Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Unable to install Snort 2.6.1.4 on RHEL5

From: "Dan Brummer" <dan.brummer () vegas com>
Date: Mon, 14 May 2007 09:10:40 -0700
Any ideas on this guys?  I'm still unable to get it to work, SELinux
disabled.  I'm thinking about downgrading to RHEL4 but I may run into
hardware issues.

-Dan 

-----Original Message-----
From: snort-users-bounces () lists sourceforge net
[mailto:snort-users-bounces () lists sourceforge net] On Behalf Of Harry
Hoffman
Sent: Friday, May 11, 2007 5:01 PM
Cc: snort-users () lists sourceforge net
Subject: Re: [Snort-users] Unable to install Snort 2.6.1.4 on RHEL5

If you believe it's SELINUX you can check the logs:

audit2allow -i /var/log/messages

or temporarily disable selinux
setenforce 0

HTH,
Harry


On Fri, 11 May 2007, Patrick S. Harper wrote:


Selinux can break a lot of things if not set properly, it takes a good



bit of tweaking

Patrick S. Harper | CISSP RHCT MCSE
www.internetsecurityguru.com




-----Original Message-----
From: Peper Gisi [mailto:pgisi () flatironfs com]
Sent: Friday, May 11, 2007 3:33 PM
To: Dan Brummer; Patrick S. Harper; 
snort-users () lists sourceforge net
Subject: RE: [Snort-users] Unable to install Snort 2.6.1.4 on RHEL5

I actually just had the same issue yesterday with CentOS5. I was 
using Patrick's directions and had to do a couple of things a little



different like SELinux comes after the reboot. I have tried 
everything that I could think of and still get the same error that

Dan is getting.

I took the box back to 4.4 and no issues ... except fort importing 
the GPG key for NTOP but that is unrelated.

Peper

________________________________

From: snort-users-bounces () lists sourceforge net on behalf of Dan 
Brummer
Sent: Fri 5/11/2007 2:20 PM
To: Patrick S. Harper; snort-users () lists sourceforge net
Subject: Re: [Snort-users] Unable to install Snort 2.6.1.4 on RHEL5



Yea this is very confusing.  This is a brand new installation of 
RHEL5 with the latest updates from RHN via yum.

-Dan

-----Original Message-----
From: Patrick S. Harper [mailto:patrick () internetsecurityguru com]
Sent: Friday, May 11, 2007 1:17 PM
To: Dan Brummer; snort-users () lists sourceforge net
Subject: RE: [Snort-users] Unable to install Snort 2.6.1.4 on RHEL5

I have the same setup in my lab and it worked for me.  I have not 
gotten a copy of the real RHEL 5 yet though, I am running on CentOS 
5.  That should not make a difference though




-----Original Message-----
From: snort-users-bounces () lists sourceforge net 
[mailto:snort-users- bounces () lists sourceforge net] On Behalf Of 
Dan Brummer
Sent: Friday, May 11, 2007 1:14 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Unable to install Snort 2.6.1.4 on RHEL5

Hello,
I'm trying to install Snort 2.6.1.4 from source on a RHEL5 server.



I get the following error:

ERROR!  Libpcap library/headers not found

I currently have libpcap installed by RPM:
rpm -qa |grep libpcap
libpcap-0.9.4-8.1
libpcap-devel-0.9.4-8.1

Here's a list of the libpcap files:
/usr/include/pcap-bpf.h
/usr/include/pcap-namedb.h
/usr/include/pcap.h
/usr/lib/libpcap.a
/usr/lib/libpcap.so
/usr/lib/libpcap.so.0
/usr/lib/libpcap.so.0.9
/usr/lib/libpcap.so.0.9.4

I've tried running ./configure with '--with-libpcap- 
includes=/usr/include --with-libpcap-libraries=/usr/lib' and still



expierence the error.  Any help on this would be greatly

appreciated.


Thank you.
Daniel Brummer
Vegas.com Network Engineer I


--------------------------------------------------------------------
---
--
This SF.net email is sponsored by DB2 Express Download DB2 Express C



- the FREE version of DB2 express and take control of your XML. No 
limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users









----------------------------------------------------------------------
--- This SF.net email is sponsored by DB2 Express Download DB2 Express



C - the FREE version of DB2 express and take control of your XML. No 
limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users



------------------------------------------------------------------------
-
This SF.net email is sponsored by DB2 Express Download DB2 Express C -
the FREE version of DB2 express and take control of your XML. No limits.
Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: