Snort mailing list archives
Re: snort compilation on Tru Unix 4.0G
From: System Operations <sysop () mcb net>
Date: Sun, 2 Mar 2003 10:36:27 +0000 (GMT)
Thank you for your prompt reply. Our network consists of five Alphas of varying sizes linked by both 10/100 and fibre so we don't run BSD or Linux - it is hard enough understanding one operating system in real depth! However we could utilise a W2K or even an NT4 machine. For example we utilise an NT box with no public IP's to carry out real-time bandwidth shaping with DYBAND. Could we use one of these and is there a suitable binary available please? It is a pity that SNORT will not compile on TRU-UNIX. If any of your developers would like telnet access to our large development machine I would be happy to arrange it. We support open-source wherever it is possible to do so. Regards stuart mckenzie ---------------------------------------------------------------------- MCB, M & G House, Head Road, Douglas, Isle of Man IM1 5BF sysop () mcb net tel: +44 1624 623 841 fax: +44 1624 623 004 MCB Homepage on the MANNET Internet server: http://www.mcb.net On Sat, 1 Mar 2003, sam wrote:
Because Snort is a NIDS, it does not need to install in a production machine in order to monitor a product network. You can install it in Linux or BSD as a standalone machine, and have this machine connect to the same subnet of the production network. There should be no IP assigned to the machine afterward. System Operations wrote:After struggling for a day to get all the components, libpcap etc and sub-components, bison, flex and sub-sub components GNUM4 and so on, compiled on our Alpha, snort itself fails catastrophically. Configure did not show any errors and I can mail the configs if required. The first problem was that tru-unix does not allow defines where the # is in any other position than column 1. I fixed that by running through the src with a sed. However, sample output below suggests that tru-unix may not be supported fully. Can you possibly advise please as we would VERY much like to try out snort on our network. TIA stuart mckenzie sample make: /data8/snort-1.9.0# make No suffix list. make all-recursive No suffix list. Making all in src Making all in win32 No suffix list. Making all in output-plugins cc -DHAVE_CONFIG_H -I. -I. -I../.. -I../.. -I../../src -I../../src/output-plugc cc: Error: spo_alert_fast.c, line 74: Error parsing parameter list. Found "*" w) void AlertFast(Packet *, char *, void *, Event *); ----------------------^ cc: Error: spo_alert_fast.c, line 95: Missing ")". (closeparen) DEBUG_WRAP(DebugMessage(DEBUG_INIT,"Output plugin: AlertFast is setup...\n"; -------------------------------------------------------------------------------^ cc: Error: spo_alert_fast.c, line 95: Invalid statement. (badstmt) DEBUG_WRAP(DebugMessage(DEBUG_INIT,"Output plugin: AlertFast is setup...\n"; -------------------------------------------------------------------------------^ cc: Error: spo_alert_fast.c, line 114: Missing ")". (closeparen) DEBUG_WRAP(DebugMessage(DEBUG_INIT,"Output: AlertFast Initialized\n");); -------------------------------------------------------------------------^ cc: Error: spo_alert_fast.c, line 114: Invalid statement. (badstmt) DEBUG_WRAP(DebugMessage(DEBUG_INIT,"Output: AlertFast Initialized\n");); --------------------------------------------------------------------------^ cc: Error: spo_alert_fast.c, line 121: Missing ")". (closeparen) DEBUG_WRAP(DebugMessage(DEBUG_INIT,"Linking AlertFast functions to call lis; -------------------------------------------------------------------------------^ cc: Error: spo_alert_fast.c, line 121: Invalid statement. (badstmt) DEBUG_WRAP(DebugMessage(DEBUG_INIT,"Linking AlertFast functions to call lis; -------------------------------------------------------------------------------^ cc: Error: spo_alert_fast.c, line 129: Error parsing parameter list. Found "*" ) void AlertFast(Packet *p, char *msg, void *arg, Event *event) ----------------------^ cc: Error: spo_alert_fast.c, line 229: Missing ")". (closeparen) DEBUG_WRAP(DebugMessage(DEBUG_LOG, "ParseAlertFastArgs: %s\n", args);); ------------------------------------------------------------------------^ cc: Error: spo_alert_fast.c, line 229: Invalid statement. (badstmt) DEBUG_WRAP(DebugMessage(DEBUG_LOG, "ParseAlertFastArgs: %s\n", args);); -------------------------------------------------------------------------^ cc: Error: spo_alert_fast.c, line 253: Missing ")". (closeparen) DEBUG_WRAP(DebugMessage(DEBUG_LOG,"AlertFastCleanExitFunc\n");); -----------------------------------------------------------------^ cc: Error: spo_alert_fast.c, line 253: Invalid statement. (badstmt) DEBUG_WRAP(DebugMessage(DEBUG_LOG,"AlertFastCleanExitFunc\n");); ------------------------------------------------------------------^ cc: Error: spo_alert_fast.c, line 263: Missing ")". (closeparen) DEBUG_WRAP(DebugMessage(DEBUG_LOG,"AlertFastRestartFunc\n");); ---------------------------------------------------------------^ cc: Error: spo_alert_fast.c, line 263: Invalid statement. (badstmt) DEBUG_WRAP(DebugMessage(DEBUG_LOG,"AlertFastRestartFunc\n");); ----------------------------------------------------------------^ cc: Error: spo_alert_fast.c, line 94: In this statement, "NT_OUTPUT_ALERT" is n) RegisterOutputPlugin("alert_fast", NT_OUTPUT_ALERT, AlertFastInit); ---------------------------------------^ cc: Error: spo_alert_fast.c, line 116: In this statement, "pv" is not declared.) pv.alert_plugin_active = 1; ----^ cc: Warning: spo_alert_fast.c, line 119: In this statement, the referenced type) data = ParseAlertFastArgs(args); ------------------------------^ cc: Error: spo_alert_fast.c, line 124: In this statement, "AlertFast" is not de) AddFuncToOutputList(AlertFast, NT_OUTPUT_ALERT, data); ------------------------^ cc: Error: spo_alert_fast.c, line 124: In this statement, "NT_OUTPUT_ALERT" is ) AddFuncToOutputList(AlertFast, NT_OUTPUT_ALERT, data); -----------------------------------^ cc: Warning: spo_alert_fast.c, line 233: In this statement, "OpenAlertFile(...)) data->file = OpenAlertFile(NULL); --------^ cc: Warning: spo_alert_fast.c, line 237: In this statement, "mSplit(...)" of ty) toks = mSplit(args, " ", 2, &num_toks, 0); ----^ cc: Warning: spo_alert_fast.c, line 242: In this statement, "ProcessFileOption() filename = ProcessFileOption(toks[0]); --------^ cc: Warning: spo_alert_fast.c, line 243: In this statement, "OpenAlertFile(...)) data->file = OpenAlertFile(filename); --------^ *** Exit 1 Stop. *** Exit 1 Stop. *** Exit 1 Stop. *** Exit 1 Stop. /data8/snort-1.9.0# ---------------------------------------------------------------------- MCB, M & G House, Head Road, Douglas, Isle of Man IM1 5BF sysop () mcb net tel: +44 1624 623 841 fax: +44 1624 623 004 MCB Homepage on the MANNET Internet server: http://www.mcb.net ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort compilation on Tru Unix 4.0G System Operations (Feb 28)
- Re: snort compilation on Tru Unix 4.0G sam (Feb 28)
- Re: snort compilation on Tru Unix 4.0G Erek Adams (Mar 03)
- Re: snort compilation on Tru Unix 4.0G System Operations (Mar 03)
- Re: snort compilation on Tru Unix 4.0G Jeff Nathan (Mar 04)
- Re: snort compilation on Tru Unix 4.0G System Operations (Mar 06)
- Re: snort compilation on Tru Unix 4.0G Jeff Nathan (Mar 06)
- Re: snort compilation on Tru Unix 4.0G System Operations (Mar 06)
- Re: snort compilation on Tru Unix 4.0G Chris Green (Mar 06)
- Re: snort compilation on Tru Unix 4.0G System Operations (Mar 07)
- Re: snort compilation on Tru Unix 4.0G sam (Feb 28)