Snort mailing list archives
help for snort with mysql
From: Gongya Yu <yu () gongya net>
Date: Sun, 16 Dec 2001 22:21:10 -0800
Any suggestion is really appreciated. overtheway.gongya.net:/usr/local/snort # bin/snort -t /usr/local/snort -c /etc/snort.conf -l /log Log directory = /log Initializing Network Interface eth0 --== Initializing Snort ==-- Decoding Ethernet on interface eth0 Initializing Preprocessors! Initializing Plug-ins! Initializating Output Plugins! Parsing Rules file /etc/snort.conf +++++++++++++++++++++++++++++++++++++++++++++++++++ Initializing rule chains... No arguments to frag2 directive, setting defaults to: Fragment timeout: 60 seconds Fragment memory cap: 4194304 bytes Stream4 config: Stateful inspection: ACTIVE Session statistics: INACTIVE Session timeout: 30 seconds Session memory cap: 8388608 bytes State alerts: INACTIVE Scan alerts: ACTIVE Log Flushed Streams: INACTIVE No arguments to stream4_reassemble, setting defaults: Reassemble client: ACTIVE Reassemble server: INACTIVE Reassemble ports: 21 23 25 53 80 143 110 111 513 Reassembly alerts: ACTIVE Back Orifice detection brute force: DISABLED Using LOCAL time database: compiled support for ( mysql ) database: configured to use mysql database: user = snort database: password is set database: database name = snort database: host = localhost database: sensor name = 12.230.80.112 database: mysql_error: Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2) Fatal Error, Quitting.. overtheway.gongya.net:/usr/local/snort # ls -l /tmp total 16 drwx------ 2 root root 4096 Dec 15 13:27 kde-root drwx------ 2 root root 4096 Dec 15 14:52 ksocket-root drwx------ 3 root root 4096 Dec 15 14:52 mcop-root srwxrwxrwx 1 mysql mysql 0 Dec 15 18:59 mysql.sock drwx------ 2 root root 4096 Dec 2 17:30 orbit-root It happens on Redhat 7.2 and FreeBSD 4.4 The following testing code works: #include "/usr/local/mysql/include/mysql/mysql.h" #include <stdio.h> #include <stdlib.h> int main() { MYSQL * mysql; mysql = mysql_init(NULL); if ( mysql_real_connect(mysql,"localhost","snort","pwd","snort",0,NULL,0)==0) { fprintf(stderr, "Failed to connect to database: Error: %s\n", mysql_error(mysql)); } mysql_close(mysql); printf ("Connection is successful\n"); return 0; } But the same code in spo_database.c does not work. #ifdef ENABLE_MYSQL if(!strcasecmp(data->shared->dbtype,MYSQL)) { mysql_sock = mysql_init(NULL); data->m_sock = mysql_init(NULL); if(data->m_sock == NULL) { FatalError("database: Connection to database '%s' failed\n", data->shared->dbname); } if(data->port != NULL) { x = atoi(data->port); } else { x = 0; } // if(!mysql_real_connect(mysql_sock, data->shared->host, data->user, data->password, data->shared->dbname, x, NULL, 0) ) if(!mysql_real_connect(mysql_sock, "localhost", "snort", "pwd","snort", 0, NULL, 0) ) { if(mysql_errno(mysql_sock)) { FatalError("database: mysql_error: %s\n", mysql_error(mysql_sock)); } FatalError("database: Failed to logon to database '%s'\n", data->shared->dbname); } printf("Connection is successful\n"); exit(0); } #endif Gongya Yu _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- help for snort with mysql Gongya Yu (Dec 16)