Snort mailing list archives
Re: Snort3 and CentOS build issues
From: Y M via Snort-users <snort-users () lists snort org>
Date: Fri, 4 Oct 2019 14:56:29 +0000
The errors are mostly because with more recent revisions of Snort 3 and libdaq 3, Snort cannot find libdaq although it was installed with the default path. Try setting the PKG_CONFIG_PATH environment path. For example: $export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH and/or $export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH. Also, can you please paste in the output summaries from the "configure" command of both libdaq and Snort? ________________________________ From: Snort-users <snort-users-bounces () lists snort org> on behalf of SheHas Noname via Snort-users <snort-users () lists snort org> Sent: Friday, October 4, 2019 2:46 AM To: snort-users () lists snort org <snort-users () lists snort org> Subject: [Snort-users] Snort3 and CentOS build issues 1. I am following the Snort3 install guide for CentOS. * https://snort-org-site.s3.amazonaws.com/production/document_files/files/000/000/140/original/Snort_3_on_CentOS_7.pdf?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIXACIED2SPMSC7GA%2F20191003%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20191003T231326Z&X-Amz-Expires=172800&X-Amz-SignedHeaders=host&X-Amz-Signature=5c55a4addc66cf7ece0b470017c6fc53d710aa38c6aa95fd924db50fa7452bb3 1. My install errors out during snort3 build compilation. This is after all dependencies and extra features have been installed. Step III, below, is where all the compilation errors occur. i. Proceed with installing Snort 3. ii. # cd build/ iii. # make –j 8 1. Is CentOS not supported? I am curious because I found Xiche mentioned the following: * You need the latest libdaq code from the libdaq repository, but we don't support CentOS/RHEL7 for multiple reasons right now (potentially ever). * I have tried the latest libdaq code but it didn’t help, unless I’m doing something wrong? 1. Is Hyperscan a potential issue that I saw amongst one of the many forums I’ve scoured? 1. Has anyone had this issue and got it remediated? If so, I would love some guidance. Logs below: <snippet> /sources/snort3/build # make -j 8 [ 0%] Building CXX object src/codecs/root/CMakeFiles/root_codecs.dir/cd_eth.cc.o [ 0%] Building CXX object src/codecs/misc/CMakeFiles/misc_codecs.dir/cd_icmp4_ip.cc.o [ 0%] Building CXX object src/codecs/link/CMakeFiles/link_codecs.dir/cd_vlan.cc.o [ 0%] Built target tcp_connector [ 0%] Building CXX object src/actions/CMakeFiles/ips_actions.dir/actions.cc.o [ 0%] Building CXX object src/actions/CMakeFiles/ips_actions.dir/act_replace.cc.o [ 1%] Built target control [ 1%] Built target codecs [ 1%] Building CXX object src/codecs/ip/CMakeFiles/ip_codecs.dir/cd_ipv4.cc.o /home/[user]/sources/snort3/src/codecs/root/cd_eth.cc:25:21: fatal error: daq_dlt.h: No such file or directory #include <daq_dlt.h> ^ compilation terminated. [ 1%] Building CXX object src/codecs/misc/CMakeFiles/misc_codecs.dir/cd_user.cc.o /home/[user]/sources/snort3/src/codecs/ip/cd_ipv4.cc:26:21: fatal error: daq_dlt.h: No such file or directory #include <daq_dlt.h> ^ compilation terminated. make[2]: *** [src/codecs/root/CMakeFiles/root_codecs.dir/cd_eth.cc.o] Error 1 make[1]: *** [src/codecs/root/CMakeFiles/root_codecs.dir/all] Error 2 make[1]: *** Waiting for unfinished jobs.... [ 1%] Building CXX object src/detection/CMakeFiles/detection.dir/context_switcher.cc.o [ 1%] Building CXX object src/actions/CMakeFiles/ips_actions.dir/act_react.cc.o make[2]: *** [src/codecs/ip/CMakeFiles/ip_codecs.dir/cd_ipv4.cc.o] Error 1 make[1]: *** [src/codecs/ip/CMakeFiles/ip_codecs.dir/all] Error 2 [ 1%] Building CXX object src/detection/CMakeFiles/detection.dir/detect.cc.o In file included from /home/[user]/sources/snort3/src/codecs/misc/cd_user.cc:26:0: /home/[user]/sources/snort3/daqs/daq_user.h:49:5: error: ‘DAQ_Msg_h’ does not name a type DAQ_Msg_h msg; ^ In file included from /home/[user]/sources/snort3/src/codecs/misc/cd_user.cc:28:0: /home/[user]/sources/snort3/src/packet_io/sfdaq.h:67:23: error: ‘DAQ_Msg_h’ has not been declared static int inject(DAQ_Msg_h, int rev, const uint8_t* buf, uint32_t len); ^ In file included from /home/[user]/sources/snort3/src/codecs/misc/cd_user.cc:29:0: /home/[user]/sources/snort3/src/packet_io/sfdaq_instance.h:45:15: error: ‘DAQ_Config_h’ has not been declared bool init(DAQ_Config_h, const std::string& bpf_string); ^ /home/[user]/sources/snort3/src/packet_io/sfdaq_instance.h:52:5: error: ‘DAQ_RecvStatus’ does not name a type DAQ_RecvStatus receive_messages(unsigned max_recv); ^ /home/[user]/sources/snort3/src/packet_io/sfdaq_instance.h:53:5: error: ‘DAQ_Msg_h’ does not name a type DAQ_Msg_h next_message() ^ /home/[user]/sources/snort3/src/packet_io/sfdaq_instance.h:59:26: error: ‘DAQ_Msg_h’ has not been declared int finalize_message(DAQ_Msg_h msg, DAQ_Verdict verdict);
_______________________________________________ Snort-users mailing list Snort-users () lists snort org Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users To unsubscribe, send an email to: snort-users-leave () lists snort org Please visit http://blog.snort.org to stay current on all the latest Snort news! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
Current thread:
- Snort3 and CentOS build issues SheHas Noname via Snort-users (Oct 03)
- Re: Snort3 and CentOS build issues Y M via Snort-users (Oct 04)
- Re: Snort3 and CentOS build issues Dorian ROSSE via Snort-users (Oct 04)
- <Possible follow-ups>
- Re: Snort3 and CentOS build issues Russ Combs (rucombs) via Snort-users (Oct 04)
- Re: Snort3 and CentOS build issues SheHas Noname via Snort-users (Oct 04)