You are not logged in.

Pages: 1

#1 2010-09-18 00:06:32

bostonvaulter
Member
Registered: 2008-07-17
Posts: 36

New build of Snort [solved]

Has anyone had any luck recently trying to upgrade the snort package in extra?

I've been trying to enable postgresql support in snort, so I downloaded the snort PKGBUILD using the ABS. However, even without changing anything the build will not work because the links are outdated. Here's the relevant bug report (although focusing on mysql support)

https://bugs.archlinux.org/task/19288?p … ring=snort

Here is my updated PKGBUILD (http://gist.github.com/585174), but it won't compile and I'm not sure why. Here's the end of the output from makepkg:

Making install in preproc_rules
make[1]: Entering directory `/home/jason/abs/community/snort/src/snort-2.8.6.1/preproc_rules'
make[2]: Entering directory `/home/jason/abs/community/snort/src/snort-2.8.6.1/preproc_rules'
make[2]: Nothing to be done for `install-exec-am'.
make[2]: Nothing to be done for `install-data-am'.
make[2]: Leaving directory `/home/jason/abs/community/snort/src/snort-2.8.6.1/preproc_rules'
make[1]: Leaving directory `/home/jason/abs/community/snort/src/snort-2.8.6.1/preproc_rules'
make[1]: Entering directory `/home/jason/abs/community/snort/src/snort-2.8.6.1'
make[2]: Entering directory `/home/jason/abs/community/snort/src/snort-2.8.6.1'
make[2]: Nothing to be done for `install-exec-am'.
test -z "/usr/share/man/man8" || /bin/mkdir -p "/home/jason/abs/community/snort/pkg/usr/share/man/man8"
 /bin/install -c -m 644 snort.8 '/home/jason/abs/community/snort/pkg/usr/share/man/man8'
test -z "/usr/lib/pkgconfig" || /bin/mkdir -p "/home/jason/abs/community/snort/pkg/usr/lib/pkgconfig"
 /bin/install -c -m 644 snort.pc '/home/jason/abs/community/snort/pkg/usr/lib/pkgconfig'
make[2]: Leaving directory `/home/jason/abs/community/snort/src/snort-2.8.6.1'
make[1]: Leaving directory `/home/jason/abs/community/snort/src/snort-2.8.6.1'
    Aborting...
[1]    2944 exit 2     makepkg

I'm not sure why it's not compiling because I don't see any errors. If you want the full output from makepkg or anything let me know. Also I needed to register for a snort sourcefire account to download the (semi) updated snort rules.

Last edited by bostonvaulter (2010-09-27 22:19:17)

Offline

#2 2010-09-27 22:19:02

bostonvaulter
Member
Registered: 2008-07-17
Posts: 36

Re: New build of Snort [solved]

I found out the problem. There is an error in the community PKGBUILD. There is only one bar before the return 1 when there should be two on line 41 of the PKGBUILD. I plan to file a bug report on this.

install -D -m644 ${srcdir}/snort.conf.d ${pkgdir}/etc/conf.d/snort | return 1
install -D -m644 ${srcdir}/snort.conf.d ${pkgdir}/etc/conf.d/snort || return 1

Unfortunately to even get this to run requires you to sign up on the sourcefire website to download the week-old community rules. Also the source tarball does not have a nice name, it is something like snort.org/dl/116 rather than a nice version including the version number.

Offline

Pages: 1

Board footer

Powered by FluxBB