snort-devel February 2014 archive
Main Archive Page > Month Archives  > snort-devel archives
snort-devel: Re: [Snort-devel] Unable to Compile DPX.C (original

Re: [Snort-devel] Unable to Compile DPX.C (original file) (dpx-1.6 version)

From: Russ Combs (rucombs) <rucombs_at_nospam>
Date: Wed Feb 19 2014 - 19:40:17 GMT
To: Amtul Saboor <saboor.amtul@gmail.com>

You need to follow the README. First set setup.sh, then do ./build.sh, then ./test.sh.

________________________________
From: Amtul Saboor [saboor.amtul@gmail.com]
Sent: Wednesday, February 19, 2014 1:29 PM
To: Russ Combs (rucombs)
Subject: Re: [Snort-devel] Unable to Compile DPX.C (original file) (dpx-1.6 version)

Ok here is the situation. Installed Snort 2.9.6.0, installed DPX-1.6 on another directory. Still got same errors when compiled the dpx.c file, the main errors were that it was unable to find .h files, i changed he paths of header files accordingly and the errors were removed.

Now I am successful at compiling the original DPX.C without any errors, please note i gave followng command:

gcc -c dpx.c -o dpx.o

It made the dpx.o file. But now ./test.sh command gives this error:

/dpx-1.6# ./test.sh
Running in IDS mode

        --== Initializing Snort ==--
Initializing Output Plugins!
Initializing Preprocessors!
Initializing Plug-ins!
Parsing Rules file "test/snort.conf"
Tagged Packet Limit: 256
Loading all dynamic preprocessor libs from lib/snort_dynamicpreprocessor...
  Loading dynamic preprocessor library lib/snort_dynamicpreprocessor/libdpx.so... done
  Finished Loading all dynamic preprocessor libs from lib/snort_dynamicpreprocessor
Log directory = /var/log/snort
ERROR: test/snort.conf(3) Unknown preprocessor: "dpx".
Fatal Error, Quitting..

Please guide little more. Thanks alot for following and guiding

On Wed, Feb 19, 2014 at 11:07 PM, Russ Combs (rucombs) <rucombs@cisco.com<mailto:rucombs@cisco.com>> wrote:
dpx 1.6 and Snort 2.9.4.* do not mix. You need to get the latest Snort source from snort.org<http://snort.org>.
________________________________
From: Amtul Saboor [saboor.amtul@gmail.com<mailto:saboor.amtul@gmail.com>]
Sent: Wednesday, February 19, 2014 12:27 PM
To: Russ Combs (rucombs)

Subject: Re: [Snort-devel] Unable to Compile DPX.C (original file) (dpx-1.6 version)

Just a small correction in my previous message:

I am using snort-2.9.4.0 and yes its pointing to right version of snort because i only hv one snort folder. If wrong snort folder path is given then ./setup.sh gives error of snort directory .

Also please note i m able to see the expected output when i type ./test.sh bűt dpx.c file has those errors. Both these things r happening always . I have tried fresh installation of everything 3 times .

Note: I am using BackTrack R3 (installed snort from official website myself, not using the by default installed Snort of BackTrack), maybe changing Linux version might work.. Does anyone has any idea about it?

On Tue, Feb 18, 2014 at 7:56 PM, Amtul Saboor <saboor.amtul@gmail.com<mailto:saboor.amtul@gmail.com>> wrote:

I am using snort-2.9.4.6 and yes its pointing to right version of snort because i only hv one snort folder. If wrong snort folder path is given then ./setup.sh gives error of snort directory .

Also please note i m able to see the expected output when i type ./test.sh bűt dpx.c file has those errors. Both these things r happening always . I have tried fresh installation of everything 3 times .

On Feb 18, 2014 7:41 PM, "Russ Combs (rucombs)" <rucombs@cisco.com<mailto:rucombs@cisco.com>> wrote:
What version of Snort are you using? Are you sure that setup.sh points to the correct Snort top level directory?

If you were able to make it before, something has to be broken in your environment / setup.

________________________________
From: Amtul Saboor [saboor.amtul@gmail.com<mailto:saboor.amtul@gmail.com>]
Sent: Tuesday, February 18, 2014 4:18 AM
To: Russ Combs (rucombs)
Cc: <snort-devel@lists.sourceforge.net<mailto:snort-devel@lists.sourceforge.net>>
Subject: Re: [Snort-devel] Unable to Compile DPX.C (original file) (dpx-1.6 version)

Hello

Starting over in a new directory did not help. , facing same issues :

i am unable to compile even the original DPX.C file (without any changes ) .

I am afraid how can i make changes in dpx.c if the original file has so many errors.
NOTE: With all these errors in the dpx.c file, ./test.sh command runs fine, seems that DPX.C file has been deliberately left with some errors.

