Wednesday, August 16, 2006

Creating Snort-Inline RPM in OpenSUSE 10.1

I couldn't install snort-inline, because it needs libnet 1.0.2a. In my system I have already installed libnet 1.1.0 required by dsniff-2.4.0. This silly problem made me crazy for several days.

Finally I got an enlightenment.

First, make sure you've installed iptables-devel package.

To resolve this problem, I downgraded dsniff to dsniff-2.3-1.guru.suse100
(http://rpm.pbone.net) and removed libnet 1.1.0.

# rpm -e dsniff-2.4.0
# rpm -Uvh dsniff-2.3-1.guru.suse100.i686.rpm
Preparing... ########################################### [100%]
1:dsniff ########################################### [100%]
# rpm -e libnet

Then I install libnet-1.0.2a-1.snort :

# rpm -Uvh libnet-1.0.2a-1snort.i386.rpm
Preparing... ########################################### [100%]
1:libnet ########################################### [100%]

After that I create snort RPMS :

$ rpmbuild -tb snort-2.6.0.tar.gz --with inline --with mysql
...
Wrote: /home/tedi/rpms/RPMS/i586/snort-inline-2.6.0-1.i586.rpm
Wrote: /home/tedi/rpms/RPMS/i586/snort-inline-mysql-2.6.0-1.i586.rpm
...

Posted by Tedi Heriyanto at 17:52 Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)