Fw: webmin - snort (fwing again)

["Rahul" <shadhanker () gmx net>]

Hello all,

As there is no reply, i'm sending again. Plz help me to success with webmin
module.

----- Original Message ----- 
From: "Rahul" <shadhanker () gmx net>
To: "Erek Adams" <erek () snort org>
Cc: "SnortUsers" <snort-users () lists sourceforge net>
Sent: Saturday, August 16, 2003 11:01 AM
Subject: [Snort-users] webmin - snort (fwing again)


Hello all,

Thanks for the resposne.
Now i've got snort working. Now i want to use webmin for snort.

So i downlaod snort-1.1.wbm and integrated.

When i try to browse,i'm getting
Rule file cannot be found
(/home/sadha/snort/$RULE_PATH/attack-responses.rules)
so i edited index.cgi(of webmin) as follows,(i.e to replace RULE_PATH var
with 'rules' - dir name)

($rule) =~ s/\$RULE_PATH/rules/g;

It works fine.

1) Is this right?

Then another pbl,

in webmin page,

Rulesets
 = Enabled   = Disabled
      Rule Set Status Action   Rule Set Status Action   Rule Set Status
Action
      rules/attack-responses  Disable    rules/misc  Disable    rules/smtp
Disable
      rules/backdoor  Disable    rules/multimedia  Enable    rules/snmp
Disable
      rules/bad-traffic  Disable    rules/mysql  Disable    rules/sql
Disable
      rules/chat  Enable    rules/netbios  Disable    rules/telnet  Disable
      rules/ddos  Disable    rules/nntp  Disable    rules/tftp  Disable
      rules/dns  Disable    rules/oracle  Disable    rules/virus  Enable
      rules/dos  Disable    rules/other-ids  Disable    rules/web-attacks
Enable
      rules/experimental  Disable    rules/p2p  Enable    rules/web-cgi
Disable
      rules/exploit  Disable    rules/policy  Enable    rules/web-client
Disable
      rules/finger  Disable    rules/pop2  Disable    rules/web-coldfusion
Disable
      rules/ftp  Disable    rules/pop3  Disable    rules/web-frontpage
Disable
      rules/icmp  Disable    rules/porn  Enable    rules/web-iis  Disable
      rules/icmp-info  Enable    rules/rpc  Disable    rules/web-misc
Disable
      rules/imap  Disable    rules/rservices  Disable    rules/web-php
Disable
      rules/info  Enable    rules/scan  Disable    rules/x11  Disable
      rules/local  Disable    rules/shellcode  Enable


2) i'm able to access thro Rule Set (i.e for example clicking on
rules/attack-responses will take thro to page rightly).
But, Action is not possible(Hope Action column is link, for example when i
click Action "Disable of rules/atatck-responses" , it gives

"The page cannot be found" ---------it passes the url as "http:<pathto
snort>/rule_status.cgi?rule=rules/attack-responses"

Actually what is that action column from above snip. Plz help me to succeed
with this.


Thanks and Regards,
-sadha


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.483 / Virus Database: 279 - Release Date: 5/19/2003


---

Some files have not been scanned

Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.483 / Virus Database: 279 - Release Date: 5/19/2003