[Snort-users] [ Snort-users]

Deyoung, Richard E. - Raleigh, NC RDeyoung at ...8118...
Thu Jan 30 12:58:03 EST 2003


G'day all.

I've been experimenting with migrating all of the command line options
into the particular snort configuration file I'm using at run-time and
have found that even if I start snort with the "-c" switch, and have
specified my logging directory as "/var/log/foo", snort will not pick up
my config directive but will continue to try and log to
"/var/log/snort".
NOTE:
The other vars, preprocessor, and output plug-ins are being read
successfully from my main config file; it's only the "config" directives
that it's failing to pick up.

[Particulars]
OSver: 		Redhat v7.3
Snortver:		1.9.0, Build 209
Other configs:	All var, preprocessor, and output plug-ins, as well as 
			Config directives have been implemented in a
single file

[Specific configs as they exist in the main config file with all of the
other "stuff"]

config decode_data_link
config daemon
config show_year
config interface: eth1
config logdir: /var/log/foo
config utc
config dump_payload_verbose

[Questions]
1. Will snort v1.9.0 support a single, main configuration file?
2. If not, which portions of the default config file that comes with the
source, can be excluded from the main config file and included in an
alternate file (which could be referenced by the "include"
directive....)


Thanks all,
Richard DeYoung
Email:   RDeYoung at ...8118...
_______________________________________________________________________
|Notice: This e-mail message, including any attachments, is 
|for the sole use of the intended recipients and may contain sensitive 
|and privileged information. Any unauthorized review, use, disclosure 
|or distribution is prohibited. If you are not the intended recipient, 
|please contact the sender by reply e-mail and destroy all copies of 
|the original message.
|_______________________________________________________________________






More information about the Snort-users mailing list