To install Snort 2.9.0.5, you are now required to install the new DAQ or data-acquisition API dependency. To get it to be built and compiled you need to do the following:
Install necessary packages:
sudo aptget install g++ flex bison build-essential checkinstall libnet1-dev libpcre3-dev libnetfilter-queue-dev iptables-dev
Install libpcap 1.1.1
-
wget http://www.tcpdump.org/release/libpcap-1.1.1.tar.gz
-
tar -xzvf libpcap-1.1.1.tar.gz
-
cd libpcap-1.1.1
-
sudo ./configure
-
sudo make
-
sudo make install
-
sudo ldconfig
Install libdnet
-
wget http://libdnet.googlecode.com/files/libdnet-1.12.tgz
-
tar xvfz libdnet-1.12.tgz
-
cd libdnet-1.12/
-
sudo ./configure --enable-static --with-pic
-
sudo make
-
sudo make install
-
sudo ln -s /usr/local/lib/libdnet.1.0.1 /usr/lib/libdnet.1
-
sudo ldconfig
Install DAQ
-
http://www.snort.org/downloads/860
-
tar -xzvf 860
-
cd daq-0.5/
-
sudo ./configure --libdir=/usr/lib --includedir=/usr/include
-
sudo make
-
sudo make install
-
sudo ldconfig
If you had no compilation errors, you should see something like the following:
-
Build AFPacket DAQ module.. : yes
-
Build Dump DAQ module...... : yes
-
Build IPFW DAQ module...... : yes
-
Build IPQ DAQ module....... : yes
-
Build NFQ DAQ module....... : yes
-
Build PCAP DAQ module...... : yes
Comments
wrong command
Submitted by Ahmed (not verified) on
hi,
in the Step : "Install libpcap 1.1.1"
please correct the command number 6
"sudo make install instead" of "sudo install"
Good catch - thanks!
Submitted by admin on
Good catch - thanks!
Add new comment