RE: snort 1.8

[John Johnson <john () cyberbytesbbs com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


[root@linux /root]# snort -c /etc/snort/snort.conf -l /var/log/snort -i eth0
Log directory = /var/log/snort

         --== Initializing Snort ==--
Checking PID path...
PATH_VARRUN is set to /var/run/ on this operating system

Initializing Network Interface eth0
Decoding Ethernet on interface eth0
Initializing Preprocessors!
Initializing Plug-ins!
Initializating Output Plugins!
Parsing Rules file /etc/snort/snort.conf

+++++++++++++++++++++++++++++++++++++++++++++++++++
Initializing rule chains...
Using LOCAL time
Segmentation fault (core dumped)


At 09:25 PM 7/11/2001 -0400, you wrote:

> John,
>
> The best thing to do when debugging this type of problem is to first try
> running it in the foreground.
> Start simple and leave out the -D and see what you get as in:
>
> /usr/sbin/snort -c /etc/snort.conf -l /var/log/snort -i eth0
>
> then add the rest of your arguments as in:
>
> /usr/sbin/snort -c /etc/snort.conf -l /var/log/snort -i eth0 -s -g snort -u
> snort -d
>
> and make sure that works. Then run it in the background.
>
> Regards,
> -bill
>
> -----Original Message-----
> From: snort-users-admin () lists sourceforge net
> [mailto:snort-users-admin () lists sourceforge net]On Behalf Of John
> Johnson
> Sent: Wednesday, July 11, 2001 7:12 PM
> To: snort-users () lists sourceforge net
> Subject: [Snort-users] snort 1.8
>
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>   ok, I am just having a heck of a time with snort 1.8
>   I start snort and it dies with no error....this is all I get
> in my logs. I am using MAndrake 8.0 with Kernel 2.4.3
> I am starting snort like this.
>
> /usr/sbin/snort -u snort -g snort -s -d -D  -i eth0 -l /var/log/snort -c
> /etc/snort/snort.conf
>
> user snort and group snort own all logging directorys. I am getting this
> ready to upgrade snort at work but I can't do that til I can make it work
> and I am lost as to what the problem is.
>
>
> Jul 10 21:17:38 linux snort: Checking PID path...
> Jul 10 21:17:38 linux snort: PATH_VARRUN is set to /var/run/ on this
> operating system
> Jul 10 21:17:38 linux snort: Initializing daemon mode
> Jul 10 21:17:38 linux kernel: device eth0 entered promiscuous mode
> Jul 10 21:17:38 linux snortd: snort startup succeeded
> Jul 10 21:17:38 linux kernel: device eth0 left promiscuous mode
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 7.0.1
>
> iQA/AwUBO0zdTwfP+qzR55XlEQIQHACfZgz/UfDXgsoRWw7efvZuMuY/QygAoOTU
> V3YL7EUDspP0hC0pIlKxF6Hl
> =67Xt
> -----END PGP SIGNATURE-----
>
>
>
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> http://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.1

iQA/AwUBO00mkAfP+qzR55XlEQISegCbBEO4X1JCONSWssMwxHY49jv3eI4AoPbY
quGuM+lb6VB+EPgKCn6pAAD4
=q+TS
-----END PGP SIGNATURE-----



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users