Snort mailing list archives
Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
From: "Russ Combs \(rucombs\) via Snort-devel" <snort-devel () lists snort org>
Date: Mon, 29 Aug 2022 18:39:12 +0000
Dorian,
If you did that, it would have shown up in the log. What you need to do is what I said in the prior email.
Russ
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Monday, August 29, 2022 2:31 PM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
Dear Russ,
I have ever do this line of command,
This is your third previous e-mail,
What I need to do finally?
Thanks you in advance for your work,
Regards.
Dorian Rosse.
________________________________
From: Russ Combs (rucombs) <rucombs () cisco com>
Sent: Monday, August 29, 2022 7:48:23 PM
To: Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
Hey Dorian,
I forgot to remind you to export PKG_CONFIG_PATH. Do these two commands in the same shell and send the log:
export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig
./build_snort.sh muddy &> muddy.log
Russ
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Sunday, August 28, 2022 2:27 PM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
Dear Russ,
i do your step now the file in attachment,
thanks you in advance for your works,
Regards.
Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : samedi 27 août 2022 22:26
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
Dorian,
The only thing outstanding is hyperscan. Did you install the prebuilt library (eg libhyperscan5)? it seems as if the
header files are missing. Try installing libhyperscan-dev, rerun the script and send a new log;
./build_snort.sh jammycat &> jammycat.log
Russ
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Saturday, August 27, 2022 2:05 PM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
dear Russ,
sorry to send the log only now but my cat was on the chair,
the log in attachment,
thanks you in advance for your works,
Regards.
Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : samedi 27 août 2022 16:38
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
Dorian,
OK, we are close. Run the attached updated script and send the log:
./build_snort.sh gumboot &> gumboot.log
Russ
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Thursday, August 25, 2022 4:23 AM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
hello russ,
i have checked the path where you think both files are and you have the truth thus i have copy path your line of
command adviced for the pkg config path finaly i have follow your tutorial and i attach both file in attachment,
thanks you in advance for your answer,
regards.
dorian rosse.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : mercredi 24 août 2022 22:12
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
Dorian,
There are still a few things to clear up based on the below.
1. libhs is found but none of the APIs checked from libhs are output.
2. jemalloc is not found.
For both of these issues, where did you install hypercan and jemalloc? Are they both under /usr/local/, ie do you have
these files?
/usr/local/lib/pkgconfig/jemalloc.pc
/usr/local/lib/pkgconfig/libhs.pc
If so, then rebuild after doing this and send the output:
export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig
Also, always rebuild to a new directory or delete the prior build directory. Not doing so may create other unnecessary
errors that we don't have time for. 🙂
3. Snort can run inline with an appropriate DAQ module.
4. You are trying to use a config incompatible for your Snort version.
Do these commands and send the output:
cd walrus4/
install/bin/snort --daq-dir install/lib/daq --daq-list &> daq_list.out
install/bin/snort --daq-dir install/lib/daq -c install/etc/snort/snort.lua --daq dump -Q &> daq_dump.out
For the above, ignore systemd and any other configurations you may be working on.
Russ
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Wednesday, August 17, 2022 11:06 AM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
dear Russ,
this time snort find libhs.pc but it doesn't build hyperscan so we are lucky because i have found the problem this was
systemd too much older i have download and install for kinetic ubuntu instead the old not up to date around libsystemd
too build for kinetic on my jammy install thus i attach two file the build_snort5.log where libsystemd is up to date
too libhs.pc is found unfornately hyperscan isn't built and i attach the happening of the journal of the snort in the
mode NIDS below what the previous unreadden e-mail unanswered :
i have copy paste libhs.pc in the good directory then i have launch a new build of snort by walrus4 because there are
two day i have download libsystemd by so extension program too today i have set up snort in mode NIDS i repeat below
the previous problems :
your snort doesn't work in inline and it is broken because i can't launch any scan so it is set up in daq passive the
previous snort was set up in inline for block the hack and unfornately i ask if i launch the line of command ccmake
because your set up use the depandencies by the file exntension so however the PKG_CONFIG_PATH drive to the good folder
without send the building of snort 3 with this directory :
thanks you in advance for your work to repair snort3,
Regards.
Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : mercredi 17 août 2022 13:04
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
Dorian,
That successfully built Snort 3 and installed at:
/home/dorianrosse/snort3_src/snort3-master/walrus3/install/bin/snort
Why do you say that you need to run ccmake?
1. Send the path where you want to install Snort if the above is not satisfactory.
2. I assume you want to use jemalloc. I will add that to the build script.
3. For hyperscan, send the full path to libhs.pc. It might be at /usr/local/lib/pkgconfig/libhs.pc.
I'll send an update to build_snort.sh.
Russ
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Tuesday, August 16, 2022 4:13 AM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
I send a new time the file asked,
Thanks you in advance for your work,
Regards.
Dorian Rosse.
________________________________
From: Russ Combs (rucombs) <rucombs () cisco com>
Sent: Monday, August 15, 2022 2:57:29 PM
To: Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
Dorian,
You shouldn't need ccmake. If the build failed, some --with-* and/or PKG_CONFIG_PATH tweaks may be needed. Send the log
requested previously if you want further assistance.
Russ
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Monday, August 15, 2022 8:27 AM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
dear Russ,
we have reach a way far unfornately snort is again broken as i try below :
''':~/snort3_src/snort3-master/walrus3/snort3-3.1.36.0/lua$ sudo cp snort.lua /usr/local/etc/snort/snort.lua
:~/snort3_src/snort3-master/walrus3/snort3-3.1.36.0/lua$ snort -c /usr/local/etc/snort/snort.lua -i enp0s25 -A
alert_fast -s 65535 -k none
'''
before your next e-mail i have download all the rules by pulledpork3,
before your next e-mail does i need to repeat the line of command below :
'''ccmake ${pathofeachsubprograms}'''
thanks you in advance for your help unfornately this isn't finish,
Regards.
Dorian ROSSE.
________________________________
De : Dorian ROSSE <dorianbrice () hotmail fr>
Envoyé : dimanche 14 août 2022 20:02
À : Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
dear Russ,
this time i have reach the file at the directory snort3-master and this time that build with the others dependancies
than snort and libdaq but thoses are dependencies extension so :
''' linux-vdso.so.1 (0x00007fff167e7000)
libdaq.so.3 => /home/dorianrosse/snort3_src/snort3-master/walrus3/install/lib/libdaq.so.3 (0x00007f49aa822000)
libdumbnet.so.1 => /lib/x86_64-linux-gnu/libdumbnet.so.1 (0x00007f49aa7ff000)
libhwloc.so.15 => /lib/x86_64-linux-gnu/libhwloc.so.15 (0x00007f49aa7a3000)
libluajit-5.1.so.2 => /usr/local/lib/libluajit-5.1.so.2 (0x00007f49aa731000)
libcrypto.so.1.1 => /usr/local/lib/libcrypto.so.1.1 (0x00007f49aa442000)
libpcap.so.1 => /usr/local/lib/libpcap.so.1 (0x00007f49aa3f4000)
libpcre.so.1 => /usr/local/lib/libpcre.so.1 (0x00007f49aa3d5000)
libz.so.1 => /usr/local/lib/libz.so.1 (0x00007f49aa3b7000)
libmnl.so.0 => /lib/x86_64-linux-gnu/libmnl.so.0 (0x00007f49aa3af000)
libiconv.so.2 => /usr/local/lib/libiconv.so.2 (0x00007f49aa2c7000)
libunwind.so.8 => /lib/x86_64-linux-gnu/libunwind.so.8 (0x00007f49aa2ac000)
liblzma.so.5 => /lib/x86_64-linux-gnu/liblzma.so.5 (0x00007f49aa27f000)
libsafec.so.3 => /usr/local/lib/libsafec.so.3 (0x00007f49aa233000)
libuuid.so.1 => /lib/x86_64-linux-gnu/libuuid.so.1 (0x00007f49aa22a000)
libstdc++.so.6 => /lib/x86_64-linux-gnu/libstdc++.so.6 (0x00007f49a9ffe000)
libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f49a9f17000)
libgcc_s.so.1 => /lib/x86_64-linux-gnu/libgcc_s.so.1 (0x00007f49a9ef7000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f49a9ccd000)
libudev.so.1 => /lib/x86_64-linux-gnu/libudev.so.1 (0x00007f49a9ca3000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f49a9c9e000)
/lib64/ld-linux-x86-64.so.2 (0x00007f49ab26c000)
libdbus-1.so.3 => /lib/x86_64-linux-gnu/libdbus-1.so.3 (0x00007f49a9c50000)
libsystemd.so.0 => /lib/x86_64-linux-gnu/libsystemd.so.0 (0x00007f49a9b89000)
libzstd.so.1 => /lib/x86_64-linux-gnu/libzstd.so.1 (0x00007f49a9ab8000)
liblz4.so.1 => /lib/x86_64-linux-gnu/liblz4.so.1 (0x00007f49a9a98000)
libcap.so.2 => /lib/x86_64-linux-gnu/libcap.so.2 (0x00007f49a9a8d000)
libgcrypt.so.20 => /lib/x86_64-linux-gnu/libgcrypt.so.20 (0x00007f49a994f000)
libgpg-error.so.0 => /lib/x86_64-linux-gnu/libgpg-error.so.0 (0x00007f49a9929000)
,,_ -*> Snort++ <*-
o" )~ Version 3.1.36.0
'''' By Martin Roesch & The Snort Team
http://snort.org/contact#team
Copyright (C) 2014-2022 Cisco and/or its affiliates. All rights reserved.
