[Snort-users] Rules troubles in startup

Juan Pablo Villaverde jpablo at ...5980...
Wed Jun 26 08:47:06 EDT 2002

I'm using oinkmaster to update rules, and now I'm getting an error
when snort starts. It seems to be an invalid rule... this is the

[!] ERROR .//web-cgi.rules(8) => Bad port number: "(msg:"WEB-CGI"
Fatal Error, Quitting..

If you have any clue about it, please tell me. Thanks.

The complete startup log:

Log directory = /var/log/snort

Initializing Network Interface ppp0
using config file /etc/snort.conf
Parsing Rules file /etc/snort.conf
No arguments to frag2 directive, setting defaults to:
    Fragment timeout: 60 seconds
    Fragment memory cap: 4194304 bytes
Stream4 config:
    Stateful inspection: ACTIVE
    Session statistics: INACTIVE
    Session timeout: 30 seconds
    Session memory cap: 8388608 bytes
    State alerts: INACTIVE
    Scan alerts: ACTIVE
    Log Flushed Streams: INACTIVE
No arguments to stream4_reassemble, setting defaults:
     Reassemble client: ACTIVE
     Reassemble server: INACTIVE
     Reassemble ports: 21 23 25 53 80 143 110 111 513
     Reassembly alerts: ACTIVE
     Reassembly method: FAVOR_OLD
[!] ERROR .//web-cgi.rules(8) => Bad port number: "(msg:"WEB-CGI"
Fatal Error, Quitting..

Juan Pablo Villaverde
Tec. en Infraestructura de Redes
Soluciones Punto Com S.A. 

More information about the Snort-users mailing list