Re: Cannot build Snort 2.9.5.6 with--enable-build-dynamic-examples option

[Hai Minh Nguyen <lightsea90 () gmail com>]

@Russ: Thank you for reply. I complied DPX 1.6 without error but running
test.sh still gave error: undefined symbol, both with Snort 2.9.5.6 and the
latest 2.9.6.

I created a new thread with new question. Please support if you can :)
Thank!


On Sat, Feb 15, 2014 at 12:58 AM, Russ Combs (rucombs) <rucombs () cisco com>wrote:

>  Try the attached.
>
> Thanks
> Russ
>
>  ------------------------------
> *From:* Hai Minh Nguyen [lightsea90 () gmail com]
> *Sent:* Friday, February 14, 2014 12:36 PM
> *To:* 손은영
> *Cc:* snort-devel () lists sourceforge net
> *Subject:* Re: [Snort-devel] Cannot build Snort 2.9.5.6
> with--enable-build-dynamic-examples option
>
>   Thank you 손은영, I compiled as you did, no use of
> "--enable-build-dynamic-examples" and there was no error.
>
> My goal is creating a dynamic prep with DPX 1.5 and Snort 2.9.5.6, and
> when I tested DPX with Snort 2.9.5.6, it didnt work yet. Those functions
> declared in DPX 1.5 didnt fit with prototyped functions in Snort library
> because there are 'SnortConfig *' parameters in Snort lib functions but DPX
> functions.
>
>  *I think Snort nearly added 'SnortConfig' data structure from 2.9.5 and
> DPX 1.5 can only work with 2.9.4.x and lower version where there is no
> 'SnortConfig'*. The trouble happened when I tried to compile with
> --enable-build-dynamic-examples option because of the same reason.
>
>  I did some work-around, edited DPX functions and I built (run DPX's
> build.sh) without error eventually. But when Snort loaded the dynamic prep
> file (libdpx.so), it raised error: undefined LibVersion.
>
>  So, here it's my question: *How can I develop a dynamic preprocessor
> with DPX 1.5 and Snort 2.9.5.6? How can I integrate them?*
>
>  P/S: My system is running with Snort 2.9.5.6 and it's difficult to
> downgrade to lower version which can work with DPX 1.5.
>
>
> On Fri, Feb 14, 2014 at 10:31 AM, 손은영 <eyson () miritek com> wrote:
>
> >   Hi!
> >
> >  I have compiled dynamic-example/dynamic-preprocessor as follows.
> >
> > ---------------------------------------------
> > # cd  dynamic-example/dynamic-preprocessor
> > # make
> > # make install
> > ---------------------------------------------
> >
> >  That's what I did a few days ago with snort-2.9.6.0 at linux.
> >
> > I hope it helps you.
> >
> >  ----- Original Message -----
> > *From:* Hai Minh Nguyen <lightsea90 () gmail com>
> > *To:* snort-devel () lists sourceforge net
> > *Sent:* Friday, February 14, 2014 11:49 AM
> > *Subject:* [Snort-devel] Cannot build Snort 2.9.5.6
> > with--enable-build-dynamic-examples option
> >
> >  Hi,
> >
> >  I'm gonna make a dynamic preprocessor with DPX 1.5 and Snort 2.9.5.6.
> > But I cant build Snort with --enable-build-dynamic-examples option.
> >
> >  Here it's the error:
> >
> >  make[6]: Entering directory
> > `/root/snort-2.9.5.6/src/dynamic-examples/dynamic-rule'
> > /bin/bash ../../../libtool --tag=CC   --mode=compile gcc -DHAVE_CONFIG_H
> > -I. -I../../.. -I../include  -I/usr/local/include -DZLIB -DGRE -DMPLS
> > -DPPM_MGR -DNDEBUG -DENABLE_REACT -DENABLE_RESPOND -DENABLE_RESPONSE3
> > -DSF_WCHAR -DTARGET_BASED -DPERF_PROFILING -DSNORT_RELOAD
> > -DNO_NON_ETHER_DECODER -DNORMALIZER -DACTIVE_RESPONSE  -g -O2
> > -DSF_VISIBILITY -fvisibility=hidden -fno-strict-aliasing -Wall -c -o
> > sfsnort_dynamic_detection_lib.lo sfsnort_dynamic_detection_lib.c
> > libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I../../.. -I../include
> > -I/usr/local/include -DZLIB -DGRE -DMPLS -DPPM_MGR -DNDEBUG -DENABLE_REACT
> > -DENABLE_RESPOND -DENABLE_RESPONSE3 -DSF_WCHAR -DTARGET_BASED
> > -DPERF_PROFILING -DSNORT_RELOAD -DNO_NON_ETHER_DECODER -DNORMALIZER
> > -DACTIVE_RESPONSE -g -O2 -DSF_VISIBILITY -fvisibility=hidden
> > -fno-strict-aliasing -Wall -c sfsnort_dynamic_detection_lib.c  -fPIC -DPIC
> > -o .libs/sfsnort_dynamic_detection_lib.o
> > sfsnort_dynamic_detection_lib.c: In function 'InitializeDetection':
> > sfsnort_dynamic_detection_lib.c:37:5: warning: passing argument 1 of
> > 'RegisterRules' from incompatible pointer type [enabled by default]
> > In file included from sfsnort_dynamic_detection_lib.c:26:0:
> > ../include/sf_snort_plugin_api.h:430:20: note: expected 'struct
> > _SnortConfig *' but argument is of type 'struct Rule **'
> > sfsnort_dynamic_detection_lib.c:37:5: error: too few arguments to
> > function 'RegisterRules'
> > In file included from sfsnort_dynamic_detection_lib.c:26:0:
> > ../include/sf_snort_plugin_api.h:430:20: note: declared here
> > sfsnort_dynamic_detection_lib.c:38:1: warning: control reaches end of
> > non-void function [-Wreturn-type]
> > make[6]: *** [sfsnort_dynamic_detection_lib.lo] Error 1
> > make[6]: Leaving directory
> > `/root/snort-2.9.5.6/src/dynamic-examples/dynamic-rule'
> > make[5]: *** [all] Error 2
> > make[5]: Leaving directory
> > `/root/snort-2.9.5.6/src/dynamic-examples/dynamic-rule'
> > make[4]: *** [all-recursive] Error 1
> > make[4]: Leaving directory `/root/snort-2.9.5.6/src/dynamic-examples'
> > make[3]: *** [all] Error 2
> > make[3]: Leaving directory `/root/snort-2.9.5.6/src/dynamic-examples'
> > make[2]: *** [all-recursive] Error 1
> > make[2]: Leaving directory `/root/snort-2.9.5.6/src'
> > make[1]: *** [all-recursive] Error 1
> > make[1]: Leaving directory `/root/snort-2.9.5.6'
> > make: *** [all] Error 2
> >
> >  Any idea?
> >
> >  --
> > Kiếm ma độc cô cầu bại - Ôi, một đời oanh liệt, chỉ mong được chiến bại
> > một lần, nhưng chưa ai qua nổi quá tam chiêu!!!
> >
> > ------------------------------
> >
> >
> > ------------------------------------------------------------------------------
> > Android apps run on BlackBerry 10
> > Introducing the new BlackBerry 10.2.1 Runtime for Android apps.
> > Now with support for Jelly Bean, Bluetooth, Mapview and more.
> > Get your Android app in front of a whole new audience.  Start now.
> >
> > http://pubads.g.doubleclick.net/gampad/clk?id=124407151&iu=/4140/ostg.clktrk
> >
> > ------------------------------
> >
> > _______________________________________________
> > Snort-devel mailing list
> > Snort-devel () lists sourceforge net
> > https://lists.sourceforge.net/lists/listinfo/snort-devel
> > Archive:
> > http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel
> >
> > Please visit http://blog.snort.org for the latest news about Snort!
> >
> >
> >
> > ------------------------------------------------------------------------------
> > Android apps run on BlackBerry 10
> > Introducing the new BlackBerry 10.2.1 Runtime for Android apps.
> > Now with support for Jelly Bean, Bluetooth, Mapview and more.
> > Get your Android app in front of a whole new audience.  Start now.
> >
> > http://pubads.g.doubleclick.net/gampad/clk?id=124407151&iu=/4140/ostg.clktrk
> > _______________________________________________
> > Snort-devel mailing list
> > Snort-devel () lists sourceforge net
> > https://lists.sourceforge.net/lists/listinfo/snort-devel
> > Archive:
> > http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel
> >
> > Please visit http://blog.snort.org for the latest news about Snort!
>
>
>
> --
> Kiếm ma độc cô cầu bại - Ôi, một đời oanh liệt, chỉ mong được chiến bại
> một lần, nhưng chưa ai qua nổi quá tam chiêu!!!



-- 
Kiếm ma độc cô cầu bại - Ôi, một đời oanh liệt, chỉ mong được chiến bại một
lần, nhưng chưa ai qua nổi quá tam chiêu!!!

------------------------------------------------------------------------------
Android apps run on BlackBerry 10
Introducing the new BlackBerry 10.2.1 Runtime for Android apps.
Now with support for Jelly Bean, Bluetooth, Mapview and more.
Get your Android app in front of a whole new audience.  Start now.
http://pubads.g.doubleclick.net/gampad/clk?id=124407151&iu=/4140/ostg.clktrk

_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!