Install sancp-1.6.2-candidate.C

Hello,

I've got a problem to install sancp-1.6.2-candidate.C because (prelude support)
The port version is actualy sancp-1.6.1

The problem depend on the Makefile
You can find the file below

[CMD=""]#make bsd[/CMD]

Here is the first error :
Code:
sonde-creusot# make bsd
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   `libprelude-config --
cflags` `@(echo " -c build_acl.cc -o build_acl.o
Syntax error: EOF in backquote substitution
*** Error code 2

Stop in /usr/local/etc/sancp.
*** Error code 1

Stop in /usr/local/etc/sancp.

I understand this character ` is a a problem
So I've changed the two first lines like this :

Code:
#PRELUDE-CFLAGS=libprelude-config --cflags  
#PRELUDE-SUPPORT=@(echo "#define ENABLE_PRELUDE_SUPPORT" >> platform.h)

This the next error I've got :
Code:
sonde-creusot# make bsd
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   libprelude-config --
cflags @(echo " -c build_acl.cc -o build_acl.o
Syntax error: "(" unexpected
*** Error code 2

Stop in /usr/local/etc/sancp.
*** Error code 1

Stop in /usr/local/etc/sancp.

After this I decide to write by my self :

#define ENABLE_PRELUDE_SUPPORT in the file plateform.h
And to remove this line in the Makefile

Code:
#PRELUDE-SUPPORT=`@(echo "#define ENABLE_PRELUDE_SUPPORT" >> platform.h)`

The new error is :

Code:
sonde-creusot# make bsd
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   libprelude-config --
cflags  -c build_acl.cc -o build_acl.o
g++: libprelude-config: No such file or directory
cc1plus: error: unrecognized command line option "-fcflags"
*** Error code 1

Stop in /usr/local/etc/sancp.
*** Error code 1

Stop in /usr/local/etc/sancp.

Now I've difficulty to see what's the problem !
Can you give me any idea in order to install this soft ?

Best Regards

Here is the original Makefile

Code:
## SANCP Makefile
##
## HOWTO use this Makefile 
## Type 'make linux', 'make bsd' or 'make solaris' 
##
## For PRELUDE-SUPPORT uncomment the next two lines (remove initial '#') 
PRELUDE-CFLAGS=`libprelude-config --cflags`  
PRELUDE-SUPPORT=`@(echo "#define ENABLE_PRELUDE_SUPPORT" >> platform.h)`


# ------------------------------------------------------------------- #
# --------- PLEASE CONTRIBUTE ANY CHANGES MADE TO THIS FILE --------- #
# ------------------------------------------------------------------- #

##
## LINUX and BSD CFLAGS
##

CFLAGS =  -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   $(PRELUDE-CFLAGS) 
$(PRELUDE-SUPPORT)

# w/ DEBUG SYMBOLS
#CFLAGS =  -g -O3 -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   $(PRELUDE-CFLAGS) 
$(PRELUDE-SUPPORT)

##
## LINUX  LFLAGS
##

LFLAGS = -lresolv -lnsl -lpcap -L/usr/lib/libpcap.so.0.6.2

##
## BSD BFLAGS
##

BFLAGS = -lpcap -L/usr/lib/libpcap.so

##
## SOLARIS CFLAGS and LFLAGS
##

SOLARISCFLAGS = -O3 -g -ggdb -Wall -fomit-frame-pointer -funroll-loops -DBYTE_ORDER=1234 -DBIG_ENDIAN=1234 -I./ -I/usr/local/include -
I/usr/include -L/usr/lib -L/usr/local/lib  $(PRELUDE-CFLAGS) $(PRELUDE-SUPPORT)
SOLARISLFLAGS = -lresolv -lnsl -lpcap -lsocket


##
## 
##

final : sancp.cc Makefile
	g++ -Wall $(CFLAGS) -c build_acl.cc -o build_acl.o
	g++ -Wall $(CFLAGS) -c misc_functs.cc -o misc_functs.o
	g++ -Wall $(CFLAGS) -c outputFileHandle.cc -o outputFileHandle.o
	g++ -Wall $(CFLAGS) -c apply_rule.cc -o apply_rule.o
	g++ -Wall $(CFLAGS) -c decode.cc -o decode.o
	g++ -Wall $(CFLAGS) -c fileHandle.cc -o fileHandle.o
	g++ -Wall $(CFLAGS) -c MemoryPool.cc -o MemoryPool.o
	g++ -Wall $(CFLAGS) -c pcapFileHandle.cc -o pcapFileHandle.o
	g++ -Wall $(CFLAGS) -c sancp.cc -o sancp.o
	gcc -Wall $(CFLAGS) -c pcap_functions.c -o pcap_functions.o
	g++ -Wall $(CFLAGS) -c permissions.cc -o permissions.o
	g++ -Wall $(CFLAGS) -c check_packet.cc -o check_packet.o
	g++ -Wall $(CFLAGS) -c statefull_logging.cc -o statefull_logging.o
	g++ -Wall $(CFLAGS) -c sancpsignals.cc -o sancpsignals.o
	g++ -Wall $(LFLAGS) $(CFLAGS) -o sancp sancp.o sancpsignals.o misc_functs.o check_packet.o statefull_logging.o build_acl.o apply_rule.o 
decode.o pcap_functions.o pcapFileHandle.o fileHandle.o MemoryPool.o permissions.o outputFileHandle.o

clean :
	@(echo "" > platform.h)
	@rm -f *.o sancp

bsd :
	@(echo "#define PLATFORM_BSD" >> platform.h)
	@make final
	g++ -Wall $(BFLAGS) $(CFLAGS) -o sancp sancp.o sancpsignals.o misc_functs.o check_packet.o statefull_logging.o build_acl.o apply_rule.o 
decode.o pcap_functions.o pcapFileHandle.o fileHandle.o MemoryPool.o permissions.o outputFileHandle.o

linux :
	@(echo "#define PLATFORM_LINUX" >> platform.h)
	@make final
	g++ -Wall $(LFLAGS) $(CFLAGS) -o sancp sancp.o sancpsignals.o misc_functs.o check_packet.o statefull_logging.o build_acl.o apply_rule.o 
decode.o pcap_functions.o pcapFileHandle.o fileHandle.o MemoryPool.o permissions.o outputFileHandle.o

solaris :
	@(echo "#define PLATFORM_SOLARIS" >> platform.h)
	g++ -Wall $(SOLARISCFLAGS) -c build_acl.cc -o build_acl.o
	g++ -Wall $(SOLARISCFLAGS) -c misc_functs.cc -o misc_functs.o
	g++ -Wall $(SOLARISCFLAGS) -c outputFileHandle.cc -o outputFileHandle.o
	g++ -Wall $(SOLARISCFLAGS) -c apply_rule.cc -o apply_rule.o
	g++ -Wall $(SOLARISCFLAGS) -c decode.cc -o decode.o
	g++ -Wall $(SOLARISCFLAGS) -c fileHandle.cc -o fileHandle.o
	g++ -Wall $(SOLARISCFLAGS) -c MemoryPool.cc -o MemoryPool.o
	g++ -Wall $(SOLARISCFLAGS) -c pcapFileHandle.cc -o pcapFileHandle.o
	g++ -Wall $(SOLARISCFLAGS) -c sancp.cc -o sancp.o
	gcc -Wall $(SOLARISCFLAGS) -c pcap_functions.c -o pcap_functions.o
	g++ -Wall $(SOLARISCFLAGS) -c permissions.cc -o permissions.o
	g++ -Wall $(SOLARISCFLAGS) -c check_packet.cc -o check_packet.o
	g++ -Wall $(SOLARISCFLAGS) -c statefull_logging.cc -o statefull_logging.o
	g++ -Wall $(SOLARISCFLAGS) -c sancpsignals.cc -o sancpsignals.o
	g++ -Wall $(SOLARISLFLAGS) $(SOLARISCFLAGS) -o sancp sancp.o sancpsignals.o misc_functs.o check_packet.o statefull_logging.o 
build_acl.o apply_rule.o decode.o pcap_functions.o pcapFileHandle.o fileHandle.o MemoryPool.o permissions.o outputFileHandle.o
 
On the original Makefile

those 2 lines are commented :
Code:
#PRELUDE-CFLAGS=`libprelude-config --cflags`  
#PRELUDE-SUPPORT=`@(echo "#define ENABLE_PRELUDE_SUPPORT" >> platform.h)`

In this case
with make bsd or gmake, the installation is OK

So the problem is on the PRELUDE options.

