Snort precompiled rule causes segfault

[Peter Fyon <peter.fyon () gmail com>]

Hey snort-users,

There's a rule in the precompiled protocol-dns.so rules that causes snort
to segfault under my ubuntu 14.04 install. I tried adding protocol-dns.so
to my ignore= directive in pulledpork.conf, but it was still processing and
adding the so to my so_rules directory.

I ended up having to remove the so itself, but would rather be able to
disable it in my pulledpork config. Better still would be to figure out the
sid of the bad rule and disable it specifically.

Does anyone know how to get the sid of a rule from an so when it segfaults?

Peter

------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!