[Snort-users] snort and suse

Martina Podesser Martina.Podesser at ...6698...
Sun Sep 15 18:29:13 EDT 2002


hello,

I have tried to install snort on a suse 7.3 mashine.
Before I could do that I had to install :

flex-2.5.4a.tar.gz 

# cp flex-2.5.4a.tar.gz /usr/src/packages/SOURCES
# cd /usr/src/packages/SOURCES
# tar -zxvf flex-2.5.4a.tar.gz
# cd /usr/src/redhat/SOURCES/flex-2.5.4
# ./configure
# make
# make install
# make clean

bison-1.35.tar.gz

# cp bison-1.35.tar.gz /usr/src/packages/SOURCES
# cd /usr/src/packages/SOURCES
# tar -zxvf bison-1.35.tar.gz
# cd /usr/src/redhat/SOURCES/bison-1.35
# ./configure
# make
# make check
# make install
# make clean

libpcap-0.7.1.tar.Z

# cp libpcap-0.7.1.tar.Z /usr/src/packages/SOURCES
# cd /usr/src/packages/SOURCES
# tar -zxvf libpcap-0.7.1.tar.Z
# cd /usr/src/redhat/SOURCES/libpcap-0.7.1
# ./configure
# make
# make install

Then I installed snort-1.8.7.tar.gz 

# cp snort-1.8.7.tar.gz /usr/src/packages/SOURCES
# cd /usr/src/packages/SOURCES
# tar -zxvf snort-1.8.7.tar.gz
# cd /usr/src/redhat/SOURCES/snort-1.8.7.tar.gz
# ./configure --with-mysql
# make
# make install

and got the following errors:

snort.c:1698: warning: unsigned int format, long unsigned int arg (arg2)
snort.c:1698: warning: unsigned int format, long unsigned int arg (arg3)

# mkdir /etc/snort
# cp snortrules.tar.gz /etc/snort
#cd /etc/snort
# tar -zxvf snortrules.tar.gz
# cd /etc/snort/rules
# mv * ../
# cd ..
# rmdir rules
# vi snort.conf

and modified the snort.conf file

But then I tried to copy snortd file to the /etc/rc.d/init.d file - but this
file doesn't exist so I decided to copy it to the /etc/rc.d directory (at
suse /etc/rc.d and /etc/init.d contain the same files)

# cp snortd to /etc/rc.d
# cd /etc/rc.d
# chmod 755 snortd
# chkconfig --level 2345 snortd on
# vi snortd

and edited the snortd file

# /etc/rc.d/snortd start

then I tried to start snort, but the function file was not found (I found it
only in the redhat operating system not in suse)

So what can I do to run snort under suse ?

thank you for your help

best regards,

martina podesser

> 		FLEXTRONICS 
> 		World Trade Center
> 		A-1300 Vienna 
> 		Austria
> 		Martina.Podesser at ...6698... 
> 		www.flextronics.com 
> 
> 




More information about the Snort-users mailing list