Snort mailing list archives
Barnyard 2 Error
From: "Davison, Charles Robert" <cdaviso1 () vols utk edu>
Date: Thu, 2 Jul 2015 12:54:50 +0000
Good Morning, I have completed the following steps in the Snort 2.9.7.x on Ubuntu 12 LTS and 14 LTS<https://www.snort.org/documents/snort-2-9-7-x-on-ubuntu-12-lts-and-14-lts> for installing Barnyard 2 on Ubuntu 14.04 (64Bit): Barnyard 2 Step 1: sudo apt-get install -y mysql-server libmysqlclient-dev mysql-client autoconf libtool Step 2: Line 520 Add: output unified2: filename snort.u2, limit 128 Step 3: cd ~/snort_src wget https://github.com/firnsy/barnyard2/archive/master.tar.gz -O barnyard2-2-1.13.tar.gz tar zxvf barnyard2-2-1.13.tar.gz cd barnyard2-master autoreconf -fvi -I ./m4 ./configure --with-mysql --with-mysql-libraries=/usr/lib/x86_64-linux-gnu make sudo make install However, I will follow additional steps and get to the point of testing Barnyard 2 and receive the below error: spectrum5ghz@ubuntu:~$ sudo barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f snort.u2 -w /var/log/snort/barnyard2.waldo \
-g snort -u snort
[sudo] password for spectrum5ghz:
sudo: barnyard2: command not found
spectrum5ghz@ubuntu:~$
I wiped my virtual machine clean and started from scratch. This time taking a snapshot right before I begin by Barnyard
2 install. I noticed the following errors when "making" the file that might have caused the previous errors up above:
alert_prelude.o spo_alert_syslog.o spo_alert_test.o spo_alert_unixsock.o spo_common.o spo_log_ascii.o spo_log_null.o
spo_log_tcpdump.o spo_sguil.o spo_echidna.o spo_syslog_full.o spo_database.o spo_database_cache.o
ranlib libspo.a
make[3]: Leaving directory `/home/spectrum5ghz/snort_src/barnyard2-master/src/output-plugins'
Making all in input-plugins
make[3]: Entering directory `/home/spectrum5ghz/snort_src/barnyard2-master/src/input-plugins'
gcc -DHAVE_CONFIG_H -I. -I../.. -I.. -I../sfutil -DDEBUG -g -O0 -fno-strict-aliasing -Wall -c -o spi_unified2.o
spi_unified2.c
rm -f libspi.a
ar cru libspi.a spi_unified2.o
ranlib libspi.a
make[3]: Leaving directory `/home/spectrum5ghz/snort_src/barnyard2-master/src/input-plugins'
make[3]: Entering directory `/home/spectrum5ghz/snort_src/barnyard2-master/src'
gcc -DHAVE_CONFIG_H -I. -I.. -Isfutil -DDEBUG -g -O0 -fno-strict-aliasing -Wall -c -o barnyard2.o barnyard2.c
gcc -DHAVE_CONFIG_H -I. -I.. -Isfutil -DDEBUG -g -O0 -fno-strict-aliasing -Wall -c -o debug.o debug.c
gcc -DHAVE_CONFIG_H -I. -I.. -Isfutil -DDEBUG -g -O0 -fno-strict-aliasing -Wall -c -o decode.o decode.c
decode.c:38:18: fatal error: dnet.h: No such file or directory
#include <dnet.h>
^
compilation terminated.
make[3]: *** [decode.o] Error 1
make[3]: Leaving directory `/home/spectrum5ghz/snort_src/barnyard2-master/src'
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory `/home/spectrum5ghz/snort_src/barnyard2-master/src'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/home/spectrum5ghz/snort_src/barnyard2-master'
make: *** [all] Error 2
spectrum5ghz@spectrum5ghz:~/snort_src/barnyard2-master$
Can you offer me a suggestion as to what I should do to correct this issue? I am in the process of making a snort
training video series and already have 70+ slides. I definitely want to include Barnyard2 as one of the videos. I have
looked at several other websites on how to install Barnyard2, and even posted this issue in the IRC channel with no
resolution. I appreciate your help!
Sincerely,
Spectrum5GHz
------------------------------------------------------------------------------ Don't Limit Your Business. Reach for the Cloud. GigeNET's Cloud Solutions provide you with the tools and support that you need to offload your IT needs and focus on growing your business. Configured For All Businesses. Start Your Cloud Today. https://www.gigenetcloud.com/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Barnyard 2 Error Davison, Charles Robert (Jul 02)
- Re: Barnyard 2 Error Y M (Jul 02)