Skip to content

Commit

Permalink
refactor: Update Snort logging configuration and add ICMP rule
Browse files Browse the repository at this point in the history 
This commit updates the Snort logging configuration in the install-snort3.sh script. The LOG_DIR variable is modified to remove the trailing slash. Additionally, an ICMP rule is added to the Snort configuration. The rule is configured to log ICMP traffic. This change improves the logging functionality of Snort.
  • Loading branch information
@bengo237
bengo237 committed Sep 27, 2024
1 parent 8cd50be commit 803177a
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions install-snort3.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -157,7 +157,7 @@ fi
# Configure Snort logging
print_step "Configuring" "Snort logging..."
SNORT_CONFIG="/usr/local/etc/snort/snort.lua"
LOG_DIR="/var/log/snort/"
LOG_DIR="/var/log/snort"

# Define the content to add
CONFIG_CONTENT='
Expand Down Expand Up @@ -211,7 +211,7 @@ After=network.target
[Service]
Type=simple
ExecStart=$SNORT_BIN -c $SNORT_CONFIG -i $MAIN_INTERFACE -l $LOG_DIR
ExecStart=$SNORT_BIN -c $SNORT_CONFIG -i $MAIN_INTERFACE -l $LOG_DIR -R /usr/local/etc/snort/local.rules
User=snort
Group=snort
Restart=on-failure
Expand Down

0 comments on commit 803177a

Please sign in to comment.