What do you think of this ?
 
FreebSD 8.0 and sancp-1.6.2-candidate.C

Sorry for the delays getting you a response, I am having to post direct to this forum rather than sort out the email delivery issues I am having with your domain.

As you have determined I do not know how to properly include the output from the command `libprelude-config --cflags` into a variable in the Makefile. Sorry you are having this issue, I try to included a script to build the correct Makefile with prelude support in the future.

For now you can try to manually applying the following two changes to the original Makefile.

1. Run the command libprelude-config [a] and include its output in the Makefile like so .

[a] libprelude-config --cflags

PRELUDE-CFLAGS="<include output from libprelude-config here>"

2. Also, make certain platform.h contains the following text:

#define ENABLE_PRELUDE_SUPPORT

3. Now try compiling with 'make bsd' again and let me know what happens.

Thanks,

-John Curry
 
the answer of [CMD="libprelude"]libprelude-config --cflags[/CMD] is
Code:
-I/usr/local/include
First question when you ask me to insert this answer here :
Code:
PRELUDE-CFLAGS=]-I/usr/local/include
, I find this is curious, it should not be ?
Code:
PRELUDE-CFLAGS=]-I/usr/local/include/libprelude

This is what I obtain when I try to compile with # # make bsd

Code:
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   -I/usr/local/include  -c build_acl.cc -o build_acl.o
In file included from sancp.h:53,
                 from build_acl.cc:2:
gvars.h:32: error: expected `}' before 'l'
gvars.h:34: error: expected initializer before 'lags_P'
gvars.h:39: error: expected declaration before '}' token
*** Error code 1

Stop in /usr/local/etc/sancp-1.6.2-candidate.C.
*** Error code 1

Stop in /usr/local/etc/sancp-1.6.2-candidate.C.

An other thins I found strange is here on the Makefile :

Code:
final : sancp.cc Makefile
        g++ -Wall $(CFLAGS) -c build_acl.cc -o build_acl.o
        g++ -Wall $(CFLAGS) -c misc_functs.cc -o misc_functs.o
        g++ -Wall $(CFLAGS) -c outputFileHandle.cc -o outputFileHandle.o
        g++ -Wall $(CFLAGS) -c apply_rule.cc -o apply_rule.o
        g++ -Wall $(CFLAGS) -c decode.cc -o decode.o
        g++ -Wall $(CFLAGS) -c fileHandle.cc -o fileHandle.o
        g++ -Wall $(CFLAGS) -c MemoryPool.cc -o MemoryPool.o
        g++ -Wall $(CFLAGS) -c pcapFileHandle.cc -o pcapFileHandle.o
        g++ -Wall $(CFLAGS) -c sancp.cc -o sancp.o
        gcc -Wall $(CFLAGS) -c pcap_functions.c -o pcap_functions.o
        g++ -Wall $(CFLAGS) -c permissions.cc -o permissions.o
        g++ -Wall $(CFLAGS) -c check_packet.cc -o check_packet.o
        g++ -Wall $(CFLAGS) -c statefull_logging.cc -o statefull_logging.o
        g++ -Wall $(CFLAGS) -c sancpsignals.cc -o sancpsignals.o
[B][color="Red"]        g++ -Wall $(LFLAGS) $(CFLAGS) -o sancp sancp.o sancpsignals.o misc_functs.o check_packet.o statefull
_logging.o build_acl.o apply_rule.o decode.o pcap_functions.o pcapFileHandle.o fileHandle.o MemoryPool.o per
missions.o outputFileHandle.o[/color][/B]

And here
Code:
bsd :
        @(echo "#define PLATFORM_BSD" >> platform.h)
        @make final
        [color="Red"][B]g++ -Wall $(BFLAGS) $(CFLAGS) -o sancp sancp.o sancpsignals.o misc_functs.o check_packet.o statefull
_logging.o build_acl.o apply_rule.o decode.o pcap_functions.o pcapFileHandle.o fileHandle.o MemoryPool.o per
missions.o outputFileHandle.o[/B][/color]

So I ve made different try according on the two points I spoke over

Thanks
 
Install sancp-1.6.2-candidate.C Reply to Thread

Try dropping the ']' character. Not sure where you picked that up.

so this:

Code:
PRELUDE-CFLAGS=]-I/usr/local/include/libprelude

should read as this:

Code:
PRELUDE-CFLAGS=-I/usr/local/include/libprelude

Thanks,
-John Curry
 
To answer your question, you should use whatever libprelude-config returns instead:

Code:
PRELUDE-CFLAGS=-I/usr/local/include/
 
Here is the errors :

Code:
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   -I/usr/local/include  -
c build_acl.cc -o build_acl.o
In file included from sancp.h:53,
                 from build_acl.cc:2:
gvars.h:32: error: expected `}' before 'l'
gvars.h:34: error: expected initializer before 'lags_P'
gvars.h:39: error: expected declaration before '}' token
*** Error code 1

Stop in /usr/local/etc/sancp-1.6.2-candidate.C.
*** Error code 1

Stop in /usr/local/etc/sancp-1.6.2-candidate.C.
 
There is a format problem in the prelude-related source in gvars.h

Lines 31 - 39 need to be joined into a single line without spaces. You can join these lines manually or you can try the patch I pasted below.

Save the code below to a file (i.e. patch.code ) and use with the 'patch' command as follows:

Code:
cd sancp-1.6.2-candidate.C/
patch < ~/patch.code
 
Install sancp-1.6.2-candidate.C - patch attached

I've attached the patch as a file to this post.
 

Attachments

  • sancp-1.6.2-candidate.C.prelude.20100623.patch.diff
    3.4 KB · Views: 323
I hope things are in the good way,

This is the new error :

Code:
sonde-creusot# make bsd
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   -I/usr/local/include  -c build_acl.cc -o build_acl.o
build_acl.cc: In function 'void build_config(int)':
build_acl.cc:482: warning: deprecated conversion from string constant to 'char*'
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   -I/usr/local/include  -c misc_functs.cc -o misc_functs.o
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   -I/usr/local/include  -c outputFileHandle.cc -o outputFileHandle.o
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   -I/usr/local/include  -c apply_rule.cc -o apply_rule.o
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   -I/usr/local/include  -c decode.cc -o decode.o
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   -I/usr/local/include  -c fileHandle.cc -o fileHandle.o
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   -I/usr/local/include  -c MemoryPool.cc -o MemoryPool.o
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   -I/usr/local/include  -c pcapFileHandle.cc -o pcapFileHandle.o
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   -I/usr/local/include  -c sancp.cc -o sancp.o
sancp.cc:51: error: too many initializers for 'char [101][27]'
sancp.cc: In function 'int main(int, char**)':
sancp.cc:197: warning: deprecated conversion from string constant to 'char*'
sancp.cc:198: warning: deprecated conversion from string constant to 'char*'
sancp.cc:199: warning: deprecated conversion from string constant to 'char*'
sancp.cc:200: warning: deprecated conversion from string constant to 'char*'
sancp.cc:201: warning: deprecated conversion from string constant to 'char*'
*** Error code 1

Stop in /usr/local/etc/sancp-1.6.2-candidate.C.
*** Error code 1

Stop in /usr/local/etc/sancp-1.6.2-candidate.C.
sonde-creusot#

Thanks
 
I've attached a second patch to resolve the error:

sancp.cc:51: error: too many initializers for 'char [101][27]'
 

Attachments

  • sancp-1.6.2-candidate.C.prelude.20100624.patch.diff
    484 bytes · Views: 211
Here is the new step :

