Snort mailing list archives
Solaris 10 service not running, stuck in maintenance.
From: "Lamont, Brian A." <Brian.Lamont () gd-ms com>
Date: Fri, 31 Jul 2015 21:51:30 +0000
Many of our Solaris 10 systems have dual NICs configured with LACP. I have specified the interface name of bge0 in snort.sh from one of our Solaris 10 workstation as well as, removing from snort.sh and putting in snort.conf as var HOME_NET bge0, but the service continues to remain in "maintenance" regardless of any enable, disable or clear of the service. The script seems to start without the -daq -pcap parameters (below. Please help if you have configured snort for Solaris 10 thank you. Output of svcs -xv ================== svc:/site/snort:default (snort Intrusion Detection) State: maintenance since Fri Jul 24 09:31:00 2015 Reason: Completes a dependency cycle. See: http://sun.com/msg/SMF-8000-HP Impact: This service is not running.
From /var/adm/messages file.
============================= FATAL ERROR: Failed to lookup interface: no suitable device found. Please specify one with -i switch Transitioning svc:/site/snort:default to maintenance because it completes a dependency cycle Snort -V ========= <payson-root># ./snort -V ,,_ -*> Snort! <*- o" )~ Version 2.9.4.5 GRE (Build 71) '''' By Martin Roesch & The Snort Team: http://www.snort.org/snort/snort-team Copyright (C) 1998-2013 Sourcefire, Inc., et al. Using libpcap version 1.7.3 Using PCRE version: 8.37 2015-04-28 Using ZLIB version: 1.2.3
From solaris service manifest: ./svc/method/snort.sh
------------------------------------------------------------------- <payson-root># cat snort.sh #!/bin/sh case $1 in 'start') LD_LIBRARY_PATH=/opt/snort/lib:/opt/snort/lib/snort_dynamicpreprocessor:/opt/snort/lib/snort_dynamicengine:/opt/snort/mysql/lib:/opt/snort/ssl/lib; export LD_LIBRARY_PATH; /opt/snort/bin/snort -D -u snort -g snort -c /etc/snort/snort.conf --daq pcap; # /opt/snort/bin/snort -D -u snort -g snort -c /etc/snort/snort.conf ; ;; 'stop') kill -1 `ps -ef | grep snort | grep -v grep | awk '{print $2}'` ;; *) echo "Usage: $0 start|stop" >&2 exit 1 ;; esac exit 0 Brian Lamont Unix Systems Admin GENERAL DYNAMICS - Mission Systems Desk: 480 586-9986 Cell: 480 209-8751 ---------------------------- This message and/or attachments may include information subject to GD Corporate Policies 07-103 and 07-105 and is intended to be accessed only by authorized recipients. Use, storage and transmission are governed by General Dynamics and its policies. Contractual restrictions apply to third parties. Recipients should refer to the policies or contract to determine proper handling. Unauthorized review, use, disclosure or distribution is prohibited. If you are not an intended recipient, please contact the sender and destroy all copies of the original message.
------------------------------------------------------------------------------
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Solaris 10 service not running, stuck in maintenance. Lamont, Brian A. (Jul 31)