Snort mailing list archives

oinkmaster

From: Nicholas Bernstein <nick () docmagic com>
Date: Wed, 03 Dec 2003 13:23:18 -0800

It seems that oinkmaster.pl decided it's running with the -e option, as
it is enabling all of the rules that I disable. As you can imagine, this
makes for a *lot* of that snort it picking up, and generally makes
maintenance a nightmare. 

I use includes in my snort.cf (i.e. include bad-traffic.rules). I'm
running it as 
        
        "/usr/local/bin/oinkmaster.pl -q -b /etc/snort.last/ -o /etc/snort/"

is there something I'm doing wrong? 

Thanks!
Nick
-- 
+---------------------------------------------------------------+
| Nicholas Bernstein            | nick () docmagic com             |
| UNIX Systems Administrator    | http://www.docmagic.com       |
| Document Systems Inc.         |                               |
| gpg: F706 8C4E 78FA DDDD 53A0 019F D983 FE28 2002 D1F3        |
+---------------------------------------------------------------+

Attachment: signature.asc
Description: This is a digitally signed message part

Current thread:

oinkmaster Nicholas Bernstein (Dec 03)
- Re: oinkmaster Andreas Östling (Dec 03)
- <Possible follow-ups>
- re: oinkmaster adam_peterson (Dec 03)