[Snort-users] Snort switches to packet Dump Mode
wkitty42 at ...14940...
Tue Jul 16 13:04:06 EDT 2013
On 7/16/2013 07:05, Mayur Patil wrote:
> In continuation with previous mail,
> I recompiled Snort and Daq from source.
> (This time I put script of snort from the snort website)
> I got snort compilation successful and snort exit.
> The output I am getting now are
> [root at ...16428... init.d]# ./snort status
> snort (pid 15718) is running...
> [root at ...16428... init.d]# snort status
> *Running in packet dump mode*
*./snort* and *snort* are NOT the same when you are in that directory! ;)
now do yourself a huge favor and rename /etc/init.d/snort to something else so
that you will no longer be confused if you are running snort directly or running
the script to manage snort... if you are going to use the script, use the script
all the time...
perhaps something like
mv /etc/init.d/snort /etc/init.d/snortd
then use /etc/init.d/snortd everywhere and stop using snort plain without the d...
OR rename your snort binary and alter your /etc/init.d/snort script to use the
binary's new name...
NOTE: No off-list assistance is given without prior approval.
Please keep mailing list traffic on the list unless
private contact is specifically requested and granted.
More information about the Snort-users