[Snort-users] pulled pork - snort dynamic rules on mac OS X

Andrew Shagayev drewshg at ...11827...
Wed Mar 18 01:17:20 EDT 2015


Snort 2.9.7.0
PP 0.7.1
OSX Yosemite 10.10.2

When I run Snort, getting warnings:

WARNING: No dynamic libraries found in directory
/usr/local/lib/snort_dynamicrules.

and

WARNING: ip4 normalizations disabled because not inline.
WARNING: tcp normalizations disabled because not inline.
WARNING: icmp4 normalizations disabled because not inline.
WARNING: ip6 normalizations disabled because not inline.
WARNING: icmp6 normalizations disabled because not inline.

I'm trying to find out how to setup dynamic rules for Snort on my mac.
Seems like Pulled Pork doesn't do the job on OS X.
So when I run it I get "Fly Piggy Fly", but my
/usr/local/lib/snort_dynamicrules/  is still empty.

*Shouldn't PulledPork copy the appropriate precompiled so-rules to there on
OSX?*
*Or should it compile them automatically for each OS (including OSX)?*
*Or should I copy them manually? And in this case which ones should I copy?*

There are rules for different os in so_rules/precompiled/  but there are no
directory which says Darwin or OSX.

Please give me a hint.
I'll really appreciate the help!

Thank you!
-- 
A.S.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20150317/e66ae8a8/attachment.html>


More information about the Snort-users mailing list