Snort mailing list archives
Re: ERROR: can't find nfq DAQ
From: Amal Saeed <amal.saeed () simmons edu>
Date: Sun, 4 Dec 2016 04:23:59 -0500
The screenshot of the permissions are attached - I just ran sudo chmod -R 777 /var/log/snort so all users should have full permissions. Snort should be running as user snort and group snort, which I created when I was configuring Snort. But it's still saying can't find nfq DAQ every time I try running Snort in inline mode! On Thu, Dec 1, 2016 at 9:17 AM, <wkitty42 () windstream net> wrote:
On 11/30/2016 06:46 PM, Amal Saeed wrote:Okay, so I see nfq there, but when I run this command: *snort --daq nfq-Q -c/etc/snort/snort.conf *it still says permission denied. When I run this: *snort /usr/local/lib/daq -Q -c /etc/snort/snort.conf*it stillsays permission denied: Log directory = /var/log/snort ERROR: OpenAlertFile() => fopen() alert file /var/log/snort/alert:Permission deniedFatal Error, Quitting.. I'm really confused - it seems like everything is in place, but it stillrefusesto run.how, exactly, are you trying to change those permissions on /var/log/snort? what does the following command return? ls -la /var/log/snort it may be that your OS is locked down as to what and who can access /var/log and its subdirectories... what user and group is snort running as? does that user have permission to read and write to /var/log/snort and files in there? above you have a command line that you are using to start snort with... is that the actual snort binary or a script of the same name? which snort -- NOTE: No off-list assistance is given without prior approval. *Please keep mailing list traffic on the list* unless private contact is specifically requested and granted. ------------------------------------------------------------ ------------------ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
-- Amal Saeed Simmons College '17, B.S. Computer Science & Information Technology Secretary, 2017 Class Council Co-Vice President, Computer Science & Mathematics Liaison Technology Assistant, *Simmons Technology Support Center*
------------------------------------------------------------------------------ Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today.http://sdm.link/xeonphi
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re: ERROR: can't find nfq DAQ, (continued)
- Re: ERROR: can't find nfq DAQ Al Lewis (allewi) (Nov 30)
- Re: ERROR: can't find nfq DAQ Amal Saeed (Dec 01)
- Re: ERROR: can't find nfq DAQ Al Lewis (allewi) (Nov 30)
- Re: ERROR: can't find nfq DAQ Amal Saeed (Nov 30)
- Re: ERROR: can't find nfq DAQ Amal Saeed (Nov 30)
- Re: ERROR: can't find nfq DAQ Al Lewis (allewi) (Nov 30)
- Re: ERROR: can't find nfq DAQ Amal Saeed (Nov 30)
- Re: ERROR: can't find nfq DAQ Marcin Dulak (Nov 30)
- Re: ERROR: can't find nfq DAQ Amal Saeed (Dec 01)
- Re: ERROR: can't find nfq DAQ wkitty42 (Dec 01)
- Re: ERROR: can't find nfq DAQ Amal Saeed (Dec 08)
- Re: ERROR: can't find nfq DAQ Amal Saeed (Dec 01)
- Re: ERROR: can't find nfq DAQ Al Lewis (allewi) (Nov 30)