Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort can't determine the hostname correctly when lauch by a script

From: IDS snort <ids.snort () caramail com>
Date: Mon, 26 May 2003 13:43:28 +0100
Hello,

When snort is launch by the following script (RH7.3) it can not determine the
sensor hostname correctly :
In the sensor table, I get a new entry with hostname field set to unknown:eth1
Snort should have kept the old entry which is snort1.domain.tld:eth1

What I do not understand is when in a bash console I ran the 2 following
commands, it works fine.
# . /etc/init.d/functions
# daemon snort -o -i eht1 -u snort -g snort -c /chroot/snort/etc/snort/snort.conf -
l /chroot/snort/var/log/snort -t /chroot/snort -D

I am geting lost. Why snort can't get the hostname when it is lauch by the script ?



The script is :

 /etc/init.d/functions
 /etc/sysconfig/network

prog="snort"
SNORT_HOME=/chroot/snort
SNORT_CONFIG=$SNORT_HOME/etc/snort/snort.conf
SNORT_LOG=$SNORT_HOME/var/log/snort
SNORT_IFACE=eth1
SNORT_UID=snort
SNORT_GID=snort

OPTIONS="-o -i $SNORT_IFACE -u $SNORT_UID -g $SNORT_GID -c
$SNORT_CONFIG -l $SNORT_LOG -t $SNORT_HOME -D"

RETVAL=0

start () {
        echo -n $"Starting $prog: "
        daemon /chroot/snort/sbin/snort $OPTIONS
        RETVAL=$?
        echo
        [ $RETVAL -eq 0 ] && touch /var/lock/subsys/snort
}


______________________________________________________
Plus simple, plus fiable, plus rapide : Découvrez le nouveau Caramail - http://www.caramail.com
Previous By Date Next
Previous By Thread Next

Current thread: