[Snort-users] Snort changes from 1.6.3 -> pl 2
Ralf.Hildebrandt at ...22...
Tue Sep 26 07:22:33 EDT 2000
Today I updated from 1.6.3 to 1.6.3 pl 2 and noticed a change in the chroot
% snort -t /var/spool/snort -g snort -u snort -d -b -s -c /etc/snort.conf
and /etc/snort.conf lists /var/log/snort/portscan.log as (portscan) logfile.
I think the way logfiles are being opened must have changed, since now I get:
[!] ERROR:Can not get write to logging directory /var/log/snort.
(directory doesn't exist or permissions are set incorrectly)
Shouldn't the (log)file be opened BEFORE going to jail?
ralf.hildebrandt at ...22...
Dipl.-Informatiker innominate AG
system engineer networking people
tel: +49.30.308806-62 fax: -77 http://innominate.de pgp at request
More information about the Snort-users