Copyright (C) 1998-2013 Sourcefire, Inc., et al.
Using DAQ version 3.0.9
Using LuaJIT version 2.0.5
Using OpenSSL 1.1.1q 5 Jul 2022
Using libpcap version 1.10.1 (with TPACKET_V3)
Using PCRE version 8.45 2021-06-15
Using ZLIB version 1.2.11
Using LZMA version 5.2.5
'''
how to built with the sources of dependencies ?
thanks you in advance for the works,
Regards.
Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : dimanche 14 août 2022 19:23
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
Dorian,
/home/dorianrosse/.local/bin/cmake was at least part of the problem. Now that it is moved out of the way, it looks like
the normal cmake is accessible.
Go back to the original snort_build.sh, start in your home directory, and try again:
sh build_snort.sh walrus3 &> build_snort3.log
Then send build_snort3.log.
Russ
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Sunday, August 14, 2022 10:09 AM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
Dear Russ,
i paste the file :
'''!/usr/bin/python3
# -*- coding: utf-8 -*-
import re
import sys
def cmake (cmake):
if __name__ == '__main__':
sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
sys.exit(cmake())
'''
now i paste the other ask :
''':~$ mv /home/dorianrosse/.local/bin/cmake /home/dorianrosse/.local/bin/cmake.ignore
:~$ which cmake
/usr/local/bin/cmake
'''
thanks you in advance to help myself fully use snort3 wich it dependencies,
Regards.
Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : dimanche 14 août 2022 16:03
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
Dorian,
That's suspicious. Can you send or paste that file?
What do you get when you do this?
mv /home/dorianrosse/.local/bin/cmake /home/dorianrosse/.local/bin/cmake.ignore
which cmake
Russ
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Sunday, August 14, 2022 9:51 AM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
the line of command asked happen this below :
'''file /home/dorianrosse/.local/bin/cmake
/home/dorianrosse/.local/bin/cmake: Python script, ASCII text executable
'''
thanks you in advance to help myself repair snort3,
Regards.
Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : dimanche 14 août 2022 15:36
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
Dorian,
What does this output?
file /home/dorianrosse/.local/bin/cmake
Russ
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Sunday, August 14, 2022 9:10 AM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
dear Russ,
the happening of the line of command you have asked below :
''':~/programs/mongodb-atlas-kubernetes$ which cmake
/home/dorianrosse/.local/bin/cmake
:~/programs/mongodb-atlas-kubernetes$ alias cmake
bash: alias: cmake : non trouvé
'''
thanks you in advance to help myself fully uses snort3,
Regards.
Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : dimanche 14 août 2022 14:54
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
Dorian,
What do these commands output?
which cmake
alias cmake
Russ
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Saturday, August 13, 2022 4:07 PM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
Dear Russ,
you have the truth because cmake does nothing thus the file created by the line of command is emtpy finaly what i need
to do now ?
thanks you in advance to help myself use fully snort3,
Regards.
Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : samedi 13 août 2022 21:49
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
Dorian,
Run the attached like this and send cmake_snort.log:
cd /home/dorianrosse/snort3_src/snort3-master/walrus2/snort_build/
sh cmake_snort.sh &> cmake_snort.log
Russ
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Saturday, August 13, 2022 3:14 PM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
yes russ in the snort3 broken i was set up some files type by the extension cmake inside snort (that were repair w3m
and asciidoc) however on your snort freshly install from github i don't set up any cmake file,
the file asked in attachment,
thanks you in advance to help myself go more far with snort3,
regards.
Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : samedi 13 août 2022 20:26
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
Hey Dorian,
We can ignore ccmake for the moment, but did you do anything to cmake? The log is as if the cmake command invoked by
configure_cmake.sh actually didn't execute. That is strange.
Run the attached again like this and send build_snort2.log:
sh build_snort2.sh walrus2 &> build_snort2.log
This will not actually build Snort but it will capture the cmake command. Do not make any changes in walrus2/, we will
go from there.
Thanks,
Russ
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Saturday, August 13, 2022 2:09 PM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
Dear Russ,
The attachment in the previous e-mail however I have something to say before your answer for launch make,
In the snort3 bugged who have say no snort work good about dependencies thus I have launched a lot of line of command
below ask by the file config.anything for drive the program on the sources of dependencies :
'ccmake ${thepathoftheprogram}'
I hope it were a good thing to did,
I wish to you a good week because I think you seem don't work the weekend,
Regards.
Dorian Rosse.
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Friday, August 12, 2022 6:28:50 PM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
the file asked in attachment,
i wait the next smart answer,
thanks you in advance to use all subprogram of snort3,
Regards.
Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : vendredi 12 août 2022 16:33
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
OK, libdaq was built. Send the contents of:
/home/dorianrosse/snort3_src/snort3-master/walrus/snort_build/config.status
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Friday, August 12, 2022 9:25 AM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
now that work to go more far too the file is in attachment this time thus thanks you in advance to say if you can have
the attachment,
i wait your smart answer for understand what i need to do now,
thanks you in advance to repair snort3,
Regards.
Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : vendredi 12 août 2022 15:13
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
Dorian,
You do not need to change the permissions on build_snort.sh. Your original problem is this:
bash: build_snort.log: Permission non accordée
That's because you previously created porc3/ as root and don't have permission to write in that directory as
dorianrosse.
Start in your home directory, not ~/porc/ and try again with a different directory:
sh build_snort.sh walrus &> build_snort.log
Where 'walrus' is something that doesn't exist in your home directory.
The other alternative is to cd; sudo rm -rf porc/ and try again assuming you don't need anything in ~/porc/.
Russ
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Friday, August 12, 2022 8:52 AM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
sorry for the mistake the good line of command chmod is 764 without success for go more far :
'''~/porc/porc3$ sudo chmod 764 build_snort.sh
:~/porc/porc3$ ls -l
total 440
drwxr-xr-x 8 root root 4096 août 12 13:19 build
-rwxrw-r-- 1 dorianrosse dorianrosse 746 août 12 14:36 build_snort.sh
-rw-r--r-- 1 root root 232121 août 10 22:38 ChangeLog
drwxr-xr-x 2 root root 4096 août 10 22:38 cmake
-rw-r--r-- 1 root root 4957 août 10 22:38 CMakeLists.txt
-rw-r--r-- 1 root root 1034 août 10 22:38 cmake_uninstall.cmake.in
-rw-r--r-- 1 root root 4573 août 10 22:38 config.cmake.h.in
-rw-r--r-- 1 root root 100 août 12 13:13 config.log
-rwxr-xr-x 1 root root 19895 août 10 22:38 configure_cmake.sh
-rw-r--r-- 1 root root 21011 août 10 22:38 COPYING
-rw-r--r-- 1 root root 70959 août 10 22:38 crusty.cfg
drwxr-xr-x 2 root root 4096 août 10 22:38 daqs
drwxr-xr-x 6 root root 4096 août 10 22:38 doc
drwxr-xr-x 2 root root 4096 août 12 12:48 install
-rw-r--r-- 1 root root 21017 août 10 22:38 LICENSE
drwxr-xr-x 2 root root 4096 août 10 22:38 lua
-rw-r--r-- 1 root root 6585 août 10 22:38 README.md
-rw-r--r-- 1 root root 915 août 10 22:38 snort.pc.in
drwxr-xr-x 46 root root 4096 août 10 22:38 src
drwxr-xr-x 5 root root 4096 août 10 22:38 tools
:~/porc/porc3$ sh build_snort.sh porc3 &> build_snort.log
'''
thanks you in advance for your answer smart,
regards.
