Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Barnyard Shell Script

From: "Jason Linden" <jlinden7 () adelphia net>
Date: Sat, 26 Apr 2003 20:43:23 -0400
I am trying to start barnyard from a shell script but am having some
difficulty. I am runing multiple instances of barnyard, when I launch
the shell script the first instance starts but the 2nd and 3rd instances
fail.  (I have intentionally rename the filenames so I can tell which
one is which when they are running.) Redhat 9, Snort 2, and Barnyard
0.1.0.  Here is the script I am trying to use:
 
#
# barnyardd        Start/Stop the barnyard daemon
#
# chkconfig: 2345 20
# description: Starts the barnyard daemon
# processname: barnyard
# Source Function Library
. /etc/rc.d/init.d/functions
 
case "$1" in
 
#
# Barnyard All Interfaces
#
 
#Start All
startall)
#Inside
            echo -n "Starting Barnyard Inside: "
            daemon /usr/local/bin/barnyardin -c
/usr/snort/etc/barnyardinside.conf \
            -d /var/log/snort/inside -f snort.log -s
/usr/snort/etc/sid-msg.map \
            -g /usr/snort/etc/gen-msg.map
            touch /var/lock/subsys/barnyardin
            echo
#DMZ
            echo -n "Starting Barnyard DMZ: "
            daemon /usr/local/bin/barnyarddmz -c
/usr/snort/etc/barnyarddmz.conf \
            -d /var/log/snort/dmz -f snort.log -s
/usr/snort/etc/sid-msg.map \
            -g /usr/snort/etc/gen-msg.map
            touch /var/lock/subsys/barnyarddmz
            echo
#Outside
echo -n "Starting Barnyard Outside: "
            daemon /usr/local/bin/barnyardout -c
/usr/snort/etc/barnyardoutside.conf \
            -d /var/log/snort/outside -f snort.log -s
/usr/snort/etc/sid-msg.map \
            -g /usr/snort/etc/gen-msg.map
touch /var/lock/subsys/barnyardout
echo
;;
 
 
Here is my barnyard.conf, each of the conf files are the same except for
the interface and hostname:
#-------------------------------------------------------------
#   http://www.snort.org    Barnyard 0.1.0 configuration file
#          Contact: snort-barnyard () lists sourceforge net
#-------------------------------------------------------------
# $Id: barnyard.conf,v 1.1.1.1 2002/12/02 20:51:35 andrewbaker Exp $
########################################################
# Currently you want to do two things in here: turn on 
# available data processors and turn on output plugins.
# The data processors (dp's) and output plugin's (op's)
# automatically associate with each other by type and
# are automatically selected at run time depending on 
# the type of file you try to load.
########################################################
#
# Step 0: configuration declarations
# To keep from having a commandline that uses every letter in the
alphabet
# most configuration options are set here
#
#enable daemon mode
config daemon
config hostname: DMZ
config interface: eth1
config filter:
processor dp_alert
processor dp_log
processor dp_stream_stat
#output alert_fast
#output log_dump
# alert_syslog
# log_pcap
# acid_db
#output alert_acid_db: mysql, sensor_id 1, database snort, server
localhost, user *****, password *****
output log_acid_db: mysql, database snort, server localhost, user *****,
password *****, detail full
 
 
Thanks!!
Previous By Date Next
Previous By Thread Next

Current thread: