[Snort-users] New Ruleset not working with Snort 1.7
lists at ...297...
Thu Apr 12 15:24:49 EDT 2001
Joe.. I'm a little lost... what do you mean by absolute paths? which ones? are you saying that I should just copy the new rule files in the same directory as my snort.conf file and just call them in snort.conf like
?? I've actually tried this too and it I get the same errors..
---------- Original Message ----------------------------------
From: Joe McAlerney <joey at ...47...>
Date: Thu, 12 Apr 2001 12:09:58 -0700
>By popular demand, the path where included files are searched for was
>changed from absolute to relative to the directory that your
>configuration file is in (specified with -c). This was done to avoid
>having to add absolute paths to each include, and is a feature in the
>CVS version of Snort - At least that's how I understand the history of
>So, remove those absolute paths and you should be good to go.
>| Joe McAlerney joey at ...155... |
>| Silicon Defense - Technical Support for Snort |
>| http://www.silicondefense.com/ |
>Joe Magee wrote:
>> Snort works fine... However I downloaded the newest rules put them in /usr/jmagee/snort*7/rules/ and then added the appropriate lines in snort.conf to reflect the new rules. I get the following error:
>> intruder# snort -d -e -l /usr/snortlogs -v -c /usr/jmagee/snort*7/snort.conf -D -i xl0
>> Initializing daemon mode
>> intruder# Apr 12 01:27:48 intruder snort: ERROR: Unable to open rules file: /usr/jmagee/snort*7/rules/webcgi.rules
>> Apr 12 01:27:48 intruder snort: ERROR: Unable to open rules file: /usr/jmagee/snort*7/rules/webcgi.rules
More information about the Snort-users