• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Snort fails to start on rule initialization

Scheduled Pinned Locked Moved pfSense Packages
2 Posts 2 Posters 1.6k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • I
    IlBasile
    last edited by May 11, 2008, 8:18 PM

    Not sure if anyone else had this problem with starting snort.

    ERROR: /usr/local/etc/snort/rules/ddos.rules(25) => Invalid port: [31335,35555]
    Fatal Error, Quitting..

    Note that I havn't really gone into much detail yet on the cause of the problem (being related to the rule or snort itself).

    In any case, it starts fine if I disable this rule.  Just wanted to put this out there.

    I've also disabled the automatic rule updates for the time being.

    1.2-RELEASE
    built on Sun Feb 24 17:04:58 EST 2008

    Snort v2.7.0.1_4

    1 Reply Last reply Reply Quote 0
    • J
      JustinHoMi
      last edited by May 12, 2008, 2:01 AM May 12, 2008, 1:59 AM

      I had the same problem, and I've just been running without those rules. I'm guessing that this rule is responsible:

      223 udp $EXTERNAL_NET any $HOME_NET [31335,35555] DDOS Trin00 Daemon to Master PONG message detected

      Edit: I disabled that rule, and it starts up fine. I guess the syntax on the port specification is incorrect.

      1 Reply Last reply Reply Quote 0
      2 out of 2
      • First post
        2/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received