Snort error - "unable to open alerfile - exit"
-
I just installed 1.0, and decided to take a look at the new Snort package. I installed the package, got an oinkid, downloaded rules, checked many of them, and saved. I wasn't seeing any alerts after awhile, and I noticed this in the system log:
"snort2c[838]: unable to open alertfile - exit"
Any ideas?
-
Did you select a interface for Snort to listen on in the settings screen?
Also does snort show as running in Status -> Services?
-
Hi to all
1.0-RELEASE
I have the same Problem.The snort service stop and ist not possible to start.
Oct 16 00:27:37 php: : SQUID is installed but not started. Not installing redirect rules.
Oct 16 00:27:37 php: : SQUID is installed but not started. Not installing redirect rules.
Oct 16 00:27:36 php: : FTP proxy disabled for interface opt1 - ignoring.
Oct 16 00:27:36 miniupnpd[1309]: Unknown soap method
Oct 16 00:27:35 squid[1186]: Squid Parent: child process 1188 exited due to signal 15Oct 16 00:27:35 snort2c[1302]: unable to open alertfile - exit
Oct 16 00:27:35 snort2c[1302]: unable to open alertfile - exit
Oct 16 00:27:35 snort2c[1302]: snort2c running in daemon mode pid: 1302
Oct 16 00:27:35 snort2c[1302]: snort2c running in daemon mode pid: 1302 -
Did you select a interface for Snort to listen on in the settings screen?
Also does snort show as running in Status -> Services?
WAN and OPT1 (dual-wan) are set to be monitored by Snort, and Snort is showed as "stopped" in services.
-
Okay, that is the problem. Only monitor one LAN for the moment, that is a bug I need to fix.