Two other things to try:
1) Under your Snort source directory in src/inline.c, try adding the
following line just under #include <libnet.h>:
#include <net/ethernet.h>
If this does not work, try:
2) In src/inline.h, just under #include "snort.h", try adding the following:
struct ether_addr
{
u_char ether_addr_octet[6];
};
and see if that works. Let us know.
Thanks,
Todd
David Thibault wrote:
Nope, same (or similar) error:
gcc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I../src -I../src/sfutil
-I/usr/include/pcap -I../src/output-plugins -I../src/detection-plugins
-I../src/dynamic-plugins -I../src/preprocessors
-I../src/preprocessors/flow -I../src/preprocessors/portscan
-I../src/preprocessors/flow/int-snort
-I../src/preprocessors/HttpInspect/include
-I../src/preprocessors/Stream5 -I../src/target-based
-I/usr/local/snort/include -I/usr/local/snort/include
-I/usr/local/snort/include -I/usr/local/snort/include
-I/usr/local/snort/include -fno-strict-aliasing -g -O2 -Wall
-DDYNAMIC_PLUGIN -DGIDS -DLIBNET_LIL_ENDIAN -fno-strict-aliasing -c inline.c
inline.c: In function 'InitInlinePostConfig':
inline.c:183: warning: pointer targets in passing argument 11 of
'libnet_build_ip' differ in signedness
inline.c:186: warning: pointer targets in passing argument 10 of
'libnet_build_tcp' differ in signedness
inline.c:190: warning: pointer targets in passing argument 11 of
'libnet_build_ip' differ in signedness
inline.c:192: warning: pointer targets in passing argument 13 of
'libnet_build_icmp_unreach' differ in signedness
inline.c:201: warning: pointer targets in passing argument 11 of
'libnet_build_ip' differ in signedness
inline.c:204: warning: pointer targets in passing argument 10 of
'libnet_build_tcp' differ in signedness
inline.c:208: warning: pointer targets in passing argument 11 of
'libnet_build_ip' differ in signedness
inline.c:210: warning: pointer targets in passing argument 13 of
'libnet_build_icmp_unreach' differ in signedness
inline.c: In function 'IpqLoop':
inline.c:282: warning: implicit declaration of function 'sig_check'
inline.c: In function 'RejectSocket':
inline.c:454: warning: pointer targets in passing argument 1 of
'libnet_do_checksum' differ in signedness
inline.c:461: warning: pointer targets in passing argument 2 of
'libnet_write_ip' differ in signedness
inline.c:494: warning: pointer targets in passing argument 1 of
'libnet_do_checksum' differ in signedness
inline.c:502: warning: pointer targets in passing argument 2 of
'libnet_write_ip' differ in signedness
inline.c: In function 'RejectLayer2':
inline.c:594: error: dereferencing pointer to incomplete type
inline.c:629: warning: pointer targets in passing argument 1 of
'libnet_do_checksum' differ in signedness
inline.c:635: warning: pointer targets in passing argument 1 of
'libnet_do_checksum' differ in signedness
inline.c:642: warning: pointer targets in passing argument 6 of
'libnet_build_ethernet' differ in signedness
inline.c:649: warning: pointer targets in passing argument 3 of
'libnet_write_link_layer' differ in signedness
inline.c:683: warning: pointer targets in passing argument 1 of
'libnet_do_checksum' differ in signedness
inline.c:689: warning: pointer targets in passing argument 1 of
'libnet_do_checksum' differ in signedness
inline.c:697: warning: pointer targets in passing argument 6 of
'libnet_build_ethernet' differ in signedness
inline.c:707: warning: pointer targets in passing argument 3 of
'libnet_write_link_layer' differ in signedness
make[3]: *** [inline.o] Error 1
make[3]: Leaving directory `/home/davidt/snort/snort-2.8.0.1/src
<http://2.8.0.1/src>'
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory `/home/davidt/snort/snort-2.8.0.1/src
<http://2.8.0.1/src>'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/home/davidt/snort/snort-2.8.0.1
<http://2.8.0.1>'
make: *** [all] Error 2
This time I left off the other --enable-* statements and just went with
the following configure command (still pointing to all my libs and incs
just in case):
./configure --enable-inline
--with-libpcap-includes=/usr/local/snort/include
--with-libpcap-libraries=/usr/local/snort/lib
--with-libpcre-includes=/usr/local/snort/include
--with-libpcre-libraries=/usr/local/snort/lib
--with-libnet-includes=/usr/local/snort/include
--with-libnet-libraries=/usr/local/snort/lib
--with-dnet-includes=/usr/local/snort/include
--with-dnet-libraries=/usr/local/snort/lib
Best,
Dave
On 2/21/08, *David Thibault* <dave@itstrategypartners.com
<mailto:dave@itstrategypartners.com>> wrote:
Thanks, Todd. I will try that and post the results.
