Snort mailing list archives
RE: UPDATE: flexresp2 (new and improved active response for Snort)
From: "Francis A. Vidal" <francisv-sender-58ad63 () irc dagupan com>
Date: Fri, 5 Sep 2003 09:57:32 +0800
Jeff, The snort version on FreeBSD 4.8-STABLE is 2.0.1, I got some rejects on file configure.in when I applied your patch: *************** *** 258,264 **** [with_libpcap_includes="$withval"],[with_libpcap_includes=no]) AC_ARG_WITH(libpcap_libraries, - [ --with-libpcap-libraries=DIR libpcap library directory], [with_libpcap_libraries="$withval"],[with_libpcap_libraries=no]) if test "$with_libpcap_includes" != "no"; then --- 258,264 ---- [with_libpcap_includes="$withval"],[with_libpcap_includes=no]) AC_ARG_WITH(libpcap_libraries, + [ --with-libpcap-libraries=DIR libpcap library directory], [with_libpcap_libraries="$withval"],[with_libpcap_libraries=no]) if test "$with_libpcap_includes" != "no"; then Other rejects: ./src/win32/WIN32-Prj/snort.dsp.rej ./src/win32/WIN32-Prj/snort.dsw.rej ./src/win32/WIN32-Prj/snort.mak.rej It also warns me with: cd . && /bin/sh /usr/ports/security/snort/work/snort-2.0.1/missing --run aclocal-1.6 aclocal-1.6: not found WARNING: `aclocal-1.6' is needed, and you do not seem to have it handy on your system. You might have modified some files without having the proper tools for further handling them. Check the `README' file, it often tells you about the needed prerequirements for installing this package. You may also peek at any GNU archive site, in case some other package would contain this missing `aclocal-1.6' program. *** Error code 1 But I have aclocal in /usr/local/bin: aclocal (GNU automake) 1.5 -----Original Message----- From: Jeff Nathan [mailto:jeff () snort org] Sent: Friday, September 05, 2003 1:41 AM To: Francis A. Vidal Cc: snort-users () lists sourceforge net Subject: Re: [Snort-users] UPDATE: flexresp2 (new and improved active response for Snort) WARNING: Unsanitized content follows. WARNING: Unsanitized content follows. WARNING: Unsanitized content follows. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday, September 4, 2003, at 04:49 AM, Francis A. Vidal wrote:
Jeff, Any chance you can make the patch work cleanly with the FreeBSD port? Thanks.
Francis, This is mostly dependent upon which version of Snort is in the FreeBSD ports tree. If it's a relatively recent version you should be able to run "make extract" on the Snort port and once that has finished apply the patch I created. After you've applied the patch you'll have to edit the port's Makefile and either add a flavor for flexresp2 or modify the flexresp flavor to pass "--enable-flexresp2" instead of "--enable-flexresp". I don't have a FreeBSD box handy, I'm not sure which version of FreeBSD you're running and I'm not sure which version of Snort they've got in their ports tree. However, you should be able to get this working without too much trouble. - -Jeff - -- Top security experts. Cutting edge tools, techniques and information. Tokyo, Japan November, 2003 http://www.pacsec.jp -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (Darwin) iD8DBQE/V3k6Eqr8+Gkj0/0RAiJQAKC79jakbw5AIO85uj7XtKKH/fX7nACgqJPj 01Yl5Yo2t4olNNLrHc/vfZc= =Ddyo -----END PGP SIGNATURE----- ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- UPDATE: flexresp2 (new and improved active response for Snort) Jeff Nathan (Sep 04)
- RE: UPDATE: flexresp2 (new and improved active response for Snort) Francis A. Vidal (Sep 04)
- Re: UPDATE: flexresp2 (new and improved active response for Snort) Jeff Nathan (Sep 04)
- RE: UPDATE: flexresp2 (new and improved active response for Snort) Francis A. Vidal (Sep 04)
- Re: UPDATE: flexresp2 (new and improved active response for Snort) Jeff Nathan (Sep 04)
- Re: UPDATE: flexresp2 (new and improved active response for Snort) jon baer (Sep 04)
- Re: UPDATE: flexresp2 (new and improved active response for Snort) Jeff Nathan (Sep 04)
- RE: UPDATE: flexresp2 (new and improved active response for Snort) Francis A. Vidal (Sep 04)