Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Snort-users] Problems compiling with --enable-inline on CentOS 5.1

from [David Thibault] Network Security [Permanent Link]
Subject: Re: [Snort-users] Problems compiling with --enable-inline on CentOS 5.1
Date: Thu, 21 Feb 2008 11:58:52 -0500 
Thanks, Todd.  I will try that and post the results.
Best,
Dave

On 2/21/08, Todd Wease <twease@sourcefire.com> wrote:


David,

My only guess is that "struct ether_addr" is not getting defined on your
system.  Try editing libnet-headers.h (most likely in
/usr/include/libnet).  At or around line 391, remove the #if
(!__GLIBC__) / #endif lines and see if that solves the problem.  If not,
please repost results.

Thanks,
Todd


David Thibault wrote:

Hello all,

I have been banging my head against the keyboard for 2 days now...=)  I



am trying to install Snort 2.8.0.1 <http://2.8.0.1> on Centos 5.1.  I



have tried using RPMs for the library and include dependencies, and
tried with compiling everything from source.  Every time I
--enable-inline I get the following errors:

make[3]: Entering directory `/home/davidt/snort/snort-2.8.0.1/src



<http://2.8.0.1/src>'



gcc -m64 -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I../src -I../src/sfutil
-I/usr/include/pcap -I../src/output-plugins -I../src/detection-plugins
-I../src/dynamic-plugins -I../src/preprocessors
-I../src/preprocessors/flow -I../src/preprocessors/portscan
 -I../src/preprocessors/flow/int-snort
 -I../src/preprocessors/HttpInspect/include
-I../src/preprocessors/Stream5 -I../src/target-based
 -I/usr/local/snort/include -I/usr/local/snort/include
-I/usr/local/snort/include -I/usr/local/snort/include
-I/usr/include/mysql -DENABLE_MYSQL -I/usr/local/snort/include
-fno-strict-aliasing  -O0 -g -Wall -pthread -I/usr/local/include
-DDYNAMIC_PLUGIN -DGIDS -DLIBNET_LIL_ENDIAN -fno-strict-aliasing -c

inline.c

inline.c: In function 'InitInlinePostConfig':
inline.c:183: warning: pointer targets in passing argument 11 of
'libnet_build_ip' differ in signedness
inline.c:186: warning: pointer targets in passing argument 10 of
'libnet_build_tcp' differ in signedness
inline.c:190: warning: pointer targets in passing argument 11 of
'libnet_build_ip' differ in signedness
inline.c:192: warning: pointer targets in passing argument 13 of
'libnet_build_icmp_unreach' differ in signedness
inline.c:201: warning: pointer targets in passing argument 11 of
'libnet_build_ip' differ in signedness
inline.c:204: warning: pointer targets in passing argument 10 of
'libnet_build_tcp' differ in signedness
inline.c:208: warning: pointer targets in passing argument 11 of
'libnet_build_ip' differ in signedness
inline.c:210: warning: pointer targets in passing argument 13 of
'libnet_build_icmp_unreach' differ in signedness
inline.c: In function 'IpqLoop':
inline.c:282: warning: implicit declaration of function 'sig_check'
inline.c: In function 'RejectSocket':
inline.c:454: warning: pointer targets in passing argument 1 of
'libnet_do_checksum' differ in signedness
inline.c:461: warning: pointer targets in passing argument 2 of
'libnet_write_ip' differ in signedness
inline.c:494: warning: pointer targets in passing argument 1 of
'libnet_do_checksum' differ in signedness
inline.c:502: warning: pointer targets in passing argument 2 of
'libnet_write_ip' differ in signedness
inline.c: In function 'RejectLayer2':
inline.c:594: error: dereferencing pointer to incomplete type
inline.c:629: warning: pointer targets in passing argument 1 of
'libnet_do_checksum' differ in signedness
inline.c:635: warning: pointer targets in passing argument 1 of
'libnet_do_checksum' differ in signedness
inline.c:642: warning: pointer targets in passing argument 6 of
'libnet_build_ethernet' differ in signedness
inline.c:649: warning: pointer targets in passing argument 3 of
'libnet_write_link_layer' differ in signedness
inline.c:683: warning: pointer targets in passing argument 1 of
'libnet_do_checksum' differ in signedness
inline.c:689: warning: pointer targets in passing argument 1 of
'libnet_do_checksum' differ in signedness
inline.c:697: warning: pointer targets in passing argument 6 of
'libnet_build_ethernet' differ in signedness
inline.c:707: warning: pointer targets in passing argument 3 of
'libnet_write_link_layer' differ in signedness
make[3]: *** [inline.o] Error 1
make[3]: Leaving directory `/home/davidt/snort/snort-2.8.0.1/src



<http://2.8.0.1/src>'



make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory `/home/davidt/snort/snort-2.8.0.1/src



<http://2.8.0.1/src>'



make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/home/davidt/snort/snort-2.8.0.1



<http://2.8.0.1>'




Note that I am on x86_64 architecture, if that makes a difference.  For
this attempt, I used the following library versions to fulfill

dependencies:

1) libpcap-0.9.8 compiled from source.
2) pcre-7.6 compiled from source.
3) libnet-1.0.2a compiled from source (I have seen the problems people
have had with the 1.1.2 version coming from RPMs).
4) libdnet-1.11 compiled from source.
5) mysql-5.0.22-2.2.el5_1.1 from RPM.
6) libprelude-0.9.16.2 compiled from source.
7) iptables-devel-1.3.5-1.2.1 from RPM

Here's the configure directive I'm using:
./configure --prefix=/usr/local/snort --enable-64bit-gcc
--enable-prelude --enable-inline
--with-libpcap-includes=/usr/local/snort/include
--with-libpcap-libraries=/usr/local/snort/lib
--with-libpcre-includes=/usr/local/snort/include
--with-libpcre-libraries=/usr/local/snort/lib
--with-libnet-includes=/usr/local/snort/include
--with-libnet-libraries=/usr/local/snort/lib
--with-dnet-includes=/usr/local/snort/include
--with-dnet-libraries=/usr/local/snort/lib --with-mysql=/usr/bin
--with-mysql-includes=/usr/include --with-mysql-libraries=/usr/lib64
--with-libprelude-prefix=/usr/local --with-libipq-includes=/usr/include
--with-libipq-libraries=/usr/lib64

I am happy to provide more info if necessary.

As an aside, I'm also having problems with flexresp2 compilation, but
that's a separate issue. At this point I'd like to try inline first and
see how it works before falling back on flexresp2.

TIA,
Dave





------------------------------------------------------------------------



-------------------------------------------------------------------------

This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/


------------------------------------------------------------------------

_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users




-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Snort-users] Problems compiling with --enable-inline on CentOS 5.1, Todd Wease
Next by Date:  Re: [Snort-users] Problems compiling with --enable-inline on CentOS 5.1, David Thibault
Previous by Thread:  Re: [Snort-users] Problems compiling with --enable-inline on CentOS 5.1, Todd Wease
Next by Thread:  Re: [Snort-users] Problems compiling with --enable-inline on CentOS 5.1, David Thibault
Indexes:  [Date] [Thread] [Top] [All Lists]