OS X: suricata: ./configure --enable-nfqueue error

0

Я пытаюсь настроить Suricata с Nfqueue на Mac OS X Yosemite. Когда я запускаю, настроить процесс сообщает, что несколько обязательных элементов присутствуют, но они не могут быть скомпилированы. В конце концов он завершается с «error: pcre.h not found ...».

Полный вывод конфигурации приведен ниже:

sudo ./configure --enable-nfqueue
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for a thread-safe mkdir -p... ./install-sh -c -d
checking for gawk... no
checking for mawk... no
checking for nawk... no
checking for awk... awk
checking whether make sets $(MAKE)... yes
checking whether make supports nested variables... yes
checking for style of include used by make... GNU
checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables... 
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ISO C89... none needed
checking whether gcc understands -c and -o together... yes
checking dependency style of gcc... gcc3
checking for gcc option to accept ISO C99... none needed
checking build system type... x86_64-apple-darwin14.3.0
checking host system type... x86_64-apple-darwin14.3.0
checking how to print strings... printf
checking for a sed that does not truncate output... /usr/bin/sed
checking for grep that handles long lines and -e... /usr/bin/grep
checking for egrep... /usr/bin/grep -E
checking for fgrep... /usr/bin/grep -F
checking for ld used by gcc... /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld
checking if the linker (/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld) is GNU ld... no
checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm
checking the name lister (/usr/bin/nm) interface... BSD nm
checking whether ln -s works... yes
checking the maximum length of command line arguments... 196608
checking whether the shell understands some XSI constructs... yes
checking whether the shell understands "+="... yes
checking how to convert x86_64-apple-darwin14.3.0 file names to x86_64-apple-darwin14.3.0 format... func_convert_file_noop
checking how to convert x86_64-apple-darwin14.3.0 file names to toolchain format... func_convert_file_noop
checking for /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld option to reload object files... -r
checking for objdump... no
checking how to recognize dependent libraries... pass_all
checking for dlltool... no
checking how to associate runtime and link libraries... printf %s\n
checking for ar... ar
checking for archiver @FILE support... no
checking for strip... strip
checking for ranlib... ranlib
checking command to parse /usr/bin/nm output from gcc object... ok
checking for sysroot... no
checking for mt... no
checking if : is a manifest tool... no
checking for dsymutil... dsymutil
checking for nmedit... nmedit
checking for lipo... lipo
checking for otool... otool
checking for otool64... no
checking for -single_module linker flag... yes
checking for -exported_symbols_list linker flag... yes
checking for -force_load linker flag... yes
checking how to run the C preprocessor... gcc -E
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for unistd.h... yes
checking for dlfcn.h... yes
checking for objdir... .libs
checking if gcc supports -fno-rtti -fno-exceptions... yes
checking for gcc option to produce PIC... -fno-common -DPIC
checking if gcc PIC flag -fno-common -DPIC works... yes
checking if gcc static flag -static works... no
checking if gcc supports -c -o file.o... yes
checking if gcc supports -c -o file.o... (cached) yes
checking whether the gcc linker (/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld) supports shared libraries... yes
checking dynamic linker characteristics... darwin14.3.0 dyld
checking how to hardcode library paths into programs... immediate
checking whether stripping libraries is possible... yes
checking if libtool supports shared libraries... yes
checking whether to build shared libraries... yes
checking whether to build static libraries... yes
checking for pkg-config... /usr/local/bin/pkg-config
