[Snort-users] New Feature: Test mode (-T)
mark.rowlands at ...752...
Sat Mar 17 01:35:36 EST 2001
On Saturday 17 March 2001 06:52, Martin Roesch wrote:
> Hey everyone,
> I just put a new command line switch into Snort to put it into
> "test mode". This mode fires up the rules parser and lets you check
> that Snort will load and parse all the rules, can access the output
> directory and the network interface and give you a "thumbs up" if
> everything is ok. The switch to activate this mode is -T, all other
> command line switches will work as normal, Snort just bails out right
> before going into the packet processing loop. Try it out and let me
> know what you think of it...
cool, told me about my out of date mysql schema and a dodgy rule
database: mysql_error: Table 'snort.schema' doesn't exist
database: schema version = 0
database: The underlying database seems to be running an older version of the
Please re-run the appropriate DB creation script (e.g. create_mysql,
create_postgresql, create_oracle) located in the contrib\ directory.
database: using the "log" facility
ERROR => sp_reference you MUST have BOTH a system & id for references - line
35 of /spare/snort/rules/exploit.rules
Fatal Error, Quiting..
More information about the Snort-users