Yes I did. root@nac:~# cat /usr/local/pf/conf/pf.conf ... # # trapping.detection # # Enables snort-based worm detection. If you don't have a span interface available, don't bother enabling it. If you do, # you'll most definately want this on. detection=enabled #
... That's why pfdtect starts, but I don't know why snort doesn't > Hello Carlos, > did you enable detection in configuration -> Trapping ? > > Regards > Fabrice > I am using PacketFence 4.1 in debian wheezy. Snort-based worm > detection is enabled but packetfence doesn't start snort. > The rules are up to date in /usr/local/pf/conf/snort > > This is what I have tried: > > root@nac:~# ls -l /usr/sbin/snort > -rwxr-xr-x 1 root root 1334992 ago 8 2012 /usr/sbin/snort > root@nac:~# /usr/local/pf/bin/pfcmd service pfdetect status > service|shouldBeStarted|pid > pfdetect|1|5893 > root@nac:~# /usr/local/pf/bin/pfcmd service snort status > service|shouldBeStarted|pid > snort|0|0 > root@nac:~# /usr/local/pf/bin/pfcmd service snort start > service|command > memcached|already started > httpd.admin|already started > root@nac:~# /usr/local/pf/bin/pfcmd service snort status > service|shouldBeStarted|pid > snort|0|0 > > There are no logs about snort in any file in /var/log/* or > /usr/local/pf/logs/* so I don't know what to do > > Is there anything that I am missing ? > > Thank you > ------------------------------------------------------------------------------ CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
