snort-devel February 2014 archive
Main Archive Page > Month Archives  > snort-devel archives
snort-devel: Re: [Snort-devel] Cannot build Snort 2.9.5.6 with--

Re: [Snort-devel] Cannot build Snort 2.9.5.6 with--enable-build-dynamic-examples option

From: Hai Minh Nguyen <lightsea90_at_nospam>
Date: Fri Feb 14 2014 - 17:36:24 GMT
To: 손은영 <eyson@miritek.com>

Thank you 손은영, I compiled as you did, no use of
"--enable-build-dynamic-examples" and there was no error.

My goal is creating a dynamic prep with DPX 1.5 and Snort 2.9.5.6, and when
I tested DPX with Snort 2.9.5.6, it didnt work yet. Those functions
declared in DPX 1.5 didnt fit with prototyped functions in Snort library
because there are 'SnortConfig *' parameters in Snort lib functions but DPX
functions.

*I think Snort nearly added 'SnortConfig' data structure from 2.9.5 and DPX
1.5 can only work with 2.9.4.x and lower version where there is no
'SnortConfig'*. The trouble happened when I tried to compile with
--enable-build-dynamic-examples option because of the same reason.

I did some work-around, edited DPX functions and I built (run DPX's
build.sh) without error eventually. But when Snort loaded the dynamic prep
file (libdpx.so), it raised error: undefined LibVersion.

So, here it's my question: *How can I develop a dynamic preprocessor with
DPX 1.5 and Snort 2.9.5.6? How can I integrate them?*

P/S: My system is running with Snort 2.9.5.6 and it's difficult to
downgrade to lower version which can work with DPX 1.5.

On Fri, Feb 14, 2014 at 10:31 AM, 손은영 <eyson@miritek.com> wrote:

> Hi!
>
> I have compiled dynamic-example/dynamic-preprocessor as follows.
>
> ---------------------------------------------
> # cd dynamic-example/dynamic-preprocessor
> # make
> # make install
> ---------------------------------------------
>
> That's what I did a few days ago with snort-2.9.6.0 at linux.
>
> I hope it helps you.
>
> ----- Original Message -----
> *From:* Hai Minh Nguyen <lightsea90@gmail.com>
> *To:* snort-devel@lists.sourceforge.net
> *Sent:* Friday, February 14, 2014 11:49 AM
> *Subject:* [Snort-devel] Cannot build Snort 2.9.5.6
> with--enable-build-dynamic-examples option
>
> Hi,
>
> I'm gonna make a dynamic preprocessor with DPX 1.5 and Snort 2.9.5.6. But
> I cant build Snort with --enable-build-dynamic-examples option.
>
> Here it's the error:
>
> make[6]: Entering directory
> `/root/snort-2.9.5.6/src/dynamic-examples/dynamic-rule'
> /bin/bash ../../../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H
> -I. -I../../.. -I../include -I/usr/local/include -DZLIB -DGRE -DMPLS
> -DPPM_MGR -DNDEBUG -DENABLE_REACT -DENABLE_RESPOND -DENABLE_RESPONSE3
> -DSF_WCHAR -DTARGET_BASED -DPERF_PROFILING -DSNORT_RELOAD
> -DNO_NON_ETHER_DECODER -DNORMALIZER -DACTIVE_RESPONSE -g -O2
> -DSF_VISIBILITY -fvisibility=hidden -fno-strict-aliasing -Wall -c -o
> sfsnort_dynamic_detection_lib.lo sfsnort_dynamic_detection_lib.c
> libtool: compile: gcc -DHAVE_CONFIG_H -I. -I../../.. -I../include
> -I/usr/local/include -DZLIB -DGRE -DMPLS -DPPM_MGR -DNDEBUG -DENABLE_REACT
> -DENABLE_RESPOND -DENABLE_RESPONSE3 -DSF_WCHAR -DTARGET_BASED
> -DPERF_PROFILING -DSNORT_RELOAD -DNO_NON_ETHER_DECODER -DNORMALIZER
> -DACTIVE_RESPONSE -g -O2 -DSF_VISIBILITY -fvisibility=hidden
> -fno-strict-aliasing -Wall -c sfsnort_dynamic_detection_lib.c -fPIC -DPIC
> -o .libs/sfsnort_dynamic_detection_lib.o
> sfsnort_dynamic_detection_lib.c: In function 'InitializeDetection':
> sfsnort_dynamic_detection_lib.c:37:5: warning: passing argument 1 of
> 'RegisterRules' from incompatible pointer type [enabled by default]
> In file included from sfsnort_dynamic_detection_lib.c:26:0:
> ../include/sf_snort_plugin_api.h:430:20: note: expected 'struct
> _SnortConfig *' but argument is of type 'struct Rule **'
> sfsnort_dynamic_detection_lib.c:37:5: error: too few arguments to function
> 'RegisterRules'
> In file included from sfsnort_dynamic_detection_lib.c:26:0:
> ../include/sf_snort_plugin_api.h:430:20: note: declared here
> sfsnort_dynamic_detection_lib.c:38:1: warning: control reaches end of
> non-void function [-Wreturn-type]
> make[6]: *** [sfsnort_dynamic_detection_lib.lo] Error 1
> make[6]: Leaving directory
> `/root/snort-2.9.5.6/src/dynamic-examples/dynamic-rule'
> make[5]: *** [all] Error 2
> make[5]: Leaving directory
> `/root/snort-2.9.5.6/src/dynamic-examples/dynamic-rule'
> make[4]: *** [all-recursive] Error 1
> make[4]: Leaving directory `/root/snort-2.9.5.6/src/dynamic-examples'
> make[3]: *** [all] Error 2
> make[3]: Leaving directory `/root/snort-2.9.5.6/src/dynamic-examples'
> make[2]: *** [all-recursive] Error 1
> make[2]: Leaving directory `/root/snort-2.9.5.6/src'
> make[1]: *** [all-recursive] Error 1
> make[1]: Leaving directory `/root/snort-2.9.5.6'
> make: *** [all] Error 2
>
> Any idea?
>
> --
> Kiếm ma độc cô cầu bại - Ôi, một đời oanh liệt, chỉ mong được chiến bại
> một lần, nhưng chưa ai qua nổi quá tam chiêu!!!
>
> ------------------------------
>
>
> ------------------------------------------------------------------------------
> Android apps run on BlackBerry 10
> Introducing the new BlackBerry 10.2.1 Runtime for Android apps.
> Now with support for Jelly Bean, Bluetooth, Mapview and more.
> Get your Android app in front of a whole new audience. Start now.
>
> http://pubads.g.doubleclick.net/gampad/clk?id=124407151&iu=/4140/ostg.clktrk
>
> ------------------------------
>
> _______________________________________________
> Snort-devel mailing list
> Snort-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-devel
> Archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel
>
> Please visit http://blog.snort.org for the latest news about Snort!
>
>
>
> ------------------------------------------------------------------------------
> Android apps run on BlackBerry 10
> Introducing the new BlackBerry 10.2.1 Runtime for Android apps.
> Now with support for Jelly Bean, Bluetooth, Mapview and more.
> Get your Android app in front of a whole new audience. Start now.
>
> http://pubads.g.doubleclick.net/gampad/clk?id=124407151&iu=/4140/ostg.clktrk
> _______________________________________________
> Snort-devel mailing list
> Snort-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-devel
> Archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel
>
> Please visit http://blog.snort.org for the latest news about Snort!
>

-- Kiếm ma độc cô cầu bại - Ôi, một đời oanh liệt, chỉ mong được chiến bại một lần, nhưng chưa ai qua nổi quá tam chiêu!!!

------------------------------------------------------------------------------
Android apps run on BlackBerry 10
Introducing the new BlackBerry 10.2.1 Runtime for Android apps.
Now with support for Jelly Bean, Bluetooth, Mapview and more.
Get your Android app in front of a whole new audience. Start now.
http://pubads.g.doubleclick.net/gampad/clk?id=124407151&iu=/4140/ostg.clktrk

_______________________________________________
Snort-devel mailing list
Snort-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!