Snort mailing list archives
Re: Snort 2.9.0 Now Available
From: Alex Tatistcheff <alext () pobox com>
Date: Mon, 4 Oct 2010 21:38:59 -0600
If it helps I just "beat" it into submission on my Ubuntu test system. Seems I was having a problem with the binary locating libdnet.1 after the configure and make went fine, it was just that Snort wouldn't start. From my system which was formerly running 2.8 I had to: Download libdnet from the Google code repository http://code.google.com/p/libdnet untar configure make make install Download the DAQ from http://www.snort.org/snort-downloads untar configure make make install Download Snort 2.9 from snort.org. same as above using your selected configure options, I used. --enable-sourcefire --enable-targetbased --with-mysql --enable-inline-init-failopen However, my binary still wouldn't work because the libdnet had installed into /usr/local/lib instead of /usr/lib. So I created a sym link in /usr/lib to point to the library. ln -s /usr/local/lib/libdnet.1.0.1 /usr/lib/libdnet.1 After this Snort 2.9 started in all its glory. Hope this helps. Alex Tatistcheff alext () pobox com The most terrifying words in the English language are, "I'm from the government and I'm here to help." -Ronald Reagan On Mon, Oct 4, 2010 at 8:52 PM, waldo kitty <wkitty42 () windstream net> wrote:
On 10/4/2010 21:49, Russ Combs wrote:> * Snort no longer depends on libnet and uses libdnet instead. yeah, that really means nothing to this poor code jockey other thanyet anotherlib to figure out how to install and get compiled in myenvironment... i canonly imaging what the corporate side maintainers are going to face...they havebasically the same things to deal with that i do... i just have thechance to bea step or three ahead of them and make my releases as mods to theofficialrelease of the total package... FWIW, libnet is obsolete and increasingly hard to find. dnet makesthingseasier in that regard.i don't know, because i've not gone looking, if our environment even uses libnet, TBH... we're using GCC 3.3.5 and glibc 2.3.2 if that means anything... [time passes] the only libnet i find anywhere in our basic source directories seems to be win32 related for some package(s) we use that support that environment... since we're a *nix based environment, that one doesn't do us any good... [trim]AFAIK, we don't use DAQ in our setup... pcap seems to be what we usebut i'venot dug into the code to determine that... our official releases donot use anycompile time options at all... then again, our FOSS stuff is aimed atthosemachines that everyone is throwing away because they don't think theyhave anyuse left in them... sheesh, we're pulling P4's out of the dumpstersthesedays... with 1+Gig of RAM and "huge" HDs where we only need ~10G ofHD space...With 2.9.0, you *must* use the DAQ. By default, you will wind up using apcapDAQ, but the DAQ is a separate package that must be installed. This isnew for2.9.0.ugh! when does the madness end? :lol: i'll have to see if i can hunt up the archive for that... hopefully it is available at www.snort.org/ports/snort-current/Also, the NFQ and IPQ DAQs require libdnet, but so does Snort 2.9.0.this begs the question of why DAQ wasn't included in the 2.9.0 archive so that one only need grab that one archive, untar it and DAQ be available in the 2.9.0 source tree... it sure would make things a *lot* easier :? this release really should be 3.something instead of 2.9 with changes like these... but all we can do it either keep trying to move forward or dump snort in the bitbucket and find something else :? that's not my call so all i can do is try to keep beating snort into submission in my environment... it may very well turn out that it gets dumped if we can't get 2.9.0 working and especially if the rules updates get EOLed and leave our users with no rules to use... ------------------------------------------------------------------------------ Beautiful is writing same markup. Internet Explorer 9 supports standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 & L3. Spend less time writing and rewriting code and more time creating great experiences on the web. Be a part of the beta today. http://p.sf.net/sfu/beautyoftheweb _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------------------------------ Beautiful is writing same markup. Internet Explorer 9 supports standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 & L3. Spend less time writing and rewriting code and more time creating great experiences on the web. Be a part of the beta today. http://p.sf.net/sfu/beautyoftheweb
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: Snort 2.9.0 Now Available, (continued)
- Re: Snort 2.9.0 Now Available Russ Combs (Oct 04)
- Re: Snort 2.9.0 Now Available Joel Esler (Oct 04)
- Re: Snort 2.9.0 Now Available waldo kitty (Oct 04)
- Re: Snort 2.9.0 Now Available Marcos Rodriguez (Oct 04)
- Re: Snort 2.9.0 Now Available waldo kitty (Oct 04)
- Re: Snort 2.9.0 Now Available waldo kitty (Oct 04)
- Re: Snort 2.9.0 Now Available Eoin Miller (Oct 04)
- Re: Snort 2.9.0 Now Available waldo kitty (Oct 04)
- Re: Snort 2.9.0 Now Available Russ Combs (Oct 04)
- Re: Snort 2.9.0 Now Available waldo kitty (Oct 04)
- Re: Snort 2.9.0 Now Available Alex Tatistcheff (Oct 04)
- Re: Snort 2.9.0 Now Available Russ Combs (Oct 05)
- Re: Snort 2.9.0 Now Available waldo kitty (Oct 05)
- Re: Snort 2.9.0 Now Available Russ Combs (Oct 05)
- Re: Snort 2.9.0 Now Available waldo kitty (Oct 05)
- Re: Snort 2.9.0 Now Available Russ Combs (Oct 05)
- Re: Snort 2.9.0 Now Available Crook, Parker (Oct 08)
- Re: Snort 2.9.0 Now Available Michael Altizer (Oct 08)
- Re: Snort 2.9.0 Now Available Crook, Parker (Oct 08)