[Honeywall] Snort 184.108.40.206 Update
mutziMan at gmx.net
Thu Aug 6 12:22:34 EDT 2009
As i mentioned in another posting I was also working on getting snort
2.8 up and running on honeywall. Had some other stuff to do and I hope
this solution is not just working for me.
I hope you are aware that appendepoch and the existing nostamp are
just the same. So instead of patching redundancy into the source code
i suggest simply changing "appendepoch 0" to "nostamp" in snort.conf
Actually it took a while till i figured it out.
Patch appended for the lazy people
2009/8/6 JEFFREY S STEWART <jss1124 at esu.edu>
> Attached is a patch for snort 220.127.116.11 which enables it to work with hflow2. Download snort 18.104.22.168 source, cd to the directory snort_root_directory/src/output-plugins. From there run:
> patch -p0 < spo_unified.c.patch
> Then build and install snort as normal. You will also need a new snort.conf; I've attached mine. The only part of snort.conf that different from the default is the alerting/logging. Your snort.conf may be different depending on your configuration.
> I've managed to get this to work for me, but it might not for you. Let me know if you have any problems.
> Snort Download:
> Honeywall mailing list
> Honeywall at public.honeynet.org
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 417 bytes
Desc: not available
Url : http://public.honeynet.org/pipermail/honeywall/attachments/20090806/b6a466cf/snort.conf.obj
More information about the Honeywall