Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Windows decompression of SWF and PDF errors

From: Geoffrey Serrao <gserrao () sourcefire com>
Date: Fri, 21 Oct 2016 04:40:17 -0400
If you're using the 2983 conf like I am line 326 is:

decompress_pdf { deflate }

The error message can happen if liblzma (xz tools) is not installed on the
system before running ./configure.

The stock conf includes enabled decompression so that error is generated if
snort was compiled without lzma support - so snort can't continue.


On Thu, Oct 20, 2016 at 11:51 PM, Michael Steele <michaels () winsnort com>
wrote:


Testing new installations of the snort.conf file using the –T switch on
Windows. There seems to be a problem with line 325 & 326.



It appears these two lines were recently added, and they break Windows.



What is needed to make Windows compatible again?



---------------------------------------------

      Gzip Compress Depth: 65535

      Gzip Decompress Depth: 65535

ERROR: d:\winids\snort\etc\snort.conf(326) => Invalid keyword '}' for
server configuration.

Fatal Error, Quitting..

---------------------------------------------



Line 324:  webroot no \

Line 325: decompress_swf { deflate lzma } \

Line 326: decompress_pdf { deflate }







Best regards,

Michael...



------------------------------------------------------------
------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: