ClamAV + Snort

[Xavier Cabrera <xavierc () devilcrack org>]

I recently compile snort whit Clam AV support, but i can make the think 
going to work...

I compile whit the following options

./configure --enable-sourcefire --enable-flexresp --enable-inline 
--enable-debug --enable-perfmonitor --enable-clamav 
--with-clamav-includes=/usr/local/lib 
--with-clamav-defdir=/var/lib/clamav --with-mysql

I install clamav from source 0.84 whitout problems... Snort compile 
whitout problems too... And the compilation of snort search for  
libclamav.so.1. so i made a ln -s /usr/local/lib/libclamav.so.1 
/usr/lib/libclamav.so.1............ the think its goin to work.!! 
............ but later in the next second apear in log:

ERROR:  unknown preprocessor "clamav"


:-( :-( :-( :-( :-( :-( :-( :-( :-( :-( :-(

My parameter in snort.conf its:

preprocessor clamav: ports all !25 !443 !22

Anyone have a manual for install snort-inline + clamav ?

This can be related to iptables?

Thanks for any help

Xavier C.



-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.
Get your fingers limbered up and give it your best shot. 4 great events, 4
opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users