<div dir="ltr">Please, help me, <br>what is the adequate time exactly to run the command : <br><b># suricata -c /etc/suricata/suricata.yaml -q 0</b><br><br>and how ? <br> I've already searched in google,<br><br>I think the adequate time is just after running the interface, so<br>
i've added the command in <b> /etc/network/if-up.d/upstart</b><br><br>but now the probleme is, it's run Twice !!!<br><br><br><br><div class="gmail_quote">2010/6/29 Anas.B <span dir="ltr"><<a href="mailto:a.bouhsaina@gmail.com">a.bouhsaina@gmail.com</a>></span><br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;"><div dir="ltr">As an IPS , we do not mention the interface in the runing command,<br><br>so what do you advise me.<div>
<div></div><div class="h5"><br><br><div class="gmail_quote">2010/6/29 Anas.B <span dir="ltr"><<a href="mailto:a.bouhsaina@gmail.com" target="_blank">a.bouhsaina@gmail.com</a>></span><br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;"><div dir="ltr">I've found two ways,<br><br>wrinting the start script in /etc/network/if-up.d/upstart<pre>
!/bin/sh<br>[ "$IFACE" == "etho" ] || exit 0<br>....<br><br>or writing it in rc.local<br></pre>
<br><br><br><div class="gmail_quote">2010/6/29 Anas.B <span dir="ltr"><<a href="mailto:a.bouhsaina@gmail.com" target="_blank">a.bouhsaina@gmail.com</a>></span><div><div></div><div><br><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<div dir="ltr"><div> #echo "Démarrage du module ip_queue<br> #lsmod | grep ip_queue >/dev/null || /sbin/modprobe ip_queue;<br></div>these lines are "comments", i can even remove it<br><br>
<br><div class="gmail_quote">
Le 29 juin 2010 10:20, Eric Leblond <span dir="ltr"><<a href="mailto:eleblond@edenwall.com" target="_blank">eleblond@edenwall.com</a>></span> a écrit :<div><div></div><div><br><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
Hi,<br>
<br>
Le mardi 29 juin 2010 à 10:09 +0100, Anas.B a écrit :<br>
<div>> I'm sorry , this is my script<br>
><br>
> ### BEGIN INIT INFO<br>
> # Provides: scriptname<br>
> # Required-Start: $remote_fs $syslog<br>
> # Required-Stop: $remote_fs $syslog<br>
> # Default-Start: 2 3 4 5<br>
> # Default-Stop: 0 1 6<br>
> # Short-Description: Start daemon at boot time<br>
> # Description: Enable service provided by daemon.<br>
> ### END INIT INFO<br>
> #!/bin/bash<br>
> #<br>
> # suricata_inline<br>
><br>
> start(){<br>
> # Démarrrer les démons.<br>
> #echo "Démarrage du module ip_queue:"<br>
> #lsmod | grep ip_queue >/dev/null || /sbin/modprobe ip_queue;<br>
<br>
</div>strictly useless, ip_queue is *deprecated* and not used by suricata.<br>
You need to load the real module: nfnetlink_queue<br>
<br>
It may be enough to make things work.<br>
<br>
Cordialement,<br>
<font color="#888888">--<br>
Éric Leblond, <a href="mailto:eleblond@edenwall.com" target="_blank">eleblond@edenwall.com</a><br>
Téléphone : +33 1 40 24 65 04, Fax : +33 9 57 21 48 75<br>
EdenWall, <a href="http://www.edenwall.com" target="_blank">http://www.edenwall.com</a><br>
</font></blockquote></div></div></div><br></div>
</blockquote></div></div></div><br></div>
</blockquote></div><br></div></div></div>
</blockquote></div><br></div>