr.cn-north-4.myhuaweicloud.com/ddn-k8s/ghcr.io/idaholab/malcolm/suricata:26.06.0#' deployment.yaml

Ansible快速分发-Docker 

#ansible k8s -m shell -a 'docker pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/ghcr.io/idaholab/malcolm/suricata:26.06.0 && docker tag  swr.cn-north-4.myhuaweicloud.com/ddn-k8s/ghcr.io/idaholab/malcolm/suricata:26.06.0  ghcr.io/idaholab/malcolm/suricata:26.06.0'

Ansible快速分发-Containerd 

#ansible k8s -m shell -a 'ctr images pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/ghcr.io/idaholab/malcolm/suricata:26.06.0 && ctr images tag  swr.cn-north-4.myhuaweicloud.com/ddn-k8s/ghcr.io/idaholab/malcolm/suricata:26.06.0  ghcr.io/idaholab/malcolm/suricata:26.06.0'

镜像构建历史 


# 2026-05-28 06:04:25  0.00B 添加元数据标签
LABEL org.opencontainers.image.revision=381a66a
                        
# 2026-05-28 06:04:25  0.00B 添加元数据标签
LABEL org.opencontainers.image.version=26.06.0
                        
# 2026-05-28 06:04:25  0.00B 添加元数据标签
LABEL org.opencontainers.image.created=2026-05-27T22:03:21Z
                        
# 2026-05-28 06:04:25  0.00B 设置环境变量 VCS_REVISION
ENV VCS_REVISION=381a66a
                        
# 2026-05-28 06:04:25  0.00B 设置环境变量 MALCOLM_VERSION
ENV MALCOLM_VERSION=26.06.0
                        
# 2026-05-28 06:04:25  0.00B 设置环境变量 BUILD_DATE
ENV BUILD_DATE=2026-05-27T22:03:21Z
                        
# 2026-05-28 06:04:25  0.00B 定义构建参数
ARG VCS_REVISION=381a66a
                        
# 2026-05-28 06:04:25  0.00B 定义构建参数
ARG MALCOLM_VERSION=26.06.0
                        
# 2026-05-28 06:04:25  0.00B 定义构建参数
ARG BUILD_DATE=2026-05-27T22:03:21Z
                        
# 2026-05-28 06:04:25  0.00B 设置默认要执行的命令
CMD ["/usr/local/bin/supervisord" "-c" "/etc/supervisord.conf" "-n"]
                        
# 2026-05-28 06:04:25  0.00B 配置容器启动时运行的命令
ENTRYPOINT ["/usr/bin/tini" "--" "/usr/local/bin/docker-uid-gid-setup.sh" "/usr/local/bin/service_check_passthrough.sh" "-s" "suricata" "/usr/local/bin/docker_entrypoint.sh"]
                        
# 2026-05-28 06:04:25  0.00B 设置工作目录为/var/run/suricata
WORKDIR /var/run/suricata
                        
# 2026-05-28 06:04:25  0.00B 创建挂载点用于持久化数据或共享数据
VOLUME [/var/run/suricata]
                        
# 2026-05-28 06:04:25  0.00B 创建挂载点用于持久化数据或共享数据
VOLUME [/var/lib/suricata]
                        
# 2026-05-28 06:04:25  0.00B 创建挂载点用于持久化数据或共享数据
VOLUME [/var/log/suricata]
                        
# 2026-05-28 06:04:25  0.00B 创建挂载点用于持久化数据或共享数据
VOLUME [/opt/suricata/include-configs]
                        
# 2026-05-28 06:04:25  0.00B 创建挂载点用于持久化数据或共享数据
VOLUME [/opt/suricata/rules]
                        
# 2026-05-28 06:04:25  0.00B 创建挂载点用于持久化数据或共享数据
VOLUME [/etc/suricata]
                        
# 2026-05-28 06:04:25  0.00B 设置环境变量 PUSER_CHOWN
ENV PUSER_CHOWN=/etc/suricata;/opt/suricata/rules;/opt/suricata/include-configs;/var/log/suricata;/var/lib/suricata;/var/run/suricata;/etc/supervisor.d
                        
