Snort mailing list archives
Re: snort3.1.30 launch the old snort but i run in local without be understand by the ubuntu setup
From: Dorian ROSSE via Snort-devel <snort-devel () lists snort org>
Date: Sun, 29 May 2022 19:40:29 +0000
hello, 'sudo ./snort' doesn't works, here the sources files of this snort : 3.1.30.0.tar.gz hyperscan-5.4.0-build max_detect.lua safeclib balanced.lua hyperscan_5.4.0.orig.tar.gz openmpi-4.1.2.tar.gz security.lua boost_1_57_0.tar.gz inline.lua openssl-1.1.1f sid-msg.map boost_1_77_0.tar.gz libdaq-3.0.6.tar.gz openssl_1.1.1f.orig.tar.gz snort3-3.1.21.0 boost_1_79_0 libdaq-3.0.7 ossp-uuid_1.6.2-1.5build7.debian.tar.xz snort3-3.1.21.0.tar.gz boost_1_79_0_rc1.tar.gz libdnet pcre2 snort3-3.1.30.0 CMake libiconv-1.16.tar.gz pcre-8.45 snort_command_line.txt connectivity.lua libiconv-1.17 pcre-8.45.tar.gz snort_defaults.lua debian libiconv-1.17.tar.gz pulledpork-master snort.lua file_magic.lua libpcap-1.10.1 pulledpork-master.tar.gz snort.lua.sauv flatbuffers-2.0.0 libpcap-1.10.1.tar.gz Python-2.7.18 talos.lua flatbuffers-build libpcap_1.9.1-3.debian.tar.xz Python-2.7.18.tar.xz uuid flatbuffers-v2.0.0.tar.gz libsafec-02092020.0-g6d921f Python-3.10.4 v3.0.7.tar.gz gperftools libsafec-02092020.tar.gz Python-3.10.4.tar.xz v5.4.0.tar.gz gperftools-2.9.1 luajit ragel-6.10 gperftools-2.9.1.tar.gz LuaJIT-2.0.5 ragel-6.10.tar.gz hyperscan-5.4.0 LuaJIT-2.0.5.tar.gz ragel-6.10.tar.gz.1 what is should do ? thank you in advance for your help, Regards. Dorian ROSSE. ________________________________ De : Dorian ROSSE Envoyé : lundi 23 mai 2022 14:28 À : Snort-users () lists snort org <snort-users () lists snort org>; snort-devel () lists snort org <snort-devel () lists snort org> Objet : snort3.1.30 launch the old snort but i run in local without be understand by the ubuntu setup hello, i launch the last snort in local but the snort launched is snort 3.1.21 : '''~/snort_src/snort3-3.1.30.0$ sudo snort -c /usr/local/etc/snort/snort.lua --daq-dir ../libdaq-3.0.7 --daq pcap --daq dump --daq-var lb_total=4 --daq-var fanout_type=hash -s 65535 -k all -l /var/log/snort -i enp0s25 --daq-var lb_id=1 -i wlp3s0 --daq-var lb_id=2 -z 2 -m 0x1b -------------------------------------------------- o")~ Snort++ 3.1.21.0 -------------------------------------------------- Loading /usr/local/etc/snort/snort.lua: Loading snort_defaults.lua: Finished snort_defaults.lua: Loading file_magic.lua: Finished file_magic.lua: Loading inline.lua: Finished inline.lua: Loading talos.lua: Finished talos.lua: active alerts daq decode host_cache host_tracker network process output appid alert_json ips classifications references binder wizard detection reputation Processing blocklist file /usr/local/etc/snort/../lists/default.blocklist Reputation entries loaded: 1216, invalid: 0, re-defined: 0 (from file /usr/local/etc/snort/../lists/default.blocklist) file_policy file_id http2_inspect http_inspect ftp_data ftp_client ftp_server port_scan dce_smb stream_icmp stream_tcp stream_udp stream_user stream_file arp_spoof back_orifice dnp3 dns snort modbus netflow normalizer pop rpc_decode sip alert_talos ssl profiler telnet ssh iec104 imap stream_ip stream hosts packets search_engine so_proxy trace dce_tcp dce_udp dce_http_proxy dce_http_server gtp_inspect smtp Finished /usr/local/etc/snort/snort.lua: -------------------------------------------------- rule counts total rules loaded: 600 builtin rules: 600 option chains: 600 chain headers: 1 -------------------------------------------------- port rule counts tcp udp icmp ipt any 600 0 0 0 total 600 0 0 0 -------------------------------------------------- ips policies rule stats id loaded shared enabled file 0 600 0 600 /usr/local/etc/snort/snort.lua -------------------------------------------------- dump:pcap DAQ configured to inline. Commencing packet processing ++ [0] enp0s25 ++ [1] wlp3s0''' a good news is i success to install hyperscan with the last boost, thank you in advance to help myself launch fully the last snort, regards. Dorian ROSSE.
_______________________________________________ Snort-devel mailing list Snort-devel () lists snort org https://lists.snort.org/mailman/listinfo/snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Re: snort3.1.30 launch the old snort but i run in local without be understand by the ubuntu setup Nihal Desai (nihdesai) via Snort-devel (May 24)
- <Possible follow-ups>
- Re: snort3.1.30 launch the old snort but i run in local without be understand by the ubuntu setup Dorian ROSSE via Snort-devel (May 31)