[Snort-users] Running Snort Daemon Problem

Chris Green cmg at ...671...
Wed Jan 30 08:03:25 EST 2002


"Bill" <wkuhn at ...4723...> writes:

> Chris,
> Thanks for replying.... I read your reply and 2 things I don't understand...
>
> You said "There is a missing \ at the end of your '-c' line" and "-v
> shouldn't be used in daemon mode". Well I have the \ at the end of my -c tag
> and I can't find a -v in the code... The only problem I saw with my code is
> that I have an extra space between -c and \. I will try the RPM's you
> mentioned of.

Ok let me explain a bit more.

snort -dev is equivalent to snort -d -e -v

> --------------------------------
>> daemon /usr/local/bin/snort -u snort -dev -D \
>> -i $INTERFACE -l /var/log/snort -u snort -g snort -c
>> /etc/snort/snort.conf -b


This snortd script is a bash shell script that says "run the function
daemon with the arguments

daemon "/usr/local/bin/snort -u snort -dev -D -i $INTERFACE -l /var/log/snort -u snort -g snort -c"

That \ ``escapes'' the newline and makes the shell see that as one big
line.

The next line is

/etc/snort/snort.conf -b

which means  that it's trying to execute the snort.conf file and since
it's not executable, the shell ( not snort ) is saying permission
denied.

Of course, if that line break was an artifact of posting to the list,
that explanation is bogus.

Perhaps you edited snortd with pico and the word wrapping kicked you
in the behind ;-)
-- 
Chris Green <cmg at ...671...>
A watched process never cores.




More information about the Snort-users mailing list