-------------------------------------------------- o")~ Snort++ 3.0.0-247 -------------------------------------------------- Loading /usr/local/snort/etc/snort/snort.lua: ssh pop binder stream_tcp gtp_inspect dce_http_proxy stream_icmp normalizer ftp_server stream_udp search_engine dce_smb file_log ips rpc_decode modbus latency wizard reputation Processing blacklist file /usr/local/snort/etc/snort/../../intel/ip-blacklist Reputation entries loaded: 1382, invalid: 0, re-defined: 0 (from file /usr/local/snort/etc/snort/../../intel/ip-blacklist) Processing whitelist file /usr/local/snort/etc/snort/../../intel/ip-whitelist Reputation entries loaded: 0, invalid: 0, re-defined: 0 (from file /usr/local/snort/etc/snort/../../intel/ip-whitelist) appid file_id ftp_data smtp back_orifice port_scan dce_http_server dce_tcp telnet ssl sip classifications http2_inspect http_inspect stream_user stream_ip dnp3 ftp_client stream references arp_spoof dns dce_udp imap stream_file Finished /usr/local/snort/etc/snort/snort.lua. Loading builtin: Finished builtin. Loading rules: Loading /usr/local/snort/etc/snort/../../rules/local.rules: Finished /usr/local/snort/etc/snort/../../rules/local.rules. Loading /usr/local/snort/etc/snort/../../rules/appid.rules: Finished /usr/local/snort/etc/snort/../../rules/appid.rules. Finished rules. -------------------------------------------------- rule counts total rules loaded: 3084 text rules: 2613 builtin rules: 471 option chains: 3084 chain headers: 2 -------------------------------------------------- port rule counts tcp udp icmp ip any 3083 0 1 0 total 3083 0 1 0 -------------------------------------------------- ipfw DAQ configured to passive. Commencing packet processing ++ [0] ++ [1] ++ [2] Can't start DAQ (-1) - ipfw_daq_start: can't bind divert socket (Address already in use) Analyzer: Failed to start DAQ instance Can't start DAQ (-1) - ipfw_daq_start: can't bind divert socket (Address already in use) Analyzer: Failed to start DAQ instance -- [0] -- [2]