Re: [Snort-users] [Q] Bleedingsnort rules

--=-z+pE9j6Q/N5uuwBk/eso
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Wed, 2004-12-08 at 12:55, Stef wrote:
> I did - and it did not work, but even logically speaking,the error is
> such that it points to the right file - again:
>=20
> ERROR: <my-path-to-rules>/bleeding-sid-msg.map(1) =3D> Unknown rule type:=
2000003

That error only comes up if you try to include the file. As mentioned
previously, don't do that. The sid-msg.map file is not included in the
snort.conf so the bleeding-sid-msg.map is not either. Instead append the
contents of file bleeding-sid-msg.map to sid-msg.map.

grep through your snort.conf and make sure you don't include any
sid-msg.

Regards,
Frank


--=-z+pE9j6Q/N5uuwBk/eso
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (FreeBSD)

iD8DBQBBt07MJjGc5ftAw8wRAqHUAJ9fMj5OI9a7lZHVN0NOCK UTjGzpCwCg0ciF
hB4SZwl51YuO8wW6FiHoa4E=
=rebM
-----END PGP SIGNATURE-----

--=-z+pE9j6Q/N5uuwBk/eso--



-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://productguide.itmanagersjournal.com/
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/...fo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.p...st=snort-users