Bro CVS

In order to make an OpenBSD port, I have to patch Bro but I can't find
any CVS.

Bro is not presently available via public CVS. Please send patches to
me so I can integrate them into future releases.

    Vern

Vern Paxson <vern@icir.org> writes:

> In order to make an OpenBSD port, I have to patch Bro but I can't find
> any CVS.

Bro is not presently available via public CVS. Please send patches to
me so I can integrate them into future releases.

    Vern

Hello,

I give you what I need to do to compile Bro (0.8a20) with an
OpenBSD(3.3) 17 mars Snapshot.

1- Problème with TCP_Rewriter.cc :
Here, the problème I've seen :

g++ -I. -Ilibedit -O -c TCP_Rewriter.cc
TCP_Rewriter.cc: In method `int TCP_TracePacket::Finish(pcap_pkthdr
*&, const u_char *&, int &, unsigned int, unsigned int)':
TCP_Rewriter.cc:350: no match for `bpf_timeval & = timeval'
/usr/include/net/bpf.h:122: candidates are: struct bpf_timeval &
bpf_timeval::operator =(const bpf_timeval &)
*** Error code 1

And to resolve it, I modify a few the "double_to_timeval"
function. Here, my changes :

#define MSG_PREFIX "TCP trace rewriter: "

#ifdef OPENBSD

static struct bpf_timeval double_to_timeval(double t)
  {
  struct bpf_timeval tv;
#else
static struct timeval double_to_timeval(double t)
        {
        struct timeval tv;
#endif

  double t1 = floor(t);
  tv.tv_sec = (int) t1;

2- DNS error :

gcc -I. -Ilibedit -O -c nb_dns.c
nb_dns.c:81: `NS_MAXDNAME' undeclared here (not in a function)
nb_dns.c:81: size of array `name' has non-integer type
nb_dns.c: In function `_nb_dns_mkquery':
nb_dns.c:274: `NS_INADDRSZ' undeclared (first use in this function)
nb_dns.c:274: (Each undeclared identifier is reported only once
nb_dns.c:274: for each function it appears in.)
nb_dns.c:279: `NS_IN6ADDRSZ' undeclared (first use in this function)
nb_dns.c:291: `ns_o_query' undeclared (first use in this function)
nb_dns.c:293: `ns_c_in' undeclared (first use in this function)
nb_dns.c: In function `nb_dns_addr_request2':
nb_dns.c:376: `NS_MAXDNAME' undeclared (first use in this function)
nb_dns.c:376: size of array `name' has non-integer type
nb_dns.c:394: `NS_IN6ADDRSZ' undeclared (first use in this function)
nb_dns.c: In function `nb_dns_activity':
nb_dns.c:457: syntax error before `handle'
nb_dns.c:473: `handle' undeclared (first use in this function)
nb_dns.c:516: `ns_f_rcode' undeclared (first use in this function)
nb_dns.c:518: `ns_r_nxdomain' undeclared (first use in this function)
nb_dns.c:523: `ns_r_servfail' undeclared (first use in this function)
nb_dns.c:528: `ns_r_noerror' undeclared (first use in this function)
nb_dns.c:531: `ns_r_formerr' undeclared (first use in this function)
nb_dns.c:532: `ns_r_notimpl' undeclared (first use in this function)
nb_dns.c:533: `ns_r_refused' undeclared (first use in this function)
nb_dns.c:519: warning: unreachable code at beginning of switch statement
nb_dns.c:541: `rr' undeclared (first use in this function)
nb_dns.c:556: `ns_s_an' undeclared (first use in this function)
nb_dns.c:572: warning: assignment makes pointer from integer without a cast
gmake: *** [nb_dns.o] Error 1

To solve it, I had to put the "-I$(BIND9_PATH)/include" flags in the
Makefile

3- Link problem :

g++ -o bro main.o net_util.o util.o parse.o scan.o re-parse.o re-scan.o rule-parse.o rule-scan.o Active.o Anon.o Attr.o BackDoor.o BroString.o CCL.o CompHash.o Conn.o DFA.o Debug.o DebugCmds.o DbgBreakpoint.o DbgWatch.o DbgHelp.o Desc.o Dict.o Discard.o DNS.o DNS_Mgr.o EquivClass.o Event.o Expr.o File.o Finger.o Frag.o Frame.o FTP.o Func.o Hash.o HTTP.o ICMP.o ID.o Ident.o InterConn.o IntSet.o List.o Logger.o Login.o MIME.o NFA.o NTP.o NVT.o Net.o NetbiosSSN.o NetVar.o Obj.o PktSrc.o PolicyFile.o Portmap.o PriorityQueue.o Queue.o Reassem.o Rlogin.o RE.o RPC.o Rule.o RuleMatcher.o RuleAction.o RuleCondition.o Scope.o Sessions.o SMTP.o SSH.o SteppingStone.o Stmt.o TCP.o TCP_Rewriter.o Telnet.o Timer.o Type.o UDP.o Val.o Var.o XDR.o cq.o md5.o setsignal.o version.o nb_dns.o -Llibedit -ltermcap -ledit -lpcap -lm
nb_dns.o: Undefined symbol `___res_init' referenced from text segment
nb_dns.o: Undefined symbol `___inet_ntoa' referenced from text segment
nb_dns.o: Undefined symbol `___res_mkquery' referenced from text segment
nb_dns.o: Undefined symbol `___ns_initparse' referenced from text segment
nb_dns.o: Undefined symbol `___ns_msg_getflag' referenced from text segment
nb_dns.o: Undefined symbol `___dn_expand' referenced from text segment
nb_dns.o: Undefined symbol `___ns_parserr' referenced from text segment
readline.c:161: Undefined symbol `_history' referenced from text segment
readline.c:189: Undefined symbol `_el_end' referenced from text segment
readline.c:191: Undefined symbol `_history_end' referenced from text segment
readline.c:204: Undefined symbol `_el_init' referenced from text segment
readline.c:207: Undefined symbol `_el_set' referenced from text segment
readline.c:209: Undefined symbol `_history_init' referenced from text segment
readline.c:213: Undefined symbol `_history' referenced from text segment
readline.c:216: Undefined symbol `_history' referenced from text segment
readline.c:216: Undefined symbol `_el_set' referenced from text segment
readline.c:220: Undefined symbol `_el_set' referenced from text segment
readline.c:221: Undefined symbol `_el_set' referenced from text segment
readline.c:225: Undefined symbol `_el_set' referenced from text segment
readline.c:231: Undefined symbol `_el_set' referenced from text segment
readline.c:234: Undefined symbol `_el_set' referenced from text segment
readline.c:248: Undefined symbol `_el_source' referenced from text segment
readline.c:254: Undefined symbol `_el_line' referenced from text segment
readline.c:285: Undefined symbol `_el_gets' referenced from text segment
readline.c:300: Undefined symbol `_history' referenced from text segment
readline.c:434: Undefined symbol `_history' referenced from text segment
readline.c:448: Undefined symbol `_history' referenced from text segment
readline.c:453: Undefined symbol `_history' referenced from text segment
readline.c:820: Undefined symbol `_history' referenced from text segment
readline.c:834: Undefined symbol `_history' referenced from text segment
readline.c:0: More undefined symbol _history refs follow
readline.c:1455: Undefined symbol `_el_line' referenced from text segment
readline.c:1490: Undefined symbol `_el_deletestr' referenced from text segment
readline.c:1491: Undefined symbol `_el_insertstr' referenced from text segment
readline.c:1510: Undefined symbol `_el_insertstr' referenced from text segment
readline.c:1553: Undefined symbol `_el_beep' referenced from text segment
readline.c:1557: Undefined symbol `_el_beep' referenced from text segment
readline.c:1629: Undefined symbol `_el_getc' referenced from text segment
readline.c:1643: Undefined symbol `_el_reset' referenced from text segment
readline.c:1663: Undefined symbol `_el_push' referenced from text segment
collect2: ld returned 1 exit status
gmake: *** [bro] Error 1

Here, I have to put
"libedit/*.o" to the "-Llibedit" place.
I think (but It's just my opinion) the linker have a bug here... I've
got the 2.95.3 gcc version.

