Jim Abercromby
2012-Aug-07 15:14 UTC
[CentOS] Snort: Problems configuring for init/start upon bootup rc.conf not working
Ladies/Gents, /etc/init.d/snortd more snortd #!/bin/sh # Description: start up script for snort # chkconfig: 2345 40 60 # # Source function library. . /etc/rc.d/init.d/functions # case "$1" in # 'start') echo "Starting up Snort..." /prod/snort/bin/snort -c /prod/snort/etc/snort.conf -D -g snort -u snort -i eth0 -l /var/log/snort echo "Done." ;; # 'stop') echo "Stopping Snort..." killproc snort echo "Done." ;; # 'restart') $0 stop $0 start ;; # status) status snort ;; # *) echo "Usage: $0 {start|stop}" exit 1 # esac exit 0 chkconfig abrt-ccpp 0:off 1:off 2:off 3:on 4:off 5:on 6:off abrt-oops 0:off 1:off 2:off 3:on 4:off 5:on 6:off abrtd 0:off 1:off 2:off 3:on 4:off 5:on 6:off acpid 0:off 1:off 2:on 3:on 4:on 5:on 6:off atd 0:off 1:off 2:off 3:on 4:on 5:on 6:off auditd 0:off 1:off 2:on 3:on 4:on 5:on 6:off cgconfig 0:off 1:off 2:off 3:off 4:off 5:off 6:off cgred 0:off 1:off 2:off 3:off 4:off 5:off 6:off cpuspeed 0:off 1:on 2:on 3:on 4:on 5:on 6:off crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off haldaemon 0:off 1:off 2:off 3:on 4:on 5:on 6:off ip6tables 0:off 1:off 2:on 3:on 4:on 5:on 6:off iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off irqbalance 0:off 1:off 2:off 3:on 4:on 5:on 6:off kdump 0:off 1:off 2:off 3:on 4:on 5:on 6:off lvm2-monitor 0:off 1:on 2:on 3:on 4:on 5:on 6:off mdmonitor 0:off 1:off 2:on 3:on 4:on 5:on 6:off messagebus 0:off 1:off 2:on 3:on 4:on 5:on 6:off netconsole 0:off 1:off 2:off 3:off 4:off 5:off 6:off netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off netsaint_statd 0:off 1:off 2:on 3:on 4:on 5:on 6:off network 0:off 1:off 2:on 3:on 4:on 5:on 6:off ntpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off ntpdate 0:off 1:off 2:off 3:off 4:off 5:off 6:off psacct 0:off 1:off 2:off 3:off 4:off 5:off 6:off quota_nld 0:off 1:off 2:off 3:off 4:off 5:off 6:off rdisc 0:off 1:off 2:off 3:off 4:off 5:off 6:off restorecond 0:off 1:off 2:off 3:off 4:off 5:off 6:off rhnsd 0:off 1:off 2:on 3:on 4:on 5:on 6:off rngd 0:off 1:off 2:off 3:off 4:off 5:off 6:off rsyslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off saslauthd 0:off 1:off 2:off 3:off 4:off 5:off 6:off smartd 0:off 1:off 2:off 3:off 4:off 5:off 6:off snmpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off snmptrapd 0:off 1:off 2:off 3:off 4:off 5:off 6:off sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off sysstat 0:off 1:on 2:on 3:on 4:on 5:on 6:off udev-post 0:off 1:on 2:on 3:on 4:on 5:on 6:off #Yes - I am aware that it's not in this output, this is because we opted out of snort chkconfig because I had read posts that snort can not be configured to autostart in the conventional and usual fashion on CentOS/RHEL, Linux vsp-01.kewr5.s.vonagenetworks.net 2.6.32-220.17.1.el6.x86_64 #1 SMP Thu Apr 26 13:37:13 EDT 2012 x86_64 x86_64 x86_64 GNU/Linux Red Hat Enterprise Linux Server release 6.2 (Santiago) Kernel \r on an \m I have tried to implement snort startup on boot via rc.local as well (See below). #!/bin/sh # # This script will be executed *after* all the other init scripts. # You can put your own initialization stuff in here if you don't # want to do the full Sys V style init stuff. touch /var/lock/subsys/local /prod/snort/bin/snort -D -u snort -g snort -c /prod/snort/etc/snort.conf -i eth0 This does not do the trick either so I am out of answers and this point and defering to the community.
Possibly Parallel Threads
- ip_queue module issue
- [kris@FreeBSD.org: cvs commit: ports/security/snort Makefile distinfo pkg-plist ports/security/snort/files patch-snort.c]
- Bug#403758: Logcheck rules for Snort
- snort, postgres, bridge
- [Fwd: CERT Advisory CA-2003-13 Multiple Vulnerabilities in Snort Preprocessors]