# 2026-05-28 06:04:25  0.00B 设置环境变量 PCAP_PROCESSED_DIRECTORY
ENV PCAP_PROCESSED_DIRECTORY=/data/pcap/processed
                        
# 2026-05-28 06:04:25  0.00B 设置环境变量 PCAP_NODE_NAME
ENV PCAP_NODE_NAME=malcolm
                        
# 2026-05-28 06:04:25  0.00B 设置环境变量 PCAP_FILTER
ENV PCAP_FILTER=
                        
# 2026-05-28 06:04:25  0.00B 设置环境变量 PCAP_IFACE_TWEAK
ENV PCAP_IFACE_TWEAK=false
                        
# 2026-05-28 06:04:25  0.00B 设置环境变量 PCAP_IFACE
ENV PCAP_IFACE=lo
                        
# 2026-05-28 06:04:25  0.00B 设置环境变量 SURICATA_ROTATED_PCAP
ENV SURICATA_ROTATED_PCAP=false
                        
# 2026-05-28 06:04:25  0.00B 设置环境变量 SURICATA_LIVE_CAPTURE
ENV SURICATA_LIVE_CAPTURE=false
                        
# 2026-05-28 06:04:25  0.00B 设置环境变量 SURICATA_UPDATE_ETOPEN
ENV SURICATA_UPDATE_ETOPEN=true
                        
# 2026-05-28 06:04:25  0.00B 设置环境变量 SURICATA_UPDATE_DEBUG
ENV SURICATA_UPDATE_DEBUG=false
                        
# 2026-05-28 06:04:25  0.00B 设置环境变量 SURICATA_UPDATE_RULES
ENV SURICATA_UPDATE_RULES=false
                        
# 2026-05-28 06:04:25  0.00B 设置环境变量 SURICATA_DISABLE_SIDS
ENV SURICATA_DISABLE_SIDS=
                        
# 2026-05-28 06:04:25  0.00B 设置环境变量 SURICATA_CUSTOM_RULES_ONLY
ENV SURICATA_CUSTOM_RULES_ONLY=false
                        
# 2026-05-28 06:04:25  0.00B 设置环境变量 SURICATA_AUTO_ANALYZE_PCAP_THREADS
ENV SURICATA_AUTO_ANALYZE_PCAP_THREADS=0
                        
# 2026-05-28 06:04:25  0.00B 设置环境变量 SURICATA_AUTO_ANALYZE_PCAP_PROCESSES
ENV SURICATA_AUTO_ANALYZE_PCAP_PROCESSES=1
                        
# 2026-05-28 06:04:25  0.00B 设置环境变量 SURICATA_AUTO_ANALYZE_PCAP_FILES
ENV SURICATA_AUTO_ANALYZE_PCAP_FILES=false
                        
# 2026-05-28 06:04:25  0.00B 设置环境变量 SURICATA_CRON
ENV SURICATA_CRON=true
                        
# 2026-05-28 06:04:25  0.00B 设置环境变量 SURICATA_PCAP_PROCESSOR
ENV SURICATA_PCAP_PROCESSOR=true
                        
# 2026-05-28 06:04:25  0.00B 设置环境变量 AUTO_TAG
ENV AUTO_TAG=true
                        
# 2026-05-28 06:04:25  0.00B 设置环境变量 PCAP_MONITOR_HOST
ENV PCAP_MONITOR_HOST=pcap-monitor
                        
# 2026-05-28 06:04:25  0.00B 设置环境变量 PCAP_PIPELINE_VERBOSITY
ENV PCAP_PIPELINE_VERBOSITY=
                        
# 2026-05-28 06:04:25  0.00B 定义构建参数
ARG PCAP_PROCESSED_DIRECTORY=/data/pcap/processed
                        
# 2026-05-28 06:04:25  0.00B 定义构建参数
ARG PCAP_NODE_NAME=malcolm
                        
# 2026-05-28 06:04:25  0.00B 定义构建参数
ARG PCAP_FILTER=
                        
# 2026-05-28 06:04:25  0.00B 定义构建参数
ARG PCAP_IFACE_TWEAK=false
                        
# 2026-05-28 06:04:25  0.00B 定义构建参数
ARG PCAP_IFACE=lo
                        
# 2026-05-28 06:04:25  0.00B 定义构建参数
ARG SURICATA_ROTATED_PCAP=false
                        
# 2026-05-28 06:04:25  0.00B 定义构建参数
ARG SURICATA_LIVE_CAPTURE=false
                        
# 2026-05-28 06:04:25  0.00B 定义构建参数
ARG SURICATA_UPDATE_ETOPEN=true
                        
# 2026-05-28 06:04:25  0.00B 定义构建参数
ARG SURICATA_UPDATE_DEBUG=false
                        
# 2026-05-28 06:04:25  0.00B 定义构建参数
ARG SURICATA_UPDATE_RULES=false
                        
# 2026-05-28 06:04:25  0.00B 定义构建参数
ARG SURICATA_DISABLE_SIDS=
                        
# 2026-05-28 06:04:25  0.00B 定义构建参数
ARG SURICATA_AUTO_ANALYZE_PCAP_THREADS=0
                        
# 2026-05-28 06:04:25  0.00B 定义构建参数
ARG SURICATA_AUTO_ANALYZE_PCAP_PROCESSES=1
                        
# 2026-05-28 06:04:25  0.00B 定义构建参数
ARG SURICATA_CUSTOM_RULES_ONLY=false
                        
# 2026-05-28 06:04:25  0.00B 定义构建参数
ARG SURICATA_AUTO_ANALYZE_PCAP_FILES=false
                        
# 2026-05-28 06:04:25  0.00B 定义构建参数
ARG SURICATA_CRON=true
                        
# 2026-05-28 06:04:25  0.00B 定义构建参数
ARG SURICATA_PCAP_PROCESSOR=true
                        
# 2026-05-28 06:04:25  0.00B 定义构建参数
ARG AUTO_TAG=true
                        
# 2026-05-28 06:04:25  0.00B 定义构建参数
ARG PCAP_MONITOR_HOST=pcap-monitor
                        
# 2026-05-28 06:04:25  0.00B 定义构建参数
ARG PCAP_PIPELINE_VERBOSITY=
                        
# 2026-05-28 06:04:25  77.05KB 复制文件或目录到容器中
ADD suricata/scripts /usr/local/bin/ # buildkit
                        
# 2026-05-28 06:04:25  11.13KB 复制文件或目录到容器中
ADD --chmod=755 suricata/rules-default/ /opt/suricata/rules-default/ # buildkit
                        
# 2026-05-28 06:04:25  481.00B 复制文件或目录到容器中
ADD --chmod=755 container-health-scripts/suricata.sh /usr/local/bin/container_health.sh # buildkit
                        
# 2026-05-28 06:04:25  1.77KB 复制文件或目录到容器中
ADD --chmod=755 shared/bin/netdev-json.sh /usr/local/bin/ # buildkit
                        
# 2026-05-28 06:04:25  7.14KB 复制文件或目录到容器中
ADD --chmod=755 shared/bin/service_check_passthrough.sh /usr/local/bin/ # buildkit
                        
# 2026-05-28 06:04:25  38.21KB 复制文件或目录到容器中
ADD --chmod=755 shared/bin/pcap_processor.py /usr/local/bin/ # buildkit
                        
# 2026-05-28 06:04:25  10.93KB 复制文件或目录到容器中
ADD --chmod=755 shared/bin/docker-uid-gid-setup.sh /usr/local/bin/ # buildkit
                        
# 2026-05-28 06:04:25  566.00B 复制文件或目录到容器中
ADD --chmod=644 suricata/supervisor-templates/*.template /etc/supervisor.d/ # buildkit
                        
# 2026-05-28 06:04:25  2.08KB 复制文件或目录到容器中
ADD --chmod=644 suricata/supervisord.conf /etc/supervisord.conf # buildkit
                        
# 2026-05-28 06:04:25  1.03KB 复制文件或目录到容器中
ADD --chmod=644 shared/bin/pcap_utils.py /usr/local/bin/ # buildkit
                        
# 2026-05-28 06:04:25  6.67KB 复制文件或目录到容器中
ADD --chmod=644 scripts/malcolm_constants.py /usr/local/bin/ # buildkit
                        
# 2026-05-28 06:04:25  52.21KB 复制文件或目录到容器中
ADD --chmod=644 scripts/malcolm_utils.py /usr/local/bin/ # buildkit
                        
# 2026-05-28 06:04:25  2.46MB 复制新文件或目录到容器中
COPY --chmod=755 /goStatic /usr/bin/goStatic # buildkit
                        
# 2026-05-28 06:04:25  298.55MB 执行命令并创建新的镜像层
RUN |2 DEFAULT_UID=1000 DEFAULT_GID=1000 /bin/sh -c export BINARCH=$(uname -m | sed 's/x86_64/amd64/' | sed 's/aarch64/arm64/') &&     sed -i "s/main$/main contrib non-free/g" /etc/apt/sources.list.d/debian.sources &&     echo "deb http://deb.debian.org/debian trixie-backports main contrib non-free" | tee /etc/apt/sources.list.d/trixie-backports.list &&     apt-get -q update &&     apt-get install -q -y --no-install-recommends         bc         curl         file         git         inotify-tools         iproute2         jq         less         libcap-ng0         libcap2-bin         libevent-2.1-7         libevent-pthreads-2.1-7         libgeoip1         libhiredis1.1.0         libhtp2         libhyperscan5         libjansson4         liblua5.1-0         libluajit-5.1-2         liblz4-1         libmagic1         libmaxminddb0         libnet1         libnetfilter-log1         libnetfilter-queue1         libnfnetlink0         libnss3         libpcap0.8         libpcre2-8-0         libyaml-0-2         moreutils         procps         psmisc         python3-pip         python3-ruamel.yaml         python3-setuptools         python3-wheel         python3-zmq         rsync         tini         vim-tiny         zlib1g &&     apt-get install -q -y --no-install-recommends -t trixie-backports         suricata=${SURICATA_VERSION_PATTERN}         suricata-update &&     python3 -m pip install --break-system-packages --no-compile --no-cache-dir -r /usr/local/src/requirements.txt &&     curl -fsSL -o /usr/local/bin/supercronic "${SUPERCRONIC_URL}${BINARCH}" &&       chmod +x /usr/local/bin/supercronic &&     curl -fsSL -o /usr/bin/yq "${YQ_URL}${BINARCH}" &&         chmod 755 /usr/bin/yq &&     groupadd --gid ${DEFAULT_GID} ${PGROUP} &&       useradd -M --uid ${DEFAULT_UID} --gid ${DEFAULT_GID} --home /nonexistent ${PUSER} &&       usermod -a -G tty ${PUSER} &&     ln -sfr /usr/local/bin/pcap_processor.py /usr/local/bin/pcap_suricata_processor.py &&         (echo "0 0 * * * /bin/bash /usr/local/bin/suricata-update-rules.sh\n" > ${SUPERCRONIC_CRONTAB}) &&     mkdir -p "$SURICATA_CUSTOM_RULES_DIR" "$SURICATA_DEFAULT_RULES_DIR" "$SURICATA_CONFIG_DIR" "$SURICATA_CUSTOM_CONFIG_DIR" /etc/supervisor.d &&         chown -R ${PUSER}:${PGROUP} "$SURICATA_CUSTOM_RULES_DIR" "$SURICATA_DEFAULT_RULES_DIR" "$SURICATA_CONFIG_DIR" "$SURICATA_CUSTOM_CONFIG_DIR" /etc/supervisor.d &&     cp "$(dpkg -L suricata-update | grep 'update\.yaml$' | head -n 1)"         "$SURICATA_UPDATE_CONFIG_FILE" &&     suricata-update update-sources --verbose --data-dir "$SURICATA_MANAGED_DIR" --config "$SURICATA_UPDATE_CONFIG_FILE" --suricata-conf "$SURICATA_CONFIG_FILE" &&     suricata-update update --fail --verbose --etopen --data-dir "$SURICATA_MANAGED_DIR" --config "$SURICATA_UPDATE_CONFIG_FILE" --suricata-conf "$SURICATA_CONFIG_FILE" &&     cp /usr/bin/suricata /usr/bin/suricata-offline &&     chown root:${PGROUP} /usr/bin/suricata &&       setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip CAP_IPC_LOCK+eip' /usr/bin/suricata &&     apt-get -y -q --allow-downgrades --allow-remove-essential --allow-change-held-packages --purge remove git &&       apt-get -y -q --allow-downgrades --allow-remove-essential --allow-change-held-packages autoremove &&       apt-get clean &&       rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /var/lib/suricata/cache/* # buildkit
                        
