Problems daemonizing snort when using BPF filters

[Patrik Nordlén <patrik.nordlen () sentor se>]

Hi,

wondering if anyone else has experienced this...

I'm running snort on a bunch of FreeBSD 6 machines. Due to some system 
constraints, I've had to compile a statically linked binary for use on the 
sensors (the dynamic libs distributed along with it), however this hasn't 
been a problem...however, when trying to run snort v2.7.x on these sensors I 
have a problem with getting snort to run in the background.

Whether using -D on the command line or "config daemon" in the config file (I 
suppose it's the same thing in the end anyway), snort doesn't go into the 
background as it's supposed to if I add BPF filters as command line 
arguments. It still works perfectly though, just that it doesn't go into the 
background. If I just strip off the BPF filters from the command line 
arguments, snort goes into the background as it's supposed to. I'm not 
experiencing this problem when running snort v2.6.1.3 or earlier versions.

I know I'm running a very non-standard setup here since I'm using statically 
linked binaries, but still, has anyone seen this problem and/or has a 
suggestion on how to solve it?

Thanks,
Patrik

-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >>  http://get.splunk.com/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users