Re: what does this mean?

[waldo kitty <wkitty42 () windstream net>]

On 1/20/2011 14:28, James Lay wrote:
> > > > i'm trying to assist someone in another forum with several
> > > > problems... one of
> > > > their reports is they are getting the following...
> > > >
> > > > ERROR: Bpf compilation failed: syntax error.  PCAP filter: stop.
> > > >
> > > > what does it mean? they report that they are using snort
> > > > 2.8.6.0... would it be
> > > > something in the snort.conf or possibly the threshold.conf file?
>
>
> What's the full command you're using?  Try just snort -c snort.conf and
> see what happens.

it is not me... as noted, it is another... you did, however, hit the nail on the 
head... they were trying to start and stop snort with command lines of

snort stop

and

snort start

the stop and start were being taken as inputs to the BFP mechanism and it was 
attempting to start non-existent filters with those names... i finally saw it in 
their log file...

thanks everyone for the assist... this problem has now been taken care of with 
sound admonishment to use the proper process execution commands in the given 
environment ;)

------------------------------------------------------------------------------
Protect Your Site and Customers from Malware Attacks
Learn about various malware tactics and how to avoid them. Understand 
malware threats, the impact they can have on your business, and how you 
can protect your company and customers by using code signing.
http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users