Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Solaris 10 service not running, stuck in maintenance.

From: "Lamont, Brian A." <Brian.Lamont () gd-ms com>
Date: Fri, 31 Jul 2015 21:51:30 +0000
Many of our Solaris 10 systems have dual NICs configured with LACP.   I have specified the interface name of bge0 in 
snort.sh from one of our Solaris 10 workstation as well as, removing from snort.sh and putting in snort.conf as var 
HOME_NET bge0, but the service continues to remain in "maintenance" regardless of any enable, disable or clear of the 
service.     The script seems to start without the -daq -pcap parameters (below.



Please help if you have configured snort for Solaris 10 thank you.





Output of svcs -xv

==================

svc:/site/snort:default (snort Intrusion Detection)

State: maintenance since Fri Jul 24 09:31:00 2015

Reason: Completes a dependency cycle.

   See: http://sun.com/msg/SMF-8000-HP

Impact: This service is not running.








From /var/adm/messages file.


=============================

FATAL ERROR: Failed to lookup interface: no suitable device found. Please specify one with -i switch



Transitioning svc:/site/snort:default to maintenance because it completes a dependency cycle



Snort -V
=========
<payson-root># ./snort -V

   ,,_     -*> Snort! <*-
  o"  )~   Version 2.9.4.5 GRE (Build 71)
   ''''    By Martin Roesch & The Snort Team: http://www.snort.org/snort/snort-team
           Copyright (C) 1998-2013 Sourcefire, Inc., et al.
           Using libpcap version 1.7.3
           Using PCRE version: 8.37 2015-04-28
           Using ZLIB version: 1.2.3




From solaris service manifest:   ./svc/method/snort.sh

-------------------------------------------------------------------
<payson-root># cat snort.sh
#!/bin/sh
case $1 in
'start')
        
LD_LIBRARY_PATH=/opt/snort/lib:/opt/snort/lib/snort_dynamicpreprocessor:/opt/snort/lib/snort_dynamicengine:/opt/snort/mysql/lib:/opt/snort/ssl/lib;
        export LD_LIBRARY_PATH;
        /opt/snort/bin/snort -D -u snort -g snort -c /etc/snort/snort.conf --daq pcap;
#      /opt/snort/bin/snort -D -u snort -g snort -c /etc/snort/snort.conf ;
;;
'stop')
kill -1 `ps -ef | grep snort | grep -v grep | awk '{print $2}'`
;;
*)
echo "Usage: $0 start|stop" >&2
exit 1
;;
esac
exit 0




Brian Lamont

Unix Systems Admin
GENERAL DYNAMICS - Mission Systems
Desk:  480 586-9986
Cell:  480 209-8751
----------------------------
This message and/or attachments may include information subject to GD Corporate Policies 07-103 and 07-105 and is 
intended to be accessed only by authorized recipients.  Use, storage and transmission are governed by General Dynamics 
and its policies. Contractual restrictions apply to third parties.  Recipients should refer to the policies or contract 
to determine proper handling.  Unauthorized review, use, disclosure or distribution is prohibited.  If you are not an 
intended recipient, please contact the sender and destroy all copies of the original message.


------------------------------------------------------------------------------

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: