Snort mailing list archives
Re[2]: Can't set logdir in 1.9.0
From: Erek Adams <erek () theadamsfamily net>
Date: Wed, 16 Oct 2002 02:43:31 -0700 (PDT)
Ok, it's late and I'm tired so I might be a bit crazy on this. :) On Wed, 16 Oct 2002, Serge Leschinsky wrote: [...snip...]
Hmmm... I've temporary resolved this trouble in the following way: -l /log \ and I've create /log directory. The error with "log directory 'log' does not exist" disappeared. I can't understand why chroot settings (/var/chroot/snort) aren't applied. Strangely enough that the existents of -s options doesn't exert influence on errors message. So, when logdir trouble disappeared I got new error messageOct 15 15:40:53 builder-host snort: FATAL ERROR: ERROR /etc/rules/bad-traffic.rules (12) => Couldn't resolve hostname HOME_NETThe variable $HOME_NET is defined. 8-((
I think that you're seeing a problem with chroot. Your first (logdir) problem could be caused by it. If that's the true, then your second problem might be due to your /etc/snort.conf inside your chroot jail. That's the only thing that I can think of that would give both errors when you know you're setting it up in the right way. Rebuild snort via './configure --enable-debug'. Then set the environment variable 'SNORT_DEBUG' to one of the values in <snortdir>/src/debug.h. I'd suggest DEBUG_INIT and/or DEBUG_CONFIGRULES. If you use the -D flag, it should create a /tmp/snort.debug file with all sorts of output in there. I'd check the output and see what directories are being opened. That might narrow things down some.
I'm very sorry for troubling community with these stupid questions but I can't start 1.9.0 myself. It may seem strange, I have almost no problem with snort 1.8.x.
;-) Heh. You're not troubling, you're asking. You've actually worked on finding the answer! :) I'm going to guess that something was changed on your setup from 1.8.x to 1.9.0. In my upgrade, I didn't run into any sort of issues. There have been some people who've had issues, but in many of those cases it's been due to config issues. :-/ As I've said before, 'I tend to play the law of averages.' Ok, I've rambled enough. It's time to go to bed. :) And of course if I'm crazy, clueless or just drain brammaged from lack of sleep, I'm sure someone will (I hope!) correct me. G'nite! ----- Erek Adams Nifty-Type-Guy TheAdamsFamily.Net ------------------------------------------------------- This sf.net email is sponsored by: viaVerio will pay you up to $1,000 for every account that you consolidate with us. http://ad.doubleclick.net/clk;4749864;7604308;v? http://www.viaverio.com/consolidator/osdn.cfm _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Can't set logdir in 1.9.0 Serge Leschinsky (Oct 14)
- Re: Can't set logdir in 1.9.0 Chris Green (Oct 14)
- Re[2]: Can't set logdir in 1.9.0 Serge Leschinsky (Oct 16)
- Re[2]: Can't set logdir in 1.9.0 Erek Adams (Oct 16)
- Re[3]: Can't set logdir in 1.9.0 Serge Leschinsky (Oct 17)
- Re: Can't set logdir in 1.9.0 Sten Kalenda home (Oct 18)
- Re[2]: Can't set logdir in 1.9.0 Serge Leschinsky (Oct 16)
- Re: Can't set logdir in 1.9.0 Chris Green (Oct 14)
- Re[2]: Can't set logdir in 1.9.0 Serge Leschinsky (Oct 17)