Re: Re-Compiling Snort?

[Y M <snort () outlook com>]

Hi Matt,
 
Snort's support for MySQL is deprecated since Snort version 2.9.3. What probably you want is to output to unified2 
format and let Barnyard2 parse the logs and insert them into the database. If the sole purpose of recompiling Snort is 
to add MySQL support, then you do not need to reconfigure things. 
 
If you are configuring Snort version 2.9.6.0 for the dynamic plugin, you may get this (I do):
 
configure: WARNING: unrecognized options: --enable-dynamicplugin
 
I believe this is built-in/hardened now, but I am not sure . You may find more information about this in the changelog.
 
Regarding the reconfiguration in general, you can reconfigure Snort on the same box , then use make clean, make install 
and the compiled binary should be replaced.
 
YM
 
To: snort-users () lists sourceforge net
From: MMartin () jwpepper com
Date: Mon, 17 Feb 2014 12:51:20 -0500
Subject: [Snort-users] Re-Compiling Snort?

Hey All,



Installed Version: Snort
v2.9.6.0

OS: OpenSuSE 12.3 (x86_64)



I have already downloaded/installed
and configured Snort on my server running OpenSuSE 12.3, and everything
seems to be working just fine.



But when I compiled/configured Snort
I did NOT include any of the MySQL Options, in order to configure MySQL
for BASE and Barnyard2. But I would like to get these 'add-ons'
for Snort going if I can. So would I be able to Re-Compile/Re-Configure
Snort and just replace whichever files would need replacing after re-compiling,
if possible... Does that make sense?



I don't believe I included any options
along with the "./configure" command(s) when I ran them
initially, as far as I remember...



I did find this guide below for
Configuring Snort with BASE, Barnyard2, Oinkmaster, and MySQL. But I didn't
find this until after I already installed Snort.

        This
is the Guide I found --> http://freelinuxtutorials.com



And the command I SHOULD have run
when I first configured Snort to include MySQL was:

        ./configure
–with-mysql –enable-dynamicplugin –with-mysql-libraries=/usr/lib64/mysql




I already have all the prerequisites
installed, so could anyone tell me what I would need to do if I want to
achieve this? Would I just re-run the configure, make and make install
commands with the appropriate command line options this time, on a fresh
copy of Snort and just replace the already existing files..?



Any thoughts or suggestions would
be much appreciated!



Thanks in Advance,

Matt

------------------------------------------------------------------------------
Managing the Performance of Cloud-Based Applications
Take advantage of what the Cloud has to offer - Avoid Common Pitfalls.
Read the Whitepaper.
http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!                                        

------------------------------------------------------------------------------
Managing the Performance of Cloud-Based Applications
Take advantage of what the Cloud has to offer - Avoid Common Pitfalls.
Read the Whitepaper.
http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!