Snort mailing list archives

Previous By Date Next
Previous By Thread Next

@snort startup

From: anagha b <banagha3 () gmail com>
Date: Sat, 6 Jul 2013 13:41:11 +0530
Hi all


I am using snort on ubuntu12.04 and configured one interface eth0 in
barnyard .

I have only one interface eth0 so using it for acquiring packet I am
getting following error.

command  :snort -c /snort-2.9.4.6/etc/snort.conf -i eth0

[ Port Based Pattern Matching Memory ]
+- [ Aho-Corasick Summary ] -------------------------------------
| Storage Format    : Full-Q
| Finite Automaton  : DFA
| Alphabet Size     : 256 Chars
| Sizeof State      : Variable (1,2,4 bytes)
| Instances         : 150
|     1 byte states : 137
|     2 byte states : 13
|     4 byte states : 0
| Characters        : 65924
| States            : 51762
| Transitions       : 5116509
| State Density     : 38.6%
| Patterns          : 3923
| Match States      : 3795
| Memory (MB)       : 25.72
|   Patterns        : 0.31
|   Match Lists     : 0.46
|   DFA
|     1 byte states : 0.87
|     2 byte states : 23.93
|     4 byte states : 0.00
+----------------------------------------------------------------
[ Number of patterns truncated to 20 bytes: 396 ]
pcap DAQ configured to passive.
Acquiring network traffic from "eth0".
Reload thread starting...
Reload thread started, thread 0xa630ab40 (10746)
ERROR: Can't start DAQ (-1) - socket: Operation not permitted!
Fatal Error, Quitting..


Earlier i have error due to shared libraries

so tried this solution .

LD_LIBRARY_PATH=/usr/local/lib
oneadmin@ana:~$ export LD_LIBRARY_PATH

plz help.

Thanks

------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:

Build for Windows Store.

http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: