Unable to Compile Argus on Solaris 10

Carter Bullard carter at qosient.com
Tue Jan 22 17:51:40 EST 2013


I may need you to package up your argus so I can tell what we did to get Argus
going for Solaris 10.  Normally I would ask you to type, in the clients root directory:

   % make dist

But I'm afraid that that may not work.  What can work is a simple:

   % make clobber
   % ..
   % tar cf argus-3.0.4.solaris.tar ./argus-3.0.4
   % gzip argus-3.0.4.solaris.tar 

assuming you have gzip.
If you could do that, I can do a whole package diff to see what I need to put into
argus-3.0.7.3.

Thanks !!!!!!

Carter 


On Jan 22, 2013, at 8:27 AM, "Welland, Neal" <N.Welland at warwick.ac.uk> wrote:

> Hey Carter,
>  
> That seems to have done the trick – it compiles and installs successfully.
>  
> Now to see if we can get it logging!
>  
> Many thanks for your assistance.
>  
> Neal.
>  
> From: Carter Bullard [mailto:carter at qosient.com] 
> Sent: 22 January 2013 13:03
> To: Welland, Neal
> Cc: argus-info at lists.andrew.cmu.edu
> Subject: Re: [ARGUS] Unable to Compile Argus on Solaris 10
>  
> * PGP - S/MIME Signed by an unverified key: 22/01/2013 at 13:02:46
> Hey Neil,
> The only thing left is a definition for htonll and ntohll, which was
> defined in the byteswap.h include file which Solaris doesn't have.
> So we need to define that. 
>  
> In your ./common/argus_util.c, where we put in an #if !defined(HAVE_SOLARIS)
> around line 300 or so, if you could remove the #if !defined we added and
> add SOLARIS to the list of OS's around line 280?
>  
> Change
>    #if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__)
> To
>    #if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) || defined(HAVE_SOLARIS)
>  
>  
> And lets see if that works.
>  
> Carter
>  
> On Jan 22, 2013, at 6:56 AM, "Welland, Neal" <N.Welland at warwick.ac.uk> wrote:
> 
> 
> Hi,
>  
> I modified ArgusSource.c AND argus_util.c in the manner you suggested, to progress the compilation. Although the build gets further, it’s still falling over:
>  
> bash-3.2$ sudo make
> ### Making in /var/tmp/argus-3.0.4/common
> gcc -O3 -I. -I/opt/csw/include -I./../include  -I./../argus -DHAVE_CONFIG_H -c argus_util.c
> gcc -O3 -I. -I/opt/csw/include -I./../include  -I./../argus -DHAVE_CONFIG_H -c argus_code.c
> gcc -O3 -I. -I/opt/csw/include -I./../include  -I./../argus -DHAVE_CONFIG_H -c argus_filter.c
> bison -y -p argus_ -d grammar.y
> mv y.tab.c grammar.c
> mv y.tab.h tokdefs.h
> gcc -O3 -I. -I/opt/csw/include -I./../include  -I./../argus -DHAVE_CONFIG_H -Dyylval=argus_lval -c grammar.c
> flex -Pargus_ -t scanner.l > $$.scanner.c; mv $$.scanner.c scanner.c
> gcc -O3 -I. -I/opt/csw/include -I./../include  -I./../argus -DHAVE_CONFIG_H -c scanner.c
> In file included from scanner.l:47:0:
> ./../include/argus_config.h:483:0: warning: "_FILE_OFFSET_BITS" redefined [enabled by default]
> /opt/csw/lib/gcc/i386-pc-solaris2.10/4.6.3/include-fixed/sys/feature_tests.h:197:0: note: this is the location of the previous definition
> sed -e 's/.*/char version[] = "&";/' ./../VERSION > version.c
> gcc -O3 -I. -I/opt/csw/include -I./../include  -I./../argus -DHAVE_CONFIG_H -c version.c
> rm -f ../lib/argus_common.a; ar qc ../lib/argus_common.a argus_util.o argus_code.o argus_filter.o grammar.o scanner.o version.o
> ranlib ../lib/argus_common.a
> ### Done with /var/tmp/argus-3.0.4/common
> ### Making in /var/tmp/argus-3.0.4/argus
> gcc -O3 -I. -I/opt/csw/include -I./../include -DHAVE_CONFIG_H -c argus.c
> gcc -O3 -I. -I/opt/csw/include -I./../include -DHAVE_CONFIG_H -c ArgusModeler.c
