Snort mailing list archives
Re: Ubuntu 8 /etc/rc.local issue
From: Ams <ams.sec () gmail com>
Date: Fri, 7 Aug 2009 16:01:05 -0500
I should be able to run 2 instances of Snort (one for each interface) and Barnyard in Daemon mode? Is that correct? Thanks for your time. On Fri, Aug 7, 2009 at 3:31 PM, Michael Boman <michael.boman () gmail com>wrote:
Run snort in daemon mode, your system is still waiting for the snort process to complete. Best regards Michael Boman On Fri, Aug 7, 2009 at 22:10, Ams <ams.sec () gmail com> wrote:Hi Guys, I am trying to run snort at boot time automatically. Using Ubuntu 8- Snort, barnyard compiled from source, 3 interfaces in total- 2 interfaces for NIDS and 1 for management. I edited the /etc/rc.local file and added the following lines: *Contents of /etc/rc.local* ------------------------------------------------------------------ ifconfig eth0 up promisc /usr/local/bin/snort -c /etc/snort.conf -i eth0 sudo /usr/local/bin/barnyard2 -c /etc/snort/barn2.conf -G /etc/snort/gen-msg.map -S /etc/snort/sid-msg.map -d /var/log/snort -f snort.log -w /var/log/snort/barnyard.waldo ifconfig eth1 up promisc /usr/local/bin/snort -c /etc/snort.conf -i eth1 sudo /usr/local/bin/barnyard2 -c /etc/snort/barnyard2.conf -G /etc/snort/gen-msg.map -S /etc/snort/sid-msg.map -d /var/log/snort -f snort.log -w /var/log/snort/barnyard.waldo ------------------------------------------------------------------------ When I do ps -aux|grep snort on startup, all I see running is /usr/local/bin/snort -c /etc/snort.conf -i eth0. Why didn't the remaining commands execute? Will appreciate your input. Thanks a bunch. Ams ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users<https://lists.sourceforge.net/lists/listinfo/snort-users%0ASnort-users>list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users-- http://michaelboman.org - Security Blog & Wiki
-- Amit Bakhshi Associate of (ISC)2 in CISSP, GPEN, GCIH, GWAS, GSEC, GISF, SSP-GHD, MCP, SCJA
------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Ubuntu 8 /etc/rc.local issue Ams (Aug 07)
- Re: Ubuntu 8 /etc/rc.local issue Michael Boman (Aug 07)
- Re: Ubuntu 8 /etc/rc.local issue Ams (Aug 07)
- Re: Ubuntu 8 /etc/rc.local issue Tommie Giles (Aug 07)
- Re: Ubuntu 8 /etc/rc.local issue Ams (Aug 07)
- Re: Ubuntu 8 /etc/rc.local issue Ams (Aug 07)
- Re: Ubuntu 8 /etc/rc.local issue Michael Boman (Aug 07)