Snort mailing list archives
Re: FATAL ERROR in bad-traffic.rules
From: Martin Roesch <roesch () sourcefire com>
Date: Mon, 28 Jun 2004 10:49:49 -0400
That was an error check I added in 2.1.3, it basically tells you if you forget to add the trailing ']' on an IP list. These are typically defined as variables, check your snort.conf.
-Marty
On Jun 26, 2004, at 2:05 PM, Mark E. Donaldson wrote:
-----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Xantius Sent: Saturday, June 26, 2004 7:58 AM To: snort-users () lists sourceforge net Subject: [Snort-users] FATAL ERROR in bad-traffic.rulesAfter hours of trying to get snort installed and working, I feel like I'mgetting close. But when I start up snort, it dies with the following message.FATAL ERROR: /etc/snort/rules/bad-traffic.rules(12) => Unterminated IP ListThese rules are stock right out of the box. No idea what the problem is...Anyone? --XantiusLet me guess. You're trying to install Snort 2.1.3? That's my guess because I have run into the same difficulty. Been using snort all the way back since day one and have never had any trouble to speak of that I couldn't solve. So far no luck on this one. So, I went back to 2.1.2 until I have more time tofigure it out. Whatever the problem, it seems unique to 2.1.3. ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- Martin Roesch - Founder/CTO, Sourcefire Inc. - (410)290-1616 Sourcefire: Intelligent Security Monitoring roesch () sourcefire com - http://www.sourcefire.com Snort: Open Source Network IDS - http://www.snort.org ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training.Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- FATAL ERROR in bad-traffic.rules Xantius (Jun 26)
- RE: FATAL ERROR in bad-traffic.rules Mark E. Donaldson (Jun 26)
- Re: FATAL ERROR in bad-traffic.rules Xantius (Jun 26)
- Re: FATAL ERROR in bad-traffic.rules Martin Roesch (Jun 28)
- <Possible follow-ups>
- Re: FATAL ERROR in bad-traffic.rules Xantius (Jun 27)
- RE: FATAL ERROR in bad-traffic.rules Mark E. Donaldson (Jun 26)