Re: [gentoo-user] Snort compiling problems
On Mon, Aug 24, 2015 at 12:38 PM, Rod r...@rods.id.au wrote: USE=-* ... I have not been following this thread but why do you have this setting? # grep snort /etc/portage/package.use net-analyser/snort active-response flexresp3 gre mpls That's a typo in the category name, it's supposed to be: net-analyzer
Re: [gentoo-user] Snort compiling problems
On Monday, August 24, 2015 5:33:34 PM Jeremi Piotrowski wrote: On Mon, Aug 24, 2015 at 12:38 PM, Rod r...@rods.id.au wrote: USE=-* ... I have not been following this thread but why do you have this setting? There may be some valid reasons for it, but if you don't know the implications or wont remember it when shit like this happens then it's really a bad idea. # grep snort /etc/portage/package.use net-analyser/snort active-response flexresp3 gre mpls That's a typo in the category name, it's supposed to be: net-analyzer -- Fernando Rodriguez
Re: [gentoo-user] Snort compiling problems
On 08/24/2015 04:47 AM, Fernando Rodriguez wrote: On Sunday, August 23, 2015 5:17:53 PM Rod wrote: On 08/23/2015 05:02 PM, Fernando Rodriguez wrote: On Sunday, August 23, 2015 4:35:12 PM Rod wrote: On 08/23/2015 03:59 PM, Fernando Rodriguez wrote: On Sunday, August 23, 2015 3:26:24 PM Rod wrote: On 08/23/2015 08:59 AM, Fernando Rodriguez wrote: On Sunday, August 23, 2015 8:27:17 AM Rod wrote: Snipped out the previous, takes a while to scroll... On 08/23/2015 07:40 AM, Fernando Rodriguez wrote: Post the output of: emerge -vap snort and then: USE=normalizer emerge -vap snort The only way NormFlags is left out (as far as I can see) is if you disable that flag (which is enabled by default). # emerge -pqv '=net-analyzer/snort-2.9.7.5::gentoo' [ebuild U ] net-analyzer/snort-2.9.7.5 [2.9.1] USE=threads -active-response -control-socket% -debug -file-inspect% -flexresp3 -gre -high-availability% -inline-init-failopen -large-pcap-64bit -linux-smp-stats -mpls -non-ether-decoders% -normalizer -perfprofiling -ppm -react -reload-error-restart (-selinux*) -shared-rep% -side-channel% -sourcefire% -static -targetbased (-aruba%) (-decoder-preprocessor-rules%) (-dynamicplugin%*) (-mysql%*) (- odbc%*) (-paf%) (-postgres%*) (-zlib%*) Ahhh, ok, I see it, -normalizer Maybe on newer install systems its enabled by default, but I have been running this system with Snort on it for 10 years or so... and I don't think normalizer would be that old in theUSE flags, opening `ufed` it doesn't show it as included or enabled, I have enabled it. # USE=normalizer emerge -vap snort [ebuild U ~] net-analyzer/snort-2.9.7.5::gentoo [2.9.1::gentoo] USE=normalizer* threads -active-response -control-socket% -debug -file-inspect% -flexresp3 -gre -high-availability% -inline-init- failopen -large-pcap-64bit -linux-smp-stats -mpls -non-ether-decoders% -perfprofiling -ppm -react -reload-error-restart (-selinux*) -shared-rep% -side-channel% -sourcefire% -static -targetbased (- aruba%) (-decoder-preprocessor-rules%) (-dynamicplugin%*) (-mysql%*) (- odbc%*) (-paf%) (-postgres%*) (-zlib%*) 0 KiB No luck I'm afraid grep your package.* in /etc/portage for snort entries. I didn't investigate which one is breaking this time but it must be something you got there somewhere. I just built it with the default use flags and it works. If it was profile changes you would've got them when you sync'd. And don't forget to file a bug. net-analyzer/snort ~amd64 # required by net-analyzer/snort-2.9.6.1 # required by @selected # required by @world (argument) =net-libs/daq-2.0.2 ~amd64 When was the last time you sync'd? And did a world update? Your portage is two versions behind mine... This *should* work: USE=active-response flexresp3 gre mpls non-ether-decoders normalizer perfprofiling ppm react targetbased threads emerge snort Hopefully somebody else can help figure out why those use flags are disabled, they're enabled in my ebuild. For now add those flags to your package.use. emerge sync is every night (once every 24Hrs) and the portage directory is NFS shared to all other computers on this home network, Bug has been filed to here - https://bugs.gentoo.org/show_bug.cgi?id=558454 Ok, thats a bugger. Grrr (now) I have added your USE (above) to package.use, recompiled, nothing changed, still bombed at Stream 6 then tried without changing anything, your USE=active...threads emerge snort and it happily compiled, and installed :( now I don't know why... I submitted the bug report (previous Email request) then typed this Email as I was trying what you requested, and now G... That is strange. All I can say is upgrade portage try again to see if it picks up the use flags correctly. And don't do a world update until you sort it out cause if it's not picking your use flags it may make it worst. I added the USE flags to package.use, upgraded portage, then tried emerge snort, nothing, then tried it your way USE=. emerge snort, and it worked, sorry I didn't add previous Email that I updated portage By any change you do have USE=-* ... on your make.conf? If so you must have made a typo or something wrong when you added the flags to package.use USE=-* ... # grep snort /etc/portage/package.use net-analyser/snort active-response flexresp3 gre mpls non-ether-decoders normalizer perfprofiling ppm react targetbased threads -- --- Regards, Rod Smart 0417 513 286
Re: [gentoo-user] Snort compiling problems
On 08/25/2015 05:05 AM, Fernando Rodriguez wrote: On Monday, August 24, 2015 5:33:34 PM Jeremi Piotrowski wrote: On Mon, Aug 24, 2015 at 12:38 PM, Rod r...@rods.id.au wrote: USE=-* ... I have not been following this thread but why do you have this setting? There may be some valid reasons for it, but if you don't know the implications or wont remember it when shit like this happens then it's really a bad idea. At one stage (long, long ago) it was a recommended setting (if I remember correctly) # grep snort /etc/portage/package.use net-analyser/snort active-response flexresp3 gre mpls That's a typo in the category name, it's supposed to be: net-analyzer Ahhh the stupid US/Oz spelling differences, looks right to spelling checker, doesn't mean its right to work :P # emerge -av snort [ebuild R ~] net-analyzer/snort-2.9.7.5::gentoo USE=active-response flexresp3 gre mpls non-ether-decoders normalizer perfprofiling ppm react targetbased threads -control-socket -debug -file-inspect -high-availability -inline-init-failopen -large-pcap-64bit -linux-smp-stats -reload-error-restart (-selinux) -shared-rep -side-channel -sourcefire -static 0 KiB Maybe that looks a bit better :/ I use ufed for use-flag modification USE=-* Thats interesting, I don't believe it has always said Never enable any flags other than those specified in make.conf I'm sure the last time I read it was something vastly different, it was enabling something, but yes, it was long ago -- --- Regards, Rod Smart 0417 513 286
Re: [gentoo-user] Snort compiling problems
On Sunday, August 23, 2015 3:26:24 PM Rod wrote: On 08/23/2015 08:59 AM, Fernando Rodriguez wrote: On Sunday, August 23, 2015 8:27:17 AM Rod wrote: Snipped out the previous, takes a while to scroll... On 08/23/2015 07:40 AM, Fernando Rodriguez wrote: Post the output of: emerge -vap snort and then: USE=normalizer emerge -vap snort The only way NormFlags is left out (as far as I can see) is if you disable that flag (which is enabled by default). # emerge -pqv '=net-analyzer/snort-2.9.7.5::gentoo' [ebuild U ] net-analyzer/snort-2.9.7.5 [2.9.1] USE=threads -active-response -control-socket% -debug -file-inspect% -flexresp3 -gre -high-availability% -inline-init-failopen -large-pcap-64bit -linux-smp-stats -mpls -non-ether-decoders% -normalizer -perfprofiling -ppm -react -reload-error-restart (-selinux*) -shared-rep% -side-channel% -sourcefire% -static -targetbased (-aruba%) (-decoder-preprocessor-rules%) (-dynamicplugin%*) (-mysql%*) (-odbc%*) (-paf%) (-postgres%*) (-zlib%*) Ahhh, ok, I see it, -normalizer Maybe on newer install systems its enabled by default, but I have been running this system with Snort on it for 10 years or so... and I don't think normalizer would be that old in theUSE flags, opening `ufed` it doesn't show it as included or enabled, I have enabled it. # USE=normalizer emerge -vap snort [ebuild U ~] net-analyzer/snort-2.9.7.5::gentoo [2.9.1::gentoo] USE=normalizer* threads -active-response -control-socket% -debug -file-inspect% -flexresp3 -gre -high-availability% -inline-init-failopen -large-pcap-64bit -linux-smp-stats -mpls -non-ether-decoders% -perfprofiling -ppm -react -reload-error-restart (-selinux*) -shared-rep% -side-channel% -sourcefire% -static -targetbased (-aruba%) (-decoder-preprocessor-rules%) (-dynamicplugin%*) (-mysql%*) (-odbc%*) (-paf%) (-postgres%*) (-zlib%*) 0 KiB No luck I'm afraid grep your package.* in /etc/portage for snort entries. I didn't investigate which one is breaking this time but it must be something you got there somewhere. I just built it with the default use flags and it works. If it was profile changes you would've got them when you sync'd. And don't forget to file a bug. net-analyzer/snort ~amd64 # required by net-analyzer/snort-2.9.6.1 # required by @selected # required by @world (argument) =net-libs/daq-2.0.2 ~amd64 When was the last time you sync'd? And did a world update? Your portage is two versions behind mine... This *should* work: USE=active-response flexresp3 gre mpls non-ether-decoders normalizer perfprofiling ppm react targetbased threads emerge snort Hopefully somebody else can help figure out why those use flags are disabled, they're enabled in my ebuild. For now add those flags to your package.use. -- Fernando Rodriguez
Re: [gentoo-user] Snort compiling problems
On 08/23/2015 03:59 PM, Fernando Rodriguez wrote: On Sunday, August 23, 2015 3:26:24 PM Rod wrote: On 08/23/2015 08:59 AM, Fernando Rodriguez wrote: On Sunday, August 23, 2015 8:27:17 AM Rod wrote: Snipped out the previous, takes a while to scroll... On 08/23/2015 07:40 AM, Fernando Rodriguez wrote: Post the output of: emerge -vap snort and then: USE=normalizer emerge -vap snort The only way NormFlags is left out (as far as I can see) is if you disable that flag (which is enabled by default). # emerge -pqv '=net-analyzer/snort-2.9.7.5::gentoo' [ebuild U ] net-analyzer/snort-2.9.7.5 [2.9.1] USE=threads -active-response -control-socket% -debug -file-inspect% -flexresp3 -gre -high-availability% -inline-init-failopen -large-pcap-64bit -linux-smp-stats -mpls -non-ether-decoders% -normalizer -perfprofiling -ppm -react -reload-error-restart (-selinux*) -shared-rep% -side-channel% -sourcefire% -static -targetbased (-aruba%) (-decoder-preprocessor-rules%) (-dynamicplugin%*) (-mysql%*) (-odbc%*) (-paf%) (-postgres%*) (-zlib%*) Ahhh, ok, I see it, -normalizer Maybe on newer install systems its enabled by default, but I have been running this system with Snort on it for 10 years or so... and I don't think normalizer would be that old in theUSE flags, opening `ufed` it doesn't show it as included or enabled, I have enabled it. # USE=normalizer emerge -vap snort [ebuild U ~] net-analyzer/snort-2.9.7.5::gentoo [2.9.1::gentoo] USE=normalizer* threads -active-response -control-socket% -debug -file-inspect% -flexresp3 -gre -high-availability% -inline-init-failopen -large-pcap-64bit -linux-smp-stats -mpls -non-ether-decoders% -perfprofiling -ppm -react -reload-error-restart (-selinux*) -shared-rep% -side-channel% -sourcefire% -static -targetbased (-aruba%) (-decoder-preprocessor-rules%) (-dynamicplugin%*) (-mysql%*) (-odbc%*) (-paf%) (-postgres%*) (-zlib%*) 0 KiB No luck I'm afraid grep your package.* in /etc/portage for snort entries. I didn't investigate which one is breaking this time but it must be something you got there somewhere. I just built it with the default use flags and it works. If it was profile changes you would've got them when you sync'd. And don't forget to file a bug. net-analyzer/snort ~amd64 # required by net-analyzer/snort-2.9.6.1 # required by @selected # required by @world (argument) =net-libs/daq-2.0.2 ~amd64 When was the last time you sync'd? And did a world update? Your portage is two versions behind mine... This *should* work: USE=active-response flexresp3 gre mpls non-ether-decoders normalizer perfprofiling ppm react targetbased threads emerge snort Hopefully somebody else can help figure out why those use flags are disabled, they're enabled in my ebuild. For now add those flags to your package.use. emerge sync is every night (once every 24Hrs) and the portage directory is NFS shared to all other computers on this home network, Bug has been filed to here - https://bugs.gentoo.org/show_bug.cgi?id=558454 Ok, thats a bugger. Grrr (now) I have added your USE (above) to package.use, recompiled, nothing changed, still bombed at Stream 6 then tried without changing anything, your USE=active...threads emerge snort and it happily compiled, and installed :( now I don't know why... I submitted the bug report (previous Email request) then typed this Email as I was trying what you requested, and now G... -- --- Regards, Rod Smart 0417 513 286