4- Another link problem :

gcc -I. -Ilibedit -O -c nb_dns.c
nb_dns.c:81: `NS_MAXDNAME' undeclared here (not in a function)
nb_dns.c:81: size of array `name' has non-integer type
nb_dns.c: In function `_nb_dns_mkquery':
nb_dns.c:274: `NS_INADDRSZ' undeclared (first use in this function)
nb_dns.c:274: (Each undeclared identifier is reported only once
nb_dns.c:274: for each function it appears in.)
nb_dns.c:279: `NS_IN6ADDRSZ' undeclared (first use in this function)
nb_dns.c:291: `ns_o_query' undeclared (first use in this function)
nb_dns.c:293: `ns_c_in' undeclared (first use in this function)
nb_dns.c: In function `nb_dns_addr_request2':
nb_dns.c:376: `NS_MAXDNAME' undeclared (first use in this function)
nb_dns.c:376: size of array `name' has non-integer type
nb_dns.c:394: `NS_IN6ADDRSZ' undeclared (first use in this function)
nb_dns.c: In function `nb_dns_activity':
nb_dns.c:457: syntax error before `handle'
nb_dns.c:473: `handle' undeclared (first use in this function)
nb_dns.c:516: `ns_f_rcode' undeclared (first use in this function)
nb_dns.c:518: `ns_r_nxdomain' undeclared (first use in this function)
nb_dns.c:523: `ns_r_servfail' undeclared (first use in this function)
nb_dns.c:528: `ns_r_noerror' undeclared (first use in this function)
nb_dns.c:531: `ns_r_formerr' undeclared (first use in this function)
nb_dns.c:532: `ns_r_notimpl' undeclared (first use in this function)
nb_dns.c:533: `ns_r_refused' undeclared (first use in this function)
nb_dns.c:519: warning: unreachable code at beginning of switch statement
nb_dns.c:541: `rr' undeclared (first use in this function)
nb_dns.c:556: `ns_s_an' undeclared (first use in this function)
nb_dns.c:572: warning: assignment makes pointer from integer without a cast
gmake: *** [nb_dns.o] Error 1

Off course, I put the bind include but I need to put the libbind
too. That what I do in the Makefile (LIBS variable) :
-L$(BIND_PATH) -lbind

I think (and It's again my own opinion) the best way to solve the DNS
problem is to put in the Bro sources the : bind-9.x.x/lib/bind
directory and modify the Makefile. In that way, the depedence with
Bind will be solve and I prefer not install bind on my firewall...

5- Yet Another link problem :

g++ -o bro main.o net_util.o util.o parse.o scan.o re-parse.o re-scan.o rule-parse.o rule-scan.o Active.o Anon.o Attr.o BackDoor.o BroString.o CCL.o CompHash.o Conn.o DFA.o Debug.o DebugCmds.o DbgBreakpoint.o DbgWatch.o DbgHelp.o Desc.o Dict.o Discard.o DNS.o DNS_Mgr.o EquivClass.o Event.o Expr.o File.o Finger.o Frag.o Frame.o FTP.o Func.o Hash.o HTTP.o ICMP.o ID.o Ident.o InterConn.o IntSet.o List.o Logger.o Login.o MIME.o NFA.o NTP.o NVT.o Net.o NetbiosSSN.o NetVar.o Obj.o PktSrc.o PolicyFile.o Portmap.o PriorityQueue.o Queue.o Reassem.o Rlogin.o RE.o RPC.o Rule.o RuleMatcher.o RuleAction.o RuleCondition.o Scope.o Sessions.o SMTP.o SSH.o SteppingStone.o Stmt.o TCP.o TCP_Rewriter.o Telnet.o Timer.o Type.o UDP.o Val.o Var.o XDR.o cq.o md5.o setsignal.o version.o nb_dns.o -ltermcap -ledit libedit/*.o -lpcap -lm -L/usr/local/src/bind-9.2.2/lib/bind/ -lbind
irs_data.c:117: Undefined symbol `_pthread_mutex_lock' referenced from text segment
irs_data.c:119: Undefined symbol `_pthread_key_create' referenced from text segment
irs_data.c:120: Undefined symbol `_pthread_mutex_unlock' referenced from text segment
irs_data.c:122: Undefined symbol `_pthread_getspecific' referenced from text segment
irs_data.c:130: Undefined symbol `_pthread_setspecific' referenced from text segment
collect2: ld returned 1 exit status
gmake: *** [bro] Error 1

Here, it's just a pthread librarie which is not link well. Just add
-lpthread in the LIBS makefile variable.

make & gmake do the same things here.

I wish this will help you.

Regards,