Snort mailing list archives
Re: Dynamic Preprocessor Errors
From: "info+lucretia.ca" <info () lucretia ca>
Date: Wed, 31 Jan 2007 17:30:07 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Anyone have a solution for this? Cheers, James Friesen, CIO
Thanks for the responses. Yes, these and all the other preprocessors are in this dir and linked. Here is the output from this dir: sloa@X4ft11:/usr/local/lib/snort_dynamicpreprocessor$ ls -la total 1268 drwxr-xr-x 2 root root 4096 2007-01-28 13:57 . drwxr-xr-x 6 root root 4096 2007-01-25 21:12 .. - -rw-r--r-- 1 root root 150854 2007-01-28 13:57 libsf_dcerpc_preproc.a - -rwxr-xr-x 1 root root 989 2007-01-28 13:57 libsf_dcerpc_preproc.la lrwxrwxrwx 1 root root 29 2007-01-28 13:57 libsf_dcerpc_preproc.so -> libsf_ dcerpc_preproc.so.0.0.0 lrwxrwxrwx 1 root root 29 2007-01-28 13:57 libsf_dcerpc_preproc.so.0 -> libs f_dcerpc_preproc.so.0.0.0 - -rwxr-xr-x 1 root root 93883 2007-01-28 13:57 libsf_dcerpc_preproc.so.0.0.0 - -rw-r--r-- 1 root root 51862 2007-01-28 13:57 libsf_dns_preproc.a - -rwxr-xr-x 1 root root 968 2007-01-28 13:57 libsf_dns_preproc.la lrwxrwxrwx 1 root root 26 2007-01-28 13:57 libsf_dns_preproc.so -> libsf_dns _preproc.so.0.0.0 lrwxrwxrwx 1 root root 26 2007-01-28 13:57 libsf_dns_preproc.so.0 -> libsf_d ns_preproc.so.0.0.0 - -rwxr-xr-x 1 root root 41482 2007-01-28 13:57 libsf_dns_preproc.so.0.0.0 - -rw-r--r-- 1 root root 302478 2007-01-28 13:57 libsf_ftptelnet_preproc.a - -rwxr-xr-x 1 root root 1010 2007-01-28 13:57 libsf_ftptelnet_preproc.la lrwxrwxrwx 1 root root 32 2007-01-28 13:57 libsf_ftptelnet_preproc.so -> lib sf_ftptelnet_preproc.so.0.0.0 lrwxrwxrwx 1 root root 32 2007-01-28 13:57 libsf_ftptelnet_preproc.so.0 -> l ibsf_ftptelnet_preproc.so.0.0.0 - -rwxr-xr-x 1 root root 194949 2007-01-28 13:57 libsf_ftptelnet_preproc.so.0.0.0 - -rw-r--r-- 1 root root 173890 2007-01-28 13:57 libsf_smtp_preproc.a - -rwxr-xr-x 1 root root 975 2007-01-28 13:57 libsf_smtp_preproc.la lrwxrwxrwx 1 root root 27 2007-01-28 13:57 libsf_smtp_preproc.so -> libsf_sm tp_preproc.so.0.0.0 lrwxrwxrwx 1 root root 27 2007-01-28 13:57 libsf_smtp_preproc.so.0 -> libsf_ smtp_preproc.so.0.0.0 - -rwxr-xr-x 1 root root 108681 2007-01-28 13:57 libsf_smtp_preproc.so.0.0.0 - -rw-r--r-- 1 root root 56934 2007-01-28 13:57 libsf_ssh_preproc.a - -rwxr-xr-x 1 root root 968 2007-01-28 13:57 libsf_ssh_preproc.la lrwxrwxrwx 1 root root 26 2007-01-28 13:57 libsf_ssh_preproc.so -> libsf_ssh _preproc.so.0.0.0 lrwxrwxrwx 1 root root 26 2007-01-28 13:57 libsf_ssh_preproc.so.0 -> libsf_s sh_preproc.so.0.0.0 - -rwxr-xr-x 1 root root 46923 2007-01-28 13:57 libsf_ssh_preproc.so.0.0.0 Cheers, James Friesen-----Original Message----- From: rmkml [mailto:rmkml () free fr] Hi, do you have libsf_ftptelnet_preproc.so on this dir ? /usr/local/lib/snort_dynamicpreprocessor/ and please send "ls -la /usr/local/lib/snort_dynamicpreprocessor/" Regards Rmkml On Mon, 29 Jan 2007, info+lucretia.ca wrote:Hello. I'm trying to build 2.7.0.beta1 on Ubuntu 6.06. So farthings areworking well, except when I attempt to turn on the dynamicpreprocessors.I encountered an ID error when I simply uncommented themso I addedsome text to make them look like the command linecounterparts. I'mnot certain whether they work from the command line, as I'm not interested in starting them this way. Starting snort with 'sudo' using the one and only parameter: '-c /etc/snort/snort.conf' I get the following output: ERROR: /etc/snort/snort.conf(539): Bad rule in rules file This line contains: dynamic-preprocessor-lib/usr/local/lib/snort_dynamicpreprocessor/libsf_ftptelnet_preproc.soI get this error with any dynamic preprocessor enabled insnort.conf.I've reviewed the documentation and could find nothingindicating thecorrect format for the 'dynamic-*' options for snort.conf(the commandline is well documented...) and I reviewed the list andforums with noluck on a solution. Cheers, James Friesen, CIO-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32) iD8DBQFFvqufRMg8qN6NZpARAqNcAKCVWgarRFvq/SlqFCpTHqsE7CrpNgCePpm+ Lfu/SPA57O/2OCvCh2DyP/I= =W+AH -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32) iD8DBQFFwTRHRMg8qN6NZpARAvQOAJ9oZKbeU8LrdZPWc635ocN8Mhk9lwCgp6K8 4YIKkCx5/af5Wwq59YqV/fQ= =IJFB -----END PGP SIGNATURE----- ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Dynamic Preprocessor Errors info+lucretia.ca (Jan 29)
- Re: Dynamic Preprocessor Errors Matthew Watchinski (Jan 29)
- Re: Dynamic Preprocessor Errors Jason (Jan 31)
- <Possible follow-ups>
- Re: Dynamic Preprocessor Errors info+lucretia.ca (Jan 29)
- Re: Dynamic Preprocessor Errors info+lucretia.ca (Jan 31)
- Re: Dynamic Preprocessor Errors Matthew Watchinski (Jan 31)
- Re: Dynamic Preprocessor Errors info+lucretia.ca (Feb 06)
- Re: Dynamic Preprocessor Errors info+lucretia.ca (Jan 31)