wrong ELF class with /usr/lib64/snort-2.8.6_dynamicengine/libsf_engine.so

[Andy Madsen <amadsen () gmail com>]

Not sure what I've done wrong, but I build an RPM from source on Centos 
5-2, and installed the latest rules into /etc/snort/rules. I haven't 
done any customizations, so I figured it would pretty much run out of 
the box with the latest rules from here:

http://www.snort.org/snort-rules/?#rules
cp rules /etc/snort/rules -R
cp so_rules /etc/snort/so_rules -R
cp preproc_rules /etc/snort/preproc_rules -R

Everything went great until i test the configuration:

root@localhost # snort -c /etc/snort/snort.conf
Running in IDS mode

         --== Initializing Snort ==--
Initializing Output Plugins!
Initializing Preprocessors!
Initializing Plug-ins!
Parsing Rules file "/etc/snort/snort.conf"
PortVar 'HTTP_PORTS' defined :  [ 80 2301 3128 7777 7779 8000 8008 8028 
8080 8180 8888 9999 ]
PortVar 'SHELLCODE_PORTS' defined :  [ 0:79 81:65535 ]
PortVar 'ORACLE_PORTS' defined :  [ 1521 ]
Detection:
    Search-Method = AC-BNFA-Q
Tagged Packet Limit: 256
Loading dynamic engine 
/usr/lib64/snort-2.8.6_dynamicengine/libsf_engine.so... ERROR: Failed to 
load /usr/lib64/snort-2.8.6_dynamicengine/libsf_engine.so: 
/usr/lib64/snort-2.8.6_dynamicengine/libsf_engine.so: wrong ELF class: 
ELFCLASS64

It's a 64 bit machine, and all libs are 64 bit, so do I have an 
incorrect ruleset?

Thanks
Andy Madsen



------------------------------------------------------------------------------
ThinkGeek and WIRED's GeekDad team up for the Ultimate 
GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the 
lucky parental unit.  See the prize list and enter to win: 
http://p.sf.net/sfu/thinkgeek-promo
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users