o snort ta funcionando blz, ta criando os arquivos de log tudo certo, mas quando tento inicializa o guardian da erro, já deixei o conf do jeito que ta nos howtos.
suporte:/etc# guardian.pl -c /etc/guardian.conf
OS shows Linux
Warning! HostIpAddr is undefined! Attempting to guess..
Couldn't figure out the ip address
é esse erro que da, o conf ta aassim
guardian.conf
Interface eth0
# The last octet of the ip address, which gives us the gateway address.
HostGatewayByte 1
# Guardian's log file
LogFile /var/log/guardian.log
# Snort's alert file. This can be the snort.alert file, or a syslog file
# There might be some snort alerts that get logged to syslog which guardian
# might not see..
AlertFile /var/lag/alert
# The list of ip addresses to ignore
IgnoreFile /etc/guardian.ignore
# The time in seconds to keep a host blocked. If undefined, it defaults to
# 99999999, which basicly disables the feature.
TimeLimit 99999
ta faltando oq pra o guardian rodar?
uso debian
kernel 2.4
guardian 1.6