OS X: suricata: ./configure --enable-nfqueue-Fehler

1015
Drew

Ich versuche, Suricata mit Nfqueue auf Mac OS X Yosemite zu konfigurieren. Bei der Konfiguration konfigurieren Sie den Prozess, dass mehrere erforderliche Elemente vorhanden sind, diese jedoch nicht kompiliert werden können. Es bricht schließlich mit "error: pcre.h not found ..." ab.

Die vollständige Konfigurationsausgabe befindet sich unten:

sudo ./configure --enable-nfqueue checking for a BSD-compatible install... /usr/bin/install -c checking whether build environment is sane... yes checking for a thread-safe mkdir -p... ./install-sh -c -d checking for gawk... no checking for mawk... no checking for nawk... no checking for awk... awk checking whether make sets $(MAKE)... yes checking whether make supports nested variables... yes checking for style of include used by make... GNU checking for gcc... gcc checking whether the C compiler works... yes checking for C compiler default output file name... a.out checking for suffix of executables...  checking whether we are cross compiling... no checking for suffix of object files... o checking whether we are using the GNU C compiler... yes checking whether gcc accepts -g... yes checking for gcc option to accept ISO C89... none needed checking whether gcc understands -c and -o together... yes checking dependency style of gcc... gcc3 checking for gcc option to accept ISO C99... none needed checking build system type... x86_64-apple-darwin14.3.0 checking host system type... x86_64-apple-darwin14.3.0 checking how to print strings... printf checking for a sed that does not truncate output... /usr/bin/sed checking for grep that handles long lines and -e... /usr/bin/grep checking for egrep... /usr/bin/grep -E checking for fgrep... /usr/bin/grep -F checking for ld used by gcc... /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld checking if the linker (/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld) is GNU ld... no checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm checking the name lister (/usr/bin/nm) interface... BSD nm checking whether ln -s works... yes checking the maximum length of command line arguments... 196608 checking whether the shell understands some XSI constructs... yes checking whether the shell understands "+="... yes checking how to convert x86_64-apple-darwin14.3.0 file names to x86_64-apple-darwin14.3.0 format... func_convert_file_noop checking how to convert x86_64-apple-darwin14.3.0 file names to toolchain format... func_convert_file_noop checking for /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld option to reload object files... -r checking for objdump... no checking how to recognize dependent libraries... pass_all checking for dlltool... no checking how to associate runtime and link libraries... printf %s\n checking for ar... ar checking for archiver @FILE support... no checking for strip... strip checking for ranlib... ranlib checking command to parse /usr/bin/nm output from gcc object... ok checking for sysroot... no checking for mt... no checking if : is a manifest tool... no checking for dsymutil... dsymutil checking for nmedit... nmedit checking for lipo... lipo checking for otool... otool checking for otool64... no checking for -single_module linker flag... yes checking for -exported_symbols_list linker flag... yes checking for -force_load linker flag... yes checking how to run the C preprocessor... gcc -E checking for ANSI C header files... yes checking for sys/types.h... yes checking for sys/stat.h... yes checking for stdlib.h... yes checking for string.h... yes checking for memory.h... yes checking for strings.h... yes checking for inttypes.h... yes checking for stdint.h... yes checking for unistd.h... yes checking for dlfcn.h... yes checking for objdir... .libs checking if gcc supports -fno-rtti -fno-exceptions... yes checking for gcc option to produce PIC... -fno-common -DPIC checking if gcc PIC flag -fno-common -DPIC works... yes checking if gcc static flag -static works... no checking if gcc supports -c -o file.o... yes checking if gcc supports -c -o file.o... (cached) yes checking whether the gcc linker (/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld) supports shared libraries... yes checking dynamic linker characteristics... darwin14.3.0 dyld checking how to hardcode library paths into programs... immediate checking whether stripping libraries is possible... yes checking if libtool supports shared libraries... yes checking whether to build shared libraries... yes checking whether to build static libraries... yes checking for pkg-config... /usr/local/bin/pkg-config checking pkg-config is at least version 0.21... yes checking gcc version... 