[Snort-devel] 'check config file' feature

daniel at ...2131... daniel at ...2131...
Wed Jun 2 02:05:11 EDT 2004


Here is a patch which provides a 'Check Config' feature.

Patch tested on:

snort -Z -c /your/config/file

What It Does:
-Uses the Snort Parser to check the Configuration specified in your
Config File.
-If a Fatal Error is encountered, snort will exit with a non-zero exit
code as usual. The difference is the offending line (not just the line
number) from the Config File is printed to the console.
-If snort finds no Fatal Errors in the Config File, it will then
immediately exit with a 0 exit code.

Reasons for Being:
-If you already have a working Config being used, the last thing you
want to do is stop the snort session and start it with a new Config,
only to find out it doesn't actually work.
-There is currently no Formal Specification of the Config File Contents.
Using the snort parser is the only way you are guaranteed the Config
File will work.
-Printing out the actual offending Config File Line instead of  just the
Line Number gives the user a much more informative error message,
especially if the user has snort access only via a GUI which may not
allow them to edit the Config File directly.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: snort212-snortorg-check-config.diff
Type: text/x-patch
Size: 28646 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20040602/51d5bc05/attachment.bin>

More information about the Snort-devel mailing list