Snort mailing list archives

Am I missing Something? (changes from 1.8.2 to 1.8.3 ?)

From: Dany Allard <dallard () alterna com>
Date: Mon, 11 Feb 2002 13:59:29 -0700

Hello Everyone.

  Here is my problem.

 Using  a recent snort.conf file (snort.conf,v 1.82 2002/01/20 04:35:40
roesch) I can get snort 1.8.2 to work perfectly.
However if I use the same snort.conf file, same rules, and same command
to start it up
"/usr/local/bin/snort -D -b -c /etc/snort/snort.conf -h xxx.xxx.xxx.0/24
-i eth1" with version 1.8.3 I don't get anything.
I then use a second machine to portscan (nmap) my HOME_NET, nothing
shows up in portscan.log using 1.8.3. but 1.8.2 picks up everything.

To answer the usual questions:
 I have read the FAQ, INSTALL,Changelog, and README files.
I have also searched through the archives.
I am running the  2.2.14-15 linux kernel.
I am also using libnet-1.0-1mdk, libtermcap-devel-2.0.8-16mdk,
libpcap-0.4-3mdk.

Snort was compiled using the standard (configure, make, make install).

Did I miss something in the Documentation? The Archives? Do I need a
newer version (kernel, libraries)?

Any assistance or even guesses would be helpful.

Thanks

Dany Allard

P.S. I also tried snort-current downloaded this morning (Feb 11 2002)
with no success.


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Am I missing Something? (changes from 1.8.2 to 1.8.3 ?) Dany Allard (Feb 11)