Best,
Dave
On 2/21/08, *Todd Wease* <twease@sourcefire.com
<mailto:twease@sourcefire.com>> wrote:
David,
My only guess is that "struct ether_addr" is not getting defined
on your
system. Try editing libnet-headers.h (most likely in
/usr/include/libnet). At or around line 391, remove the #if
(!__GLIBC__) / #endif lines and see if that solves the
problem. If not,
please repost results.
Thanks,
Todd
David Thibault wrote:
> Hello all,
>
> I have been banging my head against the keyboard for 2 days
now...=) I
> am trying to install Snort 2.8.0.1 <http://2.8.0.1>
<http://2.8.0.1> on Centos 5.1. I
> have tried using RPMs for the library and include
dependencies, and
> tried with compiling everything from source. Every time I
> --enable-inline I get the following errors:
>
> make[3]: Entering directory
`/home/davidt/snort/snort-2.8.0.1/src <http://2.8.0.1/src>
> <http://2.8.0.1/src>'
> gcc -m64 -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I../src
-I../src/sfutil
> -I/usr/include/pcap -I../src/output-plugins
-I../src/detection-plugins
> -I../src/dynamic-plugins -I../src/preprocessors
> -I../src/preprocessors/flow -I../src/preprocessors/portscan
> -I../src/preprocessors/flow/int-snort
> -I../src/preprocessors/HttpInspect/include
> -I../src/preprocessors/Stream5 -I../src/target-based
> -I/usr/local/snort/include -I/usr/local/snort/include
> -I/usr/local/snort/include -I/usr/local/snort/include
> -I/usr/include/mysql -DENABLE_MYSQL -I/usr/local/snort/include
> -fno-strict-aliasing -O0 -g -Wall -pthread -I/usr/local/include
> -DDYNAMIC_PLUGIN -DGIDS -DLIBNET_LIL_ENDIAN
-fno-strict-aliasing -c inline.c
> inline.c: In function 'InitInlinePostConfig':
> inline.c:183: warning: pointer targets in passing argument 11 of
> 'libnet_build_ip' differ in signedness
> inline.c:186: warning: pointer targets in passing argument 10 of
> 'libnet_build_tcp' differ in signedness
> inline.c:190: warning: pointer targets in passing argument 11 of
> 'libnet_build_ip' differ in signedness
> inline.c:192: warning: pointer targets in passing argument 13 of
> 'libnet_build_icmp_unreach' differ in signedness
> inline.c:201: warning: pointer targets in passing argument 11 of
> 'libnet_build_ip' differ in signedness
> inline.c:204: warning: pointer targets in passing argument 10 of
> 'libnet_build_tcp' differ in signedness
> inline.c:208: warning: pointer targets in passing argument 11 of
> 'libnet_build_ip' differ in signedness
> inline.c:210: warning: pointer targets in passing argument 13 of
> 'libnet_build_icmp_unreach' differ in signedness
> inline.c: In function 'IpqLoop':
> inline.c:282: warning: implicit declaration of function
'sig_check'
> inline.c: In function 'RejectSocket':
> inline.c:454: warning: pointer targets in passing argument 1 of
> 'libnet_do_checksum' differ in signedness
> inline.c:461: warning: pointer targets in passing argument 2 of
> 'libnet_write_ip' differ in signedness
> inline.c:494: warning: pointer targets in passing argument 1 of
> 'libnet_do_checksum' differ in signedness
> inline.c:502: warning: pointer targets in passing argument 2 of
> 'libnet_write_ip' differ in signedness
> inline.c: In function 'RejectLayer2':
> inline.c:594: error: dereferencing pointer to incomplete type
> inline.c:629: warning: pointer targets in passing argument 1 of
> 'libnet_do_checksum' differ in signedness
> inline.c:635: warning: pointer targets in passing argument 1 of
> 'libnet_do_checksum' differ in signedness
> inline.c:642: warning: pointer targets in passing argument 6 of
> 'libnet_build_ethernet' differ in signedness
> inline.c:649: warning: pointer targets in passing argument 3 of
> 'libnet_write_link_layer' differ in signedness
> inline.c:683: warning: pointer targets in passing argument 1 of
> 'libnet_do_checksum' differ in signedness
> inline.c:689: warning: pointer targets in passing argument 1 of
> 'libnet_do_checksum' differ in signedness
> inline.c:697: warning: pointer targets in passing argument 6 of
> 'libnet_build_ethernet' differ in signedness
> inline.c:707: warning: pointer targets in passing argument 3 of
> 'libnet_write_link_layer' differ in signedness
> make[3]: *** [inline.o] Error 1
> make[3]: Leaving directory
`/home/davidt/snort/snort-2.8.0.1/src <http://2.8.0.1/src>
> <http://2.8.0.1/src>'
> make[2]: *** [all-recursive] Error 1
> make[2]: Leaving directory
`/home/davidt/snort/snort-2.8.0.1/src <http://2.8.0.1/src>
> <http://2.8.0.1/src>'
> make[1]: *** [all-recursive] Error 1
> make[1]: Leaving directory `/home/davidt/snort/snort-2.8.0.1
<http://2.8.0.1>
> <http://2.8.0.1>'
>
> Note that I am on x86_64 architecture, if that makes a
difference. For
> this attempt, I used the following library versions to fulfill
dependencies:
> 1) libpcap-0.9.8 compiled from source.
> 2) pcre-7.6 compiled from source.
> 3) libnet-1.0.2a compiled from source (I have seen the
problems people
> have had with the 1.1.2 version coming from RPMs).
> 4) libdnet-1.11 compiled from source.
> 5) mysql-5.0.22-2.2.el5_1.1 from RPM.
> 6) libprelude-0.9.16.2 compiled from source.
> 7) iptables-devel-1.3.5-1.2.1 from RPM
>
> Here's the configure directive I'm using:
> ./configure --prefix=/usr/local/snort --enable-64bit-gcc
> --enable-prelude --enable-inline
> --with-libpcap-includes=/usr/local/snort/include
> --with-libpcap-libraries=/usr/local/snort/lib
> --with-libpcre-includes=/usr/local/snort/include
> --with-libpcre-libraries=/usr/local/snort/lib
> --with-libnet-includes=/usr/local/snort/include
> --with-libnet-libraries=/usr/local/snort/lib
> --with-dnet-includes=/usr/local/snort/include
> --with-dnet-libraries=/usr/local/snort/lib --with-mysql=/usr/bin
> --with-mysql-includes=/usr/include
--with-mysql-libraries=/usr/lib64
> --with-libprelude-prefix=/usr/local
--with-libipq-includes=/usr/include
> --with-libipq-libraries=/usr/lib64
>
> I am happy to provide more info if necessary.
>
> As an aside, I'm also having problems with flexresp2
compilation, but
> that's a separate issue. At this point I'd like to try inline
first and
> see how it works before falling back on flexresp2.
>
> TIA,
> Dave
>
>
>
------------------------------------------------------------------------
>
>
-------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2008.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
>
>
>
------------------------------------------------------------------------
>
> _______________________________________________
> Snort-users mailing list
> Snort-users@lists.sourceforge.net
<mailto:Snort-users@lists.sourceforge.net>
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
