[prev in list] [next in list] [prev in thread] [next in thread]
List: prelude-user
Subject: [prelude-user] problems with prelude plugin for snort on nanobsd
From: jkv <jkv () unixcluster ! dk>
Date: 2008-10-15 10:38:17
Message-ID: 48F5C819.4020606 () unixcluster ! dk
[Download RAW message or body]
Hi,
Im having some problems getting the prelude library working for snort.
Snort have been successfully compiled with prelude and i have the
setup working on another box (virtual machine), but when i try the
excact same setup om på nanobsd it dont work. The only difference as i
see it is that on my nanobsd /var is a memory file system:
# mount
/dev/ad1s1a on / (ufs, local, read-only)
devfs on /dev (devfs, local)
/dev/md0 on /etc (ufs, local)
/dev/md1 on /var (ufs, local)
It seems like prelude is complaining about a lock file - but i cant
seem to find the problem.
Any ideas?
The errors from snort/prelude: (with LIBPRELUDE_DEBUG=10)
Rule application order: activation->dynamic->pass->drop->alert->log
Log directory = /var/log/snort
Verifying Preprocessor Configurations!
0 out of 512 flowbits in use.
Decoding LoopBack on interface NULL
14 Oct 12:36:13 (process:3631) DEBUG: [init] thread used=1
(prelude-thread.c:335 _prelude_thread_in_use)
14 Oct 12:36:13 (process:3631) DEBUG: Using configuration file:
/usr/local/etc/prelude/profile/snort/config. (prelude-option.c:261
process_cfg_file)
14 Oct 12:36:13 (process:3631) DEBUG: Using configuration file:
/usr/local/etc/prelude/default/global.conf. (prelude-option.c:261
process_cfg_file)
14 Oct 12:36:13 (process:3631) DEBUG: [queue=0xbfbfe1ec] prelude()
(prelude-option.c:329 call_option_cb)
14 Oct 12:36:13 (process:3631) DEBUG: Using configuration file:
/usr/local/etc/prelude/default/client.conf. (prelude-option.c:261
process_cfg_file)
14 Oct 12:36:13 (process:3631) DEBUG: [queue=0xbfbfe1ec] prelude()
(prelude-option.c:329 call_option_cb)
14 Oct 12:36:13 (process:3631) DEBUG: [queue=0x288f7490]
server-addr(10.0.0.10) (prelude-option.c:329 call_option_cb)
14 Oct 12:36:13 (process:3631) DEBUG: prelude() context=0x286490e0
default=0x286490e0 (prelude-option.c:385 call_option_from_cb_list)
14 Oct 12:36:13 (process:3631) DEBUG: prelude() context=0x286490e0
default=0x286490e0 (prelude-option.c:385 call_option_from_cb_list)
14 Oct 12:36:13 (process:3631) DEBUG: server-addr(10.0.0.10)
context=0x286490e0 default=0x286490e0 (prelude-option.c:385
call_option_from_cb_list)
14 Oct 12:36:13 (process:3631) DEBUG: woke up 0 timer
(prelude-timer.c:149 walk_and_wake_up_timer)
ERROR: prelude-failover: Unable to initialize prelude client: error
locking '/var/spool/prelude/snort/global/data0': Invalid argument.
Fatal Error, Quitting..
_______________________________________________
Prelude-user site list
Prelude-user@prelude-ids.org
http://lists.prelude-ids.org/mailman/listinfo/prelude-user
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic