Date: Mon, 26 Sep 2011 13:59:53 +0200 (CEST) From: =?ISO-8859-1?Q?Trond_Endrest=F8l?= <Trond.Endrestol@fagskolen.gjovik.no> To: "Michael D. Norwick" <mnorwick@centurytel.net> Cc: freebsd-questions@freebsd.org Subject: Re: Trying to build Nessus 4 from ports Message-ID: <alpine.BSF.2.00.1109261334540.6659@mail.fig.ol.no> In-Reply-To: <4E805DFA.2020501@centurytel.net> References: <4E7BEA42.4020004@a1poweruser.com> <4E7CFA99.9000801@centurytel.net> <4E7E4A9D.70901@gmail.com> <alpine.BSF.2.00.1109251704390.6659@mail.fig.ol.no> <4E805DFA.2020501@centurytel.net>
next in thread | previous in thread | raw e-mail | index | archive | help
This message is in MIME format. The first part should be readable text,
while the remaining parts are likely unreadable without MIME-aware tools.
--2055831798-1389920680-1317038394=:6659
Content-Type: TEXT/PLAIN; charset=ISO-8859-1
Content-Transfer-Encoding: 8BIT
On Mon, 26 Sep 2011 06:11-0500, Michael D. Norwick wrote:
> On 09/25/11 10:08, Trond Endrestøl wrote:
> > On Sat, 24 Sep 2011 23:24+0200, Andrei Brezan wrote:
> >
> > > On 23/09/2011 23:31, Michael D. Norwick wrote:
> > > > Good Day
> > > >
> > > > Trying to build /usr/ports/security/nessus on FreeBSD 9-beta2 with ports
> > > > updated via - portsnap fetch update - completed 09/22/2011. The result
> > > > from
> > > > #>make;
> > > >
> > > > ===> Applying FreeBSD patches for nessus-libraries-2.2.9_1
> > > > ===> nessus-libraries-2.2.9_1 depends on executable: bison - found
> > > > ===> nessus-libraries-2.2.9_1 depends on package: libtool>=2.4 -
> > > > found
> > > > ===> Configuring for nessus-libraries-2.2.9_1
> > > > ********************************************************
> > > > * W a r n i n g *
> > > > * *
> > > > * Nessus needs Berkeley Packet Filter (bpf). *
> > > > * To use nessus, your kernel must be rebuilt with bpf, *
> > > > * and make bpf devices on /dev directory. *
> > > > * *
> > > > * Be sure to build as many bpf devices as you need. *
> > > > * For more info on this read files/README.BPF *
> > > > ********************************************************
> > > > *** Error code 1
By looking at security/nessus-libraries/Makefile, I think the logic
for checking the availability of bpf is perhaps out of touch with 9.0:
.if ! defined(NESSUS_CLIENT_ONLY)
MANUAL_PACKAGE_BUILD= needs /dev/bpf which is not available in pointyhat jail
pre-configure:
@if [ ! -c /dev/bpf1 ]; then \
${ECHO} "********************************************************";\
${ECHO} "* W a r n i n g *";\
${ECHO} "* *";\
${ECHO} "* Nessus needs Berkeley Packet Filter (bpf). *";\
${ECHO} "* To use nessus, your kernel must be rebuilt with bpf, *";\
${ECHO} "* and make bpf devices on /dev directory. *";\
${ECHO} "* *";\
${ECHO} "* Be sure to build as many bpf devices as you need. *";\
${ECHO} "* For more info on this read files/README.BPF *";\
${ECHO} "********************************************************";\
${FALSE}; \
fi
.if ! defined(WITH_NESSUS_BPF_SHARE)
@if [ ! -c /dev/bpf40 ]; then \
${ECHO} "********************************************************";\
${ECHO} "* W a r n i n g *";\
${ECHO} "* *";\
${ECHO} "* Nessus needs many bpf devices. If you can't rebuild *";\
${ECHO} "* your kernel with more than 40 bpf devices (as *";\
${ECHO} "* described in files/README.BPF) then build this port *";\
${ECHO} "* with \"make -DWITH_NESSUS_BPF_SHARE\" *";\
${ECHO} "* *";\
${ECHO} "********************************************************";\
${FALSE}; \
fi
.endif
.endif
By issuing these commands was I able to resume building
security/nessus-libraries:
ln -s bpf /dev/bpf1
ln -s bpf /dev/bpf40
The build ran fine until I hit upon this snag:
===> Building for nessus-libraries-2.2.9_1
Creating nessus-config ...
cd libpcap-nessus && make
libtool gcc -pipe -O2 -pipe -fno-strict-aliasing -O2 -O2 -pipe -fno-strict-aliasing -I. -I../../include -DHAVE_CONFIG_H -DNESSUS_ON_SSL -DHAVE_SYS_IOCCOM_H=1 -DHAVE_SYS_SOCKIO_H=1 -DHAVE_ETHER_HOSTTON=1 -DHAVE_STRERROR=1 -DHAVE_SOCKADDR_SA_LEN=1 -I. -DHAVE_SSL -I/usr/include/openssl -I/usr/ports/security/nessus-libraries/work/nessus-libraries/include -I/usr/ports/security/nessus-libraries/work/nessus-libraries/libpcap-nessus -c ./pcap-bpf.c
libtool: you must specify a MODE
libtool: Try `libtool --help' for more information.
*** Error code 1
Stop in /usr/ports/security/nessus-libraries/work/nessus-libraries/libpcap-nessus.
*** Error code 1 (ignored)
cd libnessus && make
libtool gcc -pipe -I../ -DHAVE_CONFIG_H -DNESSUS_ON_SSL -I. -DHAVE_SSL -I/usr/include/openssl -I/usr/ports/security/nessus-libraries/work/nessus-libraries/include -I/usr/ports/security/nessus-libraries/work/nessus-libraries/libpcap-nessus -O2 -pipe -fno-strict-aliasing -g -c plugutils.c
libtool: you must specify a MODE
libtool: Try `libtool --help' for more information.
*** Error code 1
Stop in /usr/ports/security/nessus-libraries/work/nessus-libraries/libnessus.
*** Error code 1
Stop in /usr/ports/security/nessus-libraries/work/nessus-libraries.
*** Error code 1
Stop in /usr/ports/security/nessus-libraries.
*** Error code 1
Stop in /usr/ports/security/nessus-libnasl.
*** Error code 1
Stop in /usr/ports/security/nessus.
Running make as make -DWITH_NESSUS_BPF_SHARE made no difference, even
after removing the security/nessus-libraries/work and
security/nessus-libnasl/work directories.
It looks like the maintainer needs to get his/her hands dirty for
nessus to work in 9.0.
Trond.
> > > > Stop in /usr/ports/security/nessus-libraries.
> > > > *** Error code 1
> > > >
> > > > Stop in /usr/ports/security/nessus-libnasl.
> > > > *** Error code 1
> > > >
> > > > Stop in /usr/ports/security/nessus.
> > > >
> > > > From an earlier post on freebsd-questions I added;
> > > >
> > > > # Historically X depended on this, but version 4.3.0 doesn't seem to
> > > > anymore
> > > > #link ttyv0 vga
> > > >
> > > > # Commonly used by many ports
> > > > #link acd0 cdrom
> > > >
> > > > # Allow a user in the wheel group to query the smb0 device
> > > > #perm smb0 0660
> > > >
> > > > # Allow members of group operator to cat things to the speaker
> > > > #own speaker root:operator
> > > > #perm speaker 0660
> > > >
> > > > own bpf0 root:bpf
> > > > perm bpf0 0640
> > Sorry for leaping in, but I think you should change bpf0 to bpf only.
> > See below.
