Snort mailing list archives
Re: missing snort_dynamicrules directory
From: "John York" <YorkJ () brcc edu>
Date: Wed, 30 Sep 2009 16:54:09 -0400
Look in snortrules/so_rules/src/README for instructions on setting up the .so (dynamic) rules. Basically, you need to copy the precompiled rules from your snort rules download (or you can compile them) from snortrules/so_rules/precompiled... to your .so rules directory (from the error, my guess is that /usr/local/lib/snort_dynamicrules/ should work.) Then you need to run snort with --dump-dynamic-rules=<path> to generate the stub rules. Finally, add includes to snort.conf to activate the rules you need. PulledPork does a good job of automating this, and it's what I use. http://code.google.com/p/pulledpork/ John -----Original Message----- From: Adam Szabo [mailto:adamx001 () gmail com] Sent: Wednesday, September 30, 2009 1:43 PM To: snort-users () lists sourceforge net Subject: [Snort-users] missing snort_dynamicrules directory Hi, I'm a newbie and i'm trying to install Snort on Ubuntu with the help of this tutorial: http://www.howtoforge.com/intrusion-detection-with-snort-mysql-apache2-o n-ubuntu-7.10 I followed the steps and now i'm always finished: it's time to test snort. But when i type "snort -c /etc/snort/snort.conf", it tells me that: "ERROR: parser.c(5040) Could not stat dynamic module path "/usr/local/lib/snort_dynamicrules/bad-traffic.so": No such file or directory" I checked and it's true, this directory is missing. How can i fix this? Thank you, Adam Szabo ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- missing snort_dynamicrules directory Adam Szabo (Sep 30)
- Re: missing snort_dynamicrules directory Alexander Novokhatsky (Sep 30)
- Re: missing snort_dynamicrules directory Nigel Houghton (Sep 30)
- Re: missing snort_dynamicrules directory Adam Szabo (Sep 30)
- Re: missing snort_dynamicrules directory Nigel Houghton (Sep 30)
- Re: missing snort_dynamicrules directory John York (Sep 30)
- Re: missing snort_dynamicrules directory Alexander Novokhatsky (Sep 30)