[Oisf-users] suricata inline mode in windows.
Michael Steele
michaels at winsnort.com
Sun Jan 29 16:55:53 UTC 2012
I see there is a Windows build of Suricata available.
Couple of questions:
1) I see from the posted documentation that Cygwin is used, and is this just
documented for compiling purposes, or is it required for the process?
2) Looking to find out if it's possible to do this all on Windows: Suricata
> Log > database > Console
Kindest regards,
Michael...
-----Original Message-----
From: oisf-users-bounces at openinfosecfoundation.org
[mailto:oisf-users-bounces at openinfosecfoundation.org] On Behalf Of torna
wida
Sent: Tuesday, January 24, 2012 2:00 PM
To: oisf-users at openinfosecfoundation.org
Subject: [Oisf-users] suricata inline mode in windows.
Hello,
ı am trying to build suricata in inline mode for windows. I tried to build
in cygwin step by step as explained in SuricataWinInstallationGuide_v1.2.pdf
with --enable-nfqueue. I am sure that i successfully installed and compiled
netfilterforwin(libnetfilter_queue). But it is giving me error :
checking libnfnetlink/libnfnetlink.h usability... no checking
libnfnetlink/libnfnetlink.h presence... no checking for
libnfnetlink/libnfnetlink.h... no
configure: error: libnfnetlink.h not found ...
Then, i tried to build in mingw, I did everything as expained
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Windows
i downloaded the newest packages that required for build. and I compiled the
netfilterforwin (libnetfilter_queue).I downloaded the
1.1.3 version of libnet binaries for mingw. but when I try ./configure
--enable-nfqueue it is giving me this error :
checking for libnetfilter_queue/libnetfilter_queue.h... yes checking for
nfq_open in -lnetfilter_queue... yes
checking for libnet.h version 1.1.x... yes checking for libnet_write in
-lnet... no
*************************************************************************
Warning! libnet version 1.1.x could not be found in /usr/include
/usr/local/include /usr/local/include/libnet11 /opt/local/include
Reject keywords will not be supported.
If you require reject support plese install libnet 1.1.x.
If libnet is not installed in a non-standard location please use the
--with-libnet-includes and --with-libnet-libraries configure options
*************************************************************************
I tried to build libnet 1.1.3 and libnet-dev 1.1.5 but I had error that
ntddndis.h not found. I have this file in /mingw/inlude/ddk
So, I could not compile suricata with --enable-nfqueue and can not use it in
inline mode.
Can anybody explain me what to do, please.
thanks.
_______________________________________________
Oisf-users mailing list
Oisf-users at openinfosecfoundation.org
http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
More information about the Oisf-users
mailing list