Re: Snort 2.6.1 Beta 2 Question (snort_dynamicrule/)

["Justin Heath" <justin.heath () gmail com>]

Sorry ... s/create an example rule/create a dynamic rule/

On 10/30/06, Justin Heath <justin.heath () gmail com> wrote:
> It looks like you are trying to load an example dynamic rule. This is
> purely an example for those who want to create an example rule it is not
> meant to be loaded.
>
> On 10/30/06, Eric Hines <eric.hines () appliedwatch com> wrote:
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > All,
> >
> > Has anyone here moved from Snort 2.6.0.x to Snort 2.6.1 yet? By default,
> > the following dynamic directories are created in /usr/local/lib:
> >
> > /usr/local/lib/snort_dynamicengine
> > /usr/local/lib/snort_dynamicpreprocessor
> >
> > However, when enabling all of the options in the new DNS Preprocessor it
> > causes Snort to fail with the error:
> >
> > Rule application order:
> > - ->activation->dynamic->pass->drop->sdrop->reject->alert->log
> > Log directory =
> > /usr/local/appliedwatch/agent/data/agent.RyupiI/var/snort/log
> > Loading dynamic engine
> > /usr/local/lib/snort_dynamicengine/libsf_engine.so... done
> > Loading all dynamic detection libs from
> > /usr/local/lib/snort_dynamicrule/...
> > Warning: Directory /usr/local/lib/snort_dynamicrule/ does not exist!
> >   Finished Loading all dynamic detection libs from
> > /usr/local/lib/snort_dynamicrule/
> > Loading dynamic detection library
> > /usr/local/lib/snort_dynamicrule/libdynamicexamplerule.so... ERROR:
> > Failed to load
> > /usr/local/lib/snort_dynamicrule/libdynamicexamplerule.so:
> > /usr/local/lib/snort_dynamicrule/libdynamicexamplerule.so: cannot open
> > shared object file: No such file or directory
> > Fatal Error, Quitting..
> >
> >
> >
> > The odd thing is that the /usr/local/lib/snort_dynamicrule directory is
> > not created during the Snort installation. Fine if the directory must be
> > created manually, but where do I get the libdynamicexamplerule.so file
> > from?
> >
> >
> >
> >
> > - --
> >
> > Best Regards,
> >
> > Eric Hines, GCIA, CISSP
> > CEO, President
> > Applied Watch Technologies, LLC
> > 1095 Pingree Road
> > Suite 221
> > Crystal Lake, IL 60014
> > Toll Free: (877) 262-7593
> > Fax: (847) 854-5106
> > Cell: (847) 456-6785
> > Web: www.appliedwatch.com
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.5 (Darwin)
> > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> >
> > iD8DBQFFRhJX1va6QYTV0EMRAgOVAJ91yoieimGHYu9funN5xbUfKMEmnACfW7zV
> > IAUKwieY7O+SFvumgLETqbY=
> > =QjFj
> > -----END PGP SIGNATURE-----
> >
> > -------------------------------------------------------------------------
> >
> > Using Tomcat but need to do more? Need to support web services,
> > security?
> > Get stuff done quickly with pre-integrated technology to make your job
> > easier
> > Download IBM WebSphere Application Server v.1.0.1 based on Apache
> > Geronimo
> > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
> > _______________________________________________
> > Snort-users mailing list
> > Snort-users () lists sourceforge net
> > Go to this URL to change user options or unsubscribe:
> > https://lists.sourceforge.net/lists/listinfo/snort-users
> > Snort-users list archive:
> > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> >
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users