RE: Problem with snort 2.1.0 and redhat 9

["Lang Hoang" <Lang () 4thpass com>]

When I run 
/usr/local/bin/snort -V
it shows:
-*> Snort! <*-
Version 2.1.0 (Build 9)
By Martin Roesch (roesch () sourcefire com, www.snort.org)
 
when I run
/usr/local/bin/snort -T
It shows:
-*> Snort! <*-
Version 2.1.0 (Build 9)
By Martin Roesch (roesch () sourcefire com, www.snort.org)
Snort sucessfully loaded all rules and checked all rule chains!
Snort exiting
 
When I run /etc/init.d/snort  (edit snort without OPTIONS="-D"
It shows:

ERROR: /etc/snort/snort.conf(285) => Invalid file name for IIS Unicode Map file.
Fatal Error, Quitting..


When I try:
/etc/init.d/snort start
Starting Intrusion Database System: SNORT
/etc/init.d/snort stop
Stoping Intrusion Database System: SNORT
SNORT is  not running!
/etc/init.d/snort start
Starting Intrusion Database System: SNORT
/etc/init.d/snort restart
SNORT is  not running!
Starting Intrusion Database System: SNORT
 
This is a fresh install of snort 2.1.0 on RedHat 9.0 (WON'T WORK)
Then I install snort 2.0.6 (WORK FINE)
When I install snort 2.1.0 again, (WON'T WORK)
 
I did not get any error with the following command
./configure --with-mysql=/usr/local/mysql
make
make install
 
Thank you very much
 

        -----Original Message----- 
        From: Erek Adams [mailto:erek () snort org] 
        Sent: Wed 12/24/2003 5:36 AM 
        To: Lang Hoang 
        Cc: snort-users () lists sourceforge net 
        Subject: Re: [Snort-users] Problem with snort 2.1.0 and redhat 9
        
        

        On Tue, 23 Dec 2003, Lang Hoang wrote:
        
        > I have problem with snort 2.1.0 install on Redhat 9.  Snort won't start
        > and there is no error for it. I run config, make and make install
        > without problem, and mysql, php, acid seem working fine.  I have mysql,
        > php, acid running no problem with snort 2.0.4 and 2.0.6 on this machine
        > but not 2.1.0
        
        Try typing this:
        
                /usr/local/bin/snort -V
        
        Bet it gives you a version doesn't it?
        
        Try typing this:
        
                /usr/local/bin/snort -T
        
        Give you an error?  If so, remember that when you update your versions of
        Snort from one to the next, you _HAVE_ to update your config files and
        your rulesets.
        
        If that's still not it, check the way you're starting Snort.  You could be
        starting it via some startup script and the default install (RPM or
        whatever) for your OS might be a bit crackheaded--Gee, RedHat doing
        something crazy?!?! </sarcasm>--And install it into a different location
        that the default /usr/local/bin/ .  Check the startup script and edit it
        to point to the right version.
        
        If both of those suggestions don't do it, try starting Snort _without_ the
        -D flag.  It will actually tell you the error if it fails for some reason
        if you don't have that flag.
        
        If none work...  Let us know.
        
        Cheers!
        
        -----
        Erek Adams
        
           "When things get weird, the weird turn pro."   H.S. Thompson