无法安装barnyard2

问题描述 投票:0回答:1

我正在尝试使用 本指南 设置 Snort 通过 barnyard2 将日志发送到 mySQL 数据库,但安装时遇到问题。 (Ubuntu 22.04,AMD CPU)

我首先运行命令

./configure --with-mysql --with-mysql-libraries=/usr/lib/x86_64-linux-gnu
,没有出现任何错误。然后我运行了
make
,导致了下面的暴行。

任何人都可以指导我找到根本问题吗?看来问题似乎与语法相关,但我对如何解决此问题感到困惑。

make  all-recursive
make[1]: Entering directory '/home/faygo/Downloads/barnyard2-2-1.13'
Making all in src
make[2]: Entering directory '/home/faygo/Downloads/barnyard2-2-1.13/src'
Making all in sfutil
make[3]: Entering directory '/home/faygo/Downloads/barnyard2-2-1.13/src/sfutil'
gcc -DHAVE_CONFIG_H -I. -I../.. -I..  -I/usr/include//mysql -DENABLE_MYSQL  -g -O2 -Wall -c -o getopt_long.o getopt_long.c
gcc -DHAVE_CONFIG_H -I. -I../.. -I..  -I/usr/include//mysql -DENABLE_MYSQL  -g -O2 -Wall -c -o sfmemcap.o sfmemcap.c
gcc -DHAVE_CONFIG_H -I. -I../.. -I..  -I/usr/include//mysql -DENABLE_MYSQL  -g -O2 -Wall -c -o sfprimetable.o sfprimetable.c
gcc -DHAVE_CONFIG_H -I. -I../.. -I..  -I/usr/include//mysql -DENABLE_MYSQL  -g -O2 -Wall -c -o sfxhash.o sfxhash.c
gcc -DHAVE_CONFIG_H -I. -I../.. -I..  -I/usr/include//mysql -DENABLE_MYSQL  -g -O2 -Wall -c -o sf_ip.o sf_ip.c
gcc -DHAVE_CONFIG_H -I. -I../.. -I..  -I/usr/include//mysql -DENABLE_MYSQL  -g -O2 -Wall -c -o sf_iph.o sf_iph.c
gcc -DHAVE_CONFIG_H -I. -I../.. -I..  -I/usr/include//mysql -DENABLE_MYSQL  -g -O2 -Wall -c -o sf_ipvar.o sf_ipvar.c
gcc -DHAVE_CONFIG_H -I. -I../.. -I..  -I/usr/include//mysql -DENABLE_MYSQL  -g -O2 -Wall -c -o sf_textlog.o sf_textlog.c
gcc -DHAVE_CONFIG_H -I. -I../.. -I..  -I/usr/include//mysql -DENABLE_MYSQL  -g -O2 -Wall -c -o sf_vartable.o sf_vartable.c
rm -f libsfutil.a
ar cru libsfutil.a getopt_long.o sfmemcap.o sfprimetable.o sfxhash.o sf_ip.o sf_iph.o sf_ipvar.o sf_textlog.o sf_vartable.o
ar: `u' modifier ignored since `D' is the default (see `U')
ranlib libsfutil.a
make[3]: Leaving directory '/home/faygo/Downloads/barnyard2-2-1.13/src/sfutil'
Making all in output-plugins
make[3]: Entering directory '/home/faygo/Downloads/barnyard2-2-1.13/src/output-plugins'
gcc -DHAVE_CONFIG_H -I. -I../.. -I.. -I ../sfutil  -I/usr/include//mysql -DENABLE_MYSQL  -g -O2 -Wall -c -o spo_alert_arubaaction.o spo_alert_arubaaction.c
In file included from /usr/include/string.h:535,
                 from spo_alert_arubaaction.c:64:
In function ‘strncpy’,
    inlined from ‘ParseAlertArubaActionArgs’ at spo_alert_arubaaction.c:592:2:
/usr/include/x86_64-linux-gnu/bits/string_fortified.h:95:10: warning: ‘__builtin_strncpy’ specified bound depends on the length of the source argument [-Wstringop-truncation]
   95 |   return __builtin___strncpy_chk (__dest, __src, __len,
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   96 |                                   __glibc_objsize (__dest));
      |                                   ~~~~~~~~~~~~~~~~~~~~~~~~~
spo_alert_arubaaction.c: In function ‘ParseAlertArubaActionArgs’:
spo_alert_arubaaction.c:592:9: note: length computed here
  592 |         strncpy(data->secret, toks[2], strlen(toks[2]));
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /usr/include/string.h:535,
                 from spo_alert_arubaaction.c:64:
In function ‘strncpy’,
    inlined from ‘ParseAlertArubaActionArgs’ at spo_alert_arubaaction.c:621:3:
/usr/include/x86_64-linux-gnu/bits/string_fortified.h:95:10: warning: ‘__builtin_strncpy’ specified bound depends on the length of the source argument [-Wstringop-truncation]
   95 |   return __builtin___strncpy_chk (__dest, __src, __len,
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   96 |                                   __glibc_objsize (__dest));
      |                                   ~~~~~~~~~~~~~~~~~~~~~~~~~
spo_alert_arubaaction.c: In function ‘ParseAlertArubaActionArgs’:
spo_alert_arubaaction.c:621:17: note: length computed here
  621 |                 strncpy(data->role_name, action_toks[1],
      |                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  622 |                                 strlen(action_toks[1]));
      |                                 ~~~~~~~~~~~~~~~~~~~~~~~
gcc -DHAVE_CONFIG_H -I. -I../.. -I.. -I ../sfutil  -I/usr/include//mysql -DENABLE_MYSQL  -g -O2 -Wall -c -o spo_alert_bro.o spo_alert_bro.c
gcc -DHAVE_CONFIG_H -I. -I../.. -I.. -I ../sfutil  -I/usr/include//mysql -DENABLE_MYSQL  -g -O2 -Wall -c -o spo_alert_cef.o spo_alert_cef.c
spo_alert_cef.c: In function ‘AlertCEF’:
spo_alert_cef.c:500:42: warning: variable ‘cn’ set but not used [-Wunused-but-set-variable]
  500 |         ClassType                       *cn;
      |                                          ^~
gcc -DHAVE_CONFIG_H -I. -I../.. -I.. -I ../sfutil  -I/usr/include//mysql -DENABLE_MYSQL  -g -O2 -Wall -c -o spo_alert_csv.o spo_alert_csv.c
gcc -DHAVE_CONFIG_H -I. -I../.. -I.. -I ../sfutil  -I/usr/include//mysql -DENABLE_MYSQL  -g -O2 -Wall -c -o spo_alert_fast.o spo_alert_fast.c
gcc -DHAVE_CONFIG_H -I. -I../.. -I.. -I ../sfutil  -I/usr/include//mysql -DENABLE_MYSQL  -g -O2 -Wall -c -o spo_alert_full.o spo_alert_full.c
gcc -DHAVE_CONFIG_H -I. -I../.. -I.. -I ../sfutil  -I/usr/include//mysql -DENABLE_MYSQL  -g -O2 -Wall -c -o spo_alert_fwsam.o spo_alert_fwsam.c
In file included from /usr/include/pcap/pcap.h:130,
                 from /usr/include/pcap.h:43,
                 from ../barnyard2.h:46,
                 from spo_alert_fwsam.c:91:
spo_alert_fwsam.c:118:13: error: two or more data types in declaration specifiers
  118 | typedef int SOCKET;
      |             ^~~~~~
spo_alert_fwsam.c:118:1: warning: useless type name in empty declaration
  118 | typedef int SOCKET;
      | ^~~~~~~
spo_alert_fwsam.c: In function ‘FWsamReadLine’:
spo_alert_fwsam.c:620:9: warning: this ‘if’ clause does not guard... [-Wmisleading-indentation]
  620 |         if(p>buf);
      |         ^~
spo_alert_fwsam.c:621:13: note: ...this statement, but the latter is misleadingly indented as if it were guarded by the ‘if’
  621 |             strcpy(buf,p);
      |             ^~~~~~
spo_alert_fwsam.c: In function ‘AlertFWsam’:
spo_alert_fwsam.c:979:18: warning: variable ‘cn’ set but not used [-Wunused-but-set-variable]
  979 |     ClassType   *cn = NULL;
      |                  ^~
spo_alert_fwsam.c:978:18: warning: variable ‘sn’ set but not used [-Wunused-but-set-variable]
  978 |     SigNode     *sn = NULL;
      |                  ^~
spo_alert_fwsam.c:971:27: warning: variable ‘lastbsp’ set but not used [-Wunused-but-set-variable]
  971 |     static unsigned short lastbsp[FWSAM_REPET_BLOCKS];
      |                           ^~~~~~~
make[3]: *** [Makefile:391: spo_alert_fwsam.o] Error 1
make[3]: Leaving directory '/home/faygo/Downloads/barnyard2-2-1.13/src/output-plugins'
make[2]: *** [Makefile:497: all-recursive] Error 1
make[2]: Leaving directory '/home/faygo/Downloads/barnyard2-2-1.13/src'
make[1]: *** [Makefile:416: all-recursive] Error 1
make[1]: Leaving directory '/home/faygo/Downloads/barnyard2-2-1.13'
make: *** [Makefile:348: all] Error 2
cmake compiler-errors configure snort
1个回答
0
投票