4.2.1 checking for gawk... (cached) awk checking for gcc... (cached) gcc checking whether we are using the GNU C compiler... (cached) yes checking whether gcc accepts -g... (cached) yes checking for gcc option to accept ISO C89... (cached) none needed checking whether gcc understands -c and -o together... (cached) yes checking dependency style of gcc... (cached) gcc3 checking how to run the C preprocessor... gcc -E checking whether ln -s works... yes checking whether make sets $(MAKE)... (cached) yes checking for pkg-config... /usr/local/bin/pkg-config checking for python... /usr/local/bin/python checking for wget... /usr/local/bin/wget checking arpa/inet.h usability... no checking arpa/inet.h presence... yes configure: WARNING: arpa/inet.h: present but cannot be compiled configure: WARNING: arpa/inet.h: check for missing prerequisite headers? configure: WARNING: arpa/inet.h: see the Autoconf documentation configure: WARNING: arpa/inet.h: section "Present But Cannot Be Compiled" configure: WARNING: arpa/inet.h: proceeding with the compiler's result checking for arpa/inet.h... no checking assert.h usability... no checking assert.h presence... yes configure: WARNING: assert.h: present but cannot be compiled configure: WARNING: assert.h: check for missing prerequisite headers? configure: WARNING: assert.h: see the Autoconf documentation configure: WARNING: assert.h: section "Present But Cannot Be Compiled" configure: WARNING: assert.h: proceeding with the compiler's result checking for assert.h... no checking ctype.h usability... no checking ctype.h presence... yes configure: WARNING: ctype.h: present but cannot be compiled configure: WARNING: ctype.h: check for missing prerequisite headers? configure: WARNING: ctype.h: see the Autoconf documentation configure: WARNING: ctype.h: section "Present But Cannot Be Compiled" configure: WARNING: ctype.h: proceeding with the compiler's result checking for ctype.h... no checking errno.h usability... no checking errno.h presence... yes configure: WARNING: errno.h: present but cannot be compiled configure: WARNING: errno.h: check for missing prerequisite headers? configure: WARNING: errno.h: see the Autoconf documentation configure: WARNING: errno.h: section "Present But Cannot Be Compiled" configure: WARNING: errno.h: proceeding with the compiler's result checking for errno.h... no checking fcntl.h usability... no checking fcntl.h presence... yes configure: WARNING: fcntl.h: present but cannot be compiled configure: WARNING: fcntl.h: check for missing prerequisite headers? configure: WARNING: fcntl.h: see the Autoconf documentation configure: WARNING: fcntl.h: section "Present But Cannot Be Compiled" configure: WARNING: fcntl.h: proceeding with the compiler's result checking for fcntl.h... no checking for inttypes.h... (cached) yes checking getopt.h usability... no checking getopt.h presence... yes configure: WARNING: getopt.h: present but cannot be compiled configure: WARNING: getopt.h: check for missing prerequisite headers? configure: WARNING: getopt.h: see the Autoconf documentation configure: WARNING: getopt.h: section "Present But Cannot Be Compiled" configure: WARNING: getopt.h: proceeding with the compiler's result checking for getopt.h... no checking limits.h usability... no checking limits.h presence... yes configure: WARNING: limits.h: present but cannot be compiled configure: WARNING: limits.h: check for missing prerequisite headers? configure: WARNING: limits.h: see the Autoconf documentation configure: WARNING: limits.h: section "Present But Cannot Be Compiled" configure: WARNING: limits.h: proceeding with the compiler's result checking for limits.h... no checking netdb.h usability... no checking netdb.h presence... yes configure: WARNING: netdb.h: present but cannot be compiled configure: WARNING: netdb.h: check for missing prerequisite headers? configure: WARNING: netdb.h: see the Autoconf documentation configure: WARNING: netdb.h: section "Present But Cannot Be Compiled" configure: WARNING: netdb.h: proceeding with the compiler's result checking for netdb.h... no checking netinet/in.h usability... no checking netinet/in.h presence... yes configure: WARNING: netinet/in.h: present but cannot be compiled configure: WARNING: netinet/in.h: check for missing prerequisite headers? configure: WARNING: netinet/in.h: see the Autoconf documentation configure: WARNING: netinet/in.h: section "Present But Cannot Be Compiled" configure: WARNING: netinet/in.h: proceeding with the compiler's result checking for netinet/in.h... no checking poll.h usability... no checking poll.h presence... yes configure: WARNING: poll.h: present but cannot be compiled configure: WARNING: poll.h: check for missing prerequisite headers? configure: WARNING: poll.h: see the Autoconf documentation configure: WARNING: poll.h: section "Present But Cannot Be Compiled" configure: WARNING: poll.h: proceeding with the compiler's result checking for poll.h... no checking sched.h usability... no checking sched.h presence... yes configure: WARNING: sched.h: present but cannot be compiled configure: WARNING: sched.h: check for missing prerequisite headers? configure: WARNING: sched.h: see the Autoconf documentation configure: WARNING: sched.h: section "Present But Cannot Be Compiled" configure: WARNING: sched.h: proceeding with the compiler's result checking for sched.h... no checking signal.h usability... no checking signal.h presence... yes configure: WARNING: signal.h: present but cannot be compiled configure: WARNING: signal.h: check for missing prerequisite headers? configure: WARNING: signal.h: see the Autoconf documentation configure: WARNING: signal.h: section "Present But Cannot Be Compiled" configure: WARNING: signal.h: proceeding with the compiler's result checking for signal.h... no checking stdarg.h usability... no checking stdarg.h presence... yes configure: WARNING: stdarg.h: present but cannot be compiled configure: WARNING: stdarg.h: check for missing prerequisite headers? configure: WARNING: stdarg.h: see the Autoconf documentation configure: WARNING: stdarg.h: section "Present But Cannot Be Compiled" configure: WARNING: stdarg.h: proceeding with the compiler's result checking for stdarg.h... no checking for stdint.h... (cached) yes checking stdio.h usability... no checking stdio.h presence... yes configure: WARNING: stdio.h: present but cannot be compiled configure: WARNING: stdio.h: check for missing prerequisite headers? configure: WARNING: stdio.h: see the Autoconf documentation configure: WARNING: stdio.h: section "Present But Cannot Be Compiled" configure: WARNING: stdio.h: proceeding with the compiler's result checking for stdio.h... no checking for stdlib.h... (cached) yes checking for string.h... (cached) yes checking sys/ioctl.h usability... no checking sys/ioctl.h presence... yes configure: WARNING: sys/ioctl.h: present but cannot be compiled configure: WARNING: sys/ioctl.h: check for missing prerequisite headers? configure: WARNING: sys/ioctl.h: see the Autoconf documentation configure: WARNING: sys/ioctl.h: section "Present But Cannot Be Compiled" configure: WARNING: sys/ioctl.h: proceeding with the compiler's result checking for sys/ioctl.h... no checking syslog.h usability... no checking syslog.h presence... yes configure: WARNING: syslog.h: present but cannot be compiled configure: WARNING: syslog.h: check for missing prerequisite headers? configure: WARNING: syslog.h: see the Autoconf documentation configure: WARNING: syslog.h: section "Present But Cannot Be Compiled" configure: WARNING: syslog.h: proceeding with the compiler's result checking for syslog.h... no checking sys/prctl.h usability... no checking sys/prctl.h presence... no checking for sys/prctl.h... no checking sys/socket.h usability... no -->  checking sys/socket.h presence... yes configure: WARNING: sys/socket.h: present but cannot be compiled configure: WARNING: sys/socket.h: check for missing prerequisite headers? configure: WARNING: sys/socket.h: see the Autoconf documentation configure: WARNING: sys/socket.h: section "Present But Cannot Be Compiled" configure: WARNING: sys/socket.h: proceeding with the compiler's result checking for sys/socket.h... no checking for sys/stat.h... (cached) yes checking sys/syscall.h usability... no checking sys/syscall.h presence... yes configure: WARNING: sys/syscall.h: present but cannot be compiled configure: WARNING: sys/syscall.h: check for missing prerequisite headers? configure: WARNING: sys/syscall.h: see the Autoconf documentation configure: WARNING: sys/syscall.h: section "Present But Cannot Be Compiled" configure: WARNING: sys/syscall.h: proceeding with the compiler's result checking for sys/syscall.h... no checking sys/time.h usability... no checking sys/time.h presence... yes configure: WARNING: sys/time.h: present but cannot be compiled configure: WARNING: sys/time.h: check for missing prerequisite headers? configure: WARNING: sys/time.h: see the Autoconf documentation configure: WARNING: sys/time.h: section "Present But Cannot Be Compiled" configure: WARNING: sys/time.h: proceeding with the compiler's result checking for sys/time.h... no checking time.h usability... no checking time.h presence... yes configure: WARNING: time.h: present but cannot be compiled configure: WARNING: time.h: check for missing prerequisite headers? configure: WARNING: time.h: see the Autoconf documentation configure: WARNING: time.h: section "Present But Cannot Be Compiled" configure: WARNING: time.h: proceeding with the compiler's result checking for time.h... no checking for unistd.h... (cached) yes checking for sys/ioctl.h... (cached) no checking linux/if_ether.h usability... no checking linux/if_ether.h presence... no checking for linux/if_ether.h... no checking linux/if_packet.h usability... no checking linux/if_packet.h presence... no checking for linux/if_packet.h... no checking linux/filter.h usability... no checking linux/filter.h presence... no checking for linux/filter.h... no checking linux/ethtool.h usability... no checking linux/ethtool.h presence... no checking for linux/ethtool.h... no checking linux/sockios.h usability... no checking linux/sockios.h presence... no checking for linux/sockios.h... no checking for sys/socket.h... (cached) no checking for net/if.h... no checking for sys/mman.h... no checking for linux/if_arp.h... no checking for windows.h... no checking for winsock2.h... no checking for ws2tcpip.h... no checking for w32api/wtypes.h... no checking for w32api/winbase.h... no checking for inline... no checking for pid_t... no checking for size_t... no checking for int32_t... no checking for uint16_t... no checking for uint32_t... no checking for uint64_t... no checking for uint8_t... no checking for stdbool.h that conforms to C99... no checking for _Bool... no checking for stdlib.h... (cached) yes checking for GNU libc compatible malloc... no checking for stdlib.h... (cached) yes checking for GNU libc compatible realloc... no checking for gettimeofday... no checking for memset... no checking for strcasecmp... no checking for strchr... no checking for strdup... no checking for strerror... no checking for strncasecmp... no checking for strtol... no checking for strtoul... no checking for memchr... no checking for memrchr... no checking for strlcpy... no checking for strlcat... no checking for special C compiler options needed for large files... no checking for _FILE_OFFSET_BITS value needed for large files... unknown checking for _LARGE_FILES value needed for large files... unknown checking host os... -n installation for x86_64-apple-darwin14.3.0 OS...  ok checking for thread local storage __thread support... no checking checking if gcc supports -march=native... no checking for spatch... no Warning! spatch not found, you will not be  able to run code checking with coccinelle  get it from http://coccinelle.lip6.fr  or install from your distribution  checking for Mpipe... no checking pcre.h usability... no checking pcre.h presence... yes configure: WARNING: pcre.h: present but cannot be compiled configure: WARNING: pcre.h: check for missing prerequisite headers? configure: WARNING: pcre.h: see the Autoconf documentation configure: WARNING: pcre.h: section "Present But Cannot Be Compiled" configure: WARNING: pcre.h: proceeding with the compiler's result checking for pcre.h... no configure: error: pcre.h not found ...

