fail to access mysql

["honda" <honda () cnnic cn>]

Hi,all
 
   I installed snort-1.8.3 with mysql-8.23 on linux 8, but I encountered a problem when
trying the following command 


[root@bugzilla bin]# /opt/ids/bin/snort -c /opt/ids/etc/snort.d/snort.conf
Log directory = /var/log/snort

Initializing Network Interface eth1

        --== Initializing Snort ==--
Decoding Ethernet on interface eth1
Initializing Preprocessors!
Initializing Plug-ins!
Initializating Output Plugins!
Parsing Rules file /opt/ids/etc/snort.d/snort.conf

+++++++++++++++++++++++++++++++++++++++++++++++++++
Initializing rule chains...
No arguments to frag2 directive, setting defaults to:
    Fragment timeout: 60 seconds
    Fragment memory cap: 4194304 bytes
Stream4 config:
    Stateful inspection: ACTIVE
    Session statistics: INACTIVE
    Session timeout: 30 seconds
    Session memory cap: 8388608 bytes
    State alerts: INACTIVE
    Scan alerts: ACTIVE
    Log Flushed Streams: INACTIVE
No arguments to stream4_reassemble, setting defaults:
     Reassemble client: ACTIVE
     Reassemble server: INACTIVE
     Reassemble ports: 21 23 25 53 80 143 110 111 513
     Reassembly alerts: ACTIVE
Back Orifice detection brute force: DISABLED
Using LOCAL time
database: compiled support for ( mysql )
database: configured to use mysql
database:          user = snort
database: database name = snort
database:          port = 3306
database:          host = localhost
database: password is set
database:   sensor name = 159.226.7.50
database:     sensor id = 1
database: schema version = 104
database: using the "log" facility
database: compiled support for ( mysql )
database: configured to use mysql
database:          user = snort
database: database name = snort
database:          host = localhost
database:   sensor name = 159.226.7.50
database: mysql_error: Access denied for user: 'snort@localhost' (Using password: NO)
Fatal Error, Quitting...


HERE IS PART OF THE CONFIGURE FILE OF SNORT
 
output database: log, mysql, user=snort dbname=snort port=3306 host=localhost password=12345678
 
ruletype redalert
 {
   type alert
   output alert_syslog: LOG_AUTH LOG_ALERT
   output database: log, mysql, user=snort dbname=snort host=bugzilla.cnnic.net.cn
 }
 
  I CHANGED THE PASSWORD ABOVE TO AN INCORRECT ONE, ANT IT SAYS:

database: mysql_error: Access denied for user: 'snort@localhost' (Using password: YES)
Fatal Error, Quitting..


  I ALSO ADD THE password parameter IN THE ruletype redalert { ... } SECTION, SOMETHING LIKE:

ruletype redalert
 {
   type alert
   output alert_syslog: LOG_AUTH LOG_ALERT
   output database: log, mysql, user=snort dbname=snort host=localhost password=12345678
 }


   BUT IT COMPLAINS:

ERROR line /opt/ids/etc/snort.d/snort.conf (414): Not an output plugin declaration: redalert
Fatal Error, Quitting..

   I ALSO CHANGED THE user PARAMETERS FROM snort TO root, AND THE host PARAMETERS TO 127.0.0.1 AND
GRANT SNORT@127.0.0.1,SNORT@LOCALHOST AND ROOT@127.0.0.1,ROOT@LOCALHOST TO USE THE SNORT DATABASE, 
VARIED COMBINATIONS WERE TRIED, BUT THE PROBLEM STILL EXISTS.

   AS TO SAY MYSQL, I CREATED THE DATABASE AND TABLES WITH THE GUIDE OF SNORT AND DID THE FOLLOWING:

[root@bugzilla bin]# ./mysql -u snort -h localhost -p12345678 snort
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 26 to server version: 3.23.49-log

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> show tables;
+------------------+
| Tables_in_snort  |
+------------------+
| data             |
| encoding         |
| event            |
| iphdr            |
| reference        |
| reference_system |
| schema           |
| sensor           |
| sig_class        |
| sig_reference    |
| signature        |
| tcphdr           |
| udphdr           |
+------------------+
13 rows in set (0.00 sec)

   AT FIRST I ONLY GRANT INSERT AND SELECT TO SNORT DATABASE,BUT THE PROBLEM STILL EXISTS. SO I EXPANDED
ITS PRIVILEGES TO ALL.

   HERE IS THE DISPLAY WITH THE show grants COMMAND

mysql> show grants for snort@localhost;
+----------------------------------------------------------------------------------------------------------------+
| Grants for snort@localhost                                                                                     |
+----------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'snort'@'localhost' IDENTIFIED BY PASSWORD '4448dd9a39ab97e1' WITH GRANT OPTION |
| GRANT ALL PRIVILEGES ON snort.* TO 'snort'@'localhost'                                                         |
+----------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)

    HERE IS THE CONTENTS OF /etc/hosts

[root@bugzilla bin]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1               localhost       localhost 
159.226.7.50            bugzilla.cnnic.net.cn   bugzilla
159.226.7.75            zhuxiaolei.cnnic.net.cn zhuxiaolei
159.226.7.81            honda.cnnic.net.cn honda 
159.226.7.115           loghost

    HERE IS PART OF acid_conf.php
 
$alert_dbname   = "snort";
$alert_host     = "159.226.7.50";
$alert_port     = "3306";
$alert_user     = "snort";
$alert_password = "12345678";
 
/* Archive DB connection parameters */
$archive_dbname   = "snort_archive";
$archive_host     = "localhost";
$archive_port     = "";
$archive_user     = "root";
$archive_password = "mypassword";



    UNTIL NOW, I WAS DEEPLY PUZZLED BY THIS PROBLEM, I ALSO DROPED THE SNORT DATABASE AND CREATED A NEW ONE, AND
CREATED TABLES AND USERS WITH THE GUIDE OF SNORT INSTALLATION, STEP BY STEP, SERIOUSLY, DEVOUTLY, BUT NOTHING WAS
PAIED DESPITE OF MY HARD WORK. CAN ANYBODY HELP ME? THANKS.