Fw: [Snort-users] snort core dumping

Leonardo Rodrigues coelho at ...3917...
Fri Oct 26 09:48:01 EDT 2001


    If it helps, gdb on the core dump ....

[root at ...3918... snort]# gdb /usr/sbin/snort core
GNU gdb 5.0rh-5 Red Hat Linux 7.1
Copyright 2001 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for
details.
This GDB was configured as "i386-redhat-linux"...
Core was generated by `snort -u snort -g snort -s -d -i eth0 -l
/var/log/snort -c /etc/snort/snort.con'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/lib/libz.so.1...done.
Loaded symbols for /usr/lib/libz.so.1
Reading symbols from /lib/libm.so.6...done.
Loaded symbols for /lib/libm.so.6
Reading symbols from /lib/libnsl.so.1...done.
Loaded symbols for /lib/libnsl.so.1
Reading symbols from /usr/lib/libmysqlclient.so.10...done.
Loaded symbols for /usr/lib/libmysqlclient.so.10
Reading symbols from /usr/lib/libssl.so.1...done.
Loaded symbols for /usr/lib/libssl.so.1
Reading symbols from /usr/lib/libcrypto.so.1...done.
Loaded symbols for /usr/lib/libcrypto.so.1
Reading symbols from /lib/libc.so.6...done.
Loaded symbols for /lib/libc.so.6
Reading symbols from /lib/libcrypt.so.1...done.
Loaded symbols for /lib/libcrypt.so.1
Reading symbols from /lib/libdl.so.2...done.
Loaded symbols for /lib/libdl.so.2
Reading symbols from /lib/ld-linux.so.2...done.
Loaded symbols for /lib/ld-linux.so.2
Reading symbols from /lib/libnss_files.so.2...done.
Loaded symbols for /lib/libnss_files.so.2
Reading symbols from /lib/libnss_nisplus.so.2...done.
Loaded symbols for /lib/libnss_nisplus.so.2
#0  0x401fe3c3 in strchr () from /lib/libc.so.6
(gdb) backtrace
#0  0x401fe3c3 in strchr () from /lib/libc.so.6
#1  0x080da6d4 in ?? () at eval.c:41
#2  0x08054d83 in ParseRuleOptions (rule=0xbfffd640 "log tcp any any ->
any 80 (MSG\"HTTP\";logto:\"http.log\";", rule_type=0,
    protocol=6) at rules.c:1703
#3  0x08054306 in ParseRule (rule_file=0x80d9b88, prule=0xbffff700 "log
tcp any any -> any 80 (MSG\"HTTP\";logto:\"http.log\";)",
    inclevel=0) at rules.c:721
#4  0x08053bdc in ParseRulesFile (file=0x809f954
"/etc/snort/snort.conf", inclevel=0) at rules.c:198
#5  0x0804b52c in main (argc=13, argv=0xbffffc34) at snort.c:331
#6  0x40199306 in __libc_start_main (main=0x804b0d0 <main>, argc=13,
ubp_av=0xbffffc34, init=0x804a510 <_init>,
    fini=0x80836e0 <_fini>, rtld_fini=0x4000d2cc <_dl_fini>,
stack_end=0xbffffc2c) at ../sysdeps/generic/libc-start.c:129
(gdb)

    Sincerily,
    Leonardo Rodrigues






More information about the Snort-users mailing list