[Snort-users] Snort Install

Leon Vergottini leonv at ...17132...
Thu Apr 2 09:13:07 EDT 2015


Hi

 

Thank you for the response.  I have made some progress by ticking off:
'Build IPQ DAQ module....... : no.'  It configured after I have installed
the iptables-devel package on my Centos install.

 

I have followed your suggestion and tried to install it from the source
code.  The installation was successful, without any premature exists or
error messages.  However, I am still struggling with netmap. Below is the
output:

 

checking net/netmap_user.h usability... no

checking net/netmap_user.h presence... no

 

checking dumbnet.h usability... no

checking dumbnet.h presence... no

 

Build netmap DAQ module...... : no

 

I have done find / -name to try and locate the files, without any success.

 

Am I missing something stupid here?  If so, please feel free to shout at me.

 

Kind Regards

Leon

 

From: Al Lewis (allewi) [mailto:allewi at ...589...] 
Sent: 02 April 2015 12:51 PM
To: Leon Vergottini; snort-users at lists.sourceforge.net
Subject: RE: [Snort-users] Snort Install

 

Hello,

 

Please see the DAQ README which is where the info below was taken from:

 

Notes on iptables

=================

 

These notes are just a quick reminder that you need to set up iptables to
use

the IPQ or NFQ DAQs.  Doing so may cause problems with your network so tread

carefully.  The examples below are intentionally incomplete so please read
the

related documentation first.

 

 

 

FreeBSD

-------

In FreeBSD 10.0, netmap has been integrated into the core OS.  In order to
use

it, you must recompile your kernel with the line

 

    device netmap

 

added to your kernel config.

 

Linux

-----

You will need to download the netmap source code from the project's
repository:

 

    https://code.google.com/p/netmap/

 

Follow the instructions on the project's homepage for compiling and
installing

the code:

 

    http://info.iet.unipi.it/~luigi/netmap/

 

 

 

 

 

Hope this helps!

 

 

Albert Lewis

QA Software Engineer

SOURCEfire, Inc. now part of Cisco

9780 Patuxent Woods Drive
Columbia, MD 21046 

Phone: (office) 443.430.7112

Email: allewi at ...589... <mailto:allewi at ...589...>  

 

From: Leon Vergottini [mailto:leonv at ...17132...] 
Sent: Thursday, April 02, 2015 3:02 AM
To: snort-users at lists.sourceforge.net
<mailto:snort-users at lists.sourceforge.net> 
Subject: [Snort-users] Snort Install

 

Dear Community

 

I am trying to install the latest version of Snort on a Centos 6 minimal
installing.  I have followed the installation Guide
(https://www.snort.org/documents/snort-2-9-7-x-on-centos-6-x-and-7-x) to the
teeth.  However, every time I configure DAQ, I get the following out

 

Build AFPacket DAQ module.. : yes

Build Dump DAQ module...... : yes

Build IPFW DAQ module...... : yes

Build IPQ DAQ module....... : no

Build NFQ DAQ module....... : yes

Build PCAP DAQ module...... : yes

Build netmap DAQ module...... : no

 

IPQ and netmap is not configured.  What do I need to install to enable these
modules?  I have Googled and look at Debain based installations as well to
try and figure out what I am missing.

 

Kind Regards

Leon

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20150402/4ca8aaef/attachment.html>


More information about the Snort-users mailing list