Dear James,
Please find the requested output.
[root@localhost ~]# /usr/sbin/service snortd status
-bash: /usr/sbin/service: No such file or directory
[root@localhost ~]# service snortd status
snort (pid 15457) is running...
[root@localhost ~]#
[root@localhost ~]# /usr/local/pf/bin/pfcmd service snortd status
Class::MOP::load_class is deprecated at
/usr/lib64/perl5/vendor_perl/Class/MOP.pm line 76.
Class::MOP::load_class("Cache::Memcached") called at
/usr/share/perl5/vendor_perl/CHI/Driver/Memcached/Base.pm line 37
CHI::Driver::Memcached::Base::_build_contained_cache(CHI::Driver::Memcached__WITH__CHI::Driver::Role::Universal__AND__CHI::Driver::Role::HasSubcaches=HASH(0x343a0f0))
called at /usr/share/perl5/vendor_perl/CHI/Driver/Memcached/Base.pm line 29
CHI::Driver::Memcached::Base::BUILD(CHI::Driver::Memcached__WITH__CHI::Driver::Role::Universal__AND__CHI::Driver::Role::HasSubcaches=HASH(0x343a0f0),
HASH(0x3430348)) called at (eval 367) line 17
CHI::Driver::Memcached__WITH__CHI::Driver::Role::Universal__AND__CHI::Driver::Role::HasSubcaches::BUILDALL(CHI::Driver::Memcached__WITH__CHI::Driver::Role::Universal__AND__CHI::Driver::Role::HasSubcaches=HASH(0x343a0f0),
HASH(0x3430348)) called at /usr/share/perl5/vendor_perl/Moo/Object.pm line
52
Moo::Object::BUILDALL(CHI::Driver::Memcached__WITH__CHI::Driver::Role::Universal__AND__CHI::Driver::Role::HasSubcaches=HASH(0x343a0f0),
HASH(0x3430348)) called at /usr/lib64/perl5/vendor_perl/Moose/Meta/Class.pm
line 285
Moose::Meta::Class::new_object(Moose::Meta::Class=HASH(0x3439f40),
HASH(0x3430348)) called at /usr/lib64/perl5/vendor_perl/Moose/Object.pm
line 30
Moose::Object::new("CHI::Driver::Memcached__WITH__CHI::Driver::Role::Universal__A"...,
"chi_root_class", "pf::CHI", "driver_class", "CHI::Driver::Memcached",
"namespace", "configfiles", "global", 1, ...) called at constructor
CHI::Driver::Memcached::new (defined at
/usr/share/perl5/vendor_perl/CHI/Driver/Memcached.pm line 13) line 4
CHI::Driver::Memcached::new("CHI::Driver::Memcached__WITH__CHI::Driver::Role::Universal__A"...,
"chi_root_class", "pf::CHI", "driver_class", "CHI::Driver::Memcached",
"namespace", "configfiles", "global", 1, ...) called at (eval 366) line 41
CHI::Driver::Memcached__WITH__CHI::Driver::Role::Universal__AND__CHI::Driver::Role::HasSubcaches::new("CHI::Driver::Memcached__WITH__CHI::Driver::Role::Universal__A"...,
"chi_root_class", "pf::CHI", "driver_class", "CHI::Driver::Memcached",
"namespace", "configfiles", "global", 1, ...) called at
/usr/share/perl5/vendor_perl/CHI.pm line 151
CHI::new("pf::CHI", "namespace", "configfiles") called at
/usr/local/pf/lib/pf/config/cached.pm line 748
pf::config::cached::_cache("pf::config::cached") called at
/usr/local/pf/lib/pf/config/cached.pm line 736
pf::config::cached::cache("pf::config::cached") called at
/usr/local/pf/lib/pf/config/cached.pm line 720
pf::config::cached::computeFromPath("pf::config::cached",
"/usr/local/pf/conf/documentation.conf", CODE(0x33fdf38)) called at
/usr/local/pf/lib/pf/config/cached.pm line 376
pf::config::cached::new("pf::config::cached", "-file",
"/usr/local/pf/conf/documentation.conf", "-allowempty", 1, "-onreload",
ARRAY(0x33fde60)) called at /usr/local/pf/lib/pf/config.pm line 451
pf::config::readPfDocConfigFiles() called at /usr/local/pf/lib/pf/
config.pm line 378
pf::config::init_config() called at
/usr/local/pf/lib/pf/config.pmline 358
pf::config::__ANON__() called at
/usr/share/perl5/vendor_perl/Try/Tiny.pm line 76
eval {...} called at /usr/share/perl5/vendor_perl/Try/Tiny.pm line
67
Try::Tiny::try(CODE(0x3399618), Try::Tiny::Catch=REF(0x2fa8660))
called at /usr/local/pf/lib/pf/config.pm line 362
require pf/config.pm called at /usr/local/pf/bin/pfcmd.pl line 81
main::BEGIN() called at /usr/local/pf/lib/pf/config.pm line 0
eval {...} called at /usr/local/pf/lib/pf/config.pm line 0
Usage: pfcmd service <service> [start|stop|restart|status|watch]
stop/stop/restart specified service
status returns PID of specified PF daemon or 0 if not running
watch acts as a service watcher which can send email/restart the services
Services managed by PacketFence:
dhcpd | dhcpd daemon
httpd.webservices| Apache Webservices
httpd.admin | Apache Web admin
httpd.portal | Apache Captive Portal
httpd.proxy | Apache Proxy Interception
pf | all services that should be running based on your
config
pfdetect | PF snort alert parser
pfdhcplistener | PF DHCP monitoring daemon
pfdns | DNS daemon
pfmon | PF ARP monitoring daemon
pfsetvlan | PF VLAN isolation daemon
radiusd | FreeRADIUS daemon
snmptrapd | SNMP trap receiver daemon
snort | Sourcefire Snort IDS
suricata | Suricata IDS
watch
Watch performs services checks to make sure that everything is fine. It's
behavior is controlled by servicewatch configuration parameters. watch is
typically best called from cron with something like:
*/5 * * * * /usr/local/pf/bin/pfcmd service pf watch
On Thu, Feb 6, 2014 at 9:36 PM, James Rouzier <[email protected]> wrote:
> sampath,
>
> Can you run the following commands and send me the output
>
> /usr/sbin/service snortd status
>
> /usr/local/pf/bin/pfcmd service snortd status
>
>
> James
>
> James [email protected] :: +1.514.755.3630 :: http://www.inverse.ca
>
> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
> (http://www.packetfence.org)
>
> On 2/6/2014, 12:39 AM, sampath jayashantha wrote:
>
> Sorry James,
>
> My mistake. Patching Done successfully. When i start packetfence i can
> see that snort is running with commend service snortd status.
>
> But packetfence status show it as
> service|shouldBeStarted|pid
> memcached|1|16013
> httpd.admin|1|16023
> httpd.webservices|1|16046
> httpd.portal|1|16063
> httpd.proxy|0|0
> pfdns|1|16093
> dhcpd|1|16096
> pfdetect|1|16101
> snort|1|0
> suricata||0
> radiusd|1|0
> snmptrapd|1|16112
> pfsetvlan|1|16116
> pfdhcplistener|1|16138 16139 16140
> pfmon|1|16165
>
>
> Is it Normal ????
>
>
> On Wed, Feb 5, 2014 at 4:51 PM, sampath jayashantha
> <[email protected]>wrote:
>
>>
>> Any update regarding this issue ? I'm also having the same issue with my
>> packetfence box.
>>
>> service|shouldBeStarted|pid
>> memcached|1|11287
>> httpd.admin|1|11297
>> httpd.webservices|1|11340
>> httpd.portal|1|11357
>> httpd.proxy|0|0
>> pfdns|1|11387
>> dhcpd|1|11390
>> pfdetect|1|11395
>> snort|0|0
>> suricata|0|0
>> radiusd|1|0
>> snmptrapd|1|11400
>> pfsetvlan|1|11404
>> pfdhcplistener|1|11427 11428 11429
>> pfmon|1|11468
>>
>>
>> How to enable it ? Any clue.
>>
>>
>>
>> On Tue, Jan 28, 2014 at 8:44 PM, Carlos Alonso <[email protected]> wrote:
>>
>>> Thank your for your help. These are the answers to your questions
>>>
>>>
>>> > Can you post your pf.conf , did you set a monitor interface ?
>>> >
>>> > Fabrice
>>> Yes I did. The inline interface is also the monitor interface. This what
>>> I did in PF3.6 and worked perfectly
>>> Is this not posible in PF4.1 ? I have not upgraded, It is a new
>>> installation though.
>>>
>>> XXXX means hidden for security
>>>
>>> [general]
>>> domain=XXXX
>>> hostname=nac
>>> dnsservers=XXXX
>>> dhcpservers=192.168.18.1,192.168.19.1,192.168.20.1
>>> locale=es_ES
>>> timezone=Europe/Madrid
>>> [trapping]
>>> range=10.0.0.0/16, 192.68.0.0/16
>>> detection=enabled
>>> interception_proxy=enabled
>>> [registration]
>>> button_text=Registro
>>> [alerting]
>>> emailaddr=XXXX
>>> smtpserver=XXXX
>>> [database]
>>> pass=XXXX
>>> [captive_portal]
>>> network_detection=disabled
>>>
>>> [interface eth0.802]
>>> ip= XXXX
>>> type=management
>>> mask=255.255.255.0
>>>
>>> [interface eth0.818]
>>> enforcement=inline
>>> ip=192.168.18.1
>>> type=internal,monitor
>>> mask=255.255.255.0
>>>
>>> [interface eth0.819]
>>> enforcement=vlan
>>> ip=192.168.19.1
>>> type=internal
>>> mask=255.255.255.0
>>>
>>> [interface eth0.820]
>>> enforcement=vlan
>>> ip=192.168.20.1
>>> type=internal
>>> mask=255.255.255.0
>>>
>>>
>>> > Can you see if Snort can start when you run it by hand?
>>> >
>>> > /usr/local/bin/snort -d -i eth1 -u root -g snort -c
>>> /etc/snort/snort.conf -l
>>> > /var/log/snort
>>>
>>> If I run it by hand it works:
>>> >/usr/sbin/snort -d -i eth0.818 -u root -g snort -c
>>> /etc/snort/snort.conf -l /var/log/snort/
>>> ...
>>> --== Initialization Complete ==--
>>>
>>> ,,_ -*> Snort! <*-
>>> o" )~ Version 2.9.2.2 IPv6 GRE (Build 121)
>>> '''' By Martin Roesch & The Snort Team:
>>> http://www.snort.org/snort/snort-team
>>> Copyright (C) 1998-2012 Sourcefire, Inc., et al.
>>> Using libpcap version 1.3.0
>>> Using PCRE version: 8.30 2012-02-04
>>> Using ZLIB version: 1.2.7
>>>
>>> Rules Engine: SF_SNORT_DETECTION_ENGINE Version 1.15 <Build
>>> 18>
>>> Preprocessor Object: SF_SMTP (IPV6) Version 1.1 <Build 9>
>>> Preprocessor Object: SF_REPUTATION (IPV6) Version 1.1
>>> <Build 1>
>>> Preprocessor Object: SF_SSLPP (IPV6) Version 1.1 <Build 4>
>>> Preprocessor Object: SF_IMAP (IPV6) Version 1.0 <Build 1>
>>> Preprocessor Object: SF_DNP3 (IPV6) Version 1.1 <Build 1>
>>> Preprocessor Object: SF_SSH (IPV6) Version 1.1 <Build 3>
>>> Preprocessor Object: SF_DCERPC2 (IPV6) Version 1.0 <Build 3>
>>> Preprocessor Object: SF_SDF (IPV6) Version 1.1 <Build 1>
>>> Preprocessor Object: SF_DNS (IPV6) Version 1.1 <Build 4>
>>> Preprocessor Object: SF_MODBUS (IPV6) Version 1.1 <Build 1>
>>> Preprocessor Object: SF_POP (IPV6) Version 1.0 <Build 1>
>>> Preprocessor Object: SF_FTPTELNET (IPV6) Version 1.2 <Build
>>> 13>
>>> Preprocessor Object: SF_GTP (IPV6) Version 1.1 <Build 1>
>>> Preprocessor Object: SF_SIP (IPV6) Version 1.1 <Build 1>
>>> Commencing packet processing (pid=2481)
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> WatchGuard Dimension instantly turns raw network data into actionable
>>> security intelligence. It gives you real-time visual feedback on key
>>> security issues and trends. Skip the complicated setup - simply import
>>> a virtual appliance and go from zero to informed in seconds.
>>>
>>> http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
>>> _______________________________________________
>>> PacketFence-users mailing list
>>> [email protected]
>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>
>>
>>
>>
>> --
>>
>> ..........................................................................................
>>
>> There is always some one who know more Than us out there.
>>
>> Wê Lïvê †ð §hårê : Wê Lðvê †ð §hårê
>>
>>
>>
>> SAM
>>
>
>
>
> --
>
> ..........................................................................................
>
> There is always some one who know more Than us out there.
>
> Wê Lïvê †ð §hårê : Wê Lðvê †ð §hårê
>
>
>
> SAM
>
>
> ------------------------------------------------------------------------------
> Managing the Performance of Cloud-Based Applications
> Take advantage of what the Cloud has to offer - Avoid Common Pitfalls.
> Read the
> Whitepaper.http://pubads.g.doubleclick.net/gampad/clk?id=121051231&iu=/4140/ostg.clktrk
>
>
>
> _______________________________________________
> PacketFence-users mailing
> [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
>
>
> ------------------------------------------------------------------------------
> Managing the Performance of Cloud-Based Applications
> Take advantage of what the Cloud has to offer - Avoid Common Pitfalls.
> Read the Whitepaper.
>
> http://pubads.g.doubleclick.net/gampad/clk?id=121051231&iu=/4140/ostg.clktrk
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
--
..........................................................................................
There is always some one who know more Than us out there.
Wê Lïvê †ð §hårê : Wê Lðvê †ð §hårê
SAM
------------------------------------------------------------------------------
Managing the Performance of Cloud-Based Applications
Take advantage of what the Cloud has to offer - Avoid Common Pitfalls.
Read the Whitepaper.
http://pubads.g.doubleclick.net/gampad/clk?id=121051231&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
