Re: Problem With Dynamic Library

[Jim Campbell <jim () w4bqp net>]

Noah,

Thanks for the answer. It turns out that I was attempting to do a 
quick-and-dirty upgrade and that seldom turns out well. I started over 
and am in the process of upgrading "by the book."

Thanks for the book. I am somewhat proficient with Linux but don't use 
it enough to be really proficient. Your "book" (step-by-step 
instructions) make a world of difference for me.

Many thanks,

Jim

On 6/13/2017 1:54 AM, Noah Dietrich wrote:
> Hello,
>
> I'm the author of those Snort on Ubuntu guides on the
> http://SublimeRobots.com blog.
>
> You need to copy the dynamic preprocessor libraries from the snort Source (
> *~/snort_src*) folder. if you're following my Ubuntu guide, that command is
> probably something like:
>
> *cd
> ~/snort_src/snort-2.9.9.0/src/dynamic-preprocessors/build/usr/local/lib/snort_dynamicpreprocessor/*
> *sudo cp * /usr/local/lib/snort_dynamicpreprocessor/*
>
> You probably need to clean out the*
> /usr/local/lib/snort_dynamicpreprocessor/ *folder before you run the above
> command.  (I can't remember if there was a change in these folder paths
> between the instructions for the 2.9.8.x and 2.9.9.x versions of snort, so
> you may need to tweak these instructions a bit).
>
> After compiling snort on Ubuntu, the *ldconfig *command is required (or
> snort will throw an error when you run it), that's probably what he is
> referring to.
>
> Noah
>
>
>
> On Mon, Jun 12, 2017 at 10:49 PM, <wkitty42 () windstream net> wrote:
>
> > On 06/12/2017 02:28 PM, Jim Campbell wrote:
> >
> > > When I run the test "sudo snort -T -i enp1s0 -c
> > > /etc/snort/snort.ips.conf" I get the following error:
> > >
> > > ERROR: The dynamic detection library "/usr/local/lib/snort_dynamicrules/file-executable.so"
> > > version 1.0 compiled with dynamic engine library version 2.6
> > this is the dynamic shared object rules... did you download new rules and
> > replace them, too??
> >
> > isn't compatible with the current dynamic engine library
> > > "/usr/local/lib/snort_dynamicengine/libsf_engine.so" version 3.0.
> > we used to always delete everything in the dynamicrules and
> > dynamicpreprocessor directories... if we were using the shared object
> > rules, those had to go, too... plus they had to be disabled until they had
> > been updated on the next scheduled rules update run...
> >
> > And yes, I did the "sudo ldconfig" to update the shared libraries.
> > we've never done that... didn't ever need to...
> >
> > --
> >   NOTE: No off-list assistance is given without prior approval.
> >         *Please keep mailing list traffic on the list unless*
> >         *a signed and pre-paid contract is in effect with us.*
> >
> >
> > ------------------------------------------------------------
> > ------------------
> > Check out the vibrant tech community on one of the world's most
> > engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> > _______________________________________________
> > Snort-users mailing list
> > Snort-users () lists sourceforge net
> > Go to this URL to change user options or unsubscribe:
> > https://lists.sourceforge.net/lists/listinfo/snort-users
> > Snort-users list archive:
> > http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
> >
> > Please visit http://blog.snort.org to stay current on all the latest
> > Snort news!
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists snort org
> Go to this URL to change user options or unsubscribe:
> https://lists.snort.org/mailman/listinfo/snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort news!

_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!