Re: [gentoo-user] Snort compiling problems
On Sunday, August 23, 2015 4:35:12 PM Rod wrote: On 08/23/2015 03:59 PM, Fernando Rodriguez wrote: On Sunday, August 23, 2015 3:26:24 PM Rod wrote: On 08/23/2015 08:59 AM, Fernando Rodriguez wrote: On Sunday, August 23, 2015 8:27:17 AM Rod wrote: Snipped out the previous, takes a while to scroll... On 08/23/2015 07:40 AM, Fernando Rodriguez wrote: Post the output of: emerge -vap snort and then: USE=normalizer emerge -vap snort The only way NormFlags is left out (as far as I can see) is if you disable that flag (which is enabled by default). # emerge -pqv '=net-analyzer/snort-2.9.7.5::gentoo' [ebuild U ] net-analyzer/snort-2.9.7.5 [2.9.1] USE=threads -active-response -control-socket% -debug -file-inspect% -flexresp3 -gre -high-availability% -inline-init-failopen -large-pcap-64bit -linux-smp-stats -mpls -non-ether-decoders% -normalizer -perfprofiling -ppm -react -reload-error-restart (-selinux*) -shared-rep% -side-channel% -sourcefire% -static -targetbased (-aruba%) (-decoder-preprocessor-rules%) (-dynamicplugin%*) (-mysql%*) (-odbc%*) (-paf%) (-postgres%*) (-zlib%*) Ahhh, ok, I see it, -normalizer Maybe on newer install systems its enabled by default, but I have been running this system with Snort on it for 10 years or so... and I don't think normalizer would be that old in theUSE flags, opening `ufed` it doesn't show it as included or enabled, I have enabled it. # USE=normalizer emerge -vap snort [ebuild U ~] net-analyzer/snort-2.9.7.5::gentoo [2.9.1::gentoo] USE=normalizer* threads -active-response -control-socket% -debug -file-inspect% -flexresp3 -gre -high-availability% -inline-init-failopen -large-pcap-64bit -linux-smp-stats -mpls -non-ether-decoders% -perfprofiling -ppm -react -reload-error-restart (-selinux*) -shared-rep% -side-channel% -sourcefire% -static -targetbased (-aruba%) (-decoder-preprocessor-rules%) (-dynamicplugin%*) (-mysql%*) (-odbc%*) (-paf%) (-postgres%*) (-zlib%*) 0 KiB No luck I'm afraid grep your package.* in /etc/portage for snort entries. I didn't investigate which one is breaking this time but it must be something you got there somewhere. I just built it with the default use flags and it works. If it was profile changes you would've got them when you sync'd. And don't forget to file a bug. net-analyzer/snort ~amd64 # required by net-analyzer/snort-2.9.6.1 # required by @selected # required by @world (argument) =net-libs/daq-2.0.2 ~amd64 When was the last time you sync'd? And did a world update? Your portage is two versions behind mine... This *should* work: USE=active-response flexresp3 gre mpls non-ether-decoders normalizer perfprofiling ppm react targetbased threads emerge snort Hopefully somebody else can help figure out why those use flags are disabled, they're enabled in my ebuild. For now add those flags to your package.use. emerge sync is every night (once every 24Hrs) and the portage directory is NFS shared to all other computers on this home network, Bug has been filed to here - https://bugs.gentoo.org/show_bug.cgi?id=558454 Ok, thats a bugger. Grrr (now) I have added your USE (above) to package.use, recompiled, nothing changed, still bombed at Stream 6 then tried without changing anything, your USE=active...threads emerge snort and it happily compiled, and installed :( now I don't know why... I submitted the bug report (previous Email request) then typed this Email as I was trying what you requested, and now G... That is strange. All I can say is upgrade portage try again to see if it picks up the use flags correctly. And don't do a world update until you sort it out cause if it's not picking your use flags it may make it worst. -- Fernando Rodriguez
Re: [gentoo-user] Snort compiling problems
On Sunday, August 23, 2015 5:17:53 PM Rod wrote: On 08/23/2015 05:02 PM, Fernando Rodriguez wrote: On Sunday, August 23, 2015 4:35:12 PM Rod wrote: On 08/23/2015 03:59 PM, Fernando Rodriguez wrote: On Sunday, August 23, 2015 3:26:24 PM Rod wrote: On 08/23/2015 08:59 AM, Fernando Rodriguez wrote: On Sunday, August 23, 2015 8:27:17 AM Rod wrote: Snipped out the previous, takes a while to scroll... On 08/23/2015 07:40 AM, Fernando Rodriguez wrote: Post the output of: emerge -vap snort and then: USE=normalizer emerge -vap snort The only way NormFlags is left out (as far as I can see) is if you disable that flag (which is enabled by default). # emerge -pqv '=net-analyzer/snort-2.9.7.5::gentoo' [ebuild U ] net-analyzer/snort-2.9.7.5 [2.9.1] USE=threads -active-response -control-socket% -debug -file-inspect% -flexresp3 -gre -high-availability% -inline-init-failopen -large-pcap-64bit -linux-smp-stats -mpls -non-ether-decoders% -normalizer -perfprofiling -ppm -react -reload-error-restart (-selinux*) -shared-rep% -side-channel% -sourcefire% -static -targetbased (-aruba%) (-decoder-preprocessor-rules%) (-dynamicplugin%*) (-mysql%*) (- odbc%*) (-paf%) (-postgres%*) (-zlib%*) Ahhh, ok, I see it, -normalizer Maybe on newer install systems its enabled by default, but I have been running this system with Snort on it for 10 years or so... and I don't think normalizer would be that old in theUSE flags, opening `ufed` it doesn't show it as included or enabled, I have enabled it. # USE=normalizer emerge -vap snort [ebuild U ~] net-analyzer/snort-2.9.7.5::gentoo [2.9.1::gentoo] USE=normalizer* threads -active-response -control-socket% -debug -file-inspect% -flexresp3 -gre -high-availability% -inline-init- failopen -large-pcap-64bit -linux-smp-stats -mpls -non-ether-decoders% -perfprofiling -ppm -react -reload-error-restart (-selinux*) -shared-rep% -side-channel% -sourcefire% -static -targetbased (- aruba%) (-decoder-preprocessor-rules%) (-dynamicplugin%*) (-mysql%*) (- odbc%*) (-paf%) (-postgres%*) (-zlib%*) 0 KiB No luck I'm afraid grep your package.