Snort mailing list archives

Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

From: "Russ Combs \(rucombs\) via Snort-devel" <snort-devel () lists snort org>
Date: Sat, 27 Aug 2022 14:38:26 +0000

Dorian,

OK, we are close. Run the attached updated script and send the log:

    ./build_snort.sh gumboot &> gumboot.log

Russ

________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Thursday, August 25, 2022 4:23 AM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

hello russ,


i have checked the path where you think both files are and you have the truth thus i have copy path your line of 
command adviced for the pkg config path finaly i have follow your tutorial and i attach both file in attachment,

thanks you in advance for your answer,

regards.


dorian rosse.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : mercredi 24 août 2022 22:12
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

Dorian,

There are still a few things to clear up based on the below.

1. libhs is found but none of the APIs checked from libhs are output.

2. jemalloc is not found.

For both of these issues, where did you install hypercan and jemalloc? Are they both under /usr/local/, ie do you have 
these files?

/usr/local/lib/pkgconfig/jemalloc.pc
/usr/local/lib/pkgconfig/libhs.pc

If so, then rebuild after doing this and send the output:

export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig

Also, always rebuild to a new directory or delete the prior build directory. Not doing so may create other unnecessary 
errors that we don't have time for. 🙂

3. Snort can run inline with an appropriate DAQ module.

4. You are trying to use a config incompatible for your Snort version.

Do these commands and send the output:

cd walrus4/

install/bin/snort --daq-dir install/lib/daq --daq-list &> daq_list.out

install/bin/snort --daq-dir install/lib/daq -c install/etc/snort/snort.lua --daq dump -Q &> daq_dump.out

For the above, ignore systemd and any other configurations you may be working on.

Russ
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Wednesday, August 17, 2022 11:06 AM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

dear Russ,


this time snort find libhs.pc but it doesn't build hyperscan so we are lucky because i have found the problem this was 
systemd too much older i have download and install for kinetic ubuntu instead the old not up to date around libsystemd 
too build for kinetic on my jammy install thus i attach two file the build_snort5.log where libsystemd is up to date 
too libhs.pc is found unfornately hyperscan isn't built and i attach the happening of the journal of the snort in the 
mode NIDS below what the previous unreadden e-mail unanswered :

i have copy paste libhs.pc in the good directory then i have launch a new build of snort by walrus4 because there are 
two day i have download libsystemd by so extension program too today i have set up snort in mode NIDS i repeat below 
the previous problems :

your snort doesn't work in inline and it is broken because i can't launch any scan so it is set up in daq passive the 
previous snort was set up in inline for block the hack and unfornately i ask if i launch the line of command ccmake 
because your set up use the depandencies by the file exntension so however the PKG_CONFIG_PATH drive to the good folder 
without send the building of snort 3 with this directory :

thanks you in advance for your work to repair snort3,

Regards.


Dorian ROSSE.


________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : mercredi 17 août 2022 13:04
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

Dorian,

That successfully built Snort 3 and installed at:

    /home/dorianrosse/snort3_src/snort3-master/walrus3/install/bin/snort

Why do you say that you need to run ccmake?

1. Send the path where you want to install Snort if the above is not satisfactory.

2. I assume you want to use jemalloc. I will add that to the build script.

3. For hyperscan, send the full path to libhs.pc. It might be at /usr/local/lib/pkgconfig/libhs.pc.

I'll send an update to build_snort.sh.

Russ

________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Tuesday, August 16, 2022 4:13 AM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

I send a new time the file asked,

Thanks you in advance for your work,

Regards.


Dorian Rosse.
________________________________
From: Russ Combs (rucombs) <rucombs () cisco com>
Sent: Monday, August 15, 2022 2:57:29 PM
To: Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

Dorian,

You shouldn't need ccmake. If the build failed, some --with-* and/or PKG_CONFIG_PATH tweaks may be needed. Send the log 
requested previously if you want further assistance.

Russ

________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Monday, August 15, 2022 8:27 AM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

dear Russ,


we have reach a way far unfornately snort is again broken as i try below :

''':~/snort3_src/snort3-master/walrus3/snort3-3.1.36.0/lua$ sudo cp snort.lua /usr/local/etc/snort/snort.lua
:~/snort3_src/snort3-master/walrus3/snort3-3.1.36.0/lua$ snort -c /usr/local/etc/snort/snort.lua -i enp0s25 -A 
alert_fast -s 65535 -k none
'''

before your next e-mail i have download all the rules by pulledpork3,

before your next e-mail does i need to repeat the line of command below :

'''ccmake ${pathofeachsubprograms}'''

thanks you in advance for your help unfornately this isn't finish,

Regards.


Dorian ROSSE.
________________________________
De : Dorian ROSSE <dorianbrice () hotmail fr>
Envoyé : dimanche 14 août 2022 20:02
À : Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

dear Russ,


this time i have reach the file at the directory snort3-master and this time that build with the others dependancies 
than snort and libdaq but thoses are dependencies extension so :

'''     linux-vdso.so.1 (0x00007fff167e7000)
      libdaq.so.3 => /home/dorianrosse/snort3_src/snort3-master/walrus3/install/lib/libdaq.so.3 (0x00007f49aa822000)
      libdumbnet.so.1 => /lib/x86_64-linux-gnu/libdumbnet.so.1 (0x00007f49aa7ff000)
      libhwloc.so.15 => /lib/x86_64-linux-gnu/libhwloc.so.15 (0x00007f49aa7a3000)
      libluajit-5.1.so.2 => /usr/local/lib/libluajit-5.1.so.2 (0x00007f49aa731000)
      libcrypto.so.1.1 => /usr/local/lib/libcrypto.so.1.1 (0x00007f49aa442000)
      libpcap.so.1 => /usr/local/lib/libpcap.so.1 (0x00007f49aa3f4000)
      libpcre.so.1 => /usr/local/lib/libpcre.so.1 (0x00007f49aa3d5000)
      libz.so.1 => /usr/local/lib/libz.so.1 (0x00007f49aa3b7000)
      libmnl.so.0 => /lib/x86_64-linux-gnu/libmnl.so.0 (0x00007f49aa3af000)
      libiconv.so.2 => /usr/local/lib/libiconv.so.2 (0x00007f49aa2c7000)
      libunwind.so.8 => /lib/x86_64-linux-gnu/libunwind.so.8 (0x00007f49aa2ac000)
      liblzma.so.5 => /lib/x86_64-linux-gnu/liblzma.so.5 (0x00007f49aa27f000)
      libsafec.so.3 => /usr/local/lib/libsafec.so.3 (0x00007f49aa233000)
      libuuid.so.1 => /lib/x86_64-linux-gnu/libuuid.so.1 (0x00007f49aa22a000)
      libstdc++.so.6 => /lib/x86_64-linux-gnu/libstdc++.so.6 (0x00007f49a9ffe000)
      libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f49a9f17000)
      libgcc_s.so.1 => /lib/x86_64-linux-gnu/libgcc_s.so.1 (0x00007f49a9ef7000)
      libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f49a9ccd000)
      libudev.so.1 => /lib/x86_64-linux-gnu/libudev.so.1 (0x00007f49a9ca3000)
      libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f49a9c9e000)
      /lib64/ld-linux-x86-64.so.2 (0x00007f49ab26c000)
      libdbus-1.so.3 => /lib/x86_64-linux-gnu/libdbus-1.so.3 (0x00007f49a9c50000)
      libsystemd.so.0 => /lib/x86_64-linux-gnu/libsystemd.so.0 (0x00007f49a9b89000)
      libzstd.so.1 => /lib/x86_64-linux-gnu/libzstd.so.1 (0x00007f49a9ab8000)
      liblz4.so.1 => /lib/x86_64-linux-gnu/liblz4.so.1 (0x00007f49a9a98000)
      libcap.so.2 => /lib/x86_64-linux-gnu/libcap.so.2 (0x00007f49a9a8d000)
      libgcrypt.so.20 => /lib/x86_64-linux-gnu/libgcrypt.so.20 (0x00007f49a994f000)
      libgpg-error.so.0 => /lib/x86_64-linux-gnu/libgpg-error.so.0 (0x00007f49a9929000)

   ,,_     -*> Snort++ <*-
  o"  )~   Version 3.1.36.0
   ''''    By Martin Roesch & The Snort Team
           http://snort.org/contact#team
           Copyright (C) 2014-2022 Cisco and/or its affiliates. All rights reserved.
           Copyright (C) 1998-2013 Sourcefire, Inc., et al.
           Using DAQ version 3.0.9
           Using LuaJIT version 2.0.5
           Using OpenSSL 1.1.1q  5 Jul 2022
           Using libpcap version 1.10.1 (with TPACKET_V3)
           Using PCRE version 8.45 2021-06-15
           Using ZLIB version 1.2.11
           Using LZMA version 5.2.5
'''

how to built with the sources of dependencies ?

thanks you in advance for the works,

Regards.


Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : dimanche 14 août 2022 19:23
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

Dorian,

/home/dorianrosse/.local/bin/cmake was at least part of the problem. Now that it is moved out of the way, it looks like 
the normal cmake is accessible.

Go back to the original snort_build.sh, start in your home directory, and try again:

    sh build_snort.sh walrus3 &> build_snort3.log

Then send build_snort3.log.

Russ
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Sunday, August 14, 2022 10:09 AM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

Dear Russ,


i paste the file :

'''!/usr/bin/python3
# -*- coding: utf-8 -*-
import re
import sys
def cmake (cmake):
        if __name__ == '__main__':
                sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
                sys.exit(cmake())
'''

now i paste the other ask :

''':~$ mv /home/dorianrosse/.local/bin/cmake /home/dorianrosse/.local/bin/cmake.ignore
:~$ which cmake
/usr/local/bin/cmake
'''

thanks you in advance to help myself fully use snort3 wich it dependencies,

Regards.


Dorian ROSSE.



________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : dimanche 14 août 2022 16:03
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

Dorian,

That's suspicious. Can you send or paste that file?

What do you get when you do this?

mv /home/dorianrosse/.local/bin/cmake /home/dorianrosse/.local/bin/cmake.ignore
which cmake

Russ
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Sunday, August 14, 2022 9:51 AM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

the line of command asked happen this below :

'''file /home/dorianrosse/.local/bin/cmake
/home/dorianrosse/.local/bin/cmake: Python script, ASCII text executable
'''

thanks you in advance to help myself repair snort3,

Regards.


Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : dimanche 14 août 2022 15:36
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

Dorian,

What does this output?

file /home/dorianrosse/.local/bin/cmake

Russ
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Sunday, August 14, 2022 9:10 AM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

dear Russ,


the happening of the line of command you have asked below :


''':~/programs/mongodb-atlas-kubernetes$ which cmake
/home/dorianrosse/.local/bin/cmake
:~/programs/mongodb-atlas-kubernetes$ alias cmake
bash: alias: cmake : non trouvé
'''

thanks you in advance to help myself fully uses snort3,

Regards.


Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : dimanche 14 août 2022 14:54
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

Dorian,

What do these commands output?

which cmake
alias cmake

Russ
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Saturday, August 13, 2022 4:07 PM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

Dear Russ,


you have the truth because cmake does nothing thus the file created by the line of command is emtpy finaly what i need 
to do now ?

thanks you in advance to help myself use fully snort3,

Regards.


Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : samedi 13 août 2022 21:49
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

Dorian,

Run the attached like this and send cmake_snort.log:

cd /home/dorianrosse/snort3_src/snort3-master/walrus2/snort_build/
sh cmake_snort.sh &> cmake_snort.log

Russ

________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Saturday, August 13, 2022 3:14 PM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

yes russ in the snort3 broken i was set up some files type by the extension cmake inside snort (that were repair w3m 
and asciidoc) however on your snort freshly install from github i don't set up any cmake file,

the file asked in attachment,

thanks you in advance to help myself go more far with snort3,

regards.


Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : samedi 13 août 2022 20:26
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

Hey Dorian,

We can ignore ccmake for the moment, but did you do anything to cmake? The log is as if the cmake command invoked by 
configure_cmake.sh actually didn't execute. That is strange.

Run the attached again like this and send build_snort2.log:

    sh build_snort2.sh walrus2 &> build_snort2.log

This will not actually build Snort but it will capture the cmake command. Do not make any changes in walrus2/, we will 
go from there.

Thanks,
Russ
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Saturday, August 13, 2022 2:09 PM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

Dear Russ,


The attachment in the previous e-mail however I have something to say before your answer for launch make,

In the snort3 bugged who have say no snort work good about dependencies thus I have launched a lot of line of command 
below ask by the file config.anything for drive the program on the sources of dependencies :

'ccmake ${thepathoftheprogram}'

I hope it were a good thing to did,

I wish to you a good week because I think you seem don't work the weekend,

Regards.


Dorian Rosse.
________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Friday, August 12, 2022 6:28:50 PM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

the file asked in attachment,

i wait the next smart answer,

thanks you in advance to use all subprogram of snort3,

Regards.


Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : vendredi 12 août 2022 16:33
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

OK, libdaq was built. Send the contents of:


/home/dorianrosse/snort3_src/snort3-master/walrus/snort_build/config.status

________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Friday, August 12, 2022 9:25 AM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

now that work to go more far too the file is in attachment this time thus thanks you in advance to say if you can have 
the attachment,

i wait your smart answer for understand what i need to do now,

thanks you in advance to repair snort3,

Regards.


Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : vendredi 12 août 2022 15:13
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

Dorian,

You do not need to change the permissions on build_snort.sh. Your original problem is this:

    bash: build_snort.log: Permission non accordée

That's because you previously created porc3/ as root and don't have permission to write in that directory as 
dorianrosse.

Start in your home directory, not ~/porc/ and try again with a different directory:

    sh build_snort.sh walrus &> build_snort.log

Where 'walrus' is something that doesn't exist in your home directory.

The other alternative is to cd; sudo rm -rf porc/ and try again assuming you don't need anything in ~/porc/.

Russ

________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Friday, August 12, 2022 8:52 AM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

sorry for the mistake the good line of command chmod is 764 without success for go more far :

'''~/porc/porc3$ sudo chmod 764 build_snort.sh
:~/porc/porc3$ ls -l
total 440
drwxr-xr-x  8 root        root          4096 août  12 13:19 build
-rwxrw-r--  1 dorianrosse dorianrosse    746 août  12 14:36 build_snort.sh
-rw-r--r--  1 root        root        232121 août  10 22:38 ChangeLog
drwxr-xr-x  2 root        root          4096 août  10 22:38 cmake
-rw-r--r--  1 root        root          4957 août  10 22:38 CMakeLists.txt
-rw-r--r--  1 root        root          1034 août  10 22:38 cmake_uninstall.cmake.in
-rw-r--r--  1 root        root          4573 août  10 22:38 config.cmake.h.in
-rw-r--r--  1 root        root           100 août  12 13:13 config.log
-rwxr-xr-x  1 root        root         19895 août  10 22:38 configure_cmake.sh
-rw-r--r--  1 root        root         21011 août  10 22:38 COPYING
-rw-r--r--  1 root        root         70959 août  10 22:38 crusty.cfg
drwxr-xr-x  2 root        root          4096 août  10 22:38 daqs
drwxr-xr-x  6 root        root          4096 août  10 22:38 doc
drwxr-xr-x  2 root        root          4096 août  12 12:48 install
-rw-r--r--  1 root        root         21017 août  10 22:38 LICENSE
drwxr-xr-x  2 root        root          4096 août  10 22:38 lua
-rw-r--r--  1 root        root          6585 août  10 22:38 README.md
-rw-r--r--  1 root        root           915 août  10 22:38 snort.pc.in
drwxr-xr-x 46 root        root          4096 août  10 22:38 src
drwxr-xr-x  5 root        root          4096 août  10 22:38 tools
:~/porc/porc3$ sh build_snort.sh porc3 &> build_snort.log
'''

thanks you in advance for your answer smart,

regards.


Dorian ROSSE.
________________________________
De : Dorian ROSSE <dorianbrice () hotmail fr>
Envoyé : vendredi 12 août 2022 14:49
À : Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

after i have read it right :

it haved rw-rw-r-- thus i have shape right rwxrw-r-- without success for go forward :

'''~/porc/porc3$ sudo chmod 761 build_snort.sh
:~/porc/porc3$ ls -l
total 440
drwxr-xr-x  8 root        root          4096 août  12 13:19 build
-rwxrw---x  1 dorianrosse dorianrosse    746 août  12 14:36 build_snort.sh
-rw-r--r--  1 root        root        232121 août  10 22:38 ChangeLog
drwxr-xr-x  2 root        root          4096 août  10 22:38 cmake
-rw-r--r--  1 root        root          4957 août  10 22:38 CMakeLists.txt
-rw-r--r--  1 root        root          1034 août  10 22:38 cmake_uninstall.cmake.in
-rw-r--r--  1 root        root          4573 août  10 22:38 config.cmake.h.in
-rw-r--r--  1 root        root           100 août  12 13:13 config.log
-rwxr-xr-x  1 root        root         19895 août  10 22:38 configure_cmake.sh
-rw-r--r--  1 root        root         21011 août  10 22:38 COPYING
-rw-r--r--  1 root        root         70959 août  10 22:38 crusty.cfg
drwxr-xr-x  2 root        root          4096 août  10 22:38 daqs
drwxr-xr-x  6 root        root          4096 août  10 22:38 doc
drwxr-xr-x  2 root        root          4096 août  12 12:48 install
-rw-r--r--  1 root        root         21017 août  10 22:38 LICENSE
drwxr-xr-x  2 root        root          4096 août  10 22:38 lua
-rw-r--r--  1 root        root          6585 août  10 22:38 README.md
-rw-r--r--  1 root        root           915 août  10 22:38 snort.pc.in
drwxr-xr-x 46 root        root          4096 août  10 22:38 src
drwxr-xr-x  5 root        root          4096 août  10 22:38 tools
:~/porc/porc3$ sh build_snort.sh porc3 &> build_snort.log
bash: build_snort.log: Permission non accordée
'''

thanks you in advance for your answer smart,

regards.


Dorian ROSSE.
________________________________
De : Dorian ROSSE <dorianbrice () hotmail fr>
Envoyé : vendredi 12 août 2022 14:44
À : Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

russ,


your file is nill thus no line of command works :

''':~/porc/porc3$ sudo mv -f ~/Téléchargements/build_snort.sh .
:~/porc/porc3$ sh build_snort.sh porc3 &> build_snort.log
bash: build_snort.log: Permission non accordée
:~/porc/porc3$ sudo sh build_snort.sh porc3 &> build_snort.log
bash: build_snort.log: Permission non accordée
:~/porc/porc3$ sudo sh build_snort.sh porc3 &> sudo build_snort.log
bash: sudo: Permission non accordée
'''

what i need to do ?

thanks you in advance for your answer smart,

regards.


Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : vendredi 12 août 2022 13:48
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

Dorian,

What kind of system are you using? Linux / Ubuntu? It seems that you have issues well beyond Snort, so let's do it this 
way. Download the attached file. Then do this command as your normal user dorianrosse. Do not add sudo.

sh build_snort.sh porc3 &> build_snort.log

build_snort.sh is assumed to be in your working directory. porc3 is the name of the directory that build_snort.sh will 
work in. You can change the name but keep it under your home directory.

The script will get and build libdaq and Snort. It requires wget.

Then send build_snort.log.

Russ

________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Friday, August 12, 2022 6:53 AM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

russ,


i have success by download the file zip !

because the file doesn't become an attachment i paste what they have inside the file under :

'''configure_cmake.sh : commande introuvable'''

they seems at cisco since you are hacked in the spring of 2022 snort become no take sense,

i have follow your tutorial i was log in root and i have folllow your tutorial :

''':/home/dorianrosse/porc/snort3-master# configure_cmake.sh --prefix=`pwd`/install/ &> config.log
:/home/dorianrosse/porc/snort3-master# mkdir build
:/home/dorianrosse/porc/snort3/home/dorianrosse/porc/snort3-master# cd build/
:/home/dorianrosse/porc/snort3-master/build# configure_cmake.sh --prefix=/home/dorianrosse/porc/snort3-master/install/ 
&> config.log
:/home/dorianrosse/porc/snort3-master/build# cd ..
:/home/dorianrosse/porc/snort3-master# cd install/
:/home/dorianrosse/porc/snort3-master/install# configure_cmake.sh 
--prefix=/home/dorianrosse/porc/snort3-master/install/ &> config.log
:/home/dorianrosse/porc/snort3-master/install# configure_cmake.sh --prefix='pwd' &> config.log
:/home/dorianrosse/porc/snort3-master/install# configure_cmake.sh --prefix='pwd'/install &> config.log
:/home/dorianrosse/porc/snort3-master/install# configure_cmake.sh 
--prefix=/home/dorianrosse/porc/snort3-master/install/install &> config.log
:/home/dorianrosse/porc/snort3-master/install# configure_cmake.sh --prefix=`pwd`/install/ &> config.log
:/home/dorianrosse/porc/snort3-master# configure_cmake.sh --prefix=/home/dorianrosse/porc/snort3-master/install/ &> 
config.log
'''

thanks you in advance to repair snort3,

Regards.


Dorian ROSSE.
________________________________
De : Dorian ROSSE <dorianbrice () hotmail fr>
Envoyé : jeudi 11 août 2022 19:07
À : Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

dear russ,


your turorial doesn't work :

'''~$ cd
~$ mkdir porc
~$ cd porc/
~/porc$ git clone git () github com:snort3/snort3
Clonage dans 'snort3'...
The authenticity of host 'github.com (140.82.121.4)' can't be established.
ED25519 key fingerprint is SHA256:+DiY3wvvV6TuJJhbpZisF/zLDA0zPMSvHdkr4UvCOqU.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yess
Please type 'yes', 'no' or the fingerprint: yes
Warning: Permanently added 'github.com' (ED25519) to the list of known hosts.
git () github com: Permission denied (publickey).
fatal: Impossible de lire le dépôt distant.

Veuillez vérifier que vous avez les droits d'accès
et que le dépôt existe.
'''

thanks you in advance to repair snort3,

regards.


Dorian ROSSE.

________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : jeudi 11 août 2022 08:45
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

Dorian,

There is still a lot going wrong: the trailing \, the empty string thing, configure_options.cmake, unused variables, 
and the wrong --with-*. It looks like your source is not valid at this point.

Instead of trying to work backwards from here, I want to start over and go one step at a time. Please do exactly the 
following. Do not alter the commands.

cd
mkdir porc
cd porc/
git clone git () github com:snort3/snort3.git
snort3/configure_cmake.sh --prefix=`pwd`/install/ &> config.log

Then send me config.log and we can take it from there.

Thanks,
Russ

________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Wednesday, August 10, 2022 2:03 PM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

i have set PKG_CONFIG_PATH without success,

before remove hyperscan i have add the subdirectories include dor the including and lib for the libraries without 
success,

thus i have remove hyperscan, libdaq and pcre in the configure by cmake,

i paste below :

'''/home/dorianrosse/snort_src/snort3-3.1.36.0# ./configure_cmake.sh --prefix=/usr/bin/ \
 --with-luajit-libraries=~/snort_src/LuaJIT-2.0.5/ \
 --with-luajit-includes=~/snort_src/LuaJIT-2.0.5/ \
 --enable-jemalloc --with-openssl=~/snort_src/openssl-1.1.1q/include/ \
 --with-hyperscan-includes=~/snort_src/hyperscan-5.4.0/include/ \
 --with-dnet-libraries=~/snort_src/libdnet-1.11/include/ \
 --with-dnet-includes=~/snort_src/libdnet-1.11/include/ \
 --with-iconv-libraries=~/snort_src/libiconv-1.17/lib/ \
 --with-iconv-includes=~/snort_src/libiconv-1.17/include/ \
 --with-pcap-libraries=~/snort_src/libpcap-1.10.1/ \
 --with-pcap-includes=~/snort_src/libpcap-1.10.1/ \
 --with-uuid-libraries=~/snort_src/uuid/ \
 --with-uuid-includes=~/snort_src/uuid/ \
Build Directory : build
Source Directory: /home/dorianrosse/snort_src/snort3-3.1.36.0
CMake Warning:
  Ignoring empty string ("") provided on the command line.


