Snort mailing list archives

Re: Unable to create stub so rules files

From: "C. L. Martinez" <carlopmart () gmail com>
Date: Wed, 28 Nov 2012 09:07:45 +0000

On Wed, Nov 28, 2012 at 9:02 AM, Peter Bates <peter.bates () ucl ac uk> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hello all

On 28/11/2012 07:48, C. L. Martinez wrote:

Generating Stub Rules....
        An error occurred: ERROR:
/data/config/etc/idpsnort01/rules/VRT-backdoor.rules(0) Unable to open
rules file "/data/config/etc/idpsnort01/rules/VRT-backdoor.rules": No
such file or directory.

        An error occurred: Fatal Error, Quitting..


If your Snort configuration is passing -T,
then you should probably try running PP with -v or -vv
to find out exactly what is going wrong when this error occurs.

It looks rather like PP is unpacking the rules and then looking in another
directory for the unpacked rules, but why that should be the case is a mystery!

Somebody knows if it is possible to generate new sid-msg.map once stub
rules are created??


I'd investigate why PP isn't working - there was
'create-sidmap.pl' in Oinkmaster which did a similar job
once the .rules are in place.

Do you have PP set to generate one .rules and one for your SO rules,
or is it set to put rules into seperate files?

- --


I have tried both options with same results .... stub files only
appears if I use snort command ...

------------------------------------------------------------------------------
Keep yourself connected to Go Parallel: 
INSIGHTS What's next for parallel hardware, programming and related areas?
Interviews and blogs by thought leaders keep you ahead of the curve.
http://goparallel.sourceforge.net
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Re: Unable to create stub so rules files, (continued)
- - - Re: Unable to create stub so rules files C. L. Martinez (Nov 27)
    - Re: Unable to create stub so rules files Peter Bates (Nov 27)
    - Re: Unable to create stub so rules files C. L. Martinez (Nov 27)
    - Re: Unable to create stub so rules files Peter Bates (Nov 27)
    - Re: Unable to create stub so rules files C. L. Martinez (Nov 27)
    - Re: Unable to create stub so rules files Peter Bates (Nov 27)
    - Re: Unable to create stub so rules files C. L. Martinez (Nov 27)
    - Re: Unable to create stub so rules files Peter Bates (Nov 27)
    - Re: Unable to create stub so rules files C. L. Martinez (Nov 27)
    - Re: Unable to create stub so rules files Peter Bates (Nov 28)
    - Re: Unable to create stub so rules files C. L. Martinez (Nov 28)
- Re: Unable to create stub so rules files waldo kitty (Nov 27)