Snort mailing list archives
snort 2.9.2.2 undefined symbols, and no data
From: Jeffrey Jilg <jjilg () fisoc com>
Date: Thu, 23 Aug 2012 14:35:16 -0500
Hi Thanks in advance to anyone who helps on this. I'll gladly provide any data that can be used to debug this. Other Ossim (free) users are having similar issues. I'm trying to get Snort working in the current Ossim distribution on Debian linux. Version 2.9.2.2 IPv6 GRE (Build 121) installed within a VM in VirtualBox The external issue is that no data is produced, as exhibited by empty logs in /var/log/snort. It appears that a library is incorrect or not loading properly. Starting snort produces the following prompt /etc/init.d# /etc/init.d/snort_eth0 start Starting Network Intrusion Detection System : snort_eth0 (eth0 using /etc/snort/snort.eth0.conf/usr/lib/preloadable_libintl.so: dlsym: /usr/lib/preloadable_libintl.so: undefined symbol: DAQ_MODULE_DATA /usr/lib/libgettextpo.so: dlsym: /usr/lib/libgettextpo.so: undefined symbol: DAQ_MODULE_DATA /usr/lib/libcrypt.so: dlsym: /usr/lib/libcrypt.so: undefined symbol: DAQ_MODULE_DATA /usr/lib/libanl.so: dlsym: /usr/lib/libanl.so: undefined symbol: DAQ_MODULE_DATA ... etc....long list of undefined symbols Available DAQ modules: pfring(v1): live inline multi unpriv pcap(v3): readback live multi unpriv ipfw(v2): live inline multi unpriv dump(v1): readback live inline multi unpriv afpacket(v4): live inline multi unpriv also alienvault:/usr/lib# ls -al *pfr* -rw-r--r-- 1 root root 12800 Jun 8 04:50 daq_pfring.so -rw-r--r-- 1 root root 308480 Jan 26 2012 libpcap_pfring.so.1.1.1 -rw-r--r-- 1 root root 126536 Jun 6 08:11 libpfring.so alienvault:/usr/lib# ls -al *pcap* lrwxrwxrwx 1 root root 16 Aug 22 21:34 libpcap.so.0.8 -> libpcap.so.1.1.1 lrwxrwxrwx 1 root root 23 Aug 6 16:40 libpcap.so.1 -> libpcap_pfring.so.1.1.1 -rw-r--r-- 1 root root 217440 Jul 10 2011 libpcap.so.1.1.1 -rw-r--r-- 1 root root 308480 Jan 26 2012 libpcap_pfring.so.1.1.1 --end of data-- thanks, Jeff J
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- snort 2.9.2.2 undefined symbols, and no data Jeffrey Jilg (Aug 23)