Snort mailing list archives
Re: Error: Unknown preprocessor: "normalize_ip4"
From: Russ Combs <rcombs () sourcefire com>
Date: Sat, 1 Jan 2011 18:57:27 -0500
Yes, comment those lines out if you don't build with --enable-normalize. On Jan 1, 2011 6:25 PM, "Michael Steele" <michaels () winsnort com> wrote:
Working with Snort 2.9.3 - Snort it throws -> ERROR: d:\snort\etc\snort.conf(186) Unknown preprocessor: "normalize_ip4" I see the options in the snort.conf: --------------------\ # Inline packet normalization. For more information, see README.normalize # Does nothing in IDS mode preprocessor normalize_ip4 preprocessor normalize_tcp: ips ecn stream preprocessor normalize_icmp4 preprocessor normalize_ip6 preprocessor normalize_icmp6 --------------------/ The above lines are causing the errors, however the snort.conf states "# Does nothing in IDS mode". However, windows is reading in the those configuration lines and trying to process them, so it appears to be
actually
doing something? In UNIX it appears that the normalize function needs to be enabled on compiling. If it's not enabled, does UNIX throw errors if the functions
are
not committed out? Is commenting out the normalizes lines the proper way to get around these errors in Windows, and is this how it's supposed to work? This also might be a Windows bug? The normalize function appears to be related to Barnyard? Kindest regards, Michael...
------------------------------------------------------------------------------ Learn how Oracle Real Application Clusters (RAC) One Node allows customers to consolidate database storage, standardize their database environment, and, should the need arise, upgrade to a full multi-node Oracle RAC database without downtime or disruption http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Error: Unknown preprocessor: "normalize_ip4" Michael Steele (Jan 01)
- Re: Error: Unknown preprocessor: "normalize_ip4" Russ Combs (Jan 01)
- Re: Error: Unknown preprocessor: "normalize_ip4" Joel Esler (Jan 01)
- Re: Error: Unknown preprocessor: "normalize_ip4" Michael Steele (Jan 01)
- Re: Error: Unknown preprocessor: "normalize_ip4" Joel Esler (Jan 02)
- Re: Error: Unknown preprocessor: "normalize_ip4" Michael Steele (Jan 01)