Snort mailing list archives

Re: script file

From: Erek Adams <erek () snort org>
Date: Sat, 11 Jan 2003 01:41:15 -0500 (EST)

On Fri, 10 Jan 2003, [iso-8859-1] Saúl Bósquez wrote:

Ok, I fixed my script file, it seemed to have some characters that were
causing errors I managed to delete them
but im still having problems...

there is a new version of the script file on
http://www.superhac.com/snort/snortd i got redirected there when i tried to
access http://home.earthlink.net/~sjscott007/snortd

This new script adds this two lines to the snort start command:
                sleep 3
      rm /var/log/snort/alert

With this new lines when I type '/etc/rc.d/init.d/snortd start' I get the
following message:
    rm: cannot remove '/var/log/snort/alert': No such file or directory

So i commented out those lines and I got this when I typed
'/etc/rc.d/init.d/snortd start':
    Starting snort:
[OK]     (in green letters)
I thought it was up and running so I typed '/etc/rc.d/init.d/snortd status'
and got the following message:
    snort dead but subsys locked
And when tried to stop it got:
    Stopping snort:
[FAILED]    (in red letters)

Is this normal? any idea?


Yes, I have thoughts on this.  They aren't what most folks want to hear,
so I won't voice them in a public forum.  :)

But I will offer two suggestions:

#1  Check the archives [0].  This "issue" has been resolved more than
once.  :)  It's amazing what you can find if you do a _tiny_ bit of
research.

#2  Learn the benfits of "sh -x" (sh -x /path/to/snortd start).   It's
amazing what that can tell you.

If you write your own startup scripts instead of using someone elses....
Things tend to go a lot better when you write your own.  That way you
understand _exactly_ what they (the scripts) do.

Knowledge is power.  ;-)

-----
Erek Adams

   "When things get wierd, the wierd turn pro."   H.S. Thompson


[0]     http://marc.theaimsgroup.com/?l=snort-users&m=103419280419585&w=2



-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

script file Saúl Bósquez (Jan 10)
- Re: script file Erek Adams (Jan 10)
- <Possible follow-ups>
- script file Saúl Bósquez (Jan 14)
  - Re: script file Javier Liendo (Jan 14)
  - Re: script file Erick Mechler (Jan 14)
  - Re: script file Cesar Andres Navarrete R. (Jan 15)
    - Re: script file Saúl Bósquez (Jan 15)