Snort mailing list archives
[snort-users] Snort dying
From: ftnx () ksbase com (Kari Suomela)
Date: Sat, 18 Aug 2001 00:03:41 -0500
I have now tried different versions, the latest *RELEASE*, too, and they all start fine, and run and log to 'alert' for a while, but then logging stops. Snort is up, but even a restart doesn't reactivate logging. The systems are RH 7.0 with the latest updates. Here is my /etc/rc.d/init.d/snortd: #!/bin/sh # # snortd Start/Stop the snort IDS daemon. # # chkconfig: 2345 40 60 # description: snort is a lightweight network intrusion detection tool that # currently detects more than 1100 host and network # vulnerabilities, portscans, backdoors, and more. # # June 10, 2000 -- Dave Wreski <dave () linuxsecurity com> # - initial version # # July 08, 2000 Dave Wreski <dave () guardiandigital com> # - added snort user/group # - support for 1.6.2 # Source function library. . /etc/rc.d/init.d/functions # Specify your network interface here INTERFACE=eth0 # See how we were called. case "$1" in start) echo -n "Starting snort: " daemon /usr/bin/snort -u snort -g snort -d -D \ -i $INTERFACE -l /var/log/snort -c /etc/snort/snort.conf touch /var/lock/subsys/snort echo ;; stop) echo -n "Stopping snort: " killproc snort rm -f /var/lock/subsys/snort echo ;; restart) $0 stop $0 start ;; status) status snort ;; *) echo "Usage: $0 {start|stop|restart|status}" exit 1 esac exit 0 KS KARICO Business Services Toronto, ON Canada http://www.karico.ca _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- [snort-users] Snort dying Kari Suomela (Aug 17)