[Bro] Bro 1.2 vs OpenBSD

Jean-Philippe Luiggi jp.luiggi at free.fr
Fri Dec 1 07:00:42 PST 2006


Hello Christian,

You're right, in fact, here's is the process i used :

- modify "configure.in" and define HAVE_OPENBSD (current test as of 1.2 was to
check openbsd3) as i use OpenBSD's current.

note that i'm not sure of the need to specify the value "1" into
AC_DEFINE... (i'm not yet a M4's wizard).

==== configure.in
openbsd3*)
        AM_CONDITIONAL(USE_NMALLOC, true)
        AC_DEFINE(HAVE_OPENBSD,,[We are on a OpenBSD system])
        ;;
			
openbsd4*)
        AM_CONDITIONAL(USE_NMALLOC, true)
        AC_DEFINE(HAVE_OPENBSD,1,[We are on a OpenBSD system])
	;;
====

- modify ARP.h as you did with an #ifdef HAVE_OPENBSD and in such this case
use #include <net/ethertypes.h>

==== ARP.h
#elif HAVE_SYS_ETHERNET_H
#include <sys/ethernet.h>
#elif HAVE_OPENBSD
#include <net/ethertypes.h>
#endif
====

- modify util.cc and util.h in order to use bpf_timeval as structure for the
double_to_timeval() function. (just used #ifdef HAVE_OPENBSD)

==== util.h
#ifdef HAVE_OPENBSD
extern struct bpf_timeval double_to_timeval(double t);
#elif
extern struct timeval double_to_timeval(double t);
#endif
====

==== util.cc
#ifdef HAVE_OPENBSD
struct bpf_timeval double_to_timeval(double t)
        {
	        struct bpf_timeval tv;
#elif
struct timeval double_to_timeval(double t)
       {
	        struct timeval tv;
#endif
====

- modify bro.rc (changed the name of stop() to brostop() ).

Best regards.


ps1 : next stage will be the use of bind libraries in order to be able to use
non blocking DNS routines.

ps2 : i mean by "porting", doing th job to use Bro  with OpenBSD ... :-)



On Thu, Nov 30, 2006 at 01:59:22PM -0800, Christian Kreibich wrote:
> Hi,
> 
> On Thu, 2006-11-30 at 12:08 -0500, Jean-Philippe Luiggi wrote:
> > I just had to "slightly" modify "configure.in" and add some #ifdef in the
> > source tree.
> 
> I just tried to build the 1.2 release on OpenBSD 3.8 and it bombs out
> with yet another ARP header inclusion glitch. :( Is that what you fixed?
> It seems what's needed is a header check for net/ethertypes.h.
> 
> On Thu, 2006-11-30 at 13:45 -0500, Jean-Philippe Luiggi wrote: 
> > Even if the solution seems to work, i think, it's the first stage of 
> > porting Bro to OpenBSD.
> 
> It really shouldn't have to be a "port". :) Besides the ARP glitch and
> the fact that nbdns is not available, is there anything else?
> 
> Cheers,
> Christian.
> -- 
> ________________________________________________________________________
>                                           http://www.cl.cam.ac.uk/~cpk25
>                                                     http://www.whoop.org
> 
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro



More information about the Bro mailing list