[Snort-users] ERROR: The dynamic detection library
wkitty42 at ...14940...
Wed Aug 8 22:47:07 EDT 2012
On 8/8/2012 20:56, Jerry McCaslin wrote:
> Having problems starting snort on new build.
> ERROR: The dynamic detection library "/usr/local/lib/snort_dynamicrules/smtp.so"
> version 1.0 compiled with dynamic engine library version 1.15 isn't compatible
> with the current dynamic engine library
> "/usr/local/lib/snort_dynamicengine/libsf_engine.so" version 1.16.
> Fatal Error, Quitting..
if i'm reading the above correctly, you are trying to use the so rules from
22.214.171.124 with 126.96.36.199 and "that dawg won't hunt"... the dynamic so rules have to
be from the same version as they are specifically compiled for each...
1. download the proper rule set for your version of snort.
2. simply turn off the dynamic rules (comment a line in the conf).
3. remove all the so rules that are not compatible with your version of snort.
for #2 above, comment out the line in your snort.conf /similar/ to the following...
dynamicdetection directory /usr/local/lib/snort_dynamic_rules
just place a # at the beginning of the line and try starting snort again...
for #3 above, we've seen times where the old so rules or dynamicdetection
libraries were not removed during *our* upgrade process and the error was very
similar... i say similar because i can't recall it exactly... in any case, what
we did was to remove all of the so rules and dynamicdetection libraries and then
reinstall to place all the proper ones back where they needed to go... needless
to say, our upgrade procedures were modified after that ;)
More information about the Snort-users