Re: [Snort-users] FATAL ERROR in bad-traffic.rules
This is a discussion on Re: [Snort-users] FATAL ERROR in bad-traffic.rules within the Snort forums, part of the System Security and Security Related category; That was an error check I added in 2.1.3, it basically tells you if you forget to add ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
06-28-2004
|
|||
|
|||
Re: [Snort-users] FATAL ERROR in bad-traffic.rules
That was an error check I added in 2.1.3, it basically tells you if you
forget to add the trailing ']' on an IP list. These are typically defined as variables, check your snort.conf. -Marty On Jun 26, 2004, at 2:05 PM, Mark E. Donaldson wrote: > > > -----Original Message----- > From: snort-users-admin@lists.sourceforge.net > [mailto:snort-users-admin@lists.sourceforge.net] On Behalf Of Xantius > Sent: Saturday, June 26, 2004 7:58 AM > To: snort-users@lists.sourceforge.net > Subject: [Snort-users] FATAL ERROR in bad-traffic.rules > > After hours of trying to get snort installed and working, I feel like > I'm > getting close. But when I start up snort, it dies with the following > message. > > FATAL ERROR: /etc/snort/rules/bad-traffic.rules(12) => Unterminated IP > List > > These rules are stock right out of the box. No idea what the problem > is... > Anyone? > > --Xantius > > Let me guess. You're trying to install Snort 2.1.3? That's my guess > because > I have run into the same difficulty. Been using snort all the way back > since > day one and have never had any trouble to speak of that I couldn't > solve. So > far no luck on this one. So, I went back to 2.1.2 until I have more > time to > figure it out. Whatever the problem, it seems unique to 2.1.3. > > > > > ------------------------------------------------------- > This SF.Net email sponsored by Black Hat Briefings & Training. > Attend Black Hat Briefings & Training, Las Vegas July 24-29 - > digital self defense, top technical experts, no vendor pitches, > unmatched networking opportunities. Visit www.blackhat.com > _______________________________________________ > Snort-users mailing list > Snort-users@lists.sourceforge.net > Go to this URL to change user options or unsubscribe: > https://lists.sourceforge.net/lists/...fo/snort-users > Snort-users list archive: > http://www.geocrawler.com/redir-sf.p...st=snort-users > > -- Martin Roesch - Founder/CTO, Sourcefire Inc. - (410)290-1616 Sourcefire: Intelligent Security Monitoring roesch@sourcefire.com - http://www.sourcefire.com Snort: Open Source Network IDS - http://www.snort.org ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
