James Sinnamon wrote: > Dear Debian firewallers, > > (Apologies if this is not the right place to ask) > > I am running snort: > > greenhouse:/etc/snort# ps axww | grep snort > 1723 ? Ss 0:01 /usr/sbin/snort -m 027 -D -c /etc/snort/snort.conf > -l /var/log/snort -d -u snort -g snort -O -S HOME_NET=[192.168.0.0/24] -i > eth0, > > .... but the log files are empty: > > greenhouse:/etc/snort# ls -l /var/log/snort/ > total 0 > -rw-r----- 1 snort adm 0 2004-06-12 15:50 alert > -rw-r----- 1 root adm 0 2004-06-12 16:53 > snort.log.1087023225 > > Can anyone spot the problem? > > TIA > > James Sinnamon
I had the same problem because Snort didn't recognize my rules directory. I fixed it by using snort -C /path/to/rules & . It's working now. I hope it'll help you, Charles Grellois