-- The CXX compiler identification is GNU 11.2.0
-- The C compiler identification is GNU 11.2.0
-- Detecting CXX compiler ABI info
-- Detecting CXX compiler ABI info - done
-- Check for working CXX compiler: /usr/bin/c++ - skipped
-- Detecting CXX compile features
-- Detecting CXX compile features - done
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Check for working C compiler: /usr/bin/cc - skipped
-- Detecting C compile features
-- Detecting C compile features - done
-- Performing Test CMAKE_HAVE_LIBC_PTHREAD
-- Performing Test CMAKE_HAVE_LIBC_PTHREAD - Success
-- Found PkgConfig: /usr/bin/pkg-config (found version "0.29.2")
-- Checking for module 'libdaq>=3.0.7'
--   Found libdaq, version 3.0.9
-- Found DAQ: /usr/local/lib/libdaq.so
-- Checking for module 'libdaq_static_afpacket'
--   Found libdaq_static_afpacket, version 3.0.9
-- Checking for module 'libdaq_static_bpf'
--   Found libdaq_static_bpf, version 3.0.9
-- Checking for module 'libdaq_static_dump'
--   Found libdaq_static_dump, version 3.0.9
-- Checking for module 'libdaq_static_fst'
--   Found libdaq_static_fst, version 3.0.9
-- Checking for module 'libdaq_static_gwlb'
--   Found libdaq_static_gwlb, version 3.0.9
-- Checking for module 'libdaq_static_nfq'
--   Found libdaq_static_nfq, version 3.0.9
-- Checking for module 'libdaq_static_pcap'
--   Found libdaq_static_pcap, version 3.0.9
-- Checking for module 'libdaq_static_savefile'
--   Found libdaq_static_savefile, version 3.0.9
-- Checking for module 'libdaq_static_trace'
--   Found libdaq_static_trace, version 3.0.9
-- Found DNET: /usr/include
-- Found FLEX: /usr/bin/flex (found suitable version "2.6.4", minimum required is "2.6.0")
-- Checking for module 'hwloc'
--   Found hwloc, version 2.7.0
-- Found HWLOC: /usr/lib/x86_64-linux-gnu/libhwloc.so
-- Checking for module 'luajit'
--   Found luajit, version 2.0.5
-- Found LuaJIT: /usr/local/lib/libluajit-5.1.so (found version "2.0.5")
-- Found OpenSSL: /usr/local/lib/libcrypto.so (found suitable version "1.1.1q", minimum required is "1.1.1")
-- Found PCAP: /usr/local/lib/libpcap.so
-- Performing Test PCAP_LINKS_SOLO
-- Performing Test PCAP_LINKS_SOLO - Success
-- Checking for module 'libpcre'
--   Found libpcre, version 8.45
-- Found PCRE: /usr/local/include
-- Found ZLIB: /usr/lib/x86_64-linux-gnu/libz.so (found version "1.2.11")
-- Checking for module 'libhs'
--   No package 'libhs' found
-- Checking for module 'libsafec'
--   Found libsafec, version 3.7.2
-- Checking for module 'uuid'
--   Found uuid, version 2.37.2
-- Checking for module 'libunwind'
--   Found libunwind, version 1.3.2
-- Found Libunwind: /usr/lib/x86_64-linux-gnu/libunwind.so (found version "1.3.2")
-- Performing Test HAS_C_HIDDEN
-- Performing Test HAS_C_HIDDEN - Success
-- Performing Test HAS_CXX_HIDDEN
-- Performing Test HAS_CXX_HIDDEN - Success
CMake Warning (dev) in cmake/configure_options.cmake:
  A logical block opening on the line

    /home/dorianrosse/snort_src/snort3-3.1.36.0/cmake/configure_options.cmake:177 (if)

  closes on the line

    /home/dorianrosse/snort_src/snort3-3.1.36.0/cmake/configure_options.cmake:185 (endif)

  with mis-matching arguments.
Call Stack (most recent call first):
  CMakeLists.txt:29 (include)
This warning is for project developers.  Use -Wno-dev to suppress it.

-- Looking for malloc_trim
-- Looking for malloc_trim - found
-- Looking for memrchr
-- Looking for memrchr - found
-- Looking for sigaction
-- Looking for sigaction - found
-- Looking for basename_r
-- Looking for basename_r - not found
-- Performing Test HAVE_GNU_STRERROR_R
-- Performing Test HAVE_GNU_STRERROR_R - Success
-- Looking for getrpcent
-- Looking for getrpcent - found
-- Looking for sys/types.h
-- Looking for sys/types.h - found
-- Looking for stdint.h
-- Looking for stdint.h - found
-- Looking for stddef.h
-- Looking for stddef.h - found
-- Check size of long int
-- Check size of long int - done
-- Check size of unsigned long int
-- Check size of unsigned long int - done
-- Performing Test INLINE
-- Performing Test INLINE - Success
-- Performing Test RESTRICT
-- Performing Test RESTRICT - Success
-- Looking for lzma_code in /usr/lib/x86_64-linux-gnu/liblzma.so
-- Looking for lzma_code in /usr/lib/x86_64-linux-gnu/liblzma.so - found
-- Looking for backtrace in /usr/lib/x86_64-linux-gnu/libunwind.so
-- Looking for backtrace in /usr/lib/x86_64-linux-gnu/libunwind.so - found
-- Looking for printf_s in /usr/local/lib/libsafec.so
-- Looking for printf_s in /usr/local/lib/libsafec.so - found
-- Looking for uuid_parse in /usr/lib/x86_64-linux-gnu/libuuid.so
-- Looking for uuid_parse in /usr/lib/x86_64-linux-gnu/libuuid.so - found

-------------------------------------------------------
snort version 3.1.36.0

Install options:
    prefix:     /usr/bin
    includes:   /usr/bin/include/snort
    plugins:    /usr/bin/lib/snort

Compiler options:
    CC:             /usr/bin/cc
    CXX:            /usr/bin/c++
    CFLAGS:            -fvisibility=hidden   -DNDEBUG -g -ggdb     -O2 -g -DNDEBUG
    CXXFLAGS:          -fvisibility=hidden   -DNDEBUG -g -ggdb    -O2 -g -DNDEBUG
    EXE_LDFLAGS:
    MODULE_LDFLAGS:

Feature options:
    DAQ Modules:    Static (afpacket;bpf;dump;fst;gwlb;nfq;pcap;savefile;trace)
    libatomic:      System-provided
    Hyperscan:      OFF
    ICONV:          ON
    Libunwind:      ON
    LZMA:           ON
    RPC DB:         Built-in
    SafeC:          ON
    TCMalloc:       OFF
    JEMalloc:       OFF
    UUID:           ON
-------------------------------------------------------

-- Configuring done
-- Generating done
CMake Warning:
  Manually-specified variables were not used by the project:

    ENABLE_JEMALLOC
    STATIC_JEMALLOC


-- Build files have been written to: /home/dorianrosse/snort_src/snort3-3.1.36.0/build



'''

