Menu
▾
▴
[Snort-inline-users] RE: Problem with -Q
|
From: Schwendinger, D. T., 1. IO C. <dt...@1s...> - 2004-03-01 15:16:28
|
I found out what the problem was. It was a problem ebtables not a snort_inline problem. Thanks david -----Original Message----- From: Schwendinger, David T., 1st IO CMD Sent: Wednesday, January 07, 2004 3:55 PM To: Sno...@li... Subject: Problem with -Q I'm using SNORT_inline as part of a honeypot on a RedHat 9.0 box with the snort_inline.sh script from honeynet.org. The only modifications I made were to add the "-s" option to send the alerts to syslog as well as a file and change the interface. $SNORT -D -d -s -c /etc/snort_inline/snort_inline.conf -Q -i vmnet1 -l $DIR/$DATE -t $DIR/$DATE It seems to start without any problems, no errors or messages in syslog that indicate there's a problem but it will not log to syslog or to a file. A "ps -ef" shows that it is running. If I remove the "-Q" option it will begin logging. Any idea on what the problem may be. Thanks david |
