Snort mailing list archives
Re: i have only 600 rules in my snort3
From: Dorian ROSSE via Snort-devel <snort-devel () lists snort org>
Date: Mon, 28 Feb 2022 18:34:45 +0000
I use the configuration edited from the pdf created by Noah Dietrich for snort3 on Ubuntu 18 & 20,
By the begun I have 600 rules like the system doesn't read rules before I downloaded the rules I have ever 600 rules,
Have you a repairing ?
Thanks you in advance for your help,
Regards.
Dorian Rosse.
________________________________
From: Maya Dagon (mdagon) <mdagon () cisco com>
Sent: Monday, February 28, 2022 4:34:28 PM
To: Dorian ROSSE <dorianbrice () hotmail fr>; Snort-users () lists snort org <snort-users () lists snort org>;
snort-devel () lists snort org <snort-devel () lists snort org>; snort-sigs () lists snort org <snort-sigs () lists
snort org>
Subject: Re: [Snort-devel] i have only 600 rules in my snort3
Hi Dorian,
The path depends on your configuration. Are you including the rules from another file? Is it using relative path?
Thanks,
Maya
From: Snort-devel <snort-devel-bounces () lists snort org> on behalf of Dorian ROSSE via Snort-devel <snort-devel ()
lists snort org>
Reply-To: Dorian ROSSE <dorianbrice () hotmail fr>
Date: Saturday, February 26, 2022 at 6:46 AM
To: "Snort-users () lists snort org" <snort-users () lists snort org>, "snort-devel () lists snort org" <snort-devel ()
lists snort org>, "snort-sigs () lists snort org" <snort-sigs () lists snort org>
Subject: Re: [Snort-devel] i have only 600 rules in my snort3
my rules are located under : '''/usr/local/etc/rules/rules$''' and '''/usr/local/etc/rules/so_rules$''',
should i down up in the root etc like thoses : '''/usr/local/etc/rules''' and '''/usr/local/etc/so_rules''' ?
thank you in advance for your answer lighted,
Regards.
Dorian ROSSE.
________________________________
De : Dorian ROSSE
Envoyé : vendredi 25 février 2022 16:43
À : Snort-users () lists snort org <snort-users () lists snort org>; snort-devel () lists snort org <snort-devel ()
lists snort org>; snort-sigs () lists snort org <snort-sigs () lists snort org>
Objet : i have only 600 rules in my snort3
Hello,
i have this problem :
'''rule counts
total rules loaded: 600
builtin rules: 600
option chains: 600
chain headers: 1'''
ethtool is again broken then i have go more far,
why i have only 600 rules ?
i have succesfully installed pulledpork and downloaded the rules,
thank you in advance to help myself fully configured snort3,
Regards.
Dorian ROSSE.
_______________________________________________ Snort-devel mailing list Snort-devel () lists snort org https://lists.snort.org/mailman/listinfo/snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- i have only 600 rules in my snort3 Dorian ROSSE via Snort-devel (Feb 25)
- Re: i have only 600 rules in my snort3 Dorian ROSSE via Snort-devel (Feb 26)
- <Possible follow-ups>
- Re: i have only 600 rules in my snort3 Maya Dagon (mdagon) via Snort-devel (Feb 28)
- Re: i have only 600 rules in my snort3 Dorian ROSSE via Snort-devel (Feb 28)
- Re: [Snort-users] [Snort-devel] i have only 600 rules in my snort3 Noah Dietrich (Feb 28)
- Re: [Snort-users] [Snort-devel] i have only 600 rules in my snort3 Dorian ROSSE via Snort-sigs (Mar 01)
- Re: [Snort-users] [Snort-devel] i have only 600 rules in my snort3 Noah Dietrich (Mar 02)
- Re: [Snort-users] [Snort-devel] i have only 600 rules in my snort3 Dorian ROSSE via Snort-sigs (Mar 02)
- Re: [Snort-users] [Snort-devel] i have only 600 rules in my snort3 Noah Dietrich (Mar 02)
- Re: [Snort-users] i have only 600 rules in my snort3 Dorian ROSSE via Snort-devel (Mar 02)
- Re: [Snort-users] i have only 600 rules in my snort3 Noah Dietrich (Mar 02)
- Re: [Snort-users] i have only 600 rules in my snort3 Dorian ROSSE via Snort-devel (Mar 02)
- Re: [Snort-users] [Snort-devel] i have only 600 rules in my snort3 Noah Dietrich (Mar 02)
- Re: i have only 600 rules in my snort3 Dorian ROSSE via Snort-devel (Feb 28)