Snort mailing list archives
Re: Snort PID
From: Paul Schmehl <pauls () utdallas edu>
Date: Mon, 29 Nov 2004 10:15:16 -0600
--On Sunday, November 28, 2004 12:59:46 PM +0100 Jose Maria Lopez <jkerouac () bgsec com> wrote:
I think it depends on the distribution you are using, because the file is created by the starting script that loads snort. In my Redhat 9 the script /etc/rc.d/init.d/snortd creates a file /var/run/snort_any.pid with the pid of the snort process.
I'm pretty sure it's snort that creates the PID. The OS just decides where to put it (usually in /var/run on *nixes). However, *you* can control the PID's name using the -R switch. The PID name is constructed thus:
snort_{your interface}.pid (e.g. snort_eth0.pid)
If you start snort with -R inside, the PID name will be:
snort_eth0inside.pid ("Inside" is appended to the interface ID.)
Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://productguide.itmanagersjournal.com/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort PID McKeeman, Samuel (Nov 24)
- Re: Snort PID Jose Maria Lopez (Nov 28)
- Re: Snort PID Paul Schmehl (Nov 29)
- Re: Snort PID Jose Maria Lopez (Dec 10)
- Re: Snort PID Paul Schmehl (Nov 29)
- <Possible follow-ups>
- RE: Snort PID Lance Boon (Nov 24)
- RE: Snort PID Shackleford, David M. (Nov 24)
- SPF DNS Record Frank Reid (Nov 27)
- Re: Snort PID Jose Maria Lopez (Nov 28)