Re: Does multiple configs works with snort 2.9.7.5?

["C.L. Martinez" <carlopmart () gmail com>]

On 08/31/2015 09:11 AM, waldo kitty wrote:
> On 08/30/2015 11:02 AM, C.L. Martinez wrote:
> > Hi all,
> >
> >     Exists some problem/bug with multiple configs in snort 2.9.7.5?? I
> > have updated one of my sensors to this release and multiple configs
> > doesn't works ... Always use the first config file defined in config
> > binding section.
>
> https://www.snort.org/faq/how-do-i-ask-a-good-question-on-the-snort-list
>
> you have given us nothing to work with... we can't even make a start at WAGs...

Ok, I have attached all config files implied plus the output of "snort 
-c snort.conf -T".

As you can see in the output, I have defined a different logdir for both 
configs, but snort output only "sees" the default value "/var/log/snort" 
... For bpf_filter options is the same. I need to define different bpf 
filters for both configs, but bpf_filter option is no t read by snort.

And is the same for all config except for customized vars.

I am using basic config (without rules or preprocessors defined) to see 
if all works ...but not.

Attachment: multiple_config.tar
Description:

------------------------------------------------------------------------------

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!