Re: No bridging support with Daq?

[Russ Combs <rcombs () sourcefire com>]

Which DAQ are you using and how are you trying to configure it?

Can you send your Snort command line and any config daq* items from your
conf?

On Thu, Dec 16, 2010 at 2:11 PM, NA <dustypath () comcast net> wrote:

> I have a new Gentoo install with Snort 2.901, attempting inline mode. I
> set up bridging but can not assign or pass the proper interface(s) to
> Daq. It seems daq needs two interfaces to work with such as: eth0:eth1.
> Since I am using bridging this throws an error, Snort ignores anything I
> pass to Daq, presumably because bridging is not supported.
> Gentoo is limited right now as it only supports pcap, afpacket and dump
> Daq types. Pcap will not do inline mode, afpacket is not working and
> dump is not used inline (assumed), only for testing or forensics.
> So, am I correct above, and if/when Gentoo supports NFQ will that
> support bridging?
> Thanks
>
>
> ------------------------------------------------------------------------------
> Lotusphere 2011
> Register now for Lotusphere 2011 and learn how
> to connect the dots, take your collaborative environment
> to the next level, and enter the era of Social Business.
> http://p.sf.net/sfu/lotusphere-d2d
> _______________________________________________
> Snort-devel mailing list
> Snort-devel () lists sourceforge net
> https://lists.sourceforge.net/lists/listinfo/snort-devel
------------------------------------------------------------------------------
Lotusphere 2011
Register now for Lotusphere 2011 and learn how
to connect the dots, take your collaborative environment
to the next level, and enter the era of Social Business.
http://p.sf.net/sfu/lotusphere-d2d

_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel