Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: help

From: pierre telfort via Snort-users <snort-users () lists snort org>
Date: Wed, 15 May 2019 16:08:10 -0700
i fixed this thanks. now I'm trying to start snort as daemon service. i
found some examples on how to do it. i followed those examples and tried to
start the snort.service, i got an error message.

Le lun. 13 mai 2019 à 09:40, wkitty42--- via Snort-users <
snort-users () lists snort org> a écrit :




please keep snort issues on the snort mailing list and do not take them
private
unless specifically requested... this way others with the same or similar
problem can find the solution, too... i've added the list back to my
reply...


the problem is that you have spaces in all of those *_PATH lines you
posted for
my query...

#104 var RULE_PATH ../rules /etc/snort/rules
here ----------------------^

either remove those spaces or fix those paths to point to the proper
directories
for all of those *_PATH lines on lines 104, 105, 106, 113, and 114...
check any
other paths, too...

perhaps you meant to have the following instead of the default "../rules"??

#104 var RULE_PATH /etc/snort/rules



On 5/7/19 9:36 PM, Telfort P wrote:

#100
# 101 Path to your rules files (this can be a relative path)
# 102 Note for Windows users:  You are advised to make this an absolute

path,

# 103 such as:  c:\snort\rules
#104 var RULE_PATH ../rules /etc/snort/rules
#105 var SO_RULE_PATH ../so_rules /etc/snort/so_rules
#106 var PREPROC_RULE_PATH ../preproc_rules etc/snort/preproc_rules
#107 #108 If you are using reputation preprocessor set these
#109 Currently there is a bug with relative paths, they are relative to

where

snort is
#110 not relative to snort.conf like the above variables
#111 This is completely inconsistent with how other vars work, BUG 89986
#112 Set the absolute path appropriately
#113 var WHITE_LIST_PATH ../rules /etc/snort/rules
#114 var BLACK_LIST_PATH ../rules /etc/snort/rules
#115


*I labeled them the same way it is in my config file.*

On 5/7/19 3:04 AM, wkitty42--- via Snort-users wrote:

On 5/3/19 10:04 PM, Telfort P via Snort-users wrote:

How do i fix this error in my rules. ""ERROR:

/etc/snort/snort.conf(104)

Missing argument to RULE_PATH
Fatal Error, Quitting.""


please post lines 100 thru 110 of your /etc/snort/snort.conf file...





--
  NOTE: No off-list assistance is given without prior approval.
        *Please keep mailing list traffic on the list unless*
        *a signed and pre-paid contract is in effect with us.*
_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

        To unsubscribe, send an email to:
        snort-users-leave () lists snort org

Please visit http://blog.snort.org to stay current on all the latest
Snort news!

Please follow these rules:
https://snort.org/faq/what-is-the-mailing-list-etiquette


_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

        To unsubscribe, send an email to:
        snort-users-leave () lists snort org

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
Previous By Date Next
Previous By Thread Next

Current thread: