Hi user8446
can you please check these snort and snort7 config files to see is i have made any mistake because i release the new fw_upgrade update with the new snort package ( did not inclue snort8.conf)
my concerns i have is with snort 7 /8 in router mode with the trogen list enabled should it be
config detection: search-method ac-split search-optimize max-pattern-len 18 no_stream_inserts
or
config detection: search-method ac-nq split-any-any search-optimize max-pattern-len 18 no_stream_inserts
I have included both files if you could look over and let me know if all is correct or your suggestions
also which lines need to be commented out for each conf file
include $PREPROC_RULE_PATH/preprocessor.rules
include $PREPROC_RULE_PATH/decoder.rules
include $PREPROC_RULE_PATH/sensitive-data.rules
snort7.confsnort_bridge.confThe new snort version seem to work ok but on installing it deletes file
/use/lib/daq/daq_nfq.so because it's obsolete
yet without it snort does not work i copied the file back and all working fine again, do you know of a way to configure snort to work without the file, as i believe that snort now has ngq built in and does not use the library file?
Thanks
Roadrunnere42