From owner-freebsd-security@FreeBSD.ORG Tue May 27 19:14:42 2008 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 07753106567A for ; Tue, 27 May 2008 19:14:42 +0000 (UTC) (envelope-from swhetzel@gmail.com) Received: from rv-out-0506.google.com (rv-out-0506.google.com [209.85.198.238]) by mx1.freebsd.org (Postfix) with ESMTP id D1B828FC1C for ; Tue, 27 May 2008 19:14:41 +0000 (UTC) (envelope-from swhetzel@gmail.com) Received: by rv-out-0506.google.com with SMTP id b25so3050447rvf.43 for ; Tue, 27 May 2008 12:14:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=iPvEEEC0pI9IzOlOuTTmnorofTTQ8OyZwRCzkbs9Si8=; b=uxWBeJ7WhJCGPxJS+gVd6CD/T5z5Wt9oX8R/rHAQewAzLyHRtoN8mwczaf6elPAA0J1EusXwKsAiD8rWEy8/+H0VqGM6dPHH/kEhgd0uXMmB8tBylIc5VEzJGueHhEPj5ENNypORCUvX9O3xspxzHOkDO8O/ezN+QyKpcTks+ps= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=gq9Lqbji1YHG857Nw0drEe4gy1yDAM6916xaTP1pVMIIp5aejK1Q4jDjRR2jE4lXQ0ujc4HBjj5U7C9Y0EC+kHdBbGmrKGP3maiKzPtnRM8fEkh2bMhI5Y9LyrfaJQRKjV/LS4+VOPPe9DoJCTP5mk6pyGvM+lSgAmVecV1Mvok= Received: by 10.141.145.11 with SMTP id x11mr695583rvn.215.1211915680995; Tue, 27 May 2008 12:14:40 -0700 (PDT) Received: by 10.141.41.4 with HTTP; Tue, 27 May 2008 12:14:40 -0700 (PDT) Message-ID: <790a9fff0805271214k4268fffdmaff2b0d3ea29759d@mail.gmail.com> Date: Tue, 27 May 2008 14:14:40 -0500 From: "Scot Hetzel" To: "Nigel Houghton" In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <451466.32114.qm@web52108.mail.re2.yahoo.com> Cc: gahn , freebsd security Subject: Re: freebsd and snort X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 May 2008 19:14:42 -0000 On 5/27/08, Nigel Houghton wrote: > On 5/27/08 2:51 AM, "gahn" wrote: > > > Hello all: > > > > I tried to install snort under /usr/ports/security and have some problems. > > with "make all", I checked every item on the menu but I got error messages: > > > 3. Did you try to contact the port maintainer or file a bug report? (the > port needs updating anyway) > The maintainer knows about the broken state of FLEXSRESP2 patch, as he was the one who submitted the change to mark it broken in revision 1.70 (2006/08/30 04:26:53 clsung) when it was first introduced. It also looks like snort 2.8.1 now incorporates the FLEXRESP2 patch in the main source. I submitted PR 124048 to remove the BROKEN state of FLEXRESP2. http://www.freebsd.org/cgi/query-pr.cgi?pr=124048 > Having said all that, I don't know why flexresp2 is needed for a plain snort > build. > The default state for FLEXRESP2 is OFF. The only OPTION that is enabled is dynamic plugin support (DYNAMIC) for a plain snort build. Scot