Dorian ROSSE.
________________________________
De : Dorian ROSSE <dorianbrice () hotmail fr>
Envoyé : vendredi 12 août 2022 14:49
À : Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
after i have read it right :
it haved rw-rw-r-- thus i have shape right rwxrw-r-- without success for go forward :
'''~/porc/porc3$ sudo chmod 761 build_snort.sh
:~/porc/porc3$ ls -l
total 440
drwxr-xr-x 8 root root 4096 août 12 13:19 build
-rwxrw---x 1 dorianrosse dorianrosse 746 août 12 14:36 build_snort.sh
-rw-r--r-- 1 root root 232121 août 10 22:38 ChangeLog
drwxr-xr-x 2 root root 4096 août 10 22:38 cmake
-rw-r--r-- 1 root root 4957 août 10 22:38 CMakeLists.txt
-rw-r--r-- 1 root root 1034 août 10 22:38 cmake_uninstall.cmake.in
-rw-r--r-- 1 root root 4573 août 10 22:38 config.cmake.h.in
-rw-r--r-- 1 root root 100 août 12 13:13 config.log
-rwxr-xr-x 1 root root 19895 août 10 22:38 configure_cmake.sh
-rw-r--r-- 1 root root 21011 août 10 22:38 COPYING
-rw-r--r-- 1 root root 70959 août 10 22:38 crusty.cfg
drwxr-xr-x 2 root root 4096 août 10 22:38 daqs
drwxr-xr-x 6 root root 4096 août 10 22:38 doc
drwxr-xr-x 2 root root 4096 août 12 12:48 install
-rw-r--r-- 1 root root 21017 août 10 22:38 LICENSE
drwxr-xr-x 2 root root 4096 août 10 22:38 lua
-rw-r--r-- 1 root root 6585 août 10 22:38 README.md
-rw-r--r-- 1 root root 915 août 10 22:38 snort.pc.in
drwxr-xr-x 46 root root 4096 août 10 22:38 src
drwxr-xr-x 5 root root 4096 août 10 22:38 tools
:~/porc/porc3$ sh build_snort.sh porc3 &> build_snort.log
bash: build_snort.log: Permission non accordée
'''
thanks you in advance for your answer smart,
regards.
Dorian ROSSE.
________________________________
De : Dorian ROSSE <dorianbrice () hotmail fr>
Envoyé : vendredi 12 août 2022 14:44
À : Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
russ,
your file is nill thus no line of command works :
''':~/porc/porc3$ sudo mv -f ~/Téléchargements/build_snort.sh .
:~/porc/porc3$ sh build_snort.sh porc3 &> build_snort.log
bash: build_snort.log: Permission non accordée
:~/porc/porc3$ sudo sh build_snort.sh porc3 &> build_snort.log
bash: build_snort.log: Permission non accordée
:~/porc/porc3$ sudo sh build_snort.sh porc3 &> sudo build_snort.log
bash: sudo: Permission non accordée
'''
what i need to do ?
thanks you in advance for your answer smart,
regards.
Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : vendredi 12 août 2022 13:48
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
Dorian,
What kind of system are you using? Linux / Ubuntu? It seems that you have issues well beyond Snort, so let's do it this
way. Download the attached file. Then do this command as your normal user dorianrosse. Do not add sudo.
sh build_snort.sh porc3 &> build_snort.log
build_snort.sh is assumed to be in your working directory. porc3 is the name of the directory that build_snort.sh will
work in. You can change the name but keep it under your home directory.
The script will get and build libdaq and Snort. It requires wget.
Then send build_snort.log.
Russ
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Friday, August 12, 2022 6:53 AM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
russ,
i have success by download the file zip !
because the file doesn't become an attachment i paste what they have inside the file under :
'''configure_cmake.sh : commande introuvable'''
they seems at cisco since you are hacked in the spring of 2022 snort become no take sense,
i have follow your tutorial i was log in root and i have folllow your tutorial :
''':/home/dorianrosse/porc/snort3-master# configure_cmake.sh --prefix=`pwd`/install/ &> config.log
:/home/dorianrosse/porc/snort3-master# mkdir build
:/home/dorianrosse/porc/snort3/home/dorianrosse/porc/snort3-master# cd build/
:/home/dorianrosse/porc/snort3-master/build# configure_cmake.sh --prefix=/home/dorianrosse/porc/snort3-master/install/
&> config.log
:/home/dorianrosse/porc/snort3-master/build# cd ..
:/home/dorianrosse/porc/snort3-master# cd install/
:/home/dorianrosse/porc/snort3-master/install# configure_cmake.sh
--prefix=/home/dorianrosse/porc/snort3-master/install/ &> config.log
:/home/dorianrosse/porc/snort3-master/install# configure_cmake.sh --prefix='pwd' &> config.log
:/home/dorianrosse/porc/snort3-master/install# configure_cmake.sh --prefix='pwd'/install &> config.log
:/home/dorianrosse/porc/snort3-master/install# configure_cmake.sh
--prefix=/home/dorianrosse/porc/snort3-master/install/install &> config.log
:/home/dorianrosse/porc/snort3-master/install# configure_cmake.sh --prefix=`pwd`/install/ &> config.log
:/home/dorianrosse/porc/snort3-master# configure_cmake.sh --prefix=/home/dorianrosse/porc/snort3-master/install/ &>
config.log
'''
thanks you in advance to repair snort3,
Regards.
Dorian ROSSE.
________________________________
De : Dorian ROSSE <dorianbrice () hotmail fr>
Envoyé : jeudi 11 août 2022 19:07
À : Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
dear russ,
your turorial doesn't work :
'''~$ cd
~$ mkdir porc
~$ cd porc/
~/porc$ git clone git () github com:snort3/snort3
Clonage dans 'snort3'...
The authenticity of host 'github.com (140.82.121.4)' can't be established.
ED25519 key fingerprint is SHA256:+DiY3wvvV6TuJJhbpZisF/zLDA0zPMSvHdkr4UvCOqU.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yess
Please type 'yes', 'no' or the fingerprint: yes
Warning: Permanently added 'github.com' (ED25519) to the list of known hosts.
git () github com: Permission denied (publickey).
fatal: Impossible de lire le dépôt distant.
Veuillez vérifier que vous avez les droits d'accès
et que le dépôt existe.
'''
thanks you in advance to repair snort3,
regards.
Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : jeudi 11 août 2022 08:45
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
Dorian,
There is still a lot going wrong: the trailing \, the empty string thing, configure_options.cmake, unused variables,
and the wrong --with-*. It looks like your source is not valid at this point.
Instead of trying to work backwards from here, I want to start over and go one step at a time. Please do exactly the
following. Do not alter the commands.
cd
mkdir porc
cd porc/
git clone git () github com:snort3/snort3.git
snort3/configure_cmake.sh --prefix=`pwd`/install/ &> config.log
Then send me config.log and we can take it from there.
