| View previous topic :: View next topic |
| Author |
Message |
abrand15
n00b
Joined: 18 Jul 2002
Posts: 38
Location: Providence, TX USA
|
 Posted: Thu Mar 10, 2016 11:20 pm Post subject: snort failed to start [SOLVED] |
 |
|
emerge snort with the following and it completed without errors:
| Code: |
PYTHON_TARGETS="python2_7 python3_4 python3_3" USE="high-availability sourcefire large-pcap-64bit inline-init-failopen linux-smp-stats file-inspect" emerge -v snort tcpdump
|
Trying to start snort resulted in the following:
| Code: |
firewall ~ # /etc/init.d/snort start
* Caching service dependencies ... [ ok ]
* Starting snort ... [ !! ]
* ERROR: snort failed to start
firewall ~ #
|
I read a post that said to change 'ipvar' in snort.conf to 'var' The issue remained. Changed it back.
I noticed the default interface name in /etc/conf.d/snort was incorrect so I corrected that. Still the issue remained.
I tried starting snort like this and noticed an error:
| Code: |
firewall ~ # /usr/bin/snort -c /etc/snort/snort.conf
Running in IDS mode
--== Initializing Snort ==--
Initializing Output Plugins!
Initializing Preprocessors!
Initializing Plug-ins!
Parsing Rules file "/etc/snort/snort.conf"
PortVar 'HTTP_PORTS' defined : [ 80:81 311 383 591 593 901 1220 1414 1741 1830 2301 2381 2809 3037 3128 3702 4343 4848 5250 6988 7000:7001 7144:7145 7510 7777 7779 8000 8008 8014 8028 8080 8085 8088 8090 8118 8123 8180:8181 8243 8280 8300 8800 8888 8899 9000 9060 9080 9090:9091 9443 9999 11371 34443:34444 41080 50002 55555 ]
PortVar 'SHELLCODE_PORTS' defined : [ 0:79 81:65535 ]
PortVar 'ORACLE_PORTS' defined : [ 1024:65535 ]
PortVar 'SSH_PORTS' defined : [ 22 ]
PortVar 'FTP_PORTS' defined : [ 21 2100 3535 ]
PortVar 'SIP_PORTS' defined : [ 5060:5061 5600 ]
PortVar 'FILE_DATA_PORTS' defined : [ 80:81 110 143 311 383 591 593 901 1220 1414 1741 1830 2301 2381 2809 3037 3128 3702 4343 4848 5250 6988 7000:7001 7144:7145 7510 7777 7779 8000 8008 8014 8028 8080 8085 8088 8090 8118 8123 8180:8181 8243 8280 8300 8800 8888 8899 9000 9060 9080 9090:9091 9443 9999 11371 34443:34444 41080 50002 55555 ]
PortVar 'GTP_PORTS' defined : [ 2123 2152 3386 ]
Detection:
Search-Method = AC-Full-Q
Split Any/Any group = enabled
Search-Method-Optimizations = enabled
Maximum pattern length = 20
ERROR: /etc/snort/snort.conf(247) Could not stat dynamic module path "/usr/local/lib/snort_dynamicpreprocessor/": No such file or directory.
Fatal Error, Quitting..
firewall ~ #
|
I cannot find anything on this error.
Any ideas?
_________________
UNIX IS user-friendly. It's just picky about who its friends are.
----
Do pencils miss spell words? No. Do cars make people drive drunk? No. Do utensils make people fat? No. Guns don't kill people either. |
|
| Back to top |
|
 |
abrand15
n00b
Joined: 18 Jul 2002
Posts: 38
Location: Providence, TX USA
|
| Posted: Fri Mar 11, 2016 12:08 am Post subject: |
|
|
The default snort.conf contained about 10 errors. Once commented out, snort started right up.
_________________
UNIX IS user-friendly. It's just picky about who its friends are.
----
Do pencils miss spell words? No. Do cars make people drive drunk? No. Do utensils make people fat? No. Guns don't kill people either. |
|
| Back to top |
|
|
|
Networking & Security