* in /etc/portage for snort entries. I didn't investigate which one is breaking this time but it must be something you got there somewhere. I just built it with the default use flags and it works. If it was profile changes you would've got them when you sync'd. And don't forget to file a bug. net-analyzer/snort ~amd64 # required by net-analyzer/snort-2.9.6.1 # required by @selected # required by @world (argument) =net-libs/daq-2.0.2 ~amd64 When was the last time you sync'd? And did a world update? Your portage is two versions behind mine... This *should* work: USE=active-response flexresp3 gre mpls non-ether-decoders normalizer perfprofiling ppm react targetbased threads emerge snort Hopefully somebody else can help figure out why those use flags are disabled, they're enabled in my ebuild. For now add those flags to your package.use. emerge sync is every night (once every 24Hrs) and the portage directory is NFS shared to all other computers on this home network, Bug has been filed to here - https://bugs.gentoo.org/show_bug.cgi?id=558454 Ok, thats a bugger. Grrr (now) I have added your USE (above) to package.use, recompiled, nothing changed, still bombed at Stream 6 then tried without changing anything, your USE=active...threads emerge snort and it happily compiled, and installed :( now I don't know why... I submitted the bug report (previous Email request) then typed this Email as I was trying what you requested, and now G... That is strange. All I can say is upgrade portage try again to see if it picks up the use flags correctly. And don't do a world update until you sort it out cause if it's not picking your use flags it may make it worst. I added the USE flags to package.use, upgraded portage, then tried emerge snort, nothing, then tried it your way USE=. emerge snort, and it worked, sorry I didn't add previous Email that I updated portage By any change you do have USE=-* ... on your make.conf? If so you must have made a typo or something wrong when you added the flags to package.use -- Fernando Rodriguez
Re: [gentoo-user] Snort compiling problems
On 08/23/2015 05:02 PM, Fernando Rodriguez wrote: On Sunday, August 23, 2015 4:35:12 PM Rod wrote: On 08/23/2015 03:59 PM, Fernando Rodriguez wrote: On Sunday, August 23, 2015 3:26:24 PM Rod wrote: On 08/23/2015 08:59 AM, Fernando Rodriguez wrote: On Sunday, August 23, 2015 8:27:17 AM Rod wrote: Snipped out the previous, takes a while to scroll... On 08/23/2015 07:40 AM, Fernando Rodriguez wrote: Post the output of: emerge -vap snort and then: USE=normalizer emerge -vap snort The only way NormFlags is left out (as far as I can see) is if you disable that flag (which is enabled by default). # emerge -pqv '=net-analyzer/snort-2.9.7.5::gentoo' [ebuild U ] net-analyzer/snort-2.9.7.5 [2.9.1] USE=threads -active-response -control-socket% -debug -file-inspect% -flexresp3 -gre -high-availability% -inline-init-failopen -large-pcap-64bit -linux-smp-stats -mpls -non-ether-decoders% -normalizer -perfprofiling -ppm -react -reload-error-restart (-selinux*) -shared-rep% -side-channel% -sourcefire% -static -targetbased (-aruba%) (-decoder-preprocessor-rules%) (-dynamicplugin%*) (-mysql%*) (-odbc%*) (-paf%) (-postgres%*) (-zlib%*) Ahhh, ok, I see it, -normalizer Maybe on newer install systems its enabled by default, but I have been running this system with Snort on it for 10 years or so... and I don't think normalizer would be that old in theUSE flags, opening `ufed` it doesn't show it as included or enabled, I have enabled it. # USE=normalizer emerge -vap snort [ebuild U ~] net-analyzer/snort-2.9.7.5::gentoo [2.9.1::gentoo] USE=normalizer* threads -active-response -control-socket% -debug -file-inspect% -flexresp3 -gre -high-availability% -inline-init-failopen -large-pcap-64bit -linux-smp-stats -mpls -non-ether-decoders% -perfprofiling -ppm -react -reload-error-restart (-selinux*) -shared-rep% -side-channel% -sourcefire% -static -targetbased (-aruba%) (-decoder-preprocessor-rules%) (-dynamicplugin%*) (-mysql%*) (-odbc%*) (-paf%) (-postgres%*) (-zlib%*) 0 KiB No luck I'm afraid grep your package.* in /etc/portage for snort entries. I didn't investigate which one is breaking this time but it must be something you got there somewhere. I just built it with the default use flags and it works. If it was profile changes you would've got them when you sync'd. And don't forget to file a bug. net-analyzer/snort ~amd64 # required by net-analyzer/snort-2.9.6.1 # required by @selected # required by @world (argument) =net-libs/daq-2.0.2 ~amd64 When was the last time you sync'd? And did a world update? Your portage is two versions behind mine... This *should* work: USE=active-response flexresp3 gre mpls non-ether-decoders normalizer perfprofiling ppm react targetbased threads emerge snort Hopefully somebody else can help figure out why those use flags are disabled, they're enabled in my ebuild. For now add those flags to your package.use. emerge sync is every night (once every 24Hrs) and the portage directory is NFS shared to all other computers on this home network, Bug has been filed to here - https://bugs.gentoo.org/show_bug.cgi?id=558454 Ok, thats a bugger. Grrr (now) I have added your USE (above) to package.use, recompiled, nothing changed, still bombed at Stream 6 then tried without changing anything, your USE=active...threads emerge snort and it happily compiled, and installed :( now I don't know why... I submitted the bug report (previous Email request) then typed this Email as I was trying what you requested, and now G... That is strange. All I can say is upgrade portage try again to see if it picks up the use flags correctly. And don't do a world update until you sort it out cause if it's not picking your use flags it may make it worst. I added the USE flags to package.use, upgraded portage, then tried emerge snort, nothing, then tried it your way USE=. emerge snort, and it worked, sorry I didn't add previous Email that I updated portage -- --- Regards, Rod Smart 0417 513 286
Re: [gentoo-user] Snort compiling problems