# 2026-05-28 06:03:29  34.00B 复制文件或目录到容器中
ADD --chmod=644 suricata/requirements.txt /usr/local/src/requirements.txt # buildkit
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 SURICATA_UPDATE_CACHE_DIR
ENV SURICATA_UPDATE_CACHE_DIR=/var/lib/suricata/update/cache
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 SURICATA_UPDATE_SOURCES_DIR
ENV SURICATA_UPDATE_SOURCES_DIR=/var/lib/suricata/update/sources
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 SURICATA_UPDATE_DIR
ENV SURICATA_UPDATE_DIR=/var/lib/suricata/update
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 SURICATA_UPDATE_CONFIG_FILE
ENV SURICATA_UPDATE_CONFIG_FILE=/etc/suricata/update.yaml
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 SURICATA_RUN_DIR
ENV SURICATA_RUN_DIR=/var/run/suricata
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 SURICATA_MANAGED_RULES_DIR
ENV SURICATA_MANAGED_RULES_DIR=/var/lib/suricata/rules
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 SURICATA_MANAGED_DIR
ENV SURICATA_MANAGED_DIR=/var/lib/suricata
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 SURICATA_LOG_DIR
ENV SURICATA_LOG_DIR=/var/log/suricata
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 SURICATA_CUSTOM_CONFIG_DIR
ENV SURICATA_CUSTOM_CONFIG_DIR=/opt/suricata/include-configs
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 SURICATA_DEFAULT_RULES_DIR
ENV SURICATA_DEFAULT_RULES_DIR=/opt/suricata/rules-default
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 SURICATA_CUSTOM_RULES_DIR
ENV SURICATA_CUSTOM_RULES_DIR=/opt/suricata/rules
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 SURICATA_CONFIG_FILE
ENV SURICATA_CONFIG_FILE=/etc/suricata/suricata.yaml
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 SURICATA_CONFIG_DIR
ENV SURICATA_CONFIG_DIR=/etc/suricata
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 SURICATA_VERSION_PATTERN
ENV SURICATA_VERSION_PATTERN=1:8.0.*
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 YQ_URL
ENV YQ_URL=https://github.com/mikefarah/yq/releases/download/v4.53.2/yq_linux_
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 YQ_VERSION
ENV YQ_VERSION=4.53.2
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 SUPERCRONIC_CRONTAB
ENV SUPERCRONIC_CRONTAB=/etc/crontab
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 SUPERCRONIC_URL
ENV SUPERCRONIC_URL=https://github.com/aptible/supercronic/releases/download/v0.2.46/supercronic-linux-
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 SUPERCRONIC_VERSION
ENV SUPERCRONIC_VERSION=0.2.46
                        
# 2026-05-28 06:03:29  0.00B 指定运行容器时使用的用户
USER root
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 PUSER_RLIMIT_UNLOCK
ENV PUSER_RLIMIT_UNLOCK=true
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 PUSER_PRIV_DROP
ENV PUSER_PRIV_DROP=false
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 PGROUP
ENV PGROUP=suricata
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 PUSER
ENV PUSER=suricata
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 DEFAULT_GID
ENV DEFAULT_GID=1000
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 DEFAULT_UID
ENV DEFAULT_UID=1000
                        
# 2026-05-28 06:03:29  0.00B 定义构建参数
ARG DEFAULT_GID=1000
                        
# 2026-05-28 06:03:29  0.00B 定义构建参数
ARG DEFAULT_UID=1000
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 PYTHONUNBUFFERED
ENV PYTHONUNBUFFERED=1
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 PYTHONDONTWRITEBYTECODE
ENV PYTHONDONTWRITEBYTECODE=1
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 TERM
ENV TERM=xterm
                        
# 2026-05-28 06:03:29  0.00B 设置环境变量 DEBIAN_FRONTEND
ENV DEBIAN_FRONTEND=noninteractive
                        
# 2026-05-28 06:03:29  0.00B 添加元数据标签
LABEL org.opencontainers.image.description=Malcolm container providing Suricata
                        
# 2026-05-28 06:03:29  0.00B 添加元数据标签
LABEL org.opencontainers.image.title=ghcr.io/idaholab/malcolm/suricata
                        
# 2026-05-28 06:03:29  0.00B 添加元数据标签
LABEL org.opencontainers.image.vendor=Idaho National Laboratory
                        
# 2026-05-28 06:03:29  0.00B 添加元数据标签
LABEL org.opencontainers.image.source=https://github.com/idaholab/Malcolm
                        
# 2026-05-28 06:03:29  0.00B 添加元数据标签
LABEL org.opencontainers.image.documentation=https://github.com/idaholab/Malcolm/blob/main/README.md
                        
