[Snort-users] Barnyard2 + snort

snort at ...13080... snort at ...13080...
Thu Mar 25 08:58:00 EDT 2010


Do you specify -d and -f on the command line (if running continuous mode) or -o (if running batch mode)?

-----Original Message-----
From:  Fábio Ferrão <ferrao04 at ...11827...>
Date:  Thu Mar 25, 2010 8:46

Dears,
A question: Im configuring the barnyard2 + snort_inline and Im having some problems.
  

My log file of barnyard aplication:


*****BEGIN******
Mar 24 17:50:19 maritaca barnyard2[26271]: Parsing rules files /usr/local/etc/barnyard2.conf
Mar 24 17:50:19 maritaca barnyard2[26271]: Found reference-map config directive (../snort/reference.config)
  Mar 24 17:50:19 maritaca barnyard2[26271]: Found class-map config directive (../snort/classification.config)
Mar 24 17:50:19 maritaca barnyard2[26271]: Found gen-msg-map config directive (../snort/gen-msg.map)
  Mar 24 17:50:19 maritaca barnyard2[26271]: Found sid-msg-map config directive (../snort/sid-msg.map)
Mar 24 17:50:19 maritaca barnyard2[26271]: Found hostname config directive (maritaca)
Mar 24 17:50:19 maritaca barnyard2[26271]: Found interface config directive (bge0)
  Mar 24 17:50:19 maritaca barnyard2[26271]: Generating maps
Mar 24 17:50:19 maritaca barnyard2[26271]: Initializing daemon mode
Mar 24 17:50:19 maritaca barnyard2[26272]: PID path stat checked out ok, PID path set to /var/run/
  Mar 24 17:50:19 maritaca barnyard2[26272]: Writing PID "26272" to file "/var/run//barnyard2_bge0.pid"
Mar 24 17:50:19 maritaca barnyard2[26272]: Daemon initialized, signaled parent pid: 26271
  Mar 24 17:50:19 maritaca barnyard2[26271]: Daemon parent exiting
Mar 24 17:50:19 maritaca barnyard2[26272]: Barnyard2 initialization completed successfully (pid=26272)
Mar 24 17:50:19 maritaca barnyard2[26272]: ERROR: Unable to open directory  (No such file or directory)
  Mar 24 17:50:19 maritaca barnyard2[26272]: ERROR: Unable to find the next spool file!
Mar 24 17:50:19 maritaca barnyard2[26272]: Leaving due to signal ffffffff.
Mar 24 17:50:19 maritaca barnyard2[26272]: Barnyard2 exiting
  
*****END******


I did understand these errors.
The snort initialize with success, but barnyard2 not.


Can somebody help me?


Thanks.
  
-- 
Fábio Ferrão

"E conhecereis a verdade e a verdade vos libertará".    João 8.32
"And you will know the truth and the truth you will free".    John 8.32
  





More information about the Snort-users mailing list