Snort service will not start
-
1.2.3-Release
2.8.4.1_5 pkg v.1.7 -
1.2.3-Release
2.8.4.1_5 pkg v.1.7I need the output of
ls /usr/local/etc/rc.d
and
cat /usr/local/etc/rc.d/mysnort_interface.sh
James
-
bandwidthd.sh mbmon snort.sh
bandwidthd.sh.sample proxy_monitor.sh squid.sh
imspector snmpd
imspector.sh snmptrapdcat: /usr/local/etc/rc.d/mysnort_interface.sh: No such file or directory
-
bandwidthd.sh mbmon snort.sh
bandwidthd.sh.sample proxy_monitor.sh squid.sh
imspector snmpd
imspector.sh snmptrapdcat: /usr/local/etc/rc.d/mysnort_interface.sh: No such file or directory
Type this in the command terminal and post the error.
/usr/local/bin/snort -c /usr/local/etc/snort/snort.conf -l /var/log/snort -D -i ngo
James
-
command came back with no error, no report….....
/usr/local/bin/snort -c /usr/local/etc/snort/snort.conf -l /var/log/snort -D -i ngo
Edit: Checked the system logs and found this error.........
snort[42700]: FATAL ERROR: Unable to open rules file: /usr/local/etc/snort/rules/attack-responses.rules or /usr/local/etc/snort//usr/local/etc/snort/rules/attack-responses.rules
-
I see what going on.
Update all your rules, befor starting snort..
James
-
I keep getting
Please wait… You may only check for New Rules every 15 minutes...
-
OK, if the rules won't update automaticly is there another way to update them?
-
Any update please?
-
I've also had this issue randomly on installs/upgrades. Do you have premium rules? If so, turn it off, wait and then do the update. I have no theory as to why it happens, but after that, I can set the premium rules on and it works from there on until the next snort update.
a.r.
-
I have Snort subscriber enabled and have the key inserted but disabling it doesn't allow it to start and still nothing shows up in the system logs.
I have disabled all options and saved, still no starting of the service. I have reinstalled everything and still no starting of the service.I'm quite literally stumped, I've even tried reinstalling.
The only message I get when trying to update is …....
Please wait... You may only check for New Rules every 15 minutes...