[Snort-users] New Feature: Test mode (-T)

Mark Rowlands mark.rowlands at ...752...
Sat Mar 17 01:35:36 EST 2001


On Saturday 17 March 2001 06:52, Martin Roesch wrote:
> Hey everyone,
>      I just put a new command line switch into Snort to put it into
> "test mode".  This mode fires up the rules parser and lets you check
> that Snort will load and parse all the rules, can access the output
> directory and the network interface and give you a "thumbs up" if
> everything is ok.  The switch to activate this mode is -T, all other
> command line switches will work as normal, Snort just bails out right
> before going into the packet processing loop.  Try it out and let me
> know what you think of it...
>
cool, told me about my out of date mysql schema and a dodgy rule

database: mysql_error: Table 'snort.schema' doesn't exist
database: schema version = 0
database: The underlying database seems to be running an older version of the 
DB schema.
          Please re-run the appropriate DB creation script (e.g. create_mysql,
          create_postgresql, create_oracle) located in the contrib\ directory.
database: using the "log" facility
ERROR => sp_reference you MUST have BOTH a system & id for references - line 
35 of /spare/snort/rules/exploit.rules
Fatal Error, Quiting..




More information about the Snort-users mailing list