____________________________________________________________________________

'''/home/dorianrosse/snort_src/snort3-3.1.36.0/build# make VERBOSE=1
/usr/local/bin/cmake -S/home/dorianrosse/snort_src/snort3-3.1.36.0 -B/home/dorianrosse/snort_src/snort3-3.1.36.0/build 
--check-build-system CMakeFiles/Makefile.cmake 0
/usr/local/bin/cmake -E cmake_progress_start /home/dorianrosse/snort_src/snort3-3.1.36.0/build/CMakeFiles 
/home/dorianrosse/snort_src/snort3-3.1.36.0/build//CMakeFiles/progress.marks
make  -f CMakeFiles/Makefile2 all
make[1] : on entre dans le répertoire « /home/dorianrosse/snort_src/snort3-3.1.36.0/build »
make  -f src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/build.make 
src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/depend
make[2] : on entre dans le répertoire « /home/dorianrosse/snort_src/snort3-3.1.36.0/build »
cd /home/dorianrosse/snort_src/snort3-3.1.36.0/build && /usr/local/bin/cmake -E cmake_depends "Unix Makefiles" 
/home/dorianrosse/snort_src/snort3-3.1.36.0 /home/dorianrosse/snort_src/snort3-3.1.36.0/src/connectors/tcp_connector 
/home/dorianrosse/snort_src/snort3-3.1.36.0/build 
/home/dorianrosse/snort_src/snort3-3.1.36.0/build/src/connectors/tcp_connector 
/home/dorianrosse/snort_src/snort3-3.1.36.0/build/src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/DependInfo.cmake
 --color=
Dependencies file "src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/tcp_connector.cc.o.d" is newer than 
depends file 
"/home/dorianrosse/snort_src/snort3-3.1.36.0/build/src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/compiler_depend.internal".
Dependencies file "src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/tcp_connector_module.cc.o.d" is newer than 
depends file 
"/home/dorianrosse/snort_src/snort3-3.1.36.0/build/src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/compiler_depend.internal".
Consolidate compiler generated dependencies of target tcp_connector
make[2] : on quitte le répertoire « /home/dorianrosse/snort_src/snort3-3.1.36.0/build »
make  -f src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/build.make 
src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/build
make[2] : on entre dans le répertoire « /home/dorianrosse/snort_src/snort3-3.1.36.0/build »
[  0%] Building CXX object src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/tcp_connector.cc.o
cd /home/dorianrosse/snort_src/snort3-3.1.36.0/build/src/connectors/tcp_connector && /usr/bin/c++ -DHAVE_CONFIG_H 
-Dinline=inline -Drestrict=__restrict -I/home/dorianrosse/snort_src/snort3-3.1.36.0/src/network_inspectors 
-I/home/dorianrosse/snort_src/snort3-3.1.36.0/src -I/usr/local/include/luajit-2.0 
-I/home/dorianrosse/snort_src/hyperscan-5.4.0 -I/home/dorianrosse/snort_src/snort3-3.1.36.0/build 
-I/home/dorianrosse/snort_src/snort3-3.1.36.0 -I/usr/local/include/safeclib -I/usr/include/uuid -fvisibility=hidden   
-DNDEBUG -g -ggdb    -O2 -g -DNDEBUG -std=c++14 -MD -MT 
src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/tcp_connector.cc.o -MF 
CMakeFiles/tcp_connector.dir/tcp_connector.cc.o.d -o CMakeFiles/tcp_connector.dir/tcp_connector.cc.o -c 
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/connectors/tcp_connector/tcp_connector.cc
In file included from /home/dorianrosse/snort_src/snort3-3.1.36.0/src/framework/connector.h:29,
                 from /home/dorianrosse/snort_src/snort3-3.1.36.0/src/connectors/tcp_connector/tcp_connector.h:26,
                 from /home/dorianrosse/snort_src/snort3-3.1.36.0/src/connectors/tcp_connector/tcp_connector.cc:25:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/framework/base_api.h:36:10: fatal error: framework/api_options.h: Aucun 
fichier ou dossier de ce type
   36 | #include "framework/api_options.h"
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~
compilation terminated.
make[2]: *** [src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/build.make:76 : 
src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/tcp_connector.cc.o] Erreur 1
make[2] : on quitte le répertoire « /home/dorianrosse/snort_src/snort3-3.1.36.0/build »
make[1]: *** [CMakeFiles/Makefile2:5100 : src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/all] Erreur 2
make[1] : on quitte le répertoire « /home/dorianrosse/snort_src/snort3-3.1.36.0/build »
make: *** [Makefile:156 : all] Erreur 2
'''

________________________________________________________________________________

thanks you in advance to repair snort3,

Regards.


Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : mercredi 10 août 2022 17:42
À : Dorian ROSSE <dorianbrice () hotmail fr>; snort-devel () lists snort org <snort-devel () lists snort org>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

Dorian,

There is a lot going on here:

1. You need to remove sudo from your configure_cmake.sh command line. That is not needed, and it causes issues because 
you get a different environment. It also caused your make to fail because of permissions.

2. Many of the paths configured with --with-* options are incorrect. You may need to add include/ and/or lib/ to some 
of those paths.

* It found /usr/local/lib/libdaq.so but ~/snort_src/libdaq-3.0.9/ was specified.
* Hyperscan paths were specified but hyperscan was not found.
* ~/snort_src/pcre-8.45/  was specified but it found pcre in /usr/local/.

3. --enable-jemalloc was specified but it could not find jemalloc. You will need to install jemalloc and set 
PKG_CONFIG_PATH if it is not installed in /usr/local/.

To minimize the issues, start over. Do not specify sudo anywhere. And do not specify --with-* unless you get an error 
or it finds the wrong one. Send the updated results.

Russ

________________________________
From: Dorian ROSSE <dorianbrice () hotmail fr>
Sent: Wednesday, August 10, 2022 4:01 AM
To: Russ Combs (rucombs) <rucombs () cisco com>; snort-devel () lists snort org <snort-devel () lists snort org>
Subject: RE: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

no answer also i paste the answer of the line of command :

'''~/snort_src/snort3-3.1.36.0$ sudo ./configure_cmake.sh --prefix=/usr/bin/ \
 --with-luajit-libraries=~/snort_src/LuaJIT-2.0.5/ \
 --with-luajit-includes=~/snort_src/LuaJIT-2.0.5/ \
 --enable-jemalloc --with-openssl=~/snort_src/openssl-1.1.1q/ \
 --with-daq-includes=~/snort_src/libdaq-3.0.9/include \
 --with-daq-libraries=~/snort_src/libdaq-3.0.9/ \
 --with-hyperscan-includes=~/snort_src/hyperscan-5.4.0 \
 --with-hyperscan-libraries=~/snort_src/hyperscan-5.4.0 \
 --with-pcre-libraries=~/snort_src/pcre-8.45/ \
 --with-pcre-includes=~/snort_src/pcre-8.45/ \
 --with-dnet-libraries=~/snort_src/libdnet-1.11/ \
 --with-dnet-includes=~/snort_src/libdnet-1.11/ \
 --with-iconv-libraries=~/snort_src/libiconv-1.17/ \
 --with-iconv-includes=~/snort_src/libiconv-1.17/ \
 --with-pcap-libraries=~/snort_src/libpcap-1.10.1/ \
 --with-pcap-includes=~/snort_src/libpcap-1.10.1/ \
 --with-uuid-libraries=~/snort_src/uuid/ \
 --with-uuid-includes=~/snort_src/uuid/ \
Build Directory : build
Source Directory: /home/dorianrosse/snort_src/snort3-3.1.36.0
CMake Warning:
  Ignoring empty string ("") provided on the command line.


-- The CXX compiler identification is GNU 11.2.0
-- The C compiler identification is GNU 11.2.0
-- Detecting CXX compiler ABI info
-- Detecting CXX compiler ABI info - done
-- Check for working CXX compiler: /usr/bin/c++ - skipped
-- Detecting CXX compile features
-- Detecting CXX compile features - done
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Check for working C compiler: /usr/bin/cc - skipped
-- Detecting C compile features
-- Detecting C compile features - done
-- Performing Test CMAKE_HAVE_LIBC_PTHREAD
-- Performing Test CMAKE_HAVE_LIBC_PTHREAD - Success
-- Found PkgConfig: /usr/bin/pkg-config (found version "0.29.2")
-- Checking for module 'libdaq>=3.0.7'
--   Found libdaq, version 3.0.9
-- Found DAQ: /usr/local/lib/libdaq.so
-- Checking for module 'libdaq_static_afpacket'
--   Found libdaq_static_afpacket, version 3.0.9
-- Checking for module 'libdaq_static_bpf'
--   Found libdaq_static_bpf, version 3.0.9
-- Checking for module 'libdaq_static_dump'
--   Found libdaq_static_dump, version 3.0.9
-- Checking for module 'libdaq_static_fst'
--   Found libdaq_static_fst, version 3.0.9
-- Checking for module 'libdaq_static_gwlb'
--   Found libdaq_static_gwlb, version 3.0.9
-- Checking for module 'libdaq_static_nfq'
--   Found libdaq_static_nfq, version 3.0.9
-- Checking for module 'libdaq_static_pcap'
--   Found libdaq_static_pcap, version 3.0.9
-- Checking for module 'libdaq_static_savefile'
--   Found libdaq_static_savefile, version 3.0.9
-- Checking for module 'libdaq_static_trace'
--   Found libdaq_static_trace, version 3.0.9
-- Found DNET: /usr/include
-- Found FLEX: /usr/bin/flex (found suitable version "2.6.4", minimum required is "2.6.0")
-- Checking for module 'hwloc'
--   Found hwloc, version 2.7.0
-- Found HWLOC: /usr/lib/x86_64-linux-gnu/libhwloc.so
-- Checking for module 'luajit'
--   Found luajit, version 2.0.5
-- Found LuaJIT: /usr/local/lib/libluajit-5.1.so (found version "2.0.5")
-- Found OpenSSL: /usr/local/lib/libcrypto.so (found suitable version "1.1.1q", minimum required is "1.1.1")
-- Found PCAP: /usr/local/lib/libpcap.so
-- Performing Test PCAP_LINKS_SOLO
-- Performing Test PCAP_LINKS_SOLO - Success
-- Checking for module 'libpcre'
--   Found libpcre, version 8.45
-- Found PCRE: /usr/local/include
-- Found ZLIB: /usr/lib/x86_64-linux-gnu/libz.so (found version "1.2.11")
-- Checking for module 'libhs'
--   No package 'libhs' found
-- Checking for module 'libsafec'
--   Found libsafec, version 3.7.2
-- Checking for module 'uuid'
--   Found uuid, version 2.37.2
-- Checking for module 'libunwind'
--   Found libunwind, version 1.3.2
-- Found Libunwind: /usr/lib/x86_64-linux-gnu/libunwind.so (found version "1.3.2")
-- Performing Test HAS_C_HIDDEN
-- Performing Test HAS_C_HIDDEN - Success
-- Performing Test HAS_CXX_HIDDEN
-- Performing Test HAS_CXX_HIDDEN - Success
CMake Warning (dev) in cmake/configure_options.cmake:
  A logical block opening on the line

