Project

General

Profile

Actions
Copy link

Bug #1663

closed

Rule paths issue - Windows

Added by James Sevie over 8 years ago. Updated about 7 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
-
Affected Versions:
Effort:
Difficulty:
Label:

Description

Hello,

I've installed the most recent version on a Windows Server 2012 deployment. The installation gave out a couple of path errors which was due to double backslashes. However, I'm now receiving more path errors for rules, I can see the issue is double backslashing but I have no idea how or where to address this issue. I've checked the yaml file as well as all configuration files but there's nothing about rule paths.

Can anyone help out with this?

OUTPUT;
C:\Program Files (x86)\Suricata>suricata c suricata.yaml -s signatures.rules -i
eth0
cygwin warning:
MS-DOS style path detected: C:\Program Files (x86)\Suricata\log
Preferred POSIX equivalent is: /Suricata/log
CYGWIN environment variable option "nodosfilewarning" turns off this warning.
Consult the user's guide for more details about POSIX paths:
http://cygwin.com/cygwin-ug-net/using.html#using-pathnames
7/1/2016 - 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\botcc.rule: No such file or
directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\ciarmy.rule: No such file or
directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\compromised.rule: No such fi
le or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\drop.rule: No such file or d
irectory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\dshield.rule: No such file o
r directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-activex.rule: No su
ch file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-attack_response.rul
e: No such file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-chat.rule: No such
file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-current_events.rule
: No such file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-dns.rule: No such f
ile or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-dos.rule: No such f
ile or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-exploit.rule: No su
ch file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-ftp.rule: No such f
ile or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-games.rule: No such
file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-icmp_info.rule: No
such file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-icmp.rule: No such
file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-imap.rule: No such
file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-inappropriate.rule:
No such file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-malware.rule: No su
ch file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-misc.rule: No such
file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-mobile_malware.rule
: No such file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-netbios.rule: No su
ch file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-p2p.rule: No such f
ile or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-policy.rule: No suc
h file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-pop3.rule: No such
file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-rpc.rule: No such f
ile or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-scada.rule: No such
file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-scan.rule: No such
file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-shellcode.rule: No
such file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-smtp.rule: No such
file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-snmp.rule: No such
file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-sql.rule: No such f
ile or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-telnet.rule: No suc
h file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-tftp.rule: No such
file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-trojan.rule: No suc
h file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-user_agents.rule: N
o such file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-voip.rule: No such
file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-web_client.rule: No
such file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-web_server.rule: No
such file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-web_specific_apps.r
ule: No such file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\emerging-worm.rule: No such
file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\rbn-malvertisers.rule: No su
ch file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\rbn.rule: No such file or di
rectory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\tor.rule: No such file or di
rectory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\decoder-events.rule: No such
file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\stream-events.rule: No such
file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\http-events.rule: No such fi
le or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\smtp-events.rule: No such fi
le or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file C:\Program Files (x86)\Suricata\rules\\dns-events.rule: No such fil
e or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_OPENING_RULE_FILE(41)] - openi
ng rule file signatures.rules: No such file or directory.
7/1/2016 -- 15:04:15 - <Error> - [ERRCODE: SC_ERR_NO_RULES_LOADED(43)] - 50 rule
files specified, but no rule was loaded at all!
7/1/2016 -- 15:04:16 - <Error> - [ERRCODE: SC_ERR_PCAP_ACTIVATE_HANDLE(27)] - Co
uldn't activate the pcap handler, error Error opening adapter: The system cannot
find the device specified. (20)
7/1/2016 -- 15:04:16 - <Error> - [ERRCODE: SC_ERR_THREAD_INIT(49)] - thread "RxP
capeth01" closed on initialization.
7/1/2016 -- 15:04:16 - <Error> - [ERRCODE: SC_ERR_INITIALIZATION(45)] - Engine i
nitialization failed, aborting...

C:\Program Files (x86)\Suricata>

Actions
Copy link

Also available in: Atom PDF