|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: David Thibault (dave
itstrategypartners.com)
Date: Thu Feb 21 2008 - 13:19:06 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
OK, so I set my libnet-headers.h back the way they were before Todd's
previously suggested edit, then I tried option 1 below, and it compiled. I
will give it a spin and post to the group after verifying that inline works
properly. I anticipate that it will since it compiled properly.
Thanks, Todd!
Dave
On 2/21/08, Todd Wease <tweasesourcefire.com> wrote:
>
> Two other things to try:
>
> 1) Under your Snort source directory in src/inline.c, try adding the
> following line just under #include <libnet.h>:
>
> #include <net/ethernet.h>
>
> If this does not work, try:
>
> 2) In src/inline.h, just under #include "snort.h", try adding the
> following:
>
> struct ether_addr
> {
> u_char ether_addr_octet[6];
> };
>
> and see if that works. Let us know.
>
>
> Thanks,
> Todd
>
> David Thibault wrote:
>
> > Nope, same (or similar) error:
> > gcc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I../src -I../src/sfutil
> > -I/usr/include/pcap -I../src/output-plugins -I../src/detection-plugins
> > -I../src/dynamic-plugins -I../src/preprocessors
> > -I../src/preprocessors/flow -I../src/preprocessors/portscan
> > -I../src/preprocessors/flow/int-snort
> > -I../src/preprocessors/HttpInspect/include
> > -I../src/preprocessors/Stream5 -I../src/target-based
> > -I/usr/local/snort/include -I/usr/local/snort/include
> > -I/usr/local/snort/include -I/usr/local/snort/include
> > -I/usr/local/snort/include -fno-strict-aliasing -g -O2 -Wall
> > -DDYNAMIC_PLUGIN -DGIDS -DLIBNET_LIL_ENDIAN -fno-strict-aliasing -c
> inline.c
> > inline.c: In function 'InitInlinePostConfig':
> > inline.c:183: warning: pointer targets in passing argument 11 of
> > 'libnet_build_ip' differ in signedness
> > inline.c:186: warning: pointer targets in passing argument 10 of
> > 'libnet_build_tcp' differ in signedness
> > inline.c:190: warning: pointer targets in passing argument 11 of
> > 'libnet_build_ip' differ in signedness
> > inline.c:192: warning: pointer targets in passing argument 13 of
> > 'libnet_build_icmp_unreach' differ in signedness
> > inline.c:201: warning: pointer targets in passing argument 11 of
> > 'libnet_build_ip' differ in signedness
> > inline.c:204: warning: pointer targets in passing argument 10 of
> > 'libnet_build_tcp' differ in signedness
> > inline.c:208: warning: pointer targets in passing argument 11 of
> > 'libnet_build_ip' differ in signedness
> > inline.c:210: warning: pointer targets in passing argument 13 of
> > 'libnet_build_icmp_unreach' differ in signedness
> > inline.c: In function 'IpqLoop':
> > inline.c:282: warning: implicit declaration of function 'sig_check'
> > inline.c: In function 'RejectSocket':
> > inline.c:454: warning: pointer targets in passing argument 1 of
> > 'libnet_do_checksum' differ in signedness
> > inline.c:461: warning: pointer targets in passing argument 2 of
> > 'libnet_write_ip' differ in signedness
> > inline.c:494: warning: pointer targets in passing argument 1 of
> > 'libnet_do_checksum' differ in signedness
> > inline.c:502: warning: pointer targets in passing argument 2 of
> > 'libnet_write_ip' differ in signedness
> > inline.c: In function 'RejectLayer2':
> > inline.c:594: error: dereferencing pointer to incomplete type
> > inline.c:629: warning: pointer targets in passing argument 1 of
> > 'libnet_do_checksum' differ in signedness
> > inline.c:635: warning: pointer targets in passing argument 1 of
> > 'libnet_do_checksum' differ in signedness
> > inline.c:642: warning: pointer targets in passing argument 6 of
> > 'libnet_build_ethernet' differ in signedness
> > inline.c:649: warning: pointer targets in passing argument 3 of
> > 'libnet_write_link_layer' differ in signedness
> > inline.c:683: warning: pointer targets in passing argument 1 of
> > 'libnet_do_checksum' differ in signedness
> > inline.c:689: warning: pointer targets in passing argument 1 of
> > 'libnet_do_checksum' differ in signedness
> > inline.c:697: warning: pointer targets in passing argument 6 of
> > 'libnet_build_ethernet' differ in signedness
> > inline.c:707: warning: pointer targets in passing argument 3 of
> > 'libnet_write_link_layer' differ in signedness
> > make[3]: *** [inline.o] Error 1
> > make[3]: Leaving directory `/home/davidt/snort/snort-2.8.0.1/src
>
> > <http://2.8.0.1/src>'
> > make[2]: *** [all-recursive] Error 1
> > make[2]: Leaving directory `/home/davidt/snort/snort-2.8.0.1/src
> > <http://2.8.0.1/src>'
> > make[1]: *** [all-recursive] Error 1
> > make[1]: Leaving directory `/home/davidt/snort/snort-2.8.0.1
> > <http://2.8.0.1>'
>
> > make: *** [all] Error 2
> >
> > This time I left off the other --enable-* statements and just went with
> > the following configure command (still pointing to all my libs and incs
> > just in case):
> > ./configure --enable-inline
> > --with-libpcap-includes=/usr/local/snort/include
> > --with-libpcap-libraries=/usr/local/snort/lib
> > --with-libpcre-includes=/usr/local/snort/include
> > --with-libpcre-libraries=/usr/local/snort/lib
> > --with-libnet-includes=/usr/local/snort/include
> > --with-libnet-libraries=/usr/local/snort/lib
> > --with-dnet-includes=/usr/local/snort/include
> > --with-dnet-libraries=/usr/local/snort/lib
> >
> > Best,
> > Dave
> >
> > On 2/21/08, *David Thibault* <daveitstrategypartners.com
>
> > <mailto:daveitstrategypartners.com>> wrote:
> >
> > Thanks, Todd. I will try that and post the results.
> >
> >
> > Best,
> > Dave
> >
> >
> > On 2/21/08, *Todd Wease* <tweasesourcefire.com
>
> > <mailto:tweasesourcefire.com>> wrote:
> >
> > David,
> >
> > My only guess is that "struct ether_addr" is not getting defined
> > on your
> > system. Try editing libnet-headers.h (most likely in
> > /usr/include/libnet). At or around line 391, remove the #if
> > (!__GLIBC__) / #endif lines and see if that solves the
> > problem. If not,
> > please repost results.
> >
> > Thanks,
> > Todd
> >
> >
> > David Thibault wrote:
> > > Hello all,
> > >
> > > I have been banging my head against the keyboard for 2 days
> > now...=) I
> >
> > > am trying to install Snort 2.8.0.1 <http://2.8.0.1>
> > <http://2.8.0.1> on Centos 5.1. I
> >
> > > have tried using RPMs for the library and include
> > dependencies, and
> > > tried with compiling everything from source. Every time I
> > > --enable-inline I get the following errors:
> > >
> > > make[3]: Entering directory
> > `/home/davidt/snort/snort-2.8.0.1/src <http://2.8.0.1/src>
> >
> > > <http://2.8.0.1/src>'
> >
> > > gcc -m64 -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I../src
> > -I../src/sfutil
> > > -I/usr/include/pcap -I../src/output-plugins
> > -I../src/detection-plugins
> > > -I../src/dynamic-plugins -I../src/preprocessors
> > > -I../src/preprocessors/flow -I../src/preprocessors/portscan
> > > -I../src/preprocessors/flow/int-snort
> > > -I../src/preprocessors/HttpInspect/include
> > > -I../src/preprocessors/Stream5 -I../src/target-based
> > > -I/usr/local/snort/include -I/usr/local/snort/include
> > > -I/usr/local/snort/include -I/usr/local/snort/include
> > > -I/usr/include/mysql -DENABLE_MYSQL
> -I/usr/local/snort/include
> > > -fno-strict-aliasing -O0 -g -Wall -pthread
> -I/usr/local/include
> > > -DDYNAMIC_PLUGIN -DGIDS -DLIBNET_LIL_ENDIAN
> > -fno-strict-aliasing -c inline.c
> > > inline.c: In function 'InitInlinePostConfig':
> > > inline.c:183: warning: pointer targets in passing argument 11
> of
> > > 'libnet_build_ip' differ in signedness
> > > inline.c:186: warning: pointer targets in passing argument 10
> of
> > > 'libnet_build_tcp' differ in signedness
> > > inline.c:190: warning: pointer targets in passing argument 11
> of
> > > 'libnet_build_ip' differ in signedness
> > > inline.c:192: warning: pointer targets in passing argument 13
> of
> > > 'libnet_build_icmp_unreach' differ in signedness
> > > inline.c:201: warning: pointer targets in passing argument 11
> of
> > > 'libnet_build_ip' differ in signedness
> > > inline.c:204: warning: pointer targets in passing argument 10
> of
> > > 'libnet_build_tcp' differ in signedness
> > > inline.c:208: warning: pointer targets in passing argument 11
> of
> > > 'libnet_build_ip' differ in signedness
> > > inline.c:210: warning: pointer targets in passing argument 13
> of
> > > 'libnet_build_icmp_unreach' differ in signedness
> > > inline.c: In function 'IpqLoop':
> > > inline.c:282: warning: implicit declaration of function
> > 'sig_check'
> > > inline.c: In function 'RejectSocket':
> > > inline.c:454: warning: pointer targets in passing argument 1
> of
> > > 'libnet_do_checksum' differ in signedness
> > > inline.c:461: warning: pointer targets in passing argument 2
> of
> > > 'libnet_write_ip' differ in signedness
> > > inline.c:494: warning: pointer targets in passing argument 1
> of
> > > 'libnet_do_checksum' differ in signedness
> > > inline.c:502: warning: pointer targets in passing argument 2
> of
> > > 'libnet_write_ip' differ in signedness
> > > inline.c: In function 'RejectLayer2':
> > > inline.c:594: error: dereferencing pointer to incomplete type
> > > inline.c:629: warning: pointer targets in passing argument 1
> of
> > > 'libnet_do_checksum' differ in signedness
> > > inline.c:635: warning: pointer targets in passing argument 1
> of
> > > 'libnet_do_checksum' differ in signedness
> > > inline.c:642: warning: pointer targets in passing argument 6
> of
> > > 'libnet_build_ethernet' differ in signedness
> > > inline.c:649: warning: pointer targets in passing argument 3
> of
> > > 'libnet_write_link_layer' differ in signedness
> > > inline.c:683: warning: pointer targets in passing argument 1
> of
> > > 'libnet_do_checksum' differ in signedness
> > > inline.c:689: warning: pointer targets in passing argument 1
> of
> > > 'libnet_do_checksum' differ in signedness
> > > inline.c:697: warning: pointer targets in passing argument 6
> of
> > > 'libnet_build_ethernet' differ in signedness
> > > inline.c:707: warning: pointer targets in passing argument 3
> of
> > > 'libnet_write_link_layer' differ in signedness
> > > make[3]: *** [inline.o] Error 1
> > > make[3]: Leaving directory
> > `/home/davidt/snort/snort-2.8.0.1/src <http://2.8.0.1/src>
> >
> > > <http://2.8.0.1/src>'
> >
> > > make[2]: *** [all-recursive] Error 1
> > > make[2]: Leaving directory
> > `/home/davidt/snort/snort-2.8.0.1/src <http://2.8.0.1/src>
> >
> > > <http://2.8.0.1/src>'
> >
> > > make[1]: *** [all-recursive] Error 1
> > > make[1]: Leaving directory `/home/davidt/snort/snort-2.8.0.1
> > <http://2.8.0.1>
> >
> > > <http://2.8.0.1>'
> >
> > >
> > > Note that I am on x86_64 architecture, if that makes a
> > difference. For
> > > this attempt, I used the following library versions to
> fulfill
> > dependencies:
> > > 1) libpcap-0.9.8 compiled from source.
> > > 2) pcre-7.6 compiled from source.
> > > 3) libnet-1.0.2a compiled from source (I have seen the
> > problems people
> > > have had with the 1.1.2 version coming from RPMs).
> > > 4) libdnet-1.11 compiled from source.
> > > 5) mysql-5.0.22-2.2.el5_1.1 from RPM.
> > > 6) libprelude-0.9.16.2 compiled from source.
> > > 7) iptables-devel-1.3.5-1.2.1 from RPM
> > >
> > > Here's the configure directive I'm using:
> > > ./configure --prefix=/usr/local/snort --enable-64bit-gcc
> > > --enable-prelude --enable-inline
> > > --with-libpcap-includes=/usr/local/snort/include
> > > --with-libpcap-libraries=/usr/local/snort/lib
> > > --with-libpcre-includes=/usr/local/snort/include
> > > --with-libpcre-libraries=/usr/local/snort/lib
> > > --with-libnet-includes=/usr/local/snort/include
> > > --with-libnet-libraries=/usr/local/snort/lib
> > > --with-dnet-includes=/usr/local/snort/include
> > > --with-dnet-libraries=/usr/local/snort/lib
> --with-mysql=/usr/bin
> > > --with-mysql-includes=/usr/include
> > --with-mysql-libraries=/usr/lib64
> > > --with-libprelude-prefix=/usr/local
> > --with-libipq-includes=/usr/include
> > > --with-libipq-libraries=/usr/lib64
> > >
> > > I am happy to provide more info if necessary.
> > >
> > > As an aside, I'm also having problems with flexresp2
> > compilation, but
> > > that's a separate issue. At this point I'd like to try inline
> > first and
> > > see how it works before falling back on flexresp2.
> > >
> > > TIA,
> > > Dave
> > >
> > >
> >
> > >
> >
> ------------------------------------------------------------------------
> > >
> > >
> >
> -------------------------------------------------------------------------
> > > This SF.net email is sponsored by: Microsoft
> > > Defy all challenges. Microsoft(R) Visual Studio 2008.
> > > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> > >
> > >
> > >
> >
> ------------------------------------------------------------------------
> > >
> > > _______________________________________________
> > > Snort-users mailing list
> > > Snort-userslists.sourceforge.net
>
> > <mailto:Snort-userslists.sourceforge.net>
>
> > > Go to this URL to change user options or unsubscribe:
> > > https://lists.sourceforge.net/lists/listinfo/snort-users
> > > Snort-users list archive:
> > > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> >
> >
> >
> >
> >
> >
>
>
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]