6822 – /etc/conf.d/snort bugs (not a duplicate from lamer@gentoo.org bug)

Bug 6822 - /etc/conf.d/snort bugs (not a duplicate from lamer@gentoo.org bug)

Summary: /etc/conf.d/snort bugs (not a duplicate from lamer@gentoo.org bug)

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	High major (vote)
Assignee:	Daniel Ahlberg (RETIRED)

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:	8925
	Show dependency tree

Reported:	2002-08-21 07:44 UTC by Guillaume Destuynder (RETIRED)
Modified:	2002-10-24 09:42 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Guillaume Destuynder (RETIRED) gentoo-dev

2002-08-21 07:44:17 UTC

-> the user snort run as is nobody but should be snort in /etc/conf.d/snort
-> the log directory /var/log/snort (by default) is
 not automatically created nor by snort, nor by the ebuild.

-> Also in /etc/conf.d/snort, snort does not listen on every interface by
 default, so may be changing the last line by (lamer@gentoo.org suggested
handling this in /etc/snort/snort.conf, but it is currently only listening on
one interface, and I would think this option to be better placed in the
conf.d/snort...) :
 # This pulls in the options above
 SNORT_OPTS="-D -s -u snort -i any -dev -l $LOGDIR -h $NETWORK -c $CONF"
 would be wise

 or

 # This tell snort which interface to listen on (any for every interface)
 IFACE=eth0

 # This pulls in the options above
 SNORT_OPTS="-D -s -u snort -i $IFACE -dev -l $LOGDIR -h $NETWORK -c
 $CONF"


kang

Comment 1 Daniel Ahlberg (RETIRED) gentoo-dev

2002-10-24 09:42:39 UTC

Fixed, thanks for finding this!