ERROR: lib/snort-2931/etc/snort.conf(0)

[rapidblow]

I have built two different systems a debian 7 and an ubuntu 12.04 and I get the EXACT same error at both places in finishing this, maybe I missed something - twice ?

Bob@packetpig:~/Documents/packetpig$ sudo snort -c lib/snort-2931/etc/snort.conf -A fast -y -l out -r data/web.pcap
Running in IDS mode

    --== Initializing Snort ==--

Initializing Output Plugins!
Initializing Preprocessors!
Initializing Plug-ins!
Parsing Rules file "lib/snort-2931/etc/snort.conf"
ERROR: lib/snort-2931/etc/snort.conf(0) Unable to open rules file "lib/snort-2931/etc/snort.conf": No such file or directory.

Fatal Error, Quitting..

[cloudjunky]

Hi.

We removed the Snort signatures about a week ago as we had some VRT signatures in there that aren't meant to be distributed. You can go to http://www.snort.org/snort-rules/? and download the snortrules-snapshot-2931.tar.gz and untar/gz it in the lib directory.

I will add this to the Install.md. Sorry for the confusion.

[rapidblow]

I downloaded the latest rule set and placed it under ~documents, and still
get the same error message. Do you have the old GIT version that includes
the rules I can try ?

On Sun, May 12, 2013 at 5:42 PM, Michael Baker notifications@github.comwrote:

Hi.

We removed the Snort signatures about a week ago as we had some VRT
signatures in there that aren't meant to be distributed. You can go to
http://www.snort.org/snort-rules/? and download the
snortrules-snapshot-2931.tar.gz and untar/gz it in the lib directory.

I will add this to the Install.md. Sorry for the confusion.

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/9#issuecomment-17786752
.

[cloudjunky]

Check Install.md and how to install Snort and then link it to Packetpig's lib/snort directory. Make sure the pig files you run have lib/snort/snort.conf as the snort config file. I am upgrading all the documentation as I type but hopefully this gets you going.