> gcc -O3 -I. -I/opt/csw/include -I./../include -DHAVE_CONFIG_H -c ArgusSource.c
> gcc -O3 -I. -I/opt/csw/include -I./../include -DHAVE_CONFIG_H -c ArgusUtil.c
> gcc -O3 -I. -I/opt/csw/include -I./../include -DHAVE_CONFIG_H -c ArgusOutput.c
> gcc -O3 -I. -I/opt/csw/include -I./../include -DHAVE_CONFIG_H -c ArgusUdp.c
> gcc -O3 -I. -I/opt/csw/include -I./../include -DHAVE_CONFIG_H -c ArgusTcp.c
> gcc -O3 -I. -I/opt/csw/include -I./../include -DHAVE_CONFIG_H -c ArgusIcmp.c
> gcc -O3 -I. -I/opt/csw/include -I./../include -DHAVE_CONFIG_H -c ArgusIgmp.c
> gcc -O3 -I. -I/opt/csw/include -I./../include -DHAVE_CONFIG_H -c ArgusEsp.c
> gcc -O3 -I. -I/opt/csw/include -I./../include -DHAVE_CONFIG_H -c ArgusArp.c
> gcc -O3 -I. -I/opt/csw/include -I./../include -DHAVE_CONFIG_H -c ArgusFrag.c
> gcc -O3 -I. -I/opt/csw/include -I./../include -DHAVE_CONFIG_H -c ArgusUdt.c
> gcc -O3 -I. -I/opt/csw/include -I./../include -DHAVE_CONFIG_H -c ArgusLcp.c
> gcc -O3 -I. -I/opt/csw/include -I./../include -DHAVE_CONFIG_H -c ArgusIsis.c
> ArgusIsis.c:123:0: warning: "EXTRACT_16BITS" redefined [enabled by default]
> ./../include/argus/extract.h:168:0: note: this is the location of the previous definition
> ArgusIsis.c:125:0: warning: "EXTRACT_32BITS" redefined [enabled by default]
> ./../include/argus/extract.h:170:0: note: this is the location of the previous definition
> ArgusIsis.c:129:0: warning: "EXTRACT_24BITS" redefined [enabled by default]
> ./../include/argus/extract.h:177:0: note: this is the location of the previous definition
> ArgusIsis.c:137:0: warning: "EXTRACT_LE_16BITS" redefined [enabled by default]
> ./../include/argus/extract.h:187:0: note: this is the location of the previous definition
> ArgusIsis.c:140:0: warning: "EXTRACT_LE_32BITS" redefined [enabled by default]
> ./../include/argus/extract.h:190:0: note: this is the location of the previous definition
> gcc -O3 -I. -I/opt/csw/include -I./../include -DHAVE_CONFIG_H -c ArgusAuth.c
> gcc -O3 -I. -I/opt/csw/include -I./../include -DHAVE_CONFIG_H -c Argus802.11.c
> gcc -O3 -I. -I/opt/csw/include -I./../include -DHAVE_CONFIG_H -c ArgusApp.c
> gcc -O3 -I. -I/opt/csw/include -I./../include -DHAVE_CONFIG_H -c ArgusEvents.c
> gcc -O3 -I. -I/opt/csw/include -I./../include -DHAVE_CONFIG_H -o ../bin/argus argus.o ArgusModeler.o ArgusSource.o ArgusUtil.o ArgusOutput.o ArgusUdp.o  ArgusTcp.o ArgusIcmp.o ArgusIgmp.o ArgusEsp.o ArgusArp.o ArgusFrag.o ArgusUdt.o  ArgusLcp.o ArgusIsis.o ArgusAuth.o Argus802.11.o ArgusApp.o ArgusEvents.o  -lsocket -lnsl  -L/opt/csw/lib -R/opt/csw/lib -lpcap -lpthread  -lwrap  -lsocket -lnsl -lrt -lm -lz ../lib/argus_common.a -lm
> Undefined                       first referenced
> symbol                             in file
> htonll                              ../lib/argus_common.a(argus_util.o)
> ntohll                              ../lib/argus_common.a(argus_util.o)
> ld: fatal: symbol referencing errors. No output written to ../bin/argus
> *** Error code 1
> make: Fatal error: Command failed for target `../bin/argus'
> Current working directory /var/tmp/argus-3.0.4/argus
> ### Done with /var/tmp/argus-3.0.4/argus
> ### Making in /var/tmp/argus-3.0.4/events
> sed 's+ at PERLBIN@+/usr/bin/perl+' argus-lsof.pl > ../bin/argus-lsof
> chmod +x ../bin/argus-lsof
> cp -f argus-snmp.sh ../bin/argus-snmp
> cp -f argus-vmstat.sh ../bin/argus-vmstat
> ### Done with /var/tmp/argus-3.0.4/events
>  
> I suspect there might be a few more “#if !defined(HAVE_SOLARIS)” required?
>  
> Thanks, Neal.
>  
> From: Carter Bullard [mailto:carter at qosient.com] 
> Sent: 21 January 2013 17:48
> To: Welland, Neal
> Cc: argus-info at lists.andrew.cmu.edu
> Subject: Re: [ARGUS] Unable to Compile Argus on Solaris 10
>  
> > Old - S/MIME Signed by an unverified key: 21/01/2013 at 17:48:27
> byteswap.h is used to define ntohll() for little endian machines.
> Try this type of patch to see how far you get (line numbers may not be correct).
>  
> diff ArgusSource.c ArgusSource.c.orig
> 1470d1469
> < #if !defined(HAVE_SOLARIS)
> 1475d1473
> < #endif
>  
> The idea of the patch is to cover the include and definition of ntohll() in an #ifdef for not solaris.
> Carter
>  
> On Jan 21, 2013, at 11:50 AM, "Welland, Neal" <N.Welland at warwick.ac.uk> wrote:
> 
> 
> 
> Hi Carter,
>  
> Thanks for your quick response.
>  
> We were using v3.0.4, rather than v3.0.6, in an attempt to run a direct side-by-side comparison with another argus installation. I’ll keep trying with v3.0.4 for now, but intend to move to v3.0.6 once we are sure everything is okay.
>  
> After adding the suggested typedefs to argus_compat.h, the make got a little further, but still failed:
>  
> $ sudo make
> ### Making in /var/tmp/argus-3.0.4/common
> gcc -O3 -I. -I/opt/csw/include -I./../include  -I./../argus -DHAVE_CONFIG_H -c argus_util.c
> argus_util.c:273:22: fatal error: byteswap.h: No such file or directory
> compilation terminated.
> *** Error code 1
> make: Fatal error: Command failed for target `argus_util.o'
> Current working directory /var/tmp/argus-3.0.4/common
> ### Done with /var/tmp/argus-3.0.4/common
> ### Making in /var/tmp/argus-3.0.4/argus
> gcc -O3 -I. -I/opt/csw/include -I./../include -DHAVE_CONFIG_H -c argus.c
> gcc -O3 -I. -I/opt/csw/include -I./../include -DHAVE_CONFIG_H -c ArgusModeler.c
> gcc -O3 -I. -I/opt/csw/include -I./../include -DHAVE_CONFIG_H -c ArgusSource.c
> ArgusSource.c:1387:22: fatal error: byteswap.h: No such file or directory
> compilation terminated.
> *** Error code 1
> make: Fatal error: Command failed for target `ArgusSource.o'
> Current working directory /var/tmp/argus-3.0.4/argus
> ### Done with /var/tmp/argus-3.0.4/argus
> ### Making in /var/tmp/argus-3.0.4/events
> ### Done with /var/tmp/argus-3.0.4/events
>  
> The byteswap.h issue was actually present in the original invocation, just hidden in the other errors. Some more googling suggests byteswap.h doesn’t exist under Solaris? Any ideas?
>  
> Cheers, Neal.
>  
> From: Carter Bullard [mailto:carter at qosient.com] 
> Sent: 21 January 2013 16:21
> To: Welland, Neal
> Cc: argus-info at lists.andrew.cmu.edu
> Subject: Re: [ARGUS] Unable to Compile Argus on Solaris 10
>  
> > Old - S/MIME Signed by an unverified key: 21/01/2013 at 16:21:14
> Hey Neal,
> The current version of Argus is 3.0.6.x.  Please grab the stable versions fromhttp://qosient.com/argus
> and see if that doesn't compile.  I haven't personally had a Solaris machine in a number of years, so
> if we can't compile, it won't be but a minor change to get it there.
>  
> If Solaris doesn't provide a defintion for u_int8_t, then we'll need to add some form of definition
> in either ./include/argus_os.h or ./include/argus_compat.h, preferably argus_compat.h.
> There are #ifdefs for ARGUS_SOLARIS, which is defined in the ./compat scripts.
>  
> Add these to one of your files, and see if that works for you.
>  
> typedef unsigned char           u_int8_t;
> typedef unsigned short          u_int16_t;
> typedef unsigned int            u_int32_t;
> typedef unsigned long long      u_int64_t;
>  
>  
> If so, I'll add them to the argus-3.0.7.x code base, which is also available on the web site.