On Saturday, August 22, 2015 5:34:24 PM Rod wrote: Hi List, I am having problems compiling Snort :( I have tried emerge snort Also tried compiling in the comandline I have tried all my installed gcc profiles... # gcc-config -l [1] x86_64-pc-linux-gnu-4.5.4 [2] x86_64-pc-linux-gnu-4.6.4 [3] x86_64-pc-linux-gnu-4.7.3 [4] x86_64-pc-linux-gnu-4.8.4 * All failed :( make[4]: Entering directory '/var/tmp/portage/net- analyzer/snort-2.9.7.5/work/snort-2.9.7.5/src/preprocessors/Stream6' x86_64-pc-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../../.. -I../../.. -I../../../src -I../../../src/sfutil -I/usr/include/pcap -I../../../src/output-plugins -I../../../src/detection-plugins -I../../../src/dynamic-plugins -I../../../src/preprocessors -I../../../src/preprocessors/portscan -I../../../src/preprocessors/HttpInspect/include -I../../../src/preprocessors/Session -I../../../src/preprocessors/Stream6 -I../../../src/target-based -I../../../src/control -I../../../src/file-process -I../../../src/file-process/libs -I../../../src/side-channel -I../../../src/side-channel/plugins -DLZMA -DNDEBUG -DNOCOREFILE -DSF_WCHAR -DSNORT_RELOAD -DRELOAD_ERROR_FATAL -DNO_NON_ETHER_DECODER -O2 -march=core2 -mtune=core2 -pipe -DSF_VISIBILITY -fvisibility=hidden -fno-strict-aliasing -Wall -c -o snort_stream_tcp.o snort_stream_tcp.c snort_stream_tcp.c:466:89: error: unknown type name 'NormFlags' static inline int Stream_NormGetMode(uint16_t reassembly_policy, const SnortConfig* sc, NormFlags nf) ^ snort_stream_tcp.c: In function 'AddStreamNode': snort_stream_tcp.c:6160:9: warning: implicit declaration of function 'NormalTrimPayloadIfWin' [-Wimplicit-function-declaration] NormalTrimPayloadIfWin(p, 0, tdb); ^ snort_stream_tcp.c: In function 'ProcessTcpData': snort_stream_tcp.c:7275:9: warning: implicit declaration of function 'NormalTrimPayloadIfSyn' [-Wimplicit-function-declaration] NormalTrimPayloadIfSyn(p, 0, tdb); ^ snort_stream_tcp.c: In function 'ProcessTcp': snort_stream_tcp.c:8381:17: warning: implicit declaration of function 'NormalTrimPayloadIfRst' [-Wimplicit-function-declaration] NormalTrimPayloadIfRst(p, 0, tdb); ^ snort_stream_tcp.c: At top level: snort_stream_tcp.c:555:19: warning: 'CheckFlushPolicyOnData' used but never defined [enabled by default] static inline int CheckFlushPolicyOnData( ^ snort_stream_tcp.c:1184:29: warning: 'StreamTCPCreateSession' defined but not used [-Wunused-function] static SessionControlBlock *StreamTCPCreateSession( const SessionKey *key ) ^ snort_stream_tcp.c:1192:13: warning: 'StreamTCPDeactivateSession' defined but not used [-Wunused-function] static void StreamTCPDeactivateSession( SessionControlBlock *scb ) ^ snort_stream_tcp.c:1206:12: warning: 'StreamTCPDeleteSession' defined but not used [-Wunused-function] static int StreamTCPDeleteSession( const SessionKey *key ) ^ Makefile:389: recipe for target 'snort_stream_tcp.o' failed make[4]: *** [snort_stream_tcp.o] Error 1 make[4]: Leaving directory '/var/tmp/portage/net- analyzer/snort-2.9.7.5/work/snort-2.9.7.5/src/preprocessors/Stream6' Makefile:471: recipe for target 'all-recursive' failed make[3]: *** [all-recursive] Error 1 make[3]: Leaving directory '/var/tmp/portage/net- analyzer/snort-2.9.7.5/work/snort-2.9.7.5/src/preprocessors' Makefile:552: recipe for target 'all-recursive' failed make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory '/var/tmp/portage/net-analyzer/snort-2.9.7.5/work/snort-2.9.7.5/src' Makefile:517: recipe for target 'all-recursive' failed make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory '/var/tmp/portage/net-analyzer/snort-2.9.7.5/work/snort-2.9.7.5' Makefile:383: recipe for target 'all' failed make: *** [all] Error 2 Portage 2.2.18 (python 2.7.9-final-0, default/linux/amd64/13.0/desktop, gcc-4.8.4, glibc-2.20-r2, 3.18.7-gentoo x86_64) = System Settings = System uname: Linux-3.18.7-gentoo-x86_64-Intel-R-_Core-TM-_i5-4570_CPU_@_3.20GHz-with- gentoo-2.2 KiB Mem:15316468 total,543168 free KiB Swap: 33554428 total, 32086124 free Timestamp of repository gentoo: Fri, 21 Aug 2015 18:30:01 + sh bash 4.2_p45 ld GNU ld (Gentoo 2.24 p1.4) 2.24 distcc 3.1 x86_64-pc-linux-gnu [disabled] app-shells/bash: 4.2_p45::gentoo dev-java/java-config: 2.2.0::gentoo dev-lang/perl:5.18.2-r2::gentoo dev-lang/python: 2.7.9-r1::gentoo, 3.1.5::gentoo, 3.2.5-r6::gentoo, 3.4.1::gentoo dev-util/cmake: 2.8.12.2-r1::gentoo dev-util/pkgconfig: 0.28-r1::gentoo
Re: [gentoo-user] Snort compiling problems
On Sat, Aug 22, 2015 at 10:34 AM, Rod r...@rods.id.au wrote: Hi List, I am having problems compiling Snort :( I have tried emerge snort Also tried compiling in the comandline I have tried all my installed gcc profiles... # gcc-config -l [1] x86_64-pc-linux-gnu-4.5.4 [2] x86_64-pc-linux-gnu-4.6.4 [3] x86_64-pc-linux-gnu-4.7.3 [4] x86_64-pc-linux-gnu-4.8.4 * All failed :( make[4]: Entering directory '/var/tmp/portage/net-analyzer/snort-2.9.7.5/work/snort-2.9.7.5/src/preprocessors/Stream6' x86_64-pc-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../../.. -I../../.. -I../../../src -I../../../src/sfutil -I/usr/include/pcap -I../../../src/output-plugins -I../../../src/detection-plugins -I../../../src/dynamic-plugins -I../../../src/preprocessors -I../../../src/preprocessors/portscan -I../../../src/preprocessors/HttpInspect/include -I../../../src/preprocessors/Session -I../../../src/preprocessors/Stream6 -I../../../src/target-based -I../../../src/control -I../../../src/file-process -I../../../src/file-process/libs -I../../../src/side-channel -I../../../src/side-channel/plugins -DLZMA -DNDEBUG -DNOCOREFILE -DSF_WCHAR -DSNORT_RELOAD -DRELOAD_ERROR_FATAL -DNO_NON_ETHER_DECODER -O2 -march=core2 -mtune=core2 -pipe -DSF_VISIBILITY -fvisibility=hidden -fno-strict-aliasing -Wall -c -o snort_stream_tcp.o snort_stream_tcp.c snort_stream_tcp.c:466:89: error: unknown type name 'NormFlags' static inline int Stream_NormGetMode(uint16_t reassembly_policy, const SnortConfig* sc, NormFlags nf) ^ snort_stream_tcp.c: In function 'AddStreamNode': snort_stream_tcp.c:6160:9: warning: implicit declaration of function 'NormalTrimPayloadIfWin' [-Wimplicit-function-declaration] NormalTrimPayloadIfWin(p, 0, tdb); ^ snort_stream_tcp.c: In function 'ProcessTcpData': snort_stream_tcp.c:7275:9: warning: implicit declaration of function 'NormalTrimPayloadIfSyn' [-Wimplicit-function-declaration] NormalTrimPayloadIfSyn(p, 0, tdb); ^ snort_stream_tcp.c: In function 'ProcessTcp': snort_stream_tcp.c:8381:17: warning: implicit declaration of function 'NormalTrimPayloadIfRst' [-Wimplicit-function-declaration] NormalTrimPayloadIfRst(p, 0, tdb); ^ snort_stream_tcp.c: At top level: snort_stream_tcp.c:555:19: warning: 'CheckFlushPolicyOnData' used but never defined [enabled by default] static inline int CheckFlushPolicyOnData( ^ snort_stream_tcp.c:1184:29: warning: 'StreamTCPCreateSession' defined but not used [-Wunused-function] static SessionControlBlock *StreamTCPCreateSession( const SessionKey *key ) ^ snort_stream_tcp.c:1192:13: warning: 'StreamTCPDeactivateSession' defined but not used [-Wunused-function] static void StreamTCPDeactivateSession( SessionControlBlock *scb ) ^ snort_stream_tcp.c:1206:12: warning: 'StreamTCPDeleteSession' defined but not used [-Wunused-function] static int StreamTCPDeleteSession( const SessionKey *key ) ^ Makefile:389: recipe for target 'snort_stream_tcp.o' failed make[4]: *** [snort_stream_tcp.o] Error 1 