> >
> > > > own bpf1 root:bpf
> > > > perm bpf1 0640
> > > > own bpf2 root:bpf
> > > > perm bpf2 0640
> > > > own bpf3 root:bpf
> > > > perm bpf3 0640
> > > > own bpf4 root:bpf
> > > > perm bpf4 0640
> > > >
> > > > to /etc/devfs.conf. But I still get;
> > > >
> > > > crw-r----- 1 root bpf 0, 11 Sep 22 21:14 bpf
> > > > lrwxr-xr-x 1 root wheel 3 Sep 22 21:14 bpf0 -> bpf
> > > > crw-rw-rw- 1 root wheel 0, 49 Sep 22 21:14 bpsm0
> > Looking at this listing, bpf0 is a symlink to bpf, thus
> > /etc/devfs.conf should manage /dev/bpf and not /dev/bpf0.
> >
> > > > in /dev after rebooting. Do I require a statement in rc.conf or
> > > > loader.conf
> > > > to activate more bpf devices? Am I editing the right file the wrong
> > > > way?
> > > > The proper handbook chapter escapes me right now.
> > > >
> > > > Previous to trying to build nessus from ports I built a new kernel with
> > > > -
> > > > device bpf enabled.
> > > >
> > > > Thank You,
> > > > Michael
> > > I would suggest to get the package from tenable.com and install it via
> > > pkg_add. That's how it worked for me but on FreeBSD 8.2-stable. Might
> > > worth a
> > > shot.
> > >
> > > Regards,
> >
> > Trond.
> >
> Good Day;
>
> Still no joy trying to build from source via ports or installing the binary
> from tenable.com on FreeBSD 9. nessusd is installed but errors out with
> 'libz.so.5 not found. I have;
>
> $ ls -l /lib/libz.*
> -r--r--r-- 1 root wheel 90328 Sep 26 05:46 /lib/libz.so.6
>
> and
>
> $ ls -l /usr/lib32/libz.*
> -r--r--r-- 1 root wheel 90828 Sep 26 05:48 /usr/lib32/libz.a
> lrwxr-xr-x 1 root wheel 9 Sep 26 05:48 /usr/lib32/libz.so -> libz.so.6
> -r--r--r-- 1 root wheel 76808 Sep 26 05:48 /usr/lib32/libz.so.6
>
> and
>
> $ ls -l /usr/lib/libz.*
> -r--r--r-- 1 root wheel 126192 Sep 26 05:46 /usr/lib/libz.a
> lrwxr-xr-x 1 root wheel 14 Sep 26 05:46 /usr/lib/libz.so ->
> /lib/libz.so.6
>
> on new world built last night.
>
> From /usr/ports/security/nessus-libraries/files/README.bpf
>
> "Nessus uses the pcap library, which uses the berkeley packet filter (bpf)
> to do its job.
>
> Since Nessus used multiple processes, several pcap-aware plugins will
> need to access the the bpf at the same time.
>
> This means that you need to recompile your kernel with the following option:
>
> pseudo-device bpf
>
> If for instance you want to have 10 nessusd running at the same time,
> each running 5 plugins in parallel, you should create 50 (10 * 5) bpfs
> (as nessusd is extremely lightweight, you can expect to have this amount
> of processes running at the same time)
>
> If you plan to scan a whole network, we recommand you create at least
> 100 of them.
>
> Once your kernel has been rebuilt, get root, cd to /dev
> and do:
>
> ./MAKEDEV bpf+100
>
> For FreeBSD 5.x this is not needed since the devfs creates devices when
> needed.
>
> If you can not recompile your kernel, you can try to run the configure
> script with the option --enable-bpf-sharing. In this case, nessusd will
> try to share one /dev/bpf among multiple processes and do the filtering
> in userland. NOTE THAT THIS OPTION IS HIGHLY EXPERIMENTAL AND WE DO
> NOT RECOMMAND ENABLING IT."
>
> Is this referring to an 8.2 system?
> psuedo-device does not work on 9.0 kernel source.
>
> Have not tried the MAKEDEV command yet because I do not know if I need to
> continue since I cannot get the daemon to start.
>
> Thank You,
>
> Michael
--
----------------------------------------------------------------------
Trond Endrestøl | Trond.Endrestol@fagskolen.gjovik.no
ACM, NAS, NUUG, SAGE, USENIX | FreeBSD 8.2-STABLE & Alpine 2.00
--2055831798-1389920680-1317038394=:6659--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.1109261334540.6659>