> Carter
>  
> On Jan 21, 2013, at 10:59 AM, "Welland, Neal" <N.Welland at warwick.ac.uk> wrote:
> 
> 
> 
> 
> Hi,
>  
> We are trying to build argus v.3.0.4 on a Solaris 10 (10/09 s10x_u8wos_08a X86) server, but it fails.
> We followed the instructions in the INSTALL file, and have the following dependencies installed:
>  
> Libpcap = v1.2.1
> Bison = v2.5
> Flex = v2.5.4
> TCPwrappers = 7.6_ipv6.4
> Gcc = v4.6.3 (the only compiler available)
>  
> ./configure seems to execute without error.
>  
> Executing make results in:
>  
> bash-3.2$ sudo make      
> Password:
> ### Making in /var/tmp/argus-3.0.4/common
> gcc -O3 -I. -I/opt/csw/include -I./../include  -I./../argus -DHAVE_CONFIG_H -c argus_util.c
> In file included from ./../argus/ArgusModeler.h:330:0,
>                  from ./../argus/argus.h:40,
>                  from argus_util.c:68:
> ./../argus/ArgusSource.h:90:2: error: unknown type name 'u_int8_t'
> ./../argus/ArgusSource.h:91:2: error: unknown type name 'u_int8_t'
> ./../argus/ArgusSource.h:95:38: error: unknown type name 'u_int8_t'
> ./../argus/ArgusSource.h:97:39: error: unknown type name 'u_int8_t'
> ./../argus/ArgusSource.h:98:40: error: unknown type name 'u_int16_t'
> ./../argus/ArgusSource.h:99:40: error: unknown type name 'u_int32_t'
> ./../argus/ArgusSource.h:100:40: error: unknown type name 'u_int64_t'
> argus_util.c:273:22: fatal error: byteswap.h: No such file or directory
> compilation terminated.
> *** Error code 1
> make: Fatal error: Command failed for target `argus_util.o'
> Current working directory /var/tmp/argus-3.0.4/common
> ### Done with /var/tmp/argus-3.0.4/common
> ### Making in /var/tmp/argus-3.0.4/argus
> gcc -O3 -I. -I/opt/csw/include -I./../include -DHAVE_CONFIG_H -c argus.c
> In file included from ./ArgusModeler.h:330:0,
>                  from ./argus.h:40,
>                  from argus.c:58:
> ./ArgusSource.h:90:2: error: unknown type name 'u_int8_t'
> ./ArgusSource.h:91:2: error: unknown type name 'u_int8_t'
> ./ArgusSource.h:95:38: error: unknown type name 'u_int8_t'
> ./ArgusSource.h:97:39: error: unknown type name 'u_int8_t'
> ./ArgusSource.h:98:40: error: unknown type name 'u_int16_t'
> ./ArgusSource.h:99:40: error: unknown type name 'u_int32_t'
> ./ArgusSource.h:100:40: error: unknown type name 'u_int64_t'
> *** Error code 1
> make: Fatal error: Command failed for target `argus.o'
> Current working directory /var/tmp/argus-3.0.4/argus
> ### Done with /var/tmp/argus-3.0.4/argus
> ### Making in /var/tmp/argus-3.0.4/events
> ### Done with /var/tmp/argus-3.0.4/events
>  
> After a little googling I see that “u_intX_t” should actually be “uintX_t”, as defined in /usr/include/sys/types.h.
>  
> Configure seems to check for “uintX_t”, so why is the code using the older definitions?
>  
> Regards,
>  
> --
> Neal Welland, Information Security Analyst. War-CSIIRT
> University of Warwick, IT Services, Coventry CV4 8UW, UK
> E: n.welland at warwick.ac.uk M: 07880 175391
> PGP keys available: http://keys.warwick.ac.uk
>  
>  
> * Carter Bullard <carter at qosient.com>
> * Issuer: "VeriSign - Unverified
>  
>  
> * Carter Bullard <carter at qosient.com>
> * Issuer: "VeriSign - Unverified
>  
>  
> * Carter Bullard <carter at qosient.com>
> * Issuer: "VeriSign - Unverified
>  

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20130122/9b921383/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4367 bytes
Desc: not available
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20130122/9b921383/attachment.bin>


More information about the argus mailing list