make[4]: Leaving directory '/var/tmp/portage/net-analyzer/snort-2.9.7.5/work/snort-2.9.7.5/src/preprocessors/Stream6' Makefile:471: recipe for target 'all-recursive' failed make[3]: *** [all-recursive] Error 1 make[3]: Leaving directory '/var/tmp/portage/net-analyzer/snort-2.9.7.5/work/snort-2.9.7.5/src/preprocessors' Makefile:552: recipe for target 'all-recursive' failed make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory '/var/tmp/portage/net-analyzer/snort-2.9.7.5/work/snort-2.9.7.5/src' Makefile:517: recipe for target 'all-recursive' failed make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory '/var/tmp/portage/net-analyzer/snort-2.9.7.5/work/snort-2.9.7.5' Makefile:383: recipe for target 'all' failed make: *** [all] Error 2 Portage 2.2.18 (python 2.7.9-final-0, default/linux/amd64/13.0/desktop, gcc-4.8.4, glibc-2.20-r2, 3.18.7-gentoo x86_64) = System Settings = System uname: Linux-3.18.7-gentoo-x86_64-Intel-R-_Core-TM-_i5-4570_CPU_@_3.20GHz-with-gentoo-2.2 KiB Mem:15316468 total,543168 free KiB Swap: 33554428 total, 32086124 free Timestamp of repository gentoo: Fri, 21 Aug 2015 18:30:01 + sh bash 4.2_p45 ld GNU ld (Gentoo 2.24 p1.4) 2.24 distcc 3.1 x86_64-pc-linux-gnu [disabled] app-shells/bash: 4.2_p45::gentoo dev-java/java-config: 2.2.0::gentoo dev-lang/perl:5.18.2-r2::gentoo dev-lang/python: 2.7.9-r1::gentoo, 3.1.5::gentoo, 3.2.5-r6::gentoo, 3.4.1::gentoo dev-util/cmake: 2.8.12.2-r1::gentoo dev-util/pkgconfig: 0.28-r1::gentoo sys-apps/baselayout: 2.2::gentoo sys-apps/openrc:
Re: [gentoo-user] Snort compiling problems
On 08/22/2015 06:33 PM, Fernando Rodriguez wrote: On Saturday, August 22, 2015 5:34:24 PM Rod wrote: Hi List, I am having problems compiling Snort :( I have tried emerge snort Also tried compiling in the comandline I have tried all my installed gcc profiles... # gcc-config -l [1] x86_64-pc-linux-gnu-4.5.4 [2] x86_64-pc-linux-gnu-4.6.4 [3] x86_64-pc-linux-gnu-4.7.3 [4] x86_64-pc-linux-gnu-4.8.4 * All failed :( make[4]: Entering directory '/var/tmp/portage/net- analyzer/snort-2.9.7.5/work/snort-2.9.7.5/src/preprocessors/Stream6' x86_64-pc-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../../.. -I../../.. -I../../../src -I../../../src/sfutil -I/usr/include/pcap -I../../../src/output-plugins -I../../../src/detection-plugins -I../../../src/dynamic-plugins -I../../../src/preprocessors -I../../../src/preprocessors/portscan -I../../../src/preprocessors/HttpInspect/include -I../../../src/preprocessors/Session -I../../../src/preprocessors/Stream6 -I../../../src/target-based -I../../../src/control -I../../../src/file-process -I../../../src/file-process/libs -I../../../src/side-channel -I../../../src/side-channel/plugins -DLZMA -DNDEBUG -DNOCOREFILE -DSF_WCHAR -DSNORT_RELOAD -DRELOAD_ERROR_FATAL -DNO_NON_ETHER_DECODER -O2 -march=core2 -mtune=core2 -pipe -DSF_VISIBILITY -fvisibility=hidden -fno-strict-aliasing -Wall -c -o snort_stream_tcp.o snort_stream_tcp.c snort_stream_tcp.c:466:89: error: unknown type name 'NormFlags' static inline int Stream_NormGetMode(uint16_t reassembly_policy, const SnortConfig* sc, NormFlags nf) ^ snort_stream_tcp.c: In function 'AddStreamNode': snort_stream_tcp.c:6160:9: warning: implicit declaration of function 'NormalTrimPayloadIfWin' [-Wimplicit-function-declaration] NormalTrimPayloadIfWin(p, 0, tdb); ^ snort_stream_tcp.c: In function 'ProcessTcpData': snort_stream_tcp.c:7275:9: warning: implicit declaration of function 'NormalTrimPayloadIfSyn' [-Wimplicit-function-declaration] NormalTrimPayloadIfSyn(p, 0, tdb); ^ snort_stream_tcp.c: In function 'ProcessTcp': snort_stream_tcp.c:8381:17: warning: implicit declaration of function 'NormalTrimPayloadIfRst' [-Wimplicit-function-declaration] NormalTrimPayloadIfRst(p, 0, tdb); ^ snort_stream_tcp.c: At top level: snort_stream_tcp.c:555:19: warning: 'CheckFlushPolicyOnData' used but never defined [enabled by default] static inline int CheckFlushPolicyOnData( ^ snort_stream_tcp.c:1184:29: warning: 'StreamTCPCreateSession' defined but not used [-Wunused-function] static SessionControlBlock *StreamTCPCreateSession( const SessionKey *key ) ^ snort_stream_tcp.c:1192:13: warning: 'StreamTCPDeactivateSession' defined but not used [-Wunused-function] static void StreamTCPDeactivateSession( SessionControlBlock *scb ) ^ snort_stream_tcp.c:1206:12: warning: 'StreamTCPDeleteSession' defined but not used [-Wunused-function] static int StreamTCPDeleteSession( const SessionKey *key ) ^ Makefile:389: recipe for target 'snort_stream_tcp.o' failed make[4]: *** [snort_stream_tcp.o] Error 1 make[4]: Leaving directory '/var/tmp/portage/net- analyzer/snort-2.9.7.5/work/snort-2.9.7.5/src/preprocessors/Stream6' Makefile:471: recipe for target 'all-recursive' failed make[3]: *** [all-recursive] Error 1 make[3]: Leaving directory '/var/tmp/portage/net- analyzer/snort-2.9.7.5/work/snort-2.9.7.5/src/preprocessors' Makefile:552: recipe for target 'all-recursive' failed make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory '/var/tmp/portage/net-analyzer/snort-2.9.7.5/work/snort-2.9.7.5/src' Makefile:517: recipe for target 'all-recursive' failed make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory '/var/tmp/portage/net-analyzer/snort-2.9.7.5/work/snort-2.9.7.5' Makefile:383: recipe for target 'all' failed make: *** [all] Error 2 Portage 2.2.18 (python 2.7.9-final-0, default/linux/amd64/13.0/desktop, gcc-4.8.4, glibc-2.20-r2, 3.18.7-gentoo x86_64) = System Settings = System uname: Linux-3.18.7-gentoo-x86_64-Intel-R-_Core-TM-_i5-4570_CPU_@_3.20GHz-with- gentoo-2.2 KiB Mem:15316468 total,543168 free KiB Swap: 33554428 total, 32086124 free Timestamp of repository gentoo: Fri, 21 Aug 2015 18:30:01 + sh bash 4.2_p45 ld GNU ld (Gentoo 2.24 p1.4) 2.24 distcc 3.1 x86_64-pc-linux-gnu [disabled] app-shells/bash: 4.2_p45::gentoo dev-java/java-config: 2.2.0::gentoo dev-lang/perl:5.18.2-r2::gentoo dev-lang/python: 2.7.9-r1::gentoo, 3.1.5::gentoo, 3.2.5-r6::gentoo, 3.4.1::gentoo dev-util/cmake: 2.8.12.2-r1::gentoo dev-util/pkgconfig: 0.28-r1::gentoo sys-apps/baselayout: 2.2::gentoo sys-apps/openrc:
Re: [gentoo-user] Snort compiling problems
