Will update. Thank you for making up for the OISF lag.
Take care. On Sat, Jan 16, 2016 at 8:24 AM, Luca Deri <[email protected]> wrote: > Hi Mark, > the problem you reported should have been fixed in the current PF_RING that > is in git: please update. > > We have sent to OISF people various patches some of which have been included > in their repository and others are pending since months (e.g. we have > implemented IPS mode over PF_RING, > https://github.com/inliniac/suricata/pull/1587). Unfortunately like you have > seen those guys are unresponsive sometime, so all we can do is on the PF_RING > side > > Regards Luca > >> On 15 Jan 2016, at 08:54, Mark Stingley <[email protected]> wrote: >> >> I posted this to the OISF list, but thought I would check here to see >> if anyone has solved this already. >> >> To me, the below looks like Suricata is looking for old style DNA and >> not the new PF_RING ZC way of doing things. >> >> Opinions? >> >> Thanks. >> >> --------------------------------- >> >> I just tried this on the latest git of pf_ring and Suricata 2.0.11, >> but had the same problem with Suricata 2.0.8 and pf_ring 6.0.3. Error >> output and configuration data below. >> >> Has anyone gotten Suricata to compile and work with pf_ring ZC? >> >> Please advise. >> >> Thanks. >> >> --------------------------------- >> >> gcc -DHAVE_CONFIG_H -I. -I.. -I./../libhtp/ >> -I/usr/local/pfring/include -I/usr/include/nspr -I/usr/include/nss >> -I/usr/include/nspr -I/usr/include/luajit-2.0 >> -DLOCAL_STATE_DIR=\"/var\" -g -O2 -Wextra >> -Werror-implicit-function-declaration -fno-tree-pre -Wall >> -Wno-unused-parameter -std=gnu99 -march=native -DHAVE_LIBNET11 >> -D_BSD_SOURCE -D__BSD_SOURCE -D__FAVOR_BSD -DHAVE_NET_ETHERNET_H >> -DHAVE_LIBNET_ICMPV6_UNREACH -DHAVE_PFRING -I/usr/local/include >> -DLIBPCAP_VERSION_MAJOR=1 -DHAVE_PCAP_SET_BUFF -DHAVE_LIBCAP_NG -MT >> runmode-erf-dag.o -MD -MP -MF .deps/runmode-erf-dag.Tpo -c -o >> runmode-erf-dag.o runmode-erf-dag.c >> In file included from source-pfring.h:31:0, >> from runmode-erf-dag.c:25: >> /usr/local/pfring/include/pfring.h:90:0: warning: "likely" redefined >> #define likely(x) __builtin_expect((x),1) >> ^ >> In file included from flow.h:31:0, >> from detect.h:29, >> from detect-engine-alert.h:29, >> from suricata-common.h:321, >> from runmode-erf-dag.c:18: >> util-optimize.h:32:0: note: this is the location of the previous definition >> #define likely(expr) __builtin_expect(!!(expr), 1) >> ^ >> In file included from source-pfring.h:31:0, >> from runmode-erf-dag.c:25: >> /usr/local/pfring/include/pfring.h:91:0: warning: "unlikely" redefined >> #define unlikely(x) __builtin_expect((x),0) >> ^ >> In file included from flow.h:31:0, >> from detect.h:29, >> from detect-engine-alert.h:29, >> from suricata-common.h:321, >> from runmode-erf-dag.c:18: >> util-optimize.h:35:0: note: this is the location of the previous definition >> #define unlikely(expr) __builtin_expect(!!(expr), 0) >> ^ >> In file included from source-pfring.h:31:0, >> from runmode-erf-dag.c:25: >> /usr/local/pfring/include/pfring.h:184:5: error: unknown type name >> ‘dna_device’ >> dna_device dna_dev; >> ^ >> /usr/local/pfring/include/pfring.h:185:5: error: unknown type name >> ‘dna_indexes’ >> dna_indexes *indexes_ptr; >> ^ >> /usr/local/pfring/include/pfring.h:188:5: error: unknown type name >> ‘dna_device_operation’ >> dna_device_operation last_dna_operation; >> ^ >> Makefile:1379: recipe for target 'runmode-erf-dag.o' failed >> make[3]: *** [runmode-erf-dag.o] Error 1 >> make[3]: Leaving directory '/usr/local/src/suricata-2.0.11/src' >> Makefile:925: recipe for target 'all' failed >> make[2]: *** [all] Error 2 >> make[2]: Leaving directory '/usr/local/src/suricata-2.0.11/src' >> Makefile:446: recipe for target 'all-recursive' failed >> make[1]: *** [all-recursive] Error 1 >> make[1]: Leaving directory '/usr/local/src/suricata-2.0.11' >> Makefile:375: recipe for target 'all' failed >> make: *** [all] Error 2 >> >> >> CONFIGURE OUTPUT--------------------------------------- >> suricata-2.0.11# LIBS="-lrt -lnuma" ./configure --prefix=/usr >> --sysconfdir=/etc --localstatedir=/var --enable-luajit --enable-pfring >> --with-libpfring-includes=/usr/local/pfring/include >> --with-libpfring-libraries=/usr/local/pfring/lib >> >> Suricata Configuration: >> AF_PACKET support: yes >> PF_RING support: yes >> NFQueue support: no >> NFLOG support: no >> IPFW support: no >> DAG enabled: no >> Napatech enabled: no >> Unix socket enabled: yes >> Detection enabled: yes >> >> libnss support: yes >> libnspr support: yes >> libjansson support: yes >> Prelude support: no >> PCRE jit: yes >> LUA support: yes >> libluajit: yes >> libgeoip: no >> Non-bundled htp: no >> Old barnyard2 support: no >> CUDA enabled: no >> >> Suricatasc install: yes >> >> Unit tests enabled: no >> Debug output enabled: no >> Debug validation enabled: no >> Profiling enabled: no >> Profiling locks enabled: no >> Coccinelle / spatch: yes >> >> Generic build parameters: >> Installation prefix (--prefix): /usr >> Configuration directory (--sysconfdir): /etc/suricata/ >> Log directory (--localstatedir) : /var/log/suricata/ >> >> Host: x86_64-unknown-linux-gnu >> GCC binary: gcc >> GCC Protect enabled: no >> GCC march native enabled: yes >> GCC Profile enabled: no >> _______________________________________________ >> Ntop-misc mailing list >> [email protected] >> http://listgateway.unipi.it/mailman/listinfo/ntop-misc > > _______________________________________________ > Ntop-misc mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop-misc _______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