任何人都可以指导我找到根本问题吗?

根本问题是来自 barnyard2 的 libpcap 和 spo_alert_fwsam.c 都将 

SOCKET
定义为数据类型,并且这两个定义发生冲突(即使它们都将其定义为 
int
,因为 libpcap #defining 它)作为 
int
,因此,如果 spo_alert_fwsam.c 这样做

typedef int SOCKET;

包含 pcap/pcap.h 后,该语句变为

typedef int int;

这是不合法的 C.

参见 barnyard2 问题 #245

Libpcap 可能应该将 

PCAP_SOCKET
在 UN*X 上定义为 
int
,在 Windows 上定义为 
SOCKET
,并在其声明和代码中使用 
PCAP_SOCKET
而不是 
SOCKET
,这样它们就不会发生冲突。

(这会在 libpcap 中引入 API 损坏,但在 UN*Xes 上(在 Windows 上,当前使用 

SOCKET
的两个 libpcap API 将在包含定义 
SOCKET
的 Windows SDK 标头的代码中使用, libpcap 标头会将 
PCAP_SOCKET
定义为 
SOCKET
,这意味着使用 
SOCKET
变量来保存这些 API 的返回值的代码将在 Windows 上运行);在 UN*Xes 上,这些 API 在标头中声明,但 默认情况下,库中没有提供(您必须使用特殊的配置选项构建库才能获得远程捕获支持),它们很奇怪,很少有程序使用它们(tcpdump 和 Wireshark 都不是,它们是两个libpcap 最重要的用户都使用它们),因此损坏可能会给少数开发人员带来不便。)

但是解决这个问题并不能解决眼前的问题。将 barnyard2 pull request #254 的更改应用到 barnyard2 源应该可以解决该问题。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.