Here is the list of errors, (i have configured snort with enable dynamic examples option) :

/usr/src/dpx-new/src# gcc -c dpx.c
In file included from dpx.c:33:
/snort-2.9.6.0/src/snort_
debug.h:81: error: expected ‘)’ before ‘dbg’
dpx.c:36:48: error: /snort-2.9.6.0/src/sf_snort_packet.h: No such file or directory
dpx.c:37:55: error: /snort-2.9.6.0/src/sf_dynamic_preproc_lib.h: No such file or directory
dpx.c:38:56: error: /snort-2.9.6.0/src/sf_dynamic_preprocessor.h: No such file or directory
dpx.c:39:41: error: /snort-2.9.6.0/src/sfPolicy.h: No such file or directory
dpx.c:40:49: error: /snort-2.9.6.0/src/sfPolicyUserData.h: No such file or directory
dpx.c:62: error: expected specifier-qualifier-list before ‘uint16_t’
dpx.c:67: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘curr_data’
dpx.c:69: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘_dpd’
dpx.c:71: warning: ‘struct _SnortConfig’ declared inside parameter list
dpx.c:71: warning: its scope is only this definition or declaration, which is probably not what you want
dpx.c:85: error: expected ‘)’ before ‘pid’
dpx.c:131: error: expected ‘)’ before ‘config’
dpx.c:146: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘DPX_New’
dpx.c: In function ‘DPX_Delete’:
dpx.c:176: error: ‘tSfPolicyUserContextId’ undeclared (first use in this function)
dpx.c:176: error: (Each undeclared identifier is reported only once
dpx.c:176: error: for each function it appears in.)
dpx.c:176: error: expected ‘;’ before ‘config’
dpx.c:181: error: ‘config’ undeclared (first use in this function)
dpx.c:181: error: ‘DPX_Free’ undeclared (first use in this function)
dpx.c: In function ‘DPX_Setup’:
dpx.c:194: error: ‘_dpd’ undeclared (first use in this function)
dpx.c: At top level:
dpx.c:205: warning: ‘struct _SnortConfig’ declared inside parameter list
dpx.c:205: error: conflicting types for ‘DPX_Init’
dpx.c:71: note: previous declaration of ‘DPX_Init’ was here
dpx.c: In function ‘DPX_Init’:
dpx.c:207: error: ‘curr_data’ undeclared (first use in this function)
dpx.c:209: error: ‘_dpd’ undeclared (first use in this function)
dpx.c:210: error: ‘PROTO_BIT__TCP’ undeclared (first use in this function)
dpx.c:210: error: ‘PROTO_BIT__UDP’ undeclared (first use in this function)
dpx.c: In function ‘DPX_Term’:
dpx.c:217: error: ‘curr_data’ undeclared (first use in this function)
dpx.c: In function ‘DPX_Process’:
dpx.c:259: error: ‘SFSnortPacket’ undeclared (first use in this function)
dpx.c:259: error: ‘p’ undeclared (first use in this function)
dpx.c:259: error: expected expression before ‘)’ token
dpx.c:260: error: ‘tSfPolicyId’ undeclared (first use in this function)
dpx.c:260: error: expected ‘;’ before ‘pid’
dpx.c:263: error: ‘curr_data’ undeclared (first use in this function)
dpx.c:263: error: ‘pid’ undeclared (first use in this function)
dpx.c:266: warning: incompatible implicit declaration of built-in function ‘printf’
dpx.c:280: error: ‘DPX_Config’ has no member named ‘portToCheck’
dpx.c:283: error: ‘_dpd’ undeclared (first use in this function)
dpx.c:288: error: ‘DPX_Config’ has no member named ‘portToCheck’

On Tue, Feb 18, 2014 at 1:41 AM, Amtul Saboor <saboor.amtul@gmail.com<mailto:saboor.amtul@gmail.com>> wrote:
Thanks Russ

Here are the answers:

2. Nothing changed from #1, i am successfully running ./test.sh
command, at the same time, unable to compile dpx.c with gcc command.
gives the mentioned errors. That is confusing.

3. Ok i am starting over in a new directory . Will let you know the results.

Thanks again

On 2/17/14, Russ Combs (rucombs) <rucombs@cisco.com<mailto:rucombs@cisco.com>> wrote:
> I'm not clear on the issue here:
>
> 1. You configured and ran successfully dpx 1.6 with Snort 2.9.4.6; good.
>
> 2. You can't compile dxp.c. With what version? What changed from #1?
>
> 3. You can run test.sh with the errors from #2?? That means you still have
> an old lib you are running.
>
> You need to start over in a new directory and see what you get. Also, what
> version is now failing?
>
> ________________________________
> From: Amtul Saboor [saboor.amtul@gmail.com<mailto:saboor.amtul@gmail.com>]
> Sent: Monday, February 17, 2014 1:10 PM
> To: <snort-devel@lists.sourceforge.net<mailto:snort-devel@lists.sourceforge.net>>
> Subject: [Snort-devel] Unable to Compile DPX.C (original file) (dpx-1.6
> version)
>
> Hello
>
> I am starting new thread, i already successfully configured and ran DPX-1.6
> with snort-2.9.4.6 version. but I am slightly confused , since i am unable
> to compile even the original DPX.C file (without any changes ) .
>
> I am afraid how can i make changes in dpx.c if the original file has so many
> errors.
> NOTE: With all these errors in the dpx.c file, ./test.sh command runs fine,
> seems that DPX.C file has been deliberately left with some errors.
>
> Here is the list of errors, (i have configured snort with enable dynamic
> examples option) :
>
> /usr/src/dpx-new/src# gcc -c dpx.c
> In file included from dpx.c:33:
> /snort-2.9.6.0/src/snort_debug.h:81: error: expected ')' before 'dbg'
> dpx.c:36:48: error: /snort-2.9.6.0/src/sf_snort_packet.h: No such file or
> directory
> dpx.c:37:55: error: /snort-2.9.6.0/src/sf_dynamic_preproc_lib.h: No such
> file or directory
> dpx.c:38:56: error: /snort-2.9.6.0/src/sf_dynamic_preprocessor.h: No such
> file or directory
> dpx.c:39:41: error: /snort-2.9.6.0/src/sfPolicy.h: No such file or
> directory
> dpx.c:40:49: error: /snort-2.9.6.0/src/sfPolicyUserData.h: No such file or
> directory
> dpx.c:62: error: expected specifier-qualifier-list before 'uint16_t'
> dpx.c:67: error: expected '=', ',', ';', 'asm' or '__attribute__' before
> 'curr_data'
> dpx.c:69: error: expected '=', ',', ';', 'asm' or '__attribute__' before
> '_dpd'
> dpx.c:71: warning: 'struct _SnortConfig' declared inside parameter list
> dpx.c:71: warning: its scope is only this definition or declaration, which
> is probably not what you want
> dpx.c:85: error: expected ')' before 'pid'
> dpx.c:131: error: expected ')' before 'config'
> dpx.c:146: error: expected '=', ',', ';', 'asm' or '__attribute__' before
> 'DPX_New'
> dpx.c: In function 'DPX_Delete':
> dpx.c:176: error: 'tSfPolicyUserContextId' undeclared (first use in this
> function)
> dpx.c:176: error: (Each undeclared identifier is reported only once
> dpx.c:176: error: for each function it appears in.)
> dpx.c:176: error: expected ';' before 'config'
> dpx.c:181: error: 'config' undeclared (first use in this function)
> dpx.c:181: error: 'DPX_Free' undeclared (first use in this function)
> dpx.c: In function 'DPX_Setup':
> dpx.c:194: error: '_dpd' undeclared (first use in this function)
> dpx.c: At top level:
> dpx.c:205: warning: 'struct _SnortConfig' declared inside parameter list
> dpx.c:205: error: conflicting types for 'DPX_Init'
> dpx.c:71: note: previous declaration of 'DPX_Init' was here
> dpx.c: In function 'DPX_Init':
> dpx.c:207: error: 'curr_data' undeclared (first use in this function)
> dpx.c:209: error: '_dpd' undeclared (first use in this function)
> dpx.c:210: error: 'PROTO_BIT__TCP' undeclared (first use in this function)
> dpx.c:210: error: 'PROTO_BIT__UDP' undeclared (first use in this function)
> dpx.c: In function 'DPX_Term':
> dpx.c:217: error: 'curr_data' undeclared (first use in this function)
> dpx.c: In function 'DPX_Process':
> dpx.c:259: error: 'SFSnortPacket' undeclared (first use in this function)
> dpx.c:259: error: 'p' undeclared (first use in this function)
> dpx.c:259: error: expected expression before ')' token
> dpx.c:260: error: 'tSfPolicyId' undeclared (first use in this function)
> dpx.c:260: error: expected ';' before 'pid'
> dpx.c:263: error: 'curr_data' undeclared (first use in this function)
> dpx.c:263: error: 'pid' undeclared (first use in this function)
> dpx.c:266: warning: incompatible implicit declaration of built-in function
> 'printf'
> dpx.c:280: error: 'DPX_Config' has no member named 'portToCheck'
> dpx.c:283: error: '_dpd' undeclared (first use in this function)
> dpx.c:288: error: 'DPX_Config' has no member named 'portToCheck'
>
>
>
>
>
> Kindly help.
>
>
> Thanks.
>
>

-- *Amtul Saboor* * -- Amtul Saboor MS (Information Security) Military College of Signals, National University of Science & Technology, Rawalpindi Pakistan -- Amtul Saboor MS (Information Security) Military College of Signals, National University of Science & Technology, Rawalpindi Pakistan

------------------------------------------------------------------------------
Managing the Performance of Cloud-Based Applications
Take advantage of what the Cloud has to offer - Avoid Common Pitfalls.
Read the Whitepaper.
http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk

_______________________________________________
Snort-devel mailing list
Snort-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!