[Snort-users] Gentoo Linux Snort Users

NA dustypath at ...5068...
Thu Feb 24 16:19:19 EST 2011

Thank you very much for your work, I was just lamenting this morning 
over a new install of 2.9.03 that FPs all over the place compared to!

I am having trouble though as the patch fails when emerging the new 
ebuild. I was having trouble with dynamic detection already, the 
directory /usr/lib64/dynamicrules is empty and attempts to build the 
so_rules fails with a segfault (probably because of the empty directory, 
nothing to work on). I will post a bug report at bug.gentoo.org unless 
you have any insight that this is my screw up!

Thanks again

Bill B
> Howdy!
> Just wanted to give an update on the current Snort ebuild and the
> ebuilds for some snort related packages.
> Snort-
> This was committed to portage this afternoon, so it should hit the
> mirror near you in the next 24-48 hrs. The ebuild was delayed due to a
> bug we found when trying to compile with the dynamicplugins USE flag
> disabled. The Sourcefire folks provided a patch for this.
> The ebuild is currently stable for amd64 and unstable for x86. The
> unstable is due to the prelude package being unstable. I'm considering
> yanking support for Prelude from the ebuild. This is something that
> should be handled by Barnyard2 anyways. If you are violently opposed
> to dropping Prelude support, then shoot me an email. Also, I will
> likely drop the ipv6 USE flag in the next version and hard code in
> ipv6 support. This is due to the difference between ipv4 and ipv6 and
> how that affects ipvar/portvar and var.
> I've gotten a number of emails from Gentoo folks looking for
> config.log and build.log when working bugs with SF. Since the build
> environment gets cleaned up after the package is installed these were
> not available. With the ebuild you can now find both of these
> files in the "support" directory in the package's doc directory.
> daq-0.5
> This ebuild is currently stable for amd64 and unstable for x86. This
> will likely stabilize when Snort does. This version does not have the
> buffer_size_mb fix in it. I'll roll an -r1 version to include this fix
> some time soon.
> Barnyard2-1.9
> This ebuild is marked unstable for both amd64 and x86. The ebuild is
> fairly new, that is why it is not stabilized yet. There are some
> issues with this ebuild. It currently only supports the database
> output plugins and those plugins that get compiled by default. The is
> no ipv6 support. Barnyard2 currently does not compile with
> --enable-ipv6. I've bugged this upstream.
> The above are all in the main portage tree. The following packages
> have been committed to the Sunrise Overlay
> (http://overlays.gentoo.org/proj/sunrise). I'm working with the dev's
> to get these into the main distro tree, but they live in Sunrise for
> now.
> Pulledpork-0.5
> No known issues.
> daemonlogger-1.2.1
> No known issues. Supports both tap and logging mode in the init scripts.
> hogger-2.1
> No known issues.
> If you want to help out with any of these packages or you just want
> access to them before they are committed to the trees, you can add my
> Github repository as an overly https://github.com/wally3514/Gentoo.
> This is a development space so YMMV.
> thx,
> Wally
> ------------------------------------------------------------------------------
> Free Software Download: Index, Search&  Analyze Logs and other IT data in
> Real-Time with Splunk. Collect, index and harness all the fast moving IT data
> generated by your applications, servers and devices whether physical, virtual
> or in the cloud. Deliver compliance at lower cost and gain new business
> insights. http://p.sf.net/sfu/splunk-dev2dev
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users

More information about the Snort-users mailing list