[Snort-users] Solaris 9 and Snort: Problems & Solutions
This is a discussion on [Snort-users] Solaris 9 and Snort: Problems & Solutions within the Snort forums, part of the System Security and Security Related category; This is a multi-part message in MIME format. ------=_NextPart_000_0026_01C48936.A8E8B9C0 Content-Type: text/plain; charset="iso-8859-2&...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
08-23-2004
|
|||
|
|||
[Snort-users] Solaris 9 and Snort: Problems & Solutions
This is a multi-part message in MIME format.
------=_NextPart_000_0026_01C48936.A8E8B9C0 Content-Type: text/plain; charset="iso-8859-2" Content-Transfer-Encoding: quoted-printable I had few problems when I tried to compile Snort 2.1.0 on Solaris 9. = Because I had hard time finding solutions one by one I thought that I = will post them together so no one will have to look for them separately. 1.=20 bash-2.05# make make: Fatal error in reader: Makefile, line 484: Unexpected end of line = seen Makefile ends on line 489:=20 SOLUTION: Use GNU make ;] It couldn't be simpler. 2. In file included from util_net.c:16:=20 util_net.h:14:20: stdint.h: No such file or directory=20 make[3]: *** [util_net.o] Error 1=20 make[3]: Leaving directory = `/home/subrama/sdi/snort-2.1.0/src/sfutil'=20 make[2]: *** [all-recursive] Error 1=20 make[2]: Leaving directory `/home/subrama/sdi/snort-2.1.0/src'=20 make[1]: *** [all-recursive] Error 1=20 make[1]: Leaving directory `/home/subrama/sdi/snort-2.1.0'=20 make: *** [all] Error 2 SOLUTION: Solaris doesn't have/use these file. There are few solutions = that I am aware of: In files: src/sfutil/util_net.h src/preprocessors/flow/flow.h src/preprocessors/flow/portscan/flowps.h src/event_wrapper.h src/preprocessors/flow/flow_stat.h change line : #include <stdint.h> to either : #include = <sys/int_types.h> ( or just inttypes.h instead of sys/int_types.h ) or=20 #ifdef HAVE_STDINT_H #include <stdint.h> #endif If those two doesn't work just copy inttypes.t to stdint.h ( it worked = for me, but other two should work fine ) 3. gcc -g -O2 -Wall -o snort codes.o debug.o decode.o log.o mstring.o = parser.o plugbase.o snort.o snprintf.o strlcatu.o strlcpyu.o tag.o = ubi_BinTree.o ubi_SplayTree.o util.o detect.o signature.o mempool.o = sf_sdlist.o fpcreate.o fpdetect.o pcrm.o byte_extract.o sfthreshold.o = packet_time.o event_wrapper.o output-plugins/libspo.a = detection-plugins/libspd.a preprocessors/libspp.a = preprocessors/flow/portscan/libportscan.a = preprocessors/flow/int-snort/libintsnort.a preprocessors/flow/libflow.a = parser/libparser.a preprocessors/HttpInspect/libhttp_inspect.a = sfutil/libsfutil.a -lpcre -lpcap -lm -lsocket -lnsl Undefined first referenced symbol in file inet_aton sfutil/libsfutil.a(ipobj.o) ld: fatal: Symbol referencing errors. No output written to snort collect2: ld returned 1 exit status make[3]: *** [snort] Error 1 make[3]: Leaving directory `/data/roboczy/snort-2.1.0/src' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/data/roboczy/snort-2.1.0/src' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/data/roboczy/snort-2.1.0' make: *** [all] Error 2 SOLUTION: in configure script add line after INCLUDES ( which is line = number 7401, as You can see below ) This line should look like this one numbered 7402 7401 INCLUDES=3D'-I$(top_srcdir) -I$(top_srcdir)/src = -I$(top_srcdir)/src/sfutil $(extra_incl) -I$(top_srcdir)/src/output-plug ins -I$(top_srcdir)/src/detection-plugins = -I$(top_srcdir)/src/preprocessors -I$(top_srcdir)/src/preprocessors/flow = -I$(top_src dir)/src/preprocessors/portscan = -I$(top_srcdir)/src/preprocessors/flow/int-snort = -I$(top_srcdir)/src/preprocessors/HttpInspe ct/include' 7402 LIBS=3D"$LIBS -lresolv" ------=_NextPart_000_0026_01C48936.A8E8B9C0 Content-Type: text/html; charset="iso-8859-2" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-2"> <META content=3D"MSHTML 6.00.2800.1106" name=3DGENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=3D#ffffff> <DIV><FONT face=3DArial size=3D2>I had few problems when I tried to = compile Snort=20 2.1.0 on Solaris 9. Because I had hard time finding solutions one by one = I=20 thought that I will post them together so no one will have to look for = them=20 separately.