Snort mailing list archives
Re: Snort Install
From: "Al Lewis (allewi)" <allewi () cisco com>
Date: Thu, 2 Apr 2015 16:04:56 +0000
Is doesn't look like you have netmap installed correctly/fully. The DAQ wont be able to build against netmap until that is in place. Check dmesg for info regarding netmap to see if it attaches to your NIC's correctly "dmesg | grep netmap". You should see something like: root@beastie64:/home/alewis/Downloads/daq-2.0.4 # dmesg | grep netmap netmap: loaded module 001.000007 [2705] netmap_attach success for em0 tx 1/256 rx 1/256 queues/slots 001.000009 [2705] netmap_attach success for em1 tx 1/256 rx 1/256 queues/slots root@beastie64:/home/alewis/Downloads/daq-2.0.4 # As for libdumbnet you are missing the development headers. I think you need to run "yum install libdumbnet-devel" or "libdumbnet-dev" under CentOS to get those from the repos. See if you can find them with "yum list | grep dumbnet". Try installing libdumbnet first then go back and try netmap again. Albert Lewis QA Software Engineer SOURCEfire, Inc. now part of Cisco 9780 Patuxent Woods Drive Columbia, MD 21046 Phone: (office) 443.430.7112 Email: allewi () cisco com From: Leon Vergottini [mailto:leonv () cornerstone ac za] Sent: Thursday, April 02, 2015 9:13 AM To: Al Lewis (allewi); snort-users () lists sourceforge net Subject: RE: [Snort-users] Snort Install Hi Thank you for the response. I have made some progress by ticking off: 'Build IPQ DAQ module....... : no.' It configured after I have installed the iptables-devel package on my Centos install. I have followed your suggestion and tried to install it from the source code. The installation was successful, without any premature exists or error messages. However, I am still struggling with netmap. Below is the output: checking net/netmap_user.h usability... no checking net/netmap_user.h presence... no checking dumbnet.h usability... no checking dumbnet.h presence... no Build netmap DAQ module...... : no I have done find / -name to try and locate the files, without any success. Am I missing something stupid here? If so, please feel free to shout at me. Kind Regards Leon From: Al Lewis (allewi) [mailto:allewi () cisco com] Sent: 02 April 2015 12:51 PM To: Leon Vergottini; snort-users () lists sourceforge net<mailto:snort-users () lists sourceforge net> Subject: RE: [Snort-users] Snort Install Hello, Please see the DAQ README which is where the info below was taken from: Notes on iptables ================= These notes are just a quick reminder that you need to set up iptables to use the IPQ or NFQ DAQs. Doing so may cause problems with your network so tread carefully. The examples below are intentionally incomplete so please read the related documentation first. FreeBSD ------- In FreeBSD 10.0, netmap has been integrated into the core OS. In order to use it, you must recompile your kernel with the line device netmap added to your kernel config. Linux ----- You will need to download the netmap source code from the project's repository: https://code.google.com/p/netmap/ Follow the instructions on the project's homepage for compiling and installing the code: http://info.iet.unipi.it/~luigi/netmap/ Hope this helps! Albert Lewis QA Software Engineer SOURCEfire, Inc. now part of Cisco 9780 Patuxent Woods Drive Columbia, MD 21046 Phone: (office) 443.430.7112 Email: allewi () cisco com<mailto:allewi () cisco com> From: Leon Vergottini [mailto:leonv () cornerstone ac za] Sent: Thursday, April 02, 2015 3:02 AM To: snort-users () lists sourceforge net<mailto:snort-users () lists sourceforge net> Subject: [Snort-users] Snort Install Dear Community I am trying to install the latest version of Snort on a Centos 6 minimal installing. I have followed the installation Guide (https://www.snort.org/documents/snort-2-9-7-x-on-centos-6-x-and-7-x) to the teeth. However, every time I configure DAQ, I get the following out Build AFPacket DAQ module.. : yes Build Dump DAQ module...... : yes Build IPFW DAQ module...... : yes Build IPQ DAQ module....... : no Build NFQ DAQ module....... : yes Build PCAP DAQ module...... : yes Build netmap DAQ module...... : no IPQ and netmap is not configured. What do I need to install to enable these modules? I have Googled and look at Debain based installations as well to try and figure out what I am missing. Kind Regards Leon
------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort Install Leon Vergottini (Apr 02)
- Re: Snort Install Al Lewis (allewi) (Apr 02)
- Re: Snort Install Leon Vergottini (Apr 02)
- Re: Snort Install Al Lewis (allewi) (Apr 02)
- Re: Snort Install Leon Vergottini (Apr 02)
- Re: Snort Install Al Lewis (allewi) (Apr 02)