Snort mailing list archives
Re: Cannot build afpacket module for DAQ 2.0.2
From: James Lay <jlay () slave-tothe-box net>
Date: Thu, 04 Sep 2014 19:03:47 -0600
On Thu, 2014-09-04 at 19:26 -0400, Sec Aficionado wrote:
Hello, I have been trying to build the afpacket module using DAQ 2.0.2 on a Linux machine with kernel 2.6.32, but the ./configure script refuses to enable it. Even using the option --enable-afpacket-module=yes yields the same result: Build AFPacket DAQ module.. : no Build Dump DAQ module...... : yes Build IPFW DAQ module...... : yes Build IPQ DAQ module....... : yes Build NFQ DAQ module....... : yes Build PCAP DAQ module...... : yes Everything else builds without problem, and snort is actually running on the system as IDS, but I was trying to configure it to run as IPS, in order to compare performance between the configurations suggested in the documents "Changing from IDS to IPS with NFQueue" by James Lay and "Snort IPS using DAQ AFPacket" by Yaser Mansour. Here's some information about the system gcc v 3.3.5 Libpcap v 1.5.3 PCRE v 7.8 2008-09-05 ZLIB v 1.2.3 libmnl v 1.0.1 libnfnetlink v 1.0.1 libnetfilter_queue v 1.0.1 I tried building/re-building libdnet 1.11 and 1.12 in the system. They both build and install but neither changes the behavior of DAQ's configure. Now my question is: is this an expected outcome with these older versions of kernel and gcc? If not, please suggest where to look next? As I mentioned, all the packages build, install and run, but the afpacket module is the only one that refuses to build. Thanks in advance for your help/guidance.
Make sure you have the dev packages installed for your libpcap. James
------------------------------------------------------------------------------ Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Cannot build afpacket module for DAQ 2.0.2 Sec Aficionado (Sep 04)
- Re: Cannot build afpacket module for DAQ 2.0.2 James Lay (Sep 04)
- Re: Cannot build afpacket module for DAQ 2.0.2 Sec Aficionado (Sep 05)
- Re: Cannot build afpacket module for DAQ 2.0.2 James Lay (Sep 05)
- Re: Cannot build afpacket module for DAQ 2.0.2 Sec_Aficionado (Sep 05)
- Re: Cannot build afpacket module for DAQ 2.0.2 James Lay (Sep 05)
- Re: Cannot build afpacket module for DAQ 2.0.2 Sec Aficionado (Sep 05)
- Re: Cannot build afpacket module for DAQ 2.0.2 James Lay (Sep 04)