Snort mailing list archives

Re: Token ring support of snort

From: Martin Roesch <roesch () sourcefire com>
Date: Thu, 01 Nov 2001 10:04:32 -0500

Is that the right interface name for the T/R interface?  To get a list
of the interfaces that are available run 'snort -W', then set the
sniffing interface with 'snort -i <intf>'

     -Marty

bulent_sahin () tb net tr wrote:


Hi,

Does anybody know about token ring support of snort?A few days ago I
installed snort on my computer, but when I try "snort -v" it assumes
that all packets are ethernet packets.  Winpcap and ethereal works
fine. I  pasted "snort -v" output below.

C:\Downloads\Snort-1.8.1-win32-static\Snort-1.8.1-win32\snort -v
Log directory =

        --== Initializing Snort ==--

Initializing Network Interface \
Decoding Ethernet on interface \Device\Packet_MDGNDIS41

        --== Initialization Complete ==--

-*> Snort! <*-
Version 1.8-WIN32 (Build 74)
By Martin Roesch (roesch () sourcefire com, www.snort.org)
1.7-WIN32 Port By Michael Davis (mike () datanerds net, ww
1.8-WIN32 Port By Chris Reid (chris.reid@codecraftconsu
          (based on code from 1.7 port)

=======================================================
Snort analyzed 1312 out of 1312 packets, dropping 0(0.0

Breakdown by protocol:                Action Stats:
    TCP: 0          (0.000%)          ALERTS: 0
    UDP: 0          (0.000%)          LOGGED: 0
   ICMP: 0          (0.000%)          PASSED: 0
    ARP: 0          (0.000%)
   IPv6: 0          (0.000%)
    IPX: 0          (0.000%)
  OTHER: 1311       (99.924%)
DISCARD: 0          (0.000%)
=======================================================
Fragmentation Stats:
Fragmented IP Packets: 0          (0.000%)
    Fragment Trackers: 0
   Rebuilt IP Packets: 0
   Frag elements used: 0
Discarded(incomplete): 0
   Discarded(timeout): 0
  Frag2 memory faults: 0
=======================================================
TCP Stream Reassembly Stats:
        TCP Packets Used: 0          (0.000%)
         Stream Trackers: 0
          Stream flushes: 0
           Segments used: 0
   Stream4 Memory Faults: 0
=======================================================
pcap_loop: read error: PacketReceivePacket failedpcap_s
r
Snort received signal 3, exiting

Thanks,
Bulent


--
Martin Roesch - President, Sourcefire Inc. - (410)552-6999
roesch () sourcefire com - http://www.sourcefire.com  
Snort: Open Source Network IDS - http://www.snort.org

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Token ring support of snort bulent_sahin (Nov 01)
- Re: Token ring support of snort Martin Roesch (Nov 01)
- <Possible follow-ups>
- Re: Token ring support of snort bulent_sahin (Nov 01)
  - Re: Token ring support of snort Martin Roesch (Nov 01)
    - RE: Token ring support of snort Karl Lovink (Nov 01)
    - Re: Token ring support of snort Fyodor (Nov 02)