Snort mailing list archives

Re: snort compilation on Tru Unix 4.0G

From: sam <samwun () onebb net>
Date: Sat, 01 Mar 2003 11:27:33 +0800

Because Snort is a NIDS, it does not need to install in a productionmachine in order to monitor a product network.You can install it in Linux or BSD as a standalone machine, and havethis machine connect to the same subnet of the production network. Thereshould be no IP assigned to the machine afterward.


System Operations wrote:

After struggling for a day to get all the components, libpcap etc and
sub-components, bison, flex and sub-sub components GNUM4 and so on,
compiled on our Alpha, snort itself fails catastrophically.  Configure did

not show any errors and I can mail the configs if required.The first problem was that tru-unix does not allow defines where the # is

in any other position than column 1.  I fixed that by running through the
src with a sed.  However, sample output below suggests that tru-unix may
not be supported fully.  Can you possibly advise please as we would VERY
much like to try out snort on our network.
TIA
stuart mckenzie

sample make:

/data8/snort-1.9.0# make
No suffix list.
make  all-recursive
No suffix list.
Making all in src
Making all in win32
No suffix list.
Making all in output-plugins
cc -DHAVE_CONFIG_H -I. -I. -I../.. -I../.. -I../../src
-I../../src/output-plugc
cc: Error: spo_alert_fast.c, line 74: Error parsing parameter list. Found
"*" w)
void AlertFast(Packet *, char *, void *, Event *);
----------------------^
cc: Error: spo_alert_fast.c, line 95: Missing ")". (closeparen)
   DEBUG_WRAP(DebugMessage(DEBUG_INIT,"Output plugin: AlertFast is
setup...\n";
-------------------------------------------------------------------------------^
cc: Error: spo_alert_fast.c, line 95: Invalid statement. (badstmt)
   DEBUG_WRAP(DebugMessage(DEBUG_INIT,"Output plugin: AlertFast is
setup...\n";
-------------------------------------------------------------------------------^
cc: Error: spo_alert_fast.c, line 114: Missing ")". (closeparen)
   DEBUG_WRAP(DebugMessage(DEBUG_INIT,"Output: AlertFast
Initialized\n"););
-------------------------------------------------------------------------^
cc: Error: spo_alert_fast.c, line 114: Invalid statement. (badstmt)
   DEBUG_WRAP(DebugMessage(DEBUG_INIT,"Output: AlertFast
Initialized\n"););
--------------------------------------------------------------------------^
cc: Error: spo_alert_fast.c, line 121: Missing ")". (closeparen)
   DEBUG_WRAP(DebugMessage(DEBUG_INIT,"Linking AlertFast functions to
call lis;
-------------------------------------------------------------------------------^
cc: Error: spo_alert_fast.c, line 121: Invalid statement. (badstmt)
   DEBUG_WRAP(DebugMessage(DEBUG_INIT,"Linking AlertFast functions to
call lis;
-------------------------------------------------------------------------------^
cc: Error: spo_alert_fast.c, line 129: Error parsing parameter list. Found
"*" )
void AlertFast(Packet *p, char *msg, void *arg, Event *event)
----------------------^
cc: Error: spo_alert_fast.c, line 229: Missing ")". (closeparen)
   DEBUG_WRAP(DebugMessage(DEBUG_LOG, "ParseAlertFastArgs: %s\n",
args););
------------------------------------------------------------------------^
cc: Error: spo_alert_fast.c, line 229: Invalid statement. (badstmt)
   DEBUG_WRAP(DebugMessage(DEBUG_LOG, "ParseAlertFastArgs: %s\n",
args););
-------------------------------------------------------------------------^
cc: Error: spo_alert_fast.c, line 253: Missing ")". (closeparen)
   DEBUG_WRAP(DebugMessage(DEBUG_LOG,"AlertFastCleanExitFunc\n"););
-----------------------------------------------------------------^
cc: Error: spo_alert_fast.c, line 253: Invalid statement. (badstmt)
   DEBUG_WRAP(DebugMessage(DEBUG_LOG,"AlertFastCleanExitFunc\n"););
------------------------------------------------------------------^
cc: Error: spo_alert_fast.c, line 263: Missing ")". (closeparen)
   DEBUG_WRAP(DebugMessage(DEBUG_LOG,"AlertFastRestartFunc\n"););
---------------------------------------------------------------^
cc: Error: spo_alert_fast.c, line 263: Invalid statement. (badstmt)
   DEBUG_WRAP(DebugMessage(DEBUG_LOG,"AlertFastRestartFunc\n"););
----------------------------------------------------------------^
cc: Error: spo_alert_fast.c, line 94: In this statement, "NT_OUTPUT_ALERT"
is n)
   RegisterOutputPlugin("alert_fast", NT_OUTPUT_ALERT, AlertFastInit);
---------------------------------------^
cc: Error: spo_alert_fast.c, line 116: In this statement, "pv" is not
declared.)
   pv.alert_plugin_active = 1;
----^
cc: Warning: spo_alert_fast.c, line 119: In this statement, the referenced
type)
   data = ParseAlertFastArgs(args);
------------------------------^
cc: Error: spo_alert_fast.c, line 124: In this statement, "AlertFast" is
not de)
   AddFuncToOutputList(AlertFast, NT_OUTPUT_ALERT, data);
------------------------^
cc: Error: spo_alert_fast.c, line 124: In this statement,
"NT_OUTPUT_ALERT" is )
   AddFuncToOutputList(AlertFast, NT_OUTPUT_ALERT, data);
-----------------------------------^
cc: Warning: spo_alert_fast.c, line 233: In this statement,
"OpenAlertFile(...))
       data->file = OpenAlertFile(NULL);
--------^
cc: Warning: spo_alert_fast.c, line 237: In this statement, "mSplit(...)"
of ty)
   toks = mSplit(args, " ", 2, &num_toks, 0);
----^
cc: Warning: spo_alert_fast.c, line 242: In this statement,
"ProcessFileOption()
       filename = ProcessFileOption(toks[0]);
--------^
cc: Warning: spo_alert_fast.c, line 243: In this statement,
"OpenAlertFile(...))
       data->file = OpenAlertFile(filename);
--------^
*** Exit 1
Stop.
*** Exit 1
Stop.
*** Exit 1
Stop.
*** Exit 1
Stop.
/data8/snort-1.9.0#


----------------------------------------------------------------------
MCB, M & G House, Head Road, Douglas, Isle of Man IM1 5BF
sysop () mcb net        tel: +44 1624 623 841        fax: +44 1624 623 004
MCB Homepage on the MANNET Internet server:        http://www.mcb.net



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users





-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

snort compilation on Tru Unix 4.0G System Operations (Feb 28)
- Re: snort compilation on Tru Unix 4.0G sam (Feb 28)
  - Re: snort compilation on Tru Unix 4.0G Erek Adams (Mar 03)
  - Re: snort compilation on Tru Unix 4.0G System Operations (Mar 03)
- Re: snort compilation on Tru Unix 4.0G Jeff Nathan (Mar 04)
  - Re: snort compilation on Tru Unix 4.0G System Operations (Mar 06)
    - Re: snort compilation on Tru Unix 4.0G Jeff Nathan (Mar 06)
- Re: snort compilation on Tru Unix 4.0G Chris Green (Mar 06)
  - Re: snort compilation on Tru Unix 4.0G System Operations (Mar 07)