[Snort-devel] bug report snort-1.7: snort dies under RH7
dave w capella
dave.capella at ...365...
Mon Apr 2 14:32:26 EDT 2001
First, I'd like to you for a well-designed, helpful application.
I've encountered a problem: snort dies after a few hours w/no
indication in the logs. It seems to work fine up until then. Funny,
it does not exhibit this behavior on another RedHat 7.0 box sitting
right next to it. Neither does it die when run (w/otherwise exactly
the same command line) in the foreground in an xterm.
The only /var/log/messages generated are at program launch.
This is on:
Linux 2.2.16-22enterprise #1 SMP Tue Aug 22 16:29:32 EDT 2000 i686
Both installed from rpm d/l'd from www.snort.org: snort-1.7-1.i386.rpm
FWIW, after install, I did: chmod -R snort.snort /var/log/snort
Both run from the /etc/init.d/snortd script (tho' have been renamed
from snortd to snort):
daemon /usr/sbin/snort -u snort -g snort -s -d -D \
-i $INTERFACE -l /var/log/snort -c /etc/snort/snort.conf
var HOME_NET xxx.xxx.xxx.0/24
var EXTERNAL_NET any
var DNS_SERVERS [xxx.xxx.xxx.x/32,xxx.xxx.xx.xxx/32]
preprocessor http_decode: 80 8080
preprocessor portscan: $HOME_NET 4 3 /var/log/snort/portscan.log
preprocessor portscan-ignorehosts: $DNS_SERVERS $HOME_NET
dave w capella | http://capella.ithaca.ny.us/
Systems Administrator | mailto:dave.capella at ...365...
Department of Biometrics | http://www.biom.cornell.edu/
Cornell University | (607) 255-9847
PGP Key | http://capella.ithaca.ny.us/pgpkey.txt
It's kind of fun to do the impossible.- Disney
More information about the Snort-devel