Re: Windows broken on snort.conf

[Russ <rucombs () cisco com>]

Michael,

Fixing the error message makes it clear that the problem is lzma support.

Did you try to install liblzma?  You can get downloads from 
http://tukaani.org/xz/.

Snort does not bundle optional 3rd party libraries.

Hope that helps.
Russ

On 10/26/16 9:40 PM, Steve Sturges (ststurge) wrote:
> In order of ease:
> 1) Fixing a config file
> 2) Fixing a parsing error message
> 3) Adding support for lzma
>
> All can be done, but each takes different time and effort, with the 
> later requiring a good bit more.
>
> On Oct 26, 2016, at 9:12 PM, Michael Steele <michaels () winsnort com 
> <mailto:michaels () winsnort com>> wrote:
>
> > Not real sure what changing the message will do. Snort fails (croaks) 
> > when it hits the line.
> >
> > Is there no way to get this function into a Windows install?
> >
> > It would be nice to keep as much cross compatibility intact as possible.
> >
> > For now I’m just having everyone hash out the line.
> >
> > Kindest regards,
> >
> > Michael...
> >
> > *From:*Russ [mailto:rucombs () cisco com]
> > *Sent:* Wednesday, October 26, 2016 9:30 AM
> > *To:* Seshaiah Erugu (serugu) <serugu () cisco com 
> > <mailto:serugu () cisco com>>; Michael Steele <michaels () winsnort com 
> > <mailto:michaels () winsnort com>>; snort-devel () lists sourceforge net 
> > <mailto:snort-devel () lists sourceforge net>
> > *Subject:* Re: [Snort-devel] Windows broken on snort.conf
> >
> > We at least should fix the error message.  "Invalid keyword '}' for 
> > server configuration" should be more like "unsupported decompression: 
> > 'lzma'".
> >
> > On 10/26/16 8:54 AM, Seshaiah Erugu (serugu) wrote:
> >
> >     Hi Michale,
> >
> >     Geoffrey Serrao responded to your query. Please find the attachment.
> >
> >     Thanks,
> >
> >     Seshaiah Erugu.
> >
> >     *From:* Michael Steele [mailto:michaels () winsnort com]
> >     *Sent:* Wednesday, October 26, 2016 6:11 PM
> >     *To:* snort-devel () lists sourceforge net
> >     <mailto:snort-devel () lists sourceforge net>
> >     *Subject:* [Snort-devel] Windows broken on snort.conf
> >
> >     I’ve asked about this before and have yet to get any response
> >     from the Development team.
> >
> >     The below line in the snort.conf breaks Windows because there is
> >     a missing library to decompress.
> >
> >     decompress_swf { deflate lzma } \
> >
> >     What do we need to do as Windows users so we don’t lose this
> >     function?
> >
> >     Is there going to be a fix available soon, and are you looking
> >     into it?
> >
> >     Kindest regards,
> >
> >     Michael...
> >
> >
> >
> >
> >     ------------------------------------------------------------------------------
> >
> >     The Command Line: Reinvented for Modern Developers
> >
> >     Did the resurgence of CLI tooling catch you by surprise?
> >
> >     Reconnect with the command line and become more productive.
> >
> >     Learn the new .NET andASP.NET <http://ASP.NET>  CLI. Get your free copy!
> >
> >     http://sdm.link/telerik
> >
> >
> >
> >
> >     _______________________________________________
> >
> >     Snort-devel mailing list
> >
> >     Snort-devel () lists sourceforge net
> >     <mailto:Snort-devel () lists sourceforge net>
> >
> >     https://lists.sourceforge.net/lists/listinfo/snort-devel
> >
> >     Archive:
> >
> >     http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel
> >
> >     Please visithttp://blog.snort.org  for the latest news about Snort!
> >
> > ------------------------------------------------------------------------------
> > The Command Line: Reinvented for Modern Developers
> > Did the resurgence of CLI tooling catch you by surprise?
> > Reconnect with the command line and become more productive.
> > Learn the new .NET and ASP.NET <http://ASP.NET> CLI. Get your free copy!
> > http://sdm.link/telerik
> > _______________________________________________
> > Snort-devel mailing list
> > Snort-devel () lists sourceforge net 
> > <mailto:Snort-devel () lists sourceforge net>
> > https://lists.sourceforge.net/lists/listinfo/snort-devel
> > Archive:
> > http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel
> >
> > Please visit http://blog.snort.org for the latest news about Snort!

------------------------------------------------------------------------------
The Command Line: Reinvented for Modern Developers
Did the resurgence of CLI tooling catch you by surprise?
Reconnect with the command line and become more productive. 
Learn the new .NET and ASP.NET CLI. Get your free copy!
http://sdm.link/telerik

_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!