[Snort-users] snort on freebsd
mail at ...3442...
Sat Sep 15 13:40:02 EDT 2001
I just installed snort on freebsd and it looks like it doesnt look at config
file at all.
When i start snort I get this:
root at ...3443...$ snort -a -d -i ed0 -I -l /var/log/snort/ -v -A full
Log directory = /var/log/snort/
--== Initializing Snort ==--
Checking PID path...
PATH_VARRUN is set to /var/run/ on this operating system
Initializing Network Interface ed0
Decoding Ethernet on interface ed0
--== Initialization Complete ==--
-*> Snort! <*-
Version 1.8.1-RELEASE (Build 74)
and it starts to log stuff, but doesnt react to any kind of scan or atack.
my snort.conf is in usual for freebsd place - /usr/local/etc/snort.conf
I have this enabled :
output alert_unified: /var/log/snort/snort.alert
output log_unified: /var/log/snort/snort.log
and I have bunch of these: include /usr/local/share/snort/scan.rules in the
Does snort look for config file somewhere else? or did i miss something ?
More information about the Snort-users