Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Normalize ip4 error

From: Joel Esler <jesler () sourcefire com>
Date: Sun, 15 Apr 2012 09:28:23 -0400
This functionality is not available for Windows. Please comment these lines out. 

-- 
Joel Esler

On Apr 15, 2012, at 1:50 AM, gaurav kulkarni <grv.kulkarni1 () gmail com> wrote:


Hello,

I have installed Snort on Windows by following steps as discussed on Snort Forum. However, it throws -> ERROR: 
d:\snort\etc\snort.conf(186) Unknown preprocessor: "normalize_ip4"
 

I see the options in the snort.conf:

--------------------\

# Inline packet normalization. For more information, see README.normalize

# Does nothing in IDS mode

preprocessor normalize_ip4

preprocessor normalize_tcp: ips ecn stream

preprocessor normalize_icmp4

preprocessor normalize_ip6

preprocessor normalize_icmp6

--------------------/

The above lines are causing the errors, however the snort.conf states “# Does nothing in IDS mode”. However, windows 
is reading in the those configuration lines and trying to process them, so it appears to be actually doing something?

Is hash tagging them (commenting) will sort this issue out? Please reply soonest possible. Thnk You.

-- 
Regards, 
Gaurav

The Amount of Money That is in Ur Bank at the Time of Death, 
is the Extra Work U did Which Wasn't Necessary!

------------------------------------------------------------------------------
For Developers, A Lot Can Happen In A Second.
Boundary is the first to Know...and Tell You.
Monitor Your Applications in Ultra-Fine Resolution. Try it FREE!
http://p.sf.net/sfu/Boundary-d2dvs2
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

------------------------------------------------------------------------------
For Developers, A Lot Can Happen In A Second.
Boundary is the first to Know...and Tell You.
Monitor Your Applications in Ultra-Fine Resolution. Try it FREE!
http://p.sf.net/sfu/Boundary-d2dvs2
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: