[Snort-users] Typical barnyard compile problems

Richard Bejtlich richard_bejtlich at ...131...
Thu May 13 13:55:03 EDT 2004


I wanted to share the steps I followed to install
Barnyard 0.2.0 on FreeBSD 5.2.1.  The problems
reported so far involve proper recognition of SSL
libraries, which I address for FreeBSD.  

I installed Barnyard to work with Sguil, but this has
no effect on other setups.

First, I installed the
/usr/ports/databases/mysql40-client port with this

make --with-vio --with-openssl
make install

The make parameters are the same as might be used with
a source installation.  This follows the instructions
in the MySQL manual [0].

Next I edited the Barnyard configure script, adding
'-lcrypto' as suggested here [1].

  LIBS="${LIBS} -lz -lssl -lcrypto -lmysqlclient"

Then I ran configure, make, and make install:

./configure --enable-mysql
make install

Now I'm ready to run Barnyard:

sensor:/usr/local/etc/snort$ barnyard -c barnyard.conf
-d /nsm/snort -g gen-msg.map -s sid-msg.map -f
snort.log -w waldo.file
Barnyard Version 0.2.0 (Build 32)
Opened spool file '/nsm/snort/snort.log.1084404301'
Waiting for new data

This setup doesn't use SSL yet as I use other
encrypted tunnels between the sensor and database, but
SSL remains an option.




[1] http://lists.freebsd.org/pipermail/freebsd-net/2003-August/001201.html

Do you Yahoo!?
Yahoo! Movies - Buy advance tickets for 'Shrek 2'

More information about the Snort-users mailing list