[Snort-users] (no subject)

Jez Hancock jez.hancock at ...13917...
Tue Sep 5 16:36:10 EDT 2006


>Submitter-Id:  current-users
>Originator:    Jez Hancock
>Organization:  n/a
>Confidential:  no
>Synopsis:      Snort make build fails on FreeBSD 4.11
>Severity:      critical
>Priority:      medium
>Category:      ports
>Class:         sw-bug
>Release:   	FreeBSD 4.11-STABLE i386
>Environment: 	FreeBSD users.munk.me.uk 4.11-STABLE FreeBSD 4.11-STABLE #0: Thu Apr 27 02:47:55 BST 2006 root at ...13918...:/usr/obj/usr/src/sys/MUNKBOXEN i386

>Description:
Build of snort 2.6.0 fails on FreeBSD 4.11.  Seems to be a problem
building the dynamic-rule target(?) 'all-am' - make build is successful
when run with the -DWITHOUT_DYNAMIC flag on FreeBSD 4.11.

Apparently the build is ok on 6.x maintainer - only 4.x seems to be
affected, unsure of 5.x.

In researching the problem I came across a similar problem with snort
here:

http://marc.theaimsgroup.com/?l=snort-users&m=102319926701636&w=2

which was resolved here:

http://marc.theaimsgroup.com/?l=snort-users&m=102322142426677&w=2

although how relevant that fix is to this problem I can't say - the
message was:

cvs update - sys/types.h should be before socket.h

so I'm wondering if this problem has something to do with header files
not being included on FreeBSD 4.11 that are involved in the dynamic rule
processing section of the code?  May be way off though.  cc'ing to
snort-users list in the hope the snort developers might have some
insight in the issue.


Output of errors listed below:

[18:18:10] root at ...13919... /home/munk/ports/security/snort#  ; make build
===>  Building for snort-2.6.0
make  all-recursive
Making all in src
<snip>
Making all in dynamic-rule
cp ../include/sfsnort_dynamic_detection_lib.c sfsnort_dynamic_detection_lib.c
cp ../include/sfsnort_dynamic_detection_lib.h sfsnort_dynamic_detection_lib.h
make  all-am
/bin/sh /usr/local/bin/libtool --mode=compile --tag=CC cc -DHAVE_CONFIG_H  -I. -I. -I../../.. -I../include  -I/usr/local/include -I/usr/local/include/mysql -DENABLE_MYSQL   -O -pipe -Wall -DDYNAMIC_PLUGIN -c -o sfsnort_dynamic_detection_lib.lo sfsnort_dynamic_detection_lib.c
mkdir .libs
 cc -DHAVE_CONFIG_H -I. -I. -I../../.. -I../include -I/usr/local/include -I/usr/local/include/mysql -DENABLE_MYSQL -O -pipe -Wall -DDYNAMIC_PLUGIN -c sfsnort_dynamic_detection_lib.c  -fPIC -DPIC -o .libs/sfsnort_dynamic_detection_lib.o
In file included from ../include/sf_snort_plugin_api.h:39,
                 from sfsnort_dynamic_detection_lib.c:2:
/usr/include/netinet/in.h:235: syntax error before `in_addr_t'
/usr/include/netinet/in.h:287: syntax error before `u_char'
In file included from /usr/include/netinet/in.h:493,
                 from ../include/sf_snort_plugin_api.h:39,
                 from sfsnort_dynamic_detection_lib.c:2:
/usr/include/netinet6/in6.h:122: syntax error before `u_int8_t'
/usr/include/netinet6/in6.h:144: syntax error before `u_int8_t'
/usr/include/netinet6/in6.h:149: syntax error before `u_int32_t'
/usr/include/netinet6/in6.h:612: syntax error before `*'
/usr/include/netinet6/in6.h:613: warning: type defaults to `int' in declaration of `inet6_option_append'
/usr/include/netinet6/in6.h:614: syntax error before `*'
/usr/include/netinet6/in6.h:614: warning: type defaults to `int' in declaration of `inet6_option_alloc'
/usr/include/netinet6/in6.h:614: warning: data definition has no type or storage class
/usr/include/netinet6/in6.h:615: syntax error before `u_int8_t'
/usr/include/netinet6/in6.h:616: syntax error before `u_int8_t'
/usr/include/netinet6/in6.h:631: syntax error before `u_int8_t'
/usr/include/netinet6/in6.h:636: syntax error before `u_int8_t'
/usr/include/netinet6/in6.h:638: syntax error before `u_int8_t'
*** Error code 1

Stop in /home/munk/ports/security/snort/work/snort-2.6.0/src/dynamic-examples/dynamic-rule.
*** Error code 1

Stop in /home/munk/ports/security/snort/work/snort-2.6.0/src/dynamic-examples/dynamic-rule.
*** Error code 1

Stop in /home/munk/ports/security/snort/work/snort-2.6.0/src/dynamic-examples.
*** Error code 1

Stop in /home/munk/ports/security/snort/work/snort-2.6.0/src/dynamic-examples.
*** Error code 1

Stop in /home/munk/ports/security/snort/work/snort-2.6.0/src.
*** Error code 1

Stop in /home/munk/ports/security/snort/work/snort-2.6.0.
*** Error code 1

Stop in /home/munk/ports/security/snort/work/snort-2.6.0.
*** Error code 1

Stop in /home/munk/ports/security/snort.

>How-To-Repeat:
cvsup to latest ports tree.

cd /usr/ports/security/snort
make clean build

>Fix:
Temporary workaround for users who don't require dynamic rule
functionality as mentioned above is to pass -DWITHOUT_DYNAMIC flag to
make:

cd /usr/ports/security/snort
make -DWITHOUT_DYNAMIC clean install

However the default port installed snort.conf file will need changing as
per the message displayed by the port when installing WITHOUT_DYNAMIC.




More information about the Snort-users mailing list