Re: FW: AW: Libovar Man info.

[Rameez Qureshi <rameez_q () hotmail co uk>]

Hello

> yes i saw that... my first question is why is it looking in a 'src' directory? 
> there should be no need to add paths to those include lines... generally 
> speaking, those two files (classification.conf and reference.conf) should reside 
> in the same directory as your snort.conf (/etc/)...


I have tried different options to get it working when being left in its basic format being include 
classification.config and the same for reference I get the following error:

Initialising rule chains...
ERROR: ../rules/blacklist.rules(22) unknown ClassType: Trojan-activity
Fatal Error, Quitting..

When going to line 22 of snort.conf
I have then followed the instructions to fully validate the configuration and exit with a fatal error 

However I'm not sure on how to correct this

Thanks
Rameez 

On 10 Apr 2014, at 07:59 PM, "waldo kitty" <wkitty42 () windstream net> wrote:

> On 4/10/2014 2:31 PM, Rameez Qureshi wrote:
> > I don't think I got the second email, I got the one where you replied and
> > suggested me starting from scratch
>
> that is the one i'm speaking of... here's a manual quote of it ;)
>
> [quote]
> On 4/9/2014 6:19 PM, Rameez Qureshi wrote:
> > for my snort.conf file when taking out the # out of the rule paths for rules and
> > for including individual rules it throws up and error and this led me to taking
> > out the # where snort seemed to fire correctly but did not load any rules
>
> sorry! i hit the wrong keys with my previous reply :(
>
> line 538 in your snort.conf doesn't contain a filename...
> line 540 is missing the '/' between "rules" and "file"...
> line 692 is missing the 'i' in "include"...
>
> you have so many other items commented out that it is doubtful that you will get
> it working without a lot of editing... you might want to start with a fresh
> snort.conf and then make the few edits needed for your installation while
> leaving everything else as is...
> [/quote]
>
> > which is what I have done now as ended up with the following:
>
> yes i saw that... my first question is why is it looking in a 'src' directory? 
> there should be no need to add paths to those include lines... generally 
> speaking, those two files (classification.conf and reference.conf) should reside 
> in the same directory as your snort.conf (/etc/)...
>
>
> -- 
> NOTE: No off-list assistance is given without prior approval.
>       Please keep mailing list traffic on the list unless
>       private contact is specifically requested and granted.
>
> ------------------------------------------------------------------------------
> Put Bad Developers to Shame
> Dominate Development with Jenkins Continuous Integration
> Continuously Automate Build, Test & Deployment 
> Start a new project now. Try Jenkins in the cloud.
> http://p.sf.net/sfu/13600_Cloudbees
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort news!

------------------------------------------------------------------------------
Put Bad Developers to Shame
Dominate Development with Jenkins Continuous Integration
Continuously Automate Build, Test & Deployment 
Start a new project now. Try Jenkins in the cloud.
http://p.sf.net/sfu/13600_Cloudbees
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!