Snort mailing list archives
Re: Bug/Feature request for --plugin-path on Snort3
From: Noah Dietrich <noah_dietrich () 86penny org>
Date: Fri, 6 Aug 2021 17:02:52 +0300
I must have done it wrong. I'll test and see where I mixed it up. Thanks Noah On Tue, Aug 3, 2021 at 4:49 PM Russ Combs (rucombs) <rucombs () cisco com> wrote:
Noah, You can already do the latter. --plugin-path can be specified multiple times or you can give a colon separated list of paths. Russ ------------------------------ *From:* Snort-devel <snort-devel-bounces () lists snort org> on behalf of Noah Dietrich <noah_dietrich () 86penny org> *Sent:* Sunday, August 1, 2021 6:39 AM *To:* snort-devel () lists snort org <snort-devel () lists snort org> *Subject:* [Snort-devel] Bug/Feature request for --plugin-path on Snort3 Snort team: this is a bug (or feature request) with the --plugin-path option with Snort3 (currently running the latest 3.1.6.0 on Ubuntu) Let me know if I'm doing this wrong, and there's a better way. The issue I have is that when I want to use both snort_extras and pre-compiled rules when running Snort: I have to make sure to place both folders in the same place. Since snort_extras installs to /usr/local/lib/snort_extra/, that means that I have to either store my so_rules folder in that folder, or create a new folder to house both items. I've been saving my .so rules to /usr/local/etc/so_rules/, becuause this seems like a more logical place for it (i've also got a rules and lists folder in /usr/local/etc/ as well, so everything is in the same place. It would be nice if the SO rules could be either loaded from within my snort.lua, or if the --plugin-path could be specified more than once on the command Line (this is less desirable, as it would tend to make the command line invocation longer and messier). Thanks Noah
_______________________________________________ Snort-devel mailing list Snort-devel () lists snort org https://lists.snort.org/mailman/listinfo/snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Bug/Feature request for --plugin-path on Snort3 Noah Dietrich (Aug 01)
- Re: Bug/Feature request for --plugin-path on Snort3 Russ Combs (rucombs) via Snort-devel (Aug 03)
- Re: Bug/Feature request for --plugin-path on Snort3 Noah Dietrich (Aug 06)
- Re: Bug/Feature request for --plugin-path on Snort3 Russ Combs (rucombs) via Snort-devel (Aug 03)