help for bro 1.4

I am using Suse 11.2 on my laptop. I am using bro 1.4. I had tried bro 1.5
but it gives me so many error on execution of make command. So I used bro
1.4. it got installed . Could any one help me the steps how to use bro 1.4,
what changes to be made in configuration files etc…
Please help me .
Regards ,
Vijay M khadse

What errors did you get compiling bro 1.5?

If you are looking at information on what bro can do and how to… You can read the user manual on the wiki at http://www.bro-ids.org/wiki/index.php/User_Manual

It is a good resource for someone wanting to start experimenting with bro. Mail back to the list if there is anything in particular you are looking for.

Sri

hello,

I am sending you the log of errors , I am getting when I was trying to install bro 1.5 on SUSE 11.2. It was errors some what related to python.h. Please help to solve the problem.

The error trace is as follows:-

hi,
Have a look at errors i am getting while using bro 1.5 on suse 11.2. It is a long listing so many lines were deleted due to similar errors

broctl: building Python bindings for Broccoli …

( cd /usr/local/bro-1.5.1/aux/broccoli/bindings/python \

&& CFLAGS="-I/usr/local/bro-1.5.1/aux/broccoli/src" LDFLAGS="-L/usr/local/bro-1.5.1/aux/broccoli/src/.libs" python setup.py build -b /usr/local/bro-1.5.1/aux/broctl/.python-build )

running build

running build_py

creating /usr/local/bro-1.5.1/aux/broctl/.python-build

creating /usr/local/bro-1.5.1/aux/broctl/.python-build/lib.linux-i686-2.6

copying broccoli.py → /usr/local/bro-1.5.1/aux/broctl/.python-build/lib.linux-i686-2.6

running build_ext

building ‘_broccoli_intern’ extension

creating /usr/local/bro-1.5.1/aux/broctl/.python-build/temp.linux-i686-2.6

gcc -pthread -DNDEBUG -fomit-frame-pointer -fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -g -I/usr/local/bro-1.5.1/aux/broccoli/src -fPIC -I…/…/src -I/usr/include/python2.6 -c broccoli_intern_wrap.c -o /usr/local/bro-1.5.1/aux/broctl/.python-build/temp.linux-i686-2.6/broccoli_intern_wrap.o

broccoli_intern_wrap.c:118:20: error: Python.h: No such file or directory

broccoli_intern_wrap.c:800: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c: In function ‘SWIG_Python_AddErrorMsg’:

broccoli_intern_wrap.c:847: error: ‘PyObject’ undeclared (first use in this function)

broccoli_intern_wrap.c:847: error: (Each undeclared identifier is reported only once

broccoli_intern_wrap.c:847: error: for each function it appears in.)

broccoli_intern_wrap.c:847: error: ‘type’ undeclared (first use in this function)

broccoli_intern_wrap.c:848: error: ‘value’ undeclared (first use in this function)

broccoli_intern_wrap.c:849: error: ‘traceback’ undeclared (first use in this function)

broccoli_intern_wrap.c: At top level:

broccoli_intern_wrap.c:1028: error: expected ‘)’ before ‘*’ token

broccoli_intern_wrap.c:1054: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:1100: error: expected ‘)’ before ‘*’ token

broccoli_intern_wrap.c:1202: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:1213: error: expected specifier-qualifier-list before ‘PyObject’

broccoli_intern_wrap.c: In function ‘SWIG_Python_CheckImplicit’:

broccoli_intern_wrap.c:1225: error: ‘PySwigClientData’ has no member named ‘implicitconv’

broccoli_intern_wrap.c: At top level:

broccoli_intern_wrap.c:1228: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:1237: error: expected ‘)’ before ‘*’ token

broccoli_intern_wrap.c: In function ‘PySwigClientData_Del’:

broccoli_intern_wrap.c:1292: warning: implicit declaration of function ‘Py_XDECREF’

broccoli_intern_wrap.c:1292: error: ‘PySwigClientData’ has no member named ‘newraw’

broccoli_intern_wrap.c: At top level:

broccoli_intern_wrap.c:1300: error: expected specifier-qualifier-list before ‘PyObject_HEAD’

broccoli_intern_wrap.c:1307: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:1313: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:1366: error: expected declaration specifiers or ‘…’ before ‘FILE’

broccoli_intern_wrap.c: In function ‘PySwigObject_print’:

broccoli_intern_wrap.c:1371: error: ‘PyObject’ undeclared (first use in this function)

broccoli_intern_wrap.c:1371: error: ‘repr’ undeclared (first use in this function)

broccoli_intern_wrap.c:1374: error: ‘fp’ undeclared (first use in this function)

broccoli_intern_wrap.c: At top level:

broccoli_intern_wrap.c:1382: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c: In function ‘PySwigObject_compare’:

broccoli_intern_wrap.c:1393: error: ‘PySwigObject’ has no member named ‘ptr’

broccoli_intern_wrap.c:1394: error: ‘PySwigObject’ has no member named ‘ptr’

broccoli_intern_wrap.c: At top level:

broccoli_intern_wrap.c:1398: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:1555: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘swigobject_methods’

broccoli_intern_wrap.c:1567: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:1574: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:1682: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:1700: error: expected specifier-qualifier-list before ‘PyObject_HEAD’

broccoli_intern_wrap.c:1707: error: expected declaration specifiers or ‘…’ before ‘FILE’

broccoli_intern_wrap.c: In function ‘PySwigPacked_print’:

broccoli_intern_wrap.c:1710: error: ‘fp’ undeclared (first use in this function)

broccoli_intern_wrap.c:1711: error: ‘PySwigPacked’ has no member named ‘pack’

broccoli_intern_wrap.c:1711: error: ‘PySwigPacked’ has no member named ‘size’

broccoli_intern_wrap.c:1715: error: ‘PySwigPacked’ has no member named ‘ty’

broccoli_intern_wrap.c: At top level:

broccoli_intern_wrap.c:1720: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:1731: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c: In function ‘PySwigPacked_compare’:

broccoli_intern_wrap.c:1745: error: ‘PySwigPacked’ has no member named ‘size’

broccoli_intern_wrap.c:1746: error: ‘PySwigPacked’ has no member named ‘size’

broccoli_intern_wrap.c:1748: error: ‘PySwigPacked’ has no member named ‘size’

broccoli_intern_wrap.c:1748: error: ‘PySwigPacked’ has no member named ‘pack’

broccoli_intern_wrap.c:1748: error: ‘PySwigPacked’ has no member named ‘pack’

broccoli_intern_wrap.c:1748: error: ‘PySwigPacked’ has no member named ‘size’

broccoli_intern_wrap.c: At top level:

broccoli_intern_wrap.c:1751: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:1753: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:1760: error: expected ‘)’ before ‘*’ token

broccoli_intern_wrap.c:1766: error: expected ‘)’ before ‘*’ token

broccoli_intern_wrap.c:1775: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:1845: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:1865: error: expected ‘)’ before ‘*’ token

broccoli_intern_wrap.c:1881: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:1887: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

b

broccoli_intern_wrap.c:2314: error: ‘swig_empty_runtime_method_table’ undeclared (first use in this function)

broccoli_intern_wrap.c:2314: error: expected expression before ‘]’ token

broccoli_intern_wrap.c:2316: error: ‘PyObject’ undeclared (first use in this function)

broccoli_intern_wrap.c:2316: error: ‘module’ undeclared (first use in this function)

broccoli_intern_wrap.c:2316: warning: implicit declaration of function ‘Py_InitModule’

broccoli_intern_wrap.c:2318: error: ‘pointer’ undeclared (first use in this function)

broccoli_intern_wrap.c:2318: warning: implicit declaration of function ‘PyCObject_FromVoidPtr’

broccoli_intern_wrap.c:2320: warning: implicit declaration of function ‘PyModule_AddObject’

broccoli_intern_wrap.c: At top level:

broccoli_intern_wrap.c:2327: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c: In function ‘SWIG_Python_TypeQuery’:

broccoli_intern_wrap.c:2338: warning: implicit declaration of function ‘PyDict_GetItem’

broccoli_intern_wrap.c:2552: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:2562: error: expected ‘)’ before ‘*’ token

broccoli_intern_wrap.c:2611: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:2689: error: expected ‘)’ before ‘*’ token

broccoli_intern_wrap.c: In function ‘event_callback’:

broccoli_intern_wrap.c:2807: error: ‘PyObject’ undeclared (first use in this function)

broccoli_intern_wrap.c:2807: error: ‘func’ undeclared (first use in this function)

broccoli_intern_wrap.c:2807: error: expected expression before ‘)’ token

broccoli_intern_wrap.c:2814: warning: implicit declaration of function ‘PyObject_Call’

broccoli_intern_wrap.c: At top level:

broccoli_intern_wrap.c:2835: error: expected ‘)’ before ‘*’ token

broccoli_intern_wrap.c: In function ‘SWIG_CanCastAsInteger’:

broccoli_intern_wrap.c:2891: error: ‘errno’ undeclared (first use in this function)

broccoli_intern_wrap.c:2891: error: ‘EDOM’ undeclared (first use in this function)

broccoli_intern_wrap.c:2891: error: ‘ERANGE’ undeclared (first use in this function)

broccoli_intern_wrap.c: At top level:

broccoli_intern_wp.c:5865: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:5911: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:6592: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:7380: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:7709: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘SwigMethods’

broccoli_intern_wrap.c:8291: error: expected specifier-qualifier-list before ‘PyObject’

broccoli_intern_wrap.c:8297: error: expected specifier-qualifier-list before ‘PyObject_HEAD’

broccoli_intern_wrap.c:8301: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:8306: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c: In function ‘swig_varlink_print’:

broccoli_intern_wrap.c:8320: error: ‘PyObject’ undeclared (first use in this function)

broccoli_intern_wrap.c:8320: error: ‘str’ undeclared (first use in this function)

broccoli_intern_wrap.c:8320: warning: implicit declaration of function ‘swig_varlink_str’

broccoli_intern_wrap.c:8322: warning: format ‘%s’ expects type ‘char *’, but argument 3 has type ‘int’

broccoli_intern_wrap.c: In function ‘swig_varlink_dealloc’:

broccoli_intern_wrap.c:8329: error: ‘swig_varlinkobject’ has no member named ‘vars’

broccoli_intern_wrap.c:8331: error: ‘swig_globalvar’ has no member named ‘next’

broccoli_intern_wrap.c: At top level:

broccoli_intern_wrap.c:8338: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:8356: error: expected declaration specifiers or ‘…’ before ‘PyObject’

broccoli_intern_wrap.c: In function ‘swig_varlink_setattr’:

broccoli_intern_wrap.c:8358: error: ‘swig_varlinkobject’ has no member named ‘vars’

broccoli_intern_wrap.c:8361: error: ‘swig_globalvar’ has no member named ‘set_attr’

broccoli_intern_wrap.c:8361: error: ‘p’ undeclared (first use in this function)

broccoli_intern_wrap.c:8364: error: ‘swig_globalvar’ has no member named ‘next’

broccoli_intern_wrap.c:8367: error: ‘PyExc_NameError’ undeclared (first use in this function)

broccoli_intern_wrap.c: At top level:

broccoli_intern_wrap.c:8372: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:8424: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:8434: error: expected ‘)’ before ‘*’ token

broccoli_intern_wrap.c:8450: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token

broccoli_intern_wrap.c:8463: error: expected ‘)’ before ‘*’ token

broccoli_intern_wrap.c:8490: error: expected ‘)’ before ‘*’ token

broccoli_intern_wrap.c: In function ‘init_broccoli_intern’:

broccoli_intern_wrap.c:8543: error: ‘PyObject’ undeclared (first use in this function)

broccoli_intern_wrap.c:8543: error: ‘m’ undeclared (first use in this function)

broccoli_intern_wrap.c:8543: error: ‘d’ undeclared (first use in this function)

broccoli_intern_wrap.c:8543: warning: left-hand operand of comma expression has no effect

broccoli_intern_wrap.c:8546: warning: implicit declaration of function ‘SWIG_Python_FixMethods’

broccoli_intern_wrap.c:8546: error: ‘SwigMethods’ undeclared (first use in this function)

broccoli_intern_wrap.c:8549: warning: implicit declaration of function ‘PyModule_GetDict’

broccoli_intern_wrap.c:8552: warning: implicit declaration of function ‘SWIG_Python_InstallConstants’

broccoli_intern_wrap.c:8555: warning: implicit declaration of function ‘PyDict_SetItemString’

broccoli_intern_wrap.c:8555: warning: implicit declaration of function ‘SWIG_globals’

broccoli_intern_wrap.c:8556: warning: implicit declaration of function ‘SWIG_Python_addvarlink’

broccoli_intern_wrap.c:8556: error: ‘Swig_var_bro_debug_calltrace_get’ undeclared (first use in this function)

broccoli_intern_wrap.c:8556: error: ‘Swig_var_bro_debug_calltrace_set’ undeclared (first use in this function)

broccoli_intern_wrap.c:8557: error: ‘Swig_var_bro_debug_messages_get’ undeclared (first use in this function)

broccoli_intern_wrap.c:8557: error: ‘Swig_var_bro_debug_messages_set’ undeclared (first use in this function)

broccoli_intern_wrap.c:8558: warning: implicit declaration of function ‘SWIG_Python_SetConstant’

broccoli_intern_wrap.c:8558: warning: implicit declaration of function ‘SWIG_From_int’

error: command ‘gcc’ failed with exit status 1

make[4]: *** [pybroccoli] Error 1

make[4]: Leaving directory `/usr/local/bro-1.5.1/aux/broctl’

make[3]: *** [all-recursive] Error 1

make[3]: Leaving directory `/usr/local/bro-1.5.1/aux’

make[2]: *** [all] Error 2

make[2]: Leaving directory `/usr/local/bro-1.5.1/aux’

make[1]: *** [all-recursive] Error 1

make[1]: Leaving directory `/usr/local/bro-1.5.1’

make: *** [all] Error 2

You need to install Python development files. broctl's installation
currently doesn't check for that prerequisite.

Robin

Robin,

I have a list of Bro prerequisites written down for FreeBSD 7.1 and
CentOS 5.3. The lists are in FreeMind .mm format, but I could convert
them to HTML or add it to the Wiki if you are interested.

Tyler

Do you have a "preview"? How long is it? :slight_smile:

Wiki is probably best, we can then link to it from other locations.

Robin