Snort mailing list archives
Re: ERROR: ../rules/blacklist.rules(22) Unknown ClassType: trojan-activity
From: waldo kitty <wkitty42 () windstream net>
Date: Fri, 11 Apr 2014 15:23:57 -0400
On 4/11/2014 3:15 PM, waldo kitty wrote:
On 4/11/2014 2:16 PM, Rameez Qureshi wrote:That clears things up, I have went to the blacklist rule I'm not sure as to why is throwing up that error and when commenting out one rule and going onto the next gives me the same errorummm... the blacklist file should not have /any/ rules it in... the blacklist and whitelist files contain only IP numbers...
*CLARIFICATION:* those used for the reputation processor! not the regular rules file...
now, i suspect that you are running into a defect that was discussed some months ago... that defect being that the black_list.rules and blacklist.rules files names are too similar and they confuse folks...
[...]
this appears to indicate that the naming conflict i speak of above is NOT what is biting you... it does, instead, point to your classification.conf file not being in the proper place...
these two paragraphs conflict... sorry for not catching it before sending...
so, with all of that said, have you placed your classification.conf and reference.conf files in /etc/ with your snort.conf file?
you've clarified that these are not in the same directory as your snort.conf...
are they all three in /etc/ or somewhere else?
--
NOTE: No off-list assistance is given without prior approval.
Please keep mailing list traffic on the list unless
private contact is specifically requested and granted.
------------------------------------------------------------------------------
Put Bad Developers to Shame
Dominate Development with Jenkins Continuous Integration
Continuously Automate Build, Test & Deployment
Start a new project now. Try Jenkins in the cloud.
http://p.sf.net/sfu/13600_Cloudbees
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- ERROR: ../rules/blacklist.rules(22) Unknown ClassType: trojan-activity Rameez Qureshi (Apr 11)
- Re: ERROR: ../rules/blacklist.rules(22) Unknown ClassType: trojan-activity Nicholas Mavis (nmavis) (Apr 11)
- Re: ERROR: ../rules/blacklist.rules(22) Unknown ClassType: trojan-activity Rameez Qureshi (Apr 11)
- Re: ERROR: ../rules/blacklist.rules(22) Unknown ClassType: trojan-activity Joel Esler (jesler) (Apr 11)
- Re: ERROR: ../rules/blacklist.rules(22) Unknown ClassType: trojan-activity Rameez Qureshi (Apr 11)
- Re: ERROR: ../rules/blacklist.rules(22) Unknown ClassType: trojan-activity waldo kitty (Apr 11)
- Re: ERROR: ../rules/blacklist.rules(22) Unknown ClassType: trojan-activity waldo kitty (Apr 11)
- Re: ERROR: ../rules/blacklist.rules(22) Unknown ClassType: trojan-activity Rameez Qureshi (Apr 11)
- Re: ERROR: ../rules/blacklist.rules(22) Unknown ClassType: trojan-activity waldo kitty (Apr 11)
- Re: ERROR: ../rules/blacklist.rules(22) Unknown ClassType: trojan-activity waldo kitty (Apr 11)
- Re: ERROR: ../rules/blacklist.rules(22) Unknown ClassType: trojan-activity Rameez Qureshi (Apr 11)
- Re: ERROR: ../rules/blacklist.rules(22) Unknown ClassType: trojan-activity Nicholas Mavis (nmavis) (Apr 11)
- Re: ERROR: ../rules/blacklist.rules(22) Unknown ClassType: trojan-activity Rameez Qureshi (Apr 11)
- Re: ERROR: ../rules/blacklist.rules(22) Unknown ClassType: trojan-activity waldo kitty (Apr 11)
- Re: ERROR: ../rules/blacklist.rules(22) Unknown ClassType: trojan-activity Rameez Qureshi (Apr 11)
- Re: ERROR: ../rules/blacklist.rules(22) Unknown ClassType: trojan-activity waldo kitty (Apr 11)