Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 6822

Summary: /etc/conf.d/snort bugs (not a duplicate from lamer@gentoo.org bug)
Product: Gentoo Linux Reporter: Guillaume Destuynder (RETIRED) <kang>
Component: Current packagesAssignee: Daniel Ahlberg (RETIRED) <aliz>
Status: RESOLVED FIXED    
Severity: major CC: h3y, kang
Priority: High    
Version: 1.2   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 8925    

Description Guillaume Destuynder (RETIRED) gentoo-dev 2002-08-21 07:44:17 UTC 
-> the user snort run as is nobody but should be snort in /etc/conf.d/snort
-> the log directory /var/log/snort (by default) is
 not automatically created nor by snort, nor by the ebuild.

-> Also in /etc/conf.d/snort, snort does not listen on every interface by
 default, so may be changing the last line by (lamer@gentoo.org suggested
handling this in /etc/snort/snort.conf, but it is currently only listening on
one interface, and I would think this option to be better placed in the
conf.d/snort...) :
 # This pulls in the options above
 SNORT_OPTS="-D -s -u snort -i any -dev -l $LOGDIR -h $NETWORK -c $CONF"
 would be wise

 or

 # This tell snort which interface to listen on (any for every interface)
 IFACE=eth0

 # This pulls in the options above
 SNORT_OPTS="-D -s -u snort -i $IFACE -dev -l $LOGDIR -h $NETWORK -c
 $CONF"


kang
Comment 1 Daniel Ahlberg (RETIRED) gentoo-dev 2002-10-24 09:42:39 UTC 
Fixed, thanks for finding this!