    /home/dorianrosse/snort_src/snort3-3.1.36.0/cmake/configure_options.cmake:177 (if)

  closes on the line

    /home/dorianrosse/snort_src/snort3-3.1.36.0/cmake/configure_options.cmake:184 (endif)

  with mis-matching arguments.
Call Stack (most recent call first):
  CMakeLists.txt:29 (include)
This warning is for project developers.  Use -Wno-dev to suppress it.

-- Looking for malloc_trim
-- Looking for malloc_trim - found
-- Looking for memrchr
-- Looking for memrchr - found
-- Looking for sigaction
-- Looking for sigaction - found
-- Looking for basename_r
-- Looking for basename_r - not found
-- Performing Test HAVE_GNU_STRERROR_R
-- Performing Test HAVE_GNU_STRERROR_R - Success
-- Looking for getrpcent
-- Looking for getrpcent - found
-- Looking for sys/types.h
-- Looking for sys/types.h - found
-- Looking for stdint.h
-- Looking for stdint.h - found
-- Looking for stddef.h
-- Looking for stddef.h - found
-- Check size of long int
-- Check size of long int - done
-- Check size of unsigned long int
-- Check size of unsigned long int - done
-- Performing Test INLINE
-- Performing Test INLINE - Success
-- Performing Test RESTRICT
-- Performing Test RESTRICT - Success
-- Looking for lzma_code in /usr/lib/x86_64-linux-gnu/liblzma.so
-- Looking for lzma_code in /usr/lib/x86_64-linux-gnu/liblzma.so - found
-- Looking for backtrace in /usr/lib/x86_64-linux-gnu/libunwind.so
-- Looking for backtrace in /usr/lib/x86_64-linux-gnu/libunwind.so - found
-- Looking for printf_s in /usr/local/lib/libsafec.so
-- Looking for printf_s in /usr/local/lib/libsafec.so - found
-- Looking for uuid_parse in /usr/lib/x86_64-linux-gnu/libuuid.so
-- Looking for uuid_parse in /usr/lib/x86_64-linux-gnu/libuuid.so - found

-------------------------------------------------------
snort version 3.1.36.0

Install options:
    prefix:     /usr/bin
    includes:   /usr/bin/include/snort
    plugins:    /usr/bin/lib/snort

Compiler options:
    CC:             /usr/bin/cc
    CXX:            /usr/bin/c++
    CFLAGS:            -fvisibility=hidden   -DNDEBUG -g -ggdb    -O2 -g -DNDEBUG
    CXXFLAGS:          -fvisibility=hidden   -DNDEBUG -g -ggdb    -O2 -g -DNDEBUG
    EXE_LDFLAGS:
    MODULE_LDFLAGS:

Feature options:
    DAQ Modules:    Static (afpacket;bpf;dump;fst;gwlb;nfq;pcap;savefile;trace)
    libatomic:      System-provided
    Hyperscan:      OFF
    ICONV:          ON
    Libunwind:      ON
    LZMA:           ON
    RPC DB:         Built-in
    SafeC:          ON
    TCMalloc:       OFF
    JEMalloc:       OFF
    UUID:           ON
-------------------------------------------------------

-- Configuring done
-- Generating done
CMake Warning:
  Manually-specified variables were not used by the project:

    ENABLE_JEMALLOC
    STATIC_JEMALLOC


-- Build files have been written to: /home/dorianrosse/snort_src/snort3-3.1.36.0/build
'''

____________________________________________________________________________________

'''~/snort_src/snort3-3.1.36.0/build$ make VERBOSE=1
/usr/local/bin/cmake -S/home/dorianrosse/snort_src/snort3-3.1.36.0 -B/home/dorianrosse/snort_src/snort3-3.1.36.0/build 
--check-build-system CMakeFiles/Makefile.cmake 0
/usr/local/bin/cmake -E cmake_progress_start /home/dorianrosse/snort_src/snort3-3.1.36.0/build/CMakeFiles 
/home/dorianrosse/snort_src/snort3-3.1.36.0/build//CMakeFiles/progress.marks
make  -f CMakeFiles/Makefile2 all
make[1] : on entre dans le répertoire « /home/dorianrosse/snort_src/snort3-3.1.36.0/build »
make  -f src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/build.make 
src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/depend
make[2] : on entre dans le répertoire « /home/dorianrosse/snort_src/snort3-3.1.36.0/build »
cd /home/dorianrosse/snort_src/snort3-3.1.36.0/build && /usr/local/bin/cmake -E cmake_depends "Unix Makefiles" 
/home/dorianrosse/snort_src/snort3-3.1.36.0 /home/dorianrosse/snort_src/snort3-3.1.36.0/src/connectors/tcp_connector 
/home/dorianrosse/snort_src/snort3-3.1.36.0/build 
/home/dorianrosse/snort_src/snort3-3.1.36.0/build/src/connectors/tcp_connector 
/home/dorianrosse/snort_src/snort3-3.1.36.0/build/src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/DependInfo.cmake
 --color=
Dependencies file "src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/tcp_connector.cc.o.d" is newer than 
depends file 
"/home/dorianrosse/snort_src/snort3-3.1.36.0/build/src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/compiler_depend.internal".
Dependencies file "src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/tcp_connector_module.cc.o.d" is newer than 
depends file 
"/home/dorianrosse/snort_src/snort3-3.1.36.0/build/src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/compiler_depend.internal".
Consolidate compiler generated dependencies of target tcp_connector
CMake Error: Cannot open file for write: 
/home/dorianrosse/snort_src/snort3-3.1.36.0/build/src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/compiler_depend.make.tmpa51fe
CMake Error: : System Error: Permission denied
make[2]: *** [src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/build.make:114 : 
src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/depend] Erreur 2
make[2] : on quitte le répertoire « /home/dorianrosse/snort_src/snort3-3.1.36.0/build »
make[1]: *** [CMakeFiles/Makefile2:5099 : src/connectors/tcp_connector/CMakeFiles/tcp_connector.dir/all] Erreur 2
make[1] : on quitte le répertoire « /home/dorianrosse/snort_src/snort3-3.1.36.0/build »
make: *** [Makefile:156 : all] Erreur 2
dorianrosse@Ubuntu-ThinkPad-X250:~/snort_src/snort3-3.1.36.0/b
'''

___________________________________________________________________________________________________________________

thanks you in advance to repair snort3,

regards.


Dorian ROSSE.
________________________________
De : Russ Combs (rucombs) <rucombs () cisco com>
Envoyé : mardi 9 août 2022 01:57
À : snort-devel () lists snort org <snort-devel () lists snort org>; Dorian ROSSE <dorianbrice () hotmail fr>
Objet : Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort

Dorian,

If you are just starting out, I suggest focusing on Snort 3. That will cut your problems in half. 😉

You most likely need to add include/ to your daq-includes like this: 
--with-daq-includes=~/snort_src/libdaq-3.0.9/include. It is probably finding includes for the wrong version.

