Snort mailing list archives
RE: snort on an old FreeBSD box (builds but won't r un)
From: Chris Arnold <chris.arnold () WheelHouse com>
Date: Mon, 18 Mar 2002 16:11:33 -0500
Nope. I just built snort 1.8.4 (debugging enabled this time) with libpcap
0.7.1 and libnet 1.0.2a. Everything builds nicely. It will execute
without a segfault but just doesn't work. At least it's running nicely on
Solaris for me :)
Chris
# snort -v
snort.c:681: Parsing command line...
snort.c:701: Processing cmd line switch: v
snort.c:1165: Verbose Flag active
Failed to lookup for interface: SIOCGIFCONF: Operation not supported. Please
specify one with -i switch
Fatal Error, Quitting..
# snort -v -i fxp0
snort.c:681: Parsing command line...
snort.c:701: Processing cmd line switch: v
snort.c:1165: Verbose Flag active
snort.c:701: Processing cmd line switch: i
snort.c:895: Interface = fxp0
snort.c:1251: pcap_cmd is NULL
Log directory = /var/log/snort
snort.c:172: Opening interface: fxp0
Initializing Network Interface fxp0
snaplength info: set=1514/compiled=1514/wanted=0
ioctl(SIOC*MTU): Operation not supported
Automagic MTU discovery failed. Using default 1500ERROR: OpenPcap() device
fxp0 open:
BIOCSETIF: fxp0: Invalid argument
Fatal Error, Quitting..
-----Original Message-----
From: Martin Roesch [mailto:roesch () sourcefire com]
Sent: Monday, March 18, 2002 10:31 AM
To: Chris Arnold; snort-users () lists sourceforge net
Subject: Re: [Snort-users] snort on an old FreeBSD box (builds but won't
run)
That's really weird, try it without the -I option. From the error message
it looks like it's trying to go into readback mode (like you had used the -r
switch). Try just snort -v and see what happens.
-Marty
On 3/18/02 1:00 AM, "Chris Arnold" <chris.arnold () WheelHouse com> wrote:
Hi, all. I had a whim to build snort 1.8.3 (with libpcap 0.7.1) for an
old
FreeBSD box. Everything compiles nicely but running is a different story:
# snort -v -i fxp0
Log directory = /var/log/snort
Initializing Network Interface fxp0
ioctl(SIOC*MTU): Operation not supported
Automagic MTU discovery failed. Using default 1500ERROR: OpenPcap() device
fxp0 open:
fxp0: Invalid argument
Fatal Error, Quitting..
Rebuild with debugging enabled and report back? The default tcpdump for
the
box runs without a problem. Chris _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- Martin Roesch - Founder/CEO, Sourcefire Inc. - (410)290-1616 Sourcefire: Professional Snort Sensor and Management Console appliances roesch () sourcefire com - http://www.sourcefire.com Snort: Open Source Network IDS - http://www.snort.org _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- RE: snort on an old FreeBSD box (builds but won't r un) Chris Arnold (Mar 18)
- Re: snort on an old FreeBSD box (builds but won't r un) Martin Roesch (Mar 18)
- <Possible follow-ups>
- RE: snort on an old FreeBSD box (builds but won't r un) Chris Arnold (Mar 21)