Snort mailing list archives
Re: [Snort-sigs] Snort-sigs Digest, Vol 75, Issue 1
From: PR <oly562 () gmail com>
Date: Sun, 19 Aug 2012 11:16:59 -0700
again, im starting to think find clues that this is indeed a 32bit to 64bit issue: here is what i found on wikipedia regarding -fPIC Such a library can be created with GCC by compiling the source file containing the new globals to be linked, with the -fpic or -fPIC option,[33] and linking with the -shared option.[34] The library has access to external symbols declared in the program like any other library. It is also possible to use debugger-based techniques on Unix-like systems.[35] also is there a tar that is 64bit, and not built for 32bit cpus? i think that would solve the daq/snort issue. your thoughts? pete On Sun, 2012-08-19 at 09:52 -0700, PR wrote:
here is the ./configure and make, i dont get past make... see below full stdout... suggestions? im running 10.04 Desktop 64bit arch, acidbase, trying to upgrade from 2.8.x to 2.9.x... unixrealm@vulcan:~/Downloads/Programs/Snort-2012$ cd daq-1.1.1/ unixrealm@vulcan:~/Downloads/Programs/Snort-2012/daq-1.1.1 $ ./configure checking for a BSD-compatible install... /usr/bin/install -c checking whether build environment is sane... yes checking for a thread-safe mkdir -p... /bin/mkdir -p checking for gawk... gawk checking whether make sets $(MAKE)... yes checking for gcc... gcc checking for C compiler default output file name... a.out checking whether the C compiler works... yes checking whether we are cross compiling... no checking for suffix of executables... checking for suffix of object files... o checking whether we are using the GNU C compiler... yes checking whether gcc accepts -g... yes checking for gcc option to accept ISO C89... none needed checking for style of include used by make... GNU checking dependency style of gcc... gcc3 checking build system type... x86_64-unknown-linux-gnu checking host system type... x86_64-unknown-linux-gnu checking for a sed that does not truncate output... /bin/sed checking for grep that handles long lines and -e... /bin/grep checking for egrep... /bin/grep -E checking for fgrep... /bin/grep -F checking for ld used by gcc... /usr/bin/ld checking if the linker (/usr/bin/ld) is GNU ld... yes checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm -B checking the name lister (/usr/bin/nm -B) interface... BSD nm checking whether ln -s works... yes checking the maximum length of command line arguments... 1572864 checking whether the shell understands some XSI constructs... yes checking whether the shell understands "+="... yes checking for /usr/bin/ld option to reload object files... -r checking for objdump... objdump checking how to recognize dependent libraries... pass_all checking for ar... ar checking for strip... strip checking for ranlib... ranlib checking command to parse /usr/bin/nm -B output from gcc object... ok checking how to run the C preprocessor... gcc -E checking for ANSI C header files... yes checking for sys/types.h... yes checking for sys/stat.h... yes checking for stdlib.h... yes checking for string.h... yes checking for memory.h... yes checking for strings.h... yes checking for inttypes.h... yes checking for stdint.h... yes checking for unistd.h... yes checking for dlfcn.h... yes checking for objdir... .libs checking if gcc supports -fno-rtti -fno-exceptions... no checking for gcc option to produce PIC... -fPIC -DPIC checking if gcc PIC flag -fPIC -DPIC works... yes checking if gcc static flag -static works... yes checking if gcc supports -c -o file.o... yes checking if gcc supports -c -o file.o... (cached) yes checking whether the gcc linker (/usr/bin/ld -m elf_x86_64) supports shared libraries... yes checking whether -lc should be explicitly linked in... no checking dynamic linker characteristics... GNU/Linux ld.so checking how to hardcode library paths into programs... immediate checking whether stripping libraries is possible... yes checking if libtool supports shared libraries... yes checking whether to build shared libraries... yes checking whether to build static libraries... yes checking for visibility support... yes checking CFLAGS for gcc -Wall... -Wall checking CFLAGS for gcc -Wwrite-strings... -Wwrite-strings checking CFLAGS for gcc -Wsign-compare... -Wsign-compare checking CFLAGS for gcc -Wcast-align... -Wcast-align checking CFLAGS for gcc -Wextra... -Wextra checking CFLAGS for gcc -Wformat... -Wformat checking CFLAGS for gcc -Wformat-security... -Wformat-security checking CFLAGS for gcc -Wno-unused-parameter... -Wno-unused-parameter checking CFLAGS for gcc -fno-strict-aliasing... -fno-strict-aliasing checking CFLAGS for gcc -fdiagnostics-show-option... -fdiagnostics-show-option checking CFLAGS for gcc -pedantic -std=c99 -D_GNU_SOURCE... -pedantic -std=c99 -D_GNU_SOURCE checking for getaddrinfo... yes checking for flex... flex checking for flex 2.4 or higher... yes checking for bison... bison checking linux/if_ether.h usability... yes checking linux/if_ether.h presence... yes checking for linux/if_ether.h... yes checking linux/if_packet.h usability... yes checking linux/if_packet.h presence... yes checking for linux/if_packet.h... yes checking pcap.h usability... yes checking pcap.h presence... yes checking for pcap.h... yes checking for pcap_lib_version in -lpcap... yes checking netinet/in.h usability... yes checking netinet/in.h presence... yes checking for netinet/in.h... yes checking libipq.h usability... yes checking libipq.h presence... yes checking for libipq.h... yes checking for linux/netfilter.h... yes checking for netinet/in.h... (cached) yes checking libnetfilter_queue/libnetfilter_queue.h usability... no checking libnetfilter_queue/libnetfilter_queue.h presence... no checking for libnetfilter_queue/libnetfilter_queue.h... no checking for linux/netfilter.h... (cached) yes checking for pcap.h... (cached) yes checking for pcap_lib_version... checking for pcap_lib_version in -lpcap... (cached) yes checking for libpcap version >= "1.0.0"... yes checking dnet.h usability... yes checking dnet.h presence... yes checking for dnet.h... yes checking dumbnet.h usability... no checking dumbnet.h presence... no checking for dumbnet.h... no checking for eth_set in -ldnet... yes checking for eth_set in -ldumbnet... no checking for dlopen in -ldl... yes checking for inttypes.h... (cached) yes checking for memory.h... (cached) yes checking netdb.h usability... yes checking netdb.h presence... yes checking for netdb.h... yes checking for netinet/in.h... (cached) yes checking for stdint.h... (cached) yes checking for stdlib.h... (cached) yes checking for string.h... (cached) yes checking sys/ioctl.h usability... yes checking sys/ioctl.h presence... yes checking for sys/ioctl.h... yes checking sys/param.h usability... yes checking sys/param.h presence... yes checking for sys/param.h... yes checking sys/socket.h usability... yes checking sys/socket.h presence... yes checking for sys/socket.h... yes checking sys/time.h usability... yes checking sys/time.h presence... yes checking for sys/time.h... yes checking for unistd.h... (cached) yes checking for inline... inline checking for size_t... yes checking for uint16_t... yes checking for uint32_t... yes checking for uint64_t... yes checking for uint8_t... yes checking for stdlib.h... (cached) yes checking for GNU libc compatible malloc... yes checking for stdlib.h... (cached) yes checking for unistd.h... (cached) yes checking for getpagesize... yes checking for working mmap... yes checking for gethostbyname... yes checking for getpagesize... (cached) yes checking for memset... yes checking for munmap... yes checking for socket... yes checking for strchr... yes checking for strcspn... yes checking for strdup... yes checking for strerror... yes checking for strrchr... yes checking for strstr... yes checking for strtoul... yes configure: creating ./config.status config.status: creating Makefile config.status: creating api/Makefile config.status: creating os-daq-modules/Makefile config.status: creating os-daq-modules/daq-modules-config config.status: creating sfbpf/Makefile config.status: creating config.h config.status: config.h is unchanged config.status: executing depfiles commands config.status: executing libtool commands Build AFPacket DAQ module.. : yes Build Dump DAQ module...... : yes Build IPFW DAQ module...... : yes Build IPQ DAQ module....... : yes Build NFQ DAQ module....... : no Build PCAP DAQ module...... : yes unixrealm@vulcan:~/Downloads/Programs/Snort-2012/daq-1.1.1$ make make all-recursive make[1]: Entering directory `/home/unixrealm/Downloads/Programs/Snort-2012/daq-1.1.1' Making all in api make[2]: Entering directory `/home/unixrealm/Downloads/Programs/Snort-2012/daq-1.1.1/api' make[2]: Nothing to be done for `all'. make[2]: Leaving directory `/home/unixrealm/Downloads/Programs/Snort-2012/daq-1.1.1/api' Making all in sfbpf make[2]: Entering directory `/home/unixrealm/Downloads/Programs/Snort-2012/daq-1.1.1/sfbpf' make[2]: Nothing to be done for `all'. make[2]: Leaving directory `/home/unixrealm/Downloads/Programs/Snort-2012/daq-1.1.1/sfbpf' Making all in os-daq-modules make[2]: Entering directory `/home/unixrealm/Downloads/Programs/Snort-2012/daq-1.1.1/os-daq-modules' /bin/bash ../libtool --tag=CC --mode=link gcc -DBUILDING_SO -g -O2 -fvisibility=hidden -Wall -Wwrite-strings -Wsign-compare -Wcast-align -Wextra -Wformat -Wformat-security -Wno-unused-parameter -fno-strict-aliasing -fdiagnostics-show-option -pedantic -std=c99 -D_GNU_SOURCE -module -export-dynamic -avoid-version -shared -L/usr/local/lib -ldnet -o daq_ipq.la -rpath /usr/local/lib/daq daq_ipq_la-daq_ipq.lo -lipq -L/usr/local/lib -ldnet ../sfbpf/libsfbpf.la libtool: link: gcc -shared .libs/daq_ipq_la-daq_ipq.o -Wl,-rpath -Wl,/home/unixrealm/Downloads/Programs/Snort-2012/daq-1.1.1/sfbpf/.libs -L/usr/local/lib -lipq /usr/local/lib/libdnet ../sfbpf/.libs/libsfbpf.so -Wl,-soname -Wl,daq_ipq.so -o .libs/daq_ipq.so /usr/bin/ld: /usr/lib/gcc/x86_64-linux-gnu/4.4.3/../../../../lib/libipq.a(libipq.o): relocation R_X86_64_32S against `ipq_errmap' can not be used when making a shared object; recompile with -fPIC /usr/lib/gcc/x86_64-linux-gnu/4.4.3/../../../../lib/libipq.a: could not read symbols: Bad value collect2: ld returned 1 exit status make[2]: *** [daq_ipq.la] Error 1 make[2]: Leaving directory `/home/unixrealm/Downloads/Programs/Snort-2012/daq-1.1.1/os-daq-modules' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/home/unixrealm/Downloads/Programs/Snort-2012/daq-1.1.1' make: *** [all] Error 2 unixrealm@vulcan:~/Downloads/Programs/Snort-2012/daq-1.1.1$ frustrating i tell ya... pete On Tue, 2012-08-14 at 14:45 -0700, PR wrote:here are the files for daq. make.out and config.log When install snort 2.9.x of course, is says, daq is not installed. so... first get daq as Joel suggests. thanks for your help, really! i simply want a nice easy way to update snort just like the good old days. ;) pete On Mon, 2012-08-13 at 09:28 -0400, Victor Roemer wrote:So your using snort-2.9.3 and daq-1.1.1 Could you send your 'config.log' and make output to us for analysis. The 'config.log' is generated after running $ ./configure When capturing the make output, we prefer to just have everything, via $ make &> make.out Then send us those files. Other information which we find useful is OS and OS version and gcc version. Thanks! Begin forwarded message: > From: PR <oly562 () gmail com> > > Subject: Re: [Snort-sigs] Snort-sigs Digest, Vol 75, > Issue 1 > > Date: August 6, 2012 3:23:49 PM EDT > > To: Joel Esler <jesler () sourcefire com> > > > sorry i used wrong nomenclature. i am at 2930 aka 2.9.3, > its daq at this point. when i try to install snort it > points to daq not installed, then daq points to error > use -fPIC. so what does -fPIC mean? cant find info about > it... any suggestions? oh and i remove each failed > compile, and untar each time. justa heads up, i know how > to compile from source, but somethings i need help with > like -fPIC > > On Mon, 2012-08-06 at 13:24 -0400, Joel Esler wrote: > > > I'm telling you that 2900 isn't supported. You should > > update to 2930 which is supported. > > > > > > > > On Aug 6, 2012, at 1:19 PM, PR <oly562 () gmail com> > > wrote: > > > > > > > im downloading from > > > http://www.snort.org/snort-downloads > > > > > > you are telling me they are not supported? huh??? > > > > > > On Mon, 2012-08-06 at 08:51 -0400, Joel Esler > > > wrote: > > > > > > > On Aug 5, 2012, at 7:46 PM, PR <oly562 () gmail com> > > > > wrote: > > > > > > > > > > > > > your thoughts? good link? simple cmd > > > > > instructions, maybe print your history for last > > > > > time you did this? little help, starting to get > > > > > annoyed when snort switches from 2800/2900 > > > > > version, and its NOT simple as it could be. > > > > > > > > > > > > 2900 isn't even supported anymore. > > > > > > > > > > > > http://www.snort.org/vrt/rules/eol_policy > > > > > > > > > > > > > > > > -- > > > > Joel Esler > > > > Senior Research Engineer, VRT > > > > OpenSource Community Manager > > > > Sourcefire > > > > > >
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re: [Snort-sigs] Snort-sigs Digest, Vol 75, Issue 1 PR (Aug 19)
- Re: [Snort-sigs] Snort-sigs Digest, Vol 75, Issue 1 Victor Roemer (Aug 20)