# 2026-05-28 06:03:29  0.00B 添加元数据标签
LABEL org.opencontainers.image.url=https://github.com/idaholab/Malcolm
                        
# 2026-05-28 06:03:29  0.00B 添加元数据标签
LABEL org.opencontainers.image.authors=malcolm@inl.gov
                        
# 2026-05-28 06:03:29  0.00B 添加元数据标签
LABEL maintainer=malcolm@inl.gov
                        
# 2026-05-18 08:00:00  78.62MB 
# debian.sh --arch 'amd64' out/ 'trixie' '@1779062400'

镜像信息 

{
    "Id": "sha256:cedd38cddd97a608dee9c3f139817b29ab26f6527a0a4f604e53771830f146e2",
    "RepoTags": [
        "ghcr.io/idaholab/malcolm/suricata:26.06.0",
        "swr.cn-north-4.myhuaweicloud.com/ddn-k8s/ghcr.io/idaholab/malcolm/suricata:26.06.0"
    ],
    "RepoDigests": [
        "ghcr.io/idaholab/malcolm/suricata@sha256:23246b902d31d456d9f9a6b07653ccb8bc062d37e02eba9773fe970c9ab6beed",
        "swr.cn-north-4.myhuaweicloud.com/ddn-k8s/ghcr.io/idaholab/malcolm/suricata@sha256:e7cea4d9d853d467ac5addee2b1ab9fe1d7b4894df40e86b166316b90375aea1"
    ],
    "Parent": "",
    "Comment": "buildkit.dockerfile.v0",
    "Created": "2026-05-27T22:04:25.184271419Z",
    "Container": "",
    "ContainerConfig": null,
    "DockerVersion": "",
    "Author": "",
    "Config": {
        "Hostname": "",
        "Domainname": "",
        "User": "root",
        "AttachStdin": false,
        "AttachStdout": false,
        "AttachStderr": false,
        "Tty": false,
        "OpenStdin": false,
        "StdinOnce": false,
        "Env": [
            "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
            "DEBIAN_FRONTEND=noninteractive",
            "TERM=xterm",
            "PYTHONDONTWRITEBYTECODE=1",
            "PYTHONUNBUFFERED=1",
            "DEFAULT_UID=1000",
            "DEFAULT_GID=1000",
            "PUSER=suricata",
            "PGROUP=suricata",
            "PUSER_PRIV_DROP=false",
            "PUSER_RLIMIT_UNLOCK=true",
            "SUPERCRONIC_VERSION=0.2.46",
            "SUPERCRONIC_URL=https://github.com/aptible/supercronic/releases/download/v0.2.46/supercronic-linux-",
            "SUPERCRONIC_CRONTAB=/etc/crontab",
            "YQ_VERSION=4.53.2",
            "YQ_URL=https://github.com/mikefarah/yq/releases/download/v4.53.2/yq_linux_",
            "SURICATA_VERSION_PATTERN=1:8.0.*",
            "SURICATA_CONFIG_DIR=/etc/suricata",
            "SURICATA_CONFIG_FILE=/etc/suricata/suricata.yaml",
            "SURICATA_CUSTOM_RULES_DIR=/opt/suricata/rules",
            "SURICATA_DEFAULT_RULES_DIR=/opt/suricata/rules-default",
            "SURICATA_CUSTOM_CONFIG_DIR=/opt/suricata/include-configs",
            "SURICATA_LOG_DIR=/var/log/suricata",
            "SURICATA_MANAGED_DIR=/var/lib/suricata",
            "SURICATA_MANAGED_RULES_DIR=/var/lib/suricata/rules",
            "SURICATA_RUN_DIR=/var/run/suricata",
            "SURICATA_UPDATE_CONFIG_FILE=/etc/suricata/update.yaml",
            "SURICATA_UPDATE_DIR=/var/lib/suricata/update",
            "SURICATA_UPDATE_SOURCES_DIR=/var/lib/suricata/update/sources",
            "SURICATA_UPDATE_CACHE_DIR=/var/lib/suricata/update/cache",
            "PCAP_PIPELINE_VERBOSITY=",
            "PCAP_MONITOR_HOST=pcap-monitor",
            "AUTO_TAG=true",
            "SURICATA_PCAP_PROCESSOR=true",