Code:
sonde-creusot# make bsd
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   -I/usr/local/include  -c build_acl.cc -o build_acl.o
build_acl.cc: In function 'void build_config(int)':
build_acl.cc:482: warning: deprecated conversion from string constant to 'char*'
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   -I/usr/local/include  -c misc_functs.cc -o misc_functs.o
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   -I/usr/local/include  -c outputFileHandle.cc -o outputFileHandle.o
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   -I/usr/local/include  -c apply_rule.cc -o apply_rule.o
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   -I/usr/local/include  -c decode.cc -o decode.o
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   -I/usr/local/include  -c fileHandle.cc -o fileHandle.o
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   -I/usr/local/include  -c MemoryPool.cc -o MemoryPool.o
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   -I/usr/local/include  -c pcapFileHandle.cc -o pcapFileHandle.o
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   -I/usr/local/include  -c sancp.cc -o sancp.o
sancp.cc: In function 'int main(int, char**)':
sancp.cc:197: warning: deprecated conversion from string constant to 'char*'
sancp.cc:198: warning: deprecated conversion from string constant to 'char*'
sancp.cc:199: warning: deprecated conversion from string constant to 'char*'
sancp.cc:200: warning: deprecated conversion from string constant to 'char*'
sancp.cc:201: warning: deprecated conversion from string constant to 'char*'
gcc -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   -I/usr/local/include  -c pcap_functions.c -o pcap_functions.o
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   -I/usr/local/include  -c permissions.cc -o permissions.o
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   -I/usr/local/include  -c check_packet.cc -o check_packet.o
g++ -Wall -O3 -s -I/usr/include/pcap -I/usr/local/include/pcap  -I./ -L/usr/lib/libsocket.so  -g -L/opt/csw/lib -ggdb   -I/usr/local/include  -c statefull_logging.cc -o statefull_logging.o
statefull_logging.cc: In function 'void erase_idle(int)':
statefull_logging.cc:140: error: a function-definition is not allowed here before '{' token
statefull_logging.cc:1455: error: expected `}' at end of input
statefull_logging.cc:112: warning: unused variable 'tmpptr'
statefull_logging.cc:113: warning: unused variable 'tmp'
statefull_logging.cc:1455: error: expected `}' at end of input
*** Error code 1

Stop in /usr/local/etc/sancp-1.6.2-candidate.C.
*** Error code 1

Stop in /usr/local/etc/sancp-1.6.2-candidate.C.
 
I've installed libprelude packages on both redhat and freebsd, however neither produce the libprelude-config binary.

Do you have any step-by-step instructions for downloading and installing libprelude on freebsd? If not I will try to work around this by sending you the code changes so you can test them.

Thanks,

-John
 
I've used the ports method here is the list of the pacakge installed :

Code:
apache-2.2.15_9     Version 2.2.x of Apache web server with prefork MPM.
apr-ipv6-devrandom-gdbm-db42-pgsql80-1.4.2.1.3.9_1 Apache Portability Library
autoconf-2.62       Automatically configure source code on many Un*x platforms 
autoconf-wrapper-20071109 Wrapper script for GNU autoconf
automake-1.9.6_3    GNU Standards-compliant Makefile generator (1.9)
automake-wrapper-20071109 Wrapper script for GNU automake
db42-4.2.52_5       The Berkeley DB package, revision 4.2
expat-2.0.1_1       XML 1.0 parser written in C
gdbm-1.8.3_3        The GNU database manager
gettext-0.18_1      GNU gettext package
gmake-3.81_4        GNU version of 'make' utility
gnutls-2.8.6_1      GNU Transport Layer Security library
help2man-1.38.2_1   Automatically generating simple manual pages from program o
libgcrypt-1.4.5     General purpose crypto library based on code used in GnuPG
libgpg-error-1.7_1  Common error values for all GnuPG components
libiconv-1.13.1_1   A character set conversion library
libprelude-0.9.24.1 Framework library for Prelude NIDS
libpreludedb-0.9.15.3 Framework library for access to Prelude NIDS database
libsigsegv-2.8      Handling page faults in user mode
libtool-2.2.6b      Generic shared library support script
libxml2-2.7.7       XML parser library for GNOME
m4-1.4.14_1,1       GNU m4
p5-gettext-1.05_3   Message handling functions
pcre-8.02           Perl Compatible Regular Expressions library
perl-5.8.9_3        Practical Extraction and Report Language
pkg-config-0.23_1   A utility to retrieve information about installed libraries
postgresql-client-8.0.25_1 PostgreSQL database (client)
postgresql-server-8.0.25_1 The most advanced open-source database available anywhere
prelude-lml-0.9.15  Prelude Network Intrusion Detection System Log Monitoring L
prelude-manager-0.9.14.2_4 Prelude Network Intrusion Detection System central logging 
py26-cheetah-2.4.2.1 HTML template engine for Python
py26-markdown-2.0.3 Text markup to HTML conversion engine for Python
py26-prewikka-0.9.17.1_1 Frontend for the Prelude IDS
py26-setuptools-0.6c11 Download, build, install, upgrade, and uninstall Python pac
python26-2.6.5      An interpreted object-oriented programming language
snort-2.8.5.3_1     Lightweight network intrusion detection system
xz-4.999.9_1        LZMA compression and decompression tools

Hope this can help you to understand the problem
 
I was able to install libprelude to identify remaining problems compiling on Redhat and Freebsd.

However, none of libprelude packages that I installed for redhat (via yum) or freebsd (via tar file from prelude website [version 4.11]) contain the libprelude-config command.

Moving right along...

I cleaned up the Makefile a little and made a /bin/sh script that attempts to detect /usr/include/libprelude or /usr/local/include/libprelude and then replaces the Makefile with one that includes the prelude directory.

So try this new patch(attached) on a clean distro.

Code:
  tar -zxf sancp-1.6.2-candidate.C.tar.gz
  cd sancp-1.6.2-candidate.C
  patch -p1 < ../sancp-1.6.2-candidate.C.prelude.patch.20100625.diff

If you want to use the script:

Code:
  chmod 755 prelude.setup
  ./prelude.setup

-John Curry
 
Here is the new error :

Code:
usr/local/etc/sancp-1.6.2-candidate.C/sancp.cc:94: undefined reference to `prelude_client_get_analyzer'
sancp.o(.text+0x243):/usr/local/etc/sancp-1.6.2-candidate.C/sancp.cc:98: undefined reference to `idmef_analyzer_new_model'
sancp.o(.text+0x267):/usr/local/etc/sancp-1.6.2-candidate.C/sancp.cc:101: undefined reference to `prelude_string_set_ref_fast'
sancp.o(.text+0x278):/usr/local/etc/sancp-1.6.2-candidate.C/sancp.cc:103: undefined reference to `idmef_analyzer_new_class'
sancp.o(.text+0x29c):/usr/local/etc/sancp-1.6.2-candidate.C/sancp.cc:106: undefined reference to `prelude_string_set_ref_fast'
sancp.o(.text+0x2ad):/usr/local/etc/sancp-1.6.2-candidate.C/sancp.cc:108: undefined reference to `idmef_analyzer_new_manufacturer'
sancp.o(.text+0x2d5):/usr/local/etc/sancp-1.6.2-candidate.C/sancp.cc:111: undefined reference to `prelude_string_set_ref_fast'
sancp.o(.text+0x2e6):/usr/local/etc/sancp-1.6.2-candidate.C/sancp.cc:113: undefined reference to `idmef_analyzer_new_version'
sancp.o(.text+0x30e):/usr/local/etc/sancp-1.6.2-candidate.C/sancp.cc:116: undefined reference to `prelude_string_set_ref_fast'
sancp.o(.text+0x6bb): In function `main':
/usr/local/etc/sancp-1.6.2-candidate.C/sancp.cc:276: undefined reference to `prelude_log_set_flags'
sancp.o(.text+0x6c7):/usr/local/etc/sancp-1.6.2-candidate.C/sancp.cc:283: undefined reference to `prelude_init'
sancp.o(.text+0x84d):/usr/local/etc/sancp-1.6.2-candidate.C/sancp.cc:387: undefined reference to `prelude_client_new'
sancp.o(.text+0x875):/usr/local/etc/sancp-1.6.2-candidate.C/sancp.cc:395: undefined reference to `prelude_client_start'
sancp.o(.text+0x892):/usr/local/etc/sancp-1.6.2-candidate.C/sancp.cc:402: undefined reference to `prelude_client_set_flags'
sancp.o(.text+0xcdc):/usr/local/etc/sancp-1.6.2-candidate.C/sancp.cc:397: undefined reference to `prelude_perror'
sancp.o(.text+0xcfd):/usr/local/etc/sancp-1.6.2-candidate.C/sancp.cc:285: undefined reference to `prelude_perror'
sancp.o(.text+0xd1e):/usr/local/etc/sancp-1.6.2-candidate.C/sancp.cc:389: undefined reference to `prelude_perror'
statefull_logging.o(.text+0x11a3): In function `add_idmef_object':