</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>1. </FONT></DIV> <DIV> <DIV><FONT face=3DArial size=3D2>bash-2.05# make<BR>make: Fatal error in = reader:=20 Makefile, line 484: Unexpected end of line seen<BR></FONT></DIV> <DIV><FONT face=3DArial size=3D2>Makefile ends on line 489: = </FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial><FONT size=3D2>SOLUTION: Use GNU make ;] = It couldn't=20 be simpler.</FONT></FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>2.</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2> In file included from = util_net.c:16:=20 <BR> util_net.h:14:20: = stdint.h: No=20 such file or directory <BR> = make[3]:=20 *** [util_net.o] Error 1 <BR> = make[3]:=20 Leaving directory `/home/subrama/sdi/snort-2.1.0/src/sfutil'=20 <BR> make[2]: *** = [all-recursive]=20 Error 1 <BR> make[2]: Leaving=20 directory `/home/subrama/sdi/snort-2.1.0/src'=20 <BR> make[1]: *** = [all-recursive]=20 Error 1 <BR> make[1]: Leaving=20 directory `/home/subrama/sdi/snort-2.1.0'=20 <BR> make: *** [all] Error=20 2</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>SOLUTION: Solaris doesn't have/use = these file.=20 There are few solutions that I am aware of:</FONT></DIV> <DIV><FONT face=3DArial size=3D2>In files:<BR></FONT><FONT face=3DArial=20 size=3D2>src/sfutil/util_net.h<BR>src/preprocessors/flow/flow.h<BR>src/pr= eprocessors/flow/portscan/flowps.h<BR>src/event_wrapper.h<BR>src/preproce= ssors/flow/flow_stat.h</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>change line : #include = <stdint.h> to=20 either : #include <sys/int_types.h> ( or just inttypes.h = instead of=20 sys/int_types.h ) or </FONT></DIV> <DIV><FONT face=3DArial size=3D2>#ifdef HAVE_STDINT_H<BR>#include=20 <stdint.h><BR>#endif</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>If those two doesn't = work just copy=20 inttypes.t to stdint.h ( it worked for me, but other two should work = fine=20 )</FONT></DIV> <DIV><FONT face=3DArial size=3D2> 3.</FONT></DIV></DIV> <DIV><FONT face=3DArial size=3D2>gcc -g -O2 -Wall -o = snort =20 codes.o debug.o decode.o log.o mstring.o parser.o plugbase.o snort.o = snprintf.o=20 strlcatu.o strlcpyu.o tag.o ubi_BinTree.o ubi_SplayTree.o util.o = detect.o=20 signature.o mempool.o sf_sdlist.o fpcreate.o fpdetect.o pcrm.o = byte_extract.o=20 sfthreshold.o packet_time.o event_wrapper.o output-plugins/libspo.a=20 detection-plugins/libspd.a preprocessors/libspp.a=20 preprocessors/flow/portscan/libportscan.a=20 preprocessors/flow/int-snort/libintsnort.a preprocessors/flow/libflow.a=20 parser/libparser.a preprocessors/HttpInspect/libhttp_inspect.a=20 sfutil/libsfutil.a -lpcre -lpcap -lm -lsocket=20 -lnsl<BR>Undefined &nb sp; &= nbsp; &nb sp; &n= bsp;=20 first=20 referenced<BR> symbol  = ; & nbsp; = =2 0 in=20 file<BR>inet_aton &nb sp; &n= bsp; &nbs p; &nb= sp; =20 sfutil/libsfutil.a(ipobj.o)<BR>ld: fatal: Symbol referencing errors. No = output=20 written to snort<BR>collect2: ld returned 1 exit status<BR>make[3]: *** = [snort]=20 Error 1<BR>make[3]: Leaving directory=20 `/data/roboczy/snort-2.1.0/src'<BR>make[2]: *** [all-recursive] Error=20 1<BR>make[2]: Leaving directory = `/data/roboczy/snort-2.1.0/src'<BR>make[1]: ***=20 [all-recursive] Error 1<BR>make[1]: Leaving directory=20 `/data/roboczy/snort-2.1.0'<BR>make: *** [all] Error 2<BR></DIV></FONT> <DIV><FONT face=3DArial size=3D2>SOLUTION: in configure script add line = after=20 INCLUDES ( which is line number 7401, as You can see below = )</FONT></DIV> <DIV><FONT face=3DArial size=3D2>This line should look like this one = numbered=20 7402</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>7401 INCLUDES=3D'-I$(top_srcdir)=20 -I$(top_srcdir)/src -I$(top_srcdir)/src/sfutil $(extra_incl)=20 -I$(top_srcdir)/src/output-plug<BR>ins = -I$(top_srcdir)/src/detection-plugins=20 -I$(top_srcdir)/src/preprocessors -I$(top_srcdir)/src/preprocessors/flow = -I$(top_src<BR>dir)/src/preprocessors/portscan =20 -I$(top_srcdir)/src/preprocessors/flow/int-snort =20 -I$(top_srcdir)/src/preprocessors/HttpInspe<BR>ct/include'<BR> 7402&= nbsp;=20 LIBS=3D"$LIBS -lresolv"<BR></DIV></FONT></BODY></HTML> ------=_NextPart_000_0026_01C48936.A8E8B9C0-- ------------------------------------------------------- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
