Re: Snortsam with snort

[Luis Daniel Lucio Quiroz <luis.daniel.lucio () gmail com>]

I have been maintaining snortsam patch for a little while, please
check Mageia3 and mageia4 (beta) sRPm so you get an idea of process,

2013/11/3 quocviet nguyen <nguyenquocviet.2010 () gmail com>:
> hi all,
>
> I have installed Snort Version 2.9.4.6 GRE (Build 73) on Centos 5.5,
> everything works ok.
>
> I try to install snortsam, I follow this tutorial :
> http://doc.emergingthreats.net/bin/view/Main/SnortSamINSTALL
>
>
> I have installed snortsam and then snortsam-pluin for firewall iptables, I
> download snortsam-patch-2.8.tar.gz to patch [source install snort ] but
> unsuccess , finally i decide patch version snortsam-2.9.5.3-2.diff.gz , but
> still unsuccess.
>
> I try to recompile source snort
> #  ./configure --enable-dynamicplugin --enable-react --enable-flexresp3
> --with-libpcap-includes=/usr/local/lib
>
> and
>
> # make
>
> I receive this error :
>
> spo_alert_fwsam.c:115: error: expected â=â, â,â, â;â, âasmâ or
> â__attribute__â before âpvâ
> spo_alert_fwsam.c: In function âAlertFWsamSetupâ:
> spo_alert_fwsam.c:143: error: âNT_OUTPUT_ALERTâ undeclared (first use in
> this function)
> spo_alert_fwsam.c:143: error: (Each undeclared identifier is reported only
> once
> spo_alert_fwsam.c:143: error: for each function it appears in.)
> spo_alert_fwsam.c:143: warning: passing argument 3 of âRegisterOutputPluginâ
> from incompatible pointer type
> spo_alert_fwsam.c:144: warning: implicit declaration of function
> âRegisterPluginâ
> spo_alert_fwsam.c: In function âAlertFWsamInitâ:
> spo_alert_fwsam.c:197: error: âpvâ undeclared (first use in this function)
> spo_alert_fwsam.c:253: warning: pointer targets in assignment differ in
> signedness
> spo_alert_fwsam.c:393: error: âNT_OUTPUT_ALERTâ undeclared (first use in
> this function)
> spo_alert_fwsam.c:395: warning: implicit declaration of function
> âAddFuncToRestartListâ
> spo_alert_fwsam.c: In function âFWsamNewStationKeyâ:
> spo_alert_fwsam.c:663: warning: pointer targets in passing argument 1 of
> â__builtin_strncpyâ differ in signedness
> spo_alert_fwsam.c:679: warning: pointer targets in passing argument 2 of
> âstrcpyâ differ in signedness
> spo_alert_fwsam.c:681: warning: pointer targets in passing argument 1 of
> âTwoFishInitâ differ in signedness
> spo_alert_fwsam.c: In function âAlertFWsamâ:
> spo_alert_fwsam.c:836: error: incompatible type for argument 1 of
> âsfip_to_strâ
> spo_alert_fwsam.c:905: warning: passing argument 2 of âTwoFishEncryptâ from
> incompatible pointer type
> spo_alert_fwsam.c:908: error: incompatible type for argument 1 of
> âsfip_to_strâ
> spo_alert_fwsam.c:930: error: incompatible type for argument 1 of
> âsfip_to_strâ
> spo_alert_fwsam.c:939: warning: pointer targets in assignment differ in
> signedness
> spo_alert_fwsam.c:940: warning: pointer targets in passing argument 1 of
> âTwoFishDecryptâ differ in signedness
> spo_alert_fwsam.c:940: warning: passing argument 2 of âTwoFishDecryptâ from
> incompatible pointer type
> spo_alert_fwsam.c:946: warning: pointer targets in passing argument 1 of
> âTwoFishDecryptâ differ in signedness
> spo_alert_fwsam.c:946: warning: passing argument 2 of âTwoFishDecryptâ from
> incompatible pointer type
> spo_alert_fwsam.c:973: error: incompatible type for argument 1 of
> âsfip_to_strâ
> spo_alert_fwsam.c:978: warning: pointer targets in assignment differ in
> signedness
> spo_alert_fwsam.c:979: warning: pointer targets in passing argument 1 of
> âTwoFishDecryptâ differ in signedness
> spo_alert_fwsam.c:979: warning: passing argument 2 of âTwoFishDecryptâ from
> incompatible pointer type
> spo_alert_fwsam.c:985: warning: pointer targets in passing argument 1 of
