Snort mailing list archives

RE: Re: Snort -T failure

From: "Uhte, Russ" <RussU () RP-L com>
Date: Mon, 26 Aug 2002 11:28:36 -0500

I'm running snort on a Windows 2000 machine using mysql and ACID.  What I
did was change my acid.conf line that from log to alert... that fixed my
problem with logging!!
-Russ

-----Original Message-----
From: LogicET () aol com [mailto:LogicET () aol com] 
Sent: Monday, August 26, 2002 11:08 AM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Re: Snort -T failure

I am having the same problem as you.  If you go to a directory that contains
the snort.conf file and run snort from there, it will initialize correctly.
When running snort from there it runs and logs correctly.  Can anyone tell
us why and how to allow snort to run when executed from any directory?

In a message dated 8/26/2002 11:39:43 AM Eastern Daylight Time,
snort-users-request () lists sourceforge net writes:

hello,

Yesterday I wrote because I had a problem with 'unicode'. I found out that I
installed the wrong version of snortrules. Now I installed
snort-1.8.7.tar.gz and snortrules.tar.gz following the manual Snort, MySQL,
Redhat 7.2. 
I tried the snort -T command again and got a new failure message: 

[root@localhost inprog]# snort -T
Log directory = /var/log/snort
Initializing Network Interface eth0
using config file /root/.snortrc
Initializing Preprocessors!
Initializing Plug-ins!
Initializating Output Plugins!
Parsing Rules file /root/.snortrc
+++++++++++++++++++++++++++++++++++++++++++++++++++
Initializing rule chains...
ERROR: Unable to open rules file: /root/.snortrc or /root//root/.snortrc
Fatal Error, Quitting.. 

I didn't found the .snortrc file on the redhat mashine. Why snort wants to
use the .snortrc file to inizialise and not the snort.conf file? What can I
do now to run snort?

---
CONFIDENTIALITY NOTICE: This email and any attachments are for the exclusive
and confidential use of the intended recipient. If you are not the intended
recipient, please do not read, distribute or take action in reliance upon
this message. If you have received this in error, please notify us
immediately by return email and promptly delete this message and its
attachments from your computer system.
---

Current thread:

snort -T failure Martina Podesser (Aug 26)
- <Possible follow-ups>
- Re: Snort -T failure LogicET (Aug 26)
- RE: snort -T failure McClure Gammon (Aug 26)
- RE: Re: Snort -T failure Uhte, Russ (Aug 26)