[Snort-openappid] openappid installation

Noah Dietrich noah_dietrich at 86penny.org
Sun Dec 31 02:01:34 EST 2017


I don't have much experience with cross compiling, but I suspect you'd need
to cross-compile the required pre-requisite libraries and tools first, such
as libdnet <http://libdnet.sourceforge.net/>, the lua interpreter, and
essentially every library that's listed in the install guide (libpcap-dev
libpcre3-dev libdumbnet-dev zlib1g-dev liblzma-dev, libnghttp-dev, and
others) and make those available to the cross compile build system before
compiling snort (assuming you have the correct ARM toolchain).  You'd need
to install some of those tools (maybe libdnet, and definitely the lua
interpreter) onto the target system alongside Snort as well, as Snort needs
those available to run.

Again, i don't have much experience with cross-compilation, but all the
libraries that snort requires as part of its compilation can't just be the
ones that the package manager installs ( ibpcap-dev...), since those are
compiled for your host platform, not your target platform.  You can't just
install those on the target system, since Snort needs those libraries
available when building.

I'd start with dnet, and then work from there.  Some of the libraries
listed above are optional, and  provide additional functionality and could
be omited (zlib, lzma, and maybe others) for simplicity.

Your best bet would be to get a compatible version of GCC running on your
dd-wrt system, as then you don't have to worry about the intricacies of
cross compiling.  Someone else on this list may be able to assist, or you
could try emailing the Snort-developers list to see if anyone has any
experience with cross-compilation to the arm architecture.

Noah


On Sat, Dec 30, 2017 at 8:18 PM, ag at la-gordon.org <ag at la-gordon.org> wrote:

> Hello,
>
> Thanks for this, however I've seen this before but it wasn't clear to me
> about how to install it on my router running DDWRT (armv71, linux 3.18.24
> SMP.   I didn't think the binaries created under Ubuntu would work on the
> router.   For one thing I don't find a version of GCC compatible with the
> router so I'd have to cross compile the sources which is where I'm stuck.
>
> Thanks
>
> Allen Gordon, Ph.D., CISSP
>
>
>
>
> On Dec 29, 2017, at 2:12 AM, Noah Dietrich <noah_dietrich at 86penny.org>
> wrote:
>
> For Snort 2.9.x, you need to first install additional required libraries,
> and then compile snort with the OpenAppID option.
> I've written a tutorial for Ubuntu here:  http://sublimerobots.
> com/2017/01/installing-openappid-with-snort-2-9-9-x-on-ubuntu/ that goes
> into detailed steps for getting OpenAppID working on snort 2.9.x.
>
> Noah
>
>
>
> On Tue, Dec 26, 2017 at 5:37 PM, prasanth <prasanth at bbnl.co.in> wrote:
>
>> Hi,
>>
>> i have installed snort 2.9.11 ,now i want configure openapp-id in
>> existing snort.  is that possible to configure...if yes. please let me know
>> the procedure.
>>
>> Regards
>>
>> Prasanth
>>
>> _______________________________________________
>> Snort-openappid mailing list
>> Snort-openappid at lists.snort.org
>> https://lists.snort.org/mailman/listinfo/snort-openappid
>>
>> Please visit http://blog.snort.org to stay current on all the latest
>> Snort news!
>>
>
> _______________________________________________
> Snort-openappid mailing list
> Snort-openappid at lists.snort.org
> https://lists.snort.org/mailman/listinfo/snort-openappid
>
> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-openappid/attachments/20171231/2887ae7e/attachment.html>


More information about the Snort-openappid mailing list