services:
  suricata:
    image: jasonish/suricata
    container_name: suricata
    restart: always
    environment:
      - PUID=1000
      - PGID=1000
    cap_add:
      - NET_ADMIN
      - NET_RAW
      - SYS_NICE
    network_mode: "host"
    volumes:
      - ./suricata/etc:/etc/suricata
      - ./suricata/logs:/var/log/suricata
      # - ./suricata/lib:/var/lib/suricata
    command: ["-c", "/etc/suricata/suricata.yaml", "--af-packet"]