[Snort-users] compiling problem
skipper at ...6759...
Fri Aug 30 22:14:03 EDT 2002
ahhh that got me a bit further..Thanks Erek
I swapped out the snort.conf repacing the one that came with the downloaded
rules with the one contained with the src.
everything went fine ran make;make install
fire up snort with
/usr/local/bin/snort -c /etc/snort/snort.conf
and get the following
Initializing Network Interface eth0
--== Initializing Snort ==--
Decoding Ethernet on interface eth0
Initializating Output Plugins!
Parsing Rules file /etc/snort/snort.conf
Initializing rule chains...
No arguments to frag2 directive, setting defaults to:
Fragment timeout: 60 seconds
Fragment memory cap: 4194304 bytes
Fragment min_ttl: 0
Fragment ttl_limit: 5
Fragment Problems: 0
Stateful inspection: ACTIVE
Session statistics: INACTIVE
Session timeout: 30 seconds
Session memory cap: 8388608 bytes
State alerts: INACTIVE
Evasion alerts: INACTIVE
Scan alerts: ACTIVE
Log Flushed Streams: INACTIVE
TTL Limit: 5
No arguments to stream4_reassemble, setting defaults:
Reassemble client: ACTIVE
Reassemble server: INACTIVE
Reassemble ports: 21 23 25 53 80 143 110 111 513
Reassembly alerts: ACTIVE
Reassembly method: FAVOR_OLD
database: compiled support for ( )
database: configured to use mysql
database: mysql support is not compiled in this copy
Check your configuration file to be sure you did not mis-spell "mysql".
If you did not, you will need to reconfigure and recompile ensuring that
you have set the correct options to the configure script. Type
"./configure --help" to see options for the configure script.
Fatal Error, Quitting..
wondering if i need to add some additional configure options but can't
figure which ones?
> On Thu, 29 Aug 2002, Andrew Kunz wrote:
> > i'm sure i just seen the answer to this the other day but i can't locate
> > anymore searching the list.. i think it had to do with instaalling some
> > of unicode package???
> > Any help please?
> Yep. You're using an older version of the .conf file. In one of the more
> recent builds, the -unicode parameter was removed. Remove it from the
> http_decode line and all should be fine.
More information about the Snort-users