Snort mailing list archives

Re: snort sysconfig runtime options


From: Crusty Saint <saintcrusty () gmail com>
Date: Thu, 6 Jan 2011 14:55:08 +0100

Ehm, fixed for snortl running on centos .... possibly more refined solutions
exist but hey, it works as expected

just add

if [ "$OPTIONS"X = "X" ]; then
        OPTIONS="$OPTIONS"
fi

after the list of VALUES read from . /etc/sysconfig/snort in
/etc/init.d/snortd

then append $OPTIONS to each line starting with  daemon /usr/local/bin/snort
under the start label

don't forget to add field like OPTIONS="--perfmon-file
/var/log/snort/perfmon --snaplen 1518" to the /etc/sysconfig/snort file, if
emtpy options use OPTIONS=""


Have a crusty day


2011/1/6 Crusty Saint <saintcrusty () gmail com>

Running on CentOS el5 / Redhat

/etc/sysconfig/snort should contain runtime parameters as available from
snort --help

Trouble is i did not yet find any documentation related to what variable to
set in /etc/sysconfig/snort so i can add whatever options and/or filter
options should be passed to snort, i do not want to change
/etc/init.d/snortd

Would this require 'customizing' /etc/init.d/snortd ?

Best Regards,

S.C.

------------------------------------------------------------------------------
Learn how Oracle Real Application Clusters (RAC) One Node allows customers
to consolidate database storage, standardize their database environment, and, 
should the need arise, upgrade to a full multi-node Oracle RAC database 
without downtime or disruption
http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread: