Once again. I hope, you will tell me if you reproduce this or not! $ service snortd stop Stopping snort: [ OK ] $ ps ax | grep snort 4895 pts/3 S 0:00 grep snort $ service snortd start Starting snort: [ OK ] $ ps ax | grep snort 4919 ? S 0:00 /usr/sbin/snort -u snort -g snort -s -d -D -i eth0 4929 pts/3 S 0:00 grep snort $ service snortd start Starting snort: [ OK ] $ ps ax | grep snort 4919 ? S 0:00 /usr/sbin/snort -u snort -g snort -s -d -D -i eth0 4955 ? S 0:00 /usr/sbin/snort -u snort -g snort -s -d -D -i eth0 4966 pts/3 S 0:00 grep snort $ rpm -q snort snort-1.8.3-2mdk $ ls /var/run/snort* /var/run/snort_eth0.pid $
I used snortd from RPM. I can't use original snort.conf, because rpm did not touch my version - that's good, but no .rpmnew -> %config(noreplace), again ? BTW: If one wants to install snort-mysql (or another db), you can read this in README.database: % mysql < ./contrib/create_mysql But you will not find this damn script on your computer. Please include it in snort-mysql. CU, Ralf.
