Feature #931
closedcygwin64
Description
Seems there is a 64bit cygwin environment now. Maybe it can be used to create a win64 version of Suricata.
Files
Updated by Peter Manev about 11 years ago
- Assignee set to Peter Manev
- Target version set to 2.0rc2
There were some community questions around Cygwin64, but as far as I remember there were some different library names and such (need to look at it).
Any suggestions and help is welcome at any time.
I will try to get things up and running for 2.0betaX , hopefully clear any problems and get the 64bit edition ready for 2.0 stable.
Would this be ok?
Updated by Victor Julien about 11 years ago
- Status changed from New to Assigned
Yeah. I wouldn't be surprised if code changes are required, so we'll see how it goes. Please update the ticket with your progress, errors, etc. Thanks.
Updated by Peter Manev about 11 years ago
- File config.log config.log added
On 2012 Server , Cygwin64 installs fine. The necessary packages install fine too.
I am currently stuck here (during the configure phase)-
checking pcap.h usability... yes checking pcap.h presence... yes checking for pcap.h... yes checking for pcap.h... (cached) yes checking pcap/pcap.h usability... yes checking pcap/pcap.h presence... yes checking for pcap/pcap.h... yes checking pcap/bpf.h usability... yes checking pcap/bpf.h presence... yes checking for pcap/bpf.h... yes checking for pcap_open_live in -lpcap... no ERROR! libpcap library not found, go get it from http://www.tcpdump.org or your distribution: Ubuntu: apt-get install libpcap-dev Fedora: yum install libpcap-devel Administrator@2012-Test ~/suricata-1.4.5
It seems it finds the pcap headers but something else is missing.
Full config log attached.
Any ideas and help are welcome.
Updated by Victor Julien about 11 years ago
The problem is that your libpcap isn't compatible:
configure:16081: checking for pcap_open_live in -lpcap configure:16106: gcc -o conftest.exe -DRELEASE -Wextra -Werror-implicit-function-declaration -fno-tree-pre -Wall -fno-strict-aliasing -Wno-unused-parameter -std=gnu99 -march=native conftest.c -lpcap -lpthread -lpthread -lyaml -lpcre >&5 /usr/lib/gcc/x86_64-pc-cygwin/4.8.1/../../../../x86_64-pc-cygwin/bin/ld: skipping incompatible /usr/lib/gcc/x86_64-pc-cygwin/4.8.1/../../../../lib/libpcap.a when searching for -lpcap /usr/lib/gcc/x86_64-pc-cygwin/4.8.1/../../../../x86_64-pc-cygwin/bin/ld: skipping incompatible /usr/lib/gcc/x86_64-pc-cygwin/4.8.1/../../../../lib/libpcap.a when searching for -lpcap /usr/lib/gcc/x86_64-pc-cygwin/4.8.1/../../../../x86_64-pc-cygwin/bin/ld: skipping incompatible /lib/../lib/libpcap.a when searching for -lpcap /usr/lib/gcc/x86_64-pc-cygwin/4.8.1/../../../../x86_64-pc-cygwin/bin/ld: skipping incompatible /lib/../lib/libpcap.a when searching for -lpcap /usr/lib/gcc/x86_64-pc-cygwin/4.8.1/../../../../x86_64-pc-cygwin/bin/ld: skipping incompatible /usr/lib/../lib/libpcap.a when searching for -lpcap /usr/lib/gcc/x86_64-pc-cygwin/4.8.1/../../../../x86_64-pc-cygwin/bin/ld: skipping incompatible /usr/lib/../lib/libpcap.a when searching for -lpcap /usr/lib/gcc/x86_64-pc-cygwin/4.8.1/../../../../x86_64-pc-cygwin/bin/ld: skipping incompatible /usr/lib/gcc/x86_64-pc-cygwin/4.8.1/../../../libpcap.a when searching for -lpcap /usr/lib/gcc/x86_64-pc-cygwin/4.8.1/../../../../x86_64-pc-cygwin/bin/ld: skipping incompatible /usr/lib/gcc/x86_64-pc-cygwin/4.8.1/../../../libpcap.a when searching for -lpcap /usr/lib/gcc/x86_64-pc-cygwin/4.8.1/../../../../x86_64-pc-cygwin/bin/ld: skipping incompatible /usr/lib/libpcap.a when searching for -lpcap /usr/lib/gcc/x86_64-pc-cygwin/4.8.1/../../../../x86_64-pc-cygwin/bin/ld: skipping incompatible /usr/lib/libpcap.a when searching for -lpcap /usr/lib/gcc/x86_64-pc-cygwin/4.8.1/../../../../x86_64-pc-cygwin/bin/ld: skipping incompatible /usr/lib/gcc/x86_64-pc-cygwin/4.8.1/../../../../lib/libpcap.a when searching for -lpcap /usr/lib/gcc/x86_64-pc-cygwin/4.8.1/../../../../x86_64-pc-cygwin/bin/ld: skipping incompatible /lib/../lib/libpcap.a when searching for -lpcap /usr/lib/gcc/x86_64-pc-cygwin/4.8.1/../../../../x86_64-pc-cygwin/bin/ld: skipping incompatible /usr/lib/../lib/libpcap.a when searching for -lpcap /usr/lib/gcc/x86_64-pc-cygwin/4.8.1/../../../../x86_64-pc-cygwin/bin/ld: skipping incompatible /usr/lib/gcc/x86_64-pc-cygwin/4.8.1/../../../libpcap.a when searching for -lpcap /usr/lib/gcc/x86_64-pc-cygwin/4.8.1/../../../../x86_64-pc-cygwin/bin/ld: skipping incompatible /usr/lib/libpcap.a when searching for -lpcap /usr/lib/gcc/x86_64-pc-cygwin/4.8.1/../../../../x86_64-pc-cygwin/bin/ld: cannot find -lpcap collect2: error: ld returned 1 exit status
I suspect you need to install libpcap compiled for cygwin64 specifically. It may be necessary to compile it yourself. I checked the winpcap site, but no mention of a 64bit version there.
Updated by Peter Manev about 11 years ago
I am afraid that we have to wait until there is a "native" winpcap for a 64 bit windows specifically. Otherwise this could require a very solid amount of dev and qa efforts.
Unless of course there is a different approach that I am not aware of.
Updated by Victor Julien about 11 years ago
- Target version changed from 2.0rc2 to TBD
Agreed, postponing for now.
Updated by Peter Manev over 7 years ago
A small update wrt 64 bit install.
I seem to have been able to compile a 64bit binary of Suricata under Windows Server 2012 and 2016 - although I have an issue that needs more investigation.
To compile:
1 Install cygwin64 (https://cygwin.com/install.html) - setup-x86_64.exe - (regular "next/next/ok" install). Make sure you install the lynx and wget packages!
2 Npcap (https://nmap.org/npcap/)
2.1 - Download and install Npcap (Npcap 0.82 installer for windows). Double click on the npcap-0.82 and accept all settings including winpcap compatibility mode.
2.2 - Download Npcap SDK (ZIP).
Copy all from npcap-sdk-0\npcap-sdk\lib to cygwin64\lib\
Copy all from npcap-sdk-0\npcap-sdk\Include to C:\cygwin64\usr\include\
3. Open up cygwin64 and install some dependencies.
3.1 First - an apt-get like tool for cygwin
lynx -source rawgit.com/transcode-open/apt-cyg/master/apt-cyg > apt-cyg
install apt-cyg /bin
3.2 Install the deps
apt-cyg install libmpfr4 libmpfr-devel libiconv-devel mpfr mingw64-x86_64-winpthreads gcc-core make automake automake1.9 zlib zlib-devel zlib0 autoconf autoconf2.5 libtool libglib2.0-devel libglib2.0_0 pkg-config libyaml-devel libyaml0_2 libpcre1 libpcre-devel file-devel gcc-g++ wget luajit luajit-devel libGeoIP-devel libGeoIP1 libnss-devel libnss3 libnspr-devel libnspr4 git
3.3 For our DLLs file hacking
apt-cyg install gendef
4. Find the 64bit versions of the wpcap.dll and Packet.dll
Take the x64 version of your wpcap.dll (usually Windows\System32 or Windows\System32\Npcap).
Copy that over to some temp/work folder in cygwin64 and from within cygwin64 shell:
gendef wpcap.dll
dlltool --as-flags=--64 -m i386:x86-64 -k --output-lib libpcap.a --input-def wpcap.def
Same for Packet.dll
Take the x64 version of your Packet.dll, do (usually Windows\System32 or Windows\System32\Npcap).
In the cygwin64 shell again:
gendef wpcap.dll
dlltool --as-flags=--64 -m i386:x86-64 -k --output-lib libpacket.a --input-def Packet.def
You will end up with 64 bit usable libpacket.a and libpcap.a.
Copy those to C:\cygwin64\lib
5. Make sure we have some jansson (in cygwin64 shell) :
wget http://www.digip.org/jansson/releases/jansson-2.9.tar.gz
tar -zxf jansson-2.9.tar.gz
cd jansson-2.9
./configure --prefix=/usr && make clean && make && make install
6. Download and compile suricata:
wget http://www.openinfosecfoundation.org/download/suricata-3.2.1.tar.gz
tar -zxf suricata-3.2.1.tar.gz && cd suricata-3.2.1
libtoolize -c && \
autoreconf -fv --install && \
./configure --enable-luajit --enable-geoip \
--disable-gccmarch-native \
--with-libnss-libraries=/usr/lib --with-libnss-includes=/usr/include/nss/ \
--with-libnspr-libraries=/usr/lib --with-libnspr-includes=/usr/include/nspr
make clean && make
7. The binary is in src/.libs
Copy the binary from the cygwin64 folder to the location in the Windows system where you want to run Suricata from (mine was C:\Suricata)
Also make sure you have all the needed config and DLL files there as well - as explained here
https://redmine.openinfosecfoundation.org/attachments/download/1175/SuricataWinInstallationGuide_v1.4.3.pdf
(section - "Set up and copy needed config and dll files")
You should be good to go.
Now the problem that I need to investigate further and get some help with:
Suricata starts and the Windows task manager shows the process as 64 bit. However after a while it silently exits - no err/no cores/nothing.
We need to find out why :)
Updated by Victor Julien almost 7 years ago
I'm almost done with my work on MinGW 64-bit, so not sure if supporting Cygwin64 as well still makes sense.
Updated by Victor Julien over 6 years ago
- Status changed from Assigned to Closed
- Assignee deleted (
Peter Manev) - Target version deleted (
TBD)
Lets focus on MinGW64.