Re: Getting an error using -r

[Ken Pickering <kjp8v () cms mail virginia edu>]

I answered my own question, eventually. It seems that the new disk systems
put in was vfat, which they failed to mention to me. You need ext2 for
some of the new alerts in 1.8 (since 1.7 runs fine on vfat).

So, I have to reformat and rerun. Oh well.

On Wed, 9 Jan 2002, Ken Pickering wrote:

> I'm currently using snort 1.8.3 BUILD 88 on a RedHat Linux 7.1 box.
>
> When I excute the command "snort -d -l /root/darpa/1998-6/temp/ -r
> /root/darpa/1998-6/mon/tcpdump", everything works fine.
>
> When I change the logging directory to /d2/alerts/1998-6/temp where d2 is
> a bigger HD (directories are valid, etc), I get a message that states:
>
> ERROR: OpenLogFile() =>
> fopen(/d2/alerts/1998-6/temp/XXX.XX.XXX.XX/TCP:1025-21) log file: Invalid
> argument
> Fatal Error: Quitting
>
> where the XX's are an IP address.
>
> The permissions on the two directories are the same (755). Anything I
> might be doing wrong?
>
> -Ken Pickering
>
>
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users

--------------------------------------------------------
Ken Pickering                    kpickering () virginia edu
University of Virginia           ICQ: 23590031
Undergraduate School of Engineering and Applied Sciences
Electric Time Company, Inc       Webmaster and Sys Admin


"Remember your training. Help you, it will."


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users