Snort mailing list archives

Re: Network Variables

From: Russ Combs <rcombs () sourcefire com>
Date: Thu, 2 May 2013 00:08:12 -0400

Snort does allow comments in the BPF file, starting with # to end of line.
 If there is a syntax error, you should see something like:

ERROR: Can't set DAQ BPF filter to '
...
' (pcap_daq_set_filter: pcap_compile: syntax error)!
Fatal Error, Quitting..

What DAQ are you using?  Please send the BPF file that fails and the error
that you get.

On Wed, May 1, 2013 at 10:07 PM, waldo kitty <wkitty42 () windstream net>wrote:

On 5/1/2013 13:09, Seth Dunn wrote:

But any ideas why snort fails to start if I add in a '#' to comment a
line??


i have no clue but it sounds like a coding error not allowing comment
lines i
the BPF file... only joel or one of the snort dev guys can tell us that...
or
possibly a code diver who can root around in the snort code ;)

--
NOTE: No off-list assistance is given without prior approval.
       Please keep mailing list traffic on the list unless
       private contact is specifically requested and granted.


------------------------------------------------------------------------------
Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET
Get 100% visibility into your production application - at no cost.
Code-level diagnostics for performance bottlenecks with <2% overhead
Download for free and get started troubleshooting in minutes.
http://p.sf.net/sfu/appdyn_d2d_ap1
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest
Snort news!

------------------------------------------------------------------------------
Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET
Get 100% visibility into your production application - at no cost.
Code-level diagnostics for performance bottlenecks with <2% overhead
Download for free and get started troubleshooting in minutes.
http://p.sf.net/sfu/appdyn_d2d_ap1

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Re: Network Variables, (continued)
- - - Re: Network Variables Jeremy Hoel (Apr 30)
    - Re: Network Variables Seth Dunn (Apr 30)
    - Re: Network Variables waldo kitty (Apr 30)
    - Re: Network Variables Seth Dunn (Apr 30)
    - Re: Network Variables Michael Green (Apr 30)
    - Re: Network Variables Seth Dunn (May 01)
    - Re: Network Variables Seth Dunn (May 01)
    - Re: Network Variables waldo kitty (May 01)
    - Re: Network Variables Seth Dunn (May 01)
    - Re: Network Variables waldo kitty (May 01)
    - Re: Network Variables Russ Combs (May 01)
    - Re: Network Variables Seth Dunn (May 02)
    - Re: Network Variables James Lay (May 02)
    - Re: Network Variables Seth Dunn (May 02)
    - Re: Network Variables Seth Dunn (May 02)
    - Re: Network Variables James Lay (May 02)
    - Re: Network Variables Seth Dunn (May 02)
    - Re: Network Variables James Lay (May 02)
    - Re: Network Variables Seth Dunn (May 02)
    - Re: Network Variables Seth Dunn (May 02)
    - Re: Network Variables James Lay (May 02)

(Thread continues...)