Snort mailing list archives
Re: Unable to Compile DPX.C (original file) (dpx-1.6 version)
From: "Russ Combs (rucombs)" <rucombs () cisco com>
Date: Wed, 19 Feb 2014 19:40:17 +0000
You need to follow the README. First set setup.sh, then do ./build.sh, then ./test.sh.
________________________________
From: Amtul Saboor [saboor.amtul () gmail com]
Sent: Wednesday, February 19, 2014 1:29 PM
To: Russ Combs (rucombs)
Subject: Re: [Snort-devel] Unable to Compile DPX.C (original file) (dpx-1.6 version)
Ok here is the situation. Installed Snort 2.9.6.0, installed DPX-1.6 on another directory. Still got same errors when
compiled the dpx.c file, the main errors were that it was unable to find .h files, i changed he paths of header files
accordingly and the errors were removed.
Now I am successful at compiling the original DPX.C without any errors, please note i gave followng command:
gcc -c dpx.c -o dpx.o
It made the dpx.o file. But now ./test.sh command gives this error:
/dpx-1.6# ./test.sh
Running in IDS mode
--== Initializing Snort ==--
Initializing Output Plugins!
Initializing Preprocessors!
Initializing Plug-ins!
Parsing Rules file "test/snort.conf"
Tagged Packet Limit: 256
Loading all dynamic preprocessor libs from lib/snort_dynamicpreprocessor...
Loading dynamic preprocessor library lib/snort_dynamicpreprocessor/libdpx.so... done
Finished Loading all dynamic preprocessor libs from lib/snort_dynamicpreprocessor
Log directory = /var/log/snort
ERROR: test/snort.conf(3) Unknown preprocessor: "dpx".
Fatal Error, Quitting..
Please guide little more. Thanks alot for following and guiding
On Wed, Feb 19, 2014 at 11:07 PM, Russ Combs (rucombs) <rucombs () cisco com<mailto:rucombs () cisco com>> wrote:
dpx 1.6 and Snort 2.9.4.* do not mix. You need to get the latest Snort source from snort.org<http://snort.org>.
________________________________
From: Amtul Saboor [saboor.amtul () gmail com<mailto:saboor.amtul () gmail com>]
Sent: Wednesday, February 19, 2014 12:27 PM
To: Russ Combs (rucombs)
Subject: Re: [Snort-devel] Unable to Compile DPX.C (original file) (dpx-1.6 version)
Just a small correction in my previous message:
I am using snort-2.9.4.0 and yes its pointing to right version of snort because i only hv one snort folder. If wrong
snort folder path is given then ./setup.sh gives error of snort directory .
Also please note i m able to see the expected output when i type ./test.sh būt dpx.c file has those errors. Both these
things r happening always . I have tried fresh installation of everything 3 times .
Note: I am using BackTrack R3 (installed snort from official website myself, not using the by default installed Snort
of BackTrack), maybe changing Linux version might work.. Does anyone has any idea about it?
On Tue, Feb 18, 2014 at 7:56 PM, Amtul Saboor <saboor.amtul () gmail com<mailto:saboor.amtul () gmail com>> wrote:
I am using snort-2.9.4.6 and yes its pointing to right version of snort because i only hv one snort folder. If wrong
snort folder path is given then ./setup.sh gives error of snort directory .
Also please note i m able to see the expected output when i type ./test.sh būt dpx.c file has those errors. Both these
things r happening always . I have tried fresh installation of everything 3 times .
On Feb 18, 2014 7:41 PM, "Russ Combs (rucombs)" <rucombs () cisco com<mailto:rucombs () cisco com>> wrote:
What version of Snort are you using? Are you sure that setup.sh points to the correct Snort top level directory?
If you were able to make it before, something has to be broken in your environment / setup.
________________________________
From: Amtul Saboor [saboor.amtul () gmail com<mailto:saboor.amtul () gmail com>]
Sent: Tuesday, February 18, 2014 4:18 AM
To: Russ Combs (rucombs)
Cc: <snort-devel () lists sourceforge net<mailto:snort-devel () lists sourceforge net>>
Subject: Re: [Snort-devel] Unable to Compile DPX.C (original file) (dpx-1.6 version)
Hello
Starting over in a new directory did not help. , facing same issues :
i am unable to compile even the original DPX.C file (without any changes ) .
I am afraid how can i make changes in dpx.c if the original file has so many errors.
NOTE: With all these errors in the dpx.c file, ./test.sh command runs fine, seems that DPX.C file has been
deliberately left with some errors.
