Snort mailing list archives

Re: Network Interface Issue in Ubuntu 16.04

From: Noah Dietrich <noah_dietrich () 86penny org>
Date: Wed, 15 Feb 2017 10:51:24 +0200

Beginning with Ubuntu 15.10, network interfaces no longer follow the ethX
standard (eth0, eth1, …). Instead, interfaces names are assigned as Predictable
Network Interface Names
<http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/>.
This means you need to check the names of your interfaces using *ifconfig
-a*. In my case, what was originally eth0 is now ens160 on a vSphere
virtual machine.

Also, If you are looking to run snort as an IPS (as your subject line
indicates, rather than an IDS), you'll need two interfaces, not just one.
You specify the interfaces using the following flags when running Snort: * -Q
-i eth1:eth2* (modify eth1 and eth2 to match your two network interfaces,
based on the output from *ifconfg -a*

Noah


On Tue, Feb 14, 2017 at 10:06 PM, James Lay <jlay () slave-tothe-box net>
wrote:

On 2017-02-14 13:02, tantioification . wrote:

Hi,

I'm newer in snort.
i have a problem when i try to install IPS in Ubuntu 16.04.
The error message is below:

ERROR: Can't initialize DAQ afpacket (-1) - afpacket_daq_initialize:
Invalid interface specification: 'enp4s0'!
Fatal Error, Quitting..

I think this problem because in Ubuntu 16.04 no longer follow the ethX
standard for network interface name.
Where i can find or configure afpacket_daq_initialize with valid
network interface name?

Thank you for help.

Sorry for my grammar :D



I've not seen this...can you do a "sudo ifconfig -a"?

James

------------------------------------------------------------
------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest
Snort news!

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Network Interface Issue in Ubuntu 16.04 tantioification . (Feb 14)
- Re: Network Interface Issue in Ubuntu 16.04 James Lay (Feb 14)
  - Re: Network Interface Issue in Ubuntu 16.04 Noah Dietrich (Feb 15)
- <Possible follow-ups>
- Re: Network Interface Issue in Ubuntu 16.04 tantioification . (Feb 15)
  - Re: Network Interface Issue in Ubuntu 16.04 James Lay (Feb 15)
- Re: Network Interface Issue in Ubuntu 16.04 tantioification . (Feb 17)
  - Re: Network Interface Issue in Ubuntu 16.04 James Lay (Feb 17)
- Re: Network Interface Issue in Ubuntu 16.04 tantioification . (Feb 17)
  - Re: Network Interface Issue in Ubuntu 16.04 James Lay (Feb 17)
- Re: Network Interface Issue in Ubuntu 16.04 tantioification . (Feb 17)
  - Re: Network Interface Issue in Ubuntu 16.04 James Lay (Feb 18)
    - Re: Network Interface Issue in Ubuntu 16.04 tantioification . (Feb 18)
    - Re: Network Interface Issue in Ubuntu 16.04 James Lay (Feb 18)

(Thread continues...)