Thanks,
Russ
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Wednesday, August 10, 2022 2:03 PM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
i have set PKG_CONFIG_PATH without success,
before remove hyperscan i have add the subdirectories include dor the including and lib for the libraries without
success,
thus i have remove hyperscan, libdaq and pcre in the configure by cmake,
i paste below :
'''/home/dorianrosse/snort_src/snort3-3.1.36.0# ./configure_cmake.sh --prefix=/usr/bin/ \
--with-luajit-libraries=~/snort_src/LuaJIT-2.0.5/ \
--with-luajit-includes=~/snort_src/LuaJIT-2.0.5/ \
--enable-jemalloc --with-openssl=~/snort_src/openssl-1.1.1q/include/ \
--with-hyperscan-includes=~/snort_src/hyperscan-5.4.0/include/ \
--with-dnet-libraries=~/snort_src/libdnet-1.11/include/ \
--with-dnet-includes=~/snort_src/libdnet-1.11/include/ \
--with-iconv-libraries=~/snort_src/libiconv-1.17/lib/ \
--with-iconv-includes=~/snort_src/libiconv-1.17/include/ \
--with-pcap-libraries=~/snort_src/libpcap-1.10.1/ \
--with-pcap-includes=~/snort_src/libpcap-1.10.1/ \
--with-uuid-libraries=~/snort_src/uuid/ \
--with-uuid-includes=~/snort_src/uuid/ \
Build Directory : build
Source Directory: /home/dorianrosse/snort_src/snort3-3.1.36.0
CMake Warning:
Ignoring empty string ("") provided on the command line.
-- The CXX compiler identification is GNU 11.2.0
-- The C compiler identification is GNU 11.2.0
-- Detecting CXX compiler ABI info
-- Detecting CXX compiler ABI info - done
-- Check for working CXX compiler: /usr/bin/c++ - skipped
-- Detecting CXX compile features
-- Detecting CXX compile features - done
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Check for working C compiler: /usr/bin/cc - skipped
-- Detecting C compile features
-- Detecting C compile features - done
-- Performing Test CMAKE_HAVE_LIBC_PTHREAD
-- Performing Test CMAKE_HAVE_LIBC_PTHREAD - Success
-- Found PkgConfig: /usr/bin/pkg-config (found version "0.29.2")
-- Checking for module 'libdaq>=3.0.7'
-- Found libdaq, version 3.0.9
-- Found DAQ: /usr/local/lib/libdaq.so
-- Checking for module 'libdaq_static_afpacket'
-- Found libdaq_static_afpacket, version 3.0.9
-- Checking for module 'libdaq_static_bpf'
-- Found libdaq_static_bpf, version 3.0.9
-- Checking for module 'libdaq_static_dump'
-- Found libdaq_static_dump, version 3.0.9
-- Checking for module 'libdaq_static_fst'
-- Found libdaq_static_fst, version 3.0.9
-- Checking for module 'libdaq_static_gwlb'
-- Found libdaq_static_gwlb, version 3.0.9
-- Checking for module 'libdaq_static_nfq'
-- Found libdaq_static_nfq, version 3.0.9
-- Checking for module 'libdaq_static_pcap'
-- Found libdaq_static_pcap, version 3.0.9
-- Checking for module 'libdaq_static_savefile'
-- Found libdaq_static_savefile, version 3.0.9
-- Checking for module 'libdaq_static_trace'
-- Found libdaq_static_trace, version 3.0.9
-- Found DNET: /usr/include
-- Found FLEX: /usr/bin/flex (found suitable version "2.6.4", minimum required is "2.6.0")
-- Checking for module 'hwloc'
-- Found hwloc, version 2.7.0
-- Found HWLOC: /usr/lib/x86_64-linux-gnu/libhwloc.so
-- Checking for module 'luajit'
-- Found luajit, version 2.0.5
-- Found LuaJIT: /usr/local/lib/libluajit-5.1.so (found version "2.0.5")
-- Found OpenSSL: /usr/local/lib/libcrypto.so (found suitable version "1.1.1q", minimum required is "1.1.1")
-- Found PCAP: /usr/local/lib/libpcap.so
-- Performing Test PCAP_LINKS_SOLO
-- Performing Test PCAP_LINKS_SOLO - Success
-- Checking for module 'libpcre'
-- Found libpcre, version 8.45
-- Found PCRE: /usr/local/include
-- Found ZLIB: /usr/lib/x86_64-linux-gnu/libz.so (found version "1.2.11")
-- Checking for module 'libhs'
-- No package 'libhs' found
-- Checking for module 'libsafec'
-- Found libsafec, version 3.7.2
-- Checking for module 'uuid'
-- Found uuid, version 2.37.2
-- Checking for module 'libunwind'
-- Found libunwind, version 1.3.2
-- Found Libunwind: /usr/lib/x86_64-linux-gnu/libunwind.so (found version "1.3.2")
-- Performing Test HAS_C_HIDDEN
-- Performing Test HAS_C_HIDDEN - Success
-- Performing Test HAS_CXX_HIDDEN
-- Performing Test HAS_CXX_HIDDEN - Success
CMake Warning (dev) in cmake/configure_options.cmake:
A logical block opening on the line
/home/dorianrosse/snort_src/snort3-3.1.36.0/cmake/configure_options.cmake:177 (if)
closes on the line
/home/dorianrosse/snort_src/snort3-3.1.36.0/cmake/configure_options.cmake:185 (endif)
with mis-matching arguments.
Call Stack (most recent call first):
CMakeLists.txt:29 (include)
This warning is for project developers. Use -Wno-dev to suppress it.
-- Looking for malloc_trim
-- Looking for malloc_trim - found
-- Looking for memrchr
-- Looking for memrchr - found
-- Looking for sigaction
-- Looking for sigaction - found
-- Looking for basename_r
-- Looking for basename_r - not found
-- Performing Test HAVE_GNU_STRERROR_R
-- Performing Test HAVE_GNU_STRERROR_R - Success
-- Looking for getrpcent
-- Looking for getrpcent - found
-- Looking for sys/types.h
-- Looking for sys/types.h - found
-- Looking for stdint.h
-- Looking for stdint.h - found
-- Looking for stddef.h
-- Looking for stddef.h - found
-- Check size of long int
-- Check size of long int - done
-- Check size of unsigned long int
-- Check size of unsigned long int - done
-- Performing Test INLINE
-- Performing Test INLINE - Success
-- Performing Test RESTRICT
-- Performing Test RESTRICT - Success
-- Looking for lzma_code in /usr/lib/x86_64-linux-gnu/liblzma.so
-- Looking for lzma_code in /usr/lib/x86_64-linux-gnu/liblzma.so - found
-- Looking for backtrace in /usr/lib/x86_64-linux-gnu/libunwind.so
-- Looking for backtrace in /usr/lib/x86_64-linux-gnu/libunwind.so - found
-- Looking for printf_s in /usr/local/lib/libsafec.so
-- Looking for printf_s in /usr/local/lib/libsafec.so - found
-- Looking for uuid_parse in /usr/lib/x86_64-linux-gnu/libuuid.so
-- Looking for uuid_parse in /usr/lib/x86_64-linux-gnu/libuuid.so - found
-------------------------------------------------------
snort version 3.1.36.0
Install options:
prefix: /usr/bin
includes: /usr/bin/include/snort
plugins: /usr/bin/lib/snort
Compiler options:
CC: /usr/bin/cc
CXX: /usr/bin/c++
CFLAGS: -fvisibility=hidden -DNDEBUG -g -ggdb -O2 -g -DNDEBUG
CXXFLAGS: -fvisibility=hidden -DNDEBUG -g -ggdb -O2 -g -DNDEBUG
EXE_LDFLAGS:
MODULE_LDFLAGS:
Feature options:
DAQ Modules: Static (afpacket;bpf;dump;fst;gwlb;nfq;pcap;savefile;trace)
libatomic: System-provided
Hyperscan: OFF
ICONV: ON
Libunwind: ON
LZMA: ON
RPC DB: Built-in
SafeC: ON
TCMalloc: OFF
JEMalloc: OFF
UUID: ON
-------------------------------------------------------
-- Configuring done
-- Generating done
CMake Warning:
Manually-specified variables were not used by the project:
ENABLE_JEMALLOC
STATIC_JEMALLOC
-- Build files have been written to: /home/dorianrosse/snort_src/snort3-3.1.36.0/build
'''
____________________________________________________________________________
'''/home/dorianrosse/snort_src/snort3-3.1.36.0/build# make VERBOSE=1
/usr/local/bin/cmake -S/home/dorianrosse/snort_src/snort3-3.1.36.0 -B/home/dorianrosse/snort_src/snort3-3.1.36.0/build
--check-build-system CMakeFiles/Makefile.cmake 0
/usr/local/bin/cmake -E cmake_progress_start /home/dorianrosse/snort_src/snort3-3.1.36.0/build/CMakeFiles
/home/dorianrosse/snort_src/snort3-3.1.36.0/build//CMakeFiles/progress.marks
make -f CMakeFiles/Makefile2 all
make[1] : on entre dans le répertoire « /home/dorianrosse/snort_src/snort3-3.1.36.0/build »
make -f src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/build.make
src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/depend
make[2] : on entre dans le répertoire « /home/dorianrosse/snort_src/snort3-3.1.36.0/build »
cd /home/dorianrosse/snort_src/snort3-3.1.36.0/build && /usr/local/bin/cmake -E cmake_depends "Unix Makefiles"
/home/dorianrosse/snort_src/snort3-3.1.36.0 /home/dorianrosse/snort_src/snort3-3.1.36.0/src/connectors/tcp_connector
/home/dorianrosse/snort_src/snort3-3.1.36.0/build
/home/dorianrosse/snort_src/snort3-3.1.36.0/build/src/connectors/tcp_connector
/home/dorianrosse/snort_src/snort3-3.1.36.0/build/src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/DependInfo.cmake
--color=
Dependencies file "src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/tcp_connector.cc.o.d" is newer than
depends file
"/home/dorianrosse/snort_src/snort3-3.1.36.0/build/src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/compiler_depend.internal".
Dependencies file "src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/tcp_connector_module.cc.o.d" is newer than
depends file
"/home/dorianrosse/snort_src/snort3-3.1.36.0/build/src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/compiler_depend.internal".
Consolidate compiler generated dependencies of target tcp_connector
make[2] : on quitte le répertoire « /home/dorianrosse/snort_src/snort3-3.1.36.0/build »
make -f src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/build.make
src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/build
make[2] : on entre dans le répertoire « /home/dorianrosse/snort_src/snort3-3.1.36.0/build »
[ 0%] Building CXX object src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/tcp_connector.cc.o
cd /home/dorianrosse/snort_src/snort3-3.1.36.0/build/src/connectors/tcp_connector && /usr/bin/c++ -DHAVE_CONFIG_H
-Dinline=inline -Drestrict=__restrict -I/home/dorianrosse/snort_src/snort3-3.1.36.0/src/network_inspectors
-I/home/dorianrosse/snort_src/snort3-3.1.36.0/src -I/usr/local/include/luajit-2.0
-I/home/dorianrosse/snort_src/hyperscan-5.4.0 -I/home/dorianrosse/snort_src/snort3-3.1.36.0/build
-I/home/dorianrosse/snort_src/snort3-3.1.36.0 -I/usr/local/include/safeclib -I/usr/include/uuid -fvisibility=hidden
-DNDEBUG -g -ggdb -O2 -g -DNDEBUG -std=c++14 -MD -MT
src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/tcp_connector.cc.o -MF
CMakeFiles/tcp_connector.dir/tcp_connector.cc.o.d -o CMakeFiles/tcp_connector.dir/tcp_connector.cc.o -c
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/connectors/tcp_connector/tcp_connector.cc
In file included from /home/dorianrosse/snort_src/snort3-3.1.36.0/src/framework/connector.h:29,
from /home/dorianrosse/snort_src/snort3-3.1.36.0/src/connectors/tcp_connector/tcp_connector.h:26,
from /home/dorianrosse/snort_src/snort3-3.1.36.0/src/connectors/tcp_connector/tcp_connector.cc:25:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/framework/base_api.h:36:10: fatal error: framework/api_options.h: Aucun
fichier ou dossier de ce type
36 | #include "framework/api_options.h"
| ^~~~~~~~~~~~~~~~~~~~~~~~~
compilation terminated.
make[2]: *** [src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/build.make:76 :
src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/tcp_connector.cc.o] Erreur 1
make[2] : on quitte le répertoire « /home/dorianrosse/snort_src/snort3-3.1.36.0/build »
make[1]: *** [CMakeFiles/Makefile2:5100 : src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/all] Erreur 2
make[1] : on quitte le répertoire « /home/dorianrosse/snort_src/snort3-3.1.36.0/build »
make: *** [Makefile:156 : all] Erreur 2
'''
________________________________________________________________________________
thanks you in advance to repair snort3,
Regards.
Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : mercredi 10 août 2022 17:42
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
Dorian,
There is a lot going on here:
1. You need to remove sudo from your configure_cmake.sh command line. That is not needed, and it causes issues because
you get a different environment. It also caused your make to fail because of permissions.
2. Many of the paths configured with --with-* options are incorrect. You may need to add include/ and/or lib/ to some
of those paths.
* It found /usr/local/lib/libdaq.so but ~/snort_src/libdaq-3.0.9/ was specified.
* Hyperscan paths were specified but hyperscan was not found.
* ~/snort_src/pcre-8.45/ was specified but it found pcre in /usr/local/.
3. --enable-jemalloc was specified but it could not find jemalloc. You will need to install jemalloc and set
PKG_CONFIG_PATH if it is not installed in /usr/local/.
To minimize the issues, start over. Do not specify sudo anywhere. And do not specify --with-* unless you get an error
or it finds the wrong one. Send the updated results.
Russ
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Wednesday, August 10, 2022 4:01 AM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
no answer also i paste the answer of the line of command :
'''~/snort_src/snort3-3.1.36.0$ sudo ./configure_cmake.sh --prefix=/usr/bin/ \
--with-luajit-libraries=~/snort_src/LuaJIT-2.0.5/ \
--with-luajit-includes=~/snort_src/LuaJIT-2.0.5/ \
--enable-jemalloc --with-openssl=~/snort_src/openssl-1.1.1q/ \
--with-daq-includes=~/snort_src/libdaq-3.0.9/include \
--with-daq-libraries=~/snort_src/libdaq-3.0.9/ \
--with-hyperscan-includes=~/snort_src/hyperscan-5.4.0 \
--with-hyperscan-libraries=~/snort_src/hyperscan-5.4.0 \
--with-pcre-libraries=~/snort_src/pcre-8.45/ \
--with-pcre-includes=~/snort_src/pcre-8.45/ \
--with-dnet-libraries=~/snort_src/libdnet-1.11/ \
--with-dnet-includes=~/snort_src/libdnet-1.11/ \
--with-iconv-libraries=~/snort_src/libiconv-1.17/ \
--with-iconv-includes=~/snort_src/libiconv-1.17/ \
--with-pcap-libraries=~/snort_src/libpcap-1.10.1/ \
--with-pcap-includes=~/snort_src/libpcap-1.10.1/ \
--with-uuid-libraries=~/snort_src/uuid/ \
--with-uuid-includes=~/snort_src/uuid/ \
Build Directory : build
Source Directory: /home/dorianrosse/snort_src/snort3-3.1.36.0
CMake Warning:
Ignoring empty string ("") provided on the command line.
-- The CXX compiler identification is GNU 11.2.0
-- The C compiler identification is GNU 11.2.0
-- Detecting CXX compiler ABI info
-- Detecting CXX compiler ABI info - done
-- Check for working CXX compiler: /usr/bin/c++ - skipped
-- Detecting CXX compile features
-- Detecting CXX compile features - done
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Check for working C compiler: /usr/bin/cc - skipped
-- Detecting C compile features
-- Detecting C compile features - done
-- Performing Test CMAKE_HAVE_LIBC_PTHREAD
-- Performing Test CMAKE_HAVE_LIBC_PTHREAD - Success
-- Found PkgConfig: /usr/bin/pkg-config (found version "0.29.2")
-- Checking for module 'libdaq>=3.0.7'
-- Found libdaq, version 3.0.9
-- Found DAQ: /usr/local/lib/libdaq.so
-- Checking for module 'libdaq_static_afpacket'
-- Found libdaq_static_afpacket, version 3.0.9
-- Checking for module 'libdaq_static_bpf'
-- Found libdaq_static_bpf, version 3.0.9
-- Checking for module 'libdaq_static_dump'
-- Found libdaq_static_dump, version 3.0.9
-- Checking for module 'libdaq_static_fst'
-- Found libdaq_static_fst, version 3.0.9
-- Checking for module 'libdaq_static_gwlb'
-- Found libdaq_static_gwlb, version 3.0.9
-- Checking for module 'libdaq_static_nfq'
-- Found libdaq_static_nfq, version 3.0.9
-- Checking for module 'libdaq_static_pcap'
-- Found libdaq_static_pcap, version 3.0.9
-- Checking for module 'libdaq_static_savefile'
-- Found libdaq_static_savefile, version 3.0.9
-- Checking for module 'libdaq_static_trace'
-- Found libdaq_static_trace, version 3.0.9
-- Found DNET: /usr/include
-- Found FLEX: /usr/bin/flex (found suitable version "2.6.4", minimum required is "2.6.0")
-- Checking for module 'hwloc'
-- Found hwloc, version 2.7.0
-- Found HWLOC: /usr/lib/x86_64-linux-gnu/libhwloc.so
-- Checking for module 'luajit'
-- Found luajit, version 2.0.5
-- Found LuaJIT: /usr/local/lib/libluajit-5.1.so (found version "2.0.5")
-- Found OpenSSL: /usr/local/lib/libcrypto.so (found suitable version "1.1.1q", minimum required is "1.1.1")
-- Found PCAP: /usr/local/lib/libpcap.so
-- Performing Test PCAP_LINKS_SOLO
-- Performing Test PCAP_LINKS_SOLO - Success
-- Checking for module 'libpcre'
-- Found libpcre, version 8.45
-- Found PCRE: /usr/local/include
-- Found ZLIB: /usr/lib/x86_64-linux-gnu/libz.so (found version "1.2.11")
-- Checking for module 'libhs'
-- No package 'libhs' found
-- Checking for module 'libsafec'
-- Found libsafec, version 3.7.2
-- Checking for module 'uuid'
-- Found uuid, version 2.37.2
-- Checking for module 'libunwind'
-- Found libunwind, version 1.3.2
-- Found Libunwind: /usr/lib/x86_64-linux-gnu/libunwind.so (found version "1.3.2")
-- Performing Test HAS_C_HIDDEN
-- Performing Test HAS_C_HIDDEN - Success
-- Performing Test HAS_CXX_HIDDEN
-- Performing Test HAS_CXX_HIDDEN - Success
CMake Warning (dev) in cmake/configure_options.cmake:
A logical block opening on the line
/home/dorianrosse/snort_src/snort3-3.1.36.0/cmake/configure_options.cmake:177 (if)
closes on the line
/home/dorianrosse/snort_src/snort3-3.1.36.0/cmake/configure_options.cmake:184 (endif)
with mis-matching arguments.
Call Stack (most recent call first):
CMakeLists.txt:29 (include)
This warning is for project developers. Use -Wno-dev to suppress it.
-- Looking for malloc_trim
-- Looking for malloc_trim - found
-- Looking for memrchr
-- Looking for memrchr - found
-- Looking for sigaction
-- Looking for sigaction - found
-- Looking for basename_r
-- Looking for basename_r - not found
-- Performing Test HAVE_GNU_STRERROR_R
-- Performing Test HAVE_GNU_STRERROR_R - Success
-- Looking for getrpcent
-- Looking for getrpcent - found
-- Looking for sys/types.h
-- Looking for sys/types.h - found
-- Looking for stdint.h
-- Looking for stdint.h - found
-- Looking for stddef.h
-- Looking for stddef.h - found
-- Check size of long int
-- Check size of long int - done
-- Check size of unsigned long int
-- Check size of unsigned long int - done
-- Performing Test INLINE
-- Performing Test INLINE - Success
-- Performing Test RESTRICT
-- Performing Test RESTRICT - Success
-- Looking for lzma_code in /usr/lib/x86_64-linux-gnu/liblzma.so
-- Looking for lzma_code in /usr/lib/x86_64-linux-gnu/liblzma.so - found
-- Looking for backtrace in /usr/lib/x86_64-linux-gnu/libunwind.so
-- Looking for backtrace in /usr/lib/x86_64-linux-gnu/libunwind.so - found
-- Looking for printf_s in /usr/local/lib/libsafec.so
-- Looking for printf_s in /usr/local/lib/libsafec.so - found
-- Looking for uuid_parse in /usr/lib/x86_64-linux-gnu/libuuid.so
-- Looking for uuid_parse in /usr/lib/x86_64-linux-gnu/libuuid.so - found
-------------------------------------------------------
snort version 3.1.36.0
Install options:
prefix: /usr/bin
includes: /usr/bin/include/snort
plugins: /usr/bin/lib/snort
Compiler options:
CC: /usr/bin/cc
CXX: /usr/bin/c++
CFLAGS: -fvisibility=hidden -DNDEBUG -g -ggdb -O2 -g -DNDEBUG
CXXFLAGS: -fvisibility=hidden -DNDEBUG -g -ggdb -O2 -g -DNDEBUG
EXE_LDFLAGS:
MODULE_LDFLAGS:
Feature options:
DAQ Modules: Static (afpacket;bpf;dump;fst;gwlb;nfq;pcap;savefile;trace)
libatomic: System-provided
Hyperscan: OFF
ICONV: ON
Libunwind: ON
LZMA: ON
RPC DB: Built-in
SafeC: ON
TCMalloc: OFF
JEMalloc: OFF
UUID: ON
-------------------------------------------------------
-- Configuring done
-- Generating done
CMake Warning:
Manually-specified variables were not used by the project:
ENABLE_JEMALLOC
STATIC_JEMALLOC
-- Build files have been written to: /home/dorianrosse/snort_src/snort3-3.1.36.0/build
'''
____________________________________________________________________________________
'''~/snort_src/snort3-3.1.36.0/build$ make VERBOSE=1
/usr/local/bin/cmake -S/home/dorianrosse/snort_src/snort3-3.1.36.0 -B/home/dorianrosse/snort_src/snort3-3.1.36.0/build
--check-build-system CMakeFiles/Makefile.cmake 0
/usr/local/bin/cmake -E cmake_progress_start /home/dorianrosse/snort_src/snort3-3.1.36.0/build/CMakeFiles
/home/dorianrosse/snort_src/snort3-3.1.36.0/build//CMakeFiles/progress.marks
make -f CMakeFiles/Makefile2 all
make[1] : on entre dans le répertoire « /home/dorianrosse/snort_src/snort3-3.1.36.0/build »
make -f src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/build.make
src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/depend
make[2] : on entre dans le répertoire « /home/dorianrosse/snort_src/snort3-3.1.36.0/build »
cd /home/dorianrosse/snort_src/snort3-3.1.36.0/build && /usr/local/bin/cmake -E cmake_depends "Unix Makefiles"
/home/dorianrosse/snort_src/snort3-3.1.36.0 /home/dorianrosse/snort_src/snort3-3.1.36.0/src/connectors/tcp_connector
/home/dorianrosse/snort_src/snort3-3.1.36.0/build
/home/dorianrosse/snort_src/snort3-3.1.36.0/build/src/connectors/tcp_connector
/home/dorianrosse/snort_src/snort3-3.1.36.0/build/src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/DependInfo.cmake
--color=
Dependencies file "src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/tcp_connector.cc.o.d" is newer than
depends file
"/home/dorianrosse/snort_src/snort3-3.1.36.0/build/src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/compiler_depend.internal".
Dependencies file "src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/tcp_connector_module.cc.o.d" is newer than
depends file
"/home/dorianrosse/snort_src/snort3-3.1.36.0/build/src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/compiler_depend.internal".
