我试图设置Snort通过barnyard2使用this guide将日志发送到mySQL数据库,但我在安装时遇到了问题。(Ubuntu 22.04与AMD CPU)
我首先运行了./configure --with-mysql --with-mysql-libraries=/usr/lib/x86_64-linux-gnu
命令,没有出现任何错误,然后运行了make
,导致了下面的暴行。
有人能告诉我根本问题吗?似乎问题似乎与语法有关,但我对如何解决这个问题感到困惑。
make all-recursive
make[1]: Entering directory '/home/faygo/Downloads/barnyard2-2-1.13'
Making all in src
make[2]: Entering directory '/home/faygo/Downloads/barnyard2-2-1.13/src'
Making all in sfutil
make[3]: Entering directory '/home/faygo/Downloads/barnyard2-2-1.13/src/sfutil'
gcc -DHAVE_CONFIG_H -I. -I../.. -I.. -I/usr/include//mysql -DENABLE_MYSQL -g -O2 -Wall -c -o getopt_long.o getopt_long.c
gcc -DHAVE_CONFIG_H -I. -I../.. -I.. -I/usr/include//mysql -DENABLE_MYSQL -g -O2 -Wall -c -o sfmemcap.o sfmemcap.c
gcc -DHAVE_CONFIG_H -I. -I../.. -I.. -I/usr/include//mysql -DENABLE_MYSQL -g -O2 -Wall -c -o sfprimetable.o sfprimetable.c
gcc -DHAVE_CONFIG_H -I. -I../.. -I.. -I/usr/include//mysql -DENABLE_MYSQL -g -O2 -Wall -c -o sfxhash.o sfxhash.c
gcc -DHAVE_CONFIG_H -I. -I../.. -I.. -I/usr/include//mysql -DENABLE_MYSQL -g -O2 -Wall -c -o sf_ip.o sf_ip.c
gcc -DHAVE_CONFIG_H -I. -I../.. -I.. -I/usr/include//mysql -DENABLE_MYSQL -g -O2 -Wall -c -o sf_iph.o sf_iph.c
gcc -DHAVE_CONFIG_H -I. -I../.. -I.. -I/usr/include//mysql -DENABLE_MYSQL -g -O2 -Wall -c -o sf_ipvar.o sf_ipvar.c
gcc -DHAVE_CONFIG_H -I. -I../.. -I.. -I/usr/include//mysql -DENABLE_MYSQL -g -O2 -Wall -c -o sf_textlog.o sf_textlog.c
gcc -DHAVE_CONFIG_H -I. -I../.. -I.. -I/usr/include//mysql -DENABLE_MYSQL -g -O2 -Wall -c -o sf_vartable.o sf_vartable.c
rm -f libsfutil.a
ar cru libsfutil.a getopt_long.o sfmemcap.o sfprimetable.o sfxhash.o sf_ip.o sf_iph.o sf_ipvar.o sf_textlog.o sf_vartable.o
ar: `u' modifier ignored since `D' is the default (see `U')
ranlib libsfutil.a
make[3]: Leaving directory '/home/faygo/Downloads/barnyard2-2-1.13/src/sfutil'
Making all in output-plugins
make[3]: Entering directory '/home/faygo/Downloads/barnyard2-2-1.13/src/output-plugins'
gcc -DHAVE_CONFIG_H -I. -I../.. -I.. -I ../sfutil -I/usr/include//mysql -DENABLE_MYSQL -g -O2 -Wall -c -o spo_alert_arubaaction.o spo_alert_arubaaction.c
In file included from /usr/include/string.h:535,
from spo_alert_arubaaction.c:64:
In function ‘strncpy’,
inlined from ‘ParseAlertArubaActionArgs’ at spo_alert_arubaaction.c:592:2:
/usr/include/x86_64-linux-gnu/bits/string_fortified.h:95:10: warning: ‘__builtin_strncpy’ specified bound depends on the length of the source argument [-Wstringop-truncation]
95 | return __builtin___strncpy_chk (__dest, __src, __len,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
96 | __glibc_objsize (__dest));
| ~~~~~~~~~~~~~~~~~~~~~~~~~
spo_alert_arubaaction.c: In function ‘ParseAlertArubaActionArgs’:
spo_alert_arubaaction.c:592:9: note: length computed here
592 | strncpy(data->secret, toks[2], strlen(toks[2]));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /usr/include/string.h:535,
from spo_alert_arubaaction.c:64:
In function ‘strncpy’,
inlined from ‘ParseAlertArubaActionArgs’ at spo_alert_arubaaction.c:621:3:
/usr/include/x86_64-linux-gnu/bits/string_fortified.h:95:10: warning: ‘__builtin_strncpy’ specified bound depends on the length of the source argument [-Wstringop-truncation]
95 | return __builtin___strncpy_chk (__dest, __src, __len,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
96 | __glibc_objsize (__dest));
| ~~~~~~~~~~~~~~~~~~~~~~~~~
spo_alert_arubaaction.c: In function ‘ParseAlertArubaActionArgs’:
spo_alert_arubaaction.c:621:17: note: length computed here