checking pkg-config is at least version 0.21... yes
checking gcc version... 4.2.1
checking for gawk... (cached) awk
checking for gcc... (cached) gcc
checking whether we are using the GNU C compiler... (cached) yes
checking whether gcc accepts -g... (cached) yes
checking for gcc option to accept ISO C89... (cached) none needed
checking whether gcc understands -c and -o together... (cached) yes
checking dependency style of gcc... (cached) gcc3
checking how to run the C preprocessor... gcc -E
checking whether ln -s works... yes
checking whether make sets $(MAKE)... (cached) yes
checking for pkg-config... /usr/local/bin/pkg-config
checking for python... /usr/local/bin/python
checking for wget... /usr/local/bin/wget
checking arpa/inet.h usability... no
checking arpa/inet.h presence... yes
configure: WARNING: arpa/inet.h: present but cannot be compiled
configure: WARNING: arpa/inet.h:     check for missing prerequisite headers?
configure: WARNING: arpa/inet.h: see the Autoconf documentation
configure: WARNING: arpa/inet.h:     section "Present But Cannot Be Compiled"
configure: WARNING: arpa/inet.h: proceeding with the compiler's result
checking for arpa/inet.h... no
checking assert.h usability... no
checking assert.h presence... yes
configure: WARNING: assert.h: present but cannot be compiled
configure: WARNING: assert.h:     check for missing prerequisite headers?
configure: WARNING: assert.h: see the Autoconf documentation
configure: WARNING: assert.h:     section "Present But Cannot Be Compiled"
configure: WARNING: assert.h: proceeding with the compiler's result
checking for assert.h... no
checking ctype.h usability... no
checking ctype.h presence... yes
configure: WARNING: ctype.h: present but cannot be compiled
configure: WARNING: ctype.h:     check for missing prerequisite headers?
configure: WARNING: ctype.h: see the Autoconf documentation
configure: WARNING: ctype.h:     section "Present But Cannot Be Compiled"
configure: WARNING: ctype.h: proceeding with the compiler's result
checking for ctype.h... no
checking errno.h usability... no
checking errno.h presence... yes
configure: WARNING: errno.h: present but cannot be compiled
configure: WARNING: errno.h:     check for missing prerequisite headers?
configure: WARNING: errno.h: see the Autoconf documentation
configure: WARNING: errno.h:     section "Present But Cannot Be Compiled"
configure: WARNING: errno.h: proceeding with the compiler's result
checking for errno.h... no
checking fcntl.h usability... no
checking fcntl.h presence... yes
configure: WARNING: fcntl.h: present but cannot be compiled
configure: WARNING: fcntl.h:     check for missing prerequisite headers?
configure: WARNING: fcntl.h: see the Autoconf documentation
configure: WARNING: fcntl.h:     section "Present But Cannot Be Compiled"
configure: WARNING: fcntl.h: proceeding with the compiler's result
checking for fcntl.h... no
checking for inttypes.h... (cached) yes
checking getopt.h usability... no
checking getopt.h presence... yes
configure: WARNING: getopt.h: present but cannot be compiled
configure: WARNING: getopt.h:     check for missing prerequisite headers?
configure: WARNING: getopt.h: see the Autoconf documentation
configure: WARNING: getopt.h:     section "Present But Cannot Be Compiled"
configure: WARNING: getopt.h: proceeding with the compiler's result
checking for getopt.h... no
checking limits.h usability... no
checking limits.h presence... yes
configure: WARNING: limits.h: present but cannot be compiled
configure: WARNING: limits.h:     check for missing prerequisite headers?
configure: WARNING: limits.h: see the Autoconf documentation
configure: WARNING: limits.h:     section "Present But Cannot Be Compiled"
configure: WARNING: limits.h: proceeding with the compiler's result
checking for limits.h... no
checking netdb.h usability... no
checking netdb.h presence... yes
configure: WARNING: netdb.h: present but cannot be compiled
configure: WARNING: netdb.h:     check for missing prerequisite headers?
