[Snort-users] Snort Using as IPS
Teo En Ming
teo.en.ming at ...11827...
Thu Apr 10 07:03:42 EDT 2014
I am not very sure whether there is any documentation for snort source
code. I think Snort sends calls to iptables to drop packets.
Teo En Ming
On Thu, Apr 10, 2014 at 5:55 PM, Pothineni sai bhushan <
psaibhushan at ...11827...> wrote:
> Thanks a lot. Is there any documentation for snort source code?I would
> like to know where the snort actually sends calls to drop packets .
> On Thu, Apr 10, 2014 at 3:09 PM, Teo En Ming <teo.en.ming at ...11827...>wrote:
>> The manual was written by James Lay. You can find the manual at:
>> By the way, the daq you are trying to install is outdated. The latest daq
>> version is 2.0.2. The latest Snort version is 126.96.36.199.
>> Teo En Ming
>> On Thu, Apr 10, 2014 at 5:12 PM, Pothineni sai bhushan <
>> psaibhushan at ...11827...> wrote:
>>> I am new to snort and trying to make it work as IPS.If you dont mind,
>>> can you send me the manual u mentioned at
>>> http://seclists.org/snort/2014/q2/99 .
>>> I get the following error message while trying to reinstall DAQ
>>> libtool: install: (cd
>>> /home/bhushan/Downloads/daq-1.1.1/os-daq-modules; /bin/bash
>>> /home/bhushan/Downloads/daq-1.1.1/libtool --tag CC --mode=relink gcc
>>> -DBUILDING_SO -g -O2 -fvisibility=hidden -Wall -Wwrite-strings
>>> -Wsign-compare -Wcast-align -Wextra -Wformat -Wformat-security
>>> -Wno-unused-parameter -fno-strict-aliasing -fdiagnostics-show-option
>>> -pedantic -std=c99 -D_GNU_SOURCE -module -export-dynamic -avoid-version
>>> -shared -L/usr/local/lib -ldnet -o daq_nfq.la -rpath /usr/local/lib/daq
>>> daq_nfq_la-daq_nfq.lo -lnfnetlink -lnetfilter_queue -L/usr/local/lib -ldnet
>>> ../sfbpf/libsfbpf.la )
>>> libtool: relink: gcc -shared -fPIC -DPIC .libs/daq_nfq_la-daq_nfq.o
>>> -L/usr/local/lib -lnfnetlink -lnetfilter_queue -ldnet -lsfbpf -O2
>>> -Wl,-soname -Wl,daq_nfq.so -o .libs/daq_nfq.so
>>> /usr/bin/ld: /usr/local/lib/libdnet.a(addr.o): relocation R_X86_64_32
>>> against `.rodata.str1.1' can not be used when making a shared object;
>>> recompile with -fPIC
>>> /usr/local/lib/libdnet.a: could not read symbols: Bad value
>>> collect2: error: ld returned 1 exit status
>>> libtool: install: error: relink `daq_nfq.la' with the above command
>>> before installing it
>>> Could you suggest anything.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users