Consolidate compiler generated dependencies of target tcp_connector
CMake Error: Cannot open file for write:
/home/dorianrosse/snort_src/snort3-3.1.36.0/build/src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/compiler_depend.make.tmpa51fe
CMake Error: : System Error: Permission denied
make[2]: *** [src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/build.make:114 :
src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/depend] Erreur 2
make[2] : on quitte le répertoire « /home/dorianrosse/snort_src/snort3-3.1.36.0/build »
make[1]: *** [CMakeFiles/Makefile2:5099 : src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/all] Erreur 2
make[1] : on quitte le répertoire « /home/dorianrosse/snort_src/snort3-3.1.36.0/build »
make: *** [Makefile:156 : all] Erreur 2
dorianrosse@Ubuntu-ThinkPad-X250:~/snort_src/snort3-3.1.36.0/b
'''
___________________________________________________________________________________________________________________
thanks you in advance to repair snort3,
regards.
Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : mardi 9 août 2022 01:57
À : snort-devel () lists snort org <snort-devel () lists snort org>; Dorian ROSSE <dorianbrice () hotmail fr>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort
Dorian,
If you are just starting out, I suggest focusing on Snort 3. That will cut your problems in half. 😉
You most likely need to add include/ to your daq-includes like this:
--with-daq-includes=~/snort_src/libdaq-3.0.9/include. It is probably finding includes for the wrong version.
Also, you should configure for either tcmalloc or jemalloc, not both. jemalloc is required for memory management and is
highly recommended.
Make the above changes and send cmake.out and make.out for further assistance with Snort 3.
$ configure_cmake.sh <args> &> cmake.out
$ cd build/
$ make VERBOSE=1 &> make.out
Thanks
Russ
________________________________
From: Snort-devel <snort-devel-bounces () lists snort org> on behalf of Dorian ROSSE via Snort-devel <snort-devel ()
lists snort org>
Sent: Sunday, August 7, 2022 9:11 AM
To: snort-devel () lists snort org <snort-devel () lists snort org>
Subject: [Snort-devel] snort3 can't build fully thus i think remove my subscribing of snort because i can't build both
snort
hello,
snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort,
the error happening when i launch line of command following :
'''sudo ./configure_cmake.sh --prefix=/usr/bin/ --with-luajit-libraries=~/snort_src/LuaJIT-2.0.5/
--with-luajit-includes=~/snort_src/LuaJIT-2.0.5/ --enable-tcmalloc --enable-jemalloc
--with-openssl=~/snort_src/openssl-1.1.1q/ --with-daq-includes=~/snort_src/libdaq-3.0.9/
--with-daq-libraries=~/snort_src/libdaq-3.0.9/ --with-hyperscan-includes=~/snort_src/hyperscan-5.4.0
--with-hyperscan-libraries=~/snort_src/hyperscan-5.4.0 --with-pcre-libraries=~/snort_src/pcre-8.45/
--with-pcre-includes=~/snort_src/pcre-8.45/ --with-dnet-libraries=~/snort_src/libdnet-1.11/
--with-dnet-includes=~/snort_src/libdnet-1.11/ --with-iconv-libraries=~/snort_src/libiconv-1.17/
--with-iconv-includes=~/snort_src/libiconv-1.17/ --with-pcap-libraries=~/snort_src/libpcap-1.10.1/
--with-pcap-includes=~/snort_src/libpcap-1.10.1/ --with-uuid-libraries=~/snort_src/uuid/
--with-uuid-includes=~/snort_src/uuid/ && cd build && sudo make -j 4 && sudo make -j 4 install
'''
'''-- Build files have been written to: /home/dorianrosse/snort_src/snort3-3.1.36.0/build
Consolidate compiler generated dependencies of target tcp_connector
Consolidate compiler generated dependencies of target codecs
Consolidate compiler generated dependencies of target root_codecs
Consolidate compiler generated dependencies of target ips_actions
[ 1%] Built target tcp_connector
[ 1%] Building CXX object src/codecs/root/CMakeFiles/root_codecs.dir/cd_eth.cc.o
[ 1%] Built target codecs
Consolidate compiler generated dependencies of target link_codecs
Consolidate compiler generated dependencies of target ip_codecs
[ 1%] Building CXX object src/actions/CMakeFiles/ips_actions.dir/act_alert.cc.o
[ 1%] Building CXX object src/codecs/link/CMakeFiles/link_codecs.dir/cd_vlan.cc.o
[ 1%] Building CXX object src/codecs/ip/CMakeFiles/ip_codecs.dir/cd_ipv4.cc.o
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/link/cd_vlan.cc: In member function ‘virtual bool
{anonymous}::VlanCodec::decode(const snort::RawData&, snort::CodecData&, DecodeData&)’:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/link/cd_vlan.cc:99:32: error: ‘daq_msg_get_pkthdr’ was not
declared in this scope
99 | const DAQ_PktHdr_t* pkth = daq_msg_get_pkthdr(raw.daq_msg);
| ^~~~~~~~~~~~~~~~~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/link/cd_vlan.cc:100:23: error: ‘DAQ_PKT_FLAG_IGNORE_VLAN’ was
not declared in this scope
100 | if (pkth->flags & DAQ_PKT_FLAG_IGNORE_VLAN)
| ^~~~~~~~~~~~~~~~~~~~~~~~
make[2]: *** [src/codecs/link/CMakeFiles/link_codecs.dir/build.make:202 :
src/codecs/link/CMakeFiles/link_codecs.dir/cd_vlan.cc.o] Erreur 1
make[1]: *** [CMakeFiles/Makefile2:2812 : src/codecs/link/CMakeFiles/link_codecs.dir/all] Erreur 2
make[1]: *** Attente des tâches non terminées....
[ 1%] Building CXX object src/actions/CMakeFiles/ips_actions.dir/act_block.cc.o
In file included from /home/dorianrosse/snort_src/snort3-3.1.36.0/src/protocols/packet_manager.h:31,
from /home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/root/cd_eth.cc:32:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/protocols/packet.h:146:5: error: ‘DAQ_Msg_h’ does not name a type
146 | DAQ_Msg_h daq_msg; // DAQ message this packet came from
| ^~~~~~~~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/protocols/packet.h: In member function ‘bool
snort::Packet::is_inter_group_flow() const’:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/protocols/packet.h:337:29: error: ‘DAQ_PKT_FLAG_SIGNIFICANT_GROUPS’ was
not declared in this scope
337 | { return (pkth->flags & DAQ_PKT_FLAG_SIGNIFICANT_GROUPS) != 0; }
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /home/dorianrosse/snort_src/snort3-3.1.36.0/src/actions/act_alert.cc:26:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/protocols/packet.h:146:5: error: ‘DAQ_Msg_h’ does not name a type
146 | DAQ_Msg_h daq_msg; // DAQ message this packet came from
| ^~~~~~~~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/protocols/packet.h: In member function ‘bool
snort::Packet::is_inter_group_flow() const’:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/protocols/packet.h:337:29: error: ‘DAQ_PKT_FLAG_SIGNIFICANT_GROUPS’ was
not declared in this scope
337 | { return (pkth->flags & DAQ_PKT_FLAG_SIGNIFICANT_GROUPS) != 0; }
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
make[2]: *** [src/actions/CMakeFiles/ips_actions.dir/build.make:104 :
src/actions/CMakeFiles/ips_actions.dir/act_alert.cc.o] Erreur 1
make[2]: *** Attente des tâches non terminées....
[ 1%] Building CXX object src/codecs/ip/CMakeFiles/ip_codecs.dir/cd_tcp.cc.o
make[2]: *** [src/codecs/root/CMakeFiles/root_codecs.dir/build.make:76 :
src/codecs/root/CMakeFiles/root_codecs.dir/cd_eth.cc.o] Erreur 1
make[1]: *** [CMakeFiles/Makefile2:2786 : src/codecs/root/CMakeFiles/root_codecs.dir/all] Erreur 2
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_ipv4.cc: In member function ‘bool
{anonymous}::Ipv4Codec::valid_checksum_from_daq(const snort::RawData&)’:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_ipv4.cc:135:11: error: ‘DAQ_PktDecodeData_t’ does not name
a type
135 | const DAQ_PktDecodeData_t* pdd =
| ^~~~~~~~~~~~~~~~~~~
[ 1%] Building CXX object src/codecs/ip/CMakeFiles/ip_codecs.dir/cd_auth.cc.o
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_ipv4.cc:137:10: error: ‘pdd’ was not declared in this scope
137 | if (!pdd || !pdd->flags.bits.l3_checksum || !pdd->flags.bits.ipv4 || !pdd->flags.bits.l3)
| ^~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_ipv4.cc:140:9: error: ‘pdd’ was not declared in this scope
140 | if (pdd->l3_offset != DAQ_PKT_DECODE_OFFSET_INVALID)
| ^~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_ipv4.cc:140:27: error: ‘DAQ_PKT_DECODE_OFFSET_INVALID’ was
not declared in this scope
140 | if (pdd->l3_offset != DAQ_PKT_DECODE_OFFSET_INVALID)
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_ipv4.cc:142:31: error: ‘daq_msg_get_data’ was not declared
in this scope
142 | const uint8_t* data = daq_msg_get_data(raw.daq_msg);
| ^~~~~~~~~~~~~~~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_ipv4.cc: In member function ‘virtual bool
{anonymous}::Ipv4Codec::decode(const snort::RawData&, snort::CodecData&, DecodeData&)’:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_ipv4.cc:245:11: error: ‘DAQ_NAPTInfo_t’ does not name a
type; did you mean ‘DAQ_VPN_Info_t’?
245 | const DAQ_NAPTInfo_t* napti = (const DAQ_NAPTInfo_t*) daq_msg_get_meta(raw.daq_msg, DAQ_PKT_META_NAPT_INFO);
| ^~~~~~~~~~~~~~
| DAQ_VPN_Info_t
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_ipv4.cc:246:9: error: ‘napti’ was not declared in this
scope
246 | if (napti && codec.ip_layer_cnt == napti->ip_layer)
| ^~~~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_ipv4.cc:250:40: error: ‘daq_napt_info_src_addr_family’ was
not declared in this scope
250 | real_src.set(&napti->src_addr, daq_napt_info_src_addr_family(napti));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_ipv4.cc:251:40: error: ‘daq_napt_info_dst_addr_family’ was
not declared in this scope
251 | real_dst.set(&napti->dst_addr, daq_napt_info_dst_addr_family(napti));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
make[2]: *** [src/codecs/ip/CMakeFiles/ip_codecs.dir/build.make:76 :
src/codecs/ip/CMakeFiles/ip_codecs.dir/cd_ipv4.cc.o] Erreur 1
make[2]: *** Attente des tâches non terminées....
In file included from /home/dorianrosse/snort_src/snort3-3.1.36.0/src/protocols/packet_manager.h:31,
from /home/dorianrosse/snort_src/snort3-3.1.36.0/src/packet_io/active.h:27,
from /home/dorianrosse/snort_src/snort3-3.1.36.0/src/actions/act_block.cc:26:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/protocols/packet.h:146:5: error: ‘DAQ_Msg_h’ does not name a type
146 | DAQ_Msg_h daq_msg; // DAQ message this packet came from
| ^~~~~~~~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/protocols/packet.h: In member function ‘bool
snort::Packet::is_inter_group_flow() const’:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/protocols/packet.h:337:29: error: ‘DAQ_PKT_FLAG_SIGNIFICANT_GROUPS’ was
not declared in this scope
337 | { return (pkth->flags & DAQ_PKT_FLAG_SIGNIFICANT_GROUPS) != 0; }
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /home/dorianrosse/snort_src/snort3-3.1.36.0/src/actions/act_block.cc:26:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/packet_io/active.h: At global scope:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/packet_io/active.h:212:25: error: ‘DAQ_Msg_h’ has not been declared
212 | static int send_eth(DAQ_Msg_h, int, const uint8_t* buf, uint32_t len);
| ^~~~~~~~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/packet_io/active.h:213:24: error: ‘DAQ_Msg_h’ has not been declared
213 | static int send_ip(DAQ_Msg_h, int, const uint8_t* buf, uint32_t len);
| ^~~~~~~~~
make[2]: *** [src/actions/CMakeFiles/ips_actions.dir/build.make:118 :
src/actions/CMakeFiles/ips_actions.dir/act_block.cc.o] Erreur 1
make[1]: *** [CMakeFiles/Makefile2:2734 : src/actions/CMakeFiles/ips_actions.dir/all] Erreur 2
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_tcp.cc: In member function ‘bool
{anonymous}::TcpCodec::valid_checksum_from_daq(const snort::RawData&)’:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_tcp.cc:156:11: error: ‘DAQ_PktDecodeData_t’ does not name
a type
156 | const DAQ_PktDecodeData_t* pdd =
| ^~~~~~~~~~~~~~~~~~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_tcp.cc:158:10: error: ‘pdd’ was not declared in this scope
158 | if (!pdd || !pdd->flags.bits.l4_checksum || !pdd->flags.bits.tcp || !pdd->flags.bits.l4)
| ^~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_tcp.cc:161:9: error: ‘pdd’ was not declared in this scope
161 | if (pdd->l4_offset != DAQ_PKT_DECODE_OFFSET_INVALID)
| ^~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_tcp.cc:161:27: error: ‘DAQ_PKT_DECODE_OFFSET_INVALID’ was
not declared in this scope
161 | if (pdd->l4_offset != DAQ_PKT_DECODE_OFFSET_INVALID)
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_tcp.cc:163:31: error: ‘daq_msg_get_data’ was not declared
in this scope
163 | const uint8_t* data = daq_msg_get_data(raw.daq_msg);
| ^~~~~~~~~~~~~~~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_tcp.cc: In member function ‘virtual bool
{anonymous}::TcpCodec::decode(const snort::RawData&, snort::CodecData&, DecodeData&)’:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_tcp.cc:274:11: error: ‘DAQ_NAPTInfo_t’ does not name a
type; did you mean ‘DAQ_VPN_Info_t’?
274 | const DAQ_NAPTInfo_t* napti = (const DAQ_NAPTInfo_t*) daq_msg_get_meta(raw.daq_msg, DAQ_PKT_META_NAPT_INFO);
| ^~~~~~~~~~~~~~
| DAQ_VPN_Info_t
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_tcp.cc:275:9: error: ‘napti’ was not declared in this scope
275 | if (napti && codec.ip_layer_cnt == napti->ip_layer)
| ^~~~~
make[2]: *** [src/codecs/ip/CMakeFiles/ip_codecs.dir/build.make:104 :
src/codecs/ip/CMakeFiles/ip_codecs.dir/cd_tcp.cc.o] Erreur 1
make[1]: *** [CMakeFiles/Makefile2:2838 : src/codecs/ip/CMakeFiles/ip_codecs.dir/all] Erreur 2
make: *** [Makefile:156 : all] Erreur 2
'''
thanks you in advance to help myself fully repair one of both snort or else i remove my subscribing of snort,
regards.
Dorian ROSSE.
_______________________________________________ Snort-devel mailing list Snort-devel () lists snort org https://lists.snort.org/mailman/listinfo/snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort, (continued)
- Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Dorian ROSSE via Snort-devel (Aug 17)
- Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Russ Combs (rucombs) via Snort-devel (Aug 17)
- Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Dorian ROSSE via Snort-devel (Aug 17)
- Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Dorian ROSSE via Snort-devel (Aug 17)
- Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Dorian ROSSE via Snort-devel (Aug 17)
- Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Dorian ROSSE via Snort-devel (Aug 17)
- Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Russ Combs (rucombs) via Snort-devel (Aug 24)
- Message not available
- Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Russ Combs (rucombs) via Snort-devel (Aug 27)
- Message not available
- Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Russ Combs (rucombs) via Snort-devel (Aug 27)
- Message not available
- Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Russ Combs (rucombs) via Snort-devel (Aug 29)
- Message not available
- Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Russ Combs (rucombs) via Snort-devel (Aug 29)
- Message not available
- Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Russ Combs (rucombs) via Snort-devel (Aug 29)
- Message not available
- Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Russ Combs (rucombs) via Snort-devel (Aug 30)
- Message not available
- Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Russ Combs (rucombs) via Snort-devel (Sep 06)
- Message not available
- Message not available
- Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Russ Combs (rucombs) via Snort-devel (Sep 07)