Here is the list of errors, (i have configured snort with enable dynamic examples option) :
/usr/src/dpx-new/src# gcc -c dpx.c
In file included from dpx.c:33:
/snort-2.9.6.0/src/snort_
debug.h:81: error: expected ‘)’ before ‘dbg’
dpx.c:36:48: error: /snort-2.9.6.0/src/sf_snort_packet.h: No such file or directory
dpx.c:37:55: error: /snort-2.9.6.0/src/sf_dynamic_preproc_lib.h: No such file or directory
dpx.c:38:56: error: /snort-2.9.6.0/src/sf_dynamic_preprocessor.h: No such file or directory
dpx.c:39:41: error: /snort-2.9.6.0/src/sfPolicy.h: No such file or directory
dpx.c:40:49: error: /snort-2.9.6.0/src/sfPolicyUserData.h: No such file or directory
dpx.c:62: error: expected specifier-qualifier-list before ‘uint16_t’
dpx.c:67: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘curr_data’
dpx.c:69: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘_dpd’
dpx.c:71: warning: ‘struct _SnortConfig’ declared inside parameter list
dpx.c:71: warning: its scope is only this definition or declaration, which is probably not what you want
dpx.c:85: error: expected ‘)’ before ‘pid’
dpx.c:131: error: expected ‘)’ before ‘config’
dpx.c:146: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘DPX_New’
dpx.c: In function ‘DPX_Delete’:
dpx.c:176: error: ‘tSfPolicyUserContextId’ undeclared (first use in this function)
dpx.c:176: error: (Each undeclared identifier is reported only once
dpx.c:176: error: for each function it appears in.)
dpx.c:176: error: expected ‘;’ before ‘config’
dpx.c:181: error: ‘config’ undeclared (first use in this function)
dpx.c:181: error: ‘DPX_Free’ undeclared (first use in this function)
dpx.c: In function ‘DPX_Setup’:
dpx.c:194: error: ‘_dpd’ undeclared (first use in this function)
dpx.c: At top level:
dpx.c:205: warning: ‘struct _SnortConfig’ declared inside parameter list
dpx.c:205: error: conflicting types for ‘DPX_Init’
dpx.c:71: note: previous declaration of ‘DPX_Init’ was here
dpx.c: In function ‘DPX_Init’:
dpx.c:207: error: ‘curr_data’ undeclared (first use in this function)
dpx.c:209: error: ‘_dpd’ undeclared (first use in this function)
dpx.c:210: error: ‘PROTO_BIT__TCP’ undeclared (first use in this function)
dpx.c:210: error: ‘PROTO_BIT__UDP’ undeclared (first use in this function)
dpx.c: In function ‘DPX_Term’:
dpx.c:217: error: ‘curr_data’ undeclared (first use in this function)
dpx.c: In function ‘DPX_Process’:
dpx.c:259: error: ‘SFSnortPacket’ undeclared (first use in this function)
dpx.c:259: error: ‘p’ undeclared (first use in this function)
dpx.c:259: error: expected expression before ‘)’ token
dpx.c:260: error: ‘tSfPolicyId’ undeclared (first use in this function)
dpx.c:260: error: expected ‘;’ before ‘pid’
dpx.c:263: error: ‘curr_data’ undeclared (first use in this function)
dpx.c:263: error: ‘pid’ undeclared (first use in this function)
dpx.c:266: warning: incompatible implicit declaration of built-in function ‘printf’
dpx.c:280: error: ‘DPX_Config’ has no member named ‘portToCheck’
dpx.c:283: error: ‘_dpd’ undeclared (first use in this function)
dpx.c:288: error: ‘DPX_Config’ has no member named ‘portToCheck’
On Tue, Feb 18, 2014 at 1:41 AM, Amtul Saboor <saboor.amtul () gmail com<mailto:saboor.amtul () gmail com>> wrote:
Thanks Russ
Here are the answers:
2. Nothing changed from #1, i am successfully running ./test.sh
command, at the same time, unable to compile dpx.c with gcc command.
gives the mentioned errors. That is confusing.
3. Ok i am starting over in a new directory . Will let you know the results.
Thanks again
On 2/17/14, Russ Combs (rucombs) <rucombs () cisco com<mailto:rucombs () cisco com>> wrote:
I'm not clear on the issue here: 1. You configured and ran successfully dpx 1.6 with Snort 2.9.4.6; good. 2. You can't compile dxp.c. With what version? What changed from #1? 3. You can run test.sh with the errors from #2?? That means you still have an old lib you are running. You need to start over in a new directory and see what you get. Also, what version is now failing? ________________________________ From: Amtul Saboor [saboor.amtul () gmail com<mailto:saboor.amtul () gmail com>] Sent: Monday, February 17, 2014 1:10 PM To: <snort-devel () lists sourceforge net<mailto:snort-devel () lists sourceforge net>> Subject: [Snort-devel] Unable to Compile DPX.C (original file) (dpx-1.6 version) Hello I am starting new thread, i already successfully configured and ran DPX-1.6 with snort-2.9.4.6 version. but I am slightly confused , since i am unable to compile even the original DPX.C file (without any changes ) . I am afraid how can i make changes in dpx.c if the original file has so many errors. NOTE: With all these errors in the dpx.c file, ./test.sh command runs fine, seems that DPX.C file has been deliberately left with some errors. Here is the list of errors, (i have configured snort with enable dynamic examples option) : /usr/src/dpx-new/src# gcc -c dpx.c In file included from dpx.c:33: /snort-2.9.6.0/src/snort_debug.h:81: error: expected ')' before 'dbg' dpx.c:36:48: error: /snort-2.9.6.0/src/sf_snort_packet.h: No such file or directory dpx.c:37:55: error: /snort-2.9.6.0/src/sf_dynamic_preproc_lib.h: No such file or directory dpx.c:38:56: error: /snort-2.9.6.0/src/sf_dynamic_preprocessor.h: No such file or directory dpx.c:39:41: error: /snort-2.9.6.0/src/sfPolicy.h: No such file or directory dpx.c:40:49: error: /snort-2.9.6.0/src/sfPolicyUserData.h: No such file or directory dpx.c:62: error: expected specifier-qualifier-list before 'uint16_t' dpx.c:67: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'curr_data' dpx.c:69: error: expected '=', ',', ';', 'asm' or '__attribute__' before '_dpd' dpx.c:71: warning: 'struct _SnortConfig' declared inside parameter list dpx.c:71: warning: its scope is only this definition or declaration, which is probably not what you want dpx.c:85: error: expected ')' before 'pid' dpx.c:131: error: expected ')' before 'config' dpx.c:146: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'DPX_New' dpx.c: In function 'DPX_Delete': dpx.c:176: error: 'tSfPolicyUserContextId' undeclared (first use in this function) dpx.c:176: error: (Each undeclared identifier is reported only once dpx.c:176: error: for each function it appears in.) dpx.c:176: error: expected ';' before 'config' dpx.c:181: error: 'config' undeclared (first use in this function) dpx.c:181: error: 'DPX_Free' undeclared (first use in this function) dpx.c: In function 'DPX_Setup': dpx.c:194: error: '_dpd' undeclared (first use in this function) dpx.c: At top level: dpx.c:205: warning: 'struct _SnortConfig' declared inside parameter list dpx.c:205: error: conflicting types for 'DPX_Init' dpx.c:71: note: previous declaration of 'DPX_Init' was here dpx.c: In function 'DPX_Init': dpx.c:207: error: 'curr_data' undeclared (first use in this function) dpx.c:209: error: '_dpd' undeclared (first use in this function) dpx.c:210: error: 'PROTO_BIT__TCP' undeclared (first use in this function) dpx.c:210: error: 'PROTO_BIT__UDP' undeclared (first use in this function) dpx.c: In function 'DPX_Term': dpx.c:217: error: 'curr_data' undeclared (first use in this function) dpx.c: In function 'DPX_Process': dpx.c:259: error: 'SFSnortPacket' undeclared (first use in this function) dpx.c:259: error: 'p' undeclared (first use in this function) dpx.c:259: error: expected expression before ')' token dpx.c:260: error: 'tSfPolicyId' undeclared (first use in this function) dpx.c:260: error: expected ';' before 'pid' dpx.c:263: error: 'curr_data' undeclared (first use in this function) dpx.c:263: error: 'pid' undeclared (first use in this function) dpx.c:266: warning: incompatible implicit declaration of built-in function 'printf' dpx.c:280: error: 'DPX_Config' has no member named 'portToCheck' dpx.c:283: error: '_dpd' undeclared (first use in this function) dpx.c:288: error: 'DPX_Config' has no member named 'portToCheck' Kindly help. Thanks.
-- *Amtul Saboor* * -- Amtul Saboor MS (Information Security) Military College of Signals, National University of Science & Technology, Rawalpindi Pakistan -- Amtul Saboor MS (Information Security) Military College of Signals, National University of Science & Technology, Rawalpindi Pakistan
------------------------------------------------------------------------------ Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk
_______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Unable to Compile DPX.C (original file) (dpx-1.6 version) Amtul Saboor (Feb 17)
- Re: Unable to Compile DPX.C (original file) (dpx-1.6 version) Russ Combs (rucombs) (Feb 17)
- Re: Unable to Compile DPX.C (original file) (dpx-1.6 version) Amtul Saboor (Feb 17)
- Re: Unable to Compile DPX.C (original file) (dpx-1.6 version) Amtul Saboor (Feb 18)
- Re: Unable to Compile DPX.C (original file) (dpx-1.6 version) Russ Combs (rucombs) (Feb 18)
- Re: Unable to Compile DPX.C (original file) (dpx-1.6 version) Amtul Saboor (Feb 18)
- Message not available
- Message not available
- Message not available
- Re: Unable to Compile DPX.C (original file) (dpx-1.6 version) Russ Combs (rucombs) (Feb 19)
- Re: Unable to Compile DPX.C (original file) (dpx-1.6 version) Amtul Saboor (Feb 17)
- Re: Unable to Compile DPX.C (original file) (dpx-1.6 version) Russ Combs (rucombs) (Feb 17)