Does anyone have Snort running with MySQL? I installed it and started the daemon a few days back, but I’m not getting any results. For whatever reason, the default rules files were not in the package. I downloaded them from the Snort CVS, and mainly left them as-is.
I’ve not done it on suse and have only ever played once but what I found was the binary hadn’t been compiled with the option. I’m unsure on the compile options but I suspect this is the problem you need to download the src.rpm and tweak if this is the case.(Though you may need to do this anyway to see the compile options)
As for the rules yes that is correct afaik you can not redistrubute the rules.