[Snort-users] ERROR: ERROR /etc/snort/rules/snort.eth0.conf (97): Bad arguments to byte_test:

Andre Cameron andrec at ...9609...
Sat Jul 5 09:52:07 EDT 2003


Hello,

I need a little help.  I have Snort 2.0 and SnortCenter 1.0 w/ snort 
agent. I setup using the enterprise install guide on the snortcenter 
website.  Problem is after importing the rules from the net and pushing 
them to the agent when I reload I get:

ERROR: ERROR /etc/snort/rules/snort.eth0.conf (97): Bad arguments to 
byte_test:

The full message reads:

33#########33
Reload: Current config file error:
Running in IDS mode
Log directory = /var/log/snort

Initializing Network Interface eth0

--== Initializing Snort ==--
Rule application order changed to Pass->Alert->Log
Initializing Output Plugins!
Decoding Ethernet on interface eth0
Parsing Rules file /etc/snort/rules/snort.eth0.conf

+++++++++++++++++++++++++++++++++++++++++++++++++++
Initializing rule chains...
Initializing Preprocessors!
Initializing Plug-ins!
database: compiled support for ( mysql )
database: configured to use mysql
database: user = snort
database: password is set
database: database name = snort_log
database: host = xxx.xxx.xxx.xxx
database: port = 3306
database: sensor name = AUTO
database: data encoding = ascii
database: detail level = full
database: sensor id = 1
database: schema version = 106
database: using the "log" facility
ERROR: ERROR /etc/snort/rules/snort.eth0.conf (97): Bad arguments to 
byte_test:
Fatal Error, Quitting..
33#########33

Anyone know how to fix this?

Also I have a question, does anyone know of a good firewall for *Nix & 
windows that can use a central database across multiple servers?  Maybie 
even one that plugs in with Snort for auto blocking?

Thanks in advance.

Andre





More information about the Snort-users mailing list