[Snort-users] Snort switches to packet Dump Mode

Mayur Patil ram.nath241089 at ...11827...
Wed Jul 17 14:34:56 EDT 2013


Thanks Waldo for reply.

I will go for it and report here.

Thanks for your support and time !!

-- 
*Cheers,
Mayur*.

On Thu, Jul 18, 2013 at 12:00 AM, waldo kitty <wkitty42 at ...14940...>wrote:

> On 7/17/2013 13:29, Mayur Patil wrote:
> > Thanks Waldo for reply.
> >
> > As I have done in new installation, as per knowledge (from pdf ;) )
> >
> > I have not created any link to /etc/init.d/snort
>
> ok...
>
> > *other than /usr/local/bin*. So symbolic link is only at
> >
> > /usr/local/bin which we have discussed earlier.
> >
> > Other not exist as per I setup.
>
> ok... then it should work if centos uses only /etc/init.d files...
>
> > --
> > *Cheers,
> > Mayur*.
> >
> >
> > On Wed, Jul 17, 2013 at 10:46 PM, waldo kitty <wkitty42 at ...14940...
> > <
> https://mail.google.com/mail/u/0/?view=cm&fs=1&tf=1&to=wkitty42@...14940...>>
> wrote:
> >
> >     On 7/17/2013 12:58, Mayur Patil wrote:
> >      > sorry one question remaining
> >      >
> >      > now if I reboot my system does it will go into packet dump mode??
> >
> >     AFAICT, it never has... you were starting a new copy of snort that
> was running
> >     in packet dump mode...
> >
> >     did you have to create any links in /etc/rc.d or similar to point to
> >     /etc/init.d/snort when you set it up? you might want to check to see
> if those
> >     links are still connected and connected to the /etc/init.d/snortd
> script file...
> >     you might even want to remove those links and redo them with the new
> snortd name
> >     instead of the old snort name... i don't have that pdf any more so i
> don't know
> >     if there was something about the links or not...
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20130718/476fa5ac/attachment.html>


More information about the Snort-users mailing list