Re: [Snort-users] webmin module
This is a discussion on Re: [Snort-users] webmin module within the Snort forums, part of the System Security and Security Related category; --===============1362213224== Content-Type: multipart/alternative; boundary=Apple-Mail-17--278220420 --Apple-Mail-17--278220420 Content-Transfer-Encoding: 7bit Content-Type: ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
08-30-2007
|
|||
|
|||
Re: [Snort-users] webmin module
--===============1362213224== Content-Type: multipart/alternative; boundary=Apple-Mail-17--278220420 --Apple-Mail-17--278220420 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed I suggest not using Webmin. That might work better for you in the long run. Joel On Aug 30, 2007, at 9:46 AM, john wrote: > On Thursday 30 August 2007 14:33, you wrote: >> What does webmin define as your RULE_PATH? >> >> You have a conf setting missing somewhere. >> >> J > > var RULE_PATH /etc/snort/rules > > but the module is not even substituting the value into the path, > just seems to > add itself to it. > No matter what it is - it actually looks for the > path "/etc/snort/rules/$RULE_PATH/somerule" > > john > > ---------------------------------------------------------------------- > --- > This SF.net email is sponsored by: Splunk Inc. > Still grepping through log files to find problems? Stop. > Now Search log events and configuration files using AJAX and a > browser. > Download your FREE copy of Splunk now >> http://get.splunk.com/ > _______________________________________________ > Snort-users mailing list > Snort-users@lists.sourceforge.net > Go to this URL to change user options or unsubscribe: > https://lists.sourceforge.net/lists/...fo/snort-users > Snort-users list archive: > http://www.geocrawler.com/redir-sf.p...st=snort-users > -- joel esler http://demo.sourcefire.com/jesler.pgp.key --Apple-Mail-17--278220420 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=ISO-8859-1 <HTML><BODY style=3D"word-wrap: break-word; -khtml-nbsp-mode: space; = -khtml-line-break: after-white-space; ">I suggest not using Webmin.=A0 = That might work better for you in the long run.<DIV><BR = class=3D"khtml-block-placeholder"></DIV><DIV>Joel</DIV><DIV><BR><DIV><DIV>= On Aug 30, 2007, at 9:46 AM, john wrote:</DIV><BR = class=3D"Apple-interchange-newline"><BLOCKQUOTE type=3D"cite"><DIV = style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; = margin-left: 0px; ">On Thursday 30 August 2007 14:33, you wrote:</DIV> = <BLOCKQUOTE type=3D"cite"><DIV style=3D"margin-top: 0px; margin-right: = 0px; margin-bottom: 0px; margin-left: 0px; ">What does webmin define as = your RULE_PATH?</DIV><DIV style=3D"margin-top: 0px; margin-right: 0px; = margin-bottom: 0px; margin-left: 0px; min-height: 14px; "><BR></DIV><DIV = style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; = margin-left: 0px; ">You have a conf setting missing somewhere.</DIV><DIV = style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; = margin-left: 0px; min-height: 14px; "><BR></DIV><DIV style=3D"margin-top: = 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">J</DIV> = </BLOCKQUOTE><DIV style=3D"margin-top: 0px; margin-right: 0px; = margin-bottom: 0px; margin-left: 0px; min-height: 14px; "><BR></DIV><DIV = style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; = margin-left: 0px; ">var RULE_PATH /etc/snort/rules</DIV><DIV = style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; = margin-left: 0px; min-height: 14px; "><BR></DIV><DIV style=3D"margin-top: = 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">but the = module is not even substituting the value into the path, just seems = to<SPAN class=3D"Apple-converted-space">=A0</SPAN></DIV><DIV = style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; = margin-left: 0px; ">add itself to it.</DIV><DIV style=3D"margin-top: = 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">No = matter what it is - it actually looks for the<SPAN = class=3D"Apple-converted-space">=A0</SPAN></DIV><DIV style=3D"margin-top: = 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; = ">path<SPAN class=3D"Apple-converted-space">=A0 = </SPAN>"/etc/snort/rules/$RULE_PATH/somerule"<SPAN = class=3D"Apple-converted-space">=A0</SPAN></DIV><DIV style=3D"margin-top: = 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; = min-height: 14px; "><BR></DIV><DIV style=3D"margin-top: 0px; = margin-right: 0px; margin-bottom: 0px; margin-left: 0px; = ">john</DIV><DIV style=3D"margin-top: 0px; margin-right: 0px; = margin-bottom: 0px; margin-left: 0px; min-height: 14px; "><BR></DIV><DIV = style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; = margin-left: 0px; = ">------------------------------------------------------------------------= -</DIV><DIV style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: = 0px; margin-left: 0px; ">This SF.net email is sponsored by: Splunk = Inc.</DIV><DIV style=3D"margin-top: 0px; margin-right: 0px; = margin-bottom: 0px; margin-left: 0px; ">Still grepping through log files = to find problems?<SPAN class=3D"Apple-converted-space">=A0 = </SPAN>Stop.</DIV><DIV style=3D"margin-top: 0px; margin-right: 0px; = margin-bottom: 0px; margin-left: 0px; ">Now Search log events and = configuration files using AJAX and a browser.</DIV><DIV = style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; = margin-left: 0px; ">Download your FREE copy of Splunk now >><SPAN = class=3D"Apple-converted-space">=A0 </SPAN><A = href=3D"http://get.splunk.com">http://get.splunk.com</A>/</DIV><DIV = style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; = margin-left: 0px; = ">____________________________________________ ___</DIV><DIV = style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; = margin-left: 0px; ">Snort-users mailing list</DIV><DIV = style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; = margin-left: 0px; "><A = href=3D"mailto:Snort-users@lists.sourceforge.net">Snort-users@lists.source= forge.net</A></DIV><DIV style=3D"margin-top: 0px; margin-right: 0px; = margin-bottom: 0px; margin-left: 0px; ">Go to this URL to change user = options or unsubscribe:</DIV><DIV style=3D"margin-top: 0px; = margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><A = href=3D"https://lists.sourceforge.net/lists/listinfo/snort-users">https://= lists.sourceforge.net/lists/listinfo/snort-users</A></DIV><DIV = style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; = margin-left: 0px; ">Snort-users list archive:</DIV><DIV = style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; = margin-left: 0px; "><A = href=3D"http://www.geocrawler.com/redir-sf.php3?list=3Dsnort-users">http:/= /www.geocrawler.com/redir-sf.php3?list=3Dsnort-users</A></DIV><DIV = style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; = margin-left: 0px; min-height: 14px; "><BR></DIV> = </BLOCKQUOTE></DIV><BR><DIV> <SPAN class=3D"Apple-style-span" = style=3D"border-collapse: separate; border-spacing: 0px 0px; color: = rgb(0, 0, 0); font-family: Lucida Sans; font-size: 12px; font-style: = normal; font-variant: normal; font-weight: normal; letter-spacing: = normal; line-height: normal; text-align: auto; = -khtml-text-decorations-in-effect: none; text-indent: 0px; = -apple-text-size-adjust: auto; text-transform: none; orphans: 2; = white-space: normal; widows: 2; word-spacing: 0px; "><SPAN = class=3D"Apple-style-span" style=3D"border-collapse: separate; = border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Lucida Sans; = font-size: 12px; font-style: normal; font-variant: normal; font-weight: = normal; letter-spacing: normal; line-height: normal; text-align: auto; = -khtml-text-decorations-in-effect: none; text-indent: 0px; = -apple-text-size-adjust: auto; text-transform: none; orphans: 2; = white-space: normal; widows: 2; word-spacing: 0px; "><BR = class=3D"Apple-interchange-newline"><DIV style=3D"font-family: Lucida = Sans; ; font-size: 11px; "><BR = class=3D"khtml-block-placeholder"></DIV><DIV style=3D"font-family: = Lucida Sans; ; font-size: 11px; "><SPAN class=3D"Apple-style-span" = style=3D"font-size: 11px; "><SPAN class=3D"Apple-style-span" = style=3D"font-size: 11px; ">--</SPAN></SPAN></DIV><DIV = style=3D"font-family: Lucida Sans; ; font-size: 11px; "><SPAN = class=3D"Apple-style-span" style=3D"font-size: 11px; "><SPAN = class=3D"Apple-style-span" style=3D"font-size: 11px; ">joel = esler</SPAN></SPAN></DIV><DIV style=3D"font-family: Lucida Sans; ; = font-size: 11px; "><SPAN class=3D"Apple-style-span" style=3D"font-size: = 11px; "><SPAN class=3D"Apple-style-span" style=3D"font-size: 11px; "><A = href=3D"http://demo.sourcefire.com/jesler.pgp.key">http://demo.sourcefire.= com/jesler.pgp.key</A></SPAN></SPAN></DIV><DIV style=3D"font-family: = Lucida Sans; ; font-size: 11px; "><BR = class=3D"khtml-block-placeholder"></DIV><BR = class=3D"Apple-interchange-newline"></SPAN></SPAN> = </DIV><BR></DIV></BODY></HTML>= --Apple-Mail-17--278220420-- --===============1362213224== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ --===============1362213224== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users --===============1362213224==-- 
|
Linear Mode
