Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort not logging to database

From: Bruce Radder <bmrconsulting () sbcglobal net>
Date: Thu, 25 Sep 2003 22:45:31 -0500
I installed Snort 2.0.2, Apache 2.0.47, PHP 4.3.1, Mysql 4.0.12 and Acid 
0.9.6b23 from source onto my linux box running Slackware 8.1 with kernel 
2.4.18 following instructions in a Snort Installation Manual by Patrick 
Harper.  I had already been using earlier versions of Apache, PHP and Mysql 
on this box.  The install went fine and all programs are operational but, 
Snort is not logging to the database. 
I have a firewall (Shorewall) masquerading for subnet 192.168.0.0/24 on ppp0 
(a pppoe/dsl connection). Eth0 is my internal iface and Eth1 connects to the 
modem. I noticed in the snort startup script that snort would initialize and 
listen on eth0. Is that right? Or will the firewall drop packets before Snort 
can see them?
I read the manual and searched archives but haven't solved the problem.

Excerpt from snort.conf
var HOME_NET 192.168.0.0/24
var EXTERNAL_NET any
output database: log, mysql, dbname=snort user=snortusr host=localhost  / 
password=xyz

Bruce


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: