Snort mailing list archives
Re: (Compile 2.6RC2) undefined symbol: InitializePreprocessor
From: "Justin Heath" <justin.heath () gmail com>
Date: Wed, 31 May 2006 16:38:27 -0400
it's not the trailing slash ... dynamicpreprocessor directory /opt/snort/2.6/lib/snort_dynamicengine/ ^^^^^^^^^^^^^^ which should be changed to: dynamicpreprocessor directory /opt/snort/2.6/lib/snort_dynamicpreprocessor ^^^^^^^^^^^^^^^^^^^^^^^^^^ On 5/31/06, Jason Monroe <monroe () arcsight com> wrote:
Hi Justin, You just might be right, but I'm curious to know presence or lack of a trailing slash in the snort.conf affects the use "nm" when run against the shared library itself? Thanks in advance, JC ------------------------------ *From:* Justin Heath [mailto:justin.heath () gmail com] *Sent:* Wednesday, May 31, 2006 7:00 AM *To:* Jason Monroe *Cc:* snort-users () lists sourceforge net *Subject:* Re: [Snort-users] (Compile) undefined symbol: InitializePreprocessor Looks like you have you dynamic preprocessor directive set wrong in snort.conf im guessing you have something like: dynamicpreprocessor directory /opt/snort/2.6/lib/snort_dynamicengine/ which should be changed to: dynamicpreprocessor directory /opt/snort/2.6/lib/snort_dynamicpreprocessor On 5/30/06, *Jason Monroe* < monroe () arcsight com> wrote: Hi All, I've tried to compile snort 2.6RC2 on Fedora Core 5 as well as RHEL 4 AS which are GCC 4.1.0 and 3.4.5-2 respectively. Both distros are producing the same result. ./configure --enable-dynamicplugin --prefix=/opt/snort/2.6 && make && make install Then with the paths modified in the snort.conf [root@manager snort-2.6.0RC2]# grep '/opt/snort' /etc/snort/snort.conf var RULE_PATH /opt/snort/rules dynamicpreprocessor directory /opt/snort/2.6/lib/snort_dynamicengine/ dynamicengine /opt/snort/2.6/lib/snort_dynamicengine/libsf_engine.so running snort with -c option /opt/snort/2.6/bin/snort -c /etc/snort/snort.conf yeilds: +-----------------------[suppression]------------------------------------------ | none ------------------------------------------------------------------------------- Rule application order: ->activation->dynamic->pass->drop->alert->log Log directory = /var/log/snort Loading dynamic engine /opt/snort/2.6/lib/snort_dynamicengine/libsf_engine.so... done Loading all dynamic preprocessor libs from /opt/snort/2.6/lib/snort_dynamicengine/... Loading dynamic preprocessor library /opt/snort/2.6/lib/snort_dynamicengine/libsf_engine.so... ERROR: Failed to find InitializePreprocessor() function in /opt/snort/2.6/lib/snort_dynamicengine//libsf_engine.so: /opt/snort/2.6/lib/snort_dynamicengine/libsf_engine.so: undefined symbol: InitializePreprocessor Fatal Error, Quitting.. Running nm nm /opt/snort/2.6/lib/snort_dynamicengine/libsf_engine.so | grep 'U ' U calloc@@GLIBC_2.0 U __ctype_b_loc@@GLIBC_2.3 U __ctype_toupper_loc@@GLIBC_2.3 U fclose@@GLIBC_2.1 U fopen@@GLIBC_2.1 U fprintf@@GLIBC_2.0 U free@@GLIBC_2.0 U fwrite@@GLIBC_2.0 U malloc@@GLIBC_2.0 U memcmp@@GLIBC_2.0 U memcpy@@GLIBC_2.0 U pcre_compile U pcre_exec U pcre_study U rand@@GLIBC_2.0 U snprintf@@GLIBC_2.0 U srand@@GLIBC_2.0 U strcmp@@GLIBC_2.0 U __strdup@@GLIBC_2.0 U strncpy@@GLIBC_2.0 U __strtol_internal@@GLIBC_2.0 U __strtoul_internal@@GLIBC_2.0 U time@@GLIBC_2.0 I have RPMs pcre-4.5 and pcre-devel-4.5 installed on the system The only thing that I could find regarding symbol version was to make possibly make use of --disable-symvers which would be given to the configure script, however, I don't think that was the correct place. I have: /opt/snort/2.6/lib/snort_dynamicpreprocessor /opt/snort/2.6/lib/snort_dynamicengine both in /etc/ld.so.conf and re-ran /sbin/ldconfig Perhaps I'm missing something simple that one of you folks could be so kind as to point out. Thanks in advance, JC
Current thread:
- RE: (Compile 2.6RC2) undefined symbol: InitializePreprocessor Jason Monroe (May 31)
- Re: (Compile 2.6RC2) undefined symbol: InitializePreprocessor Justin Heath (May 31)