Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Cannot build 2.9.2.2 on OpenBSD 5.0

From: Chris Eidem <ceidem () primealliancesolutions com>
Date: Thu, 29 Mar 2012 20:29:07 +0000
I've been attempting to build snort on OpenBSD 5.0 for a couple of weeks now and with the release of 2.9.2.2 I thought 
that my luck may change.  Nope.  Here's what I've done:

Fresh install of OS:
                root@obsd5 /etc/snort# uname -a
                OpenBSD obsd5 5.0 GENERIC#43 i386

root@obsd5 /etc/snort# pkg_info
bison-2.3           GNU parser generator
gettext-0.18.1p0    GNU gettext
gmake-3.82          GNU make
libdnet-1.12p2      portable low-level networking library
libiconv-1.13p2     character set conversion library
libidn-1.22         internationalized string handling
pcre-8.12p0         perl-compatible regular expression library
wget-1.12p1         retrieve files from the web via HTTP, HTTPS and FTP

Build libpcap-1.2.1:
                ./configure
                make && sudo make install

Build daq-0.6.2:
                ./configure --with-libpcap-includes=/usr/local/include --with-libpcap-libraries=/usr/local/lib 
--with-dnet-includes=/usr/local/include --with-dnet-libraries=/usr/local/lib
                gmake && sudo gmake install

Build snort-2.9.2.2:
                ./configure --with-libpcap-includes=/usr/local/include --with-libpcap-libraries=/usr/local/lib 
--with-dnet-includes=/usr/local/include --with-dnet-libraries=/usr/local/lib --with-daq-includes=/usr/local/include 
--with-daq-libraries=/usr/local/lib --enable-perfprofiling --enable-dynamicplugin --enable-pthread 
--enable-so-with-static-lib --enable-ppm --enable-decoder-preprocessor-rules --enable-reload
                gmake && sudo gmake install

root@obsd5 /etc/snort# snort -V

   ,,_     -*> Snort! <*-
  o"  )~   Version 2.9.2.2 IPv6 GRE (Build 121)
   ''''    By Martin Roesch & The Snort Team: http://www.snort.org/snort/snort-team
           Copyright (C) 1998-2012 Sourcefire, Inc., et al.
           Using libpcap version 1.2.1
           Using PCRE version: 8.12 2011-01-15
           Using ZLIB version: 1.2.3

root@obsd5 /etc/snort# snort -c snort.conf
Running in IDS mode

        --== Initializing Snort ==--
Initializing Output Plugins!
Initializing Preprocessors!
Initializing Plug-ins!
Parsing Rules file "snort.conf"
PortVar 'HTTP_PORTS' defined :  [ 80:81 311 591 593 901 1220 1414 1830 2301 2381 2809 3128 3702 4343 5250 7001 7145 
7510 7777 7779 8000 8008 8014 8028 8080 8088 8118 8123 8180:8181 8243 8280 8800 8888 8899 9080 9090:9091 9443 9999 
11371 55555 ]
PortVar 'SHELLCODE_PORTS' defined :  [ 0:79 81:65535 ]
PortVar 'ORACLE_PORTS' defined :  [ 1024:65535 ]
PortVar 'SSH_PORTS' defined :  [ 22 ]
PortVar 'FTP_PORTS' defined :  [ 21 2100 3535 ]
PortVar 'SIP_PORTS' defined :  [ 5060:5061 5600 ]
PortVar 'FILE_DATA_PORTS' defined :  [ 80:81 110 143 311 591 593 901 1220 1414 1830 2301 2381 2809 3128 3702 4343 5250 
7001 7145 7510 7777 7779 8000 8008 8014 8028 8080 8088 8118 8123 8180:8181 8243 8280 8800 8888 8899 9080 9090:9091 9443 
9999 11371 55555 ]
PortVar 'GTP_PORTS' defined :  [ 2123 2152 3386 ]
Detection:
   Search-Method = AC-Full-Q
    Split Any/Any group = enabled
    Search-Method-Optimizations = enabled
    Maximum pattern length = 20
ERROR: parser.c(5302) Could not stat dynamic module path "/usr/local/lib/snort_dynamicengine/libsf_engine.so": No such 
file or directory.
Fatal Error, Quitting..

root@obsd5 /usr/local/lib# ls -R
X11                        libdnet.so.1.0             libpcap.so.1
charset.alias              libgettextlib.la           libpcap.so.1.2.1
daq                        libgettextlib.so.3.0       libpcre.a
gettext                    libgettextpo.a             libpcre.la
libasprintf.a              libgettextpo.la            libpcre.so.2.4
libasprintf.la             libgettextpo.so.4.0        libpcrecpp.a
libasprintf.so.1.0         libgettextsrc.la           libpcrecpp.la
libcharset.a               libgettextsrc.so.3.0       libpcrecpp.so.3.3
libcharset.la              libiconv.a                 libpcreposix.a
libcharset.so.1.1          libiconv.la                libpcreposix.la
libdaq.a                   libiconv.so.6.0            libpcreposix.so.1.5
libdaq.la                  libidn.a                   libsfbpf.a
libdaq.so.0.1              libidn.la                  libsfbpf.la
libdaq_static.a            libidn.so.17.0             libsfbpf.so.0.1
libdaq_static.la           libintl.a                  pkgconfig
libdaq_static_modules.a    libintl.la                 snort
libdaq_static_modules.la   libintl.so.5.0             snort_dynamicengine
libdnet.a                  libpcap.a                  snort_dynamicpreprocessor
libdnet.la                 libpcap.so

./X11:
app-defaults

./daq:
daq_dump.la  daq_dump.so  daq_ipfw.la  daq_ipfw.so  daq_pcap.la  daq_pcap.so

./gettext:
hostname   project-id urlget     user-email

./pkgconfig:
libidn.pc           libpcrecpp.pc       snort.pc
libpcre.pc          libpcreposix.pc     snort_preproc.pc

./snort:
dynamic_preproc

./snort/dynamic_preproc:
libsf_dynamic_preproc.a    libsf_dynamic_preproc.la

./snort_dynamicengine:
libsf_engine.a  libsf_engine.la

./snort_dynamicpreprocessor:
libsf_dce2_preproc.a                    libsf_pop_preproc.a
libsf_dce2_preproc.la                   libsf_pop_preproc.la
libsf_dnp3_preproc.a                    libsf_reputation_preproc.a
libsf_dnp3_preproc.la                   libsf_reputation_preproc.la
libsf_dns_preproc.a                     libsf_sdf_preproc.a
libsf_dns_preproc.la                    libsf_sdf_preproc.la
libsf_ftptelnet_preproc.a               libsf_sip_preproc.a
libsf_ftptelnet_preproc.la              libsf_sip_preproc.la
libsf_gtp_preproc.a                     libsf_smtp_preproc.a
libsf_gtp_preproc.la                    libsf_smtp_preproc.la
libsf_imap_preproc.a                    libsf_ssh_preproc.a
libsf_imap_preproc.la                   libsf_ssh_preproc.la
libsf_modbus_preproc.a                  libsf_ssl_preproc.a
libsf_modbus_preproc.la                 libsf_ssl_preproc.la


Questions:
- why are there no shared objects?


From the output of make for snort:

*** Warning: This system can not link to static lib archive /usr/local/lib/libdaq_static.la.
*** I have the capability to make that library automatically link in when
*** you link to this library.  But I can only do this if you have a
*** shared version of the library, which you do not appear to have.
*** But as you try to build a module library, libtool will still create
*** a static module, that should work as long as the dlopening application
*** is linked with the -dlopen flag to resolve symbols at runtime.

What did I do wrong?

I have the output from the make and make install if they'd be of use.

Chris Eidem
Network Analyst
Prime Alliance Solutions, Inc.
http://www.primealliancesolutions.com


This email and any attachments contain confidential and/or legally privileged information intended only for the use of 
the individual, or individuals, named above. If you are not the intended recipient, you are hereby notified that you 
should not review, use, disclose, distribute, or forward this email. If you have received this email in error, please 
notify the sender immediately and delete/destroy any and all copies of the original message.


------------------------------------------------------------------------------
This SF email is sponsosred by:
Try Windows Azure free for 90 days Click Here 
http://p.sf.net/sfu/sfd2d-msazure
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: