Thread: [Snort-inline-users] snort_inline-2.6.1.5 nfnetlink_queue WARNING

Brought to you by: count_zero_rod, redmaze, vicjul78

snort-inline-users

[Snort-inline-users] snort_inline-2.6.1.5 nfnetlink_queue WARNING

From: <ch...@os...> - 2007-10-16 13:20:46

I encountered such a problem when i configure snort_inline-2.6.1.5 with
"--enable-nfnetlink" option ,description of the issue as follows:
--------------------------------------
.......................
checking linux/netfilter/nfnetlink_queue.h usability... no
checking linux/netfilter/nfnetlink_queue.h presence... yes
configure: WARNING: linux/netfilter/nfnetlink_queue.h: present but cannot
be compiled
configure: WARNING: linux/netfilter/nfnetlink_queue.h:     check for
missing prerequisite headers?
configure: WARNING: linux/netfilter/nfnetlink_queue.h: see the Autoconf
documentation
configure: WARNING: linux/netfilter/nfnetlink_queue.h:     section
"Present But Cannot Be Compiled"
configure: WARNING: linux/netfilter/nfnetlink_queue.h: proceeding with the
preprocessor's result
configure: WARNING: linux/netfilter/nfnetlink_queue.h: in the future, the
compiler will take precedence
configure: WARNING:     ## ------------------------------------------ ##
configure: WARNING:     ## Report this to the AC_PACKAGE_NAME lists.  ##
configure: WARNING:     ## ------------------------------------------ ##
checking for linux/netfilter/nfnetlink_queue.h... yes
checking libnetfilter_queue/libnetfilter_queue.h usability... yes
checking libnetfilter_queue/libnetfilter_queue.h presence... yes
checking for libnetfilter_queue/libnetfilter_queue.h... yes
checking for nfqnl_open in -lnetfilter_queue... no
checking for nfq_set_queue_maxlen in -lnetfilter_queue... no
.................................
---------------------------------------------------------------------
I am using libnetfilter_queue-0.0.12 and libnfnetlink-0.0.16 , The
installation process both are "./configure && make && make install"
I do not have to recompile the kernel,because I see that kernel  already 
support the nfnetfilter_queue feature ( at /boot/config-2.6.20-15   ->
CONFIG_NETFILTER_NETLINK_QUEUE=m) .

what wrong with my installation?  and how can i debug it ?
I think my previous question (Segmentation fault and snort_inline stop 
when using namp  ) may be related to the issue

Best Reagrds

ChunXin

Re: [Snort-inline-users] snort_inline-2.6.1.5 nfnetlink_queue WARNING

From: Will M. <wil...@gm...> - 2007-10-16 13:35:24

do you even need multiple queue support?

On 10/16/07, ch...@os... <ch...@os...> wrote:
>
> I encountered such a problem when i configure snort_inline-2.6.1.5 with
> "--enable-nfnetlink" option ,description of the issue as follows:
> --------------------------------------
> .......................
> checking linux/netfilter/nfnetlink_queue.h usability... no
> checking linux/netfilter/nfnetlink_queue.h presence... yes
> configure: WARNING: linux/netfilter/nfnetlink_queue.h: present but cannot
> be compiled
> configure: WARNING: linux/netfilter/nfnetlink_queue.h:     check for
> missing prerequisite headers?
> configure: WARNING: linux/netfilter/nfnetlink_queue.h: see the Autoconf
> documentation
> configure: WARNING: linux/netfilter/nfnetlink_queue.h:     section
> "Present But Cannot Be Compiled"
> configure: WARNING: linux/netfilter/nfnetlink_queue.h: proceeding with the
> preprocessor's result
> configure: WARNING: linux/netfilter/nfnetlink_queue.h: in the future, the
> compiler will take precedence
> configure: WARNING:     ## ------------------------------------------ ##
> configure: WARNING:     ## Report this to the AC_PACKAGE_NAME lists.  ##
> configure: WARNING:     ## ------------------------------------------ ##
> checking for linux/netfilter/nfnetlink_queue.h... yes
> checking libnetfilter_queue/libnetfilter_queue.h usability... yes
> checking libnetfilter_queue/libnetfilter_queue.h presence... yes
> checking for libnetfilter_queue/libnetfilter_queue.h... yes
> checking for nfqnl_open in -lnetfilter_queue... no
> checking for nfq_set_queue_maxlen in -lnetfilter_queue... no
> .................................
> ---------------------------------------------------------------------
> I am using libnetfilter_queue-0.0.12 and libnfnetlink-0.0.16 , The
> installation process both are "./configure && make && make install"
> I do not have to recompile the kernel,because I see that kernel  already
> support the nfnetfilter_queue feature ( at /boot/config-2.6.20-15   ->
> CONFIG_NETFILTER_NETLINK_QUEUE=m) .
>
> what wrong with my installation?  and how can i debug it ?
> I think my previous question (Segmentation fault and snort_inline stop
> when using namp  ) may be related to the issue
>
> Best Reagrds
>
> ChunXin
>
>

Re: [Snort-inline-users] snort_inline-2.6.1.5 nfnetlink_queue WARNING

From: <ch...@os...> - 2007-10-16 15:55:15

Yeah , Can you help me ?

> do you even need multiple queue support?
>
> On 10/16/07, ch...@os... <ch...@os...> wrote:
>>
>> I encountered such a problem when i configure snort_inline-2.6.1.5 with
>> "--enable-nfnetlink" option ,description of the issue as follows:
>> --------------------------------------
>> .......................
>> checking linux/netfilter/nfnetlink_queue.h usability... no
>> checking linux/netfilter/nfnetlink_queue.h presence... yes
>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: present but
>> cannot
>> be compiled
>> configure: WARNING: linux/netfilter/nfnetlink_queue.h:     check for
>> missing prerequisite headers?
>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: see the Autoconf
>> documentation
>> configure: WARNING: linux/netfilter/nfnetlink_queue.h:     section
>> "Present But Cannot Be Compiled"
>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: proceeding with
>> the
>> preprocessor's result
>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: in the future,
>> the
>> compiler will take precedence
>> configure: WARNING:     ## ------------------------------------------ ##
>> configure: WARNING:     ## Report this to the AC_PACKAGE_NAME lists.  ##
>> configure: WARNING:     ## ------------------------------------------ ##
>> checking for linux/netfilter/nfnetlink_queue.h... yes
>> checking libnetfilter_queue/libnetfilter_queue.h usability... yes
>> checking libnetfilter_queue/libnetfilter_queue.h presence... yes
>> checking for libnetfilter_queue/libnetfilter_queue.h... yes
>> checking for nfqnl_open in -lnetfilter_queue... no
>> checking for nfq_set_queue_maxlen in -lnetfilter_queue... no
>> .................................
>> ---------------------------------------------------------------------
>> I am using libnetfilter_queue-0.0.12 and libnfnetlink-0.0.16 , The
>> installation process both are "./configure && make && make install"
>> I do not have to recompile the kernel,because I see that kernel  already
>> support the nfnetfilter_queue feature ( at /boot/config-2.6.20-15   ->
>> CONFIG_NETFILTER_NETLINK_QUEUE=m) .
>>
>> what wrong with my installation?  and how can i debug it ?
>> I think my previous question (Segmentation fault and snort_inline stop
>> when using namp  ) may be related to the issue
>>
>> Best Reagrds
>>
>> ChunXin
>>
>>
>

Re: [Snort-inline-users] snort_inline-2.6.1.5 nfnetlink_queue WARNING

From: Victor J. <li...@in...> - 2007-10-16 21:11:35

Where did you install the libnetfilter_queue library? If you didn't
install it in /usr please try that...

Cheers,
Victor


ch...@os... wrote:
> Yeah , Can you help me ?
>
>   
>> do you even need multiple queue support?
>>
>> On 10/16/07, ch...@os... <ch...@os...> wrote:
>>     
>>> I encountered such a problem when i configure snort_inline-2.6.1.5 with
>>> "--enable-nfnetlink" option ,description of the issue as follows:
>>> --------------------------------------
>>> .......................
>>> checking linux/netfilter/nfnetlink_queue.h usability... no
>>> checking linux/netfilter/nfnetlink_queue.h presence... yes
>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: present but
>>> cannot
>>> be compiled
>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h:     check for
>>> missing prerequisite headers?
>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: see the Autoconf
>>> documentation
>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h:     section
>>> "Present But Cannot Be Compiled"
>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: proceeding with
>>> the
>>> preprocessor's result
>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: in the future,
>>> the
>>> compiler will take precedence
>>> configure: WARNING:     ## ------------------------------------------ ##
>>> configure: WARNING:     ## Report this to the AC_PACKAGE_NAME lists.  ##
>>> configure: WARNING:     ## ------------------------------------------ ##
>>> checking for linux/netfilter/nfnetlink_queue.h... yes
>>> checking libnetfilter_queue/libnetfilter_queue.h usability... yes
>>> checking libnetfilter_queue/libnetfilter_queue.h presence... yes
>>> checking for libnetfilter_queue/libnetfilter_queue.h... yes
>>> checking for nfqnl_open in -lnetfilter_queue... no
>>> checking for nfq_set_queue_maxlen in -lnetfilter_queue... no
>>> .................................
>>> ---------------------------------------------------------------------
>>> I am using libnetfilter_queue-0.0.12 and libnfnetlink-0.0.16 , The
>>> installation process both are "./configure && make && make install"
>>> I do not have to recompile the kernel,because I see that kernel  already
>>> support the nfnetfilter_queue feature ( at /boot/config-2.6.20-15   ->
>>> CONFIG_NETFILTER_NETLINK_QUEUE=m) .
>>>
>>> what wrong with my installation?  and how can i debug it ?
>>> I think my previous question (Segmentation fault and snort_inline stop
>>> when using namp  ) may be related to the issue
>>>
>>> Best Reagrds
>>>
>>> ChunXin
>>>
>>>
>>>       
>
>

Re: [Snort-inline-users] snort_inline-2.6.1.5 nfnetlink_queue WARNING

From: Will M. <wil...@gm...> - 2007-10-17 20:33:50

I have made some changes to the svn version of snort_inline that
should resolve your issue.  I also added fixes for a potential DoS
issue when the splay tree tree fills up submitted by  Marcus Sundberg
at Ingate, thanx dude ;-)....  You can check out the latest devel
version from svn as always with the following command...

svn co https://snort-inline.svn.sourceforge.net/svnroot/snort-inline/trunk


On 10/16/07, Victor Julien <li...@in...> wrote:
> Where did you install the libnetfilter_queue library? If you didn't
> install it in /usr please try that...
>
> Cheers,
> Victor
>
>
> ch...@os... wrote:
> > Yeah , Can you help me ?
> >
> >
> >> do you even need multiple queue support?
> >>
> >> On 10/16/07, ch...@os... <ch...@os...> wrote:
> >>
> >>> I encountered such a problem when i configure snort_inline-2.6.1.5 with
> >>> "--enable-nfnetlink" option ,description of the issue as follows:
> >>> --------------------------------------
> >>> .......................
> >>> checking linux/netfilter/nfnetlink_queue.h usability... no
> >>> checking linux/netfilter/nfnetlink_queue.h presence... yes
> >>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: present but
> >>> cannot
> >>> be compiled
> >>> configure: WARNING: linux/netfilter/nfnetlink_queue.h:     check for
> >>> missing prerequisite headers?
> >>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: see the Autoconf
> >>> documentation
> >>> configure: WARNING: linux/netfilter/nfnetlink_queue.h:     section
> >>> "Present But Cannot Be Compiled"
> >>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: proceeding with
> >>> the
> >>> preprocessor's result
> >>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: in the future,
> >>> the
> >>> compiler will take precedence
> >>> configure: WARNING:     ## ------------------------------------------ ##
> >>> configure: WARNING:     ## Report this to the AC_PACKAGE_NAME lists.  ##
> >>> configure: WARNING:     ## ------------------------------------------ ##
> >>> checking for linux/netfilter/nfnetlink_queue.h... yes
> >>> checking libnetfilter_queue/libnetfilter_queue.h usability... yes
> >>> checking libnetfilter_queue/libnetfilter_queue.h presence... yes
> >>> checking for libnetfilter_queue/libnetfilter_queue.h... yes
> >>> checking for nfqnl_open in -lnetfilter_queue... no
> >>> checking for nfq_set_queue_maxlen in -lnetfilter_queue... no
> >>> .................................
> >>> ---------------------------------------------------------------------
> >>> I am using libnetfilter_queue-0.0.12 and libnfnetlink-0.0.16 , The
> >>> installation process both are "./configure && make && make install"
> >>> I do not have to recompile the kernel,because I see that kernel  already
> >>> support the nfnetfilter_queue feature ( at /boot/config-2.6.20-15   ->
> >>> CONFIG_NETFILTER_NETLINK_QUEUE=m) .
> >>>
> >>> what wrong with my installation?  and how can i debug it ?
> >>> I think my previous question (Segmentation fault and snort_inline stop
> >>> when using namp  ) may be related to the issue
> >>>
> >>> Best Reagrds
> >>>
> >>> ChunXin
> >>>
> >>>
> >>>
> >
> >
>
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems?  Stop.
> Now Search log events and configuration files using AJAX and a browser.
> Download your FREE copy of Splunk now >> http://get.splunk.com/
> _______________________________________________
> Snort-inline-users mailing list
> Sno...@li...
> https://lists.sourceforge.net/lists/listinfo/snort-inline-users
>
>

Re: [Snort-inline-users] snort_inline-2.6.1.5 nfnetlink_queue WARNING

From: ChunXin <ch...@os...> - 2007-10-18 03:55:06

thanks a lot ! i will try it

Will Metcalf 写道:
> I have made some changes to the svn version of snort_inline that
> should resolve your issue.  I also added fixes for a potential DoS
> issue when the splay tree tree fills up submitted by  Marcus Sundberg
> at Ingate, thanx dude ;-)....  You can check out the latest devel
> version from svn as always with the following command...
>
> svn co https://snort-inline.svn.sourceforge.net/svnroot/snort-inline/trunk
>
>
> On 10/16/07, Victor Julien <li...@in...> wrote:
>   
>> Where did you install the libnetfilter_queue library? If you didn't
>> install it in /usr please try that...
>>
>> Cheers,
>> Victor
>>
>>
>> ch...@os... wrote:
>>     
>>> Yeah , Can you help me ?
>>>
>>>
>>>       
>>>> do you even need multiple queue support?
>>>>
>>>> On 10/16/07, ch...@os... <ch...@os...> wrote:
>>>>
>>>>         
>>>>> I encountered such a problem when i configure snort_inline-2.6.1.5 with
>>>>> "--enable-nfnetlink" option ,description of the issue as follows:
>>>>> --------------------------------------
>>>>> .......................
>>>>> checking linux/netfilter/nfnetlink_queue.h usability... no
>>>>> checking linux/netfilter/nfnetlink_queue.h presence... yes
>>>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: present but
>>>>> cannot
>>>>> be compiled
>>>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h:     check for
>>>>> missing prerequisite headers?
>>>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: see the Autoconf
>>>>> documentation
>>>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h:     section
>>>>> "Present But Cannot Be Compiled"
>>>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: proceeding with
>>>>> the
>>>>> preprocessor's result
>>>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: in the future,
>>>>> the
>>>>> compiler will take precedence
>>>>> configure: WARNING:     ## ------------------------------------------ ##
>>>>> configure: WARNING:     ## Report this to the AC_PACKAGE_NAME lists.  ##
>>>>> configure: WARNING:     ## ------------------------------------------ ##
>>>>> checking for linux/netfilter/nfnetlink_queue.h... yes
>>>>> checking libnetfilter_queue/libnetfilter_queue.h usability... yes
>>>>> checking libnetfilter_queue/libnetfilter_queue.h presence... yes
>>>>> checking for libnetfilter_queue/libnetfilter_queue.h... yes
>>>>> checking for nfqnl_open in -lnetfilter_queue... no
>>>>> checking for nfq_set_queue_maxlen in -lnetfilter_queue... no
>>>>> .................................
>>>>> ---------------------------------------------------------------------
>>>>> I am using libnetfilter_queue-0.0.12 and libnfnetlink-0.0.16 , The
>>>>> installation process both are "./configure && make && make install"
>>>>> I do not have to recompile the kernel,because I see that kernel  already
>>>>> support the nfnetfilter_queue feature ( at /boot/config-2.6.20-15   ->
>>>>> CONFIG_NETFILTER_NETLINK_QUEUE=m) .
>>>>>
>>>>> what wrong with my installation?  and how can i debug it ?
>>>>> I think my previous question (Segmentation fault and snort_inline stop
>>>>> when using namp  ) may be related to the issue
>>>>>
>>>>> Best Reagrds
>>>>>
>>>>> ChunXin
>>>>>
>>>>>
>>>>>
>>>>>           
>>>       
>>
>> -------------------------------------------------------------------------
>> This SF.net email is sponsored by: Splunk Inc.
>> Still grepping through log files to find problems?  Stop.
>> Now Search log events and configuration files using AJAX and a browser.
>> Download your FREE copy of Splunk now >> http://get.splunk.com/
>> _______________________________________________
>> Snort-inline-users mailing list
>> Sno...@li...
>> https://lists.sourceforge.net/lists/listinfo/snort-inline-users
>>
>>
>>

Re: [Snort-inline-users] snort_inline-2.6.1.5 nfnetlink_queue WARNING

From: Will M. <wil...@gm...> - 2007-10-18 04:06:52

it is svn so don't forget to ./autojunk.sh ;-)

On 10/17/07, ChunXin <ch...@os...> wrote:
> thanks a lot ! i will try it
>
> Will Metcalf 写道:
> > I have made some changes to the svn version of snort_inline that
> > should resolve your issue.  I also added fixes for a potential DoS
> > issue when the splay tree tree fills up submitted by  Marcus Sundberg
> > at Ingate, thanx dude ;-)....  You can check out the latest devel
> > version from svn as always with the following command...
> >
> > svn co https://snort-inline.svn.sourceforge.net/svnroot/snort-inline/trunk
> >
> >
> > On 10/16/07, Victor Julien <li...@in...> wrote:
> >
> >> Where did you install the libnetfilter_queue library? If you didn't
> >> install it in /usr please try that...
> >>
> >> Cheers,
> >> Victor
> >>
> >>
> >> ch...@os... wrote:
> >>
> >>> Yeah , Can you help me ?
> >>>
> >>>
> >>>
> >>>> do you even need multiple queue support?
> >>>>
> >>>> On 10/16/07, ch...@os... <ch...@os...> wrote:
> >>>>
> >>>>
> >>>>> I encountered such a problem when i configure snort_inline-2.6.1.5 with
> >>>>> "--enable-nfnetlink" option ,description of the issue as follows:
> >>>>> --------------------------------------
> >>>>> .......................
> >>>>> checking linux/netfilter/nfnetlink_queue.h usability... no
> >>>>> checking linux/netfilter/nfnetlink_queue.h presence... yes
> >>>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: present but
> >>>>> cannot
> >>>>> be compiled
> >>>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h:     check for
> >>>>> missing prerequisite headers?
> >>>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: see the Autoconf
> >>>>> documentation
> >>>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h:     section
> >>>>> "Present But Cannot Be Compiled"
> >>>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: proceeding with
> >>>>> the
> >>>>> preprocessor's result
> >>>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: in the future,
> >>>>> the
> >>>>> compiler will take precedence
> >>>>> configure: WARNING:     ## ------------------------------------------ ##
> >>>>> configure: WARNING:     ## Report this to the AC_PACKAGE_NAME lists.  ##
> >>>>> configure: WARNING:     ## ------------------------------------------ ##
> >>>>> checking for linux/netfilter/nfnetlink_queue.h... yes
> >>>>> checking libnetfilter_queue/libnetfilter_queue.h usability... yes
> >>>>> checking libnetfilter_queue/libnetfilter_queue.h presence... yes
> >>>>> checking for libnetfilter_queue/libnetfilter_queue.h... yes
> >>>>> checking for nfqnl_open in -lnetfilter_queue... no
> >>>>> checking for nfq_set_queue_maxlen in -lnetfilter_queue... no
> >>>>> .................................
> >>>>> ---------------------------------------------------------------------
> >>>>> I am using libnetfilter_queue-0.0.12 and libnfnetlink-0.0.16 , The
> >>>>> installation process both are "./configure && make && make install"
> >>>>> I do not have to recompile the kernel,because I see that kernel  already
> >>>>> support the nfnetfilter_queue feature ( at /boot/config-2.6.20-15   ->
> >>>>> CONFIG_NETFILTER_NETLINK_QUEUE=m) .
> >>>>>
> >>>>> what wrong with my installation?  and how can i debug it ?
> >>>>> I think my previous question (Segmentation fault and snort_inline stop
> >>>>> when using namp  ) may be related to the issue
> >>>>>
> >>>>> Best Reagrds
> >>>>>
> >>>>> ChunXin
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>
> >>
> >> -------------------------------------------------------------------------
> >> This SF.net email is sponsored by: Splunk Inc.
> >> Still grepping through log files to find problems?  Stop.
> >> Now Search log events and configuration files using AJAX and a browser.
> >> Download your FREE copy of Splunk now >> http://get.splunk.com/
> >> _______________________________________________
> >> Snort-inline-users mailing list
> >> Sno...@li...
> >> https://lists.sourceforge.net/lists/listinfo/snort-inline-users
> >>
> >>
> >>
>
>

Re: [Snort-inline-users] snort_inline-2.6.1.5 nfnetlink_queue WARNING

From: ChunXin <ch...@os...> - 2007-10-18 06:43:18

Dear Will Metcalf;
Perfect works !
your svn code work correct !
svn_code without nfnetlink_queue and with nfnetlink_queue appear to have
no problem!

I will continue to use your svn code ,If there is a problem I will
promptly let you know !

:-*

Best Regards

ChunXin 2007/10/18


Will Metcalf 写道:
> it is svn so don't forget to ./autojunk.sh ;-)
>
> On 10/17/07, ChunXin <ch...@os...> wrote:
>   
>> thanks a lot ! i will try it
>>
>> Will Metcalf $B<LF;(B:
>>     
>>> I have made some changes to the svn version of snort_inline that
>>> should resolve your issue.  I also added fixes for a potential DoS
>>> issue when the splay tree tree fills up submitted by  Marcus Sundberg
>>> at Ingate, thanx dude ;-)....  You can check out the latest devel
>>> version from svn as always with the following command...
>>>
>>> svn co https://snort-inline.svn.sourceforge.net/svnroot/snort-inline/trunk
>>>
>>>
>>> On 10/16/07, Victor Julien <li...@in...> wrote:
>>>
>>>       
>>>> Where did you install the libnetfilter_queue library? If you didn't
>>>> install it in /usr please try that...
>>>>
>>>> Cheers,
>>>> Victor
>>>>
>>>>
>>>> ch...@os... wrote:
>>>>
>>>>         
>>>>> Yeah , Can you help me ?
>>>>>
>>>>>
>>>>>
>>>>>           
>>>>>> do you even need multiple queue support?
>>>>>>
>>>>>> On 10/16/07, ch...@os... <ch...@os...> wrote:
>>>>>>
>>>>>>
>>>>>>             
>>>>>>> I encountered such a problem when i configure snort_inline-2.6.1.5 with
>>>>>>> "--enable-nfnetlink" option ,description of the issue as follows:
>>>>>>> --------------------------------------
>>>>>>> .......................
>>>>>>> checking linux/netfilter/nfnetlink_queue.h usability... no
>>>>>>> checking linux/netfilter/nfnetlink_queue.h presence... yes
>>>>>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: present but
>>>>>>> cannot
>>>>>>> be compiled
>>>>>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h:     check for
>>>>>>> missing prerequisite headers?
>>>>>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: see the Autoconf
>>>>>>> documentation
>>>>>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h:     section
>>>>>>> "Present But Cannot Be Compiled"
>>>>>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: proceeding with
>>>>>>> the
>>>>>>> preprocessor's result
>>>>>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: in the future,
>>>>>>> the
>>>>>>> compiler will take precedence
>>>>>>> configure: WARNING:     ## ------------------------------------------ ##
>>>>>>> configure: WARNING:     ## Report this to the AC_PACKAGE_NAME lists.  ##
>>>>>>> configure: WARNING:     ## ------------------------------------------ ##
>>>>>>> checking for linux/netfilter/nfnetlink_queue.h... yes
>>>>>>> checking libnetfilter_queue/libnetfilter_queue.h usability... yes
>>>>>>> checking libnetfilter_queue/libnetfilter_queue.h presence... yes
>>>>>>> checking for libnetfilter_queue/libnetfilter_queue.h... yes
>>>>>>> checking for nfqnl_open in -lnetfilter_queue... no
>>>>>>> checking for nfq_set_queue_maxlen in -lnetfilter_queue... no
>>>>>>> .................................
>>>>>>> ---------------------------------------------------------------------
>>>>>>> I am using libnetfilter_queue-0.0.12 and libnfnetlink-0.0.16 , The
>>>>>>> installation process both are "./configure && make && make install"
>>>>>>> I do not have to recompile the kernel,because I see that kernel  already
>>>>>>> support the nfnetfilter_queue feature ( at /boot/config-2.6.20-15   ->
>>>>>>> CONFIG_NETFILTER_NETLINK_QUEUE=m) .
>>>>>>>
>>>>>>> what wrong with my installation?  and how can i debug it ?
>>>>>>> I think my previous question (Segmentation fault and snort_inline stop
>>>>>>> when using namp  ) may be related to the issue
>>>>>>>
>>>>>>> Best Reagrds
>>>>>>>
>>>>>>> ChunXin
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>               
>>>> -------------------------------------------------------------------------
>>>> This SF.net email is sponsored by: Splunk Inc.
>>>> Still grepping through log files to find problems?  Stop.
>>>> Now Search log events and configuration files using AJAX and a browser.
>>>> Download your FREE copy of Splunk now >> http://get.splunk.com/
>>>> _______________________________________________
>>>> Snort-inline-users mailing list
>>>> Sno...@li...
>>>> https://lists.sourceforge.net/lists/listinfo/snort-inline-users
>>>>
>>>>
>>>>
>>>>         
>>

Re: [Snort-inline-users] snort_inline-2.6.1.5 nfnetlink_queue WARNING

From: <ch...@os...> - 2007-10-18 06:44:27

Dear Will Metcalf;
 Perfect works !
 your svn code work correct !
 svn_code without nfnetlink_queue  and with nfnetlink_queue  appear to
have no problem!

 I will continue to use your svn code ,If there is a problem I will
promptly let you know !

:-*

Best Regards

ChunXin  2007/10/18


> it is svn so don't forget to ./autojunk.sh ;-)
>
> On 10/17/07, ChunXin <ch...@os...> wrote:
>> thanks a lot ! i will try it
>>
>> Will Metcalf $B<LF;(B:
>> > I have made some changes to the svn version of snort_inline that
>> > should resolve your issue.  I also added fixes for a potential DoS
>> > issue when the splay tree tree fills up submitted by  Marcus Sundberg
>> > at Ingate, thanx dude ;-)....  You can check out the latest devel
>> > version from svn as always with the following command...
>> >
>> > svn co
>> https://snort-inline.svn.sourceforge.net/svnroot/snort-inline/trunk
>> >
>> >
>> > On 10/16/07, Victor Julien <li...@in...> wrote:
>> >
>> >> Where did you install the libnetfilter_queue library? If you didn't
>> >> install it in /usr please try that...
>> >>
>> >> Cheers,
>> >> Victor
>> >>
>> >>
>> >> ch...@os... wrote:
>> >>
>> >>> Yeah , Can you help me ?
>> >>>
>> >>>
>> >>>
>> >>>> do you even need multiple queue support?
>> >>>>
>> >>>> On 10/16/07, ch...@os... <ch...@os...> wrote:
>> >>>>
>> >>>>
>> >>>>> I encountered such a problem when i configure snort_inline-2.6.1.5
>> with
>> >>>>> "--enable-nfnetlink" option ,description of the issue as follows:
>> >>>>> --------------------------------------
>> >>>>> .......................
>> >>>>> checking linux/netfilter/nfnetlink_queue.h usability... no
>> >>>>> checking linux/netfilter/nfnetlink_queue.h presence... yes
>> >>>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: present but
>> >>>>> cannot
>> >>>>> be compiled
>> >>>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h:     check
>> for
>> >>>>> missing prerequisite headers?
>> >>>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: see the
>> Autoconf
>> >>>>> documentation
>> >>>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h:     section
>> >>>>> "Present But Cannot Be Compiled"
>> >>>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: proceeding
>> with
>> >>>>> the
>> >>>>> preprocessor's result
>> >>>>> configure: WARNING: linux/netfilter/nfnetlink_queue.h: in the
>> future,
>> >>>>> the
>> >>>>> compiler will take precedence
>> >>>>> configure: WARNING:     ##
>> ------------------------------------------ ##
>> >>>>> configure: WARNING:     ## Report this to the AC_PACKAGE_NAME
>> lists.  ##
>> >>>>> configure: WARNING:     ##
>> ------------------------------------------ ##
>> >>>>> checking for linux/netfilter/nfnetlink_queue.h... yes
>> >>>>> checking libnetfilter_queue/libnetfilter_queue.h usability... yes
>> >>>>> checking libnetfilter_queue/libnetfilter_queue.h presence... yes
>> >>>>> checking for libnetfilter_queue/libnetfilter_queue.h... yes
>> >>>>> checking for nfqnl_open in -lnetfilter_queue... no
>> >>>>> checking for nfq_set_queue_maxlen in -lnetfilter_queue... no
>> >>>>> .................................
>> >>>>> ---------------------------------------------------------------------
>> >>>>> I am using libnetfilter_queue-0.0.12 and libnfnetlink-0.0.16 , The
>> >>>>> installation process both are "./configure && make && make
>> install"
>> >>>>> I do not have to recompile the kernel,because I see that kernel
>> already
>> >>>>> support the nfnetfilter_queue feature ( at /boot/config-2.6.20-15
>>  ->
>> >>>>> CONFIG_NETFILTER_NETLINK_QUEUE=m) .
>> >>>>>
>> >>>>> what wrong with my installation?  and how can i debug it ?
>> >>>>> I think my previous question (Segmentation fault and snort_inline
>> stop
>> >>>>> when using namp  ) may be related to the issue
>> >>>>>
>> >>>>> Best Reagrds
>> >>>>>
>> >>>>> ChunXin
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>
>> >>
>> >> -------------------------------------------------------------------------
>> >> This SF.net email is sponsored by: Splunk Inc.
>> >> Still grepping through log files to find problems?  Stop.
>> >> Now Search log events and configuration files using AJAX and a
>> browser.
>> >> Download your FREE copy of Splunk now >> http://get.splunk.com/
>> >> _______________________________________________
>> >> Snort-inline-users mailing list
>> >> Sno...@li...
>> >> https://lists.sourceforge.net/lists/listinfo/snort-inline-users
>> >>
>> >>
>> >>
>>
>>
>