Snort 3 Config File Question (2)

[Jim Campbell <jim () w4bqp net>]

I can run Snort 3 from a command-line on my login using the following:

sudo /opt/snort/bin/snort --daq afpacket -Q -c 
/opt/snort/etc/snort/snort.lua -R /opt/snort/etc/snort/snort3.rules -i 
enp1s0:enp4s0 -A unified2

I created a systemD startup script as per the instructions at:

http://sublimerobots.com/2017/01/snort-2-9-9-x-ubuntu-systemd-scripts/

My systemD script for Snort is as follows:

[Unit]
Description=Snort NIPS Daemon
After=syslog.target network.target

[Service]
Type=simple
ExecStart=/opt/snort/bin/snort --daq afpacket -Q -c 
/opt/snort/etc/snort/snort.lua -R /opt/snort/etc/snort/snort3.rules -i 
enp1s0:enp4s0 -A unified2

[Install]
WantedBy=multi-user.target

Note: I'm using a similar script for Barnyard2 and it works with no problem.

When I (re)start snort with the command "sudo systemctl restart snort" I 
get the following error:

Jul 19 13:25:31 jim-IPS snort[8373]: FATAL: can't init 
/opt/snort/etc/snort/snort.lua: error loading module 'snort_config' from 
file '/usr/lib/x86_64-linux-gnu/lua/5.1/snort_config.so':

I have snort_config in /opt/snort/etc/snort.
There is a snort_config.lua in /opt/snort/include/snort/lua.

From printenv:
  - SNORT_LUA_PATH=/opt/snort/etc/snort/
  - LUA_PATH=/opt/snort/include/snort/lua/?.lua;;

In my environment Snort is getting the correct environment variables. In 
the systemD environment it isn't.

QUESTION: How do I pass the correct environment variables to systemD.

Thank you,

Jim

--
"We are not human beings having a spiritual experience;
we are spiritual beings having a human experience."
---Pierre Teilhard de Chardin

_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!