[Snort-devel] Re: Compiling Snort 1.8.4 with Sun WorkShop C++

Martin Roesch roesch at ...402...
Sat Mar 16 13:21:01 EST 2002


We target the gcc compiler as the preferred compiler for Snort.  I don't
have access to the Sun (or other for-pay) compilers, so we go for the one
thing that everyone can get.  I'll look into patching the source for these
particular items.

EXTRACT_32BITS() is there for memory alignment issues on Sparcs and other
architectures that require 32-bit alignments on memory access, it's not
really "architecture dependent" per se.

The win32 stuff went in there when Mike Davis wrote the Win32 port (well,
more recently than that I guess).  I originally developed Snort on Linux and
then switched to FreeBSD as my primary development platform in late 1999.
Just recently I've been using Mac OS X as my development environment and
I've been pretty happy with it.

     -Marty


On 3/16/02 2:38 PM, "Richard van den Berg" <richard at ...1198...> wrote:

> Hi there,
> 
> First off, many thanks for creating and maintaining snort. Excellent IDS.
> 
> I just compiled 1.8.4 (build 99) on my Sunblade 100 (UltraSPARC-IIe) using
> Sun WorkShop 6 update 2 C 5.3 2001/05/15 (formerly known as Forte).
> It did not quite work out of the box. These are the changes I had to make
> to the snort source:
> 
> configure (line 2929):
> -q is not a valid switch for /usr/bin/grep under Solaris 8 (it is for
> /usr/xpg4/bin/grep). I simply removed the -q switch.
> 
> debug.h:
> __inline__ is unknown to Sun Workshop, I added a simple:
> #define __inline__
> 
> spp_anomsensor.c:
> __inline is unknown to Sun Workshop, I added a simple:
> #define __inline
> 
> decode.h (line 380):
> #define EXTRACT_32BITS(p)  ({ u_int32_t __tmp; memmove(&__tmp, (p),
> sizeof(u_int32_t)); (u_int32_t) ntohl(__tmp);})
> This is quite a dirty hack since EXTRACT_32BITS() is used as an argument of
> fprintf. I am surprised that inserting a block of C code as an argument
> actually works with gcc. I created a __EXTRACT_32BITS() function of this
> block which I put at the end of log.c. There is probably a better .c file to
> put such an architecture dependent function though.
> 
> After the above alterations, everything compiled just fine, and snort runs
> happely.
> 
> What's with those "win32" directories, btw? Don't tell me snort was developed
> on a Windows platform and then ported to Unix.
> 
> Sincerely,
> 
> Richard van den Berg
> 

-- 
Martin Roesch - Founder/CEO, Sourcefire Inc. - (410)290-1616
Sourcefire: Professional Snort Sensor and Management Console appliances
roesch at ...402... - http://www.sourcefire.com
Snort: Open Source Network IDS - http://www.snort.org





More information about the Snort-devel mailing list