Snort mailing list archives
Re: Snort 3 ipfw multithreading errors
From: "Shravan Rangarajuvenkata \(shrarang\) via Snort-devel" <snort-devel () lists snort org>
Date: Thu, 25 Oct 2018 16:52:38 +0000
Unfortunately, this is a bug in snort3 in multi-threaded mode. We will fix this issue ASAP. Thanks for reporting it!
Thanks,
Shravan
From: Snort-devel <snort-devel-bounces () lists snort org> on behalf of "yunus.can () arjeta com tr" <yunus.can ()
arjeta com tr>
Date: Wednesday, October 24, 2018 at 4:09 AM
To: "snort-devel () lists snort org" <snort-devel () lists snort org>
Subject: [Snort-devel] Snort 3 ipfw multithreading errors
Hello,
I use snort3 run option with multithreading and daq module ipfw and port 5000 but I cant start snort3
I was see error this
ipfw DAQ configured to passive.
Commencing packet processing
++ [0]
++ [1]
++ [2]
Can't start DAQ (-1) - ipfw_daq_start: can't bind divert socket (Address already in use)
Analyzer: Failed to start DAQ instance
Can't start DAQ (-1) - ipfw_daq_start: can't bind divert socket (Address already in use)
Analyzer: Failed to start DAQ instance
-- [0]
-- [2]
Can you help with this error ?
Freebsd Versions :
FreeBSD snort 11.2-RELEASE-p4
Snort Versions :
,,_ -*> Snort++ <*-
o" )~ Version 3.0.0 (Build 247) FreeBSD
'''' By Martin Roesch & The Snort Team
http://snort.org/contact#team
Copyright (C) 2014-2018 Cisco and/or its affiliates. All rights reserved.
Copyright (C) 1998-2013 Sourcefire, Inc., et al.
Using DAQ version 2.2.2
Using LuaJIT version 2.0.5
Using OpenSSL 1.0.2p 14 Aug 2018
Using libpcap version 1.9.0-PRE-GIT
Using PCRE version 8.41 2017-07-05
Using ZLIB version 1.2.11
Using FlatBuffers 1.8.0
Using Hyperscan version 4.7.0 2018-10-03
Using LZMA version 5.2.3
Run Command :
/usr/local/snort/bin/snort -c /usr/local/snort/etc/snort/snort.lua --daq ipfw --daq-var port=5000 -l /var/log/snort -k
none -A alert_full -z 3
_______________________________________________ Snort-devel mailing list Snort-devel () lists snort org https://lists.snort.org/mailman/listinfo/snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Snort 3 ipfw multithreading errors yunus . can (Oct 24)
- Re: Snort 3 ipfw multithreading errors Shravan Rangarajuvenkata (shrarang) via Snort-devel (Oct 25)
- Re: Snort 3 ipfw multithreading errors Shravan Rangarajuvenkata (shrarang) via Snort-devel (Oct 26)
- Snort 3 netmap cant access gateway on FREEBSD yunus . can (Oct 31)
- Re: Snort 3 netmap cant access gateway on FREEBSD Masud Hasan (mashasan) via Snort-devel (Oct 31)
- Re: Snort 3 netmap cant access gateway on FREEBSD yunus . can (Nov 01)
- Re: Snort 3 netmap cant access gateway on FREEBSD Masud Hasan (mashasan) via Snort-devel (Nov 02)
- Re: Snort 3 netmap cant access gateway on FREEBSD Michael Altizer via Snort-devel (Nov 02)
- Re: Snort 3 netmap cant access gateway on FREEBSD Michael Altizer via Snort-devel (Nov 02)
- Re: Snort 3 netmap cant access gateway on FREEBSD yunus . can (Nov 03)
- Re: Snort 3 netmap cant access gateway on FREEBSD Russ via Snort-devel (Nov 03)
- Re: Snort 3 ipfw multithreading errors Shravan Rangarajuvenkata (shrarang) via Snort-devel (Oct 26)
- Re: Snort 3 ipfw multithreading errors Shravan Rangarajuvenkata (shrarang) via Snort-devel (Oct 25)