Hi,
Well, I've been struggling with this problem for a bit of time now, and I cant
seem to find a solution.
First things first, I'm trying to compile the latest snort 2.3.3 on Suse 9.1.
The part that is giving me the problem is the ./configure which only gives me
problems when I try to build in support for mysql and flexresp2 (the same goes
for plain old flexresp -- gives an error on the same line, just a different
library. I can provide all of the following information for regular flexresp
instead of flexresp2 if needed). At first, I thought it was a library path, or
include path, issue since the error out of configure read as follows:
...
checking for dnet.h usability... yes
checking dnet.h presence... yes
checking for dnet.h... yes
checking for eth_net in -ldnet... no
ERROR! Libnet library not found, go get it from
http://www.packetfactory.net/projects/libnet/
or use the --with-libnet-* options, if you have it installed
in unusual place
...
However, the ./configure --enable-flexresp2 works when I omit the
"--with-mysql". And the --with-mysql works without the --enable-flexresp2. I
built the dnet with a prefix of /usr and /usr/local ... so it should all be
fine there. The problem is trying to get it to compile together. I attached the
config.log for each scenario (mysql working alone, flexresp2 working alone, and
the failure of building them together).
To be candid, I am quite new to linux and to snort, but have been reading up a
lot. I googled problems like this and scoured the archives, and found no
resolution. In fact, I only found one source that had the same issue (with
regular flexresp), but with no conclusion :
http://archives.neohapsis.com/archives/snort/2003-04/0891.html
By comparing the lines of when it errored to the the lines when it succeeded I
thought would shed some light on the issue:
checking for eth_net in -ldnet passing
---
configure:8564: checking for eth_set in -ldnet
configure:8594: gcc -o conftest -g -O2 -Wall -I/usr/local/include
-DENABLE_RESPONSE2 -I/usr/local/include -L/usr/local/lib -lpcre
-L/usr/local/lib -ldnet conftest.c -ldnet -lpcre -lpcap -lm -lnsl >&5
configure:8600: $? = 0
configure:8604: test -z
---
checking for eth_net in -ldnet failing
---
configure:8564: checking for eth_set in -ldnet
configure:8594: gcc -o conftest -g -O2 -Wall -I/usr/local/include
-I/usr/include/mysql -DENABLE_MYSQL -DENABLE_RESPONSE2 -I/usr/local/include
-L/usr/local/lib -lpcre -L/usr/lib -L/usr/local/lib -ldnet conftest.c -ldnet
-lmysqlclient -lz -lpcre -lpcap -lm -lnsl >&5
/usr/lib/gcc-lib/i586-suse-linux/3.3.3/../../../../i586-suse-linux/bin/ld:
cannot find -lmysqlclient
collect2: ld returned 1 exit status
configure:8600: $? = 1
configure: failed program was:
| /* confdefs.h. */
---
I see a "cannot find -lmysqlclient" when it failed. Not too sure of the path or
what it means, but I know i do have libmysqlclient.so.12 in the proper path (i
figure) since it configured fine with just mysql. I also see a "failed program
was confdefs.h". Dont know what that means though.
I tried the configuration countles times, with different --with-libnet-*
options. No matter what, it fails at the same spot each time. I think since it
configures fine with flexresp2 alone it probably is not a path issue. Although,
maybe it is. Any help would be helpful. I looked for a known bug list on
www.snort.org, but couldnt find one. If this is a known issue, Im sorry.
Thank you,
Tom
P.S. In order to patch snort to have the flexresp2 option, I followed the
directions in the readme.flexresp2. However, I did not find autojunk.sh (I
think since its not a CVS build I'm trying -- but I could be way off) so
./autojunk.sh failed (it said it wasnt a directory) In order to get around that
I just issued the following four commands: aclocal && autoheader && automake
--add-missing && autoconf. Just letting you know just in case this is what is
causing me to have problems.
This is my first email to the group, so if you need any information that I left
out, my apologies and will get it as soon as possible. Thanks!
=====================================================================
Please note that this e-mail and any files transmitted with it may be
privileged, confidential, and protected from disclosure under
applicable law. If the reader of this message is not the intended
recipient, or an employee or agent responsible for delivering this
message to the intended recipient, you are hereby notified that any
reading, dissemination, distribution, copying, or other use of this
communication or any of its attachments is strictly prohibited. If
you have received this communication in error, please notify the
sender immediately by replying to this message and deleting this
message, any attachments, and all copies and backups from your
computer.
config.log with flexresp2 working.txt
Description: config.log with flexresp2 working.txt
config.log with mysql support working.txt
Description: config.log with mysql support working.txt
config.log with flexresp2 & mysql failing.txt
Description: config.log with flexresp2 & mysql failing.txt
