Snort mailing list archives
help for snort with mysql
From: Gongya Yu <yu () gongya net>
Date: Sun, 16 Dec 2001 22:21:10 -0800
Any suggestion is really appreciated.
overtheway.gongya.net:/usr/local/snort # bin/snort -t /usr/local/snort
-c /etc/snort.conf -l /log
Log directory = /log
Initializing Network Interface eth0
--== Initializing Snort ==--
Decoding Ethernet on interface eth0
Initializing Preprocessors!
Initializing Plug-ins!
Initializating Output Plugins!
Parsing Rules file /etc/snort.conf
+++++++++++++++++++++++++++++++++++++++++++++++++++
Initializing rule chains...
No arguments to frag2 directive, setting defaults to:
Fragment timeout: 60 seconds
Fragment memory cap: 4194304 bytes
Stream4 config:
Stateful inspection: ACTIVE
Session statistics: INACTIVE
Session timeout: 30 seconds
Session memory cap: 8388608 bytes
State alerts: INACTIVE
Scan alerts: ACTIVE
Log Flushed Streams: INACTIVE
No arguments to stream4_reassemble, setting defaults:
Reassemble client: ACTIVE
Reassemble server: INACTIVE
Reassemble ports: 21 23 25 53 80 143 110 111 513
Reassembly alerts: ACTIVE
Back Orifice detection brute force: DISABLED
Using LOCAL time
database: compiled support for ( mysql )
database: configured to use mysql
database: user = snort
database: password is set
database: database name = snort
database: host = localhost
database: sensor name = 12.230.80.112
database: mysql_error: Can't connect to local MySQL server through
socket '/tmp/mysql.sock' (2)
Fatal Error, Quitting..
overtheway.gongya.net:/usr/local/snort # ls -l /tmp
total 16
drwx------ 2 root root 4096 Dec 15 13:27 kde-root
drwx------ 2 root root 4096 Dec 15 14:52 ksocket-root
drwx------ 3 root root 4096 Dec 15 14:52 mcop-root
srwxrwxrwx 1 mysql mysql 0 Dec 15 18:59 mysql.sock
drwx------ 2 root root 4096 Dec 2 17:30 orbit-root
It happens on Redhat 7.2 and FreeBSD 4.4
The following testing code works:
#include "/usr/local/mysql/include/mysql/mysql.h"
#include <stdio.h>
#include <stdlib.h>
int main()
{
MYSQL * mysql;
mysql = mysql_init(NULL);
if (
mysql_real_connect(mysql,"localhost","snort","pwd","snort",0,NULL,0)==0)
{
fprintf(stderr, "Failed to connect to database: Error: %s\n",
mysql_error(mysql));
}
mysql_close(mysql);
printf ("Connection is successful\n");
return 0;
}
But the same code in spo_database.c does not work.
#ifdef ENABLE_MYSQL
if(!strcasecmp(data->shared->dbtype,MYSQL))
{
mysql_sock = mysql_init(NULL);
data->m_sock = mysql_init(NULL);
if(data->m_sock == NULL)
{
FatalError("database: Connection to database '%s' failed\n",
data->shared->dbname);
}
if(data->port != NULL)
{
x = atoi(data->port);
}
else
{
x = 0;
}
// if(!mysql_real_connect(mysql_sock, data->shared->host,
data->user, data->password, data->shared->dbname, x, NULL, 0) )
if(!mysql_real_connect(mysql_sock, "localhost", "snort",
"pwd","snort", 0, NULL, 0) )
{
if(mysql_errno(mysql_sock))
{
FatalError("database: mysql_error: %s\n",
mysql_error(mysql_sock));
}
FatalError("database: Failed to logon to database '%s'\n",
data->shared->dbname);
}
printf("Connection is successful\n");
exit(0);
}
#endif
Gongya Yu
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- help for snort with mysql Gongya Yu (Dec 16)