Error when building zeek:elastic

[ezar]

I'm try to use docker-compose-elastic but fails to build :( Can you help me?

[ 27%] Building CXX object CMakeFiles/Zeek-AF_Packet.linux-x86_64.dir/src/Plugin.cc.o In file included from /tmp/zeek/auxil/zeek-af_packet-plugin/src/Plugin.cc:3: /tmp/zeek/auxil/zeek-af_packet-plugin/src/AF_Packet.h:28:55: error: expected class-name before '{' token 28 | class AF_PacketSource : public zeek::iosource::PktSrc { | ^ /tmp/zeek/auxil/zeek-af_packet-plugin/src/AF_Packet.h:46:9: error: 'PktSrc' does not name a type; did you mean 'pktsrc'? 46 | static PktSrc InstantiateAF_Packet(const std::string& path, bool is_live); | ^~ | pktsrc /tmp/zeek/auxil/zeek-af_packet-plugin/src/AF_Packet.h:52:33: error: 'zeek::Packet' has not been declared 52 | virtual bool ExtractNextPacket(zeek::Packet pkt); | ^~~~ /tmp/zeek/auxil/zeek-af_packet-plugin/src/AF_Packet.h:56:26: error: 'Stats' has not been declared 56 | virtual void Statistics(Stats* stats); | ^~~~~ /tmp/zeek/auxil/zeek-af_packet-plugin/src/AF_Packet.h:59:2: error: 'Properties' does not name a type 59 | Properties props; | ^~~~~~ /tmp/zeek/auxil/zeek-af_packet-plugin/src/AF_Packet.h:60:2: error: 'Stats' does not name a type 60 | Stats stats; | ^~~~~ /tmp/zeek/auxil/zeek-af_packet-plugin/src/Plugin.cc: In member function 'virtual zeek::plugin::Configuration plugin::Zeek_AF_Packet::Plugin::Configure()': /tmp/zeek/auxil/zeek-af_packet-plugin/src/Plugin.cc:12:19: error: expected type-specifier before '::' token 12 | AddComponent(new ::zeek::iosource::PktSrcComponent("AF_PacketReader", "af_packet", ::zeek::iosource::PktSrcComponent::LIVE, ::zeek::iosource::pktsrc::AF_PacketSource::InstantiateAF_Packet)); | ^~ make[3]: [CMakeFiles/Zeek-AF_Packet.linux-x86_64.dir/build.make:102: CMakeFiles/Zeek-AF_Packet.linux-x86_64.dir/src/Plugin.cc.o] Error 1 make[3]: Leaving directory '/tmp/zeek/auxil/zeek-af_packet-plugin/build' make[2]: Leaving directory '/tmp/zeek/auxil/zeek-af_packet-plugin/build' make[1]: Leaving directory '/tmp/zeek/auxil/zeek-af_packet-plugin/build' make[2]: [CMakeFiles/Makefile2:134: CMakeFiles/Zeek-AF_Packet.linux-x86_64.dir/all] Error 2 make[1]: [Makefile:172: all] Error 2 make: [Makefile:13: build-it] Error 2 The command '/bin/sh -c echo "===> Compiling af_packet plugin..." && cd /tmp/zeek/auxil/ && git clone https://github.com/J-Gras/zeek-af_packet-plugin.git && cd /tmp/zeek/auxil/zeek-af_packet-plugin && CC=clang ./configure --with-kernel=/usr --zeek-dist=/tmp/zeek && make -j 2 && make install && /usr/local/zeek/bin/zeek -NN Zeek::AF_Packet' returned a non-zero code: 2 ERROR: Service 'zeek' failed to build

[blacktop]

my apologies, when I upgraded to 4.0 it broke the build and I haven't had time to dig into what the Zeek team changed. I will fix this when I get some time or you could revert the version of zeek back to what it was before 4.0 and that could fix it now.

[ezar]

Yeah! I reverted :) Many thanks @blacktop. I like your job! Thanks for your effort. Regards,

[zmaasaoui]

@ezar, can you please tell me if you changed something in the af_packet plugin repo as well? I also reverted back to version 3 but I still have the same problem. Please let me know how you managed to fix it. Thanks

[ezar]

I revert to af_packet ZEEK_AF_VERSION 2.1.2

[blacktop]

I'm pushing fixes that might help now

[blacktop]

correction @Sheco pushed a fix that should help and I'm adding that fix to the other image flavors

[blacktop]

please re-open if it is not working.