Re: Suricata from packages

2020-01-23 Thread myml...@gmx.com
Suricata from Packages for a while now. No real changes to configs. I don't use /etc/rc.d/suricata at all. To START suricata in live mode - Do this (as root): #suricata -v -c /etc/suricata/suricata.yaml -i em0 & (please substitute your collection I/F as needed. Mine is em0 as in the exam

Re: Suricata from packages

2020-01-21 Thread b2s2d
On 2020-01-21 18:49, Stuart Henderson wrote: On 2020-01-21, b2...@zonbie.net wrote: To START suricata in live mode - Do this (as root): #suricata -v -c /etc/suricata/suricata.yaml -i em0 & Well, that's one way. Or you can use the OS mechanisms. To STOP suricata: pgrep suricata and kill -9

Re: Suricata from packages

2020-01-21 Thread Stuart Henderson
On 2020-01-21, b2...@zonbie.net wrote: > To START suricata in live mode - > Do this (as root): > > #suricata -v -c /etc/suricata/suricata.yaml -i em0 & Well, that's one way. Or you can use the OS mechanisms. > To STOP suricata: pgrep suricata and kill -9 the pid returned. Why pgrep then kill wh

Re: Suricata from packages

2020-01-21 Thread Eric Zylstra
> On Jan 21, 2020, at 1:45 PM, Stuart Henderson wrote: > > On 2020-01-18, Eric Zylstra wrote: >> >> >>> On Jan 18, 2020, at 6:42 AM, Antoine Jacoutot wrote: >>> >>> On Fri, Jan 17, 2020 at 11:24:22PM -0600, Eric Zylstra wrote: OpenBSD 6.6 Generic.MP amd64 Stable. I in

Re: Suricata from packages

2020-01-21 Thread Eric Zylstra
The pkg-readme was perfect. Concise and all I need to know. Two minutes and I’m good to go. Thanks all! EZ Sent from my iPhone > On Jan 21, 2020, at 3:59 PM, Stuart Henderson wrote: > > On 2020/01/21 15:40, Eric Zylstra wrote: >> >> On Jan 21, 2020, at 1:45 PM, Stuart Henderson w

Re: Suricata from packages

2020-01-21 Thread Stuart Henderson
On 2020/01/21 15:40, Eric Zylstra wrote: > > > > On Jan 21, 2020, at 1:45 PM, Stuart Henderson wrote: > > > > On 2020-01-18, Eric Zylstra wrote: > >> > >> > >>> On Jan 18, 2020, at 6:42 AM, Antoine Jacoutot > >>> wrote: > >>> > >>> On Fri, Jan 17, 2020 at 11:24:22PM -0600, Eric Zylstra wr

Re: Suricata from packages

2020-01-21 Thread b2s2d
…fails. No informative fail message, though. Run rcctl in debug mode. Notable that man rcctl(8) does not contain the word “debug”. I had to do a web search to confirm the -d argument was what I needed to get debug output. Greetings, I use Suricata from Packages for a while now. No real

Re: Suricata from packages

2020-01-21 Thread b2s2d
…fails. No informative fail message, though. Run rcctl in debug mode. Notable that man rcctl(8) does not contain the word “debug”. I had to do a web search to confirm the -d argument was what I needed to get debug output. Greetings, I use Suricata from Packages for a while now. No

Re: Suricata from packages

2020-01-21 Thread Stuart Henderson
On 2020-01-18, Eric Zylstra wrote: > > >> On Jan 18, 2020, at 6:42 AM, Antoine Jacoutot wrote: >> >> On Fri, Jan 17, 2020 at 11:24:22PM -0600, Eric Zylstra wrote: >>> OpenBSD 6.6 Generic.MP amd64 >>> Stable. >>> >>> I installed suricata using pkg_add. Having trouble with starting it. pkg_add

Re: Suricata from packages

2020-01-21 Thread Eric Zylstra
> On Jan 18, 2020, at 9:08 AM, Eric Zylstra wrote: > > > >> On Jan 18, 2020, at 6:42 AM, Antoine Jacoutot > > wrote: >> >> On Fri, Jan 17, 2020 at 11:24:22PM -0600, Eric Zylstra wrote: >>> OpenBSD 6.6 Generic.MP amd64 >>> Stable. >>> >>> I installed suricata us

Re: Suricata from packages

2020-01-21 Thread Eric Zylstra
> On Jan 18, 2020, at 6:42 AM, Antoine Jacoutot wrote: > > On Fri, Jan 17, 2020 at 11:24:22PM -0600, Eric Zylstra wrote: >> OpenBSD 6.6 Generic.MP amd64 >> Stable. >> >> I installed suricata using pkg_add. Having trouble with starting it. >> >> $ doas rcctl start suricata >> …fails. No inf

Re: Suricata from packages

2020-01-18 Thread Antoine Jacoutot
On Fri, Jan 17, 2020 at 11:24:22PM -0600, Eric Zylstra wrote: > OpenBSD 6.6 Generic.MP amd64 > Stable. > > I installed suricata using pkg_add. Having trouble with starting it. > > $ doas rcctl start suricata > …fails. No informative fail message, though. Run rcctl in debug mode. > > I’ve tr

Suricata from packages

2020-01-17 Thread Eric Zylstra
OpenBSD 6.6 Generic.MP amd64 Stable. I installed suricata using pkg_add. Having trouble with starting it. $ doas rcctl start suricata …fails. No informative fail message, though. I’ve tried finding info in logs. Nothing informative in suricata logs nor /var/log/messages. $ doas /usr/local/b