Menu
▾
▴
Re: [Snort-inline-users] FATAL ERROR: /etc/snort_inline/snort_inline.conf(9) => NULL rule type!
|
From: Ravi <ra...@ro...> - 2004-03-25 06:26:23
|
Wismin, How is your snort_inline built - from snort_inline or patched snort? To run snort_inline you must use option -Q -Ravi Wismin Effendi wrote: >Hello Everybody, > I hope somebody could help me with the following >problem with snort_inline startup. > >after I convert the rules using snortconfig-1.9 >(from honeynet.org), I start the snort_inline >... last lines from snort_inline.sh .. > >$SNORT -D -d -c /etc/snort_inline/snort_inline.conf -Q >-i eth0 -l $DIR/$DATE -t $DIR/$DATE > >then I check the snort_inline process is not running. >I've verified the rule files location in >/etc/snort_inline/snort_inline.conf (where I copied >the rules result from snortconfig-1.9). >I've also make sure the variable $HOME_NET is declared >in snort_inline.conf (original file has $HONEYNET, I >added also the $HOME_NET with the same value) > >from /var/log/messages, I found: >Mar 25 00:52:51 gateway-1 snort_inline: Initializing >daemon mode >Mar 25 00:52:51 gateway-1 snort_inline: PID path stat >checked out ok, PID path set to /var/run/ >Mar 25 00:52:51 gateway-1 snort_inline: Writing PID >"2348" to file "/var/run//snort_inline.pid" >Mar 25 00:52:51 gateway-1 snort_inline: FATAL ERROR: >/etc/snort_inline/snort_inline.conf(9) => NULL rule >type! > >thank you very much in advance. > >best regards, > >wismin > >__________________________________ >Do you Yahoo!? >Yahoo! Finance Tax Center - File online. File on time. >http://taxes.yahoo.com/filing.html > > >------------------------------------------------------- >This SF.Net email is sponsored by: IBM Linux Tutorials >Free Linux tutorial presented by Daniel Robbins, President and CEO of >GenToo technologies. Learn everything from fundamentals to system >administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click >_______________________________________________ >Snort-inline-users mailing list >Sno...@li... >https://lists.sourceforge.net/lists/listinfo/snort-inline-users > > > |
