Menu
▾
▴
Re: [Snort-inline-users] Re: snort_inline-2.0.5 build error on RHEL3
|
From: Josh B. <jos...@li...> - 2003-12-05 02:48:59
|
Thanks for this information, the only workaround that I could find was replacing all instances of #include <net/if.h> with #include <net/linux.h> in the linux source. I figured that it would cause issues down the road, this will help alot. > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Not sure what RedHat has done with its kernel headers. I actually had to > do the following in order to get snort_inline to compile in RedHat 9.0 > with the default kernel and kernel headers: > > 1. Download the kernel source (best to get stable latest and greatest > from www.kernel.org). > 2. Build kernel from scratch (feel free to use RedHat's .config file). > 3. mv /usr/include/linux /usr/include/linux.orig > 4. cd /usr/include > 5. ln -s /usr/src/linux<new kernel source>/include/linux linux > (on my box: ln -s /usr/src/linux-2.4.22/include/linux linux) > Why do we do this? We are doing this to use the new kernel headers > vice the older ones installed on your default RedHat install located in > /usr/include/linux. > 6. Download the iptables source (www.iptables.org). > 7. Build iptables > a. make KERNEL_DIR=/usr/src/<new source> > b. make install KERNEL_DIR=/usr/src/<new source> > c. make install-devel > > **** CONSIDER REMOVING OLDER VERSIONS OF IPTABLES OFF SYSTEM. DEFAULT SRC > INSTALLS IPTABLES IN /usr/local/sbin and /usr/local/lib vice /usr/sbin and > /lib > > 8. Build snort_inline > > I really need to get off my butt and develop the snort_inline home page so > I can have a repository for documentation and FAQ. > > Rob > > On Thu, 4 Dec 2003, Matthew Callaway wrote: > >> Greetings, >> >> Is there a known problem building snort_inline (up to 2.0.5) against the >> glibc-kernheaders that come with Red Hat Enterprise Linux 3? >> >> The Error: >> >> gcc -DHAVE_CONFIG_H -I. -I. -I../.. -I../.. -I../../src >> -I/usr/include/pcap -I../../src/output-plugins >> -I../../src/detection-plugins -I../../src/preprocessors -I/usr/include >> -g -O2 -Wall -DGIDS -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD >> -DHAVE_NET_ETHERNET_H -DLIBNET_LIL_ENDIAN -c `test -f 'spo_alert_fast.c' >> || echo './'`spo_alert_fast.c >> In file included from /usr/include/linux/netfilter_ipv4/ip_queue.h:10, >> from /usr/include/libipq.h:37, >> from ../../src/inline.h:8, >> from ../../src/snort.h:38, >> from spo_alert_fast.c:51: >> /usr/include/linux/if.h:59: redefinition of `struct ifmap' >> /usr/include/linux/if.h:77: redefinition of `struct ifreq' >> /usr/include/linux/if.h:126: redefinition of `struct ifconf' >> make[3]: *** [spo_alert_fast.o] Error 1 >> make[3]: Leaving directory >> `/home/matt/src/BUILD/snort-2.0.5/src/output-plugins' >> make[2]: *** [all-recursive] Error 1 >> make[2]: Leaving directory `/home/matt/src/BUILD/snort-2.0.5/src' >> make[1]: *** [all-recursive] Error 1 >> make[1]: Leaving directory `/home/matt/src/BUILD/snort-2.0.5' >> make: *** [all] Error 2 >> >> >> [matt@obelisk SPECS]$ rpm -qf >> /usr/include/linux/netfilter_ipv4/ip_queue.h >> glibc-kernheaders-2.4-8.34 >> >> >> Some Googling finds: >> >> http://groups.google.com/groups?hl=en&lr=lang_en&ie=UTF-8&oe=UTF-8&safe=off&threadm=vmk8c6.6f4.ln%40batty&rnum=9&prev=/groups%3Fnum%3D100%26hl%3Den%26lr%3Dlang_en%26ie%3DUTF-8%26oe%3DUTF-8%26safe%3Doff%26q%3Dredefinition%2Bof%2B%2560struct%2Bifmap%27%26btnG%3DGoogle%2BSearch >> >> "Glibc has it's own definitions that often conflict with those in >> /usr/include/linux (the kernel). Programs that #include these kernel >> includes must be modified so that these includes are taken out and only >> the explicit kernel definitions that are needed are included. You can >> either attempt this yourself or wait =)." >> >> >> Do you favor <linux/if.h> or <net/if.h>? >> >> Can you add a ./configure switch to specify the path to alternate kernel >> includes via an environment variable? >> >> I note the difference between the glibc package and the kernel package: >> >> diff -u <kernel version> <glibc version> >> diff -u linux/include/linux/netfilter_ipv4/ip_queue.h >> /usr/include/linux/netfilter_ipv4/ip_queue.h >> --- >> /home/matt/src/BUILD/kernel-2.4.21/linux/include/linux/netfilter_ipv4/ip_queue.h >> 2000-08-10 14:35:15.000000000 -0500 >> +++ /usr/include/linux/netfilter_ipv4/ip_queue.h 2003-01-30 >> 12:03:23.000000000 -0600 >> @@ -7,15 +7,7 @@ >> #ifndef _IP_QUEUE_H >> #define _IP_QUEUE_H >> >> -#ifdef __KERNEL__ >> -#ifdef DEBUG_IPQ >> -#define QDEBUG(x...) printk(KERN_DEBUG ## x) >> -#else >> -#define QDEBUG(x...) >> -#endif /* DEBUG_IPQ */ >> -#else >> -#include <net/if.h> >> -#endif /* ! __KERNEL__ */ >> +#include <linux/if.h> >> >> /* Messages sent from kernel */ >> typedef struct ipq_packet_msg { >> >> >> >> Thanks, >> >> Matt >> >> >> > > -----BEGIN PGP SIGNATURE----- > Version: PGP 6.5.8 > Comment: Made with pgp4pine 1.76 > > iQA/AwUBP8/NGPnAyY+9KLjdEQJDkACgzmFlwCXeSHU7m7apZlLpEJ31UvMAmwf6 > WVoOFIZDWWHQ+KO6uZ4xinD3 > =Tw6F > -----END PGP SIGNATURE----- > > > > > ------------------------------------------------------- > This SF.net email is sponsored by: IBM Linux Tutorials. > Become an expert in LINUX or just sharpen your skills. Sign up for IBM's > Free Linux Tutorials. Learn everything from the bash shell to sys admin. > Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click > _______________________________________________ > Snort-inline-users mailing list > Sno...@li... > https://lists.sourceforge.net/lists/listinfo/snort-inline-users > Thanks, Josh Berry, CTO LinkNet-Solutions 469-831-8543 jos...@li... |