> âTwoFishDecryptâ differ in signedness
> spo_alert_fwsam.c:985: warning: passing argument 2 of âTwoFishDecryptâ from
> incompatible pointer type
> spo_alert_fwsam.c:999: error: incompatible type for argument 1 of
> âsfip_to_strâ
> spo_alert_fwsam.c:1004: error: incompatible type for argument 1 of
> âsfip_to_strâ
> spo_alert_fwsam.c:1009: error: incompatible type for argument 1 of
> âsfip_to_strâ
> spo_alert_fwsam.c:1042: error: incompatible type for argument 1 of
> âsfip_to_strâ
> spo_alert_fwsam.c:1047: error: incompatible type for argument 1 of
> âsfip_to_strâ
> spo_alert_fwsam.c:1052: error: incompatible type for argument 1 of
> âsfip_to_strâ
> spo_alert_fwsam.c:1062: error: incompatible type for argument 1 of
> âsfip_to_strâ
> spo_alert_fwsam.c:1072: error: incompatible type for argument 1 of
> âsfip_to_strâ
> spo_alert_fwsam.c: In function âFWsamCheckOutâ:
> spo_alert_fwsam.c:1121: error: incompatible type for argument 1 of
> âsfip_to_strâ
> spo_alert_fwsam.c:1141: warning: passing argument 2 of âTwoFishEncryptâ from
> incompatible pointer type
> spo_alert_fwsam.c:1156: warning: pointer targets in assignment differ in
> signedness
> spo_alert_fwsam.c:1157: warning: pointer targets in passing argument 1 of
> âTwoFishDecryptâ differ in signedness
> spo_alert_fwsam.c:1157: warning: passing argument 2 of âTwoFishDecryptâ from
> incompatible pointer type
> spo_alert_fwsam.c:1163: warning: pointer targets in passing argument 1 of
> âTwoFishDecryptâ differ in signedness
> spo_alert_fwsam.c:1163: warning: passing argument 2 of âTwoFishDecryptâ from
> incompatible pointer type
> spo_alert_fwsam.c:1177: error: incompatible type for argument 1 of
> âsfip_to_strâ
> spo_alert_fwsam.c: In function âFWsamCheckInâ:
> spo_alert_fwsam.c:1256: error: incompatible type for argument 1 of
> âsfip_to_strâ
> spo_alert_fwsam.c:1258: error: incompatible type for argument 1 of
> âsfip_to_strâ
> spo_alert_fwsam.c:1274: warning: passing argument 2 of âTwoFishEncryptâ from
> incompatible pointer type
> spo_alert_fwsam.c:1276: error: incompatible type for argument 1 of
> âsfip_to_strâ
> spo_alert_fwsam.c:1290: error: incompatible type for argument 1 of
> âsfip_to_strâ
> spo_alert_fwsam.c:1292: warning: pointer targets in assignment differ in
> signedness
> spo_alert_fwsam.c:1293: warning: pointer targets in passing argument 1 of
> âTwoFishDecryptâ differ in signedness
> spo_alert_fwsam.c:1293: warning: passing argument 2 of âTwoFishDecryptâ from
> incompatible pointer type
> spo_alert_fwsam.c:1320: error: incompatible type for argument 1 of
> âsfip_to_strâ
> spo_alert_fwsam.c:1325: error: incompatible type for argument 1 of
> âsfip_to_strâ
> spo_alert_fwsam.c:1330: error: incompatible type for argument 1 of
> âsfip_to_strâ
> make[3]: *** [spo_alert_fwsam.o] Error 1
> make[3]: Leaving directory
> `/usr/nqviet/snort/snort-2.9.4.6/src/output-plugins'
> make[2]: *** [all-recursive] Error 1
> make[2]: Leaving directory `/usr/nqviet/snort/snort-2.9.4.6/src'
> make[1]: *** [all-recursive] Error 1
> make[1]: Leaving directory `/usr/nqviet/snort/snort-2.9.4.6'
> make: *** [all] Error 2
>
>
> Can you help me?
>
> thanks.
>
> --
> viet
>
> ------------------------------------------------------------------------------
> Android is increasing in popularity, but the open development platform that
> developers love is also attractive to malware creators. Download this white
> paper to learn more about secure code signing practices that can help keep
> Android apps secure.
> http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort
> news!

------------------------------------------------------------------------------
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!