Snort mailing list archives
Re: Reload rules with out restarting snort completly
From: Frank Knobbe <frank () knobbe us>
Date: Sat, 03 Sep 2005 01:02:30 -0500
On Fri, 2005-09-02 at 19:24 +0800, Michael Boman wrote:
On 9/2/05, Pablo Nebrera <pablonebrera () eneotecnologia com> wrote:How do I reaload the snort rules with out restarting snort completly??? Is that possible??No, it's not possible at the moment and perhaps never will..
Heya Michael, perhaps he meant a reload with having to stop/kill Snort and start it up again. The answer to that is Yes, you can cause Snort to reload the rules and config without having to restart it. You do that by sending Snort the HUP signal. "killall -HUP snort" will cause Snort to reload config and rules, but the process never stops, so if you run it with daemontools or some other scripts, it will not continue with the script. But I thought you knew that ;) Cheers, Frank -- Ciscogate: Shame on Cisco. Double-Shame on ISS.
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Reload rules with out restarting snort completly Pablo Nebrera (Sep 02)
- Re: Reload rules with out restarting snort completly Michael Boman (Sep 02)
- Re: Reload rules with out restarting snort completly Frank Knobbe (Sep 02)
- Re: Reload rules with out restarting snort completly Andreas Östling (Sep 02)
- Re: Reload rules with out restarting snort completly Frank Knobbe (Sep 02)
- Re: Reload rules with out restarting snort completly Joel Esler (Sep 03)
- Re: Reload rules with out restarting snort completly Frank Knobbe (Sep 02)
- Re: Reload rules with out restarting snort completly Michael Boman (Sep 02)