Ich habe PCre von Homebrew installiert .

Ich habe das probiert:

sudo CC=llvm-gcc ./configure --enable-nfqueue

und bekam:

... checking for json_dump_callback in -ljansson... yes checking for nfnl_fd in -lnfnetlink... no  ERROR! nfnetlink library not found, go get it from www.netfilter.org. we automatically append libnetfilter_queue/ when searching for headers etc. when the --with-libnfnetlink-inlcudes directive is used  checking libnetfilter_queue/libnetfilter_queue.h usability... no checking libnetfilter_queue/libnetfilter_queue.h presence... no checking for libnetfilter_queue/libnetfilter_queue.h... no configure: error: libnetfilter_queue/libnetfilter_queue.h not found ...

Was mache ich falsch?

0
Nun, ich habe keine Ahnung, was ich versuchen sollte. Was sind deine Vorschläge? Was könnte ein Problem sein? Ich habe PCre von Homebrew installiert. Drew vor 8 Jahren 0
Ich habe versucht, --disable-gccmarch-native zum Konfigurationsbefehl hinzuzufügen und trotzdem das gleiche zu erhalten. Drew vor 8 Jahren 0
1) Ist libnetfilter installiert? (ii nicht, installiere es zuerst) 2) Was berichtet `locate nfnetlink.h`? (Ihre Ausgabe sagt jetzt, dass sie es nicht findet. Wenn es installiert, aber nicht gefunden wird, sieht es möglicherweise nicht an den richtigen Stellen aus.) 3) Funktioniert es, wenn Sie den `--enable-nfqueue'-Teil vorübergehend entfernen? Hennes vor 8 Jahren 0
1) Ich habe den `libnetfilter` für Mac nicht gefunden (möglicherweise ist er Teil eines Pakets von Homebrew wie` libnet` oder `libdnet`, die bereits als Abhängigkeiten für Suricata installiert sind) ... Ich habe keine Idee, was ist das? 2) `locate nfnetlink.h` zeigt nichts - scheint nicht installiert zu sein. Homebrew hat keine Pakete wie nfnetlink oder libnetfilter ((((3)), wenn ich `--enable-nfqueue 'entferne. Es funktioniert, aber der Grund, warum ich das alles frage - weil ich Suricata mit Unterstützung von nfqueue (( Drew vor 8 Jahren 0

2 Antworten auf die Frage

1
Hennes

Ich habe kein OS X zum Testen, aber ...

Wenn ich mich auf die Fehlermeldung und das Googeln unter "Suricata OSX" konzentriere, komme ich zur folgenden Webseite: https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Mac_OS_X_106x

Teil davon zitieren:

Neuere Versionen von OS X verwenden clang, das CFLAG -fno-tree-pre nicht unterstützt. Dies führt zu folgenden Warnungen:

configure: WARNING: pcre.h: section "Present But Cannot Be Compiled"  configure: WARNING: pcre.h: proceeding with the compiler's result configure: WARNING: pcre.h: proceeding with the compiler's result checking for pcre.h... no

Ersetzen Sie clang durch llvm-gcc, um dieses Problem zu beheben:

CC=llvm-gcc ./configure ...


Ok, das hat also beim ersten Problem funktioniert. Suricata kann jetzt erfolgreich zusammengestellt werden.


Jetzt haben Sie ein zweites Problem: Sie versuchen, ein Programm zu erstellen, das netfilter verwendet, aber dieses Paket ist nicht installiert. Sie müssen entweder:

  1. eine OS X-Version davon finden (und installieren),
  2. einen Ersatz finden und konfigurieren (vielleicht etwas, das sich bereits in OS X selbst befindet?), oder
  3. Sie müssen es selbst kompilieren.
  4. oder Sie müssen es ohne kompilieren.

Dies ist jedoch nicht mehr die ursprüngliche Frage.

Ich habe es versucht, aber es hat nicht funktioniert. Ich habe meine Frage oben bearbeitet ... Überprüfen Sie das Protokoll Drew vor 8 Jahren 0
0
Drew

Scheint, als wäre das Konfigurieren von Suricata mit --enable-nfqueueOS X nicht möglich. Bitte korrigieren Sie mich, wenn ich falsch liege ...

Verwandte Probleme