[Snort-users] New user question(s)

Harper, Patrick patrick.harper at ...11593...
Wed Sep 22 15:33:02 EDT 2004

That is the init script.  It will tell snort to start with whatever
options you plug into it.  Just a script.

Mine simply tells the system to use eth0, to start snort -c
/etc/snort/snort.conf.  My conf file tells snort (the binary) the
environmental variables, where the rules are, and what to output to.
Hope that helps

-----Original Message-----
From: Chris [mailto:cpollock at ...741...] 
Sent: Wednesday, September 22, 2004 5:17 PM
To: Harper, Patrick; Snort Users
Subject: Re: [Snort-users] New user question(s)

On Wednesday 22 September 2004 01:25 pm, Harper, Patrick wrote:
> When you say snortd are you talking about the init script?
A snortd script was installed in my /etc/rc.d/init.d folder.  When
running ./snortd from the cli as root I get "snortd
start|stop|restart|status, below is a portion of the script that starts

# See how we were called.
case "$1" in
	if [ -x /usr/sbin/snort -a ! -e /var/lock/subsys/snort ]; then
		gprintf "Starting snort: "
        	cd /var/log/snort
		daemon /usr/sbin/snort -u snort -g snort -s -d -D \
			 -i ${INTERFACE} -l /var/log/snort -c
		touch /var/lock/subsys/snort
		gprintf "Snort already running.\n"

I'm going to have to search to see what the -u -g -s -d -D mean.

I'm running Mandrake 9.0 with snort 1.8.7-3mdk.

Registered Linux User 283774 http://counter.li.org 5:07pm up 14 days,
21:47, 1 user, load average: 0.26, 0.10, 0.08
Please forgive me if, in the heat of battle, I sometimes forget which
side I'm on.

This electronic message, including any attachments, is confidential and intended solely for use of the intended recipient(s). This message may contain information that is privileged or otherwise protected from disclosure by applicable law. Any unauthorized disclosure, dissemination, use or reproduction is strictly prohibited. If you have received this message in error, please delete it and notify the sender immediately. 

More information about the Snort-users mailing list