Network Security: Detailed info on Re: [Snort-users] error on "make" in so

Subject:	Re: [Snort-users] error on "make" in so_rules
Date:	Tue, 22 Apr 2008 08:16:58 -0700 (PDT)

Hi Jeffrey, thanks for responding :)

The so_rules directory needs to be located in the
Snort source
directory (snort-2.8.1/so_rules) when compiled.  So
unless you keep
the source in /etc/snort...

 
 Actually, I was rename the snort's directory from
 'snort-2.8.0' becomes 'snort'. 
 The so_rules being located at /etc/snort/so_rules when
 
 compiled. 
 
 # ls
 Makefile                               
 exploit_imail-ldap.c
 Makefile.OSX                           
 exploit_squid-ntlm-auth.c
 _meta.c                                
 netbios_writex.c
 _meta.h                                 p2p.c
 _meta.o                                 p2p.o
 bad-traffic_pgm-nak-overflow.c          p2p_winny.c
 category-build.pl                       pcre.h
 dos_igmpv3.c                            pcreposix.h
 dos_ms06-32.c                          
 web-client_quicktimejpeg-underflow.c
 exploit_dhcp-option-overflow.c
 # pwd
 /etc/snort/so_rules
 # make
 building p2p ... cc -c -ggdb -I. -I.. -I../..
 -I../src/dynamic-preprocessors/include/
 -I/usr/local/include
 -I../src/dynamic-examples/dynamic-rule/ -fPIC
 -fno-stack-protector -D DETECTION_LIB_NAME=\"p2p\" -o
 p2p.o p2p.c
 cc -c -ggdb -I. -I.. -I../..
 -I../src/dynamic-preprocessors/include/
 -I/usr/local/include
 -I../src/dynamic-examples/dynamic-rule/ -fPIC
 -fno-stack-protector -D DETECTION_LIB_NAME=\"p2p\" -o
 _meta.o _meta.c
 ld: p2p_*.o: No such file: No such file or directory
 *** Error code 1
 
 Stop in /etc/snort/so_rules (line 22 of Makefile).


The snortrules-snapshot-CURRENT.tar.gz currently
available from
snort.org, registered user release, version 2.8,
released on
2008-03-11, has a problem with the so_rules
Makefile.  I reported this
on 15 Mar 2008.  Matthew Watchinski says this issue
is in the bug
tracking system.

 
 Thanks for the information :)



 What should I do to solving that kind of problem?
 nb: My Snort box is an OpenBSD4.1 machine.


It would help to know the version of Snort and rules
that you are using.

 
 I beg a pardon, my bad.
 Its Snort-2.8.0 with pretty old version of 
 snortrules-snapshot-CURRENT. I am using this 
 for testing purpose only and there is no 
 bug from implementation at another machines.
 
 Thanks in advance
 Rachmat Hidayat Al Anshar
       
---------------------------------
Be a better friend, newshound, and know-it-all with Yahoo! Mobile.  Try it now.

-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference 
Don't miss this year's exciting event. There's still time to save $100. 
Use priority code J8TL2D2. 
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone

_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

<Prev in Thread]	Current Thread	[Next in Thread>
[Snort-users] error on "make" in so_rules, Rachmat Hidayat Al-Anshar Re: [Snort-users] error on "make" in so_rules, Jeffrey Denton Re: [Snort-users] error on "make" in so_rules, Rachmat Hidayat Al-Anshar Re: [Snort-users] error on "make" in so_rules, Rachmat Hidayat Al-Anshar <=

Previous by Date:	Re: [Snort-sigs] [Snort-users] Emerging Threats: [Fwd: Your message to Snort-sigs awaits moderator approval], Martin Roesch
Next by Date:	Re: [Snort-users] automated response, M. Shirk
Previous by Thread:	Re: [Snort-users] error on "make" in so_rules, Rachmat Hidayat Al-Anshar
Next by Thread:	[Snort-users] automated response, Phillip Woellhof
Indexes:	[Date] [Thread] [Top] [All Lists]

Re: [Snort-users] error on "make" in so_rules