[Snort-users] Does multiple configs works with snort 2.9.7.5?

C.L. Martinez carlopmart at ...11827...
Mon Aug 31 05:50:46 EDT 2015


On 08/31/2015 09:11 AM, waldo kitty wrote:
> On 08/30/2015 11:02 AM, C.L. Martinez wrote:
>> Hi all,
>>
>>     Exists some problem/bug with multiple configs in snort 2.9.7.5?? I
>> have updated one of my sensors to this release and multiple configs
>> doesn't works ... Always use the first config file defined in config
>> binding section.
>
> https://www.snort.org/faq/how-do-i-ask-a-good-question-on-the-snort-list
>
> you have given us nothing to work with... we can't even make a start at WAGs...
>

Ok, I have attached all config files implied plus the output of "snort 
-c snort.conf -T".

As you can see in the output, I have defined a different logdir for both 
configs, but snort output only "sees" the default value "/var/log/snort" 
... For bpf_filter options is the same. I need to define different bpf 
filters for both configs, but bpf_filter option is no t read by snort.

And is the same for all config except for customized vars.

I am using basic config (without rules or preprocessors defined) to see 
if all works ...but not.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: multiple_config.tar
Type: application/x-tar
Size: 40960 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20150831/22a93876/attachment.tar>


More information about the Snort-users mailing list