This uses snort 3.0.0-270 and libdaq 3.0.0-alpha4 which I'm told should work.
I'm working with folks at $WORK to get this building.
This supercedes D22114
Details
Details
- Reviewers
dvl - Commits
- rP530733: MFH: r530653
rP530653: security/snort3: UNBREAK
My current block is:
ld: error: undefined symbol: HostCacheAlloc<snort::HostApplication>::deallocate(snort::HostApplication*, unsigned long) >>> referenced by lua_detector_api.cc >>> src/network_inspectors/appid/CMakeFiles/appid.dir/lua_detector_api.cc.o:(std::__1::shared_ptr<snort::HostTracker>::shared_ptr<snort::HostTracker>(snort::HostTracker*, std::__1::enable_if<is_convertible<snort::HostTracker*, snort::HostTracker*>::value, std::__1::shared_ptr<snort::HostTracker>::__nat>::type)) ld: error: undefined symbol: HostCacheAlloc<std::__1::__list_node<snort::HostMac, void*> >::deallocate(std::__1::__list_node<snort::HostMac, void*>*, unsigned long) >>> referenced by lua_detector_api.cc >>> src/network_inspectors/appid/CMakeFiles/appid.dir/lua_detector_api.cc.o:(std::__1::shared_ptr<snort::HostTracker>::shared_ptr<snort::HostTracker>(snort::HostTracker*, std::__1::enable_if<is_convertible<snort::HostTracker*, snort::HostTracker*>::value, std::__1::shared_ptr<snort::HostTracker>::__nat>::type)) c++: error: linker command failed with exit code 1 (use -v to see invocation)
Diff Detail
Diff Detail
- Repository
- rP FreeBSD ports repository
- Lint
Lint Not Applicable - Unit
Tests Not Applicable
Event Timeline
Comment Actions
libdaq tested to work. Give me some times to run through my builder and testing it in a live scenario.
Comment Actions
If you have something which builds, please let me know. I've got folks at $WORK trying to help too.
Comment Actions
I have not tried that. My coworker was able to reproduce the issue in his VM, without poudriere. He was building from source, not via ports. This is promising.
Comment Actions
security/snort3: Update version 3.0.0-258=>3.0.0-270
- UNBREAK
- Change compiler for c++14-lang support
- Remove DEBUG and DOCS DESC to use the defaults
- Add CXXFLAGS+=-O1
BUILDISOK:
http://pdr.bofh.network/data/latest-per-pkg/snort3/3.0.0.270,1/
This needs merge-quarterly hence we should commit manually
Comment Actions
Is your coworker's one better than me ? Otherwise I will commit this with quarterly merge.
Comment Actions
His patches are to the vendor code and create new functions. Yours do not. I claim yours are better.
I am still playing with RUN_DEPENDS and LIB_DEPENDS based on internal discussions. I will know more within an hour.
How long before you are done for the day?
Comment Actions
I think we can remove RUN_DEPENDS and add it to LIB_DEPENDS, and add more to LIB_DEPENDS:
LIB_DEPENDS= libpcre.so:devel/pcre \
libdnet.so:net/libdnet \
libpcap.so:net/libpcap \
libluajit-5.1.so:lang/luajit \
libhwloc.so:devel/hwloc \
libuuid.so:misc/e2fsprogs-libuuid \
libdaq.so:net/libdaqre: Error: /usr/local/bin/snort is linked to /usr/local/lib/libdaq.so.3 from net/libdaq but it is not declared as a dependency
Warning: you need LIB_DEPENDS+=libdaq.so:net/libdaq
Comment Actions
FYI, just found out you can run both snort 2 and snort 3 on the same box by using --daq-dir to point to where the snort3 daq installs (/usr/local/lib/daq by default) and it won't pick up the system libs in /usr/local/lib like snort 2 and everything else in the world.
Comment Actions
Not sure. Working on some geeks which is already delayed.
Works without BUILD_DEPENDS too just adding into LIB_DEPENDS
Despite I want to keep the CONFLICTS and not use parallely. You never know in the future it might not be conflicting.
Comment Actions
- Remove RUN_DEPENDS and BUILD_DEPENDS and move libdaq to LIB_DEPENDS
- Add misc/e2fsprogs-libuuid as LIB_DEPENDS