Re: Snort looking for invalid rules directory

[wkitty42 () windstream net]

On 03/09/2016 04:55 AM, Ryan Bateman wrote:
[...]
> which gives me the below error, as it looks for
> /etc/snort//etc/snort/rules/local.rules which clearly doesn't exist. I have
> looked in snort.conf and I can see a line that says include
> $RULE_PATH/local.rules which I thought may be the issue, but the var for
> $RULE_PATH is what it's supposed to be, /etc/snort/rules
>
> I have no idea what else could be causing this. Any ideas?

touch /etc/snort/rules/local.rules


the cause is that the config tells snort to look for the local.rules in 
/etc/snort/rules but it does not exist... local.rules is the traditional name of 
the file containing your local rules specific to your network... it is generally 
not updated by any existing tools...

-- 
  NOTE: No off-list assistance is given without prior approval.
        *Please keep mailing list traffic on the list* unless
        private contact is specifically requested and granted.

------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785111&iu=/4140
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!