Snort mailing list archives
Re: Unable to use dynamicrules on CentOS 6.4 x86_64
From: Jaspal <jaspal () aasaanpay com>
Date: Fri, 05 Jul 2013 18:50:13 +0530
On Friday 05 July 2013 05:47 PM, waldo kitty wrote:
On 7/5/2013 05:47, Jaspal wrote:Hi, I am trying to use the dynamic rules present in snort-rules-snapshot-2495 with snort-2.9.5 on a CentOS 6.4 x86_64 Amazon EC2 VM.is this "snort-2.9.5" a typo? if not, then that's part of your problem... in many cases you cannot mix rules for one version of snort with a different version of snort... the dynamic rules are definitely an example of this...
Thanks for the response. It's not a typo. That's the latest tar on the site and I could not find sources of older versions. ( Why not a give a link ? ) I understand that we can't mix apples and oranges. But the 4 latest snortrules-snapshot (available to registered users) all end in 29{40,41,45,46,31} under the section 'Snort v2.9'. Again no older releases. Perhaps, you could just tell me how to choose a correct set of rules with the snort-2.9.5 version and where can I find them.
I have compiled daq and snort from source. Used libdnet and libdnet-devel from the rpm repo.does not matter in this case...I get the following error upon trying to use the precompiled shared libs from either of RHEL-6.0 or CentOS-5.4 : "The dynamic detection library "/usr/local/lib/snort_dynamicrules/web-activex.so" version 1.0 compiled with dynamic engine library version 1.17 isn't compatible with the current dynamic engine library "/usr/local/lib/snort_dynamicengine/libsf_engine.so" version 2.0"this tells you exactly what the error is and where...Both the snort-rules and snort are compiled from the latest sources. It looks like a version mismatch. But where exactly ?inside the compiled so rules file(s)... the above message tells you that the version 1.0 of web-activex.so compiled with dynamic engine library 1.17 is not compatible with the current dynamic engine library 2.0...Or is there a way to compile the shared libs and use them ?yes but i'm not familiar with how to do it... someone else will have to speak on this...Also, why does snort provide precompiled shared libs for CentOS-6.x ?someone else will have to speak on this, too...
------------------------------------------------------------------------------ This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Unable to use dynamicrules on CentOS 6.4 x86_64 Jaspal (Jul 05)
- Re: Unable to use dynamicrules on CentOS 6.4 x86_64 waldo kitty (Jul 05)
- Re: Unable to use dynamicrules on CentOS 6.4 x86_64 Jaspal (Jul 05)
- Re: Unable to use dynamicrules on CentOS 6.4 x86_64 Joel Esler (Jul 05)
- Re: Unable to use dynamicrules on CentOS 6.4 x86_64 Jason Ish (Jul 05)
- Re: Unable to use dynamicrules on CentOS 6.4 x86_64 Jaspal (Jul 05)
- Re: Unable to use dynamicrules on CentOS 6.4 x86_64 waldo kitty (Jul 05)
- Re: Unable to use dynamicrules on CentOS 6.4 x86_64 Joel Esler (Jul 05)
- Re: Unable to use dynamicrules on CentOS 6.4 x86_64 Jaspal (Jul 05)
- Re: Unable to use dynamicrules on CentOS 6.4 x86_64 waldo kitty (Jul 05)