/usr/local/etc/sancp-1.6.2-candidate.C/statefull_logging.cc:231: undefined reference to `idmef_path_new'
statefull_logging.o(.text+0x11bd):/usr/local/etc/sancp-1.6.2-candidate.C/statefull_logging.cc:235: undefined reference to `idmef_value_new_from_path'
statefull_logging.o(.text+0x11d7):/usr/local/etc/sancp-1.6.2-candidate.C/statefull_logging.cc:241: undefined reference to `idmef_path_set'
statefull_logging.o(.text+0x11e4):/usr/local/etc/sancp-1.6.2-candidate.C/statefull_logging.cc:243: undefined reference to `idmef_value_destroy'
statefull_logging.o(.text+0x11ef):/usr/local/etc/sancp-1.6.2-candidate.C/statefull_logging.cc:244: undefined reference to `idmef_path_destroy'
statefull_logging.o(.text+0x15c6): In function `record_prelude(cnx*)':
/usr/local/etc/sancp-1.6.2-candidate.C/statefull_logging.cc:264: undefined reference to `idmef_message_new'
statefull_logging.o(.text+0x15e0):/usr/local/etc/sancp-1.6.2-candidate.C/statefull_logging.cc:265: undefined reference to `idmef_message_new_alert'
statefull_logging.o(.text+0x15fe):/usr/local/etc/sancp-1.6.2-candidate.C/statefull_logging.cc:272: undefined reference to `idmef_time_new_from_gettimeofday'
statefull_logging.o(.text+0x1618):/usr/local/etc/sancp-1.6.2-candidate.C/statefull_logging.cc:274: undefined reference to `idmef_alert_set_detect_time'
statefull_logging.o(.text+0x1627):/usr/local/etc/sancp-1.6.2-candidate.C/statefull_logging.cc:278: undefined reference to `idmef_time_new_from_gettimeofday'
statefull_logging.o(.text+0x1647):/usr/local/etc/sancp-1.6.2-candidate.C/statefull_logging.cc:279: undefined reference to `idmef_alert_set_create_time'
statefull_logging.o(.text+0x1654):/usr/local/etc/sancp-1.6.2-candidate.C/statefull_logging.cc:282: undefined reference to `prelude_client_get_analyzer'
statefull_logging.o(.text+0x165c):/usr/local/etc/sancp-1.6.2-candidate.C/statefull_logging.cc:282: undefined reference to `idmef_analyzer_ref'
statefull_logging.o(.text+0x1673):/usr/local/etc/sancp-1.6.2-candidate.C/statefull_logging.cc:282: undefined reference to `idmef_alert_set_analyzer'
statefull_logging.o(.text+0x17c4):/usr/local/etc/sancp-1.6.2-candidate.C/statefull_logging.cc:424: undefined reference to `idmef_message_destroy'
statefull_logging.o(.text+0x17e1):/usr/local/etc/sancp-1.6.2-candidate.C/statefull_logging.cc:269: undefined reference to `idmef_time_new_from_time'
statefull_logging.o(.text+0x17f7):/usr/local/etc/sancp-1.6.2-candidate.C/statefull_logging.cc:278: undefined reference to `idmef_message_destroy'
statefull_logging.o(.text+0x1b3a):/usr/local/etc/sancp-1.6.2-candidate.C/statefull_logging.cc:423: undefined reference to `prelude_client_send_idmef'
*** Error code 1
 
Everything looks good so far. However, these errors indicate that the compiler can't find the prelude libraries as defined by PRELUDE-CFLAGS= in the Makefile.

a. What is the path in the Makefile for PRELUDE-CFLAGS=
b. What is the path to libprelude (libprelude-config --cflags)

Manually set the Makefile PRELUDE-CFLAGS and try again.

i.e. PRELUDE-CFLAGS=-I<path>

-John
 
Back
Top