621 | strncpy(data->role_name, action_toks[1],
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
622 | strlen(action_toks[1]));
| ~~~~~~~~~~~~~~~~~~~~~~~
gcc -DHAVE_CONFIG_H -I. -I../.. -I.. -I ../sfutil -I/usr/include//mysql -DENABLE_MYSQL -g -O2 -Wall -c -o spo_alert_bro.o spo_alert_bro.c
gcc -DHAVE_CONFIG_H -I. -I../.. -I.. -I ../sfutil -I/usr/include//mysql -DENABLE_MYSQL -g -O2 -Wall -c -o spo_alert_cef.o spo_alert_cef.c
spo_alert_cef.c: In function ‘AlertCEF’:
spo_alert_cef.c:500:42: warning: variable ‘cn’ set but not used [-Wunused-but-set-variable]
500 | ClassType *cn;
| ^~
gcc -DHAVE_CONFIG_H -I. -I../.. -I.. -I ../sfutil -I/usr/include//mysql -DENABLE_MYSQL -g -O2 -Wall -c -o spo_alert_csv.o spo_alert_csv.c
gcc -DHAVE_CONFIG_H -I. -I../.. -I.. -I ../sfutil -I/usr/include//mysql -DENABLE_MYSQL -g -O2 -Wall -c -o spo_alert_fast.o spo_alert_fast.c
gcc -DHAVE_CONFIG_H -I. -I../.. -I.. -I ../sfutil -I/usr/include//mysql -DENABLE_MYSQL -g -O2 -Wall -c -o spo_alert_full.o spo_alert_full.c
gcc -DHAVE_CONFIG_H -I. -I../.. -I.. -I ../sfutil -I/usr/include//mysql -DENABLE_MYSQL -g -O2 -Wall -c -o spo_alert_fwsam.o spo_alert_fwsam.c
In file included from /usr/include/pcap/pcap.h:130,
from /usr/include/pcap.h:43,
from ../barnyard2.h:46,
from spo_alert_fwsam.c:91:
spo_alert_fwsam.c:118:13: error: two or more data types in declaration specifiers
118 | typedef int SOCKET;
| ^~~~~~
spo_alert_fwsam.c:118:1: warning: useless type name in empty declaration
118 | typedef int SOCKET;
| ^~~~~~~
spo_alert_fwsam.c: In function ‘FWsamReadLine’:
spo_alert_fwsam.c:620:9: warning: this ‘if’ clause does not guard... [-Wmisleading-indentation]
620 | if(p>buf);
| ^~
spo_alert_fwsam.c:621:13: note: ...this statement, but the latter is misleadingly indented as if it were guarded by the ‘if’
621 | strcpy(buf,p);
| ^~~~~~
spo_alert_fwsam.c: In function ‘AlertFWsam’:
spo_alert_fwsam.c:979:18: warning: variable ‘cn’ set but not used [-Wunused-but-set-variable]
979 | ClassType *cn = NULL;
| ^~
spo_alert_fwsam.c:978:18: warning: variable ‘sn’ set but not used [-Wunused-but-set-variable]
978 | SigNode *sn = NULL;
| ^~
spo_alert_fwsam.c:971:27: warning: variable ‘lastbsp’ set but not used [-Wunused-but-set-variable]
971 | static unsigned short lastbsp[FWSAM_REPET_BLOCKS];
| ^~~~~~~
make[3]: *** [Makefile:391: spo_alert_fwsam.o] Error 1
make[3]: Leaving directory '/home/faygo/Downloads/barnyard2-2-1.13/src/output-plugins'
make[2]: *** [Makefile:497: all-recursive] Error 1
make[2]: Leaving directory '/home/faygo/Downloads/barnyard2-2-1.13/src'
make[1]: *** [Makefile:416: all-recursive] Error 1
make[1]: Leaving directory '/home/faygo/Downloads/barnyard2-2-1.13'
make: *** [Makefile:348: all] Error 2
字符串
1条答案
按热度按时间m1m5dgzv1#
有谁能引导我找到根本问题?
根本问题是barnyard 2中的libpcap和spo_alert_fwsam. c都将
SOCKET
定义为数据类型,并且这两个定义冲突(即使它们都将SOCKET
定义为int
,因为libpcap #将其定义为int
,因此,如果spo_alert_fwsam. c将其定义为int
,字符串
在包含pcap/pcap. h之后,该语句将变为
型
这是不法律的的C。
请参阅barnyard2 issue #245。
Libpcap应该在UNXes上将
PCAP_SOCKET
定义为int
,在Windows上定义为SOCKET
,并在声明和代码中使用PCAP_SOCKET
而不是SOCKET
,这样它们就不会冲突。(That会在libpcap中引入API中断,但 * 仅 * 在UNXes上(在Windows上,当前使用
SOCKET
的两个libpcap API将在包含定义SOCKET
的Windows SDK头文件的代码中使用,而libpcap头文件将PCAP_SOCKET
定义为SOCKET
,这意味着使用SOCKET
变量来保存这些API的返回值的代码将在Windows上工作);关于UN* X,这些API在头文件中声明,但默认情况下不在库中提供(您必须使用特殊的配置选项来构建库以获得远程捕获支持),* 而且 * 它们非常奇怪,很少有程序使用它们(libpcap的两个最重要的用户tcpdump和Wireshark都不使用它们),因此,如果有开发人员的话,这种破坏可能会给很少的开发人员带来不便。但是解决这个问题并不能解决当前的问题,将barnyard2 pull request #254的更改应用到barnyard 2源代码应该可以解决这个问题。