Snort mailing list archives
Re: Snort 2.9.0 Now Available
From: "Crook, Parker" <Parker_Crook () reyrey com>
Date: Fri, 8 Oct 2010 11:47:56 -0400
Howdy again Snort-heads, I have been gone for some time, the original intent was to come back after a month and give the Snort Drinking Game a try while abiding by the rules (ie, Don't look at the list for a month...), but I took a longer than intended break. Alas, I have started reading and my liver ran away before I could even get started. [TRIM]
> With 2.9.0, you *must* use the DAQ. By default, you will wind up using a pcap > DAQ, but the DAQ is a separate package that must be installed. This is new for > 2.9.0. ugh! when does the madness end?
[TRIM] Argh! Certainly not here, I just had to build a new build environment to get it all running; the irony is not lost on me, nor is the frustration. So, now that I know it can be done on Debian, I am turning back to my old build environment wondering why/where it went wrong. I had libdnet-1.11, libpcap-1.1.1 and went to town on daq-0.2 so I could get snort-2.9.0 up and running in my test environment. So running ./configure for daq, I get the following error (last 5 lines of output below): checking whether the f77 linker (/usr/bin/ld) supports shared libraries... yes checking dynamic linker characteristics... GNU/Linux ld.so (cached) (cached) checking how to hardcode library paths into programs... immediate ./configure: line 19179: syntax error near unexpected token `AC_SF_COMPILER_SETUP' ./configure: line 19179: `AC_SF_COMPILER_SETUP()' Google turns up a bunch of cricket chirps and so I put it to the Sourcefire guys... any clues?
It would make things a tad easier for Snort installs but the DAQ is a generic solution to packet acquisition problems and is packaged separately so that it may find a life of its own.that's understandable... to a point... i can't count the numbers of times that i've included other packages in my releases that are standalone that my release required for operation... it just made sense to "make it as easy as possible"... it certainly didn't take away from the separation of the packages or their individuality ;)
And we thank you for your civility, wkitty :)
this release really should be 3.something instead of 2.9 with changes like these... but all we can do it either keep trying to move forward or dump snort in the bitbucket and find something else :? that's not my call so all i can do is try to keep beating snort into submission in my environment... it may very well turn out that it gets dumped if we can't get 2.9.0 working and especially if the rules updates get EOLed and leave our users with no rules to use...
Agreed, major changes here -> 3.0, but water under the bridge, as the saying goes. -Parker ------------------------------------------------------------------------------ Beautiful is writing same markup. Internet Explorer 9 supports standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 & L3. Spend less time writing and rewriting code and more time creating great experiences on the web. Be a part of the beta today. http://p.sf.net/sfu/beautyoftheweb _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: Snort 2.9.0 Now Available, (continued)
- Re: Snort 2.9.0 Now Available Eoin Miller (Oct 04)
- Re: Snort 2.9.0 Now Available waldo kitty (Oct 04)
- Re: Snort 2.9.0 Now Available Russ Combs (Oct 04)
- Re: Snort 2.9.0 Now Available waldo kitty (Oct 04)
- Re: Snort 2.9.0 Now Available Alex Tatistcheff (Oct 04)
- Re: Snort 2.9.0 Now Available Russ Combs (Oct 05)
- Re: Snort 2.9.0 Now Available waldo kitty (Oct 05)
- Re: Snort 2.9.0 Now Available Russ Combs (Oct 05)
- Re: Snort 2.9.0 Now Available waldo kitty (Oct 05)
- Re: Snort 2.9.0 Now Available Russ Combs (Oct 05)
- Re: Snort 2.9.0 Now Available Crook, Parker (Oct 08)
- Re: Snort 2.9.0 Now Available Michael Altizer (Oct 08)
- Re: Snort 2.9.0 Now Available Crook, Parker (Oct 08)