[Slackbuilds-users] snort needs update?
Bob Beers
bob.beers at gmail.com
Fri Apr 20 20:29:31 UTC 2007
snort# diff -burP snort snort-2.6.1.4-build
diff -burP snort/snort.SlackBuild snort-2.6.1.4-build/snort.SlackBuild
--- snort/snort.SlackBuild 2007-01-28 22:22:46.000000000 -0500
+++ snort-2.6.1.4-build/snort.SlackBuild 2007-04-20
13:57:33.000000000 -0400
@@ -22,7 +22,7 @@
# Modified by the SlackBuilds.org project
PRGNAM=snort
-VERSION=2.6.1.2
+VERSION=2.6.1.4
ARCH=${ARCH:-i486}
BUILD=${BUILD:-1}
TAG=${TAG:-_SBo}
diff -burP snort/snort.info snort-2.6.1.4-build/snort.info
--- snort/snort.info 2006-12-19 16:33:55.000000000 -0500
+++ snort-2.6.1.4-build/snort.info 2007-04-20 13:57:50.000000000 -0400
@@ -1,7 +1,7 @@
PRGNAM=snort
-VERSION=2.6.1.2
+VERSION=2.6.1.4
HOMEPAGE=http://www.snort.org/
-DOWNLOAD=http://www.snort.org/dl/current/snort-2.6.1.2.tar.gz
+DOWNLOAD=http://www.snort.org/dl/current/snort-2.6.1.4.tar.gz
MD5SUM=22c448e25538cdf74c62abe586aeac0a
AUTHOR=Alan_Hicks
EMAIL=alan at lizella.net
snort 2.6.1.4 package gets built,
there are these warnings during compile:
gcc -DHAVE_CONFIG_H -I. -I. -I../.. -I../.. -I../../src
-I../../src/sfutil -I/usr/include/pcap -I../../src/output-plugins
-I../../src/detection-plugins -I../../src/dynamic-plugins
-I../../src/preprocessors -I../../src/preprocessors/flow
-I../../src/preprocessors/portscan
-I../../src/preprocessors/flow/int-snort
-I../../src/preprocessors/HttpInspect/include
-I../../src/preprocessors/Stream5 -I/usr/include/mysql -DENABLE_MYSQL
-O2 -march=i486 -mtune=i686 -Wall -DLINUX_SMP -c spp_stream4.c
../../src/bounds.h:127: warning: 'SafeWrite' defined but not used
../../src/sfutil/bitop_funcs.h:72: warning: 'boInitStaticBITOP'
defined but not used
../../src/sfutil/bitop_funcs.h:182: warning: 'boSetAllBits' defined but not used
../../src/sfutil/bitop_funcs.h:204: warning: 'boSetBit' defined but not used
../../src/sfutil/bitop_funcs.h:238: warning: 'boIsBitSet' defined but not used
../../src/sfutil/bitop_funcs.h:271: warning: 'boClearBit' defined but not used
../../src/sfutil/bitop_funcs.h:304: warning: 'boClearByte' defined but not used
../../src/sfutil/bitop_funcs.h:336: warning: 'boFreeBITOP' defined but not used
../../src/preprocessors/flow/int-snort/flow_packet.h:31: warning:
'IsIPv4Packet' defined but not used
../../src/preprocessors/flow/int-snort/flow_packet.h:48: warning:
'IsTcpPacket' defined but not used
../../src/preprocessors/flow/int-snort/flow_packet.h:65: warning:
'GetTcpFlags' defined but not used
../../src/preprocessors/flow/int-snort/flow_packet.h:87: warning:
'GetIPv4SrcPort' defined but not used
../../src/preprocessors/flow/int-snort/flow_packet.h:109: warning:
'GetIPv4DstPort' defined but not used
../../src/preprocessors/flow/int-snort/flow_packet.h:130: warning:
'GetIPv4Proto' defined but not used
../../src/preprocessors/flow/int-snort/flow_packet.h:152: warning:
'GetIPv4SrcIp' defined but not used
../../src/preprocessors/flow/int-snort/flow_packet.h:175: warning:
'GetIPv4DstIp' defined but not used
../../src/preprocessors/flow/int-snort/flow_packet.h:193: warning:
'GetIPv4Len' defined but not used
../../src/preprocessors/flow/flow.h:89: warning: 'flow_mark' defined
but not used
../../src/preprocessors/flow/flow.h:100: warning: 'flow_checkflag'
defined but not used
I don't know if that is ok or not.
I proceed.
I did not change any of the config files in /etc/snort.
I installed snortrules into /etc/snort/ and linked at /etc/rules.
starting snort-2.6.1.4 fails like this:
root at typhlosion:/etc/snort# snort
Running in IDS mode with inferred config file: ./snort.conf
--== Initializing Snort ==--
Initializing Output Plugins!
Var 'any_ADDRESS' defined, value len = 15 chars, value = 0.0.0.0/0.0.0.0
Var 'lo_ADDRESS' defined, value len = 19 chars, value = 127.0.0.0/255.0.0.0
Initializing Preprocessors!
Initializing Plug-ins!
Parsing Rules file ./snort.conf
+++++++++++++++++++++++++++++++++++++++++++++++++++
Initializing rule chains...
Var 'HOME_NET' defined, value len = 3 chars, value = any
Var 'EXTERNAL_NET' defined, value len = 3 chars, value = any
Var 'DNS_SERVERS' defined, value len = 3 chars, value = any
Var 'SMTP_SERVERS' defined, value len = 3 chars, value = any
Var 'HTTP_SERVERS' defined, value len = 3 chars, value = any
Var 'SQL_SERVERS' defined, value len = 3 chars, value = any
Var 'TELNET_SERVERS' defined, value len = 3 chars, value = any
Var 'SNMP_SERVERS' defined, value len = 3 chars, value = any
Var 'HTTP_PORTS' defined, value len = 2 chars, value = 80
Var 'SHELLCODE_PORTS' defined, value len = 3 chars, value = !80
Var 'ORACLE_PORTS' defined, value len = 4 chars, value = 1521
Var 'AIM_SERVERS' defined, value len = 185 chars
[64.12.24.0/23,64.12.28.0/23,64.12.161.0/24,64.12.163.0/24,64.12.200.0/24,205.188.3.0/24,205.188.5.0/24,205.188.7.0/24,205.188.9
.0/24,205.188.153.0/24,205.188.179.0/24,205.188.248.0/24]
Var 'RULE_PATH' defined, value len = 8 chars, value = ../rules
ERROR: ./snort.conf(197) => Unknown rule type: dynamicpreprocessor
Fatal Error, Quitting..
root at typhlosion:/etc/snort#
line 197 of snort.conf is this:
dynamicpreprocessor directory /usr/local/lib/snort_dynamicpreprocessor/
but I don't have anything in /usr/local/lib/.
Is this a package problem, a snort problem, or a newb problem?
-Bob
More information about the Slackbuilds-users
mailing list