Snort mailing list archives
Re: Unable to create stub so rules files
From: Peter Bates <peter.bates () ucl ac uk>
Date: Wed, 28 Nov 2012 09:02:06 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello all On 28/11/2012 07:48, C. L. Martinez wrote:
Generating Stub Rules....
An error occurred: ERROR:
/data/config/etc/idpsnort01/rules/VRT-backdoor.rules(0) Unable to open
rules file "/data/config/etc/idpsnort01/rules/VRT-backdoor.rules": No
such file or directory.
An error occurred: Fatal Error, Quitting..
If your Snort configuration is passing -T, then you should probably try running PP with -v or -vv to find out exactly what is going wrong when this error occurs. It looks rather like PP is unpacking the rules and then looking in another directory for the unpacked rules, but why that should be the case is a mystery!
Somebody knows if it is possible to generate new sid-msg.map once stub rules are created??
I'd investigate why PP isn't working - there was 'create-sidmap.pl' in Oinkmaster which did a similar job once the .rules are in place. Do you have PP set to generate one .rules and one for your SO rules, or is it set to put rules into seperate files? - -- Peter Bates Senior Information Security Officer Phone: +44(0)2076792049 Information Services Division Internal Ext: 32049 University College London London WC1E 6BT -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iQEcBAEBAgAGBQJQtdMOAAoJELhVoVpEMS6RpmwH/RFC6Cf9kuKCUpmoYuPS17/4 U/F+6VnkDH7fKLgREDXHuT+6Vp3nUDcFjHRbYGKb860qQ1d19nXxdklgNTIVx499 J1sWGYftHgsKq6oNZwC9Ni9OdFaHT6R7tAJlyP4nRFOWUhQ7kQKLPWxjWwHSk07C 8TgTOPxkxeLfFuxw6cHYymz1BRFZSNkInoFn39tdxWHCKEJznWaYh9RGeUqp3kD5 y8cSvJjxewN1gosxWTmWLFHfjFb3C15UaBKuZWHSilXUPdJ4d4ujIpvlOshBh4Cr 3sTnHfWVz/RW3LUtB4ZggIf9p01yt2MzvQeCH1aHuLOo9YQ/NLdCM1EmzDqPz94= =IcBW -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Keep yourself connected to Go Parallel: INSIGHTS What's next for parallel hardware, programming and related areas? Interviews and blogs by thought leaders keep you ahead of the curve. http://goparallel.sourceforge.net _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re: Unable to create stub so rules files, (continued)
- Re: Unable to create stub so rules files Peter Bates (Nov 27)
- Re: Unable to create stub so rules files C. L. Martinez (Nov 27)
- Re: Unable to create stub so rules files Peter Bates (Nov 27)
- Re: Unable to create stub so rules files C. L. Martinez (Nov 27)
- Re: Unable to create stub so rules files Peter Bates (Nov 27)
- Re: Unable to create stub so rules files C. L. Martinez (Nov 27)
- Re: Unable to create stub so rules files Peter Bates (Nov 27)
- Re: Unable to create stub so rules files C. L. Martinez (Nov 27)
- Re: Unable to create stub so rules files Peter Bates (Nov 27)
- Re: Unable to create stub so rules files C. L. Martinez (Nov 27)
- Re: Unable to create stub so rules files Peter Bates (Nov 28)
- Re: Unable to create stub so rules files C. L. Martinez (Nov 28)