ERROR: can't find nfq DAQ

[Amal Saeed <amal.saeed () simmons edu>]

Hello,

I'm trying to run Snort in inline mode (-Q), but I kept running into this
problem, where it says can't find nfq DAQ even though I see nfq listed in
my --daq-list. I've tried troubleshooting with every source I found online,
but now I get a different error.

If I run: *snort --daq nfq -Q -c /etc/snort/snort.conf*
I get:
Log directory = /var/log/snort
ERROR: OpenAlertFile() => fopen() alert file /var/log/snort/alert:
Permission denied
Fatal Error, Quitting..

If I run: *snort -T -c /etc/snort/snort.conf*
I get:
[ Number of patterns truncated to 20 bytes: 497 ]
ERROR: Active response: can't open ip!
Fatal Error, Quitting..

I have an IP address and I can ping myself/others and receive pings with no
issue.

Please advise on what I can do to resolve this, thank you!

-- 
Amal Saeed
Simmons College '17, B.S. Computer Science & Information Technology
Secretary, 2017 Class Council
Co-Vice President, Computer Science & Mathematics Liaison
Technology Assistant, *Simmons Technology Support Center*

------------------------------------------------------------------------------

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!