Snort mailing list archives

Odp: ERROR: Can't initialize DAQ pcap (-1) - unknown file format

From: "kamil kapturkiewicz" <horizn () wp pl>
Date: Wed, 05 Oct 2016 18:29:58 +0200

Dnia Środa, 5 Października 2016 15:17 kamil kapturkiewicz <horizn () wp pl> napisał(a)

Hi,
I've installed Snort on Debian Jessie with DAQ, then registered for free rules, and configured Snort. I've added test 
rule to log ICMP requests in /etc/snort/rules/local.rules


OK, I've reconfigured it as mentioned here:
Snort_2.9.8.x_on_Ubuntu_12-14-15.pdf

but after running in console mode I can't see any data, as well as all I can see in the log file is:
ERROR: Can't initialize DAQ pcap (-1) - truncated dump file; tried to read 4 file header bytes, only got 0

What is wrong?




------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Odp: ERROR: Can't initialize DAQ pcap (-1) - unknown file format kamil kapturkiewicz (Oct 05)