Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ERROR: can't find nfq DAQ

From: wkitty42 () windstream net
Date: Thu, 1 Dec 2016 09:17:58 -0500
On 11/30/2016 06:46 PM, Amal Saeed wrote:

Okay, so I see nfq there, but when I run this command: *snort --daq nfq -Q -c
/etc/snort/snort.conf *it still says permission denied.

When I run this: *snort /usr/local/lib/daq -Q -c /etc/snort/snort.conf* it still
says permission denied:
Log directory = /var/log/snort
ERROR: OpenAlertFile() => fopen() alert file /var/log/snort/alert: Permission denied
Fatal Error, Quitting..

I'm really confused - it seems like everything is in place, but it still refuses
to run.


how, exactly, are you trying to change those permissions on /var/log/snort?
what does the following command return?

   ls -la /var/log/snort

it may be that your OS is locked down as to what and who can access /var/log and 
its subdirectories... what user and group is snort running as? does that user 
have permission to read and write to /var/log/snort and files in there?

above you have a command line that you are using to start snort with... is that 
the actual snort binary or a script of the same name?

   which snort



-- 
  NOTE: No off-list assistance is given without prior approval.
        *Please keep mailing list traffic on the list* unless
        private contact is specifically requested and granted.

------------------------------------------------------------------------------
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: