Snort mailing list archives
Re: Issue related to Blacklists
From: Anshuman Anil Deshmukh <anshuman () cybage com>
Date: Thu, 17 Oct 2013 06:48:55 +0000
Hi Joel, Even after putting everything in one line, I am still getting the said errors. Here is my snort output after making the changes - http://pastebin.com/94yGMJ9v Thanks and Regards, Anshuman -----Original Message----- From: Joel Esler [mailto:jesler () sourcefire com] Sent: Wednesday, October 16, 2013 10:32 PM To: Anshuman Anil Deshmukh Cc: Snort Users Subject: Re: [Snort-users] Issue related to Blacklists Did you try and do it the way I told you first, let's do the troubleshooting before we start trying to solve a problem. On Wed, Oct 16, 2013 at 7:08 AM, Anshuman Anil Deshmukh <anshuman () cybage com> wrote:
Hi Joel, Is it fine if I if put "ipvar HOME_NET" for each line; as there is a reason for it. Basically it would help to audit the list of VLAN's effectively and also appear in readable format. At times we have new VLAN's created/removed frequently and hence don't want accidently to miss any VLAN which I feel may happen if all appear in one line. Thanks and Regards, Anshuman From: Joel Esler [mailto:jesler () sourcefire com] Sent: Tuesday, October 15, 2013 7:34 PM To: Anshuman Anil Deshmukh Cc: Snort Users Subject: Re: [Snort-users] Issue related to Blacklists On Oct 15, 2013, at 1:14 AM, Anshuman Anil Deshmukh <anshuman () cybage com> wrote: ipvar HOME_NET [172.27.3.0/24,\ 172.27.6.0/24,\ 172.27.7.0/24,\ 172.27.8.0/24,\ Try putting your HOME_NET all in one line instead of trying to do line continuation. -- Joel Esler AEGIS Intelligence Lead OpenSource Community Manager Vulnerability Research Team, Sourcefire "Legal Disclaimer: This electronic message and all contents contain information from Cybage Software Private Limited which may be privileged, confidential, or otherwise protected from disclosure. The information is intended to be for the addressee(s) only. If you are not an addressee, any disclosure, copy, distribution, or use of the contents of this message is strictly prohibited. If you have received this electronic message in error please notify the sender by reply e-mail to and destroy the original message and all copies. Cybage has taken every reasonable precaution to minimize the risk of malicious content in the mail, but is not liable for any damage you may sustain as a result of any malicious content in this e-mail. You should carry out your own malicious content checks before opening the e-mail or attachment." www.cybage.com
-- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire "Legal Disclaimer: This electronic message and all contents contain information from Cybage Software Private Limited which may be privileged, confidential, or otherwise protected from disclosure. The information is intended to be for the addressee(s) only. If you are not an addressee, any disclosure, copy, distribution, or use of the contents of this message is strictly prohibited. If you have received this electronic message in error please notify the sender by reply e-mail to and destroy the original message and all copies. Cybage has taken every reasonable precaution to minimize the risk of malicious content in the mail, but is not liable for any damage you may sustain as a result of any malicious content in this e-mail. You should carry out your own malicious content checks before opening the e-mail or attachment." www.cybage.com ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60135031&iu=/4140/ostg.clktrk _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Issue related to Blacklists Anshuman Anil Deshmukh (Oct 14)
- Re: Issue related to Blacklists Joel Esler (Oct 15)
- Re: Issue related to Blacklists Anshuman Anil Deshmukh (Oct 16)
- Re: Issue related to Blacklists Joel Esler (Oct 16)
- Re: Issue related to Blacklists Anshuman Anil Deshmukh (Oct 17)
- Re: Issue related to Blacklists Russ Combs (Oct 17)
- Re: Issue related to Blacklists Anshuman Anil Deshmukh (Oct 16)
- Re: Issue related to Blacklists Joel Esler (Oct 15)