Snort Package Fails on 2.2-ALPHA-Snapshot

  • I tried a preliminary test of the Snort package on a 64-bit 2.2-ALPHA-Snapshot virtual machine over the weekend.  The Snort package installs, but then fails to run.  There are two problems I uncovered while investigating the failed start:

    1. The table in the packet filter appears to be missing (or at least the Spoink plugin complains on Snort startup and says it is missing).  This is a fatal error when "block offenders" is enabled.

    [EDIT: after some more checking, the <snort2c>table is in, but Snort doesn't see it.  Wonder if the new tracker feature is the problem?]

    2. The installation path for all the Snort configuration files is different with the 2.2 PBI install as compared to the 2.1 PBI install.  The new path where Snort gets installed is /usr/pbi/snort-amd64/local/etc/snort while on the 2.1 installs the path is slightly different and is /usr/pbi/snort-amd64/etc/snort.  Since Snort and some other packages need to reference configuration files directly, they need to know the physical path.  Currently Snort tests for a PBI versus a non-PBI install and adjusts accordingly, but now it appears that with 2.2 there will be a different PBI path than with 2.1.


Log in to reply