            "SURICATA_CRON=true",
            "SURICATA_AUTO_ANALYZE_PCAP_FILES=false",
            "SURICATA_AUTO_ANALYZE_PCAP_PROCESSES=1",
            "SURICATA_AUTO_ANALYZE_PCAP_THREADS=0",
            "SURICATA_CUSTOM_RULES_ONLY=false",
            "SURICATA_DISABLE_SIDS=",
            "SURICATA_UPDATE_RULES=false",
            "SURICATA_UPDATE_DEBUG=false",
            "SURICATA_UPDATE_ETOPEN=true",
            "SURICATA_LIVE_CAPTURE=false",
            "SURICATA_ROTATED_PCAP=false",
            "PCAP_IFACE=lo",
            "PCAP_IFACE_TWEAK=false",
            "PCAP_FILTER=",
            "PCAP_NODE_NAME=malcolm",
            "PCAP_PROCESSED_DIRECTORY=/data/pcap/processed",
            "PUSER_CHOWN=/etc/suricata;/opt/suricata/rules;/opt/suricata/include-configs;/var/log/suricata;/var/lib/suricata;/var/run/suricata;/etc/supervisor.d",
            "BUILD_DATE=2026-05-27T22:03:21Z",
            "MALCOLM_VERSION=26.06.0",
            "VCS_REVISION=381a66a"
        ],
        "Cmd": [
            "/usr/local/bin/supervisord",
            "-c",
            "/etc/supervisord.conf",
            "-n"
        ],
        "ArgsEscaped": true,
        "Image": "",
        "Volumes": {
            "/etc/suricata": {},
            "/opt/suricata/include-configs": {},
            "/opt/suricata/rules": {},
            "/var/lib/suricata": {},
            "/var/log/suricata": {},
            "/var/run/suricata": {}
        },
        "WorkingDir": "/var/run/suricata",
        "Entrypoint": [
            "/usr/bin/tini",
            "--",
            "/usr/local/bin/docker-uid-gid-setup.sh",
            "/usr/local/bin/service_check_passthrough.sh",
            "-s",
            "suricata",
            "/usr/local/bin/docker_entrypoint.sh"
        ],
        "OnBuild": null,
        "Labels": {
            "maintainer": "malcolm@inl.gov",
            "org.opencontainers.image.authors": "malcolm@inl.gov",
            "org.opencontainers.image.created": "2026-05-27T22:03:21Z",
            "org.opencontainers.image.description": "Malcolm container providing Suricata",
            "org.opencontainers.image.documentation": "https://github.com/idaholab/Malcolm/blob/main/README.md",
            "org.opencontainers.image.revision": "381a66a",
            "org.opencontainers.image.source": "https://github.com/idaholab/Malcolm",
            "org.opencontainers.image.title": "ghcr.io/idaholab/malcolm/suricata",
            "org.opencontainers.image.url": "https://github.com/idaholab/Malcolm",
            "org.opencontainers.image.vendor": "Idaho National Laboratory",
            "org.opencontainers.image.version": "26.06.0"
        }
    },
    "Architecture": "amd64",
    "Os": "linux",
    "Size": 379837657,
    "GraphDriver": {
        "Data": {
            "LowerDir": "/var/lib/docker/overlay2/55cd9dc98cccb4e5915ee7ea5cf5c3bb5a15261a2f35277cbbc495b54006278f/diff:/var/lib/docker/overlay2/8f49e2705fd1f0a6dea539c8a42619195abedbf0da66764f0223b6825df45063/diff:/var/lib/docker/overlay2/43d3f1f6e0e8c150ad3ea7b97662f90da28cede78145a1739df00573301e95d4/diff:/var/lib/docker/overlay2/f767a225a854b9f2bf30d11c40865b54c56601592009625a2800ea3cd876f38b/diff:/var/lib/docker/overlay2/ad7834bfd3c3987cb37cd0db14bdc0e7d3990e33ad05ec672475b796ab05ce6a/diff:/var/lib/docker/overlay2/a93db135acf3ad918bf49072716efad373888c741da6983c21e66210ca7c5d87/diff:/var/lib/docker/overlay2/50375ec8edac326524fe5a66a6c7a45763c6e81a007fe7db191444368ce6bc1d/diff:/var/lib/docker/overlay2/4038794265ed366ba76c71f51998b36a2aac3777ff208fc8e97ee94227aefcd3/diff:/var/lib/docker/overlay2/a0f1403fbffd8a82808b10f309484310ba5c922e391f0f098bf8437e3b645836/diff:/var/lib/docker/overlay2/911c80e2fd97cdc5288adf2977b4aa7b1f866226b04f9086db27b7290dd8e144/diff:/var/lib/docker/overlay2/23105e52e15d81fdd537c66573e85c745ca8bc4acc0487dbd68336bf11f79951/diff:/var/lib/docker/overlay2/650645dd6106ef556bc2c622806d2e5ab69945471b13b82f3f6d6d80fa11c295/diff:/var/lib/docker/overlay2/e3fcc26b0695e37f3d9dfd0aab6c4bcefe27aa333f2f6658675547803b4101f5/diff:/var/lib/docker/overlay2/de09e7a842f4468d47c1752997774abcb08976b06404638bfdd8905ed0ef493d/diff:/var/lib/docker/overlay2/0148dc272de9b863acb97d95945da3fc99e5d677ef4ea45af3fa7fb7b88103b0/diff:/var/lib/docker/overlay2/cd0bbc9c69e026633d38a0c4693c779a3d10a0542c78032cd6cc9dbe54fe597d/diff",
            "MergedDir": "/var/lib/docker/overlay2/2a75d2416af0cacd5d13215df6fc1b363bb796bd6447dde27e8068fa0b18ccd8/merged",
            "UpperDir": "/var/lib/docker/overlay2/2a75d2416af0cacd5d13215df6fc1b363bb796bd6447dde27e8068fa0b18ccd8/diff",
            "WorkDir": "/var/lib/docker/overlay2/2a75d2416af0cacd5d13215df6fc1b363bb796bd6447dde27e8068fa0b18ccd8/work"
        },
        "Name": "overlay2"
    },
    "RootFS": {
        "Type": "layers",
        "Layers": [
            "sha256:219a998c60509502b47b97f1158067d5dd62640d2d689560d32cfd5594f6bc40",
            "sha256:1015e550721a83e04e9e430984d1b1c5ec85e99117e48acda6c68f91b14450ef",
            "sha256:194391381f22654b41b6636f4a6ebd1ba6d8ee8ba73176cbb8629eafa6e95a11",
            "sha256:e95c99b84c7766662cf0d98a5fab34a5b98d54e5df855cad773072372ede9b3d",
            "sha256:506a0fda234c7eb08bb9586acc7749367e6b2116c8809754073e4926a306135f",
            "sha256:3223df57959f15adc64e10536ba82a0ba0524f4fc29c787d1d301456e75cccea",
            "sha256:5571ff1925e54b14e9f005da55ce224b8620c0d75a900b9a0db9612461df3db7",
            "sha256:17a5cc293ec9d5c75fa21cf6e4b61061df5a79704c3ac27f27616c890142b283",
            "sha256:8649aae7911b8bf9cc16d1ee1577d2cb5ac3190fb9ce3bbde524b301eaaea480",
            "sha256:4da7a4a941dab6b2ebe45194773bf9968d81cc73bf85269a7a1b454d3b2401f4",
            "sha256:614c14b4a5e0adb47de26c9714708a1109a9f5962a2202b9c50cb01808f05482",
            "sha256:caa971052ce4238edeea55065406a519e4cd51c06f286d9806a81a8555d169a0",
            "sha256:5849efe665599f9eb2af479d207a30b34d497a3d35ba49ba8fb0ed3c8a3c06e8",
            "sha256:fcec86b94c7ece7c3e5cbc34d7f8caee6d3f7e881ce2d7248b1271eaa3179ef0",
            "sha256:de672ce2f83cec2353f8ba9a045ff4ffe0bb30d5ac7027c96b63322dfb289d82",
            "sha256:34ba007ab41daf183413b8ad2ae04a4a3d104d3549e48dd44c704271439a013a",
            "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef"
        ]
    },
    "Metadata": {
        "LastTagTime": "2026-06-13T18:00:43.496310087+08:00"
    }
}

更多版本

ghcr.io/idaholab/malcolm/suricata:26.06.0

linux/amd64 ghcr.io379.84MB2026-06-13 18:01
8