[Snort-users] Barnyard2 - CYGWIN - Windows Compile

Michael Steele michaels at ...9077...
Mon Feb 20 10:22:12 EST 2012


Ok, I have started with a fresh install of CYGWIN in 'c:/cygwin', and
selected the 4 packages as extras to install into the 'c:/cygwin/pkgs'
folder during the initial install of CYGWIN.

1) 2.22.51-1 -- binutils: The GNU assembler.linker and binary utilities
2) 4.5.3-2 -- libgcc1: GCC compiler support shared runtime
3) 3.82.90-1 -- make: The GNU version of the 'make' utility
4) 1.0.3-1 -- makedepend: X Org Makefile dependency tool

>> I would suggest that you wait for the release version to make a "package"
since 2-1.9 will not compile under CYGWIN.

So, before continuing I should wait for the next 'Release Version' before
compiling?

The file binf-barnyard2-v2-1.9-54-g58ce15d.zip won't compile under CYGWIN?

----------\
Just to get started so I have a better understanding of the process:

I downloaded (binf-barnyard2-v2-1.9-54-g58ce15d.zip) from the link below:
 https://github.com/binf/barnyard2/tree/pre-stable

I created a 'c:/cygwin/barnyard2' folder and placed all contents of the
above downloaded file into it.

Now I'm guessing I need a command line to compile after going into the
cygwin terminal?

>From what I think; I'll need two separate compiles;

1) MySQL output?

2) SQL Server output?

I'm not real sure what needs to be done after the compile. What the end
result needs to be is a zip file with all the necessary support files and
folders that can be dissolved into the end folder '\winids\barnyard2', and
then barnyard executed from there. The end result down the road will be an
auto installer (msi). 
----------/

>> I understand this could frustrate a small amount of users but this is why
CYGWIN support was tested and added.

Absolutely, but under the circumstances (snort dropping the output database,
and Suricata with no output database option) this is the only option
available.

>> One of the goal of the next MAJOR release of barnyard2 is windows
compatibility/compilation, but it's not in the top 10 feature and could be
added down the road.

This could be a major problem as time goes by. It seems that if Snort and
Suricata wants to support Windows as a distribution then there will need to
be a native way to get the alerts from Snort, or Suricata to a database
without using a kludge  (CYGWIN) to accomplish the task.

We are also hoping for a native build of Suricata (32/64 bit), sometime in
the future, as we are for Snort (64bit).

There are other obstacles in the path that Windows will need to address
soon, but I'm trying to do this in some logical order.

Kindest regards,
Michael...

-----Original Message-----
From: beenph [mailto:beenph at ...11827...] 
Sent: Sunday, February 19, 2012 9:24 PM
To: Michael Steele
Cc: barnyard2-users at ...14071...; snort-users at lists.sourceforge.net;
firnsy
Subject: Re: [Snort-users] Barnyard2 - CYGWIN - Windows Compile

On Sun, Feb 19, 2012 at 4:04 PM, Michael Steele <michaels at ...9077...>
wrote:
> I've tried to leave a message with Firnsy, and a message in one of the 
> Google groups about getting this compiled, but no response.
>
I think you sent the message only to me and i was going to respond.


> I'll post in her to see if things can get cleared up. It appears that
> Barnyard2 can be compiled for use with Windows, using CYGWIN as the 
> compiler.
>
> https://github.com/firnsy/barnyard2/commit/f71a8d3136970aef184bbab0715
> 32a239
> 03584d2
>

The branch you whould be using is
https://github.com/binf/barnyard2/tree/pre-stable
OR
https://github.com/firnsy/barnyard2/tree/pre-stable

Mine is a few commit ahead and got some unrelated  bug fix and will get
merged when testing is done with.

I would suggest that you wait for the release version to make a "package"
since 2-1.9 will not compile under CYGWIN.

Now to compile under CYGWIN you will need (see attachement for package
details)

But mainly it stand out to the following.
1: compiler package (gcc)
2: autotools/autoconf.
3: winpcap  for pcap headers.
4. If you plan to compile some output module, make sure you compiled the
required software so it can actually be linked.

> I've checked out the latest code and  it does look like all the 
> necessary bits have been added to do this.
>
> I've never used CYGWIN to compile. Suricata provides a guide on how to 
> compile for Windows. Barnyard2 should be doing this, but doesn't.
>
Currently in its form Windows native support is not a priority.
I understand this could frustrate a small amount of users but this is why
CYGWIN support was tested and added.

One of the goal of the next MAJOR release of barnyard2 is windows
compatibility/compilation, but its not in the top 10 feature and could be
added down the road.

> Is there anyone that can help in getting this compiled for use in 
> Windows? I will create a guide, and get it out to the masses so 
> hopefully it will clear up any confusion on how to do this in the 
> future
>

I appreciate your effort trying to support windows users and if you have
further inqueries let us know on our ML's or to our e-mails.

I hope this will help you a bit.

-elz





More information about the Snort-users mailing list