[Bro] SSL for FreeBSD/bro

Mike Muratet mike.muratet at torchtechnologies.com
Tue Jul 26 11:59:56 PDT 2005 

Christian


> Hi Mike,
>
> On Tue, 2005-07-26 at 11:42 -0500, Mike Muratet wrote:
>> Greetings
>>
>> In an effort to get a working bro+broccoli installation, I have installed
>> FreeBSD v5.4 on a local server.  I also installed bro and broccoli. I
>> started bro with ./bro -i xl0 -f tcp broconn.bro. (I found xl0 with 
>> ifconfig
>> and I'm guessing it's the same thing as eth0.) I tried to run the broconn
>> program, but it has a dependancy on libssl.so that goes wanting. I'm not
>> trying to do secure communication, it's been tough enough without it ;-) 
>> but
>> I'm guessing it still wants the library.
>>
>> I don't see anything relevant on the FreeBSD distribution disks with 
>> 'ssl'
>> in the name. Can you point me to a source?
>
> that's weird -- Broccoli's configure script does pretty detailed checks
> for OpenSSL (it tries to link a program using SSL_new() before it trusts
> libssl.so to work). Can you please send me the output of your configure
> run, config.log, and, as Scott suggested, the ldd output. Thanks!
>

I have some good news, and some more good news. I checked the output from 
ldd broconn and it wanted libssl.so.4 and I have ver 3 on the FreeBSD 
system. I think what happened was that I left off the necessary flag when I 
untar'd your broccoli snapshot into my existing directory and so I still had 
the version that I copied over from the Linux box. I deleted the broccoli 
directory on the FreeBSD machine, untar'd your snapshot and rebuilt 
broccoli. It executes just fine. More importantly, it now communicates with 
its bro peer. Outstanding.

Having killed all the alligators I can now proceed to drain the swamp. 
Thanks for all your (and Scott and others) patient help. All I can figure is 
that the extra layer in Linux that gives you things like iptables fouls up 
the communication between bro and broccoli. I have not tried broccoli on a 
Linux box to the bro on the FreeBSD box, but it's really not a requirement 
for the experiments I'm doing.

I don't get out to the Bay area much anymore, but if and when I do the first 
round is on me.

Cheers

Mike

More information about the Bro mailing list