[Snort-users] running snort

Balla István balla.bmf at ...11827...
Tue Apr 30 15:43:35 EDT 2013


I set snort to rc.local and I see it s running as daemon. (first screenshot)

however I have to issue the command in terminal to start the service:
./snort -Q -i eth2:eth1 -c /usr/local/snort/etc/snort.conf -s
after that it works. (second screenshot)

can I dump alert or any event taken place to this terminal window or it s
impossible while snort running?

please point to the appropriate chapter in snort manual (long one) where
Decoding Ethernet is explained (and how to modify)

**one more thing: is "-h anyiphere" necessary in the line command once I
set ipvar HOME_NET variable in snort.conf?

Thanks in advance
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20130430/79b58df1/attachment.html>

More information about the Snort-users mailing list