Snort mailing list archives

snort error reading tcpdump openbsd

From: "Oliver Bode" <oliver () x509security com>
Date: Sun, 14 Jul 2002 12:49:20 +1000

Hello,

I am an openbsd user and this article:
http://www.lucidic.net/whitepapers/manuzis-7-5-2002-1.html was of interest
to me. Yesterday I installed snort and acid and have been very pleased with
the results.

Anyway, I want to now sniff my pflogs and put them into mysql. The problem
is that when I type the following command:

/usr/local/bin/snort -r /var/log/pflog

I get the following error:

/usr/local/bin/snort cannot handle data link type 17

I can read pflog with tcpdump but not with snort. Is there another way
around this or am I doing something wrong.




-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

snort error reading tcpdump openbsd Oliver Bode (Jul 13)
- Re: snort error reading tcpdump openbsd Clint M. Sand (Jul 13)
  - errors compiling 1.87 with mysql on openbsd Oliver Bode (Jul 14)
  - Re: snort error reading tcpdump openbsd Oliver Bode (Jul 14)