[Snort-users] Snort refuses to start/run on Ubuntu 13.04

Tony Robinson deusexmachina667 at ...11827...
Fri Jun 14 19:50:53 EDT 2013


Hello,

Wondering if any of you experienced a problem starting up snort on Ubuntu
13.04?

I get snort 2.9.4.6 to install and compile happily on a barebones 13.04
Server install, but the minute I go to run snort I get this on the terminal:

root at ...16408...:~# ps -ef | grep snort
root      1691  1641  0 19:43 pts/0    00:00:00 grep --color=auto snort
root at ...16408...:~# bash /etc/rc.local
/etc/rc.local: line 15:  1699 Killed
/usr/local/snort/bin/snort -D -u snort -g snort -c
/usr/local/snort/etc/snort.conf -i eth1


Killed. Okay then, very descriptive error message there, Ubuntu. Why?
Syslog will surely tell me, right?let's cat syslog:

Jun 14 19:43:08 as-dev-ubuntu-13-04 rsyslogd-2177: imuxsock begins to drop
messages from pid 1699 due to rate-limiting
Jun 14 19:43:15 as-dev-ubuntu-13-04 kernel: [  123.020634] select 1 (init),
adj 0, size 263, to kill
Jun 14 19:43:15 as-dev-ubuntu-13-04 kernel: [  123.020643] select 975
(mysqld), adj 0, size 9699, to kill
Jun 14 19:43:15 as-dev-ubuntu-13-04 kernel: [  123.020645] select 1699
(snort), adj 0, size 68334, to kill
Jun 14 19:43:15 as-dev-ubuntu-13-04 kernel: [  123.020646] send sigkill to
1699 (snort), adj 0, size 68334
Jun 14 19:43:15 as-dev-ubuntu-13-04 kernel: [  123.020908] select 1 (init),
adj 0, size 263, to kill
Jun 14 19:43:15 as-dev-ubuntu-13-04 kernel: [  123.020911] select 975
(mysqld), adj 0, size 9699, to kill

So, based on the above, I can only theorize that rsyslog/imuxsock doesn't
like how verbose snort is and axes it because it thinks there's something
wrong with the process.

Have any of you run across this, and if so, how'd you resolve it?


-- 
when does reality end? when does fantasy begin?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20130614/de5c3125/attachment.html>


More information about the Snort-users mailing list