Snort mailing list archives

"No input plugin found for magic: a1b2c3d4" Issue

From: Rachmat Hidayat Al-Anshar <rachmat_hidayat_02 () yahoo com>
Date: Tue, 6 May 2008 14:06:55 -0700 (PDT)

I try to installing snort-2.8.0.1 on OpenBSD-4.2, before that, I try to patching it with snortsam's patch diff file 
(snortsam-2.8.0.1.diff). There is nothing to problem at all when I have to compiling and installing Snort. But I got 
this following error when issuing "make" to installing Barnyard:

ProgVars.c: In function `ProgVars_Fprintf':
ProgVars.c:672: warning: long unsigned int format, time_t arg (arg 3)
gcc  -g -O2 -Wall -L/usr/local/lib/mysql/ -o barnyard  barnyard.o mstring.o strlcatu.o strlcpyu.o util.o  spool.o sid.o 
debug.o classification.o CommandLineArgs.o ConfigFile.o  ProgVars.o output-plugins/libop.a input-plugins/libdp.a -lz 
-lssl -lmysqlclient
/usr/local/lib/mysql//libmysqlclient.so.18.0: warning: strcpy() is almost always misused, please use strlcpy()
output-plugins/libop.a(op_sguil.o)(.text+0xea): In function `OpSguil_Start':
/etc/barnyard/src/output-plugins/op_sguil.c:220: warning: sprintf() is often misused, please use snprintf()
output-plugins/libop.a(op_sguil.o)(.text+0x4da): In function `OpSguil_Log':
/etc/barnyard/src/output-plugins/op_sguil.c:366: warning: strcat() is almost always misused, please use strlcat()

I try to continue the process with hope there is nothing wrong with barnyard processing the snort's unified file.
But lately I know that I was wrong...

Barnyard produce this messages 

# tail /var/log/messages
May  7 09:01:00 snort barnyard: No bookmark file found, processing all events
May  7 09:01:03 snort barnyard[10430]: Initializing daemon mode
May  7 09:01:03 snort barnyard[23654]: Opened spool file '/var/log/snort//snort.log.1210120583'
May  7 09:01:03 snort barnyard[23654]: FATAL ERROR: ERROR: No input plugin found for magic: a1b2c3d4
May  7 09:01:03 snort barnyard[23654]: Exiting


when I try to running it with:
# /usr/local/bin/barnyard \
-c /etc/snort/barnyard.conf \
-d /var/log/snort/ \
-L /var/log/snort/ \
-s /etc/snort/sid-msg.map \
-g /etc/snort/gen-msg.map \
-p /etc/snort/classification.config \
-a /var/log/snort/archive/ \
-f snort.log \
-w /var/log/snort/barnyard.waldo \
-X /var/run/barnyard.pid \
-D


Now, what should I do?

Thanks in advance
Regard
Matt

       
---------------------------------
Be a better friend, newshound, and know-it-all with Yahoo! Mobile.  Try it now.

-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference 
Don't miss this year's exciting event. There's still time to save $100. 
Use priority code J8TL2D2. 
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

"No input plugin found for magic: a1b2c3d4" Issue Rachmat Hidayat Al-Anshar (May 06)
- Re: [Barnyard-users] " No input plugin found for magic: a1b2c3d4" Issue Rachmat Hidayat Al-Anshar (May 07)
  - Re: [Barnyard-users] " No input plugin found for magic: a1b2c3d4" Issue Bamm Visscher (May 07)
  - Re: [Barnyard-users] " No input plugin found for magic: a1b2c3d4" Issue Joel Esler (May 07)