Snort mailing list archives
Snort can't determine the hostname correctly when lauch by a script
From: IDS snort <ids.snort () caramail com>
Date: Mon, 26 May 2003 13:43:28 +0100
Hello, When snort is launch by the following script (RH7.3) it can not determine the sensor hostname correctly : In the sensor table, I get a new entry with hostname field set to unknown:eth1 Snort should have kept the old entry which is snort1.domain.tld:eth1 What I do not understand is when in a bash console I ran the 2 following commands, it works fine. # . /etc/init.d/functions # daemon snort -o -i eht1 -u snort -g snort -c /chroot/snort/etc/snort/snort.conf - l /chroot/snort/var/log/snort -t /chroot/snort -D I am geting lost. Why snort can't get the hostname when it is lauch by the script ? The script is : /etc/init.d/functions /etc/sysconfig/network prog="snort" SNORT_HOME=/chroot/snort SNORT_CONFIG=$SNORT_HOME/etc/snort/snort.conf SNORT_LOG=$SNORT_HOME/var/log/snort SNORT_IFACE=eth1 SNORT_UID=snort SNORT_GID=snort OPTIONS="-o -i $SNORT_IFACE -u $SNORT_UID -g $SNORT_GID -c $SNORT_CONFIG -l $SNORT_LOG -t $SNORT_HOME -D" RETVAL=0 start () { echo -n $"Starting $prog: " daemon /chroot/snort/sbin/snort $OPTIONS RETVAL=$? echo [ $RETVAL -eq 0 ] && touch /var/lock/subsys/snort } ______________________________________________________ Plus simple, plus fiable, plus rapide : Découvrez le nouveau Caramail - http://www.caramail.com
Current thread:
- Snort can't determine the hostname correctly when lauch by a script IDS snort (May 27)