Re: snort error reading tcpdump openbsd

["Clint M. Sand" <cmsand () bellsouth net>]

I've had the same error with the snort version used in Openbsd's ports 
tree in 3.1, downloading and installing Snort Version 1.8.6 (Build 105) 
from snort.org took care of it.


Oliver Bode wrote:

> Hello,
>
> I am an openbsd user and this article:
> http://www.lucidic.net/whitepapers/manuzis-7-5-2002-1.html was of interest
> to me. Yesterday I installed snort and acid and have been very pleased with
> the results.
>
> Anyway, I want to now sniff my pflogs and put them into mysql. The problem
> is that when I type the following command:
>
> /usr/local/bin/snort -r /var/log/pflog
>
> I get the following error:
>
> /usr/local/bin/snort cannot handle data link type 17
>
> I can read pflog with tcpdump but not with snort. Is there another way
> around this or am I doing something wrong.
>
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users




-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users