Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

Issue Enabling DAQ's NFQ Module while Compiling

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers Issue Enabling DAQ's NFQ Module while Compiling
# 1  
Old 06-05-2014
Issue Enabling DAQ's NFQ Module while Compiling
Hello All,

OS: OpenSuSE 12.3 x86_64

A little while back I installed Snort 2.9.6 and was trying to use the NFQ module along with it for packet acquisition but got errors that the module is not present. If I run:
Code:
# snort --daq-list
Available DAQ modules:
pcap(v3): readback live multi unpriv
ipfw(v3): live inline multi unpriv
dump(v2): readback live inline multi unpriv
afpacket(v5): live inline multi unpriv

As you can see the Netfilter_Queue (*NFQ) module is not present there. Even though I know that I have the netfilter_queue* files installed. I installed them using YaST Software Manager.
The package names I installed were:
libnetfilter_queue1 and libnetfilter_queue-devel (*I also installed the 32 bit version, but that didn't change anything so I removed that one after it was unsuccessful again...)

I first had version 1.0.2-3.1.1 installed from the Software Manager program, but still had trouble when installing DAQ because it was saying those modules weren't present. So I then tried installing version 1.0.2-6.7 from an RPM file I found online, but that seemed to make no difference anyway. I also tried uninstalling them completely and reinstalling them a few times.

So what happens when I run the configure command for DAQ is that I see the following messages:
*I also see that the IPQ module also isn't being enabled either, but I really wasn't worried about that one...
Code:
# ./configure --libdir=/usr/lib64 --prefix=/usr --enable-nfq-module=yes
:.......
:.......
checking libipq.h usability... no
checking libipq.h presence... no
checking for libipq.h... no
checking for linux/netfilter.h... yes
checking for netinet/in.h... (cached) yes
checking libnetfilter_queue/libnetfilter_queue.h usability... no
checking libnetfilter_queue/libnetfilter_queue.h presence... no
checking for libnetfilter_queue/libnetfilter_queue.h... no
checking for linux/netfilter.h... (cached) yes
:....
:........

Build AFPacket DAQ module.. : yes
Build Dump DAQ module...... : yes
Build IPFW DAQ module...... : yes
Build IPQ DAQ module....... : no
Build NFQ DAQ module....... : no
Build PCAP DAQ module...... : yes

Not sure why it isn't finding it or what, but I'm pretty sure I have ALL the required files for the libnetfilter_queue (*NFQ) module. I was assuming since it said:
"checking libnetfilter_queue/libnetfilter_queue.h presence... no"
That it just wasn't finding it... Could that be the case?

Kind of stuck here and have been so now for weeks. Any thoughts or suggestions would be GREATLY appreciated!

Thanks in Advance,
Matt

---------- Post updated at 01:17 PM ---------- Previous update was at 12:32 PM ----------

Ughh... Sorry guys I feel a bit silly now. I think I figured it out.

I was browsing the output from trying to configure the daq program (*i.e. config.log file) and I noticed it was looking for the libnetfilter_queue package in:
Code:
checking for libnetfilter_queue/libnetfilter_queue.h
           Prefix=/usr/include

So I checked for "/usr/include/libnetfilter_queue" and humm... I only had "/usr/include/libnetfilter_queue-1.0.2/" and the header files were actually located at:

Code:
# ls -l /usr/include/libnetfilter_queue-1.0.2
-rw-r--r-- 1 root root  656 Apr  9 16:37 internal.h
drwxr-xr-x 2 root root 4096 Jun  5 12:14 libnetfilter_queue

# cd libnetfilter_queue
# pwd
/usr/include/libnetfilter_queue-1.0.2/libnetfilter_queue
# ls -l
-rw-r--r-- 1 root root 4566 Apr  9 16:37 libnetfilter_queue.h
-rw-r--r-- 1 root root  496 Apr  9 16:37 libnetfilter_queue_ipv4.h
-rw-r--r-- 1 root root  316 Apr  9 16:37 libnetfilter_queue_ipv6.h
-rw-r--r-- 1 root root  694 Apr  9 16:37 libnetfilter_queue_tcp.h
-rw-r--r-- 1 root root  663 Apr  9 16:37 libnetfilter_queue_udp.h
-rw-r--r-- 1 root root 2598 Apr  9 16:37 linux_nfnetlink_queue.h
-rw-r--r-- 1 root root  916 Apr  9 16:37 pktbuff.h

So what I did was I moved ALL the files above into "/usr/include/libnetfilter_queue-1.0.2/".

I then renamed that dir above to just "/usr/include/libnetfilter_queue/"
Re-ran the configure command and the error for libnetfilter_queue was gone.

But there was now a new error. The new one was pretty much the exact same thing above except it was looking for "/usr/include/libnfnetlink/" but I only had "/usr/include/libnfnetlink-1.0.1".
So I did the same thing I did for libnetfilter_queue and renamed the dir to the one it was looking for and now thew configure command succeeded for the NFQ Module..!!!

Code:
# ./configure --enable-nfq-module=yes --prefix=/usr --libdir=/usr/lib64
:.....
:.......
checking libipq.h usability... no
checking libipq.h presence... no
checking for libipq.h... no
checking for linux/netfilter.h... yes
checking for netinet/in.h... (cached) yes
checking libnetfilter_queue/libnetfilter_queue.h usability... yes
checking libnetfilter_queue/libnetfilter_queue.h presence... yes
checking for libnetfilter_queue/libnetfilter_queue.h... yes
checking for linux/netfilter.h... (cached) yes
:.......
:.....
:...

Build AFPacket DAQ module.. : yes
Build Dump DAQ module...... : yes
Build IPFW DAQ module...... : yes
Build IPQ DAQ module....... : no
Build NFQ DAQ module....... : yes
Build PCAP DAQ module...... : yes

So it looks like it is now good...

Hopefully this helps someone else with a similar problem. I thought I was going to go bald trying to figure this out.... Aghh the little things, like renaming a directory.

Thanks Anyways,
Matt
 
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Compiling source code issue

Need assistance in compile a source code with PERL flags Compile source code CDFconvert-2.2.3 which requires Fortran 90,Perl interpreter , Perl/TK module , NetCDF library , Gempak I have all the above required libraries . Issue is when compiling the source code it looks for local... (4 Replies)
Discussion started by: ajayram_arya
4 Replies

2. UNIX and Linux Applications

Pro*c file Compiling Issue in suse Linux

The existing .pc (pro *C) file is running successfully in UNIX. But when Iam trying to compile this same file in LINUX using proc iname filename.pc, Iam getting an error, proc file not recognized. Could someone help how to generate execute file from the proc*c file. what are the prerequisites... (2 Replies)
Discussion started by: vikrambharat
2 Replies

3. Shell Programming and Scripting

Perl Module Installation issue.

I have issue with the perl module installed in the new Linux server I have installed the required module, but still the perl program was not able to find the path I'm getting the below error: Can't locate Log/Log4perl.pm in @INC (@INC contains: /usr/lib/perl5/site_perl/Log4perl.pm... (5 Replies)
Discussion started by: help_scr_seeker
5 Replies

4. UNIX and Linux Applications

Cross Compiling Issue of udev-151 for MIPS Little Endain Architecture

Hi All, I am trying to cross compile udev-151 for MIPS little endian architecture. I am configuring like this: ./configure --prefix=$PWD/sree --host=mips-linux-gnu configure: WARNING: If you wanted to set the --build type, don't use --host. If a cross compiler is detected then... (3 Replies)
Discussion started by: bsreeram
3 Replies

5. UNIX for Advanced & Expert Users

drbd module compiling error for Kernel

Hi I am trying to install drbd8 via apt-get on ubuntu10 sudo apt-get install drbd8-source password for vishals: Reading package lists... Done Building dependency tree Reading state information... Done drbd8-source is already the newest version. drbd8-source set to manually installed. 0... (0 Replies)
Discussion started by: vishal_vsh1
0 Replies

6. Solaris

perl module install issue

Hi, I've been trying to install the perl module DateTime-0.72 onto Solaris 10 server. # uname -a SunOS 5.10 Generic_142910-17 i86pc i386 i86pc but I'm getting the following error: /export/home/perl-modules/DateTime-0.72/> perl Build.PL Can't locate Module/Build.pm in @INC (@INC... (4 Replies)
Discussion started by: keatingb
4 Replies

7. High Performance Computing

High Performance Linpack Compiling Issue

I'm trying to compile Linpack on a Ubuntu cluster. I'm running MPI. I've modified the following values to fit my system TOPdir MPdir LAlib CC LINKER. When compiling I get the following error: (the error is at the end, the other errors in between are because I've ran the script several times so... (0 Replies)
Discussion started by: JPJPJPJP
0 Replies

8. HP-UX

errors while compiling c++ module

hello everyone, here i attempting to compile a c++ module . I am using the following command make -d dummyCHARGP. i am using the gcc compiler .my os is HP-UX 11.11. here i am getting the following errors. errors: ======= /swtemp/usbs/cc/unix-ce/root/subsys/include/main.h:146:... (1 Reply)
Discussion started by: mannam srinivas
1 Replies

9. UNIX for Dummies Questions & Answers

get error while compiling apache with php module

hi, i'm compiling apache with php module after i finish compile mysql-4.0.0-alpha. i do it as the follow steps after untar'ed them in the same directory, 1) cd apache_1.3.22 ./configure 2) cd php-4.0.6 ./configure --with-mysql=/usr/local/mysql \ --with-apache=../apache_1.3.22 \... (2 Replies)
Discussion started by: jApHEth
2 Replies
Login or Register to Ask a Question