configure: WARNING: netdb.h: see the Autoconf documentation
configure: WARNING: netdb.h:     section "Present But Cannot Be Compiled"
configure: WARNING: netdb.h: proceeding with the compiler's result
checking for netdb.h... no
checking netinet/in.h usability... no
checking netinet/in.h presence... yes
configure: WARNING: netinet/in.h: present but cannot be compiled
configure: WARNING: netinet/in.h:     check for missing prerequisite headers?
configure: WARNING: netinet/in.h: see the Autoconf documentation
configure: WARNING: netinet/in.h:     section "Present But Cannot Be Compiled"
configure: WARNING: netinet/in.h: proceeding with the compiler's result
checking for netinet/in.h... no
checking poll.h usability... no
checking poll.h presence... yes
configure: WARNING: poll.h: present but cannot be compiled
configure: WARNING: poll.h:     check for missing prerequisite headers?
configure: WARNING: poll.h: see the Autoconf documentation
configure: WARNING: poll.h:     section "Present But Cannot Be Compiled"
configure: WARNING: poll.h: proceeding with the compiler's result
checking for poll.h... no
checking sched.h usability... no
checking sched.h presence... yes
configure: WARNING: sched.h: present but cannot be compiled
configure: WARNING: sched.h:     check for missing prerequisite headers?
configure: WARNING: sched.h: see the Autoconf documentation
configure: WARNING: sched.h:     section "Present But Cannot Be Compiled"
configure: WARNING: sched.h: proceeding with the compiler's result
checking for sched.h... no
checking signal.h usability... no
checking signal.h presence... yes
configure: WARNING: signal.h: present but cannot be compiled
configure: WARNING: signal.h:     check for missing prerequisite headers?
configure: WARNING: signal.h: see the Autoconf documentation
configure: WARNING: signal.h:     section "Present But Cannot Be Compiled"
configure: WARNING: signal.h: proceeding with the compiler's result
checking for signal.h... no
checking stdarg.h usability... no
checking stdarg.h presence... yes
configure: WARNING: stdarg.h: present but cannot be compiled
configure: WARNING: stdarg.h:     check for missing prerequisite headers?
configure: WARNING: stdarg.h: see the Autoconf documentation
configure: WARNING: stdarg.h:     section "Present But Cannot Be Compiled"
configure: WARNING: stdarg.h: proceeding with the compiler's result
checking for stdarg.h... no
checking for stdint.h... (cached) yes
checking stdio.h usability... no
checking stdio.h presence... yes
configure: WARNING: stdio.h: present but cannot be compiled
configure: WARNING: stdio.h:     check for missing prerequisite headers?
configure: WARNING: stdio.h: see the Autoconf documentation
configure: WARNING: stdio.h:     section "Present But Cannot Be Compiled"
configure: WARNING: stdio.h: proceeding with the compiler's result
checking for stdio.h... no
checking for stdlib.h... (cached) yes
checking for string.h... (cached) yes
checking sys/ioctl.h usability... no
checking sys/ioctl.h presence... yes
configure: WARNING: sys/ioctl.h: present but cannot be compiled
configure: WARNING: sys/ioctl.h:     check for missing prerequisite headers?
configure: WARNING: sys/ioctl.h: see the Autoconf documentation
configure: WARNING: sys/ioctl.h:     section "Present But Cannot Be Compiled"
configure: WARNING: sys/ioctl.h: proceeding with the compiler's result
checking for sys/ioctl.h... no
checking syslog.h usability... no
checking syslog.h presence... yes
configure: WARNING: syslog.h: present but cannot be compiled
configure: WARNING: syslog.h:     check for missing prerequisite headers?
configure: WARNING: syslog.h: see the Autoconf documentation
configure: WARNING: syslog.h:     section "Present But Cannot Be Compiled"
configure: WARNING: syslog.h: proceeding with the compiler's result
checking for syslog.h... no
checking sys/prctl.h usability... no
checking sys/prctl.h presence... no
checking for sys/prctl.h... no
checking sys/socket.h usability... no -->

