[Snort-users] snort core dumping

Leonardo Rodrigues coelho at ...3917...
Fri Oct 26 09:24:08 EDT 2001


    Hello Guys,

    I'm trying to get snort running on Redhat 7.1, but I'm having some
problems ... snort seems to core dump right after starting, as follows:

[root at ...3918... snort]# snort -u snort -g snort -s -d -i eth0 -l
/var/log/snort -c /etc/snort/snort.conf
Log directory = /var/log/snort

        --== Initializing Snort ==--
Checking PID path...
PATH_VARRUN is set to /var/run/ on this operating system

Initializing Network Interface eth0
Kernel filter, protocol ALL, raw packet socket
Decoding Ethernet on interface eth0
Initializing Preprocessors!
Initializing Plug-ins!
Initializating Output Plugins!
Parsing Rules file /etc/snort/snort.conf

+++++++++++++++++++++++++++++++++++++++++++++++++++
Initializing rule chains...
Segmentation fault (core dumped)


    Snort was handcompiled with the following configure line:

./configure --prefix=/usr --bindir=/usr/sbin --sysconfdir=/etc/snort --e
nable-smbalerts


    /etc/snort/snort.conf content is:

log tcp any any -> any 80 (MSG"HTTP";logto:"http.log";)
log tcp any 80 -> any any (MSG"HTTP";logto:"http.log";)

    Do you have idea of what is making snort 'core dump' ??? Again, this
is a redhat 7.1 box with kernel 2.2.19 ( yes, I downgraded it )

    Sincerily,
    Leonardo Rodrigues






More information about the Snort-users mailing list