Also, you should configure for either tcmalloc or jemalloc, not both. jemalloc is required for memory management and is 
highly recommended.

Make the above changes and send cmake.out and make.out for further assistance with Snort 3.

$ configure_cmake.sh <args> &> cmake.out
$ cd build/
$ make VERBOSE=1 &> make.out

Thanks
Russ

________________________________
From: Snort-devel <snort-devel-bounces () lists snort org> on behalf of Dorian ROSSE via Snort-devel <snort-devel () 
lists snort org>
Sent: Sunday, August 7, 2022 9:11 AM
To: snort-devel () lists snort org <snort-devel () lists snort org>
Subject: [Snort-devel] snort3 can't build fully thus i think remove my subscribing of snort because i can't build both 
snort

hello,


snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort,

the error happening when i launch line of command following :

'''sudo ./configure_cmake.sh --prefix=/usr/bin/  --with-luajit-libraries=~/snort_src/LuaJIT-2.0.5/  
--with-luajit-includes=~/snort_src/LuaJIT-2.0.5/  --enable-tcmalloc --enable-jemalloc 
--with-openssl=~/snort_src/openssl-1.1.1q/  --with-daq-includes=~/snort_src/libdaq-3.0.9/  
--with-daq-libraries=~/snort_src/libdaq-3.0.9/  --with-hyperscan-includes=~/snort_src/hyperscan-5.4.0  
--with-hyperscan-libraries=~/snort_src/hyperscan-5.4.0  --with-pcre-libraries=~/snort_src/pcre-8.45/  
--with-pcre-includes=~/snort_src/pcre-8.45/  --with-dnet-libraries=~/snort_src/libdnet-1.11/  
--with-dnet-includes=~/snort_src/libdnet-1.11/  --with-iconv-libraries=~/snort_src/libiconv-1.17/  
--with-iconv-includes=~/snort_src/libiconv-1.17/  --with-pcap-libraries=~/snort_src/libpcap-1.10.1/  
--with-pcap-includes=~/snort_src/libpcap-1.10.1/  --with-uuid-libraries=~/snort_src/uuid/  
--with-uuid-includes=~/snort_src/uuid/  && cd build && sudo make -j 4 && sudo make -j 4 install

'''

