Snort mailing list archives
Upgrade of Snort
From: "O'Flynn, Derek" <DOFlyn () lsuhsc edu>
Date: Fri, 24 Sep 2004 16:33:12 -0500
I just did an upgrade for 2.0 to 2.2. I rebuilt it and overlayed the old binary. I also utilized the new snort.conf and ported my specific configurations over to it. I dropped the tables in mysql and rebuilt them using the create_mysql and snortdb-extra configs. Updated the .config and .map files to my etc directory. Anyway, it looks like it comes up fine, and then crashes out with a file size error. Anyone know how to correct it? rpc_decode arguments: Ports to decode RPC on: 111 32771 alert_fragments: INACTIVE alert_large_fragments: ACTIVE alert_incomplete: ACTIVE alert_multiple_requests: ACTIVE telnet_decode arguments: Ports to decode telnet on: 21 23 25 119 database: compiled support for ( mysql ) database: configured to use mysql database: user = snort database: password is set database: database name = snort database: host = localhost database: sensor name = 192.168.100.100 database: sensor id = 1 database: schema version = 106 database: using the "log" facility 1889 Snort rules read... 1889 Option Chains linked into 196 Chain Headers 0 Dynamic rules +++++++++++++++++++++++++++++++++++++++++++++++++++ Warning: flowbits key 'realplayer.playlist' is checked but not ever set. +-----------------------[thresholding-config]------------------------------- --- | memory-cap : 1048576 bytes +-----------------------[thresholding-global]------------------------------- --- | none +-----------------------[thresholding-local]-------------------------------- --- | gen-id=1 sig-id=2495 type=Both tracking=dst count=20 seconds=60 | gen-id=1 sig-id=2523 type=Both tracking=dst count=10 seconds=10 | gen-id=1 sig-id=2494 type=Both tracking=dst count=20 seconds=60 | gen-id=1 sig-id=2275 type=Threshold tracking=dst count=5 seconds=60 | gen-id=1 sig-id=2496 type=Both tracking=dst count=20 seconds=60 +-----------------------[suppression]--------------------------------------- --- ---------------------------------------------------------------------------- --- Rule application order: ->activation->dynamic->alert->pass->log --== Initialization Complete ==-- -*> Snort! <*- Version 2.2.0 (Build 30) By Martin Roesch (roesch () sourcefire com, www.snort.org) File size limit exceeded Thanks, Derek O'Flynn
Current thread:
- Upgrade of Snort O'Flynn, Derek (Sep 24)
- <Possible follow-ups>
- RE: Upgrade of Snort O'Flynn, Derek (Sep 24)
- Re: Upgrade of Snort Bamm Visscher (Sep 24)