Re: error on "make" in so_rules

[Rachmat Hidayat Al-Anshar <rachmat_hidayat_02 () yahoo com>]

Hi Jeffrey, thanks for responding :)
 
> The so_rules directory needs to be located in the
> Snort source
> directory (snort-2.8.1/so_rules) when compiled.  So
> unless you keep
> the source in /etc/snort...
 
 Actually, I was rename the snort's directory from
 'snort-2.8.0' becomes 'snort'. 
 The so_rules being located at /etc/snort/so_rules when
 
 compiled. 
 
 # ls
 Makefile                               
 exploit_imail-ldap.c
 Makefile.OSX                           
 exploit_squid-ntlm-auth.c
 _meta.c                                
 netbios_writex.c
 _meta.h                                 p2p.c
 _meta.o                                 p2p.o
 bad-traffic_pgm-nak-overflow.c          p2p_winny.c
 category-build.pl                       pcre.h
 dos_igmpv3.c                            pcreposix.h
 dos_ms06-32.c                          
 web-client_quicktimejpeg-underflow.c
 exploit_dhcp-option-overflow.c
 # pwd
 /etc/snort/so_rules
 # make
 building p2p ... cc -c -ggdb -I. -I.. -I../..
 -I../src/dynamic-preprocessors/include/
 -I/usr/local/include
 -I../src/dynamic-examples/dynamic-rule/ -fPIC
 -fno-stack-protector -D DETECTION_LIB_NAME=\"p2p\" -o
 p2p.o p2p.c
 cc -c -ggdb -I. -I.. -I../..
 -I../src/dynamic-preprocessors/include/
 -I/usr/local/include
 -I../src/dynamic-examples/dynamic-rule/ -fPIC
 -fno-stack-protector -D DETECTION_LIB_NAME=\"p2p\" -o
 _meta.o _meta.c
 ld: p2p_*.o: No such file: No such file or directory
 *** Error code 1
 
 Stop in /etc/snort/so_rules (line 22 of Makefile).
 
 
> The snortrules-snapshot-CURRENT.tar.gz currently
> available from
> snort.org, registered user release, version 2.8,
> released on
> 2008-03-11, has a problem with the so_rules
> Makefile.  I reported this
> on 15 Mar 2008.  Matthew Watchinski says this issue
> is in the bug
> tracking system.
 
 Thanks for the information :)
 
> >  What should I do to solving that kind of problem?
> >  nb: My Snort box is an OpenBSD4.1 machine.
>
> It would help to know the version of Snort and rules
> that you are using.
 
 I beg a pardon, my bad.
 Its Snort-2.8.0 with pretty old version of 
 snortrules-snapshot-CURRENT. I am using this 
 for testing purpose only and there is no 
 bug from implementation at another machines.
 
 Thanks in advance
 Rachmat Hidayat Al Anshar
       
---------------------------------
Be a better friend, newshound, and know-it-all with Yahoo! Mobile.  Try it now.

-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference 
Don't miss this year's exciting event. There's still time to save $100. 
Use priority code J8TL2D2. 
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users