Snort mailing list archives
Re: DAQ and libpcap 1.1.1 vs 1.0.0
From: vincent () cojot name
Date: Tue, 9 Nov 2010 11:25:13 +0100 (CET)
Hi everyone, The new rpms are up (libpcap1 rpms version 1.1.1-8) and are using the pristine source from tcpdump.org. All this is very unfortunate since this issue (using a modified 1.1.1 libpcap source) is something which I didn't verify. So, for now, my final list of rpms for RHEL5/centos5 is as follows: snort/RHEL5/SRPMS/snort-2.9.0.1-3.el5.src.rpm snort/RHEL5/SRPMS/daq-0.3-5.el5.src.rpm snort/RHEL5/SRPMS/snort-2.9.0-1.el5.src.rpm snort/RHEL5/SRPMS/libpcap1-1.1.1-8.el5.src.rpm snort/RHEL5/SRPMS/libdnet-1.12-6.el5.src.rpm snort/RHEL5/i386/snort-2.9.0.1-3.el5.i386.rpm snort/RHEL5/i386/daq-debuginfo-0.3-5.el5.i386.rpm snort/RHEL5/i386/libdnet-1.12-6.el5.i386.rpm snort/RHEL5/i386/libpcap1-devel-1.1.1-8.el5.i386.rpm snort/RHEL5/i386/libpcap1-debuginfo-1.1.1-8.el5.i386.rpm snort/RHEL5/i386/libpcap1-1.1.1-8.el5.i386.rpm snort/RHEL5/i386/daq-0.3-5.el5.i386.rpm snort/RHEL5/i386/libdnet-progs-1.12-6.el5.i386.rpm snort/RHEL5/i386/snort-mysql-2.9.0.1-3.el5.i386.rpm snort/RHEL5/i386/snort-debuginfo-2.9.0.1-3.el5.i386.rpm snort/RHEL5/i386/libdnet-devel-1.12-6.el5.i386.rpm snort/RHEL5/x86_64/libpcap1-debuginfo-1.1.1-8.el5.x86_64.rpm snort/RHEL5/x86_64/libpcap1-devel-1.1.1-8.el5.x86_64.rpm snort/RHEL5/x86_64/libpcap1-1.1.1-8.el5.x86_64.rpm snort/RHEL5/x86_64/snort-2.9.0.1-3.el5.x86_64.rpm snort/RHEL5/x86_64/snort-mysql-2.9.0.1-3.el5.x86_64.rpm snort/RHEL5/x86_64/snort-debuginfo-2.9.0.1-3.el5.x86_64.rpm snort/RHEL5/x86_64/libdnet-devel-1.12-6.el5.x86_64.rpm snort/RHEL5/x86_64/libdnet-1.12-6.el5.i386.rpm snort/RHEL5/x86_64/libdnet-progs-1.12-6.el5.x86_64.rpm snort/RHEL5/x86_64/libdnet-1.12-6.el5.x86_64.rpm snort/RHEL5/x86_64/daq-debuginfo-0.3-5.el5.x86_64.rpm snort/RHEL5/x86_64/daq-0.3-5.el5.x86_64.rpm snort/RHEL5/x86_64/libdnet-devel-1.12-6.el5.i386.rpm I guess most people will want to use the source rpms to make their own build and the binary rpms are only provided for reference. Thanks for all the help and feedback. Vincent On Tue, 9 Nov 2010, vincent () cojot name wrote:
On Mon, 8 Nov 2010, Russ Combs wrote:Did you enable debug on your DAQ build (-g -O0)? I don't have --disable-remote (or anything "remote") with libpcap-1.1.1.Hi Russ, You are right. The libpcap I was passed by a trustable 3rd-party was a modified 1.1.1 with remote packet capture (http://www.liberouter.org/nific/usecases/rpcap/rpcap.php). I'm reverting to standard libpcap and will push new rpms really soon. Thank you, Vincent
------------------------------------------------------------------------------ The Next 800 Companies to Lead America's Growth: New Video Whitepaper David G. Thomson, author of the best-selling book "Blueprint to a Billion" shares his insights and actions to help propel your business during the next growth cycle. Listen Now! http://p.sf.net/sfu/SAP-dev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- DAQ and libpcap 1.1.1 vs 1.0.0 Mike Lococo (Nov 05)
- Re: DAQ and libpcap 1.1.1 vs 1.0.0 vincent (Nov 06)
- Re: DAQ and libpcap 1.1.1 vs 1.0.0 Mike Lococo (Nov 08)
- Re: DAQ and libpcap 1.1.1 vs 1.0.0 vincent (Nov 08)
- Re: DAQ and libpcap 1.1.1 vs 1.0.0 Russ Combs (Nov 08)
- Re: DAQ and libpcap 1.1.1 vs 1.0.0 vincent (Nov 08)
- Re: DAQ and libpcap 1.1.1 vs 1.0.0 vincent (Nov 08)
- Re: DAQ and libpcap 1.1.1 vs 1.0.0 Russ Combs (Nov 08)
- Re: DAQ and libpcap 1.1.1 vs 1.0.0 Russ Combs (Nov 08)
- Re: DAQ and libpcap 1.1.1 vs 1.0.0 vincent (Nov 09)
- Re: DAQ and libpcap 1.1.1 vs 1.0.0 vincent (Nov 09)
- Re: DAQ and libpcap 1.1.1 vs 1.0.0 Mike Lococo (Nov 08)
- Re: DAQ and libpcap 1.1.1 vs 1.0.0 vincent (Nov 06)