checking sys/socket.h presence... yes
configure: WARNING: sys/socket.h: present but cannot be compiled
configure: WARNING: sys/socket.h:     check for missing prerequisite headers?
configure: WARNING: sys/socket.h: see the Autoconf documentation
configure: WARNING: sys/socket.h:     section "Present But Cannot Be Compiled"
configure: WARNING: sys/socket.h: proceeding with the compiler's result
checking for sys/socket.h... no
checking for sys/stat.h... (cached) yes
checking sys/syscall.h usability... no
checking sys/syscall.h presence... yes
configure: WARNING: sys/syscall.h: present but cannot be compiled
configure: WARNING: sys/syscall.h:     check for missing prerequisite headers?
configure: WARNING: sys/syscall.h: see the Autoconf documentation
configure: WARNING: sys/syscall.h:     section "Present But Cannot Be Compiled"
configure: WARNING: sys/syscall.h: proceeding with the compiler's result
checking for sys/syscall.h... no
checking sys/time.h usability... no
checking sys/time.h presence... yes
configure: WARNING: sys/time.h: present but cannot be compiled
configure: WARNING: sys/time.h:     check for missing prerequisite headers?
configure: WARNING: sys/time.h: see the Autoconf documentation
configure: WARNING: sys/time.h:     section "Present But Cannot Be Compiled"
configure: WARNING: sys/time.h: proceeding with the compiler's result
checking for sys/time.h... no
checking time.h usability... no
checking time.h presence... yes
configure: WARNING: time.h: present but cannot be compiled
configure: WARNING: time.h:     check for missing prerequisite headers?
configure: WARNING: time.h: see the Autoconf documentation
configure: WARNING: time.h:     section "Present But Cannot Be Compiled"
configure: WARNING: time.h: proceeding with the compiler's result
checking for time.h... no
checking for unistd.h... (cached) yes
checking for sys/ioctl.h... (cached) no
checking linux/if_ether.h usability... no
checking linux/if_ether.h presence... no
checking for linux/if_ether.h... no
checking linux/if_packet.h usability... no
checking linux/if_packet.h presence... no
checking for linux/if_packet.h... no
checking linux/filter.h usability... no
checking linux/filter.h presence... no
checking for linux/filter.h... no
checking linux/ethtool.h usability... no
checking linux/ethtool.h presence... no
checking for linux/ethtool.h... no
checking linux/sockios.h usability... no
checking linux/sockios.h presence... no
checking for linux/sockios.h... no
checking for sys/socket.h... (cached) no
checking for net/if.h... no
checking for sys/mman.h... no
checking for linux/if_arp.h... no
checking for windows.h... no
checking for winsock2.h... no
checking for ws2tcpip.h... no
checking for w32api/wtypes.h... no
checking for w32api/winbase.h... no
checking for inline... no
checking for pid_t... no
checking for size_t... no
checking for int32_t... no
checking for uint16_t... no
checking for uint32_t... no
checking for uint64_t... no
checking for uint8_t... no
checking for stdbool.h that conforms to C99... no
checking for _Bool... no
checking for stdlib.h... (cached) yes
checking for GNU libc compatible malloc... no
checking for stdlib.h... (cached) yes
checking for GNU libc compatible realloc... no
checking for gettimeofday... no
checking for memset... no
checking for strcasecmp... no
checking for strchr... no
checking for strdup... no
checking for strerror... no
checking for strncasecmp... no
checking for strtol... no
checking for strtoul... no
checking for memchr... no
checking for memrchr... no
checking for strlcpy... no
checking for strlcat... no
checking for special C compiler options needed for large files... no
checking for _FILE_OFFSET_BITS value needed for large files... unknown
checking for _LARGE_FILES value needed for large files... unknown
checking host os... -n installation for x86_64-apple-darwin14.3.0 OS... 
ok
checking for thread local storage __thread support... no
checking checking if gcc supports -march=native... no
checking for spatch... no
   Warning! spatch not found, you will not be 
   able to run code checking with coccinelle  
   get it from http://coccinelle.lip6.fr      
   or install from your distribution          
checking for Mpipe... no
checking pcre.h usability... no
checking pcre.h presence... yes
configure: WARNING: pcre.h: present but cannot be compiled
configure: WARNING: pcre.h:     check for missing prerequisite headers?
configure: WARNING: pcre.h: see the Autoconf documentation
configure: WARNING: pcre.h:     section "Present But Cannot Be Compiled"
configure: WARNING: pcre.h: proceeding with the compiler's result
checking for pcre.h... no
configure: error: pcre.h not found ...

