Thanks, the workaround has been commited.
On Thu, Jan 05, 2006 at 11:06:13PM -0500, Axton wrote: > The diff provided by Brad resolves the problem. I was able to > successfully perform an nmap scan against an hme iface without > receiving a bus error. Tried this with the default rules provided > with the package install; which is where I originally received the bus > error. > > *** From the compiler: > ===> Installing snort-2.3.3p1 from > /usr/ports/packages/sparc64/all/snort-2.3.3p1.tgz > snort-2.3.3p1: complete > --- snort-2.3.3p1 ------------------- > The Snort rule examples have been installed in /usr/local/share/examples/snort > > *** From the snort alert log: > [**] [1:469:4] ICMP PING NMAP [**] > [Classification: Attempted Information Leak] [Priority: 2] > a/b-c:d:e.f g.h.i.j -> k.l.m.n > ICMP TTL:23 TOS:0x0 ID:42353 IpLen:20 DgmLen:28 > Type:8 Code:0 ID:25454 Seq:52265 ECHO > [Xref => http://www.whitehats.com/info/IDS162] > > The same should also work for 2.4.3 as well. I compiled this from > source from snort.org and have been running with the latest rules > without a problem since I first reported this issue. > > Axton > > > On 1/4/06, David Krause <[EMAIL PROTECTED]> wrote: > > Did this resolve the problem? I'm looking at updating it to 2.4.3 but > > want to see about this first. > > > > David > > > > * Brad <[EMAIL PROTECTED]> [051224 10:41]: > > > The only interesting thing that --enable-64bit-gcc flag does is > > > disable optimization. Can you try the following diff with the > > > snort port and let me know if it now works for you as expected? > > > > > > Index: Makefile > > > =================================================================== > > > RCS file: /cvs/ports/net/snort/Makefile,v > > > retrieving revision 1.37 > > > diff -u -p -r1.37 Makefile > > > --- Makefile 4 Nov 2005 16:20:42 -0000 1.37 > > > +++ Makefile 24 Dec 2005 16:31:55 -0000 > > > @@ -3,7 +3,7 @@ > > > COMMENT= "highly flexible sniffer/NIDS" > > > > > > DISTNAME= snort-2.3.3 > > > -PKGNAME= ${DISTNAME}p0 > > > +PKGNAME= ${DISTNAME}p1 > > > CATEGORIES= net security > > > MASTER_SITES= ${HOMEPAGE}/dl/current/ > > > > > > @@ -20,6 +20,10 @@ SEPARATE_BUILD= concurrent > > > CONFIGURE_STYLE= gnu > > > > > > LIB_DEPENDS= pcre::devel/pcre > > > + > > > +.if ${MACHINE_ARCH} == "sparc64" > > > +CFLAGS= -O0 > > > +.endif > > > > > > FLAVORS= postgresql mysql smbalert flexresp > > > FLAVOR?= > > > > > > > > > On Fri, Dec 23, 2005 at 11:18:49PM -0500, Axton wrote: > > > > Using snort-2.3.3p0.tgz (current) included in the 3.8 packages for > > > > sparc64. This package is not compiled properly to support a 64-bit > > > > processor. > > > > > > > > With the current configuration options, a bus error is generated and > > > > snort core dumps when a port scan is issued against the host while > > > > snort is running. > > > > > > > > Steps to reproduce: > > > > - Install snort package: > > > > > # pkg_add snort-2.3.3p0.tgz > > > > - Start snort > > > > > # snort -i hme0 > > > > - Issue an nmap scan against the host running snort: > > > > > # nmap -sS -sV -v -O -P0 x.x.x.x > > > > > > > > The console will then show "bus error" and snort dies. > > > > > > > > Compiling snort with these options resolves the problem: > > > > > > > > --enable-64bit-gcc \ > > > > --with-mysql \ > > > > --prefix=/usr/local \ > > > > --build=sparc64 > > > > > > > > > > > > Relevant System Information: > > > > > > > > # sysctl -n kern.version > > > > OpenBSD 3.8 (GENERIC) #607: Sat Sep 10 16:03:59 MDT 2005 > > > > [EMAIL PROTECTED]:/usr/src/sys/arch/sparc64/compile/GENERIC > > > > > > > > > > > > # dmesg > > > > OpenBSD 3.8 (GENERIC) #607: Sat Sep 10 16:03:59 MDT 2005 > > > > [EMAIL PROTECTED]:/usr/src/sys/arch/sparc64/compile/GENERIC > > > > total memory = 805306368 > > > > avail memory = 723271680 > > > > using 4915 buffers containing 40263680 bytes of memory > > > > bootpath: /[EMAIL PROTECTED],0/[EMAIL PROTECTED],0/[EMAIL PROTECTED],0 > > > > mainbus0 (root): Sun Blade 100 (UltraSPARC-IIe) > > > > cpu0 at mainbus0: SUNW,UltraSPARC-IIe @ 502 MHz, version 0 FPU > > > > cpu0: physical 32K instruction (32 b/l), 16K data (32 b/l), 1024K > > > > external (64 b/l) > > > > psycho0 at mainbus0 > > > > pci108e,a001: impl 0, version 0: ign 7c0 bus range 0 to 2; PCI bus 0 > > > > DVMA map: c0000000 to e0000000 > > > > IOTDB: 3a60000 to 3ae0000 > > > > pci0 at psycho0 > > > > ebus0 at pci0 dev 12 function 0 "Sun PCIO Ebus2 (US III)" rev 0x01 > > > > flashprom at ebus0 addr 0-fffff not configured > > > > clock1 at ebus0 addr 0-1fff: mk48t59: hostid 8304b21d > > > > ebus_attach: idprom: incomplete > > > > gem0 at pci0 dev 12 function 1 "Sun ERI Ether" rev 0x01: ivec 3006, > > > > address 00:03:ba:04:b2:1d > > > > ukphy0 at gem0 phy 1: Generic IEEE 802.3u media interface > > > > ukphy0: OUI 0x0010dd, model 0x0002, rev. 1 > > > > "Sun FireWire" rev 0x01 at pci0 dev 12 function 2 not configured > > > > ohci0 at pci0 dev 12 function 3 "Sun USB" rev 0x01: ivec 24, version > > > > 1.0, legacy support > > > > usb0 at ohci0: USB revision 1.0 > > > > uhub0 at usb0 > > > > uhub0: Sun OHCI root hub, rev 1.00/1.00, addr 1 > > > > uhub0: 4 ports with 4 removable, self powered > > > > ebus1 at pci0 dev 7 function 0 "Acer Labs M1533 ISA" rev 0x00 > > > > dma at ebus1 addr 0-ffff ipl 42 not configured > > > > power at ebus1 addr 800-82f ipl 32 not configured > > > > com0 at ebus1 addr 3f8-3ff ipl 43: ns16550a, 16 byte fifo > > > > com1 at ebus1 addr 2e8-2ef ipl 43: ns16550a, 16 byte fifo > > > > "Acer Labs M7101 Power" rev 0x00 at pci0 dev 3 function 0 not configured > > > > autri0 at pci0 dev 8 function 0 "Acer Labs M5451 Audio" rev 0x01: ivec > > > > 23 > > > > ac97: codec id 0x41445348 (Analog Devices AD1881A) > > > > ac97: codec features headphone, Analog Devices Phat Stereo > > > > audio0 at autri0 > > > > midi0 at autri0: <4DWAVE MIDI UART> > > > > pciide0 at pci0 dev 13 function 0 "Acer Labs M5229 UDMA IDE" rev 0xc3: > > > > DMA, channel 0 configured to native-PCI, channel 1 configured to > > > > native-PCI > > > > pciide0: using ivec 180c for native-PCI interrupt > > > > wd0 at pciide0 channel 0 drive 0: <MAXTOR 6L080L4> > > > > wd0: 16-sector PIO, LBA, 76345MB, 156355584 sectors > > > > atapiscsi0 at pciide0 channel 0 drive 1 > > > > scsibus0 at atapiscsi0: 2 targets > > > > cd0 at scsibus0 targ 0 lun 0: <LITEON, CD-ROM LTN486S, YSU1> SCSI0 > > > > 5/cdrom removable > > > > wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 > > > > cd0(pciide0:0:1): using PIO mode 4, Ultra-DMA mode 2 > > > > pciide0: channel 1 disabled (no drives) > > > > ppb0 at pci0 dev 5 function 0 "DEC 21152 PCI-PCI" rev 0x03 > > > > pci1 at ppb0 bus 1 > > > > ppb1 at pci1 dev 1 function 0 "DEC 21153 PCI-PCI" rev 0x04 > > > > pci2 at ppb1 bus 2 > > > > "Sun PCIO Ebus2" rev 0x01 at pci2 dev 0 function 0 not configured > > > > hme0 at pci2 dev 0 function 1 "Sun HME" rev 0x01: address > > > > 08:00:20:ca:7d:c4 > > > > luphy0 at hme0 phy 1: LU6612 10/100 PHY, rev. 1 > > > > hme0: using ivec 301b for interrupt > > > > "Sun PCIO Ebus2" rev 0x01 at pci2 dev 1 function 0 not configured > > > > hme1 at pci2 dev 1 function 1 "Sun HME" rev 0x01: address > > > > 08:00:20:ca:7d:c5 > > > > luphy1 at hme1 phy 1: LU6612 10/100 PHY, rev. 1 > > > > hme1: using ivec 300b for interrupt > > > > "Sun PCIO Ebus2" rev 0x01 at pci2 dev 2 function 0 not configured > > > > hme2 at pci2 dev 2 function 1 "Sun HME" rev 0x01: address > > > > 08:00:20:ca:7d:c6 > > > > luphy2 at hme2 phy 1: LU6612 10/100 PHY, rev. 1 > > > > hme2: using ivec 301a for interrupt > > > > "Sun PCIO Ebus2" rev 0x01 at pci2 dev 3 function 0 not configured > > > > hme3 at pci2 dev 3 function 1 "Sun HME" rev 0x01: address > > > > 08:00:20:ca:7d:c7 > > > > luphy3 at hme3 phy 1: LU6612 10/100 PHY, rev. 1 > > > > hme3: using ivec 300a for interrupt > > > > vgafb0 at pci0 dev 19 function 0 "ATI Rage XL" rev 0x27 > > > > wsdisplay0 at vgafb0: console (std, sun emulation) > > > > pcons at mainbus0 not configured > > > > No counter-timer -- using %tick at 502MHz as system clock. > > > > uhidev0 at uhub0 port 4 configuration 1 interface 0 > > > > uhidev0: Sun Microsystems Type 6 Keyboard, rev 1.00/1.02, addr 2, > > > > iclass 3/1 > > > > ukbd0 at uhidev0: 8 modifier keys, 6 key codes > > > > wskbd0 at ukbd0: console keyboard, using wsdisplay0 > > > > root on wd0a > > > > rootdev=0xc00 rrootdev=0x1a00 rawdev=0x1a02 > > > > > > > > > > > > Axton Grams > > > > > > >
