Re: Snort v2 - syslog "-s 127.0.0.1" not working

[Rich Adamson <radamson () routers com>]

> > All,
> >
> > Has anyone tried to use the v2 "-s 127.0.0.1" otpion lately?
> >
> > It seems to have stopped working sometime after v1.9.0 was released.
> > (I've been using it since about v1.8.7 for low volume alerts, and
> > its been solid.)
> >
> > Just tested with Build 53 again. Still inop.
>
> What Platform? Windows? 

Yes, Win2kPro. Seems each of the v2 builds is having a problem with the
syslog function. Chris Reid found a missing colon in the code associated
parsing the command line a few weeks ago, but hasn't had the time to
debug the syslog issue. I've got the v2 source loaded into Visual Studio
and can compile a functional executable, but I've not been involved with
writing C code for about 20 years and not sure where to initiate a debug
session. I don't know for sure whether this might be a WinPcap issue or
snort issue other then all other WinPcap apps work, and snort v1.9 does
generate syslog packets. I'm assuming that snort v2 uses the same WinPcap
functions that v1.9 used.

The v2 code is executing properly for the most part as it does log the
appropriate alerts to disk files, just no syslog alerts. If someone could
give me a hint as to where (in the source) to start single-stepping,
etc, I'd give it a try.

Rich




-------------------------------------------------------
This SF.net email is sponsored by:Crypto Challenge is now open! 
Get cracking and register here for some mind boggling fun and 
the chance of winning an Apple iPod:
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users