[Snort-users] How to upgrade from Snort 1.9.1 to 2.0.1 Please....
erek at ...950...
Thu Sep 18 04:33:18 EDT 2003
On Wed, 17 Sep 2003, Snortty wrote:
> Thanks for the prompt reply.
> Still, not so sure yet about the upgrading steps.
> I tried (without touching existing working snort
> # gzip -d -c snort-2.0.1.tar.gz |tar xvf -
> # cd snort-2.0.1
> error reported:
> r cru libspo.a spo_alert_fast.o spo_alert_full.o
> spo_alert_smb.o spo_alert_syslog.o
> spo_alert_unixsock.o spo_csv.o spo_database.o
> spo_log_null.o spo_log_tcpdump.o spo_unified.o
> spo_log_ascii.o spo_alert_sf_socket.o
> make: ar: Command not found
You've got a problem here. You need to make sure that /usr/ccs/bin is in
your path. I usually place it last, with /usr/local/bin and
/usr/local/sbin near the front of the path. Make sure you 'rehash' or
'hash' (depends on your shell) to reread programs along the path.
> #make install
> #snort -V
> still shows Snort Version 1.9.0 is running...
Right. Because of the error from above, you never actually got 2.0.1
built. It bailed out on you.
> Do I need to remove/uninstall the existing 1.9.0
> before install
> 2.0.1? and HOW to uninstall snort if needed in the
> right way?
There's not really anything to uninstall. You copy the 2.x binary over
the 1.x, backup your snort.conf, copy the 2.x snort.conf over the 1.9
snort.conf, copy *.rules *.config *.map over the old versions, go back and
edit your 2.0 Snort.conf to match any specific changes that you had made
to the 1.9.x version (HOME_NET, EXTERNAL_NET, etc...).
After that, you should be in buisness!
"When things get weird, the weird turn pro." H.S. Thompson
More information about the Snort-users