Snort mailing list archives

Upgrade of Snort

From: "O'Flynn, Derek" <DOFlyn () lsuhsc edu>
Date: Fri, 24 Sep 2004 16:33:12 -0500

I just did an upgrade for 2.0 to 2.2.  I rebuilt it and overlayed the old
binary.  I also utilized the new snort.conf and ported my specific
configurations over to it.  I dropped the tables in mysql and rebuilt them
using the create_mysql and snortdb-extra configs.  Updated the .config and
.map files to my etc directory.

 

Anyway, it looks like it comes up fine, and then crashes out with a file
size error.  Anyone know how to correct it?

 

rpc_decode arguments:

    Ports to decode RPC on: 111 32771 

    alert_fragments: INACTIVE

    alert_large_fragments: ACTIVE

    alert_incomplete: ACTIVE

    alert_multiple_requests: ACTIVE

telnet_decode arguments:

    Ports to decode telnet on: 21 23 25 119 

database: compiled support for ( mysql )

database: configured to use mysql

database:          user = snort

database: password is set

database: database name = snort

database:          host = localhost

database:   sensor name = 192.168.100.100

database:     sensor id = 1

database: schema version = 106

database: using the "log" facility

1889 Snort rules read...

1889 Option Chains linked into 196 Chain Headers

0 Dynamic rules

+++++++++++++++++++++++++++++++++++++++++++++++++++

 

Warning: flowbits key 'realplayer.playlist' is checked but not ever set.

 

+-----------------------[thresholding-config]-------------------------------
---

| memory-cap : 1048576 bytes

+-----------------------[thresholding-global]-------------------------------
---

| none

+-----------------------[thresholding-local]--------------------------------
---

| gen-id=1      sig-id=2495      type=Both       tracking=dst count=20
seconds=60 

| gen-id=1      sig-id=2523      type=Both       tracking=dst count=10
seconds=10 

| gen-id=1      sig-id=2494      type=Both       tracking=dst count=20
seconds=60 

| gen-id=1      sig-id=2275       type=Threshold tracking=dst count=5
seconds=60 

| gen-id=1      sig-id=2496      type=Both       tracking=dst count=20
seconds=60 

+-----------------------[suppression]---------------------------------------
---

----------------------------------------------------------------------------
---

Rule application order: ->activation->dynamic->alert->pass->log

 

        --== Initialization Complete ==--

 

-*> Snort! <*-

Version 2.2.0 (Build 30)

By Martin Roesch (roesch () sourcefire com, www.snort.org)

File size limit exceeded

 

Thanks,

Derek O'Flynn

Current thread:

Upgrade of Snort O'Flynn, Derek (Sep 24)
- <Possible follow-ups>
- RE: Upgrade of Snort O'Flynn, Derek (Sep 24)
  - Re: Upgrade of Snort Bamm Visscher (Sep 24)