Tried /var/mdw/scripts/snort stop and get done but in IPS log I can see where it is constantly reloading
A few snippets
2010:06:02-15:34:54 gatekeeper snort[9055]: Enabling inline operation
2010:06:02-15:34:54 gatekeeper snort[9055]: NFQUEUE ID set to: 0
2010:06:02-15:34:54 gatekeeper snort[9055]: Running in IDS mode
2010:06:02-15:34:54 gatekeeper snort[9055]:
2010:06:02-15:34:54 gatekeeper snort[9055]: --== Initializing Snort ==--
2010:06:02-15:34:54 gatekeeper snort[9055]: Initializing Output Plugins!
and after a few more lines, I get
2010:06:02-15:35:16 gatekeeper snort[9055]: WARNING: Invalid content option in shared object rule: gid:3, sid:13476 : Fast pattern offset and length cannot be greater than the length of the pattern. Rule will not be registered.
2010:06:02-15:35:16 gatekeeper snort[9055]: WARNING: gid:3, sid:15470. Fast pattern "only" flag used in combination with a fast pattern offset,length - honoring "only" flag and ignoring fast pattern offset,length.
and it continues on. I however never loose connectivity luckily [;)] Will probably reboot.
Regards
