Thanks to @sevanjaniyan and @cperciva for helping with my FreeBSD startup script issue. By removing the ${barnyard2_flags} argument from the command_args section I was able to start barnyard2 properly:
root 45842 54.9 0.5 18572 11116 ?? Ss 7:15PM 0:00.00
/usr/local/bin/barnyard2 -D -U -d /nsm/r200a -f snort.unified2
-c /usr/local/etc/nsm/barnyard2.conf
In other words, the script has this now:
. /etc/rc.subr
name="barnyard2"
load_rc_config $name
rcvar=`set_rcvar`
# set some defaults
: ${barnyard2_enable="NO"}
: ${barnyard2_conf="/usr/local/etc/barnyard2.conf"}
: ${barnyard2_flags="-D"}
command="/usr/local/bin/barnyard2"
command_args="-c ${barnyard2_conf}"
run_rc_command "$1"
I made changes to some other startup scripts and needed to commit them via Git. I did it this way.
richard@macmini:~/taosecurity_freebsd_sguil$ git status
# On branch master
# Changes to be committed:
# (use "git reset HEAD..." to unstage)
#
# new file: pcap_agent
# new file: sancp_agent
# new file: sguild
# new file: snort_agent
#
richard@macmini:~/taosecurity_freebsd_sguil$ git add pcap_agent sancp_agent sguild snort_agent
richard@macmini:~/taosecurity_freebsd_sguil$ git commit -am "Added new startup scripts."
Created commit 296687e: Added new startup scripts.
4 files changed, 145 insertions(+), 0 deletions(-)
create mode 100755 pcap_agent
create mode 100755 sancp_agent
create mode 100755 sguild
create mode 100755 snort_agent
richard@macmini:~/taosecurity_freebsd_sguil$ git push origin master
taosecurity@taosecurity.git.sourceforge.net's password:
Counting objects: 7, done.
Compressing objects: 100% (6/6), done.
Writing objects: 100% (6/6), 1.89 KiB, done.
Total 6 (delta 3), reused 0 (delta 0)
To ssh://taosecurity@taosecurity.git.sourceforge.net/gitroot/taosecurity/taosecurity
9cad54a..296687e master -> master
Thanks again for your help!
Now I'm watching commits to https://github.com/firnsy/barnyard2 to see if Barnyard2 is updated to work with the new Snort event types that kills it.
Tweet
0 komentar:
Posting Komentar