'''-- Build files have been written to: /home/dorianrosse/snort_src/snort3-3.1.36.0/build
Consolidate compiler generated dependencies of target tcp_connector
Consolidate compiler generated dependencies of target codecs
Consolidate compiler generated dependencies of target root_codecs
Consolidate compiler generated dependencies of target ips_actions
[  1%] Built target tcp_connector
[  1%] Building CXX object src/codecs/root/CMakeFiles/root_codecs.dir/cd_eth.cc.o
[  1%] Built target codecs
Consolidate compiler generated dependencies of target link_codecs
Consolidate compiler generated dependencies of target ip_codecs
[  1%] Building CXX object src/actions/CMakeFiles/ips_actions.dir/act_alert.cc.o
[  1%] Building CXX object src/codecs/link/CMakeFiles/link_codecs.dir/cd_vlan.cc.o
[  1%] Building CXX object src/codecs/ip/CMakeFiles/ip_codecs.dir/cd_ipv4.cc.o
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/link/cd_vlan.cc: In member function ‘virtual bool 
{anonymous}::VlanCodec::decode(const snort::RawData&, snort::CodecData&, DecodeData&)’:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/link/cd_vlan.cc:99:32: error: ‘daq_msg_get_pkthdr’ was not 
declared in this scope
   99 |     const DAQ_PktHdr_t* pkth = daq_msg_get_pkthdr(raw.daq_msg);
      |                                ^~~~~~~~~~~~~~~~~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/link/cd_vlan.cc:100:23: error: ‘DAQ_PKT_FLAG_IGNORE_VLAN’ was 
not declared in this scope
  100 |     if (pkth->flags & DAQ_PKT_FLAG_IGNORE_VLAN)
      |                       ^~~~~~~~~~~~~~~~~~~~~~~~
make[2]: *** [src/codecs/link/CMakeFiles/link_codecs.dir/build.make:202 : 
src/codecs/link/CMakeFiles/link_codecs.dir/cd_vlan.cc.o] Erreur 1
make[1]: *** [CMakeFiles/Makefile2:2812 : src/codecs/link/CMakeFiles/link_codecs.dir/all] Erreur 2
make[1]: *** Attente des tâches non terminées....
[  1%] Building CXX object src/actions/CMakeFiles/ips_actions.dir/act_block.cc.o
In file included from /home/dorianrosse/snort_src/snort3-3.1.36.0/src/protocols/packet_manager.h:31,
                 from /home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/root/cd_eth.cc:32:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/protocols/packet.h:146:5: error: ‘DAQ_Msg_h’ does not name a type
  146 |     DAQ_Msg_h daq_msg;              // DAQ message this packet came from
      |     ^~~~~~~~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/protocols/packet.h: In member function ‘bool 
snort::Packet::is_inter_group_flow() const’:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/protocols/packet.h:337:29: error: ‘DAQ_PKT_FLAG_SIGNIFICANT_GROUPS’ was 
not declared in this scope
  337 |     { return (pkth->flags & DAQ_PKT_FLAG_SIGNIFICANT_GROUPS) != 0; }
      |                             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /home/dorianrosse/snort_src/snort3-3.1.36.0/src/actions/act_alert.cc:26:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/protocols/packet.h:146:5: error: ‘DAQ_Msg_h’ does not name a type
  146 |     DAQ_Msg_h daq_msg;              // DAQ message this packet came from
      |     ^~~~~~~~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/protocols/packet.h: In member function ‘bool 
snort::Packet::is_inter_group_flow() const’:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/protocols/packet.h:337:29: error: ‘DAQ_PKT_FLAG_SIGNIFICANT_GROUPS’ was 
not declared in this scope
  337 |     { return (pkth->flags & DAQ_PKT_FLAG_SIGNIFICANT_GROUPS) != 0; }
      |                             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
make[2]: *** [src/actions/CMakeFiles/ips_actions.dir/build.make:104 : 
src/actions/CMakeFiles/ips_actions.dir/act_alert.cc.o] Erreur 1
make[2]: *** Attente des tâches non terminées....
[  1%] Building CXX object src/codecs/ip/CMakeFiles/ip_codecs.dir/cd_tcp.cc.o
make[2]: *** [src/codecs/root/CMakeFiles/root_codecs.dir/build.make:76 : 
src/codecs/root/CMakeFiles/root_codecs.dir/cd_eth.cc.o] Erreur 1
make[1]: *** [CMakeFiles/Makefile2:2786 : src/codecs/root/CMakeFiles/root_codecs.dir/all] Erreur 2
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_ipv4.cc: In member function ‘bool 
{anonymous}::Ipv4Codec::valid_checksum_from_daq(const snort::RawData&)’:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_ipv4.cc:135:11: error: ‘DAQ_PktDecodeData_t’ does not name 
a type
  135 |     const DAQ_PktDecodeData_t* pdd =
      |           ^~~~~~~~~~~~~~~~~~~
[  1%] Building CXX object src/codecs/ip/CMakeFiles/ip_codecs.dir/cd_auth.cc.o
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_ipv4.cc:137:10: error: ‘pdd’ was not declared in this scope
  137 |     if (!pdd || !pdd->flags.bits.l3_checksum || !pdd->flags.bits.ipv4 || !pdd->flags.bits.l3)
      |          ^~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_ipv4.cc:140:9: error: ‘pdd’ was not declared in this scope
  140 |     if (pdd->l3_offset != DAQ_PKT_DECODE_OFFSET_INVALID)
      |         ^~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_ipv4.cc:140:27: error: ‘DAQ_PKT_DECODE_OFFSET_INVALID’ was 
not declared in this scope
  140 |     if (pdd->l3_offset != DAQ_PKT_DECODE_OFFSET_INVALID)
      |                           ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_ipv4.cc:142:31: error: ‘daq_msg_get_data’ was not declared 
in this scope
  142 |         const uint8_t* data = daq_msg_get_data(raw.daq_msg);
      |                               ^~~~~~~~~~~~~~~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_ipv4.cc: In member function ‘virtual bool 
{anonymous}::Ipv4Codec::decode(const snort::RawData&, snort::CodecData&, DecodeData&)’:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_ipv4.cc:245:11: error: ‘DAQ_NAPTInfo_t’ does not name a 
type; did you mean ‘DAQ_VPN_Info_t’?
  245 |     const DAQ_NAPTInfo_t* napti = (const DAQ_NAPTInfo_t*) daq_msg_get_meta(raw.daq_msg, DAQ_PKT_META_NAPT_INFO);
      |           ^~~~~~~~~~~~~~
      |           DAQ_VPN_Info_t
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_ipv4.cc:246:9: error: ‘napti’ was not declared in this 
scope
  246 |     if (napti && codec.ip_layer_cnt == napti->ip_layer)
      |         ^~~~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_ipv4.cc:250:40: error: ‘daq_napt_info_src_addr_family’ was 
not declared in this scope
  250 |         real_src.set(&napti->src_addr, daq_napt_info_src_addr_family(napti));
      |                                        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_ipv4.cc:251:40: error: ‘daq_napt_info_dst_addr_family’ was 
not declared in this scope
  251 |         real_dst.set(&napti->dst_addr, daq_napt_info_dst_addr_family(napti));
      |                                        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
make[2]: *** [src/codecs/ip/CMakeFiles/ip_codecs.dir/build.make:76 : 
src/codecs/ip/CMakeFiles/ip_codecs.dir/cd_ipv4.cc.o] Erreur 1
make[2]: *** Attente des tâches non terminées....
In file included from /home/dorianrosse/snort_src/snort3-3.1.36.0/src/protocols/packet_manager.h:31,
                 from /home/dorianrosse/snort_src/snort3-3.1.36.0/src/packet_io/active.h:27,
                 from /home/dorianrosse/snort_src/snort3-3.1.36.0/src/actions/act_block.cc:26:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/protocols/packet.h:146:5: error: ‘DAQ_Msg_h’ does not name a type
  146 |     DAQ_Msg_h daq_msg;              // DAQ message this packet came from
      |     ^~~~~~~~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/protocols/packet.h: In member function ‘bool 
snort::Packet::is_inter_group_flow() const’:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/protocols/packet.h:337:29: error: ‘DAQ_PKT_FLAG_SIGNIFICANT_GROUPS’ was 
not declared in this scope
  337 |     { return (pkth->flags & DAQ_PKT_FLAG_SIGNIFICANT_GROUPS) != 0; }
      |                             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /home/dorianrosse/snort_src/snort3-3.1.36.0/src/actions/act_block.cc:26:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/packet_io/active.h: At global scope:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/packet_io/active.h:212:25: error: ‘DAQ_Msg_h’ has not been declared
  212 |     static int send_eth(DAQ_Msg_h, int, const uint8_t* buf, uint32_t len);
      |                         ^~~~~~~~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/packet_io/active.h:213:24: error: ‘DAQ_Msg_h’ has not been declared
  213 |     static int send_ip(DAQ_Msg_h, int, const uint8_t* buf, uint32_t len);
      |                        ^~~~~~~~~
make[2]: *** [src/actions/CMakeFiles/ips_actions.dir/build.make:118 : 
src/actions/CMakeFiles/ips_actions.dir/act_block.cc.o] Erreur 1
make[1]: *** [CMakeFiles/Makefile2:2734 : src/actions/CMakeFiles/ips_actions.dir/all] Erreur 2
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_tcp.cc: In member function ‘bool 
{anonymous}::TcpCodec::valid_checksum_from_daq(const snort::RawData&)’:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_tcp.cc:156:11: error: ‘DAQ_PktDecodeData_t’ does not name 
a type
  156 |     const DAQ_PktDecodeData_t* pdd =
      |           ^~~~~~~~~~~~~~~~~~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_tcp.cc:158:10: error: ‘pdd’ was not declared in this scope
  158 |     if (!pdd || !pdd->flags.bits.l4_checksum || !pdd->flags.bits.tcp || !pdd->flags.bits.l4)
      |          ^~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_tcp.cc:161:9: error: ‘pdd’ was not declared in this scope
  161 |     if (pdd->l4_offset != DAQ_PKT_DECODE_OFFSET_INVALID)
      |         ^~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_tcp.cc:161:27: error: ‘DAQ_PKT_DECODE_OFFSET_INVALID’ was 
not declared in this scope
  161 |     if (pdd->l4_offset != DAQ_PKT_DECODE_OFFSET_INVALID)
      |                           ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_tcp.cc:163:31: error: ‘daq_msg_get_data’ was not declared 
in this scope
  163 |         const uint8_t* data = daq_msg_get_data(raw.daq_msg);
      |                               ^~~~~~~~~~~~~~~~
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_tcp.cc: In member function ‘virtual bool 
{anonymous}::TcpCodec::decode(const snort::RawData&, snort::CodecData&, DecodeData&)’:
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_tcp.cc:274:11: error: ‘DAQ_NAPTInfo_t’ does not name a 
type; did you mean ‘DAQ_VPN_Info_t’?
  274 |     const DAQ_NAPTInfo_t* napti = (const DAQ_NAPTInfo_t*) daq_msg_get_meta(raw.daq_msg, DAQ_PKT_META_NAPT_INFO);
      |           ^~~~~~~~~~~~~~
      |           DAQ_VPN_Info_t
/home/dorianrosse/snort_src/snort3-3.1.36.0/src/codecs/ip/cd_tcp.cc:275:9: error: ‘napti’ was not declared in this scope
  275 |     if (napti && codec.ip_layer_cnt == napti->ip_layer)
      |         ^~~~~
make[2]: *** [src/codecs/ip/CMakeFiles/ip_codecs.dir/build.make:104 : 
src/codecs/ip/CMakeFiles/ip_codecs.dir/cd_tcp.cc.o] Erreur 1
make[1]: *** [CMakeFiles/Makefile2:2838 : src/codecs/ip/CMakeFiles/ip_codecs.dir/all] Erreur 2
make: *** [Makefile:156 : all] Erreur 2
'''

thanks you in advance to help myself fully repair one of both snort or else i remove my subscribing of snort,

regards.


Dorian ROSSE.

Attachment: build_snort.sh
Description: build_snort.sh

_______________________________________________
Snort-devel mailing list
Snort-devel () lists snort org
https://lists.snort.org/mailman/listinfo/snort-devel

Please visit http://blog.snort.org for the latest news about Snort!

Current thread:

Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort, (continued)
- - - Message not available
    - Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Russ Combs (rucombs) via Snort-devel (Aug 14)
    - Message not available
    - Message not available
    - Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Russ Combs (rucombs) via Snort-devel (Aug 15)
    - Message not available
    - Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Dorian ROSSE via Snort-devel (Aug 15)
    - Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Dorian ROSSE via Snort-devel (Aug 17)
    - Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Russ Combs (rucombs) via Snort-devel (Aug 17)
    - Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Dorian ROSSE via Snort-devel (Aug 17)
    - Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Dorian ROSSE via Snort-devel (Aug 17)
    - Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Dorian ROSSE via Snort-devel (Aug 17)
    - Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Dorian ROSSE via Snort-devel (Aug 17)
    - Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Russ Combs (rucombs) via Snort-devel (Aug 24)
    - Message not available
    - Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Russ Combs (rucombs) via Snort-devel (Aug 27)
    - Message not available
    - Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Russ Combs (rucombs) via Snort-devel (Aug 27)
    - Message not available
    - Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Russ Combs (rucombs) via Snort-devel (Aug 29)
    - Message not available
    - Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Russ Combs (rucombs) via Snort-devel (Aug 29)
    - Message not available
    - Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Russ Combs (rucombs) via Snort-devel (Aug 29)
    - Message not available
    - Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Russ Combs (rucombs) via Snort-devel (Aug 30)
- Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Russ Combs (rucombs) via Snort-devel (Sep 06)
  - Message not available
    - Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Russ Combs (rucombs) via Snort-devel (Sep 06)
    - Message not available
    - Message not available
    - Re: snort3 can't build fully thus i think remove my subscribing of snort because i can't build both snort Russ Combs (rucombs) via Snort-devel (Sep 07)