Error Unable To Open Rules File /etc/snort/snort.conf Permission Denied
Contents |
here for a quick overview of the site Help Center Detailed answers to error snort.conf(0) unable to open rules file snort.conf no such file or directory any questions you might have Meta Discuss the workings and policies
Error /etc/snort//etc/snort/rules/app-detect.rules(0) Unable To Open Rules File
of this site About Us Learn more about Stack Overflow the company Business Learn more snort local.rules missing about hiring developers or posting ads with us Super User Questions Tags Users Badges Unanswered Ask Question _ Super User is a question and answer site
App-detect.rules Download
for computer enthusiasts and power users. Join them; it only takes a minute: Sign up Here's how it works: Anybody can ask a question Anybody can answer The best answers are voted up and rise to the top OSX: Snort: ERROR: /etc/snort/../rules/local.rules(0) Unable to open rules file “/etc/snort/../rules/local.rules”: No such file or directory snort rules download up vote -2 down vote favorite 1 I'm trying to setup and run Snort IDS on mac using this kinda tutorial: https://discussions.apple.com/thread/3370709?start=0&tstart=0 OSX Yosemite (10.10.2); PostgreSQL 9.4.1 (installed with Homebrew) Snort: stable 2.9.7.0 (installed with Homebrew) When I finally try to star it like this: $ sudo /usr/local/bin/snort -d -e -i en0 -c /etc/snort/snort.conf Getting this: Password: Running in IDS mode --== Initializing Snort ==-- Initializing Output Plugins! Initializing Preprocessors! Initializing Plug-ins! Parsing Rules file "/etc/snort/snort.conf" ... ERROR: /etc/snort/../rules/local.rules(0) Unable to open rules file "/etc/snort/../rules/local.rules": No such file or directory. Fatal Error, Quitting.. The rule is actually on place at /etc/snort/rules/local.rules RULE_PATH is set in /etc/snort/snort.conf to /etc/snort/rules So: $ echo $RULE_PATH /etc/snort/rules trying this: $ grep RULE_PATH /etc/snort/snort.conf var RULE_PATH ../rules var SO_RULE_PATH ../so_rules var PREPROC_RULE_PATH ../preproc_rules ... Well after changing var RULE_PATH ../rules var SO_RULE_PATH ../so_rules var PREPROC_RULE_PATH ../preproc_rules to var RULE_PATH /etc/snort/rules var SO_RULE_PATH /etc/snort/so_rules var PREPROC_RULE_PATH /etc/snort/preproc_rules Getting: $ sudo /
Packet crafters More Site News Advertising About/Contact Sponsors: Snort mailing list archives By Date
No Preprocessors Configured For Policy 0.
By Thread Re: FATAL ERROR: /etc/snort/snort.conf(0) Unable to
What Are Snort Rules
open rules file "/etc/snort/snort.conf": Permission denied.#012 From: Jeremy Hoel
instructions: Windows Mac Red Hat Linux Ubuntu Click URL instructions: Right-click on ad, choose "Copy Link", then paste here → (This may not be possible with some https://sourceforge.net/p/snort/mailman/message/32257835/ types of ads) More information about our ad policies X You seem http://marc.info/?l=snort-users&m=139823939802428&w=2 to have CSS turned off. Please don't fill out this field. You seem to have CSS turned off. Please don't fill out this field. Briefly describe the problem (required): Upload screenshot of ad (required): Select a file, or drag & drop file here. ✔ ✘ Please provide the ad unable to click URL, if possible: Home Browse Snort Mailing Lists Snort Brought to you by: andrewbaker, joelesler, roesch Summary Files Reviews Support Wiki Mailing Lists snort-devel snort-openappid snort-sigs snort-users Re: [Snort-users] FATAL ERROR: /etc/snort/snort.conf(0) Unable to open rules file "/etc/snort/snort.conf": Permission denied.#012 Re: [Snort-users] FATAL ERROR: /etc/snort/snort.conf(0) Unable to open rules file "/etc/snort/snort.conf": Permission denied.#012 From: Jeremy Hoel
com> Date: 2014-04-23 7:46:37 Message-ID: 53576FDD.4000901 () grabinski ! com [Download message RAW] [Attachment #2 (multipart/alternative)] Thank you. You got it right. [root@cafe7 selinux]# getenforce Enforcing [root@cafe7 selinux]# cd [root@cafe7 ~]# [root@cafe7 ~]# [root@cafe7 ~]# [root@cafe7 ~]# [root@cafe7 ~]# [root@cafe7 ~]# chcon -R system_u:object_r:snort_etc_t:s0 /etc/snort [root@cafe7 ~]# chcon -R system_u:object_r:lib_t:s0 /etc/snort/so_rules/precompiled/RHEL-6-0/ [root@cafe7 ~]# After this commands all works fine, no fatal error. I will include checking for selinux enforsing in my installation script. On 4/23/2014 3:01 AM, Teo En Ming wrote: > Did you turn off selinux? > > echo 0 > /selinux/enforce > > Teo En Ming > > > On Wed, Apr 23, 2014 at 1:42 PM, Bogdan Grabinski >