On Saturday, August 22, 2015 11:04:42 PM Rod wrote: On 08/22/2015 06:33 PM, Fernando Rodriguez wrote: On Saturday, August 22, 2015 5:34:24 PM Rod wrote: Hi List, I am having problems compiling Snort :( I have tried emerge snort Also tried compiling in the comandline I have tried all my installed gcc profiles... # gcc-config -l [1] x86_64-pc-linux-gnu-4.5.4 [2] x86_64-pc-linux-gnu-4.6.4 [3] x86_64-pc-linux-gnu-4.7.3 [4] x86_64-pc-linux-gnu-4.8.4 * All failed :( make[4]: Entering directory '/var/tmp/portage/net- analyzer/snort-2.9.7.5/work/snort-2.9.7.5/src/preprocessors/Stream6' x86_64-pc-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../../.. -I../../.. -I../../../src -I../../../src/sfutil -I/usr/include/pcap -I../../../src/output-plugins -I../../../src/detection-plugins -I../../../src/dynamic-plugins -I../../../src/preprocessors -I../../../src/preprocessors/portscan -I../../../src/preprocessors/HttpInspect/include -I../../../src/preprocessors/Session -I../../../src/preprocessors/Stream6 -I../../../src/target-based -I../../../src/control -I../../../src/file-process -I../../../src/file-process/libs -I../../../src/side-channel -I../../../src/side-channel/plugins -DLZMA -DNDEBUG -DNOCOREFILE -DSF_WCHAR -DSNORT_RELOAD -DRELOAD_ERROR_FATAL -DNO_NON_ETHER_DECODER -O2 -march=core2 -mtune=core2 -pipe -DSF_VISIBILITY -fvisibility=hidden -fno-strict-aliasing -Wall -c -o snort_stream_tcp.o snort_stream_tcp.c snort_stream_tcp.c:466:89: error: unknown type name 'NormFlags' static inline int Stream_NormGetMode(uint16_t reassembly_policy, const SnortConfig* sc, NormFlags nf) ^ snort_stream_tcp.c: In function 'AddStreamNode': snort_stream_tcp.c:6160:9: warning: implicit declaration of function 'NormalTrimPayloadIfWin' [-Wimplicit-function-declaration] NormalTrimPayloadIfWin(p, 0, tdb); ^ snort_stream_tcp.c: In function 'ProcessTcpData': snort_stream_tcp.c:7275:9: warning: implicit declaration of function 'NormalTrimPayloadIfSyn' [-Wimplicit-function-declaration] NormalTrimPayloadIfSyn(p, 0, tdb); ^ snort_stream_tcp.c: In function 'ProcessTcp': snort_stream_tcp.c:8381:17: warning: implicit declaration of function 'NormalTrimPayloadIfRst' [-Wimplicit-function-declaration] NormalTrimPayloadIfRst(p, 0, tdb); ^ snort_stream_tcp.c: At top level: snort_stream_tcp.c:555:19: warning: 'CheckFlushPolicyOnData' used but never defined [enabled by default] static inline int CheckFlushPolicyOnData( ^ snort_stream_tcp.c:1184:29: warning: 'StreamTCPCreateSession' defined but not used [-Wunused-function] static SessionControlBlock *StreamTCPCreateSession( const SessionKey *key ) ^ snort_stream_tcp.c:1192:13: warning: 'StreamTCPDeactivateSession' defined but not used [-Wunused-function] static void StreamTCPDeactivateSession( SessionControlBlock *scb ) ^ snort_stream_tcp.c:1206:12: warning: 'StreamTCPDeleteSession' defined but not used [-Wunused-function] static int StreamTCPDeleteSession( const SessionKey *key ) ^ Makefile:389: recipe for target 'snort_stream_tcp.o' failed make[4]: *** [snort_stream_tcp.o] Error 1 make[4]: Leaving directory '/var/tmp/portage/net- analyzer/snort-2.9.7.5/work/snort-2.9.7.5/src/preprocessors/Stream6' Makefile:471: recipe for target 'all-recursive' failed make[3]: *** [all-recursive] Error 1 make[3]: Leaving directory '/var/tmp/portage/net- analyzer/snort-2.9.7.5/work/snort-2.9.7.5/src/preprocessors' Makefile:552: recipe for target 'all-recursive' failed make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory '/var/tmp/portage/net-analyzer/snort-2.9.7.5/work/snort-2.9.7.5/src' Makefile:517: recipe for target 'all-recursive' failed make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory '/var/tmp/portage/net-analyzer/snort-2.9.7.5/work/snort-2.9.7.5' Makefile:383: recipe for target 'all' failed make: *** [all] Error 2 Portage 2.2.18 (python 2.7.9-final-0, default/linux/amd64/13.0/desktop, gcc-4.8.4, glibc-2.20-r2, 3.18.7-gentoo x86_64) = System Settings = System uname: Linux-3.18.7-gentoo-x86_64-Intel-R-_Core-TM-_i5-4570_CPU_@_3.20GHz-with- gentoo-2.2 KiB Mem:15316468 total,543168 free KiB Swap: 33554428 total, 32086124 free Timestamp of repository gentoo: Fri, 21 Aug 2015 18:30:01 + sh bash 4.2_p45 ld GNU ld (Gentoo 2.24 p1.4) 2.24 distcc 3.1 x86_64-pc-linux-gnu [disabled] app-shells/bash: 4.2_p45::gentoo dev-java/java-config: 2.2.0::gentoo dev-lang/perl:
Re: [gentoo-user] Snort compiling problems
On Sunday, August 23, 2015 8:27:17 AM Rod wrote: Snipped out the previous, takes a while to scroll... On 08/23/2015 07:40 AM, Fernando Rodriguez wrote: Post the output of: emerge -vap snort and then: USE=normalizer emerge -vap snort The only way NormFlags is left out (as far as I can see) is if you disable that flag (which is enabled by default). # emerge -pqv '=net-analyzer/snort-2.9.7.5::gentoo' [ebuild U ] net-analyzer/snort-2.9.7.5 [2.9.1] USE=threads -active-response -control-socket% -debug -file-inspect% -flexresp3 -gre -high-availability% -inline-init-failopen -large-pcap-64bit -linux-smp-stats -mpls -non-ether-decoders% -normalizer -perfprofiling -ppm -react -reload-error-restart (-selinux*) -shared-rep% -side-channel% -sourcefire% -static -targetbased (-aruba%) (-decoder-preprocessor-rules%) (-dynamicplugin%*) (-mysql%*) (-odbc%*) (-paf%) (-postgres%*) (-zlib%*) Ahhh, ok, I see it, -normalizer Maybe on newer install systems its enabled by default, but I have been running this system with Snort on it for 10 years or so... and I don't think normalizer would be that old in theUSE flags, opening `ufed` it doesn't show it as included or enabled, I have enabled it. # USE=normalizer emerge -vap snort [ebuild U ~] net-analyzer/snort-2.9.7.5::gentoo [2.9.1::gentoo] USE=normalizer* threads -active-response -control-socket% -debug -file-inspect% -flexresp3 -gre -high-availability% -inline-init-failopen -large-pcap-64bit -linux-smp-stats -mpls -non-ether-decoders% -perfprofiling -ppm -react -reload-error-restart (-selinux*) -shared-rep% -side-channel% -sourcefire% -static -targetbased (-aruba%) (-decoder-preprocessor-rules%) (-dynamicplugin%*) (-mysql%*) (-odbc%*) (-paf%) (-postgres%*) (-zlib%*) 0 KiB No luck I'm afraid grep your package.* in /etc/portage for snort entries. I didn't investigate which one is breaking this time but it must be something you got there somewhere. I just built it with the default use flags and it works. If it was profile changes you would've got them when you sync'd. And don't forget to file a bug. -- Fernando Rodriguez
Re: [gentoo-user] Snort compiling problems
On 08/23/2015 08:59 AM, Fernando Rodriguez wrote: On Sunday, August 23, 2015 8:27:17 AM Rod wrote: Snipped out the previous, takes a while to scroll... On 08/23/2015 07:40 AM, Fernando Rodriguez wrote: Post the output of: emerge -vap snort and then: USE=normalizer emerge -vap snort The only way NormFlags is left out (as far as I can see) is if you disable that flag (which is enabled by default). # emerge -pqv '=net-analyzer/snort-2.9.7.5::gentoo' [ebuild U ] net-analyzer/snort-2.9.7.5 [2.9.1] USE=threads -active-response -control-socket% -debug -file-inspect% -flexresp3 -gre -high-availability% -inline-init-failopen -large-pcap-64bit -linux-smp-stats -mpls -non-ether-decoders% -normalizer -perfprofiling -ppm -react -reload-error-restart (-selinux*) -shared-rep% -side-channel% -sourcefire% -static -targetbased (-aruba%) (-decoder-preprocessor-rules%) (-dynamicplugin%*) (-mysql%*) (-odbc%*) (-paf%) (-postgres%*) (-zlib%*) Ahhh, ok, I see it, -normalizer Maybe on newer install systems its enabled by default, but I have been running this system with Snort on it for 10 years or so... and I don't think normalizer would be that old in theUSE flags, opening `ufed` it doesn't show it as included or enabled, I have enabled it. # USE=normalizer emerge -vap snort [ebuild U ~] net-analyzer/snort-2.9.7.5::gentoo [2.9.1::gentoo] USE=normalizer* threads -active-response -control-socket% -debug -file-inspect% -flexresp3 -gre -high-availability% -inline-init-failopen -large-pcap-64bit -linux-smp-stats -mpls -non-ether-decoders% -perfprofiling -ppm -react -reload-error-restart (-selinux*) -shared-rep% -side-channel% -sourcefire% -static -targetbased (-aruba%) (-decoder-preprocessor-rules%) (-dynamicplugin%*) (-mysql%*) (-odbc%*) (-paf%) (-postgres%*) (-zlib%*) 0 KiB No luck I'm afraid grep your package.* in /etc/portage for snort entries. I didn't investigate which one is breaking this time but it must be something you got there somewhere. I just built it with the default use flags and it works. If it was profile changes you would've got them when you sync'd. And don't forget to file a bug. net-analyzer/snort ~amd64 # required by net-analyzer/snort-2.9.6.1 # required by @selected # required by @world (argument) =net-libs/daq-2.0.2 ~amd64 -- --- Regards, Rod Smart 0417 513 286
Re: [gentoo-user] Snort compiling problems
On Sat, Aug 22, 2015 at 4:04 PM, Rod r...@rods.id.au wrote: On 08/22/2015 06:33 PM, Fernando Rodriguez wrote: On Saturday, August 22, 2015 5:34:24 PM Rod wrote: Hi List, I am having problems compiling Snort :( I have tried emerge snort Also tried compiling in the comandline I have tried all my installed gcc profiles... # gcc-config -l [1] x86_64-pc-linux-gnu-4.5.4 [2] x86_64-pc-linux-gnu-4.6.4 [3] x86_64-pc-linux-gnu-4.7.3 [4] x86_64-pc-linux-gnu-4.8.4 * All failed :( make[4]: Entering directory '/var/tmp/portage/net- analyzer/snort-2.9.7.5/work/snort-2.9.7.5/src/preprocessors/Stream6' x86_64-pc-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../../.. -I../../.. -I../../../src -I../../../src/sfutil -I/usr/include/pcap -I../../../src/output-plugins -I../../../src/detection-plugins -I../../../src/dynamic-plugins -I../../../src/preprocessors -I../../../src/preprocessors/portscan -I../../../src/preprocessors/HttpInspect/include -I../../../src/preprocessors/Session -I../../../src/preprocessors/Stream6 -I../../../src/target-based -I../../../src/control -I../../../src/file-process -I../../../src/file-process/libs -I../../../src/side-channel -I../../../src/side-channel/plugins -DLZMA -DNDEBUG -DNOCOREFILE -DSF_WCHAR -DSNORT_RELOAD -DRELOAD_ERROR_FATAL -DNO_NON_ETHER_DECODER -O2 -march=core2 -mtune=core2 -pipe -DSF_VISIBILITY -fvisibility=hidden -fno-strict-aliasing -Wall -c -o snort_stream_tcp.o snort_stream_tcp.c snort_stream_tcp.c:466:89: error: unknown type name 'NormFlags' static inline int Stream_NormGetMode(uint16_t reassembly_policy, const SnortConfig* sc, NormFlags nf) ^ snort_stream_tcp.c: In function 'AddStreamNode': snort_stream_tcp.c:6160:9: warning: implicit declaration of function 'NormalTrimPayloadIfWin' [-Wimplicit-function-declaration] NormalTrimPayloadIfWin(p, 0, tdb); ^ snort_stream_tcp.c: In function 'ProcessTcpData': snort_stream_tcp.c:7275:9: warning: implicit declaration of function 'NormalTrimPayloadIfSyn' [-Wimplicit-function-declaration] NormalTrimPayloadIfSyn(p, 0, tdb); ^ snort_stream_tcp.c: In function 'ProcessTcp': snort_stream_tcp.c:8381:17: warning: implicit declaration of function 'NormalTrimPayloadIfRst' [-Wimplicit-function-declaration] NormalTrimPayloadIfRst(p, 0, tdb); ^ snort_stream_tcp.c: At top level: snort_stream_tcp.c:555:19: warning: 'CheckFlushPolicyOnData' used but never defined [enabled by default] static inline int CheckFlushPolicyOnData( ^ snort_stream_tcp.c:1184:29: warning: 'StreamTCPCreateSession' defined but not used [-Wunused-function] static SessionControlBlock *StreamTCPCreateSession( const SessionKey *key ) ^ snort_stream_tcp.c:1192:13: warning: 'StreamTCPDeactivateSession' defined but not used [-Wunused-function] static void StreamTCPDeactivateSession( SessionControlBlock *scb ) ^ snort_stream_tcp.c:1206:12: warning: 'StreamTCPDeleteSession' defined but not used [-Wunused-function] static int StreamTCPDeleteSession( const SessionKey *key ) ^ Makefile:389: recipe for target 'snort_stream_tcp.o' failed make[4]: *** [snort_stream_tcp.o] Error 1 make[4]: Leaving directory '/var/tmp/portage/net- analyzer/snort-2.9.7.5/work/snort-2.9.7.5/src/preprocessors/Stream6' Makefile:471: recipe for target 'all-recursive' failed make[3]: *** [all-recursive] Error 1 make[3]: Leaving directory '/var/tmp/portage/net- analyzer/snort-2.9.7.5/work/snort-2.9.7.5/src/preprocessors' Makefile:552: recipe for target 'all-recursive' failed make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory '/var/tmp/portage/net-analyzer/snort-2.9.7.5/work/snort-2.9.7.5/src' Makefile:517: recipe for target 'all-recursive' failed make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory '/var/tmp/portage/net-analyzer/snort-2.9.7.5/work/snort-2.9.7.5' Makefile:383: recipe for target 'all' failed make: *** [all] Error 2 Portage 2.2.18 (python 2.7.9-final-0, default/linux/amd64/13.0/desktop, gcc-4.8.4, glibc-2.20-r2, 3.18.7-gentoo x86_64) = System Settings = System uname: Linux-3.18.7-gentoo-x86_64-Intel-R-_Core-TM-_i5-4570_CPU_@_3.20GHz-with- gentoo-2.2 KiB Mem:15316468 total,543168 free KiB Swap: 33554428 total, 32086124 free Timestamp of repository gentoo: Fri, 21 Aug 2015 18:30:01 + sh bash 4.2_p45 ld GNU ld (Gentoo 2.24 p1.4) 2.24 distcc 3.1 x86_64-pc-linux-gnu [disabled] app-shells/bash: 4.2_p45::gentoo dev-java/java-config: 2.2.0::gentoo dev-lang/perl:5.18.2-r2::gentoo dev-lang/python: 2.7.9-r1::gentoo, 3.1.5::gentoo, 3.2.5-r6::gentoo,
