Snort mailing list archives
Re: "stuck at RHEL5"?
From: Nigel Houghton <nhoughton () sourcefire com>
Date: Sat, 8 Jan 2011 16:07:01 -0500
On Sat, 8 Jan 2011 13:57:37 -0500, Joel Esler wrote:
On Sat, Jan 8, 2011 at 5:53 AM, JP Vossen <jp () jpsdomain org> wrote:
So let's go look at the options in a tarball I have laying around: $ tar tvzf snortrules-snapshot-2901.tar.gz | grep 'precompiled' | cut -d'/' -f4 | sort -u Centos-4-8 Centos-5-4 Debian-Lenny FC-11 FC-12 FC-9 FreeBSD-7-3 FreeBSD-8-1 OpenSUSE-11-3 RHEL-5.0 Ubuntu-10-4 Ubuntu-8.04 Huh?!? FC9, 11, 12, but not 10, and all of which are obsolete and unsupported. But not F13 (that Snort is actually compiled for) or F14 (current), not CentOS-5.5 (current). RHEL-5.0, also unsupported but not RHEL-5.5 (or just use the CentOS). And why "8.04" (correct) but "10-4"? WTH is "10-4?" (80's flashback: 10-4 good buddy! :)Okay, we can correct this, thanks for bringing it to our attention. The VRT maintains a separate build environment that is much larger than the Snort team's build env, simply for the Shared Object rules. (adding OpenBSD to that above list very soon as well.) Maybe we can get to a point in the near future where we can align the builds for VRT and Snort Dev to make it easier for the community, but then we'll run into the reverse effect, and we'll catch scorn for that as well. So we are between a rock and hard place. But we'll sit down internally and figure this stuff out. Personally, I have a box here at the house that is Fedora Core 10. It's running the FC-9 Shared Object rules. They work fine. Undocumented, but they work. That's my own personal work around. I have to maintain my own compiles for libpcap, libdnet, and such as well. Unfortunately that's the price I pay for not wanting to move my personal box to a higher version. Not a realistic expectation in the enterprise world. But that's the price of free software for me.
I can shed light on the platform support for the pre-compiled rules since it is my group within the VRT who build and maintain those systems that the so rules are built on. Our intention is to keep pace with the major distributions as far as the platforms go. That is, we intend to keep those systems up to date with the latest supported version of each distro along with at least one supported version back. Right now for example, we have Ubuntu 10-4 and 8-04. The latest version of Ubuntu is 10-10 yes, however in this case Ubuntu 10-4 LTS is the one we are sticking with since that is the one designated for long term support (hence the LTS). As for RHEL, we are planning on adding support for RHEL 6 as soon as resources allow, at which point we will also address the 5-0 vs 5-5 issue. FC-10 was not added since 11 and 12 were already out, so we went with those. The support for FC-9 will more than likely end in the near future and we will re-purpose those resources so we can support other distros and versions. On top of all this, we are adding more support for 64 bit platforms (another reason for FC-9 still lingering around at the moment since we don't have the 64 bit platforms for 11 and 12 yet). It is our intention to have i386 and x64 support for each distribution. We should be able to start shipping so rules for OpenBSD in the coming week, we still have some testing to do but that should be completed pretty soon. If I was going to stick my neck out and give a date, it would probably be Thursday. All this effort does of course take careful planning and resource allocation to achieve these goals. We cannot reach them overnight, it takes time. A tremendous amount of work goes on behind the scenes to deliver this support, we have made progress already, we have a plan, we'll get to a consistent state sooner rather than later. -- Nigel Houghton Head Mentalist SF VRT Department of Intelligence Excellence http://vrt-sourcefire.blogspot.com && http://labs.snort.org/ ------------------------------------------------------------------------------ Gaining the trust of online customers is vital for the success of any company that requires sensitive data to be transmitted over the Web. Learn how to best implement a security strategy that keeps consumers' information secure and instills the confidence they need to proceed with transactions. http://p.sf.net/sfu/oracle-sfdevnl _______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel
Current thread:
- "stuck at RHEL5"? JP Vossen (Jan 08)
- Re: "stuck at RHEL5"? Joel Esler (Jan 08)
- Re: "stuck at RHEL5"? Nigel Houghton (Jan 08)
- Re: "stuck at RHEL5"? JP Vossen (Jan 11)
- Re: "stuck at RHEL5"? Crusty Saint (Jan 24)
- Re: "stuck at RHEL5"? Castle, Shane (Jan 24)
- Re: "stuck at RHEL5"? JP Vossen (Jan 25)
- Re: "stuck at RHEL5"? Crusty Saint (Jan 25)
- Re: "stuck at RHEL5"? onelson (Mar 23)
- Re: "stuck at RHEL5"? Joel Esler (Jan 08)