Snort mailing list archives
Re: new install rules question - solaris
From: Chris Green <cmg () snort org>
Date: Tue, 05 Nov 2002 17:00:42 -0500
Dan Gahlinger <deg () interlynx net> writes:
-D still doesnt do anything, no matter where i put it
unless I put it at the end of the command line, like:
snort -h 192.168.1.0/24 -s blame_cmg net 192.168.1 -D
then I get:
ERROR: OpenPcap() FSM compilation failed:
parse error
PCAP command: net 192.168.1 -D
Fatal Error, Quitting..
snort -h 192.168.1.0/24 -s blame_cmg -D net 192.168.1 Your bpf filter must go at the end
I don't want -d or -v on... I just want alerts and the basic stuff, no packet captures... Dan. At 04:40 PM 11/5/2002 -0500, you wrote:Dan Gahlinger <deg () interlynx net> writes:I just did a fresh install on solaris and having some problems. it seems to want a .snortrc file which I don't have, and no idea what it's supposed to look like I want to run in daemon mode and log to syslog, but it says -s needs a parameter (which it shouldnt) and -D doesn't do anythingThats a bug with 1.9.0 For now, just add -s blame_cmg -D -- Chris Green <cmg () sourcefire com> Don't use a big word where a diminutive one will suffice. ------------------------------------------------------- This sf.net email is sponsored by: See the NEW Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users--There are always possibilities... ------------------------------------------------------- This sf.net email is sponsored by: See the NEW Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- Chris Green <cmg () sourcefire com> To err is human, to moo bovine. ------------------------------------------------------- This sf.net email is sponsored by: See the NEW Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- new install rules question - solaris Dan Gahlinger (Nov 05)
- Re: new install rules question - solaris Chris Green (Nov 05)
- Re: new install rules question - solaris Dan Gahlinger (Nov 05)
- Re: new install rules question - solaris Andrew R. Baker (Nov 05)
- Re: new install rules question - solaris Chris Green (Nov 05)
- Re: new install rules question - solaris Dan Gahlinger (Nov 05)
- Re: new install rules question - solaris Dan Gahlinger (Nov 05)
- Re: new install rules question - solaris Erek Adams (Nov 05)
- Re: new install rules question - solaris Dan Gahlinger (Nov 06)
- Re: new install rules question - solaris Erek Adams (Nov 06)
- Re: new install rules question - solaris Dan Gahlinger (Nov 05)
- Re: new install rules question - solaris Chris Green (Nov 05)
- <Possible follow-ups>
- RE: new install rules question - solaris larosa, vjay (Nov 06)
- RE: new install rules question - solaris Dan Gahlinger (Nov 06)