Snort mailing list archives
improper warning with snort 3.0.1 b2
From: Noah Dietrich <noah_dietrich () 86penny org>
Date: Sat, 25 Apr 2020 18:51:18 +0200
I'm not sure the following warning should be displayed when running snort 3 with OpenAppID enabled. I suspect it will confuse less technical users and users that aren't experienced with OpenAppID. It might seem like a small thing, but I tend to get emails from people following the Ubuntu Snort++ guide who get stuck because they think the below warning is a fatal error. The warning is:* WARNING: appid: no lua detectors found in directory '/usr/local/lib/custom/lua/*'* Running snort as follows: snort -c /usr/local/etc/snort/snort.lua --warn-all only modification to the default snort.lua is to enabled OpenAppID: appid = { app_detector_dir = '/usr/local/lib', } the output: ... Finished /usr/local/etc/snort/snort.lua: WARNING: appid: no lua detectors found in directory '/usr/local/lib/custom/lua/*' -------------------------------------------------- pcap DAQ configured to passive. Snort successfully validated the configuration (with 1 warnings). o")~ Snort exiting
_______________________________________________ Snort-devel mailing list Snort-devel () lists snort org https://lists.snort.org/mailman/listinfo/snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- improper warning with snort 3.0.1 b2 Noah Dietrich (Apr 25)
- Re: improper warning with snort 3.0.1 b2 Russ Combs (rucombs) via Snort-devel (Apr 26)