[Snort-users] Problem with compiling snort

Dave Ellingsberg dave.ellingsberg at ...6923...
Fri Dec 5 08:13:01 EST 2003


get the whole source and compile without server.  MySQL-4.1.0-0.src.rpm  these instructions contain some errors.
**********************
SUSE 8.2 pro
Snort 2.0.0
MySQL-4.1.0-0alpha

get the tar into /usr/src/packages/SOURCES

>>rpm -ivh MySQL-4.1.0-0.alpha.src.rpm
this will unpack the tar.gz  now
>>tar -zxvf mysql*.gz
this will unpack the src into its proper tree
>>cd my*
to switch to the source tree
>>./configure --without-server
for the client on a sensor you do not need the server parts
>> make
>>make install

you are done with mysql almost
>> vi /etc/ld.so.conf
add /usr/local/lib/mysql to the lines in this file
:wq

>>cd ..
unpack snort
>>tar -xvf snort*.tar
change to the source tree
>> cd snort*
make the install with sql support
>> ./configure --with-mysql
>> make
>>make install
copy necessary files
>>cd rules
>> mkdir /etc/snort
>> cp *.rules /etc/snort
>>cd ..
copy config files
>> cd etc
>> copy *.config /etc/snort
>>cd ..
copy stuff from new cd with sources to proper locations
>>cp /media/cdrom/snortd  /etc/init.d/
>>cp /media/cdrom/snort.conf /etc/snort

now you are almost ready to start snort
>>mkdir /var/log/snort

set rights on snortd
>>cd /etc/init.d
>>chmod 755 snortd

Start it.
>>./snortd start
check it
>> ./snortd status
you should get a listing of two entries one for snort and one for snortd

almost done
>chkconfig snortd 2345

it should start everytime now.



>>> <dunervst at ...348...> 12/2/2003 8:00:33 AM >>>
Hi together,

i have a Problem with every snort version out there. The issue is that i compile snort like that:

./configure --with-mysql
make
make check
make install

during the configure option it shows me that mysql support is ok. When i am done, there is nothing. No /etc/snort, no subsys/snort, no var/log/snort and no /usr/sbin/snort. There is really nothing. When i make a rpm of the tar file it is working, but i can´t use it with mysql. After rpmbuild i got 2 Pakages snort and snort-mysql. I installed both but every time i restart snort it tells me that it can´t shut down the service. In the message log 

snort: database: 'mysql' support is not compiled into this build of snort
snort: FATAL ERROR: If this build of snort was obtained as a binary distribution (e.g., rpm, or Windows), then check for alternate builds that contains the necessary 'mysql' support.  If this build of snort was compiled by you, then re-run the the./configure script using the '--with-mysql' switch. For non-standard installations of a database, the '--with-mysql=DIR' syntax may need to be used to specify the base directory of the DB install.  See the database documentation for cursory details (doc/README.database). and the URL to the most recent database plugin documentation.

What does that error came from ? How to fix it. I tried to compile manually, but it is not working. My mysql server it up and running very well. Snort db and tables are created via the snort_db_install_script.

Please Help me, i tried snort-2.0.5 and snort 2.0.4 and snort 2.0.2
Thank you in advance
Michael





More information about the Snort-users mailing list