У меня установлен pcre от homebrew .

Я пробовал это:

sudo CC=llvm-gcc ./configure --enable-nfqueue

и получил:

...
checking for json_dump_callback in -ljansson... yes
checking for nfnl_fd in -lnfnetlink... no

   ERROR!  nfnetlink library not found, go get it
   from www.netfilter.org.
   we automatically append libnetfilter_queue/ when searching
   for headers etc. when the --with-libnfnetlink-inlcudes directive
   is used

checking libnetfilter_queue/libnetfilter_queue.h usability... no
checking libnetfilter_queue/libnetfilter_queue.h presence... no
checking for libnetfilter_queue/libnetfilter_queue.h... no
configure: error: libnetfilter_queue/libnetfilter_queue.h not found ...

Что я делаю неправильно?

Нарисовался
источник
ну, я понятия не имею, что я должен попробовать. Каковы ваши предложения? в чем может быть проблема? У меня установлен pcre от homebrew.
Дрю
Я попытался добавить --disable-gccmarch-native к команде конфигурации и все еще получить то же самое.
Дрю
1) Установлен ли libnetfilter? (ii нет, сначала установите его) 2) Что locate nfnetlink.hсообщает? (ваш вывод говорит, что он не находит его. Если он установлен, но не найден, он может не выглядеть в нужных местах) 3) Работает ли он, если вы временно удалите --enable-nfqueueдеталь?
Хеннес
1) Я не нашел libnetfilterдля Mac (может быть, он должен быть частью какого-то пакета из homebrew, как, libnetили libdnetкоторые уже установлены как зависимости для suricata) ... Я понятия не имею, что это ... 2) locate nfnetlink.hничего не показывает - похоже не установлено. У Homebrew нет таких пакетов, как nfnetlink или libnetfilter (((3), если я удаляю --enable-nfqueueего, это работает, но причина, по которой я все это спрашиваю, - потому что мне нужно установить suricata с поддержкой nfqueue (((
Drew

Ответы:

1

У меня нет OS X для тестирования, но ...

Сосредоточение внимания на сообщении об ошибке и поиск в Google «suricata OSX» приводит меня к следующей веб-странице: https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Mac_OS_X_106x

Цитирую часть этого:

В последних версиях OS X используется clang, который не поддерживает CFLAG -fno-tree-pre, что приводит к следующим предупреждениям:

configure: WARNING: pcre.h:     section "Present But Cannot Be Compiled" 
configure: WARNING: pcre.h: proceeding with the compiler's result
configure: WARNING: pcre.h: proceeding with the compiler's result
checking for pcre.h... no

Замените clang на llvm-gcc, чтобы решить эту проблему:

CC=llvm-gcc ./configure ... 


Итак, это сработало для первой проблемы. Suricata теперь может быть успешно скомпилирована.


Теперь у вас возникла вторая проблема: вы пытаетесь создать программу, которая использовала netfilter, но у вас не установлен этот пакет. Вам либо нужно:

  1. найти (и установить) версию OS X,
  2. найти и настроить замену (возможно, то, что уже есть в самой OS X?), или
  3. Вы должны скомпилировать это самостоятельно.
  4. или вам нужно скомпилировать его без.

Однако это уже не оригинальный вопрос.

Hennes
источник
Я пробовал это, но это не сработало. Я редактировал мой вопрос выше ... проверьте журнал
Дрю
0

Похоже, что настройка suricata с помощью --enable-nfqueueневозможно на OS X. Пожалуйста, исправьте меня, если я ошибаюсь ...

Нарисовался
источник