I get a segmentation fault now :(... Do I need to load some
additional files to process the signature rules converted from
Snort?
Yes, per the comment in policy/sigs/ex.web-rules.sig, you need to also
load snort.bro and signatures.bro (as well as mt.bro).
When I do this, it works for me; but I don't get a core dump if I leave
them off, either.
In general, when reporting Bro bugs it really helps if you can include a
tcpdump trace (perhaps generated using bro -w) that reproduces the problem.
Vern