Re: parsing the rules

[James Riden <j.riden () massey ac nz>]

snort user <snort_user2004 () yahoo com> writes:

>    i ran snort in the ids mode and one thing confusing. it says "Parsing
>    Rules file snort.config" . i thought the config file has a pointer to
>    the rules directory. could someone please help me with this. i was
>    also going thru the code and found a function call to
>    ParseRulesFile(pv.config). any help will be appreciated.

> From a 2.2.0 snort.conf :

# Path to your rules files (this can be a relative path)
# Note for Windows users:  You are advised to make this an absolute path,
# such as:  c:\snort\rules
var RULE_PATH /etc/snort

And you can ask snort to start with a different snort.conf using 

snort -c /my/path/to/my/snort.conf

Is that what you wanted to know?

cheers,
 Jamie
-- 
James Riden / j.riden () massey ac nz / Systems Security Engineer
Information Technology Services, Massey University, NZ.
GPG public key available at: http://www.massey.ac.nz/~jriden/



-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users