RH 7.3 using SNort 2.3.2
Anybody out there use snort? Where can I find snort startup daemon script? I'm getting these errors on my current snortd scripts. Everything else is complete, mysql & acid.
[root@sysl init.d]# ./snortd start
rm: cannot remove `/var/log/snort/alert': No such file or directory
[root@sysl init.d]# ./snortd status
snort dead but subsys locked
#!/bin/sh
#
# snortd Start/Stop the snort IDS daemon.
#
# chkconfig: 2345 40 60
# description: snort is a lightweight network intrusion detection tool that
# currently detects more than 1100 host and network
# vulnerabilities, portscans, backdoors, and more.
#
# June 10, 2000 -- Dave Wreski <dave@linuxsecurity.com>
# - initial version
#
# July 08, 2000 Dave Wreski <dave@guardiandigital.com>
# - added snort user/group
# - support for 1.6.2
# Source function library.
. /etc/rc.d/init.d/functions
# Specify your network interface here
INTERFACE=eth0
# See how we were called.
case "$1" in
start)
echo -n "Starting snort: "
ifconfig eth0 up
daemon /usr/local/bin/snort -U -o -i $INTERFACE -d -D \
-c /etc/snort/snort.conf
touch /var/lock/subsys/snort
sleep 3
rm /var/log/snort/alert
echo
;;
stop)
echo -n "Stopping snort: "
killproc snort
rm -f /var/lock/subsys/snort
echo
;;
restart)
$0 stop
$0 start
;;
status)
status snort
;;
*)
echo "Usage: $0 {start|stop|restart|status}"
exit 1
esac
exit 0
|