mailing list archives
Re: snort-2.9.0 on RHEL5
From: Michael Altizer <xiche () verizon net>
Date: Fri, 08 Oct 2010 01:52:32 -0400
On 10/08/2010 12:34 AM, waldo kitty wrote:
On 10/8/2010 00:08, Jason Haar wrote:
So far snort pre-2.9 has compiled just fine on RHEL5 systems, but with
the new requirement for libpcap-1.0, that is no longer the case. We'll
have to port that from Fedora or something.
there's nothing to port, really... you should be able to grab the libpcap
sources from www.tcpdump.net (IIRC) and go from there... that's what i did in
this custom environment i'm working in... i did have some other mess to deal
with trying to get thru this but i was finally successful... and after all of
that, i still can't test 2.9.0 in my environment because of the below...
Has anyone done that yet, and are there any war-stories about it killing
tcpdump or any other app that depended on pre-1.0 libpcap? Do they all
need to be recompiled too?
that's what i've been wondering since my foray into 2.9.0... tcpdump, iftop, and
ppp are at least three that are built against libpcap... i'm looking at the
war-stories boat same as you because i definitely cannot loose my PPP DSL
connection to some stupid library snafu :
Conveniently enough, the new and old LibPCAP libraries can coexist on
the same system due to the change in library major number, so old
binaries can continue on with life just fine. Just make sure that you
only have development files (headers, static library, and .so symlink)
for the version of LibPCAP that you want to build against.
/usr/lib/libpcap.a (libpcap 1.1.1 static archive)
/usr/lib/libpcap.so -> libpcap.so.1* (library that things compiled
dynamically against -lpcap will link with)
/usr/lib/libpcap.so.1 -> libpcap.so.1.1.1*
/usr/lib/libpcap.so.0 -> libpcap.so.0.9.8* (binaries compiled
against this version can still dynamically link at runtime)
Beautiful is writing same markup. Internet Explorer 9 supports
standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 & L3.
Spend less time writing and rewriting code and more time creating great
experiences on the web. Be a part of the beta today.
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
Snort-users list archive: