Snort mailing list archives
Re: Fix for Unknown preprocessor: "sensitive_data" when using snort.spec to build an RPM
From: Ryan Jordan <ryan.jordan () sourcefire com>
Date: Thu, 13 May 2010 16:45:10 -0400
By the way, it shouldn't be necessary to add dce2 anymore. I see it in my version of snort.spec. I suspect we fixed that in 2.8.4.1. On Thu, May 13, 2010 at 4:38 PM, Ryan Jordan <ryan.jordan () sourcefire com> wrote:
Thanks for catching this, I'll get it fixed in the next release! -Ryan On Thu, May 13, 2010 at 3:56 PM, Seth Art <sethsec () gmail com> wrote:I made a similar post to the list back in April 09 regarding dce2 when that came out. For those of you who are creating your own snort RPMs from the snort.spec file supplied in the snort-2.8.6 tarball, you will have to add a few lines to get dce2 and sdf (sensitive data) preprocessors compiling into the RPM successfully. The error I received before I made the changes below was: May 13 17:33:02 Snort2 snort[9778]: FATAL ERROR: /etc/snort/snort.conf(322) Unknown preprocessor: "sensitive_data". Below are the additions: (New lines in the %install section, below the ln_s line for "libsf_dcerpc_preproc.so.0") %__install -p -m 0755 plain/src/dynamic-preprocessors/build/%{_prefix}/lib/snort_dynamicpreprocessor/libsf_dce2_preproc.so.0 $RPM_BUILD_ROOT%{_libdir}/%{realname}-%{version}_dynamicpreprocessor %__ln_s -f %{_libdir}/%{realname}-%{version}_dynamicpreprocessor/libsf_dce2_preproc.so.0 $RPM_BUILD_ROOT%{_libdir}/%{realname}-%{version} _dynamicpreprocessor/libsf_dce2_preproc.so %__install -p -m 0755 plain/src/dynamic-preprocessors/build/%{_prefix}/lib/snort_dynamicpreprocessor/libsf_sdf_preproc.so.0 $RPM_BUILD_ROOT%{_libdir}/%{realname}-%{version}_dynamicpreprocessor %__ln_s -f %{_libdir}/%{realname}-%{version}_dynamicpreprocessor/libsf_sdf_preproc.so.0 $RPM_BUILD_ROOT%{_libdir}/%{realname}-%{version}_dynamicpreprocessor/libsf_sdf_preproc.so (New lines in the %files section, below the attr line for libsf_dcerpc_preproc.*) %attr(0755,root,root) %{_libdir}/%{realname}-%{version}_dynamicpreprocessor/libsf_dce2_preproc.* %attr(0755,root,root) %{_libdir}/%{realname}-%{version}_dynamicpreprocessor/libsf_sdf_preproc.* Hopefully this saves someone some time down the road. -Seth ------------------------------------------------------------------------------ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------------------------------ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Fix for Unknown preprocessor: "sensitive_data" when using snort.spec to build an RPM Seth Art (May 13)
- Re: Fix for Unknown preprocessor: "sensitive_data" when using snort.spec to build an RPM Ryan Jordan (May 13)
- Re: Fix for Unknown preprocessor: "sensitive_data" when using snort.spec to build an RPM Ryan Jordan (May 13)
- Re: Fix for Unknown preprocessor: "sensitive_data" when using snort.spec to build an RPM Ryan Jordan (May 13)