[Snort-users] Snort Using as IPS

Teo En Ming teo.en.ming at ...11827...
Thu Apr 10 07:03:42 EDT 2014


Dear Pothineni,

I am not very sure whether there is any documentation for snort source
code. I think Snort sends calls to iptables to drop packets.

Regards,

Teo En Ming


On Thu, Apr 10, 2014 at 5:55 PM, Pothineni sai bhushan <
psaibhushan at ...11827...> wrote:

> Thanks a lot. Is there any documentation for snort source code?I would
> like to know where the snort actually sends calls to drop packets .
>
>
>
> On Thu, Apr 10, 2014 at 3:09 PM, Teo En Ming <teo.en.ming at ...11827...>wrote:
>
>> Hi,
>>
>> The manual was written by James Lay. You can find the manual at:
>> http://s3.amazonaws.com/snort-org/www/assets/229/ids2ips.txt
>>
>> By the way, the daq you are trying to install is outdated. The latest daq
>> version is 2.0.2. The latest Snort version is 2.9.6.0.
>>
>> Regards,
>>
>> Teo En Ming
>>
>>
>> On Thu, Apr 10, 2014 at 5:12 PM, Pothineni sai bhushan <
>> psaibhushan at ...11827...> wrote:
>>
>>> Hi,
>>>  I am new to snort and trying to make it work as IPS.If you dont mind,
>>> can you send me the manual u mentioned at
>>> http://seclists.org/snort/2014/q2/99  .
>>>  I get the following error message while trying to reinstall DAQ
>>>     libtool: install: (cd
>>> /home/bhushan/Downloads/daq-1.1.1/os-daq-modules; /bin/bash
>>> /home/bhushan/Downloads/daq-1.1.1/libtool  --tag CC --mode=relink gcc
>>> -DBUILDING_SO -g -O2 -fvisibility=hidden -Wall -Wwrite-strings
>>> -Wsign-compare -Wcast-align -Wextra -Wformat -Wformat-security
>>> -Wno-unused-parameter -fno-strict-aliasing -fdiagnostics-show-option
>>> -pedantic -std=c99 -D_GNU_SOURCE -module -export-dynamic -avoid-version
>>> -shared -L/usr/local/lib -ldnet -o daq_nfq.la -rpath /usr/local/lib/daq
>>> daq_nfq_la-daq_nfq.lo -lnfnetlink -lnetfilter_queue -L/usr/local/lib -ldnet
>>> ../sfbpf/libsfbpf.la )
>>> libtool: relink: gcc -shared  -fPIC -DPIC  .libs/daq_nfq_la-daq_nfq.o
>>> -L/usr/local/lib -lnfnetlink -lnetfilter_queue -ldnet -lsfbpf  -O2
>>> -Wl,-soname -Wl,daq_nfq.so -o .libs/daq_nfq.so
>>> /usr/bin/ld: /usr/local/lib/libdnet.a(addr.o): relocation R_X86_64_32
>>> against `.rodata.str1.1' can not be used when making a shared object;
>>> recompile with -fPIC
>>> /usr/local/lib/libdnet.a: could not read symbols: Bad value
>>> collect2: error: ld returned 1 exit status
>>> libtool: install: error: relink `daq_nfq.la' with the above command
>>> before installing it
>>>   .
>>>    Could you suggest anything.
>>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20140410/2c466acb/attachment.html>


More information about the Snort-users mailing list